mirror of
https://github.com/arnaucube/go-blindsecp256k1.git
synced 2026-02-07 11:36:42 +01:00
Add json Marshalers
This commit is contained in:
arnaucube
@@ -14,44 +14,9 @@ import (
|
||||
"crypto/rand"
|
||||
"math/big"
|
||||
|
||||
"github.com/btcsuite/btcd/btcec"
|
||||
"github.com/arnaucube/go-blindsecp256k1"
|
||||
)
|
||||
|
||||
var (
|
||||
// G represents the base point of secp256k1
|
||||
G *Point = &Point{
|
||||
X: btcec.S256().Gx,
|
||||
Y: btcec.S256().Gy,
|
||||
}
|
||||
|
||||
// N represents the order of G of secp256k1
|
||||
N *big.Int = btcec.S256().N
|
||||
)
|
||||
|
||||
// Point represents a point on the secp256k1 curve
|
||||
type Point struct {
|
||||
X *big.Int
|
||||
Y *big.Int
|
||||
}
|
||||
|
||||
// Add performs the Point addition
|
||||
func (p *Point) Add(q *Point) *Point {
|
||||
x, y := btcec.S256().Add(p.X, p.Y, q.X, q.Y)
|
||||
return &Point{
|
||||
X: x,
|
||||
Y: y,
|
||||
}
|
||||
}
|
||||
|
||||
// Mul performs the Point scalar multiplication
|
||||
func (p *Point) Mul(scalar *big.Int) *Point {
|
||||
x, y := btcec.S256().ScalarMult(p.X, p.Y, scalar.Bytes())
|
||||
return &Point{
|
||||
X: x,
|
||||
Y: y,
|
||||
}
|
||||
}
|
||||
|
||||
// WIP
|
||||
func newRand() *big.Int {
|
||||
var b [32]byte
|
||||
@@ -60,15 +25,12 @@ func newRand() *big.Int {
|
||||
panic(err)
|
||||
}
|
||||
bi := new(big.Int).SetBytes(b[:])
|
||||
return new(big.Int).Mod(bi, N)
|
||||
return new(big.Int).Mod(bi, blindsecp256k1.N)
|
||||
}
|
||||
|
||||
// PrivateKey represents the signer's private key
|
||||
type PrivateKey big.Int
|
||||
|
||||
// PublicKey represents the signer's public key
|
||||
type PublicKey Point
|
||||
|
||||
// NewPrivateKey returns a new random private key
|
||||
func NewPrivateKey() *PrivateKey {
|
||||
k := newRand()
|
||||
@@ -82,21 +44,16 @@ func (sk *PrivateKey) BigInt() *big.Int {
|
||||
}
|
||||
|
||||
// Public returns the PublicKey from the PrivateKey
|
||||
func (sk *PrivateKey) Public() *PublicKey {
|
||||
Q := G.Mul(sk.BigInt())
|
||||
pk := PublicKey(*Q)
|
||||
func (sk *PrivateKey) Public() *blindsecp256k1.PublicKey {
|
||||
Q := blindsecp256k1.G.Mul(sk.BigInt())
|
||||
pk := blindsecp256k1.PublicKey(*Q)
|
||||
return &pk
|
||||
}
|
||||
|
||||
// Point returns a *Point representation of the PublicKey
|
||||
func (pk *PublicKey) Point() *Point {
|
||||
return (*Point)(pk)
|
||||
}
|
||||
|
||||
// NewRequestParameters returns a new random k (secret) & R (public) parameters
|
||||
func NewRequestParameters() (*big.Int, *Point) {
|
||||
func NewRequestParameters() (*big.Int, *blindsecp256k1.Point) {
|
||||
k := newRand()
|
||||
return k, G.Mul(k) // R = kG
|
||||
return k, blindsecp256k1.G.Mul(k) // R = kG
|
||||
}
|
||||
|
||||
// BlindSign performs the blind signature on the given mBlinded using
|
||||
@@ -117,50 +74,51 @@ type UserSecretData struct {
|
||||
B *big.Int
|
||||
C *big.Int
|
||||
|
||||
F *Point // public
|
||||
F *blindsecp256k1.Point // public
