Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
belenios
belenios
Commits
6ea9a10d
Commit
6ea9a10d
authored
Nov 26, 2013
by
Stephane Glondu
Browse files
Indentation of tool functors
parent
5a2f384d
Changes
3
Hide whitespace changes
Inline
Side-by-side
src/bin/credgen.ml
View file @
6ea9a10d
...
...
@@ -23,184 +23,184 @@ open Util
module
RunCredgen
(
X
:
sig
end
)
=
struct
(* Setup group *)
module
G
=
Election
.
DefaultGroup
;;
assert
(
Election
.
check_finite_field
G
.
group
);;
(* Some helpers *)
let
digits
=
"123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"
let
token_length
=
14
let
n58
=
Z
.
of_int
58
let
n53
=
Z
.
of_int
53
let
public_key_of_token
uuid
x
=
let
open
Cryptokit
in
let
salt
=
transform_string
(
Hexa
.
decode
()
)
uuid
in
let
hex
=
pbkdf2
~
prf
:
MAC
.
hmac_sha256
~
iterations
:
1000
~
size
:
1
~
salt
x
|>
transform_string
(
Hexa
.
encode
()
)
in
let
x
=
Z
.(
of_string_base
16
hex
mod
G
.
q
)
in
let
y
=
G
.(
g
**~
x
)
in
Z
.
to_string
y
(* Argument parsing *)
let
dir
=
ref
(
Sys
.
getcwd
()
)
let
uuid
=
ref
None
let
count
=
ref
None
let
file
=
ref
None
let
derive
=
ref
None
let
speclist
=
Arg
.([
"--dir"
,
String
(
fun
s
->
dir
:=
s
)
,
"directory where output will be written"
;
"--uuid"
,
String
(
fun
s
->
uuid
:=
Some
s
)
,
"UUID of the election"
;
"--count"
,
Int
(
fun
i
->
count
:=
Some
i
)
,
"number of credentials to generate"
;
"--file"
,
String
(
fun
s
->
file
:=
Some
s
)
,
"file with list of identities"
;
"--derive"
,
String
(
fun
s
->
derive
:=
Some
s
)
,
"derive public credential from given private one"
;
])
let
usage_msg
=
Printf
.
sprintf
"Usage: %s credgen [--dir <dir>] --uuid <uuid> {--count <n> | --file <file> | --derive <privcred>}"
Sys
.
argv
.
(
0
)
let
anon_fun
x
=
Printf
.
eprintf
"I do not know what to do with %s!
\n
"
x
;
exit
1
let
()
=
Arg
.
parse
speclist
anon_fun
usage_msg
let
remove_dashes
x
=
let
n
=
String
.
length
x
in
let
res
=
Buffer
.
create
n
in
for
i
=
0
to
n
-
1
do
let
c
=
x
.
[
i
]
in
if
c
<>
'
-
'
then
Buffer
.
add_char
res
c
;
done
;
Buffer
.
contents
res
let
uuid
=
match
!
uuid
with
|
None
->
Printf
.
eprintf
"UUID is missing!
\n
"
;
(* Setup group *)
module
G
=
Election
.
DefaultGroup
;;
assert
(
Election
.
check_finite_field
G
.
group
);;
(* Some helpers *)
let
digits
=
"123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"
let
token_length
=
14
let
n58
=
Z
.
of_int
58
let
n53
=
Z
.
of_int
53
let
public_key_of_token
uuid
x
=
let
open
Cryptokit
in
let
salt
=
transform_string
(
Hexa
.
decode
()
)
uuid
in
let
hex
=
pbkdf2
~
prf
:
MAC
.
hmac_sha256
~
iterations
:
1000
~
size
:
1
~
salt
x
|>
transform_string
(
Hexa
.
encode
()
)
in
let
x
=
Z
.(
of_string_base
16
hex
mod
G
.
q
)
in
let
y
=
G
.(
g
**~
x
)
in
Z
.
to_string
y
(* Argument parsing *)
let
dir
=
ref
(
Sys
.
