forked from hugohn/mpc-cmp
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdoerner.go
82 lines (73 loc) · 3.63 KB
/
doerner.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
package doerner
import (
"github.com/taurusgroup/multi-party-sig/pkg/math/curve"
"github.com/taurusgroup/multi-party-sig/pkg/party"
"github.com/taurusgroup/multi-party-sig/pkg/pool"
"github.com/taurusgroup/multi-party-sig/pkg/protocol"
"github.com/taurusgroup/multi-party-sig/protocols/doerner/keygen"
"github.com/taurusgroup/multi-party-sig/protocols/doerner/sign"
)
type (
ConfigReceiver = keygen.ConfigReceiver
ConfigSender = keygen.ConfigSender
)
// EmptyConfigReceiver creates a ConfigReceiever that's ready to be unmarshalled.
//
// Because ConfigReceiver contains group dependent data, it needs to be initialized
// with a concrete group to be unmarshalled correctly.
func EmptyConfigReceiver(group curve.Curve) *ConfigReceiver {
return &ConfigReceiver{SecretShare: group.NewScalar(), Public: group.NewPoint()}
}
// EmptyConfigSender creates a ConfigSender that's ready to be unmarshalled.
//
// Because ConfigSender contains group dependent data, it needs to be initialized
// with a concrete group to be unmarshalled correctly.
func EmptyConfigSender(group curve.Curve) *ConfigSender {
return &ConfigSender{SecretShare: group.NewScalar(), Public: group.NewPoint()}
}
// Keygen initiates the Doerner key generation protocol.
//
// The goal of this protocol is to create a new key-pair, with the private portion
// shared between two participants.
//
// One of the participants is marked as the "Receiver", and the other is the "Sender".
// The return type of this protocol depends on the role. The Receiver will get
// a ConfigReceiver, but the Sender will get a ConfigSender instead.
//
// A pool can be passed to this function, to parallelize certain operations and improve performance.
func Keygen(group curve.Curve, receiver bool, selfID, otherID party.ID, pl *pool.Pool) protocol.StartFunc {
return keygen.StartKeygen(group, receiver, selfID, otherID, nil, nil, pl)
}
// RefreshReceiver initiates a key-refresh protocol, from the Receiver's perspective.
//
// The goal of this protocol is to refresh the shares of the secret key, and other auxilary
// secret data, while preserving the shared public key.
//
// This won't change the value of the public key, but it will change the value of the chaining key.
// If this isn't desirable, then the new chain key can simply be overwritten with the previous value.
func RefreshReceiver(config *ConfigReceiver, selfID, otherID party.ID, pl *pool.Pool) protocol.StartFunc {
return keygen.StartKeygen(config.Group(), true, selfID, otherID, config.SecretShare, config.Public, pl)
}
// RefreshSender initiates a key-refresh protocol, from the Sender's perspective.
//
// See RefreshReceiver.
func RefreshSender(config *ConfigSender, selfID, otherID party.ID, pl *pool.Pool) protocol.StartFunc {
return keygen.StartKeygen(config.Group(), false, selfID, otherID, config.SecretShare, config.Public, pl)
}
// SignReceiver initiates the signing process, given a message hash.
//
// This function has another version, SignSender, which uses the config for the Sender
// instead.
//
// The result, in both cases, will be an ecdsa.Signature type.
//
// A pool can be passed to this function, to parallelize certain operations and improve performance.
func SignReceiver(config *ConfigReceiver, selfID, otherID party.ID, hash []byte, pl *pool.Pool) protocol.StartFunc {
return sign.StartSignReceiver(config, selfID, otherID, hash, pl)
}
// SignSender is like SignReceiver, but using the Sender's results from key generation.
//
// See SignReceiver for more information.
func SignSender(config *ConfigSender, selfID, otherID party.ID, hash []byte, pl *pool.Pool) protocol.StartFunc {
return sign.StartSignSender(config, selfID, otherID, hash, pl)
}