libtc  20160415
Threshold Cryptography functions library
algorithms_node_sign.c
Go to the documentation of this file.
1 #include <gmp.h>
2 #include <mhash.h>
3 #include "mathutils.h"
4 #include "tc.h"
5 #include "tc_internal.h"
6 
7 /*
8  Signs the document with the nodes share.
9  It is supposed that all integers are initialized. Even the ones in signatureshare_t out.
10  */
11 
21 const unsigned int HASH_LEN = 32; // sha256 => 256 bits => 32 bytes
22 
23 signature_share_t * tc_node_sign(const key_share_t * share, const bytes_t * doc, const key_metainfo_t * info){
25 
26  mpz_t x, n, e, s_i, v, u, vk_i, xi, xi_2, r, v_prime, x_tilde, x_prime, c, z;
27  mpz_inits(x, n, e, s_i, v, u, vk_i, xi, xi_2, r, v_prime, x_tilde, x_prime, c, z, NULL);
28 
29  TC_BYTES_TO_MPZ(x, doc);
30  TC_BYTES_TO_MPZ(n, info->public_key->n);
31  TC_BYTES_TO_MPZ(e, info->public_key->e);
32  TC_BYTES_TO_MPZ(s_i, share->s_i);
33  TC_BYTES_TO_MPZ(v, info->vk_v);
34  TC_BYTES_TO_MPZ(u, info->vk_u);
35  TC_BYTES_TO_MPZ(vk_i, info->vk_i + TC_ID_TO_INDEX(share->id));
36 
37  const unsigned long n_bits = mpz_sizeinbase(n, 2); // Bit size of the key.
38 
39  // x = doc if (doc | n) == 1 else doc * u^e
40  if(mpz_jacobi(x, n) == -1) {
41  mpz_t ue;
42  mpz_init(ue);
43  mpz_powm(ue, u, e, n);
44  mpz_mul(x, x, ue);
45  mpz_mod(x, x, n);
46  mpz_clear(ue);
47  }
48 
49  // xi = x^(2*share) mod n
50  mpz_mul_ui(xi, s_i, 2);
51  mpz_powm(xi, x, xi, n);
52 
53  // xi_2 = xi^2
54  mpz_powm_ui(xi_2, xi, 2, n);
55 
56  // r = abs(random(bytes_len))
57  random_dev(r, n_bits + 2*HASH_LEN*8);
58 
59  // v_prime = v^r % n
60  mpz_powm(v_prime, v, r, n);
61 
62  // x_tilde = x^4 % n
63  mpz_powm_ui(x_tilde, x, 4ul, n);
64 
65  // x_prime = x_tilde^r % n
66  mpz_powm(x_prime, x_tilde, r, n);
67 
68  // Every number calculated, now to bytes...
69  size_t v_len, u_len, x_tilde_len, v_i_len, xi_2_len, v_prime_len, x_prime_len;
70 
71 
72  void * v_bytes = TC_TO_OCTETS(&v_len, v);
73  void * u_bytes = TC_TO_OCTETS(&u_len, u);
74  void * x_tilde_bytes = TC_TO_OCTETS(&x_tilde_len, x_tilde);
75  void * v_i_bytes = TC_TO_OCTETS(&v_i_len, vk_i);
76  void * xi_2_bytes = TC_TO_OCTETS(&xi_2_len, xi_2);
77  void * v_prime_bytes = TC_TO_OCTETS(&v_prime_len, v_prime);
78  void * x_prime_bytes = TC_TO_OCTETS(&x_prime_len, x_prime);
79 
80  // Initialization of the digest context
81 
82  unsigned char * hash = alloc(HASH_LEN);
83  MHASH sha = mhash_init(MHASH_SHA256);
84 
85  mhash(sha, v_bytes, v_len);
86  mhash(sha, u_bytes, u_len);
87  mhash(sha, x_tilde_bytes, x_tilde_len);
88  mhash(sha, v_i_bytes, v_i_len);
89  mhash(sha, xi_2_bytes, xi_2_len);
90  mhash(sha, v_prime_bytes, v_prime_len);
91  mhash(sha, x_prime_bytes, x_prime_len);
92 
93  mhash_deinit(sha, hash);
94 
95  void (*freefunc) (void *, size_t);
96  mp_get_memory_functions (NULL, NULL, &freefunc);
97 
98  freefunc(v_bytes, v_len);
99  freefunc(u_bytes, u_len);
100  freefunc(x_tilde_bytes, x_tilde_len);
101  freefunc(v_i_bytes, v_i_len);
102  freefunc(xi_2_bytes, xi_2_len);
103  freefunc(v_prime_bytes, v_prime_len);
104  freefunc(x_prime_bytes, x_prime_len);
105 
106  TC_GET_OCTETS(c, HASH_LEN, hash);
107  mpz_mod(c, c, n);
108  free(hash);
109 
110  mpz_mul(z, c, s_i);
111  mpz_add(z, z, r);
112 
113  TC_MPZ_TO_BYTES(out->c, c);
114  TC_MPZ_TO_BYTES(out->z, z);
115  TC_MPZ_TO_BYTES(out->x_i, xi);
116  out->id = share->id;
117 
118  mpz_clears(x, n, e, s_i, v, u, vk_i, xi, xi_2, r, v_prime, x_tilde, x_prime, c, z, NULL);
119  return out;
120 }
#define TC_ID_TO_INDEX(id)
Definition: tc_internal.h:38
public_key_t * public_key
Definition: tc_internal.h:14
bytes_t * c
Definition: tc_internal.h:30
bytes_t * s_i
Definition: tc_internal.h:23
Structure that&#39;s stores a pointer that points to data_len bytes.
Definition: tc.h:14
Structure that represents a signature share, to be joined generating a standard RSA signatures...
Definition: tc_internal.h:28
signature_share_t * tc_node_sign(const key_share_t *share, const bytes_t *doc, const key_metainfo_t *info)
bytes_t * n
Definition: tc_internal.h:9
Structure that represents the data about a key share, including its public key.
Definition: tc_internal.h:13
bytes_t * vk_i
Definition: tc_internal.h:19
uint16_t id
Definition: tc_internal.h:25
bytes_t * z
Definition: tc_internal.h:31
void random_dev(mpz_t rop, int bit_len)
Definition: random.c:8
const unsigned int HASH_LEN
#define TC_GET_OCTETS(z, bcount, op)
Definition: tc_internal.h:36
signature_share_t * tc_init_signature_share()
Definition: structs_init.c:180
bytes_t * vk_v
Definition: tc_internal.h:17
#define TC_BYTES_TO_MPZ(z, bytes)
Definition: tc_internal.h:42
void * alloc(size_t size)
Definition: structs_init.c:9
bytes_t * vk_u
Definition: tc_internal.h:18
Structure that represents one key share, to be used to generate a signature share.
Definition: tc_internal.h:22
#define TC_TO_OCTETS(count, op)
Definition: tc_internal.h:37
bytes_t * x_i
Definition: tc_internal.h:29
bytes_t * e
Definition: tc_internal.h:10
#define TC_MPZ_TO_BYTES(bytes, z)
Definition: tc_internal.h:40