├── .gitignore ├── CMakeLists.txt ├── LICENSE ├── README.md ├── cmake ├── CryptoTSSRSAConfig.cmake.in └── setup_installation.cmake ├── doc ├── Description_of_TSS_RSA_Signature_Algorithm.md ├── GoogleTest-Installation.md ├── OpenSSL-Installation.md └── logo.png ├── examples ├── CMakeLists.txt └── example.cpp ├── proto ├── cmd.txt └── tss_rsa.proto ├── src ├── CMakeLists.txt └── crypto-tss-rsa │ ├── KeyGenParam.cpp │ ├── KeyGenParam.h │ ├── RSAKeyMeta.cpp │ ├── RSAKeyMeta.h │ ├── RSAPrivateKeyShare.cpp │ ├── RSAPrivateKeyShare.h │ ├── RSAPublicKey.cpp │ ├── RSAPublicKey.h │ ├── RSASigShare.cpp │ ├── RSASigShare.h │ ├── RSASigShareProof.cpp │ ├── RSASigShareProof.h │ ├── common.h │ ├── emsa_pss.cpp │ ├── emsa_pss.h │ ├── proto_gen │ ├── 3_14 │ │ ├── tss_rsa.pb.cc │ │ └── tss_rsa.pb.h │ ├── 3_20 │ │ ├── tss_rsa.pb.cc │ │ └── tss_rsa.pb.h │ ├── tss_rsa.pb.switch.cc │ └── tss_rsa.pb.switch.h │ ├── tss_rsa.cpp │ └── tss_rsa.h └── test ├── CMakeLists.txt ├── pure-tss-rsa-test.cpp ├── tss-rsa-benchmark-test.cpp └── tss-rsa-test.cpp /.gitignore: -------------------------------------------------------------------------------- 1 | # Prerequisites 2 | *.d 3 | 4 | # Compiled Object files 5 | *.slo 6 | *.lo 7 | *.o 8 | *.obj 9 | 10 | # Precompiled Headers 11 | *.gch 12 | *.pch 13 | 14 | # Compiled Dynamic libraries 15 | *.so 16 | *.dylib 17 | *.dll 18 | 19 | # Fortran module files 20 | *.mod 21 | *.smod 22 | 23 | # Compiled Static libraries 24 | *.lai 25 | *.la 26 | *.a 27 | *.lib 28 | 29 | # Executables 30 | *.exe 31 | *.out 32 | *.app 33 | 34 | .DS_Store 35 | .idea 36 | build/ 37 | cmake-build-debug/ -------------------------------------------------------------------------------- /CMakeLists.txt: -------------------------------------------------------------------------------- 1 | cmake_minimum_required(VERSION 3.10) 2 | 3 | project("CryptoTSSRSA" VERSION 1.0.1) 4 | 5 | set(CMAKE_CXX_STANDARD 11) 6 | #SET(CMAKE_BUILD_TYPE "Debug") 7 | SET(CMAKE_BUILD_TYPE "Release") 8 | set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -O2 -Wall -Wextra -Wno-unused-parameter -Wno-unused-variable") 9 | set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -O2 -Wall -Wextra -Wno-unused-parameter -Wno-unused-variable") 10 | 11 | add_subdirectory(src) 12 | 13 | option(ENABLE_TESTS "Enable tests" OFF) 14 | option(ENABLE_BENCHMARK "Enable benchmark" OFF) 15 | if (${ENABLE_TESTS}) 16 | enable_testing() 17 | include_directories(/usr/local/include) 18 | link_directories(/usr/local/lib) 19 | add_subdirectory(test) 20 | endif() 21 | 22 | include("cmake/setup_installation.cmake") -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright Safeheron Inc. 2022. All rights reserved. 2 | 3 | You acknowledge and agree that Safeheron Inc. (“Safeheron”) (or Safeheron’s licensors) own all legal right, title and interest in and to the work, software, application, source code, documentation and any other documents in this repository (collectively, the “Program”), including any intellectual property rights which subsist in the Program (whether those rights happen to be registered or not, and wherever in the world those rights may exist), whether in source code or any other form. 4 | 5 | Subject to the limited license below, you may not (and you may not permit anyone else to) distribute, publish, copy, modify, merge, combine with another program, create derivative works of, reverse engineer, decompile or otherwise attempt to extract the source code of, the Program or any part thereof, except that you may contribute to this repository. 6 | 7 | You are granted a non-exclusive, non-transferable, non-sublicensable license to distribute, publish, copy, modify, merge, combine with another program or create derivative works of the Program (such resulting program, collectively, the “Resulting Program”) solely for Non-Commercial Use as long as you: 8 | 1. give prominent notice (“Notice”) with each copy of the Resulting Program that the Program is used in the Resulting Program and that the Program is the copyright of Safeheron; and 9 | 2. subject the Resulting Program and any distribution, publication, copy, modification, merger therewith, combination with another program or derivative works thereof to the same Notice requirement and Non-Commercial Use restriction set forth herein. 10 | 11 | “Non-Commercial Use” means each use as described in clauses (1)-(2) below, as reasonably determined by Safeheron in its sole discretion: 12 | 1. personal use for research, personal study, private entertainment, hobby projects or amateur pursuits, in each case without any anticipated commercial application; 13 | 2. use by any charitable organization, educational institution, public research organization, public safety or health organization, environmental protection organization or government institution. 14 | 15 | You will not use any trade mark, service mark, trade name, logo of Safeheron or any other company or organization in a way that is likely or intended to cause confusion about the owner or authorized user of such marks, names or logos. 16 | 17 | If you have any questions, comments or interest in pursuing any other use cases, please reach out to us at safeheron.license@safeheron.com. -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # tss-rsa-cpp 2 | 3 | ![img](doc/logo.png) 4 | 5 | This software implements a library for tss-rsa according to paper [Practical Threshold Signatures](https://www.iacr.org/archive/eurocrypt2000/1807/18070209-new.pdf). 6 | 7 | The library comes with serialize/deserialize support to be used in higher level code to implement networking. 8 | 9 | # Prerequisites 10 | 11 | - [OpenSSL](https://github.com/openssl/openssl#documentation). See the [OpenSSL Installation Instructions](./doc/OpenSSL-Installation.md) 12 | - [Protocol Buffers](https://github.com/protocolbuffers/protobuf.git). See the [Protocol Buffers Installation Instructions](./doc/Protocol-Buffers-Installation.md) 13 | - [crypto-suites-cpp](https://github.com/safeheron/crypto-suites-cpp.git). See the [crypto-suites-cpp Installation Instructions](https://github.com/safeheron/crypto-suites-cpp/blob/main/README.md#build-and-install). **Version v0.8.0 or later required**. 14 | 15 | # Build and Install 16 | 17 | Linux and Mac are supported now. After obtaining the Source, have a look at the installation script. 18 | 19 | ```shell 20 | git clone https://github.com/safeheron/tss-rsa-cpp.git 21 | cd tss-rsa-cpp 22 | mkdir build && cd build 23 | # Run "cmake .. -DOPENSSL_ROOT_DIR=Your-Root-Directory-of-OPENSSL" instead of the command below on Mac OS. 24 | cmake .. -DENABLE_TESTS=ON 25 | # Add the path to the LD_LIBRARY_PATH environment variable on Mac OS; Ignore it on Linux 26 | export LIBRARY_PATH=$LIBRARY_PATH:/usr/local/lib/ 27 | make 28 | make test 29 | sudo make install 30 | ``` 31 | 32 | More platforms such as Windows would be supported soon. 33 | 34 | 35 | # To start using crypto-tss-rsa-cpp 36 | 37 | ## CMake 38 | 39 | CMake is your best option. It supports building on Linux, MacOS and Windows (soon) but also has a good chance of working on other platforms (no promises!). cmake has good support for crosscompiling and can be used for targeting the Android platform. 40 | 41 | To build crypto-tss-rsa-cpp from source, follow the BUILDING guide. 42 | 43 | The canonical way to discover dependencies in CMake is the find_package command. 44 | 45 | ```shell 46 | project(XXXX) 47 | 48 | set(CMAKE_CXX_STANDARD 11) 49 | set(CMAKE_BUILD_TYPE "Release") 50 | 51 | find_package(PkgConfig REQUIRED) 52 | pkg_search_module(PROTOBUF REQUIRED protobuf) # this looks for *.pc file 53 | #set(OPENSSL_USE_STATIC_LIBS TRUE) 54 | find_package(OpenSSL REQUIRED) 55 | find_package(SafeheronCryptoSuites REQUIRED) 56 | find_package(CryptoTSSRSA REQUIRED) 57 | 58 | add_executable(${PROJECT_NAME} XXXX.cpp) 59 | target_include_directories(${PROJECT_NAME} PUBLIC 60 | ${SafeheronCryptoSuites_INCLUDE_DIRS} 61 | ${CryptoTSSRSA_INCLUDE_DIRS} 62 | ${PROTOBUF_INCLUDE_DIRS} 63 | ) 64 | 65 | target_link_libraries(${PROJECT_NAME} PUBLIC 66 | SafeheronCryptoSuites 67 | CryptoTSSRSA 68 | OpenSSL::Crypto 69 | ${PROTOBUF_LINK_LIBRARIES} 70 | pthread ) 71 | ``` 72 | 73 | # Usage 74 | 75 | It's an example where the key length is 1024, the number of parties is 3 and threshold is 2. 76 | ```c++ 77 | #include "crypto-bn/bn.h" 78 | #include "exception/safeheron_exceptions.h" 79 | #include "crypto-tss-rsa/tss_rsa.h" 80 | #include "crypto-encode/hex.h" 81 | 82 | using safeheron::bignum::BN; 83 | using safeheron::tss_rsa::RSAPrivateKeyShare; 84 | using safeheron::tss_rsa::RSAPublicKey; 85 | using safeheron::tss_rsa::RSAKeyMeta; 86 | using safeheron::tss_rsa::RSASigShare; 87 | using safeheron::tss_rsa::KeyGenParam; 88 | using safeheron::exception::LocatedException; 89 | using safeheron::exception::OpensslException; 90 | using safeheron::exception::BadAllocException; 91 | using safeheron::exception::RandomSourceException; 92 | 93 | int main(int argc, char **argv) { 94 | std::string json_str; 95 | std::string doc("12345678123456781234567812345678"); 96 | 97 | // Key Generation 98 | int key_bits_length = 1024; 99 | int k = 2; 100 | int l = 3; 101 | std::vector priv_arr; 102 | RSAPublicKey pub; 103 | RSAKeyMeta key_meta; 104 | bool status = safeheron::tss_rsa::GenerateKey(key_bits_length, l, k, priv_arr, pub, key_meta); 105 | key_meta.ToJsonString(json_str); 106 | std::cout << "key meta data: " << json_str << std::endl; 107 | 108 | pub.ToJsonString(json_str); 109 | std::cout << "public key: " << json_str << std::endl; 110 | 111 | priv_arr[0].ToJsonString(json_str); 112 | std::cout << "private key share 1: " << json_str << std::endl; 113 | priv_arr[2].ToJsonString(json_str); 114 | std::cout << "private key share 3: " << json_str << std::endl; 115 | 116 | // Prepare 117 | std::string doc_pss = safeheron::tss_rsa::EncodeEMSA_PSS(doc, key_bits_length, safeheron::tss_rsa::SaltLength::AutoLength); 118 | std::cout << "doc_pss: " << safeheron::encode::hex::EncodeToHex(doc) << std::endl; 119 | // Party 1 sign. 120 | RSASigShare sig_share0 = priv_arr[0].Sign(doc_pss, key_meta, pub); 121 | sig_share0.ToJsonString(json_str); 122 | std::cout << "signature share 1: " << json_str << std::endl; 123 | // Party 3 sign. 124 | RSASigShare sig_share2 = priv_arr[2].Sign(doc_pss, key_meta, pub); 125 | sig_share2.ToJsonString(json_str); 126 | std::cout << "signature share 3: " << json_str << std::endl; 127 | 128 | // Combine signatures 129 | // Distributed signature 130 | std::vector sig_share_arr; 131 | for(int i = 0; i < l; i++) { 132 | sig_share_arr.emplace_back(priv_arr[i].Sign(doc_pss, key_meta, pub)); 133 | } 134 | BN sig; 135 | bool ok = safeheron::tss_rsa::CombineSignatures(doc_pss, sig_share_arr, pub, key_meta, sig); 136 | std::cout << "succeed to sign: " << ok <l$ and $e$ is a prime. 17 | 18 | **Here we get the public key $PK = (n,e)$** 19 | 20 | - Compute $d, st. de \equiv 1 \pmod m$ 21 | - Split $d$ into $l$ shares with the threshold $k$ in finite fields $Z_m$: 22 | - $(d,k,l) \Rightarrow (s'_1, s'_2 ... s'_l)$ 23 | - **(Protocol2)**: Transformation on $s_i$ 24 | - $(s'_1, s'_2 ... s'_l) \Rightarrow (s_1, s_2 ... s_l)$ 25 | - $s_i = s_i' \Delta^{-1} \pmod m$ 26 | - Sample $f \in_R Z_n$ 27 | - Compute $v = f^2 \pmod n$. Note $v \in Q_n$ 28 | - Compute the verification keys: 29 | - $VK = v$ 30 | - $VK_i = v_i = v^{s_i} \pmod n$, for $1 \le i \le l$ . Note $v_i \in Q_n$. 31 | - **(Protocol2)**: Sample integer $u$ 32 | - Sampe $u \in_R Z_n^*$, where Jacobi symbol $(u, n) ==-1$ 33 | - Distribute $(PK, VK, VK_i, s_i, u)$ to party $i$, in which $PK = (n, e)$ 34 | 35 | **Here party i would receives his secret share along with some other data :** 36 | 37 | - $s_i$: secret share. It's exclusive to party i. 38 | - $VK$:verification key. It's common. 39 | - $\{VK_i \mid i = 1, \dots, l\}$: It's common. 40 | - $PK$: RSA public key. It's common. 41 | - **$u$: new element from protocol 2.** It's common. 42 | 43 | # 2 Generating a Signature Share 44 | 45 | Let $\hat{x}=H(M)$ where M is the message. 46 | 47 | (Protocol2): Compute the x 48 | 49 | $$ 50 | x = \begin{cases} 51 | \hat{x} & \text{ if } (\hat{x}, n) = 1 \\ 52 | \hat{x} u^e & \text{ if } (\hat{x}, n) = -1 53 | \end{cases} 54 | $$ 55 | 56 | The signature share of play i consists of 57 | $$ 58 | x_i = x^{2s_i} \pmod n \\ 59 | x_i = x^{2 \Delta s_i} \pmod n (deprecated \space in \space protocol 2) 60 | $$ 61 | along with a proof(refer to section 5.3) 62 | $$ 63 | Proof(s_i, VK, VK_i, l, n) = (z, c) 64 | $$ 65 | Note $x_i \in Q_n$. 66 | 67 | # 3 Combining Signature Shares 68 | 69 | We compute 70 | $$ 71 | w = x_{i_1}^{2 \lambda_{0,i_1}^S} 72 | \dots 73 | x_{i_k}^{2 \lambda_{0,i_k}^S} 74 | \pmod n 75 | $$ 76 | where the set $S = \{i_1, \dots, i_k\} \subset \{1, \dots, l\}$. 77 | 78 | We compute $e' = 4$ instead of $e' = 4 \Delta^2$ (Deprecated in protocol2). 79 | 80 | Note that $gcd(e', e) = 1$, so $\exists (a, b), st. e'a + eb = 1$. 81 | 82 | We compute $a$ and $b$. The number $a$ and $b$ can be obtained from the extended Euclidean algorithm on $e$ and $e'$. 83 | 84 | We compute the final signature 85 | $$ 86 | y = w^a x^b \pmod n 87 | $$ 88 | 89 | # 4 Verify Signatures 90 | 91 | We check if 92 | $$ 93 | y^e \equiv x \pmod n 94 | $$ 95 | 96 | # 5 Dependency 97 | 98 | ## 5.1 Compute $\lambda_{i,j}$ (to be developed) 99 | 100 | We compute 101 | 102 | 103 | $$ 104 | \lambda_{i,j}^{S} = 105 | \Delta 106 | \frac 107 | { {\textstyle \prod_{j' \in S \setminus \{j\}}^{}(i-j')} } 108 | { {\textstyle \prod_{j' \in S \setminus \{j\}}^{}(j-j')} } 109 | $$ 110 | where 111 | $$ 112 | \Delta = l! 113 | $$ 114 | 115 | ## 5.2 Extended Euclidean algorithm (to be developed) 116 | Refer to [crypto-suites-cpp](https://github.com/safeheron/crypto-suites-cpp.git). 117 | 118 | ## 5.3 Proof of Correctness on Signature Share(to be developed) 119 | 120 | #### Input: $s_i, v=VK, v_i=VK_i, l, n$ 121 | 122 | #### Prove: 123 | 124 | - Sample $r \in_R (0, 2^{L(n) +2 L_1-1})$ 125 | 126 | where $L$ is the bit-length of of $n$, and $L_1$ is bit-length of the output from hash function $H'$. 127 | 128 | - Compute $\tilde{x} = x^4$ instead of $\tilde{x} = x^{4 \Delta}$ (Deprecated in protocol2) 129 | 130 | - Compute $v' = v^r \pmod n$ 131 | 132 | - Compute $x' = \tilde{x}^r \pmod n$ 133 | 134 | - Compute $c = H'(v, \tilde{x}, v_i, x_i^2, v', x')$ 135 | 136 | - Compute $z=s_i c + r \pmod n$ 137 | 138 | **Here we get the proof $(z, c)$** 139 | 140 | #### Proof: 141 | 142 | - Compute $\tilde{x} = x^4$ instead of $\tilde{x} = x^{4 \Delta}$ (Deprecated in protocol2) 143 | 144 | - Compute $v' = v^z v_i^{-c} \pmod n$ 145 | 146 | - Compute $x' = \tilde{x}^z x_i^{-2c} \pmod n$ 147 | 148 | - Compute $c' = H'(v, \tilde{x}, v_i, x_i^2, v', x')$ 149 | 150 | - Check $c == c'$ 151 | 152 | ## 5.4 Jacobi symbol (to be developed) 153 | Refer to [crypto-suites-cpp](https://github.com/safeheron/crypto-suites-cpp.git). 154 | ## 5.6 Secret share scheme 155 | Refer to [crypto-suites-cpp](https://github.com/safeheron/crypto-suites-cpp.git). 