-
Notifications
You must be signed in to change notification settings - Fork 2
/
sign.go
93 lines (77 loc) · 2.59 KB
/
sign.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
// Copyright (c) 2019 lambdastorage.com
// --------
// This file is part of The proofDP library.
//
// The proofDP is free software: you can redistribute it and/or modify
// it under the terms of the GNU Lesser General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// The proofDP is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with the proofDP. If not, see <http://www.gnu.org/licenses/>.
package proofDP
import (
"crypto/rand"
"crypto/sha256"
"github.com/LambdaIM/proofDP/math"
"golang.org/x/crypto/scrypt"
)
const (
scryptN = 32768
scryptR = 8
scryptP = 1
scryptL = 32
)
// Here I implement a pairing-based BLS DSA. However, the performance of
// this implementation is not that good. 1024 times sign-verification takes
// around 140+ seconds which is a little bit too much.
// Signature is a wrapper of the inner type
type Signature = math.EllipticPoint
// SignPubKey is the public key for PDP signature verification
type SignPubKey struct {
key math.EllipticPoint
}
// SignPrivKey is the private key for PDP signature
type SignPrivKey struct {
key math.GaloisElem
Pk SignPubKey
}
// GenerateSignPrivKeyFromSecret creates a new SignPrivKey instance
func GenerateSignPrivKeyFromSecret(secret []byte) (*SignPrivKey, error) {
salt := make([]byte, scryptR)
_, err := rand.Read(salt)
if err != nil {
return nil, err
}
saltedSecret, err := scrypt.Key(secret, salt, scryptN, scryptR, scryptP, scryptL)
if err != nil {
return nil, err
}
k := math.HashToGaloisElem(saltedSecret)
return &SignPrivKey{
key: k,
Pk: SignPubKey{
key: math.EllipticPow(math.GetGenerator(), k),
},
}, nil
}
// Sign generates a signature using SignPrivKey instance on
// given hash
func (sk *SignPrivKey) Sign(h [sha256.Size]byte) Signature {
d := math.HashToEllipticPt(h[:])
return math.EllipticPow(d, sk.key)
}
// VerifySignature validates if a signature is signed using 'pk'-responding
// SignPrivKey instance on the given hash 'h'.
func VerifySignature(s Signature, h [sha256.Size]byte, pk SignPubKey) bool {
lhs := math.BiLinearMap(s, math.GetGenerator())
d := math.HashToEllipticPt(h[:])
rhs := math.BiLinearMap(d, pk.key)
return math.QuadraticEqual(lhs, rhs)
}
// TODO: implement the github.com/tendermint/crypto.PrivKey & PubKey interfaces