Skip to content

Commit

Permalink
Merge pull request #52 from HenrikWM/f-use-point-as-argument2
Browse files Browse the repository at this point in the history 
Changing ECPublicKeyParameters to ECPoint
  • Loading branch information
@HenrikWM
HenrikWM committed Jan 20, 2021
2 parents 7955ef7 + 051ae07 commit 0995403
Show file tree
Hide file tree
Showing 5 changed files with 19 additions and 19 deletions.
2 changes: 1 addition & 1 deletion samples/ClientServer/Client/Client.Console/Program.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ static async Task Main(string[] args)
var (Q, proofC, proofZ) = await _tokenApiClient.GenerateTokenAsync(ecParameters.Curve, P);

// 3. Randomise the token Q, by removing the mask r: W = (1/r)*Q = k*T. Also checks that proof (c,z) is correct.
var W = _initiator.RandomiseToken(ecParameters, publicKey, P, Q, proofC, proofZ, r);
var W = _initiator.RandomiseToken(ecParameters, publicKey.Q, P, Q, proofC, proofZ, r);

// 4. Verify that the token (t,W) is correct.
var isVerified = await _tokenApiClient.VerifyTokenAsync(t, W);
Expand Down
16 changes: 8 additions & 8 deletions src/AnonymousTokens.Client/Protocol/Initiator.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,14 +14,14 @@ public interface IInitiator
public (byte[] t, BigInteger r, ECPoint P) Initiate(ECCurve curve);
public bool VerifyProof(
X9ECParameters ecParameters,
ECPublicKeyParameters K,
ECPoint K,
ECPoint P,
ECPoint Q,
BigInteger c,
BigInteger z);
public ECPoint RandomiseToken(
X9ECParameters ecParameters,
ECPublicKeyParameters K,
ECPoint K,
ECPoint P,
ECPoint Q,
BigInteger c,
Expand Down Expand Up @@ -72,36 +72,36 @@ public Initiator()
/// Used by the initiator. Verifies a transcript of a Chaum-Pedersen protocol instance, using the strong Fiat-Shamir transform.
/// </summary>
/// <param name="ecParameters">Curve parameters</param>
/// <param name="K">The public key parameters for the token scheme</param>
/// <param name="K">The public key point for the token scheme</param>
/// <param name="P">Point initially submitted by the initiator</param>
/// <param name="Q">Point received from the token service</param>
/// <param name="c">Claimed challenge from the Chaum-Pedersen proof</param>
/// <param name="z">Response from the Chaum-Pedersen proof</param>
/// <returns>Returns true if the proof is valid and otherwise returns false</returns>
public bool VerifyProof(X9ECParameters ecParameters, ECPublicKeyParameters K, ECPoint P, ECPoint Q, BigInteger c, BigInteger z)
public bool VerifyProof(X9ECParameters ecParameters, ECPoint K, ECPoint P, ECPoint Q, BigInteger c, BigInteger z)
{
// Compute X = z*G + c*K = r*G
ECPoint? X = ecParameters.G.Multiply(z).Add(K.Q.Multiply(c));
ECPoint? X = ecParameters.G.Multiply(z).Add(K.Multiply(c));

// Compute Y = z*P + c*Q = r*P
ECPoint? Y = P.Multiply(z).Add(Q.Multiply(c));

// Returns true if the challenge from the proof equals the new challenge
return c.Equals(CPChallengeGenerator.CreateChallenge(ecParameters.G, P, K.Q, Q, X, Y));
return c.Equals(CPChallengeGenerator.CreateChallenge(ecParameters.G, P, K, Q, X, Y));
}