156 | -------------------------------------------------------------------------------- /doc/GoogleTest-Installation.md: -------------------------------------------------------------------------------- 1 | # GoogleTest Installation 2 | 3 | ## Installation on Linux 4 | - CentOS / Red Hat 5 | 6 | ```shell 7 | yum install gtest 8 | ``` 9 | - Ubuntu 10 | 11 | ```shell 12 | sudo apt install libgtest-dev 13 | ``` 14 | 15 | ## Installation on macOS 16 | 17 | ```shell 18 | brew install googletest 19 | ``` 20 | 21 | -------------------------------------------------------------------------------- /doc/OpenSSL-Installation.md: -------------------------------------------------------------------------------- 1 | # OpenSSL Installation 2 | 3 | ## Installation on Linux 4 | - CentOS / Red Hat 5 | By default, OpenSSL is already included in CentOS. If this is not the case with your instance, then run the following command line: 6 | 7 | ```shell 8 | yum install openssl 9 | ``` 10 | - Ubuntu 11 | By default, OpenSSL is already included in Ubuntu. If this is not the case with your instance, then run the following command line: 12 | 13 | ```shell 14 | apt install openssl 15 | ``` 16 | 17 | ## Installation on macOS 18 | By default, OpenSSL is already installed in macOS. However, your version may be outdated. If so, then you can install the latest version with Homebrew. After installing Homebrew, simply run the following command line: 19 | 20 | ```shell 21 | brew install openssl 22 | ``` 23 | 24 | -------------------------------------------------------------------------------- /doc/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Safeheron/tss-rsa-cpp/fed39a55d3ca60ad92aff5592ac9b491e107f74e/doc/logo.png -------------------------------------------------------------------------------- /examples/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | cmake_minimum_required(VERSION 3.10) 2 | project(example) 3 | 4 | set(CMAKE_CXX_STANDARD 11) 5 | set(CMAKE_BUILD_TYPE "Release") 6 | set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -O2") 7 | set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -O2") 8 | 9 | find_package(PkgConfig REQUIRED) 10 | pkg_search_module(PROTOBUF REQUIRED protobuf) # depend on pkg-config, this looks for opencv.pc file 11 | 12 | #set(OPENSSL_USE_STATIC_LIBS TRUE) 13 | find_package(OpenSSL REQUIRED) 14 | find_package(SafeheronCryptoSuites REQUIRED) 15 | find_package(CryptoTSSRSA REQUIRED) 16 | 17 | add_executable(${PROJECT_NAME} example.cpp) 18 | target_include_directories(${PROJECT_NAME} PUBLIC 19 | ${SafeheronCryptoSuites_INCLUDE_DIRS} 20 | ${CryptoTSSRSA_INCLUDE_DIRS} 21 | /usr/local/include # This directory is included default on linux but not on Mac os 22 | ) 23 | 24 | # This directory is included default on linux but not on Mac os 25 | target_link_directories(${PROJECT_NAME} PUBLIC /usr/local/lib) 26 | 27 | target_link_libraries(${PROJECT_NAME} PUBLIC 28 | SafeheronCryptoSuites 29 | CryptoTSSRSA 30 | pthread ) -------------------------------------------------------------------------------- /examples/example.cpp: -------------------------------------------------------------------------------- 1 | #include "crypto-bn/bn.h" 2 | #include "exception/safeheron_exceptions.h" 3 | #include "crypto-tss-rsa/tss_rsa.h" 4 | #include "crypto-encode/hex.h" 5 | 6 | using safeheron::bignum::BN; 7 | using safeheron::tss_rsa::RSAPrivateKeyShare; 8 | using safeheron::tss_rsa::RSAPublicKey; 9 | using safeheron::tss_rsa::RSAKeyMeta; 10 | using safeheron::tss_rsa::RSASigShare; 11 | using safeheron::tss_rsa::KeyGenParam; 12 | using safeheron::exception::LocatedException; 13 | using safeheron::exception::OpensslException; 14 | using safeheron::exception::BadAllocException; 15 | using safeheron::exception::RandomSourceException; 16 | 17 | int main(int argc, char **argv) { 18 | std::string json_str; 19 | std::string doc("12345678123456781234567812345678"); 20 | 21 | // Key Generation 22 | int key_bits_length = 1024; 23 | int k = 2; 24 | int l = 3; 25 | std::vector priv_arr; 26 | RSAPublicKey pub; 27 | RSAKeyMeta key_meta; 28 | bool status = safeheron::tss_rsa::GenerateKey(key_bits_length, l, k, priv_arr, pub, key_meta); 29 | key_meta.ToJsonString(json_str); 30 | std::cout << "key meta data: " << json_str << std::endl; 31 | 32 | pub.ToJsonString(json_str); 33 | std::cout << "public key: " << json_str << std::endl; 34 | 35 | priv_arr[0].ToJsonString(json_str); 36 | std::cout << "private key share 1: " << json_str << std::endl; 37 | priv_arr[2].ToJsonString(json_str); 38 | std::cout << "private key share 3: " << json_str << std::endl; 39 | 40 | // Prepare 41 | std::string doc_pss = safeheron::tss_rsa::EncodeEMSA_PSS(doc, key_bits_length, safeheron::tss_rsa::SaltLength::AutoLength); 42 | std::cout << "EM: " << safeheron::encode::hex::EncodeToHex(doc) << std::endl; 43 | // Party 1 sign. 44 | RSASigShare sig_share0 = priv_arr[0].Sign(doc_pss, key_meta, pub); 45 | sig_share0.ToJsonString(json_str); 46 | std::cout << "signature share 1: " << json_str << std::endl; 47 | // Party 3 sign. 48 | RSASigShare sig_share2 = priv_arr[2].Sign(doc_pss, key_meta, pub); 49 | sig_share2.ToJsonString(json_str); 50 | std::cout << "signature share 3: " << json_str << std::endl; 51 | 52 | // Combine signatures 53 | // Distributed signature 54 | std::vector sig_share_arr; 55 | for(int i = 0; i < l; i++) { 56 | sig_share_arr.emplace_back(priv_arr[i].Sign(doc_pss, key_meta, pub)); 57 | } 58 | BN sig; 59 | bool ok = safeheron::tss_rsa::CombineSignatures(doc_pss, sig_share_arr, pub, key_meta, sig); 60 | std::cout << "succeed to sign: " << ok < 5 | #include "crypto-bn/bn.h" 6 | 7 | namespace safeheron { 8 | namespace tss_rsa{ 9 | 10 | class KeyGenParam{ 11 | public: 12 | KeyGenParam(); 13 | /** 14 | * Constructor 15 | * @param[in] e : 65537 default. 16 | * @param[in] p : safe prime. 17 | * @param[in] q : safe prime. 18 | * @param[in] f : f \in Z_n^*, then f^2 \in Q_n 19 | * @param[in] vku: vku \in Z_n^*, Jacobi(vku, n) = -1, where n = pq 20 | */ 21 | KeyGenParam(int e, 22 | const safeheron::bignum::BN &p, 23 | const safeheron::bignum::BN &q, 24 | const safeheron::bignum::BN &f, 25 | const safeheron::bignum::BN &vku); 26 | 27 | public: 28 | int e() const; 29 | 30 | void set_e(int e); 31 | 32 | const bignum::BN &p() const; 33 | 34 | void set_p(const bignum::BN &p); 35 | 36 | const bignum::BN &q() const; 37 | 38 | void set_q(const bignum::BN &q); 39 | 40 | const bignum::BN &f() const; 41 | 42 | void set_f(const bignum::BN &f); 43 | 44 | const bignum::BN &vku() const; 45 | 46 | void set_vku(const bignum::BN &vku); 47 | 48 | private: 49 | int e_; /**< 65537 default */ 50 | safeheron::bignum::BN p_; /**< safe prime. */ 51 | safeheron::bignum::BN q_; /**< safe prime. */ 52 | safeheron::bignum::BN f_; /**< f \in Z_n^*, then f^2 \in Q_n */ 53 | safeheron::bignum::BN vku_; /**< vku \in Z_n^*, Jacobi(vku, n) = -1, where n = pq */ 54 | }; 55 | 56 | }; 57 | }; 58 | 59 | #endif //SAFEHERON_TSS_RSA_KEY_GEN_PARAM_SHARE_H -------------------------------------------------------------------------------- /src/crypto-tss-rsa/RSAKeyMeta.cpp: -------------------------------------------------------------------------------- 1 | #include "RSAKeyMeta.h" 2 | #include 3 | #include "crypto-encode/base64.h" 4 | 5 | using std::string; 6 | using google::protobuf::util::Status; 7 | using google::protobuf::util::MessageToJsonString; 8 | using google::protobuf::util::JsonStringToMessage; 9 | using google::protobuf::util::JsonPrintOptions; 10 | using google::protobuf::util::JsonParseOptions; 11 | using safeheron::bignum::BN; 12 | 13 | namespace safeheron { 14 | namespace tss_rsa{ 15 | 16 | RSAKeyMeta::RSAKeyMeta(int k, 17 | int l, 18 | const safeheron::bignum::BN &vkv, 19 | const std::vector &vki_arr, 20 | const safeheron::bignum::BN &vku){ 21 | this->k_ = k; 22 | this->l_ = l; 23 | this->vkv_ = vkv; 24 | this->vki_arr_.insert(this->vki_arr_.begin(), vki_arr.begin(), vki_arr.end()); 25 | this->vku_ = vku; 26 | } 27 | 28 | int RSAKeyMeta::k() const { 29 | return k_; 30 | } 31 | 32 | void RSAKeyMeta::set_k(int k) { 33 | k_ = k; 34 | } 35 | 36 | int RSAKeyMeta::l() const { 37 | return l_; 38 | } 39 | 40 | void RSAKeyMeta::set_l(int l) { 41 | l_ = l; 42 | } 43 | 44 | const bignum::BN &RSAKeyMeta::vkv() const { 45 | return vkv_; 46 | } 47 | 48 | void RSAKeyMeta::set_vkv(const bignum::BN &vkv) { 49 | vkv_ = vkv; 50 | } 51 | 52 | const std::vector &RSAKeyMeta::vki_arr() const { 53 | return vki_arr_; 54 | } 55 | 56 | void RSAKeyMeta::set_vki_arr(const std::vector &vki_arr) { 57 | this->vki_arr_.clear(); 58 | this->vki_arr_.insert(this->vki_arr_.begin(), vki_arr.begin(), vki_arr.end()); 59 | } 60 | 61 | const safeheron::bignum::BN &RSAKeyMeta::vki(size_t index) const { 62 | return vki_arr_.at(index); 63 | } 64 | 65 | const bignum::BN &RSAKeyMeta::vku() const { 66 | return vku_; 67 | } 68 | 69 | void RSAKeyMeta::set_vku(const bignum::BN &vku) { 70 | vku_ = vku; 71 | } 72 | 73 | bool RSAKeyMeta::ToProtoObject(proto::RSAKeyMeta &proof) const { 74 | bool ok = true; 75 | 76 | if(k_ < 2) return false; 77 | proof.set_k(k_); 78 | 79 | if(l_ < 2) return false; 80 | proof.set_l(l_); 81 | 82 | std::string str; 83 | vkv_.ToHexStr(str); 84 | proof.mutable_vkv()->assign(str); 85 | 86 | vku_.ToHexStr(str); 87 | proof.mutable_vku()->assign(str); 88 | 89 | for(size_t i = 0; i < vki_arr_.size(); ++i){ 90 | vki_arr_[i].ToHexStr(str); 91 | proof.add_vki_arr(str); 92 | } 93 | return true; 94 | } 95 | 96 | bool RSAKeyMeta::FromProtoObject(const proto::RSAKeyMeta &proof) { 97 | bool ok = true; 98 | 99 | k_ = proof.k(); 100 | if(k_ == 0) return false; 101 | 102 | l_ = proof.l(); 103 | if(l_ == 0) return false; 104 | 105 | vkv_ = BN::FromHexStr(proof.vkv()); 106 | 107 | vku_ = BN::FromHexStr(proof.vku()); 108 | 109 | for(int i = 0; i < proof.vki_arr_size(); ++i){ 110 | BN alpha = BN::FromHexStr(proof.vki_arr(i)); 111 | vki_arr_.push_back(alpha); 112 | } 113 | return true; 114 | } 115 | 116 | typedef RSAKeyMeta TheClass; 117 | typedef safeheron::proto::RSAKeyMeta ProtoObject; 118 | 119 | bool TheClass::ToBase64(string &b64) const { 120 | bool ok = true; 121 | b64.clear(); 122 | safeheron::proto::RSAKeyMeta proto_object; 123 | ok = ToProtoObject(proto_object); 124 | if (!ok) return false; 125 | 126 | string proto_bin = proto_object.SerializeAsString(); 127 | b64 = encode::base64::EncodeToBase64(proto_bin, true); 128 | return true; 129 | } 130 | 131 | bool TheClass::FromBase64(const string &b64) { 132 | bool ok = true; 133 | 134 | string data = encode::base64::DecodeFromBase64(b64); 135 | 136 | safeheron::proto::RSAKeyMeta proto_object; 137 | ok = proto_object.ParseFromString(data); 138 | if (!ok) return false; 139 | 140 | return FromProtoObject(proto_object); 141 | } 142 | 143 | bool TheClass::ToJsonString(string &json_str) const { 144 | bool ok = true; 145 | json_str.clear(); 146 | ProtoObject proto_object; 147 | ok = ToProtoObject(proto_object); 148 | if (!ok) return false; 149 | 150 | JsonPrintOptions jp_option; 151 | jp_option.add_whitespace = true; 152 | Status stat = MessageToJsonString(proto_object, &json_str, jp_option); 153 | if (!stat.ok()) return false; 154 | 155 | return true; 156 | } 157 | 158 | 159 | bool TheClass::FromJsonString(const string &json_str) { 160 | ProtoObject proto_object; 161 | google::protobuf::util::JsonParseOptions jp_option; 162 | jp_option.ignore_unknown_fields = true; 163 | Status stat = JsonStringToMessage(json_str, &proto_object); 164 | if (!stat.ok()) return false; 165 | 166 | return FromProtoObject(proto_object); 167 | } 168 | 169 | }; 170 | }; 171 | -------------------------------------------------------------------------------- /src/crypto-tss-rsa/RSAKeyMeta.h: -------------------------------------------------------------------------------- 1 | #ifndef SAFEHERON_RSA_KEY_META_H 2 | #define SAFEHERON_RSA_KEY_META_H 3 | 4 | #include 5 | #include "crypto-bn/bn.h" 6 | #include "proto_gen/tss_rsa.pb.switch.h" 7 | 8 | namespace safeheron { 9 | namespace tss_rsa{ 10 | 11 | class RSAKeyMeta{ 12 | public: 13 | /** 14 | * Constructor. 15 | */ 16 | RSAKeyMeta(){} 17 | 18 | /** 19 | * Constructor. 20 | * @param[in] k threshold 21 | * @param[in] l number of parties 22 | * @param[in] vkv validation key 23 | * @param[in] vki_arr validation key array of all parties 24 | * @param[in] vku safe parameter for protocol 2 25 | */ 26 | RSAKeyMeta(int k, 27 | int l, 28 | const safeheron::bignum::BN &vkv, 29 | const std::vector &vki_arr, 30 | const safeheron::bignum::BN &vku); 31 | 32 | int k() const; 33 | void set_k(int k); 34 | 35 | int l() const; 36 | void set_l(int l); 37 | 38 | const bignum::BN &vkv() const; 39 | void set_vkv(const bignum::BN &vkv); 40 | 41 | const std::vector &vki_arr() const; 42 | void set_vki_arr(const std::vector &vki_arr); 43 | const bignum::BN &vki(size_t index) const; 44 | 45 | const bignum::BN &vku() const; 46 | void set_vku(const bignum::BN &vku); 47 | 48 | /** 49 | * Convert this object into a protobuf object. 50 | * @param[out] proof 51 | * @return true on success, false on error. 52 | */ 53 | bool ToProtoObject(safeheron::proto::RSAKeyMeta &proof) const; 54 | 55 | /** 56 | * Convert a protobuf object into this object. 57 | * @param[in] proof 58 | * @return true on success, false on error. 59 | */ 60 | bool FromProtoObject(const safeheron::proto::RSAKeyMeta &proof); 61 | 62 | /** 63 | * Convert this object into a base64 string. 64 | * @param[out] base64 65 | * @return true on success, false on error. 66 | */ 67 | bool ToBase64(std::string& base64) const; 68 | 69 | /** 70 | * Convert a base64 string into this object. 71 | * @param[in] base64 72 | * @return true on success, false on error. 73 | */ 74 | bool FromBase64(const std::string& base64); 75 | 76 | /** 77 | * Convert this object into a json string. 78 | * @param[out] json_str 79 | * @return true on success, false on error. 80 | */ 81 | bool ToJsonString(std::string &json_str) const; 82 | 83 | /** 84 | * Convert a json string into this object. 85 | * @param[in] json_str 86 | * @return true on success, false on error. 87 | */ 88 | bool FromJsonString(const std::string &json_str); 89 | private: 90 | int k_; /**< threshold */ 91 | int l_; /**< number of parties */ 92 | safeheron::bignum::BN vkv_; /**< validation key */ 93 | std::vector vki_arr_; /**< validation key array of all parties */ 94 | safeheron::bignum::BN vku_; /**< safe parameter for protocol 2 */ 95 | 96 | }; 97 | 98 | }; 99 | }; 100 | 101 | #endif //SAFEHERON_RSA_KEY_META_H -------------------------------------------------------------------------------- /src/crypto-tss-rsa/RSAPrivateKeyShare.cpp: -------------------------------------------------------------------------------- 1 | #include "RSAPrivateKeyShare.h" 2 | #include "RSASigShare.h" 3 | #include "RSASigShareProof.h" 4 | #include "common.h" 5 | #include 6 | #include "crypto-encode/base64.h" 7 | #include "crypto-hash/hash256.h" 8 | 9 | using std::string; 10 | using google::protobuf::util::Status; 11 | using google::protobuf::util::MessageToJsonString; 12 | using google::protobuf::util::JsonStringToMessage; 13 | using google::protobuf::util::JsonPrintOptions; 14 | using google::protobuf::util::JsonParseOptions; 15 | using safeheron::bignum::BN; 16 | using safeheron::hash::CSHA256; 17 | 18 | namespace safeheron { 19 | namespace tss_rsa{ 20 | 21 | RSAPrivateKeyShare::RSAPrivateKeyShare(int i, 22 | const safeheron::bignum::BN &si){ 23 | this->si_ = si; 24 | this->i_ = i; 25 | } 26 | 27 | const bignum::BN &RSAPrivateKeyShare::si() const { 28 | return si_; 29 | } 30 | 31 | void RSAPrivateKeyShare::set_si(const bignum::BN &s) { 32 | si_ = s; 33 | } 34 | 35 | int RSAPrivateKeyShare::i() const { 36 | return i_; 37 | } 38 | 39 | void RSAPrivateKeyShare::set_i(int i) { 40 | i_ = i; 41 | } 42 | 43 | RSASigShare RSAPrivateKeyShare::InternalSign(const safeheron::bignum::BN &_x, 44 | const safeheron::tss_rsa::RSAKeyMeta &key_meta, 45 | const safeheron::tss_rsa::RSAPublicKey &public_key){ 46 | // x = x*u^e, if (m, n) == -1 47 | BN x = _x; 48 | if(BN::JacobiSymbol(x, public_key.n()) == -1){ 49 | x = (x * key_meta.vku().PowM(public_key.e(), public_key.n())) % public_key.n(); 50 | } 51 | 52 | // x_i = x^{2 * s_i} 53 | BN xi = x.PowM(si_ * 2, public_key.n()); 54 | 55 | RSASigShareProof proof; 56 | proof.Prove(si_, key_meta.vkv(), key_meta.vki(i_-1), x, public_key.n(), xi); 57 | 58 | 59 | return {i_, xi, proof.z(), proof.c()}; 60 | } 61 | 62 | RSASigShare RSAPrivateKeyShare::Sign(const std::string &doc, 63 | const safeheron::tss_rsa::RSAKeyMeta &key_meta, 64 | const safeheron::tss_rsa::RSAPublicKey &public_key){ 65 | BN x = BN::FromBytesBE(doc); 66 | return InternalSign(x, key_meta, public_key); 67 | } 68 | 69 | bool RSAPrivateKeyShare::ToProtoObject(proto::RSAPrivateKeyShare &proof) const { 70 | bool ok = true; 71 | 72 | if(i_ == 0) return false; 73 | proof.set_i(i_); 74 | 75 | std::string str; 76 | si_.ToHexStr(str); 77 | proof.mutable_si()->assign(str); 78 | 79 | return true; 80 | } 81 | 82 | bool RSAPrivateKeyShare::FromProtoObject(const proto::RSAPrivateKeyShare &proof) { 83 | bool ok = true; 84 | 85 | i_ = proof.i(); 86 | if(i_ == 0) return false; 87 | 88 | si_ = BN::FromHexStr(proof.si()); 89 | 90 | return true; 91 | } 92 | 93 | typedef RSAPrivateKeyShare TheClass; 94 | typedef safeheron::proto::RSAPrivateKeyShare ProtoObject; 95 | 96 | bool TheClass::ToBase64(string &b64) const { 97 | bool ok = true; 98 | b64.clear(); 99 | safeheron::proto::RSAPrivateKeyShare proto_object; 100 | ok = ToProtoObject(proto_object); 101 | if (!ok) return false; 102 | 103 | string proto_bin = proto_object.SerializeAsString(); 104 | b64 = encode::base64::EncodeToBase64(proto_bin, true); 105 | return true; 106 | } 107 | 108 | bool TheClass::FromBase64(const string &b64) { 109 | bool ok = true; 110 | 111 | string data = encode::base64::DecodeFromBase64(b64); 112 | 113 | safeheron::proto::RSAPrivateKeyShare proto_object; 114 | ok = proto_object.ParseFromString(data); 115 | if (!ok) return false; 116 | 117 | return FromProtoObject(proto_object); 118 | } 119 | 120 | bool TheClass::ToJsonString(string &json_str) const { 121 | bool ok = true; 122 | json_str.clear(); 123 | ProtoObject proto_object; 124 | ok = ToProtoObject(proto_object); 125 | if (!ok) return false; 126 | 127 | JsonPrintOptions jp_option; 128 | jp_option.add_whitespace = true; 129 | Status stat = MessageToJsonString(proto_object, &json_str, jp_option); 130 | if (!stat.ok()) return false; 131 | 132 | return true; 133 | } 134 | 135 | 136 | bool TheClass::FromJsonString(const string &json_str) { 137 | ProtoObject proto_object; 138 | google::protobuf::util::JsonParseOptions jp_option; 139 | jp_option.ignore_unknown_fields = true; 140 | Status stat = JsonStringToMessage(json_str, &proto_object); 141 | if (!stat.ok()) return false; 142 | 143 | return FromProtoObject(proto_object); 144 | } 145 | 146 | }; 147 | }; 148 | -------------------------------------------------------------------------------- /src/crypto-tss-rsa/RSAPrivateKeyShare.h: -------------------------------------------------------------------------------- 1 | #ifndef SAFEHERON_RSA_PRIVATE_KEY_SHARE_H 2 | #define SAFEHERON_RSA_PRIVATE_KEY_SHARE_H 3 | 4 | #include 5 | #include "crypto-bn/bn.h" 6 | #include "RSAKeyMeta.h" 7 | #include "RSAPrivateKeyShare.h" 8 | #include "RSAPublicKey.h" 9 | #include "RSASigShare.h" 10 | #include "proto_gen/tss_rsa.pb.switch.h" 11 | 12 | namespace safeheron { 13 | namespace tss_rsa{ 14 | 15 | class RSAPrivateKeyShare{ 16 | public: 17 | /** 18 | * Constructor. 19 | * @param[in] i index of party 20 | * @param[in] si secret share of party i 21 | */ 22 | RSAPrivateKeyShare(int i, const safeheron::bignum::BN &si); 23 | 24 | public: 25 | const bignum::BN &si() const; 26 | void set_si(const bignum::BN &si); 27 | 28 | int i() const; 29 | void set_i(int i); 30 | 31 | /** 32 | * Sign the message and create the signature share. 33 | * @param[in] doc message to sign. 34 | * @param[in] key_meta meta data of key 35 | * @param[in] public_key public key 36 | * @return a RSASigShare object. 37 | */ 38 | RSASigShare Sign(const std::string &doc, 39 | const safeheron::tss_rsa::RSAKeyMeta &key_meta, 40 | const safeheron::tss_rsa::RSAPublicKey &public_key); 41 | 42 | /** 43 | * Convert this object into a protobuf object. 