common

package
v2.0.0-...-d33a960 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 20, 2024 License: MIT Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ErrGeneratorCancelled = fmt.Errorf("generator work cancelled")

ErrGeneratorCancelled is an error returned from GetRandomSafePrimesConcurrent when the work of the generator has been cancelled as a result of the context being done (cancellation or timeout).

View Source 
var File_protob_signature_proto protoreflect.FileDescriptor
View Source 
var Logger = log.Logger("tss-lib")

Functions

func AppendBigIntToBytesSlice 

func AppendBigIntToBytesSlice(commonBytes []byte, appended *big.Int) []byte

func BigIntsToBytes 

func BigIntsToBytes(bigInts []*big.Int) [][]byte

func ConvertBoolArrayToByteArray 

func ConvertBoolArrayToByteArray(bools []bool) []byte

func ConvertByteArrayToBoolArray 

func ConvertByteArrayToBoolArray(byteArray []byte, numBools int) []bool

ConvertByteArrayToBoolArray converts a packed []byte back to a []bool.

func GetRandomBytes 

func GetRandomBytes(rand io.Reader, length int) ([]byte, error)

GetRandomBytes returns random bytes of length.

func GetRandomGeneratorOfTheQuadraticResidue 

func GetRandomGeneratorOfTheQuadraticResidue(rand io.Reader, n *big.Int) *big.Int
Return a random generator of RQn with high probability.
THIS METHOD ONLY WORKS IF N IS THE PRODUCT OF TWO SAFE PRIMES!

https://github.com/didiercrunch/paillier/blob/d03e8850a8e4c53d04e8016a2ce8762af3278b71/utils.go#L39

func GetRandomPositiveInt 

func GetRandomPositiveInt(rand io.Reader, lessThan *big.Int) *big.Int

func GetRandomPositiveRelativelyPrimeInt 

func GetRandomPositiveRelativelyPrimeInt(rand io.Reader, n *big.Int) *big.Int

Generate a random element in the group of all the elements in Z/nZ that has a multiplicative inverse.

func GetRandomPrimeInt 

func GetRandomPrimeInt(rand io.Reader, bits int) *big.Int

func GetRandomQuadraticNonResidue 

func GetRandomQuadraticNonResidue(rand io.Reader, n *big.Int) *big.Int

GetRandomQuadraticNonResidue returns a quadratic non residue of odd n.

func IsInInterval 

func IsInInterval(b *big.Int, bound *big.Int) bool

func IsNumberInMultiplicativeGroup 

func IsNumberInMultiplicativeGroup(n, v *big.Int) bool

func ModInt 

func ModInt(mod *big.Int) *modInt

func MultiBytesToBigInts 

func MultiBytesToBigInts(bytes [][]byte) []*big.Int

func MustGetRandomInt 

func MustGetRandomInt(rand io.Reader, bits int) *big.Int

MustGetRandomInt panics if it is unable to gather entropy from `io.Reader` or when `bits` is <= 0

func NonEmptyBytes 

func NonEmptyBytes(bz []byte) bool

Returns true when the byte slice is non-nil and non-empty

func NonEmptyMultiBytes 

func NonEmptyMultiBytes(bzs [][]byte, expectLen ...int) bool

Returns true when all of the slices in the multi-dimensional byte slice are non-nil and non-empty

func PadToLengthBytesInPlace 

func PadToLengthBytesInPlace(src []byte, length int) []byte

PadToLengthBytesInPlace pad {0, ...} to the front of src if len(src) < length output length is equal to the parameter length

func RejectionSample 

func RejectionSample(q *big.Int, eHash *big.Int) *big.Int

RejectionSample implements the rejection sampling logic for converting a SHA512/256 hash to a value between 0-q

func SHA512_256 

func SHA512_256(in ...[]byte) []byte

SHA-512/256 is protected against length extension attacks and is more performant than SHA-256 on 64-bit architectures. https://en.wikipedia.org/wiki/Template:Comparison_of_SHA_functions

func SHA512_256i 

func SHA512_256i(in ...*big.Int) *big.Int

func SHA512_256iOne 

func SHA512_256iOne(in *big.Int) *big.Int

func SHA512_256i_TAGGED 

func SHA512_256i_TAGGED(tag []byte, in ...*big.Int) *big.Int

SHA512_256i_TAGGED tagged version of SHA512_256i

Types

type GermainSafePrime 

type GermainSafePrime struct {
	// contains filtered or unexported fields
}

func GetRandomSafePrimesConcurrent 

func GetRandomSafePrimesConcurrent(ctx context.Context, bitLen, numPrimes int, concurrency int, rand io.Reader) ([]*GermainSafePrime, error)

GetRandomSafePrimesConcurrent tries to find safe primes concurrently. The returned results are safe primes `p` and prime `q` such that `p=2q+1`. Concurrency level can be controlled with the `concurrencyLevel` parameter. If a safe prime could not be found before the context is done, the error is returned. Also, if at least one search process failed, error is returned as well.

How fast we generate a prime number is mostly a matter of luck and it depends on how lucky we are with drawing the first bytes. With today's multi-core processors, we can execute the process on multiple cores concurrently, accept the first valid result and cancel the rest of work. This way, with the same finding algorithm, we can get the result faster.

