From fcc8fe1ef5bdb3a7c6a69f82a6132e400a1b05a1 Mon Sep 17 00:00:00 2001 From: Freddie Coleman Date: Sun, 6 Mar 2022 08:02:57 +0000 Subject: [PATCH] support both basic and aug mpl --- asserter/construction.go | 2 +- keys/signer_bls12381.go | 110 ++++++++++++++++++++++++++--------- keys/signer_bls12381_test.go | 16 ++--- types/signature_type.go | 13 +++-- 4 files changed, 99 insertions(+), 42 deletions(-) diff --git a/asserter/construction.go b/asserter/construction.go index 449c64c9..2640b9ec 100644 --- a/asserter/construction.go +++ b/asserter/construction.go @@ -304,7 +304,7 @@ func SignatureType( signature types.SignatureType, ) error { switch signature { - case types.Ecdsa, types.EcdsaRecovery, types.Ed25519, types.Schnorr1, types.SchnorrPoseidon, types.BlsG2Element: + case types.Ecdsa, types.EcdsaRecovery, types.Ed25519, types.Schnorr1, types.SchnorrPoseidon, types.Bls12381BasicMpl, types.Bls12381AugMpl: return nil default: return fmt.Errorf("%w: %s", ErrSignatureTypeNotSupported, signature) diff --git a/keys/signer_bls12381.go b/keys/signer_bls12381.go index a74ea4d9..348eb3f5 100644 --- a/keys/signer_bls12381.go +++ b/keys/signer_bls12381.go @@ -43,56 +43,80 @@ func (s *SignerBls12381) Sign( return nil, err } - if !(payload.SignatureType == types.BlsG2Element || payload.SignatureType == "") { + if !(payload.SignatureType == types.Bls12381BasicMpl || payload.SignatureType == types.Bls12381AugMpl || payload.SignatureType == "") { return nil, fmt.Errorf( - "%w: expected %v but got %v", + "%w: expected %v or %v but got %v", ErrSignUnsupportedPayloadSignatureType, - types.BlsG2Element, + types.Bls12381BasicMpl, + types.Bls12381AugMpl, payload.SignatureType, ) } - if sigType != types.BlsG2Element { + // Generate private key bytes + privKeyBytes := s.KeyPair.PrivateKey + privKey := &bls_sig.SecretKey{} + _ = privKey.UnmarshalBinary(privKeyBytes) + + switch sigType { + case types.Bls12381BasicMpl: + sigBytes, _ := signBasic(privKey, payload, s.KeyPair.PublicKey) + + return &types.Signature{ + SigningPayload: payload, + PublicKey: s.KeyPair.PublicKey, + SignatureType: payload.SignatureType, + Bytes: sigBytes, + }, nil + case types.Bls12381AugMpl: + sigBytes, _ := signAug(privKey, payload, s.KeyPair.PublicKey) + + return &types.Signature{ + SigningPayload: payload, + PublicKey: s.KeyPair.PublicKey, + SignatureType: payload.SignatureType, + Bytes: sigBytes, + }, nil + default: return nil, fmt.Errorf( - "%w: expected %v but got %v", + "%w: expected %v or %v but got %v", ErrSignUnsupportedSignatureType, - types.BlsG2Element, + types.Bls12381BasicMpl, + types.Bls12381AugMpl, sigType, ) } +} - // Generate private key bytes - privKeyBytes := s.KeyPair.PrivateKey - privKey := &bls_sig.SecretKey{} - _ = privKey.UnmarshalBinary(privKeyBytes) +func signBasic(sk *bls_sig.SecretKey, payload *types.SigningPayload, pk *types.PublicKey) ([]byte, error) { + bls := bls_sig.NewSigBasic() + + sig, err := bls.Sign(sk, payload.Bytes) + if err != nil { + return nil, err + } + sigBytes, _ := sig.MarshalBinary() + + return sigBytes, nil +} + +func signAug(sk *bls_sig.SecretKey, payload *types.SigningPayload, pk *types.PublicKey) ([]byte, error) { bls := bls_sig.NewSigBasic() - sig, err := bls.Sign(privKey, payload.Bytes) + + sig, err := bls.Sign(sk, payload.Bytes) + if err != nil { return nil, err } sigBytes, _ := sig.MarshalBinary() - return &types.Signature{ - SigningPayload: payload, - PublicKey: s.KeyPair.PublicKey, - SignatureType: payload.SignatureType, - Bytes: sigBytes, - }, nil + return sigBytes, nil } // Verify verifies a Signature, by checking the validity of a Signature, // the SigningPayload, and the PublicKey of the Signature. func (s *SignerBls12381) Verify(signature *types.Signature) error { - if signature.SignatureType != types.BlsG2Element { - return fmt.Errorf( - "%w: expected %v but got %v", - ErrVerifyUnsupportedPayloadSignatureType, - types.BlsG2Element, - signature.SignatureType, - ) - } - pubKeyBytes := signature.PublicKey.Bytes pubKey := &bls_sig.PublicKey{} _ = pubKey.UnmarshalBinary(pubKeyBytes) @@ -106,8 +130,40 @@ func (s *SignerBls12381) Verify(signature *types.Signature) error { return fmt.Errorf("%w: %s", ErrVerifyFailed, err) } + switch signature.SignatureType { + case types.Bls12381BasicMpl: + return verifyBasic(pubKey, signature.SigningPayload.Bytes, sig) + case types.Bls12381AugMpl: + return verifyAug(pubKey, signature.SigningPayload.Bytes, sig) + default: + return fmt.Errorf( + "%w: expected %v or %v but got %v", + ErrVerifyUnsupportedPayloadSignatureType, + types.Bls12381BasicMpl, + types.Bls12381AugMpl, + signature.SignatureType, + ) + } +} + +func verifyBasic(pubKey *bls_sig.PublicKey, payload []byte, signature *bls_sig.Signature) error { bls := bls_sig.NewSigBasic() - result, err := bls.Verify(pubKey, signature.SigningPayload.Bytes, sig) + result, err := bls.Verify(pubKey, payload, signature) + + if err != nil { + return err + } + + if !result { + return fmt.Errorf("%w: %s", ErrVerifyFailed, "Verify failed") + } + + return nil +} + +func verifyAug(pubKey *bls_sig.PublicKey, payload []byte, signature *bls_sig.Signature) error { + bls := bls_sig.NewSigAug() + result, err := bls.Verify(pubKey, payload, signature) if err != nil { return err diff --git a/keys/signer_bls12381_test.go b/keys/signer_bls12381_test.go index 5ddd0414..712d42f3 100644 --- a/keys/signer_bls12381_test.go +++ b/keys/signer_bls12381_test.go @@ -37,7 +37,7 @@ func init() { payloadBytes, _ = hex.DecodeString(unsignedPayloadStr) } -func TestSignBls12381(t *testing.T) { +func TestSignBls12381Basic(t *testing.T) { type payloadTest struct { payload *types.SigningPayload err bool @@ -45,7 +45,7 @@ func TestSignBls12381(t *testing.T) { } var payloadTests = []payloadTest{ - {mockPayload(payloadBytes, types.BlsG2Element), false, nil}, + {mockPayload(payloadBytes, types.Bls12381BasicMpl), false, nil}, {mockPayload(payloadBytes, ""), false, nil}, {mockPayload(payloadBytes, types.Ecdsa), true, ErrSignUnsupportedPayloadSignatureType}, { @@ -55,7 +55,7 @@ func TestSignBls12381(t *testing.T) { }, } for _, test := range payloadTests { - signature, err := signerBls12381.Sign(test.payload, types.BlsG2Element) + signature, err := signerBls12381.Sign(test.payload, types.Bls12381BasicMpl) if !test.err { assert.NoError(t, err) @@ -67,14 +67,14 @@ func TestSignBls12381(t *testing.T) { } } -func TestVerifyBls(t *testing.T) { +func TestVerifyBls12381Basic(t *testing.T) { type signatureTest struct { signature *types.Signature errMsg error } - payload := mockPayload(payloadBytes, types.BlsG2Element) - testSignature, err := signerBls12381.Sign(payload, types.BlsG2Element) + payload := mockPayload(payloadBytes, types.Bls12381BasicMpl) + testSignature, err := signerBls12381.Sign(payload, types.Bls12381BasicMpl) assert.NoError(t, err) simpleBytes := make([]byte, 32) @@ -92,7 +92,7 @@ func TestVerifyBls(t *testing.T) { payloadBytes, simpleBytes), ErrVerifyUnsupportedPayloadSignatureType}, {mockSignature( - types.BlsG2Element, + types.Bls12381BasicMpl, signerBls12381.PublicKey(), simpleBytes, testSignature.Bytes), ErrVerifyFailed}, @@ -105,7 +105,7 @@ func TestVerifyBls(t *testing.T) { // happy path goodSignature := mockSignature( - types.BlsG2Element, + types.Bls12381BasicMpl, signerBls12381.PublicKey(), payloadBytes, testSignature.Bytes, diff --git a/types/signature_type.go b/types/signature_type.go index e2c10f3b..5dc9685d 100644 --- a/types/signature_type.go +++ b/types/signature_type.go @@ -29,10 +29,11 @@ type SignatureType string // List of SignatureType const ( - BlsG2Element SignatureType = "bls12381_g2_element" - Ecdsa SignatureType = "ecdsa" - EcdsaRecovery SignatureType = "ecdsa_recovery" - Ed25519 SignatureType = "ed25519" - Schnorr1 SignatureType = "schnorr_1" - SchnorrPoseidon SignatureType = "schnorr_poseidon" + Bls12381BasicMpl SignatureType = "bls12381_basic_mpl" + Bls12381AugMpl SignatureType = "bls12381_aug_mpl" + Ecdsa SignatureType = "ecdsa" + EcdsaRecovery SignatureType = "ecdsa_recovery" + Ed25519 SignatureType = "ed25519" + Schnorr1 SignatureType = "schnorr_1" + SchnorrPoseidon SignatureType = "schnorr_poseidon" )