getcwd
()
)
let
uuid
=
ref
None
let
count
=
ref
None
let
file
=
ref
None
let
derive
=
ref
None
let
speclist
=
Arg
.([
"--dir"
,
String
(
fun
s
->
dir
:=
s
)
,
"directory where output will be written"
;
"--uuid"
,
String
(
fun
s
->
uuid
:=
Some
s
)
,
"UUID of the election"
;
"--count"
,
Int
(
fun
i
->
count
:=
Some
i
)
,
"number of credentials to generate"
;
"--file"
,
String
(
fun
s
->
file
:=
Some
s
)
,
"file with list of identities"
;
"--derive"
,
String
(
fun
s
->
derive
:=
Some
s
)
,
"derive public credential from given private one"
;
])
let
usage_msg
=
Printf
.
sprintf
"Usage: %s credgen [--dir <dir>] --uuid <uuid> {--count <n> | --file <file> | --derive <privcred>}"
Sys
.
argv
.
(
0
)
let
anon_fun
x
=
Printf
.
eprintf
"I do not know what to do with %s!
\n
"
x
;
exit
1
|
Some
u
->
match
Uuidm
.
of_string
u
with
|
Some
_
->
remove_dashes
u
|
None
->
Printf
.
eprintf
"UUID is invalid!
\n
"
;
exit
1
let
count
,
ids
=
match
!
count
,
!
file
,
!
derive
with
|
Some
i
,
None
,
None
->
if
i
<
1
then
(
Printf
.
eprintf
"You must generate at least one credential!
\n
"
;
exit
1
);
i
,
None
|
None
,
Some
f
,
None
->
let
ic
=
open_in
f
in
let
rec
loop
accu
=
match
(
try
Some
(
input_line
ic
)
with
End_of_file
->
None
)
with
|
Some
""
->
loop
accu
|
Some
x
->
loop
(
x
::
accu
)
|
None
->
List
.
rev
accu
in
let
res
=
loop
[]
in
close_in
ic
;
List
.
length
res
,
Some
res
|
None
,
None
,
Some
d
->
print_endline
(
public_key_of_token
uuid
d
);
exit
0
|
None
,
None
,
None
->
Printf
.
eprintf
"Nothing to do: use --count, --file or --derive!
\n
"
;
exit
1
|
_
,
_
,
_
->
Printf
.
eprintf
"Conflicting options!
\n
"
;
let
()
=
Arg
.
parse
speclist
anon_fun
usage_msg
let
remove_dashes
x
=
let
n
=
String
.
length
x
in
let
res
=
Buffer
.
create
n
in
for
i
=
0
to
n
-
1
do
let
c
=
x
.
[
i
]
in
if
c
<>
'
-
'
then
Buffer
.
add_char
res
c
;
done
;
Buffer
.
contents
res
let
uuid
=
match
!
uuid
with
|
None
->
Printf
.
eprintf
"UUID is missing!
\n
"
;
exit
1
;;
(* The generation itself, if requested *)
let
prng
=
Cryptokit
.
Random
.(
pseudo_rng
(
string
secure_rng
16
))
let
random_char
()
=
int_of_char
(
Cryptokit
.
Random
.
string
prng
1
)
.
[
0
]
let
generate_raw_token
()
=
let
res
=
String
.
create
token_length
in
let
rec
loop
i
accu
=
if
i
<
token_length
then
(
let
digit
=
random_char
()
mod
58
in
res
.
[
i
]
<-
digits
.
[
digit
];
loop
(
i
+
1
)
Z
.(
n58
*
accu
+
of_int
digit
)
)
else
(
res
,
accu
)
in
loop
0
Z
.
zero
let
generate_token
()
=
let
(
raw
,
value
)
=
generate_raw_token
()
in
let
checksum
=
53
-
Z
.(
to_int
(
value
mod
n53
))
in
raw
^
String
.
make
1
digits
.
