Add a migration type attribute to the Migration credential

2021-05-05 15:25:32 -04:00 · 2021-05-05 15:25:32 -04:00 · 27773123a3
parent 0664dd7b45
commit 27773123a3
4 changed files with 27 additions and 8 deletions
--- a/crates/lox-library/src/cred.rs
+++ b/crates/lox-library/src/cred.rs
@ -10,7 +10,11 @@ use curve25519_dalek::scalar::Scalar;
 /// A migration credential.
 ///
 /// This credential authorizes the holder of the Lox credential with the
-/// given id to switch from bucket from_bucket to bucket to_bucket.
+/// given id to switch from bucket from_bucket to bucket to_bucket.  The
+/// mig_type attribute is 0 for trust upgrade migrations (moving from a
+/// 1-bridge untrusted bucket to a 3-bridge trusted bucket) and 1 for
+/// blockage migrations (moving buckets because the from_bucket has been
+/// blocked).
 #[derive(Debug)]
 pub struct Migration {
    pub P: RistrettoPoint,
@ -18,6 +22,7 @@ pub struct Migration {
    pub lox_id: Scalar,
    pub from_bucket: Scalar,
    pub to_bucket: Scalar,
+    pub mig_type: Scalar,
 }

 /// The main user credential in the Lox system.
--- a/crates/lox-library/src/lib.rs
+++ b/crates/lox-library/src/lib.rs
@ -249,7 +249,7 @@ impl BridgeAuth {
        // credential, each with the appropriate number of attributes
        let lox_priv = IssuerPrivKey::new(6);
        let lox_pub = IssuerPubKey::new(&lox_priv);
-        let migration_priv = IssuerPrivKey::new(3);
+        let migration_priv = IssuerPrivKey::new(4);
        let migration_pub = IssuerPubKey::new(&migration_priv);
        let migrationkey_priv = IssuerPrivKey::new(2);
        let migrationkey_pub = IssuerPubKey::new(&migrationkey_priv);
@ -297,7 +297,6 @@ impl BridgeAuth {
            single[0] = *b;
            let snum = self.bridge_table.new_bucket(&single);
            bdb.insert_openinv(snum);
-            println!("Adding {} -> {}", snum, bnum);
            self.trustup_migration_table.table.insert(snum, bnum);
        }
    }
--- a/crates/lox-library/src/migration_table.rs
+++ b/crates/lox-library/src/migration_table.rs
@ -79,6 +79,7 @@ pub fn encrypt_cred(
    id: &Scalar,
    from_bucket: &Scalar,
    to_bucket: &Scalar,
+    mig_type: &Scalar,
    Pktable: &RistrettoBasepointTable,
    migration_priv: &IssuerPrivKey,
    migrationkey_priv: &IssuerPrivKey,
@ -100,7 +101,8 @@ pub fn encrypt_cred(
        * (migration_priv.x[0]
            + migration_priv.x[1] * id
            + migration_priv.x[2] * from_bucket
-            + migration_priv.x[3] * to_bucket))
+            + migration_priv.x[3] * to_bucket
+            + migration_priv.x[4] * mig_type))
        * Btable;

    // Serialize (to_bucket, P, Q)
@ -139,7 +141,8 @@ pub fn encrypt_cred(

 /// Create an encrypted Migration credential for returning to the user
 /// in the trust promotion protocol, given the ids of the from and to
-/// buckets, and using a BridgeTable to get the bucket keys.
+/// buckets, and the migration type, and using a BridgeTable to get the
+/// bucket keys.
 ///
 /// Otherwise the same as encrypt_cred, above, except it returns an
 /// Option in case the passed ids were invalid.
@ -147,6 +150,7 @@ pub fn encrypt_cred_ids(
    id: &Scalar,
    from_id: u32,
    to_id: u32,
+    mig_type: &Scalar,
    bridgetable: &bridge_table::BridgeTable,
    Pktable: &RistrettoBasepointTable,
    migration_priv: &IssuerPrivKey,
@ -159,6 +163,7 @@ pub fn encrypt_cred_ids(
        id,
        &bridge_table::to_scalar(from_id, fromkey),
        &bridge_table::to_scalar(to_id, tokey),
+        mig_type,
        Pktable,
        migration_priv,
        migrationkey_priv,
@ -192,6 +197,7 @@ impl MigrationTable {
                    id,
                    *from_id,
                    *to_id,
+                    &self.migration_type,
                    bridgetable,
                    Pktable,
                    migration_priv,
@ -203,12 +209,14 @@ impl MigrationTable {
 }

 /// Decrypt an encrypted Migration credential given Qk, the known
-/// attributes id and from_bucket for the Migration credential, and a
-/// HashMap mapping labels to ciphertexts.
+/// attributes id and from_bucket for the Migration credential as well
+/// as the known migration type, and a HashMap mapping labels to
+/// ciphertexts.
 pub fn decrypt_cred(
    Qk: &RistrettoPoint,
    lox_id: &Scalar,
    from_bucket: &Scalar,
+    mig_type: MigrationType,
    enc_migration_table: &HashMap<[u8; 16], [u8; ENC_MIGRATION_BYTES]>,
 ) -> Option<Migration> {
    // Compute the hash of (id, from_bucket, Qk)
@ -248,5 +256,6 @@ pub fn decrypt_cred(
        lox_id: *lox_id,
        from_bucket: *from_bucket,
        to_bucket,
+        mig_type: mig_type.into(),
    })
 }
--- a/crates/lox-library/src/proto/trust_promotion.rs
+++ b/crates/lox-library/src/proto/trust_promotion.rs
@ -542,7 +542,13 @@ pub fn handle_response(state: State, resp: Response) -> Result<cred::Migration,
    let Qk = resp.EncQk.1 - (state.d * resp.EncQk.0);

    // Use Qk to locate and decrypt the Migration credential
-    match migration_table::decrypt_cred(&Qk, &state.id, &state.bucket, &resp.enc_migration_table) {
+    match migration_table::decrypt_cred(
+        &Qk,
+        &state.id,
+        &state.bucket,
+        migration_table::MigrationType::TrustUpgrade,
+        &resp.enc_migration_table,
+    ) {
        Some(m) => Ok(m),
        None => Err(ProofError::VerificationFailure),
    }