tss_sign

package

v0.0.0-...-05508b9 Latest Latest Go to latest Published: Oct 24, 2023 License: Apache-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/legendzhouwd/crypto

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func GenerateTssSignSignature(s []byte, r []byte) ([]byte, error)
func GetRUsingAllRi(key *ecdsa.PublicKey, arrayOfRi [][]byte) []byte
func GetRandom32Bytes() ([]byte, error)
func GetRiUsingRandomBytes(key *ecdsa.PublicKey, k []byte) []byte
func GetSUsingAllSi(arrayOfSi [][]byte) []byte
func GetSiUsingKCRMWithCoef(k []byte, c []byte, r []byte, message []byte, coef *big.Int) []byte
func GetSiUsingKCRMWithCoefNoKi(c []byte, r []byte, message []byte, coef *big.Int) []byte
func GetXiWithcoef(xs []*big.Int, xpos int, key *ecdsa.PrivateKey) *big.Int
func VerifyTssSig(p *ecdsa.PublicKey, signature []byte, message []byte) (bool, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	InvalidInputParamsError = errors.New("Invalid input params")
	EmptyMessageError       = errors.New("Message to be sign should not be nil")
	NotValidSignatureError  = errors.New("Signature is invalid")
)

Functions ¶

func GenerateTssSignSignature ¶

func GenerateTssSignSignature(s []byte, r []byte) ([]byte, error)

生成门限签名的流程如下：

各方分别生成自己的随机数Ki(K1, K2, ..., Kn) --- func getRandomBytes() ([]byte, error) Compute k = H(m || x), m is the msg to be signed and x is the private key of the node. This makes k unpredictable for anyone who do not know x, therefor it's impossible for the attacker to retrive x by breaking the random number generator of the system, which has happend in the Sony PlayStation 3 firmware attack. 不再使用临时随机数，而改用H(m || x)来计算k
各方计算自己的 Ri = Ki*G，G代表基点 --- func getRiUsingRandomBytes(key *ecdsa.PublicKey, k []byte) []byte
发起者收集Ri，计算：R = sum(Ri) --- func getRUsingAllRi(key *ecdsa.PublicKey, arrayOfRi [][]byte) []byte
发起者收集验证节点，计算公共公钥：C = VP(1) + VP(2) + ... + VP(i)
各方根据自己的index值，和本次计算所有参与方的index集合，计算出自己的Coef
各方计算自己的S(i)：S(i) = K(i) + HASH(C,R,m) * Coef(i) * X(i)，X代表私钥中的参数大数D

--- func getSiUsingKCRM(key *ecdsa.PrivateKey, k []byte, c []byte, r []byte, message []byte) []byte 7. 发起者收集Si，生成门限签名：(s1 + s2 + ... + sn, R) GenerateTssSignSignature生成对特定消息的门限签名，所有参与签名的私钥必须使用同一条椭圆曲线

func GetSiUsingKCRMWithCoef ¶

func GetSiUsingKCRMWithCoef(k []byte, c []byte, r []byte, message []byte, coef *big.Int) []byte

计算 s(i) = k(i) + HASH(C,R,m) * x(i) * coef(i) x代表大数D，也就是私钥的关键参数

func GetSiUsingKCRMWithCoefNoKi ¶

func GetSiUsingKCRMWithCoefNoKi(c []byte, r []byte, message []byte, coef *big.Int) []byte

计算 s(i) = HASH(C,R,m) * x(i) * coef(i) x代表大数D，也就是私钥的关键参数

func GetXiWithcoef ¶

func GetXiWithcoef(xs []*big.Int, xpos int, key *ecdsa.PrivateKey) *big.Int

获取Si中的(coefi*Xi)，注意，在门限签名中，S(i) = K(i) + HASH(C,R,m) * Coef(i) * X(i) 每个实际参与节点再次计算自己的系数Coef(i)，为下一步的S(i)计算做准备 indexSet是指所有实际参与节点的index所组成的集合 localIndexPos是本节点在indexSet中的位置 key是在DKG过程中，自己计算出的私钥 func GetXiWithcoef(coef, xi *big.Int) *big.Int {

func VerifyTssSig ¶

func VerifyTssSig(p *ecdsa.PublicKey, signature []byte, message []byte) (bool, error)

验签算法如下： 1. 计算：e = hash(C,R,m) 2. 计算：Rv = sG - eC 3. 如果Rv == R则返回true，否则返回false Because sG = Sum( K(i) + e*X(i)*Coef(i) ) * G = Sum(K(i))*G + Sum(e*X(i)*Coef(i))*G = Sum(K(i)*G) + e*Sum(X(i)*Coef(i))*G = R + e*X*G = R + eC 门限签名的一个核心数学理论是：Sum(e*X(i)*Coef(i)) = X，这个X对应的就是DKG算出的公钥对应的私钥的秘密值因为公钥使用的是所有验证点之和，那么私钥就需要是所有秘密的之和，Coef(i)是为了保证在不泄漏X(i)的情况下，通过计算出自己的系数，最终可以去中心化完成X的计算

Types ¶