Skip to content

Commit

Permalink
Mandatory authentication and simplified API (#16)
Browse files Browse the repository at this point in the history
* mandatory authentication and simplified API

* renamed signIt to sign

* actually renaming the calls...

* test of absent auth
  • Loading branch information
nikkolasg authored Jun 12, 2020
1 parent abb4a98 commit d2b3307
Show file tree
Hide file tree
Showing 5 changed files with 166 additions and 182 deletions.
43 changes: 34 additions & 9 deletions share/dkg/dkg.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import (
"github.com/drand/kyber"
"github.com/drand/kyber/encrypt/ecies"
"github.com/drand/kyber/share"
"github.com/drand/kyber/sign"
"github.com/drand/kyber/util/random"
)

Expand All @@ -21,7 +22,7 @@ type Suite interface {
kyber.Random
}

// DkgConfig holds all required information to run a fresh DKG protocol or a
// Config holds all required information to run a fresh DKG protocol or a
// resharing protocol. In the case of a new fresh DKG protocol, one must fill
// the following fields: Suite, Longterm, NewNodes, Threshold (opt). In the case
// of a resharing protocol, one must fill the following: Suite, Longterm,
Expand All @@ -30,7 +31,7 @@ type Suite interface {
// with the current share of the node. If the node using this config is a new
// addition and thus has no current share, the PublicCoeffs field be must be
// filled in.
type DkgConfig struct {
type Config struct {
Suite Suite

// Longterm is the longterm secret key.
Expand Down Expand Up @@ -104,6 +105,10 @@ type DkgConfig struct {
// accross runs. A Nonce must be of length 32 bytes. User can get a secure
// nonce by calling `GetNonce()`.
Nonce []byte

// Auth is the scheme to use to authentify the packets sent and received
// during the protocol.
Auth sign.Scheme
}

// Phase is a type that represents the different stages of the DKG protocol.
Expand Down Expand Up @@ -137,7 +142,7 @@ func (p Phase) String() string {
// DistKeyGenerator is the struct that runs the DKG protocol.
type DistKeyGenerator struct {
// config driving the behavior of DistKeyGenerator
c *DkgConfig
c *Config
suite Suite

long kyber.Scalar
Expand Down Expand Up @@ -178,15 +183,18 @@ type DistKeyGenerator struct {
olddpub *share.PubPoly
}

// NewDistKeyHandler takes a DkgConfig and returns a DistKeyGenerator that is able
// NewDistKeyHandler takes a Config and returns a DistKeyGenerator that is able
// to drive the DKG or resharing protocol.
func NewDistKeyHandler(c *DkgConfig) (*DistKeyGenerator, error) {
func NewDistKeyHandler(c *Config) (*DistKeyGenerator, error) {
if c.NewNodes == nil && c.OldNodes == nil {
return nil, errors.New("dkg: can't run with empty node list")
}
if len(c.Nonce) != NonceLength {
return nil, errors.New("dkg: invalid nonce length")
}
if c.Auth == nil {
return nil, errors.New("dkg: need authentication scheme")
}

var isResharing bool
if c.Share != nil || c.PublicCoeffs != nil {
Expand Down Expand Up @@ -354,12 +362,15 @@ func (d *DistKeyGenerator) Deals() (*DealBundle, error) {
}
d.state = DealPhase
_, commits := d.dpub.Info()
return &DealBundle{
bundle := &DealBundle{
DealerIndex: uint32(d.oidx),
Deals: deals,
Public: commits,
SessionID: d.c.Nonce,
}, nil
}
var err error
bundle.Signature, err = d.sign(bundle)
return bundle, err
}

// ProcessDeals process the deals from all the nodes. Each deal for this node is
Expand Down Expand Up @@ -508,6 +519,11 @@ func (d *DistKeyGenerator) ProcessDeals(bundles []*DealBundle) (*ResponseBundle,
Responses: responses,
SessionID: d.c.Nonce,
}
sig, err := d.sign(bundle)
if err != nil {
return nil, err
}
bundle.Signature = sig
}
d.state = ResponsePhase
return bundle, nil
Expand Down Expand Up @@ -621,12 +637,15 @@ func (d *DistKeyGenerator) ProcessResponses(bundles []*ResponseBundle) (*Result,
return nil, nil, nil
}

var bundle = JustificationBundle{
var bundle = &JustificationBundle{
DealerIndex: uint32(d.oidx),
Justifications: justifications,
SessionID: d.c.Nonce,
}
return nil, &bundle, nil

signature, err := d.sign(bundle)
bundle.Signature = signature
return nil, bundle, err
}

// ProcessJustifications takes the justifications of the nodes and returns the
Expand Down Expand Up @@ -982,3 +1001,9 @@ func GetNonce() []byte {
}
return nonce[:]
}

func (d *DistKeyGenerator) sign(p packet) ([]byte, error) {
msg := p.Hash()
priv := d.c.Longterm
return d.c.Auth.Sign(priv, msg)
}
55 changes: 44 additions & 11 deletions share/dkg/dkg_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import (
"github.com/drand/kyber/group/edwards25519"
"github.com/drand/kyber/pairing/bn256"
"github.com/drand/kyber/share"
"github.com/drand/kyber/sign/schnorr"
"github.com/drand/kyber/sign/tbls"
"github.com/drand/kyber/util/random"
clock "github.com/jonboulle/clockwork"
Expand Down Expand Up @@ -55,7 +56,7 @@ func NodesFromTest(tns []*TestNode) []Node {
}

