Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 4824d24

Browse files
armfazharmfazh
committed
Implementing aggregation.
1 parent 7944ac1 commit 4824d24

File tree

2 files changed

+132
-45
lines changed

2 files changed

+132
-45
lines changed

sign/bls/bls.go

Lines changed: 76 additions & 45 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,6 @@ import (
55
"crypto"
66
"crypto/sha256"
77
"encoding/binary"
8-
"encoding/hex"
98
"errors"
109
"io"
1110

@@ -183,15 +182,15 @@ func KeyGen[K KeyGroup](ikm, salt, keyInfo []byte) (*PrivateKey[K], error) {
183182
func Sign[K KeyGroup](k *PrivateKey[K], msg []byte) Signature {
184183
switch (interface{})(k).(type) {
185184
case *PrivateKey[G1]:
186-
var Q G2
187-
Q.hash(msg)
188-
Q.g.ScalarMult(&k.key, &Q.g)
189-
return Q.g.BytesCompressed()
185+
var Q GG.G2
186+
Q.Hash(msg, []byte(dstG2))
187+
Q.ScalarMult(&k.key, &Q)
188+
return Q.BytesCompressed()
190189
case *PrivateKey[G2]:
191-
var Q G1
192-
Q.hash(msg)
193-
Q.g.ScalarMult(&k.key, &Q.g)
194-
return Q.g.BytesCompressed()
190+
var Q GG.G1
191+
Q.Hash(msg, []byte(dstG1))
192+
Q.ScalarMult(&k.key, &Q)
193+
return Q.BytesCompressed()
195194
default:
196195
panic(ErrInvalid)
197196
}
@@ -237,60 +236,92 @@ func Verify[K KeyGroup](pub *PublicKey[K], msg []byte, sig Signature) bool {
237236
return res.IsIdentity()
238237
}
239238

240-
func Aggregate[K KeyGroup](sigs []Signature) (Signature, error) {
239+
func Aggregate[K KeyGroup](k K, sigs []Signature) (Signature, error) {
241240
if len(sigs) == 0 {
242241
return nil, ErrAggregate
243242
}
244243

245-
return nil, nil
246-
// switch (interface{})(Aggregate[K]).(type) {
247-
// case *func([]Signature) (Signature, error):
248-
// var P, Q GG.G2
249-
// P.SetIdentity()
250-
// for _, sig := range sigs {
251-
// if err := Q.SetBytes(sig); err != nil {
252-
// return nil, err
253-
// }
254-
// P.Add(&P, &Q)
255-
// }
256-
// return P.BytesCompressed(), nil
257-
258-
// case *func([]Signature) (Signature, error):
259-
// var P, Q GG.G1
260-
// P.SetIdentity()
261-
// for _, sig := range sigs {
262-
// if err := Q.SetBytes(sig); err != nil {
263-
// return nil, err
264-
// }
265-
// P.Add(&P, &Q)
266-
// }
267-
// return P.BytesCompressed(), nil
268-
269-
// default:
270-
// panic(ErrInvalid)
271-
// }
244+
switch (interface{})(k).(type) {
245+
case G1:
246+
var P, Q GG.G2
247+
P.SetIdentity()
248+
for _, sig := range sigs {
249+
if err := Q.SetBytes(sig); err != nil {
250+
return nil, err
251+
}
252+
P.Add(&P, &Q)
253+
}
254+
return P.BytesCompressed(), nil
255+
256+
case G2:
257+
var P, Q GG.G1
258+
P.SetIdentity()
259+
for _, sig := range sigs {
260+
if err := Q.SetBytes(sig); err != nil {
261+
return nil, err
262+
}
263+
P.Add(&P, &Q)
264+
}
265+
return P.BytesCompressed(), nil
266+
267+
default:
268+
panic(ErrInvalid)
269+
}
272270
}
273271

274-
func VerifyAggregate[K KeyGroup](pubs []PublicKey[K], msgs [][]byte, sig Signature) bool {
272+
func VerifyAggregate[K KeyGroup](pubs []*PublicKey[K], msgs [][]byte, aggSig Signature) bool {
275273
if len(pubs) != len(msgs) || len(pubs) == 0 || len(msgs) == 0 {
276274
return false
277275
}
278276

279-
setMsgs := make(map[string][]PublicKey[K], len(pubs))
277+
n := len(pubs)
278+
listG1 := make([]*GG.G1, n+1)
279+
listG2 := make([]*GG.G2, n+1)
280+
listExp := make([]int, n+1)
281+
280282
switch (interface{})(pubs).(type) {
281-
case []PublicKey[G1]:
283+
case []*PublicKey[G1]:
282284
for i := range msgs {
283-
s := hex.EncodeToString(msgs[i])
284-
setMsgs[s] = append(setMsgs[s], pubs[i])
285+
listG2[i] = new(GG.G2)
286+
listG2[i].Hash(msgs[i], []byte(dstG2))
287+
288+
xP := (interface{})(pubs[i].key).(G1)
289+
listG1[i] = &xP.g
290+
listExp[i] = 1
285291
}
286-
return false
287292

