Add documentation for auth and check the generation of scalars #180

otrv4 · Dec 14, 2018 · 7d66183 · 7d66183
1 parent 98309d3
commit 7d66183
Show file tree

Hide file tree

Showing 3 changed files with 61 additions and 29 deletions.
diff --git a/src/auth.c b/src/auth.c
@@ -194,15 +194,6 @@ static otrng_result otrng_rsig_calculate_c_from_sigma_with_usage_and_domain(
   return OTRNG_SUCCESS;
 }
 
-INTERNAL otrng_result otrng_rsig_authenticate(
-    ring_sig_s *dst, const otrng_private_key secret, const otrng_public_key pub,
-    const otrng_public_key A1, const otrng_public_key A2,
-    const otrng_public_key A3, const uint8_t *msg, size_t msg_len) {
-  return otrng_rsig_authenticate_with_usage_and_domain(
-      OTRNG_PROTOCOL_USAGE_AUTH, OTRNG_PROTOCOL_DOMAIN_SEPARATION, dst, secret,
-      pub, A1, A2, A3, msg, msg_len);
-}
-
 INTERNAL otrng_result otrng_rsig_authenticate_with_usage_and_domain(
     uint8_t usage, const char *domain_sep, ring_sig_s *dst,
     const otrng_private_key secret, const otrng_public_key pub,
@@ -310,14 +301,13 @@ INTERNAL otrng_result otrng_rsig_authenticate_with_usage_and_domain(
   return OTRNG_SUCCESS;
 }
 
-INTERNAL otrng_bool otrng_rsig_verify(const ring_sig_s *src,
-                                      const otrng_public_key A1,
-                                      const otrng_public_key A2,
-                                      const otrng_public_key A3,
-                                      const uint8_t *msg, size_t msg_len) {
-  return otrng_rsig_verify_with_usage_and_domain(
-      OTRNG_PROTOCOL_USAGE_AUTH, OTRNG_PROTOCOL_DOMAIN_SEPARATION, src, A1, A2,
-      A3, msg, msg_len);
+INTERNAL otrng_result otrng_rsig_authenticate(
+    ring_sig_s *dst, const otrng_private_key secret, const otrng_public_key pub,
+    const otrng_public_key A1, const otrng_public_key A2,
+    const otrng_public_key A3, const uint8_t *msg, size_t msg_len) {
+  return otrng_rsig_authenticate_with_usage_and_domain(
+      OTRNG_PROTOCOL_USAGE_AUTH, OTRNG_PROTOCOL_DOMAIN_SEPARATION, dst, secret,
+      pub, A1, A2, A3, msg, msg_len);
 }
 
 INTERNAL otrng_bool otrng_rsig_verify_with_usage_and_domain(
@@ -342,6 +332,16 @@ INTERNAL otrng_bool otrng_rsig_verify_with_usage_and_domain(
   return otrng_false;
 }
 
+INTERNAL otrng_bool otrng_rsig_verify(const ring_sig_s *src,
+                                      const otrng_public_key A1,
+                                      const otrng_public_key A2,
+                                      const otrng_public_key A3,
+                                      const uint8_t *msg, size_t msg_len) {
+  return otrng_rsig_verify_with_usage_and_domain(
+      OTRNG_PROTOCOL_USAGE_AUTH, OTRNG_PROTOCOL_DOMAIN_SEPARATION, src, A1, A2,
+      A3, msg, msg_len);
+}
+
 INTERNAL void otrng_ring_sig_destroy(ring_sig_s *src) {
   otrng_ec_scalar_destroy(src->c1);
   otrng_ec_scalar_destroy(src->r1);

diff --git a/src/auth.h b/src/auth.h
@@ -66,7 +66,6 @@ typedef struct ring_sig_s {
  * @return OTRNG_SUCCESS if pub is one of (A1, A2, A3) and a signature of
  * knowledge could be created. Returns OTRNG_ERROR otherwise.
  */
-
 INTERNAL otrng_result otrng_rsig_authenticate(
     ring_sig_s *dst, const otrng_private_key priv, const otrng_public_key pub,
     const otrng_public_key A1, const otrng_public_key A2,
@@ -91,29 +90,69 @@ INTERNAL otrng_bool otrng_rsig_verify(const ring_sig_s *src,
                                       const uint8_t *msg, size_t msg_len);
 
