Documentation ¶
Index ¶
- Constants
- Variables
- func AES_CBC_IV0_DECRYPT(K []byte, C []byte) []byte
- func AES_CBC_IV0_ENCRYPT(K []byte, M []byte) []byte
- func Comp(a *BIG, b *BIG) int
- func ECDH_ECIES_DECRYPT(sha int, P1 []byte, P2 []byte, V []byte, C []byte, T []byte, U []byte) []byte
- func ECDH_ECIES_ENCRYPT(sha int, P1 []byte, P2 []byte, RNG *amcl.RAND, W []byte, M []byte, V []byte, ...) []byte
- func ECDH_ECPSP_DSA(sha int, RNG *amcl.RAND, S []byte, F []byte, C []byte, D []byte) int
- func ECDH_ECPSVDP_DH(S []byte, WD []byte, Z []byte) int
- func ECDH_ECPVP_DSA(sha int, W []byte, F []byte, C []byte, D []byte) int
- func ECDH_KDF1(sha int, Z []byte, olen int) []byte
- func ECDH_KDF2(sha int, Z []byte, P []byte, olen int) []byte
- func ECDH_KEY_PAIR_GENERATE(RNG *amcl.RAND, S []byte, W []byte) int
- func ECDH_PBKDF2(sha int, Pass []byte, Salt []byte, rep int, olen int) []byte
- func ECDH_PUBLIC_KEY_VALIDATE(W []byte) int
- func HMAC(sha int, M []byte, K []byte, tag []byte) int
- func KeyPairGenerate(rng *amcl.RAND, S []byte, W []byte) int
- func MPIN_CLIENT(sha int, date int, CLIENT_ID []byte, RNG *amcl.RAND, X []byte, pin int, ...) int
- func MPIN_CLIENT_1(sha int, date int, CLIENT_ID []byte, rng *amcl.RAND, X []byte, pin int, ...) int
- func MPIN_CLIENT_2(X []byte, Y []byte, SEC []byte) int
- func MPIN_CLIENT_KEY(sha int, G1 []byte, G2 []byte, pin int, R []byte, X []byte, H []byte, ...) int
- func MPIN_DECODING(D []byte) int
- func MPIN_ENCODING(rng *amcl.RAND, E []byte) int
- func MPIN_EXTRACT_FACTOR(sha int, CID []byte, factor int32, facbits int32, TOKEN []byte) int
- func MPIN_EXTRACT_PIN(sha int, CID []byte, pin int, TOKEN []byte) int
- func MPIN_GET_CLIENT_PERMIT(sha, date int, S []byte, CID []byte, CTT []byte) int
- func MPIN_GET_CLIENT_SECRET(S []byte, CID []byte, CST []byte) int
- func MPIN_GET_G1_MULTIPLE(rng *amcl.RAND, typ int, X []byte, G []byte, W []byte) int
- func MPIN_GET_SERVER_SECRET(S []byte, SST []byte) int
- func MPIN_GET_TIME() int
- func MPIN_GET_Y(sha int, TimeValue int, xCID []byte, Y []byte)
- func MPIN_HASH_ALL(sha int, HID []byte, xID []byte, xCID []byte, SEC []byte, Y []byte, R []byte, ...) []byte
- func MPIN_HASH_ID(sha int, ID []byte) []byte
- func MPIN_KANGAROO(E []byte, F []byte) int
- func MPIN_PRECOMPUTE(TOKEN []byte, CID []byte, G1 []byte, G2 []byte) int
- func MPIN_RANDOM_GENERATE(rng *amcl.RAND, S []byte) int
- func MPIN_RECOMBINE_G1(R1 []byte, R2 []byte, R []byte) int
- func MPIN_RECOMBINE_G2(W1 []byte, W2 []byte, W []byte) int
- func MPIN_RESTORE_FACTOR(sha int, CID []byte, factor int32, facbits int32, TOKEN []byte) int
- func MPIN_SERVER(sha int, date int, HID []byte, HTID []byte, Y []byte, SST []byte, xID []byte, ...) int
- func MPIN_SERVER_1(sha int, date int, CID []byte, HID []byte, HTID []byte)
- func MPIN_SERVER_2(date int, HID []byte, HTID []byte, Y []byte, SST []byte, xID []byte, ...) int
- func MPIN_SERVER_KEY(sha int, Z []byte, SST []byte, W []byte, H []byte, HID []byte, xID []byte, ...) int
- func Sign(SIG []byte, m string, S []byte) int
- func Today() int
- func Verify(SIG []byte, m string, W []byte) int
- type BIG
- func FromBytes(b []byte) *BIG
