init: v1.0.0
This commit is contained in:
yaole
@@ -0,0 +1,113 @@
|
||||
package dkgc
|
||||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"io"
|
||||
"math/big"
|
||||
|
||||
"xdx.jelly/xgcl/sm/sm9"
|
||||
)
|
||||
|
||||
type DoubleKGC struct {
|
||||
ks sm9.MastSignPrivateKey
|
||||
commonPubs sm9.MastSignPublicKey
|
||||
}
|
||||
|
||||
func (dk *DoubleKGC) GenerateMastKey() {
|
||||
|
||||
}
|
||||
|
||||
var alpha = big.NewInt(2)
|
||||
var alphaInv = new(big.Int).ModInverse(alpha, sm9.Order())
|
||||
|
||||
func ComputeHHat(id []byte) (*big.Int, *big.Int, bool) {
|
||||
h1 := sm9.H1(id, []byte{0x01})
|
||||
hh := new(big.Int).ModSqrt(h1, sm9.Order())
|
||||
if hh == nil {
|
||||
hh = new(big.Int).Lsh(h1, 1)
|
||||
hh.ModSqrt(hh, sm9.Order())
|
||||
return h1, hh, false
|
||||
}
|
||||
return h1, hh, true
|
||||
}
|
||||
|
||||
func UserRandom0(reader io.Reader, basePoint *sm9.G1) (*big.Int, *sm9.G1, error) {
|
||||
r, err := rand.Int(reader, sm9.Order())
|
||||
if err != nil || r.Sign() == 0 {
|
||||
return nil, nil, err
|
||||
}
|
||||
R := &sm9.G1{}
|
||||
R.ScalarMult(basePoint, r)
|
||||
return r, R, nil
|
||||
}
|
||||
|
||||
func KGC1ComputeData(reader io.Reader, R *sm9.G1, ks *sm9.MastSignPrivateKey, hh *big.Int) (*big.Int, *sm9.G1, error) {
|
||||
r, err := rand.Int(reader, sm9.Order())
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
|
||||
t1 := new(big.Int).Add(hh, &ks.Int)
|
||||
t1.Mod(t1, sm9.Order())
|
||||
if t1.Sign() == 0 {
|
||||
panic("Got zero of t1")
|
||||
}
|
||||
t1.ModInverse(t1, sm9.Order())
|
||||
t1.Mul(t1, r)
|
||||
t1.Mod(t1, sm9.Order())
|
||||
|
||||
r.ModInverse(r, sm9.Order())
|
||||
T1 := new(sm9.G1).ScalarMult(R, r)
|
||||
return t1, T1, nil
|
||||
}
|
||||
|
||||
func KGC2ComputeData(T1 *sm9.G1, ks *sm9.MastSignPrivateKey, hh *big.Int) (*sm9.G1, error) {
|
||||
t2 := new(big.Int).Add(hh, &ks.Int)
|
||||
t2.ModInverse(t2, sm9.Order())
|
||||
T2 := new(sm9.G1).ScalarMult(T1, t2)
|
||||
return T2, nil
|
||||
}
|
||||
|
||||
func UserComputeSignKey(id []byte, t1 *big.Int, T2 *sm9.G1, r *big.Int, pubs1, pubs2, pubs *sm9.MastSignPublicKey, basePoint *sm9.G1) (*sm9.UserSignKey, *sm9.MastSignPublicKey, error) {
|
||||
h1, hh, isSquare := ComputeHHat(id)
|
||||
rInv := new(big.Int).ModInverse(r, sm9.Order())
|
||||
if isSquare {
|
||||
// h1 is square
|
||||
d := new(big.Int).Mul(h1, t1)
|
||||
d.Mul(d, rInv)
|
||||
d.Mod(d, sm9.Order())
|
||||
ds := new(sm9.G1).ScalarMult(T2, d)
|
||||
ds.Neg(ds)
|
||||
// ds.Add(ds, sm9.G1Generator())
|
||||
ds.Add(ds, basePoint)
|
||||
|
||||
g := new(sm9.G2).Add(&pubs1.G2, &pubs2.G2)
|
||||
g.ScalarMult(g, hh)
|
||||
g.Add(g, &pubs.G2)
|
||||
return &sm9.UserSignKey{
|
||||
G1: *ds,
|
||||
}, &sm9.MastSignPublicKey{
|
||||
G2: *g,
|
||||
}, nil
|
||||
} else {
|
||||
d := new(big.Int).Mul(h1, t1)
|
||||
d.Mul(d, rInv)
|
||||
d.Mul(d, alpha)
|
||||
d.Mod(d, sm9.Order())
|
||||
|
||||
ds := new(sm9.G1).ScalarMult(T2, d)
|
||||
ds.Neg(ds)
|
||||
// ds.Add(ds, sm9.G1Generator())
|
||||
ds.Add(ds, basePoint)
|
||||
|
||||
g := new(sm9.G2).Add(&pubs1.G2, &pubs2.G2)
|
||||
g.ScalarMult(g, hh)
|
||||
g.ScalarMult(g, alphaInv)
|
||||
g.Add(g, new(sm9.G2).ScalarMult(&pubs.G2, alphaInv))
|
||||
return &sm9.UserSignKey{
|
||||
G1: *ds,
|
||||
}, &sm9.MastSignPublicKey{
|
||||
G2: *g,
|
||||
}, nil
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user