Commit f366ac80 authored by Stephane Glondu's avatar Stephane Glondu

Split generate_and_prove

parent 3a4dca8a
......@@ -47,12 +47,13 @@ module MakeSimpleDistKeyGen (G : GROUP) (M : RANDOM) = struct
let response = Z.((w + x * challenge) mod q) in
return {challenge; response}
let generate_and_prove () =
random q >>= fun x ->
let generate () = random q
let prove x =
let trustee_public_key = g **~ x in
let zkp = "pok|" ^ G.to_string trustee_public_key ^ "|" in
fs_prove [| g |] x (G.hash zkp) >>= fun trustee_pok ->
return (x, {trustee_pok; trustee_public_key})
return {trustee_pok; trustee_public_key}
let check {trustee_pok; trustee_public_key = y} =
G.check y &&
......
......@@ -30,11 +30,12 @@ module MakeSimpleDistKeyGen (G : GROUP) (M : RANDOM) : sig
shares are needed to decrypt, but the decryptions can be done in
a distributed fashion. *)
val generate_and_prove :
unit -> (Z.t * G.t trustee_public_key) M.t
(** [generate_and_prove ()] returns a new keypair [(x, y)]. [x] is
the secret exponent, [y] contains the public key and a
zero-knowledge proof of knowledge of [x]. *)
val generate : unit -> Z.t M.t
(** [generate ()] generates a new private key. *)
val prove : Z.t -> G.t trustee_public_key M.t
(** [prove x] returns the public key associated to [x] and a zero-
knowledge proof of its knowledge. *)
val check : G.t trustee_public_key -> bool
(** Check a public key and its proof. *)
......
......@@ -58,7 +58,8 @@ module Make (P : PARSED_PARAMS) : S = struct
type keypair = { id : string; priv : string; pub : string }
let trustee_keygen () =
let private_key, public_key = KG.generate_and_prove () () in
let private_key = KG.generate () () in
let public_key = KG.prove private_key () in
assert (KG.check public_key);
let id = String.sub
(sha256_hex (G.to_string public_key.trustee_public_key))
......
......@@ -110,7 +110,8 @@ let finalize_election uuid se =
let%lwt trustees, public_keys, private_key =
match se.se_public_keys with
| [] ->
let%lwt private_key, public_key = KG.generate_and_prove () in
let%lwt private_key = KG.generate () in
let%lwt public_key = KG.prove private_key in
return (None, [public_key], Some private_key)
| _ :: _ ->
return (
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment