Skip to content

Commit

Permalink
improved sign/verify code
Browse files Browse the repository at this point in the history
  • Loading branch information
@jaromil
jaromil committed Jul 5, 2024
1 parent d0bf4d3 commit 482c8bd
Showing 1 changed file with 15 additions and 13 deletions.
28 changes: 15 additions & 13 deletions POC.lua
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,13 +29,14 @@ function issuer_sign(claims)
local signed = { }
local revs= { }
for k,v in pairs(CLAIMS) do
local rev = BIG.random()
local rSK = BIG.random()
local m = k..'='..v
local rPK = (G2 * rev):to_zcash()
local h = sha256(m..rPK)
local sig = sign(A.sk, h) + sign(rev, h)
signed[m] = { H = h, s = sig, r = rPK }
revs['HolderID/'..m] = rev
local o = { }
o.r = (G2 * rSK):to_zcash()
o.H = sha256(m..o.r)
o.s = sign(A.sk, o.H..o.r) + sign(rSK, o.H..o.r)
signed[m] = o
revs['HolderID/'..m] = rSK
end
return signed, revs
end
Expand Down Expand Up @@ -72,6 +73,10 @@ function holder_prove(signed_claims, disclosures)
return res
end

function verify_proof(APK, proof)
return verify(ECP2.from_zcash(proof.r) + APK, proof.H..proof.r, proof.s)
end

function revocation_contains(revocations, proof)
local res = false -- store here result for constant time operations
-- I.warn(revocations)
Expand Down Expand Up @@ -115,7 +120,7 @@ CREDENTIAL_PROOF = holder_prove(SIGNED_CLAIMS, DISCLOSE)
for _,proof in pairs(CREDENTIAL_PROOF) do
local H = sha256(proof.m..proof.r)
assert(H == proof.H, "Invalid proof hash")
assert( verify(ECP2.from_zcash(proof.r) + A.pk, H, proof.s) )
assert( verify_proof(A.pk, proof) )
if proof.m == 'gender=male' then
assert(revocation_contains(REVOKED, proof), "Not revoked: "..proof.m)
else
Expand All @@ -126,8 +131,7 @@ end
warn('random proof.s')
for _,proof in pairs(CREDENTIAL_PROOF) do
proof.s = ECP.random() -- FUZZ
assert( not verify(ECP2.from_zcash(proof.r) + A.pk,
proof.id, proof.s) )
assert( not verify_proof(A.pk, proof) )
if proof.m == 'gender=male' then
assert(revocation_contains(REVOKED, proof), "Not revoked: "..proof.m)
else
Expand All @@ -138,14 +142,12 @@ end
warn('random proof.r')
for _,proof in pairs(CREDENTIAL_PROOF) do
proof.r = ECP2.random():to_zcash() -- FUZZ
assert( not verify(ECP2.from_zcash(proof.r) + A.pk,
proof.m, proof.s) )
assert(not verify_proof(A.pk, proof) )
assert(not revocation_contains(REVOKED, proof), "Revoked: "..proof.m)
end

warn('random A.pk')
for _,proof in pairs(CREDENTIAL_PROOF) do
assert( not verify(ECP2.from_zcash(proof.r) + ECP2.random(),
proof.m, proof.s) )
assert(not verify_proof(A.pk, proof) )
assert(not revocation_contains(REVOKED, proof), "Revoked: "..proof.m)
end

0 comments on commit 482c8bd

Please sign in to comment.