You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@milagro.apache.org by km...@apache.org on 2019/06/20 11:55:25 UTC
[incubator-milagro-crypto-c] 02/02: update bls129 and bls256
This is an automated email from the ASF dual-hosted git repository.
kmccusker pushed a commit to branch issue11
in repository https://gitbox.apache.org/repos/asf/incubator-milagro-crypto-c.git
commit 5ba32074177f0bb205ede009e5e85b54d0c7cb5e
Author: Kealan McCusker <ke...@gmail.com>
AuthorDate: Thu Jun 20 12:55:02 2019 +0100
update bls129 and bls256
---
config.mk | 2 +-
examples/testbls_ZZZ.c.in | 16 +++++------
include/bls.h.in | 6 ++--
include/bls192.h.in | 24 ++++++++++++++--
include/bls256.h.in | 24 ++++++++++++++--
src/bls.c.in | 21 ++++++++++----
src/bls192.c.in | 70 +++++++++++++++++++++++++++++++++++++++++------
src/bls256.c.in | 69 ++++++++++++++++++++++++++++++++++++++++------
8 files changed, 191 insertions(+), 41 deletions(-)
diff --git a/config.mk b/config.mk
index f3706a4..13941ce 100644
--- a/config.mk
+++ b/config.mk
@@ -4,7 +4,7 @@
WORD_SIZE:=64
# Current choice of Elliptic Curve ANSSI C25519 NIST521 BLS24 C41417 NUMS256E BLS381 ED25519 NUMS256W BLS383 FP256BN NUMS384E BLS461 FP512BN NUMS384W BLS48 GOLDILOCKS NUMS512E BN254 HIFIVE NUMS512W BN254CX NIST256 SECP256K1 BRAINPOOL NIST384
-AMCL_CURVE:=BLS383
+AMCL_CURVE:=ED25519,NIST256,GOLDILOCKS,BLS383
# RSA security level: 2048 3072 4096
AMCL_RSA:=2048,3072
diff --git a/examples/testbls_ZZZ.c.in b/examples/testbls_ZZZ.c.in
index d249c69..10fe65a 100644
--- a/examples/testbls_ZZZ.c.in
+++ b/examples/testbls_ZZZ.c.in
@@ -147,16 +147,16 @@ int bls(csprng *RNG)
}
// Add Public keys
- rc = BLS_ADD_G2(&PK1,&PK2,&PK);
+ rc = BLS_ZZZ_ADD_G2(&PK1,&PK2,&PK);
if (rc!=BLS_OK)
{
- printf("ERROR BLS_ADD_G2 errorCode : %d\n", rc);
+ printf("ERROR BLS_ZZZ_ADD_G2 errorCode : %d\n", rc);
return 1;
}
- rc = BLS_ADD_G2(&PK,&PK3,&PK);
+ rc = BLS_ZZZ_ADD_G2(&PK,&PK3,&PK);
if (rc!=BLS_OK)
{
- printf("ERROR BLS_ADD_G2 errorCode : %d\n", rc);
+ printf("ERROR BLS_ZZZ_ADD_G2 errorCode : %d\n", rc);
return 1;
}
printf("Public key PK: ");
@@ -164,10 +164,10 @@ int bls(csprng *RNG)
printf("\n");
// Add signatures
- rc = BLS_ADD_G1(&SIG1,&SIG2,&SIG);
+ rc = BLS_ZZZ_ADD_G1(&SIG1,&SIG2,&SIG);
if (rc!=BLS_OK)
{
- printf("ERROR BLS_ADD_G1 errorCode : %d\n", rc);
+ printf("ERROR BLS_ZZZ_ADD_G1 errorCode : %d\n", rc);
return 1;
}
@@ -183,10 +183,10 @@ int bls(csprng *RNG)
printf("Error: Combined signature is invalid\n");
}
- rc = BLS_ADD_G1(&SIG,&SIG3,&SIG);
+ rc = BLS_ZZZ_ADD_G1(&SIG,&SIG3,&SIG);
if (rc!=BLS_OK)
{
- printf("ERROR BLS_ADD_G1 errorCode : %d\n", rc);
+ printf("ERROR BLS_ZZZ_ADD_G1 errorCode : %d\n", rc);
return 1;
}
printf("SIG: ");
diff --git a/include/bls.h.in b/include/bls.h.in
index ab22d88..8905ddd 100644
--- a/include/bls.h.in
+++ b/include/bls.h.in
@@ -73,7 +73,6 @@ int BLS_ZZZ_SIGN(octet *SIG,char *m,octet *S);
*/
int BLS_ZZZ_VERIFY(octet *SIG,char *m,octet *W);
-
/** @brief Add two members from the group G1
*
@param R1 member of G1
@@ -81,7 +80,7 @@ int BLS_ZZZ_VERIFY(octet *SIG,char *m,octet *W);
@param R member of G1. R = R1+R2
@return Zero for success or else an error code
*/
-int BLS_ADD_G1(octet *R1,octet *R2,octet *R);
+int BLS_ZZZ_ADD_G1(octet *R1,octet *R2,octet *R);
/** @brief Add two members from the group G2
*
@@ -90,8 +89,7 @@ int BLS_ADD_G1(octet *R1,octet *R2,octet *R);
@param W member of G2. W = W1+W2
@return Zero for success or else an error code
*/
-int BLS_ADD_G2(octet *W1,octet *W2,octet *W);
-
+int BLS_ZZZ_ADD_G2(octet *W1,octet *W2,octet *W);
#endif
diff --git a/include/bls192.h.in b/include/bls192.h.in
index 8bd7fae..ae8ab26 100644
--- a/include/bls192.h.in
+++ b/include/bls192.h.in
@@ -39,8 +39,10 @@ under the License.