288-
case []PublicKey[G2]:
289-
return false
293+
listG2[n] = new(GG.G2)
294+
err := listG2[n].SetBytes(aggSig)
295+
if err != nil {
296+
return false
297+
}
298+
listG1[n] = GG.G1Generator()
299+
listExp[n] = -1
300+
301+
case []*PublicKey[G2]:
302+
for i := range msgs {
303+
listG1[i] = new(GG.G1)
304+
listG1[i].Hash(msgs[i], []byte(dstG1))
305+
306+
xP := (interface{})(pubs[i].key).(G2)
307+
listG2[i] = &xP.g
308+
listExp[i] = 1
309+
}
310+
311+
listG1[n] = new(GG.G1)
312+
err := listG1[n].SetBytes(aggSig)
313+
if err != nil {
314+
return false
315+
}
316+
listG2[n] = GG.G2Generator()
317+
listExp[n] = -1
290318

291319
default:
292320
panic(ErrInvalid)
293321
}
322+
323+
C := GG.ProdPairFrac(listG1, listG2, listExp)
324+
return C.IsIdentity()
294325
}
295326

296327
var (

sign/bls/bls_test.go

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ import (
44
"bytes"
55
"crypto/rand"
66
"encoding"
7+
"fmt"
78
"testing"
89

910
"github.com/cloudflare/circl/internal/test"
@@ -17,6 +18,8 @@ func TestBls(t *testing.T) {
1718
t.Run("G2/Marshal", testMarshalKeys[bls.G2])
1819
t.Run("G1/Errors", testErrors[bls.G1])
1920
t.Run("G2/Errors", testErrors[bls.G2])
21+
t.Run("G1/Aggregation", testAggregation[bls.G1])
22+
t.Run("G2/Aggregation", testAggregation[bls.G2])
2023
}
2124

2225
func testBls[K bls.KeyGroup](t *testing.T) {
@@ -92,6 +95,32 @@ func testErrors[K bls.KeyGroup](t *testing.T) {
9295
test.CheckOk(bls.Verify(pub, nil, nil) == false, "should fail: bad signature", t)
9396
}
9497

98+
func testAggregation[K bls.KeyGroup](t *testing.T) {
99+
const N = 3
100+
101+
ikm := [32]byte{}
102+
_, _ = rand.Reader.Read(ikm[:])
103+
104+
msgs := make([][]byte, N)
105+
sigs := make([]bls.Signature, N)
106+
pubKeys := make([]*bls.PublicKey[K], N)
107+
108+
for i := range sigs {
109+
priv, err := bls.KeyGen[K](ikm[:], nil, nil)
110+
test.CheckNoErr(t, err, "failed to keygen")
111+
pubKeys[i] = priv.PublicKey()
112+
113+
msgs[i] = []byte(fmt.Sprintf("Message number: %v", i))
114+
sigs[i] = bls.Sign(priv, msgs[i])
115+
}
116+
117+
aggSig, err := bls.Aggregate(*new(K), sigs)
118+
test.CheckNoErr(t, err, "failed to aggregate")
119+
120+
ok := bls.VerifyAggregate(pubKeys, msgs, aggSig)
121+
test.CheckOk(ok, "failed to verify aggregated signature", t)
122+
}
123+
95124
func BenchmarkBls(b *testing.B) {
96125
b.Run("G1", benchmarkBls[bls.G1])
97126
b.Run("G2", benchmarkBls[bls.G2])
@@ -107,6 +136,18 @@ func benchmarkBls[K bls.KeyGroup](b *testing.B) {
107136

108137
priv, _ := bls.KeyGen[K](ikm[:], salt[:], keyInfo)
109138

139+
const N = 3
140+
msgs := make([][]byte, N)
141+
sigs := make([]bls.Signature, N)
142+
pubKeys := make([]*bls.PublicKey[K], N)
143+
144+
for i := range sigs {
145+
pubKeys[i] = priv.PublicKey()
146+
147+
msgs[i] = []byte(fmt.Sprintf("Message number: %v", i))
148+
sigs[i] = bls.Sign(priv, msgs[i])
149+
}
150+
110151
b.Run("Keygen", func(b *testing.B) {
111152
for i := 0; i < b.N; i++ {
112153
_, _ = rand.Reader.Read(ikm[:])
@@ -129,4 +170,19 @@ func benchmarkBls[K bls.KeyGroup](b *testing.B) {
129170
bls.Verify(pub, msg, signature)
130171
}
131172
})
173+
174+
b.Run("Aggregate3", func(b *testing.B) {
175+
for i := 0; i < b.N; i++ {
176+
_, _ = bls.Aggregate(*new(K), sigs)
177+
}
178+
})
179+
180+
b.Run("VerifyAggregate3", func(b *testing.B) {
181+
aggSig, _ := bls.Aggregate(*new(K), sigs)
182+
183+
b.ResetTimer()
184+
for i := 0; i < b.N; i++ {
185+
_ = bls.VerifyAggregate(pubKeys, msgs, aggSig)
186+
}
187+
})
132188
}

0 commit comments

Comments
 (0)