[−][src]Struct cryptoballot::Authenticator
An Authenticator is responsible for authenticating a voter as allowed to vote a specific ballot in an election.
An authenticator receives the following from a voter:
- Voter's bonefides (government-id, security-code, password etc).
- Election ID and Ballot ID
- blinded auth-package triplet of (
election-id
,ballot-id
,voter-public-key
)
The authenticator first checks the election-id and ballot-id against the voter's bonefides (this is implementation specific and out of scope of CryptoBallot). After satisfied that the voter is allowed to vote this election and ballot, the authenticator blind-signs the blinded triplet and returns the signature to the voter who will unblind it.
Before the election, the authenticator will generate a signing keypair for each ballot-id. Having on key per ballot ensures that the blinded triplet matches the correct election and ballot.
WARNING: The secret keys used to sign blinded triplets must NOT be used for any other purpose. Doing so can result in secret key disclosure.
Fields
id: Uuid
public_keys: BTreeMap<Uuid, AuthPublicKey>
Methods
impl Authenticator
[src]
pub fn new(
keysize: usize,
ballot_ids: &[Uuid]
) -> Result<(Self, HashMap<Uuid, RSAPrivateKey>), Error>
[src]
keysize: usize,
ballot_ids: &[Uuid]
) -> Result<(Self, HashMap<Uuid, RSAPrivateKey>), Error>
Create a new Authenticator, generating keys for provided ballot-ids.
For good security, keysize should be at least 2048 bits, and ideally 4096 bits.
WARNING: The secret keys generated here must NOT be used for any other purpose. Doing so can result in secret key disclosure.
pub fn authenticate(
&self,
secret: &RSAPrivateKey,
blinded_auth_package: &[u8]
) -> Authentication
[src]
&self,
secret: &RSAPrivateKey,
blinded_auth_package: &[u8]
) -> Authentication
Sign the blinded (election-id
, ballot-id
, voter-public-key
) auth-package triplet.
This should only be called after verifying the voter's bonefides (eg government-id, security-code, password etc) and that they are authorized to vote the requested election and ballot.
pub fn verify(
&self,
election_id: Identifier,
ballot_id: Uuid,
anonymous_key: &PublicKey,
signature: &[u8]
) -> Result<(), ValidationError>
[src]
&self,
election_id: Identifier,
ballot_id: Uuid,
anonymous_key: &PublicKey,
signature: &[u8]
) -> Result<(), ValidationError>
Verify the authenticator signature
Trait Implementations
impl Clone for Authenticator
[src]
fn clone(&self) -> Authenticator
[src]
fn clone_from(&mut self, source: &Self)
1.0.0[src]
impl Debug for Authenticator
[src]
impl<'de> Deserialize<'de> for Authenticator
[src]
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
__D: Deserializer<'de>,
[src]
__D: Deserializer<'de>,
impl Serialize for Authenticator
[src]
Auto Trait Implementations
impl RefUnwindSafe for Authenticator
impl Send for Authenticator
impl Sync for Authenticator
impl Unpin for Authenticator
impl UnwindSafe for Authenticator
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> DeserializeOwned for T where
T: Deserialize<'de>,
[src]
T: Deserialize<'de>,
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T> Same<T> for T
type Output = T
Should always be Self
impl<T> ToOwned for T where
T: Clone,
[src]
T: Clone,
type Owned = T
The resulting type after obtaining ownership.
fn to_owned(&self) -> T
[src]
fn clone_into(&self, target: &mut T)
[src]
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,
type Error = <U as TryFrom<T>>::Error
The type returned in the event of a conversion error.
fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>
[src]
impl<V, T> VZip<V> for T where
V: MultiLane<T>,
V: MultiLane<T>,