Skip to content

Commit

Permalink
Merge pull request #257 from dedis/reencrypt-cli2
Browse files Browse the repository at this point in the history
Reencrypt cli2
  • Loading branch information
jbsv authored Jul 19, 2023
2 parents 1fb4078 + 0f1fd03 commit f418006
Show file tree
Hide file tree
Showing 3 changed files with 53 additions and 36 deletions.
15 changes: 15 additions & 0 deletions dkg/pedersen/pedersen.go
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,21 @@ func (a *Actor) Setup(coAuth crypto.CollectiveAuthority, threshold int) (kyber.P
return nil, xerrors.Errorf("startRes is already done, only one setup call is allowed")
}

nbNodes := coAuth.Len()
if nbNodes == 0 {
return nil, xerrors.Errorf("number of nodes cannot be zero")
}

thresholdMin := 2
if nbNodes < 2 {
thresholdMin = 1
}

if threshold < thresholdMin || threshold > nbNodes {
return nil, xerrors.Errorf("DKG threshold (%d) needs to be between %d and %d",
threshold, thresholdMin, nbNodes)
}

ctx, cancel := context.WithTimeout(context.Background(), setupTimeout)
defer cancel()
ctx = context.WithValue(ctx, tracing.ProtocolKey, protocolNameSetup)
Expand Down
25 changes: 16 additions & 9 deletions dkg/pedersen/pedersen_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -37,33 +37,39 @@ func TestPedersen_Setup(t *testing.T) {
startRes: &state{},
}

fakeAuthority := fake.NewAuthority(1, fake.NewSigner)
fakeAuthority := fake.NewAuthority(0, fake.NewSigner)
_, err := actor.Setup(fakeAuthority, 1)
require.EqualError(t, err, "number of nodes cannot be zero")

_, err := actor.Setup(fakeAuthority, 0)
fakeAuthority = fake.NewAuthority(1, fake.NewSigner)
_, err = actor.Setup(fakeAuthority, 0)
require.ErrorContains(t, err, "DKG threshold (0) needs to be between")

_, err = actor.Setup(fakeAuthority, 1)
require.EqualError(t, err, fake.Err("failed to stream"))

rpc := fake.NewStreamRPC(fake.NewReceiver(), fake.NewBadSender())
actor.rpc = rpc

_, err = actor.Setup(fakeAuthority, 0)
_, err = actor.Setup(fakeAuthority, 1)
require.EqualError(t, err, "expected ed25519.PublicKey, got 'fake.PublicKey'")

fakeAuthority = fake.NewAuthority(2, ed25519.NewSigner)

_, err = actor.Setup(fakeAuthority, 1)
_, err = actor.Setup(fakeAuthority, 2)
require.EqualError(t, err, fake.Err("failed to send start"))

rpc = fake.NewStreamRPC(fake.NewBadReceiver(), fake.Sender{})
actor.rpc = rpc

_, err = actor.Setup(fakeAuthority, 1)
_, err = actor.Setup(fakeAuthority, 2)
require.EqualError(t, err, fake.Err("got an error from '%!s(<nil>)' while receiving"))

recv := fake.NewReceiver(fake.NewRecvMsg(fake.NewAddress(0), nil))

actor.rpc = fake.NewStreamRPC(recv, fake.Sender{})

_, err = actor.Setup(fakeAuthority, 1)
_, err = actor.Setup(fakeAuthority, 2)
require.EqualError(t, err, "expected to receive a Done message, but go the following: <nil>")

rpc = fake.NewStreamRPC(fake.NewReceiver(
Expand All @@ -72,7 +78,7 @@ func TestPedersen_Setup(t *testing.T) {
), fake.Sender{})
actor.rpc = rpc

_, err = actor.Setup(fakeAuthority, 1)
_, err = actor.Setup(fakeAuthority, 2)
require.Error(t, err)
require.Regexp(t, "^the public keys does not match:", err)
}
Expand Down Expand Up @@ -482,9 +488,10 @@ func (s fakeSigner) GetPublicKey() crypto.PublicKey {

// decryptReencrypted helps to decrypt a reencrypted message.
func decryptReencrypted(Cs []kyber.Point, XhatEnc kyber.Point, dkgPk kyber.Point, Sk kyber.Scalar) (msg []byte, err error) {
dela.Logger.Debug().Msgf("DKG pubK:%v", dkgPk)

dela.Logger.Debug().Msgf("XhatEnc:%v", XhatEnc)
dela.Logger.Debug().Msgf("xc:%v", Sk)
dela.Logger.Debug().Msgf("DKG pubK:%v", dkgPk)
dela.Logger.Debug().Msgf("Sk:%v", Sk)

xcInv := suite.Scalar().Neg(Sk)
dela.Logger.Debug().Msgf("xcInv:%v", xcInv)
Expand Down
49 changes: 22 additions & 27 deletions dkg/pedersen/reencrypt.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ import (
"golang.org/x/xerrors"
)

type onChainSecret struct {
type reencryptStatus struct {
K kyber.Point // K is the random part of the encrypted secret
pubk kyber.Point // The client's public key

