/* * SPDX-License-Identifier: CC0-1.0 * * Copyright (C) 2025 W. Kosior */ #ifndef PQCRYPTO_BLIND_SIG_H #define PQCRYPTO_BLIND_SIG_H #include #include #include #include #include "pqcrypto_poly.h" #include "pqcrypto_hash.h" /*** *** Definitions of types serializable as parts of other structers (but without *** exposed API functions for this). ***/ struct blind_sig_message { void * buf; size_t bytes; }; typedef struct blind_sig_message blind_sig_message_t[1]; typedef fmpz_poly_struct * blind_sig_poly_vector_t[1]; typedef void * blind_sig_n_bit_buf_t[1]; /*** *** Definitions of non-serializable types. ***/ enum blind_sig_log_level { BLIND_SIG_LOG_QUIET = 0, BLIND_SIG_LOG_ERROR = 1, BLIND_SIG_LOG_INFO_1_CONTROL = 2, BLIND_SIG_LOG_INFO_2_PARAMETERS = 3, BLIND_SIG_LOG_DEBUG_1_PHASES = 4, BLIND_SIG_LOG_DEBUG_2_VALUES = 5, }; struct blind_sig_params { /* * n — number of polynomial coefficients to work on, the computations * will be performed in a ring modulo X^n + 1 */ ulong n; /* * q_bits — number of bits of a prime quotient for a modulo field to * which polynomial coefficients will belong */ flint_bitcnt_t q_bits; /* * phi — a constant, affects completeness */ ulong phi; /* * psi — a constant, affects speed */ ulong psi; /* * d_s — maximum coefficient value for a polynomial in the private key */ ulong d_s; /* * m — number of polynomials in a private key, equal to the number of * polynomials in the */ ulong m; /* * whether to print information about performed operations to stderr */ enum blind_sig_log_level log_level; }; typedef struct blind_sig_params blind_sig_params_t[1]; typedef void (* commitment_function_t) (void * res, void const * data, size_t data_len, void const * randomness, ulong n); struct blind_sig_ctx { ulong n; ulong d_s; mod_centered_0_ctx_t key_gen_ctx; ulong m; ulong phi; ulong psi; ulong d_alpha; mod_centered_0_ctx_t alpha_gen_ctx; ulong d_epsilon_star; fmpz_t d_y; mod_centered_0_ctx_t y_commitment_gen_ctx; fmpz_t d_g_star; fmpz_t d_beta; mod_centered_0_ctx_t beta_gen_ctx; fmpz_t d_g; poly_ring_ctx_t poly_ring_ctx; blind_sig_poly_vector_t public_homomorphism; commitment_function_t public_commitment_function; hash_function_t public_hash_function; enum blind_sig_log_level log_level; }; typedef struct blind_sig_ctx blind_sig_ctx_t[1]; /*** *** Serializable structure definitions and their (de)serialization and *** deinitialization function stubs. ***/ #define FIELD(type, name) type name; #define SERIALIZABLE_STRUCT(name, fields) \ struct name { fields }; \ \ typedef struct name name##_t[1]; \ \ size_t name##_serialize(FILE * stream, name##_t const obj, \ blind_sig_ctx_t const ctx); \ \ void name##_file_serialize(const char * filename, name##_t const obj, \ blind_sig_ctx_t const ctx); \ \ size_t name##_deserialize(FILE * stream, name##_t obj, \ blind_sig_ctx_t const ctx); \ \ void name##_file_deserialize(const char * filename, name##_t obj, \ blind_sig_ctx_t const ctx); \ \ void name##_clear(name##_t obj, blind_sig_ctx_t const ctx); #include "pqcrypto_blind_sig_serializable.c" #undef FIELD #undef SERIALIZABLE_STRUCT /*** *** Declarations related to context handling. ***/ void blind_sig_ctx_init(blind_sig_ctx_t ctx, blind_sig_params_t const params); void blind_sig_ctx_clear(blind_sig_ctx_t ctx); #ifndef PQCRYPTO_BLIND_SIG_C extern blind_sig_params_t blind_sig_params_current_III, blind_sig_params_toy; #endif /*** *** Logging facility. ***/ int blind_sig_vlog(blind_sig_ctx_t const ctx, enum blind_sig_log_level message_level, char const * fmt, va_list ap); #define X(level) \ inline static int blind_sig_log_##level(blind_sig_ctx_t const ctx, \ char const * fmt, ...) { \ va_list ap; \ int result = 0; \ \ va_start(ap, fmt); \ \ result = blind_sig_vlog(ctx, BLIND_SIG_LOG_##level, fmt, ap); \ \ va_end(ap); \ \ return result; \ } X(ERROR) X(INFO_1_CONTROL) X(INFO_2_PARAMETERS) X(DEBUG_1_PHASES) X(DEBUG_2_VALUES) #undef X /*** *** Key handling function stubs. ***/ void blind_sig_key_init_gen(blind_sig_priv_key_t priv_key, blind_sig_pub_key_t pub_key, blind_sig_ctx_t const ctx); /*** *** Signature protocol-related function stubs. ***/ void blind_sig_signer_state_init(blind_sig_signer_state_t state, blind_sig_ctx_t const ctx); void blind_sig_user_state_init(blind_sig_user_state_t state, blind_sig_ctx_t const ctx); void blind_sig_proto_p1_init_do(blind_sig_proto_p1_t result, blind_sig_signer_state_t state, blind_sig_ctx_t const ctx); void blind_sig_proto_p2_init_do(blind_sig_proto_p2_t result, blind_sig_user_state_t state, blind_sig_pub_key_t const pub_key, void const * message_buf, size_t message_bytes, blind_sig_proto_p1_t const p1_result, unsigned long * retries_left, blind_sig_ctx_t const ctx); void blind_sig_proto_p3_init_do(blind_sig_proto_p3_t result, blind_sig_signer_state_t state, blind_sig_priv_key_t const priv_key, blind_sig_proto_p2_t const p2_result, blind_sig_ctx_t const ctx); /* * Also initializes and populates sig, but only of the signature could be * successfully obtained (result->needs_restart == false). */ void blind_sig_proto_p4_init_do(blind_sig_proto_p4_t result, blind_sig_t sig, blind_sig_user_state_t const state, blind_sig_proto_p3_t const p3_result, blind_sig_ctx_t const ctx); void blind_sig_proto_p5_init_do(blind_sig_proto_p5_t result, blind_sig_signer_state_t const state, blind_sig_pub_key_t const pub_key, blind_sig_proto_p4_t const p4_result, blind_sig_ctx_t const ctx); /*** *** Signature verification function stub. ***/ bool blind_sig_verify(blind_sig_t const sig, blind_sig_pub_key_t const pub_key, blind_sig_ctx_t const ctx); #endif /* PQCRYPTO_BLIND_SIG_H */