[
checksum
]
let
private_credentials
=
let
rec
loop
i
accu
=
if
i
>
0
then
loop
(
i
-
1
)
(
generate_token
()
::
accu
)
else
accu
in
loop
count
[]
let
public_credentials
=
List
.
map
(
public_key_of_token
uuid
)
private_credentials
let
hashed_credentials
=
option_map
(
fun
ids
->
List
.
map2
(
fun
id
cred
->
Printf
.
sprintf
"%s %s"
(
sha256_hex
cred
)
id
)
ids
public_credentials
)
ids
(* Save to files *)
let
timestamp
=
Printf
.
sprintf
"%.0f"
(
Unix
.
time
()
)
let
pub
=
"public credentials"
,
timestamp
^
".public"
,
0o444
,
List
.
sort
compare
public_credentials
let
priv
=
let
kind
,
creds
=
match
ids
with
|
None
->
"private credentials"
,
private_credentials
|
Some
ids
->
"private credentials with ids"
,
List
.
map2
(
fun
id
cred
->
Printf
.
sprintf
"%s %s"
cred
id
)
ids
private_credentials
in
kind
,
timestamp
^
".private"
,
0o400
,
List
.
sort
compare
creds
let
hashed
=
option_map
(
fun
h
->
"hashed credentials with ids"
,
timestamp
^
".hashed"
,
0o400
,
List
.
sort
compare
h
)
hashed_credentials
let
output_endline
oc
x
=
output_string
oc
x
;
output_char
oc
'\n'
let
save
(
kind
,
filename
,
perm
,
thing
)
=
let
full_filename
=
Filename
.
concat
!
dir
filename
in
let
oc
=
open_out_gen
[
Open_wronly
;
Open_creat
;
Open_excl
]
perm
full_filename
in
List
.
iter
(
output_endline
oc
)
thing
;
close_out
oc
;
Printf
.
printf
"%d %s saved to %s
\n
%!"
count
kind
full_filename
;;
save
pub
;;
save
priv
;;
ignore
(
option_map
save
hashed
);;
|
Some
u
->
match
Uuidm
.
of_string
u
with
|
Some
_
->
remove_dashes
u
|
None
->
Printf
.
eprintf
"UUID is invalid!
\n
"
;
exit
1
let
count
,
ids
=
match
!
count
,
!
file
,
!
derive
with
|
Some
i
,
None
,
None
->
if
i
<
1
then
(
Printf
.
eprintf
"You must generate at least one credential!
\n
"
;
exit
1
);
i
,
None
|
None
,
Some
f
,
None
->
let
ic
=
open_in
f
in
let
rec
loop
accu
=
match
(
try
Some
(
input_line
ic
)
with
End_of_file
->
None
)
with
|
Some
""
->
loop
accu
|
Some
x
->
loop
(
x
::
accu
)
|
None
->
List
.
rev
accu
in
let
res
=
loop
[]
in
close_in
ic
;
List
.
length
res
,
Some
res
|
None
,
None
,
Some
d
->
print_endline
(
public_key_of_token
uuid
d
);
exit
0
|
None
,
None
,
None
->
Printf
.
eprintf
"Nothing to do: use --count, --file or --derive!
\n
"
;
exit
1
|
_
,
_
,
_
->
Printf
.
eprintf
"Conflicting options!
\n
"
;
exit
1
;;
(* The generation itself, if requested *)
let
prng
=
Cryptokit
.
Random
.(
pseudo_rng
(
string
secure_rng
16
))
let
random_char
()
=
int_of_char
(
Cryptokit
.
Random
.
string
prng
1
)
.
[
0
]
let
generate_raw_token
()
=
let
res
=
String
.
create
token_length
in
let
rec
loop
i
accu
=
if
i
<
token_length
then
(
let
digit
=
random_char
()
mod
58
in
res
.
[
i
]
<-
digits
.
[
digit
];
loop
(
i
+
1
)
Z
.(
n58
*
accu
+
of_int
digit
)
)
else
(
res
,
accu
)
in
loop
0
Z
.
zero
let
generate_token
()
=
let
(
raw
,
value
)
=
generate_raw_token
()
in
let
checksum
=
53
-
Z
.(
to_int
(
value
mod
n53
))
in
raw
^
String
.
make
1
digits
.
