init: v1.0.0

tpc/sm2/sm2m/outsource/os_dec.go

@@ -0,0 +1,66 @@
+package outsource
+
+import (
+	"crypto/rand"
+	"io"
+	"math/big"
+
+	"xdx.jelly/xgcl/he/paillier"
+	"xdx.jelly/xgcl/sm/sm2"
+)
+
+var nGx = new(big.Int).Set(sm2.BaseX())
+var nGy = new(big.Int).Sub(sm2.Prime(), sm2.BaseY())
+
+// OSDecrypt 外包服务器使用签名密钥解密, C1 = (x,y)
+func OSDecrypt(encryptedKey *paillier.Cipher, paiPubKey *paillier.PublicKey, xC1 *big.Int, yC1 *big.Int, rnd io.Reader) (*paillier.Cipher, *big.Int, *big.Int, error) {
+	var k1, k2 *big.Int
+	var err error
+	for {
+		k1, err = rand.Int(rnd, sm2.OrderN())
+		if err != nil {
+			return nil, nil, nil, err
+		}
+		if k1.Sign() > 0 {
+			break
+		}
+	}
+	for {
+		k2, err = rand.Int(rnd, sm2.OrderN())
+		if err != nil {
+			return nil, nil, nil, err
+		}
+		if k2.Sign() > 0 {
+			break
+		}
+	}
+	xF, yF := sm2.Curve256.ScalarMult(xC1, yC1, k1.Bytes())
+	k1.ModInverse(k1, sm2.OrderN())
+	blind, err := paiPubKey.Encrypt(k2.Mul(k2, sm2.OrderN()), rnd)
+	if err != nil {
+		return nil, nil, nil, err
+	}
+	E := new(paillier.Cipher).HomomorphicScalarMul(encryptedKey, k1, paiPubKey)
+	E.HomomorphicAdd(E, blind, paiPubKey)
+	return E, xF, yF, nil
+}
+
+type ClientDecContext struct {
+}
+
+// 客户端先把(x,y) = C1发送给外包服务器
+func (*ClientDecContext) Step1(E *paillier.Cipher, xF, yF *big.Int, paiPrivKey *paillier.PrivateKey) (*big.Int, *big.Int, error) {
+	e, err := paiPrivKey.Decrypt(E)
+	e.Mod(e, sm2.OrderN())
+	if err != nil {
+		return nil, nil, err
+	}
+	x, y := sm2.Curve256.ScalarMult(xF, yF, e.Bytes())
+	return x, y, nil
+}
+
+func (*ClientDecContext) Step2(cipher *sm2.Cipher, x, y *big.Int) ([]byte, error) {
+	ny := new(big.Int).Sub(sm2.Prime(), cipher.Y)
+	xJ, yJ := sm2.Curve256.Add(x, y, cipher.X, ny)
+	return sm2.Decrypt_aux(xJ, yJ, cipher)
+}