本文整理汇总了Golang中github.com/dedis/crypto/abstract.Suite.Point方法的典型用法代码示例。如果您正苦于以下问题:Golang Suite.Point方法的具体用法?Golang Suite.Point怎么用?Golang Suite.Point使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类github.com/dedis/crypto/abstract.Suite的用法示例。
在下文中一共展示了Suite.Point方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: SchnorrVerify
// Checks the signature against
// the message
func SchnorrVerify(suite abstract.Suite,
kp SchnorrPublicKey,
msg []byte, sig []byte) (bool, error) {
buf := bytes.NewBuffer(sig)
signature := SchnorrSignature{}
err := abstract.Read(buf, &signature, suite)
if err != nil {
return false, err
}
s := signature.S
e := signature.E
var gs, ye, r abstract.Point
gs = suite.Point().Mul(nil, s) // g^s
ye = suite.Point().Mul(kp.Y, e) // y^e
r = suite.Point().Add(gs, ye) // g^xy^e
r_bin, _ := r.MarshalBinary()
msg_and_r := append(msg, r_bin...)
hasher := sha3.New256()
hasher.Write(msg_and_r)
h := hasher.Sum(nil)
// again I'm hoping this just reads the state out
// and doesn't actually perform any ops
lct := suite.Cipher(h)
ev := suite.Secret().Pick(lct)
return ev.Equal(e), nil
}示例2: ReadPubKey
// ReadPubKey will read the file and decrypt the public key inside
// It takes a suite to decrypt and a file name
// Returns the public key, whatever text is in front and an error if anything went wrong
func ReadPubKey(suite abstract.Suite, fileName string) (abstract.Point, string, error) {
public := suite.Point()
// Opening files
pubFile, err := os.Open(fileName)
if err != nil {
return nil, "", err
}
defer pubFile.Close()
// read the string before
by, err := ioutil.ReadAll(pubFile)
if err != nil {
return nil, "", errors.New(fmt.Sprintf("Error reading the whole file %s", err))
}
splits := strings.Split(string(by), " ")
if len(splits) != 2 {
return nil, "", errors.New(fmt.Sprintf("Error reading pub key file format is not correct (val space val)"))
}
before := splits[0]
key := strings.NewReader(splits[1])
// Some readings
public, err = ReadPub64(suite, key)
if err != nil {
return nil, "", errors.New(fmt.Sprintf("Error reading the public key itself: %s", err))
}
return public, before, nil
}示例3: ElGamalVerify
func ElGamalVerify(suite abstract.Suite, message []byte, publicKey abstract.Point,
signatureBuffer []byte, g abstract.Point) error {
// Decode the signature
buf := bytes.NewBuffer(signatureBuffer)
sig := basicSig{}
if err := abstract.Read(buf, &sig, suite); err != nil {
return err
}
r := sig.R
c := sig.C
// Compute base**(r + x*c) == T
var P, T abstract.Point
P = suite.Point()
T = suite.Point()
T.Add(T.Mul(g, r), P.Mul(publicKey, c))
// Verify that the hash based on the message and T
// matches the challange c from the signature
c = hashElGamal(suite, message, T)
if !c.Equal(sig.C) {
return errors.New("invalid signature")
}
return nil
}示例4: GenerateZ
/* GenerateZ takes some random agreed information and creates
Z the "public-only" key that is witness-independent as per
the paper. We've probably broken that slightly in this implementation
because I could not pick a point without generating it
via a Secret, instead of directly via a Point - that is, even as a
32-byte string, we cannot decode on C25519 (and this wouldn't work
for abstract suites anyway).
However, it demonstrates the idea.
*/
func GenerateZ(suite abstract.Suite, info []byte) (abstract.Point, error) {
hasher := sha3.New256()
hasher.Write(info)
zraw := hasher.Sum(nil)
//I think this might be cheating
zrawCt := suite.Cipher(zraw)
zfactor := suite.Secret().Pick(zrawCt)
Z := suite.Point()
Z.Mul(nil, zfactor)
// every 32-bit integer exists on Curve25519 only if we have the fullgroup
// this should work, but doesn't.