 /**
- * @brief Zero the values of the Ring Sig.
+ * @brief The Authentication function of the Ring Sig  that takes hash usage and
+ * domain separation as params.
  *
+ * It produces a signature of knowledge, named sigma, bound to the
+ * message msg, that demonstrates knowledge of a private key
+ * corresponding to one of three public keys.
  *
- * @param [src] The signature of knowledge
+ * @param [usage] The hash usage id.
+ * @param [domain_sep] The hash domain separation string.
+ * @param [dst] The signature of knowledge
+ * @param [dst] The signature of knowledge
+ * @param [priv] The known private key.
+ * @param [pub] The public counterpart of priv.
+ * @param [A1] The first public key.
+ * @param [A2] The second public key.
+ * @param [A3] The thrid public key.
+ * @param [msg] The message to "sign".
+ * @param [msg_len] The length of the message.
+ *
+ * @return OTRNG_SUCCESS if pub is one of (A1, A2, A3) and a signature of
+ * knowledge could be created. Returns OTRNG_ERROR otherwise.
  */
-INTERNAL void otrng_ring_sig_destroy(ring_sig_s *src);
-
 INTERNAL otrng_result otrng_rsig_authenticate_with_usage_and_domain(
     uint8_t usage, const char *domain_sep, ring_sig_s *dst,
     const otrng_private_key secret, const otrng_public_key pub,
     const otrng_public_key A1, const otrng_public_key A2,
     const otrng_public_key A3, const uint8_t *msg, size_t msg_len);
 
+/**
+ * @brief The Verification function of the Ring Sigi that takes hash usage and
+ * domain separation as params.
+ *
+ * The verification function for the SoK sigma, created by rsig_authenticate.
+ *
+ * @param [usage] The hash usage id.
+ * @param [domain_sep] The hash domain separation string.
+ * @param [src] The signature of knowledge
+ * @param [A1] The first public key.
+ * @param [A2] The second public key.
+ * @param [A3] The third public key.
+ * @param [msg] The message to "verify".
+ * @param [msg_len] The length of the message.
+ */
 INTERNAL otrng_bool otrng_rsig_verify_with_usage_and_domain(
     uint8_t usage, const char *domain_sep, const ring_sig_s *src,
     const otrng_public_key A1, const otrng_public_key A2,
     const otrng_public_key A3, const uint8_t *msg, size_t msg_len);
 
+/**
+ * @brief Zero the values of the Ring Sig.
+ *
+ *
+ * @param [src] The signature of knowledge
+ */
+INTERNAL void otrng_ring_sig_destroy(ring_sig_s *src);
+
 #ifdef OTRNG_AUTH_PRIVATE
 
 /**
  * @brief Calculate the 'c' parameter used in the Ring Signature.
  *
+ * @param [usage] The hash usage id.
+ * @param [domain_sep] The hash domain separation string.
  * @param [dst] The 'c' value to be calculated.
  * @param [A1] The first public key.
  * @param [A2] The second public key.

diff --git a/src/random.h b/src/random.h
@@ -39,9 +39,6 @@ static inline void ed448_random_scalar(goldilocks_448_scalar_p priv) {
   uint8_t *sym = otrng_secure_alloc(ED448_PRIVATE_BYTES);
   random_bytes(sym, ED448_PRIVATE_BYTES);
 
-  // TODO: @refactoring it hashes and clamp as per RFC 8032 keygen method.
-  // It may not be what we want where it is used (SMP and RingSignature) since
-  // a less strict value "get a random x in Z_q" is required.
   otrng_ec_scalar_derive_from_secret(priv, sym);
   otrng_secure_free(sym);
 }
@@ -58,10 +55,6 @@ static inline void ed448_random_scalar(goldilocks_448_scalar_p priv) {
 /*@unused@*/ static inline void
 otrng_zq_keypair_generate(goldilocks_448_point_p pub,
                           goldilocks_448_scalar_p priv) {
-  // Unlike otrng_keypair_generate and otrng_ecdh_keypair_generate, this
-  // function does not apply a KDF to the random symmetric key before decoding
-  // it into a scalar.
-
   ed448_random_scalar(priv);
   goldilocks_448_point_scalarmul(pub, goldilocks_448_point_base, priv);
 }