This is an automated email from the ASF dual-hosted git repository. sandreoli pushed a commit to branch review in repository https://gitbox.apache.org/repos/asf/incubator-milagro-MPC.git
commit eebc718d1211156e50cfb14d47f438ad4505af00 Author: Samuele Andreoli <[email protected]> AuthorDate: Mon Feb 10 12:30:57 2020 +0000 review factoring zkp --- benchmark/bench_factoring_zk.c | 2 +- examples/example_factoring_zk.c | 2 +- include/amcl/factoring_zk.h | 3 +++ src/factoring_zk.c | 26 +++++++++++++++----------- test/smoke/test_factoring_zk_smoke.c | 2 +- test/unit/test_factoring_zk_verify.c | 6 +++--- 6 files changed, 24 insertions(+), 17 deletions(-) diff --git a/benchmark/bench_factoring_zk.c b/benchmark/bench_factoring_zk.c index 7b23191..e7f97df 100644 --- a/benchmark/bench_factoring_zk.c +++ b/benchmark/bench_factoring_zk.c @@ -99,7 +99,7 @@ int main() } while (elapsed < MIN_TIME || iterations < MIN_ITERS); - if (!rc) + if (rc != FACTORING_ZK_OK) { printf("FAILURE FACTORING_ZK_verify: %d\n", rc); exit(EXIT_FAILURE); diff --git a/examples/example_factoring_zk.c b/examples/example_factoring_zk.c index 079eab1..d3924f8 100644 --- a/examples/example_factoring_zk.c +++ b/examples/example_factoring_zk.c @@ -79,7 +79,7 @@ int main() // Verify proof printf("\nVerify prove (E, Y) for integer N\n"); - if(FACTORING_ZK_verify(&N, &E, &Y)) + if(FACTORING_ZK_verify(&N, &E, &Y) == FACTORING_ZK_OK) { printf("\tSuccess!\n"); } diff --git a/include/amcl/factoring_zk.h b/include/amcl/factoring_zk.h index 290d201..bb853cd 100644 --- a/include/amcl/factoring_zk.h +++ b/include/amcl/factoring_zk.h @@ -40,6 +40,9 @@ extern "C" #define FACTORING_ZK_B 16 /**< Security parameter, length in bytes */ +#define FACTORING_ZK_OK 0 /** < Proof successfully verified */ +#define FACTORING_ZK_FAIL 91 /** < Invalid proof */ + /*! * \brief RSA modulus for ZKP */ diff --git a/src/factoring_zk.c b/src/factoring_zk.c index 3f7f5fc..513f364 100644 --- a/src/factoring_zk.c +++ b/src/factoring_zk.c @@ -54,7 +54,7 @@ void generator(hash256 *sha, int k, octet *O) hash256 shai; - OCT_clear(O); + OCT_empty(O); // Complete SEED with I2OSP(k, 4) c[0] = (k >> 24) & 0xFF; @@ -179,10 +179,10 @@ void FACTORING_ZK_prove(FACTORING_ZK_modulus *m, csprng *RNG, octet *R, octet *E // Compute e = H(N, Z1, Z2, X) hash_oct(&sha_prime, &W); - HASH256_hash(&sha_prime, E->val); - E->len = FACTORING_ZK_B; + HASH256_hash(&sha_prime, W.val); + W.len = FACTORING_ZK_B; - OCT_copy(&W, E); + OCT_copy(E, &W); OCT_pad(&W, HFS_2048); FF_2048_fromOctet(e, &W, HFLEN_2048); @@ -199,13 +199,12 @@ void FACTORING_ZK_prove(FACTORING_ZK_modulus *m, csprng *RNG, octet *R, octet *E FF_2048_norm(ws, FFLEN_2048); FF_2048_toOctet(Y, ws, FFLEN_2048); - if (R != NULL) - { - FF_2048_toOctet(R, r, FFLEN_2048); - } - // Clear memory - FF_2048_zero(r, FFLEN_2048); + FF_2048_zero(r, FFLEN_2048); + FF_2048_zero(rp, HFLEN_2048); + FF_2048_zero(rq, HFLEN_2048); + FF_2048_zero(zrp, HFLEN_2048); + FF_2048_zero(zrq, HFLEN_2048); } int FACTORING_ZK_verify(octet *N, octet *E, octet *Y) @@ -284,7 +283,12 @@ int FACTORING_ZK_verify(octet *N, octet *E, octet *Y) HASH256_hash(&sha_prime, W.val); W.len = FACTORING_ZK_B; - return OCT_comp(&W, E); + if (!OCT_comp(&W, E)) + { + return FACTORING_ZK_FAIL; + } + + return FACTORING_ZK_OK; } void FACTORING_ZK_kill_modulus(FACTORING_ZK_modulus *m) diff --git a/test/smoke/test_factoring_zk_smoke.c b/test/smoke/test_factoring_zk_smoke.c index c770926..4e5f065 100644 --- a/test/smoke/test_factoring_zk_smoke.c +++ b/test/smoke/test_factoring_zk_smoke.c @@ -66,7 +66,7 @@ int main() FF_2048_toOctet(&N, m.n, FFLEN_2048); // Verify proof - if (!FACTORING_ZK_verify(&N, &E, &Y)) + if (FACTORING_ZK_verify(&N, &E, &Y) != FACTORING_ZK_OK) { printf("FAILURE FACTORING_ZK_verify\n"); exit(EXIT_FAILURE); diff --git a/test/unit/test_factoring_zk_verify.c b/test/unit/test_factoring_zk_verify.c index 6f92419..c142f7c 100644 --- a/test/unit/test_factoring_zk_verify.c +++ b/test/unit/test_factoring_zk_verify.c @@ -77,7 +77,7 @@ int main(int argc, char **argv) if (!strncmp(line, last_line, strlen(last_line))) { rc = FACTORING_ZK_verify(&N, &E, &Y); - assert_tv(fp, testNo, "FACTORING_ZK_verify", rc); + assert_tv(fp, testNo, "FACTORING_ZK_verify", rc == FACTORING_ZK_OK); // Mark that at least one test vector was executed test_run = 1; @@ -95,8 +95,8 @@ int main(int argc, char **argv) /* Test unhappy path */ E.val[0]++; - rc = !FACTORING_ZK_verify(&N, &E, &Y); - assert(NULL, "FACTORING_ZK_verify. Invalid E", rc); + rc = FACTORING_ZK_verify(&N, &E, &Y); + assert(NULL, "FACTORING_ZK_verify. Invalid E", rc == FACTORING_ZK_FAIL); printf("SUCCESS\n"); exit(EXIT_SUCCESS);