44 | * @param[out] proof 45 | * @return true on success, false on error. 46 | */ 47 | bool ToProtoObject(safeheron::proto::RSAPrivateKeyShare &proof) const; 48 | 49 | /** 50 | * Convert a protobuf object into this object. 51 | * @param[in] proof 52 | * @return true on success, false on error. 53 | */ 54 | bool FromProtoObject(const safeheron::proto::RSAPrivateKeyShare &proof); 55 | 56 | /** 57 | * Convert this object into a base64 string. 58 | * @param[out] base64 59 | * @return true on success, false on error. 60 | */ 61 | bool ToBase64(std::string& base64) const; 62 | 63 | /** 64 | * Convert a base64 string into this object. 65 | * @param[in] base64 66 | * @return true on success, false on error. 67 | */ 68 | bool FromBase64(const std::string& base64); 69 | 70 | /** 71 | * Convert this object into a json string. 72 | * @param[out] json_str 73 | * @return true on success, false on error. 74 | */ 75 | bool ToJsonString(std::string &json_str) const; 76 | 77 | /** 78 | * Convert a json string into this object. 79 | * @param[in] json_str 80 | * @return true on success, false on error. 81 | */ 82 | bool FromJsonString(const std::string &json_str); 83 | 84 | private: 85 | /** 86 | * Sign the message and create the signature share. 87 | * @param x a BN object which indicate the message to sign. 88 | * @param key_meta meta data of key 89 | * @param public_key public key 90 | * @return a RSASigShare object. 91 | */ 92 | RSASigShare InternalSign(const safeheron::bignum::BN &x, 93 | const safeheron::tss_rsa::RSAKeyMeta &key_meta, 94 | const safeheron::tss_rsa::RSAPublicKey &public_key); 95 | 96 | private: 97 | int i_; /**< index of party. */ 98 | safeheron::bignum::BN si_; /**< secret share of party i. */ 99 | }; 100 | 101 | }; 102 | }; 103 | 104 | #endif //SAFEHERON_RSA_PRIVATE_KEY_SHARE_H -------------------------------------------------------------------------------- /src/crypto-tss-rsa/RSAPublicKey.cpp: -------------------------------------------------------------------------------- 1 | #include "RSAPublicKey.h" 2 | #include "exception/safeheron_exceptions.h" 3 | #include 4 | #include "crypto-encode/base64.h" 5 | #include "crypto-hash/hash256.h" 6 | 7 | using std::string; 8 | using google::protobuf::util::Status; 9 | using google::protobuf::util::MessageToJsonString; 10 | using google::protobuf::util::JsonStringToMessage; 11 | using google::protobuf::util::JsonPrintOptions; 12 | using google::protobuf::util::JsonParseOptions; 13 | using safeheron::bignum::BN; 14 | using safeheron::exception::LocatedException; 15 | using safeheron::exception::OpensslException; 16 | using safeheron::exception::BadAllocException; 17 | using safeheron::exception::RandomSourceException; 18 | using safeheron::hash::CSHA256; 19 | 20 | 21 | namespace safeheron { 22 | namespace tss_rsa{ 23 | 24 | 25 | RSAPublicKey::RSAPublicKey(const safeheron::bignum::BN &n, const safeheron::bignum::BN &e){ 26 | this->n_ = n; 27 | this->e_ = e; 28 | } 29 | 30 | bool RSAPublicKey::InternalVerifySignature(const safeheron::bignum::BN &x, const safeheron::bignum::BN &sig) { 31 | // check y^e = x mod n, where y = sig 32 | return sig.PowM(e_, n_) == (x % n_); 33 | } 34 | 35 | bool RSAPublicKey::VerifySignature(const string &doc, const safeheron::bignum::BN &sig){ 36 | BN x = BN::FromBytesBE(doc); 37 | return InternalVerifySignature(x, sig); 38 | } 39 | 40 | const bignum::BN &RSAPublicKey::n() const { 41 | return n_; 42 | } 43 | 44 | void RSAPublicKey::set_n(const bignum::BN &n) { 45 | n_ = n; 46 | } 47 | 48 | const bignum::BN &RSAPublicKey::e() const { 49 | return e_; 50 | } 51 | 52 | void RSAPublicKey::set_e(const bignum::BN &e) { 53 | e_ = e; 54 | } 55 | 56 | bool RSAPublicKey::ToProtoObject(proto::RSAPublicKey &proof) const { 57 | bool ok = true; 58 | 59 | std::string str; 60 | n_.ToHexStr(str); 61 | proof.mutable_n()->assign(str); 62 | 63 | e_.ToHexStr(str); 64 | proof.mutable_e()->assign(str); 65 | 66 | return true; 67 | } 68 | 69 | bool RSAPublicKey::FromProtoObject(const proto::RSAPublicKey &proof) { 70 | bool ok = true; 71 | 72 | n_ = BN::FromHexStr(proof.n()); 73 | e_ = BN::FromHexStr(proof.e()); 74 | 75 | return true; 76 | } 77 | 78 | typedef RSAPublicKey TheClass; 79 | typedef safeheron::proto::RSAPublicKey ProtoObject; 80 | 81 | bool TheClass::ToBase64(string &b64) const { 82 | bool ok = true; 83 | b64.clear(); 84 | safeheron::proto::RSAPublicKey proto_object; 85 | ok = ToProtoObject(proto_object); 86 | if (!ok) return false; 87 | 88 | string proto_bin = proto_object.SerializeAsString(); 89 | b64 = encode::base64::EncodeToBase64(proto_bin, true); 90 | return true; 91 | } 92 | 93 | bool TheClass::FromBase64(const string &b64) { 94 | bool ok = true; 95 | 96 | string data = encode::base64::DecodeFromBase64(b64); 97 | 98 | safeheron::proto::RSAPublicKey proto_object; 99 | ok = proto_object.ParseFromString(data); 100 | if (!ok) return false; 101 | 102 | return FromProtoObject(proto_object); 103 | } 104 | 105 | bool TheClass::ToJsonString(string &json_str) const { 106 | bool ok = true; 107 | json_str.clear(); 108 | ProtoObject proto_object; 109 | ok = ToProtoObject(proto_object); 110 | if (!ok) return false; 111 | 112 | JsonPrintOptions jp_option; 113 | jp_option.add_whitespace = true; 114 | Status stat = MessageToJsonString(proto_object, &json_str, jp_option); 115 | if (!stat.ok()) return false; 116 | 117 | return true; 118 | } 119 | 120 | 121 | bool TheClass::FromJsonString(const string &json_str) { 122 | ProtoObject proto_object; 123 | google::protobuf::util::JsonParseOptions jp_option; 124 | jp_option.ignore_unknown_fields = true; 125 | Status stat = JsonStringToMessage(json_str, &proto_object); 126 | if (!stat.ok()) return false; 127 | 128 | return FromProtoObject(proto_object); 129 | } 130 | 131 | 132 | }; 133 | }; 134 | -------------------------------------------------------------------------------- /src/crypto-tss-rsa/RSAPublicKey.h: -------------------------------------------------------------------------------- 1 | #ifndef SAFEHERON_RSA_PUBLIC_KEY_H 2 | #define SAFEHERON_RSA_PUBLIC_KEY_H 3 | 4 | #include "crypto-bn/bn.h" 5 | #include "proto_gen/tss_rsa.pb.switch.h" 6 | 7 | 8 | namespace safeheron { 9 | namespace tss_rsa{ 10 | 11 | 12 | class RSAPublicKey{ 13 | public: 14 | /** 15 | * Constructor. 16 | */ 17 | RSAPublicKey(){} 18 | 19 | /** 20 | * Constructor. 21 | * @param[in] n n=pq 22 | * @param[in] e a prime 23 | */ 24 | RSAPublicKey(const safeheron::bignum::BN &n, const safeheron::bignum::BN &e); 25 | 26 | /** 27 | * Verify the signature. 28 | * @param[in] doc 29 | * @param[in] sig 30 | * @return true on success, false on error. 31 | */ 32 | bool VerifySignature(const std::string &doc, const safeheron::bignum::BN &sig); 33 | 34 | const bignum::BN &n() const; 35 | void set_n(const bignum::BN &n); 36 | 37 | const bignum::BN &e() const; 38 | void set_e(const bignum::BN &e); 39 | 40 | /** 41 | * Convert this object into a protobuf object. 42 | * @param[out] proof 43 | * @return true on success, false on error. 44 | */ 45 | bool ToProtoObject(safeheron::proto::RSAPublicKey &proof) const; 46 | 47 | /** 48 | * Convert a protobuf object into this object. 49 | * @param[in] proof 50 | * @return true on success, false on error. 51 | */ 52 | bool FromProtoObject(const safeheron::proto::RSAPublicKey &proof); 53 | 54 | /** 55 | * Convert this object into a base64 string. 56 | * @param[out] base64 57 | * @return true on success, false on error. 58 | */ 59 | bool ToBase64(std::string& base64) const; 60 | 61 | /** 62 | * Convert a base64 string into this object. 63 | * @param[in] base64 64 | * @return true on success, false on error. 65 | */ 66 | bool FromBase64(const std::string& base64); 67 | 68 | /** 69 | * Convert this object into a json string. 70 | * @param[out] json_str 71 | * @return true on success, false on error. 72 | */ 73 | bool ToJsonString(std::string &json_str) const; 74 | 75 | /** 76 | * Convert a json string into this object. 77 | * @param[in] json_str 78 | * @return true on success, false on error. 79 | */ 80 | bool FromJsonString(const std::string &json_str); 81 | 82 | private: 83 | /** 84 | * Verify the signature. 85 | * @param[in] x 86 | * @param[in] sig 87 | * @return true on success, false on error. 88 | */ 89 | bool InternalVerifySignature(const safeheron::bignum::BN &x, const safeheron::bignum::BN &sig); 90 | private: 91 | safeheron::bignum::BN n_; 92 | safeheron::bignum::BN e_; 93 | }; 94 | 95 | 96 | }; 97 | }; 98 | 99 | #endif //SAFEHERON_RSA_PUBLIC_KEY_H -------------------------------------------------------------------------------- /src/crypto-tss-rsa/RSASigShare.cpp: -------------------------------------------------------------------------------- 1 | #include "RSASigShare.h" 2 | #include 3 | #include "crypto-encode/base64.h" 4 | 5 | using std::string; 6 | using google::protobuf::util::Status; 7 | using google::protobuf::util::MessageToJsonString; 8 | using google::protobuf::util::JsonStringToMessage; 9 | using google::protobuf::util::JsonPrintOptions; 10 | using google::protobuf::util::JsonParseOptions; 11 | using safeheron::bignum::BN; 12 | 13 | namespace safeheron { 14 | namespace tss_rsa{ 15 | 16 | RSASigShare::RSASigShare(): index_(0), sig_share_(bignum::BN::ZERO), z_(bignum::BN::ZERO), c_(bignum::BN::ZERO){} 17 | 18 | RSASigShare::RSASigShare(int index, 19 | const safeheron::bignum::BN &sig_share, 20 | const safeheron::bignum::BN &z, 21 | const safeheron::bignum::BN &c){ 22 | this->index_ = index; 23 | this->sig_share_ = sig_share; 24 | this->z_ = z; 25 | this->c_ = c; 26 | } 27 | 28 | int RSASigShare::index() const { 29 | return index_; 30 | } 31 | 32 | void RSASigShare::set_index(int index) { 33 | index_ = index; 34 | } 35 | 36 | const bignum::BN &RSASigShare::sig_share() const { 37 | return sig_share_; 38 | } 39 | 40 | void RSASigShare::set_sig_share(const bignum::BN &sig_share) { 41 | sig_share_ = sig_share; 42 | } 43 | 44 | const bignum::BN &RSASigShare::z() const { 45 | return z_; 46 | } 47 | 48 | void RSASigShare::set_z(const bignum::BN &z) { 49 | z_ = z; 50 | } 51 | 52 | const bignum::BN &RSASigShare::c() const { 53 | return c_; 54 | } 55 | 56 | void RSASigShare::set_c(const bignum::BN &c) { 57 | c_ = c; 58 | } 59 | 60 | bool RSASigShare::ToProtoObject(proto::RSASigShare &proof) const { 61 | bool ok = true; 62 | 63 | if(index_ == 0) return false; 64 | proof.set_index(index_); 65 | 66 | std::string str; 67 | sig_share_.ToHexStr(str); 68 | proof.mutable_sig_share()->assign(str); 69 | 70 | z_.ToHexStr(str); 71 | proof.mutable_z()->assign(str); 72 | 73 | c_.ToHexStr(str); 74 | proof.mutable_c()->assign(str); 75 | 76 | return true; 77 | } 78 | 79 | bool RSASigShare::FromProtoObject(const proto::RSASigShare &proof) { 80 | bool ok = true; 81 | 82 | index_ = proof.index(); 83 | if(index_ == 0) return false; 84 | 85 | sig_share_ = BN::FromHexStr(proof.sig_share()); 86 | 87 | z_ = BN::FromHexStr(proof.z()); 88 | 89 | c_ = BN::FromHexStr(proof.c()); 90 | 91 | return true; 92 | } 93 | 94 | typedef RSASigShare TheClass; 95 | typedef safeheron::proto::RSASigShare ProtoObject; 96 | 97 | bool TheClass::ToBase64(string &b64) const { 98 | bool ok = true; 99 | b64.clear(); 100 | safeheron::proto::RSASigShare proto_object; 101 | ok = ToProtoObject(proto_object); 102 | if (!ok) return false; 103 | 104 | string proto_bin = proto_object.SerializeAsString(); 105 | b64 = encode::base64::EncodeToBase64(proto_bin, true); 106 | return true; 107 | } 108 | 109 | bool TheClass::FromBase64(const string &b64) { 110 | bool ok = true; 111 | 112 | string data = encode::base64::DecodeFromBase64(b64); 113 | 114 | safeheron::proto::RSASigShare proto_object; 115 | ok = proto_object.ParseFromString(data); 116 | if (!ok) return false; 117 | 118 | return FromProtoObject(proto_object); 119 | } 120 | 121 | bool TheClass::ToJsonString(string &json_str) const { 122 | bool ok = true; 123 | json_str.clear(); 124 | ProtoObject proto_object; 125 | ok = ToProtoObject(proto_object); 126 | if (!ok) return false; 127 | 128 | JsonPrintOptions jp_option; 129 | jp_option.add_whitespace = true; 130 | Status stat = MessageToJsonString(proto_object, &json_str, jp_option); 131 | if (!stat.ok()) return false; 132 | 133 | return true; 134 | } 135 | 136 | 137 | bool TheClass::FromJsonString(const string &json_str) { 138 | ProtoObject proto_object; 139 | google::protobuf::util::JsonParseOptions jp_option; 140 | jp_option.ignore_unknown_fields = true; 141 | Status stat = JsonStringToMessage(json_str, &proto_object); 142 | if (!stat.ok()) return false; 143 | 144 | return FromProtoObject(proto_object); 145 | } 146 | 147 | }; 148 | }; 149 | -------------------------------------------------------------------------------- /src/crypto-tss-rsa/RSASigShare.h: -------------------------------------------------------------------------------- 1 | #ifndef SAFEHERON_RSA_KEY_SHARE_H 2 | #define SAFEHERON_RSA_KEY_SHARE_H 3 | 4 | #include 5 | #include "crypto-bn/bn.h" 6 | #include "proto_gen/tss_rsa.pb.switch.h" 7 | 8 | namespace safeheron { 9 | namespace tss_rsa{ 10 | 11 | class RSASigShare{ 12 | public: 13 | /** 14 | * Constructor. 15 | */ 16 | RSASigShare(); 17 | 18 | /** 19 | * Constructor. 20 | * @param[in] index index of party 21 | * @param[in] sig_share signature share 22 | * @param[in] z a parameter of the proof 23 | * @param[in] c a parameter of the proof 24 | */ 25 | RSASigShare(int index, 26 | const safeheron::bignum::BN &sig_share, 27 | const safeheron::bignum::BN &z, 28 | const safeheron::bignum::BN &c); 29 | 30 | int index() const; 31 | void set_index(int index); 32 | 33 | const bignum::BN &sig_share() const; 34 | void set_sig_share(const bignum::BN &sig_share); 35 | 36 | const bignum::BN &z() const; 37 | void set_z(const bignum::BN &z); 38 | 39 | const bignum::BN &c() const; 40 | void set_c(const bignum::BN &c); 41 | 42 | /** 43 | * Convert this object into a protobuf object. 44 | * @param[out] proof 45 | * @return true on success, false on error. 46 | */ 47 | bool ToProtoObject(safeheron::proto::RSASigShare &proof) const; 48 | 49 | /** 50 | * Convert a protobuf object into this object. 51 | * @param[in] proof 52 | * @return true on success, false on error. 53 | */ 54 | bool FromProtoObject(const safeheron::proto::RSASigShare &proof); 55 | 56 | /** 57 | * Convert this object into a base64 string. 58 | * @param[out] base64 59 | * @return true on success, false on error. 60 | */ 61 | bool ToBase64(std::string& base64) const; 62 | 63 | /** 64 | * Convert a base64 string into this object. 65 | * @param[in] base64 66 | * @return true on success, false on error. 67 | */ 68 | bool FromBase64(const std::string& base64); 69 | 70 | /** 71 | * Convert this object into a json string. 72 | * @param[out] json_str 73 | * @return true on success, false on error. 74 | */ 75 | bool ToJsonString(std::string &json_str) const; 76 | 77 | /** 78 | * Convert a json string into this object. 79 | * @param[in] json_str 80 | * @return true on success, false on error. 81 | */ 82 | bool FromJsonString(const std::string &json_str); 83 | private: 84 | int index_; /**< index of party */ 85 | safeheron::bignum::BN sig_share_; /**< signature share */ 86 | safeheron::bignum::BN z_; /**< a parameter of the proof */ 87 | safeheron::bignum::BN c_; /**< a parameter of the proof */ 88 | }; 89 | 90 | }; 91 | }; 92 | 93 | #endif //SAFEHERON_RSA_KEY_SHARE_H -------------------------------------------------------------------------------- /src/crypto-tss-rsa/RSASigShareProof.cpp: -------------------------------------------------------------------------------- 1 | #include "RSASigShareProof.h" 2 | #include 3 | #include 4 | #include "exception/safeheron_exceptions.h" 5 | #include "crypto-bn/rand.h" 6 | #include "crypto-hash/sha256.h" 7 | #include "crypto-encode/base64.h" 8 | 9 | using std::string; 10 | using google::protobuf::util::Status; 11 | using google::protobuf::util::MessageToJsonString; 12 | using google::protobuf::util::JsonStringToMessage; 13 | using google::protobuf::util::JsonPrintOptions; 14 | using google::protobuf::util::JsonParseOptions; 15 | using safeheron::bignum::BN; 16 | using safeheron::exception::LocatedException; 17 | using safeheron::exception::OpensslException; 18 | using safeheron::exception::BadAllocException; 19 | using safeheron::exception::RandomSourceException; 20 | using safeheron::hash::CSHA256; 21 | 22 | namespace safeheron { 23 | namespace tss_rsa{ 24 | 25 | // Output length of SHA256 is 256 26 | static int L1 = 256; 27 | 28 | RSASigShareProof::RSASigShareProof() : z_(bignum::BN::ZERO), c_(bignum::BN::ZERO) {} 29 | 30 | RSASigShareProof::RSASigShareProof(const bignum::BN &z, const bignum::BN &c) : z_(z), c_(c) {} 31 | 32 | const bignum::BN &RSASigShareProof::z() const { 33 | return z_; 34 | } 35 | 36 | void RSASigShareProof::set_z(const bignum::BN &z) { 37 | z_ = z; 38 | } 39 | 40 | const bignum::BN &RSASigShareProof::c() const { 41 | return c_; 42 | } 43 | 44 | void RSASigShareProof::set_c(const bignum::BN &c) { 45 | c_ = c; 46 | } 47 | 48 | void RSASigShareProof::Prove(const safeheron::bignum::BN &si, 49 | const safeheron::bignum::BN &v, 50 | const safeheron::bignum::BN &vi, 51 | const safeheron::bignum::BN &x, 52 | const safeheron::bignum::BN &n, 53 | const safeheron::bignum::BN &sig_i){ 54 | // sample random r in (0, 2^(L(N) + 2*L1 + 1) ) 55 | BN upper_bound = BN::TWO << (n.BitLength() + L1 * 2); 56 | BN r = safeheron::rand::RandomBNLt(upper_bound); 57 | // v' = v^r 58 | BN vp = v.PowM(r, n); 59 | // x_tilde = x^4 60 | BN x_tilde = x.PowM(BN::FOUR, n); 61 | // x' = x_tilde^r 62 | BN xp = x_tilde.PowM(r, n); 63 | // sig^2 64 | BN sig2 = sig_i.PowM(BN::TWO, n); 65 | 66 | // c = H(v, x_tilde, vi, x^2, v', x') 67 | uint8_t digest[CSHA256::OUTPUT_SIZE]; 