- func Modmul(a1, b1, m *BIG) *BIG
- func Modneg(a1, m *BIG) *BIG
- func Modsqr(a1, m *BIG) *BIG
- func NewBIG() *BIG
- func NewBIGcopy(x *BIG) *BIG
- func NewBIGdcopy(x *DBIG) *BIG
- func NewBIGint(x int) *BIG
- func NewBIGints(x [NLEN]Chunk) *BIG
- func Randomnum(q *BIG, rng *amcl.RAND) *BIG
- type Chunk
- type DBIG
- type ECP
- func (E *ECP) Add(Q *ECP)
- func (E *ECP) Affine()
- func (E *ECP) Copy(P *ECP)
- func (E *ECP) Equals(Q *ECP) bool
- func (E *ECP) GetS() int
- func (E *ECP) GetX() *BIG
- func (E *ECP) GetY() *BIG
- func (E *ECP) Is_infinity() bool
- func (E *ECP) Mul(e *BIG) *ECP
- func (E *ECP) Mul2(e *BIG, Q *ECP, f *BIG) *ECP
- func (E *ECP) Sub(Q *ECP)
- func (E *ECP) ToBytes(b []byte, compress bool)
- func (E *ECP) ToString() string
- type ECP2
- func (E *ECP2) Add(Q *ECP2) int
- func (E *ECP2) Affine()
- func (E *ECP2) Copy(P *ECP2)
- func (E *ECP2) Equals(Q *ECP2) bool
- func (E *ECP2) GetX() *FP2
- func (E *ECP2) GetY() *FP2
- func (E *ECP2) Is_infinity() bool
- func (E *ECP2) Mul(e *BIG) *ECP2
- func (E *ECP2) Sub(Q *ECP2) int
- func (E *ECP2) ToBytes(b []byte)
- func (E *ECP2) ToString() string
- type FP
- type FP12
- func Ate(P1 *ECP2, Q1 *ECP) *FP12
- func Ate2(P1 *ECP2, Q1 *ECP, R1 *ECP2, S1 *ECP) *FP12
- func FP12_fromBytes(w []byte) *FP12
- func Fexp(m *FP12) *FP12
- func GTpow(d *FP12, e *BIG) *FP12
- func NewFP12copy(x *FP12) *FP12
- func NewFP12fp4(d *FP4) *FP12
- func NewFP12fp4s(d *FP4, e *FP4, f *FP4) *FP12
- func NewFP12int(d int) *FP12
- type FP2
- type FP4
Constants ¶
const AESKEY int = 16
const ATE_BITS int = 66
const BAD_PARAMS int = -11
const BAD_PIN int = -19
const BASEBITS uint = 56
const BFS int = int(MODBYTES)
const BGS int = int(MODBYTES)
const BIGBITS int = int(MODBYTES * 8)
const BLS int = 2
const BLS_FAIL int = -1
const BLS_OK int = 0
const BN int = 1
const CHUNK int = 64 /* Set word size */
const CURVETYPE int = WEIERSTRASS
const CURVE_A int = 0
const CURVE_B_I int = 2
const CURVE_Cof_I int = 1
const CURVE_PAIRING_TYPE int = BN
const DNLEN int = 2 * NLEN
const D_TYPE int = 0
Pairing Twist type
const EDWARDS int = 1
const EFS int = int(MODBYTES)
const EGS int = int(MODBYTES)
const ERROR int = -3
const FEXCESS int32 = ((int32(1) << 26) - 1)
const FP_DENSE int = 4
const FP_ONE int = 1
const FP_SPARSE int = 3
const FP_SPARSER int = 2
const FP_ZERO int = 0
Sparsity
const GENERALISED_MERSENNE int = 3
const HASH_TYPE int = 32
const HBITS uint = (BASEBITS / 2)
const INVALID int = -4
const INVALID_POINT int = -14
const INVALID_PUBLIC_KEY int = -2
const MAXPIN int32 = 10000 /* PIN less than this */
const MFS int = int(MODBYTES)
const MGS int = int(MODBYTES)
const MOD8 uint = 3 /* Modulus mod 8 */
const MODBITS uint = 254 /* Number of bits in Modulus */
Modulus details
const MODBYTES uint = 32
BIG length in bytes and number base
const MODTYPE int = NOT_SPECIAL //NOT_SPECIAL
const MONTGOMERY int = 2
const MONTGOMERY_FRIENDLY int = 2
const M_TYPE int = 1
const NEGATIVEX int = 1
const NEXCESS int = (1 << (uint(CHUNK) - BASEBITS - 1))
const NLEN int = int((1 + ((8*MODBYTES - 1) / BASEBITS)))
BIG lengths and Masks
const NOT int = 0
Pairing Friendly?