[
checksum
]
let
private_credentials
=
let
rec
loop
i
accu
=
if
i
>
0
then
loop
(
i
-
1
)
(
generate_token
()
::
accu
)
else
accu
in
loop
count
[]
let
public_credentials
=
List
.
map
(
public_key_of_token
uuid
)
private_credentials
let
hashed_credentials
=
option_map
(
fun
ids
->
List
.
map2
(
fun
id
cred
->
Printf
.
sprintf
"%s %s"
(
sha256_hex
cred
)
id
)
ids
public_credentials
)
ids
(* Save to files *)
let
timestamp
=
Printf
.
sprintf
"%.0f"
(
Unix
.
time
()
)
let
pub
=
"public credentials"
,
timestamp
^
".public"
,
0o444
,
List
.
sort
compare
public_credentials
let
priv
=
let
kind
,
creds
=
match
ids
with
|
None
->
"private credentials"
,
private_credentials
|
Some
ids
->
"private credentials with ids"
,
List
.
map2
(
fun
id
cred
->
Printf
.
sprintf
"%s %s"
cred
id
)
ids
private_credentials
in
kind
,
timestamp
^
".private"
,
0o400
,
List
.
sort
compare
creds
let
hashed
=
option_map
(
fun
h
->
"hashed credentials with ids"
,
timestamp
^
".hashed"
,
0o400
,
List
.
sort
compare
h
)
hashed_credentials
let
output_endline
oc
x
=
output_string
oc
x
;
output_char
oc
'\n'
let
save
(
kind
,
filename
,
perm
,
thing
)
=
let
full_filename
=
Filename
.
concat
!
dir
filename
in
let
oc
=
open_out_gen
[
Open_wronly
;
Open_creat
;
Open_excl
]
perm
full_filename
in
List
.
iter
(
output_endline
oc
)
thing
;
close_out
oc
;
Printf
.
printf
"%d %s saved to %s
\n
%!"
count
kind
full_filename
;;
save
pub
;;
save
priv
;;
ignore
(
option_map
save
hashed
);;
end
...
...
src/bin/tkeygen.ml
View file @
6ea9a10d
...
...
@@ -24,54 +24,54 @@ open Serializable_t
module
RunTrusteeKeygen
(
X
:
sig
end
)
=
struct
(* Setup group *)
module
G
=
Election
.
DefaultGroup
;;
assert
(
Election
.
check_finite_field
G
.
group
);;
module
M
=
Election
.
MakeSimpleMonad
(
G
);;
(* Generate key *)
module
KG
=
Election
.
MakeSimpleDistKeyGen
(
G
)(
M
);;
let
private_key
,
public_key
=
KG
.
generate_and_prove
()
()
;;
assert
(
KG
.
check
public_key
);;
(* Save to file *)
let
id
=
String
.
sub
(
sha256_hex
(
Z
.
to_string
public_key
.
trustee_public_key
))
0
8
|>
String
.
uppercase
;;
Printf
.
printf
"Keypair %s has been generated
\n
%!"
id
;;
let
pubkey
=
"public"
,
id
^
".public"
,
0o444
,
public_key
,
Serializable_j
.
write_trustee_public_key
Serializable_builtin_j
.
write_number
let
privkey
=
"private"
,
id
^
".private"
,
0o400
,
private_key
,
Serializable_builtin_j
.
write_number
let
save
(
kind
,
filename
,
perm
,
thing
,
writer
)
=
let
oc
=
open_out_gen
[
Open_wronly
;
Open_creat
]
perm
filename
in
let
ob
=
Bi_outbuf
.
create_channel_writer
oc
in
writer
ob
thing
;
Bi_outbuf
.
flush_channel_writer
ob
;
close_out
oc
;
Printf
.
printf
"%s key saved to %s
\n
%!"
(
String
.
capitalize
kind
)
filename
;
(* set permissions in the unlikely case where the file already existed *)
Unix
.
chmod
filename
perm
;;
save
pubkey
;;
save
privkey
;;
(* Setup group *)
module
G
=
Election
.
