|
|
@@ -1,16 +1,41 @@
|
|
|
-#[cfg(feature = "bridgeauth")]
|
|
|
-use chrono::{DateTime, Utc};
|
|
|
+/*! Implementation of a new style of bridge authority for Tor that
|
|
|
+allows users to invite other users, while protecting the social graph
|
|
|
+from the bridge authority itself.
|
|
|
+
|
|
|
+We use uCMZ credentials (Orr`u, 2024 https://eprint.iacr.org/2024/1552.pdf) which improves issuer efficiency
|
|
|
+over our original CMZ14 credential (GGM version, which is more efficient, but
|
|
|
+makes a stronger security assumption) implementation: "Algebraic MACs and
|
|
|
+Keyed-Verification Anonymous Credentials" (Chase, Meiklejohn, and
|
|
|
+Zaverucha, CCS 2014)
|
|
|
+
|
|
|
+The notation follows that of the paper "Hyphae: Social Secret Sharing"
|
|
|
+(Lovecruft and de Valence, 2017), Section 4. */
|
|
|
+
|
|
|
+// We want Scalars to be lowercase letters, and Points and credentials
|
|
|
+// to be capital letters
|
|
|
+#![allow(non_snake_case)]
|
|
|
+
|
|
|
use curve25519_dalek::scalar::Scalar;
|
|
|
#[cfg(feature = "bridgeauth")]
|
|
|
use ed25519_dalek::{Signature, SignatureError, SigningKey, Verifier, VerifyingKey};
|
|
|
-#[allow(unused_imports)]
|
|
|
-use rand::rngs::OsRng;
|
|
|
use subtle::ConstantTimeEq;
|
|
|
|
|
|
+#[cfg(feature = "bridgeauth")]
|
|
|
+use chrono::{DateTime, Utc};
|
|
|
+#[cfg(feature = "bridgeauth")]
|
|
|
+use cmz::*;
|
|
|
+#[cfg(feature = "bridgeauth")]
|
|
|
+use curve25519_dalek::ristretto::RistrettoPoint as G;
|
|
|
+use rand_core::OsRng;
|
|
|
+#[cfg(feature = "bridgeauth")]
|
|
|
+use sha2::Sha512;
|
|
|
+
|
|
|
pub mod bridge_table;
|
|
|
pub mod dup_filter;
|
|
|
pub mod lox_creds;
|
|
|
+pub mod migration_table;
|
|
|
pub mod proto {
|
|
|
+ pub mod blockage_migration;
|
|
|
pub mod errors;
|
|
|
pub mod level_up;
|
|
|
pub mod open_invite;
|
|
|
@@ -19,6 +44,9 @@ pub mod proto {
|
|
|
use bridge_table::BridgeTable;
|
|
|
// BridgeLine, EncryptedBucket, MAX_BRIDGES_PER_BUCKET, MIN_BUCKET_REACHABILITY,
|
|
|
//};
|
|
|
+use lox_creds::*;
|
|
|
+#[cfg(feature = "bridgeauth")]
|
|
|
+use migration_table::{MigrationTable, MigrationType};
|
|
|
#[cfg(feature = "bridgeauth")]
|
|
|
use serde::{Deserialize, Serialize};
|
|
|
#[cfg(feature = "bridgeauth")]
|
|
|
@@ -52,9 +80,9 @@ pub struct BridgeDb {
|
|
|
#[cfg(feature = "bridgeauth")]
|
|
|
pub struct OldKeyStore {
|
|
|
// /// Most recently outdated lox secret and private keys for verifying update_cred credentials
|
|
|
- // priv_key: IssuerPrivKey,
|
|
|
+ priv_key: CMZPrivkey<G>,
|
|
|
// /// The public key for verifying update_cred credentials
|
|
|
- // pub pub_key: IssuerPubKey,
|
|
|
+ pub pub_key: CMZPubkey<G>,
|
|
|
}
|
|
|
|
|
|
#[derive(Debug, Default, Clone, Serialize, Deserialize)]
|
|
|
@@ -135,25 +163,25 @@ impl BridgeDb {
|
|
|
#[derive(Debug, Serialize, Deserialize)]
|
|
|
pub struct BridgeAuth {
|
|
|
/// The private key for the main Lox credential
|
|
|
- // lox_priv: IssuerPrivKey,
|
|
|
+ lox_priv: CMZPrivkey<G>,
|
|
|
/// The public key for the main Lox credential
|
|
|
- // pub lox_pub: IssuerPubKey,
|
|
|
+ pub lox_pub: CMZPubkey<G>,
|
|
|
/// The private key for migration credentials
|
|
|
- // migration_priv: IssuerPrivKey,
|
|
|
+ migration_priv: CMZPrivkey<G>,
|
|
|
/// The public key for migration credentials
|
|
|
- // pub migration_pub: IssuerPubKey,
|
|
|
+ pub migration_pub: CMZPubkey<G>,
|
|
|
/// The private key for migration key credentials
|
|
|
- // migrationkey_priv: IssuerPrivKey,
|
|
|
+ migrationkey_priv: CMZPrivkey<G>,
|
|
|
/// The public key for migration key credentials
|
|
|
- // pub migrationkey_pub: IssuerPubKey,
|
|
|
+ pub migrationkey_pub: CMZPubkey<G>,
|
|
|
/// The private key for bucket reachability credentials
|
|
|
- // reachability_priv: IssuerPrivKey,
|
|
|
+ reachability_priv: CMZPrivkey<G>,
|
|
|