/// <summary>
/// Used by the initiator. It first verifies that the incoming token is well-formed, and then removes the previously applied mask.
/// </summary>
/// <param name="ecParameters">Curve parameters</param>
/// <param name="K">The public key parameters for the token scheme</param>
/// <param name="K">The public key point for the token scheme</param>
/// <param name="P">Masked point initially submitted to the token service</param>
/// <param name="Q">Signed masked point returned from the token service</param>
/// <param name="c">Claimed challenge from the Chaum-Pedersen proof</param>
/// <param name="z">Response from the Chaum-Pedersen proof</param>
/// <param name="r">Masking of the initial point</param>
/// <returns>A randomised signature W on the point chosen by the initiator</returns>
public ECPoint RandomiseToken(X9ECParameters ecParameters, ECPublicKeyParameters K, ECPoint P, ECPoint Q, BigInteger c, BigInteger z, BigInteger r)
public ECPoint RandomiseToken(X9ECParameters ecParameters, ECPoint K, ECPoint P, ECPoint Q, BigInteger c, BigInteger z, BigInteger r)
{
ECCurve? curve = ecParameters.Curve;

Expand Down
2 changes: 1 addition & 1 deletion src/Directory.Build.props
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
<EmbedUntrackedSources>true</EmbedUntrackedSources>
<Deterministic>true</Deterministic>
<ContinuousIntegrationBuild Condition="'$(GITHUB_ACTIONS)' == 'true'">true</ContinuousIntegrationBuild>
<Version>1.4.1</Version>
<Version>2.0.0</Version>
<RepositoryUrl>https://github.com/HenrikWM/anonymous-tokens</RepositoryUrl>
<RepositoryType>git</RepositoryType>
<LangVersion>latest</LangVersion>
Expand Down
4 changes: 2 additions & 2 deletions test/AnonymousTokens.Benchmarks/Protocol.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ public void RunProtocolEndToEnd()
var (Q, proofC, proofZ) = _tokenGenerator.GenerateToken(_privateKey, _publicKey.Q, _ecParameters, P);

// 3. Randomise the token Q, by removing the mask r: W = (1/r)*Q = k*T. Also checks that proof (c,z) is correct.
var W = _initiator.RandomiseToken(_ecParameters, _publicKey, P, Q, proofC, proofZ, r);
var W = _initiator.RandomiseToken(_ecParameters, _publicKey.Q, P, Q, proofC, proofZ, r);

// 4. Verify that the token (t,W) is correct.
var isVerified = _tokenVerifier.VerifyTokenAsync(_privateKey, _ecParameters.Curve, t, W).GetAwaiter().GetResult();
Expand All @@ -96,7 +96,7 @@ public void RunProtocolEndToEnd_WithGeneratedKeysAsync()
var (Q, proofC, proofZ) = _tokenGenerator.GenerateToken(_privateKeyGenerated, _publicKeyGenerated.Q, _ecParameters, P);

// 3. Randomise the token Q, by removing the mask r: W = (1/r)*Q = k*T. Also checks that proof (c,z) is correct.
var W = _initiator.RandomiseToken(_ecParameters, _publicKeyGenerated, P, Q, proofC, proofZ, r);
var W = _initiator.RandomiseToken(_ecParameters, _publicKeyGenerated.Q, P, Q, proofC, proofZ, r);

// 4. Verify that the token (t,W) is correct.
var isVerified = _tokenVerifier.VerifyTokenAsync(_privateKeyGenerated, _ecParameters.Curve, t, W).GetAwaiter().GetResult();
Expand Down
14 changes: 7 additions & 7 deletions test/AnonymousTokens.UnitTests/IntegrationTests/ProtocolTests.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ public async void Run()
var (Q, proofC, proofZ) = _tokenGenerator.GenerateToken(_privateKey, _publicKey.Q, _ecParameters, P);

// 3. Randomise the token Q, by removing the mask r: W = (1/r)*Q = k*T. Also checks that proof (c,z) is correct.
var W = _initiator.RandomiseToken(_ecParameters, _publicKey, P, Q, proofC, proofZ, r);
var W = _initiator.RandomiseToken(_ecParameters, _publicKey.Q, P, Q, proofC, proofZ, r);

