Commit 7619631b authored by Stephane Glondu's avatar Stephane Glondu
Browse files

Clean up ballot structure

 * remove unneeded commitments
 * s/commitment/public_key/g in signature
parent 53484110
......@@ -140,7 +140,7 @@ ElGamal.SecretKey = Class.extend({
// compute response = w + x * challenge
var response = w.add(this.x.multiply(challenge)).mod(this.pk.q);
return new ElGamal.DLogProof(s, challenge, response);
return new ElGamal.DLogProof(challenge, response);
}
});
......@@ -310,33 +310,37 @@ ElGamal.Plaintext = Class.extend({
ElGamal.Proof = Class.extend({
init: function(A, B, challenge, response) {
if (A && B) {
this.commitment = {};
this.commitment.A = A;
this.commitment.B = B;
}
this.challenge = challenge;
this.response = response;
},
toString: function() {
return this.commitment.A.toString() + ","
+ this.commitment.B.toString() + ","
+ this.challenge.toString() + ","
return this.challenge.toString() + ","
+ this.response.toString()
},
toJSONObject: function() {
return {
challenge : this.challenge.toJSONObject(),
commitment : {A: this.commitment.A.toJSONObject(), B: this.commitment.B.toJSONObject()},
response : this.response.toJSONObject()
}
}
});
ElGamal.Proof.fromJSONObject = function(d) {
var A, B;
if (d.commitment) {
A = BigInt.fromJSONObject(d.commitment.A);
B = BigInt.fromJSONObject(d.commitment.B);
}
return new ElGamal.Proof(
BigInt.fromJSONObject(d.commitment.A),
BigInt.fromJSONObject(d.commitment.B),
A,
B,
BigInt.fromJSONObject(d.challenge),
BigInt.fromJSONObject(d.response));
};
......@@ -354,6 +358,7 @@ ElGamal.Proof.generate = function(little_g, little_h, x, p, q, challenge_generat
var proof = new ElGamal.Proof();
// compute A=little_g^w, B=little_h^w
proof.commitment = {}
proof.commitment.A = little_g.modPow(w, p);
proof.commitment.B = little_h.modPow(w, p);
......@@ -431,19 +436,24 @@ ElGamal.encrypt = function(pk, plaintext, r) {
// DLog Proof
//
ElGamal.DLogProof = Class.extend({
init: function(commitment, challenge, response) {
this.commitment = commitment;
init: function(challenge, response) {
this.challenge = challenge;
this.response = response;
},
toJSONObject: function() {
return {'challenge' : this.challenge.toJSONObject(), 'commitment': this.commitment.toJSONObject(), 'response': this.response.toJSONObject()};
var res = {'challenge' : this.challenge.toJSONObject(), 'response': this.response.toJSONObject()};
if (this.public_key) res.public_key = this.public_key.toJSONObject();
return res;
}
});
ElGamal.DLogProof.fromJSONObject = function(d) {
return new ElGamal.DLogProof(BigInt.fromJSONObject(d.commitment || d.s), BigInt.fromJSONObject(d.challenge), BigInt.fromJSONObject(d.response));
var res = new ElGamal.DLogProof(BigInt.fromJSONObject(d.challenge), BigInt.fromJSONObject(d.response));
if (d.public_key) {
res.public_key = BigInt.fromJSONObject(d.public_key);
}
return res;
};
// a challenge generator based on a list of commitments of
......
......@@ -77,8 +77,7 @@ HELIOS.EncryptedVote.prototype.doSignature = function(cred) {
// in case mod doesn't support negative numbers as expected
var response = pk.q.subtract(cred.x.multiply(challenge).mod(pk.q));
response = response.add(w).mod(pk.q);
// hugly hijack of the DLogProof datatype... note: here, we
// give public credential instead of commitment, which can be computed
// from public credential, challenge and response
this.signature = new ElGamal.DLogProof(cred.y, challenge, response);
// hugly hijack of the DLogProof datatype...
this.signature = new ElGamal.DLogProof(challenge, response);
this.signature.public_key = cred.y;
}
......@@ -134,7 +134,7 @@ let check_signature_present =
match public_creds with
| Some creds -> (fun b ->
match b.signature with
| Some s -> ZSet.mem s.s_commitment creds
| Some s -> ZSet.mem s.s_public_key creds
| None -> false
)
| None -> (fun _ -> true)
......
......@@ -324,7 +324,7 @@ module MakeElection (P : ELECTION_PARAMS) (M : RANDOM) = struct
b.election_uuid = params.e_uuid &&
b.election_hash = P.fingerprint &&
let ok, zkp = match b.signature with
| Some {s_commitment = y; s_challenge; s_response} ->
| Some {s_public_key = y; s_challenge; s_response} ->
let ok =
check_modulo q s_challenge &&
check_modulo q s_response &&
......
......@@ -68,7 +68,7 @@ proof that the total weight is within bounds.">
(* FIXME: merge this with trustee_public_key *)
type 'a signature = {
commitment : 'a; (* FIXME: this is actually a public key *)
public_key : 'a;
challenge : number;
response : number;
} <ocaml field_prefix="s_">
......
......@@ -206,7 +206,7 @@ module MakeBallotBox (P : Signatures.ELECTION_PARAMS) (E : LWT_ELECTION) = struc
in
lwt credential =
match ballot.signature with
| Some s -> Lwt.return (Z.to_string s.s_commitment)
| Some s -> Lwt.return (Z.to_string s.s_public_key)
| None -> fail MissingCredential
in
lwt old_cred =
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment