add outcome determination plus test

- also fix bug in smc_sum()
author: Markus Teich <markus.teich@stusta.mhn.de> 2016-06-28 22:05:30 +0200
committer: Markus Teich <markus.teich@stusta.mhn.de> 2016-06-28 22:05:30 +0200
commit: 7975df02197ad12b323a0b000434ff794cdc94c2 (patch)
tree: 20772708dce88cb761992b6a216cdb5d4cb30148 /crypto.c
parent: e25578ad259462ba0d8a5d8174507561ef4e900a (diff)
download: libbrandt-7975df02197ad12b323a0b000434ff794cdc94c2.tar.gz
libbrandt-7975df02197ad12b323a0b000434ff794cdc94c2.zip
1 files changed, 33 insertions, 2 deletions
diff --git a/crypto.c b/crypto.c
index f46c5df..099d3dd 100644
--- a/crypto.c
+++ b/crypto.c
@@ -594,7 +594,7 @@ smc_sum (gcry_mpi_point_t out,
        brandt_assert (NULL != out);
        /**\todo: how to copy a point more efficiently? */
        gcry_mpi_ec_add (out, ec_zero, ec_zero, ec_ctx);
-        for (uint16_t i = 0; i < len; i += step)
+        for (uint16_t i = 0; i < len * step; i += step)
                gcry_mpi_ec_add (out, out, in[i], ec_ctx);
 }
@@ -616,7 +616,7 @@ smc_gen_keyshare (struct AuctionData *ad, size_t *buflen)
        brandt_assert (ad && buflen);
        *buflen = (sizeof (struct ec_mpi) + sizeof (*proof1));
        if (NULL == (ret = calloc (1, *buflen)) ||
-            NULL == (ad->y = calloc (ad->n, sizeof (*ad->y))))
+            NULL == (ad->y = smc_init1 (ad->n)))
        {
                weprintf ("unable to alloc memory for key shares");
                return NULL;
@@ -1103,6 +1103,37 @@ quit:
 }
+int32_t
+smc_determine_outcome (struct AuctionData *ad)
+{
+        int32_t          ret = -1;
+        gcry_mpi_point_t sum_gamma = gcry_mpi_point_new (0);
+        gcry_mpi_point_t sum_phi = gcry_mpi_point_new (0);
+        brandt_assert (ad);
+        for (uint16_t j = 0; j < ad->k; j++)
+        {
+                smc_sum (sum_gamma, &ad->gamma[0][ad->i][j], ad->n, ad->n * ad->k);
+                smc_sum (sum_phi, &ad->phi[0][ad->i][j], ad->n, ad->n * ad->k);
+                gcry_mpi_ec_sub (sum_gamma, sum_gamma, sum_phi, ec_ctx);
+                if (!ec_point_cmp (sum_gamma, ec_zero))
+                {
+                        if (-1 != ret)
+                        {
+                                weprintf ("multiple winning prices detected");
+                                return -1;
+                        }
+                        ret = j;
+                }
+        }
+        gcry_mpi_point_release (sum_gamma);
+        gcry_mpi_point_release (sum_phi);
+        return ret;
+}
 /**
 * smc_zkp_dl creates a proof of knowledge of @a x with \f$v = xg\f$ where
 * \f$g\f$ is the base point on Ed25519.
author	Markus Teich <markus.teich@stusta.mhn.de>	2016-06-28 22:05:30 +0200
committer	Markus Teich <markus.teich@stusta.mhn.de>	2016-06-28 22:05:30 +0200
commit	7975df02197ad12b323a0b000434ff794cdc94c2 (patch)
tree	20772708dce88cb761992b6a216cdb5d4cb30148 /crypto.c
parent	e25578ad259462ba0d8a5d8174507561ef4e900a (diff)
download	libbrandt-7975df02197ad12b323a0b000434ff794cdc94c2.tar.gz libbrandt-7975df02197ad12b323a0b000434ff794cdc94c2.zip

diff --git a/crypto.c b/crypto.c index f46c5df..099d3dd 100644 --- a/crypto.c +++ b/crypto.c
@@ -594,7 +594,7 @@ smc_sum (gcry_mpi_point_t out,
594	brandt_assert (NULL != out);	594	brandt_assert (NULL != out);
595	/*\todo: how to copy a point more efficiently? /	595	/*\todo: how to copy a point more efficiently? /
596	gcry_mpi_ec_add (out, ec_zero, ec_zero, ec_ctx);	596	gcry_mpi_ec_add (out, ec_zero, ec_zero, ec_ctx);
597	for (uint16_t i = 0; i < len; i += step)	597	for (uint16_t i = 0; i < len * step; i += step)
598	gcry_mpi_ec_add (out, out, in[i], ec_ctx);	598	gcry_mpi_ec_add (out, out, in[i], ec_ctx);
599	}	599	}
600		600
@@ -616,7 +616,7 @@ smc_gen_keyshare (struct AuctionData ad, size_t buflen)
616	brandt_assert (ad && buflen);	616	brandt_assert (ad && buflen);
617	buflen = (sizeof (struct ec_mpi) + sizeof (proof1));	617	buflen = (sizeof (struct ec_mpi) + sizeof (proof1));
618	if (NULL == (ret = calloc (1, *buflen)) \|\|	618	if (NULL == (ret = calloc (1, *buflen)) \|\|
619	NULL == (ad->y = calloc (ad->n, sizeof (*ad->y))))	619	NULL == (ad->y = smc_init1 (ad->n)))
620	{	620	{
621	weprintf ("unable to alloc memory for key shares");	621	weprintf ("unable to alloc memory for key shares");
622	return NULL;	622	return NULL;
@@ -1103,6 +1103,37 @@ quit:
1103	}	1103	}
1104		1104
1105		1105
		1106	int32_t
		1107	smc_determine_outcome (struct AuctionData *ad)
		1108	{
		1109	int32_t ret = -1;
		1110	gcry_mpi_point_t sum_gamma = gcry_mpi_point_new (0);
		1111	gcry_mpi_point_t sum_phi = gcry_mpi_point_new (0);
		1112
		1113	brandt_assert (ad);
		1114
		1115	for (uint16_t j = 0; j < ad->k; j++)
		1116	{
		1117	smc_sum (sum_gamma, &ad->gamma[0][ad->i][j], ad->n, ad->n * ad->k);
		1118	smc_sum (sum_phi, &ad->phi[0][ad->i][j], ad->n, ad->n * ad->k);
		1119	gcry_mpi_ec_sub (sum_gamma, sum_gamma, sum_phi, ec_ctx);
		1120	if (!ec_point_cmp (sum_gamma, ec_zero))
		1121	{
		1122	if (-1 != ret)
		1123	{
		1124	weprintf ("multiple winning prices detected");
		1125	return -1;
		1126	}
		1127	ret = j;
		1128	}
		1129	}
		1130
		1131	gcry_mpi_point_release (sum_gamma);
		1132	gcry_mpi_point_release (sum_phi);
		1133	return ret;
		1134	}
		1135
		1136
1106	/**	1137	/**
1107	* smc_zkp_dl creates a proof of knowledge of @a x with \f$v = xg\f$ where	1138	* smc_zkp_dl creates a proof of knowledge of @a x with \f$v = xg\f$ where
1108	* \f$g\f$ is the base point on Ed25519.	1139	* \f$g\f$ is the base point on Ed25519.