Merge pull request #52 from HenrikWM/f-use-point-as-argument2

Changing ECPublicKeyParameters to ECPoint

Author: HenrikWM

samples/ClientServer/Client/Client.Console/Program.cs

@@ -39,7 +39,7 @@ static async Task Main(string[] args)
             var (Q, proofC, proofZ) = await _tokenApiClient.GenerateTokenAsync(ecParameters.Curve, P);
 
             // 3. Randomise the token Q, by removing the mask r: W = (1/r)*Q = k*T. Also checks that proof (c,z) is correct.
-            var W = _initiator.RandomiseToken(ecParameters, publicKey, P, Q, proofC, proofZ, r);
+            var W = _initiator.RandomiseToken(ecParameters, publicKey.Q, P, Q, proofC, proofZ, r);
 
             // 4. Verify that the token (t,W) is correct.
             var isVerified = await _tokenApiClient.VerifyTokenAsync(t, W);

src/AnonymousTokens.Client/Protocol/Initiator.cs

@@ -14,14 +14,14 @@ public interface IInitiator
         public (byte[] t, BigInteger r, ECPoint P) Initiate(ECCurve curve);
         public bool VerifyProof(
             X9ECParameters ecParameters,
-            ECPublicKeyParameters K,
+            ECPoint K,
             ECPoint P,
             ECPoint Q,
             BigInteger c,
             BigInteger z);
         public ECPoint RandomiseToken(
             X9ECParameters ecParameters,
-            ECPublicKeyParameters K,
+            ECPoint K,
             ECPoint P,
             ECPoint Q,
             BigInteger c,
@@ -72,36 +72,36 @@ public Initiator()
         /// Used by the initiator. Verifies a transcript of a Chaum-Pedersen protocol instance, using the strong Fiat-Shamir transform.
         /// </summary>
         /// <param name="ecParameters">Curve parameters</param>
-        /// <param name="K">The public key parameters for the token scheme</param>
+        /// <param name="K">The public key point for the token scheme</param>
         /// <param name="P">Point initially submitted by the initiator</param>
         /// <param name="Q">Point received from the token service</param>
         /// <param name="c">Claimed challenge from the Chaum-Pedersen proof</param>
         /// <param name="z">Response from the Chaum-Pedersen proof</param>
         /// <returns>Returns true if the proof is valid and otherwise returns false</returns>
-        public bool VerifyProof(X9ECParameters ecParameters, ECPublicKeyParameters K, ECPoint P, ECPoint Q, BigInteger c, BigInteger z)
+        public bool VerifyProof(X9ECParameters ecParameters, ECPoint K, ECPoint P, ECPoint Q, BigInteger c, BigInteger z)
         {
             // Compute X = z*G + c*K = r*G
-            ECPoint? X = ecParameters.G.Multiply(z).Add(K.Q.Multiply(c));
+            ECPoint? X = ecParameters.G.Multiply(z).Add(K.Multiply(c));
 
             // Compute Y = z*P + c*Q = r*P
             ECPoint? Y = P.Multiply(z).Add(Q.Multiply(c));
 
             // Returns true if the challenge from the proof equals the new challenge
-            return c.Equals(CPChallengeGenerator.CreateChallenge(ecParameters.G, P, K.Q, Q, X, Y));
+            return c.Equals(CPChallengeGenerator.CreateChallenge(ecParameters.G, P, K, Q, X, Y));
         }
 