const NOT_SPECIAL int = 0
Modulus types
const PBLEN int32 = 14 /* Number of bits in PIN */
const POSITIVEX int = 0
Pairing x parameter sign
const PSEUDO_MERSENNE int = 1
const SEXTIC_TWIST int = D_TYPE
const SIGN_OF_X int = NEGATIVEX
const TBITS uint = MODBITS % BASEBITS // Number of active bits in top word
const TRAP int = 200 /* 200 for 4 digit PIN, 2000 for 6-digit PIN - approx 2*sqrt(MAXPIN) */
const TS int = 10 /* 10 for 4 digit PIN, 14 for 6-digit PIN - 2^TS/TS approx = sqrt(MAXPIN) */
const USE_GLV bool = true
const USE_GS_G2 bool = true
const USE_GS_GT bool = true
const WEIERSTRASS int = 0
Curve types
const WRONG_ORDER int = -18
Variables ¶
var CURVE_B = [...]Chunk{0x2, 0x0, 0x0, 0x0, 0x0}
var CURVE_BB = [4][4][5]Chunk{{{0x8000000000000D, 0x80000000001060, 0x8000000007FF9F, 0x40000001BA344D, 0x25236482}, {0x8000000000000C, 0x80000000001060, 0x8000000007FF9F, 0x40000001BA344D, 0x25236482}, {0x8000000000000C, 0x80000000001060, 0x8000000007FF9F, 0x40000001BA344D, 0x25236482}, {0x2, 0x81, 0x0, 0x0, 0x0}}, {{0x1, 0x81, 0x0, 0x0, 0x0}, {0x8000000000000C, 0x80000000001060, 0x8000000007FF9F, 0x40000001BA344D, 0x25236482}, {0x8000000000000D, 0x80000000001060, 0x8000000007FF9F, 0x40000001BA344D, 0x25236482}, {0x8000000000000C, 0x80000000001060, 0x8000000007FF9F, 0x40000001BA344D, 0x25236482}}, {{0x2, 0x81, 0x0, 0x0, 0x0}, {0x1, 0x81, 0x0, 0x0, 0x0}, {0x1, 0x81, 0x0, 0x0, 0x0}, {0x1, 0x81, 0x0, 0x0, 0x0}}, {{0x80000000000002, 0x40, 0x0, 0x0, 0x0}, {0x2, 0x102, 0x0, 0x0, 0x0}, {0xA, 0x80000000001020, 0x8000000007FF9F, 0x40000001BA344D, 0x25236482}, {0x80000000000002, 0x40, 0x0, 0x0, 0x0}}}
var CURVE_Bnx = [...]Chunk{0x80000000000001, 0x40, 0x0, 0x0, 0x0}
var CURVE_Cof = [...]Chunk{0x1, 0x0, 0x0, 0x0, 0x0}
var CURVE_Cru = [...]Chunk{0x80000000000007, 0x6CD, 0x40000000024909, 0x49B362, 0x0}
var CURVE_Gx = [...]Chunk{0x12, 0x13A7, 0x80000000086121, 0x40000001BA344D, 0x25236482}
var CURVE_Gy = [...]Chunk{0x1, 0x0, 0x0, 0x0, 0x0}
var CURVE_Order = [...]Chunk{0xD, 0x800000000010A1, 0x8000000007FF9F, 0x40000001BA344D, 0x25236482}
var CURVE_Pxa = [...]Chunk{0xEE4224C803FB2B, 0x8BBB4898BF0D91, 0x7E8C61EDB6A464, 0x519EB62FEB8D8C, 0x61A10BB}
var CURVE_Pxb = [...]Chunk{0x8C34C1E7D54CF3, 0x746BAE3784B70D, 0x8C5982AA5B1F4D, 0xBA737833310AA7, 0x516AAF9}
var CURVE_Pya = [...]Chunk{0xF0E07891CD2B9A, 0xAE6BDBE09BD19, 0x96698C822329BD, 0x6BAF93439A90E0, 0x21897A0}
var CURVE_Pyb = [...]Chunk{0x2D1AEC6B3ACE9B, 0x6FFD739C9578A, 0x56F5F38D37B090, 0x7C8B15268F6D44, 0xEBB2B0E}
var CURVE_SB = [2][2][5]Chunk{{{0x4, 0x80000000000285, 0x6181, 0x0, 0x0}, {0x1, 0x81, 0x0, 0x0, 0x0}}, {{0x1, 0x81, 0x0, 0x0, 0x0}, {0xA, 0xE9D, 0x80000000079E1E, 0x40000001BA344D, 0x25236482}}}
var CURVE_W = [2][5]Chunk{{0x3, 0x80000000000204, 0x6181, 0x0, 0x0}, {0x1, 0x81, 0x0, 0x0, 0x0}}
