~moody/libdp9ik

libdp9ik/spake2ee.go -rw-r--r-- 1.6 KiB
4efa26b9 — Jacob Moody Progress made towards authpak_new and authpak_finish 9 months ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
package libdp9ik

import (
	"math/big"
)

func legendresymbol(a *big.Int, p *big.Int, r *big.Int) {
	pm1 := big.NewInt(0)
	pm1.Sub(p, big.NewInt(1))
	r.Rsh(pm1, 1)
	r.Exp(a, r, p)
	if r.Cmp(pm1) == 0 {
		r.SetInt64(-1)
	}
}

func Spake2ee_h2P(p *big.Int, a *big.Int, d *big.Int, h *big.Int, PX *big.Int, PY *big.Int, PZ *big.Int, PT *big.Int) {
	n := big.NewInt(2)
	for {
		tmp1 := big.NewInt(0)
		legendresymbol(n, p, tmp1)
		tmp2 := big.NewInt(-1)
		if tmp1.Cmp(tmp2) != 0 {
			n = n.Add(n, big.NewInt(1))
		} else {
			break
		}
	}
	tmp3 := big.NewInt(0)
	tmp3.Mod(h, p)
	elligator2(p, a, d, n, tmp3, PX, PY, PZ, PT)
}

func Spake2ee_1(p *big.Int, a *big.Int, d *big.Int, x *big.Int, GX *big.Int, GY *big.Int, PX *big.Int, PY *big.Int, PZ *big.Int, PT *big.Int, y *big.Int) {
	T := big.NewInt(0)
	Z := big.NewInt(0)
	Y := big.NewInt(0)
	X := big.NewInt(0)
	tmp1 := big.NewInt(0)
	modmul(GX, GY, p, tmp1)
	edwards_scale(p, a, d, x, GX, GY, big.NewInt(1), tmp1, X, Y, Z, T)
	edwards_add(p, a, d, X, Y, Z, T, PX, PY, PZ, PT, X, Y, Z, T)
	decaf_encode(p, a, d, X, Y, Z, T, y)
}

func Spake2ee_2(p *big.Int, a *big.Int, d *big.Int, PX *big.Int, PY *big.Int, PZ *big.Int, PT *big.Int, x *big.Int, y *big.Int, ok *big.Int, z *big.Int) {
	T := big.NewInt(0)
	Z := big.NewInt(0)
	Y := big.NewInt(0)
	X := big.NewInt(0)
	decaf_decode(p, a, d, y, ok, X, Y, Z, T)
	if ok.Cmp(big.NewInt(0)) != 0 {
		tmp1 := big.NewInt(0)
		modsub(big.NewInt(0), PX, p, tmp1)
		tmp2 := big.NewInt(0)
		modsub(big.NewInt(0), PT, p, tmp2)
		edwards_add(p, a, d, X, Y, Z, T, tmp1, PY, PZ, tmp2, X, Y, Z, T)
		edwards_scale(p, a, d, x, X, Y, Z, T, X, Y, Z, T)
		decaf_encode(p, a, d, X, Y, Z, T, z)
	}
}