Documentation ¶
Overview ¶
Copyright IBM Corp. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0
Copyright IBM Corp. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BlindSignRequest ¶
type BlindSignRequest struct { // Pedersen commitment of a vector of messages Commitment *math.G1 // Elgamal encryption of the committed messages Ciphertexts []*elgamal.Ciphertext // Proof of correctness of encryption and commitment Proof *EncProof // One-time Elgamal public key picked by the recipient EncPK *elgamal.PublicKey }
BlindSignRequest is what the recipient send to the Pointcheval-Sanders signer to obtain the blind signature
type BlindSignResponse ¶
type BlindSignResponse struct { // hash used in the Pointcheval-Sanders signature Hash *math.Zr // this encrypts the Pointcheval-Sanders signature Ciphertext *elgamal.Ciphertext }
BlindSignResponse is the response of the BlindSigner to a blind signature request
type BlindSigner ¶
type BlindSigner struct { // Signer is a Pointcheval-Sanders signer *Signer // PedersenParameters is the generators used to commit to the vector // of messages to be signed PedersenParameters []*math.G1 }
BlindSigner produces Pointcheval-Sanders blind signatures
func NewBlindSigner ¶
func NewBlindSigner(SK []*math.Zr, PK []*math.G2, Q *math.G2, pp []*math.G1, curve *math.Curve) *BlindSigner
NewBlindSigner returns a Pointcheval-Sanders BlindSigner as a function of the passed arguments
func (*BlindSigner) BlindSign ¶
func (s *BlindSigner) BlindSign(request *BlindSignRequest) (*BlindSignResponse, error)
BlindSign takes as input a BlindSignRequest and returns the corresponding BlindSignResponse, if the request is valid. Else, BlindSign returns an error
type EncProof ¶
type EncProof struct { // ZKP of knowledge of committed/encrypted messages Messages []*math.Zr // ZKP of knowledge of randomness used in the encryption EncRandomness []*math.Zr // ZKP of knowledge of the randomness (blinding factor) used in the commitment ComBlindingFactor *math.Zr // ZKP challenge Challenge *math.Zr }
EncProof is a zero-knowledge proof of correct encryption of committed messages It consists of zero-knowledge proofs of knowledge of messages that open a commitment and proofs of correct encryption of the same messages under a known Elgamal public key
type EncProofCommitments ¶
EncProofCommitments contains the commitments to EncProof randomness For a statement (x1, ..., x_n): y = \prod_{i=1}^n g_i^x_i, one computes s = \prod_{i=1}^n g_i^r_i as the commitment to randomness (r_1, ..., r_n)
type Recipient ¶
type Recipient struct { *SignVerifier // Elgamal encryption secret key // This is used to decrypt the blind signature EncSK *elgamal.SecretKey // encWitness coresponds to the message and the randomness used to // encrypt the blind signature request Witness *encWitness // Elliptic curve Curve *math.Curve // contains filtered or unexported fields }
Recipient requests a Pointcheval-Sanders blind signature Recipient would like to obtain a Pointcheval-Sanders signature on a committed vector of messages
func NewRecipient ¶
func NewRecipient(messages []*math.Zr, blindingfactor *math.Zr, com *math.G1, sk *math.Zr, gen, pk *math.G1, pp []*math.G1, PK []*math.G2, Q *math.G2, curve *math.Curve) *Recipient
NewRecipient returns a Recipient that would like to obtain a Pointcheval-Sanders blind signature on the passed messages
func (*Recipient) GenerateBlindSignRequest ¶
func (r *Recipient) GenerateBlindSignRequest() (*BlindSignRequest, error)
GenerateBlindSignRequest returns a blind Pointcheval-Sanders signature request
func (*Recipient) VerifyResponse ¶
func (r *Recipient) VerifyResponse(response *BlindSignResponse) (*Signature, error)
VerifyResponse returns a Pointcheval-Sanders signature if the BlindSingResponse is valid. Else, it returns error.
type SignVerifier ¶
SignVerifier checks the validity of a Pointcheval-Sanders signature
func NewVerifier ¶
NewVerifier returns a SignVerifier as a function of an array of public kets
func (*SignVerifier) Randomize ¶
func (v *SignVerifier) Randomize(sig *Signature) error
Randomize randomizes a Pointcheval-Sanders signature
func (*SignVerifier) Verify ¶
func (v *SignVerifier) Verify(m []*math.Zr, sig *Signature) error
Verify takes a vector of messages and a signature, and validates it against SignVerifier Verify returns an error if the signature is invalid Verify checks if e(R, PK_0*\prod_{i=1}^n PK_i^{m_i}*PK_{n+1}^{m_{n+1}}) = e(S, Q)
type Signature ¶
Signature is a Pointcheval-Sanders signature
func (*Signature) Deserialize ¶
Deserialize unmarshals a Pointcheval-Sanders signature
type Signer ¶
type Signer struct { *SignVerifier SK []*math.Zr }
Signer produces a Pointcheval-Sanders signature
func NewSigner ¶
NewSigner returns a Signer as function of an array of secret keys and the corresponding array of public keys
func (*Signer) Deserialize ¶
Deserialize un-marshals Pointcheval-Sanders Signer
func (*Signer) KeyGen ¶
KeyGen instantiates Signer secret and public keys as a function of the length of the vector of messages to be signed KeyGen takes the length of vector of messages that Signer would like to sign