Commit 6ea9a10d authored by Stephane Glondu's avatar Stephane Glondu
Browse files

Indentation of tool functors

parent 5a2f384d
......@@ -23,184 +23,184 @@ open Util
module RunCredgen (X : sig end) = struct
(* Setup group *)
module G = Election.DefaultGroup;;
assert (Election.check_finite_field G.group);;
(* Some helpers *)
let digits = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"
let token_length = 14
let n58 = Z.of_int 58
let n53 = Z.of_int 53
let public_key_of_token uuid x =
let open Cryptokit in
let salt = transform_string (Hexa.decode ()) uuid in
let hex =
pbkdf2 ~prf:MAC.hmac_sha256 ~iterations:1000 ~size:1 ~salt x |>
transform_string (Hexa.encode ())
in
let x = Z.(of_string_base 16 hex mod G.q) in
let y = G.(g **~ x) in
Z.to_string y
(* Argument parsing *)
let dir = ref (Sys.getcwd ())
let uuid = ref None
let count = ref None
let file = ref None
let derive = ref None
let speclist = Arg.([
"--dir", String (fun s -> dir := s), "directory where output will be written";
"--uuid", String (fun s -> uuid := Some s), "UUID of the election";
"--count", Int (fun i -> count := Some i), "number of credentials to generate";
"--file", String (fun s -> file := Some s), "file with list of identities";
"--derive", String (fun s -> derive := Some s), "derive public credential from given private one";
])
let usage_msg =
Printf.sprintf "Usage: %s credgen [--dir <dir>] --uuid <uuid> {--count <n> | --file <file> | --derive <privcred>}" Sys.argv.(0)
let anon_fun x =
Printf.eprintf "I do not know what to do with %s!\n" x;
exit 1
let () = Arg.parse speclist anon_fun usage_msg
let remove_dashes x =
let n = String.length x in
let res = Buffer.create n in
for i = 0 to n-1 do
let c = x.[i] in
if c <> '-' then Buffer.add_char res c;
done;
Buffer.contents res
let uuid = match !uuid with
| None ->
Printf.eprintf "UUID is missing!\n";
(* Setup group *)
module G = Election.DefaultGroup;;
assert (Election.check_finite_field G.group);;
(* Some helpers *)
let digits = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"
let token_length = 14
let n58 = Z.of_int 58
let n53 = Z.of_int 53
let public_key_of_token uuid x =
let open Cryptokit in
let salt = transform_string (Hexa.decode ()) uuid in
let hex =
pbkdf2 ~prf:MAC.hmac_sha256 ~iterations:1000 ~size:1 ~salt x |>
transform_string (Hexa.encode ())
in
let x = Z.(of_string_base 16 hex mod G.q) in
let y = G.(g **~ x) in
Z.to_string y
(* Argument parsing *)
let dir = ref (Sys.getcwd ())
let uuid = ref None
let count = ref None
let file = ref None
let derive = ref None
let speclist = Arg.([
"--dir", String (fun s -> dir := s), "directory where output will be written";
"--uuid", String (fun s -> uuid := Some s), "UUID of the election";
"--count", Int (fun i -> count := Some i), "number of credentials to generate";
"--file", String (fun s -> file := Some s), "file with list of identities";
"--derive", String (fun s -> derive := Some s), "derive public credential from given private one";
])
let usage_msg =
Printf.sprintf "Usage: %s credgen [--dir <dir>] --uuid <uuid> {--count <n> | --file <file> | --derive <privcred>}" Sys.argv.(0)
let anon_fun x =
Printf.eprintf "I do not know what to do with %s!\n" x;
exit 1
| Some u ->
match Uuidm.of_string u with
| Some _ -> remove_dashes u
| None ->
Printf.eprintf "UUID is invalid!\n";
exit 1
let count, ids =
match !count, !file, !derive with
| Some i, None, None ->
if i < 1 then (
Printf.eprintf "You must generate at least one credential!\n";
exit 1
); i, None
| None, Some f, None ->
let ic = open_in f in
let rec loop accu =
match (try Some (input_line ic) with End_of_file -> None) with
| Some "" -> loop accu
| Some x -> loop (x::accu)
| None -> List.rev accu
in
let res = loop [] in
close_in ic;
List.length res, Some res
| None, None, Some d ->
print_endline (public_key_of_token uuid d);
exit 0
| None, None, None ->
Printf.eprintf "Nothing to do: use --count, --file or --derive!\n";
exit 1
| _, _, _ ->
Printf.eprintf "Conflicting options!\n";
let () = Arg.parse speclist anon_fun usage_msg
let remove_dashes x =
let n = String.length x in
let res = Buffer.create n in
for i = 0 to n-1 do
let c = x.[i] in
if c <> '-' then Buffer.add_char res c;
done;
Buffer.contents res
let uuid = match !uuid with
| None ->
Printf.eprintf "UUID is missing!\n";
exit 1
;;
(* The generation itself, if requested *)
let prng = Cryptokit.Random.(pseudo_rng (string secure_rng 16))
let random_char () = int_of_char (Cryptokit.Random.string prng 1).[0]
let generate_raw_token () =
let res = String.create token_length in
let rec loop i accu =
if i < token_length then (
let digit = random_char () mod 58 in
res.[i] <- digits.[digit];
loop (i+1) Z.(n58 * accu + of_int digit)
) else (res, accu)
in loop 0 Z.zero
let generate_token () =
let (raw, value) = generate_raw_token () in
let checksum = 53 - Z.(to_int (value mod n53)) in
raw ^ String.make 1 digits.[checksum]
let private_credentials =
let rec loop i accu =
if i > 0 then loop (i-1) (generate_token () :: accu)
else accu
in loop count []
let public_credentials =
List.map (public_key_of_token uuid) private_credentials
let hashed_credentials = option_map (fun ids ->
List.map2 (fun id cred ->
Printf.sprintf "%s %s" (sha256_hex cred) id
) ids public_credentials
) ids
(* Save to files *)
let timestamp = Printf.sprintf "%.0f" (Unix.time ())
let pub =
"public credentials",
timestamp ^ ".public",
0o444,
List.sort compare public_credentials
let priv =
let kind, creds = match ids with
| None -> "private credentials", private_credentials
| Some ids -> "private credentials with ids",
List.map2 (fun id cred ->
Printf.sprintf "%s %s" cred id
) ids private_credentials
in
kind,
timestamp ^ ".private",
0o400,
List.sort compare creds
let hashed = option_map (fun h ->
"hashed credentials with ids",
timestamp ^ ".hashed",
0o400,
List.sort compare h
) hashed_credentials
let output_endline oc x =
output_string oc x;
output_char oc '\n'
let save (kind, filename, perm, thing) =
let full_filename = Filename.concat !dir filename in
let oc = open_out_gen [
Open_wronly; Open_creat; Open_excl
] perm full_filename in
List.iter (output_endline oc) thing;
close_out oc;
Printf.printf "%d %s saved to %s\n%!" count kind full_filename;;
save pub;;
save priv;;
ignore (option_map save hashed);;
| Some u ->
match Uuidm.of_string u with
| Some _ -> remove_dashes u
| None ->
Printf.eprintf "UUID is invalid!\n";
exit 1
let count, ids =
match !count, !file, !derive with
| Some i, None, None ->
if i < 1 then (
Printf.eprintf "You must generate at least one credential!\n";
exit 1
); i, None
| None, Some f, None ->
let ic = open_in f in
let rec loop accu =
match (try Some (input_line ic) with End_of_file -> None) with
| Some "" -> loop accu
| Some x -> loop (x::accu)
| None -> List.rev accu
in
let res = loop [] in
close_in ic;
List.length res, Some res
| None, None, Some d ->
print_endline (public_key_of_token uuid d);
exit 0
| None, None, None ->
Printf.eprintf "Nothing to do: use --count, --file or --derive!\n";
exit 1
| _, _, _ ->
Printf.eprintf "Conflicting options!\n";
exit 1
;;
(* The generation itself, if requested *)
let prng = Cryptokit.Random.(pseudo_rng (string secure_rng 16))
let random_char () = int_of_char (Cryptokit.Random.string prng 1).[0]
let generate_raw_token () =
let res = String.create token_length in
let rec loop i accu =
if i < token_length then (
let digit = random_char () mod 58 in
res.[i] <- digits.[digit];
loop (i+1) Z.(n58 * accu + of_int digit)
) else (res, accu)
in loop 0 Z.zero
let generate_token () =
let (raw, value) = generate_raw_token () in
let checksum = 53 - Z.(to_int (value mod n53)) in