         /// <summary>
         /// Used by the initiator. It first verifies that the incoming token is well-formed, and then removes the previously applied mask.
         /// </summary>
         /// <param name="ecParameters">Curve parameters</param>
-        /// <param name="K">The public key parameters for the token scheme</param>
+        /// <param name="K">The public key point for the token scheme</param>
         /// <param name="P">Masked point initially submitted to the token service</param>
         /// <param name="Q">Signed masked point returned from the token service</param>
         /// <param name="c">Claimed challenge from the Chaum-Pedersen proof</param>
         /// <param name="z">Response from the Chaum-Pedersen proof</param>
         /// <param name="r">Masking of the initial point</param>
         /// <returns>A randomised signature W on the point chosen by the initiator</returns>
-        public ECPoint RandomiseToken(X9ECParameters ecParameters, ECPublicKeyParameters K, ECPoint P, ECPoint Q, BigInteger c, BigInteger z, BigInteger r)
+        public ECPoint RandomiseToken(X9ECParameters ecParameters, ECPoint K, ECPoint P, ECPoint Q, BigInteger c, BigInteger z, BigInteger r)
         {
             ECCurve? curve = ecParameters.Curve;
 

src/Directory.Build.props

@@ -18,7 +18,7 @@
     <EmbedUntrackedSources>true</EmbedUntrackedSources>
     <Deterministic>true</Deterministic>
     <ContinuousIntegrationBuild Condition="'$(GITHUB_ACTIONS)' == 'true'">true</ContinuousIntegrationBuild>
-    <Version>1.4.1</Version>
+    <Version>2.0.0</Version>
     <RepositoryUrl>https://github.com/HenrikWM/anonymous-tokens</RepositoryUrl>
     <RepositoryType>git</RepositoryType>
     <LangVersion>latest</LangVersion>

test/AnonymousTokens.Benchmarks/Protocol.cs

@@ -73,7 +73,7 @@ public void RunProtocolEndToEnd()
             var (Q, proofC, proofZ) = _tokenGenerator.GenerateToken(_privateKey, _publicKey.Q, _ecParameters, P);
 
             // 3. Randomise the token Q, by removing the mask r: W = (1/r)*Q = k*T. Also checks that proof (c,z) is correct.
-            var W = _initiator.RandomiseToken(_ecParameters, _publicKey, P, Q, proofC, proofZ, r);
+            var W = _initiator.RandomiseToken(_ecParameters, _publicKey.Q, P, Q, proofC, proofZ, r);
 
             // 4. Verify that the token (t,W) is correct.
             var isVerified = _tokenVerifier.VerifyTokenAsync(_privateKey, _ecParameters.Curve, t, W).GetAwaiter().GetResult();
@@ -96,7 +96,7 @@ public void RunProtocolEndToEnd_WithGeneratedKeysAsync()
             var (Q, proofC, proofZ) = _tokenGenerator.GenerateToken(_privateKeyGenerated, _publicKeyGenerated.Q, _ecParameters, P);
 
             // 3. Randomise the token Q, by removing the mask r: W = (1/r)*Q = k*T. Also checks that proof (c,z) is correct.
-            var W = _initiator.RandomiseToken(_ecParameters, _publicKeyGenerated, P, Q, proofC, proofZ, r);
+            var W = _initiator.RandomiseToken(_ecParameters, _publicKeyGenerated.Q, P, Q, proofC, proofZ, r);
 
             // 4. Verify that the token (t,W) is correct.
             var isVerified = _tokenVerifier.VerifyTokenAsync(_privateKeyGenerated, _ecParameters.Curve, t, W).GetAwaiter().GetResult();

test/AnonymousTokens.UnitTests/IntegrationTests/ProtocolTests.cs

@@ -54,7 +54,7 @@ public async void Run()
             var (Q, proofC, proofZ) = _tokenGenerator.GenerateToken(_privateKey, _publicKey.Q, _ecParameters, P);
 
             // 3. Randomise the token Q, by removing the mask r: W = (1/r)*Q = k*T. Also checks that proof (c,z) is correct.
-            var W = _initiator.RandomiseToken(_ecParameters, _publicKey, P, Q, proofC, proofZ, r);
+            var W = _initiator.RandomiseToken(_ecParameters, _publicKey.Q, P, Q, proofC, proofZ, r);
 
