// Produces a bad signature that has a malformed approve message
func produceSigWithBadMessage() *signature {
set := anon.Set{insurerKeys[0].Public}
approveMsg := "Bad message"
digSig := anon.Sign(insurerKeys[0].Suite, random.Stream, []byte(approveMsg),
set, nil, 0, insurerKeys[0].Secret)
return new(signature).init(insurerKeys[0].Suite, digSig)
}
/* Creates a new policy-approved message
*
* Arguments:
* kp = the private/public key of the insuring server.
* theirKey = the public key of the server who requested the insurance
*
* Returns:
* A new policy approved message.
*
* NOTE:
* The approved certificate is a string of the form:
* "My_Public_Key insures Their_Public_Key"
*
* It will always be of this form for easy validation.
*/
func (msg *PolicyApprovedMessage) createMessage(kp *config.KeyPair,
theirKey abstract.Point) *PolicyApprovedMessage {
set := anon.Set{kp.Public}
approveMsg := kp.Public.String() + " insures " + theirKey.String()
msg.PubKey = kp.Public
msg.Message = []byte(approveMsg)
msg.Signature = anon.Sign(kp.Suite, random.Stream, msg.Message,
set, nil, 0, kp.Secret)
return msg
}
// signSystemPacket will sign the packet using the crypto library with package
// anon. No anonymity set here. Must pass the private / public keys to sign.
func signSystemPacket(sys SystemPacket, kp config.KeyPair) []byte {
var buf bytes.Buffer
if err := suite.Write(&buf, sys); err != nil {
dbg.Fatal("Could not sign the system packet:", err)
}
// setup
X := make([]abstract.Point, 1)
mine := 0
X[mine] = kp.Public
// The actual signing
sig := anon.Sign(suite, random.Stream, buf.Bytes(), anon.Set(X), nil, mine, kp.Secret)
return sig
}
func (s *shuffler) signStateVector(state *stateVector) ([]byte, error) {
rand := s.suite.Cipher(abstract.RandomKey)
st := state.States
for i := 1; i < len(st); i++ {
S, Sbar := st[i-1], st[i]
X, Y := S.X, S.Dec
Xbar, Ybar := Sbar.X, Sbar.Y
H, prf := Sbar.G, Sbar.Prf
// Verify the shuffle.
verifier := shuffle.Verifier(s.suite, nil, H, X, Y, Xbar, Ybar)
err := proof.HashVerify(s.suite, "PairShuffle", verifier, prf)
if err != nil {
panic("verify failed")
return nil, err
}
// Verify the decryption.
seed := abstract.Sum(s.suite, prf)
verRand := s.suite.Cipher(seed)
dec, decPrf := Sbar.Dec, Sbar.DecPrf
// Scratch space for calculations.
pair, c := s.suite.Point(), s.suite.Secret()
zp := s.suite.Point()
for j := range dec {
pair.Sub(Ybar[j], dec[j])
c.Pick(verRand)
T := decPrf[j].T
ss := decPrf[j].S
if !zp.Mul(Xbar[j], ss).Equal(T.Add(T, pair.Mul(pair, c))) {
return nil, errors.New("invalid decryption proof")
}
}
}
bytes, _ := protobuf.Encode(state)
return anon.Sign(s.suite, rand, bytes, anon.Set{s.H}, nil, 0, s.h), nil
}
/* An internal helper function responsible for producing signatures
*
* Arguments
* i = the index of the insurer's share
* gKeyPair = the long term public/private keypair of the insurer.
* msg = the message to sign
*
* Return
* A signature object with the signature.
*/
func (p *Deal) sign(i int, gKeyPair *config.KeyPair, msg []byte) *signature {
set := anon.Set{gKeyPair.Public}
sig := anon.Sign(gKeyPair.Suite, random.Stream, msg, set, nil, 0,
gKeyPair.Secret)
return new(signature).init(gKeyPair.Suite, sig)
}
