From 6b561ddd99ff148a9bca60fb77820dd544a5438a Mon Sep 17 00:00:00 2001
From: Rudolf Polzer <divVerent@xonotic.org>
Date: Thu, 25 Nov 2010 16:05:06 +0100
Subject: [PATCH] now: "detached" signatures (not including the plaintext)

---
 d0_blind_id.c | 26 ++++++++++++++++++++++----
 d0_blind_id.h |  2 ++
 2 files changed, 24 insertions(+), 4 deletions(-)

diff --git a/d0_blind_id.c b/d0_blind_id.c
index a7a1c96..ceda636 100644
--- a/d0_blind_id.c
+++ b/d0_blind_id.c
@@ -1045,7 +1045,7 @@ fail:
 	return 0;
 }
 
-D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_sign_with_private_id_sign(d0_blind_id_t *ctx, D0_BOOL is_first, D0_BOOL send_modulus, const char *message, size_t msglen, char *outbuf, size_t *outbuflen)
+D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_sign_with_private_id_sign_internal(d0_blind_id_t *ctx, D0_BOOL is_first, D0_BOOL send_modulus, D0_BOOL with_msg, const char *message, size_t msglen, char *outbuf, size_t *outbuflen)
 {
 	d0_iobuf_t *out = NULL;
 	static unsigned char convbuf[1024];
@@ -1098,7 +1098,8 @@ D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_sign_with_private_id_sign(d0_blind_id_
 	CHECK(d0_iobuf_write_bignum(out, temp2));
 
 	// write the message itself
-	CHECK(d0_iobuf_write_packet(out, message, msglen));
+	if(with_msg)
+		CHECK(d0_iobuf_write_packet(out, message, msglen));
 
 	return d0_iobuf_close(out, outbuflen);
 
@@ -1106,8 +1107,16 @@ fail:
 	d0_iobuf_close(out, outbuflen);
 	return 0;
 }
+D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_sign_with_private_id_sign(d0_blind_id_t *ctx, D0_BOOL is_first, D0_BOOL send_modulus, const char *message, size_t msglen, char *outbuf, size_t *outbuflen)
+{
+	return d0_blind_id_sign_with_private_id_sign_internal(ctx, is_first, send_modulus, 1, message, msglen, outbuf, outbuflen);
+}
+D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_sign_with_private_id_sign_detached(d0_blind_id_t *ctx, D0_BOOL is_first, D0_BOOL send_modulus, const char *message, size_t msglen, char *outbuf, size_t *outbuflen)
+{
+	return d0_blind_id_sign_with_private_id_sign_internal(ctx, is_first, send_modulus, 0, message, msglen, outbuf, outbuflen);
+}
 
-D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_sign_with_private_id_verify(d0_blind_id_t *ctx, D0_BOOL is_first, D0_BOOL recv_modulus, const char *inbuf, size_t inbuflen, char *msg, size_t *msglen, D0_BOOL *status)
+D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_sign_with_private_id_verify_internal(d0_blind_id_t *ctx, D0_BOOL is_first, D0_BOOL recv_modulus, D0_BOOL with_msg, const char *inbuf, size_t inbuflen, char *msg, size_t *msglen, D0_BOOL *status)
 {
 	d0_iobuf_t *in = NULL;
 	d0_iobuf_t *conv = NULL;
@@ -1172,7 +1181,8 @@ D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_sign_with_private_id_verify(d0_blind_i
 	CHECK(d0_dl_get_order(temp4, ctx->schnorr_G));
 	CHECK(d0_iobuf_read_bignum(in, temp0)); // e == H(m || g^r)
 	CHECK(d0_iobuf_read_bignum(in, temp1)); // x == (r - s*e) mod |G|
-	CHECK(d0_iobuf_read_packet(in, msg, msglen));
+	if(with_msg)
+		CHECK(d0_iobuf_read_packet(in, msg, msglen));
 
 	// VERIFY: g^x * (g^s)^-e = g^(x - s*e) = g^r
 
@@ -1209,6 +1219,14 @@ fail:
 	d0_iobuf_close(in, NULL);
 	return 0;
 }
+D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_sign_with_private_id_verify(d0_blind_id_t *ctx, D0_BOOL is_first, D0_BOOL recv_modulus, const char *inbuf, size_t inbuflen, char *msg, size_t *msglen, D0_BOOL *status)
+{
+	return d0_blind_id_sign_with_private_id_verify_internal(ctx, is_first, recv_modulus, 1, inbuf, inbuflen, msg, msglen, status);
+}
+D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_sign_with_private_id_verify_detached(d0_blind_id_t *ctx, D0_BOOL is_first, D0_BOOL recv_modulus, const char *inbuf, size_t inbuflen, const char *msg, size_t msglen, D0_BOOL *status)
+{
+	return d0_blind_id_sign_with_private_id_verify_internal(ctx, is_first, recv_modulus, 0, inbuf, inbuflen, (char *) msg, &msglen, status);
+}
 
 D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_fingerprint64_public_id(const d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen)
 {
diff --git a/d0_blind_id.h b/d0_blind_id.h
index a5ce51a..bea9245 100644
--- a/d0_blind_id.h
+++ b/d0_blind_id.h
@@ -71,7 +71,9 @@ D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_authenticate_with_private_id
 D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_authenticate_with_private_id_verify(d0_blind_id_t *ctx, const char *inbuf, size_t inbuflen, char *msg, size_t *msglen, D0_BOOL *status);
 D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_authenticate_with_private_id_generate_missing_signature(d0_blind_id_t *ctx);
 D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_sign_with_private_id_sign(d0_blind_id_t *ctx, D0_BOOL is_first, D0_BOOL send_modulus, const char *message, size_t msglen, char *outbuf, size_t *outbuflen);
+D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_sign_with_private_id_sign_detached(d0_blind_id_t *ctx, D0_BOOL is_first, D0_BOOL send_modulus, const char *message, size_t msglen, char *outbuf, size_t *outbuflen);
 D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_sign_with_private_id_verify(d0_blind_id_t *ctx, D0_BOOL is_first, D0_BOOL recv_modulus, const char *inbuf, size_t inbuflen, char *msg, size_t *msglen, D0_BOOL *status);
+D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_sign_with_private_id_verify_detached(d0_blind_id_t *ctx, D0_BOOL is_first, D0_BOOL recv_modulus, const char *inbuf, size_t inbuflen, const char *msg, size_t msglen, D0_BOOL *status);
 D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_fingerprint64_public_id(const d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen);
 D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_sessionkey_public_id(const d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen); // can only be done after successful key exchange, this performs a modpow; key length is limited by SHA_DIGESTSIZE for now; also ONLY valid after successful d0_blind_id_authenticate_with_private_id_verify/d0_blind_id_fingerprint64_public_id
 
-- 
2.39.2