Expand All @@ -24,14 +24,6 @@ type onChainSecret struct {
Uis []*share.PubShare // re-encrypted shares
}

// newOCS creates a new on-chain secret structure.
func newOCS(K kyber.Point, pubk kyber.Point) *onChainSecret {
return &onChainSecret{
K: K,
pubk: pubk,
}
}

// Reencrypt implements dkg.Actor.
func (a *Actor) Reencrypt(K kyber.Point, pubk kyber.Point) (XhatEnc kyber.Point, err error) {
if !a.startRes.Done() {
Expand Down Expand Up @@ -63,11 +55,14 @@ func (a *Actor) Reencrypt(K kyber.Point, pubk kyber.Point) (XhatEnc kyber.Point,
return nil, xerrors.Errorf("failed to send reencrypt request: %v", err)
}

ocs := newOCS(K, pubk)
ocs.nbnodes = len(addrs)
ocs.threshold = a.startRes.getThreshold()
status := &reencryptStatus{
K: K,
pubk: pubk,
}
status.nbnodes = len(addrs)
status.threshold = a.startRes.getThreshold()

for i := 0; i < ocs.nbnodes; i++ {
for i := 0; i < status.nbnodes; i++ {
src, rxMsg, err := receiver.Recv(ctx)
if err != nil {
return nil, xerrors.Errorf(unexpectedStreamStop, err)
Expand All @@ -80,11 +75,11 @@ func (a *Actor) Reencrypt(K kyber.Point, pubk kyber.Point) (XhatEnc kyber.Point,
return nil, xerrors.Errorf(unexpectedReply, reply, rxMsg)
}

err = processReencryptReply(ocs, &reply)
err = status.processReencryptReply(&reply)
if err == nil {
dela.Logger.Debug().Msgf("Reencryption Uis: %v", ocs.Uis)
dela.Logger.Debug().Msgf("Reencryption Uis: %v", status.Uis)

XhatEnc, err := share.RecoverCommit(suites.MustFind("Ed25519"), ocs.Uis, ocs.threshold, ocs.nbnodes)
XhatEnc, err := share.RecoverCommit(suites.MustFind("Ed25519"), status.Uis, status.threshold, status.nbnodes)
if err != nil {
return nil, xerrors.Errorf("Reencryption failed: %v", err)
}
Expand All @@ -97,33 +92,33 @@ func (a *Actor) Reencrypt(K kyber.Point, pubk kyber.Point) (XhatEnc kyber.Point,
return nil, xerrors.Errorf("Reencryption failed: %v", err)
}

func processReencryptReply(ocs *onChainSecret, reply *types.ReencryptReply) (err error) {
func (s *reencryptStatus) processReencryptReply(reply *types.ReencryptReply) (err error) {
if reply.Ui == nil {
err = xerrors.Errorf("Received empty reply")
dela.Logger.Warn().Msg("Empty reply received")
ocs.nbfailures++
if ocs.nbfailures > ocs.nbnodes-ocs.threshold {
s.nbfailures++
if s.nbfailures > s.nbnodes-s.threshold {
err = xerrors.Errorf("couldn't get enough shares")
dela.Logger.Warn().Msg(err.Error())
}
return err
}

ocs.replies = append(ocs.replies, *reply)
s.replies = append(s.replies, *reply)

if len(ocs.replies) >= ocs.threshold {
ocs.Uis = make([]*share.PubShare, 0, ocs.nbnodes)
if len(s.replies) >= s.threshold {
s.Uis = make([]*share.PubShare, 0, s.nbnodes)

for _, r := range ocs.replies {
for _, r := range s.replies {

/*
// Verify proofs
ufi := suite.Point().Mul(r.Fi, suite.Point().Add(ocs.U, ocs.pubk))
ufi := suite.Point().Mul(r.Fi, suite.Point().Add(s.U, s.pubk))
uiei := suite.Point().Mul(suite.Scalar().Neg(r.Ei), r.Ui.V)
uiHat := suite.Point().Add(ufi, uiei)
gfi := suite.Point().Mul(r.Fi, nil)
gxi := ocs.poly.Eval(r.Ui.I).V
gxi := s.poly.Eval(r.Ui.I).V
hiei := suite.Point().Mul(suite.Scalar().Neg(r.Ei), gxi)
hiHat := suite.Point().Add(gfi, hiei)
hash := sha256.New()
Expand All @@ -134,13 +129,13 @@ func processReencryptReply(ocs *onChainSecret, reply *types.ReencryptReply) (err
if e.Equal(r.Ei) {
*/
ocs.Uis = append(ocs.Uis, r.Ui)
s.Uis = append(s.Uis, r.Ui)
/*
}
else
{
dela.Logger.Warn().Msgf("Received invalid share from node: %v", r.Ui.I)
ocs.nbfailures++
s.nbfailures++
}
*/
}
Expand Down

0 comments on commit f418006

Please sign in to comment.