#define BGS_ZZZ MODBYTES_XXX /**< BLS Group Size */
#define BFS_ZZZ MODBYTES_XXX /**< BLS Field Size */
-#define BLS_OK 0 /**< Function completed without error */
-#define BLS_FAIL -1 /**< Point is NOT on the curve */
+#define BLS_OK 0 /**< Function completed without error */
+#define BLS_FAIL 41 /**< Invalid signature */
+#define BLS_INVALID_G1 42 /**< Not a valid G1 point on the curve */
+#define BLS_INVALID_G2 43 /**< Not a valid G2 point on the curve */
/* BLS API functions */
@@ -71,5 +73,23 @@ int BLS_ZZZ_SIGN(octet *SIG,char *m,octet *S);
*/
int BLS_ZZZ_VERIFY(octet *SIG,char *m,octet *W);
+/** @brief Add two members from the group G1
+ *
+ @param R1 member of G1
+ @param R2 member of G1
+ @param R member of G1. R = R1+R2
+ @return Zero for success or else an error code
+ */
+int BLS_ZZZ_ADD_G1(octet *R1,octet *R2,octet *R);
+
+/** @brief Add two members from the group G2
+ *
+ @param W1 member of G2
+ @param W2 member of G2
+ @param W member of G2. W = W1+W2
+ @return Zero for success or else an error code
+ */
+int BLS_ZZZ_ADD_G2(octet *W1,octet *W2,octet *W);
+
#endif
diff --git a/include/bls256.h.in b/include/bls256.h.in
index 977c4ee..ad9dfb0 100644
--- a/include/bls256.h.in
+++ b/include/bls256.h.in
@@ -39,8 +39,10 @@ under the License.
#define BGS_ZZZ MODBYTES_XXX /**< BLS Group Size */
#define BFS_ZZZ MODBYTES_XXX /**< BLS Field Size */
-#define BLS_OK 0 /**< Function completed without error */
-#define BLS_FAIL -1 /**< Point is NOT on the curve */
+#define BLS_OK 0 /**< Function completed without error */
+#define BLS_FAIL 41 /**< Invalid signature */
+#define BLS_INVALID_G1 42 /**< Not a valid G1 point on the curve */
+#define BLS_INVALID_G2 43 /**< Not a valid G2 point on the curve */
/* BLS API functions */
@@ -71,5 +73,23 @@ int BLS_ZZZ_SIGN(octet *SIG,char *m,octet *S);
*/
int BLS_ZZZ_VERIFY(octet *SIG,char *m,octet *W);
+/** @brief Add two members from the group G1
+ *
+ @param R1 member of G1
+ @param R2 member of G1
+ @param R member of G1. R = R1+R2
+ @return Zero for success or else an error code
+ */
+int BLS_ZZZ_ADD_G1(octet *R1,octet *R2,octet *R);
+
+/** @brief Add two members from the group G2
+ *
+ @param W1 member of G2
+ @param W2 member of G2
+ @param W member of G2. W = W1+W2
+ @return Zero for success or else an error code
+ */
+int BLS_ZZZ_ADD_G2(octet *W1,octet *W2,octet *W);
+
#endif
diff --git a/src/bls.c.in b/src/bls.c.in
index d00cbd0..4328342 100644
--- a/src/bls.c.in
+++ b/src/bls.c.in
@@ -62,7 +62,8 @@ int BLS_ZZZ_SIGN(octet *SIG,char *m,octet *S)
BLS_HASHIT(&D,m);
BIG_XXX_fromBytes(s,S->val);
PAIR_ZZZ_G1mul(&D,s);
- ECP_ZZZ_toOctet(SIG,&D,true); /* compress output */
+ // compress output
+ ECP_ZZZ_toOctet(SIG,&D,true);
return BLS_OK;
}
@@ -73,11 +74,19 @@ int BLS_ZZZ_VERIFY(octet *SIG,char *m,octet *W)
ECP2_ZZZ G,PK;
ECP_ZZZ D,HM;
BLS_HASHIT(&HM,m);
- ECP_ZZZ_fromOctet(&D,SIG);
+