DefaultGroup
;;
assert
(
Election
.
check_finite_field
G
.
group
);;
module
M
=
Election
.
MakeSimpleMonad
(
G
);;
(* Generate key *)
module
KG
=
Election
.
MakeSimpleDistKeyGen
(
G
)(
M
);;
let
private_key
,
public_key
=
KG
.
generate_and_prove
()
()
;;
assert
(
KG
.
check
public_key
);;
(* Save to file *)
let
id
=
String
.
sub
(
sha256_hex
(
Z
.
to_string
public_key
.
trustee_public_key
))
0
8
|>
String
.
uppercase
;;
Printf
.
printf
"Keypair %s has been generated
\n
%!"
id
;;
let
pubkey
=
"public"
,
id
^
".public"
,
0o444
,
public_key
,
Serializable_j
.
write_trustee_public_key
Serializable_builtin_j
.
write_number
let
privkey
=
"private"
,
id
^
".private"
,
0o400
,
private_key
,
Serializable_builtin_j
.
write_number
let
save
(
kind
,
filename
,
perm
,
thing
,
writer
)
=
let
oc
=
open_out_gen
[
Open_wronly
;
Open_creat
]
perm
filename
in
let
ob
=
Bi_outbuf
.
create_channel_writer
oc
in
writer
ob
thing
;
Bi_outbuf
.
flush_channel_writer
ob
;
close_out
oc
;
Printf
.
printf
"%s key saved to %s
\n
%!"
(
String
.
capitalize
kind
)
filename
;
(* set permissions in the unlikely case where the file already existed *)
Unix
.
chmod
filename
perm
;;
save
pubkey
;;
save
privkey
;;
end
...
...
src/bin/tool.ml
View file @
6ea9a10d
...
...
@@ -62,189 +62,189 @@ end
module
GetParams
(
X
:
sig
end
)
:
PARAMS
=
struct
(* Command-line arguments *)
(* Command-line arguments *)
let
dir
=
ref
(
Sys
.
getcwd
()
)
let
sk_file
=
ref
None
let
dir
=
ref
(
Sys
.
getcwd
()
)
let
sk_file
=
ref
None
let
speclist
=
Arg
.([
"--dir"
,
String
(
fun
s
->
dir
:=
s
)
,
"chdir to that directory first"
;
"--decrypt"
,
String
(
fun
s
->
sk_file
:=
Some
s
)
,
"do partial decryption"
;
])
let
speclist
=
Arg
.([
"--dir"
,
String
(
fun
s
->
dir
:=
s
)
,
"chdir to that directory first"
;
"--decrypt"
,
String
(
fun
s
->
sk_file
:=
Some
s
)
,
"do partial decryption"
;
])
let
usage_msg
=
Printf
.
sprintf
"Usage: %s election [--dir <dir>] [--decrypt <privkey>]"
Sys
.
argv
.
(
0
)
let
usage_msg
=
Printf
.
sprintf
"Usage: %s election [--dir <dir>] [--decrypt <privkey>]"
Sys
.
argv
.
(
0
)
let
anon_fun
x
=
Printf
.
eprintf
"I do not know what to do with %s!
\n
"
x
;
exit
1
let
anon_fun
x
=
Printf
.
eprintf
"I do not know what to do with %s!
\n
"
x
;
exit
1
let
()
=
Arg
.
parse
speclist
anon_fun
usage_msg
let
()
=
Arg
.
parse
speclist
anon_fun
usage_msg
let
()
=
Sys
.
chdir
!
dir
let
()
=
Sys
.
chdir
!
