diff options
Diffstat (limited to 'vendor/github.com/dexon-foundation/bls')
42 files changed, 4184 insertions, 126 deletions
diff --git a/vendor/github.com/dexon-foundation/bls/.gitignore b/vendor/github.com/dexon-foundation/bls/.gitignore new file mode 100644 index 000000000..dacdfc906 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/.gitignore @@ -0,0 +1,7 @@ +CVS +bin/*.exe +lib/*.a +lib/*.so +lib/*.dylib +obj/*.d +obj/*.o diff --git a/vendor/github.com/dexon-foundation/bls/.travis.yml b/vendor/github.com/dexon-foundation/bls/.travis.yml new file mode 100644 index 000000000..71a667a2e --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/.travis.yml @@ -0,0 +1,39 @@ +sudo: true +dist: xenial +services: +- docker +env: + global: + - IMAGE_TAG=dexonfoundation/bls-go-alpine + - DOCKER_USER=spiderpowadeploy + - secure: mqNCngWukyjE3UARxaPjqS0xgC1dsnWfmPhpH2mq7nR6S2cGfJ3xBfyiTS//Clz//7sAL+Tp62r3fxyMjDogrSHZUUssCAwf17RM6vnALqaVbc3wXcTNudiDB5cVKe9C9gZqn1Ivd+qbmtuCezSrOG5Xih1gh4bPTyiFvU1sp9C2icMHkJZkjsP0QqCbHlQrMeECSIPlEGIOXUUSp+WmrZAdi2rHezKeZxuaT73RX1+N/+1RfWXo2MR4ydQU3eALl5s5UA9JweQO+MYIVr8EEpGNqJRYUyURx/5G/Sy2v6Z3imUvXZv1J5aplW/UDls92Olla1JHuvFW6ptRO+PHITNwvEkhxPFj+HcOpqEuSISsdk9rkHUrM0wEYPv6A4vQPUjMHrLQs2tQShVCelM1HtNvDDjttKMmVyRLusFP9eS7uvmmXu2l6efJjsMSFkY5WKbu2U0MQ1j708KH9k2WunU6sjJ+b74PkkZVtkQMIqgTokC0IOqbbrnwh4I9PpVpHAQrewRimMH+lDHk+HlMUCWk7/IcIFUl+mh6RzW2vkZTTr2ctSBI6QzK5smdPmqQpp2lqkGv/hQCBp5ICzFSkU6Djqe3hG8ta3+/Zhi10fPU2HcHDi+gR79CG8dvy+iOeTS2csXZx+YoN2BVkfu9AnrjZ9Kjkf9BMay4CehBUWE= +language: cpp +compiler: +- gcc +- clang +addons: + apt: + packages: + - libgmp-dev +install: +- git clone --depth 1 https://github.com/dexon-foundation/mcl.git $TRAVIS_BUILD_DIR/../mcl +script: +- make -j3 +- make test_ci DISABLE_THREAD_TEST=1 +- make test_go +- env LD_LIBRARY_PATH=../mcl/lib bin/bls_c384_test.exe +- make clean && make -C ../mcl clean +- make -j3 MCL_USE_OPENSSL=0 +- make test_ci DISABLE_THREAD_TEST=1 MCL_USE_OPENSSL=0 +- docker build --tag "$IMAGE_TAG" . -f images/bls-go-alpine/Dockerfile --no-cache +before_deploy: +- echo "$DOCKER_PASS" | docker login -u "$DOCKER_USER" --password-stdin +- git_commit="$(git rev-parse --short HEAD)" +- docker tag "$IMAGE_TAG" "${IMAGE_TAG}:${git_commit}" +- docker tag "$IMAGE_TAG" "${IMAGE_TAG}:latest" +deploy: + provider: script + script: docker push "${IMAGE_TAG}:latest" && docker push "${IMAGE_TAG}:${git_commit}" + on: + branch: dev + condition: "$CC = gcc" diff --git a/vendor/github.com/dexon-foundation/bls/CMakeLists.txt b/vendor/github.com/dexon-foundation/bls/CMakeLists.txt new file mode 100644 index 000000000..30fb90fd5 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/CMakeLists.txt @@ -0,0 +1,33 @@ +cmake_minimum_required (VERSION 2.6) +project(bls CXX ASM) + +set(CMAKE_ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/lib) +set(CMAKE_LIBRARY_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/lib) +set(CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/bin) + +set(LIBS mcl gmp) + +include_directories(include/) + +add_library(bls_c256 SHARED src/bls_c256.cpp) +add_library(bls_c384 SHARED src/bls_c384.cpp) +add_library(bls_c384_256 SHARED src/bls_c384_256.cpp) +target_link_libraries(bls_c256 ${LIBS}) +target_link_libraries(bls_c384 ${LIBS}) +target_link_libraries(bls_c384_256 ${LIBS}) + +file(GLOB BLS_HEADERS include/bls/bls.h include/bls/bls.hpp) + +install(TARGETS bls_c256 DESTINATION lib) +install(TARGETS bls_c384 DESTINATION lib) +install(TARGETS bls_c384_256 DESTINATION lib) +install(FILES ${BLS_HEADERS} DESTINATION include/bls) + +set(TEST_LIBS pthread gmpxx) + +add_executable(bls_c256_test test/bls_c256_test.cpp) +target_link_libraries(bls_c256_test bls_c256 ${TEST_LIBS}) +add_executable(bls_c384_test test/bls_c384_test.cpp) +target_link_libraries(bls_c384_test bls_c384 ${TEST_LIBS}) +add_executable(bls_c384_256_test test/bls_c384_256_test.cpp) +target_link_libraries(bls_c384_256_test bls_c384_256 ${TEST_LIBS}) diff --git a/vendor/github.com/dexon-foundation/bls/Makefile b/vendor/github.com/dexon-foundation/bls/Makefile index 556f625ec..efea22274 100644 --- a/vendor/github.com/dexon-foundation/bls/Makefile +++ b/vendor/github.com/dexon-foundation/bls/Makefile @@ -1,55 +1,73 @@ -include ../mcl/common.mk +ifeq ($(findstring MINGW64,$(shell uname -s)),MINGW64) + # cgo accepts not '/c/path' but 'c:/path' + PWD=$(shell pwd|sed s'@^/\([a-z]\)@\1:@') +else + PWD=$(shell pwd) +endif +MCL_DIR?=$(PWD)/../mcl +include $(MCL_DIR)/common.mk LIB_DIR=lib OBJ_DIR=obj EXE_DIR=bin CFLAGS += -std=c++11 LDFLAGS += -lpthread -SRC_SRC=bls_c256.cpp bls_c384.cpp -TEST_SRC=bls256_test.cpp bls384_test.cpp bls_c256_test.cpp bls_c384_test.cpp +SRC_SRC=bls_c256.cpp bls_c384.cpp bls_c384_256.cpp +TEST_SRC=bls256_test.cpp bls384_test.cpp bls384_256_test.cpp bls_c256_test.cpp bls_c384_test.cpp bls_c384_256_test.cpp SAMPLE_SRC=bls256_smpl.cpp bls384_smpl.cpp -CFLAGS+=-I../mcl/include -I./ +CFLAGS+=-I$(MCL_DIR)/include ifneq ($(MCL_MAX_BIT_SIZE),) CFLAGS+=-DMCL_MAX_BIT_SIZE=$(MCL_MAX_BIT_SIZE) endif ifeq ($(DISABLE_THREAD_TEST),1) CFLAGS+=-DDISABLE_THREAD_TEST endif - -SHARE_BASENAME_SUF?=_dy +ifeq ($(BLS_SWAP_G),1) + CFLAGS+=-DBLS_SWAP_G +endif BLS256_LIB=$(LIB_DIR)/libbls256.a BLS384_LIB=$(LIB_DIR)/libbls384.a -BLS256_SNAME=bls256$(SHARE_BASENAME_SUF) -BLS384_SNAME=bls384$(SHARE_BASENAME_SUF) +BLS384_256_LIB=$(LIB_DIR)/libbls384_256.a +BLS256_SNAME=bls256 +BLS384_SNAME=bls384 +BLS384_256_SNAME=bls384_256 BLS256_SLIB=$(LIB_DIR)/lib$(BLS256_SNAME).$(LIB_SUF) BLS384_SLIB=$(LIB_DIR)/lib$(BLS384_SNAME).$(LIB_SUF) -all: $(BLS256_LIB) $(BLS256_SLIB) $(BLS384_LIB) $(BLS384_SLIB) +BLS384_256_SLIB=$(LIB_DIR)/lib$(BLS384_256_SNAME).$(LIB_SUF) +all: $(BLS256_LIB) $(BLS256_SLIB) $(BLS384_LIB) $(BLS384_SLIB) $(BLS384_256_LIB) $(BLS384_256_SLIB) -MCL_LIB=../mcl/lib/libmcl.a +MCL_LIB=$(MCL_DIR)/lib/libmcl.a $(MCL_LIB): - $(MAKE) -C ../mcl lib/libmcl.a + $(MAKE) -C $(MCL_DIR) -$(BLS256_LIB): $(OBJ_DIR)/bls_c256.o +$(BLS256_LIB): $(OBJ_DIR)/bls_c256.o $(MCL_LIB) $(AR) $@ $< $(BLS384_LIB): $(OBJ_DIR)/bls_c384.o $(MCL_LIB) $(AR) $@ $< +$(BLS384_256_LIB): $(OBJ_DIR)/bls_c384_256.o $(MCL_LIB) + $(AR) $@ $< ifneq ($(findstring $(OS),mac/mingw64),) - BLS256_SLIB_LDFLAGS+=-lgmpxx -lgmp -lcrypto -lstdc++ - BLS384_SLIB_LDFLAGS+=-lgmpxx -lgmp -lcrypto -lstdc++ + COMMON_LIB=$(GMP_LIB) $(OPENSSL_LIB) -lstdc++ + BLS256_SLIB_LDFLAGS+=$(COMMON_LIB) + BLS384_SLIB_LDFLAGS+=$(COMMON_LIB) + BLS384_256_SLIB_LDFLAGS+=$(COMMON_LIB) endif ifeq ($(OS),mingw64) - CFLAGS+=-I../mcl + CFLAGS+=-I$(MCL_DIR) BLS256_SLIB_LDFLAGS+=-Wl,--out-implib,$(LIB_DIR)/lib$(BLS256_SNAME).a BLS384_SLIB_LDFLAGS+=-Wl,--out-implib,$(LIB_DIR)/lib$(BLS384_SNAME).a + BLS384_256_SLIB_LDFLAGS+=-Wl,--out-implib,$(LIB_DIR)/lib$(BLS384_256_SNAME).a endif $(BLS256_SLIB): $(OBJ_DIR)/bls_c256.o $(MCL_LIB) - $(PRE)$(CXX) -shared -o $@ $< $(MCL_LIB) $(BLS256_SLIB_LDFLAGS) + $(PRE)$(CXX) -shared -o $@ $< -L$(MCL_DIR)/lib -lmcl $(BLS256_SLIB_LDFLAGS) $(LDFLAGS) $(BLS384_SLIB): $(OBJ_DIR)/bls_c384.o $(MCL_LIB) - $(PRE)$(CXX) -shared -o $@ $< $(MCL_LIB) $(BLS384_SLIB_LDFLAGS) + $(PRE)$(CXX) -shared -o $@ $< -L$(MCL_DIR)/lib -lmcl $(BLS384_SLIB_LDFLAGS) $(LDFLAGS) +$(BLS384_256_SLIB): $(OBJ_DIR)/bls_c384_256.o $(MCL_LIB) + $(PRE)$(CXX) -shared -o $@ $< -L$(MCL_DIR)/lib -lmcl $(BLS384_256_SLIB_LDFLAGS) $(LDFLAGS) VPATH=test sample src @@ -58,35 +76,58 @@ VPATH=test sample src $(OBJ_DIR)/%.o: %.cpp $(PRE)$(CXX) $(CFLAGS) -c $< -o $@ -MMD -MP -MF $(@:.o=.d) +$(EXE_DIR)/%384_256_test.exe: $(OBJ_DIR)/%384_256_test.o $(BLS384_256_LIB) $(MCL_LIB) + $(PRE)$(CXX) $< -o $@ $(BLS384_256_LIB) -L$(MCL_DIR)/lib -lmcl $(LDFLAGS) + $(EXE_DIR)/%384_test.exe: $(OBJ_DIR)/%384_test.o $(BLS384_LIB) $(MCL_LIB) - $(PRE)$(CXX) $< -o $@ $(BLS384_LIB) -lmcl -L../mcl/lib $(LDFLAGS) + $(PRE)$(CXX) $< -o $@ $(BLS384_LIB) -L$(MCL_DIR)/lib -lmcl $(LDFLAGS) $(EXE_DIR)/%256_test.exe: $(OBJ_DIR)/%256_test.o $(BLS256_LIB) $(MCL_LIB) - $(PRE)$(CXX) $< -o $@ $(BLS256_LIB) -lmcl -L../mcl/lib $(LDFLAGS) + $(PRE)$(CXX) $< -o $@ $(BLS256_LIB) -L$(MCL_DIR)/lib -lmcl $(LDFLAGS) # sample exe links libbls256.a $(EXE_DIR)/%.exe: $(OBJ_DIR)/%.o $(BLS256_LIB) $(MCL_LIB) - $(PRE)$(CXX) $< -o $@ $(BLS256_LIB) -lmcl -L../mcl/lib $(LDFLAGS) + $(PRE)$(CXX) $< -o $@ $(BLS256_LIB) -L$(MCL_DIR)/lib -lmcl $(LDFLAGS) +ifeq ($(OS),mac) + install_name_tool bin/bls_smpl.exe -change lib/libmcl.dylib $(MCL_DIR)/lib/libmcl.dylib +endif SAMPLE_EXE=$(addprefix $(EXE_DIR)/,$(SAMPLE_SRC:.cpp=.exe)) sample: $(SAMPLE_EXE) TEST_EXE=$(addprefix $(EXE_DIR)/,$(TEST_SRC:.cpp=.exe)) +ifeq ($(OS),mac) + LIBPATH_KEY=DYLD_LIBRARY_PATH +else + LIBPATH_KEY=LD_LIBRARY_PATH +endif +test_ci: $(TEST_EXE) + @sh -ec 'for i in $(TEST_EXE); do echo $$i; env PATH=$$PATH:../mcl/lib $(LIBPATH_KEY)=../mcl/lib LSAN_OPTIONS=verbosity=1 log_threads=1 $$i; done' + $(MAKE) sample_test + test: $(TEST_EXE) @echo test $(TEST_EXE) - @sh -ec 'for i in $(TEST_EXE); do $$i|grep "ctest:name"; done' > result.txt + @sh -ec 'for i in $(TEST_EXE); do env PATH=$$PATH:../mcl/lib $(LIBPATH_KEY)=../mcl/lib $$i|grep "ctest:name"; done' > result.txt @grep -v "ng=0, exception=0" result.txt; if [ $$? -eq 1 ]; then echo "all unit tests succeed"; else exit 1; fi $(MAKE) sample_test sample_test: $(EXE_DIR)/bls_smpl.exe - python bls_smpl.py - -ifeq ($(OS),mac) - MAC_GO_LDFLAGS="-ldflags=-s" -endif -# PATH is for mingw, LD_RUN_PATH is for linux, DYLD_LIBRARY_PATH is for mac -test_go: ffi/go/bls/bls.go ffi/go/bls/bls_test.go $(BLS384_LIB) - cd ffi/go/bls && go test $(MAC_GO_LDFLAGS) . + env PATH=$$PATH:../mcl/lib $(LIBPATH_KEY)=../mcl/lib python bls_smpl.py + +# PATH is for mingw, LD_LIBRARY_PATH is for linux, DYLD_LIBRARY_PATH is for mac +COMMON_LIB_PATH="../../../lib:../../../../mcl/lib" +PATH_VAL=$$PATH:$(COMMON_LIB_PATH) LD_LIBRARY_PATH=$(COMMON_LIB_PATH) DYLD_LIBRARY_PATH=$(COMMON_LIB_PATH) +test_go256: ffi/go/bls/bls.go ffi/go/bls/bls_test.go $(BLS256_LIB) + cd ffi/go/bls && env PATH=$(PATH_VAL) go test -tags bn256 . +test_go384: ffi/go/bls/bls.go ffi/go/bls/bls_test.go $(BLS384_LIB) + cd ffi/go/bls && env PATH=$(PATH_VAL) go test -tags bn384 . +test_go384_256: ffi/go/bls/bls.go ffi/go/bls/bls_test.go $(BLS384_256_LIB) + cd ffi/go/bls && env PATH=$(PATH_VAL) go test -tags bn384_256 . + +test_go: + $(MAKE) test_go256 + $(MAKE) test_go384 + $(MAKE) test_go384_256 EMCC_OPT=-I./include -I./src -I../mcl/include -I./ -Wall -Wextra EMCC_OPT+=-O3 -DNDEBUG @@ -103,12 +144,19 @@ bls-wasm: $(MAKE) ../bls-wasm/bls_c.js clean: - $(RM) $(OBJ_DIR)/*.d $(OBJ_DIR)/*.o $(EXE_DIR)/*.exe $(GEN_EXE) $(ASM_SRC) $(ASM_OBJ) $(LLVM_SRC) $(BLS256_LIB) $(BLS256_SLIB) $(BLS384_LIB) $(BLS384_SLIB) + $(RM) $(OBJ_DIR)/*.d $(OBJ_DIR)/*.o $(EXE_DIR)/*.exe $(GEN_EXE) $(ASM_SRC) $(ASM_OBJ) $(LLVM_SRC) $(BLS256_LIB) $(BLS256_SLIB) $(BLS384_LIB) $(BLS384_SLIB) $(BLS384_256_LIB) $(BLS384_256_SLIB) ALL_SRC=$(SRC_SRC) $(TEST_SRC) $(SAMPLE_SRC) DEPEND_FILE=$(addprefix $(OBJ_DIR)/, $(ALL_SRC:.cpp=.d)) -include $(DEPEND_FILE) +PREFIX?=/usr/local +install: lib/libbls256.a lib/libbls256.$(LIB_SUF) lib/libbls384.a lib/libbls384.$(LIB_SUF) lib/libbls384_256.a lib/libbls384_256.$(LIB_SUF) + $(MKDIR) $(PREFIX)/include/bls + cp -a include/bls/ $(PREFIX)/include/ + $(MKDIR) $(PREFIX)/lib + cp -a lib/libbls256.a lib/libbls256.$(LIB_SUF) lib/libbls384.a lib/libbls384.$(LIB_SUF) lib/libbls384_256.a lib/libbls384_256.$(LIB_SUF) $(PREFIX)/lib/ + .PHONY: test bls-wasm # don't remove these files automatically diff --git a/vendor/github.com/dexon-foundation/bls/bin/.emptydir b/vendor/github.com/dexon-foundation/bls/bin/.emptydir new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/bin/.emptydir diff --git a/vendor/github.com/dexon-foundation/bls/ffi/cs/App.config b/vendor/github.com/dexon-foundation/bls/ffi/cs/App.config new file mode 100644 index 000000000..8d234373a --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/ffi/cs/App.config @@ -0,0 +1,6 @@ +<?xml version="1.0" encoding="utf-8"?> +<configuration> + <startup> + <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.2"/> + </startup> +</configuration> diff --git a/vendor/github.com/dexon-foundation/bls/ffi/cs/Properties/AssemblyInfo.cs b/vendor/github.com/dexon-foundation/bls/ffi/cs/Properties/AssemblyInfo.cs new file mode 100644 index 000000000..201222c55 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/ffi/cs/Properties/AssemblyInfo.cs @@ -0,0 +1,36 @@ +using System.Reflection; +using System.Runtime.CompilerServices; +using System.Runtime.InteropServices; + +// アセンブリに関する一般情報は以下の属性セットをとおして制御されます。 +// アセンブリに関連付けられている情報を変更するには、 +// これらの属性値を変更してください。 +[assembly: AssemblyTitle("bls256")] +[assembly: AssemblyDescription("")] +[assembly: AssemblyConfiguration("")] +[assembly: AssemblyCompany("")] +[assembly: AssemblyProduct("bls256")] +[assembly: AssemblyCopyright("Copyright © 2017")] +[assembly: AssemblyTrademark("")] +[assembly: AssemblyCulture("")] + +// ComVisible を false に設定すると、その型はこのアセンブリ内で COM コンポーネントから +// 参照不可能になります。COM からこのアセンブリ内の型にアクセスする場合は、 +// その型の ComVisible 属性を true に設定してください。 +[assembly: ComVisible(false)] + +// このプロジェクトが COM に公開される場合、次の GUID が typelib の ID になります +[assembly: Guid("e9d06b1b-ea22-4ef4-ba4b-422f7625966c")] + +// アセンブリのバージョン情報は次の 4 つの値で構成されています: +// +// メジャー バージョン +// マイナー バージョン +// ビルド番号 +// Revision +// +// すべての値を指定するか、下のように '*' を使ってビルドおよびリビジョン番号を +// 既定値にすることができます: +// [assembly: AssemblyVersion("1.0.*")] +[assembly: AssemblyVersion("1.0.0.0")] +[assembly: AssemblyFileVersion("1.0.0.0")] diff --git a/vendor/github.com/dexon-foundation/bls/ffi/cs/bls.cs b/vendor/github.com/dexon-foundation/bls/ffi/cs/bls.cs new file mode 100644 index 000000000..6bcaf07fb --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/ffi/cs/bls.cs @@ -0,0 +1,351 @@ +using System; +using System.Text; +using System.Runtime.InteropServices; + +namespace mcl +{ + class BLS + { + public const int BN254 = 0; + public const int BLS12_381 = 5; + + const int IoEcComp = 512; // fixed byte representation + public const int FR_UNIT_SIZE = 4; + public const int FP_UNIT_SIZE = 6; // 4 if bls256.dll is used + public const int COMPILED_TIME_VAR = FR_UNIT_SIZE * 10 + FP_UNIT_SIZE; + + public const int ID_UNIT_SIZE = FR_UNIT_SIZE; + public const int SECRETKEY_UNIT_SIZE = FR_UNIT_SIZE; + public const int PUBLICKEY_UNIT_SIZE = FP_UNIT_SIZE * 3 * 2; + public const int SIGNATURE_UNIT_SIZE = FP_UNIT_SIZE * 3; + + public const int ID_SERIALIZE_SIZE = FR_UNIT_SIZE * 8; + public const int SECRETKEY_SERIALIZE_SIZE = FR_UNIT_SIZE * 8; + public const int PUBLICKEY_SERIALIZE_SIZE = FP_UNIT_SIZE * 8 * 2; + public const int SIGNATURE_SERIALIZE_SIZE = FP_UNIT_SIZE * 8; + + public const string dllName = FP_UNIT_SIZE == 4 ? "bls256.dll" : "bls384_256.dll"; + [DllImport(dllName)] + public static extern int blsInit(int curveType, int compiledTimeVar); + + [DllImport(dllName)] public static extern void blsIdSetInt(ref Id id, int x); + [DllImport(dllName)] public static extern int blsIdSetDecStr(ref Id id, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + [DllImport(dllName)] public static extern int blsIdSetHexStr(ref Id id, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + [DllImport(dllName)] public static extern ulong blsIdGetDecStr([Out]StringBuilder buf, ulong maxBufSize, in Id id); + [DllImport(dllName)] public static extern ulong blsIdGetHexStr([Out]StringBuilder buf, ulong maxBufSize, in Id id); + + [DllImport(dllName)] public static extern ulong blsIdSerialize([Out]byte[] buf, ulong maxBufSize, in Id id); + [DllImport(dllName)] public static extern ulong blsSecretKeySerialize([Out]byte[] buf, ulong maxBufSize, in SecretKey sec); + [DllImport(dllName)] public static extern ulong blsPublicKeySerialize([Out]byte[] buf, ulong maxBufSize, in PublicKey pub); + [DllImport(dllName)] public static extern ulong blsSignatureSerialize([Out]byte[] buf, ulong maxBufSize, in Signature sig); + [DllImport(dllName)] public static extern ulong blsIdDeserialize(ref Id id, [In]byte[] buf, ulong bufSize); + [DllImport(dllName)] public static extern ulong blsSecretKeyDeserialize(ref SecretKey sec, [In]byte[] buf, ulong bufSize); + [DllImport(dllName)] public static extern ulong blsPublicKeyDeserialize(ref PublicKey pub, [In]byte[] buf, ulong bufSize); + [DllImport(dllName)] public static extern ulong blsSignatureDeserialize(ref Signature sig, [In]byte[] buf, ulong bufSize); + + [DllImport(dllName)] public static extern int blsIdIsEqual(in Id lhs, in Id rhs); + [DllImport(dllName)] public static extern int blsSecretKeyIsEqual(in SecretKey lhs, in SecretKey rhs); + [DllImport(dllName)] public static extern int blsPublicKeyIsEqual(in PublicKey lhs, in PublicKey rhs); + [DllImport(dllName)] public static extern int blsSignatureIsEqual(in Signature lhs, in Signature rhs); + // add + [DllImport(dllName)] public static extern void blsSecretKeyAdd(ref SecretKey sec, in SecretKey rhs); + [DllImport(dllName)] public static extern void blsPublicKeyAdd(ref PublicKey pub, in PublicKey rhs); + [DllImport(dllName)] public static extern void blsSignatureAdd(ref Signature sig, in Signature rhs); + // hash buf and set + [DllImport(dllName)] public static extern int blsHashToSecretKey(ref SecretKey sec, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + /* + set secretKey if system has /dev/urandom or CryptGenRandom + return 0 if success else -1 + */ + [DllImport(dllName)] public static extern int blsSecretKeySetByCSPRNG(ref SecretKey sec); + + [DllImport(dllName)] public static extern void blsGetPublicKey(ref PublicKey pub, in SecretKey sec); + [DllImport(dllName)] public static extern void blsGetPop(ref Signature sig, in SecretKey sec); + + // return 0 if success + [DllImport(dllName)] public static extern int blsSecretKeyShare(ref SecretKey sec, in SecretKey msk, ulong k, in Id id); + [DllImport(dllName)] public static extern int blsPublicKeyShare(ref PublicKey pub, in PublicKey mpk, ulong k, in Id id); + + + [DllImport(dllName)] public static extern int blsSecretKeyRecover(ref SecretKey sec, in SecretKey secVec, in Id idVec, ulong n); + [DllImport(dllName)] public static extern int blsPublicKeyRecover(ref PublicKey pub, in PublicKey pubVec, in Id idVec, ulong n); + [DllImport(dllName)] public static extern int blsSignatureRecover(ref Signature sig, in Signature sigVec, in Id idVec, ulong n); + + [DllImport(dllName)] public static extern void blsSign(ref Signature sig, in SecretKey sec, [In][MarshalAs(UnmanagedType.LPStr)] string m, ulong size); + + // return 1 if valid + [DllImport(dllName)] public static extern int blsVerify(in Signature sig, in PublicKey pub, [In][MarshalAs(UnmanagedType.LPStr)] string m, ulong size); + [DllImport(dllName)] public static extern int blsVerifyPop(in Signature sig, in PublicKey pub); + + ////////////////////////////////////////////////////////////////////////// + // the following apis will be removed + + // mask buf with (1 << (bitLen(r) - 1)) - 1 if buf >= r + [DllImport(dllName)] public static extern int blsIdSetLittleEndian(ref Id id, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + /* + return written byte size if success else 0 + */ + [DllImport(dllName)] public static extern ulong blsIdGetLittleEndian([Out]StringBuilder buf, ulong maxBufSize, in Id id); + + // return 0 if success + // mask buf with (1 << (bitLen(r) - 1)) - 1 if buf >= r + [DllImport(dllName)] public static extern int blsSecretKeySetLittleEndian(ref SecretKey sec, [In]byte[] buf, ulong bufSize); + [DllImport(dllName)] public static extern int blsSecretKeySetDecStr(ref SecretKey sec, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + [DllImport(dllName)] public static extern int blsSecretKeySetHexStr(ref SecretKey sec, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + /* + return written byte size if success else 0 + */ + [DllImport(dllName)] public