diff --git a/smc.c b/smc.c index 52c1b3b..c58b1c2 100644 --- a/smc.c +++ b/smc.c @@ -45,8 +45,11 @@ smc_zkp_dl (gcry_mpi_point_t v, gcry_mpi_point_t g, gcry_mpi_t x, gcry_mpi_t z = gcry_mpi_new (0); brandt_ec_keypair_create_base (a, &z, g); + + /* compute challange c */ /**TODO: generate c from HASH(g,v,a) and don't output it */ brandt_ec_skey_create (c); + *r = gcry_mpi_new (0); gcry_mpi_mul (*r, *c, x); gcry_mpi_add (*r, *r, z); @@ -54,6 +57,7 @@ smc_zkp_dl (gcry_mpi_point_t v, gcry_mpi_point_t g, gcry_mpi_t x, gcry_mpi_release (z); } + /** * smc_zkp_dl_check * @@ -84,6 +88,51 @@ smc_zkp_dl_check (gcry_mpi_point_t v, gcry_mpi_point_t g, gcry_mpi_point_t a, return ret; } + +void +smc_zkp_2dle (gcry_mpi_point_t v, gcry_mpi_point_t w, gcry_mpi_point_t g1, gcry_mpi_point_t g2, gcry_mpi_t x, gcry_mpi_point_t *a, gcry_mpi_point_t *b, gcry_mpi_t *c, gcry_mpi_t *r) +{ + gcry_mpi_t z = gcry_mpi_new (0); + + brandt_ec_keypair_create_base (a, &z, g1); + *b = gcry_mpi_point_new(0); + gcry_mpi_ec_mul(*b, z, g2, ec_ctx); + + /* compute challange c */ + /**TODO: generate c from HASH(g1,g2,v,w,a,b) and don't output it */ + brandt_ec_skey_create (c); + + *r = gcry_mpi_new (0); + gcry_mpi_mul (*r, *c, x); + gcry_mpi_add (*r, *r, z); + + gcry_mpi_release (z); +} + + +int +smc_zkp_2dle_check (gcry_mpi_point_t v, gcry_mpi_point_t w, gcry_mpi_point_t g1, gcry_mpi_point_t g2, gcry_mpi_point_t a, gcry_mpi_point_t b, gcry_mpi_t c, gcry_mpi_t r) +{ + int ret; + gcry_mpi_point_t left = gcry_mpi_point_new (0); + gcry_mpi_point_t right = gcry_mpi_point_new (0); + + gcry_mpi_ec_mul (left, r, g1, ec_ctx); + gcry_mpi_ec_mul (right, c, v, ec_ctx); + gcry_mpi_ec_add (right, a, right, ec_ctx); + ret = brandt_ec_point_cmp (left, right); + + gcry_mpi_ec_mul (left, r, g2, ec_ctx); + gcry_mpi_ec_mul (right, c, w, ec_ctx); + gcry_mpi_ec_add (right, b, right, ec_ctx); + ret &= brandt_ec_point_cmp (left, right); + + gcry_mpi_point_release (left); + gcry_mpi_point_release (right); + + return ret; +} + //GEN //smc_hextodec (const char *s) //{ diff --git a/smc.h b/smc.h index 5ea81e8..c2826c2 100644 --- a/smc.h +++ b/smc.h @@ -27,4 +27,7 @@ void smc_zkp_dl (gcry_mpi_point_t v, gcry_mpi_point_t g, gcry_mpi_t x, gcry_mpi_point_t *a, gcry_mpi_t *c, gcry_mpi_t *r); int smc_zkp_dl_check (gcry_mpi_point_t v, gcry_mpi_point_t g, gcry_mpi_point_t a, gcry_mpi_t c, gcry_mpi_t r); +void smc_zkp_2dle (gcry_mpi_point_t v, gcry_mpi_point_t w, gcry_mpi_point_t g1, gcry_mpi_point_t g2, gcry_mpi_t x, gcry_mpi_point_t *a, gcry_mpi_point_t *b, gcry_mpi_t *c, gcry_mpi_t *r); +int smc_zkp_2dle_check (gcry_mpi_point_t v, gcry_mpi_point_t w, gcry_mpi_point_t g1, gcry_mpi_point_t g2, gcry_mpi_point_t a, gcry_mpi_point_t b, gcry_mpi_t c, gcry_mpi_t r); + #endif // ifndef _BRANDT_SMC_H diff --git a/test_crypto.c b/test_crypto.c index d692055..5103e0e 100644 --- a/test_crypto.c +++ b/test_crypto.c @@ -85,6 +85,58 @@ test_smc_zkp_dl () gcry_mpi_point_release (v); } +int +test_smc_zkp_2dle () +{ + static int first = 1; + gcry_mpi_t c; + gcry_mpi_t r; + gcry_mpi_t s; + gcry_mpi_t x; + gcry_mpi_point_t a; + gcry_mpi_point_t b; + gcry_mpi_point_t g1; + gcry_mpi_point_t g2; + gcry_mpi_point_t v = gcry_mpi_point_new (0); + gcry_mpi_point_t w = gcry_mpi_point_new (0); + + check (v, "no pub1 key initialized"); + check (w, "no pub2 key initialized"); + brandt_ec_keypair_create (&g1, &s); + gcry_mpi_release (s); + brandt_ec_keypair_create (&g2, &s); + check (g1, "no gen1 created"); + check (g2, "no gen2 created"); + + if (first) + { + gcry_mpi_ec_mul (g1, GCRYMPI_CONST_ONE, ec_gen, ec_ctx); + gcry_mpi_ec_mul (g2, GCRYMPI_CONST_ONE, ec_gen, ec_ctx); + first = 0; + } + + brandt_ec_skey_create (&x); + check (x, "no sec key created"); + gcry_mpi_ec_mul (v, x, g1, ec_ctx); + check (v, "no pub1 key created"); + gcry_mpi_ec_mul (w, x, g2, ec_ctx); + check (w, "no pub2 key created"); + + smc_zkp_2dle (v, w, g1, g2, x, &a, &b, &c, &r); + check (!smc_zkp_2dle_check (v, w, g1, g2, a, b, c, r), "zkp was false, should be true"); + + gcry_mpi_release (c); + gcry_mpi_release (r); + gcry_mpi_release (s); + gcry_mpi_release (x); + gcry_mpi_point_release (a); + gcry_mpi_point_release (b); + gcry_mpi_point_release (g1); + gcry_mpi_point_release (g2); + gcry_mpi_point_release (v); + gcry_mpi_point_release (w); +} + int main (int argc, char *argv[]) {