+ if (!ECP_ZZZ_fromOctet(&D,SIG))
+ {
+ return BLS_INVALID_G1;
+ }
+
ECP2_ZZZ_generator(&G);
- ECP2_ZZZ_fromOctet(&PK,W);
- ECP_ZZZ_neg(&D);
+ if (!ECP2_ZZZ_fromOctet(&PK,W))
+ {
+ return BLS_INVALID_G2;
+ }
+ ECP_ZZZ_neg(&D);
PAIR_ZZZ_double_ate(&v,&G,&D,&PK,&HM);
PAIR_ZZZ_fexp(&v);
@@ -90,7 +99,7 @@ int BLS_ZZZ_VERIFY(octet *SIG,char *m,octet *W)
}
/* R=R1+R2 in group G1 */
-int BLS_ADD_G1(octet *R1,octet *R2,octet *R)
+int BLS_ZZZ_ADD_G1(octet *R1,octet *R2,octet *R)
{
ECP_ZZZ P;
ECP_ZZZ T;
@@ -112,7 +121,7 @@ int BLS_ADD_G1(octet *R1,octet *R2,octet *R)
}
/* W=W1+W2 in group G2 */
-int BLS_ADD_G2(octet *W1,octet *W2,octet *W)
+int BLS_ZZZ_ADD_G2(octet *W1,octet *W2,octet *W)
{
ECP2_ZZZ Q;
ECP2_ZZZ T;
diff --git a/src/bls192.c.in b/src/bls192.c.in
index bab100c..226fe9d 100644
--- a/src/bls192.c.in
+++ b/src/bls192.c.in
@@ -26,7 +26,6 @@ under the License.
#include "bls192_ZZZ.h"
/* hash a message to an ECP point, using SHA3 */
-
static void BLS_HASHIT(ECP_ZZZ *P,char *m)
{
int i;
@@ -41,7 +40,6 @@ static void BLS_HASHIT(ECP_ZZZ *P,char *m)
}
/* generate key pair, private key S, public key W */
-
int BLS_ZZZ_KEY_PAIR_GENERATE(csprng *RNG,octet* S,octet *W)
{
ECP4_ZZZ G;
@@ -57,7 +55,6 @@ int BLS_ZZZ_KEY_PAIR_GENERATE(csprng *RNG,octet* S,octet *W)
}
/* Sign message m using private key S to produce signature SIG */
-
int BLS_ZZZ_SIGN(octet *SIG,char *m,octet *S)
{
BIG_XXX s;
@@ -70,22 +67,77 @@ int BLS_ZZZ_SIGN(octet *SIG,char *m,octet *S)
}
/* Verify signature given message m, the signature SIG, and the public key W */
-
int BLS_ZZZ_VERIFY(octet *SIG,char *m,octet *W)
{
FP24_YYY v;
ECP4_ZZZ G,PK;
ECP_ZZZ D,HM;
BLS_HASHIT(&HM,m);
- ECP_ZZZ_fromOctet(&D,SIG);
+
+ if (!ECP_ZZZ_fromOctet(&D,SIG))
+ {
+ return BLS_INVALID_G1;
+ }
+
ECP4_ZZZ_generator(&G);
- ECP4_ZZZ_fromOctet(&PK,W);
+
+ if (!ECP4_ZZZ_fromOctet(&PK,W))
+ {
+ return BLS_INVALID_G2;
+ }
ECP_ZZZ_neg(&D);
PAIR_ZZZ_double_ate(&v,&G,&D,&PK,&HM);
-
PAIR_ZZZ_fexp(&v);
- if (FP24_YYY_isunity(&v)) return BLS_OK;
- return BLS_FAIL;
+
+ if (!FP24_YYY_isunity(&v))
+ {
+ return BLS_FAIL;
+ }
+ return BLS_OK;
}
+
+/* R=R1+R2 in group G1 */
+int BLS_ZZZ_ADD_G1(octet *R1,octet *R2,octet *R)
+{
+ ECP_ZZZ P;
+ ECP_ZZZ T;
+
+ if (!ECP_ZZZ_fromOctet(&P,R1))
+ {
+ return BLS_INVALID_G1;
+ }
+
+ if (!ECP_ZZZ_fromOctet(&T,R2))
+ {
+ return BLS_INVALID_G1;
+ }
+
+ ECP_ZZZ_add(&P,&T);
+ ECP_ZZZ_toOctet(R,&P,true);
+
+ return BLS_OK;
+}
+
+/* W=W1+W2 in group G2 */
+int BLS_ZZZ_ADD_G2(octet *W1,octet *W2,octet *W)
+{
+ ECP4_ZZZ Q;
+ ECP4_ZZZ T;
+
+ if (!ECP4_ZZZ_fromOctet(&Q,W1))
+ {
+ return BLS_INVALID_G2;
+ }
+
+ if (!ECP4_ZZZ_fromOctet(&T,W2))
+ {
+ return BLS_INVALID_G2;
+ }
+
+ ECP4_ZZZ_add(&Q,&T);
+ ECP4_ZZZ_toOctet(W,&Q);
+
+ return BLS_OK;
+}
diff --git a/src/bls256.c.in b/src/bls256.c.in
index 6b250d1..0aca536 100644
--- a/src/bls256.c.in
+++ b/src/bls256.c.in
@@ -26,7 +26,6 @@ under the License.