static extern ulong blsSecretKeyGetLittleEndian([Out]byte[] buf, ulong maxBufSize, in SecretKey sec); + /* + return strlen(buf) if success else 0 + buf is '\0' terminated + */ + [DllImport(dllName)] public static extern ulong blsSecretKeyGetDecStr([Out]StringBuilder buf, ulong maxBufSize, in SecretKey sec); + [DllImport(dllName)] public static extern ulong blsSecretKeyGetHexStr([Out]StringBuilder buf, ulong maxBufSize, in SecretKey sec); + [DllImport(dllName)] public static extern int blsPublicKeySetHexStr(ref PublicKey pub, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + [DllImport(dllName)] public static extern ulong blsPublicKeyGetHexStr([Out]StringBuilder buf, ulong maxBufSize, in PublicKey pub); + [DllImport(dllName)] public static extern int blsSignatureSetHexStr(ref Signature sig, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + [DllImport(dllName)] public static extern ulong blsSignatureGetHexStr([Out]StringBuilder buf, ulong maxBufSize, in Signature sig); + + public static void Init(int curveType = BN254) { + if (!System.Environment.Is64BitProcess) { + throw new PlatformNotSupportedException("not 64-bit system"); + } + int err = blsInit(curveType, COMPILED_TIME_VAR); + if (err != 0) { + throw new ArgumentException("blsInit"); + } + } + [StructLayout(LayoutKind.Sequential)] + public unsafe struct Id + { + private fixed ulong v[ID_UNIT_SIZE]; + public byte[] Serialize() { + byte[] buf = new byte[ID_SERIALIZE_SIZE]; + ulong n = blsIdSerialize(buf, (ulong)buf.Length, this); + if (n == 0) { + throw new ArithmeticException("blsIdSerialize"); + } + return buf; + } + public void Deserialize(byte[] buf) { + ulong n = blsIdDeserialize(ref this, buf, (ulong)buf.Length); + if (n == 0) { + throw new ArithmeticException("blsIdDeserialize"); + } + } + public bool IsEqual(in Id rhs) { + return blsIdIsEqual(this, rhs) != 0; + } + public void SetDecStr(string s) { + if (blsIdSetDecStr(ref this, s, (ulong)s.Length) != 0) { + throw new ArgumentException("blsIdSetDecSt:" + s); + } + } + public void SetHexStr(string s) { + if (blsIdSetHexStr(ref this, s, (ulong)s.Length) != 0) { + throw new ArgumentException("blsIdSetHexStr:" + s); + } + } + public void SetInt(int x) { + blsIdSetInt(ref this, x); + } + public string GetDecStr() { + StringBuilder sb = new StringBuilder(1024); + ulong size = blsIdGetDecStr(sb, (ulong)sb.Capacity, this); + if (size == 0) { + throw new ArgumentException("blsIdGetDecStr"); + } + return sb.ToString(0, (int)size); + } + public string GetHexStr() { + StringBuilder sb = new StringBuilder(1024); + ulong size = blsIdGetHexStr(sb, (ulong)sb.Capacity, this); + if (size == 0) { + throw new ArgumentException("blsIdGetHexStr"); + } + return sb.ToString(0, (int)size); + } + } + [StructLayout(LayoutKind.Sequential)] + public unsafe struct SecretKey + { + private fixed ulong v[SECRETKEY_UNIT_SIZE]; + public byte[] Serialize() { + byte[] buf = new byte[SECRETKEY_SERIALIZE_SIZE]; + ulong n = blsSecretKeySerialize(buf, (ulong)buf.Length, this); + if (n == 0) { + throw new ArithmeticException("blsSecretKeySerialize"); + } + return buf; + } + public void Deserialize(byte[] buf) { + ulong n = blsSecretKeyDeserialize(ref this, buf, (ulong)buf.Length); + if (n == 0) { + throw new ArithmeticException("blsSecretKeyDeserialize"); + } + } + public bool IsEqual(in SecretKey rhs) { + return blsSecretKeyIsEqual(this, rhs) != 0; + } + public void SetHexStr(string s) { + if (blsSecretKeySetHexStr(ref this, s, (ulong)s.Length) != 0) { + throw new ArgumentException("blsSecretKeySetHexStr:" + s); + } + } + public string GetHexStr() { + StringBuilder sb = new StringBuilder(1024); + ulong size = blsSecretKeyGetHexStr(sb, (ulong)sb.Capacity, this); + if (size == 0) { + throw new ArgumentException("mclBnFr_getStr"); + } + return sb.ToString(0, (int)size); + } + public void Add(in SecretKey rhs) { + blsSecretKeyAdd(ref this, rhs); + } + public void SetByCSPRNG() { + blsSecretKeySetByCSPRNG(ref this); + } + public void SetHashOf(string s) { + if (blsHashToSecretKey(ref this, s, (ulong)s.Length) != 0) { + throw new ArgumentException("blsHashToSecretKey"); + } + } + public PublicKey GetPublicKey() { + PublicKey pub; + blsGetPublicKey(ref pub, this); + return pub; + } + public Signature Sign(string m) { + Signature sig; + blsSign(ref sig, this, m, (ulong)m.Length); + return sig; + } + public Signature GetPop() { + Signature sig; + blsGetPop(ref sig, this); + return sig; + } + } + // secretKey = sum_{i=0}^{msk.Length - 1} msk[i] * id^i + public static SecretKey ShareSecretKey(in SecretKey[] msk, in Id id) { + SecretKey sec; + if (blsSecretKeyShare(ref sec, msk[0], (ulong)msk.Length, id) != 0) { + throw new ArgumentException("GetSecretKeyForId:" + id.ToString()); + } + return sec; + } + public static SecretKey RecoverSecretKey(in SecretKey[] secVec, in Id[] idVec) { + SecretKey sec; + if (blsSecretKeyRecover(ref sec, secVec[0], idVec[0], (ulong)secVec.Length) != 0) { + throw new ArgumentException("Recover"); + } + return sec; + } + [StructLayout(LayoutKind.Sequential)] + public unsafe struct PublicKey + { + private fixed ulong v[PUBLICKEY_UNIT_SIZE]; + public byte[] Serialize() { + byte[] buf = new byte[PUBLICKEY_SERIALIZE_SIZE]; + ulong n = blsPublicKeySerialize(buf, (ulong)buf.Length, this); + if (n == 0) { + throw new ArithmeticException("blsPublicKeySerialize"); + } + return buf; + } + public void Deserialize(byte[] buf) { + ulong n = blsPublicKeyDeserialize(ref this, buf, (ulong)buf.Length); + if (n == 0) { + throw new ArithmeticException("blsPublicKeyDeserialize"); + } + } + public bool IsEqual(in PublicKey rhs) { + return blsPublicKeyIsEqual(this, rhs) != 0; + } + public void SetStr(string s) { + if (blsPublicKeySetHexStr(ref this, s, (ulong)s.Length) != 0) { + throw new ArgumentException("blsPublicKeySetStr:" + s); + } + } + public string GetHexStr() { + StringBuilder sb = new StringBuilder(1024); + ulong size = blsPublicKeyGetHexStr(sb, (ulong)sb.Capacity, this); + if (size == 0) { + throw new ArgumentException("blsPublicKeyGetStr"); + } + return sb.ToString(0, (int)size); + } + public void Add(in PublicKey rhs) { + blsPublicKeyAdd(ref this, rhs); + } + public bool Verify(in Signature sig, string m) { + return blsVerify(sig, this, m, (ulong)m.Length) == 1; + } + public bool VerifyPop(in Signature pop) { + return blsVerifyPop(pop, this) == 1; + } + } + // publicKey = sum_{i=0}^{mpk.Length - 1} mpk[i] * id^i + public static PublicKey SharePublicKey(in PublicKey[] mpk, in Id id) { + PublicKey pub; + if (blsPublicKeyShare(ref pub, mpk[0], (ulong)mpk.Length, id) != 0) { + throw new ArgumentException("GetPublicKeyForId:" + id.ToString()); + } + return pub; + } + public static PublicKey RecoverPublicKey(in PublicKey[] pubVec, in Id[] idVec) { + PublicKey pub; + if (blsPublicKeyRecover(ref pub, pubVec[0], idVec[0], (ulong)pubVec.Length) != 0) { + throw new ArgumentException("Recover"); + } + return pub; + } + [StructLayout(LayoutKind.Sequential)] + public unsafe struct Signature + { + private fixed ulong v[SIGNATURE_UNIT_SIZE]; + public byte[] Serialize() { + byte[] buf = new byte[SIGNATURE_SERIALIZE_SIZE]; + ulong n = blsSignatureSerialize(buf, (ulong)buf.Length, this); + if (n == 0) { + throw new ArithmeticException("blsSignatureSerialize"); + } + return buf; + } + public void Deserialize(byte[] buf) { + ulong n = blsSignatureDeserialize(ref this, buf, (ulong)buf.Length); + if (n == 0) { + throw new ArithmeticException("blsSignatureDeserialize"); + } + } + public bool IsEqual(in Signature rhs) { + return blsSignatureIsEqual(this, rhs) != 0; + } + public void SetStr(string s) { + if (blsSignatureSetHexStr(ref this, s, (ulong)s.Length) != 0) { + throw new ArgumentException("blsSignatureSetStr:" + s); + } + } + public string GetHexStr() { + StringBuilder sb = new StringBuilder(1024); + ulong size = blsSignatureGetHexStr(sb, (ulong)sb.Capacity, this); + if (size == 0) { + throw new ArgumentException("blsSignatureGetStr"); + } + return sb.ToString(0, (int)size); + } + public void Add(in Signature rhs) { + blsSignatureAdd(ref this, rhs); + } + } + public static Signature RecoverSign(in Signature[] sigVec, in Id[] idVec) { + Signature sig; + if (blsSignatureRecover(ref sig, sigVec[0], idVec[0], (ulong)sigVec.Length) != 0) { + throw new ArgumentException("Recover"); + } + return sig; + } + } +} diff --git a/vendor/github.com/dexon-foundation/bls/ffi/cs/bls.csproj b/vendor/github.com/dexon-foundation/bls/ffi/cs/bls.csproj new file mode 100644 index 000000000..c03afa436 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/ffi/cs/bls.csproj @@ -0,0 +1,97 @@ +<?xml version="1.0" encoding="utf-8"?> +<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> + <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> + <PropertyGroup> + <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> + <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> + <ProjectGuid>{E9D06B1B-EA22-4EF4-BA4B-422F7625966D}</ProjectGuid> + <OutputType>Exe</OutputType> + <AppDesignerFolder>Properties</AppDesignerFolder> + <RootNamespace>bls</RootNamespace> + <AssemblyName>bls</AssemblyName> + <TargetFrameworkVersion>v4.6.2</TargetFrameworkVersion> + <FileAlignment>512</FileAlignment> + <AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects> + <PublishUrl>publish\</PublishUrl> + <Install>true</Install> + <InstallFrom>Disk</InstallFrom> + <UpdateEnabled>false</UpdateEnabled> + <UpdateMode>Foreground</UpdateMode> + <UpdateInterval>7</UpdateInterval> + <UpdateIntervalUnits>Days</UpdateIntervalUnits> + <UpdatePeriodically>false</UpdatePeriodically> + <UpdateRequired>false</UpdateRequired> + <MapFileExtensions>true</MapFileExtensions> + <ApplicationRevision>0</ApplicationRevision> + <ApplicationVersion>1.0.0.%2a</ApplicationVersion> + <IsWebBootstrapper>false</IsWebBootstrapper> + <UseApplicationTrust>false</UseApplicationTrust> + <BootstrapperEnabled>true</BootstrapperEnabled> + <TargetFrameworkProfile /> + </PropertyGroup> + <PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Debug|x64'"> + <DebugSymbols>true</DebugSymbols> + <OutputPath>..\..\bin\</OutputPath> + <DefineConstants>DEBUG;TRACE</DefineConstants> + <AllowUnsafeBlocks>true</AllowUnsafeBlocks> + <DebugType>full</DebugType> + <PlatformTarget>x64</PlatformTarget> + <ErrorReport>prompt</ErrorReport> + <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet> + <LangVersion>7.2</LangVersion> + <Prefer32Bit>false</Prefer32Bit> + </PropertyGroup> + <PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Release|x64'"> + <OutputPath>..\..\bin\</OutputPath> + <DefineConstants>TRACE</DefineConstants> + <Optimize>true</Optimize> + <DebugType>pdbonly</DebugType> + <PlatformTarget>x64</PlatformTarget> + <ErrorReport>prompt</ErrorReport> + <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet> + <Prefer32Bit>false</Prefer32Bit> + <AllowUnsafeBlocks>true</AllowUnsafeBlocks> + <LangVersion>7.2</LangVersion> + </PropertyGroup> + <PropertyGroup> + <NoWin32Manifest>true</NoWin32Manifest> + </PropertyGroup> + <ItemGroup> + <Reference Include="System" /> + <Reference Include="System.Core" /> + <Reference Include="System.Xml.Linq" /> + <Reference Include="System.Data.DataSetExtensions" /> + <Reference Include="Microsoft.CSharp" /> + <Reference Include="System.Data" /> + <Reference Include="System.Net.Http" /> + <Reference Include="System.Xml" /> + </ItemGroup> + <ItemGroup> + <Compile Include="bls.cs" /> + <Compile Include="bls_test.cs" /> + <Compile Include="Properties\AssemblyInfo.cs" /> + </ItemGroup> + <ItemGroup> + <None Include="App.config" /> + </ItemGroup> + <ItemGroup> + <BootstrapperPackage Include=".NETFramework,Version=v4.5.2"> + <Visible>False</Visible> + <ProductName>Microsoft .NET Framework 4.5.2 %28x86 および x64%29</ProductName> + <Install>true</Install> + </BootstrapperPackage> + <BootstrapperPackage Include="Microsoft.Net.Framework.3.5.SP1"> + <Visible>False</Visible> + <ProductName>.NET Framework 3.5 SP1</ProductName> + <Install>false</Install> + </BootstrapperPackage> + </ItemGroup> + <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" /> + <!-- To modify your build process, add your task inside one of the targets below and uncomment it. + Other similar extension points exist, see Microsoft.Common.targets. + <Target Name="BeforeBuild"> + </Target> + <Target Name="AfterBuild"> + </Target> + --> +</Project>
\ No newline at end of file diff --git a/vendor/github.com/dexon-foundation/bls/ffi/cs/bls.sln b/vendor/github.com/dexon-foundation/bls/ffi/cs/bls.sln new file mode 100644 index 000000000..7c3dfba7b --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/ffi/cs/bls.sln @@ -0,0 +1,25 @@ + +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio 15 +VisualStudioVersion = 15.0.28307.539 +MinimumVisualStudioVersion = 10.0.40219.1 +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "bls", "bls.csproj", "{E9D06B1B-EA22-4EF4-BA4B-422F7625966D}" +EndProject +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|x64 = Debug|x64 + Release|x64 = Release|x64 + EndGlobalSection + GlobalSection(ProjectConfigurationPlatforms) = postSolution + {E9D06B1B-EA22-4EF4-BA4B-422F7625966D}.Debug|x64.ActiveCfg = Debug|x64 + {E9D06B1B-EA22-4EF4-BA4B-422F7625966D}.Debug|x64.Build.0 = Debug|x64 + {E9D06B1B-EA22-4EF4-BA4B-422F7625966D}.Release|x64.ActiveCfg = Release|x64 + {E9D06B1B-EA22-4EF4-BA4B-422F7625966D}.Release|x64.Build.0 = Release|x64 + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection + GlobalSection(ExtensibilityGlobals) = postSolution + SolutionGuid = {1935C301-6478-4F82-9587-6A66B531E327} + EndGlobalSection +EndGlobal diff --git a/vendor/github.com/dexon-foundation/bls/ffi/cs/bls256.cs b/vendor/github.com/dexon-foundation/bls/ffi/cs/bls256.cs new file mode 100644 index 000000000..3ef5fab9a --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/ffi/cs/bls256.cs @@ -0,0 +1,298 @@ +using System; +using System.Text; +using System.Runtime.InteropServices; + +namespace mcl { + class BLS256 { + const int IoEcComp = 512; // fixed byte representation + public const int MCLBN_FR_UNIT_SIZE = 4; + public const int MCLBN_FP_UNIT_SIZE = 4; + public const int MCLBN_COMPILED_TIME_VAR = MCLBN_FR_UNIT_SIZE * 10 + MCLBN_FP_UNIT_SIZE; + [DllImport("bls256.dll")] + public static extern int blsInit(int curve, int compiledTimeVar); + + [DllImport("bls256.dll")] public static extern void blsIdSetInt(ref Id id, int x); + [DllImport("bls256.dll")] public static extern int blsIdSetDecStr(ref Id id, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + [DllImport("bls256.dll")] public static extern int blsIdSetHexStr(ref Id id, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + [DllImport("bls256.dll")] public static extern ulong blsIdGetDecStr([Out]StringBuilder buf, ulong maxBufSize, ref Id id); + [DllImport("bls256.dll")] public static extern ulong blsIdGetHexStr([Out]StringBuilder buf, ulong maxBufSize, ref Id id); + + + [DllImport("bls256.dll")] public static extern ulong blsIdSerialize([Out]StringBuilder buf, ulong maxBufSize, ref Id id); + [DllImport("bls256.dll")] public static extern ulong blsSecretKeySerialize([Out]StringBuilder buf, ulong maxBufSize, ref SecretKey sec); + [DllImport("bls256.dll")] public static extern ulong blsPublicKeySerialize([Out]StringBuilder buf, ulong maxBufSize, ref PublicKey pub); + [DllImport("bls256.dll")] public static extern ulong blsSignatureSerialize([Out]StringBuilder buf, ulong maxBufSize, ref Signature sig); + + [DllImport("bls256.dll")] public static extern int blsIdDeserialize(ref Id id, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + [DllImport("bls256.dll")] public static extern int blsSecretKeyDeserialize(ref SecretKey sec, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + [DllImport("bls256.dll")] public static extern int blsPublicKeyDeserialize(ref PublicKey pub, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + [DllImport("bls256.dll")] public static extern int blsSignatureDeserialize(ref Signature sig, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + + [DllImport("bls256.dll")] public static extern int blsIdIsEqual(ref Id lhs, ref Id rhs); + [DllImport("bls256.dll")] public static extern int blsSecretKeyIsEqual(ref SecretKey lhs, ref SecretKey rhs); + [DllImport("bls256.dll")] public static extern int blsPublicKeyIsEqual(ref PublicKey lhs, ref PublicKey rhs); + [DllImport("bls256.dll")] public static extern int blsSignatureIsEqual(ref Signature lhs, ref Signature rhs); + + // add + [DllImport("bls256.dll")] public static extern void blsSecretKeyAdd(ref SecretKey sec, ref SecretKey rhs); + [DllImport("bls256.dll")] public static extern void blsPublicKeyAdd(ref PublicKey pub, ref PublicKey rhs); + [DllImport("bls256.dll")] public static extern void blsSignatureAdd(ref Signature sig, ref Signature rhs); + + // hash buf and set + [DllImport("bls256.dll")] public static extern int blsHashToSecretKey(ref SecretKey sec, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + /* + set secretKey if system has /dev/urandom or CryptGenRandom + return 0 if success else -1 + */ + [DllImport("bls256.dll")] public static extern int blsSecretKeySetByCSPRNG(ref SecretKey sec); + + [DllImport("bls256.dll")] public static extern void blsGetPublicKey(ref PublicKey pub, ref SecretKey sec); + [DllImport("bls256.dll")] public static extern void blsGetPop(ref Signature sig, ref SecretKey sec); + + // return 0 if success + [DllImport("bls256.dll")] public static extern int blsSecretKeyShare(ref SecretKey sec, ref SecretKey msk, ulong k, ref Id id); + [DllImport("bls256.dll")] public static extern int blsPublicKeyShare(ref PublicKey pub, ref PublicKey mpk, ulong k, ref Id id); + + + [DllImport("bls256.dll")] public static extern int blsSecretKeyRecover(ref SecretKey sec, ref SecretKey secVec, ref Id idVec, ulong n); + [DllImport("bls256.dll")] public static extern int blsPublicKeyRecover(ref PublicKey pub, ref PublicKey pubVec, ref Id idVec, ulong n); + [DllImport("bls256.dll")] public static extern int blsSignatureRecover(ref Signature sig, ref Signature sigVec, ref Id idVec, ulong n); + + [DllImport("bls256.dll")] public static extern void blsSign(ref Signature sig, ref SecretKey sec, [In][MarshalAs(UnmanagedType.LPStr)] string m, ulong size); + + // return 1 if valid + [DllImport("bls256.dll")] public static extern int blsVerify(ref Signature sig, ref PublicKey pub, [In][MarshalAs(UnmanagedType.LPStr)] string m, ulong size); + [DllImport("bls256.dll")] public static extern int blsVerifyPop(ref Signature sig, ref PublicKey pub); + + ////////////////////////////////////////////////////////////////////////// + // the following apis will be removed + + // mask buf with (1 << (bitLen(r) - 1)) - 1 if buf >= r + [DllImport("bls256.dll")] public static extern int blsIdSetLittleEndian(ref Id id, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + /* + return written byte size if success else 0 + */ + [DllImport("bls256.dll")] public static extern ulong blsIdGetLittleEndian([Out]StringBuilder buf, ulong maxBufSize, ref Id id); + + // return 0 if success + // mask buf with (1 << (bitLen(r) - 1)) - 1 if buf >= r + [DllImport("bls256.dll")] public static extern int blsSecretKeySetLittleEndian(ref SecretKey sec, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + [DllImport("bls256.dll")] public static extern int blsSecretKeySetDecStr(ref SecretKey sec, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + [DllImport("bls256.dll")] public static extern int blsSecretKeySetHexStr(ref SecretKey sec, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + /* + return written byte size if success else 0 + */ + [DllImport("bls256.dll")] public static extern ulong blsSecretKeyGetLittleEndian([Out]StringBuilder buf, ulong maxBufSize, ref