dir
(* Load and check election *)
(* Load and check election *)
let
params
,
election_fingerprint
=
match
(
load_from_file
(
fun
l
->
Serializable_j
.(
params_of_string
read_ff_pubkey
l
)
,
sha256_b64
l
)
"election.json"
)
with
|
Some
[
e
]
->
e
|
_
->
failwith
"invalid election file"
let
params
,
election_fingerprint
=
match
(
load_from_file
(
fun
l
->
Serializable_j
.(
params_of_string
read_ff_pubkey
l
)
,
sha256_b64
l
)
"election.json"
)
with
|
Some
[
e
]
->
e
|
_
->
failwith
"invalid election file"
let
{
ffpk_g
=
g
;
ffpk_p
=
p
;
ffpk_q
=
q
;
ffpk_y
=
y
}
=
params
.
e_public_key
let
group
=
{
g
;
p
;
q
}
let
()
=
assert
(
Election
.
check_finite_field
group
)
let
{
ffpk_g
=
g
;
ffpk_p
=
p
;
ffpk_q
=
q
;
ffpk_y
=
y
}
=
params
.
e_public_key
let
group
=
{
g
;
p
;
q
}
let
()
=
assert
(
Election
.
check_finite_field
group
)
end
end
module
RunTool
(
G
:
Election
.
FF_GROUP
)
(
P
:
PARAMS
)
=
struct
module
RunTool
(
G
:
Election
.
FF_GROUP
)
(
P
:
PARAMS
)
=
struct
open
P
module
M
=
Election
.
MakeSimpleMonad
(
G
)
module
E
=
Election
.
MakeElection
(
G
)(
M
);;
open
P
module
M
=
Election
.
MakeSimpleMonad
(
G
)
module
E
=
Election
.
MakeElection
(
G
)(
M
);;
(* Load and check trustee keys, if present *)
(* Load and check trustee keys, if present *)
module
KG
=
Election
.
MakeSimpleDistKeyGen
(
G
)(
M
);;
module
KG
=
Election
.
MakeSimpleDistKeyGen
(
G
)(
M
);;
let
public_keys_with_pok
=
load_from_file
(
Serializable_j
.
trustee_public_key_of_string
read_number
)
"public_keys.jsons"
|>
option_map
Array
.
of_list
let
public_keys_with_pok
=
load_from_file
(
Serializable_j
.
trustee_public_key_of_string
read_number
)
"public_keys.jsons"
|>
option_map
Array
.
of_list
let
()
=
match
public_keys_with_pok
with
|
Some
pks
->
assert
(
Array
.
forall
KG
.
check
pks
);
let
y'
=
KG
.
combine
pks
in
assert
(
P
.
y
=%
y'
)
|
None
->
()
let
()
=
match
public_keys_with_pok
with
|
Some
pks
->
assert
(
Array
.
forall
KG
.
check
pks
);
let
y'
=
KG
.
combine
pks
in
assert
(
P
.
y
=%
y'
)
|
None
->
()
let
public_keys
=
option_map
(
Array
.
map
(
fun
pk
->
pk
.
trustee_public_key
)
)
public_keys_with_pok
let
public_keys
=
option_map
(
Array
.
map
(
fun
pk
->
pk
.
trustee_public_key
)
)
public_keys_with_pok
(* Finish setting up the election *)
(* Finish setting up the election *)
let
metadata
=
match
(
load_from_file
Serializable_j
.
metadata_of_string
"metadata.json"
)
with
|
Some
[
m
]
->
Some
m
|
Some
_
->
failwith
"invalid metadata.json"
|
None
->
None
let
metadata
=
match
(
load_from_file
Serializable_j
.
metadata_of_string
"metadata.json"
)
with
|
Some
[
m
]
->
Some
m
|
Some
_
->
failwith
"invalid metadata.json"
|
None
->
None
let
pks
=
match
public_keys
with
|
Some
pks
->
pks
|
None
->
failwith
"missing public keys"
let
pks
=
match
public_keys
with
|
Some
pks
->
pks
|
None
->
failwith
"missing public keys"
let
e
=
{
e_params
=
{
params
with
e_public_key
=
P
.
y
};
e_meta
=
metadata
;
e_pks
=
Some
pks
;
e_fingerprint
=
election_fingerprint
;
}
let
e
=
{
e_params
=
{
params
with
e_public_key
=
P
.
y
};
e_meta
=
metadata
;
e_pks
=
Some
pks
;