#include "bls256_ZZZ.h"
/* hash a message to an ECP point, using SHA3 */
-
static void BLS_HASHIT(ECP_ZZZ *P,char *m)
{
int i;
@@ -41,7 +40,6 @@ static void BLS_HASHIT(ECP_ZZZ *P,char *m)
}
/* generate key pair, private key S, public key W */
-
int BLS_ZZZ_KEY_PAIR_GENERATE(csprng *RNG,octet* S,octet *W)
{
ECP8_ZZZ G;
@@ -57,7 +55,6 @@ int BLS_ZZZ_KEY_PAIR_GENERATE(csprng *RNG,octet* S,octet *W)
}
/* Sign message m using private key S to produce signature SIG */
-
int BLS_ZZZ_SIGN(octet *SIG,char *m,octet *S)
{
BIG_XXX s;
@@ -70,23 +67,77 @@ int BLS_ZZZ_SIGN(octet *SIG,char *m,octet *S)
}
/* Verify signature given message m, the signature SIG, and the public key W */
-
int BLS_ZZZ_VERIFY(octet *SIG,char *m,octet *W)
{
FP48_YYY v;
ECP8_ZZZ G,PK;
ECP_ZZZ D,HM;
BLS_HASHIT(&HM,m);
- ECP_ZZZ_fromOctet(&D,SIG);
- ECP8_ZZZ_generator(&G);
- ECP8_ZZZ_fromOctet(&PK,W);
+
+ if (!ECP_ZZZ_fromOctet(&D,SIG))
+ {
+ return BLS_INVALID_G1;
+ }
ECP_ZZZ_neg(&D);
+
+ ECP8_ZZZ_generator(&G);
+
+ if (!ECP8_ZZZ_fromOctet(&PK,W))
+ {
+ return BLS_INVALID_G2;
+ }
PAIR_ZZZ_double_ate(&v,&G,&D,&PK,&HM);
PAIR_ZZZ_fexp(&v);
- if (FP48_YYY_isunity(&v)) return BLS_OK;
- return BLS_FAIL;
+ if (!FP48_YYY_isunity(&v))
+ {
+ return BLS_FAIL;
+ }
+ return BLS_OK;
}
+/* R=R1+R2 in group G1 */
+int BLS_ZZZ_ADD_G1(octet *R1,octet *R2,octet *R)
+{
+ ECP_ZZZ P;
+ ECP_ZZZ T;
+
+ if (!ECP_ZZZ_fromOctet(&P,R1))
+ {
+ return BLS_INVALID_G1;
+ }
+
+ if (!ECP_ZZZ_fromOctet(&T,R2))
+ {
+ return BLS_INVALID_G1;
+ }
+
+ ECP_ZZZ_add(&P,&T);
+ ECP_ZZZ_toOctet(R,&P,true);
+
+ return BLS_OK;
+}
+
+/* W=W1+W2 in group G2 */
+int BLS_ZZZ_ADD_G2(octet *W1,octet *W2,octet *W)
+{
+ ECP8_ZZZ Q;
+ ECP8_ZZZ T;
+
+ if (!ECP8_ZZZ_fromOctet(&Q,W1))
+ {
+ return BLS_INVALID_G2;
+ }
+
+ if (!ECP8_ZZZ_fromOctet(&T,W2))
+ {
+ return BLS_INVALID_G2;
+ }
+
+ ECP8_ZZZ_add(&Q,&T);
+ ECP8_ZZZ_toOctet(W,&Q);
+
+ return BLS_OK;
+}