raw ^ String.make 1 digits.[checksum]
let private_credentials =
let rec loop i accu =
if i > 0 then loop (i-1) (generate_token () :: accu)
else accu
in loop count []
let public_credentials =
List.map (public_key_of_token uuid) private_credentials
let hashed_credentials = option_map (fun ids ->
List.map2 (fun id cred ->
Printf.sprintf "%s %s" (sha256_hex cred) id
) ids public_credentials
) ids
(* Save to files *)
let timestamp = Printf.sprintf "%.0f" (Unix.time ())
let pub =
"public credentials",
timestamp ^ ".public",
0o444,
List.sort compare public_credentials
let priv =
let kind, creds = match ids with
| None -> "private credentials", private_credentials
| Some ids -> "private credentials with ids",
List.map2 (fun id cred ->
Printf.sprintf "%s %s" cred id
) ids private_credentials
in
kind,
timestamp ^ ".private",
0o400,
List.sort compare creds
let hashed = option_map (fun h ->
"hashed credentials with ids",
timestamp ^ ".hashed",
0o400,
List.sort compare h
) hashed_credentials
let output_endline oc x =
output_string oc x;
output_char oc '\n'
let save (kind, filename, perm, thing) =
let full_filename = Filename.concat !dir filename in
let oc = open_out_gen [
Open_wronly; Open_creat; Open_excl
] perm full_filename in
List.iter (output_endline oc) thing;
close_out oc;
Printf.printf "%d %s saved to %s\n%!" count kind full_filename;;
save pub;;
save priv;;
ignore (option_map save hashed);;
end
......
......@@ -24,54 +24,54 @@ open Serializable_t
module RunTrusteeKeygen (X : sig end) = struct
(* Setup group *)
module G = Election.DefaultGroup;;
assert (Election.check_finite_field G.group);;
module M = Election.MakeSimpleMonad(G);;
(* Generate key *)
module KG = Election.MakeSimpleDistKeyGen(G)(M);;
let private_key, public_key = KG.generate_and_prove () ();;
assert (KG.check public_key);;
(* Save to file *)
let id = String.sub
(sha256_hex (Z.to_string public_key.trustee_public_key))
0 8 |> String.uppercase
;;
Printf.printf "Keypair %s has been generated\n%!" id;;
let pubkey =
"public",
id ^ ".public",
0o444,
public_key,
Serializable_j.write_trustee_public_key Serializable_builtin_j.write_number
let privkey =
"private",
id ^ ".private",
0o400,
private_key,
Serializable_builtin_j.write_number
let save (kind, filename, perm, thing, writer) =
let oc = open_out_gen [Open_wronly; Open_creat] perm filename in
let ob = Bi_outbuf.create_channel_writer oc in
writer ob thing;
Bi_outbuf.flush_channel_writer ob;
close_out oc;
Printf.printf "%s key saved to %s\n%!" (String.capitalize kind) filename;
(* set permissions in the unlikely case where the file already existed *)
Unix.chmod filename perm;;
save pubkey;;
save privkey;;
(* Setup group *)
module G = Election.DefaultGroup;;
assert (Election.check_finite_field G.group);;
module M = Election.MakeSimpleMonad(G);;
(* Generate key *)
module KG = Election.MakeSimpleDistKeyGen(G)(M);;
let private_key, public_key = KG.generate_and_prove () ();;
assert (KG.check public_key);;
(* Save to file *)
let id = String.sub
(sha256_hex (Z.to_string public_key.trustee_public_key))
0 8 |> String.uppercase
;;
Printf.printf "Keypair %s has been generated\n%!" id;;
let pubkey =
"public",
id ^ ".public",
0o444,
public_key,
Serializable_j.write_trustee_public_key Serializable_builtin_j.write_number
let privkey =
"private",
id ^ ".private",
0o400,
private_key,
Serializable_builtin_j.write_number
let save (kind, filename, perm, thing, writer) =
let oc = open_out_gen [Open_wronly; Open_creat] perm filename in
let ob = Bi_outbuf.create_channel_writer oc in
writer ob thing;
Bi_outbuf.flush_channel_writer ob;
close_out oc;
Printf.printf "%s key saved to %s\n%!" (String.capitalize kind) filename;
(* set permissions in the unlikely case where the file already existed *)
Unix.chmod filename perm;;
save pubkey;;
save privkey;;
end
......
