smc_zkp_dl: make v an output parameter

crypto.c

@@ -616,15 +616,15 @@ smc_compute_outcome (struct AuctionData *ad)
  * smc_zkp_dl creates a proof of knowledge of @a x with \f$v = xg\f$ where
  * \f$g\f$ is the base point on Ed25519.
  *
- * @param[in] v input point. Must be known to the verifier.
+ * @param[out] v output point. Must be known to the verifier.
  * @param[in] x private key. Knowledge of this number is certified in the proof
  * @param[out] proof pointer where to save the output proof structure. Must be
  * shared with the verifier.
  */
 void
-smc_zkp_dl (const gcry_mpi_point_t v,
+smc_zkp_dl (gcry_mpi_point_t v,
-            const gcry_mpi_t       x,
+            const gcry_mpi_t x,
-            struct proof_dl        *proof)
+            struct proof_dl  *proof)
 {
 	struct zkp_challenge_dl challenge;
 	struct brandt_hash_code challhash;
@@ -633,6 +633,9 @@ smc_zkp_dl (const gcry_mpi_point_t v,
 	gcry_mpi_t              c = gcry_mpi_new (0);
 	gcry_mpi_t              z = gcry_mpi_new (0);
 
+	/* v = xg */
+	gcry_mpi_ec_mul (v, x, ec_gen, ec_ctx);
+
 	/* a = zg */
 	ec_keypair_create (a, z);
 

crypto.h

@@ -84,9 +84,9 @@ struct proof_0og {
 	struct ec_mpi r2;
 };
 
-void smc_zkp_dl (const gcry_mpi_point_t v,
+void smc_zkp_dl (gcry_mpi_point_t v,
-                 const gcry_mpi_t       x,
+                 const gcry_mpi_t x,
-                 struct proof_dl        *proof);
+                 struct proof_dl  *proof);
 int smc_zkp_dl_check (const gcry_mpi_point_t v,
                       const struct proof_dl  *proof);
 

test_crypto.c

@@ -106,8 +106,7 @@ test_smc_zkp_dl ()
 	gcry_mpi_t       x = gcry_mpi_new (0);
 	gcry_mpi_point_t v = gcry_mpi_point_new (0);
 
-	/* v = xg */
+	ec_skey_create (x);
-	ec_keypair_create (v, x);
 
 	smc_zkp_dl (v, x, &proof);
 	check (gcry_mpi_ec_curve_point (v, ec_ctx), "not on curve");