68 | CSHA256 sha256; 69 | std::string buf; 70 | v.ToBytesBE(buf); sha256.Write((const uint8_t *)buf.c_str(), buf.size()); 71 | x_tilde.ToBytesBE(buf); sha256.Write((const uint8_t *)buf.c_str(), buf.size()); 72 | vi.ToBytesBE(buf); sha256.Write((const uint8_t *)buf.c_str(), buf.size()); 73 | sig2.ToBytesBE(buf); sha256.Write((const uint8_t *)buf.c_str(), buf.size()); 74 | vp.ToBytesBE(buf); sha256.Write((const uint8_t *)buf.c_str(), buf.size()); 75 | xp.ToBytesBE(buf); sha256.Write((const uint8_t *)buf.c_str(), buf.size()); 76 | sha256.Finalize(digest); 77 | BN c = BN::FromBytesBE(digest, CSHA256::OUTPUT_SIZE); 78 | 79 | // z = si * c + r 80 | BN z = si * c + r; 81 | 82 | z_ = z; 83 | c_ = c; 84 | } 85 | 86 | bool RSASigShareProof::Verify(const safeheron::bignum::BN &v, 87 | const safeheron::bignum::BN &vi, 88 | const safeheron::bignum::BN &x, 89 | const safeheron::bignum::BN &n, 90 | const safeheron::bignum::BN &sig_i){ 91 | // v' = v^z * vi^(-c) mod n 92 | BN vp = ( v.PowM(z_, n) * vi.PowM(c_ * (-1), n) ) % n; 93 | // x_tilde = x^4 mod n 94 | BN x_tilde = x.PowM(BN::FOUR, n); 95 | // x' = x_tilde^z * x^(-2c) mod n 96 | BN xp = ( x_tilde.PowM(z_, n) * sig_i.PowM(c_ * (-2), n) ) % n; 97 | // sig^2 mod n 98 | BN sig2 = sig_i.PowM(BN::TWO, n); 99 | 100 | // c = H(v, x_tilde, vi, x^2, v', x') 101 | uint8_t digest[CSHA256::OUTPUT_SIZE]; 102 | CSHA256 sha256; 103 | std::string buf; 104 | v.ToBytesBE(buf); sha256.Write((const uint8_t *)buf.c_str(), buf.size()); 105 | x_tilde.ToBytesBE(buf); sha256.Write((const uint8_t *)buf.c_str(), buf.size()); 106 | vi.ToBytesBE(buf); sha256.Write((const uint8_t *)buf.c_str(), buf.size()); 107 | sig2.ToBytesBE(buf); sha256.Write((const uint8_t *)buf.c_str(), buf.size()); 108 | vp.ToBytesBE(buf); sha256.Write((const uint8_t *)buf.c_str(), buf.size()); 109 | xp.ToBytesBE(buf); sha256.Write((const uint8_t *)buf.c_str(), buf.size()); 110 | sha256.Finalize(digest); 111 | BN c = BN::FromBytesBE(digest, CSHA256::OUTPUT_SIZE); 112 | 113 | // check c == c_ 114 | return c == c_; 115 | } 116 | 117 | bool RSASigShareProof::ToProtoObject(proto::RSASigShareProof &proof) const { 118 | bool ok = true; 119 | 120 | std::string str; 121 | z_.ToHexStr(str); 122 | proof.mutable_z()->assign(str); 123 | 124 | c_.ToHexStr(str); 125 | proof.mutable_c()->assign(str); 126 | 127 | return true; 128 | } 129 | 130 | bool RSASigShareProof::FromProtoObject(const proto::RSASigShareProof &proof) { 131 | bool ok = true; 132 | 133 | z_ = BN::FromHexStr(proof.z()); 134 | c_ = BN::FromHexStr(proof.c()); 135 | 136 | return true; 137 | } 138 | 139 | typedef RSASigShareProof TheClass; 140 | typedef safeheron::proto::RSASigShareProof ProtoObject; 141 | 142 | bool TheClass::ToBase64(string &b64) const { 143 | bool ok = true; 144 | b64.clear(); 145 | safeheron::proto::RSASigShareProof proto_object; 146 | ok = ToProtoObject(proto_object); 147 | if (!ok) return false; 148 | 149 | string proto_bin = proto_object.SerializeAsString(); 150 | b64 = encode::base64::EncodeToBase64(proto_bin, true); 151 | return true; 152 | } 153 | 154 | bool TheClass::FromBase64(const string &b64) { 155 | bool ok = true; 156 | 157 | string data = encode::base64::DecodeFromBase64(b64); 158 | 159 | safeheron::proto::RSASigShareProof proto_object; 160 | ok = proto_object.ParseFromString(data); 161 | if (!ok) return false; 162 | 163 | return FromProtoObject(proto_object); 164 | } 165 | 166 | bool TheClass::ToJsonString(string &json_str) const { 167 | bool ok = true; 168 | json_str.clear(); 169 | ProtoObject proto_object; 170 | ok = ToProtoObject(proto_object); 171 | if (!ok) return false; 172 | 173 | JsonPrintOptions jp_option; 174 | jp_option.add_whitespace = true; 175 | Status stat = MessageToJsonString(proto_object, &json_str, jp_option); 176 | if (!stat.ok()) return false; 177 | 178 | return true; 179 | } 180 | 181 | 182 | bool TheClass::FromJsonString(const string &json_str) { 183 | ProtoObject proto_object; 184 | google::protobuf::util::JsonParseOptions jp_option; 185 | jp_option.ignore_unknown_fields = true; 186 | Status stat = JsonStringToMessage(json_str, &proto_object); 187 | if (!stat.ok()) return false; 188 | 189 | return FromProtoObject(proto_object); 190 | } 191 | 192 | 193 | } 194 | } 195 | -------------------------------------------------------------------------------- /src/crypto-tss-rsa/RSASigShareProof.h: -------------------------------------------------------------------------------- 1 | #ifndef SAFEHERON_RSA_SIGNATURE_SHARE_PROOF_H 2 | #define SAFEHERON_RSA_SIGNATURE_SHARE_PROOF_H 3 | 4 | #include "crypto-bn/bn.h" 5 | #include "proto_gen/tss_rsa.pb.switch.h" 6 | 7 | 8 | namespace safeheron { 9 | namespace tss_rsa{ 10 | 11 | class RSASigShareProof{ 12 | public: 13 | /** 14 | * Constructor. 15 | */ 16 | RSASigShareProof(); 17 | 18 | /** 19 | * Constructor. 20 | * @param[in] z a parameter of the proof 21 | * @param[in] c a parameter of the proof 22 | */ 23 | RSASigShareProof(const bignum::BN &z, const bignum::BN &c); 24 | 25 | const bignum::BN &z() const; 26 | 27 | void set_z(const bignum::BN &z); 28 | 29 | const bignum::BN &c() const; 30 | 31 | void set_c(const bignum::BN &c); 32 | 33 | /** 34 | * Create a proof of the signature share. 35 | * @param[in] si secret share of party i 36 | * @param[in] vkv validation key 37 | * @param[in] vki validation key of party i 38 | * @param[in] x x which represents the message 39 | * @param[in] n n = pq 40 | * @param[in] sig_i signature share of party i 41 | */ 42 | void Prove(const safeheron::bignum::BN &si, 43 | const safeheron::bignum::BN &vkv, 44 | const safeheron::bignum::BN &vki, 45 | const safeheron::bignum::BN &x, 46 | const safeheron::bignum::BN &n, 47 | const safeheron::bignum::BN &sig_i); 48 | 49 | /** 50 | * Verify the proof of the signature share. 51 | * @param[in] vkv validation key 52 | * @param[in] vki validation key of party i 53 | * @param[in] x x which represents the message 54 | * @param[in] n n = pq 55 | * @param[in] sig_i signature share of party i 56 | * @return true on success, false on error. 57 | */ 58 | bool Verify(const safeheron::bignum::BN &vkv, 59 | const safeheron::bignum::BN &vki, 60 | const safeheron::bignum::BN &x, 61 | const safeheron::bignum::BN &n, 62 | const safeheron::bignum::BN &sig_i); 63 | 64 | /** 65 | * Convert this object into a protobuf object. 66 | * @param[out] proof 67 | * @return true on success, false on error. 68 | */ 69 | bool ToProtoObject(safeheron::proto::RSASigShareProof &proof) const; 70 | 71 | /** 72 | * Convert a protobuf object into this object. 73 | * @param[in] proof 74 | * @return true on success, false on error. 75 | */ 76 | bool FromProtoObject(const safeheron::proto::RSASigShareProof &proof); 77 | 78 | /** 79 | * Convert this object into a base64 string. 80 | * @param[out] base64 81 | * @return true on success, false on error. 82 | */ 83 | bool ToBase64(std::string& base64) const; 84 | 85 | /** 86 | * Convert a base64 string into this object. 87 | * @param[in] base64 88 | * @return true on success, false on error. 89 | */ 90 | bool FromBase64(const std::string& base64); 91 | 92 | /** 93 | * Convert this object into a json string. 94 | * @param[out] json_str 95 | * @return true on success, false on error. 96 | */ 97 | bool ToJsonString(std::string &json_str) const; 98 | 99 | /** 100 | * Convert a json string into this object. 101 | * @param[in] json_str 102 | * @return true on success, false on error. 103 | */ 104 | bool FromJsonString(const std::string &json_str); 105 | private: 106 | safeheron::bignum::BN z_; 107 | safeheron::bignum::BN c_; 108 | }; 109 | 110 | 111 | }; 112 | }; 113 | 114 | #endif //SAFEHERON_RSA_SIGNATURE_SHARE_PROOF_H -------------------------------------------------------------------------------- /src/crypto-tss-rsa/common.h: -------------------------------------------------------------------------------- 1 | #ifndef SAFEHERON_TSS_RSA_COMMON_H 2 | #define SAFEHERON_TSS_RSA_COMMON_H 3 | 4 | #include 5 | #include "crypto-bn/bn.h" 6 | 7 | namespace safeheron { 8 | namespace tss_rsa{ 9 | 10 | /** 11 | * Calculate $$\lambda_{i,j}^{S}$$ 12 | * 13 | * $$ 14 | * \lambda_{i,j}^{S} = 15 | * \Delta 16 | * \frac 17 | * { {\textstyle \prod_{j' \in S \setminus \{j\}}^{}(i-j')} } 18 | * { {\textstyle \prod_{j' \in S \setminus \{j\}}^{}(j-j')} } 19 | * $$ 20 | * @param[in] i 21 | * @param[in] j 22 | * @param[in] S 23 | * @param[in] delta delta=l! 24 | * @return $\lambda_{i,j}$ 25 | */ 26 | static inline safeheron::bignum::BN lambda(const safeheron::bignum::BN &i, 27 | const safeheron::bignum::BN &j, 28 | const std::vector &S, 29 | const safeheron::bignum::BN &delta){ 30 | safeheron::bignum::BN num(1); 31 | safeheron::bignum::BN den(1); 32 | for(const auto &item : S){ 33 | if(j != item){ 34 | num *= (i - item); 35 | den *= (j - item); 36 | } 37 | } 38 | return delta * num / den; 39 | } 40 | 41 | }; 42 | }; 43 | 44 | #endif //SAFEHERON_TSS_RSA_COMMON_H -------------------------------------------------------------------------------- /src/crypto-tss-rsa/emsa_pss.cpp: -------------------------------------------------------------------------------- 1 | #include "emsa_pss.h" 2 | #include 3 | #include 4 | #include "crypto-bn/bn.h" 5 | #include "crypto-bn/rand.h" 6 | #include "exception/located_exception.h" 7 | #include "crypto-hash/sha256.h" 8 | 9 | using std::string; 10 | using safeheron::hash::CSHA256; 11 | using safeheron::exception::LocatedException; 12 | namespace safeheron { 13 | namespace tss_rsa { 14 | 15 | std::string MGF1(const uint8_t *seed, size_t seedLen, size_t maskLen) { 16 | string mask; 17 | // Allocate CSHA256::OUTPUT_SIZE-1 more bytes. 18 | mask.reserve(maskLen + CSHA256::OUTPUT_SIZE - 1); 19 | for(size_t i = 0; i < (maskLen + CSHA256::OUTPUT_SIZE -1) / CSHA256::OUTPUT_SIZE; i++) { 20 | uint8_t cnt[4]; 21 | cnt[0] = (unsigned char)((i >> 24) & 255); 22 | cnt[1] = (unsigned char)((i >> 16) & 255); 23 | cnt[2] = (unsigned char)((i >> 8)) & 255; 24 | cnt[3] = (unsigned char)(i & 255); 25 | 26 | uint8_t digest[CSHA256::OUTPUT_SIZE]; 27 | CSHA256 sha256; 28 | sha256.Write(seed, seedLen); 29 | sha256.Write(cnt, 4); 30 | sha256.Finalize(digest); 31 | 32 | mask.append(reinterpret_cast(digest), CSHA256::OUTPUT_SIZE); 33 | } 34 | return mask.substr(0, maskLen); 35 | } 36 | 37 | std::string EncodeEMSA_PSS(const std::string &m, int keyBits, SaltLength saltLength) { 38 | size_t emBits = keyBits - 1; 39 | 40 | size_t emLen = (emBits + 7) / 8; 41 | 42 | // check emLen 43 | if(emLen < CSHA256::OUTPUT_SIZE + 2) { 44 | throw LocatedException(__FILE__, __LINE__, __FUNCTION__, -1, "emLen < CSHA256::OUTPUT_SIZE + 2"); 45 | } 46 | 47 | size_t sLen; 48 | switch (saltLength) { 49 | case SaltLength::AutoLength: 50 | { 51 | sLen = emLen - 2 - CSHA256::OUTPUT_SIZE; 52 | break; 53 | } 54 | case SaltLength::EqualToHash: 55 | default: 56 | { 57 | sLen = CSHA256::OUTPUT_SIZE; 58 | break; 59 | } 60 | } 61 | 62 | // 2. Let mHash = Hash(M), an octet string of length hLen. 63 | uint8_t mHash[CSHA256::OUTPUT_SIZE]; 64 | CSHA256 sha256; 65 | sha256.Write(reinterpret_cast(m.c_str()), m.length()); 66 | sha256.Finalize(mHash); 67 | 68 | // 3. If emLen < hLen + sLen + 2, output "encoding error" and stop. 69 | if(emLen < CSHA256::OUTPUT_SIZE + sLen + 2) { 70 | throw LocatedException(__FILE__, __LINE__, __FUNCTION__, -1, "emLen error: KeyBitLength is too short."); 71 | } 72 | 73 | // 4. Generate a random octet string salt of length sLen; if sLen = 0, then salt is the empty string. 74 | std::unique_ptr salt(new uint8_t[sLen]); 75 | if(sLen > 0) safeheron::rand::RandomBytes(salt.get(), sLen); 76 | 77 | // 5. Let M' = (0x)00 00 00 00 00 00 00 00 || mHash || salt; 78 | // M' is an octet string of length 8 + hLen + sLen with eight initial zero octets. 79 | // 6. Let H = Hash(M'), an octet string of length hLen. 80 | uint8_t padding1[8] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}; 81 | 82 | uint8_t H[CSHA256::OUTPUT_SIZE]; 83 | sha256.Reset(); 84 | sha256.Write(padding1, 8); 85 | sha256.Write(mHash, CSHA256::OUTPUT_SIZE); 86 | sha256.Write(salt.get(), sLen); 87 | sha256.Finalize(H); 88 | 89 | // 7. Generate an octet string PS consisting of emLen - sLen - hLen - 2 90 | // zero octets. The length of PS may be 0. 91 | // 92 | // 8. Let DB = PS || 0x01 || salt; DB is an octet string of length 93 | // emLen - hLen - 1. 94 | string DB; 95 | DB.reserve(emLen - CSHA256::OUTPUT_SIZE - 1); 96 | size_t PSLen = emLen - CSHA256::OUTPUT_SIZE - sLen - 2; 97 | DB.append(PSLen, 0x00); 98 | DB.append(1, 0x01); 99 | DB.append(reinterpret_cast(salt.get()), sLen); 100 | 101 | // 9. Let dbMask = MGF(H, emLen - hLen - 1). mask generation function 102 | string dbMask = MGF1(H, CSHA256::OUTPUT_SIZE, emLen - CSHA256::OUTPUT_SIZE - 1); 103 | 104 | // 10. Let maskedDB = DB \xor dbMask. 105 | string maskedDB; 106 | maskedDB.reserve(emLen - CSHA256::OUTPUT_SIZE - 1); 107 | for(size_t i = 0; i < emLen - CSHA256::OUTPUT_SIZE - 1; i++) { 108 | maskedDB.append(1, DB[i] ^ dbMask[i]); 109 | } 110 | 111 | // 11. Set the leftmost 8emLen - emBits bits of the leftmost octet in maskedDB to zero. 112 | uint8_t c = 255; 113 | for(size_t i = 0; i < emLen * 8 -emBits; i++) { 114 | c = c >> 1; 115 | } 116 | maskedDB[0] &= (char)c; 117 | 118 | // 12. Let EM = maskedDB || H || 0xbc. 119 | string em; 120 | em.reserve(emLen); 121 | em.append(maskedDB); 122 | em.append(reinterpret_cast(H), CSHA256::OUTPUT_SIZE); 123 | em.append(1, (char)0xbc); 124 | return em; 125 | } 126 | 127 | bool VerifyEMSA_PSS(const std::string &m, int keyBits, SaltLength saltLength, const std::string &em) { 128 | size_t emBits = keyBits - 1; 129 | size_t emLen = (emBits + 7) / 8; 130 | if(em.length() != emLen) { 131 | // error: inconsistent 132 | return false; 133 | } 134 | 135 | // check emLen 136 | if(emLen < CSHA256::OUTPUT_SIZE + 2) { 137 | return false; 138 | } 139 | 140 | size_t sLen; 141 | switch (saltLength) { 142 | case SaltLength::AutoLength: 143 | { 144 | sLen = emLen - 2 - CSHA256::OUTPUT_SIZE; 145 | break; 146 | } 147 | case SaltLength::EqualToHash: 148 | default: 149 | { 150 | sLen = CSHA256::OUTPUT_SIZE; 151 | break; 152 | } 153 | } 154 | 155 | // 3. If emLen < hLen + sLen + 2, output "inconsistent" and stop. 156 | if(emLen < CSHA256::OUTPUT_SIZE + sLen + 2) { 157 | // error: KeyBitLength is too short. 158 | return false; 159 | } 160 | 161 | // 4. If the rightmost octet of EM does not have hexadecimal value 0xbc, output "inconsistent" and stop. 162 | if(em.at(em.length() - 1) != (char)0xbc) { 163 | // error: inconsistent. 164 | return false; 165 | } 166 | 167 | // 5. Let maskedDB be the leftmost emLen - hLen - 1 octets of EM, and let H be the next hLen octets. 168 | const uint8_t *maskedDB = reinterpret_cast(em.c_str()); 169 | const uint8_t *H = maskedDB + (emLen - CSHA256::OUTPUT_SIZE - 1); 170 | 171 | // 6. If the leftmost 8emLen - emBits bits of the leftmost octet in maskedDB are not all equal to zero, output "inconsistent" and stop. 172 | uint8_t c = 255; 173 | for(size_t i = 0; i < 8 - (emLen * 8 -emBits); i++) { 174 | c = c << 1; 175 | } 176 | uint8_t leftmost = maskedDB[0]; 177 | if((leftmost & c) != 0x00) { 178 | // error: inconsistent. 179 | return false; 180 | } 181 | 182 | // 7. Let dbMask = MGF(H, emLen - hLen - 1). 183 | string mask = MGF1(H, CSHA256::OUTPUT_SIZE, emLen - CSHA256::OUTPUT_SIZE - 1); 184 | const uint8_t *dbMask = (uint8_t *) mask.c_str(); 185 | 186 | // 8. Let DB = maskedDB \xor dbMask. 187 | size_t DBLen = emLen - CSHA256::OUTPUT_SIZE - 1; 188 | std::unique_ptr DB(new uint8_t[DBLen]); 189 | for(size_t i = 0; i < DBLen; i++) { 190 | DB[i] = maskedDB[i] ^ dbMask[i]; 191 | } 192 | 193 | // 9. Set the leftmost 8emLen - emBits bits of the leftmost octet in DB to zero. 194 | c = 255; 195 | for(size_t i = 0; i < emLen * 8 -emBits; i++) { 196 | c = c >> 1; 197 | } 198 | DB[0] &= c; 199 | 200 | // 10. If the emLen - hLen - sLen - 2 leftmost octets of DB are not zero 201 | // or if the octet at position emLen - hLen - sLen - 1 (the leftmost 202 | // position is "position 1") does not have hexadecimal value 0x01, 203 | // output "inconsistent" and stop. 204 | int PS_len = emLen - CSHA256::OUTPUT_SIZE - sLen - 2; 205 | const uint8_t * PS = DB.get(); 206 | for(int i = 0; i < PS_len; i++) { 207 | if(PS[i] != 0x00) { 208 | // error: inconsistent. 209 | return false; 210 | } 211 | } 212 | 213 | uint8_t left_padding = DB[emLen - CSHA256::OUTPUT_SIZE - sLen - 2]; 214 | if(left_padding != (unsigned char)0x01) { 215 | // error: inconsistent. 216 | return false; 217 | } 218 | 219 | // 11. Let salt be the last sLen octets of DB. 220 | uint8_t padding1[8] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}; 221 | const uint8_t *solt = DB.get() + (emLen - CSHA256::OUTPUT_SIZE - 1 - sLen); 222 | 223 | uint8_t mHash[CSHA256::OUTPUT_SIZE]; 224 | CSHA256 sha256; 225 | sha256.Write(reinterpret_cast(m.c_str()), m.length()); 226 | sha256.Finalize(mHash); 227 | 228 | // 12. Let 229 | // M' = (0x)00 00 00 00 00 00 00 00 || mHash || salt ; 230 | // M' is an octet string of length 8 + hLen + sLen with eight initial zero octets. 231 | // 13. Let H' = Hash(M'), an octet string of length hLen. 232 | uint8_t HPrime[CSHA256::OUTPUT_SIZE]; 233 | sha256.Reset(); 234 | sha256.Write(padding1, 8); 235 | sha256.Write(mHash, CSHA256::OUTPUT_SIZE); 236 | sha256.Write(solt, sLen); 237 | sha256.Finalize(HPrime); 238 | 239 | // 14. If H = H', output "consistent." Otherwise, output "inconsistent." 