BankOfEuler/keytie.cpp at main · jdb19937/BankOfEuler · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
#include "keytie.h"

using namespace BankOfEuler;

bool KeytieRequest::verify(CTX *ctx) {
  // must be at least p to encrypt values in this range
  // can't be more than hn because we will encrypt its exponent under sn.
  if (eg_secret.n < ctx->p || eg_secret.n >= ctx->hn)
    return false;

  if (eg_secret.g < 1 || eg_secret.g >= eg_secret.n)
    return false;
  if (eg_secret.ge < 1 || eg_secret.ge >= eg_secret.n)
    return false;
  if (eg_secret.e < 0 || eg_secret.e >= eg_secret.n - 1)
    return false;

  Number ge;
  ge.powmod(eg_secret.g, eg_secret.e, eg_secret.n);
  if (ge != eg_secret.ge)
    return false;

  return true;
}

void KeytieCertificate::generate(SCTX *sctx, const KeytieRequest &req) {
  expires = time(NULL) + sctx->expiry;
  cmd_hash = req.cmd_hash;
  eg_public = req.eg_secret;
  encrypted_e.powmod(req.eg_secret.e, sctx->se, sctx->sn);

  sctx->hash_init(h);
  sctx->hash_update(h, magic);
  sctx->hash_update(h, cmd_hash, sctx->hn);
  eg_public.hash_update(sctx, h);
  sctx->hash_update(h, encrypted_e, sctx->sn);
  sctx->hash_update(h, expires);
  sctx->hash_final(h);

  sh.powmod(h, sctx->sd, sctx->sn);
}

bool KeytieCertificate::verify(CTX *ctx) {
  if (expires < time(NULL))
    return false;

  Number h2;
  ctx->hash_init(h2);
  ctx->hash_update(h2, magic);
  ctx->hash_update(h2, cmd_hash, ctx->hn);
  eg_public.hash_update(ctx, h2);
  ctx->hash_update(h2, encrypted_e, ctx->sn);
  ctx->hash_update(h2, expires);
  ctx->hash_final(h2);

  if (h != h2)
    return false;

  return h.verify(sh, ctx->se, ctx->sn);
}