/*var Z abstract.Point
zrawBuf := bytes.NewBuffer(zraw)
err := abstract.Read(zrawBuf, &Z, suite);
if err != nil {
return nil, err
}*/
return Z, nil
}示例5: NewNode
func NewNode(hn coconet.Host, suite abstract.Suite, random cipher.Stream) *Node {
sn := &Node{Host: hn, suite: suite}
msgSuite = suite
sn.PrivKey = suite.Secret().Pick(random)
sn.PubKey = suite.Point().Mul(nil, sn.PrivKey)
sn.peerKeys = make(map[string]abstract.Point)
sn.Rounds = make(map[int]*Round)
sn.closed = make(chan error, 20)
sn.done = make(chan int, 10)
sn.commitsDone = make(chan int, 10)
sn.viewChangeCh = make(chan string, 0)
sn.FailureRate = 0
h := fnv.New32a()
h.Write([]byte(hn.Name()))
seed := h.Sum32()
sn.Rand = rand.New(rand.NewSource(int64(seed)))
sn.Host.SetSuite(suite)
sn.VoteLog = NewVoteLog()
sn.Actions = make(map[int][]*Vote)
sn.RoundsPerView = 100
return sn
}示例6: init
// Determine all the alternative DH point positions for a ciphersuite.
func (si *suiteInfo) init(ste abstract.Suite, nlevels int) {
si.ste = ste
si.tag = make([]uint32, nlevels)
si.pos = make([]int, nlevels)
si.plen = ste.Point().(abstract.Hiding).HideLen() // XXX
// Create a pseudo-random stream from which to pick positions
str := fmt.Sprintf("NegoCipherSuite:%s", ste.String())
rand := ste.Cipher([]byte(str))
// Alternative 0 is always at position 0, so start with level 1.
levofs := 0 // starting offset for current level
//fmt.Printf("Suite %s positions:\n", ste.String())
for i := 0; i < nlevels; i++ {
// Pick a random position within this level
var buf [4]byte
rand.XORKeyStream(buf[:], buf[:])
levlen := 1 << uint(i) // # alt positions at this level
levmask := levlen - 1 // alternative index mask
si.tag[i] = binary.BigEndian.Uint32(buf[:])
levidx := int(si.tag[i]) & levmask
si.pos[i] = levofs + levidx*si.plen
//fmt.Printf("%d: idx %d/%d pos %d\n",
// i, levidx, levlen, si.pos[i])
levofs += levlen * si.plen // next level table offset
}
// Limit of highest point field
si.max = si.pos[nlevels-1] + si.plen
}示例7: Biffle
// Binary shuffle ("biffle") for 2 ciphertexts based on general ZKPs.
func Biffle(suite abstract.Suite, G, H abstract.Point,
X, Y [2]abstract.Point, rand abstract.Cipher) (
Xbar, Ybar [2]abstract.Point, prover proof.Prover) {
// Pick the single-bit permutation.
bit := int(random.Byte(rand) & 1)
// Pick a fresh ElGamal blinding factor for each pair
var beta [2]abstract.Scalar
for i := 0; i < 2; i++ {
beta[i] = suite.Scalar().Pick(rand)
}
// Create the output pair vectors
for i := 0; i < 2; i++ {
pi_i := i ^ bit
Xbar[i] = suite.Point().Mul(G, beta[pi_i])
Xbar[i].Add(Xbar[i], X[pi_i])
Ybar[i] = suite.Point().Mul(H, beta[pi_i])
Ybar[i].Add(Ybar[i], Y[pi_i])
}
or := bifflePred()
secrets := map[string]abstract.Scalar{
"beta0": beta[0],
"beta1": beta[1]}
points := bifflePoints(suite, G, H, X, Y, Xbar, Ybar)
choice := map[proof.Predicate]int{or: bit}
prover = or.Prover(suite, secrets, points, choice)
return
}示例8: NewKeyedNode
// Create new signing node that incorporates a given private key
func NewKeyedNode(hn coconet.Host, suite abstract.Suite, PrivKey abstract.Secret) *Node {
sn := &Node{Host: hn, suite: suite, PrivKey: PrivKey}
sn.PubKey = suite.Point().Mul(nil, sn.PrivKey)
sn.peerKeys = make(map[string]abstract.Point)
sn.closed = make(chan error, 20)
sn.done = make(chan int, 10)
sn.commitsDone = make(chan int, 10)
sn.viewChangeCh = make(chan string, 0)
sn.RoundCommits = make(map[int][]*SigningMessage)
sn.RoundResponses = make(map[int][]*SigningMessage)
sn.FailureRate = 0
h := fnv.New32a()
h.Write([]byte(hn.Name()))
seed := h.Sum32()
sn.Rand = rand.New(rand.NewSource(int64(seed)))
sn.Host.SetSuite(suite)
sn.VoteLog = NewVoteLog()
sn.Actions = make(map[int][]*Vote)
sn.RoundsPerView = 0
sn.Rounds = make(map[int]Round)
sn.MaxWait = 50 * time.Second
return sn
}示例9: VerifySignature
// VerifySignature verifies if the challenge and the secret (from the response phase) form a
// correct signature for this message using the aggregated public key.
