init: v1.0.0

tpc/sm2/sm2m/outsource/os_blind_sign.go

@@ -0,0 +1,97 @@
+package outsource
+
+import (
+	"crypto/rand"
+	"errors"
+	"io"
+	"math/big"
+
+	"xdx.jelly/xgcl/grand"
+	"xdx.jelly/xgcl/he/paillier"
+	"xdx.jelly/xgcl/sm/sm2"
+)
+
+// osBlindSignContext 外包服务盲协同签名上下文. 使用NewOSBlindSignContext生成.
+
+// 与盲签名外包服务端一致
+type OSBlindSignContext struct {
+	OSSignContext
+}
+
+func NewOSBlindSignContext() *OSBlindSignContext {
+	return new(OSBlindSignContext)
+}
+
+// 盲签名客户端(与JS一致)
+type clientBlindSignContext struct {
+	pprivateKey *paillier.PrivateKey
+	r           *big.Int
+	k1pp        *big.Int
+	rnd         io.Reader
+}
+
+// NewClientBlindSignContext simple factory for creating clientBlindSignContext
+func NewClientBlindSignContext(pprivateKey *paillier.PrivateKey, rnd io.Reader) *clientBlindSignContext {
+	ctx := &clientBlindSignContext{
+		pprivateKey: pprivateKey,
+		rnd:         rnd,
+	}
+	if rnd == nil {
+		ctx.rnd = grand.Reader
+	}
+	return ctx
+}
+
+// Step1 客户端签名第一步 收到外包服务返回的pp, 返回ecipher, p给虎符服务端
+//
+// pp是外包服务第一步返回的P'=k1p*G
+// 返回ecipher = Enc_paillier(e), p = k1p * k2pp * G
+func (c *clientBlindSignContext) Step1(e []byte, pp *sm2.PublicKey) (ecipher *paillier.Cipher, p *sm2.PublicKey, err error) {
+	c.k1pp, err = rand.Int(c.rnd, sm2.OrderN())
+	if err != nil {
+		return nil, nil, err
+	}
+	x, y := sm2.Curve256.ScalarMult(pp.X, pp.Y, c.k1pp.Bytes())
+
+	p = &sm2.PublicKey{Curve: sm2.Curve(), X: x, Y: y}
+
+	ecipher, err = c.pprivateKey.Encrypt(new(big.Int).SetBytes(e), c.rnd)
+
+	return ecipher, p, err
+}
+
+// Step2 客户端签名第二步, 收到虎符服务端盲签名接口ServerBlindSign返回的rcipher, s1, s2cipher, 计算s1p, 把s1p, s2p给外包服务
+func (c *clientBlindSignContext) Step2(rcipher *paillier.Cipher, s1 *big.Int, s2cipher *paillier.Cipher) (s1p *big.Int, s2p *big.Int, err error) {
+	c.r, err = c.pprivateKey.Decrypt(rcipher)
+	if err != nil {
+		return nil, nil, err
+	}
+	c.r.Mod(c.r, sm2.OrderN())
+	if c.r.Sign() == 0 {
+		return nil, nil, errors.New("Outsource sign failed, r = 0")
+	}
+	s1p = c.k1pp
+	c.k1pp = nil
+	s1p.Mul(s1p, s1).Mod(s1p, sm2.OrderN())
+	s2p, err = c.pprivateKey.Decrypt(s2cipher)
+	s2p.Mod(s2p, sm2.OrderN())
+	if err != nil {
+		return nil, nil, err
+	}
+	return s1p, s2p, nil
+}
+
+// Step3 客户端签名第三步, 收到外包服务返回的w = Enc(s+r), 输出签名
+func (c *clientBlindSignContext) Step3(w *paillier.Cipher) (*sm2.Signature, error) {
+	s, err := c.pprivateKey.Decrypt(w)
+	if err != nil {
+		return nil, err
+	}
+	if s.Sign() == 0 {
+		return nil, errors.New("Outsource sign failed, s = 0")
+	}
+	s.Sub(s, c.r).Mod(s, sm2.OrderN())
+	r := c.r
+	c.r = nil
+	return &sm2.Signature{R: r, S: s}, nil
+}