diff --git a/share/dkg/pedersen/dkg.go b/share/dkg/pedersen/dkg.go index 08683a4fd..a381d4f77 100644 --- a/share/dkg/pedersen/dkg.go +++ b/share/dkg/pedersen/dkg.go @@ -341,7 +341,10 @@ func (d *DistKeyGenerator) ProcessDeal(dd *Deal) (*Response, error) { return nil, err } - ver, _ := d.verifiers[dd.Index] + ver, ok := d.verifiers[dd.Index] + if !ok { + return nil, fmt.Errorf("missing verifiers") + } resp, err := ver.ProcessEncryptedDeal(dd.Deal) if err != nil { diff --git a/share/dkg/pedersen/dkg_test.go b/share/dkg/pedersen/dkg_test.go index ba8d875b9..a3572de67 100644 --- a/share/dkg/pedersen/dkg_test.go +++ b/share/dkg/pedersen/dkg_test.go @@ -202,6 +202,7 @@ func TestDKGProcessResponse(t *testing.T) { require.Nil(t, err) resp12, err := rec.ProcessDeal(deals2[idxRec]) + require.NoError(t, err) require.NotNil(t, resp) require.Equal(t, vss.StatusComplaint, resp12.Response.Status) require.Equal(t, deals2[idxRec].Index, uint32(dkg2.nidx)) @@ -797,7 +798,7 @@ func TestDKGResharingNewNodesThreshold(t *testing.T) { require.Equal(t, newDkgs[i].nidx, i) } - //alive := oldT - 1 + // alive := oldT - 1 alive := oldT oldSelected := make([]*DistKeyGenerator, 0, alive) selected := make(map[string]bool) @@ -1130,12 +1131,8 @@ func TestDKGResharingPartialNewNodes(t *testing.T) { newPrivs := make([]kyber.Scalar, 0, newN) newPubs := make([]kyber.Point, 0, newN) - for _, priv := range oldPrivs[1:] { - newPrivs = append(newPrivs, priv) - } - for _, pub := range oldPubs[1:] { - newPubs = append(newPubs, pub) - } + newPrivs = append(newPrivs, oldPrivs[1:]...) + newPubs = append(newPubs, oldPubs[1:]...) // add two new nodes priv1, pub1 := genPair() priv2, pub2 := genPair() diff --git a/share/dkg/rabin/dkg_test.go b/share/dkg/rabin/dkg_test.go index 2d4a29b9c..5a5ecb976 100644 --- a/share/dkg/rabin/dkg_test.go +++ b/share/dkg/rabin/dkg_test.go @@ -643,7 +643,7 @@ func genPair() (kyber.Scalar, kyber.Point) { func randomBytes(n int) []byte { var buff = make([]byte, n) - _, _ = rand.Read(buff[:]) + _, _ = rand.Read(buff) return buff } func checkDks(dks1, dks2 *DistKeyShare) bool { diff --git a/share/vss/pedersen/vss.go b/share/vss/pedersen/vss.go index fd30dc101..3f19b017c 100644 --- a/share/vss/pedersen/vss.go +++ b/share/vss/pedersen/vss.go @@ -378,7 +378,7 @@ func (v *Verifier) ProcessEncryptedDeal(e *EncryptedDeal) (*Response, error) { r.Status = StatusComplaint } - if err == errDealAlreadyProcessed { + if errors.Is(err, errDealAlreadyProcessed) { return nil, err } diff --git a/share/vss/pedersen/vss_test.go b/share/vss/pedersen/vss_test.go index e97efdd51..9876c293c 100644 --- a/share/vss/pedersen/vss_test.go +++ b/share/vss/pedersen/vss_test.go @@ -383,6 +383,7 @@ func TestVSSAggregatorVerifyResponse(t *testing.T) { // wrong index resp.Index = uint32(len(verifiersPub)) sig, err := schnorr.Sign(suite, v.longterm, resp.Hash(suite)) + assert.NoError(t, err) resp.Signature = sig assert.Error(t, aggr.verifyResponse(resp)) resp.Index = 0 diff --git a/share/vss/rabin/vss.go b/share/vss/rabin/vss.go index d9e8f06e9..2884e9984 100644 --- a/share/vss/rabin/vss.go +++ b/share/vss/rabin/vss.go @@ -8,24 +8,26 @@ // verifier can check the validity of the received share. The protocol has the // following steps: // -// 1) The dealer send a Deal to every verifiers using `Deals()`. Each deal must -// be sent securely to one verifier whose public key is at the same index than -// the index of the Deal. +// 1. The dealer send a Deal to every verifiers using `Deals()`. Each deal must +// be sent securely to one verifier whose public key is at the same index than +// the index of the Deal. // -// 2) Each verifier processes the Deal with `ProcessDeal`. -// This function returns a Response which can be twofold: -// - an approval, to confirm a correct deal -// - a complaint to announce an incorrect deal notifying others that the +// 2. Each verifier processes the Deal with `ProcessDeal`. +// This function returns a Response which can be twofold: +// - an approval, to confirm a correct deal +// - a complaint to announce an incorrect deal notifying others that the // dealer might be malicious. -// All Responses must be broadcasted to every verifiers and the dealer. -// 3) The dealer can respond to each complaint by a justification revealing the -// share he originally sent out to the accusing verifier. This is done by -// calling `ProcessResponse` on the `Dealer`. -// 4) The verifiers refuse the shared secret and abort the protocol if there -// are at least t complaints OR if a Justification is wrong. The verifiers -// accept the shared secret if there are at least t approvals at which point -// any t out of n verifiers can reveal their shares to reconstruct the shared -// secret. +// All Responses must be broadcasted to every verifiers and the dealer. +// +// 3. The dealer can respond to each complaint by a justification revealing the +// share he originally sent out to the accusing verifier. This is done by +// calling `ProcessResponse` on the `Dealer`. +// +// 4. The verifiers refuse the shared secret and abort the protocol if there +// are at least t complaints OR if a Justification is wrong. The verifiers +// accept the shared secret if there are at least t approvals at which point +// any t out of n verifiers can reveal their shares to reconstruct the shared +// secret. package vss import ( @@ -400,7 +402,7 @@ func (v *Verifier) ProcessEncryptedDeal(e *EncryptedDeal) (*Response, error) { r.Approved = false } - if err == errDealAlreadyProcessed { + if errors.Is(err, errDealAlreadyProcessed) { return nil, err } diff --git a/share/vss/rabin/vss_test.go b/share/vss/rabin/vss_test.go index 87c4c5fc3..1f33cb7f1 100644 --- a/share/vss/rabin/vss_test.go +++ b/share/vss/rabin/vss_test.go @@ -303,6 +303,7 @@ func TestVSSAggregatorVerifyJustification(t *testing.T) { d.SecShare.V = goodV j, err := dealer.ProcessResponse(resp) + assert.NoError(t, err) // invalid deal justified goodV = j.Deal.SecShare.V @@ -388,6 +389,7 @@ func TestVSSAggregatorVerifyResponse(t *testing.T) { // wrong index resp.Index = uint32(len(verifiersPub)) sig, err := schnorr.Sign(suite, v.longterm, resp.Hash(suite)) + assert.NoError(t, err) resp.Signature = sig assert.Error(t, aggr.verifyResponse(resp)) resp.Index = 0