aboutsummaryrefslogtreecommitdiff
path: root/crypto.h
diff options
context:
space:
mode:
Diffstat (limited to 'crypto.h')
-rw-r--r--crypto.h329
1 files changed, 181 insertions, 148 deletions
diff --git a/crypto.h b/crypto.h
index 4ba850e..899ecdf 100644
--- a/crypto.h
+++ b/crypto.h
@@ -37,69 +37,85 @@ void brandt_crypto_init ();
/* used for serialized mpis and serialized curve points (they are the same size
* when compressed) */
-struct ec_mpi {
- unsigned char data[256 / 8];
+struct ec_mpi
+{
+ unsigned char data[256 / 8];
};
void ec_point_serialize (struct ec_mpi *dst, const gcry_mpi_point_t src);
+
void ec_point_parse (gcry_mpi_point_t dst, const struct ec_mpi *src);
gcry_mpi_point_t *smc_init1 (uint16_t size1);
+
gcry_mpi_point_t **smc_init2 (uint16_t size1, uint16_t size2);
+
gcry_mpi_point_t ***smc_init3 (uint16_t size1, uint16_t size2, uint16_t size3);
+
void smc_free1 (gcry_mpi_point_t *dst, uint16_t size1);
+
void smc_free2 (gcry_mpi_point_t **dst, uint16_t size1, uint16_t size2);
+
void smc_free3 (gcry_mpi_point_t ***dst,
- uint16_t size1,
- uint16_t size2,
- uint16_t size3);
+ uint16_t size1,
+ uint16_t size2,
+ uint16_t size3);
void smc_sums_partial (gcry_mpi_point_t out[],
gcry_mpi_point_t in[],
- uint16_t len,
- uint16_t stepi,
- uint16_t stepo);
+ uint16_t len,
+ uint16_t stepi,
+ uint16_t stepo);
+
void smc_sum (gcry_mpi_point_t out,
gcry_mpi_point_t in[],
- uint16_t len,
- uint16_t step);
+ uint16_t len,
+ uint16_t step);
void ec_point_copy (gcry_mpi_point_t dst, const gcry_mpi_point_t src);
+
int ec_point_cmp (const gcry_mpi_point_t a, const gcry_mpi_point_t b);
+
void ec_skey_create (gcry_mpi_t skey);
+
void ec_keypair_create (gcry_mpi_point_t pkey, gcry_mpi_t skey);
-void ec_keypair_create_base (gcry_mpi_point_t pkey,
- gcry_mpi_t skey,
+
+void ec_keypair_create_base (gcry_mpi_point_t pkey,
+ gcry_mpi_t skey,
const gcry_mpi_point_t base);
/* --- Zero knowledge proofs --- */
-struct proof_dl {
- struct ec_mpi r;
- struct ec_mpi a;
+struct proof_dl
+{
+ struct ec_mpi r;
+ struct ec_mpi a;
};
-struct proof_2dle {
- struct ec_mpi r;
- struct ec_mpi a;
- struct ec_mpi b;
+struct proof_2dle
+{
+ struct ec_mpi r;
+ struct ec_mpi a;
+ struct ec_mpi b;
};
-struct proof_0og {
- struct ec_mpi a1;
- struct ec_mpi a2;
- struct ec_mpi b1;
- struct ec_mpi b2;
- struct ec_mpi d1;
- struct ec_mpi d2;
- struct ec_mpi r1;
- struct ec_mpi r2;
+struct proof_0og
+{
+ struct ec_mpi a1;
+ struct ec_mpi a2;
+ struct ec_mpi b1;
+ struct ec_mpi b2;
+ struct ec_mpi d1;
+ struct ec_mpi d2;
+ struct ec_mpi r1;
+ struct ec_mpi r2;
};
void smc_zkp_dl (gcry_mpi_point_t v,
const gcry_mpi_t x,
struct proof_dl *proof);
+
int smc_zkp_dl_check (const gcry_mpi_point_t v,
const struct proof_dl *proof);
@@ -107,20 +123,22 @@ void smc_zkp_2dle (const gcry_mpi_point_t v,
const gcry_mpi_point_t w,
const gcry_mpi_point_t g1,
const gcry_mpi_point_t g2,
- const gcry_mpi_t x,
+ const gcry_mpi_t x,
struct proof_2dle *proof);
-int smc_zkp_2dle_check (const gcry_mpi_point_t v,
- const gcry_mpi_point_t w,
- const gcry_mpi_point_t g1,
- const gcry_mpi_point_t g2,
+
+int smc_zkp_2dle_check (const gcry_mpi_point_t v,
+ const gcry_mpi_point_t w,
+ const gcry_mpi_point_t g1,
+ const gcry_mpi_point_t g2,
const struct proof_2dle *proof);
-void smc_zkp_0og (int m_is_gen,
+void smc_zkp_0og (int m_is_gen,
const gcry_mpi_point_t y,
- gcry_mpi_t r,
- gcry_mpi_point_t alpha,
- gcry_mpi_point_t beta,
+ gcry_mpi_t r,
+ gcry_mpi_point_t alpha,
