forked from maidsafe/blsttc
-
Notifications
You must be signed in to change notification settings - Fork 0
/
basic_pkc.rs
57 lines (49 loc) · 2.04 KB
/
basic_pkc.rs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
use bincode::{deserialize, serialize};
use blsttc::{PublicKey, SecretKey, Signature};
use serde::{Deserialize, Serialize};
#[derive(Deserialize, Serialize)]
struct SignedMsg {
msg: Vec<u8>,
sig: Signature,
}
#[derive(Debug)]
struct KeyPair {
sk: SecretKey,
pk: PublicKey,
}
impl KeyPair {
fn random() -> Self {
let sk = SecretKey::random();
let pk = sk.public_key();
KeyPair { sk, pk }
}
fn create_signed_msg(&self, msg: &[u8]) -> SignedMsg {
let sig = self.sk.sign(msg);
let msg = msg.to_vec();
SignedMsg { msg, sig }
}
}
fn main() {
// Alice and Bob each generate a public/private key-pair.
//
// Note: it is against best practices to use the same key-pair for both encryption/decryption
// and signing. The following example could be interpreted as advocating this, which it is not
// meant to. This is just a basic example. In this example, Bob's key-pair is used for signing
// where as Alice's is used for encryption/decryption.
let alice = KeyPair::random();
let bob = KeyPair::random();
// Bob wants to send Alice a message. He signs the plaintext message with his secret key. He
// then encrypts the signed message with Alice's public key.
let msg = b"let's get pizza";
let signed_msg = bob.create_signed_msg(msg);
let serialized = serialize(&signed_msg).expect("Failed to serialize `SignedMsg`");
let ciphertext = alice.pk.encrypt(serialized);
// Alice receives Bob's encrypted message. She decrypts the message using her secret key. She
// then verifies that the signature of the plaintext is valid using Bob's public key.
let decrypted = alice.sk.decrypt(&ciphertext).expect("Invalid ciphertext");
let deserialized: SignedMsg =
deserialize(&decrypted).expect("Failed to deserialize bytes to `SignedMsg`");
assert!(bob.pk.verify(&deserialized.sig, &deserialized.msg));
// We assert that the message that Alice received is the same message that Bob sent.
assert_eq!(msg, &deserialized.msg[..]);
}