Documentation
¶
Index ¶
- Variables
- func BigIntsToBytes(bigInts []*big.Int) [][]byte
- func ByteSlicesToBigInts(bytes [][]byte) []*big.Int
- func GetRandomGeneratorOfTheQuadraticResidue(n *big.Int) *big.Int
- func GetRandomPositiveInt(upper *big.Int) *big.Int
- func GetRandomPositiveRelativelyPrimeInt(n *big.Int) *big.Int
- func GetRandomPrimeInt(bits int) *big.Int
- func IsInInterval(b *big.Int, bound *big.Int) bool
- func IsNumberInMultiplicativeGroup(n, v *big.Int) bool
- func ModInt(mod *big.Int) *modInt
- func MustGetRandomInt(bits int) *big.Int
- func NonEmptyBytes(bz []byte, minByteLen ...int) bool
- func NonEmptyMultiBytes(bzs [][]byte, expectLen ...int) bool
- func RejectionSample(q *big.Int, eHash *big.Int) *big.Int
- func SHA512_256(in ...[]byte) []byte
- func SHA512_256i(in ...*big.Int) *big.Int
- func SHA512_256iOne(in *big.Int) *big.Int
- type ECPoint
- func (*ECPoint) Descriptor() ([]byte, []int)deprecated
- func (x *ECPoint) GetX() []byte
- func (x *ECPoint) GetY() []byte
- func (*ECPoint) ProtoMessage()
- func (x *ECPoint) ProtoReflect() protoreflect.Message
- func (x *ECPoint) Reset()
- func (x *ECPoint) String() string
- func (x *ECPoint) ValidateBasic() bool
- type ECSignature
- func (*ECSignature) Descriptor() ([]byte, []int)deprecated
- func (x *ECSignature) GetM() []byte
- func (x *ECSignature) GetR() []byte
- func (x *ECSignature) GetS() []byte
- func (x *ECSignature) GetSignature() []byte
- func (x *ECSignature) GetSignatureRecovery() []byte
- func (*ECSignature) ProtoMessage()
- func (x *ECSignature) ProtoReflect() protoreflect.Message
- func (x *ECSignature) Reset()
- func (x *ECSignature) String() string
- type GermainSafePrime
Constants ¶
This section is empty.
Variables ¶
var Logger = log.Logger("tss-lib")
Functions ¶
func BigIntsToBytes ¶
func ByteSlicesToBigInts ¶
func GetRandomGeneratorOfTheQuadraticResidue ¶
Return a random generator of RQn with high probability. THIS METHOD ONLY WORKS IF N IS THE PRODUCT OF TWO SAFE PRIMES!
https://github.com/didiercrunch/paillier/blob/d03e8850a8e4c53d04e8016a2ce8762af3278b71/utils.go#L39
func GetRandomPositiveRelativelyPrimeInt ¶
Generate a random element in the group of all the elements in Z/nZ that has a multiplicative inverse.
func GetRandomPrimeInt ¶
func MustGetRandomInt ¶
MustGetRandomInt panics if it is unable to gather entropy from `rand.Reader` or when `bits` is <= 0
func NonEmptyBytes ¶
Returns true when the byte slice is non-nil and non-empty
func NonEmptyMultiBytes ¶
Returns true when all of the slices in the multi-dimensional byte slice are non-nil and non-empty
func RejectionSample ¶
RejectionSample implements the rejection sampling logic for converting a SHA512/256 hash to a value between 0-q
func SHA512_256 ¶
SHA-512/256 is protected against length extension attacks and is more performant than SHA-256 on 64-bit architectures. https://en.wikipedia.org/wiki/Template:Comparison_of_SHA_functions
Types ¶
type ECPoint ¶
type ECPoint struct {
X []byte `protobuf:"bytes,1,opt,name=x,proto3" json:"x,omitempty"`
Y []byte `protobuf:"bytes,2,opt,name=y,proto3" json:"y,omitempty"`
// contains filtered or unexported fields
}
func (*ECPoint) Descriptor
deprecated
func (*ECPoint) ProtoMessage ¶
func (*ECPoint) ProtoMessage()
func (*ECPoint) ProtoReflect ¶
func (x *ECPoint) ProtoReflect() protoreflect.Message
func (*ECPoint) ValidateBasic ¶
type ECSignature ¶
type ECSignature struct {
Signature []byte `protobuf:"bytes,1,opt,name=signature,proto3" json:"signature,omitempty"`
// Ethereum-style Recovery ID: Used to enable extracting the public key from the signature.
