diff --git a/client/loop-test/README.md b/client/loop-test/README.md index ab2ea53..f31298e 100644 --- a/client/loop-test/README.md +++ b/client/loop-test/README.md @@ -4,5 +4,6 @@ - Run the nodejs loop script: `node loop-test.js` - This will print on the screen the number of iterations each 100 iterations - And if there is an error verifying a signature, will print all the involved parameters + - signature verification is done on the JS side, but also sent to the server to verify it from the Go side diff --git a/client/loop-test/loop-test.js b/client/loop-test/loop-test.js index 8d171e2..c7f862e 100644 --- a/client/loop-test/loop-test.js +++ b/client/loop-test/loop-test.js @@ -52,6 +52,8 @@ async function verify() { verified = blindsecp256k1.verify(m, sig, signerQ); if (!verified) { errCount++; + console.log("==verification failed on client==", res.data.verification); + printPoint("signerR", signerR); printPoint("signerQ", signerQ); console.log("m:", m.toString()); @@ -63,6 +65,55 @@ async function verify() { printPoint("sig.f", sig.f); console.log("verify", verified); } + + // send to verify by the go server + let data = { + m: m.toString(), + sig: { + S: sig.s.toString(), + F: { + x: sig.f.affineX.toString(), + y: sig.f.affineY.toString() + } + }, + q: { + x: signerQ.affineX.toString(), + y: signerQ.affineY.toString() + } + }; + try { + let res = await axios.post(apiUrl+'/verify', data); + if (!res.data.verification) { + errCount++; + console.log("==verification failed on server==", res.data.verification); + + printPoint("signerR", signerR); + printPoint("signerQ", signerQ); + console.log("m:", m.toString()); + console.log("mBlinded:", mBlinded.toString()); + console.log(`userSecretData:\n a: ${userSecretData.a.toString()}\n b: ${userSecretData.b.toString()}`); + printPoint("userSecretData.f", userSecretData.f); + console.log("blinded sig:", blindedSig.toString()); + console.log("sig.s:", sig.s.toString()); + printPoint("sig.f", sig.f); + console.log("verify", verified); + } + } catch (error) { + console.error(error.response.data); + errCount++; + console.log("==verification failed on server==", error.response.data.verification); + + printPoint("signerR", signerR); + printPoint("signerQ", signerQ); + console.log("m:", m.toString()); + console.log("mBlinded:", mBlinded.toString()); + console.log(`userSecretData:\n a: ${userSecretData.a.toString()}\n b: ${userSecretData.b.toString()}`); + printPoint("userSecretData.f", userSecretData.f); + console.log("blinded sig:", blindedSig.toString()); + console.log("sig.s:", sig.s.toString()); + printPoint("sig.f", sig.f); + console.log("js verify", verified); + } } async function iteration() { diff --git a/client/loop-test/package-lock.json b/client/loop-test/package-lock.json index 6223d24..c43e53c 100644 --- a/client/loop-test/package-lock.json +++ b/client/loop-test/package-lock.json @@ -45,9 +45,9 @@ "integrity": "sha512-TosM7Yg1Ux0ZCNwwS/tW95r3q9xIZstgsUGKWaez0Cgq8Oy3qia9RGvyG/fbxlQAvigjza1d057QNQLGvYXCeg==" }, "blindsecp256k1": { - "version": "0.0.5", - "resolved": "https://registry.npmjs.org/blindsecp256k1/-/blindsecp256k1-0.0.5.tgz", - "integrity": "sha512-P+ahL3AlZY2RvtEUH7W3yidTNfDsu7yUsb2OOorEzsSE0cBovQKyBi+d883CVwbgjcW4mFFmHYgBZ0q+QOz9zQ==", + "version": "0.0.6", + "resolved": "https://registry.npmjs.org/blindsecp256k1/-/blindsecp256k1-0.0.6.tgz", + "integrity": "sha512-M+QV0G6h5FIR0eqiRkW3DySMoDoobHkr8Zrcx1kLxuvbpZaBI5NL60LI3c600TaHz4TuEJB2C2BdDWsA6JYl4w==", "requires": { "@ethersproject/keccak256": "5.0.7", "bigi": "^1.4.2", diff --git a/client/loop-test/package.json b/client/loop-test/package.json index 30fda1d..9512b3c 100644 --- a/client/loop-test/package.json +++ b/client/loop-test/package.json @@ -10,6 +10,6 @@ "license": "ISC", "dependencies": { "axios": "^0.21.1", - "blindsecp256k1": "0.0.5" + "blindsecp256k1": "0.0.6" } } diff --git a/client/loop.js b/client/loop.js index 3c662a5..424c2be 100644 --- a/client/loop.js +++ b/client/loop.js @@ -64,6 +64,20 @@ async function verify() { console.log("verify", verified); alert("ERROR") } + // send to verify by the go server + let data = { + m: mBlinded.toString(), + sig: { + s: sig.s.toString(), + f: { + x: sig.f.affineX.toString(), + y: sig.f.affineY.toString() + } + } + }; + let res = await axios.post(apiUrl+'/blindsign', data); + console.log("res", res.data); + console.log("ver by server", res.data.verification); } async function iteration() { diff --git a/main.go b/main.go index ff3c248..aa0d490 100644 --- a/main.go +++ b/main.go @@ -1,6 +1,7 @@ package main import ( + "fmt" "math/big" "net/http" @@ -48,6 +49,36 @@ func postBlindSign(c *gin.Context) { c.JSON(http.StatusOK, gin.H{"sBlind": sBlind.String()}) } +type msgPostVerify struct { + M string `json:"m"` + Sig *blindsecp256k1.Signature `json:"sig"` + Q *blindsecp256k1.PublicKey `json:"q"` +} + +func postVerify(c *gin.Context) { + var msg msgPostVerify + c.BindJSON(&msg) + + m, ok := new(big.Int).SetString(msg.M, 10) + if !ok { + c.String(http.StatusBadRequest, "can not parse m") + return + } + fmt.Println(msg.Sig.S, msg.Sig.F) + v := blindsecp256k1.Verify(m, msg.Sig, sk.Public()) + fmt.Println("v", v) + if !v { + fmt.Println("m", m) + fmt.Println("sig.s", msg.Sig.S) + fmt.Println("sig.f", msg.Sig.F) + fmt.Println("pubk", sk.Public()) + fmt.Println("q", msg.Q) + c.JSON(http.StatusNotAcceptable, gin.H{"verification": false}) + return + } + c.JSON(http.StatusOK, gin.H{"verification": v}) +} + func main() { secretRs = make(map[string]*big.Int) sk = blindsecp256k1.NewPrivateKey() @@ -56,6 +87,7 @@ func main() { r.GET("/request", getNewRequest) r.POST("/blindsign", postBlindSign) + r.POST("/verify", postVerify) r.Static("/web", "./client") r.Run("127.0.0.1:3000") diff --git a/package-lock.json b/package-lock.json new file mode 100644 index 0000000..48e341a --- /dev/null +++ b/package-lock.json @@ -0,0 +1,3 @@ +{ + "lockfileVersion": 1 +}