init: v1.0.0

implicitcert/kgc.go

@@ -0,0 +1,41 @@
+package implicitcert
+
+import (
+	"fmt"
+	"io"
+	"math/big"
+
+	"xdx.jelly/xgcl/gmath"
+	"xdx.jelly/xgcl/sm/sm2"
+	"xdx.jelly/xgcl/sm/sm2/ec256"
+	"xdx.jelly/xgcl/sm/sm3"
+)
+
+var errRandomReader = fmt.Errorf("Random Reader reads error")
+
+// KGCComputeUserKey compute user's partial private key and declare public key
+// TODO if r is nil, then w=KDF(H_A‖x_U‖y_U‖ks, 8×⌈(5×(log2n))/32⌉) mod n
+func KGCComputeUserKey(id []byte,
+	userPartialPublickey *sm2.PublicKey,
+	kgcPrivateKey *sm2.PrivateKey,
+	kgcPublicKey *sm2.PublicKey,
+	r io.Reader) (kgcGeneratedUserPartialPrivateKey *sm2.PrivateKey, kgcGeneratedUserDeclarePublicKey *sm2.PublicKey, err error) {
+
+	h := sm2.PreComputeWithIdAndPubkey(id, kgcPublicKey)
+	w := make([]byte, sm2.ByteSize())
+	if n, err := r.Read(w); n < sm2.ByteSize() || err != nil {
+		return nil, nil, errRandomReader
+	}
+	// x, y := sm2.Curve().CombinedMult(userPartialPublickey.X, userPartialPublickey.Y, w, []byte{1})
+	x, y := ec256.CombinedMult(userPartialPublickey.X, userPartialPublickey.Y, w, []byte{1})
+
+	digest := sm3.Sum(gmath.BigIntToNByte(x, sm2.ByteSize()), gmath.BigIntToNByte(y, sm2.ByteSize()), h)
+	t := new(big.Int)
+	t.SetBytes(digest[:])
+	t.Mul(t, kgcPrivateKey.Get())
+	t.Mod(t, sm2.OrderN())
+	t.Add(t, new(big.Int).SetBytes(w))
+	t.Mod(t, sm2.OrderN())
+	sk := &sm2.PrivateKey{PublicKey: sm2.PublicKey{X: x, Y: y}, D: t}
+	return sk, &sk.PublicKey, nil
+}