SecretKey sec); + /* + return strlen(buf) if success else 0 + buf is '\0' terminated + */ + [DllImport("bls256.dll")] public static extern ulong blsSecretKeyGetDecStr([Out]StringBuilder buf, ulong maxBufSize, ref SecretKey sec); + [DllImport("bls256.dll")] public static extern ulong blsSecretKeyGetHexStr([Out]StringBuilder buf, ulong maxBufSize, ref SecretKey sec); + [DllImport("bls256.dll")] public static extern int blsPublicKeySetHexStr(ref PublicKey pub, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + [DllImport("bls256.dll")] public static extern ulong blsPublicKeyGetHexStr([Out]StringBuilder buf, ulong maxBufSize, ref PublicKey pub); + [DllImport("bls256.dll")] public static extern int blsSignatureSetHexStr(ref Signature sig, [In][MarshalAs(UnmanagedType.LPStr)] string buf, ulong bufSize); + [DllImport("bls256.dll")] public static extern ulong blsSignatureGetHexStr([Out]StringBuilder buf, ulong maxBufSize, ref Signature sig); + + public static void Init() + { + const int CurveFp254BNb = 0; + if (!System.Environment.Is64BitProcess) { + throw new PlatformNotSupportedException("not 64-bit system"); + } + int err = blsInit(CurveFp254BNb, MCLBN_COMPILED_TIME_VAR); + if (err != 0) { + throw new ArgumentException("blsInit"); + } + } + + public struct Id { + private ulong v0, v1, v2, v3; + public bool IsEqual(Id rhs) + { + return blsIdIsEqual(ref this, ref rhs) != 0; + } + public void SetDecStr(String s) + { + if (blsIdSetDecStr(ref this, s, (ulong)s.Length) != 0) { + throw new ArgumentException("blsIdSetDecSt:" + s); + } + } + public void SetHexStr(String s) + { + if (blsIdSetHexStr(ref this, s, (ulong)s.Length) != 0) { + throw new ArgumentException("blsIdSetHexStr:" + s); + } + } + public void SetInt(int x) + { + blsIdSetInt(ref this, x); + } + public string GetDecStr() + { + StringBuilder sb = new StringBuilder(1024); + ulong size = blsIdGetDecStr(sb, (ulong)sb.Capacity, ref this); + if (size == 0) { + throw new ArgumentException("blsIdGetDecStr"); + } + return sb.ToString(0, (int)size); + } + public string GetHexStr() + { + StringBuilder sb = new StringBuilder(1024); + ulong size = blsIdGetHexStr(sb, (ulong)sb.Capacity, ref this); + if (size == 0) { + throw new ArgumentException("blsIdGetHexStr"); + } + return sb.ToString(0, (int)size); + } + } + public struct SecretKey { + private ulong v0, v1, v2, v3; + public bool IsEqual(SecretKey rhs) + { + return blsSecretKeyIsEqual(ref this, ref rhs) != 0; + } + public void SetHexStr(String s) + { + if (blsSecretKeySetHexStr(ref this, s, (ulong)s.Length) != 0) { + throw new ArgumentException("blsSecretKeySetHexStr:" + s); + } + } + public string GetHexStr() + { + StringBuilder sb = new StringBuilder(1024); + ulong size = blsSecretKeyGetHexStr(sb, (ulong)sb.Capacity, ref this); + if (size == 0) { + throw new ArgumentException("mclBnFr_getStr"); + } + return sb.ToString(0, (int)size); + } + public void Add(SecretKey rhs) + { + blsSecretKeyAdd(ref this, ref rhs); + } + public void SetByCSPRNG() + { + blsSecretKeySetByCSPRNG(ref this); + } + public void SetHashOf(string s) + { + if (blsHashToSecretKey(ref this, s, (ulong)s.Length) != 0) { + throw new ArgumentException("blsHashToSecretKey"); + } + } + public PublicKey GetPublicKey() + { + PublicKey pub = new PublicKey(); + blsGetPublicKey(ref pub, ref this); + return pub; + } + public Signature Signature(String m) + { + Signature Signature = new Signature(); + blsSign(ref Signature, ref this, m, (ulong)m.Length); + return Signature; + } + } + // secretKey = sum_{i=0}^{msk.Length - 1} msk[i] * id^i + public static SecretKey ShareSecretKey(SecretKey[] msk, Id id) + { + SecretKey sec = new SecretKey(); + if (blsSecretKeyShare(ref sec, ref msk[0], (ulong)msk.Length, ref id) != 0) { + throw new ArgumentException("GetSecretKeyForId:" + id.ToString()); + } + return sec; + } + public static SecretKey RecoverSecretKey(SecretKey[] secs, Id[] ids) + { + SecretKey sec = new SecretKey(); + if (blsSecretKeyRecover(ref sec, ref secs[0], ref ids[0], (ulong)secs.Length) != 0) { + throw new ArgumentException("Recover"); + } + return sec; + } + public struct PublicKey { + private ulong v00, v01, v02, v03, v04, v05, v06, v07, v08, v09, v10, v11; + private ulong v12, v13, v14, v15, v16, v17, v18, v19, v20, v21, v22, v23; + public bool IsEqual(PublicKey rhs) + { + return blsPublicKeyIsEqual(ref this, ref rhs) != 0; + } + public void SetStr(String s) + { + if (blsPublicKeySetHexStr(ref this, s, (ulong)s.Length) != 0) { + throw new ArgumentException("blsPublicKeySetStr:" + s); + } + } + public string GetHexStr() + { + StringBuilder sb = new StringBuilder(1024); + ulong size = blsPublicKeyGetHexStr(sb, (ulong)sb.Capacity, ref this); + if (size == 0) { + throw new ArgumentException("blsPublicKeyGetStr"); + } + return sb.ToString(0, (int)size); + } + public void Add(PublicKey rhs) + { + blsPublicKeyAdd(ref this, ref rhs); + } + public bool Verify(Signature Signature, string m) + { + return blsVerify(ref Signature, ref this, m, (ulong)m.Length) == 1; + } + } + // publicKey = sum_{i=0}^{mpk.Length - 1} mpk[i] * id^i + public static PublicKey SharePublicKey(PublicKey[] mpk, Id id) + { + PublicKey pub = new PublicKey(); + if (blsPublicKeyShare(ref pub, ref mpk[0], (ulong)mpk.Length, ref id) != 0) { + throw new ArgumentException("GetPublicKeyForId:" + id.ToString()); + } + return pub; + } + public static PublicKey RecoverPublicKey(PublicKey[] pubs, Id[] ids) + { + PublicKey pub = new PublicKey(); + if (blsPublicKeyRecover(ref pub, ref pubs[0], ref ids[0], (ulong)pubs.Length) != 0) { + throw new ArgumentException("Recover"); + } + return pub; + } + public struct Signature { + private ulong v00, v01, v02, v03, v04, v05, v06, v07, v08, v09, v10, v11; + public bool IsEqual(Signature rhs) + { + return blsSignatureIsEqual(ref this, ref rhs) != 0; + } + public void SetStr(String s) + { + if (blsSignatureSetHexStr(ref this, s, (ulong)s.Length) != 0) { + throw new ArgumentException("blsSignatureSetStr:" + s); + } + } + public string GetHexStr() + { + StringBuilder sb = new StringBuilder(1024); + ulong size = blsSignatureGetHexStr(sb, (ulong)sb.Capacity, ref this); + if (size == 0) { + throw new ArgumentException("blsSignatureGetStr"); + } + return sb.ToString(0, (int)size); + } + public void Add(Signature rhs) + { + blsSignatureAdd(ref this, ref rhs); + } + } + public static Signature RecoverSign(Signature[] signs, Id[] ids) + { + Signature Signature = new Signature(); + if (blsSignatureRecover(ref Signature, ref signs[0], ref ids[0], (ulong)signs.Length) != 0) { + throw new ArgumentException("Recover"); + } + return Signature; + } + } +} diff --git a/vendor/github.com/dexon-foundation/bls/ffi/cs/bls256.csproj b/vendor/github.com/dexon-foundation/bls/ffi/cs/bls256.csproj new file mode 100644 index 000000000..032a1d347 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/ffi/cs/bls256.csproj @@ -0,0 +1,62 @@ +<?xml version="1.0" encoding="utf-8"?> +<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> + <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> + <PropertyGroup> + <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> + <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> + <ProjectGuid>{E9D06B1B-EA22-4EF4-BA4B-422F7625966C}</ProjectGuid> + <OutputType>Exe</OutputType> + <AppDesignerFolder>Properties</AppDesignerFolder> + <RootNamespace>bls256</RootNamespace> + <AssemblyName>bls256</AssemblyName> + <TargetFrameworkVersion>v4.5.2</TargetFrameworkVersion> + <FileAlignment>512</FileAlignment> + <AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects> + </PropertyGroup> + <PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Debug|x64'"> + <DebugSymbols>true</DebugSymbols> + <OutputPath>..\..\bin\</OutputPath> + <DefineConstants>DEBUG;TRACE</DefineConstants> + <AllowUnsafeBlocks>false</AllowUnsafeBlocks> + <DebugType>full</DebugType> + <PlatformTarget>x64</PlatformTarget> + <ErrorReport>prompt</ErrorReport> + <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet> + </PropertyGroup> + <PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Release|x64'"> + <OutputPath>..\..\bin\</OutputPath> + <DefineConstants>TRACE</DefineConstants> + <Optimize>true</Optimize> + <DebugType>pdbonly</DebugType> + <PlatformTarget>x64</PlatformTarget> + <ErrorReport>prompt</ErrorReport> + <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet> + <Prefer32Bit>true</Prefer32Bit> + </PropertyGroup> + <ItemGroup> + <Reference Include="System" /> + <Reference Include="System.Core" /> + <Reference Include="System.Xml.Linq" /> + <Reference Include="System.Data.DataSetExtensions" /> + <Reference Include="Microsoft.CSharp" /> + <Reference Include="System.Data" /> + <Reference Include="System.Net.Http" /> + <Reference Include="System.Xml" /> + </ItemGroup> + <ItemGroup> + <Compile Include="bls256.cs" /> + <Compile Include="bls256_test.cs" /> + <Compile Include="Properties\AssemblyInfo.cs" /> + </ItemGroup> + <ItemGroup> + <None Include="App.config" /> + </ItemGroup> + <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" /> + <!-- To modify your build process, add your task inside one of the targets below and uncomment it. + Other similar extension points exist, see Microsoft.Common.targets. + <Target Name="BeforeBuild"> + </Target> + <Target Name="AfterBuild"> + </Target> + --> +</Project>
\ No newline at end of file diff --git a/vendor/github.com/dexon-foundation/bls/ffi/cs/bls256.sln b/vendor/github.com/dexon-foundation/bls/ffi/cs/bls256.sln new file mode 100644 index 000000000..eb29af97b --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/ffi/cs/bls256.sln @@ -0,0 +1,22 @@ + +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio 14 +VisualStudioVersion = 14.0.25420.1 +MinimumVisualStudioVersion = 10.0.40219.1 +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBD}") = "bls256", "bls256.csproj", "{E9D06B1B-EA22-4EF4-BA4B-422F7625966C}" +EndProject +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|x64 = Debug|x64 + Release|x64 = Release|x64 + EndGlobalSection + GlobalSection(ProjectConfigurationPlatforms) = postSolution + {E9D06B1B-EA22-4EF4-BA4B-422F7625966C}.Debug|x64.ActiveCfg = Debug|x64 + {E9D06B1B-EA22-4EF4-BA4B-422F7625966C}.Debug|x64.Build.0 = Debug|x64 + {E9D06B1B-EA22-4EF4-BA4B-422F7625966C}.Release|x64.ActiveCfg = Release|x64 + {E9D06B1B-EA22-4EF4-BA4B-422F7625966C}.Release|x64.Build.0 = Release|x64 + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection +EndGlobal diff --git a/vendor/github.com/dexon-foundation/bls/ffi/cs/bls256_test.cs b/vendor/github.com/dexon-foundation/bls/ffi/cs/bls256_test.cs new file mode 100644 index 000000000..989993e0f --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/ffi/cs/bls256_test.cs @@ -0,0 +1,126 @@ +using System; + +namespace mcl { + using static BLS256; + class BLS256Test { + static int err = 0; + static void assert(string msg, bool b) + { + if (b) return; + Console.WriteLine("ERR {0}", msg); + err++; + } + static void TestId() + { + Console.WriteLine("TestId"); + Id id = new Id(); + id.SetDecStr("255"); + assert("GetStr(10)", id.GetDecStr() == "255"); + assert("GetStr(16)", id.GetHexStr() == "ff"); + } + static void TestSecretKey() + { + Console.WriteLine("TestSecretKey"); + SecretKey sec = new SecretKey(); + sec.SetHexStr("ff"); + assert("GetHexStr()", sec.GetHexStr() == "ff"); + { + SecretKey sec2 = new SecretKey(); + sec.SetHexStr("321"); + sec2.SetHexStr("4000"); + sec.Add(sec2); + assert("sec.Add", sec.GetHexStr() == "4321"); + sec.SetByCSPRNG(); + Console.WriteLine("sec.Init={0}", sec.GetHexStr()); + } + } + static void TestPublicKey() + { + Console.WriteLine("TestPublicKey"); + SecretKey sec = new SecretKey(); + sec.SetByCSPRNG(); + PublicKey pub = sec.GetPublicKey(); + String s = pub.GetHexStr(); + Console.WriteLine("pub={0}", s); + PublicKey pub2 = new PublicKey(); + pub2.SetStr(s); + assert("pub.SetStr", pub.IsEqual(pub2)); + } + static void TestSign() + { + Console.WriteLine("TestSign"); + SecretKey sec = new SecretKey(); + sec.SetByCSPRNG(); + PublicKey pub = sec.GetPublicKey(); + String m = "abc"; + Signature sig = sec.Signature(m); + assert("verify", pub.Verify(sig, m)); + assert("not verify", !pub.Verify(sig, m + "a")); + } + static void TestSharing() + { + Console.WriteLine("TestSharing"); + int k = 5; + SecretKey[] msk = new SecretKey[k]; + PublicKey[] mpk = new PublicKey[k]; + // make master secretkey + for (int i = 0; i < k; i++) { + msk[i].SetByCSPRNG(); + mpk[i] = msk[i].GetPublicKey(); + } + int n = 30; + Id[] ids = new Id[n]; + SecretKey[] secs = new SecretKey[n]; + PublicKey[] pubs = new PublicKey[n]; + for (int i = 0; i < n; i++) { + ids[i].SetInt(i * i + 123); + secs[i] = ShareSecretKey(msk, ids[i]); + pubs[i] = SharePublicKey(mpk, ids[i]); + assert("share publicKey", secs[i].GetPublicKey().IsEqual(pubs[i])); + } + string m = "doremi"; + for (int i = 0; i < n; i++) { + Signature Signature = secs[i].Signature(m); + assert("Signature.Verify", pubs[i].Verify(Signature, m)); + } + { + int[] idxTbl = { 0, 2, 5, 8, 10 }; + assert("idxTbl.Length=k", idxTbl.Length == k); + Id[] subIds = new Id[k]; + SecretKey[] subSecs = new SecretKey[k]; + PublicKey[] subPubs = new PublicKey[k]; + Signature[] subSigns = new Signature[k]; + for (int i = 0; i < k; i++) { + int idx = idxTbl[i]; + subIds[i] = ids[idx]; + subSecs[i] = secs[idx]; + subPubs[i] = pubs[idx]; + subSigns[i] = secs[idx].Signature(m); + } + SecretKey sec = RecoverSecretKey(subSecs, subIds); + PublicKey pub = RecoverPublicKey(subPubs, subIds); + assert("check pub", pub.IsEqual(sec.GetPublicKey())); + Signature Signature = RecoverSign(subSigns, subIds); + assert("Signature.verify", pub.Verify(Signature, m)); + } + } + static void Main(string[] args) + { + try { + Init(); + TestId(); + TestSecretKey(); + TestPublicKey(); + TestSign(); + TestSharing(); + if (err == 0) { + Console.WriteLine("all tests succeed"); + } else { + Console.WriteLine("err={0}", err); + } + } catch (Exception e) { + Console.WriteLine("ERR={0}", e); + } + } + } +} diff --git a/vendor/github.com/dexon-foundation/bls/ffi/cs/bls_test.cs b/vendor/github.com/dexon-foundation/bls/ffi/cs/bls_test.cs new file mode 100644 index 000000000..2eb451ba9 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/ffi/cs/bls_test.cs @@ -0,0 +1,176 @@ +using System; + +namespace mcl +{ + using static BLS; + class BLSTest + { + static int err = 0; + static void assert(string msg, bool b) { + if (b) return; + Console.WriteLine("ERR {0}", msg); + err++; + } + static void TestId() { + Console.WriteLine("TestId"); + Id id1; + id1.SetDecStr("255"); + assert("GetStr(10)", id1.GetDecStr() == "255"); + assert("GetStr(16)", id1.GetHexStr() == "ff"); + Id id2; + id2.SetInt(255); + assert("IsEqual", id1.IsEqual(id2)); + } + static void TestSecretKey() { + Console.WriteLine("TestSecretKey"); + SecretKey sec; + sec.SetHexStr("ff"); + assert("GetHexStr()", sec.GetHexStr() == "ff"); + { + SecretKey sec2; + sec.SetHexStr("321"); + sec2.SetHexStr("4000"); + sec.Add(sec2); + assert("sec.Add", sec.GetHexStr() == "4321"); + sec.SetByCSPRNG(); + Console.WriteLine("sec.Init={0}", sec.GetHexStr()); + } + { + SecretKey sec2; + byte[] buf = sec.Serialize(); + sec2.Deserialize(buf); + assert("serialize", sec2.IsEqual(sec)); + } + } + static void TestPublicKey() { + Console.WriteLine("TestPublicKey"); + SecretKey sec; + sec.SetByCSPRNG(); + PublicKey pub = sec.GetPublicKey(); + string s = pub.GetHexStr(); + Console.WriteLine("pub={0}", s); + { + PublicKey pub2; + pub2.SetStr(s); + assert("pub.SetStr", pub.IsEqual(pub2)); + } + { + PublicKey pub2; + byte[] buf = pub.Serialize(); + pub2.Deserialize(buf); + assert("serialize", pub2.IsEqual(pub)); + } + } + static void TestSign() { + Console.WriteLine("TestSign"); + SecretKey sec; + sec.SetByCSPRNG(); + PublicKey pub = sec.GetPublicKey(); + string m = "abc"; + Signature sig = sec.Sign(m); + Console.WriteLine("sig={0}", sig.GetHexStr()); + assert("verify", pub.Verify(sig, m)); + assert("not verify", !pub.Verify(sig, m + "a")); + { + Signature sig2; + byte[] buf = sig.Serialize(); + sig2.Deserialize(buf); + assert("serialize", sig2.IsEqual(sig)); + } + } + static void TestSharing() { + Console.WriteLine("TestSharing"); + int k = 5; + SecretKey[] msk = new SecretKey[k]; + PublicKey[] mpk = new PublicKey[k]; + // make master secretkey + for (int i = 0; i < k; i++) { + msk[i].SetByCSPRNG(); + mpk[i] = msk[i].GetPublicKey(); + } + int n = 30; + Id[] ids = new Id[n]; + SecretKey[] secs = new SecretKey[n]; + PublicKey[] pubs = new PublicKey[n]; + for (int i = 0; i < n; i++) { + ids[i].SetInt(i * i + 123); + secs[i] = ShareSecretKey(msk, ids[i]); + pubs[i] = SharePublicKey(mpk, ids[i]); + assert("share publicKey", secs[i].GetPublicKey().IsEqual(pubs[i])); + } + string m = "doremi"; + for (int i = 0; i < n; i++) { + Signature Signature = secs[i].Sign(m); + assert("Signature.Verify", pubs[i].Verify(Signature, m)); + } + { + int[] idxTbl = { 0, 2, 5, 8, 10 }; + assert("idxTbl.Length=k", idxTbl.Length == k); + Id[] subIds = new Id[k]; + SecretKey[] subSecs = new SecretKey[k]; + PublicKey[] subPubs = new PublicKey[k]; + Signature[] subSigns = new Signature[k]; + for (int i = 0; i < k; i++) { + int idx = idxTbl[i]; + subIds[i] = ids[idx]; + subSecs[i] = secs[idx]; + subPubs[i] = pubs[idx]; + subSigns[i] = secs[idx].Sign(m); + } + SecretKey sec = RecoverSecretKey(subSecs, subIds); + PublicKey pub = RecoverPublicKey(subPubs, subIds); + assert("check pub", pub.IsEqual(sec.GetPublicKey())); + Signature Signature = RecoverSign(subSigns, subIds); + assert("Signature.verify", pub.Verify(Signature, m)); + } + } + static void TestAggregate() { + Console.WriteLine("TestAggregate"); + const int n = 10; + const string m = "abc"; + SecretKey[] secVec = new SecretKey[n]; + PublicKey[] pubVec = new PublicKey[n]; + Signature[] popVec = new Signature[n]; + Signature[] sigVec = new Signature[n]; + for (int i = 0; i < n; i++) { + secVec[i].SetByCSPRNG(); + pubVec[i] = secVec[i].GetPublicKey(); + popVec[i] = secVec[i].GetPop(); + sigVec[i] = secVec[i].Sign(m); + } + SecretKey secAgg; + PublicKey pubAgg; + Signature sigAgg; + for (int i = 0; i < n; i++) { + secAgg.Add(secVec[i]); + assert("verify pop", pubVec[i].VerifyPop(popVec[i])); + pubAgg.Add(pubVec[i]); + sigAgg.Add(sigVec[i]); + } + assert("aggregate sec", secAgg.Sign(m).IsEqual(sigAgg)); + assert("aggregate", pubAgg.Verify(sigAgg, m)); + } + static void Main(string[] args) { + try { + int[] curveTypeTbl = { BN254, BLS12_381 }; + foreach (int curveType in curveTypeTbl) { + Console.WriteLine("curveType={0}", curveType); + Init(curveType); + TestId(); + TestSecretKey(); + TestPublicKey(); + TestSign(); + TestSharing(); + TestAggregate(); + if (err == 0) { + Console.WriteLine("all tests succeed"); + } else { + Console.WriteLine("err={0}", err); + } + } + } catch (Exception e) { + Console.WriteLine("ERR={0}", e); + } + } + } +} diff --git a/vendor/github.com/dexon-foundation/bls/ffi/cs/readme-ja.md b/vendor/github.com/dexon-foundation/bls/ffi/cs/readme-ja.md new file mode 100644 index 000000000..199135725 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/ffi/cs/readme-ja.md @@ -0,0 +1,188 @@ +# BLS署名のC#バインディング + +# 必要環境 + +* Visual Studio 2017(x64) or later +* C# 7.2 or later +* .NET Framework 4.5.2 or later + +# DLLのビルド方法 + +Visual Studio 2017の64bit用コマンドプロンプトを開いて +``` +md work +cd work +git clone https://github.com/herumi/cybozulib_ext +git clone https://github.com/herumi/mcl +git clone https://github.com/herumi/bls +cd bls +mklib dll +``` +`bls/bin/*.dll`が作成される。 + +# サンプルのビルド方法 + +bls/ffi/cs/bls.slnを開いて実行する。 + +* 注意 bls256.slnは古いため使わないでください。 + +# クラスとAPI + +## API + +* `Init(int curveType = BN254);` + * ライブラリを曲線curveTypeで初期化する。 + * curveType = BN254 or BLS12_381 +* `SecretKey ShareSecretKey(in SecretKey[] msk, in Id id);` + * マスター秘密鍵の列mskに対するidの秘密鍵を生成(共有)する。 +* `SecretKey RecoverSecretKey(in SecretKey[] secVec, in Id[] idVec);` + * 秘密鍵secVecとID idVecのペアから秘密鍵を復元する。 +* `PublicKey SharePublicKey(in PublicKey[] mpk, in Id id);` + * マスター公開鍵の列mpkに対するidの公開鍵を生成(共有)する。 +* `PublicKey RecoverPublicKey(in PublicKey[] pubVec, in Id[] idVec);` + * 公開鍵pubVecとID idVecのペアから公開鍵を復元する。 +* `Signature RecoverSign(in Signature[] sigVec, in Id[] idVec);` + * 署名sigVecとID idVecのペアから署名を復元する。 + +## Id + +識別子クラス + +* `byte[] Serialize();` + * Idをシリアライズする。 +* `void Deserialize(byte[] buf);` + * バイト列bufからIdをデシリアライズする。 +* `bool IsEqual(in Id rhs);` + * 同値判定。 +* `void SetDecStr(string s);` + * 10進数文字列を設定する。 +* `void SetHexStr(string s);` + * 16進数文字列を設定する。 +* `void SetInt(int x);` + * 整数xを設定する。 +* `string GetDecStr();` + * 10進数表記を取得する。 +* `string GetHexStr();` + * 16進数表記を取得する。 + +## SecretKey + +* `byte[] Serialize();` + * Idをシリアライズする。 +* `void Deserialize(byte[] buf);` + * バイト列bufからSecretKeyをデシリアライズする。 +* `bool IsEqual(in SecretKey rhs);` + * 同値判定。 +* `void SetHexStr(string s);` + * 16進数文字列を設定する。 +* `string GetHexStr();` + * 16進数表記を取得する。 +* `void Add(in SecretKey rhs);` + * 秘密鍵rhsを加算する。 +* `void SetByCSPRNG();` + * 暗号学的乱数で設定する。 +* `void SetHashOf(string s);` + * 文字列sのハッシュ値を設定する。 +* `PublicKey GetPublicKey();` + * 対応する公開鍵を取得する。 +* `Signature Sign(string m);` + * 文字列mの署名を生成する。 +* `Signature GetPop();` + * 自身の秘密鍵による署名(Proof Of Posession)を生成する。 + +## PublicKey + +* `byte[] Serialize();` + * PublicKeyをシリアライズする。 +* `void Deserialize(byte[] buf);` + * バイト列bufからPublicKeyをデシリアライズする。 +* `bool IsEqual(in PublicKey rhs);` + * 同値判定。 +* `void Add(in PublicKey rhs);` + * 公開鍵rhsを加算する。 +* `void SetHexStr(string s);` + * 16進数文字列を設定する。 +* `string GetHexStr();` + * 16進数表記を取得する。 +* `bool Verify(in Signature sig, string m);` + * 文字列mに対する署名sigの正当性を確認する。 +* `bool VerifyPop(in Signature pop);` + * PoPの正当性を確認する。 + +## Signature + +* `byte[] Serialize();` + * Signatureをシリアライズする。 +* `void Deserialize(byte[] buf);` + * バイト列bufからSignatureをデシリアライズする。 +* `bool IsEqual(in Signature rhs);` + * 同値判定。 +* `void Add(in Signature rhs);` + * 署名rhsを加算する。 +* `void SetHexStr(string s);` + * 16進数文字列を設定する。 +* `string GetHexStr();` + * 16進数表記を取得する。 + +## 使い方 + +### 最小サンプル + +``` +using static BLS; + +Init(BN254); // ライブラリ初期化 +SecretKey sec; +sec.SetByCSPRNG(); // 秘密鍵の初期化 +PublicKey pub = sec.GetPublicKey(); // 公開鍵の取得 +string m = "abc"; +Signature sig = sec.Sign(m); // 署名の作成 +if (pub.Verify(sig, m))) { + // 署名の確認 +} +``` + +### 集約署名 +``` +Init(BN254); // ライブラリ初期化 +const int n = 10; +const string m = "abc"; +SecretKey[] secVec = new SecretKey[n]; +PublicKey[] pubVec = new PublicKey[n]; +Signature[] popVec = new Signature[n]; +Signature[] sigVec = new Signature[n]; + +for (int i = 0; i < n; i++) { + secVec[i].SetByCSPRNG(); // 秘密鍵の初期化 + pubVec[i] = secVec[i].GetPublicKey(); // 公開鍵の取得 + popVec[i] = secVec[i].GetPop(); // 所有(PoP)の証明 + sigVec[i] = secVec[i].Sign(m); // 署名 +} + +SecretKey secAgg; +PublicKey pubAgg; +Signature sigAgg; +for (int i = 0; i < n; i++) { + // PoPの確認 + if (pubVec[i].VerifyPop(popVec[i]))) { + // エラー + return; + } + pubAgg.Add(pubVec[i]); // 公開鍵の集約 + sigAgg.Add(sigVec[i]); // 署名の集約 +} +if (pubAgg.Verify(sigAgg, m)) { + // 署名の確認 +} +``` + +# ライセンス + +modified new BSD License +http://opensource.org/licenses/BSD-3-Clause + +# 著者 + +(C)2019 光成滋生 MITSUNARI Shigeo(herumi@nifty.com) All rights reserved. +本コンテンツの著作権、および本コンテンツ中に出てくる商標権、団体名、ロゴ、製品、 +サービスなどはそれぞれ、各権利保有者に帰属します diff --git a/vendor/github.com/dexon-foundation/bls/ffi/cs/readme.md b/vendor/github.com/dexon-foundation/bls/ffi/cs/readme.md new file mode 100644 index 000000000..2b7191871 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/ffi/cs/readme.md @@ -0,0 +1,185 @@ +# C# binding of BLS threshold signature library + +# Installation Requirements + +* Visual Studio 2017 or later +* C# 7.2 or later +* .NET Framework 4.5.2 or later + +# How to build + +``` +md work +cd work +git clone https://github.com/herumi/cybozulib_ext +git clone https://github.com/herumi/mcl +git clone https://github.com/herumi/bls +cd bls +mklib dll +``` +bls/bin/*.dll are created + +# How to build a sample + +Open bls/ffi/cs/bls.sln and exec it. + +* Remark. bls256 is obsolete. Please use bls.sln. + +# class and API + +## API + +* `Init(int curveType = BN254);` + * initialize this library with a curve `curveType`. + * curveType = BN254 or BLS12_381 +* `SecretKey ShareSecretKey(in SecretKey[] msk, in Id id);` + * generate the shared secret key from a sequence of master secret keys msk and Id. +* `SecretKey RecoverSecretKey(in SecretKey[] secVec, in Id[] idVec);` + * recover the secret key from a sequence of secret keys secVec and idVec. +* `PublicKey SharePublicKey(in PublicKey[] mpk, in Id id);` + * generate the shared public key from a sequence of master public keys mpk and Id. +* `PublicKey RecoverPublicKey(in PublicKey[] pubVec, in Id[] idVec);` + * recover the public key from a sequence of public keys pubVec and idVec. +* `Signature RecoverSign(in Signature[] sigVec, in Id[] idVec);` + * recover the signature from a sequence of signatures siVec and idVec. + +## Id + +Identifier class + +* `byte[] Serialize();` + * serialize Id +* `void Deserialize(byte[] buf);` + * deserialize from byte[] buf +* `bool IsEqual(in Id rhs);` + * equality +* `void SetDecStr(string s);` + * set by a decimal string s +* `void SetHexStr(string s);` + * set by a hexadecimal string s +* `void SetInt(int x);` + * set an integer x +* `string GetDecStr();` + * get a decimal string +* `string GetHexStr();` + * get a hexadecimal string + +## SecretKey + +* `byte[] Serialize();` + * serialize SecretKey +* `void Deserialize(byte[] buf);` + * deserialize from byte[] buf +* `bool IsEqual(in SecretKey rhs);` + * equality +* `string GetDecStr();` + * get a decimal string +* `string GetHexStr();` + * get a hexadecimal string +* `void Add(in SecretKey rhs);` + * add a secret key rhs +* `void SetByCSPRNG();` + * set a secret key by cryptographically secure pseudo random number generator +* `void SetHashOf(string s);` + * set a secret key by a hash of string s +* `PublicKey GetPublicKey();` + * get the corresponding public key to a secret key +* `Signature Sign(string m);` + * sign a string m +* `Signature GetPop();` + * get a PoP (Proof Of Posession) for a secret key + +## PublicKey + +* `byte[] Serialize();` + * serialize PublicKey +* `void Deserialize(byte[] buf);` + * deserialize from byte[] buf +* `bool IsEqual(in PublicKey rhs);` + * equality +* `void Add(in PublicKey rhs);` + * add a public key rhs +* `string GetDecStr();` + * get a decimal string +* `string GetHexStr();` + * get a hexadecimal string +* `bool Verify(in Signature sig, string m);` + * verify the validness of the sig with m +* `bool VerifyPop(in Signature pop);` + * verify the validness of PoP + +## Signature + +* `byte[] Serialize();` + * serialize Signature +* `void Deserialize(byte[] buf);` + * deserialize from byte[] buf +* `bool IsEqual(in Signature rhs);` + * equality +* `void Add(in Signature rhs);` + * add a signature key rhs +* `string GetDecStr();` + * get a decimal string +* `string GetHexStr();` + * get a hexadecimal string + +## How to use + +### A minimum sample + +``` +using static BLS; + +Init(BN254); // init library +SecretKey sec; +sec.SetByCSPRNG(); // init secret key +PublicKey pub = sec.GetPublicKey(); // get public key +string m = "abc"; +Signature sig = sec.Sign(m); // create signature +if (pub.Verify(sig, m))) { + // signature is verified +} +``` + +### Aggregate signature +``` +Init(BN254); // init library +const int n = 10; +const string m = "abc"; +SecretKey[] secVec = new SecretKey[n]; +PublicKey[] pubVec = new PublicKey[n]; +Signature[] popVec = new Signature[n]; +Signature[] sigVec = new Signature[n]; + +for (int i = 0; i < n; i++) { + secVec[i].SetByCSPRNG(); // init secret key + pubVec[i] = secVec[i].GetPublicKey(); // get public key + popVec[i] = secVec[i].GetPop(); // get a proof of Possesion (PoP) + sigVec[i] = secVec[i].Sign(m); // create signature +} + +SecretKey secAgg; +PublicKey pubAgg; +Signature sigAgg; +for (int i = 0; i < n; i++) { + // verify PoP + if (pubVec[i].VerifyPop(popVec[i]))) { + // error + return; + } + pubAgg.Add(pubVec[i]); // aggregate public key + sigAgg.Add(sigVec[i]); // aggregate signature +} +if (pubAgg.Verify(sigAgg, m)) { + // aggregated signature is verified +} +``` + +# License + +modified new BSD License +http://opensource.org/licenses/BSD-3-Clause + +# Author + +(C)2019 MITSUNARI Shigeo(herumi@nifty.com) All rights reserved. diff --git a/vendor/github.com/dexon-foundation/bls/ffi/go/bls/bls.go b/vendor/github.com/dexon-foundation/bls/ffi/go/bls/bls.go index 5123a07e6..c83a4e658 100644 --- a/vendor/github.com/dexon-foundation/bls/ffi/go/bls/bls.go +++ b/vendor/github.com/dexon-foundation/bls/ffi/go/bls/bls.go @@ -1,16 +1,25 @@ package bls /* -#cgo CFLAGS:-I../../../include -I../../../../mcl/include/ -#cgo LDFLAGS:${SRCDIR}/../../../lib/libbls384.a ${SRCDIR}/../../../../mcl/lib/libmcl.a -lgmpxx -lgmp -lstdc++ -#cgo CFLAGS:-DMCLBN_FP_UNIT_SIZE=6 -#cgo pkg-config: libcrypto -#cgo static pkg-config: --static +#cgo bn256 CFLAGS:-DMCLBN_FP_UNIT_SIZE=4 +#cgo bn256 LDFLAGS:${SRCDIR}/../../../lib/libbls256.a +#cgo bn384 CFLAGS:-DMCLBN_FP_UNIT_SIZE=6 +#cgo bn384 LDFLAGS:${SRCDIR}/../../../lib/libbls384.a +#cgo bn384_256 CFLAGS:-DMCLBN_FP_UNIT_SIZE=6 -DMCLBN_FR_UNIT_SIZE=4 +#cgo bn384_256 LDFLAGS:${SRCDIR}/../../../lib/libbls384_256.a +#cgo !bn256,!bn384,!bn384_256 CFLAGS:-DMCLBN_FP_UNIT_SIZE=6 +#cgo !bn256,!bn384,!bn384_256 LDFLAGS:${SRCDIR}/../../../lib/libbls384.a +#cgo CFLAGS:-I${SRCDIR}/../../../include -I${SRCDIR}/../../../../mcl/include +#cgo LDFLAGS:${SRCDIR}/../../../../mcl/lib/libmcl.a -lgmpxx -lgmp +#cgo linux LDFLAGS:-static +typedef unsigned int (*ReadRandFunc)(void *, void *, unsigned int); +int wrapReadRandCgo(void *self, void *buf, unsigned int n); #include <bls/bls.h> */ import "C" import "fmt" import "unsafe" +import "io" import "encoding/json" // Init -- @@ -67,6 +76,9 @@ func (id *ID) SetDecString(s string) error { // IsEqual -- func (id *ID) IsEqual(rhs *ID) bool { + if id == nil || rhs == nil { + return false + } return id.v.IsEqual(&rhs.v) } @@ -146,6 +158,9 @@ func (sec *SecretKey) SetDecString(s string) error { // IsEqual -- func (sec *SecretKey) IsEqual(rhs *SecretKey) bool { + if sec == nil || rhs == nil { + return false + } return sec.v.IsEqual(&rhs.v) } @@ -264,6 +279,9 @@ func (pub *PublicKey) SetHexString(s string) error { // IsEqual -- func (pub *PublicKey) IsEqual(rhs *PublicKey) bool { + if pub == nil || rhs == nil { + return false + } return pub.v.IsEqual(&rhs.v) } @@ -350,6 +368,9 @@ func (sign *Sign) SetHexString(s string) error { // IsEqual -- func (sign *Sign) IsEqual(rhs *Sign) bool { + if sign == nil || rhs == nil { + return false + } return sign.v.IsEqual(&rhs.v) } @@ -389,6 +410,9 @@ func (sign *Sign) Verify(pub *PublicKey, m string) bool { // VerifyPop -- func (sign *Sign) VerifyPop(pub *PublicKey) bool { + if pub.getPointer() == nil { + return false + } return C.blsVerifyPop(sign.getPointer(), pub.getPointer()) == 1 } @@ -420,3 +444,96 @@ func DHKeyExchange(sec *SecretKey, pub *PublicKey) (out PublicKey) { C.blsDHKeyExchange(out.getPointer(), sec.getPointer(), pub.getPointer()) return out } + +// HashAndMapToSignature -- +func HashAndMapToSignature(buf []byte) *Sign { + sig := new(Sign) + err := sig.v.HashAndMapTo(buf) + if err == nil { + return sig + } else { + return nil + } +} + +// VerifyPairing -- +func VerifyPairing(X *Sign, Y *Sign, pub *PublicKey) bool { + if X.getPointer() == nil || Y.getPointer() == nil || pub.getPointer() == nil { + return false + } + return C.blsVerifyPairing(X.getPointer(), Y.getPointer(), pub.getPointer()) == 1 +} + +// SignHash -- +func (sec *SecretKey) SignHash(hash []byte) (sign *Sign) { + sign = new(Sign) + // #nosec + err := C.blsSignHash(sign.getPointer(), sec.getPointer(), unsafe.Pointer(&hash[0]), C.size_t(len(hash))) + if err == 0 { + return sign + } else { + return nil + } +} + +// VerifyHash -- +func (sign *Sign) VerifyHash(pub *PublicKey, hash []byte) bool { + if pub.getPointer() == nil { + return false + } + // #nosec + return C.blsVerifyHash(sign.getPointer(), pub.getPointer(), unsafe.Pointer(&hash[0]), C.size_t(len(hash))) == 1 +} + +func Min(x, y int) int { + if x < y { + return x + } + return y +} + +// VerifyAggregateHashes -- +func (sign *Sign) VerifyAggregateHashes(pubVec []PublicKey, hash [][]byte) bool { + hashByte := GetOpUnitSize() * 8 + n := len(hash) + h := make([]byte, n*hashByte) + for i := 0; i < n; i++ { + hn := len(hash[i]) + copy(h[i*hashByte:(i+1)*hashByte], hash[i][0:Min(hn, hashByte)]) + } + if pubVec[0].getPointer() == nil { + return false + } + return C.blsVerifyAggregatedHashes(sign.getPointer(), pubVec[0].getPointer(), unsafe.Pointer(&h[0]), C.size_t(hashByte), C.size_t(n)) == 1 +} + +/// + +var s_randReader io.Reader + +func createSlice(buf *C.char, n C.uint) []byte { + size := int(n) + return (*[1 << 30]byte)(unsafe.Pointer(buf))[:size:size] +} + +// this function can't be put in callback.go +//export wrapReadRandGo +func wrapReadRandGo(buf *C.char, n C.uint) C.uint { + slice := createSlice(buf, n) + ret, err := s_randReader.Read(slice) + if ret == int(n) && err == nil { + return n + } + return 0 +} + +// SetRandFunc -- +func SetRandFunc(randReader io.Reader) { + s_randReader = randReader + if randReader != nil { + C.blsSetRandFunc(nil, C.ReadRandFunc(unsafe.Pointer(C.wrapReadRandCgo))) + } else { + // use default random generator + C.blsSetRandFunc(nil, C.ReadRandFunc(unsafe.Pointer(nil))) + } +} diff --git a/vendor/github.com/dexon-foundation/bls/ffi/go/bls/bls_test.go b/vendor/github.com/dexon-foundation/bls/ffi/go/bls/bls_test.go new file mode 100644 index 000000000..a13ee02f4 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/ffi/go/bls/bls_test.go @@ -0,0 +1,690 @@ +package bls + +import "testing" +import "strconv" +import "crypto/sha256" +import "crypto/sha512" +import "fmt" +import "crypto/rand" + +var unitN = 0 + +// Tests (for Benchmarks see below) + +func testPre(t *testing.T) { + t.Log("init") + { + var id ID + err := id.SetLittleEndian([]byte{6, 5, 4, 3, 2, 1}) + if err != nil { + t.Error(err) + } + t.Log("id :", id.GetHexString()) + var id2 ID + err = id2.SetHexString(id.GetHexString()) + if err != nil { + t.Fatal(err) + } + if !id.IsEqual(&id2) { + t.Errorf("not same id\n%s\n%s", id.GetHexString(), id2.GetHexString()) + } + err = id2.SetDecString(id.GetDecString()) + if err != nil { + t.Fatal(err) + } + if !id.IsEqual(&id2) { + t.Errorf("not same id\n%s\n%s", id.GetDecString(), id2.GetDecString()) + } + } + { + var sec SecretKey + err := sec.SetLittleEndian([]byte{1, 2, 3, 4, 5, 6}) + if err != nil { + t.Error(err) + } + t.Log("sec=", sec.GetHexString()) + } + + t.Log("create secret key") + m := "this is a bls sample for go" + var sec SecretKey + sec.SetByCSPRNG() + t.Log("sec:", sec.GetHexString()) + t.Log("create public key") + pub := sec.GetPublicKey() + t.Log("pub:", pub.GetHexString()) + sign := sec.Sign(m) + t.Log("sign:", sign.GetHexString()) + if !sign.Verify(pub, m) { + t.Error("Signature does not verify") + } + + // How to make array of SecretKey + { + sec := make([]SecretKey, 3) + for i := 0; i < len(sec); i++ { + sec[i].SetByCSPRNG() + t.Log("sec=", sec[i].GetHexString()) + } + } +} + +func testStringConversion(t *testing.T) { + t.Log("testRecoverSecretKey") + var sec SecretKey + var s string + if unitN == 6 { + s = "16798108731015832284940804142231733909759579603404752749028378864165570215949" + } else { + s = "40804142231733909759579603404752749028378864165570215949" + } + err := sec.SetDecString(s) + if err != nil { + t.Fatal(err) + } + if s != sec.GetDecString() { + t.Error("not equal") + } + s = sec.GetHexString() + var sec2 SecretKey + err = sec2.SetHexString(s) + if err != nil { + t.Fatal(err) + } + if !sec.IsEqual(&sec2) { + t.Error("not equal") + } +} + +func testRecoverSecretKey(t *testing.T) { + t.Log("testRecoverSecretKey") + k := 3000 + var sec SecretKey + sec.SetByCSPRNG() + t.Logf("sec=%s\n", sec.GetHexString()) + + // make master secret key + msk := sec.GetMasterSecretKey(k) + + n := k + secVec := make([]SecretKey, n) + idVec := make([]ID, n) + for i := 0; i < n; i++ { + err := idVec[i].SetLittleEndian([]byte{byte(i & 255), byte(i >> 8), 2, 3, 4, 5}) + if err != nil { + t.Error(err) + } + err = secVec[i].Set(msk, &idVec[i]) + if err != nil { + t.Error(err) + } + // t.Logf("idVec[%d]=%s\n", i, idVec[i].GetHexString()) + } + // recover sec2 from secVec and idVec + var sec2 SecretKey + err := sec2.Recover(secVec, idVec) + if err != nil { + t.Error(err) + } + if !sec.IsEqual(&sec2) { + t.Errorf("Mismatch in recovered secret key:\n %s\n %s.", sec.GetHexString(), sec2.GetHexString()) + } +} + +func testEachSign(t *testing.T, m string, msk []SecretKey, mpk []PublicKey) ([]ID, []SecretKey, []PublicKey, []Sign) { + idTbl := []byte{3, 5, 193, 22, 15} + n := len(idTbl) + + secVec := make([]SecretKey, n) + pubVec := make([]PublicKey, n) + signVec := make([]Sign, n) + idVec := make([]ID, n) + + for i := 0; i < n; i++ { + err := idVec[i].SetLittleEndian([]byte{idTbl[i], 0, 0, 0, 0, 0}) + if err != nil { + t.Error(err) + } + t.Logf("idVec[%d]=%s\n", i, idVec[i].GetHexString()) + + err = secVec[i].Set(msk, &idVec[i]) + if err != nil { + t.Error(err) + } + + err = pubVec[i].Set(mpk, &idVec[i]) + if err != nil { + t.Error(err) + } + t.Logf("pubVec[%d]=%s\n", i, pubVec[i].GetHexString()) + + if !pubVec[i].IsEqual(secVec[i].GetPublicKey()) { + t.Errorf("Pubkey derivation does not match\n%s\n%s", pubVec[i].GetHexString(), secVec[i].GetPublicKey().GetHexString()) + } + + signVec[i] = *secVec[i].Sign(m) + if !signVec[i].Verify(&pubVec[i], m) { + t.Error("Pubkey derivation does not match") + } + } + return idVec, secVec, pubVec, signVec +} +func testSign(t *testing.T) { + m := "testSign" + t.Log(m) + + var sec0 SecretKey + sec0.SetByCSPRNG() + pub0 := sec0.GetPublicKey() + s0 := sec0.Sign(m) + if !s0.Verify(pub0, m) { + t.Error("Signature does not verify") + } + + k := 3 + msk := sec0.GetMasterSecretKey(k) + mpk := GetMasterPublicKey(msk) + idVec, secVec, pubVec, signVec := testEachSign(t, m, msk, mpk) + + var sec1 SecretKey + err := sec1.Recover(secVec, idVec) + if err != nil { + t.Error(err) + } + if !sec0.IsEqual(&sec1) { + t.Error("Mismatch in recovered seckey.") + } + var pub1 PublicKey + err = pub1.Recover(pubVec, idVec) + if err != nil { + t.Error(err) + } + if !pub0.IsEqual(&pub1) { + t.Error("Mismatch in recovered pubkey.") + } + var s1 Sign + err = s1.Recover(signVec, idVec) + if err != nil { + t.Error(err) + } + if !s0.IsEqual(&s1) { + t.Error("Mismatch in recovered signature.") + } +} + +func testAdd(t *testing.T) { + t.Log("testAdd") + var sec1 SecretKey + var sec2 SecretKey + sec1.SetByCSPRNG() + sec2.SetByCSPRNG() + + pub1 := sec1.GetPublicKey() + pub2 := sec2.GetPublicKey() + + m := "test test" + sign1 := sec1.Sign(m) + sign2 := sec2.Sign(m) + + t.Log("sign1 :", sign1.GetHexString()) + sign1.Add(sign2) + t.Log("sign1 add:", sign1.GetHexString()) + pub1.Add(pub2) + if !sign1.Verify(pub1, m) { + t.Fail() + } +} + +func testPop(t *testing.T) { + t.Log("testPop") + var sec SecretKey + sec.SetByCSPRNG() + pop := sec.GetPop() + if !pop.VerifyPop(sec.GetPublicKey()) { + t.Errorf("Valid Pop does not verify") + } + sec.SetByCSPRNG() + if pop.VerifyPop(sec.GetPublicKey()) { + t.Errorf("Invalid Pop verifies") + } +} + +func testData(t *testing.T) { + t.Log("testData") + var sec1, sec2 SecretKey + sec1.SetByCSPRNG() + b := sec1.GetLittleEndian() + err := sec2.SetLittleEndian(b) + if err != nil { + t.Fatal(err) + } + if !sec1.IsEqual(&sec2) { + t.Error("SecretKey not same") + } + pub1 := sec1.GetPublicKey() + b = pub1.Serialize() + var pub2 PublicKey + err = pub2.Deserialize(b) + if err != nil { + t.Fatal(err) + } + if !pub1.IsEqual(&pub2) { + t.Error("PublicKey not same") + } + m := "doremi" + sign1 := sec1.Sign(m) + b = sign1.Serialize() + var sign2 Sign + err = sign2.Deserialize(b) + if err != nil { + t.Fatal(err) + } + if !sign1.IsEqual(&sign2) { + t.Error("Sign not same") + } +} + +func testSerializeToHexStr(t *testing.T) { + t.Log("testSerializeToHexStr") + var sec1, sec2 SecretKey + sec1.SetByCSPRNG() + s := sec1.SerializeToHexStr() + err := sec2.DeserializeHexStr(s) + if err != nil { + t.Fatal(err) + } + if !sec1.IsEqual(&sec2) { + t.Error("SecretKey not same") + } + pub1 := sec1.GetPublicKey() + s = pub1.SerializeToHexStr() + var pub2 PublicKey + err = pub2.DeserializeHexStr(s) + if err != nil { + t.Fatal(err) + } + if !pub1.IsEqual(&pub2) { + t.Error("PublicKey not same") + } + m := "doremi" + sign1 := sec1.Sign(m) + s = sign1.SerializeToHexStr() + var sign2 Sign + err = sign2.DeserializeHexStr(s) + if err != nil { + t.Fatal(err) + } + if !sign1.IsEqual(&sign2) { + t.Error("Sign not same") + } +} + +func testOrder(t *testing.T, c int) { + var curve string + var field string + if c == CurveFp254BNb { + curve = "16798108731015832284940804142231733909759579603404752749028378864165570215949" + field = "16798108731015832284940804142231733909889187121439069848933715426072753864723" + } else if c == CurveFp382_1 { + curve = "5540996953667913971058039301942914304734176495422447785042938606876043190415948413757785063597439175372845535461389" + field = "5540996953667913971058039301942914304734176495422447785045292539108217242186829586959562222833658991069414454984723" + } else if c == CurveFp382_2 { + curve = "5541245505022739011583672869577435255026888277144126952448297309161979278754528049907713682488818304329661351460877" + field = "5541245505022739011583672869577435255026888277144126952450651294188487038640194767986566260919128250811286032482323" + } else if c == BLS12_381 { + curve = "52435875175126190479447740508185965837690552500527637822603658699938581184513" + field = "4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272559787" + } else { + t.Fatal("bad c", c) + } + s := GetCurveOrder() + if s != curve { + t.Errorf("bad curve order\n%s\n%s\n", s, curve) + } + s = GetFieldOrder() + if s != field { + t.Errorf("bad field order\n%s\n%s\n", s, field) + } +} + +func testDHKeyExchange(t *testing.T) { + var sec1, sec2 SecretKey + sec1.SetByCSPRNG() + sec2.SetByCSPRNG() + pub1 := sec1.GetPublicKey() + pub2 := sec2.GetPublicKey() + out1 := DHKeyExchange(&sec1, pub2) + out2 := DHKeyExchange(&sec2, pub1) + if !out1.IsEqual(&out2) { + t.Errorf("DH key is not equal") + } +} + +func testPairing(t *testing.T) { + var sec SecretKey + sec.SetByCSPRNG() + pub := sec.GetPublicKey() + m := "abc" + sig1 := sec.Sign(m) + sig2 := HashAndMapToSignature([]byte(m)) + if !VerifyPairing(sig1, sig2, pub) { + t.Errorf("VerifyPairing") + } +} + +func testAggregate(t *testing.T) { + var sec SecretKey + sec.SetByCSPRNG() + pub := sec.GetPublicKey() + msgTbl := []string{"abc", "def", "123"} + n := len(msgTbl) + sigVec := make([]*Sign, n) + for i := 0; i < n; i++ { + m := msgTbl[i] + sigVec[i] = sec.Sign(m) + } + aggSign := sigVec[0] + for i := 1; i < n; i++ { + aggSign.Add(sigVec[i]) + } + hashPt := HashAndMapToSignature([]byte(msgTbl[0])) + for i := 1; i < n; i++ { + hashPt.Add(HashAndMapToSignature([]byte(msgTbl[i]))) + } + if !VerifyPairing(aggSign, hashPt, pub) { + t.Errorf("aggregate2") + } +} + +func Hash(buf []byte) []byte { + if GetOpUnitSize() == 4 { + d := sha256.Sum256([]byte(buf)) + return d[:] + } else { + // use SHA512 if bitSize > 256 + d := sha512.Sum512([]byte(buf)) + return d[:] + } +} + +func testHash(t *testing.T) { + var sec SecretKey + sec.SetByCSPRNG() + pub := sec.GetPublicKey() + m := "abc" + h := Hash([]byte(m)) + sig1 := sec.Sign(m) + sig2 := sec.SignHash(h) + if !sig1.IsEqual(sig2) { + t.Errorf("SignHash") + } + if !sig1.Verify(pub, m) { + t.Errorf("sig1.Verify") + } + if !sig2.VerifyHash(pub, h) { + t.Errorf("sig2.VerifyHash") + } +} + +func testAggregateHashes(t *testing.T) { + n := 1000 + pubVec := make([]PublicKey, n) + sigVec := make([]*Sign, n) + h := make([][]byte, n) + for i := 0; i < n; i++ { + sec := new(SecretKey) + sec.SetByCSPRNG() + pubVec[i] = *sec.GetPublicKey() + m := fmt.Sprintf("abc-%d", i) + h[i] = Hash([]byte(m)) + sigVec[i] = sec.SignHash(h[i]) + } + // aggregate sig + sig := sigVec[0] + for i := 1; i < n; i++ { + sig.Add(sigVec[i]) + } + if !sig.VerifyAggregateHashes(pubVec, h) { + t.Errorf("sig.VerifyAggregateHashes") + } +} + +type SeqRead struct { +} + +func (self *SeqRead) Read(buf []byte) (int, error) { + n := len(buf) + for i := 0; i < n; i++ { + buf[i] = byte(i) + } + return n, nil +} + +func testReadRand(t *testing.T) { + s1 := new(SeqRead) + SetRandFunc(s1) + var sec SecretKey + sec.SetByCSPRNG() + buf := sec.GetLittleEndian() + fmt.Printf("(SeqRead) buf=%x\n", buf) + for i := 0; i < len(buf)-1; i++ { + // ommit buf[len(buf) - 1] because it may be masked + if buf[i] != byte(i) { + t.Fatal("buf") + } + } + SetRandFunc(rand.Reader) + sec.SetByCSPRNG() + buf = sec.GetLittleEndian() + fmt.Printf("(rand.Reader) buf=%x\n", buf) + SetRandFunc(nil) + sec.SetByCSPRNG() + buf = sec.GetLittleEndian() + fmt.Printf("(default) buf=%x\n", buf) +} + +func test(t *testing.T, c int) { + err := Init(c) + if err != nil { + t.Fatal(err) + } + unitN = GetOpUnitSize() + t.Logf("unitN=%d\n", unitN) + testReadRand(t) + testPre(t) + testRecoverSecretKey(t) + testAdd(t) + testSign(t) + testPop(t) + testData(t) + testStringConversion(t) + testOrder(t, c) + testDHKeyExchange(t) + testSerializeToHexStr(t) + testPairing(t) + testAggregate(t) + testHash(t) + testAggregateHashes(t) +} + +func TestMain(t *testing.T) { + t.Logf("GetMaxOpUnitSize() = %d\n", GetMaxOpUnitSize()) + t.Log("CurveFp254BNb") + test(t, CurveFp254BNb) + if GetMaxOpUnitSize() == 6 { + if GetFrUnitSize() == 6 { + t.Log("CurveFp382_1") + test(t, CurveFp382_1) + } + t.Log("BLS12_381") + test(t, BLS12_381) + } +} + +// Benchmarks + +var curve = CurveFp382_1 + +//var curve = CurveFp254BNb + +func BenchmarkPubkeyFromSeckey(b *testing.B) { + b.StopTimer() + err := Init(curve) + if err != nil { + b.Fatal(err) + } + var sec SecretKey + for n := 0; n < b.N; n++ { + sec.SetByCSPRNG() + b.StartTimer() + sec.GetPublicKey() + b.StopTimer() + } +} + +func BenchmarkSigning(b *testing.B) { + b.StopTimer() + err := Init(curve) + if err != nil { + b.Fatal(err) + } + var sec SecretKey + for n := 0; n < b.N; n++ { + sec.SetByCSPRNG() + b.StartTimer() + sec.Sign(strconv.Itoa(n)) + b.StopTimer() + } +} + +func BenchmarkValidation(b *testing.B) { + b.StopTimer() + err := Init(curve) + if err != nil { + b.Fatal(err) + } + var sec SecretKey + for n := 0; n < b.N; n++ { + sec.SetByCSPRNG() + pub := sec.GetPublicKey() + m := strconv.Itoa(n) + sig := sec.Sign(m) + b.StartTimer() + sig.Verify(pub, m) + b.StopTimer() + } +} + +func benchmarkDeriveSeckeyShare(k int, b *testing.B) { + b.StopTimer() + err := Init(curve) + if err != nil { + b.Fatal(err) + } + var sec SecretKey + sec.SetByCSPRNG() + msk := sec.GetMasterSecretKey(k) + var id ID + for n := 0; n < b.N; n++ { + err = id.SetLittleEndian([]byte{1, 2, 3, 4, 5, byte(n)}) + if err != nil { + b.Error(err) + } + b.StartTimer() + err := sec.Set(msk, &id) + b.StopTimer() + if err != nil { + b.Error(err) + } + } +} + +//func BenchmarkDeriveSeckeyShare100(b *testing.B) { benchmarkDeriveSeckeyShare(100, b) } +//func BenchmarkDeriveSeckeyShare200(b *testing.B) { benchmarkDeriveSeckeyShare(200, b) } +func BenchmarkDeriveSeckeyShare500(b *testing.B) { benchmarkDeriveSeckeyShare(500, b) } + +//func BenchmarkDeriveSeckeyShare1000(b *testing.B) { benchmarkDeriveSeckeyShare(1000, b) } + +func benchmarkRecoverSeckey(k int, b *testing.B) { + b.StopTimer() + err := Init(curve) + if err != nil { + b.Fatal(err) + } + var sec SecretKey + sec.SetByCSPRNG() + msk := sec.GetMasterSecretKey(k) + + // derive n shares + n := k + secVec := make([]SecretKey, n) + idVec := make([]ID, n) + for i := 0; i < n; i++ { + err := idVec[i].SetLittleEndian([]byte{1, 2, 3, 4, 5, byte(i)}) + if err != nil { + b.Error(err) + } + err = secVec[i].Set(msk, &idVec[i]) + if err != nil { + b.Error(err) + } + } + + // recover from secVec and idVec + var sec2 SecretKey + b.StartTimer() + for n := 0; n < b.N; n++ { + err := sec2.Recover(secVec, idVec) + if err != nil { + b.Errorf("%s\n", err) + } + } +} + +func BenchmarkRecoverSeckey100(b *testing.B) { benchmarkRecoverSeckey(100, b) } +func BenchmarkRecoverSeckey200(b *testing.B) { benchmarkRecoverSeckey(200, b) } +func BenchmarkRecoverSeckey500(b *testing.B) { benchmarkRecoverSeckey(500, b) } +func BenchmarkRecoverSeckey1000(b *testing.B) { benchmarkRecoverSeckey(1000, b) } + +func benchmarkRecoverSignature(k int, b *testing.B) { + b.StopTimer() + err := Init(curve) + if err != nil { + b.Fatal(err) + } + var sec SecretKey + sec.SetByCSPRNG() + msk := sec.GetMasterSecretKey(k) + + // derive n shares + n := k + idVec := make([]ID, n) + secVec := make([]SecretKey, n) + signVec := make([]Sign, n) + for i := 0; i < n; i++ { + err := idVec[i].SetLittleEndian([]byte{1, 2, 3, 4, 5, byte(i)}) + if err != nil { + b.Error(err) + } + err = secVec[i].Set(msk, &idVec[i]) + if err != nil { + b.Error(err) + } + signVec[i] = *secVec[i].Sign("test message") + } + + // recover signature + var sig Sign + b.StartTimer() + for n := 0; n < b.N; n++ { + err := sig.Recover(signVec, idVec) + if err != nil { + b.Error(err) + } + } +} + +func BenchmarkRecoverSignature100(b *testing.B) { benchmarkRecoverSignature(100, b) } +func BenchmarkRecoverSignature200(b *testing.B) { benchmarkRecoverSignature(200, b) } +func BenchmarkRecoverSignature500(b *testing.B) { benchmarkRecoverSignature(500, b) } +func BenchmarkRecoverSignature1000(b *testing.B) { benchmarkRecoverSignature(1000, b) } diff --git a/vendor/github.com/dexon-foundation/bls/ffi/go/bls/callback.go b/vendor/github.com/dexon-foundation/bls/ffi/go/bls/callback.go new file mode 100644 index 000000000..ba73a5e15 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/ffi/go/bls/callback.go @@ -0,0 +1,12 @@ +package bls + +/* +// exported from bls.go +unsigned int wrapReadRandGo(void *buf, unsigned int n); +int wrapReadRandCgo(void *self, void *buf, unsigned int n) +{ + (void)self; + return wrapReadRandGo(buf, n); +} +*/ +import "C" diff --git a/vendor/github.com/dexon-foundation/bls/ffi/go/bls/config.h b/vendor/github.com/dexon-foundation/bls/ffi/go/bls/config.h new file mode 100644 index 000000000..07e148137 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/ffi/go/bls/config.h @@ -0,0 +1,6 @@ +#pragma +// use bn384 unless tags is specified +#ifndef MCLBN_FP_UNIT_SIZE + #define MCLBN_FP_UNIT_SIZE 6 +#endif + diff --git a/vendor/github.com/dexon-foundation/bls/ffi/go/bls/dummy.cpp b/vendor/github.com/dexon-foundation/bls/ffi/go/bls/dummy.cpp new file mode 100644 index 000000000..a5103a1c5 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/ffi/go/bls/dummy.cpp @@ -0,0 +1,3 @@ +// This is a dummy source file which forces cgo to use the C++ linker instead +// of the default C linker. We can therefore eliminate non-portable linker +// flags such as -lstdc++, which is likely to break on FreeBSD and OpenBSD. diff --git a/vendor/github.com/dexon-foundation/bls/ffi/go/bls/mcl.go b/vendor/github.com/dexon-foundation/bls/ffi/go/bls/mcl.go index 9771201ec..ca8d7f02b 100644 --- a/vendor/github.com/dexon-foundation/bls/ffi/go/bls/mcl.go +++ b/vendor/github.com/dexon-foundation/bls/ffi/go/bls/mcl.go @@ -1,7 +1,10 @@ package bls /* -#cgo CFLAGS:-DMCLBN_FP_UNIT_SIZE=6 +#cgo bn256 CFLAGS:-DMCLBN_FP_UNIT_SIZE=4 +#cgo bn384 CFLAGS:-DMCLBN_FP_UNIT_SIZE=6 +#cgo bn384_256 CFLAGS:-DMCLBN_FP_UNIT_SIZE=6 -DMCLBN_FR_UNIT_SIZE=4 +#cgo !bn256,!bn384,!bn384_256 CFLAGS:-DMCLBN_FP_UNIT_SIZE=6 #include <mcl/bn.h> */ import "C" @@ -23,6 +26,17 @@ const BLS12_381 = C.MCL_BLS12_381 // IoSerializeHexStr const IoSerializeHexStr = C.MCLBN_IO_SERIALIZE_HEX_STR +// GetFrUnitSize() -- +func GetFrUnitSize() int { + return int(C.MCLBN_FR_UNIT_SIZE) +} + +// GetFpUnitSize() -- +// same as GetMaxOpUnitSize() +func GetFpUnitSize() int { + return int(C.MCLBN_FP_UNIT_SIZE) +} + // GetMaxOpUnitSize -- func GetMaxOpUnitSize() int { return int(C.MCLBN_FP_UNIT_SIZE) diff --git a/vendor/github.com/dexon-foundation/bls/images/bls-go-alpine/Dockerfile b/vendor/github.com/dexon-foundation/bls/images/bls-go-alpine/Dockerfile new file mode 100644 index 000000000..edd49eb4b --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/images/bls-go-alpine/Dockerfile @@ -0,0 +1,12 @@ +FROM golang:alpine +MAINTAINER Jimmy Hu <jimmy.hu@dexon.org> + +# Install dependencies +RUN apk add --update-cache build-base gmp-dev openssl-dev git + +# Build bls library +RUN mkdir work ; cd work +RUN git clone --depth 1 git://github.com/dexon-foundation/mcl.git +RUN mkdir bls +COPY . bls/ +RUN cd bls ; make clean && make test_go DOCKER=alpine -j && cp lib/* /usr/lib/ diff --git a/vendor/github.com/dexon-foundation/bls/include/bls/bls.h b/vendor/github.com/dexon-foundation/bls/include/bls/bls.h index 6b7cbdd68..cb300bc49 100644 --- a/vendor/github.com/dexon-foundation/bls/include/bls/bls.h +++ b/vendor/github.com/dexon-foundation/bls/include/bls/bls.h @@ -8,6 +8,14 @@ */ #include <mcl/bn.h> +#ifdef BLS_SWAP_G + /* + error if BLS_SWAP_G is inconsistently used between library and exe + */ + #undef MCLBN_COMPILED_TIME_VAR + #define MCLBN_COMPILED_TIME_VAR ((MCLBN_FR_UNIT_SIZE) * 10 + (MCLBN_FP_UNIT_SIZE) + 100) +#endif + #ifdef _MSC_VER #ifdef BLS_DONT_EXPORT #define BLS_DLL_API @@ -21,7 +29,9 @@ #ifndef BLS_NO_AUTOLINK #if MCLBN_FP_UNIT_SIZE == 4 #pragma comment(lib, "bls256.lib") - #elif MCLBN_FP_UNIT_SIZE == 6 + #elif (MCLBN_FP_UNIT_SIZE == 6) && (MCLBN_FR_UNIT_SIZE == 4) + #pragma comment(lib, "bls384_256.lib") + #elif (MCLBN_FP_UNIT_SIZE == 6) && (MCLBN_FR_UNIT_SIZE == 6) #pragma comment(lib, "bls384.lib") #endif #endif @@ -46,11 +56,19 @@ typedef struct { } blsSecretKey; typedef struct { +#ifdef BLS_SWAP_G + mclBnG1 v; +#else mclBnG2 v; +#endif } blsPublicKey; typedef struct { +#ifdef BLS_SWAP_G + mclBnG2 v; +#else mclBnG1 v; +#endif } blsSignature; /* @@ -68,9 +86,13 @@ BLS_DLL_API int blsInit(int curve, int compiledTimeVar); BLS_DLL_API void blsIdSetInt(blsId *id, int x); -// return 0 if success -// mask buf with (1 << (bitLen(r) - 1)) - 1 if buf >= r +// sec = buf & (1 << bitLen(r)) - 1 +// if (sec >= r) sec &= (1 << (bitLen(r) - 1)) - 1 +// always return 0 BLS_DLL_API int blsSecretKeySetLittleEndian(blsSecretKey *sec, const void *buf, mclSize bufSize); +// return 0 if success (bufSize <= 64) else -1 +// set (buf mod r) to sec +BLS_DLL_API int blsSecretKeySetLittleEndianMod(blsSecretKey *sec, const void *buf, mclSize bufSize); BLS_DLL_API void blsGetPublicKey(blsPublicKey *pub, const blsSecretKey *sec); @@ -126,6 +148,15 @@ BLS_DLL_API int blsPublicKeyIsValidOrder(const blsPublicKey *pub); #ifndef BLS_MINIMUM_API /* + verify X == sY by checking e(X, sQ) = e(Y, Q) + @param X [in] + @param Y [in] + @param pub [in] pub = sQ + @return 1 if e(X, pub) = e(Y, Q) else 0 +*/ +BLS_DLL_API int blsVerifyPairing(const blsSignature *X, const blsSignature *Y, const blsPublicKey *pub); + +/* sign the hash use the low (bitSize of r) - 1 bit of h return 0 if success else -1 @@ -162,8 +193,13 @@ BLS_DLL_API int blsGetG1ByteSize(void); // return bytes for serialized Fr BLS_DLL_API int blsGetFrByteSize(void); +#ifdef BLS_SWAP_G +// get a generator of G1 +BLS_DLL_API void blsGetGeneratorOfG1(blsPublicKey *pub); +#else // get a generator of G2 BLS_DLL_API void blsGetGeneratorOfG2(blsPublicKey *pub); +#endif // return 0 if success BLS_DLL_API int blsIdSetDecStr(blsId *id, const char *buf, mclSize bufSize); @@ -184,6 +220,15 @@ BLS_DLL_API int blsHashToSecretKey(blsSecretKey *sec, const void *buf, mclSize b return 0 if success else -1 */ BLS_DLL_API int blsSecretKeySetByCSPRNG(blsSecretKey *sec); +/* + set user-defined random function for setByCSPRNG + @param self [in] user-defined pointer + @param readFunc [in] user-defined function, + which writes random bufSize bytes to buf and returns bufSize if success else returns 0 + @note if self == 0 and readFunc == 0 then set default random function + @note not threadsafe +*/ +BLS_DLL_API void blsSetRandFunc(void *self, unsigned int (*readFunc)(void *self, void *buf, unsigned int bufSize)); #endif BLS_DLL_API void blsGetPop(blsSignature *sig, const blsSecretKey *sec); diff --git a/vendor/github.com/dexon-foundation/bls/include/bls/bls.hpp b/vendor/github.com/dexon-foundation/bls/include/bls/bls.hpp index b32b7e1fa..741334555 100644 --- a/vendor/github.com/dexon-foundation/bls/include/bls/bls.hpp +++ b/vendor/github.com/dexon-foundation/bls/include/bls/bls.hpp @@ -250,7 +250,7 @@ public: */ void recover(const SecretKeyVec& secVec, const IdVec& idVec) { - if (secVec.size() != idVec.size()) throw std::invalid_argument("SecretKey::recover"); + if (secVec.size() != idVec.size()) throw std::invalid_argument("SecretKey:recover"); recover(secVec.data(), idVec.data(), idVec.size()); } /* @@ -300,7 +300,12 @@ public: if (str != "0") { // 1 <x.a> <x.b> <y.a> <y.b> std::string t; - for (int i = 0; i < 4; i++) { +#ifdef BLS_SWAP_G + const int elemNum = 2; +#else + const int elemNum = 4; +#endif + for (int i = 0; i < elemNum; i++) { is >> t; str += ' '; str += t; @@ -312,14 +317,22 @@ public: void getStr(std::string& str, int ioMode = 0) const { str.resize(1024); +#ifdef BLS_SWAP_G + size_t n = mclBnG1_getStr(&str[0], str.size(), &self_.v, ioMode); +#else size_t n = mclBnG2_getStr(&str[0], str.size(), &self_.v, ioMode); - if (n == 0) throw std::runtime_error("mclBnG2_getStr"); +#endif + if (n == 0) throw std::runtime_error("PublicKey:getStr"); str.resize(n); } void setStr(const std::string& str, int ioMode = 0) { +#ifdef BLS_SWAP_G + int ret = mclBnG1_setStr(&self_.v, str.c_str(), str.size(), ioMode); +#else int ret = mclBnG2_setStr(&self_.v, str.c_str(), str.size(), ioMode); - if (ret != 0) throw std::runtime_error("mclBnG2_setStr"); +#endif + if (ret != 0) throw std::runtime_error("PublicKey:setStr"); } /* set public for id from mpk @@ -333,7 +346,7 @@ public: */ void recover(const PublicKeyVec& pubVec, const IdVec& idVec) { - if (pubVec.size() != idVec.size()) throw std::invalid_argument("PublicKey::recover"); + if (pubVec.size() != idVec.size()) throw std::invalid_argument("PublicKey:recover"); recover(pubVec.data(), idVec.data(), idVec.size()); } /* @@ -382,7 +395,12 @@ public: if (str != "0") { // 1 <x> <y> std::string t; - for (int i = 0; i < 2; i++) { +#ifdef BLS_SWAP_G + const int elemNum = 4; +#else + const int elemNum = 2; +#endif + for (int i = 0; i < elemNum; i++) { is >> t; str += ' '; str += t; @@ -394,14 +412,22 @@ public: void getStr(std::string& str, int ioMode = 0) const { str.resize(1024); +#ifdef BLS_SWAP_G + size_t n = mclBnG2_getStr(&str[0], str.size(), &self_.v, ioMode); +#else size_t n = mclBnG1_getStr(&str[0], str.size(), &self_.v, ioMode); - if (n == 0) throw std::runtime_error("mclBnG1_getStr"); +#endif + if (n == 0) throw std::runtime_error("Signature:tgetStr"); str.resize(n); } void setStr(const std::string& str, int ioMode = 0) { +#ifdef BLS_SWAP_G + int ret = mclBnG2_setStr(&self_.v, str.c_str(), str.size(), ioMode); +#else int ret = mclBnG1_setStr(&self_.v, str.c_str(), str.size(), ioMode); - if (ret != 0) throw std::runtime_error("mclBnG1_setStr"); +#endif + if (ret != 0) throw std::runtime_error("Signature:setStr"); } bool verify(const PublicKey& pub, const void *m, size_t size) const { @@ -437,7 +463,7 @@ public: */ void recover(const SignatureVec& sigVec, const IdVec& idVec) { - if (sigVec.size() != idVec.size()) throw std::invalid_argument("Signature::recover"); + if (sigVec.size() != idVec.size()) throw std::invalid_argument("Signature:recover"); recover(sigVec.data(), idVec.data(), idVec.size()); } /* diff --git a/vendor/github.com/dexon-foundation/bls/mk.bat b/vendor/github.com/dexon-foundation/bls/mk.bat index c5dfac91a..9bf8dd9e6 100644 --- a/vendor/github.com/dexon-foundation/bls/mk.bat +++ b/vendor/github.com/dexon-foundation/bls/mk.bat @@ -8,6 +8,7 @@ if "%1"=="-s" ( echo "mk (-s|-d) <source file>" goto exit ) +set CFLAGS=%CFLAGS% -I../mcl/include set SRC=%2 set EXE=%SRC:.cpp=.exe% set EXE=%EXE:.c=.exe% diff --git a/vendor/github.com/dexon-foundation/bls/mklib.bat b/vendor/github.com/dexon-foundation/bls/mklib.bat index fca9333fc..4a60d7196 100644 --- a/vendor/github.com/dexon-foundation/bls/mklib.bat +++ b/vendor/github.com/dexon-foundation/bls/mklib.bat @@ -10,13 +10,17 @@ call setvar.bat if "%1"=="dll" ( cl /c %CFLAGS% /Foobj/bls_c256.obj src/bls_c256.cpp /DBLS_NO_AUTOLINK cl /c %CFLAGS% /Foobj/bls_c384.obj src/bls_c384.cpp /DBLS_NO_AUTOLINK + cl /c %CFLAGS% /Foobj/bls_c384_256.obj src/bls_c384_256.cpp /DBLS_NO_AUTOLINK cl /c %CFLAGS% /Foobj/fp.obj ../mcl/src/fp.cpp link /nologo /DLL /OUT:bin\bls256.dll obj\bls_c256.obj obj\fp.obj %LDFLAGS% /implib:lib\bls256.lib link /nologo /DLL /OUT:bin\bls384.dll obj\bls_c384.obj obj\fp.obj %LDFLAGS% /implib:lib\bls384.lib + link /nologo /DLL /OUT:bin\bls384_256.dll obj\bls_c384_256.obj obj\fp.obj %LDFLAGS% /implib:lib\bls384_256.lib ) else ( cl /c %CFLAGS% /Foobj/bls_c256.obj src/bls_c256.cpp cl /c %CFLAGS% /Foobj/bls_c384.obj src/bls_c384.cpp + cl /c %CFLAGS% /Foobj/bls_c384_256.obj src/bls_c384_256.cpp cl /c %CFLAGS% /Foobj/fp.obj ../mcl/src/fp.cpp /DMCLBN_DONT_EXPORT lib /OUT:lib/bls256.lib /nodefaultlib obj/bls_c256.obj obj/fp.obj %LDFLAGS% lib /OUT:lib/bls384.lib /nodefaultlib obj/bls_c384.obj obj/fp.obj %LDFLAGS% + lib /OUT:lib/bls384_256.lib /nodefaultlib obj/bls_c384_256.obj obj/fp.obj %LDFLAGS% ) diff --git a/vendor/github.com/dexon-foundation/bls/readme.md b/vendor/github.com/dexon-foundation/bls/readme.md index 08aac6ca1..b1efb3f36 100644 --- a/vendor/github.com/dexon-foundation/bls/readme.md +++ b/vendor/github.com/dexon-foundation/bls/readme.md @@ -15,7 +15,23 @@ git clone git://github.com/dexon-foundation/bls.git git clone git://github.com/herumi/cybozulib_ext ; for only Windows ``` -# **REMARK** libbls.a for C++ interface(bls/bls.hpp) is removed +# News +* (Break backward compatibility) The suffix `_dy` of library name is removed and bls\*.a requires libmcl.so set LD_LIBRARY_PATH to the directory. +* -tags option for Go bindings + * -tags bn256 + * -tags bn384\_256 + * -tags bn384 ; default mode +* Support swap of G1 and G2 + * `make BLS_SWAP_G=1` then G1 is assigned to PublicKey and G2 is assigned to Signature. + * golang binding does not support this feature yet. +* Build option without GMP + * `make MCL_USE_GMP=0` +* Build option without OpenSSL + * `make MCL_USE_OPENSSL=0` +* Build option to specify `mcl` directory + * `make MCL_DIR=<mcl directory>` + +* (old) libbls.a for C++ interface(bls/bls.hpp) is removed Link `lib/libbls256.a` or `lib/libbls384.a` to use `bls/bls.hpp` according to MCLBN_FP_UNIT_SIZE = 4 or 6. # Build and test for Linux @@ -45,8 +61,9 @@ bin\bls_c384_test.exe ``` # Library -* libbls256.a/libbls256_dy.so ; for BN254 compiled with MCLBN_FP_UNIT_SIZE=4 -* libbls384.a/libbls384_dy.so ; for BN254/BN381_1/BLS12_381 compiled with MCLBN_FP_UNIT_SIZE=6 +* libbls256.a/libbls256.so ; for BN254 compiled with MCLBN_FP_UNIT_SIZE=4 +* libbls384.a/libbls384.so ; for BN254/BN381_1/BLS12_381 compiled with MCLBN_FP_UNIT_SIZE=6 +* libbls384_256.a/libbls384_256.so ; for BN254/BLS12_381 compiled with MCLBN_FP_UNIT_SIZE=6 and MCLBN_FR_UNIT_SIZE=4 See `mcl/include/curve_type.h` for curve parameter diff --git a/vendor/github.com/dexon-foundation/bls/sample/bls_smpl.cpp b/vendor/github.com/dexon-foundation/bls/sample/bls_smpl.cpp new file mode 100644 index 000000000..e812cd500 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/sample/bls_smpl.cpp @@ -0,0 +1,168 @@ +#define MCLBN_FP_UNIT_SIZE 4 +#include <bls/bls.hpp> +#include <cybozu/option.hpp> +#include <cybozu/itoa.hpp> +#include <fstream> + +const std::string pubFile = "sample/publickey"; +const std::string secFile = "sample/secretkey"; +const std::string signFile = "sample/sign"; + +std::string makeName(const std::string& name, const bls::Id& id) +{ + const std::string suf = ".txt"; + if (id.isZero()) return name + suf; + std::ostringstream os; + os << name << '.' << id << suf; + return os.str(); +} + +template<class T> +void save(const std::string& file, const T& t, const bls::Id& id = 0) +{ + const std::string name = makeName(file, id); + std::ofstream ofs(name.c_str(), std::ios::binary); + if (!(ofs << t)) { + throw cybozu::Exception("can't save") << name; + } +} + +template<class T> +void load(T& t, const std::string& file, const bls::Id& id = 0) +{ + const std::string name = makeName(file, id); + std::ifstream ifs(name.c_str(), std::ios::binary); + if (!(ifs >> t)) { + throw cybozu::Exception("can't load") << name; + } +} + +int init() +{ + printf("make %s and %s files\n", secFile.c_str(), pubFile.c_str()); + bls::SecretKey sec; + sec.init(); + save(secFile, sec); + bls::PublicKey pub; + sec.getPublicKey(pub); + save(pubFile, pub); + return 0; +} + +int sign(const std::string& m, int id) +{ + printf("sign message `%s` by id=%d\n", m.c_str(), id); + bls::SecretKey sec; + load(sec, secFile, id); + bls::Signature s; + sec.sign(s, m); + save(signFile, s, id); + return 0; +} + +int verify(const std::string& m, int id) +{ + printf("verify message `%s` by id=%d\n", m.c_str(), id); + bls::PublicKey pub; + load(pub, pubFile, id); + bls::Signature s; + load(s, signFile, id); + if (s.verify(pub, m)) { + puts("verify ok"); + return 0; + } else { + puts("verify err"); + return 1; + } +} + +int share(size_t n, size_t k) +{ + printf("%d-out-of-%d threshold sharing\n", (int)k, (int)n); + bls::SecretKey sec; + load(sec, secFile); + bls::SecretKeyVec msk; + sec.getMasterSecretKey(msk, k); + bls::SecretKeyVec secVec(n); + bls::IdVec ids(n); + for (size_t i = 0; i < n; i++) { + int id = i + 1; + ids[i] = id; + secVec[i].set(msk, id); + } + for (size_t i = 0; i < n; i++) { + save(secFile, secVec[i], ids[i]); + bls::PublicKey pub; + secVec[i].getPublicKey(pub); + save(pubFile, pub, ids[i]); + } + return 0; +} + +int recover(const bls::IdVec& ids) +{ + printf("recover from"); + for (size_t i = 0; i < ids.size(); i++) { + std::cout << ' ' << ids[i]; + } + printf("\n"); + bls::SignatureVec sigVec(ids.size()); + for (size_t i = 0; i < sigVec.size(); i++) { + load(sigVec[i], signFile, ids[i]); + } + bls::Signature s; + s.recover(sigVec, ids); + save(signFile, s); + return 0; +} + +int main(int argc, char *argv[]) + try +{ + bls::init(); // use BN254 + + std::string mode; + std::string m; + size_t n; + size_t k; + int id; + bls::IdVec ids; + + cybozu::Option opt; + opt.appendParam(&mode, "init|sign|verify|share|recover"); + opt.appendOpt(&n, 10, "n", ": k-out-of-n threshold"); + opt.appendOpt(&k, 3, "k", ": k-out-of-n threshold"); + opt.appendOpt(&m, "", "m", ": message to be signed"); + opt.appendOpt(&id, 0, "id", ": id of secretKey"); + opt.appendVec(&ids, "ids", ": select k id in [0, n). this option should be last"); + opt.appendHelp("h"); + if (!opt.parse(argc, argv)) { + goto ERR_EXIT; + } + + if (mode == "init") { + return init(); + } else if (mode == "sign") { + if (m.empty()) goto ERR_EXIT; + return sign(m, id); + } else if (mode == "verify") { + if (m.empty()) goto ERR_EXIT; + return verify(m, id); + } else if (mode == "share") { + return share(n, k); + } else if (mode == "recover") { + if (ids.empty()) { + fprintf(stderr, "use -ids option. ex. share -ids 1 3 5\n"); + goto ERR_EXIT; + } + return recover(ids); + } else { + fprintf(stderr, "bad mode %s\n", mode.c_str()); + } +ERR_EXIT: + opt.usage(); + return 1; +} catch (std::exception& e) { + fprintf(stderr, "ERR %s\n", e.what()); + return 1; +} diff --git a/vendor/github.com/dexon-foundation/bls/setvar.bat b/vendor/github.com/dexon-foundation/bls/setvar.bat index b45af24b9..0ff286ab8 100755 --- a/vendor/github.com/dexon-foundation/bls/setvar.bat +++ b/vendor/github.com/dexon-foundation/bls/setvar.bat @@ -1,6 +1,6 @@ @echo off call ..\mcl\setvar.bat -set CFLAGS=%CFLAGS% /I ..\mcl\include /I .\ +set CFLAGS=%CFLAGS% /I ..\mcl\include /I ./ set LDFLAGS=%LDFLAGS% /LIBPATH:..\mcl\lib echo CFLAGS=%CFLAGS% -echo LDFLAGS=%LDFLAGS%
\ No newline at end of file +echo LDFLAGS=%LDFLAGS% diff --git a/vendor/github.com/dexon-foundation/bls/src/bls_c384_256.cpp b/vendor/github.com/dexon-foundation/bls/src/bls_c384_256.cpp new file mode 100644 index 000000000..3dcb3e7d7 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/src/bls_c384_256.cpp @@ -0,0 +1,4 @@ +#define MCLBN_FP_UNIT_SIZE 6 +#define MCLBN_FR_UNIT_SIZE 4 +#include "bls_c_impl.hpp" + diff --git a/vendor/github.com/dexon-foundation/bls/src/bls_c_impl.hpp b/vendor/github.com/dexon-foundation/bls/src/bls_c_impl.hpp index 16b79f913..b38c1ad06 100644 --- a/vendor/github.com/dexon-foundation/bls/src/bls_c_impl.hpp +++ b/vendor/github.com/dexon-foundation/bls/src/bls_c_impl.hpp @@ -3,30 +3,81 @@ #include <bls/bls.h> -#include "../mcl/src/bn_c_impl.hpp" +#if 1 +#include "mcl/impl/bn_c_impl.hpp" +#else +#if MCLBN_FP_UNIT_SIZE == 4 && MCLBN_FR_UNIT_SIZE == 4 +#include <mcl/bn256.hpp> +#elif MCLBN_FP_UNIT_SIZE == 6 && MCLBN_FR_UNIT_SIZE == 6 +#include <mcl/bn384.hpp> +#elif MCLBN_FP_UNIT_SIZE == 6 && MCLBN_FR_UNIT_SIZE == 4 +#include <mcl/bls12_381.hpp> +#elif MCLBN_FP_UNIT_SIZE == 8 && MCLBN_FR_UNIT_SIZE == 8 +#include <mcl/bn512.hpp> +#else + #error "not supported size" +#endif +#include <mcl/lagrange.hpp> +using namespace mcl::bn; +inline Fr *cast(mclBnFr *p) { return reinterpret_cast<Fr*>(p); } +inline const Fr *cast(const mclBnFr *p) { return reinterpret_cast<const Fr*>(p); } + +inline G1 *cast(mclBnG1 *p) { return reinterpret_cast<G1*>(p); } +inline const G1 *cast(const mclBnG1 *p) { return reinterpret_cast<const G1*>(p); } + +inline G2 *cast(mclBnG2 *p) { return reinterpret_cast<G2*>(p); } +inline const G2 *cast(const mclBnG2 *p) { return reinterpret_cast<const G2*>(p); } + +inline Fp12 *cast(mclBnGT *p) { return reinterpret_cast<Fp12*>(p); } +inline const Fp12 *cast(const mclBnGT *p) { return reinterpret_cast<const Fp12*>(p); } + +inline Fp6 *cast(uint64_t *p) { return reinterpret_cast<Fp6*>(p); } +inline const Fp6 *cast(const uint64_t *p) { return reinterpret_cast<const Fp6*>(p); } +#endif + +void Gmul(G1& z, const G1& x, const Fr& y) { G1::mul(z, x, y); } +void Gmul(G2& z, const G2& x, const Fr& y) { G2::mul(z, x, y); } +void GmulCT(G1& z, const G1& x, const Fr& y) { G1::mulCT(z, x, y); } +void GmulCT(G2& z, const G2& x, const Fr& y) { G2::mulCT(z, x, y); } /* BLS signature - e : G1 x G2 -> Fp12 + e : G1 x G2 -> GT Q in G2 ; fixed global parameter H : {str} -> G1 s : secret key sQ ; public key s H(m) ; signature of m verify ; e(sQ, H(m)) = e(Q, s H(m)) + + swap G1 and G2 if BLS_SWAP_G is defined + @note the current implementation does not support precomputed miller loop */ +#ifdef BLS_SWAP_G +static G1 g_P; +inline const G1& getBasePoint() { return g_P; } +#else static G2 g_Q; const size_t maxQcoeffN = 128; static mcl::FixedArray<Fp6, maxQcoeffN> g_Qcoeff; // precomputed Q -inline const G2& getQ() { return g_Q; } +inline const G2& getBasePoint() { return g_Q; } inline const mcl::FixedArray<Fp6, maxQcoeffN>& getQcoeff() { return g_Qcoeff; } +#endif int blsInitNotThreadSafe(int curve, int compiledTimeVar) { - int ret = mclBn_init(curve, compiledTimeVar); - if (ret < 0) return ret; + if (compiledTimeVar != MCLBN_COMPILED_TIME_VAR) { + return -(compiledTimeVar | (MCLBN_COMPILED_TIME_VAR * 100)); + } + const mcl::CurveParam& cp = mcl::getCurveParam(curve); bool b; + initPairing(&b, cp); + if (!b) return -1; + +#ifdef BLS_SWAP_G + mapToG1(&b, g_P, 1); +#else if (curve == MCL_BN254) { const char *Qx_BN254 = "11ccb44e77ac2c5dc32a6009594dbe331ec85a61290d6bbac8cc7ebb2dceb128 f204a14bbdac4a05be9a25176de827f2e60085668becdd4fc5fa914c9ee0d9a"; @@ -41,7 +92,7 @@ int blsInitNotThreadSafe(int curve, int compiledTimeVar) if (curve == MCL_BN254) { #include "./qcoeff-bn254.hpp" g_Qcoeff.resize(BN::param.precomputedQcoeffSize); - assert(g_Qcoeff.size() == CYBOZU_NUM_OF_ARRAY(tbl)); + assert(g_Qcoeff.size() == CYBOZU_NUM_OF_ARRAY(QcoeffTblBN254)); for (size_t i = 0; i < g_Qcoeff.size(); i++) { Fp6& x6 = g_Qcoeff[i]; for (size_t j = 0; j < 6; j++) { @@ -53,8 +104,9 @@ int blsInitNotThreadSafe(int curve, int compiledTimeVar) } } } else { - precomputeG2(&b, g_Qcoeff, getQ()); + precomputeG2(&b, g_Qcoeff, getBasePoint()); } +#endif if (!b) return -101; return 0; } @@ -103,26 +155,55 @@ static inline const mclBnG2 *cast(const G2* x) { return (const mclBnG2*)x; } void blsIdSetInt(blsId *id, int x) { - mclBnFr_setInt(&id->v, x); + *cast(&id->v) = x; } int blsSecretKeySetLittleEndian(blsSecretKey *sec, const void *buf, mclSize bufSize) { - return mclBnFr_setLittleEndian(&sec->v, buf, bufSize); + cast(&sec->v)->setArrayMask((const char *)buf, bufSize); + return 0; +} +int blsSecretKeySetLittleEndianMod(blsSecretKey *sec, const void *buf, mclSize bufSize) +{ + bool b; + cast(&sec->v)->setArray(&b, (const char *)buf, bufSize, mcl::fp::Mod); + return b ? 0 : -1; } void blsGetPublicKey(blsPublicKey *pub, const blsSecretKey *sec) { - mclBnG2_mul(&pub->v, cast(&getQ()), &sec->v); + Gmul(*cast(&pub->v), getBasePoint(), *cast(&sec->v)); } void blsSign(blsSignature *sig, const blsSecretKey *sec, const void *m, mclSize size) { +#ifdef BLS_SWAP_G + G2 Hm; + hashAndMapToG2(Hm, m, size); +#else G1 Hm; hashAndMapToG1(Hm, m, size); - mclBnG1_mulCT(&sig->v, cast(&Hm), &sec->v); +#endif + GmulCT(*cast(&sig->v), Hm, *cast(&sec->v)); } +#ifdef BLS_SWAP_G +/* + e(P, sHm) == e(sP, Hm) + <=> finalExp(ML(P, sHm) * e(-sP, Hm)) == 1 +*/ +bool isEqualTwoPairings(const G2& sHm, const G1& sP, const G2& Hm) +{ + GT e1, e2; + millerLoop(e1, getBasePoint(), sHm); + G1 neg_sP; + G1::neg(neg_sP, sP); + millerLoop(e2, neg_sP, Hm); + e1 *= e2; + finalExp(e1, e1); + return e1.isOne(); +} +#else /* e(P1, Q1) == e(P2, Q2) <=> finalExp(ML(P1, Q1)) == finalExp(ML(P2, Q2)) @@ -132,14 +213,20 @@ void blsSign(blsSignature *sig, const blsSecretKey *sec, const void *m, mclSize */ bool isEqualTwoPairings(const G1& P1, const Fp6* Q1coeff, const G1& P2, const G2& Q2) { - Fp12 e; + GT e; precomputedMillerLoop2mixed(e, P2, Q2, -P1, Q1coeff); finalExp(e, e); return e.isOne(); } +#endif int blsVerify(const blsSignature *sig, const blsPublicKey *pub, const void *m, mclSize size) { +#ifdef BLS_SWAP_G + G2 Hm; + hashAndMapToG2(Hm, m, size); + return isEqualTwoPairings(*cast(&sig->v), *cast(&pub->v), Hm); +#else G1 Hm; hashAndMapToG1(Hm, m, size); /* @@ -147,187 +234,238 @@ int blsVerify(const blsSignature *sig, const blsPublicKey *pub, const void *m, m e(sig, Q) = e(Hm, pub) */ return isEqualTwoPairings(*cast(&sig->v), getQcoeff().data(), Hm, *cast(&pub->v)); +#endif } mclSize blsIdSerialize(void *buf, mclSize maxBufSize, const blsId *id) { - return mclBnFr_serialize(buf, maxBufSize, &id->v); + return cast(&id->v)->serialize(buf, maxBufSize); } mclSize blsSecretKeySerialize(void *buf, mclSize maxBufSize, const blsSecretKey *sec) { - return mclBnFr_serialize(buf, maxBufSize, &sec->v); + return cast(&sec->v)->serialize(buf, maxBufSize); } mclSize blsPublicKeySerialize(void *buf, mclSize maxBufSize, const blsPublicKey *pub) { - return mclBnG2_serialize(buf, maxBufSize, &pub->v); + return cast(&pub->v)->serialize(buf, maxBufSize); } mclSize blsSignatureSerialize(void *buf, mclSize maxBufSize, const blsSignature *sig) { - return mclBnG1_serialize(buf, maxBufSize, &sig->v); + return cast(&sig->v)->serialize(buf, maxBufSize); } mclSize blsIdDeserialize(blsId *id, const void *buf, mclSize bufSize) { - return mclBnFr_deserialize(&id->v, buf, bufSize); + return cast(&id->v)->deserialize(buf, bufSize); } -mclSize blsSecretKeyDeserialize(blsSecretKey *sig, const void *buf, mclSize bufSize) +mclSize blsSecretKeyDeserialize(blsSecretKey *sec, const void *buf, mclSize bufSize) { - return mclBnFr_deserialize(&sig->v, buf, bufSize); + return cast(&sec->v)->deserialize(buf, bufSize); } mclSize blsPublicKeyDeserialize(blsPublicKey *pub, const void *buf, mclSize bufSize) { - return mclBnG2_deserialize(&pub->v, buf, bufSize); + return cast(&pub->v)->deserialize(buf, bufSize); } mclSize blsSignatureDeserialize(blsSignature *sig, const void *buf, mclSize bufSize) { - return mclBnG1_deserialize(&sig->v, buf, bufSize); + return cast(&sig->v)->deserialize(buf, bufSize); } int blsIdIsEqual(const blsId *lhs, const blsId *rhs) { - return mclBnFr_isEqual(&lhs->v, &rhs->v); + return *cast(&lhs->v) == *cast(&rhs->v); } int blsSecretKeyIsEqual(const blsSecretKey *lhs, const blsSecretKey *rhs) { - return mclBnFr_isEqual(&lhs->v, &rhs->v); + return *cast(&lhs->v) == *cast(&rhs->v); } int blsPublicKeyIsEqual(const blsPublicKey *lhs, const blsPublicKey *rhs) { - return mclBnG2_isEqual(&lhs->v, &rhs->v); + return *cast(&lhs->v) == *cast(&rhs->v); } int blsSignatureIsEqual(const blsSignature *lhs, const blsSignature *rhs) { - return mclBnG1_isEqual(&lhs->v, &rhs->v); + return *cast(&lhs->v) == *cast(&rhs->v); } int blsSecretKeyShare(blsSecretKey *sec, const blsSecretKey* msk, mclSize k, const blsId *id) { - return mclBn_FrEvaluatePolynomial(&sec->v, &msk->v, k, &id->v); + bool b; + mcl::evaluatePolynomial(&b, *cast(&sec->v), cast(&msk->v), k, *cast(&id->v)); + return b ? 0 : -1; } int blsPublicKeyShare(blsPublicKey *pub, const blsPublicKey *mpk, mclSize k, const blsId *id) { - return mclBn_G2EvaluatePolynomial(&pub->v, &mpk->v, k, &id->v); + bool b; + mcl::evaluatePolynomial(&b, *cast(&pub->v), cast(&mpk->v), k, *cast(&id->v)); + return b ? 0 : -1; } int blsSecretKeyRecover(blsSecretKey *sec, const blsSecretKey *secVec, const blsId *idVec, mclSize n) { - return mclBn_FrLagrangeInterpolation(&sec->v, &idVec->v, &secVec->v, n); + bool b; + mcl::LagrangeInterpolation(&b, *cast(&sec->v), cast(&idVec->v), cast(&secVec->v), n); + return b ? 0 : -1; } int blsPublicKeyRecover(blsPublicKey *pub, const blsPublicKey *pubVec, const blsId *idVec, mclSize n) { - return mclBn_G2LagrangeInterpolation(&pub->v, &idVec->v, &pubVec->v, n); + bool b; + mcl::LagrangeInterpolation(&b, *cast(&pub->v), cast(&idVec->v), cast(&pubVec->v), n); + return b ? 0 : -1; } int blsSignatureRecover(blsSignature *sig, const blsSignature *sigVec, const blsId *idVec, mclSize n) { - return mclBn_G1LagrangeInterpolation(&sig->v, &idVec->v, &sigVec->v, n); + bool b; + mcl::LagrangeInterpolation(&b, *cast(&sig->v), cast(&idVec->v), cast(&sigVec->v), n); + return b ? 