|
||||
}
|
||||
|
||||
// Blind performs the blinding operation on m using SignerPublicData parameters
|
||||
func Blind(m *big.Int, signerPubK *PublicKey, signerR *Point) (*big.Int, *UserSecretData) {
|
||||
func Blind(m *big.Int, signerPubK *blindsecp256k1.PublicKey,
|
||||
signerR *blindsecp256k1.Point) (*big.Int, *UserSecretData) {
|
||||
u := &UserSecretData{}
|
||||
u.A = newRand()
|
||||
u.B = newRand()
|
||||
u.C = newRand()
|
||||
binv := new(big.Int).ModInverse(u.B, N)
|
||||
binv := new(big.Int).ModInverse(u.B, blindsecp256k1.N)
|
||||
|
||||
// F = b^-1 R + a b^-1 Q + c G
|
||||
bR := signerR.Mul(binv)
|
||||
abinv := new(big.Int).Mul(u.A, binv)
|
||||
abinv = new(big.Int).Mod(abinv, N)
|
||||
abinv = new(big.Int).Mod(abinv, blindsecp256k1.N)
|
||||
abQ := signerPubK.Point().Mul(abinv)
|
||||
cG := G.Mul(u.C)
|
||||
cG := blindsecp256k1.G.Mul(u.C)
|
||||
u.F = bR.Add(abQ).Add(cG)
|
||||
// TODO check F==O
|
||||
|
||||
r := new(big.Int).Mod(u.F.X, N)
|
||||
r := new(big.Int).Mod(u.F.X, blindsecp256k1.N)
|
||||
|
||||
// m' = br(m)+a
|
||||
br := new(big.Int).Mul(u.B, r)
|
||||
brm := new(big.Int).Mul(br, m)
|
||||
mBlinded := new(big.Int).Add(brm, u.A)
|
||||
mBlinded = new(big.Int).Mod(mBlinded, N)
|
||||
mBlinded = new(big.Int).Mod(mBlinded, blindsecp256k1.N)
|
||||
return mBlinded, u
|
||||
}
|
||||
|
||||
// Signature contains the signature values S & F
|
||||
type Signature struct {
|
||||
S *big.Int
|
||||
F *Point
|
||||
F *blindsecp256k1.Point
|
||||
}
|
||||
|
||||
// Unblind performs the unblinding operation of the blinded signature for the
|
||||
// given message m and the UserSecretData
|
||||
func Unblind(sBlind, m *big.Int, u *UserSecretData) *Signature {
|
||||
// s = b^-1 s' + c
|
||||
binv := new(big.Int).ModInverse(u.B, N)
|
||||
binv := new(big.Int).ModInverse(u.B, blindsecp256k1.N)
|
||||
bs := new(big.Int).Mul(binv, sBlind)
|
||||
s := new(big.Int).Add(bs, u.C)
|
||||
s = new(big.Int).Mod(s, N)
|
||||
s = new(big.Int).Mod(s, blindsecp256k1.N)
|
||||
|
||||
return &Signature{
|
||||
S: s,
|
||||
@@ -169,13 +127,13 @@ func Unblind(sBlind, m *big.Int, u *UserSecretData) *Signature {
|
||||
}
|
||||
|
||||
// Verify checks the signature of the message m for the given PublicKey
|
||||
func Verify(m *big.Int, signature *Signature, q *PublicKey) bool {
|
||||
func Verify(m *big.Int, signature *Signature, q *blindsecp256k1.PublicKey) bool {
|
||||
// TODO add pending checks
|
||||
sG := G.Mul(signature.S) // sG
|
||||
sG := blindsecp256k1.G.Mul(signature.S) // sG
|
||||
|
||||
r := new(big.Int).Mod(signature.F.X, N) // r = Fx mod N
|
||||
r := new(big.Int).Mod(signature.F.X, blindsecp256k1.N) // r = Fx mod N
|
||||
rm := new(big.Int).Mul(r, m)
|
||||
rm = new(big.Int).Mod(rm, N)
|
||||
rm = new(big.Int).Mod(rm, blindsecp256k1.N)
|
||||
rmQ := q.Point().Mul(rm)
|
||||
rmQF := rmQ.Add(signature.F) // rmQ + F
|
||||
|
||||
|
||||
Reference in New Issue
Block a user