1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
extern crate bellman_ce;
use std::io::{
self,
Read,
Write,
};
use bellman_ce::pairing::{
EncodedPoint,
CurveAffine,
bn256::{
Fr,
G1Affine,
G1Uncompressed,
G2Affine,
G2Uncompressed
}
};
pub struct PrivateKey {
pub delta: Fr
}
#[derive(Clone)]
pub struct PublicKey {
pub delta_after: G1Affine,
pub s: G1Affine,
pub s_delta: G1Affine,
pub r_delta: G2Affine,
pub transcript: [u8; 64],
}
impl PublicKey {
pub fn write<W: Write>(
&self,
mut writer: W
) -> io::Result<()>
{
writer.write_all(self.delta_after.into_uncompressed().as_ref())?;
writer.write_all(self.s.into_uncompressed().as_ref())?;
writer.write_all(self.s_delta.into_uncompressed().as_ref())?;
writer.write_all(self.r_delta.into_uncompressed().as_ref())?;
writer.write_all(&self.transcript)?;
Ok(())
}
pub fn read<R: Read>(
mut reader: R
) -> io::Result<PublicKey>
{
let mut g1_repr = G1Uncompressed::empty();
let mut g2_repr = G2Uncompressed::empty();
reader.read_exact(g1_repr.as_mut())?;
let delta_after = g1_repr.into_affine().map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))?;
if delta_after.is_zero() {
return Err(io::Error::new(io::ErrorKind::InvalidData, "point at infinity"));
}
reader.read_exact(g1_repr.as_mut())?;
let s = g1_repr.into_affine().map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))?;
if s.is_zero() {
return Err(io::Error::new(io::ErrorKind::InvalidData, "point at infinity"));
}
reader.read_exact(g1_repr.as_mut())?;
let s_delta = g1_repr.into_affine().map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))?;
if s_delta.is_zero() {
return Err(io::Error::new(io::ErrorKind::InvalidData, "point at infinity"));
}
reader.read_exact(g2_repr.as_mut())?;
let r_delta = g2_repr.into_affine().map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))?;
if r_delta.is_zero() {
return Err(io::Error::new(io::ErrorKind::InvalidData, "point at infinity"));
}
let mut transcript = [0u8; 64];
reader.read_exact(&mut transcript)?;
Ok(PublicKey {
delta_after, s, s_delta, r_delta, transcript
})
}
}
impl PartialEq for PublicKey {
fn eq(&self, other: &PublicKey) -> bool {
self.delta_after == other.delta_after &&
self.s == other.s &&
self.s_delta == other.s_delta &&
self.r_delta == other.r_delta &&
&self.transcript[..] == &other.transcript[..]
}
}