func (sn *Node) VerifyAllProofs(view int, chm *ChallengeMessage, proofForClient proof.Proof) {
sn.roundLock.RLock()
round := sn.Rounds[chm.Round]
sn.roundLock.RUnlock()
// proof from client to my root
proof.CheckProof(sn.Suite().Hash, round.MTRoot, round.LocalMTRoot, round.Proofs["local"])
// proof from my root to big root
dbg.Lvl4(sn.Name(), "verifying for view", view)
proof.CheckProof(sn.Suite().Hash, chm.MTRoot, round.MTRoot, chm.Proof)
// proof from client to big root
proof.CheckProof(sn.Suite().Hash, chm.MTRoot, round.LocalMTRoot, proofForClient)
}
// Verifies that the 'message' is included in the signature and that it
// is correct.
// Message is your own hash, and reply contains the inclusion proof + signature
// on the aggregated message
func VerifySignature(suite abstract.Suite, reply *StampSignature, public abstract.Point, message []byte) bool {
// Check if aggregate public key is correct
if !public.Equal(reply.AggPublic) {
dbg.Lvl1("Aggregate-public-key check: FAILED (maybe you have an outdated config file of the tree)")
return false
}
// First check if the challenge is ok
if err := VerifyChallenge(suite, reply); err != nil {
dbg.Lvl1("Challenge-check: FAILED (", err, ")")
return false
}
dbg.Lvl2("Challenge-check: OK")
// Incorporate the timestamp in the message since the verification process
// is done by reconstructing the challenge
var b bytes.Buffer
if err := binary.Write(&b, binary.LittleEndian, reply.Timestamp); err != nil {
dbg.Lvl1("Error marshaling the timestamp for signature verification")
return false
}
msg := append(b.Bytes(), []byte(reply.MerkleRoot)...)
if err := VerifySchnorr(suite, msg, public, reply.Challenge, reply.Response); err != nil {
dbg.Lvl1("Signature-check: FAILED (", err, ")")
return false
}
dbg.Lvl2("Signature-check: OK")
// finally check the proof
if !proof.CheckProof(suite.Hash, reply.MerkleRoot, hashid.HashId(message), reply.Prf) {
dbg.Lvl2("Inclusion-check: FAILED")
return false
}
dbg.Lvl2("Inclusion-check: OK")
return true
}
func (round *RoundStamper) SignatureBroadcast(in *sign.SigningMessage, out []*sign.SigningMessage) error {
round.RoundCosi.SignatureBroadcast(in, out)
round.Proof = round.RoundCosi.Cosi.Proof
round.MTRoot = round.RoundCosi.Cosi.MTRoot
round.CombProofs = make([]proof.Proof, len(round.StampQueue))
// Send back signature to clients
for i, msg := range round.StampQueue {
// proof to get from s.Root to big root
combProof := make(proof.Proof, len(round.Proof))
copy(combProof, round.Proof)
// add my proof to get from a leaf message to my root s.Root
combProof = append(combProof, round.StampProofs[i]...)
// proof that I can get from a leaf message to the big root
if proof.CheckProof(round.Suite.Hash, round.MTRoot,
round.StampLeaves[i], combProof) {
dbg.Lvl2("Proof is OK for msg", msg)
} else {
dbg.Lvl2("Inclusion-proof failed")
}
round.CombProofs[i] = combProof
}
return nil
}
func (s *Server) OnDone() sign.DoneFunc {
return func(view int, SNRoot hashid.HashId, LogHash hashid.HashId, p proof.Proof) {
s.mux.Lock()
for i, msg := range s.Queue[s.PROCESSING] {
// proof to get from s.Root to big root
combProof := make(proof.Proof, len(p))
copy(combProof, p)
// add my proof to get from a leaf message to my root s.Root
combProof = append(combProof, s.Proofs[i]...)
// proof that i can get from a leaf message to the big root
if sign.DEBUG == true {
proof.CheckProof(s.Signer.(*sign.Node).Suite().Hash, SNRoot, s.Leaves[i], combProof)
}
respMessg := TimeStampMessage{
Type: StampReplyType,
ReqNo: msg.Tsm.ReqNo,
Srep: &StampReply{Sig: SNRoot, Prf: combProof}}
s.PutToClient(msg.To, respMessg)
}
s.mux.Unlock()
}
}