240 | if(strncmp((char*)H, (char*)HPrime, CSHA256::OUTPUT_SIZE) == 0) { 241 | return true; 242 | } else { 243 | return false; 244 | } 245 | } 246 | 247 | } 248 | } 249 | -------------------------------------------------------------------------------- /src/crypto-tss-rsa/emsa_pss.h: -------------------------------------------------------------------------------- 1 | /* 2 | * The EMSA_PSS encoding method references the EMSA-PSS encoding scheme according to RFC 3447 3 | * See RFC 3447, Section 9.1 : https://datatracker.ietf.org/doc/html/rfc3447#section-9.1 4 | * The SaltLength value references the implementation of go 5 | * See: https://github.com/golang/go/blob/master/src/crypto/rsa/pss.go 6 | */ 7 | 8 | #ifndef SAFEHERON_TSS_RSA_EMSA_PSS_H 9 | #define SAFEHERON_TSS_RSA_EMSA_PSS_H 10 | 11 | #include "crypto-bn/bn.h" 12 | #include "crypto-bn/rand.h" 13 | 14 | namespace safeheron { 15 | namespace tss_rsa { 16 | enum class SaltLength { 17 | AutoLength, 18 | EqualToHash 19 | }; 20 | /** 21 | * Mask generation function 22 | * Refer to https://datatracker.ietf.org/doc/html/rfc3447#appendix-B.2.1 23 | * @param seed 24 | * @param seedLen 25 | * @param maskLen 26 | * @return MGF1 bytes. 27 | */ 28 | std::string MGF1(const uint8_t *seed, size_t seedLen, size_t maskLen); 29 | 30 | /** 31 | * EMSA-PSS-Encode 32 | * Refer to https://datatracker.ietf.org/doc/html/rfc3447#section-9.1.1 33 | * @param m 34 | * @param keyBits 35 | * @param saltLength 36 | * @return Encoding result. 37 | */ 38 | std::string EncodeEMSA_PSS(const std::string &m, int keyBits, SaltLength saltLength); 39 | 40 | /** 41 | * EMSA-PSS-VERIFY 42 | * Refer to https://datatracker.ietf.org/doc/html/rfc3447#section-9.1.2 43 | * @param m 44 | * @param keyBits 45 | * @param saltLength 46 | * @param emsa_pss 47 | * @return 48 | */ 49 | bool VerifyEMSA_PSS(const std::string &m, int keyBits, SaltLength saltLength, const std::string &emsa_pss); 50 | 51 | } 52 | } 53 | 54 | 55 | 56 | #endif //SAFEHERON_TSS_RSA_EMSA_PSS_H 57 | -------------------------------------------------------------------------------- /src/crypto-tss-rsa/proto_gen/3_20/tss_rsa.pb.cc: -------------------------------------------------------------------------------- 1 | // Generated by the protocol buffer compiler. DO NOT EDIT! 2 | // source: tss_rsa.proto 3 | 4 | #include "tss_rsa.pb.h" 5 | 6 | #include 7 | 8 | #include 9 | #include 10 | #include 11 | #include 12 | #include 13 | #include 14 | #include 15 | // @@protoc_insertion_point(includes) 16 | #include 17 | 18 | PROTOBUF_PRAGMA_INIT_SEG 19 | 20 | namespace _pb = ::PROTOBUF_NAMESPACE_ID; 21 | namespace _pbi = _pb::internal; 22 | 23 | namespace safeheron { 24 | namespace proto { 25 | PROTOBUF_CONSTEXPR RSAPublicKey::RSAPublicKey( 26 | ::_pbi::ConstantInitialized) 27 | : n_(&::_pbi::fixed_address_empty_string, ::_pbi::ConstantInitialized{}) 28 | , e_(&::_pbi::fixed_address_empty_string, ::_pbi::ConstantInitialized{}){} 29 | struct RSAPublicKeyDefaultTypeInternal { 30 | PROTOBUF_CONSTEXPR RSAPublicKeyDefaultTypeInternal() 31 | : _instance(::_pbi::ConstantInitialized{}) {} 32 | ~RSAPublicKeyDefaultTypeInternal() {} 33 | union { 34 | RSAPublicKey _instance; 35 | }; 36 | }; 37 | PROTOBUF_ATTRIBUTE_NO_DESTROY PROTOBUF_CONSTINIT PROTOBUF_ATTRIBUTE_INIT_PRIORITY1 RSAPublicKeyDefaultTypeInternal _RSAPublicKey_default_instance_; 38 | PROTOBUF_CONSTEXPR RSAPrivateKeyShare::RSAPrivateKeyShare( 39 | ::_pbi::ConstantInitialized) 40 | : si_(&::_pbi::fixed_address_empty_string, ::_pbi::ConstantInitialized{}) 41 | , i_(0){} 42 | struct RSAPrivateKeyShareDefaultTypeInternal { 43 | PROTOBUF_CONSTEXPR RSAPrivateKeyShareDefaultTypeInternal() 44 | : _instance(::_pbi::ConstantInitialized{}) {} 45 | ~RSAPrivateKeyShareDefaultTypeInternal() {} 46 | union { 47 | RSAPrivateKeyShare _instance; 48 | }; 49 | }; 50 | PROTOBUF_ATTRIBUTE_NO_DESTROY PROTOBUF_CONSTINIT PROTOBUF_ATTRIBUTE_INIT_PRIORITY1 RSAPrivateKeyShareDefaultTypeInternal _RSAPrivateKeyShare_default_instance_; 51 | PROTOBUF_CONSTEXPR RSAKeyMeta::RSAKeyMeta( 52 | ::_pbi::ConstantInitialized) 53 | : vki_arr_() 54 | , vkv_(&::_pbi::fixed_address_empty_string, ::_pbi::ConstantInitialized{}) 55 | , vku_(&::_pbi::fixed_address_empty_string, ::_pbi::ConstantInitialized{}) 56 | , k_(0) 57 | , l_(0){} 58 | struct RSAKeyMetaDefaultTypeInternal { 59 | PROTOBUF_CONSTEXPR RSAKeyMetaDefaultTypeInternal() 60 | : _instance(::_pbi::ConstantInitialized{}) {} 61 | ~RSAKeyMetaDefaultTypeInternal() {} 62 | union { 63 | RSAKeyMeta _instance; 64 | }; 65 | }; 66 | PROTOBUF_ATTRIBUTE_NO_DESTROY PROTOBUF_CONSTINIT PROTOBUF_ATTRIBUTE_INIT_PRIORITY1 RSAKeyMetaDefaultTypeInternal _RSAKeyMeta_default_instance_; 67 | PROTOBUF_CONSTEXPR RSASigShare::RSASigShare( 68 | ::_pbi::ConstantInitialized) 69 | : sig_share_(&::_pbi::fixed_address_empty_string, ::_pbi::ConstantInitialized{}) 70 | , z_(&::_pbi::fixed_address_empty_string, ::_pbi::ConstantInitialized{}) 71 | , c_(&::_pbi::fixed_address_empty_string, ::_pbi::ConstantInitialized{}) 72 | , index_(0){} 73 | struct RSASigShareDefaultTypeInternal { 74 | PROTOBUF_CONSTEXPR RSASigShareDefaultTypeInternal() 75 | : _instance(::_pbi::ConstantInitialized{}) {} 76 | ~RSASigShareDefaultTypeInternal() {} 77 | union { 78 | RSASigShare _instance; 79 | }; 80 | }; 81 | PROTOBUF_ATTRIBUTE_NO_DESTROY PROTOBUF_CONSTINIT PROTOBUF_ATTRIBUTE_INIT_PRIORITY1 RSASigShareDefaultTypeInternal _RSASigShare_default_instance_; 82 | PROTOBUF_CONSTEXPR RSASigShareProof::RSASigShareProof( 83 | ::_pbi::ConstantInitialized) 84 | : z_(&::_pbi::fixed_address_empty_string, ::_pbi::ConstantInitialized{}) 85 | , c_(&::_pbi::fixed_address_empty_string, ::_pbi::ConstantInitialized{}){} 86 | struct RSASigShareProofDefaultTypeInternal { 87 | PROTOBUF_CONSTEXPR RSASigShareProofDefaultTypeInternal() 88 | : _instance(::_pbi::ConstantInitialized{}) {} 89 | ~RSASigShareProofDefaultTypeInternal() {} 90 | union { 91 | RSASigShareProof _instance; 92 | }; 93 | }; 94 | PROTOBUF_ATTRIBUTE_NO_DESTROY PROTOBUF_CONSTINIT PROTOBUF_ATTRIBUTE_INIT_PRIORITY1 RSASigShareProofDefaultTypeInternal _RSASigShareProof_default_instance_; 95 | } // namespace proto 96 | } // namespace safeheron 97 | static ::_pb::Metadata file_level_metadata_tss_5frsa_2eproto[5]; 98 | static constexpr ::_pb::EnumDescriptor const** file_level_enum_descriptors_tss_5frsa_2eproto = nullptr; 99 | static constexpr ::_pb::ServiceDescriptor const** file_level_service_descriptors_tss_5frsa_2eproto = nullptr; 100 | 101 | const uint32_t TableStruct_tss_5frsa_2eproto::offsets[] PROTOBUF_SECTION_VARIABLE(protodesc_cold) = { 102 | ~0u, // no _has_bits_ 103 | PROTOBUF_FIELD_OFFSET(::safeheron::proto::RSAPublicKey, _internal_metadata_), 104 | ~0u, // no _extensions_ 105 | ~0u, // no _oneof_case_ 106 | ~0u, // no _weak_field_map_ 107 | ~0u, // no _inlined_string_donated_ 108 | PROTOBUF_FIELD_OFFSET(::safeheron::proto::RSAPublicKey, n_), 109 | PROTOBUF_FIELD_OFFSET(::safeheron::proto::RSAPublicKey, e_), 110 | ~0u, // no _has_bits_ 111 | PROTOBUF_FIELD_OFFSET(::safeheron::proto::RSAPrivateKeyShare, _internal_metadata_), 112 | ~0u, // no _extensions_ 113 | ~0u, // no _oneof_case_ 114 | ~0u, // no _weak_field_map_ 115 | ~0u, // no _inlined_string_donated_ 116 | PROTOBUF_FIELD_OFFSET(::safeheron::proto::RSAPrivateKeyShare, i_), 117 | PROTOBUF_FIELD_OFFSET(::safeheron::proto::RSAPrivateKeyShare, si_), 118 | ~0u, // no _has_bits_ 119 | PROTOBUF_FIELD_OFFSET(::safeheron::proto::RSAKeyMeta, _internal_metadata_), 120 | ~0u, // no _extensions_ 121 | ~0u, // no _oneof_case_ 122 | ~0u, // no _weak_field_map_ 123 | ~0u, // no _inlined_string_donated_ 124 | PROTOBUF_FIELD_OFFSET(::safeheron::proto::RSAKeyMeta, k_), 125 | PROTOBUF_FIELD_OFFSET(::safeheron::proto::RSAKeyMeta, l_), 126 | PROTOBUF_FIELD_OFFSET(::safeheron::proto::RSAKeyMeta, vkv_), 127 | PROTOBUF_FIELD_OFFSET(::safeheron::proto::RSAKeyMeta, vku_), 128 | PROTOBUF_FIELD_OFFSET(::safeheron::proto::RSAKeyMeta, vki_arr_), 129 | ~0u, // no _has_bits_ 130 | PROTOBUF_FIELD_OFFSET(::safeheron::proto::RSASigShare, _internal_metadata_), 131 | ~0u, // no _extensions_ 132 | ~0u, // no _oneof_case_ 133 | ~0u, // no _weak_field_map_ 134 | ~0u, // no _inlined_string_donated_ 135 | PROTOBUF_FIELD_OFFSET(::safeheron::proto::RSASigShare, index_), 136 | PROTOBUF_FIELD_OFFSET(::safeheron::proto::RSASigShare, sig_share_), 137 | PROTOBUF_FIELD_OFFSET(::safeheron::proto::RSASigShare, z_), 138 | PROTOBUF_FIELD_OFFSET(::safeheron::proto::RSASigShare, c_), 139 | ~0u, // no _has_bits_ 140 | PROTOBUF_FIELD_OFFSET(::safeheron::proto::RSASigShareProof, _internal_metadata_), 141 | ~0u, // no _extensions_ 142 | ~0u, // no _oneof_case_ 143 | ~0u, // no _weak_field_map_ 144 | ~0u, // no _inlined_string_donated_ 145 | PROTOBUF_FIELD_OFFSET(::safeheron::proto::RSASigShareProof, z_), 146 | PROTOBUF_FIELD_OFFSET(::safeheron::proto::RSASigShareProof, c_), 147 | }; 148 | static const ::_pbi::MigrationSchema schemas[] PROTOBUF_SECTION_VARIABLE(protodesc_cold) = { 149 | { 0, -1, -1, sizeof(::safeheron::proto::RSAPublicKey)}, 150 | { 8, -1, -1, sizeof(::safeheron::proto::RSAPrivateKeyShare)}, 151 | { 16, -1, -1, sizeof(::safeheron::proto::RSAKeyMeta)}, 152 | { 27, -1, -1, sizeof(::safeheron::proto::RSASigShare)}, 153 | { 37, -1, -1, sizeof(::safeheron::proto::RSASigShareProof)}, 154 | }; 155 | 156 | static const ::_pb::Message* const file_default_instances[] = { 157 | &::safeheron::proto::_RSAPublicKey_default_instance_._instance, 158 | &::safeheron::proto::_RSAPrivateKeyShare_default_instance_._instance, 159 | &::safeheron::proto::_RSAKeyMeta_default_instance_._instance, 160 | &::safeheron::proto::_RSASigShare_default_instance_._instance, 161 | &::safeheron::proto::_RSASigShareProof_default_instance_._instance, 162 | }; 163 | 164 | const char descriptor_table_protodef_tss_5frsa_2eproto[] PROTOBUF_SECTION_VARIABLE(protodesc_cold) = 165 | "\n\rtss_rsa.proto\022\017safeheron.proto\"$\n\014RSAP" 166 | "ublicKey\022\t\n\001n\030\001 \001(\t\022\t\n\001e\030\002 \001(\t\"+\n\022RSAPri" 167 | "vateKeyShare\022\t\n\001i\030\001 \001(\005\022\n\n\002si\030\002 \001(\t\"M\n\nR" 168 | "SAKeyMeta\022\t\n\001k\030\001 \001(\005\022\t\n\001l\030\002 \001(\005\022\013\n\003vkv\030\003" 169 | " \001(\t\022\013\n\003vku\030\004 \001(\t\022\017\n\007vki_arr\030\005 \003(\t\"E\n\013RS" 170 | "ASigShare\022\r\n\005index\030\001 \001(\005\022\021\n\tsig_share\030\002 " 171 | "\001(\t\022\t\n\001z\030\003 \001(\t\022\t\n\001c\030\004 \001(\t\"(\n\020RSASigShare" 172 | "Proof\022\t\n\001z\030\001 \001(\t\022\t\n\001c\030\002 \001(\tb\006proto3" 173 | ; 174 | static ::_pbi::once_flag descriptor_table_tss_5frsa_2eproto_once; 175 | const ::_pbi::DescriptorTable descriptor_table_tss_5frsa_2eproto = { 176 | false, false, 315, descriptor_table_protodef_tss_5frsa_2eproto, 177 | "tss_rsa.proto", 178 | &descriptor_table_tss_5frsa_2eproto_once, nullptr, 0, 5, 179 | schemas, file_default_instances, TableStruct_tss_5frsa_2eproto::offsets, 180 | file_level_metadata_tss_5frsa_2eproto, file_level_enum_descriptors_tss_5frsa_2eproto, 181 | file_level_service_descriptors_tss_5frsa_2eproto, 182 | }; 183 | PROTOBUF_ATTRIBUTE_WEAK const ::_pbi::DescriptorTable* descriptor_table_tss_5frsa_2eproto_getter() { 184 | return &descriptor_table_tss_5frsa_2eproto; 185 | } 186 | 187 | // Force running AddDescriptors() at dynamic initialization time. 188 | PROTOBUF_ATTRIBUTE_INIT_PRIORITY2 static ::_pbi::AddDescriptorsRunner dynamic_init_dummy_tss_5frsa_2eproto(&descriptor_table_tss_5frsa_2eproto); 189 | namespace safeheron { 190 | namespace proto { 191 | 192 | // =================================================================== 193 | 194 | class RSAPublicKey::_Internal { 195 | public: 196 | }; 197 | 198 | RSAPublicKey::RSAPublicKey(::PROTOBUF_NAMESPACE_ID::Arena* arena, 199 | bool is_message_owned) 200 | : ::PROTOBUF_NAMESPACE_ID::Message(arena, is_message_owned) { 201 | SharedCtor(); 202 | // @@protoc_insertion_point(arena_constructor:safeheron.proto.RSAPublicKey) 203 | } 204 | RSAPublicKey::RSAPublicKey(const RSAPublicKey& from) 205 | : ::PROTOBUF_NAMESPACE_ID::Message() { 206 | _internal_metadata_.MergeFrom<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(from._internal_metadata_); 207 | n_.InitDefault(); 208 | #ifdef PROTOBUF_FORCE_COPY_DEFAULT_STRING 209 | n_.Set("", GetArenaForAllocation()); 210 | #endif // PROTOBUF_FORCE_COPY_DEFAULT_STRING 211 | if (!from._internal_n().empty()) { 212 | n_.Set(from._internal_n(), 213 | GetArenaForAllocation()); 214 | } 215 | e_.InitDefault(); 216 | #ifdef PROTOBUF_FORCE_COPY_DEFAULT_STRING 217 | e_.Set("", GetArenaForAllocation()); 218 | #endif // PROTOBUF_FORCE_COPY_DEFAULT_STRING 219 | if (!from._internal_e().empty()) { 220 | e_.Set(from._internal_e(), 221 | GetArenaForAllocation()); 222 | } 223 | // @@protoc_insertion_point(copy_constructor:safeheron.proto.RSAPublicKey) 224 | } 225 | 226 | inline void RSAPublicKey::SharedCtor() { 227 | n_.InitDefault(); 228 | #ifdef PROTOBUF_FORCE_COPY_DEFAULT_STRING 229 | n_.Set("", GetArenaForAllocation()); 230 | #endif // PROTOBUF_FORCE_COPY_DEFAULT_STRING 231 | e_.InitDefault(); 232 | #ifdef PROTOBUF_FORCE_COPY_DEFAULT_STRING 233 | e_.Set("", GetArenaForAllocation()); 234 | #endif // PROTOBUF_FORCE_COPY_DEFAULT_STRING 235 | } 236 | 237 | RSAPublicKey::~RSAPublicKey() { 238 | // @@protoc_insertion_point(destructor:safeheron.proto.RSAPublicKey) 239 | if (auto *arena = _internal_metadata_.DeleteReturnArena<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>()) { 240 | (void)arena; 241 | return; 242 | } 243 | SharedDtor(); 244 | } 245 | 246 | inline void RSAPublicKey::SharedDtor() { 247 | GOOGLE_DCHECK(GetArenaForAllocation() == nullptr); 248 | n_.Destroy(); 249 | e_.Destroy(); 250 | } 251 | 252 | void RSAPublicKey::SetCachedSize(int size) const { 253 | _cached_size_.Set(size); 254 | } 255 | 256 | void RSAPublicKey::Clear() { 257 | // @@protoc_insertion_point(message_clear_start:safeheron.proto.RSAPublicKey) 258 | uint32_t cached_has_bits = 0; 259 | // Prevent compiler warnings about cached_has_bits being unused 260 | (void) cached_has_bits; 261 | 262 | n_.ClearToEmpty(); 263 | e_.ClearToEmpty(); 264 | _internal_metadata_.Clear<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(); 265 | } 266 | 267 | const char* RSAPublicKey::_InternalParse(const char* ptr, ::_pbi::ParseContext* ctx) { 268 | #define CHK_(x) if (PROTOBUF_PREDICT_FALSE(!(x))) goto failure 269 | while (!ctx->Done(&ptr)) { 270 | uint32_t tag; 271 | ptr = ::_pbi::ReadTag(ptr, &tag); 272 | switch (tag >> 3) { 273 | // string n = 1; 274 | case 1: 275 | if (PROTOBUF_PREDICT_TRUE(static_cast(tag) == 10)) { 276 | auto str = _internal_mutable_n(); 277 | ptr = ::_pbi::InlineGreedyStringParser(str, ptr, ctx); 278 | CHK_(ptr); 279 | CHK_(::_pbi::VerifyUTF8(str, "safeheron.proto.RSAPublicKey.n")); 280 | } else 281 | goto handle_unusual; 282 | continue; 283 | // string e = 2; 284 | case 2: 285 | if (PROTOBUF_PREDICT_TRUE(static_cast(tag) == 18)) { 286 | auto str = _internal_mutable_e(); 287 | ptr = ::_pbi::InlineGreedyStringParser(str, ptr, ctx); 288 | CHK_(ptr); 289 | CHK_(::_pbi::VerifyUTF8(str, "safeheron.proto.RSAPublicKey.e")); 290 | } else 291 | goto handle_unusual; 292 | continue; 293 | default: 294 | goto handle_unusual; 295 | } // switch 296 | handle_unusual: 297 | if ((tag == 0) || ((tag & 7) == 4)) { 298 | CHK_(ptr); 299 | ctx->SetLastTag(tag); 300 | goto message_done; 301 | } 302 | ptr = UnknownFieldParse( 303 | tag, 304 | _internal_metadata_.mutable_unknown_fields<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(), 305 | ptr, ctx); 306 | CHK_(ptr != nullptr); 307 | } // while 308 | message_done: 309 | return ptr; 310 | failure: 311 | ptr = nullptr; 312 | goto message_done; 313 | #undef CHK_ 314 | } 315 | 316 | uint8_t* RSAPublicKey::_InternalSerialize( 317 | uint8_t* target, ::PROTOBUF_NAMESPACE_ID::io::EpsCopyOutputStream* stream) const { 318 | // @@protoc_insertion_point(serialize_to_array_start:safeheron.proto.RSAPublicKey) 319 | uint32_t cached_has_bits = 0; 320 | (void) cached_has_bits; 321 | 322 | // string n = 1; 323 | if (!this->_internal_n().empty()) { 324 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::VerifyUtf8String( 325 | this->_internal_n().data(), static_cast(this->_internal_n().length()), 326 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::SERIALIZE, 327 | "safeheron.proto.RSAPublicKey.n"); 328 | target = stream->WriteStringMaybeAliased( 329 | 1, this->_internal_n(), target); 330 | } 331 | 332 | // string e = 2; 333 | if (!this->_internal_e().empty()) { 334 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::VerifyUtf8String( 335 | this->_internal_e().data(), static_cast(this->_internal_e().length()), 336 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::SERIALIZE, 337 | "safeheron.proto.RSAPublicKey.e"); 338 | target = stream->WriteStringMaybeAliased( 339 | 2, this->_internal_e(), target); 340 | } 341 | 342 | if (PROTOBUF_PREDICT_FALSE(_internal_metadata_.have_unknown_fields())) { 343 | target = ::_pbi::WireFormat::InternalSerializeUnknownFieldsToArray( 344 | _internal_metadata_.unknown_fields<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(::PROTOBUF_NAMESPACE_ID::UnknownFieldSet::default_instance), target, stream); 345 | } 346 | // @@protoc_insertion_point(serialize_to_array_end:safeheron.proto.RSAPublicKey) 347 | return target; 348 | } 349 | 350 | size_t RSAPublicKey::ByteSizeLong() const { 351 | // @@protoc_insertion_point(message_byte_size_start:safeheron.proto.RSAPublicKey) 352 | size_t total_size = 0; 353 | 354 | uint32_t cached_has_bits = 0; 355 | // Prevent compiler warnings about cached_has_bits being unused 356 | (void) cached_has_bits; 357 | 358 | // string n = 1; 359 | if (!this->_internal_n().empty()) { 360 | total_size += 1 + 361 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::StringSize( 362 | this->_internal_n()); 363 | } 364 | 365 | // string e = 2; 366 | if (!this->_internal_e().empty()) { 367 | total_size += 1 + 368 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::StringSize( 369 | this->_internal_e()); 370 | } 371 | 372 | return MaybeComputeUnknownFieldsSize(total_size, &_cached_size_); 373 | } 374 | 375 | const ::PROTOBUF_NAMESPACE_ID::Message::ClassData RSAPublicKey::_class_data_ = { 376 | ::PROTOBUF_NAMESPACE_ID::Message::CopyWithSizeCheck, 377 | RSAPublicKey::MergeImpl 378 | }; 379 | const ::PROTOBUF_NAMESPACE_ID::Message::ClassData*RSAPublicKey::GetClassData() const { return &_class_data_; } 380 | 381 | void RSAPublicKey::MergeImpl(::PROTOBUF_NAMESPACE_ID::Message* to, 382 | const ::PROTOBUF_NAMESPACE_ID::Message& from) { 383 | static_cast(to)->MergeFrom( 384 | static_cast(from)); 385 | } 386 | 387 | 388 | void RSAPublicKey::MergeFrom(const RSAPublicKey& from) { 389 | // @@protoc_insertion_point(class_specific_merge_from_start:safeheron.proto.RSAPublicKey) 390 | GOOGLE_DCHECK_NE(&from, this); 391 | uint32_t cached_has_bits = 0; 392 | (void) cached_has_bits; 393 | 394 | if (!from._internal_n().empty()) { 395 | _internal_set_n(from._internal_n()); 396 | } 397 | if (!from._internal_e().empty()) { 398 | _internal_set_e(from._internal_e()); 399 | } 400 | _internal_metadata_.MergeFrom<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(from._internal_metadata_); 401 | } 402 | 403 | void RSAPublicKey::CopyFrom(const RSAPublicKey& from) { 404 | // @@protoc_insertion_point(class_specific_copy_from_start:safeheron.proto.RSAPublicKey) 405 | if (&from == this) return; 406 | Clear(); 407 | MergeFrom(from); 408 | } 409 | 410 | bool RSAPublicKey::IsInitialized() const { 411 | return true; 412 | } 413 | 414 | void RSAPublicKey::InternalSwap(RSAPublicKey* other) { 415 | using std::swap; 416 | auto* lhs_arena = GetArenaForAllocation(); 417 | auto* rhs_arena = other->GetArenaForAllocation(); 418 | _internal_metadata_.InternalSwap(&other->_internal_metadata_); 419 | ::PROTOBUF_NAMESPACE_ID::internal::ArenaStringPtr::InternalSwap( 420 | &n_, lhs_arena, 421 | &other->n_, rhs_arena 422 | ); 423 | ::PROTOBUF_NAMESPACE_ID::internal::ArenaStringPtr::InternalSwap( 424 | &e_, lhs_arena, 425 | &other->e_, rhs_arena 426 | ); 427 | } 428 | 429 | ::PROTOBUF_NAMESPACE_ID::Metadata RSAPublicKey::GetMetadata() const { 430 | return ::_pbi::AssignDescriptors( 431 | &descriptor_table_tss_5frsa_2eproto_getter, &descriptor_table_tss_5frsa_2eproto_once, 432 | file_level_metadata_tss_5frsa_2eproto[0]); 433 | } 434 | 435 | // =================================================================== 436 | 437 | class RSAPrivateKeyShare::_Internal { 438 | public: 439 | }; 440 | 441 | RSAPrivateKeyShare::RSAPrivateKeyShare(::PROTOBUF_NAMESPACE_ID::Arena* arena, 442 | bool is_message_owned) 443 | : ::PROTOBUF_NAMESPACE_ID::Message(arena, is_message_owned) { 444 | SharedCtor(); 445 | // @@protoc_insertion_point(arena_constructor:safeheron.proto.RSAPrivateKeyShare) 446 | } 447 | RSAPrivateKeyShare::RSAPrivateKeyShare(const RSAPrivateKeyShare& from) 448 | : ::PROTOBUF_NAMESPACE_ID::Message() { 449 | _internal_metadata_.MergeFrom<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(from._internal_metadata_); 450 | si_.InitDefault(); 451 | #ifdef PROTOBUF_FORCE_COPY_DEFAULT_STRING 452 | si_.Set("", GetArenaForAllocation()); 453 | #endif // PROTOBUF_FORCE_COPY_DEFAULT_STRING 454 | if (!from._internal_si().empty()) { 455 | si_.Set(from._internal_si(), 456 | GetArenaForAllocation()); 457 | } 458 | i_ = from.i_; 459 | // @@protoc_insertion_point(copy_constructor:safeheron.proto.RSAPrivateKeyShare) 460 | } 461 | 462 | inline void RSAPrivateKeyShare::SharedCtor() { 463 | si_.InitDefault(); 464 | #ifdef PROTOBUF_FORCE_COPY_DEFAULT_STRING 465 | si_.Set("", GetArenaForAllocation()); 466 | #endif // PROTOBUF_FORCE_COPY_DEFAULT_STRING 467 | i_ = 0; 468 | } 469 | 470 | RSAPrivateKeyShare::~RSAPrivateKeyShare() { 471 | // @@protoc_insertion_point(destructor:safeheron.proto.RSAPrivateKeyShare) 472 | if (auto *arena = _internal_metadata_.DeleteReturnArena<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>()) { 473 | (void)arena; 474 | return; 475 | } 476 | SharedDtor(); 477 | } 478 | 479 | inline void RSAPrivateKeyShare::SharedDtor() { 480 | GOOGLE_DCHECK(GetArenaForAllocation() == nullptr); 481 | si_.Destroy(); 482 | } 483 | 484 | void RSAPrivateKeyShare::SetCachedSize(int size) const { 485 | _cached_size_.Set(size); 486 | } 487 | 488 | void RSAPrivateKeyShare::Clear() { 489 | // @@protoc_insertion_point(message_clear_start:safeheron.proto.RSAPrivateKeyShare) 490 | uint32_t cached_has_bits = 0; 491 | // Prevent compiler warnings about cached_has_bits being unused 492 | (void) cached_has_bits; 493 | 494 | si_.ClearToEmpty(); 495 | i_ = 0; 496 | _internal_metadata_.Clear<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(); 497 | } 498 | 499 | const char* RSAPrivateKeyShare::_InternalParse(const char* ptr, ::_pbi::ParseContext* ctx) { 500 | #define CHK_(x) if (PROTOBUF_PREDICT_FALSE(!(x))) goto failure 501 | while (!ctx->Done(&ptr)) { 502 | uint32_t tag; 503 | ptr = ::_pbi::ReadTag(ptr, &tag); 504 | switch (tag >> 3) { 505 | // int32 i = 1; 506 | case 1: 507 | if (PROTOBUF_PREDICT_TRUE(static_cast(tag) == 8)) { 508 | i_ = ::PROTOBUF_NAMESPACE_ID::internal::ReadVarint32(&ptr); 509 | CHK_(ptr); 510 | } else 511 | goto handle_unusual; 512 | continue; 513 | // string si = 2; 514 | case 2: 515 | if (PROTOBUF_PREDICT_TRUE(static_cast(tag) == 18)) { 516 | auto str = _internal_mutable_si(); 517 | ptr = ::_pbi::InlineGreedyStringParser(str, ptr, ctx); 518 | CHK_(ptr); 519 | CHK_(::_pbi::VerifyUTF8(str, "safeheron.proto.RSAPrivateKeyShare.si")); 520 | } else 521 | goto handle_unusual; 522 | continue; 523 | default: 524 | goto handle_unusual; 525 | } // switch 526 | handle_unusual: 527 | if ((tag == 0) || ((tag & 7) == 4)) { 528 | CHK_(ptr); 529 | ctx->SetLastTag(tag); 530 | goto message_done; 531 | } 532 | ptr = UnknownFieldParse( 533 | tag, 534 | _internal_metadata_.mutable_unknown_fields<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(), 535 | ptr, ctx); 536 | CHK_(ptr != nullptr); 537 | } // while 538 | message_done: 539 | return ptr; 540 | failure: 541 | ptr = nullptr; 542 | goto message_done; 543 | #undef CHK_ 544 | } 545 | 546 | uint8_t* RSAPrivateKeyShare::_InternalSerialize( 547 | uint8_t* target, ::PROTOBUF_NAMESPACE_ID::io::EpsCopyOutputStream* stream) const { 548 | // @@protoc_insertion_point(serialize_to_array_start:safeheron.proto.RSAPrivateKeyShare) 549 | uint32_t cached_has_bits = 0; 550 | (void) cached_has_bits; 551 | 552 | // int32 i = 1; 553 | if (this->_internal_i() != 0) { 554 | target = stream->EnsureSpace(target); 555 | target = ::_pbi::WireFormatLite::WriteInt32ToArray(1, this->_internal_i(), target); 556 | } 557 | 558 | // string si = 2; 559 | if (!this->_internal_si().empty()) { 560 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::VerifyUtf8String( 561 | this->_internal_si().data(), static_cast(this->_internal_si().length()), 562 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::SERIALIZE, 563 | "safeheron.proto.RSAPrivateKeyShare.si"); 564 | target = stream->WriteStringMaybeAliased( 565 | 2, this->_internal_si(), target); 566 | } 567 | 568 | if (PROTOBUF_PREDICT_FALSE(_internal_metadata_.have_unknown_fields())) { 569 | target = ::_pbi::WireFormat::InternalSerializeUnknownFieldsToArray( 570 | _internal_metadata_.unknown_fields<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(::PROTOBUF_NAMESPACE_ID::UnknownFieldSet::default_instance), target, stream); 571 | } 572 | // @@protoc_insertion_point(serialize_to_array_end:safeheron.proto.RSAPrivateKeyShare) 573 | return target; 574 | } 575 | 576 | size_t RSAPrivateKeyShare::ByteSizeLong() const { 577 | // @@protoc_insertion_point(message_byte_size_start:safeheron.proto.RSAPrivateKeyShare) 578 | size_t total_size = 0; 579 | 580 | uint32_t cached_has_bits = 0; 581 | // Prevent compiler warnings about cached_has_bits being unused 582 | (void) cached_has_bits; 583 | 584 | // string si = 2; 585 | if (!this->_internal_si().empty()) { 586 | total_size += 1 + 587 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::StringSize( 588 | this->_internal_si()); 589 | } 590 | 591 | // int32 i = 1; 592 | if (this->_internal_i() != 0) { 593 | total_size += ::_pbi::WireFormatLite::Int32SizePlusOne(this->_internal_i()); 594 | } 595 | 596 | return MaybeComputeUnknownFieldsSize(total_size, &_cached_size_); 597 | } 598 | 599 | const ::PROTOBUF_NAMESPACE_ID::Message::ClassData RSAPrivateKeyShare::_class_data_ = { 600 | ::PROTOBUF_NAMESPACE_ID::Message::CopyWithSizeCheck, 601 | RSAPrivateKeyShare::MergeImpl 602 | }; 603 | const ::PROTOBUF_NAMESPACE_ID::Message::ClassData*RSAPrivateKeyShare::GetClassData() const { return &_class_data_; } 604 | 605 | void RSAPrivateKeyShare::MergeImpl(::PROTOBUF_NAMESPACE_ID::Message* to, 606 | const ::PROTOBUF_NAMESPACE_ID::Message& from) { 607 | static_cast(to)->MergeFrom( 608 | static_cast(from)); 609 | } 610 | 611 | 612 | void RSAPrivateKeyShare::MergeFrom(const RSAPrivateKeyShare& from) { 613 | // @@protoc_insertion_point(class_specific_merge_from_start:safeheron.proto.RSAPrivateKeyShare) 614 | GOOGLE_DCHECK_NE(&from, this); 615 | uint32_t cached_has_bits = 0; 616 | (void) cached_has_bits; 617 | 618 | if (!from._internal_si().empty()) { 619 | _internal_set_si(from._internal_si()); 620 | } 621 | if (from._internal_i() != 0) { 622 | _internal_set_i(from._internal_i()); 623 | } 624 | _internal_metadata_.MergeFrom<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(from._internal_metadata_); 625 | } 626 | 627 | void RSAPrivateKeyShare::CopyFrom(const RSAPrivateKeyShare& from) { 628 | // @@protoc_insertion_point(class_specific_copy_from_start:safeheron.proto.RSAPrivateKeyShare) 629 | if (&from == this) return; 630 | Clear(); 631 | MergeFrom(from); 632 | } 633 | 634 | bool RSAPrivateKeyShare::IsInitialized() const { 635 | return true; 636 | } 637 | 638 | void RSAPrivateKeyShare::InternalSwap(RSAPrivateKeyShare* other) { 639 | using std::swap; 640 | auto* lhs_arena = GetArenaForAllocation(); 641 | auto* rhs_arena = other->GetArenaForAllocation(); 642 | _internal_metadata_.InternalSwap(&other->_internal_metadata_); 643 | ::PROTOBUF_NAMESPACE_ID::internal::ArenaStringPtr::InternalSwap( 644 | &si_, lhs_arena, 645 | &other->si_, rhs_arena 646 | ); 647 | swap(i_, other->i_); 648 | } 649 | 650 | ::PROTOBUF_NAMESPACE_ID::Metadata RSAPrivateKeyShare::GetMetadata() const { 651 | return ::_pbi::AssignDescriptors( 652 | &descriptor_table_tss_5frsa_2eproto_getter, &descriptor_table_tss_5frsa_2eproto_once, 653 | file_level_metadata_tss_5frsa_2eproto[1]); 654 | } 655 | 656 | // =================================================================== 657 | 658 | class RSAKeyMeta::_Internal { 659 | public: 660 | }; 661 | 662 | RSAKeyMeta::RSAKeyMeta(::PROTOBUF_NAMESPACE_ID::Arena* arena, 663 | bool is_message_owned) 664 | : ::PROTOBUF_NAMESPACE_ID::Message(arena, is_message_owned), 665 | vki_arr_(arena) { 666 | SharedCtor(); 667 | // @@protoc_insertion_point(arena_constructor:safeheron.proto.RSAKeyMeta) 668 | } 669 | RSAKeyMeta::RSAKeyMeta(const RSAKeyMeta& from) 670 | : ::PROTOBUF_NAMESPACE_ID::Message(), 671 | vki_arr_(from.vki_arr_) { 672 | _internal_metadata_.MergeFrom<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(from._internal_metadata_); 673 | vkv_.InitDefault(); 674 | #ifdef PROTOBUF_FORCE_COPY_DEFAULT_STRING 675 | vkv_.Set("", GetArenaForAllocation()); 676 | #endif // PROTOBUF_FORCE_COPY_DEFAULT_STRING 677 | if (!from._internal_vkv().empty()) { 678 | vkv_.Set(from._internal_vkv(), 679 | GetArenaForAllocation()); 680 | } 681 | vku_.InitDefault(); 682 | #ifdef PROTOBUF_FORCE_COPY_DEFAULT_STRING 683 | vku_.Set("", GetArenaForAllocation()); 684 | #endif // PROTOBUF_FORCE_COPY_DEFAULT_STRING 685 | if (!from._internal_vku().empty()) { 686 | vku_.Set(from._internal_vku(), 687 | GetArenaForAllocation()); 688 | } 689 | ::memcpy(&k_, &from.k_, 690 | static_cast(reinterpret_cast(&l_) - 691 | reinterpret_cast(&k_)) + sizeof(l_)); 692 | // @@protoc_insertion_point(copy_constructor:safeheron.proto.RSAKeyMeta) 693 | } 694 | 695 | inline void RSAKeyMeta::SharedCtor() { 696 | vkv_.InitDefault(); 697 | #ifdef PROTOBUF_FORCE_COPY_DEFAULT_STRING 698 | vkv_.Set("", GetArenaForAllocation()); 699 | #endif // PROTOBUF_FORCE_COPY_DEFAULT_STRING 700 | vku_.InitDefault(); 701 | #ifdef PROTOBUF_FORCE_COPY_DEFAULT_STRING 702 | vku_.Set("", GetArenaForAllocation()); 703 | #endif // PROTOBUF_FORCE_COPY_DEFAULT_STRING 704 | ::memset(reinterpret_cast(this) + static_cast( 705 | reinterpret_cast(&k_) - reinterpret_cast(this)), 706 | 0, static_cast(reinterpret_cast(&l_) - 707 | reinterpret_cast(&k_)) + sizeof(l_)); 708 | } 709 | 710 | RSAKeyMeta::~RSAKeyMeta() { 711 | // @@protoc_insertion_point(destructor:safeheron.proto.RSAKeyMeta) 712 | if (auto *arena = _internal_metadata_.DeleteReturnArena<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>()) { 713 | (void)arena; 714 | return; 715 | } 716 | SharedDtor(); 717 | } 718 | 719 | inline void RSAKeyMeta::SharedDtor() { 720 | GOOGLE_DCHECK(GetArenaForAllocation() == nullptr); 721 | vkv_.Destroy(); 722 | vku_.Destroy(); 723 | } 724 | 725 | void RSAKeyMeta::SetCachedSize(int size) const { 726 | _cached_size_.Set(size); 727 | } 728 | 729 | void RSAKeyMeta::Clear() { 730 | // @@protoc_insertion_point(message_clear_start:safeheron.proto.RSAKeyMeta) 731 | uint32_t cached_has_bits = 0; 732 | // Prevent compiler warnings about cached_has_bits being unused 733 | (void) cached_has_bits; 734 | 735 | vki_arr_.Clear(); 736 | vkv_.ClearToEmpty(); 737 | vku_.ClearToEmpty(); 738 | ::memset(&k_, 0, static_cast( 739 | reinterpret_cast(&l_) - 740 | reinterpret_cast(&k_)) + sizeof(l_)); 741 | _internal_metadata_.Clear<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(); 742 | } 743 | 744 | const char* RSAKeyMeta::_InternalParse(const char* ptr, ::_pbi::ParseContext* ctx) { 745 | #define CHK_(x) if (PROTOBUF_PREDICT_FALSE(!(x))) goto failure 746 | while (!ctx->Done(&ptr)) { 747 | uint32_t tag; 748 | ptr = ::_pbi::ReadTag(ptr, &tag); 749 | switch (tag >> 3) { 750 | // int32 k = 1; 751 | case 1: 752 | if (PROTOBUF_PREDICT_TRUE(static_cast(tag) == 8)) { 753 | k_ = ::PROTOBUF_NAMESPACE_ID::internal::ReadVarint32(&ptr); 754 | CHK_(ptr); 755 | } else 756 | goto handle_unusual; 757 | continue; 758 | // int32 l = 2; 759 | case 2: 760 | if (PROTOBUF_PREDICT_TRUE(static_cast(tag) == 16)) { 761 | l_ = ::PROTOBUF_NAMESPACE_ID::internal::ReadVarint32(&ptr); 762 | CHK_(ptr); 763 | } else 764 | goto handle_unusual; 765 | continue; 766 | // string vkv = 3; 767 | case 3: 768 | if (PROTOBUF_PREDICT_TRUE(static_cast(tag) == 26)) { 769 | auto str = _internal_mutable_vkv(); 770 | ptr = ::_pbi::InlineGreedyStringParser(str, ptr, ctx); 771 | CHK_(ptr); 772 | CHK_(::_pbi::VerifyUTF8(str, "safeheron.proto.RSAKeyMeta.vkv")); 773 | } else 774 | goto handle_unusual; 775 | continue; 776 | // string vku = 4; 777 | case 4: 778 | if (PROTOBUF_PREDICT_TRUE(static_cast(tag) == 34)) { 779 | auto str = _internal_mutable_vku(); 780 | ptr = ::_pbi::InlineGreedyStringParser(str, ptr, ctx); 781 | CHK_(ptr); 782 | CHK_(::_pbi::VerifyUTF8(str, "safeheron.proto.RSAKeyMeta.vku")); 783 | } else 784 | goto handle_unusual; 785 | continue; 786 | // repeated string vki_arr = 5; 787 | case 5: 788 | if (PROTOBUF_PREDICT_TRUE(static_cast(tag) == 42)) { 789 | ptr -= 1; 790 | do { 791 | ptr += 1; 792 | auto str = _internal_add_vki_arr(); 793 | ptr = ::_pbi::InlineGreedyStringParser(str, ptr, ctx); 794 | CHK_(ptr); 795 | CHK_(::_pbi::VerifyUTF8(str, "safeheron.proto.RSAKeyMeta.vki_arr")); 796 | if (!ctx->DataAvailable(ptr)) break; 797 | } while (::PROTOBUF_NAMESPACE_ID::internal::ExpectTag<42>(ptr)); 798 | } else 799 | goto handle_unusual; 800 | continue; 801 | default: 802 | goto handle_unusual; 803 | } // switch 804 | handle_unusual: 805 | if ((tag == 0) || ((tag & 7) == 4)) { 806 | CHK_(ptr); 807 | ctx->SetLastTag(tag); 808 | goto message_done; 809 | } 810 | ptr = UnknownFieldParse( 811 | tag, 812 | _internal_metadata_.mutable_unknown_fields<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(), 813 | ptr, ctx); 814 | CHK_(ptr != nullptr); 815 | } // while 816 | message_done: 817 | return ptr; 818 | failure: 819 | ptr = nullptr; 820 | goto message_done; 821 | #undef CHK_ 822 | } 823 | 824 | uint8_t* RSAKeyMeta::_InternalSerialize( 825 | uint8_t* target, ::PROTOBUF_NAMESPACE_ID::io::EpsCopyOutputStream* stream) const { 826 | // @@protoc_insertion_point(serialize_to_array_start:safeheron.proto.RSAKeyMeta) 827 | uint32_t cached_has_bits = 0; 828 | (void) cached_has_bits; 829 | 830 | // int32 k = 1; 831 | if (this->_internal_k() != 0) { 832 | target = stream->EnsureSpace(target); 833 | target = ::_pbi::WireFormatLite::WriteInt32ToArray(1, this->_internal_k(), target); 834 | } 835 | 836 | // int32 l = 2; 837 | if (this->_internal_l() != 0) { 838 | target = stream->EnsureSpace(target); 839 | target = ::_pbi::WireFormatLite::WriteInt32ToArray(2, this->_internal_l(), target); 840 | } 841 | 842 | // string vkv = 3; 843 | if (!this->_internal_vkv().empty()) { 844 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::VerifyUtf8String( 845 | this->_internal_vkv().data(), static_cast(this->_internal_vkv().length()), 846 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::SERIALIZE, 847 | "safeheron.proto.RSAKeyMeta.vkv"); 848 | target = stream->WriteStringMaybeAliased( 849 | 3, this->_internal_vkv(), target); 850 | } 851 | 852 | // string vku = 4; 853 | if (!this->_internal_vku().empty()) { 854 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::VerifyUtf8String( 855 | this->_internal_vku().data(), static_cast(this->_internal_vku().length()), 856 