|
|
@ -93,8 +93,8 @@ export function blind(m: BigInteger, signerR: Point): { mBlinded: BigInteger, us |
|
|
const ainvrx = ainv.multiply(rx) |
|
|
const ainvrx = ainv.multiply(rx) |
|
|
|
|
|
|
|
|
const mHex = m.toString(16) |
|
|
const mHex = m.toString(16) |
|
|
const hHex = keccak256('0x' + mHex) |
|
|
|
|
|
const h = BigInteger.fromHex(hHex.slice(2)) |
|
|
|
|
|
|
|
|
const hHex = keccak256('0x' + zeroPad(mHex, 32)).substr(2) |
|
|
|
|
|
const h = BigInteger.fromHex(hHex) |
|
|
const mBlinded = ainvrx.multiply(h) |
|
|
const mBlinded = ainvrx.multiply(h) |
|
|
|
|
|
|
|
|
return { mBlinded: mBlinded.mod(n), userSecretData: u } |
|
|
return { mBlinded: mBlinded.mod(n), userSecretData: u } |
|
|
@ -121,8 +121,8 @@ export function verify(m: BigInteger, s: UnblindedSignature, q: Point) { |
|
|
const sG = G.multiply(s.s) |
|
|
const sG = G.multiply(s.s) |
|
|
|
|
|
|
|
|
const mHex = m.toString(16) |
|
|
const mHex = m.toString(16) |
|
|
const hHex = keccak256('0x' + mHex) |
|
|
|
|
|
const h = BigInteger.fromHex(hHex.slice(2)) |
|
|
|
|
|
|
|
|
const hHex = keccak256('0x' + zeroPad(mHex, 32)).substr(2) |
|
|
|
|
|
const h = BigInteger.fromHex(hHex) |
|
|
|
|
|
|
|
|
const rx = s.f.affineX.mod(n) |
|
|
const rx = s.f.affineX.mod(n) |
|
|
const right = s.f.add( |
|
|
const right = s.f.add( |
|
|
@ -147,3 +147,11 @@ function random(bytes: number) { |
|
|
} while (k.toString() == '0' && k.gcd(n).toString() != '1') |
|
|
} while (k.toString() == '0' && k.gcd(n).toString() != '1') |
|
|
return k |
|
|
return k |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
function zeroPad(hexString: string, byteLength: number) { |
|
|
|
|
|
if (hexString.length > (byteLength * 2)) throw new Error("Out of bounds") |
|
|
|
|
|
while (hexString.length < (byteLength * 2)) { |
|
|
|
|
|
hexString = "0" + hexString |
|
|
|
|
|
} |
|
|
|
|
|
return hexString |
|
|
|
|
|
} |
arnau
3 years ago
GitHub