Clean up ballot structure

* remove unneeded commitments * s/commitment/public_key/g in signature

Clean up ballot structure
* remove unneeded commitments * s/commitment/public_key/g in signature
7619631b · Stephane Glondu · 53484110 · 7619631b · 7619631b · 7619631b
Commit 7619631b authored Jul 26, 2013 by Stephane Glondu
--- a/media/booth/js/jscrypto/elgamal.js
+++ b/media/booth/js/jscrypto/elgamal.js
@@ -140,7 +140,7 @@ ElGamal.SecretKey = Class.extend({
    // compute response = w +  x * challenge
    var response = w.add(this.x.multiply(challenge)).mod(this.pk.q);
    
-    return new ElGamal.DLogProof(s, challenge, response);
+    return new ElGamal.DLogProof(challenge, response);
  }
 });

@@ -310,33 +310,37 @@ ElGamal.Plaintext = Class.extend({

 ElGamal.Proof = Class.extend({
  init: function(A, B, challenge, response) {
-    this.commitment = {};
-    this.commitment.A = A;
-    this.commitment.B = B;
+    if (A && B) {
+      this.commitment = {};
+      this.commitment.A = A;
+      this.commitment.B = B;
+    }
    this.challenge = challenge;
    this.response = response;
  },
  
  toString: function() {
-    return this.commitment.A.toString() + ","
-          + this.commitment.B.toString() + ","
-          + this.challenge.toString() + ","
+    return this.challenge.toString() + ","
          + this.response.toString()
  },

  toJSONObject: function() {
    return {
      challenge : this.challenge.toJSONObject(),
-      commitment : {A: this.commitment.A.toJSONObject(), B: this.commitment.B.toJSONObject()},
      response : this.response.toJSONObject()
    }
  }
 });

 ElGamal.Proof.fromJSONObject = function(d) {
+  var A, B;
+  if (d.commitment) {
+    A = BigInt.fromJSONObject(d.commitment.A);
+    B = BigInt.fromJSONObject(d.commitment.B);
+  }
  return new ElGamal.Proof(
-    BigInt.fromJSONObject(d.commitment.A),
-    BigInt.fromJSONObject(d.commitment.B),
+    A,
+    B,
    BigInt.fromJSONObject(d.challenge),
    BigInt.fromJSONObject(d.response));
 };
@@ -354,6 +358,7 @@ ElGamal.Proof.generate = function(little_g, little_h, x, p, q, challenge_generat
  var proof = new ElGamal.Proof();
  
  // compute A=little_g^w, B=little_h^w
+  proof.commitment = {}
  proof.commitment.A = little_g.modPow(w, p);
  proof.commitment.B = little_h.modPow(w, p);
  
@@ -431,19 +436,24 @@ ElGamal.encrypt = function(pk, plaintext, r) {
 // DLog Proof
 //
 ElGamal.DLogProof = Class.extend({
-  init: function(commitment, challenge, response) {
-    this.commitment = commitment;
+  init: function(challenge, response) {
    this.challenge = challenge;
    this.response = response;
  },
  
  toJSONObject: function() {
-    return {'challenge' : this.challenge.toJSONObject(), 'commitment': this.commitment.toJSONObject(), 'response': this.response.toJSONObject()};
+    var res = {'challenge' : this.challenge.toJSONObject(), 'response': this.response.toJSONObject()};
+    if (this.public_key) res.public_key = this.public_key.toJSONObject();
+    return res;
  }
 });

 ElGamal.DLogProof.fromJSONObject = function(d) {
-  return new ElGamal.DLogProof(BigInt.fromJSONObject(d.commitment || d.s), BigInt.fromJSONObject(d.challenge), BigInt.fromJSONObject(d.response));
+  var res = new ElGamal.DLogProof(BigInt.fromJSONObject(d.challenge), BigInt.fromJSONObject(d.response));
+  if (d.public_key) {
+      res.public_key = BigInt.fromJSONObject(d.public_key);
+  }
+  return res;
 };

 // a challenge generator based on a list of commitments of

--- a/media/booth/js/jscrypto/heliosc-booth.js
+++ b/media/booth/js/jscrypto/heliosc-booth.js
@@ -77,8 +77,7 @@ HELIOS.EncryptedVote.prototype.doSignature = function(cred) {
    // in case mod doesn't support negative numbers as expected
    var response = pk.q.subtract(cred.x.multiply(challenge).mod(pk.q));
    response = response.add(w).mod(pk.q);
-    // hugly hijack of the DLogProof datatype... note: here, we
-    // give public credential instead of commitment, which can be computed
-    // from public credential, challenge and response
-    this.signature = new ElGamal.DLogProof(cred.y, challenge, response);
+    // hugly hijack of the DLogProof datatype...
+    this.signature = new ElGamal.DLogProof(challenge, response);
+    this.signature.public_key = cred.y;
 }
--- a/src/bin/election-tool.ml
+++ b/src/bin/election-tool.ml
@@ -134,7 +134,7 @@ let check_signature_present =
  match public_creds with
  | Some creds -> (fun b ->
    match b.signature with
-    | Some s -> ZSet.mem s.s_commitment creds
+    | Some s -> ZSet.mem s.s_public_key creds
    | None -> false
  )
  | None -> (fun _ -> true)

--- a/src/lib/election.ml
+++ b/src/lib/election.ml
@@ -324,7 +324,7 @@ module MakeElection (P : ELECTION_PARAMS) (M : RANDOM) = struct
    b.election_uuid = params.e_uuid &&
    b.election_hash = P.fingerprint &&
    let ok, zkp = match b.signature with
-      | Some {s_commitment = y; s_challenge; s_response} ->
+      | Some {s_public_key = y; s_challenge; s_response} ->
        let ok =
          check_modulo q s_challenge &&
          check_modulo q s_response &&

--- a/src/lib/serializable.atd
+++ b/src/lib/serializable.atd
@@ -68,7 +68,7 @@ proof that the total weight is within bounds.">

 (* FIXME: merge this with trustee_public_key *)
 type 'a signature = {
-  commitment : 'a; (* FIXME: this is actually a public key *)
+  public_key : 'a;
  challenge : number;
  response : number;
 } <ocaml field_prefix="s_">

--- a/src/web/web_common.ml
+++ b/src/web/web_common.ml
@@ -206,7 +206,7 @@ module MakeBallotBox (P : Signatures.ELECTION_PARAMS) (E : LWT_ELECTION) = struc
    in
    lwt credential =
      match ballot.signature with
-        | Some s -> Lwt.return (Z.to_string s.s_commitment)
+        | Some s -> Lwt.return (Z.to_string s.s_public_key)
        | None -> fail MissingCredential
    in
    lwt old_cred =