int cp_psb_gen(bn_t r, bn_t s[], g2_t g, g2_t x, g2_t y[], int l) {
bn_t n;
int i, result = RLC_OK;
bn_null(n);
TRY {
bn_new(n);
g2_get_ord(n);
bn_rand_mod(r, n);
g2_rand(g);
g2_mul(x, g, r);
for (i = 0; i < l; i++) {
bn_rand_mod(s[i], n);
g2_mul(y[i], g, s[i]);
}
}
CATCH_ANY {
result = RLC_ERR;
}
FINALLY {
bn_free(n);
}
return result;
}
int cp_bgn_gen(bgn_t pub, bgn_t prv) {
bn_t n;
int result = STS_OK;
bn_null(n);
TRY {
bn_new(n);
g1_get_ord(n);
bn_rand_mod(prv->x, n);
bn_rand_mod(prv->y, n);
bn_rand_mod(prv->z, n);
g1_mul_gen(pub->gx, prv->x);
g1_mul_gen(pub->gy, prv->y);
g1_mul_gen(pub->gz, prv->z);
g2_mul_gen(pub->hx, prv->x);
g2_mul_gen(pub->hy, prv->y);
g2_mul_gen(pub->hz, prv->z);
}
CATCH_ANY {
result = STS_ERR;
}
FINALLY {
bn_free(n);
}
return result;
}
int cp_ecss_sig(bn_t e, bn_t s, uint8_t *msg, int len, bn_t d) {
bn_t n, k, x, r;
ec_t p;
uint8_t hash[MD_LEN];
uint8_t m[len + FC_BYTES];
int result = STS_OK;
bn_null(n);
bn_null(k);
bn_null(x);
bn_null(r);
ec_null(p);
TRY {
bn_new(n);
bn_new(k);
bn_new(x);
bn_new(r);
ec_new(p);
ec_curve_get_ord(n);
do {
bn_rand_mod(k, n);
ec_mul_gen(p, k);
ec_get_x(x, p);
bn_mod(r, x, n);
} while (bn_is_zero(r));
memcpy(m, msg, len);
bn_write_bin(m + len, FC_BYTES, r);
md_map(hash, m, len + FC_BYTES);
if (8 * MD_LEN > bn_bits(n)) {
len = CEIL(bn_bits(n), 8);
bn_read_bin(e, hash, len);
bn_rsh(e, e, 8 * MD_LEN - bn_bits(n));
} else {
bn_read_bin(e, hash, MD_LEN);
}
bn_mod(e, e, n);
bn_mul(s, d, e);
bn_mod(s, s, n);
bn_sub(s, n, s);
bn_add(s, s, k);
bn_mod(s, s, n);
}
CATCH_ANY {
result = STS_ERR;
}
FINALLY {
bn_free(n);
bn_free(k);
bn_free(x);
bn_free(r);
ec_free(p);
}
return result;
}
void ep2_rand(ep2_t p) {
bn_t n, k;
ep2_t gen;
bn_null(k);
bn_null(n);
ep2_null(gen);
TRY {
bn_new(k);
bn_new(n);
ep2_new(gen);
ep2_curve_get_ord(n);
bn_rand_mod(k, n);
ep2_curve_get_gen(gen);
ep2_mul(p, gen, k);
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
bn_free(k);
bn_free(n);
ep2_free(gen);
}
}
int cp_phpe_enc(uint8_t *out, int *out_len, uint8_t *in, int in_len, bn_t n) {
bn_t g, m, r, s;
int size, result = STS_OK;
bn_null(g);
bn_null(m);
bn_null(r);
bn_null(s);
size = bn_size_bin(n);
if (n == NULL || in_len <= 0 || in_len > size) {
return STS_ERR;
}
TRY {
bn_new(g);
bn_new(m);
bn_new(r);
bn_new(s);
/* Represent m as a padded element of Z_n. */
bn_read_bin(m, in, in_len);
/* Generate r in Z_n^*. */
bn_rand_mod(r, n);
/* Compute c = (g^m)(r^n) mod n^2. */
bn_add_dig(g, n, 1);
bn_sqr(s, n);
bn_mxp(m, g, m, s);