/// The public key for bucket reachability credentials
|
|
|
- // pub reachability_pub: IssuerPubKey,
|
|
|
+ pub reachability_pub: CMZPubkey<G>,
|
|
|
/// The private key for invitation credentials
|
|
|
- // invitation_priv: IssuerPrivKey,
|
|
|
+ invitation_priv: CMZPrivkey<G>,
|
|
|
/// The public key for invitation credentials
|
|
|
- // pub invitation_pub: IssuerPubKey,
|
|
|
+ pub invitation_pub: CMZPubkey<G>,
|
|
|
|
|
|
/// The public key of the BridgeDb issuing open invitations
|
|
|
pub bridgedb_pub: VerifyingKey,
|
|
|
@@ -162,10 +190,10 @@ pub struct BridgeAuth {
|
|
|
bridge_table: BridgeTable,
|
|
|
|
|
|
// Map of bridge fingerprint to values needed to verify TP reports
|
|
|
- // pub tp_bridge_infos: HashMap<String, BridgeVerificationInfo>,
|
|
|
+ //pub tp_bridge_infos: HashMap<String, BridgeVerificationInfo>,
|
|
|
/// The migration tables
|
|
|
- // trustup_migration_table: MigrationTable,
|
|
|
- // blockage_migration_table: MigrationTable,
|
|
|
+ trustup_migration_table: MigrationTable,
|
|
|
+ blockage_migration_table: MigrationTable,
|
|
|
|
|
|
/// Duplicate filter for open invitations
|
|
|
bridgedb_pub_filter: dup_filter::DupFilter<Scalar>,
|
|
|
@@ -189,34 +217,32 @@ pub struct BridgeAuth {
|
|
|
#[cfg(feature = "bridgeauth")]
|
|
|
impl BridgeAuth {
|
|
|
pub fn new(bridgedb_pub: VerifyingKey) -> Self {
|
|
|
+ // Initialization
|
|
|
+ let mut rng = rand::thread_rng();
|
|
|
+ cmz_group_init(G::hash_from_bytes::<Sha512>(b"CMZ Generator A"));
|
|
|
// Create the private and public keys for each of the types of
|
|
|
- // credential, each with the appropriate number of attributes
|
|
|
- // let lox_priv = IssuerPrivKey::new(6);
|
|
|
- // let lox_pub = IssuerPubKey::new(&lox_priv);
|
|
|
- // let migration_priv = IssuerPrivKey::new(4);
|
|
|
- // let migration_pub = IssuerPubKey::new(&migration_priv);
|
|
|
- // let migrationkey_priv = IssuerPrivKey::new(2);
|
|
|
- // let migrationkey_pub = IssuerPubKey::new(&migrationkey_priv);
|
|
|
- // let reachability_priv = IssuerPrivKey::new(2);
|
|
|
- // let reachability_pub = IssuerPubKey::new(&reachability_priv);
|
|
|
- // let invitation_priv = IssuerPrivKey::new(4);
|
|
|
- // let invitation_pub = IssuerPubKey::new(&invitation_priv);
|
|
|
+ // credential with 'true' to indicate uCMZ
|
|
|
+ let (lox_priv, lox_pub) = Lox::gen_keys(&mut rng, true);
|
|
|
+ let (migration_priv, migration_pub) = Migration::gen_keys(&mut rng, true);
|
|
|
+ let (migrationkey_priv, migrationkey_pub) = MigrationKey::gen_keys(&mut rng, true);
|
|
|
+ let (reachability_priv, reachability_pub) = BucketReachability::gen_keys(&mut rng, true);
|
|
|
+ let (invitation_priv, invitation_pub) = Invitation::gen_keys(&mut rng, true);
|
|
|
Self {
|
|
|
- // lox_priv,
|
|
|
- // lox_pub,
|
|
|
- // migration_priv,
|
|
|
- // migration_pub,
|
|
|
- // migrationkey_priv,
|
|
|
- // migrationkey_pub,
|
|
|
- // reachability_priv,
|
|
|
- // reachability_pub,
|
|
|
- // invitation_priv,
|
|
|
- // invitation_pub,
|
|
|
+ lox_priv,
|
|
|
+ lox_pub,
|
|
|
+ migration_priv,
|
|
|
+ migration_pub,
|
|
|
+ migrationkey_priv,
|
|
|
+ migrationkey_pub,
|
|
|
+ reachability_priv,
|
|
|
+ reachability_pub,
|
|
|
+ invitation_priv,
|
|
|
+ invitation_pub,
|
|
|
bridgedb_pub,
|
|
|
bridge_table: Default::default(),
|
|
|
// tp_bridge_infos: HashMap::<String, BridgeVerificationInfo>::new(),
|
|
|
- // trustup_migration_table: MigrationTable::new(MigrationType::TrustUpgrade),
|
|
|
- // blockage_migration_table: MigrationTable::new(MigrationType::Blockage),
|
|
|
+ trustup_migration_table: MigrationTable::new(MigrationType::TrustUpgrade),
|
|
|
+ blockage_migration_table: MigrationTable::new(MigrationType::Blockage),
|
|
|
bridgedb_pub_filter: Default::default(),
|
|
|
id_filter: Default::default(),
|
|
|
inv_id_filter: Default::default(),
|