+ gcry_mpi_point_t beta,
struct proof_0og *proof);
+
int smc_zkp_0og_check (const gcry_mpi_point_t y,
const gcry_mpi_point_t alpha,
const gcry_mpi_point_t beta,
@@ -130,53 +148,65 @@ int smc_zkp_0og_check (const gcry_mpi_point_t y,
/* --- Protocol implementation --- */
void smc_prep_keyshare (struct BRANDT_Auction *ad);
+
unsigned char *smc_gen_keyshare (struct BRANDT_Auction *ad, size_t *buflen);
+
int smc_recv_keyshare (struct BRANDT_Auction *ad,
const unsigned char *buf,
- size_t buflen,
- uint16_t sender_index);
+ size_t buflen,
+ uint16_t sender_index);
void smc_prep_bid (struct BRANDT_Auction *ad);
+
unsigned char *smc_encrypt_bid (struct BRANDT_Auction *ad, size_t *buflen);
+
int smc_recv_encrypted_bid (struct BRANDT_Auction *ad,
const unsigned char *buf,
- size_t buflen,
- uint16_t sender_index);
+ size_t buflen,
+ uint16_t sender_index);
void fp_priv_prep_outcome (struct BRANDT_Auction *ad);
+
unsigned char *fp_priv_compute_outcome (struct BRANDT_Auction *ad,
size_t *buflen);
+
int fp_priv_recv_outcome (struct BRANDT_Auction *ad,
const unsigned char *buf,
- size_t buflen,
- uint16_t sender);
+ size_t buflen,
+ uint16_t sender);
void fp_priv_prep_decryption (struct BRANDT_Auction *ad);
+
unsigned char *fp_priv_decrypt_outcome (struct BRANDT_Auction *ad,
size_t *buflen);
+
int fp_priv_recv_decryption (struct BRANDT_Auction *ad,
const unsigned char *buf,
- size_t buflen,
- uint16_t sender);
+ size_t buflen,
+ uint16_t sender);
struct BRANDT_Result *fp_priv_determine_outcome (struct BRANDT_Auction *ad,
uint16_t *len);
void fp_pub_prep_outcome (struct BRANDT_Auction *ad);
+
unsigned char *fp_pub_compute_outcome (struct BRANDT_Auction *ad,
size_t *buflen);
+
int fp_pub_recv_outcome (struct BRANDT_Auction *ad,
const unsigned char *buf,
- size_t buflen,
- uint16_t sender);
+ size_t buflen,
+ uint16_t sender);
void fp_pub_prep_decryption (struct BRANDT_Auction *ad);
+
unsigned char *fp_pub_decrypt_outcome (struct BRANDT_Auction *ad,
size_t *buflen);
+
int fp_pub_recv_decryption (struct BRANDT_Auction *ad,
const unsigned char *buf,
- size_t buflen,
- uint16_t sender);
+ size_t buflen,
+ uint16_t sender);
struct BRANDT_Result *fp_pub_determine_outcome (struct BRANDT_Auction *ad,
uint16_t *len);
@@ -189,20 +219,24 @@ struct BRANDT_Result *mp_priv_determine_outcome (struct BRANDT_Auction *ad,
void mp_pub_prep_outcome (struct BRANDT_Auction *ad);
+
unsigned char *mp_pub_compute_outcome (struct BRANDT_Auction *ad,
size_t *buflen);
+
int mp_pub_recv_outcome (struct BRANDT_Auction *ad,
const unsigned char *buf,
- size_t buflen,
- uint16_t sender);
+ size_t buflen,
+ uint16_t sender);
void mp_pub_prep_decryption (struct BRANDT_Auction *ad);
+
unsigned char *mp_pub_decrypt_outcome (struct BRANDT_Auction *ad,
size_t *buflen);
+
int mp_pub_recv_decryption (struct BRANDT_Auction *ad,
const unsigned char *buf,
- size_t buflen,
- uint16_t sender);
+ size_t buflen,
+ uint16_t sender);
struct BRANDT_Result *mp_pub_determine_outcome (struct BRANDT_Auction *ad,
uint16_t *len);
@@ -216,8 +250,8 @@ typedef void
typedef int
(*MsgIn)(struct BRANDT_Auction *ad,
const unsigned char *buf,
- size_t buflen,
- uint16_t sender);
+ size_t buflen,
+ uint16_t sender);
typedef unsigned char *
@@ -241,34 +275,34 @@ typedef struct BRANDT_Result *
static const RoundPrep handler_prep[auction_last][outcome_last][msg_last] = {
- [auction_firstPrice] = {
- [outcome_private] = {
- [msg_init] = &smc_prep_keyshare,
- [msg_bid] = &smc_prep_bid,
