diff options
Diffstat (limited to 'go/bls')
| -rw-r--r-- | go/bls/bls.go | 366 | ||||
| -rw-r--r-- | go/bls/bls_test.go | 344 |
2 files changed, 710 insertions, 0 deletions
diff --git a/go/bls/bls.go b/go/bls/bls.go new file mode 100644 index 0000000..4dcd662 --- /dev/null +++ b/go/bls/bls.go @@ -0,0 +1,366 @@ +package bls + +/* +#cgo CFLAGS:-I../../include -DBLS_MAX_OP_UNIT_SIZE=6 +#cgo bn256 CFLAGS:-UBLS_MAX_OP_UNIT_SIZE -DBLS_MAX_OP_UNIT_SIZE=4 +#cgo bn384 CFLAGS:-UBLS_MAX_OP_UNIT_SIZE -DBLS_MAX_OP_UNIT_SIZE=6 +#cgo LDFLAGS:-lbls -lbls_if -lmcl -lgmp -lgmpxx -L../lib -L../../lib -L../../../mcl/lib -L../../mcl/lib -lstdc++ -lcrypto +#include "bls_if.h" +*/ +import "C" +import "fmt" +import "unsafe" + +// CurveFp254BNb -- 254 bit curve +const CurveFp254BNb = 0 + +// CurveFp382_1 -- 382 bit curve 1 +const CurveFp382_1 = 1 + +// CurveFp382_2 -- 382 bit curve 2 +const CurveFp382_2 = 2 + +// Init -- +func Init(curve int) { + C.blsInit(C.int(curve), C.BLS_MAX_OP_UNIT_SIZE) +} + +// GetMaxOpUnitSize -- +func GetMaxOpUnitSize() int { + return int(C.BLS_MAX_OP_UNIT_SIZE) +} + +// GetOpUnitSize -- +func GetOpUnitSize() int { + return int(C.blsGetOpUnitSize()) +} + +// ID -- +type ID struct { + v [C.BLS_MAX_OP_UNIT_SIZE]C.uint64_t +} + +// getPointer -- +func (id *ID) getPointer() (p *C.blsId) { + // #nosec + return (*C.blsId)(unsafe.Pointer(&id.v[0])) +} + +// String -- +func (id *ID) String() string { + buf := make([]byte, 1024) + // #nosec + n := C.blsIdGetStr(id.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf))) + if n == 0 { + panic("implementation err. size of buf is small") + } + return string(buf[:n]) +} + +// SetStr -- +func (id *ID) SetStr(s string) error { + buf := []byte(s) + // #nosec + err := C.blsIdSetStr(id.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf))) + if err > 0 { + return fmt.Errorf("bad string:%s", s) + } + return nil +} + +// Set -- +func (id *ID) Set(v []uint64) { + expect := GetOpUnitSize() + if len(v) != expect { + panic(fmt.Errorf("bad size (%d), expected size %d", len(v), expect)) + } + // #nosec + C.blsIdSet(id.getPointer(), (*C.uint64_t)(unsafe.Pointer(&v[0]))) +} + +// SecretKey -- +type SecretKey struct { + v [C.BLS_MAX_OP_UNIT_SIZE]C.uint64_t +} + +// getPointer -- +func (sec *SecretKey) getPointer() (p *C.blsSecretKey) { + // #nosec + return (*C.blsSecretKey)(unsafe.Pointer(&sec.v[0])) +} + +// String -- +func (sec *SecretKey) String() string { + buf := make([]byte, 1024) + // #nosec + n := C.blsSecretKeyGetStr(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf))) + if n == 0 { + panic("implementation err. size of buf is small") + } + return string(buf[:n]) +} + +// SetStr -- The string passed in is a number and can be either hex or decimal +func (sec *SecretKey) SetStr(s string) error { + buf := []byte(s) + // #nosec + err := C.blsSecretKeySetStr(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf))) + if err > 0 { + return fmt.Errorf("bad string:%s", s) + } + return nil +} + +// SetData -- +func (sec *SecretKey) SetData(buf []byte) error { + // #nosec + err := C.blsSecretKeySetData(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf))) + if err > 0 { + return fmt.Errorf("bad buf:%s", buf) + } + return nil +} + +// GetData -- +func (sec *SecretKey) GetData() []byte { + fpSize := GetOpUnitSize() * 8 + buf := make([]byte, fpSize) + n := C.blsSecretKeyGetData(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf))) + if n != C.size_t(fpSize) { + panic("implementation