// inits the dkg structure
func SetupNodes(nodes []*TestNode, c *DkgConfig) {
func SetupNodes(nodes []*TestNode, c *Config) {
nonce := GetNonce()
for _, n := range nodes {
c2 := *c
Expand All @@ -69,7 +70,7 @@ func SetupNodes(nodes []*TestNode, c *DkgConfig) {
}
}

func SetupReshareNodes(nodes []*TestNode, c *DkgConfig, coeffs []kyber.Point) {
func SetupReshareNodes(nodes []*TestNode, c *Config, coeffs []kyber.Point) {
nonce := GetNonce()
for _, n := range nodes {
c2 := *c
Expand Down Expand Up @@ -140,7 +141,7 @@ type MapDeal func([]*DealBundle) []*DealBundle
type MapResponse func([]*ResponseBundle) []*ResponseBundle
type MapJustif func([]*JustificationBundle) []*JustificationBundle

func RunDKG(t *testing.T, tns []*TestNode, conf DkgConfig,
func RunDKG(t *testing.T, tns []*TestNode, conf Config,
dm MapDeal, rm MapResponse, jm MapJustif) []*Result {

SetupNodes(tns, &conf)
Expand Down Expand Up @@ -203,10 +204,11 @@ func TestDKGFull(t *testing.T) {
suite := edwards25519.NewBlakeSHA256Ed25519()
tns := GenerateTestNodes(suite, n)
list := NodesFromTest(tns)
conf := DkgConfig{
conf := Config{
Suite: suite,
NewNodes: list,
Threshold: thr,
Auth: schnorr.NewScheme(suite),
}

results := RunDKG(t, tns, conf, nil, nil, nil)
Expand All @@ -219,10 +221,11 @@ func TestDKGThreshold(t *testing.T) {
suite := edwards25519.NewBlakeSHA256Ed25519()
tns := GenerateTestNodes(suite, n)
list := NodesFromTest(tns)
conf := DkgConfig{
conf := Config{
Suite: suite,
NewNodes: list,
Threshold: thr,
Auth: schnorr.NewScheme(suite),
}

dm := func(deals []*DealBundle) []*DealBundle {
Expand Down Expand Up @@ -284,10 +287,11 @@ func TestDKGResharing(t *testing.T) {
var sigSuite = bn256.NewSuiteG1()
tns := GenerateTestNodes(suite, n)
list := NodesFromTest(tns)
conf := DkgConfig{
conf := Config{
Suite: suite,
NewNodes: list,
Threshold: thr,
Auth: schnorr.NewScheme(suite),
}
SetupNodes(tns, &conf)

Expand Down Expand Up @@ -342,12 +346,13 @@ func TestDKGResharing(t *testing.T) {
newTns[n-1+i] = NewTestNode(suite, n-1+i)
}
newList := NodesFromTest(newTns)
newConf := &DkgConfig{
newConf := &Config{
Suite: suite,
NewNodes: newList,
OldNodes: list,
Threshold: newT,
OldThreshold: thr,
Auth: schnorr.NewScheme(suite),
}

SetupReshareNodes(newTns, newConf, tns[0].res.Key.Commits)
Expand Down Expand Up @@ -408,11 +413,12 @@ func TestDKGFullFast(t *testing.T) {
suite := edwards25519.NewBlakeSHA256Ed25519()
tns := GenerateTestNodes(suite, n)
list := NodesFromTest(tns)
conf := DkgConfig{
conf := Config{
FastSync: true,
Suite: suite,
NewNodes: list,
Threshold: thr,
Auth: schnorr.NewScheme(suite),
}

results := RunDKG(t, tns, conf, nil, nil, nil)
Expand All @@ -425,11 +431,12 @@ func TestDKGNonceInvalid(t *testing.T) {
suite := edwards25519.NewBlakeSHA256Ed25519()
tns := GenerateTestNodes(suite, n)
list := NodesFromTest(tns)
conf := &DkgConfig{
conf := &Config{
FastSync: true,
Suite: suite,
NewNodes: list,
Threshold: thr,
Auth: schnorr.NewScheme(suite),
}
nonce := GetNonce()
conf.Nonce = nonce
Expand All @@ -445,16 +452,41 @@ func TestDKGNonceInvalid(t *testing.T) {
require.Nil(t, dkg)
}

func TestDKGAbsentAuth(t *testing.T) {
n := 5
thr := n
suite := edwards25519.NewBlakeSHA256Ed25519()
tns := GenerateTestNodes(suite, n)
list := NodesFromTest(tns)
conf := &Config{
FastSync: true,
Suite: suite,
NewNodes: list,
Threshold: thr,
Nonce: GetNonce(),
Longterm: tns[0].Private,
}
dkg, err := NewDistKeyHandler(conf)
require.Error(t, err)
require.Nil(t, dkg)

conf.Auth = schnorr.NewScheme(suite)
dkg, err = NewDistKeyHandler(conf)
require.NoError(t, err)
require.NotNil(t, dkg)
}

func TestDKGNonceInvalidEviction(t *testing.T) {
n := 7
thr := 4
suite := edwards25519.NewBlakeSHA256Ed25519()
tns := GenerateTestNodes(suite, n)
list := NodesFromTest(tns)
conf := DkgConfig{
conf := Config{
Suite: suite,
NewNodes: list,
Threshold: thr,
Auth: schnorr.NewScheme(suite),
}

genPublic := func() []kyber.Point {
Expand Down Expand Up @@ -516,10 +548,11 @@ func TestDKGInvalidResponse(t *testing.T) {
suite := edwards25519.NewBlakeSHA256Ed25519()
tns := GenerateTestNodes(suite, n)
list := NodesFromTest(tns)
conf := DkgConfig{
conf := Config{
Suite: suite,
NewNodes: list,
Threshold: thr,
Auth: schnorr.NewScheme(suite),
}
SetupNodes(tns, &conf)

Expand Down
Loading

0 comments on commit d2b3307

Please sign in to comment.