- [msg_outcome] = &fp_priv_prep_outcome,
- [msg_decrypt] = &fp_priv_prep_decryption,
- },
- [outcome_public] = {
- [msg_init] = &smc_prep_keyshare,
- [msg_bid] = &smc_prep_bid,
- [msg_outcome] = &fp_pub_prep_outcome,
- [msg_decrypt] = &fp_pub_prep_decryption,
- },
- },
- [auction_mPlusFirstPrice] = {
- [outcome_private] = {
- [msg_init] = &smc_prep_keyshare,
- [msg_bid] = &smc_prep_bid,
- [msg_outcome] = &mp_priv_prep_outcome,
- [msg_decrypt] = &fp_priv_prep_decryption,
- },
- [outcome_public] = {
- [msg_init] = &smc_prep_keyshare,
- [msg_bid] = &smc_prep_bid,
- [msg_outcome] = &mp_pub_prep_outcome,
- [msg_decrypt] = &mp_pub_prep_decryption,
- },
- },
+ [auction_firstPrice] = {
+ [outcome_private] = {
+ [msg_init] = &smc_prep_keyshare,
+ [msg_bid] = &smc_prep_bid,
+ [msg_outcome] = &fp_priv_prep_outcome,
+ [msg_decrypt] = &fp_priv_prep_decryption,
+ },
+ [outcome_public] = {
+ [msg_init] = &smc_prep_keyshare,
+ [msg_bid] = &smc_prep_bid,
+ [msg_outcome] = &fp_pub_prep_outcome,
+ [msg_decrypt] = &fp_pub_prep_decryption,
+ },
+ },
+ [auction_mPlusFirstPrice] = {
+ [outcome_private] = {
+ [msg_init] = &smc_prep_keyshare,
+ [msg_bid] = &smc_prep_bid,
+ [msg_outcome] = &mp_priv_prep_outcome,
+ [msg_decrypt] = &fp_priv_prep_decryption,
+ },
+ [outcome_public] = {
+ [msg_init] = &smc_prep_keyshare,
+ [msg_bid] = &smc_prep_bid,
+ [msg_outcome] = &mp_pub_prep_outcome,
+ [msg_decrypt] = &mp_pub_prep_decryption,
+ },
+ },
};
@@ -283,34 +317,34 @@ static const RoundPrep handler_prep[auction_last][outcome_last][msg_last] = {
* of 0 means a private outcome, while a value of 1 means public outcome.
*/
static const MsgIn handler_in[auction_last][outcome_last][msg_last] = {
- [auction_firstPrice] = {
- [outcome_private] = {
- [msg_init] = &smc_recv_keyshare,
- [msg_bid] = &smc_recv_encrypted_bid,
- [msg_outcome] = &fp_priv_recv_outcome,
- [msg_decrypt] = &fp_priv_recv_decryption,
- },
- [outcome_public] = {
- [msg_init] = &smc_recv_keyshare,
- [msg_bid] = &smc_recv_encrypted_bid,
- [msg_outcome] = &fp_pub_recv_outcome,
- [msg_decrypt] = &fp_pub_recv_decryption,
- },
- },
- [auction_mPlusFirstPrice] = {
- [outcome_private] = {
- [msg_init] = &smc_recv_keyshare,
- [msg_bid] = &smc_recv_encrypted_bid,
- [msg_outcome] = &fp_priv_recv_outcome,
- [msg_decrypt] = &fp_priv_recv_decryption,
- },
- [outcome_public] = {
- [msg_init] = &smc_recv_keyshare,
- [msg_bid] = &smc_recv_encrypted_bid,
- [msg_outcome] = &mp_pub_recv_outcome,
- [msg_decrypt] = &mp_pub_recv_decryption,
- },
- },
+ [auction_firstPrice] = {
+ [outcome_private] = {
+ [msg_init] = &smc_recv_keyshare,
+ [msg_bid] = &smc_recv_encrypted_bid,
+ [msg_outcome] = &fp_priv_recv_outcome,
+ [msg_decrypt] = &fp_priv_recv_decryption,
+ },
+ [outcome_public] = {
+ [msg_init] = &smc_recv_keyshare,
+ [msg_bid] = &smc_recv_encrypted_bid,
+ [msg_outcome] = &fp_pub_recv_outcome,
+ [msg_decrypt] = &fp_pub_recv_decryption,
+ },
+ },
+ [auction_mPlusFirstPrice] = {
+ [outcome_private] = {
+ [msg_init] = &smc_recv_keyshare,
+ [msg_bid] = &smc_recv_encrypted_bid,
+ [msg_outcome] = &fp_priv_recv_outcome,
+ [msg_decrypt] = &fp_priv_recv_decryption,
+ },
+ [outcome_public] = {
+ [msg_init] = &smc_recv_keyshare,
+ [msg_bid] = &smc_recv_encrypted_bid,
+ [msg_outcome] = &mp_pub_recv_outcome,
+ [msg_decrypt] = &mp_pub_recv_decryption,
+ },
+ },
};
@@ -326,34 +360,34 @@ static const MsgIn handler_in[auction_last][outcome_last][msg_last] = {
* of 0 means a private outcome, while a value of 1 means public outcome.