err. size of buf is small") + } + return buf +} + +// IsSame -- +func (lhs *SecretKey) IsSame(rhs *SecretKey) bool { + return C.blsSecretKeyIsSame(lhs.getPointer(), rhs.getPointer()) == 1 +} + +// SetArray -- +func (sec *SecretKey) SetArray(v []uint64) { + expect := GetOpUnitSize() + if len(v) != expect { + panic(fmt.Errorf("bad size (%d), expected size %d", len(v), expect)) + } + // #nosec + C.blsSecretKeySetArray(sec.getPointer(), (*C.uint64_t)(unsafe.Pointer(&v[0]))) +} + +// Init -- +func (sec *SecretKey) Init() { + C.blsSecretKeyInit(sec.getPointer()) +} + +// Add -- +func (sec *SecretKey) Add(rhs *SecretKey) { + C.blsSecretKeyAdd(sec.getPointer(), rhs.getPointer()) +} + +// GetMasterSecretKey -- +func (sec *SecretKey) GetMasterSecretKey(k int) (msk []SecretKey) { + msk = make([]SecretKey, k) + msk[0] = *sec + for i := 1; i < k; i++ { + msk[i].Init() + } + return msk +} + +// GetMasterPublicKey -- +func GetMasterPublicKey(msk []SecretKey) (mpk []PublicKey) { + n := len(msk) + mpk = make([]PublicKey, n) + for i := 0; i < n; i++ { + mpk[i] = *msk[i].GetPublicKey() + } + return mpk +} + +// Set -- +func (sec *SecretKey) Set(msk []SecretKey, id *ID) { + C.blsSecretKeySet(sec.getPointer(), msk[0].getPointer(), C.size_t(len(msk)), id.getPointer()) +} + +// Recover -- +func (sec *SecretKey) Recover(secVec []SecretKey, idVec []ID) { + C.blsSecretKeyRecover(sec.getPointer(), secVec[0].getPointer(), idVec[0].getPointer(), C.size_t(len(secVec))) +} + +// GetPop -- +func (sec *SecretKey) GetPop() (sign *Sign) { + sign = new(Sign) + C.blsSecretKeyGetPop(sec.getPointer(), sign.getPointer()) + return sign +} + +// PublicKey -- +type PublicKey struct { + v [C.BLS_MAX_OP_UNIT_SIZE * 2 * 3]C.uint64_t +} + +// getPointer -- +func (pub *PublicKey) getPointer() (p *C.blsPublicKey) { + // #nosec + return (*C.blsPublicKey)(unsafe.Pointer(&pub.v[0])) +} + +// String -- +func (pub *PublicKey) String() string { + buf := make([]byte, 1024) + // #nosec + n := C.blsPublicKeyGetStr(pub.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf))) + if n == 0 { + panic("implementation err. size of buf is small") + } + return string(buf[:n]) +} + +// SetStr -- +func (pub *PublicKey) SetStr(s string) error { + buf := []byte(s) + // #nosec + err := C.blsPublicKeySetStr(pub.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf))) + if err > 0 { + return fmt.Errorf("bad string:%s", s) + } + return nil +} + +// SetData -- +func (sec *PublicKey) SetData(buf []byte) error { + // #nosec + err := C.blsPublicKeySetData(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf))) + if err > 0 { + return fmt.Errorf("bad buf:%s", buf) + } + return nil +} + +// GetData -- +func (sec *PublicKey) GetData() []byte { + fpSize := GetOpUnitSize() * 8 + buf := make([]byte, fpSize*2) + n := C.blsPublicKeyGetData(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf))) + if n != C.size_t(fpSize*2) { + panic("implementation err. size of buf is small") + } + return buf +} + +// IsSame -- +func (lhs *PublicKey) IsSame(rhs *PublicKey) bool { + return C.blsPublicKeyIsSame(lhs.getPointer(), rhs.getPointer()) == 1 +} + +// Add -- +func (pub *PublicKey) Add(rhs *PublicKey) { + C.blsPublicKeyAdd(pub.getPointer(), rhs.getPointer()) +} + +// Set -- +func (pub *PublicKey) Set(mpk []PublicKey, id *ID) { + C.blsPublicKeySet(pub.getPointer(), mpk[0].getPointer(), C.size_t(len(mpk)), id.getPointer()) +} + +// Recover -- +func (pub *PublicKey) Recover(pubVec []PublicKey, idVec []ID) { + C.blsPublicKeyRecover(pub.getPointer(), pubVec[0].getPointer(), idVec[0].getPointer(), C.size_t(len(pubVec))) +} + +// Sign -- +type Sign struct { + v [C.BLS_MAX_OP_UNIT_SIZE * 3]C.uint64_t +} + +// getPointer -- +func (sign *Sign) getPointer() (p *C.blsSign) { + // #nosec + return (*C.blsSign)(unsafe.Pointer(&sign.v[0])) +} + +// String -- +func (sign *Sign) String() string { + buf := make([]byte, 1024) + // #nosec + n := C.blsSignGetStr(sign.