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::SERIALIZE, 857 | "safeheron.proto.RSAKeyMeta.vku"); 858 | target = stream->WriteStringMaybeAliased( 859 | 4, this->_internal_vku(), target); 860 | } 861 | 862 | // repeated string vki_arr = 5; 863 | for (int i = 0, n = this->_internal_vki_arr_size(); i < n; i++) { 864 | const auto& s = this->_internal_vki_arr(i); 865 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::VerifyUtf8String( 866 | s.data(), static_cast(s.length()), 867 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::SERIALIZE, 868 | "safeheron.proto.RSAKeyMeta.vki_arr"); 869 | target = stream->WriteString(5, s, target); 870 | } 871 | 872 | if (PROTOBUF_PREDICT_FALSE(_internal_metadata_.have_unknown_fields())) { 873 | target = ::_pbi::WireFormat::InternalSerializeUnknownFieldsToArray( 874 | _internal_metadata_.unknown_fields<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(::PROTOBUF_NAMESPACE_ID::UnknownFieldSet::default_instance), target, stream); 875 | } 876 | // @@protoc_insertion_point(serialize_to_array_end:safeheron.proto.RSAKeyMeta) 877 | return target; 878 | } 879 | 880 | size_t RSAKeyMeta::ByteSizeLong() const { 881 | // @@protoc_insertion_point(message_byte_size_start:safeheron.proto.RSAKeyMeta) 882 | size_t total_size = 0; 883 | 884 | uint32_t cached_has_bits = 0; 885 | // Prevent compiler warnings about cached_has_bits being unused 886 | (void) cached_has_bits; 887 | 888 | // repeated string vki_arr = 5; 889 | total_size += 1 * 890 | ::PROTOBUF_NAMESPACE_ID::internal::FromIntSize(vki_arr_.size()); 891 | for (int i = 0, n = vki_arr_.size(); i < n; i++) { 892 | total_size += ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::StringSize( 893 | vki_arr_.Get(i)); 894 | } 895 | 896 | // string vkv = 3; 897 | if (!this->_internal_vkv().empty()) { 898 | total_size += 1 + 899 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::StringSize( 900 | this->_internal_vkv()); 901 | } 902 | 903 | // string vku = 4; 904 | if (!this->_internal_vku().empty()) { 905 | total_size += 1 + 906 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::StringSize( 907 | this->_internal_vku()); 908 | } 909 | 910 | // int32 k = 1; 911 | if (this->_internal_k() != 0) { 912 | total_size += ::_pbi::WireFormatLite::Int32SizePlusOne(this->_internal_k()); 913 | } 914 | 915 | // int32 l = 2; 916 | if (this->_internal_l() != 0) { 917 | total_size += ::_pbi::WireFormatLite::Int32SizePlusOne(this->_internal_l()); 918 | } 919 | 920 | return MaybeComputeUnknownFieldsSize(total_size, &_cached_size_); 921 | } 922 | 923 | const ::PROTOBUF_NAMESPACE_ID::Message::ClassData RSAKeyMeta::_class_data_ = { 924 | ::PROTOBUF_NAMESPACE_ID::Message::CopyWithSizeCheck, 925 | RSAKeyMeta::MergeImpl 926 | }; 927 | const ::PROTOBUF_NAMESPACE_ID::Message::ClassData*RSAKeyMeta::GetClassData() const { return &_class_data_; } 928 | 929 | void RSAKeyMeta::MergeImpl(::PROTOBUF_NAMESPACE_ID::Message* to, 930 | const ::PROTOBUF_NAMESPACE_ID::Message& from) { 931 | static_cast(to)->MergeFrom( 932 | static_cast(from)); 933 | } 934 | 935 | 936 | void RSAKeyMeta::MergeFrom(const RSAKeyMeta& from) { 937 | // @@protoc_insertion_point(class_specific_merge_from_start:safeheron.proto.RSAKeyMeta) 938 | GOOGLE_DCHECK_NE(&from, this); 939 | uint32_t cached_has_bits = 0; 940 | (void) cached_has_bits; 941 | 942 | vki_arr_.MergeFrom(from.vki_arr_); 943 | if (!from._internal_vkv().empty()) { 944 | _internal_set_vkv(from._internal_vkv()); 945 | } 946 | if (!from._internal_vku().empty()) { 947 | _internal_set_vku(from._internal_vku()); 948 | } 949 | if (from._internal_k() != 0) { 950 | _internal_set_k(from._internal_k()); 951 | } 952 | if (from._internal_l() != 0) { 953 | _internal_set_l(from._internal_l()); 954 | } 955 | _internal_metadata_.MergeFrom<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(from._internal_metadata_); 956 | } 957 | 958 | void RSAKeyMeta::CopyFrom(const RSAKeyMeta& from) { 959 | // @@protoc_insertion_point(class_specific_copy_from_start:safeheron.proto.RSAKeyMeta) 960 | if (&from == this) return; 961 | Clear(); 962 | MergeFrom(from); 963 | } 964 | 965 | bool RSAKeyMeta::IsInitialized() const { 966 | return true; 967 | } 968 | 969 | void RSAKeyMeta::InternalSwap(RSAKeyMeta* other) { 970 | using std::swap; 971 | auto* lhs_arena = GetArenaForAllocation(); 972 | auto* rhs_arena = other->GetArenaForAllocation(); 973 | _internal_metadata_.InternalSwap(&other->_internal_metadata_); 974 | vki_arr_.InternalSwap(&other->vki_arr_); 975 | ::PROTOBUF_NAMESPACE_ID::internal::ArenaStringPtr::InternalSwap( 976 | &vkv_, lhs_arena, 977 | &other->vkv_, rhs_arena 978 | ); 979 | ::PROTOBUF_NAMESPACE_ID::internal::ArenaStringPtr::InternalSwap( 980 | &vku_, lhs_arena, 981 | &other->vku_, rhs_arena 982 | ); 983 | ::PROTOBUF_NAMESPACE_ID::internal::memswap< 984 | PROTOBUF_FIELD_OFFSET(RSAKeyMeta, l_) 985 | + sizeof(RSAKeyMeta::l_) 986 | - PROTOBUF_FIELD_OFFSET(RSAKeyMeta, k_)>( 987 | reinterpret_cast(&k_), 988 | reinterpret_cast(&other->k_)); 989 | } 990 | 991 | ::PROTOBUF_NAMESPACE_ID::Metadata RSAKeyMeta::GetMetadata() const { 992 | return ::_pbi::AssignDescriptors( 993 | &descriptor_table_tss_5frsa_2eproto_getter, &descriptor_table_tss_5frsa_2eproto_once, 994 | file_level_metadata_tss_5frsa_2eproto[2]); 995 | } 996 | 997 | // =================================================================== 998 | 999 | class RSASigShare::_Internal { 1000 | public: 1001 | }; 1002 | 1003 | RSASigShare::RSASigShare(::PROTOBUF_NAMESPACE_ID::Arena* arena, 1004 | bool is_message_owned) 1005 | : ::PROTOBUF_NAMESPACE_ID::Message(arena, is_message_owned) { 1006 | SharedCtor(); 1007 | // @@protoc_insertion_point(arena_constructor:safeheron.proto.RSASigShare) 1008 | } 1009 | RSASigShare::RSASigShare(const RSASigShare& from) 1010 | : ::PROTOBUF_NAMESPACE_ID::Message() { 1011 | _internal_metadata_.MergeFrom<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(from._internal_metadata_); 1012 | sig_share_.InitDefault(); 1013 | #ifdef PROTOBUF_FORCE_COPY_DEFAULT_STRING 1014 | sig_share_.Set("", GetArenaForAllocation()); 1015 | #endif // PROTOBUF_FORCE_COPY_DEFAULT_STRING 1016 | if (!from._internal_sig_share().empty()) { 1017 | sig_share_.Set(from._internal_sig_share(), 1018 | GetArenaForAllocation()); 1019 | } 1020 | z_.InitDefault(); 1021 | #ifdef PROTOBUF_FORCE_COPY_DEFAULT_STRING 1022 | z_.Set("", GetArenaForAllocation()); 1023 | #endif // PROTOBUF_FORCE_COPY_DEFAULT_STRING 1024 | if (!from._internal_z().empty()) { 1025 | z_.Set(from._internal_z(), 1026 | GetArenaForAllocation()); 1027 | } 1028 | c_.InitDefault(); 1029 | #ifdef PROTOBUF_FORCE_COPY_DEFAULT_STRING 1030 | c_.Set("", GetArenaForAllocation()); 1031 | #endif // PROTOBUF_FORCE_COPY_DEFAULT_STRING 1032 | if (!from._internal_c().empty()) { 1033 | c_.Set(from._internal_c(), 1034 | GetArenaForAllocation()); 1035 | } 1036 | index_ = from.index_; 1037 | // @@protoc_insertion_point(copy_constructor:safeheron.proto.RSASigShare) 1038 | } 1039 | 1040 | inline void RSASigShare::SharedCtor() { 1041 | sig_share_.InitDefault(); 1042 | #ifdef PROTOBUF_FORCE_COPY_DEFAULT_STRING 1043 | sig_share_.Set("", GetArenaForAllocation()); 1044 | #endif // PROTOBUF_FORCE_COPY_DEFAULT_STRING 1045 | z_.InitDefault(); 1046 | #ifdef PROTOBUF_FORCE_COPY_DEFAULT_STRING 1047 | z_.Set("", GetArenaForAllocation()); 1048 | #endif // PROTOBUF_FORCE_COPY_DEFAULT_STRING 1049 | c_.InitDefault(); 1050 | #ifdef PROTOBUF_FORCE_COPY_DEFAULT_STRING 1051 | c_.Set("", GetArenaForAllocation()); 1052 | #endif // PROTOBUF_FORCE_COPY_DEFAULT_STRING 1053 | index_ = 0; 1054 | } 1055 | 1056 | RSASigShare::~RSASigShare() { 1057 | // @@protoc_insertion_point(destructor:safeheron.proto.RSASigShare) 1058 | if (auto *arena = _internal_metadata_.DeleteReturnArena<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>()) { 1059 | (void)arena; 1060 | return; 1061 | } 1062 | SharedDtor(); 1063 | } 1064 | 1065 | inline void RSASigShare::SharedDtor() { 1066 | GOOGLE_DCHECK(GetArenaForAllocation() == nullptr); 1067 | sig_share_.Destroy(); 1068 | z_.Destroy(); 1069 | c_.Destroy(); 1070 | } 1071 | 1072 | void RSASigShare::SetCachedSize(int size) const { 1073 | _cached_size_.Set(size); 1074 | } 1075 | 1076 | void RSASigShare::Clear() { 1077 | // @@protoc_insertion_point(message_clear_start:safeheron.proto.RSASigShare) 1078 | uint32_t cached_has_bits = 0; 1079 | // Prevent compiler warnings about cached_has_bits being unused 1080 | (void) cached_has_bits; 1081 | 1082 | sig_share_.ClearToEmpty(); 1083 | z_.ClearToEmpty(); 1084 | c_.ClearToEmpty(); 1085 | index_ = 0; 1086 | _internal_metadata_.Clear<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(); 1087 | } 1088 | 1089 | const char* RSASigShare::_InternalParse(const char* ptr, ::_pbi::ParseContext* ctx) { 1090 | #define CHK_(x) if (PROTOBUF_PREDICT_FALSE(!(x))) goto failure 1091 | while (!ctx->Done(&ptr)) { 1092 | uint32_t tag; 1093 | ptr = ::_pbi::ReadTag(ptr, &tag); 1094 | switch (tag >> 3) { 1095 | // int32 index = 1; 1096 | case 1: 1097 | if (PROTOBUF_PREDICT_TRUE(static_cast(tag) == 8)) { 1098 | index_ = ::PROTOBUF_NAMESPACE_ID::internal::ReadVarint32(&ptr); 1099 | CHK_(ptr); 1100 | } else 1101 | goto handle_unusual; 1102 | continue; 1103 | // string sig_share = 2; 1104 | case 2: 1105 | if (PROTOBUF_PREDICT_TRUE(static_cast(tag) == 18)) { 1106 | auto str = _internal_mutable_sig_share(); 1107 | ptr = ::_pbi::InlineGreedyStringParser(str, ptr, ctx); 1108 | CHK_(ptr); 1109 | CHK_(::_pbi::VerifyUTF8(str, "safeheron.proto.RSASigShare.sig_share")); 1110 | } else 1111 | goto handle_unusual; 1112 | continue; 1113 | // string z = 3; 1114 | case 3: 1115 | if (PROTOBUF_PREDICT_TRUE(static_cast(tag) == 26)) { 1116 | auto str = _internal_mutable_z(); 1117 | ptr = ::_pbi::InlineGreedyStringParser(str, ptr, ctx); 1118 | CHK_(ptr); 1119 | CHK_(::_pbi::VerifyUTF8(str, "safeheron.proto.RSASigShare.z")); 1120 | } else 1121 | goto handle_unusual; 1122 | continue; 1123 | // string c = 4; 1124 | case 4: 1125 | if (PROTOBUF_PREDICT_TRUE(static_cast(tag) == 34)) { 1126 | auto str = _internal_mutable_c(); 1127 | ptr = ::_pbi::InlineGreedyStringParser(str, ptr, ctx); 1128 | CHK_(ptr); 1129 | CHK_(::_pbi::VerifyUTF8(str, "safeheron.proto.RSASigShare.c")); 1130 | } else 1131 | goto handle_unusual; 1132 | continue; 1133 | default: 1134 | goto handle_unusual; 1135 | } // switch 1136 | handle_unusual: 1137 | if ((tag == 0) || ((tag & 7) == 4)) { 1138 | CHK_(ptr); 1139 | ctx->SetLastTag(tag); 1140 | goto message_done; 1141 | } 1142 | ptr = UnknownFieldParse( 1143 | tag, 1144 | _internal_metadata_.mutable_unknown_fields<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(), 1145 | ptr, ctx); 1146 | CHK_(ptr != nullptr); 1147 | } // while 1148 | message_done: 1149 | return ptr; 1150 | failure: 1151 | ptr = nullptr; 1152 | goto message_done; 1153 | #undef CHK_ 1154 | } 1155 | 1156 | uint8_t* RSASigShare::_InternalSerialize( 1157 | uint8_t* target, ::PROTOBUF_NAMESPACE_ID::io::EpsCopyOutputStream* stream) const { 1158 | // @@protoc_insertion_point(serialize_to_array_start:safeheron.proto.RSASigShare) 1159 | uint32_t cached_has_bits = 0; 1160 | (void) cached_has_bits; 1161 | 1162 | // int32 index = 1; 1163 | if (this->_internal_index() != 0) { 1164 | target = stream->EnsureSpace(target); 1165 | target = ::_pbi::WireFormatLite::WriteInt32ToArray(1, this->_internal_index(), target); 1166 | } 1167 | 1168 | // string sig_share = 2; 1169 | if (!this->_internal_sig_share().empty()) { 1170 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::VerifyUtf8String( 1171 | this->_internal_sig_share().data(), static_cast(this->_internal_sig_share().length()), 1172 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::SERIALIZE, 1173 | "safeheron.proto.RSASigShare.sig_share"); 1174 | target = stream->WriteStringMaybeAliased( 1175 | 2, this->_internal_sig_share(), target); 1176 | } 1177 | 1178 | // string z = 3; 1179 | if (!this->_internal_z().empty()) { 1180 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::VerifyUtf8String( 1181 | this->_internal_z().data(), static_cast(this->_internal_z().length()), 1182 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::SERIALIZE, 1183 | "safeheron.proto.RSASigShare.z"); 1184 | target = stream->WriteStringMaybeAliased( 1185 | 3, this->_internal_z(), target); 1186 | } 1187 | 1188 | // string c = 4; 1189 | if (!this->_internal_c().empty()) { 1190 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::VerifyUtf8String( 1191 | this->_internal_c().data(), static_cast(this->_internal_c().length()), 1192 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::SERIALIZE, 1193 | "safeheron.proto.RSASigShare.c"); 1194 | target = stream->WriteStringMaybeAliased( 1195 | 4, this->_internal_c(), target); 1196 | } 1197 | 1198 | if (PROTOBUF_PREDICT_FALSE(_internal_metadata_.have_unknown_fields())) { 1199 | target = ::_pbi::WireFormat::InternalSerializeUnknownFieldsToArray( 1200 | _internal_metadata_.unknown_fields<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(::PROTOBUF_NAMESPACE_ID::UnknownFieldSet::default_instance), target, stream); 1201 | } 1202 | // @@protoc_insertion_point(serialize_to_array_end:safeheron.proto.RSASigShare) 1203 | return target; 1204 | } 1205 | 1206 | size_t RSASigShare::ByteSizeLong() const { 1207 | // @@protoc_insertion_point(message_byte_size_start:safeheron.proto.RSASigShare) 1208 | size_t total_size = 0; 1209 | 1210 | uint32_t cached_has_bits = 0; 1211 | // Prevent compiler warnings about cached_has_bits being unused 1212 | (void) cached_has_bits; 1213 | 1214 | // string sig_share = 2; 1215 | if (!this->_internal_sig_share().empty()) { 1216 | total_size += 1 + 1217 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::StringSize( 1218 | this->_internal_sig_share()); 1219 | } 1220 | 1221 | // string z = 3; 1222 | if (!this->_internal_z().empty()) { 1223 | total_size += 1 + 1224 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::StringSize( 1225 | this->_internal_z()); 1226 | } 1227 | 1228 | // string c = 4; 1229 | if (!this->_internal_c().empty()) { 1230 | total_size += 1 + 1231 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::StringSize( 1232 | this->_internal_c()); 1233 | } 1234 | 1235 | // int32 index = 1; 1236 | if (this->_internal_index() != 0) { 1237 | total_size += ::_pbi::WireFormatLite::Int32SizePlusOne(this->_internal_index()); 1238 | } 1239 | 1240 | return MaybeComputeUnknownFieldsSize(total_size, &_cached_size_); 1241 | } 1242 | 1243 | const ::PROTOBUF_NAMESPACE_ID::Message::ClassData RSASigShare::_class_data_ = { 1244 | ::PROTOBUF_NAMESPACE_ID::Message::CopyWithSizeCheck, 1245 | RSASigShare::MergeImpl 1246 | }; 1247 | const ::PROTOBUF_NAMESPACE_ID::Message::ClassData*RSASigShare::GetClassData() const { return &_class_data_; } 1248 | 1249 | void RSASigShare::MergeImpl(::PROTOBUF_NAMESPACE_ID::Message* to, 1250 | const ::PROTOBUF_NAMESPACE_ID::Message& from) { 1251 | static_cast(to)->MergeFrom( 1252 | static_cast(from)); 1253 | } 1254 | 1255 | 1256 | void RSASigShare::MergeFrom(const RSASigShare& from) { 1257 | // @@protoc_insertion_point(class_specific_merge_from_start:safeheron.proto.RSASigShare) 1258 | GOOGLE_DCHECK_NE(&from, this); 1259 | uint32_t cached_has_bits = 0; 1260 | (void) cached_has_bits; 1261 | 1262 | if (!from._internal_sig_share().empty()) { 1263 | _internal_set_sig_share(from._internal_sig_share()); 1264 | } 1265 | if (!from._internal_z().empty()) { 1266 | _internal_set_z(from._internal_z()); 1267 | } 1268 | if (!from._internal_c().empty()) { 1269 | _internal_set_c(from._internal_c()); 1270 | } 1271 | if (from._internal_index() != 0) { 1272 | _internal_set_index(from._internal_index()); 1273 | } 1274 | _internal_metadata_.MergeFrom<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(from._internal_metadata_); 1275 | } 1276 | 1277 | void RSASigShare::CopyFrom(const RSASigShare& from) { 1278 | // @@protoc_insertion_point(class_specific_copy_from_start:safeheron.proto.RSASigShare) 1279 | if (&from == this) return; 1280 | Clear(); 1281 | MergeFrom(from); 1282 | } 1283 | 1284 | bool RSASigShare::IsInitialized() const { 1285 | return true; 1286 | } 1287 | 1288 | void RSASigShare::InternalSwap(RSASigShare* other) { 1289 | using std::swap; 1290 | auto* lhs_arena = GetArenaForAllocation(); 1291 | auto* rhs_arena = other->GetArenaForAllocation(); 1292 | _internal_metadata_.InternalSwap(&other->_internal_metadata_); 1293 | ::PROTOBUF_NAMESPACE_ID::internal::ArenaStringPtr::InternalSwap( 1294 | &sig_share_, lhs_arena, 1295 | &other->sig_share_, rhs_arena 1296 | ); 1297 | ::PROTOBUF_NAMESPACE_ID::internal::ArenaStringPtr::InternalSwap( 1298 | &z_, lhs_arena, 1299 | &other->z_, rhs_arena 1300 | ); 1301 | ::PROTOBUF_NAMESPACE_ID::internal::ArenaStringPtr::InternalSwap( 1302 | &c_, lhs_arena, 1303 | &other->c_, rhs_arena 1304 | ); 1305 | swap(index_, other->index_); 1306 | } 1307 | 1308 | ::PROTOBUF_NAMESPACE_ID::Metadata RSASigShare::GetMetadata() const { 1309 | return ::_pbi::AssignDescriptors( 1310 | &descriptor_table_tss_5frsa_2eproto_getter, &descriptor_table_tss_5frsa_2eproto_once, 1311 | file_level_metadata_tss_5frsa_2eproto[3]); 1312 | } 1313 | 1314 | // =================================================================== 1315 | 1316 | class RSASigShareProof::_Internal { 1317 | public: 1318 | }; 1319 | 1320 | RSASigShareProof::RSASigShareProof(::PROTOBUF_NAMESPACE_ID::Arena* arena, 1321 | bool is_message_owned) 1322 | : ::PROTOBUF_NAMESPACE_ID::Message(arena, is_message_owned) { 1323 | SharedCtor(); 1324 | // @@protoc_insertion_point(arena_constructor:safeheron.proto.RSASigShareProof) 1325 | } 1326 | RSASigShareProof::RSASigShareProof(const RSASigShareProof& from) 1327 | : ::PROTOBUF_NAMESPACE_ID::Message() { 1328 | _internal_metadata_.MergeFrom<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(from._internal_metadata_); 1329 | z_.InitDefault(); 1330 | #ifdef PROTOBUF_FORCE_COPY_DEFAULT_STRING 1331 | z_.Set("", GetArenaForAllocation()); 1332 | #endif // PROTOBUF_FORCE_COPY_DEFAULT_STRING 1333 | if (!from._internal_z().empty()) { 1334 | z_.Set(from._internal_z(), 1335 | GetArenaForAllocation()); 1336 | } 1337 | c_.InitDefault(); 1338 | #ifdef PROTOBUF_FORCE_COPY_DEFAULT_STRING 1339 | c_.Set("", GetArenaForAllocation()); 1340 | #endif // PROTOBUF_FORCE_COPY_DEFAULT_STRING 1341 | if (!from._internal_c().empty()) { 1342 | c_.Set(from._internal_c(), 1343 | GetArenaForAllocation()); 1344 | } 1345 | // @@protoc_insertion_point(copy_constructor:safeheron.proto.RSASigShareProof) 1346 | } 1347 | 1348 | inline void RSASigShareProof::SharedCtor() { 1349 | z_.InitDefault(); 1350 | #ifdef PROTOBUF_FORCE_COPY_DEFAULT_STRING 1351 | z_.Set("", GetArenaForAllocation()); 1352 | #endif // PROTOBUF_FORCE_COPY_DEFAULT_STRING 1353 | c_.InitDefault(); 1354 | #ifdef PROTOBUF_FORCE_COPY_DEFAULT_STRING 1355 | c_.Set("", GetArenaForAllocation()); 1356 | #endif // PROTOBUF_FORCE_COPY_DEFAULT_STRING 1357 | } 1358 | 1359 | RSASigShareProof::~RSASigShareProof() { 1360 | // @@protoc_insertion_point(destructor:safeheron.proto.RSASigShareProof) 1361 | if (auto *arena = _internal_metadata_.DeleteReturnArena<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>()) { 1362 | (void)arena; 1363 | return; 1364 | } 1365 | SharedDtor(); 1366 | } 1367 | 1368 | inline void RSASigShareProof::SharedDtor() { 1369 | GOOGLE_DCHECK(GetArenaForAllocation() == nullptr); 1370 | z_.Destroy(); 1371 | c_.Destroy(); 1372 | } 1373 | 1374 | void RSASigShareProof::SetCachedSize(int size) const { 1375 | _cached_size_.Set(size); 1376 | } 1377 | 1378 | void RSASigShareProof::Clear() { 1379 | // @@protoc_insertion_point(message_clear_start:safeheron.proto.RSASigShareProof) 1380 | uint32_t cached_has_bits = 0; 1381 | // Prevent compiler warnings about cached_has_bits being unused 1382 | (void) cached_has_bits; 1383 | 1384 | z_.ClearToEmpty(); 1385 | c_.ClearToEmpty(); 1386 | _internal_metadata_.Clear<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(); 1387 | } 1388 | 1389 | const char* RSASigShareProof::_InternalParse(const char* ptr, ::_pbi::ParseContext* ctx) { 1390 | #define CHK_(x) if (PROTOBUF_PREDICT_FALSE(!