Concurrency level should be set depending on what `bitLen` of prime is expected. For example, as of today, on a typical workstation, for 512-bit safe prime, `concurrencyLevel` should be set to `1` as generating the prime of this length is a matter of milliseconds for a single core. For 1024-bit safe prime, `concurrencyLevel` should be usually set to at least `2` and for 2048-bit safe prime, `concurrencyLevel` must be set to at least `4` to get the result in a reasonable time.

This function generates safe primes of at least 6 `bitLen`. For every generated safe prime, the two most significant bits are always set to `1` - we don't want the generated number to be too small.

func (*GermainSafePrime) Prime 

func (sgp *GermainSafePrime) Prime() *big.Int

func (*GermainSafePrime) SafePrime 

func (sgp *GermainSafePrime) SafePrime() *big.Int

func (*GermainSafePrime) Validate 

func (sgp *GermainSafePrime) Validate() bool

type SignatureData 

type SignatureData struct {
	Signature []byte `protobuf:"bytes,1,opt,name=signature,proto3" json:"signature,omitempty"`
	// Ethereum-style recovery byte; only the first byte is relevant
	SignatureRecovery []byte `protobuf:"bytes,2,opt,name=signature_recovery,json=signatureRecovery,proto3" json:"signature_recovery,omitempty"`
	// Signature components R, S
	R []byte `protobuf:"bytes,3,opt,name=r,proto3" json:"r,omitempty"`
	S []byte `protobuf:"bytes,4,opt,name=s,proto3" json:"s,omitempty"`
	// M represents the original message digest that was signed M
	M []byte `protobuf:"bytes,5,opt,name=m,proto3" json:"m,omitempty"`
	// This value is set once a new local party is created.
	// used to track the specific session when multiple sessions are running in parallel.
	TrackingId *TrackingID `protobuf:"bytes,6,opt,name=tracking_id,json=trackingId,proto3" json:"tracking_id,omitempty"`
	// contains filtered or unexported fields
}

Container for output signatures, mostly used for marshalling this data structure to a mobile app

func (*SignatureData) Descriptor deprecated 

func (*SignatureData) Descriptor() ([]byte, []int)

Deprecated: Use SignatureData.ProtoReflect.Descriptor instead.

func (*SignatureData) GetM 

func (x *SignatureData) GetM() []byte

func (*SignatureData) GetR 

func (x *SignatureData) GetR() []byte

func (*SignatureData) GetS 

func (x *SignatureData) GetS() []byte

func (*SignatureData) GetSignature 

func (x *SignatureData) GetSignature() []byte

func (*SignatureData) GetSignatureRecovery 

func (x *SignatureData) GetSignatureRecovery() []byte

func (*SignatureData) GetTrackingId 

func (x *SignatureData) GetTrackingId() *TrackingID

func (*SignatureData) ProtoMessage 

func (*SignatureData) ProtoMessage()

func (*SignatureData) ProtoReflect 

func (x *SignatureData) ProtoReflect() protoreflect.Message

func (*SignatureData) Reset 

func (x *SignatureData) Reset()

func (*SignatureData) String 

func (x *SignatureData) String() string

type TrackingID 

type TrackingID struct {

	// the digest of the message that is being signed.
	Digest []byte `protobuf:"bytes,1,opt,name=digest,proto3" json:"digest,omitempty"`
	// parties state indicate with true that a party is well,
	// and with false that a party is not well for this specific digest.
	// the size of parties_state should allow enough bits to count all participating parties in the protocol.
	PartiesState []byte `protobuf:"bytes,2,opt,name=parties_state,json=partiesState,proto3" json:"parties_state,omitempty"`
	// any auxilary data provided to the protocol from outside, and needs to be on every message.
	AuxilaryData []byte `protobuf:"bytes,3,opt,name=auxilary_data,json=auxilaryData,proto3" json:"auxilary_data,omitempty"`
	// contains filtered or unexported fields
}

TrackingID is used to track the specific session when multiple sessions are running in parallel. All messages tied to specific session should have the same TrackingID.

func (*TrackingID) BitLen 

func (t *TrackingID) BitLen() int

func (*TrackingID) Descriptor deprecated 

func (*TrackingID) Descriptor() ([]byte, []int)

Deprecated: Use TrackingID.ProtoReflect.Descriptor instead.

func (*TrackingID) GetAuxilaryData 

func (x *TrackingID) GetAuxilaryData() []byte

func (*TrackingID) GetDigest 

func (x *TrackingID) GetDigest() []byte

func (*TrackingID) GetPartiesState 

func (x *TrackingID) GetPartiesState() []byte

func (*TrackingID) PartyStateOk 

func (t *TrackingID) PartyStateOk(i int) bool

Will panic if i is out of bounds

func (*TrackingID) ProtoMessage 

func (*TrackingID) ProtoMessage()

func (*TrackingID) ProtoReflect 

func (x *TrackingID) ProtoReflect() protoreflect.Message

func (*TrackingID) Reset 

func (x *TrackingID) Reset()

func (*TrackingID) String 

func (x *TrackingID) String() string

func (*TrackingID) ToString 

func (t *TrackingID) ToString() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.