int cp_pss_ver(g1_t a, g1_t b, uint8_t *msg, int len, g2_t g, g2_t x, g2_t y) { g1_t p[2]; g2_t r[2]; gt_t e; bn_t m, n; int result = 1; g1_null(p[0]); g1_null(p[1]); g2_null(r[0]); g2_null(r[1]); gt_null(e); bn_null(m); bn_null(n); TRY { g1_new(p[0]); g1_new(p[1]); g2_new(r[0]); g2_new(r[1]); gt_new(e); bn_new(m); bn_new(n); if (g1_is_infty(a)) { result = 0; } g1_copy(p[0], a); g1_copy(p[1], b); g2_copy(r[1], g); g2_neg(r[1], r[1]); g1_get_ord(n); bn_read_bin(m, msg, len); bn_mod(m, m, n); g2_mul(r[0], y, m); g2_add(r[0], r[0], x); g2_norm(r[0], r[0]); pc_map_sim(e, p, r, 2); if (!gt_is_unity(e)) { result = 0; } } CATCH_ANY { THROW(ERR_CAUGHT); } FINALLY { g1_free(p[0]); g1_free(p[1]); g2_free(r[0]); g2_free(r[1]); gt_free(e); bn_free(m); bn_free(n); } return result; }
int cp_bgn_dec1(dig_t *out, g1_t in[2], bgn_t prv) { bn_t r, n; g1_t s, t, u; int i, result = STS_ERR; bn_null(n); bn_null(r); g1_null(s); g1_null(t); g1_null(u); TRY { bn_new(n); bn_new(r); g1_new(s); g1_new(t); g1_new(u); g1_get_ord(n); /* Compute T = x(ym + r)G - (zm + xr)G = m(xy - z)G. */ g1_mul(t, in[0], prv->x); g1_sub(t, t, in[1]); g1_norm(t, t); /* Compute U = (xy - z)G and find m. */ bn_mul(r, prv->x, prv->y); bn_sub(r, r, prv->z); bn_mod(r, r, n); g1_mul_gen(s, r); g1_copy(u, s); if (g1_is_infty(t) == 1){ *out = 0; result = STS_OK; } else { for (i = 0; i < INT_MAX; i++) { if (g1_cmp(t, u) == CMP_EQ) { *out = i + 1; result = STS_OK; break; } g1_add(u, u, s); g1_norm(u, u); } } } CATCH_ANY { result = STS_ERR; } FINALLY { bn_free(n); bn_free(r); g1_free(s); g1_free(t); g1_free(u); } return result; }
int cp_bls_sig(g1_t s, uint8_t *msg, int len, bn_t d) { g1_t p; int result = STS_OK; g1_null(p); TRY { g1_new(p); g1_map(p, msg, len); g1_mul(s, p, d); } CATCH_ANY { result = STS_ERR; } FINALLY { g1_free(p); } return result; }
int cp_bgn_enc1(g1_t out[2], dig_t in, bgn_t pub) { bn_t r, n; g1_t t; int result = STS_OK; bn_null(n); bn_null(r); g1_null(t); TRY { bn_new(n); bn_new(r); g1_new(t); g1_get_ord(n); bn_rand_mod(r, n); /* Compute c0 = (ym + r)G. */ g1_mul_dig(out[0], pub->gy, in); g1_mul_gen(t, r); g1_add(out[0], out[0], t); g1_norm(out[0], out[0]); /* Compute c1 = (zm + xr)G. */ g1_mul_dig(out[1], pub->gz, in); g1_mul(t, pub->gx, r); g1_add(out[1], out[1], t); g1_norm(out[1], out[1]); } CATCH_ANY { result = STS_ERR; } FINALLY { bn_free(n); bn_free(r); g1_free(t); } return result; }
void gt_get_gen(gt_t a) { g1_t g1; g2_t g2; g1_null(g1); g2_null(g2); TRY { g1_new(g1); g2_new(g2); g1_get_gen(g1); g2_get_gen(g2); pc_map(a, g1, g2); } CATCH_ANY { THROW(ERR_CAUGHT); } FINALLY { g1_free(g1); g2_free(g2); } }
int cp_bls_ver(g1_t s, uint8_t *msg, int len, g2_t q) { g1_t p; g2_t g; gt_t e1, e2; int result = 0; g1_null(p); g2_null(g); gt_null(e1); gt_null(e2); TRY { g1_new(p); g2_new(g); gt_new(e1); gt_new(e2); g2_get_gen(g); g1_map(p, msg, len); pc_map(e1, p, q); pc_map(e2, s, g); if (gt_cmp(e1, e2) == CMP_EQ) { result = 1; } } CATCH_ANY { THROW(ERR_CAUGHT); } FINALLY { g1_free(p); g2_free(g); gt_free(e1); gt_free(e2); } return result; }
int cp_bbs_gen(bn_t d, g2_t q, gt_t z) { bn_t n; g1_t g; int result = STS_OK; bn_null(n); g1_null(g); TRY { bn_new(n); g1_new(g); g1_get_gen(g); g2_get_gen(q); /* z = e(g1, g2). */ pc_map(z, g, q); g2_get_ord(n); do { bn_rand(d, BN_POS, 2 * pc_param_level()); bn_mod(d, d, n); } while (bn_is_zero(d)); /* q = d * g2. */ g2_mul_gen(q, d); g2_norm(q, q); } CATCH_ANY { result = STS_ERR; } FINALLY { bn_free(n); g1_free(g); } return result; }