func VerifySignature(suite abstract.Suite, msg []byte, public abstract.Point, challenge, secret abstract.Scalar) error {
// recompute the challenge and check if it is the same
commitment := suite.Point()
commitment = commitment.Add(commitment.Mul(nil, secret), suite.Point().Mul(public, challenge))
return verifyCommitment(suite, msg, commitment, challenge)
}示例10: ElGamalDecrypt
func ElGamalDecrypt(suite abstract.Suite, prikey abstract.Secret, K, C abstract.Point) (
M abstract.Point) {
// ElGamal-decrypt the ciphertext (K,C) to reproduce the message.
S := suite.Point().Mul(K, prikey) // regenerate shared secret
M = suite.Point().Sub(C, S) // use to un-blind the message
return
}示例11: DefaultConstructors
// DefaultConstructors gives a default constructor for protobuf out of the global suite
func DefaultConstructors(suite abstract.Suite) protobuf.Constructors {
constructors := make(protobuf.Constructors)
var point abstract.Point
var secret abstract.Scalar
constructors[reflect.TypeOf(&point).Elem()] = func() interface{} { return suite.Point() }
constructors[reflect.TypeOf(&secret).Elem()] = func() interface{} { return suite.Scalar() }
return constructors
}示例12: GenerateKeyPair
// GenerateKeyPair generates a new random private/public keypair in the specified group
func GenerateKeyPair(suite abstract.Suite) (*PriKey, *PubKey) {
secret := suite.Secret().Pick(suite.Cipher(nil))
base := suite.Point().Base()
pk := PubKey{suite, base, suite.Point().Mul(base, secret)}
sk := PriKey{pk, secret}
return &sk, &pk
}示例13: ReadPubHex
// ReadPubHex reads a hexadecimal representation of a public point and convert it to the
// right struct
func ReadPubHex(suite abstract.Suite, s string) (abstract.Point, error) {
encoded, err := hex.DecodeString(s)
if err != nil {
return nil, err
}
point := suite.Point()
err = point.UnmarshalBinary(encoded)
return point, err
}示例14: ElGamalDecrypt
func ElGamalDecrypt(suite abstract.Suite, prikey abstract.Secret, K, C abstract.Point) (
message []byte, err error) {
// ElGamal-decrypt the ciphertext (K,C) to reproduce the message.
S := suite.Point().Mul(K, prikey) // regenerate shared secret
M := suite.Point().Sub(C, S) // use to un-blind the message
message, err = M.Data() // extract the embedded data
return
}示例15: GetSharedSecret
// GetSharedSecret returns the shared secret, as in the Verdict hash-based construction, for the given public and
// private keys
func GetSharedSecret(pk *PubKey, sk *PriKey) (abstract.Secret, abstract.Point) {
var suite abstract.Suite
suite = crypto.Suite
point := suite.Point().Mul(pk.Elem, sk.secret)
r := crypto.HashKDF(point)
R := suite.Point().Mul(crypto.Generator, r)
return r, R
}