SignatureRecovery []byte `protobuf:"bytes,2,opt,name=signature_recovery,json=signatureRecovery,proto3" json:"signature_recovery,omitempty"`
// Signature components R, S
R []byte `protobuf:"bytes,3,opt,name=r,proto3" json:"r,omitempty"`
S []byte `protobuf:"bytes,4,opt,name=s,proto3" json:"s,omitempty"`
// M represents the original message digest that was signed M
M []byte `protobuf:"bytes,5,opt,name=m,proto3" json:"m,omitempty"`
// contains filtered or unexported fields
}
func (*ECSignature) Descriptor
deprecated
func (*ECSignature) Descriptor() ([]byte, []int)
Deprecated: Use ECSignature.ProtoReflect.Descriptor instead.
func (*ECSignature) GetM ¶
func (x *ECSignature) GetM() []byte
func (*ECSignature) GetR ¶
func (x *ECSignature) GetR() []byte
func (*ECSignature) GetS ¶
func (x *ECSignature) GetS() []byte
func (*ECSignature) GetSignature ¶
func (x *ECSignature) GetSignature() []byte
func (*ECSignature) GetSignatureRecovery ¶
func (x *ECSignature) GetSignatureRecovery() []byte
func (*ECSignature) ProtoMessage ¶
func (*ECSignature) ProtoMessage()
func (*ECSignature) ProtoReflect ¶
func (x *ECSignature) ProtoReflect() protoreflect.Message
func (*ECSignature) Reset ¶
func (x *ECSignature) Reset()
func (*ECSignature) String ¶
func (x *ECSignature) String() string
type GermainSafePrime ¶
type GermainSafePrime struct {
// contains filtered or unexported fields
}
func GetRandomSafePrimesConcurrent ¶
func GetRandomSafePrimesConcurrent(bitLen, numPrimes int, timeout time.Duration, concurrency int) ([]*GermainSafePrime, error)
GetRandomSafePrimesConcurrent tries to find safe primes concurrently. The returned results are safe primes `p` and prime `q` such that `p=2q+1`. Concurrency level can be controlled with the `concurrencyLevel` parameter. If a safe prime could not be found in the specified `timeout`, the error is returned. Also, if at least one search process failed, error is returned as well.
How fast we generate a prime number is mostly a matter of luck and it depends on how lucky we are with drawing the first bytes. With today's multi-core processors, we can execute the process on multiple cores concurrently, accept the first valid result and cancel the rest of work. This way, with the same finding algorithm, we can get the result faster.
Concurrency level should be set depending on what `bitLen` of prime is expected. For example, as of today, on a typical workstation, for 512-bit safe prime, `concurrencyLevel` should be set to `1` as generating the prime of this length is a matter of milliseconds for a single core. For 1024-bit safe prime, `concurrencyLevel` should be usually set to at least `2` and for 2048-bit safe prime, `concurrencyLevel` must be set to at least `4` to get the result in a reasonable time.
This function generates safe primes of at least 6 `bitLen`. For every generated safe prime, the two most significant bits are always set to `1` - we don't want the generated number to be too small.
func (*GermainSafePrime) Prime ¶
func (sgp *GermainSafePrime) Prime() *big.Int
func (*GermainSafePrime) SafePrime ¶
func (sgp *GermainSafePrime) SafePrime() *big.Int
func (*GermainSafePrime) Validate ¶
func (sgp *GermainSafePrime) Validate() bool
Source Files