0 : -1; } void blsSecretKeyAdd(blsSecretKey *sec, const blsSecretKey *rhs) { - mclBnFr_add(&sec->v, &sec->v, &rhs->v); + *cast(&sec->v) += *cast(&rhs->v); } void blsPublicKeyAdd(blsPublicKey *pub, const blsPublicKey *rhs) { - mclBnG2_add(&pub->v, &pub->v, &rhs->v); + *cast(&pub->v) += *cast(&rhs->v); } void blsSignatureAdd(blsSignature *sig, const blsSignature *rhs) { - mclBnG1_add(&sig->v, &sig->v, &rhs->v); + *cast(&sig->v) += *cast(&rhs->v); } void blsSignatureVerifyOrder(int doVerify) { - mclBn_verifyOrderG1(doVerify); +#ifdef BLS_SWAP_G + verifyOrderG2(doVerify != 0); +#else + verifyOrderG1(doVerify != 0); +#endif } void blsPublicKeyVerifyOrder(int doVerify) { - mclBn_verifyOrderG2(doVerify); +#ifdef BLS_SWAP_G + verifyOrderG1(doVerify != 0); +#else + verifyOrderG2(doVerify != 0); +#endif } int blsSignatureIsValidOrder(const blsSignature *sig) { - return mclBnG1_isValidOrder(&sig->v); + return cast(&sig->v)->isValidOrder(); } int blsPublicKeyIsValidOrder(const blsPublicKey *pub) { - return mclBnG2_isValidOrder(&pub->v); + return cast(&pub->v)->isValidOrder(); } #ifndef BLS_MINIMUM_API -inline bool toG1(G1& Hm, const void *h, mclSize size) +template<class G> +inline bool toG(G& Hm, const void *h, mclSize size) { Fp t; t.setArrayMask((const char *)h, size); bool b; +#ifdef BLS_SWAP_G + BN::mapToG2(&b, Hm, Fp2(t, 0)); +#else BN::mapToG1(&b, Hm, t); +#endif return b; } int blsVerifyAggregatedHashes(const blsSignature *aggSig, const blsPublicKey *pubVec, const void *hVec, size_t sizeofHash, mclSize n) { if (n == 0) return 0; + GT e1, e2; + const char *ph = (const char*)hVec; +#ifdef BLS_SWAP_G + millerLoop(e1, getBasePoint(), -*cast(&aggSig->v)); + G2 h; + if (!toG(h, &ph[0], sizeofHash)) return 0; + BN::millerLoop(e2, *cast(&pubVec[0].v), h); + e1 *= e2; + for (size_t i = 1; i < n; i++) { + if (!toG(h, &ph[i * sizeofHash], sizeofHash)) return 0; + millerLoop(e2, *cast(&pubVec[i].v), h); + e1 *= e2; + } +#else /* e(aggSig, Q) = prod_i e(hVec[i], pubVec[i]) <=> finalExp(ML(-aggSig, Q) * prod_i ML(hVec[i], pubVec[i])) == 1 */ - GT e1, e2; BN::precomputedMillerLoop(e1, -*cast(&aggSig->v), g_Qcoeff.data()); - const char *ph = (const char*)hVec; G1 h; - if (!toG1(h, &ph[0], sizeofHash)) return 0; + if (!toG(h, &ph[0], sizeofHash)) return 0; BN::millerLoop(e2, h, *cast(&pubVec[0].v)); e1 *= e2; for (size_t i = 1; i < n; i++) { - if (!toG1(h, &ph[i * sizeofHash], sizeofHash)) return 0; + if (!toG(h, &ph[i * sizeofHash], sizeofHash)) return 0; BN::millerLoop(e2, h, *cast(&pubVec[i].v)); e1 *= e2; } +#endif BN::finalExp(e1, e1); return e1.isOne(); } int blsSignHash(blsSignature *sig, const blsSecretKey *sec, const void *h, mclSize size) { +#ifdef BLS_SWAP_G + G2 Hm; +#else G1 Hm; - if (!toG1(Hm, h, size)) return -1; - mclBnG1_mulCT(&sig->v, cast(&Hm), &sec->v); +#endif + if (!toG(Hm, h, size)) return -1; + GmulCT(*cast(&sig->v), Hm, *cast(&sec->v)); return 0; } +int blsVerifyPairing(const blsSignature *X, const blsSignature *Y, const blsPublicKey *pub) +{ +#ifdef BLS_SWAP_G + return isEqualTwoPairings(*cast(&X->v), *cast(&pub->v), *cast(&Y->v)); +#else + return isEqualTwoPairings(*cast(&X->v), getQcoeff().data(), *cast(&Y->v), *cast(&pub->v)); +#endif +} + int blsVerifyHash(const blsSignature *sig, const blsPublicKey *pub, const void *h, mclSize size) { - G1 Hm; - if (!toG1(Hm, h, size)) return 0; - return isEqualTwoPairings(*cast(&sig->v), getQcoeff().data(), Hm, *cast(&pub->v)); + blsSignature Hm; + if (!toG(*cast(&Hm.v), h, size)) return 0; + return blsVerifyPairing(sig, &Hm, pub); } void blsSecretKeySub(blsSecretKey *sec, const blsSecretKey *rhs) { - mclBnFr_sub(&sec->v, &sec->v, &rhs->v); + *cast(&sec->v) -= *cast(&rhs->v); } void blsPublicKeySub(blsPublicKey *pub, const blsPublicKey *rhs) { - mclBnG2_sub(&pub->v, &pub->v, &rhs->v); + *cast(&pub->v) -= *cast(&rhs->v); } void blsSignatureSub(blsSignature *sig, const blsSignature *rhs) { - mclBnG1_sub(&sig->v, &sig->v, &rhs->v); + *cast(&sig->v) -= *cast(&rhs->v); } + mclSize blsGetOpUnitSize() // FpUint64Size { return Fp::getUnitSize() * sizeof(mcl::fp::Unit) / sizeof(uint64_t); @@ -345,52 +483,67 @@ int blsGetFieldOrder(char *buf, mclSize maxBufSize) int blsGetG1ByteSize() { - return mclBn_getG1ByteSize(); + return (int)Fp::getByteSize(); } int blsGetFrByteSize() { - return mclBn_getFrByteSize(); + return (int)Fr::getByteSize(); } +#ifdef BLS_SWAP_G +void blsGetGeneratorOfG1(blsPublicKey *pub) +{ + *cast(&pub->v) = getBasePoint(); +} +#else void blsGetGeneratorOfG2(blsPublicKey *pub) { - *(G2*)pub = getQ(); + *cast(&pub->v) = getBasePoint(); } +#endif int blsIdSetDecStr(blsId *id, const char *buf, mclSize bufSize) { - return mclBnFr_setStr(&id->v, buf, bufSize, 10); + return cast(&id->v)->deserialize(buf, bufSize, 10) > 0 ? 0 : -1; } int blsIdSetHexStr(blsId *id, const char *buf, mclSize bufSize) { - return mclBnFr_setStr(&id->v, buf, bufSize, 16); + return cast(&id->v)->deserialize(buf, bufSize, 16) > 0 ? 0 : -1; } int blsIdSetLittleEndian(blsId *id, const void *buf, mclSize bufSize) { - return mclBnFr_setLittleEndian(&id->v, buf, bufSize); + cast(&id->v)->setArrayMask((const char *)buf, bufSize); + return 0; } mclSize blsIdGetDecStr(char *buf, mclSize maxBufSize, const blsId *id) { - return mclBnFr_getStr(buf, maxBufSize, &id->v, 10); + return cast(&id->v)->getStr(buf, maxBufSize, 10); } mclSize blsIdGetHexStr(char *buf, mclSize maxBufSize, const blsId *id) { - return mclBnFr_getStr(buf, maxBufSize, &id->v, 16); + return cast(&id->v)->getStr(buf, maxBufSize, 16); } int blsHashToSecretKey(blsSecretKey *sec, const void *buf, mclSize bufSize) { - return mclBnFr_setHashOf(&sec->v, buf, bufSize); + cast(&sec->v)->setHashOf(buf, bufSize); + return 0; } #ifndef MCL_DONT_USE_CSPRNG int blsSecretKeySetByCSPRNG(blsSecretKey *sec) { - return mclBnFr_setByCSPRNG(&sec->v); + bool b; + cast(&sec->v)->setByCSPRNG(&b); + return b ? 0 : -1; +} +void blsSetRandFunc(void *self, unsigned int (*readFunc)(void *self, void *buf, unsigned int bufSize)) +{ + mcl::fp::RandGen::setRandFunc(self, readFunc); } #endif @@ -399,7 +552,7 @@ void blsGetPop(blsSignature *sig, const blsSecretKey *sec) blsPublicKey pub; blsGetPublicKey(&pub, sec); char buf[1024]; - mclSize n = mclBnG2_serialize(buf, sizeof(buf), &pub.v); + mclSize n = cast(&pub.v)->serialize(buf, sizeof(buf)); assert(n); blsSign(sig, sec, buf, n); } @@ -407,54 +560,54 @@ void blsGetPop(blsSignature *sig, const blsSecretKey *sec) int blsVerifyPop(const blsSignature *sig, const blsPublicKey *pub) { char buf[1024]; - mclSize n = mclBnG2_serialize(buf, sizeof(buf), &pub->v); + mclSize n = cast(&pub->v)->serialize(buf, sizeof(buf)); if (n == 0) return 0; return blsVerify(sig, pub, buf, n); } mclSize blsIdGetLittleEndian(void *buf, mclSize maxBufSize, const blsId *id) { - return mclBnFr_serialize(buf, maxBufSize, &id->v); + return cast(&id->v)->serialize(buf, maxBufSize); } int blsSecretKeySetDecStr(blsSecretKey *sec, const char *buf, mclSize bufSize) { - return mclBnFr_setStr(&sec->v, buf, bufSize, 10); + return cast(&sec->v)->deserialize(buf, bufSize, 10) > 0 ? 0 : -1; } int blsSecretKeySetHexStr(blsSecretKey *sec, const char *buf, mclSize bufSize) { - return mclBnFr_setStr(&sec->v, buf, bufSize, 16); + return cast(&sec->v)->deserialize(buf, bufSize, 16) > 0 ? 0 : -1; } mclSize blsSecretKeyGetLittleEndian(void *buf, mclSize maxBufSize, const blsSecretKey *sec) { - return mclBnFr_serialize(buf, maxBufSize, &sec->v); + return cast(&sec->v)->serialize(buf, maxBufSize); } mclSize blsSecretKeyGetDecStr(char *buf, mclSize maxBufSize, const blsSecretKey *sec) { - return mclBnFr_getStr(buf, maxBufSize, &sec->v, 10); + return cast(&sec->v)->getStr(buf, maxBufSize, 10); } mclSize blsSecretKeyGetHexStr(char *buf, mclSize maxBufSize, const blsSecretKey *sec) { - return mclBnFr_getStr(buf, maxBufSize, &sec->v, 16); + return cast(&sec->v)->getStr(buf, maxBufSize, 16); } int blsPublicKeySetHexStr(blsPublicKey *pub, const char *buf, mclSize bufSize) { - return mclBnG2_setStr(&pub->v, buf, bufSize, 16); + return cast(&pub->v)->deserialize(buf, bufSize, 16) > 0 ? 0 : -1; } mclSize blsPublicKeyGetHexStr(char *buf, mclSize maxBufSize, const blsPublicKey *pub) { - return mclBnG2_getStr(buf, maxBufSize, &pub->v, 16); + return cast(&pub->v)->getStr(buf, maxBufSize, 16); } int blsSignatureSetHexStr(blsSignature *sig, const char *buf, mclSize bufSize) { - return mclBnG1_setStr(&sig->v, buf, bufSize, 16); + return cast(&sig->v)->deserialize(buf, bufSize, 16) > 0 ? 0 : -1; } mclSize blsSignatureGetHexStr(char *buf, mclSize maxBufSize, const blsSignature *sig) { - return mclBnG1_getStr(buf, maxBufSize, &sig->v, 16); + return cast(&sig->v)->getStr(buf, maxBufSize, 16); } void blsDHKeyExchange(blsPublicKey *out, const blsSecretKey *sec, const blsPublicKey *pub) { - mclBnG2_mulCT(&out->v, &pub->v, &sec->v); + GmulCT(*cast(&out->v), *cast(&pub->v), *cast(&sec->v)); } #endif diff --git a/vendor/github.com/dexon-foundation/bls/test/bls256_test.cpp b/vendor/github.com/dexon-foundation/bls/test/bls256_test.cpp new file mode 100644 index 000000000..e53a87057 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/test/bls256_test.cpp @@ -0,0 +1,3 @@ +#define MCLBN_FP_UNIT_SIZE 4 +#include "bls_test.hpp" + diff --git a/vendor/github.com/dexon-foundation/bls/test/bls384_256_test.cpp b/vendor/github.com/dexon-foundation/bls/test/bls384_256_test.cpp new file mode 100644 index 000000000..ea8126567 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/test/bls384_256_test.cpp @@ -0,0 +1,4 @@ +#define MCLBN_FP_UNIT_SIZE 6 +#define MCLBN_FR_UNIT_SIZE 4 +#include "bls_test.hpp" + diff --git a/vendor/github.com/dexon-foundation/bls/test/bls384_test.cpp b/vendor/github.com/dexon-foundation/bls/test/bls384_test.cpp new file mode 100644 index 000000000..2212f8e6b --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/test/bls384_test.cpp @@ -0,0 +1,3 @@ +#define MCLBN_FP_UNIT_SIZE 6 +#include "bls_test.hpp" + diff --git a/vendor/github.com/dexon-foundation/bls/test/bls_c256_test.cpp b/vendor/github.com/dexon-foundation/bls/test/bls_c256_test.cpp new file mode 100644 index 000000000..8613720b4 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/test/bls_c256_test.cpp @@ -0,0 +1,2 @@ +#define MCLBN_FP_UNIT_SIZE 4 +#include "bls_c_test.hpp" diff --git a/vendor/github.com/dexon-foundation/bls/test/bls_c384_256_test.cpp b/vendor/github.com/dexon-foundation/bls/test/bls_c384_256_test.cpp new file mode 100644 index 000000000..6f153f9d8 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/test/bls_c384_256_test.cpp @@ -0,0 +1,3 @@ +#define MCLBN_FP_UNIT_SIZE 6 +#define MCLBN_FR_UNIT_SIZE 4 +#include "bls_c_test.hpp" diff --git a/vendor/github.com/dexon-foundation/bls/test/bls_c384_test.cpp b/vendor/github.com/dexon-foundation/bls/test/bls_c384_test.cpp new file mode 100644 index 000000000..b6886dd04 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/test/bls_c384_test.cpp @@ -0,0 +1,2 @@ +#define MCLBN_FP_UNIT_SIZE 6 +#include "bls_c_test.hpp" diff --git a/vendor/github.com/dexon-foundation/bls/test/bls_c_test.hpp b/vendor/github.com/dexon-foundation/bls/test/bls_c_test.hpp new file mode 100644 index 000000000..e9b6e6302 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/test/bls_c_test.hpp @@ -0,0 +1,437 @@ +#include <cybozu/test.hpp> +#include <cybozu/inttype.hpp> +#include <bls/bls.h> +#include <string.h> +#include <cybozu/benchmark.hpp> +#include <mcl/gmp_util.hpp> + +size_t pubSize(size_t FrSize) +{ +#ifdef BLS_SWAP_G + return FrSize; +#else + return FrSize * 2; +#endif +} +size_t sigSize(size_t FrSize) +{ +#ifdef BLS_SWAP_G + return FrSize * 2; +#else + return FrSize; +#endif +} + +void bls_use_stackTest() +{ + blsSecretKey sec; + blsPublicKey pub; + blsSignature sig; + const char *msg = "this is a pen"; + const size_t msgSize = strlen(msg); + + blsSecretKeySetByCSPRNG(&sec); + + blsGetPublicKey(&pub, &sec); + + blsSign(&sig, &sec, msg, msgSize); + + CYBOZU_TEST_ASSERT(blsVerify(&sig, &pub, msg, msgSize)); +} + +void blsDataTest() +{ + const char *msg = "test test"; + const size_t msgSize = strlen(msg); + const size_t FrSize = blsGetFrByteSize(); + const size_t FpSize = blsGetG1ByteSize(); + blsSecretKey sec1, sec2; + blsSecretKeySetByCSPRNG(&sec1); + char buf[1024]; + size_t n; + size_t ret; + n = blsSecretKeyGetHexStr(buf, sizeof(buf), &sec1); + CYBOZU_TEST_ASSERT(0 < n && n <= FrSize * 2); + ret = blsSecretKeySetHexStr(&sec2, buf, n); + CYBOZU_TEST_EQUAL(ret, 0); + CYBOZU_TEST_ASSERT(blsSecretKeyIsEqual(&sec1, &sec2)); + + memset(&sec2, 0, sizeof(sec2)); + n = blsSecretKeySerialize(buf, sizeof(buf), &sec1); + CYBOZU_TEST_EQUAL(n, FrSize); + ret = blsSecretKeyDeserialize(&sec2, buf, n); + CYBOZU_TEST_EQUAL(ret, n); + CYBOZU_TEST_ASSERT(blsSecretKeyIsEqual(&sec1, &sec2)); + + blsPublicKey pub1, pub2; + blsGetPublicKey(&pub1, &sec1); + n = blsPublicKeySerialize(buf, sizeof(buf), &pub1); + CYBOZU_TEST_EQUAL(n, pubSize(FpSize)); + ret = blsPublicKeyDeserialize(&pub2, buf, n); + CYBOZU_TEST_EQUAL(ret, n); + CYBOZU_TEST_ASSERT(blsPublicKeyIsEqual(&pub1, &pub2)); + blsSignature sig1, sig2; + blsSign(&sig1, &sec1, msg, msgSize); + n = blsSignatureSerialize(buf, sizeof(buf), &sig1); + CYBOZU_TEST_EQUAL(n, sigSize(FpSize)); + ret = blsSignatureDeserialize(&sig2, buf, n); + CYBOZU_TEST_EQUAL(ret, n); + CYBOZU_TEST_ASSERT(blsSignatureIsEqual(&sig1, &sig2)); +} + +void blsOrderTest(const char *curveOrder/*Fr*/, const char *fieldOrder/*Fp*/) +{ + char buf[1024]; + size_t len; + len = blsGetCurveOrder(buf, sizeof(buf)); + CYBOZU_TEST_ASSERT(len > 0); + CYBOZU_TEST_EQUAL(buf, curveOrder); + len = blsGetFieldOrder(buf, sizeof(buf)); + CYBOZU_TEST_ASSERT(len > 0); + CYBOZU_TEST_EQUAL(buf, fieldOrder); +} + +#if !defined(DISABLE_THREAD_TEST) || defined(__clang__) +#if defined(CYBOZU_CPP_VERSION) && CYBOZU_CPP_VERSION >= CYBOZU_CPP_VERSION_CPP11 +#include <thread> +#include <vector> +struct Thread { + std::unique_ptr<std::thread> t; + Thread() : t() {} + ~Thread() + { + if (t) { + t->join(); + } + } + template<class F> + void run(F func, int p1, int p2) + { + t.reset(new std::thread(func, p1, p2)); + } +}; + +CYBOZU_TEST_AUTO(multipleInit) +{ + const size_t n = 100; + { + std::vector<Thread> vt(n); + for (size_t i = 0; i < n; i++) { + vt[i].run(blsInit, MCL_BN254, MCLBN_COMPILED_TIME_VAR); + } + } + CYBOZU_TEST_EQUAL(blsGetOpUnitSize(), 4u); +#if MCLBN_FP_UNIT_SIZE == 6 + { + std::vector<Thread> vt(n); + for (size_t i = 0; i < n; i++) { + vt[i].run(blsInit, MCL_BLS12_381, MCLBN_COMPILED_TIME_VAR); + } + } + CYBOZU_TEST_EQUAL(blsGetOpUnitSize(), 6u); +#endif +} +#endif +#endif + +void blsSerializeTest() +{ + const size_t FrSize = blsGetFrByteSize(); + const size_t FpSize = blsGetG1ByteSize(); + printf("FrSize=%d, FpSize=%d\n", (int)FrSize, (int)FpSize); + blsId id1, id2; + blsSecretKey sec1, sec2; + blsPublicKey pub1, pub2; + blsSignature sig1, sig2; + char buf[1024]; + size_t n; + size_t expectSize; + size_t ret; + const char dummyChar = '1'; + + // Id + expectSize = FrSize; + blsIdSetInt(&id1, -1); + n = blsIdSerialize(buf, sizeof(buf), &id1); + CYBOZU_TEST_EQUAL(n, expectSize); + + ret = blsIdDeserialize(&id2, buf, n); + CYBOZU_TEST_EQUAL(ret, n); + CYBOZU_TEST_ASSERT(blsIdIsEqual(&id1, &id2)); + + ret = blsIdDeserialize(&id2, buf, n - 1); + CYBOZU_TEST_EQUAL(ret, 0); + + memset(&id2, 0, sizeof(id2)); + buf[n] = dummyChar; + ret = blsIdDeserialize(&id2, buf, n + 1); + CYBOZU_TEST_EQUAL(ret, n); + CYBOZU_TEST_ASSERT(blsIdIsEqual(&id1, &id2)); + + n = blsIdSerialize(buf, expectSize, &id1); + CYBOZU_TEST_EQUAL(n, expectSize); + + // SecretKey + expectSize = FrSize; + blsSecretKeySetDecStr(&sec1, "-1", 2); + n = blsSecretKeySerialize(buf, sizeof(buf), &sec1); + CYBOZU_TEST_EQUAL(n, expectSize); + + ret = blsSecretKeyDeserialize(&sec2, buf, n); + CYBOZU_TEST_EQUAL(ret, n); + CYBOZU_TEST_ASSERT(blsSecretKeyIsEqual(&sec1, &sec2)); + + ret = blsSecretKeyDeserialize(&sec2, buf, n - 1); + CYBOZU_TEST_EQUAL(ret, 0); + + memset(&sec2, 0, sizeof(sec2)); + buf[n] = dummyChar; + ret = blsSecretKeyDeserialize(&sec2, buf, n + 1); + CYBOZU_TEST_EQUAL(ret, n); + CYBOZU_TEST_ASSERT(blsSecretKeyIsEqual(&sec1, &sec2)); + + n = blsSecretKeySerialize(buf, expectSize, &sec1); + CYBOZU_TEST_EQUAL(n, expectSize); + + // PublicKey + expectSize = pubSize(FpSize); + blsGetPublicKey(&pub1, &sec1); + n = blsPublicKeySerialize(buf, sizeof(buf), &pub1); + CYBOZU_TEST_EQUAL(n, expectSize); + CYBOZU_TEST_ASSERT(blsPublicKeyIsValidOrder(&pub1)); + + ret = blsPublicKeyDeserialize(&pub2, buf, n); + CYBOZU_TEST_EQUAL(ret, n); + CYBOZU_TEST_ASSERT(blsPublicKeyIsEqual(&pub1, &pub2)); + + ret = blsPublicKeyDeserialize(&pub2, buf, n - 1); + CYBOZU_TEST_EQUAL(ret, 0); + + memset(&pub2, 0, sizeof(pub2)); + buf[n] = dummyChar; + ret = blsPublicKeyDeserialize(&pub2, buf, n + 1); + CYBOZU_TEST_EQUAL(ret, n); + CYBOZU_TEST_ASSERT(blsPublicKeyIsEqual(&pub1, &pub2)); + + n = blsPublicKeySerialize(buf, expectSize, &pub1); + CYBOZU_TEST_EQUAL(n, expectSize); + + // Signature +#ifdef BLS_SWAP_G + expectSize = FpSize * 2; +#else + expectSize = FpSize; +#endif + blsSign(&sig1, &sec1, "abc", 3); + n = blsSignatureSerialize(buf, sizeof(buf), &sig1); + CYBOZU_TEST_EQUAL(n, expectSize); + CYBOZU_TEST_ASSERT(blsSignatureIsValidOrder(&sig1)); + + ret = blsSignatureDeserialize(&sig2, buf, n); + CYBOZU_TEST_EQUAL(ret, n); + CYBOZU_TEST_ASSERT(blsSignatureIsEqual(&sig1, &sig2)); + + ret = blsSignatureDeserialize(&sig2, buf, n - 1); + CYBOZU_TEST_EQUAL(ret, 0); + + memset(&sig2, 0, sizeof(sig2)); + buf[n] = dummyChar; + ret = blsSignatureDeserialize(&sig2, buf, n + 1); + CYBOZU_TEST_EQUAL(ret, n); + CYBOZU_TEST_ASSERT(blsSignatureIsEqual(&sig1, &sig2)); + + n = blsSignatureSerialize(buf, expectSize, &sig1); + CYBOZU_TEST_EQUAL(n, expectSize); +} + +void blsVerifyOrderTest() +{ + puts("blsVerifyOrderTest"); +#ifdef BLS_SWAP_G + const uint8_t Qs[] = +#else + const uint8_t Ps[] = +#endif + { +0x7b, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, + }; +#ifdef BLS_SWAP_G + const uint8_t Ps[] = +#else + const uint8_t Qs[] = +#endif + { +0x7c, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, + }; + size_t n; + blsPublicKey pub; + n = blsPublicKeyDeserialize(&pub, Ps, sizeof(Ps)); + CYBOZU_TEST_EQUAL(n, 0); + blsPublicKeyVerifyOrder(0); + n = blsPublicKeyDeserialize(&pub, Ps, sizeof(Ps)); + CYBOZU_TEST_ASSERT(n > 0); + CYBOZU_TEST_ASSERT(!blsPublicKeyIsValidOrder(&pub)); + blsPublicKeyVerifyOrder(1); + + blsSignature sig; + n = blsSignatureDeserialize(&sig, Qs, sizeof(Qs)); + CYBOZU_TEST_EQUAL(n, 0); + blsSignatureVerifyOrder(0); + n = blsSignatureDeserialize(&sig, Qs, sizeof(Qs)); + CYBOZU_TEST_ASSERT(n > 0); + CYBOZU_TEST_ASSERT(!blsSignatureIsValidOrder(&sig)); + blsSignatureVerifyOrder(1); +} + +void blsAddSubTest() +{ + blsSecretKey sec[3]; + blsPublicKey pub[3]; + blsSignature sig[3]; + const char *msg = "this is a pen"; + const size_t msgSize = strlen(msg); + + const char *secHexStr[8] = { "12", "34" }; + for (int i = 0; i < 2; i++) { + blsSecretKeySetHexStr(&sec[i], secHexStr[i], strlen(secHexStr[i])); + blsGetPublicKey(&pub[i], &sec[i]); + blsSign(&sig[i], &sec[i], msg, msgSize); + } + sec[2] = sec[0]; + blsSecretKeyAdd(&sec[2], &sec[1]); + char buf[1024]; + size_t n = blsSecretKeyGetHexStr(buf, sizeof(buf), &sec[2]); + CYBOZU_TEST_EQUAL(n, 2); + CYBOZU_TEST_EQUAL(buf, "46"); // "12" + "34" + + pub[2] = pub[0]; + blsPublicKeyAdd(&pub[2], &pub[1]); + sig[2] = sig[0]; + blsSignatureAdd(&sig[2], &sig[1]); // sig[2] = sig[0] + sig[1] + blsSignature sig2; + blsSign(&sig2, &sec[2], msg, msgSize); // sig2 = signature by sec[2] + CYBOZU_TEST_ASSERT(blsSignatureIsEqual(&sig2, &sig[2])); + CYBOZU_TEST_ASSERT(blsVerify(&sig[2], &pub[2], msg, msgSize)); // verify by pub[2] + + blsSecretKeySub(&sec[2], &sec[1]); + CYBOZU_TEST_ASSERT(blsSecretKeyIsEqual(&sec[2], &sec[0])); + blsPublicKeySub(&pub[2], &pub[1]); + CYBOZU_TEST_ASSERT(blsPublicKeyIsEqual(&pub[2], &pub[0])); + blsSignatureSub(&sig[2], &sig[1]); + CYBOZU_TEST_ASSERT(blsSignatureIsEqual(&sig[2], &sig[0])); +} + +void blsTrivialShareTest() +{ + blsSecretKey sec1, sec2; + blsPublicKey pub1, pub2; + blsId id; + blsIdSetInt(&id, 123); + + blsSecretKeySetByCSPRNG(&sec1); + blsGetPublicKey(&pub1, &sec1); + int ret; + + memset(&sec2, 0, sizeof(sec2)); + ret = blsSecretKeyShare(&sec2, &sec1, 1, &id); + CYBOZU_TEST_EQUAL(ret, 0); + CYBOZU_TEST_ASSERT(blsSecretKeyIsEqual(&sec1, &sec2)); + memset(&sec2, 0, sizeof(sec2)); + ret = blsSecretKeyRecover(&sec2, &sec1, &id, 1); + CYBOZU_TEST_EQUAL(ret, 0); + CYBOZU_TEST_ASSERT(blsSecretKeyIsEqual(&sec1, &sec2)); + + memset(&pub2, 0, sizeof(pub2)); + ret = blsPublicKeyShare(&pub2, &pub1, 