From ffd15544c34dcb56c976b5b87aa97e68772818f3 Mon Sep 17 00:00:00 2001 From: Rat Poison Date: Mon, 7 Oct 2019 01:38:17 +0200 Subject: [PATCH 1/6] blind_test.go: remove unused import --- blind_test.go | 1 - 1 file changed, 1 deletion(-) diff --git a/blind_test.go b/blind_test.go index 2f94aac..19047f4 100644 --- a/blind_test.go +++ b/blind_test.go @@ -3,7 +3,6 @@ package blinding import ( "crypto/rsa" "testing" - "fmt" ) func TestIntegration(t *testing.T) { From 99872e6f6fa10236554b76a21134638ae385999f Mon Sep 17 00:00:00 2001 From: Rat Poison Date: Mon, 7 Oct 2019 01:38:47 +0200 Subject: [PATCH 2/6] go fmt --- blind.go | 20 ++++++++++---------- blind_test.go | 2 -- 2 files changed, 10 insertions(+), 12 deletions(-) diff --git a/blind.go b/blind.go index ecd135d..0c1e8e1 100644 --- a/blind.go +++ b/blind.go @@ -7,12 +7,12 @@ package blinding import ( - "errors" - "encoding/base64" "crypto" "crypto/rand" "crypto/rsa" "crypto/sha256" + "encoding/base64" + "errors" "github.com/cryptoballot/fdh" "github.com/cryptoballot/rsablind" ) @@ -52,20 +52,20 @@ func FinalMessage(salary, sig []byte) string { } type BlindedMessage struct { - Blinded []byte - Sig []byte - PublicKey rsa.PublicKey + Blinded []byte + Sig []byte + PublicKey rsa.PublicKey } /********************* Employee **********************/ type Employee struct { - key *rsa.PrivateKey - signerskey *rsa.PublicKey - message []byte - unblinder []byte - PublicKey *rsa.PublicKey + key *rsa.PrivateKey + signerskey *rsa.PublicKey + message []byte + unblinder []byte + PublicKey *rsa.PublicKey has_blinded bool } diff --git a/blind_test.go b/blind_test.go index 19047f4..4338ae9 100644 --- a/blind_test.go +++ b/blind_test.go @@ -44,7 +44,6 @@ func TestIntegration(t *testing.T) { } } - // Creates a signer, some employees, and registers them func setup(nemployees int) (*Signer, []*Employee) { signer, _ := NewSigner() @@ -60,7 +59,6 @@ func setup(nemployees int) (*Signer, []*Employee) { return signer, employees } - func TestOneSigPerEmployee(t *testing.T) { // test employee can't get two sigs signer, employees := setup(1) From bda6d13be270d166defd67eb91456efc09f7172c Mon Sep 17 00:00:00 2001 From: Rat Poison Date: Mon, 7 Oct 2019 01:31:24 +0200 Subject: [PATCH 3/6] remove global var err --- blind.go | 5 ++--- blind_test.go | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/blind.go b/blind.go index 0c1e8e1..ff6b852 100644 --- a/blind.go +++ b/blind.go @@ -19,7 +19,6 @@ import ( var Keysize = 2048 var Hashize = 1536 -var err error /********************* Utilities @@ -40,7 +39,7 @@ func SignPSS(message []byte, privkey *rsa.PrivateKey) ([]byte, error) { // verify sig on blinded message func VerifyPSS(message, sig []byte, pubkey *rsa.PublicKey) error { hashed := sha256.Sum256(message) - err = rsa.VerifyPSS(pubkey, crypto.SHA256, hashed[:], sig, nil) + err := rsa.VerifyPSS(pubkey, crypto.SHA256, hashed[:], sig, nil) return err } @@ -110,7 +109,7 @@ func (e *Employee) Unblind(blindSig []byte) ([]byte, error) { unBlindedSig := rsablind.Unblind(e.signerskey, blindSig, e.unblinder) // verify the sig - err = e.VerifySallary(e.message, unBlindedSig, e.signerskey) + err := e.VerifySallary(e.message, unBlindedSig, e.signerskey) if err != nil { return nil, err } diff --git a/blind_test.go b/blind_test.go index 4338ae9..30e2ed2 100644 --- a/blind_test.go +++ b/blind_test.go @@ -90,7 +90,7 @@ func TestEmployeeCanOnlyBlindOnce(t *testing.T) { _, employees := setup(1) employee := employees[0] employee.BlindSalary([]byte("once")) - _, err = employee.BlindSalary([]byte("twice")) + _, err := employee.BlindSalary([]byte("twice")) if err == nil { t.Fatal() } From 1afc172870b1f22626889fe739c93c9ceea8e72d Mon Sep 17 00:00:00 2001 From: Rat Poison Date: Mon, 7 Oct 2019 01:33:19 +0200 Subject: [PATCH 4/6] increase key and hash sizes and make them const --- blind.go | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/blind.go b/blind.go index ff6b852..1069725 100644 --- a/blind.go +++ b/blind.go @@ -17,8 +17,10 @@ import ( "github.com/cryptoballot/rsablind" ) -var Keysize = 2048 -var Hashize = 1536 +const ( + Keysize = 4096 + Hashize = 3072 +) /********************* Utilities From 5bc901f31470f09cf15b3af7f5e8cb3ab5041878 Mon Sep 17 00:00:00 2001 From: Rat Poison Date: Mon, 7 Oct 2019 01:55:00 +0200 Subject: [PATCH 5/6] blind_test: add error messages --- blind_test.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/blind_test.go b/blind_test.go index 30e2ed2..80fb82f 100644 --- a/blind_test.go +++ b/blind_test.go @@ -69,7 +69,7 @@ func TestOneSigPerEmployee(t *testing.T) { signer.SignSalary(bmsg) _, err := signer.SignSalary(bmsg) if err == nil { - t.Fatal() + t.Fatal("Signer managed to sign the same employee twice") } } @@ -82,7 +82,7 @@ func TestOnlyRegisteredEmployees(t *testing.T) { // try to sign while not registered _, err := signer.SignSalary(bmsg) if err == nil { - t.Fatal() + t.Fatal("Signer managed to sign unregistered employee") } } @@ -92,6 +92,6 @@ func TestEmployeeCanOnlyBlindOnce(t *testing.T) { employee.BlindSalary([]byte("once")) _, err := employee.BlindSalary([]byte("twice")) if err == nil { - t.Fatal() + t.Fatal("Employee managed to sign twice") } } From 1ea94cad002c5c2f6a25e05acf01ef5e57b467bd Mon Sep 17 00:00:00 2001 From: Rat Poison Date: Mon, 7 Oct 2019 01:55:22 +0200 Subject: [PATCH 6/6] fix test against multiple signatures from a user fix test against multiple signatures from a user fix function SignSalary --- blind.go | 1 + blind_test.go | 7 ++++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/blind.go b/blind.go index 1069725..5928070 100644 --- a/blind.go +++ b/blind.go @@ -156,6 +156,7 @@ func (s *Signer) SignSalary(message *BlindedMessage) (sig []byte, err error) { if err != nil { return nil, err } + s.employees[message.PublicKey] = true return sig, nil } diff --git a/blind_test.go b/blind_test.go index 80fb82f..2e7f629 100644 --- a/blind_test.go +++ b/blind_test.go @@ -56,6 +56,7 @@ func setup(nemployees int) (*Signer, []*Employee) { employees[i] = e keys[i] = *e.PublicKey } + signer.AddEmployees(keys) return signer, employees } @@ -66,8 +67,12 @@ func TestOneSigPerEmployee(t *testing.T) { bmsg, _ := employee.BlindSalary([]byte("message one")) // try to sign twice - signer.SignSalary(bmsg) _, err := signer.SignSalary(bmsg) + if err != nil { + t.Fatal(err) + } + + _, err = signer.SignSalary(bmsg) if err == nil { t.Fatal("Signer managed to sign the same employee twice") }