include/bls.hpp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158

#pragma once
/**
    @file
    @brief BLS threshold signature on BN curve
    @author MITSUNARI Shigeo(@herumi)
    @license modified new BSD license
    http://opensource.org/licenses/BSD-3-Clause
*/
#include <vector>
#include <string>
#include <iosfwd>

namespace bls {

namespace impl {

struct PublicKey;
struct PrivateKey;
struct Sign;
struct MasterPublicKey;

} // bls::impl

/*
    e : G2 x G1 -> Fp12
    Q in G2 ; fixed global parameter
    H : {str} -> G1
    s : private key
    sQ ; public key
    s H(m) ; signature of m
    verify ; e(sQ, H(m)) = e(Q, s H(m))
*/
void init();

class Sign {
    impl::Sign *self_;
    int id_;
    friend class PublicKey;
    friend class PrivateKey;
    template<class G, class T>
    friend void LagrangeInterpolation(G& r, const T& vec);
public:
    Sign();
    ~Sign();
    Sign(const Sign& rhs);
    Sign& operator=(const Sign& rhs);
    bool operator==(const Sign& rhs) const;
    bool operator!=(const Sign& rhs) const { return !(*this == rhs); }
    int getId() const { return id_; }
    friend std::ostream& operator<<(std::ostream& os, const Sign& s);
    friend std::istream& operator>>(std::istream& is, Sign& s);
    /*
        recover sign from k signVec
    */
    void recover(const std::vector<Sign>& signVec);
    /*
        add signature key only if id_ == 0
    */
    void add(const Sign& rhs);
};

/*
    (Q, sQ, c_1 Q, ..., c_{k-1}Q)
    s = c_0 ; private key
    c_1, ..., c_{k-1} ; secret sharing
    f(x) = c_0 + c_1 x + ... + c_{k-1} x^{k-1}
    f(id) ; private key for user id(>0)
*/
class MasterPublicKey {
    impl::MasterPublicKey *self_;
    friend class PrivateKey;
    friend class PublicKey;
public:
    MasterPublicKey();
    ~MasterPublicKey();
    MasterPublicKey(const MasterPublicKey& rhs);
    MasterPublicKey& operator=(const MasterPublicKey& rhs);
    bool operator==(const MasterPublicKey& rhs) const;
    bool operator!=(const MasterPublicKey& rhs) const { return !(*this == rhs); }
    friend std::ostream& operator<<(std::ostream& os, const MasterPublicKey& mpk);
    friend std::istream& operator>>(std::istream& is, MasterPublicKey& mpk);
};

/*
    sQ ; public key
*/
class PublicKey {
    impl::PublicKey *self_;
    int id_;
    friend class PrivateKey;
    template<class G, class T>
    friend void LagrangeInterpolation(G& r, const T& vec);
public:
    PublicKey();
    ~PublicKey();
    PublicKey(const PublicKey& rhs);
    PublicKey& operator=(const PublicKey& rhs);
    bool operator==(const PublicKey& rhs) const;
    bool operator!=(const PublicKey& rhs) const { return !(*this == rhs); }
    int getId() const { return id_; }
    friend std::ostream& operator<<(std::ostream& os, const PublicKey& pub);
    friend std::istream& operator>>(std::istream& is, PublicKey& pub);
    bool verify(const Sign& sign, const std::string& m) const;
    /*
        recover publicKey from k pubVec
    */
    void recover(const std::vector<PublicKey>& pubVec);
    /*
        validate self by MasterPublicKey
    */
    bool isValid(const MasterPublicKey& mpk) const;
    /*
        add public key only if id_ == 0
    */
    void add(const PublicKey& rhs);
};

/*
    s ; private key
*/
class PrivateKey {
    impl::PrivateKey *self_;
    int id_; // master if id_ = 0, shared if id_ > 0
    template<class G, class T>
    friend void LagrangeInterpolation(G& r, const T& vec);
public:
    PrivateKey();
    ~PrivateKey();
    PrivateKey(const PrivateKey& rhs);
    PrivateKey& operator=(const PrivateKey& rhs);
    bool operator==(const PrivateKey& rhs) const;
    bool operator!=(const PrivateKey& rhs) const { return !(*this == rhs); }
    int getId() const { return id_; }
    friend std::ostream& operator<<(std::ostream& os, const PrivateKey& prv);
    friend std::istream& operator>>(std::istream& is, PrivateKey& prv);
    void init();
    void getPublicKey(PublicKey& pub) const;
    void sign(Sign& sign, const std::string& m) const;
    /*
        k-out-of-n secret sharing of privateKey
        set verifier if mpk is not 0
    */
    void share(std::vector<PrivateKey>& prvVec, int n, int k, MasterPublicKey *mpk = 0);
    /*
        recover privateKey from k prvVec
    */
    void recover(const std::vector<PrivateKey>& prvVec);
    /*
        add private key only if id_ == 0
    */
    void add(const PrivateKey& rhs);
};

inline Sign operator+(const Sign& a, const Sign& b) { Sign r(a); r.add(b); return r; }
inline PublicKey operator+(const PublicKey& a, const PublicKey& b) { PublicKey r(a); r.add(b); return r; }
inline PrivateKey operator+(const PrivateKey& a, const PrivateKey& b) { PrivateKey r(a); r.add(b); return r; }

} //bls