var CURVE_WB = [4][5]Chunk{{0x80000000000000, 0x80000000000040, 0x2080, 0x0, 0x0}, {0x80000000000005, 0x54A, 0x8000000001C707, 0x312241, 0x0}, {0x80000000000003, 0x800000000002C5, 0xC000000000E383, 0x189120, 0x0}, {0x80000000000001, 0x800000000000C1, 0x2080, 0x0, 0x0}}
var Fra = [...]Chunk{0x7DE6C06F2A6DE9, 0x74924D3F77C2E1, 0x50A846953F8509, 0x212E7C8CB6499B, 0x1B377619}
var Frb = [...]Chunk{0x82193F90D5922A, 0x8B6DB2C08850C5, 0x2F57B96AC8DC17, 0x1ED1837503EAB2, 0x9EBEE69}
var Modulus = [...]Chunk{0x13, 0x13A7, 0x80000000086121, 0x40000001BA344D, 0x25236482}
Base Bits= 56
var R2modp = [...]Chunk{0x2F2A96FF5E7E39, 0x64E8642B96F13C, 0x9926F7B00C7146, 0x8321E7B4DACD24, 0x1D127A2E}
Functions ¶
func AES_CBC_IV0_DECRYPT ¶
returns plaintext if all consistent, else returns null string
func AES_CBC_IV0_ENCRYPT ¶
AES encryption/decryption. Encrypt byte array M using key K and returns ciphertext
func ECDH_ECIES_DECRYPT ¶
func ECDH_ECIES_DECRYPT(sha int, P1 []byte, P2 []byte, V []byte, C []byte, T []byte, U []byte) []byte
IEEE1363 ECIES decryption. Decryption of ciphertext V,C,T using private key U outputs plaintext M
func ECDH_ECIES_ENCRYPT ¶
func ECDH_ECIES_ENCRYPT(sha int, P1 []byte, P2 []byte, RNG *amcl.RAND, W []byte, M []byte, V []byte, T []byte) []byte
IEEE1363 ECIES encryption. Encryption of plaintext M uses public key W and produces ciphertext V,C,T
func ECDH_ECPSP_DSA ¶
IEEE ECDSA Signature, C and D are signature on F using private key S
func ECDH_ECPSVDP_DH ¶
IEEE-1363 Diffie-Hellman online calculation Z=S.WD
func ECDH_ECPVP_DSA ¶
IEEE1363 ECDSA Signature Verification. Signature C and D on F is verified using public key W
func ECDH_KEY_PAIR_GENERATE ¶
Calculate a public/private EC GF(p) key pair W,S where W=S.G mod EC(p), * where S is the secret key and W is the public key * and G is fixed generator. * If RNG is NULL then the private key is provided externally in S * otherwise it is generated randomly internally
func ECDH_PBKDF2 ¶
Password based Key Derivation Function Input password p, salt s, and repeat count Output key of length olen
func MPIN_CLIENT ¶
func MPIN_CLIENT(sha int, date int, CLIENT_ID []byte, RNG *amcl.RAND, X []byte, pin int, TOKEN []byte, SEC []byte, xID []byte, xCID []byte, PERMIT []byte, TimeValue int, Y []byte) int
One pass MPIN Client
func MPIN_CLIENT_1 ¶
func MPIN_CLIENT_1(sha int, date int, CLIENT_ID []byte, rng *amcl.RAND, X []byte, pin int, TOKEN []byte, SEC []byte, xID []byte, xCID []byte, PERMIT []byte) int
Implement step 1 on client side of MPin protocol
func MPIN_CLIENT_2 ¶
Implement step 2 on client side of MPin protocol
func MPIN_CLIENT_KEY ¶
func MPIN_CLIENT_KEY(sha int, G1 []byte, G2 []byte, pin int, R []byte, X []byte, H []byte, wCID []byte, CK []byte) int
calculate common key on client side wCID = w.(A+AT)
func MPIN_DECODING ¶
func MPIN_ENCODING ¶