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf))) + if n == 0 { + panic("implementation err. size of buf is small") + } + return string(buf[:n]) +} + +// SetStr -- +func (sign *Sign) SetStr(s string) error { + buf := []byte(s) + // #nosec + err := C.blsSignSetStr(sign.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf))) + if err > 0 { + return fmt.Errorf("bad string:%s", s) + } + return nil +} + +// SetData -- +func (sec *Sign) SetData(buf []byte) error { + // #nosec + err := C.blsSignSetData(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf))) + if err > 0 { + return fmt.Errorf("bad buf:%s", buf) + } + return nil +} + +// GetData -- +func (sec *Sign) GetData() []byte { + fpSize := GetOpUnitSize() * 8 + buf := make([]byte, fpSize) + n := C.blsSignGetData(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf))) + if n != C.size_t(fpSize) { + panic("implementation err. size of buf is small") + } + return buf +} + +// IsSame -- +func (lhs *Sign) IsSame(rhs *Sign) bool { + return C.blsSignIsSame(lhs.getPointer(), rhs.getPointer()) == 1 +} + +// GetPublicKey -- +func (sec *SecretKey) GetPublicKey() (pub *PublicKey) { + pub = new(PublicKey) + C.blsSecretKeyGetPublicKey(sec.getPointer(), pub.getPointer()) + return pub +} + +// Sign -- Constant Time version +func (sec *SecretKey) Sign(m string) (sign *Sign) { + sign = new(Sign) + buf := []byte(m) + // #nosec + C.blsSecretKeySign(sec.getPointer(), sign.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf))) + return sign +} + +// Add -- +func (sign *Sign) Add(rhs *Sign) { + C.blsSignAdd(sign.getPointer(), rhs.getPointer()) +} + +// Recover -- +func (sign *Sign) Recover(signVec []Sign, idVec []ID) { + C.blsSignRecover(sign.getPointer(), signVec[0].getPointer(), idVec[0].getPointer(), C.size_t(len(signVec))) +} + +// Verify -- +func (sign *Sign) Verify(pub *PublicKey, m string) bool { + buf := []byte(m) + // #nosec + return C.blsSignVerify(sign.getPointer(), pub.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf))) == 1 +} + +// VerifyPop -- +func (sign *Sign) VerifyPop(pub *PublicKey) bool { + return C.blsSignVerifyPop(sign.getPointer(), pub.getPointer()) == 1 +} diff --git a/go/bls/bls_test.go b/go/bls/bls_test.go new file mode 100644 index 0000000..f2039fc --- /dev/null +++ b/go/bls/bls_test.go @@ -0,0 +1,344 @@ +package bls + +import "testing" +import "strconv" + +var curve = CurveFp382_1 + +//var curve = CurveFp254BNb +var unitN = 0 + +func testPre(t *testing.T) { + t.Log("init") + var err error + { + var id ID + id.Set([]uint64{6, 5, 4, 3, 2, 1}[0:unitN]) + + t.Log("id :", id) + var id2 ID + err = id2.SetStr(id.String()) + if err != nil { + t.Fatal(err) + } + t.Log("id2:", id2) + } + { + var sec SecretKey + sec.SetArray([]uint64{1, 2, 3, 4, 5, 6}[0:unitN]) + t.Log("sec=", sec) + } + + t.Log("create secret key") + m := "this is a bls sample for go" + var sec SecretKey + sec.Init() + t.Log("sec:", sec) + t.Log("create public key") + pub := sec.GetPublicKey() + t.Log("pub:", pub) + sign := sec.Sign(m) + t.Log("sign:", sign) + if !sign.Verify(pub, m) { + t.Error("Signature does not verify") + } + + // How to make array of SecretKey + { + sec := make([]SecretKey, 3) + for i := 0; i < len(sec); i++ { + sec[i].Init() + t.Log("sec=", sec[i].String()) + } + } +} + +func testRecoverSecretKey(t *testing.T) { + t.Log("testRecoverSecretKey") + k := 3000 + var sec SecretKey + sec.Init() + + // make master secret key + msk := sec.GetMasterSecretKey(k) + + n := k + secVec := make([]SecretKey, n) + idVec := make([]ID, n) + for i := 0; i < n; i++ { + idVec[i].Set([]uint64{uint64(i), 1, 2, 3, 4, 5}[0:unitN]) + secVec[i].Set(msk, &idVec[i]) + } + // recover sec2 from secVec and idVec + var sec2 SecretKey + sec2.Recover(secVec, idVec) + if sec.String() != sec2.String() { + t.Errorf("Mismatch in recovered secret key:\n %s\n %s.", sec.String(), sec2.String()) + } +} + +func testSign(t *testing.T) { + m := "testSign" + t.Log(m) + + var sec0 SecretKey + sec0.Init() + pub0 := sec0.GetPublicKey() + s0 := sec0.Sign(m) + if !s0.Verify(pub0, m) { + t.Error("Signature does not verify") + } + + k := 3 + msk := sec0.GetMasterSecretKey(k) + mpk := GetMasterPublicKey(msk) + + idTbl := []uint64{3, 5, 193, 22, 15} + n := len(idTbl) + + secVec := make([]SecretKey, n) + pubVec := make([]PublicKey, n) + signVec := make([]Sign, n) + idVec := make([]ID, n) + + for i := 0; i < n; i++ { + idVec[i].Set([]uint64{idTbl[i], 0, 0, 0, 0, 0}[0:unitN]) + t.Logf("idVec[%d]=%s\n", i, idVec[i].String()) + + secVec[i].Set(msk, &idVec[i]) + + pubVec[i].Set(mpk, &idVec[i]) + t.Logf("pubVec[%d]=%s\n", i, pubVec[i].String()) + + if pubVec[i].String() != secVec[i].GetPublicKey().String() { + t.Error("Pubkey derivation does not match") + } + + signVec[i] = *secVec[i].Sign(m) + if !signVec[i].Verify(&pubVec[i], m) { + t.Error("Pubkey derivation does not match") + } + } + var sec1 SecretKey + sec1.Recover(secVec, idVec) + if sec0.String() != sec1.String() { + t.Error("Mismatch in recovered seckey.") + } + var pub1 PublicKey + pub1.Recover(pubVec, idVec) + if pub0.String() != pub1.String() { + t.Error("Mismatch in recovered pubkey.") + } + var s1 Sign + s1.Recover(signVec, idVec) + if s0.String() != s1.String() { + t.Error("Mismatch in recovered signature.") + } +} + +func testAdd(t *testing.T) { + t.Log("testAdd") + var sec1 SecretKey + var sec2 SecretKey + sec1.Init() + sec2.Init() + + pub1 := sec1.GetPublicKey() + pub2 := sec2.GetPublicKey() + + m := "test test" + sign1 := sec1.Sign(m) + sign2 := sec2.Sign(m) + + t.Log("sign1 :", sign1) + sign1.Add(sign2) + t.Log("sign1 add:", sign1) + pub1.Add(pub2) + if !sign1.Verify(pub1, m) { + t.Fail() + } +} + +func testPop(t *testing.T) { + t.Log("testPop") + var sec SecretKey + sec.Init() + pop := sec.GetPop() + if !pop.VerifyPop(sec.GetPublicKey()) { + t.Errorf("Valid Pop does not verify") + } + sec.Init() + if pop.VerifyPop(sec.GetPublicKey()) { + t.Errorf("Invalid Pop verifies") + } +} + +func testData(t *testing.T) { + t.Log("testData") + var sec1, sec2 SecretKey + sec1.Init() + s := sec1.GetData() + sec2.SetData(s) + if !sec1.IsSame(&sec2) { + t.Error("SecretKey not same") + } + pub1 := sec1.GetPublicKey() + s = pub1.GetData() + var pub2 PublicKey + pub2.SetData(s) + if !pub1.IsSame(&pub2) { + t.Error("PublicKey not same") + } + m := "doremi" + sign1 := sec1.Sign(m) + s = sign1.GetData() + var sign2 Sign + sign2.SetData(s) + if !sign1.IsSame(&sign2) { + t.Error("Sign not same") + } +} + +func BenchmarkPubkeyFromSeckey(b *testing.B) { + b.StopTimer() + Init(curve) + var