threshold_crypto 0.4.0

Pairing threshold cryptography
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57

use bincode::{deserialize, serialize};
use serde::{Deserialize, Serialize};
use threshold_crypto::{PublicKey, SecretKey, Signature};

#[derive(Deserialize, Serialize)]
struct SignedMsg {
    msg: Vec<u8>,
    sig: Signature,
}

#[derive(Debug)]
struct KeyPair {
    sk: SecretKey,
    pk: PublicKey,
}

impl KeyPair {
    fn random() -> Self {
        let sk = SecretKey::random();
        let pk = sk.public_key();
        KeyPair { sk, pk }
    }

    fn create_signed_msg(&self, msg: &[u8]) -> SignedMsg {
        let sig = self.sk.sign(msg);
        let msg = msg.to_vec();
        SignedMsg { msg, sig }
    }
}

fn main() {
    // Alice and Bob each generate a public/private key-pair.
    //
    // Note: it is against best practices to use the same key-pair for both encryption/decryption
    // and signing. The following example could be interpreted as advocating this, which it is not
    // meant to. This is just a basic example. In this example, Bob's key-pair is used for signing
    // where as Alice's is used for encryption/decryption.
    let alice = KeyPair::random();
    let bob = KeyPair::random();

    // Bob wants to send Alice a message. He signs the plaintext message with his secret key. He
    // then encrypts the signed message with Alice's public key.
    let msg = b"let's get pizza";
    let signed_msg = bob.create_signed_msg(msg);
    let serialized = serialize(&signed_msg).expect("Failed to serialize `SignedMsg`");
    let ciphertext = alice.pk.encrypt(&serialized);

    // Alice receives Bob's encrypted message. She decrypts the message using her secret key. She
    // then verifies that the signature of the plaintext is valid using Bob's public key.
    let decrypted = alice.sk.decrypt(&ciphertext).expect("Invalid ciphertext");
    let deserialized: SignedMsg =
        deserialize(&decrypted).expect("Failed to deserialize bytes to `SignedMsg`");
    assert!(bob.pk.verify(&deserialized.sig, &deserialized.msg));

    // We assert that the message that Alice received is the same message that Bob sent.
    assert_eq!(msg, &deserialized.msg[..]);
}