these next two functions implement elligator squared - http://eprint.iacr.org/2014/043 Elliptic curve point E in format (0x04,x,y} is converted to form {0x0-,u,v} Note that u and v are indistinguisible from random strings
func MPIN_EXTRACT_FACTOR ¶
Extract factor from TOKEN for identity CID
func MPIN_GET_CLIENT_PERMIT ¶
Time Permit CTT=S*(date|H(CID)) where S is master secret
func MPIN_GET_CLIENT_SECRET ¶
Client secret CST=S*H(CID) where CID is client ID and S is master secret CID is hashed externally
func MPIN_GET_G1_MULTIPLE ¶
W=x*H(G); if RNG == NULL then X is passed in if RNG != NULL the X is passed out if type=0 W=x*G where G is point on the curve, else W=x*M(G), where M(G) is mapping of octet G to point on the curve
func MPIN_GET_SERVER_SECRET ¶
Extract Server Secret SST=S*Q where Q is fixed generator in G2 and S is master secret
func MPIN_GET_Y ¶
Generate Y = H(epoch, xCID/xID)
func MPIN_HASH_ALL ¶
func MPIN_HASH_ID ¶
func MPIN_KANGAROO ¶
Pollards kangaroos used to return PIN error
func MPIN_RANDOM_GENERATE ¶
create random secret S
func MPIN_RECOMBINE_G1 ¶
R=R1+R2 in group G1
func MPIN_RECOMBINE_G2 ¶
W=W1+W2 in group G2
func MPIN_RESTORE_FACTOR ¶
Restore factor to TOKEN for identity CID
func MPIN_SERVER ¶
func MPIN_SERVER(sha int, date int, HID []byte, HTID []byte, Y []byte, SST []byte, xID []byte, xCID []byte, SEC []byte, E []byte, F []byte, CID []byte, TimeValue int) int
One pass MPIN Server
func MPIN_SERVER_1 ¶
Outputs H(CID) and H(T|H(CID)) for time permits. If no time permits set HID=HTID
func MPIN_SERVER_2 ¶
func MPIN_SERVER_2(date int, HID []byte, HTID []byte, Y []byte, SST []byte, xID []byte, xCID []byte, mSEC []byte, E []byte, F []byte) int
Implement step 2 of MPin protocol on server side
func MPIN_SERVER_KEY ¶
Types ¶
type BIG ¶
type BIG struct {
// contains filtered or unexported fields
}
func NewBIGcopy ¶
func NewBIGdcopy ¶
func NewBIGints ¶
type DBIG ¶
type DBIG struct {
// contains filtered or unexported fields
}
func NewDBIGcopy ¶
func NewDBIGscopy ¶
type ECP ¶
type ECP struct {
// contains filtered or unexported fields
}
func ECP_generator ¶
func ECP_generator() *ECP
type ECP2 ¶
type ECP2 struct {
// contains filtered or unexported fields
}
func ECP2_generator ¶
func ECP2_generator() *ECP2
func NewECP2fp2 ¶
construct this from x - but set to O if not on curve
func NewECP2fp2s ¶
construct this from (x,y) - but set to O if not on curve
type FP12 ¶
type FP12 struct {
// contains filtered or unexported fields
}
func GTpow ¶
f=f^e Note that this method requires a lot of RAM! Better to use compressed XTR method, see FP4.java
func NewFP12copy ¶
func NewFP12int ¶
type FP2 ¶
type FP2 struct {
// contains filtered or unexported fields
}
func NewFP2bigs ¶
func NewFP2copy ¶
type FP4 ¶
type FP4 struct {
// contains filtered or unexported fields
}