int cp_psb_ver(g1_t a, g1_t b, uint8_t *msgs[], int lens[], g2_t g, g2_t x, g2_t y[], int l) { g1_t p[2]; g2_t q[2]; gt_t e; bn_t m, n; int i, result = 1; g1_null(p[0]); g1_null(p[1]); g2_null(q[0]); g2_null(q[1]); gt_null(e); bn_null(m); bn_null(n); TRY { g1_new(p[0]); g1_new(p[1]); g2_new(q[0]); g2_new(q[1]); gt_new(e); bn_new(m); bn_new(n); if (g1_is_infty(a)) { result = 0; } /* Check that e(a, x \prod y_i^m_i) = e(b, g). */ g1_copy(p[0], a); g1_copy(p[1], b); g2_copy(q[0], x); g1_get_ord(n); for (i = 0; i < l; i++) { bn_read_bin(m, msgs[i], lens[i]); bn_mod(m, m, n); g2_mul(q[1], y[i], m); g2_add(q[0], q[0], q[1]); } g2_norm(q[0], q[0]); g2_copy(q[1], g); g2_neg(q[1], q[1]); pc_map_sim(e, p, q, 2); if (!gt_is_unity(e)) { result = 0; } } CATCH_ANY { THROW(ERR_CAUGHT); } FINALLY { g1_free(p[0]); g1_free(p[1]); g2_free(q[0]); g2_free(q[1]); gt_free(e); bn_free(m); bn_free(n); } return result; }
int cp_sokaka_key(uint8_t *key, unsigned int key_len, char *id1, int len1, sokaka_t k, char *id2, int len2) { int first = 0, result = STS_OK; g1_t p; g2_t q; gt_t e; g1_null(p); g2_null(q); gt_null(e); TRY { g1_new(p); g2_new(q); gt_new(e); if (len1 == len2) { if (strncmp(id1, id2, len1) == 0) { THROW(ERR_NO_VALID); } first = (strncmp(id1, id2, len1) < 0 ? 1 : 2); } else { if (len1 < len2) { if (strncmp(id1, id2, len1) == 0) { first = 1; } else { first = (strncmp(id1, id2, len2) < 0 ? 1 : 2); } } else { if (strncmp(id1, id2, len2) == 0) { first = 2; } else { first = (strncmp(id1, id2, len2) < 0 ? 1 : 2); } } } if (pc_map_is_type1()) { g2_map(q, (uint8_t *)id2, len2); pc_map(e, k->s1, q); } else { if (first == 1) { g2_map(q, (uint8_t *)id2, len2); pc_map(e, k->s1, q); } else { g1_map(p, (uint8_t *)id2, len2); pc_map(e, p, k->s2); } } /* Allocate size for storing the output. */ uint8_t buf[gt_size_bin(e, 0)]; gt_write_bin(buf, sizeof(buf), e, 0); md_kdf1(key, key_len, buf, sizeof(buf)); } CATCH_ANY { result = STS_ERR; } FINALLY { g1_free(p); g2_free(q); gt_free(e); } return result; }
int cp_bgn_dec(dig_t *out, gt_t in[4], bgn_t prv) { int i, result = STS_ERR; g1_t g; g2_t h; gt_t t[4]; bn_t n, r, s; bn_null(n); bn_null(r); bn_null(s); g1_null(g); g2_null(h); TRY { bn_new(n); bn_new(r); bn_new(s); g1_new(g); g2_new(h); for (i = 0; i < 4; i++) { gt_null(t[i]); gt_new(t[i]); } gt_exp(t[0], in[0], prv->x); gt_exp(t[0], t[0], prv->x); gt_mul(t[1], in[1], in[2]); gt_exp(t[1], t[1], prv->x); gt_inv(t[1], t[1]); gt_mul(t[3], in[3], t[1]); gt_mul(t[3], t[3], t[0]); gt_get_ord(n); g1_get_gen(g); g2_get_gen(h); bn_mul(r, prv->x, prv->y); bn_sqr(r, r); bn_mul(s, prv->x, prv->y); bn_mul(s, s, prv->z); bn_sub(r, r, s); bn_sub(r, r, s); bn_sqr(s, prv->z); bn_add(r, r, s); bn_mod(r, r, n); pc_map(t[1], g, h); gt_exp(t[1], t[1], r); gt_copy(t[2], t[1]); if (gt_is_unity(t[3]) == 1) { *out = 0; result = STS_OK; } else { for (i = 0; i < INT_MAX; i++) { if (gt_cmp(t[2], t[3]) == CMP_EQ) { *out = i + 1; result = STS_OK; break; } gt_mul(t[2], t[2], t[1]); } } } CATCH_ANY { result = STS_ERR; } FINALLY { bn_free(n); bn_free(r); bn_free(s); g1_free(g); g2_free(h); for (i = 0; i < 4; i++) { gt_free(t[i]); } } return result; }