             // 4. Verify that the token (t,W) is correct.
             var isVerified = await _tokenVerifier.VerifyTokenAsync(_privateKey, _ecParameters.Curve, t, W);
@@ -77,7 +77,7 @@ public async void Run_FailWhenSeedIsReplayed()
             var (Q, proofC, proofZ) = _tokenGenerator.GenerateToken(_privateKey, _publicKey.Q, _ecParameters, P);
 
             // 3. Randomise the token Q, by removing the mask r: W = (1/r)*Q = k*T. Also checks that proof (c,z) is correct.
-            var W = _initiator.RandomiseToken(_ecParameters, _publicKey, P, Q, proofC, proofZ, r);
+            var W = _initiator.RandomiseToken(_ecParameters, _publicKey.Q, P, Q, proofC, proofZ, r);
 
             // 4. Verify that the token (t,W) is correct.
             var isVerified = await _tokenVerifier.VerifyTokenAsync(_privateKey, _ecParameters.Curve, t, W);
@@ -107,7 +107,7 @@ public void Run_FailWhenKeysDontMatch()
             var (Q, proofC, proofZ) = _tokenGenerator.GenerateToken(_wrongPrivateKey, _publicKey.Q, _ecParameters, P);
 
             // Verify the proof
-            var isValid = _initiator.VerifyProof(_ecParameters, _publicKey, P, Q, proofC, proofZ);
+            var isValid = _initiator.VerifyProof(_ecParameters, _publicKey.Q, P, Q, proofC, proofZ);
             Assert.False(isValid, "Keys were incorrect and the proof did not get verified");
         }
 
@@ -127,7 +127,7 @@ public void Run_FailWhenTokenIsMalformed()
             var changedQ = Q.Twice();
 
             // Try randomising the token
-            var isValid = _initiator.VerifyProof(_ecParameters, _publicKey, P, changedQ, proofC, proofZ);
+            var isValid = _initiator.VerifyProof(_ecParameters, _publicKey.Q, P, changedQ, proofC, proofZ);
             Assert.False(isValid, "The token was malformed and the proof did not get verified");
         }
 
@@ -147,7 +147,7 @@ public void Run_FailWhenChallengeIsWrong()
             var changedC = proofC.Add(BigInteger.One);
 
             // Try randomising the token
-            var isValid = _initiator.VerifyProof(_ecParameters, _publicKey, P, Q, changedC, proofZ);
+            var isValid = _initiator.VerifyProof(_ecParameters, _publicKey.Q, P, Q, changedC, proofZ);
             Assert.False(isValid, "The challenge was changed and the proof did not get verified");
         }
 
@@ -167,7 +167,7 @@ public void Run_FailWhenResponseIsWrong()
             var changedZ = proofZ.Add(BigInteger.One);
 
             // Try randomising the token
-            var isValid = _initiator.VerifyProof(_ecParameters, _publicKey, P, Q, proofC, changedZ);
+            var isValid = _initiator.VerifyProof(_ecParameters, _publicKey.Q, P, Q, proofC, changedZ);
             Assert.False(isValid, "The response was changed and the proof did not get verified");
         }
 
@@ -207,7 +207,7 @@ public async void Run_FailWhenWIsInvalid()
             var (Q, proofC, proofZ) = _tokenGenerator.GenerateToken(_privateKey, _publicKey.Q, _ecParameters, P);
 
             // 3. Randomise the token Q, by removing the mask r: W = (1/r)*Q = k*T. Also checks that proof (c,z) is correct.
-            var W = _initiator.RandomiseToken(_ecParameters, _publicKey, P, Q, proofC, proofZ, r);
+            var W = _initiator.RandomiseToken(_ecParameters, _publicKey.Q, P, Q, proofC, proofZ, r);
 
             // Create a new point with invalid coordinates
             var invalidW = _ecParameters.Curve.CreatePoint(W.XCoord.ToBigInteger().Add(BigInteger.One), W.YCoord.ToBigInteger());