|
|
|
|
@ -6,7 +6,7 @@ import pyblake2
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def hex(by):
|
|
|
|
|
return str(binascii.hexlify(by), 'ascii')
|
|
|
|
|
return binascii.hexlify(by).decode()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def combine_keys(pks):
|
|
|
|
|
@ -55,7 +55,7 @@ def compute_mask(combination, m, n):
|
|
|
|
|
|
|
|
|
|
def createPubkey():
|
|
|
|
|
print('Enter randomness: ', end='')
|
|
|
|
|
seckey = ed25519raw.H(input().encode('utf-8'))[0:32]
|
|
|
|
|
seckey = ed25519raw.H(input().encode())[0:32]
|
|
|
|
|
pubkey = ed25519raw.publickey(seckey)
|
|
|
|
|
print('Secret Key: %s' % hex(seckey))
|
|
|
|
|
print('Public Key: %s' % hex(pubkey))
|
|
|
|
|
@ -63,7 +63,7 @@ def createPubkey():
|
|
|
|
|
|
|
|
|
|
def combinePubkeys(m, n):
|
|
|
|
|
if binom(n, m) > 100:
|
|
|
|
|
raise Exception("Too many keys")
|
|
|
|
|
raise Exception('Too many keys')
|
|
|
|
|
pks = []
|
|
|
|
|
for i in range(0, n):
|
|
|
|
|
print('Enter pubkey %d: ' % i, end='')
|
|
|
|
|
@ -91,7 +91,7 @@ def get_nonce(sk, data, ctr):
|
|
|
|
|
a = 2 ** (b - 2) + sum(2 ** i * ed25519raw.bit(h, i) for i in range(3, b - 2))
|
|
|
|
|
r = ed25519raw.Hint(bytes([h[i] for i in range(b >> 3, b >> 2)]) + data + binascii.unhexlify('%08x' % ctr))
|
|
|
|
|
R = ed25519raw.scalarmult(ed25519raw.B, r)
|
|
|
|
|
return (r, ed25519raw.encodepoint(R))
|
|
|
|
|
return r, ed25519raw.encodepoint(R)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def phase1(data):
|
|
|
|
|
@ -101,7 +101,7 @@ def phase1(data):
|
|
|
|
|
ctr = int(input())
|
|
|
|
|
print('Enter privkey: ', end='')
|
|
|
|
|
seckey = binascii.unhexlify(input())
|
|
|
|
|
(_, R) = get_nonce(seckey, digest, ctr)
|
|
|
|
|
_, R = get_nonce(seckey, digest, ctr)
|
|
|
|
|
print('Local commit: %s' % hex(R))
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -202,9 +202,9 @@ def main():
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test():
|
|
|
|
|
data = sys.argv[1].encode('utf-8')
|
|
|
|
|
N = 5
|
|
|
|
|
keyset = [1, 3, 4]
|
|
|
|
|
data = sys.argv[1].encode()
|
|
|
|
|
N = 3
|
|
|
|
|
keyset = [0, 2]
|
|
|
|
|
|
|
|
|
|
digest = pyblake2.blake2s(data).digest()
|
|
|
|
|
print('Digest: %s' % hex(digest))
|
|
|
|
|
@ -215,7 +215,7 @@ def test():
|
|
|
|
|
sigs = []
|
|
|
|
|
for i in range(0, N):
|
|
|
|
|
print('----- Key %d ------' % (i + 1))
|
|
|
|
|
seckey = ed25519raw.H(("key%d" % (i + 1)).encode('utf-8'))[0:32]
|
|
|
|
|
seckey = bytes([0x41 + i]) * 32
|
|
|
|
|
pubkey = ed25519raw.publickey(seckey)
|
|
|
|
|
print('Secret Key: %s' % hex(seckey))
|
|
|
|
|
print('Public Key: %s' % hex(pubkey))
|
|
|
|
|
@ -235,7 +235,7 @@ def test():
|
|
|
|
|
print('Global commit: %s' % hex(globalR))
|
|
|
|
|
print('-----------------')
|
|
|
|
|
|
|
|
|
|
for i in range(0, 5):
|
|
|
|
|
for i in range(0, N):
|
|
|
|
|
seckey = sks[i]
|
|
|
|
|
pubkey = pks[i]
|
|
|
|
|
r = nonces[i]
|
|
|
|
|
@ -250,7 +250,7 @@ def test():
|
|
|
|
|
sigs.append(ed25519raw.encodeint(S))
|
|
|
|
|
|
|
|
|
|
print('-----------------')
|
|
|
|
|
sig = combine_sig(globalR, [sigs[i] for i in [1, 3, 4]])
|
|
|
|
|
sig = combine_sig(globalR, [sigs[i] for i in keyset])
|
|
|
|
|
print('Global sig: %s' % hex(sig))
|
|
|
|
|
ed25519raw.checkvalid(sig, digest, globalPk)
|
|
|
|
|
print('Valid Signature!')
|
|
|
|
|
|
Pavol Rusnak
7 years ago