zkgroup/crypto/
signature.rs

1//
2// Copyright 2020 Signal Messenger, LLC.
3// SPDX-License-Identifier: AGPL-3.0-only
4//
5
6use curve25519_dalek_signal::constants::RISTRETTO_BASEPOINT_POINT;
7use curve25519_dalek_signal::ristretto::RistrettoPoint;
8use curve25519_dalek_signal::scalar::Scalar;
9use partial_default::PartialDefault;
10use serde::{Deserialize, Serialize};
11
12use crate::common::constants::*;
13use crate::common::errors::*;
14use crate::common::sho::*;
15use crate::common::simple_types::*;
16
17#[derive(Copy, Clone, PartialEq, Eq, Serialize, Deserialize, PartialDefault)]
18pub struct KeyPair {
19    pub(crate) signing_key: Scalar,
20    pub(crate) public_key: RistrettoPoint,
21}
22
23#[derive(Copy, Clone, PartialEq, Eq, Serialize, Deserialize, PartialDefault)]
24pub struct PublicKey {
25    pub(crate) public_key: RistrettoPoint,
26}
27
28impl KeyPair {
29    pub fn generate(sho: &mut Sho) -> Self {
30        let signing_key = sho.get_scalar();
31        let public_key = signing_key * RISTRETTO_BASEPOINT_POINT;
32        KeyPair {
33            signing_key,
34            public_key,
35        }
36    }
37
38    pub fn sign(&self, message: &[u8], sho: &mut Sho) -> SignatureBytes {
39        let vec_bytes = poksho::sign(
40            self.signing_key,
41            self.public_key,
42            message,
43            &sho.squeeze(RANDOMNESS_LEN)[..],
44        )
45        .expect("signature failed to self-verify; bad public key?");
46        let mut s: SignatureBytes = [0u8; SIGNATURE_LEN];
47        s.copy_from_slice(&vec_bytes[..]);
48        s
49    }
50
51    pub fn get_public_key(&self) -> PublicKey {
52        PublicKey {
53            public_key: self.public_key,
54        }
55    }
56}
57
58impl PublicKey {
59    // Might return VerificationFailure
60    pub fn verify(
61        &self,
62        message: &[u8],
63        signature: SignatureBytes,
64    ) -> Result<(), ZkGroupVerificationFailure> {
65        match poksho::verify_signature(&signature, self.public_key, message) {
66            Err(_) => Err(ZkGroupVerificationFailure),
67            Ok(_) => Ok(()),
68        }
69    }
70}
71
72#[cfg(test)]
73mod tests {
74    use super::*;
75
76    #[test]
77    fn test_signature() {
78        let group_key = TEST_ARRAY_32;
79        let mut sho = Sho::new(b"Test_Signature", &group_key);
80        let key_pair = KeyPair::generate(&mut sho);
81
82        // Test serialize of key_pair
83        let key_pair_bytes = bincode::serialize(&key_pair).unwrap();
84        assert!(key_pair_bytes.len() == 64);
85        let public_key_bytes = bincode::serialize(&key_pair.get_public_key()).unwrap();
86        assert!(public_key_bytes.len() == 32);
87        let key_pair2: KeyPair = bincode::deserialize(&key_pair_bytes).unwrap();
88        assert!(key_pair == key_pair2);
89
90        let mut message = TEST_ARRAY_32_1;
91
92        let signature = key_pair.sign(&message, &mut sho);
93        key_pair2
94            .get_public_key()
95            .verify(&message, signature)
96            .unwrap();
97
98        // test signature failure
99        message[0] ^= 1;
100        key_pair2
101            .get_public_key()
102            .verify(&message, signature)
103            .expect_err("signature verify should have failed");
104
105        println!("signature = {:#x?}", &signature[..]);
106        let signature_result = [
107            0xdb, 0x9b, 0xfb, 0xd6, 0x15, 0x26, 0xc3, 0x50, 0xf9, 0xbe, 0x95, 0x17, 0x11, 0x6,
108            0xd0, 0x6, 0x52, 0x88, 0xcb, 0x33, 0x3, 0x1b, 0xe7, 0x17, 0x25, 0x24, 0x37, 0x80, 0x53,
109            0x2c, 0xaa, 0x7, 0xcb, 0xda, 0x74, 0xc4, 0x19, 0x3b, 0x6e, 0xe6, 0xe9, 0x5f, 0xae,
110            0xcd, 0x41, 0xfb, 0x44, 0x19, 0xce, 0xae, 0x3f, 0x4d, 0x63, 0xb9, 0x47, 0x59, 0x27,
111            0xe1, 0x10, 0xee, 0xb7, 0x72, 0xb, 0x6,
112        ];
113
114        assert!(signature[..] == signature_result[..]);
115    }
116}
zkgroup/crypto/signature.rs

zkgroup/crypto/
signature.rs