*/
static const MsgOut handler_out[auction_last][outcome_last][msg_last] = {
- [auction_firstPrice] = {
- [outcome_private] = {
- [msg_init] = &smc_gen_keyshare,
- [msg_bid] = &smc_encrypt_bid,
- [msg_outcome] = &fp_priv_compute_outcome,
- [msg_decrypt] = &fp_priv_decrypt_outcome,
- },
- [outcome_public] = {
- [msg_init] = &smc_gen_keyshare,
- [msg_bid] = &smc_encrypt_bid,
- [msg_outcome] = &fp_pub_compute_outcome,
- [msg_decrypt] = &fp_pub_decrypt_outcome,
- },
- },
- [auction_mPlusFirstPrice] = {
- [outcome_private] = {
- [msg_init] = &smc_gen_keyshare,
- [msg_bid] = &smc_encrypt_bid,
- [msg_outcome] = &fp_priv_compute_outcome,
- [msg_decrypt] = &fp_priv_decrypt_outcome,
- },
- [outcome_public] = {
- [msg_init] = &smc_gen_keyshare,
- [msg_bid] = &smc_encrypt_bid,
- [msg_outcome] = &mp_pub_compute_outcome,
- [msg_decrypt] = &mp_pub_decrypt_outcome,
- },
- },
+ [auction_firstPrice] = {
+ [outcome_private] = {
+ [msg_init] = &smc_gen_keyshare,
+ [msg_bid] = &smc_encrypt_bid,
+ [msg_outcome] = &fp_priv_compute_outcome,
+ [msg_decrypt] = &fp_priv_decrypt_outcome,
+ },
+ [outcome_public] = {
+ [msg_init] = &smc_gen_keyshare,
+ [msg_bid] = &smc_encrypt_bid,
+ [msg_outcome] = &fp_pub_compute_outcome,
+ [msg_decrypt] = &fp_pub_decrypt_outcome,
+ },
+ },
+ [auction_mPlusFirstPrice] = {
+ [outcome_private] = {
+ [msg_init] = &smc_gen_keyshare,
+ [msg_bid] = &smc_encrypt_bid,
+ [msg_outcome] = &fp_priv_compute_outcome,
+ [msg_decrypt] = &fp_priv_decrypt_outcome,
+ },
+ [outcome_public] = {
+ [msg_init] = &smc_gen_keyshare,
+ [msg_bid] = &smc_encrypt_bid,
+ [msg_outcome] = &mp_pub_compute_outcome,
+ [msg_decrypt] = &mp_pub_decrypt_outcome,
+ },
+ },
};
/**
@@ -368,16 +402,15 @@ static const MsgOut handler_out[auction_last][outcome_last][msg_last] = {
* of 0 means a private outcome, while a value of 1 means public outcome.
*/
static const Result handler_res[auction_last][outcome_last] = {
- [auction_firstPrice] = {
- [outcome_private] = &fp_priv_determine_outcome,
- [outcome_public] = &fp_pub_determine_outcome,
- },
- [auction_mPlusFirstPrice] = {
- [outcome_private] = &mp_priv_determine_outcome,
- [outcome_public] = &mp_pub_determine_outcome,
- },
+ [auction_firstPrice] = {
+ [outcome_private] = &fp_priv_determine_outcome,
+ [outcome_public] = &fp_pub_determine_outcome,
+ },
+ [auction_mPlusFirstPrice] = {
+ [outcome_private] = &mp_priv_determine_outcome,
+ [outcome_public] = &mp_pub_determine_outcome,
+ },
};
-
#endif /* ifndef _BRANDT_CRYPTO_H */
generated by cgit v1.2.3 (git 2.39.1) at 2025-09-11 05:29:43 +0000