yaole
67 lines
1.7 KiB
Go
67 lines
1.7 KiB
Go
package outsource
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"io"
|
|
"math/big"
|
|
|
|
"xdx.jelly/xgcl/he/paillier"
|
|
"xdx.jelly/xgcl/sm/sm2"
|
|
)
|
|
|
|
var nGx = new(big.Int).Set(sm2.BaseX())
|
|
var nGy = new(big.Int).Sub(sm2.Prime(), sm2.BaseY())
|
|
|
|
// OSDecrypt 外包服务器使用签名密钥解密, C1 = (x,y)
|
|
func OSDecrypt(encryptedKey *paillier.Cipher, paiPubKey *paillier.PublicKey, xC1 *big.Int, yC1 *big.Int, rnd io.Reader) (*paillier.Cipher, *big.Int, *big.Int, error) {
|
|
var k1, k2 *big.Int
|
|
var err error
|
|
for {
|
|
k1, err = rand.Int(rnd, sm2.OrderN())
|
|
if err != nil {
|
|
return nil, nil, nil, err
|
|
}
|
|
if k1.Sign() > 0 {
|
|
break
|
|
}
|
|
}
|
|
for {
|
|
k2, err = rand.Int(rnd, sm2.OrderN())
|
|
if err != nil {
|
|
return nil, nil, nil, err
|
|
}
|
|
if k2.Sign() > 0 {
|
|
break
|
|
}
|
|
}
|
|
xF, yF := sm2.Curve256.ScalarMult(xC1, yC1, k1.Bytes())
|
|
k1.ModInverse(k1, sm2.OrderN())
|
|
blind, err := paiPubKey.Encrypt(k2.Mul(k2, sm2.OrderN()), rnd)
|
|
if err != nil {
|
|
return nil, nil, nil, err
|
|
}
|
|
E := new(paillier.Cipher).HomomorphicScalarMul(encryptedKey, k1, paiPubKey)
|
|
E.HomomorphicAdd(E, blind, paiPubKey)
|
|
return E, xF, yF, nil
|
|
}
|
|
|
|
type ClientDecContext struct {
|
|
}
|
|
|
|
// 客户端先把(x,y) = C1发送给外包服务器
|
|
func (*ClientDecContext) Step1(E *paillier.Cipher, xF, yF *big.Int, paiPrivKey *paillier.PrivateKey) (*big.Int, *big.Int, error) {
|
|
e, err := paiPrivKey.Decrypt(E)
|
|
e.Mod(e, sm2.OrderN())
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
x, y := sm2.Curve256.ScalarMult(xF, yF, e.Bytes())
|
|
return x, y, nil
|
|
}
|
|
|
|
func (*ClientDecContext) Step2(cipher *sm2.Cipher, x, y *big.Int) ([]byte, error) {
|
|
ny := new(big.Int).Sub(sm2.Prime(), cipher.Y)
|
|
xJ, yJ := sm2.Curve256.Add(x, y, cipher.X, ny)
|
|
return sm2.Decrypt_aux(xJ, yJ, cipher)
|
|
}
|