......@@ -62,189 +62,189 @@ end
module GetParams (X : sig end) : PARAMS = struct
(* Command-line arguments *)
(* Command-line arguments *)
let dir = ref (Sys.getcwd ())
let sk_file = ref None
let dir = ref (Sys.getcwd ())
let sk_file = ref None
let speclist = Arg.([
"--dir", String (fun s -> dir := s), "chdir to that directory first";
"--decrypt", String (fun s -> sk_file := Some s), "do partial decryption";
])
let speclist = Arg.([
"--dir", String (fun s -> dir := s), "chdir to that directory first";
"--decrypt", String (fun s -> sk_file := Some s), "do partial decryption";
])
let usage_msg =
Printf.sprintf "Usage: %s election [--dir <dir>] [--decrypt <privkey>]" Sys.argv.(0)
let usage_msg =
Printf.sprintf "Usage: %s election [--dir <dir>] [--decrypt <privkey>]" Sys.argv.(0)
let anon_fun x =
Printf.eprintf "I do not know what to do with %s!\n" x;
exit 1
let anon_fun x =
Printf.eprintf "I do not know what to do with %s!\n" x;
exit 1
let () = Arg.parse speclist anon_fun usage_msg
let () = Arg.parse speclist anon_fun usage_msg
let () = Sys.chdir !dir
let () = Sys.chdir !dir
(* Load and check election *)
(* Load and check election *)
let params, election_fingerprint =
match (load_from_file (fun l ->
Serializable_j.(params_of_string read_ff_pubkey l),
sha256_b64 l
) "election.json") with
| Some [e] -> e
| _ -> failwith "invalid election file"
let params, election_fingerprint =
match (load_from_file (fun l ->
Serializable_j.(params_of_string read_ff_pubkey l),
sha256_b64 l
) "election.json") with
| Some [e] -> e
| _ -> failwith "invalid election file"
let {ffpk_g = g; ffpk_p = p; ffpk_q = q; ffpk_y = y} = params.e_public_key
let group = {g; p; q}
let () = assert (Election.check_finite_field group)
let {ffpk_g = g; ffpk_p = p; ffpk_q = q; ffpk_y = y} = params.e_public_key
let group = {g; p; q}
let () = assert (Election.check_finite_field group)
end
end
module RunTool (G : Election.FF_GROUP) (P : PARAMS) = struct
module RunTool (G : Election.FF_GROUP) (P : PARAMS) = struct
open P
module M = Election.MakeSimpleMonad(G)
module E = Election.MakeElection(G)(M);;
open P
module M = Election.MakeSimpleMonad(G)
module E = Election.MakeElection(G)(M);;
(* Load and check trustee keys, if present *)
(* Load and check trustee keys, if present *)
module KG = Election.MakeSimpleDistKeyGen(G)(M);;
module KG = Election.MakeSimpleDistKeyGen(G)(M);;
let public_keys_with_pok =
load_from_file (
Serializable_j.trustee_public_key_of_string read_number
) "public_keys.jsons" |> option_map Array.of_list
let public_keys_with_pok =
load_from_file (
Serializable_j.trustee_public_key_of_string read_number
) "public_keys.jsons" |> option_map Array.of_list
let () =
match public_keys_with_pok with
| Some pks ->
assert (Array.forall KG.check pks);
let y' = KG.combine pks in
assert (P.y =% y')
| None -> ()
let () =
match public_keys_with_pok with
| Some pks ->
assert (Array.forall KG.check pks);
let y' = KG.combine pks in
assert (P.y =% y')
| None -> ()
let public_keys =
option_map (
Array.map (fun pk -> pk.trustee_public_key)
) public_keys_with_pok
let public_keys =
option_map (
Array.map (fun pk -> pk.trustee_public_key)
) public_keys_with_pok
(* Finish setting up the election *)
(* Finish setting up the election *)
let metadata =
match (load_from_file Serializable_j.metadata_of_string "metadata.json") with
| Some [m] -> Some m
| Some _ -> failwith "invalid metadata.json"
| None -> None
let metadata =
match (load_from_file Serializable_j.metadata_of_string "metadata.json") with
| Some [m] -> Some m
| Some _ -> failwith "invalid metadata.json"
| None -> None
let pks = match public_keys with
| Some pks -> pks
| None -> failwith "missing public keys"
let pks = match public_keys with
| Some pks -> pks
| None -> failwith "missing public keys"
let e = {
e_params = { params with e_public_key = P.y };
e_meta = metadata;
e_pks = Some pks;
e_fingerprint = election_fingerprint;
}
let e = {
e_params = { params with e_public_key = P.y };
e_meta = metadata;
e_pks = Some pks;
e_fingerprint = election_fingerprint;
}