1, &id); + CYBOZU_TEST_EQUAL(ret, 0); + CYBOZU_TEST_ASSERT(blsPublicKeyIsEqual(&pub1, &pub2)); + memset(&pub2, 0, sizeof(pub2)); + ret = blsPublicKeyRecover(&pub2, &pub1, &id, 1); + CYBOZU_TEST_EQUAL(ret, 0); + CYBOZU_TEST_ASSERT(blsPublicKeyIsEqual(&pub1, &pub2)); +} + +void modTest(const char *rStr) +{ + unsigned char buf[1024] = {}; + int ret; + blsSecretKey sec; + const size_t maxByte = 64; // 512-bit + memset(buf, 0xff, maxByte); + ret = blsSecretKeySetLittleEndianMod(&sec, buf, maxByte); + CYBOZU_TEST_EQUAL(ret, 0); + const mpz_class x = (mpz_class(1) << (maxByte * 8)) - 1; // 512-bit 0xff....ff + const mpz_class r(rStr); + size_t n = blsSecretKeySerialize(buf, sizeof(buf), &sec); + CYBOZU_TEST_ASSERT(n > 0); + // serialized data to mpz_class + mpz_class y = 0; + for (size_t i = 0; i < n; i++) { + y <<= 8; + y += buf[n - 1 - i]; + } + CYBOZU_TEST_EQUAL(y, x % r); +} + +void blsBench() +{ + blsSecretKey sec; + blsPublicKey pub; + blsSignature sig; + const char *msg = "this is a pen"; + const size_t msgSize = strlen(msg); + + blsSecretKeySetByCSPRNG(&sec); + + blsGetPublicKey(&pub, &sec); + + CYBOZU_BENCH_C("sign", 10000, blsSign, &sig, &sec, msg, msgSize); + CYBOZU_BENCH_C("verify", 1000, blsVerify, &sig, &pub, msg, msgSize); +} + +CYBOZU_TEST_AUTO(all) +{ + const struct { + int curveType; + const char *r; + const char *p; + } tbl[] = { + { + MCL_BN254, + "16798108731015832284940804142231733909759579603404752749028378864165570215949", + "16798108731015832284940804142231733909889187121439069848933715426072753864723", + }, +#if MCLBN_FP_UNIT_SIZE == 6 && MCLBN_FR_UNIT_SIZE == 6 + { + MCL_BN381_1, + "5540996953667913971058039301942914304734176495422447785042938606876043190415948413757785063597439175372845535461389", + "5540996953667913971058039301942914304734176495422447785045292539108217242186829586959562222833658991069414454984723", + }, +#endif +#if MCLBN_FP_UNIT_SIZE == 6 && MCLBN_FR_UNIT_SIZE >= 4 + { + MCL_BLS12_381, + "52435875175126190479447740508185965837690552500527637822603658699938581184513", + "4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272559787", + }, +#endif + }; + for (size_t i = 0; i < sizeof(tbl) / sizeof(tbl[0]); i++) { + printf("i=%d\n", (int)i); + int ret = blsInit(tbl[i].curveType, MCLBN_COMPILED_TIME_VAR); + CYBOZU_TEST_EQUAL(ret, 0); + if (ret) { + printf("ERR %d\n", ret); + exit(1); + } + bls_use_stackTest(); + blsDataTest(); + blsOrderTest(tbl[i].r, tbl[i].p); + blsSerializeTest(); + if (tbl[i].curveType == MCL_BLS12_381) blsVerifyOrderTest(); + blsAddSubTest(); + blsTrivialShareTest(); + modTest(tbl[i].r); + blsBench(); + } +} diff --git a/vendor/github.com/dexon-foundation/bls/test/bls_test.hpp b/vendor/github.com/dexon-foundation/bls/test/bls_test.hpp new file mode 100644 index 000000000..346fafe15 --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/test/bls_test.hpp @@ -0,0 +1,545 @@ +#include <bls/bls.hpp> +#include <cybozu/test.hpp> +#include <cybozu/inttype.hpp> +#include <iostream> +#include <sstream> +#include <cybozu/benchmark.hpp> +#include <cybozu/sha2.hpp> + +template<class T> +void streamTest(const T& t) +{ + std::ostringstream oss; + oss << t; + std::istringstream iss(oss.str()); + T t2; + iss >> t2; + CYBOZU_TEST_EQUAL(t, t2); +} + +template<class T> +void testSetForBN254() +{ + /* + mask value to be less than r if the value >= (1 << (192 + 62)) + */ + const uint64_t fff = uint64_t(-1); + const uint64_t one = uint64_t(1); + const struct { + uint64_t in; + uint64_t expected; + } tbl[] = { + { fff, (one << 61) - 1 }, // masked with (1 << 61) - 1 + { one << 62, 0 }, // masked + { (one << 62) | (one << 61), (one << 61) }, // masked + { (one << 61) - 1, (one << 61) - 1 }, // same + }; + T t1, t2; + for (size_t i = 0; i < CYBOZU_NUM_OF_ARRAY(tbl); i++) { + uint64_t v1[] = { fff, fff, fff, tbl[i].in }; + uint64_t v2[] = { fff, fff, fff, tbl[i].expected }; + t1.set(v1); + t2.set(v2); + CYBOZU_TEST_EQUAL(t1, t2); + } +} + +void testForBN254() +{ + CYBOZU_TEST_EQUAL(bls::getOpUnitSize(), 4); + bls::Id id; + CYBOZU_TEST_ASSERT(id.isZero()); + id = 5; + CYBOZU_TEST_EQUAL(id, 5); + { + const uint64_t id1[] = { 1, 2, 3, 4 }; + id.set(id1); + std::ostringstream os; + os << id; + CYBOZU_TEST_EQUAL(os.str(), "0x4000000000000000300000000000000020000000000000001"); + } + testSetForBN254<bls::Id>(); + testSetForBN254<bls::SecretKey>(); +} + +void hashTest(int type) +{ + bls::SecretKey sec; + sec.init(); + bls::PublicKey pub; + sec.getPublicKey(pub); + const std::string h = "\x01\x02\x03"; + bls::Signature sig; + sec.signHash(sig, h); + CYBOZU_TEST_ASSERT(sig.verifyHash(pub, h)); + CYBOZU_TEST_ASSERT(!sig.verifyHash(pub, "\x01\x02\04")); + if (type == MCL_BN254) { + CYBOZU_TEST_EXCEPTION(sec.signHash(sig, "", 0), std::exception); + CYBOZU_TEST_EXCEPTION(sec.signHash(sig, "\x00", 1), std::exception); + CYBOZU_TEST_EXCEPTION(sec.signHash(sig, "\x00\x00", 2), std::exception); +#ifndef BLS_SWAP_G + const uint64_t c1[] = { 0x0c00000000000004ull, 0xcf0f000000000006ull, 0x26cd890000000003ull, 0x2523648240000001ull }; + const uint64_t mc1[] = { 0x9b0000000000000full, 0x921200000000000dull, 0x9366c48000000004ull }; + CYBOZU_TEST_EXCEPTION(sec.signHash(sig, c1, 32), std::exception); + CYBOZU_TEST_EXCEPTION(sec.signHash(sig, mc1, 24), std::exception); +#endif + } +} + +void blsTest() +{ + bls::SecretKey sec; + sec.init(); + streamTest(sec); + bls::PublicKey pub; + sec.getPublicKey(pub); + streamTest(pub); + for (int i = 0; i < 5; i++) { + std::string m = "hello"; + m += char('0' + i); + bls::Signature sig; + sec.sign(sig, m); + CYBOZU_TEST_ASSERT(sig.verify(pub, m)); + CYBOZU_TEST_ASSERT(!sig.verify(pub, m + "a")); + streamTest(sig); + CYBOZU_BENCH_C("sign", 10000, sec.sign, sig, m); + CYBOZU_BENCH_C("verify", 1000, sig.verify, pub, m); + } +} + +void k_of_nTest() +{ + const std::string m = "abc"; + const int n = 5; + const int k = 3; + bls::SecretKey sec0; + sec0.init(); + bls::Signature sig0; + sec0.sign(sig0, m); + bls::PublicKey pub0; + sec0.getPublicKey(pub0); + CYBOZU_TEST_ASSERT(sig0.verify(pub0, m)); + + bls::SecretKeyVec msk; + sec0.getMasterSecretKey(msk, k); + + bls::SecretKeyVec allPrvVec(n); + bls::IdVec allIdVec(n); + for (int i = 0; i < n; i++) { + int id = i + 1; + allPrvVec[i].set(msk, id); + allIdVec[i] = id; + + bls::SecretKey p; + p.set(msk.data(), k, id); + CYBOZU_TEST_EQUAL(allPrvVec[i], p); + } + + bls::SignatureVec allSigVec(n); + for (int i = 0; i < n; i++) { + CYBOZU_TEST_ASSERT(allPrvVec[i] != sec0); + allPrvVec[i].sign(allSigVec[i], m); + bls::PublicKey pub; + allPrvVec[i].getPublicKey(pub); + CYBOZU_TEST_ASSERT(pub != pub0); + CYBOZU_TEST_ASSERT(allSigVec[i].verify(pub, m)); + } + + /* + 3-out-of-n + can recover + */ + bls::SecretKeyVec secVec(3); + bls::IdVec idVec(3); + for (int a = 0; a < n; a++) { + secVec[0] = allPrvVec[a]; + idVec[0] = allIdVec[a]; + for (int b = a + 1; b < n; b++) { + secVec[1] = allPrvVec[b]; + idVec[1] = allIdVec[b]; + for (int c = b + 1; c < n; c++) { + secVec[2] = allPrvVec[c]; + idVec[2] = allIdVec[c]; + bls::SecretKey sec; + sec.recover(secVec, idVec); + CYBOZU_TEST_EQUAL(sec, sec0); + bls::SecretKey sec2; + sec2.recover(secVec.data(), idVec.data(), secVec.size()); + CYBOZU_TEST_EQUAL(sec, sec2); + } + } + } + { + secVec[0] = allPrvVec[0]; + secVec[1] = allPrvVec[1]; + secVec[2] = allPrvVec[0]; // same of secVec[0] + idVec[0] = allIdVec[0]; + idVec[1] = allIdVec[1]; + idVec[2] = allIdVec[0]; + bls::SecretKey sec; + CYBOZU_TEST_EXCEPTION_MESSAGE(sec.recover(secVec, idVec), std::exception, "same id"); + } + { + /* + n-out-of-n + can recover + */ + bls::SecretKey sec; + sec.recover(allPrvVec, allIdVec); + CYBOZU_TEST_EQUAL(sec, sec0); + } + /* + 2-out-of-n + can't recover + */ + secVec.resize(2); + idVec.resize(2); + for (int a = 0; a < n; a++) { + secVec[0] = allPrvVec[a]; + idVec[0] = allIdVec[a]; + for (int b = a + 1; b < n; b++) { + secVec[1] = allPrvVec[b]; + idVec[1] = allIdVec[b]; + bls::SecretKey sec; + sec.recover(secVec, idVec); + CYBOZU_TEST_ASSERT(sec != sec0); + } + } + /* + 3-out-of-n + can recover + */ + bls::SignatureVec sigVec(3); + idVec.resize(3); + for (int a = 0; a < n; a++) { + sigVec[0] = allSigVec[a]; + idVec[0] = allIdVec[a]; + for (int b = a + 1; b < n; b++) { + sigVec[1] = allSigVec[b]; + idVec[1] = allIdVec[b]; + for (int c = b + 1; c < n; c++) { + sigVec[2] = allSigVec[c]; + idVec[2] = allIdVec[c]; + bls::Signature sig; + sig.recover(sigVec, idVec); + CYBOZU_TEST_EQUAL(sig, sig0); + } + } + } + { + sigVec[0] = allSigVec[1]; idVec[0] = allIdVec[1]; + sigVec[1] = allSigVec[4]; idVec[1] = allIdVec[4]; + sigVec[2] = allSigVec[3]; idVec[2] = allIdVec[3]; + bls::Signature sig; + CYBOZU_BENCH_C("sig.recover", 100, sig.recover, sigVec, idVec); + } + { + /* + n-out-of-n + can recover + */ + bls::Signature sig; + sig.recover(allSigVec, allIdVec); + CYBOZU_TEST_EQUAL(sig, sig0); + } + /* + 2-out-of-n + can't recover + */ + sigVec.resize(2); + idVec.resize(2); + for (int a = 0; a < n; a++) { + sigVec[0] = allSigVec[a]; + idVec[0] = allIdVec[a]; + for (int b = a + 1; b < n; b++) { + sigVec[1] = allSigVec[b]; + idVec[1] = allIdVec[b]; + bls::Signature sig; + sig.recover(sigVec, idVec); + CYBOZU_TEST_ASSERT(sig != sig0); + } + } + // return same value if n = 1 + sigVec.resize(1); + idVec.resize(1); + sigVec[0] = allSigVec[0]; + idVec[0] = allIdVec[0]; + { + bls::Signature sig; + sig.recover(sigVec, idVec); + CYBOZU_TEST_EQUAL(sig, sigVec[0]); + } + // share and recover publicKey + { + bls::PublicKeyVec pubVec(k); + idVec.resize(k); + // select [0, k) publicKey + for (int i = 0; i < k; i++) { + allPrvVec[i].getPublicKey(pubVec[i]); + idVec[i] = allIdVec[i]; + } + bls::PublicKey pub; + pub.recover(pubVec, idVec); + CYBOZU_TEST_EQUAL(pub, pub0); + bls::PublicKey pub2; + pub2.recover(pubVec.data(), idVec.data(), pubVec.size()); + CYBOZU_TEST_EQUAL(pub, pub2); + } +} + +void popTest() +{ + const size_t k = 3; + const size_t n = 6; + const std::string m = "pop test"; + bls::SecretKey sec0; + sec0.init(); + bls::PublicKey pub0; + sec0.getPublicKey(pub0); + bls::Signature sig0; + sec0.sign(sig0, m); + CYBOZU_TEST_ASSERT(sig0.verify(pub0, m)); + + bls::SecretKeyVec msk; + sec0.getMasterSecretKey(msk, k); + + bls::PublicKeyVec mpk; + bls::getMasterPublicKey(mpk, msk); + bls::SignatureVec popVec; + bls::getPopVec(popVec, msk); + + for (size_t i = 0; i < popVec.size(); i++) { + CYBOZU_TEST_ASSERT(popVec[i].verify(mpk[i])); + } + + const int idTbl[n] = { + 3, 5, 193, 22, 15 + }; + bls::SecretKeyVec secVec(n); + bls::PublicKeyVec pubVec(n); + bls::SignatureVec sVec(n); + for (size_t i = 0; i < n; i++) { + int id = idTbl[i]; + secVec[i].set(msk, id); + secVec[i].getPublicKey(pubVec[i]); + bls::PublicKey pub; + pub.set(mpk, id); + CYBOZU_TEST_EQUAL(pubVec[i], pub); + + bls::Signature pop; + secVec[i].getPop(pop); + CYBOZU_TEST_ASSERT(pop.verify(pubVec[i])); + + secVec[i].sign(sVec[i], m); + CYBOZU_TEST_ASSERT(sVec[i].verify(pubVec[i], m)); + } + secVec.resize(k); + sVec.resize(k); + bls::IdVec idVec(k); + for (size_t i = 0; i < k; i++) { + idVec[i] = idTbl[i]; + } + bls::SecretKey sec; + sec.recover(secVec, idVec); + CYBOZU_TEST_EQUAL(sec, sec0); + bls::Signature sig; + sig.recover(sVec, idVec); + CYBOZU_TEST_EQUAL(sig, sig0); + bls::Signature sig2; + sig2.recover(sVec.data(), idVec.data(), sVec.size()); + CYBOZU_TEST_EQUAL(sig, sig2); +} + +void addTest() +{ + bls::SecretKey sec1, sec2; + sec1.init(); + sec2.init(); + CYBOZU_TEST_ASSERT(sec1 != sec2); + + bls::PublicKey pub1, pub2; + sec1.getPublicKey(pub1); + sec2.getPublicKey(pub2); + + const std::string m = "doremi"; + bls::Signature sig1, sig2; + sec1.sign(sig1, m); + sec2.sign(sig2, m); + CYBOZU_TEST_ASSERT((sig1 + sig2).verify(pub1 + pub2, m)); +} + +void aggregateTest() +{ + const size_t n = 10; + bls::SecretKey secs[n]; + bls::PublicKey pubs[n], pub; + bls::Signature sigs[n], sig; + const std::string m = "abc"; + for (size_t i = 0; i < n; i++) { + secs[i].init(); + secs[i].getPublicKey(pubs[i]); + secs[i].sign(sigs[i], m); + } + pub = pubs[0]; + sig = sigs[0]; + for (size_t i = 1; i < n; i++) { + pub.add(pubs[i]); + sig.add(sigs[i]); + } + CYBOZU_TEST_ASSERT(sig.verify(pub, m)); +} + +void dataTest() +{ + const size_t FrSize = bls::getFrByteSize(); + const size_t FpSize = bls::getG1ByteSize(); + bls::SecretKey sec; + sec.init(); + std::string str; + sec.getStr(str, bls::IoFixedByteSeq); + { + CYBOZU_TEST_EQUAL(str.size(), FrSize); + bls::SecretKey sec2; + sec2.setStr(str, bls::IoFixedByteSeq); + CYBOZU_TEST_EQUAL(sec, sec2); + } + bls::PublicKey pub; + sec.getPublicKey(pub); + pub.getStr(str, bls::IoFixedByteSeq); + { +#ifdef BLS_SWAP_G + CYBOZU_TEST_EQUAL(str.size(), FpSize); +#else + CYBOZU_TEST_EQUAL(str.size(), FpSize * 2); +#endif + bls::PublicKey pub2; + pub2.setStr(str, bls::IoFixedByteSeq); + CYBOZU_TEST_EQUAL(pub, pub2); + } + std::string m = "abc"; + bls::Signature sign; + sec.sign(sign, m); + sign.getStr(str, bls::IoFixedByteSeq); + { +#ifdef BLS_SWAP_G + CYBOZU_TEST_EQUAL(str.size(), FpSize * 2); +#else + CYBOZU_TEST_EQUAL(str.size(), FpSize); +#endif + bls::Signature sign2; + sign2.setStr(str, bls::IoFixedByteSeq); + CYBOZU_TEST_EQUAL(sign, sign2); + } + bls::Id id; + const uint64_t v[] = { 1, 2, 3, 4, 5, 6, }; + id.set(v); + id.getStr(str, bls::IoFixedByteSeq); + { + CYBOZU_TEST_EQUAL(str.size(), FrSize); + bls::Id id2; + id2.setStr(str, bls::IoFixedByteSeq); + CYBOZU_TEST_EQUAL(id, id2); + } +} + +void verifyAggregateTest() +{ + const size_t n = 10; + bls::SecretKey secs[n]; + bls::PublicKey pubs[n]; + bls::Signature sigs[n], sig; + const size_t sizeofHash = 32; + struct Hash { char data[sizeofHash]; }; + std::vector<Hash> h(n); + for (size_t i = 0; i < n; i++) { + char msg[128]; + CYBOZU_SNPRINTF(msg, sizeof(msg), "abc-%d", (int)i); + const size_t msgSize = strlen(msg); + cybozu::Sha256().digest(h[i].data, sizeofHash, msg, msgSize); + secs[i].init(); + secs[i].getPublicKey(pubs[i]); + secs[i].signHash(sigs[i], h[i].data, sizeofHash); + } + sig = sigs[0]; + for (size_t i = 1; i < n; i++) { + sig.add(sigs[i]); + } + CYBOZU_TEST_ASSERT(sig.verifyAggregatedHashes(pubs, h.data(), sizeofHash, n)); + bls::Signature invalidSig = sigs[0] + sigs[1]; + CYBOZU_TEST_ASSERT(!invalidSig.verifyAggregatedHashes(pubs, h.data(), sizeofHash, n)); + h[0].data[0]++; + CYBOZU_TEST_ASSERT(!sig.verifyAggregatedHashes(pubs, h.data(), sizeofHash, n)); +} + +unsigned int writeSeq(void *self, void *buf, unsigned int bufSize) +{ + int& seq = *(int*)self; + char *p = (char *)buf; + for (unsigned int i = 0; i < bufSize; i++) { + p[i] = char(seq++); + } + return bufSize; +} + +void setRandFuncTest() +{ + blsSecretKey sec; + const int seqInit1 = 5; + int seq = seqInit1; + blsSetRandFunc(&seq, writeSeq); + blsSecretKeySetByCSPRNG(&sec); + unsigned char buf[128]; + size_t n = blsSecretKeySerialize(buf, sizeof(buf), &sec); + CYBOZU_TEST_ASSERT(n > 0); + for (size_t i = 0; i < n - 1; i++) { + // ommit buf[n - 1] because it may be masked + CYBOZU_TEST_EQUAL(buf[i], seqInit1 + i); + } + // use default CSPRNG + blsSetRandFunc(0, 0); + blsSecretKeySetByCSPRNG(&sec); + n = blsSecretKeySerialize(buf, sizeof(buf), &sec); + CYBOZU_TEST_ASSERT(n > 0); + printf("sec="); + for (size_t i = 0; i < n; i++) { + printf("%02x", buf[i]); + } + printf("\n"); +} + +void testAll() +{ + blsTest(); + k_of_nTest(); + popTest(); + addTest(); + dataTest(); + aggregateTest(); + verifyAggregateTest(); + setRandFuncTest(); +} +CYBOZU_TEST_AUTO(all) +{ + const struct { + int type; + const char *name; + } tbl[] = { + { MCL_BN254, "BN254" }, +#if MCLBN_FP_UNIT_SIZE == 6 && MCLBN_FR_UNIT_SIZE == 6 + { MCL_BN381_1, "BN381_1" }, +#endif +#if MCLBN_FP_UNIT_SIZE == 6 && MCLBN_FR_UNIT_SIZE == 4 + { MCL_BLS12_381, "BLS12_381" }, +#endif + }; + for (size_t i = 0; i < CYBOZU_NUM_OF_ARRAY(tbl); i++) { + printf("curve=%s\n", tbl[i].name); + int type = tbl[i].type; + bls::init(type); + if (type == MCL_BN254) { + testForBN254(); + } + testAll(); + hashTest(type); + } +} diff --git a/vendor/github.com/dexon-foundation/bls/test/proj/bls_test/bls_test.vcxproj b/vendor/github.com/dexon-foundation/bls/test/proj/bls_test/bls_test.vcxproj new file mode 100644 index 000000000..1755135fb --- /dev/null +++ b/vendor/github.com/dexon-foundation/bls/test/proj/bls_test/bls_test.vcxproj @@ -0,0 +1,88 @@ +<?xml version="1.0" encoding="utf-8"?> +<Project DefaultTargets="Build" ToolsVersion="14.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> + <ItemGroup Label="ProjectConfigurations"> + <ProjectConfiguration Include="Debug|x64"> + <Configuration>Debug</Configuration> + <Platform>x64</Platform> + </ProjectConfiguration> + <ProjectConfiguration Include="Release|x64"> + <Configuration>Release</Configuration> + <Platform>x64</Platform> + </ProjectConfiguration> + </ItemGroup> + <PropertyGroup Label="Globals"> + <ProjectGuid>{51266DE6-B57B-4AE3-B85C-282F170E1728}</ProjectGuid> + <Keyword>Win32Proj</Keyword> + <RootNamespace>fp_test</RootNamespace> + </PropertyGroup> + <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" /> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration"> + <ConfigurationType>Application</ConfigurationType> + <UseDebugLibraries>true</UseDebugLibraries> + <PlatformToolset>v140</PlatformToolset> + <CharacterSet>MultiByte</CharacterSet> + </PropertyGroup> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration"> + <ConfigurationType>Application</ConfigurationType> + <UseDebugLibraries>false</UseDebugLibraries> + <PlatformToolset>v140</PlatformToolset> + <WholeProgramOptimization>true</WholeProgramOptimization> + <CharacterSet>MultiByte</CharacterSet> + </PropertyGroup> + <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" /> + <ImportGroup Label="ExtensionSettings"> + </ImportGroup> + <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets"> + <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" /> + <Import Project="$(SolutionDir)common.props" /> + <Import Project="$(SolutionDir)debug.props" /> + </ImportGroup> + <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets"> + <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" /> + <Import Project="$(SolutionDir)common.props" /> + <Import Project="$(SolutionDir)release.props" /> + </ImportGroup> + <PropertyGroup Label="UserMacros" /> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> + <LinkIncremental>true</LinkIncremental> + </PropertyGroup> + <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> + <LinkIncremental>false</LinkIncremental> + </PropertyGroup> + <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> + <ClCompile> + <PrecompiledHeader> + </PrecompiledHeader> + <WarningLevel>Level3</WarningLevel> + <Optimization>Disabled</Optimization> + <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions> + </ClCompile> + <Link> + <SubSystem>Console</SubSystem> + <GenerateDebugInformation>true</GenerateDebugInformation> + </Link> + </ItemDefinitionGroup> + <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> + <ClCompile> + <WarningLevel>Level3</WarningLevel> + <PrecompiledHeader> + </PrecompiledHeader> + <Optimization>MaxSpeed</Optimization> + <FunctionLevelLinking>true</FunctionLevelLinking> + <IntrinsicFunctions>true</IntrinsicFunctions> + <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions> + </ClCompile> + <Link> + <SubSystem>Console</SubSystem> + <GenerateDebugInformation>true</GenerateDebugInformation> + <EnableCOMDATFolding>true</EnableCOMDATFolding> + <OptimizeReferences>true</OptimizeReferences> + </Link> + </ItemDefinitionGroup> + <ItemGroup> + <ClCompile Include="$(SolutionDir)test\\bls_test.cpp" /> + </ItemGroup> + <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" /> + <ImportGroup Label="ExtensionTargets"> + </ImportGroup> +</Project>
\ No newline at end of file |