bn_mxp(r, r, n, s);
bn_mul(m, m, r);
bn_mod(m, m, s);
if (2 * size <= *out_len) {
*out_len = 2 * size;
memset(out, 0, *out_len);
bn_write_bin(out, *out_len, m);
} else {
result = STS_ERR;
}
}
CATCH_ANY {
result = STS_ERR;
}
FINALLY {
bn_free(g);
bn_free(m);
bn_free(r);
bn_free(s);
}
return result;
}
int cp_pss_gen(bn_t r, bn_t s, g2_t g, g2_t x, g2_t y) {
bn_t n;
int result = RLC_OK;
bn_null(n);
TRY {
bn_new(n);
g2_get_ord(n);
bn_rand_mod(r, n);
bn_rand_mod(s, n);
g2_rand(g);
g2_mul(x, g, r);
g2_mul(y, g, s);
}
CATCH_ANY {
result = RLC_ERR;
}
FINALLY {
bn_free(n);
}
return result;
}
int cp_bdpe_enc(uint8_t *out, int *out_len, dig_t in, bdpe_t pub) {
bn_t m, u;
int size, result = STS_OK;
bn_null(m);
bn_null(u);
size = bn_size_bin(pub->n);
if (in > pub->t) {
return STS_ERR;
}
TRY {
bn_new(m);
bn_new(u);
bn_set_dig(m, in);
bn_rand_mod(u, pub->n);
bn_mxp(m, pub->y, m, pub->n);
bn_mxp_dig(u, u, pub->t, pub->n);
bn_mul(m, m, u);
bn_mod(m, m, pub->n);
if (size <= *out_len) {
*out_len = size;
memset(out, 0, *out_len);
bn_write_bin(out, size, m);
} else {
result = STS_ERR;
}
}
CATCH_ANY {
result = STS_ERR;
}
FINALLY {
bn_free(m);
bn_free(u);
}
return result;
}
int cp_sokaka_gen(bn_t master) {
bn_t n;
int result = STS_OK;
bn_null(n);
TRY {
bn_new(n);
g1_get_ord(n);
bn_rand_mod(master, n);
}
CATCH_ANY {
result = STS_ERR;
}
FINALLY {
bn_free(n);
}
return result;
}
int cp_bgn_enc1(g1_t out[2], dig_t in, bgn_t pub) {
bn_t r, n;
g1_t t;
int result = STS_OK;
bn_null(n);
bn_null(r);
g1_null(t);
TRY {
bn_new(n);
bn_new(r);
g1_new(t);
g1_get_ord(n);
bn_rand_mod(r, n);
/* Compute c0 = (ym + r)G. */
g1_mul_dig(out[0], pub->gy, in);
g1_mul_gen(t, r);
g1_add(out[0], out[0], t);
g1_norm(out[0], out[0]);
/* Compute c1 = (zm + xr)G. */
g1_mul_dig(out[1], pub->gz, in);
g1_mul(t, pub->gx, r);
g1_add(out[1], out[1], t);
g1_norm(out[1], out[1]);
}
CATCH_ANY {
result = STS_ERR;
}
FINALLY {
bn_free(n);
bn_free(r);
g1_free(t);
}
return result;
}
int cp_ecss_gen(bn_t d, ec_t q) {
bn_t n;
int result = STS_OK;
bn_null(n);
TRY {
bn_new(n);
ec_curve_get_ord(n);
bn_rand_mod(d, n);
ec_mul_gen(q, d);
}
CATCH_ANY {
result = STS_ERR;
}
FINALLY {
bn_free(n);
}
return result;
}
/*============================================================================*/
void ed_rand(ed_t p) {
bn_t n, k;
bn_null(k);
bn_null(n);
TRY {
bn_new(k);
bn_new(n);
ed_curve_get_ord(n);
bn_rand_mod(k, n);
ed_mul_gen(p, k);
} CATCH_ANY {
THROW(ERR_CAUGHT);
} FINALLY {
bn_free(k);
bn_free(n);
}
}