// 4. Verify that the token (t,W) is correct.
var isVerified = await _tokenVerifier.VerifyTokenAsync(_privateKey, _ecParameters.Curve, t, W);
Expand All @@ -77,7 +77,7 @@ public async void Run_FailWhenSeedIsReplayed()
var (Q, proofC, proofZ) = _tokenGenerator.GenerateToken(_privateKey, _publicKey.Q, _ecParameters, P);

// 3. Randomise the token Q, by removing the mask r: W = (1/r)*Q = k*T. Also checks that proof (c,z) is correct.
var W = _initiator.RandomiseToken(_ecParameters, _publicKey, P, Q, proofC, proofZ, r);
var W = _initiator.RandomiseToken(_ecParameters, _publicKey.Q, P, Q, proofC, proofZ, r);

// 4. Verify that the token (t,W) is correct.
var isVerified = await _tokenVerifier.VerifyTokenAsync(_privateKey, _ecParameters.Curve, t, W);
Expand Down Expand Up @@ -107,7 +107,7 @@ public void Run_FailWhenKeysDontMatch()
var (Q, proofC, proofZ) = _tokenGenerator.GenerateToken(_wrongPrivateKey, _publicKey.Q, _ecParameters, P);

// Verify the proof
var isValid = _initiator.VerifyProof(_ecParameters, _publicKey, P, Q, proofC, proofZ);
var isValid = _initiator.VerifyProof(_ecParameters, _publicKey.Q, P, Q, proofC, proofZ);
Assert.False(isValid, "Keys were incorrect and the proof did not get verified");
}

Expand All @@ -127,7 +127,7 @@ public void Run_FailWhenTokenIsMalformed()
var changedQ = Q.Twice();

// Try randomising the token
var isValid = _initiator.VerifyProof(_ecParameters, _publicKey, P, changedQ, proofC, proofZ);
var isValid = _initiator.VerifyProof(_ecParameters, _publicKey.Q, P, changedQ, proofC, proofZ);
Assert.False(isValid, "The token was malformed and the proof did not get verified");
}

Expand All @@ -147,7 +147,7 @@ public void Run_FailWhenChallengeIsWrong()
var changedC = proofC.Add(BigInteger.One);

// Try randomising the token
var isValid = _initiator.VerifyProof(_ecParameters, _publicKey, P, Q, changedC, proofZ);
var isValid = _initiator.VerifyProof(_ecParameters, _publicKey.Q, P, Q, changedC, proofZ);
Assert.False(isValid, "The challenge was changed and the proof did not get verified");
}

Expand All @@ -167,7 +167,7 @@ public void Run_FailWhenResponseIsWrong()
var changedZ = proofZ.Add(BigInteger.One);

// Try randomising the token
var isValid = _initiator.VerifyProof(_ecParameters, _publicKey, P, Q, proofC, changedZ);
var isValid = _initiator.VerifyProof(_ecParameters, _publicKey.Q, P, Q, proofC, changedZ);
Assert.False(isValid, "The response was changed and the proof did not get verified");
}

Expand Down Expand Up @@ -207,7 +207,7 @@ public async void Run_FailWhenWIsInvalid()
var (Q, proofC, proofZ) = _tokenGenerator.GenerateToken(_privateKey, _publicKey.Q, _ecParameters, P);

// 3. Randomise the token Q, by removing the mask r: W = (1/r)*Q = k*T. Also checks that proof (c,z) is correct.
var W = _initiator.RandomiseToken(_ecParameters, _publicKey, P, Q, proofC, proofZ, r);
var W = _initiator.RandomiseToken(_ecParameters, _publicKey.Q, P, Q, proofC, proofZ, r);

// Create a new point with invalid coordinates
var invalidW = _ecParameters.Curve.CreatePoint(W.XCoord.ToBigInteger().Add(BigInteger.One), W.YCoord.ToBigInteger());
Expand Down

0 comments on commit 0995403

Please sign in to comment.