sec SecretKey + for n := 0; n < b.N; n++ { + sec.Init() + b.StartTimer() + sec.GetPublicKey() + b.StopTimer() + } +} + +func BenchmarkSigning(b *testing.B) { + b.StopTimer() + Init(curve) + var sec SecretKey + for n := 0; n < b.N; n++ { + sec.Init() + b.StartTimer() + sec.Sign(strconv.Itoa(n)) + b.StopTimer() + } +} + +func BenchmarkValidation(b *testing.B) { + b.StopTimer() + Init(curve) + var sec SecretKey + for n := 0; n < b.N; n++ { + sec.Init() + pub := sec.GetPublicKey() + m := strconv.Itoa(n) + sig := sec.Sign(m) + b.StartTimer() + sig.Verify(pub, m) + b.StopTimer() + } +} + +func benchmarkDeriveSeckeyShare(k int, b *testing.B) { + b.StopTimer() + Init(curve) + var sec SecretKey + sec.Init() + msk := sec.GetMasterSecretKey(k) + var id ID + for n := 0; n < b.N; n++ { + id.Set([]uint64{1, 2, 3, 4, 5, uint64(n)}) + b.StartTimer() + sec.Set(msk, &id) + b.StopTimer() + } +} + +//func BenchmarkDeriveSeckeyShare100(b *testing.B) { benchmarkDeriveSeckeyShare(100, b) } +//func BenchmarkDeriveSeckeyShare200(b *testing.B) { benchmarkDeriveSeckeyShare(200, b) } +func BenchmarkDeriveSeckeyShare500(b *testing.B) { benchmarkDeriveSeckeyShare(500, b) } + +//func BenchmarkDeriveSeckeyShare1000(b *testing.B) { benchmarkDeriveSeckeyShare(1000, b) } + +func benchmarkRecoverSeckey(k int, b *testing.B) { + b.StopTimer() + Init(curve) + var sec SecretKey + sec.Init() + msk := sec.GetMasterSecretKey(k) + + // derive n shares + n := k + secVec := make([]SecretKey, n) + idVec := make([]ID, n) + for i := 0; i < n; i++ { + idVec[i].Set([]uint64{1, 2, 3, 4, 5, uint64(i)}) + secVec[i].Set(msk, &idVec[i]) + } + + // recover from secVec and idVec + var sec2 SecretKey + b.StartTimer() + for n := 0; n < b.N; n++ { + sec2.Recover(secVec, idVec) + } +} + +func BenchmarkRecoverSeckey100(b *testing.B) { benchmarkRecoverSeckey(100, b) } +func BenchmarkRecoverSeckey200(b *testing.B) { benchmarkRecoverSeckey(200, b) } +func BenchmarkRecoverSeckey500(b *testing.B) { benchmarkRecoverSeckey(500, b) } +func BenchmarkRecoverSeckey1000(b *testing.B) { benchmarkRecoverSeckey(1000, b) } + +func benchmarkRecoverSignature(k int, b *testing.B) { + b.StopTimer() + Init(curve) + var sec SecretKey + sec.Init() + msk := sec.GetMasterSecretKey(k) + + // derive n shares + n := k + idVec := make([]ID, n) + secVec := make([]SecretKey, n) + signVec := make([]Sign, n) + for i := 0; i < n; i++ { + idVec[i].Set([]uint64{1, 2, 3, 4, 5, uint64(i)}) + secVec[i].Set(msk, &idVec[i]) + signVec[i] = *secVec[i].Sign("test message") + } + + // recover signature + var sig Sign + b.StartTimer() + for n := 0; n < b.N; n++ { + sig.Recover(signVec, idVec) + } +} + +func BenchmarkRecoverSignature100(b *testing.B) { benchmarkRecoverSignature(100, b) } +func BenchmarkRecoverSignature200(b *testing.B) { benchmarkRecoverSignature(200, b) } +func BenchmarkRecoverSignature500(b *testing.B) { benchmarkRecoverSignature(500, b) } +func BenchmarkRecoverSignature1000(b *testing.B) { benchmarkRecoverSignature(1000, b) } + +func test(t *testing.T, c int) { + Init(c) + unitN = GetOpUnitSize() + t.Logf("unitN=%d\n", unitN) + testPre(t) + testRecoverSecretKey(t) + testAdd(t) + testSign(t) + testPop(t) + testData(t) +} + +func TestMain(t *testing.T) { + t.Logf("GetMaxOpUnitSize() = %d\n", GetMaxOpUnitSize()) + t.Log("CurveFp254BNb") + test(t, CurveFp254BNb) + if GetMaxOpUnitSize() == 6 { + t.Log("CurveFp382_1") + test(t, CurveFp382_1) + t.Log("CurveFp382_1") + test(t, CurveFp382_2) + } +} |