nim-abc/abc/keys.nim

import std/sugar
import std/sequtils
import pkg/blscurve as bls
import pkg/nimcrypto
import pkg/questionable

type
  PrivateKey* = distinct bls.SecretKey
  PublicKey* = distinct bls.PublicKey
  Signature* = distinct bls.Signature

func `==`*(a, b: PrivateKey): bool {.borrow.}
func `==`*(a, b: PublicKey): bool {.borrow.}
func `==`*(a, b: Signature): bool {.borrow.}

proc random*(_: type PrivateKey): PrivateKey =
  var seed = newSeq[byte](64)
  doAssert randomBytes(seed) == seed.len
  doAssert deriveMasterSecretKey(bls.SecretKey(result), seed)
  burnArray(seed)

func erase*(key: var PrivateKey) =
  burnMem(key)

func toPublicKey*(private: PrivateKey): PublicKey =
  doAssert publicFromSecret(bls.PublicKey(result), bls.SecretKey(private))

func sign*(key: PrivateKey, message: openArray[byte]): Signature =
  Signature(bls.SecretKey(key).sign(message))

func verify*(key: PublicKey,
             message: openArray[byte],
             signature: Signature): bool =
  ## TODO: not safe w.r.t. rogue public-key attack. Needs implementation of
  ## modified BLS multi-signature construction as described in:
  ## https://crypto.stanford.edu/~dabo/pubs/papers/BLSmultisig.html
  bls.PublicKey(key).verify(message, bls.Signature(signature))

func aggregate*(keys: varargs[PublicKey]): PublicKey =
  var aggregate: bls.PublicKey
  doAssert aggregateAll(aggregate, @keys.map(key => bls.PublicKey(key)))
  PublicKey(aggregate)

func aggregate*(signatures: varargs[Signature]): Signature =
  var aggregate: bls.Signature
  doAssert aggregateAll(aggregate, @signatures.map(sig => bls.Signature(sig)))
  Signature(aggregate)

func toBytes*(key: PublicKey): seq[byte] =
  var bytes: array[48, byte]
  doAssert serialize(bytes, bls.PublicKey(key))
  @bytes

func fromBytes*(_: type PublicKey, bytes: openArray[byte]): ?PublicKey =
  var key: bls.PublicKey
  if key.fromBytes(bytes):
    PublicKey(key).some
  else:
    PublicKey.none
Aggregation of public keys and signatures 2021-06-28 14:08:56 +00:00			`import std/sugar`
			`import std/sequtils`
Introduce BLS based keys 2021-06-24 12:43:17 +00:00			`import pkg/blscurve as bls`
			`import pkg/nimcrypto`
Conversion of public key to bytes 2021-06-28 10:55:12 +00:00			`import pkg/questionable`
Introduce BLS based keys 2021-06-24 12:43:17 +00:00
			`type`
			`PrivateKey* = distinct bls.SecretKey`
			`PublicKey* = distinct bls.PublicKey`
Add BLS signatures 2021-06-28 08:10:15 +00:00			`Signature* = distinct bls.Signature`
Introduce BLS based keys 2021-06-24 12:43:17 +00:00
Use func where possible 2021-06-28 08:15:03 +00:00			func `==`*(a, b: PrivateKey): bool {.borrow.}
			func `==`*(a, b: PublicKey): bool {.borrow.}
			func `==`*(a, b: Signature): bool {.borrow.}
Introduce BLS based keys 2021-06-24 12:43:17 +00:00
			`proc random*(_: type PrivateKey): PrivateKey =`
			`var seed = newSeq[byte](64)`
			`doAssert randomBytes(seed) == seed.len`
			`doAssert deriveMasterSecretKey(bls.SecretKey(result), seed)`
			`burnArray(seed)`

Use func where possible 2021-06-28 08:15:03 +00:00			`func erase*(key: var PrivateKey) =`
Introduce BLS based keys 2021-06-24 12:43:17 +00:00			`burnMem(key)`

Use func where possible 2021-06-28 08:15:03 +00:00			`func toPublicKey*(private: PrivateKey): PublicKey =`
Introduce BLS based keys 2021-06-24 12:43:17 +00:00			`doAssert publicFromSecret(bls.PublicKey(result), bls.SecretKey(private))`

Use func where possible 2021-06-28 08:15:03 +00:00			`func sign*(key: PrivateKey, message: openArray[byte]): Signature =`
Add BLS signatures 2021-06-28 08:10:15 +00:00			`Signature(bls.SecretKey(key).sign(message))`

Use func where possible 2021-06-28 08:15:03 +00:00			`func verify*(key: PublicKey,`
Add BLS signatures 2021-06-28 08:10:15 +00:00			`message: openArray[byte],`
			`signature: Signature): bool =`
			`## TODO: not safe w.r.t. rogue public-key attack. Needs implementation of`
			`## modified BLS multi-signature construction as described in:`
			`## https://crypto.stanford.edu/~dabo/pubs/papers/BLSmultisig.html`
			`bls.PublicKey(key).verify(message, bls.Signature(signature))`
Conversion of public key to bytes 2021-06-28 10:55:12 +00:00
Aggregation of public keys and signatures 2021-06-28 14:08:56 +00:00			`func aggregate*(keys: varargs[PublicKey]): PublicKey =`
			`var aggregate: bls.PublicKey`
			`doAssert aggregateAll(aggregate, @keys.map(key => bls.PublicKey(key)))`
			`PublicKey(aggregate)`

			`func aggregate*(signatures: varargs[Signature]): Signature =`
			`var aggregate: bls.Signature`
			`doAssert aggregateAll(aggregate, @signatures.map(sig => bls.Signature(sig)))`
			`Signature(aggregate)`

Conversion of public key to bytes 2021-06-28 10:55:12 +00:00			`func toBytes*(key: PublicKey): seq[byte] =`
			`var bytes: array[48, byte]`
			`doAssert serialize(bytes, bls.PublicKey(key))`
			`@bytes`

			`func fromBytes*(_: type PublicKey, bytes: openArray[byte]): ?PublicKey =`
			`var key: bls.PublicKey`
			`if key.fromBytes(bytes):`
			`PublicKey(key).some`
			`else:`
			`PublicKey.none`