(x))) goto failure 1391 | while (!ctx->Done(&ptr)) { 1392 | uint32_t tag; 1393 | ptr = ::_pbi::ReadTag(ptr, &tag); 1394 | switch (tag >> 3) { 1395 | // string z = 1; 1396 | case 1: 1397 | if (PROTOBUF_PREDICT_TRUE(static_cast(tag) == 10)) { 1398 | auto str = _internal_mutable_z(); 1399 | ptr = ::_pbi::InlineGreedyStringParser(str, ptr, ctx); 1400 | CHK_(ptr); 1401 | CHK_(::_pbi::VerifyUTF8(str, "safeheron.proto.RSASigShareProof.z")); 1402 | } else 1403 | goto handle_unusual; 1404 | continue; 1405 | // string c = 2; 1406 | case 2: 1407 | if (PROTOBUF_PREDICT_TRUE(static_cast(tag) == 18)) { 1408 | auto str = _internal_mutable_c(); 1409 | ptr = ::_pbi::InlineGreedyStringParser(str, ptr, ctx); 1410 | CHK_(ptr); 1411 | CHK_(::_pbi::VerifyUTF8(str, "safeheron.proto.RSASigShareProof.c")); 1412 | } else 1413 | goto handle_unusual; 1414 | continue; 1415 | default: 1416 | goto handle_unusual; 1417 | } // switch 1418 | handle_unusual: 1419 | if ((tag == 0) || ((tag & 7) == 4)) { 1420 | CHK_(ptr); 1421 | ctx->SetLastTag(tag); 1422 | goto message_done; 1423 | } 1424 | ptr = UnknownFieldParse( 1425 | tag, 1426 | _internal_metadata_.mutable_unknown_fields<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(), 1427 | ptr, ctx); 1428 | CHK_(ptr != nullptr); 1429 | } // while 1430 | message_done: 1431 | return ptr; 1432 | failure: 1433 | ptr = nullptr; 1434 | goto message_done; 1435 | #undef CHK_ 1436 | } 1437 | 1438 | uint8_t* RSASigShareProof::_InternalSerialize( 1439 | uint8_t* target, ::PROTOBUF_NAMESPACE_ID::io::EpsCopyOutputStream* stream) const { 1440 | // @@protoc_insertion_point(serialize_to_array_start:safeheron.proto.RSASigShareProof) 1441 | uint32_t cached_has_bits = 0; 1442 | (void) cached_has_bits; 1443 | 1444 | // string z = 1; 1445 | if (!this->_internal_z().empty()) { 1446 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::VerifyUtf8String( 1447 | this->_internal_z().data(), static_cast(this->_internal_z().length()), 1448 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::SERIALIZE, 1449 | "safeheron.proto.RSASigShareProof.z"); 1450 | target = stream->WriteStringMaybeAliased( 1451 | 1, this->_internal_z(), target); 1452 | } 1453 | 1454 | // string c = 2; 1455 | if (!this->_internal_c().empty()) { 1456 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::VerifyUtf8String( 1457 | this->_internal_c().data(), static_cast(this->_internal_c().length()), 1458 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::SERIALIZE, 1459 | "safeheron.proto.RSASigShareProof.c"); 1460 | target = stream->WriteStringMaybeAliased( 1461 | 2, this->_internal_c(), target); 1462 | } 1463 | 1464 | if (PROTOBUF_PREDICT_FALSE(_internal_metadata_.have_unknown_fields())) { 1465 | target = ::_pbi::WireFormat::InternalSerializeUnknownFieldsToArray( 1466 | _internal_metadata_.unknown_fields<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(::PROTOBUF_NAMESPACE_ID::UnknownFieldSet::default_instance), target, stream); 1467 | } 1468 | // @@protoc_insertion_point(serialize_to_array_end:safeheron.proto.RSASigShareProof) 1469 | return target; 1470 | } 1471 | 1472 | size_t RSASigShareProof::ByteSizeLong() const { 1473 | // @@protoc_insertion_point(message_byte_size_start:safeheron.proto.RSASigShareProof) 1474 | size_t total_size = 0; 1475 | 1476 | uint32_t cached_has_bits = 0; 1477 | // Prevent compiler warnings about cached_has_bits being unused 1478 | (void) cached_has_bits; 1479 | 1480 | // string z = 1; 1481 | if (!this->_internal_z().empty()) { 1482 | total_size += 1 + 1483 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::StringSize( 1484 | this->_internal_z()); 1485 | } 1486 | 1487 | // string c = 2; 1488 | if (!this->_internal_c().empty()) { 1489 | total_size += 1 + 1490 | ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::StringSize( 1491 | this->_internal_c()); 1492 | } 1493 | 1494 | return MaybeComputeUnknownFieldsSize(total_size, &_cached_size_); 1495 | } 1496 | 1497 | const ::PROTOBUF_NAMESPACE_ID::Message::ClassData RSASigShareProof::_class_data_ = { 1498 | ::PROTOBUF_NAMESPACE_ID::Message::CopyWithSizeCheck, 1499 | RSASigShareProof::MergeImpl 1500 | }; 1501 | const ::PROTOBUF_NAMESPACE_ID::Message::ClassData*RSASigShareProof::GetClassData() const { return &_class_data_; } 1502 | 1503 | void RSASigShareProof::MergeImpl(::PROTOBUF_NAMESPACE_ID::Message* to, 1504 | const ::PROTOBUF_NAMESPACE_ID::Message& from) { 1505 | static_cast(to)->MergeFrom( 1506 | static_cast(from)); 1507 | } 1508 | 1509 | 1510 | void RSASigShareProof::MergeFrom(const RSASigShareProof& from) { 1511 | // @@protoc_insertion_point(class_specific_merge_from_start:safeheron.proto.RSASigShareProof) 1512 | GOOGLE_DCHECK_NE(&from, this); 1513 | uint32_t cached_has_bits = 0; 1514 | (void) cached_has_bits; 1515 | 1516 | if (!from._internal_z().empty()) { 1517 | _internal_set_z(from._internal_z()); 1518 | } 1519 | if (!from._internal_c().empty()) { 1520 | _internal_set_c(from._internal_c()); 1521 | } 1522 | _internal_metadata_.MergeFrom<::PROTOBUF_NAMESPACE_ID::UnknownFieldSet>(from._internal_metadata_); 1523 | } 1524 | 1525 | void RSASigShareProof::CopyFrom(const RSASigShareProof& from) { 1526 | // @@protoc_insertion_point(class_specific_copy_from_start:safeheron.proto.RSASigShareProof) 1527 | if (&from == this) return; 1528 | Clear(); 1529 | MergeFrom(from); 1530 | } 1531 | 1532 | bool RSASigShareProof::IsInitialized() const { 1533 | return true; 1534 | } 1535 | 1536 | void RSASigShareProof::InternalSwap(RSASigShareProof* other) { 1537 | using std::swap; 1538 | auto* lhs_arena = GetArenaForAllocation(); 1539 | auto* rhs_arena = other->GetArenaForAllocation(); 1540 | _internal_metadata_.InternalSwap(&other->_internal_metadata_); 1541 | ::PROTOBUF_NAMESPACE_ID::internal::ArenaStringPtr::InternalSwap( 1542 | &z_, lhs_arena, 1543 | &other->z_, rhs_arena 1544 | ); 1545 | ::PROTOBUF_NAMESPACE_ID::internal::ArenaStringPtr::InternalSwap( 1546 | &c_, lhs_arena, 1547 | &other->c_, rhs_arena 1548 | ); 1549 | } 1550 | 1551 | ::PROTOBUF_NAMESPACE_ID::Metadata RSASigShareProof::GetMetadata() const { 1552 | return ::_pbi::AssignDescriptors( 1553 | &descriptor_table_tss_5frsa_2eproto_getter, &descriptor_table_tss_5frsa_2eproto_once, 1554 | file_level_metadata_tss_5frsa_2eproto[4]); 1555 | } 1556 | 1557 | // @@protoc_insertion_point(namespace_scope) 1558 | } // namespace proto 1559 | } // namespace safeheron 1560 | PROTOBUF_NAMESPACE_OPEN 1561 | template<> PROTOBUF_NOINLINE ::safeheron::proto::RSAPublicKey* 1562 | Arena::CreateMaybeMessage< ::safeheron::proto::RSAPublicKey >(Arena* arena) { 1563 | return Arena::CreateMessageInternal< ::safeheron::proto::RSAPublicKey >(arena); 1564 | } 1565 | template<> PROTOBUF_NOINLINE ::safeheron::proto::RSAPrivateKeyShare* 1566 | Arena::CreateMaybeMessage< ::safeheron::proto::RSAPrivateKeyShare >(Arena* arena) { 1567 | return Arena::CreateMessageInternal< ::safeheron::proto::RSAPrivateKeyShare >(arena); 1568 | } 1569 | template<> PROTOBUF_NOINLINE ::safeheron::proto::RSAKeyMeta* 1570 | Arena::CreateMaybeMessage< ::safeheron::proto::RSAKeyMeta >(Arena* arena) { 1571 | return Arena::CreateMessageInternal< ::safeheron::proto::RSAKeyMeta >(arena); 1572 | } 1573 | template<> PROTOBUF_NOINLINE ::safeheron::proto::RSASigShare* 1574 | Arena::CreateMaybeMessage< ::safeheron::proto::RSASigShare >(Arena* arena) { 1575 | return Arena::CreateMessageInternal< ::safeheron::proto::RSASigShare >(arena); 1576 | } 1577 | template<> PROTOBUF_NOINLINE ::safeheron::proto::RSASigShareProof* 1578 | Arena::CreateMaybeMessage< ::safeheron::proto::RSASigShareProof >(Arena* arena) { 1579 | return Arena::CreateMessageInternal< ::safeheron::proto::RSASigShareProof >(arena); 1580 | } 1581 | PROTOBUF_NAMESPACE_CLOSE 1582 | 1583 | // @@protoc_insertion_point(global_scope) 1584 | #include 1585 | -------------------------------------------------------------------------------- /src/crypto-tss-rsa/proto_gen/tss_rsa.pb.switch.cc: -------------------------------------------------------------------------------- 1 | // Generated by the protocol buffer compiler. DO NOT EDIT! 2 | // source: tss_rsa.proto 3 | 4 | #include "tss_rsa.pb.switch.h" 5 | 6 | #include 7 | 8 | #if PROTOBUF_VERSION >= 3014000 && 3014000 >= PROTOBUF_MIN_PROTOC_VERSION 9 | #include 10 | #include "3_14/tss_rsa.pb.cc" 11 | #elif PROTOBUF_VERSION >= 3020000 && 3020000 >= PROTOBUF_MIN_PROTOC_VERSION 12 | #include 13 | #include "3_20/tss_rsa.pb.cc" 14 | #else 15 | #error Invalid version of protobuf. 16 | #endif 17 | -------------------------------------------------------------------------------- /src/crypto-tss-rsa/proto_gen/tss_rsa.pb.switch.h: -------------------------------------------------------------------------------- 1 | // Generated by the protocol buffer compiler. DO NOT EDIT! 2 | // source: tss_rsa.proto 3 | 4 | #ifndef GOOGLE_PROTOBUF_INCLUDED_tss_5frsa_2eproto_MULTI_VERSION 5 | #define GOOGLE_PROTOBUF_INCLUDED_tss_5frsa_2eproto_MULTI_VERSION 6 | 7 | #include 8 | 9 | #if PROTOBUF_VERSION >= 3014000 && 3014000 >= PROTOBUF_MIN_PROTOC_VERSION 10 | #include 11 | #include "3_14/tss_rsa.pb.h" 12 | #elif PROTOBUF_VERSION >= 3020000 && 3020000 >= PROTOBUF_MIN_PROTOC_VERSION 13 | #include 14 | #include "3_20/tss_rsa.pb.h" 15 | #else 16 | #include 17 | #error Invalid version of protobuf. 18 | #endif 19 | 20 | #endif // GOOGLE_PROTOBUF_INCLUDED_tss_5frsa_2eproto_MULTI_VERSION 21 | -------------------------------------------------------------------------------- /src/crypto-tss-rsa/tss_rsa.cpp: -------------------------------------------------------------------------------- 1 | #include "tss_rsa.h" 2 | #include "crypto-bn/rand.h" 3 | #include "exception/located_exception.h" 4 | #include "crypto-sss/vsss.h" 5 | #include "crypto-hash/hash256.h" 6 | #include "common.h" 7 | #include "RSASigShareProof.h" 8 | 9 | using safeheron::bignum::BN; 10 | using safeheron::exception::LocatedException; 11 | using safeheron::hash::CSHA256; 12 | 13 | // Fermat fourth number 14 | // Default e value. 15 | const int f4 = 65537; 16 | 17 | namespace safeheron { 18 | namespace tss_rsa { 19 | 20 | static bool InternalGenerateKey(size_t key_bits_length, int l, int k, 21 | std::vector &private_key_share_arr, 22 | RSAPublicKey &public_key, 23 | RSAKeyMeta &key_meta, 24 | KeyGenParam ¶m){ 25 | const BN e(param.e()); 26 | const BN &p = param.p(); 27 | const BN &q = param.q(); 28 | const BN &f = param.f(); 29 | const BN &vku = param.vku(); 30 | 31 | // n 32 | BN n = p * q; 33 | 34 | // m = p' * q' 35 | BN m = (p - 1) * (q - 1) / 4; 36 | 37 | // d: de = 1 mod m 38 | BN d = e.InvM(m); 39 | 40 | // generate shares of d 41 | std::vector share_arr; 42 | std::vector index_arr; 43 | for(int i = 1; i <= l; i++){ 44 | index_arr.emplace_back(BN(i)); 45 | } 46 | sss::vsss::MakeShares(share_arr, d, k, index_arr, m); 47 | BN secret; 48 | sss::vsss::RecoverSecret(secret, share_arr, m); 49 | // extra check: d == secret 50 | 51 | 52 | // Compute \Delta = l! 53 | BN delta(1); 54 | for(int i = 1; i <= l; i++){ 55 | delta *= i; 56 | } 57 | BN delta_inv = delta.InvM(m); 58 | 59 | for(int i = 1; i <= l; i++){ 60 | BN si = (share_arr[i-1].y * delta_inv) % m; 61 | private_key_share_arr.emplace_back(RSAPrivateKeyShare(i, si)); 62 | } 63 | 64 | 65 | // Public key 66 | public_key.set_n(n); 67 | public_key.set_e(e); 68 | 69 | 70 | // Validate Key 71 | BN vkv = (f * f) % n; 72 | std::vector vki_arr; 73 | for(int i = 1; i <= l; i++){ 74 | BN t_vki = vkv.PowM(private_key_share_arr[i-1].si(), n); 75 | vki_arr.push_back(t_vki); 76 | } 77 | 78 | // Key meta data 79 | key_meta.set_k(k); 80 | key_meta.set_l(l); 81 | key_meta.set_vkv(vkv); 82 | key_meta.set_vki_arr(vki_arr); 83 | key_meta.set_vku(vku); 84 | 85 | return true; 86 | } 87 | 88 | 89 | /** 90 | * Generate private key shares, public key, key meta data. 91 | * 92 | * @param[in] key_bits_length: 1024/2048/3072/4096. 4096 is advised. 93 | * @param[in] l: total number of private key shares. 94 | * @param[in] k: threshold, k < l and k >= (l/2+1) 95 | * @param[out] private_key_share_arr[out]: shares of private key. 96 | * @param[out] public_key[out]: public key. 97 | * @param[out] key_meta[out]: key meta data. 98 | * @return true on success, false on error. 99 | */ 100 | bool GenerateKey(size_t key_bits_length, int l, int k, 101 | std::vector &private_key_share_arr, 102 | RSAPublicKey &public_key, 103 | RSAKeyMeta &key_meta){ 104 | // check key_bits_length 105 | if( (key_bits_length != 1024) && (key_bits_length != 2048) && (key_bits_length != 3072) && (key_bits_length != 4096)){ 106 | return false; 107 | } 108 | 109 | // check k, l 110 | if(l <= 1 || k <= 0 || k < (l/2+1) || k > l){ 111 | return false; 112 | } 113 | 114 | // default value 115 | int e = f4; 116 | 117 | // p = 2p' + 1 118 | BN p = safeheron::rand::RandomSafePrime(key_bits_length / 2); 119 | 120 | // q = 2q' + 1, make sure: p != q 121 | BN q; 122 | do { 123 | q = safeheron::rand::RandomSafePrime(key_bits_length / 2 - 1); 124 | } while (p == q); 125 | 126 | // n = p * q 127 | BN n = p * q; 128 | BN f = safeheron::rand::RandomBNLtCoPrime(n); 129 | 130 | // vku 131 | BN vku; 132 | do{ 133 | vku = safeheron::rand::RandomBNLtGcd(n); 134 | } while (safeheron::bignum::BN::JacobiSymbol(vku, n) != -1); 135 | 136 | KeyGenParam param(e, p, q, f, vku); 137 | return InternalGenerateKey(key_bits_length, l, k, private_key_share_arr, public_key, key_meta, param); 138 | } 139 | 140 | 141 | /** 142 | * Generate private key shares, public key, key meta data with specified parameters. 143 | * 144 | * @param[in] key_bits_length: 1024/2048/3072/4096. 4096 is advised. 145 | * @param[in] l: total number of private key shares. 146 | * @param[in] k: threshold, k < l and k >= (l/2+1) 147 | * @param[in] param: specified parameters. 148 | * @param[out] private_key_share_arr[out]: shares of private key. 149 | * @param[out] public_key[out]: public key. 150 | * @param[out] key_meta[out]: key meta data. 151 | * @return true on success, false on error. 152 | */ 153 | bool GenerateKeyEx(size_t key_bits_length, int l, int k, 154 | const KeyGenParam &_param, 155 | std::vector &private_key_share_arr, 156 | RSAPublicKey &public_key, 157 | RSAKeyMeta &key_meta){ 158 | // check k, l 159 | if(l <= 1 || k <= 0 || k < (l/2+1) || k > l){ 160 | return false; 161 | } 162 | 163 | // check e 164 | KeyGenParam param = _param; 165 | BN e(param.e()); 166 | if(e == 0){ 167 | param.set_e(f4); 168 | }else{ 169 | if(!e.IsProbablyPrime()){ 170 | return false; 171 | } 172 | } 173 | 174 | // check p: p = 2p' + 1 175 | if(param.p() == 0){ 176 | BN p = safeheron::rand::RandomSafePrime(key_bits_length/ 2); 177 | param.set_p(p); 178 | }else{ 179 | BN pp = (param.p() - 1)/2; 180 | if(!param.p().IsProbablyPrime() || !pp.IsProbablyPrime()){ 181 | return false; 182 | } 183 | } 184 | 185 | // check q: q = 2q' + 1 186 | // make sure: q != p 187 | if(param.q() == 0){ 188 | BN q; 189 | do { 190 | q = safeheron::rand::RandomSafePrime(key_bits_length / 2 - 1); 191 | }while (q == param.p()); 192 | param.set_q(q); 193 | }else{ 194 | BN qq = (param.q() - 1)/2; 195 | if(!param.q().IsProbablyPrime() || !qq.IsProbablyPrime()){ 196 | return false; 197 | } 198 | } 199 | 200 | // n = pq 201 | BN n = param.p() * param.q(); 202 | 203 | // check f: f < n , gcd(f, n) = 1 204 | if(param.f() == 0){ 205 | BN f = safeheron::rand::RandomBNLtCoPrime(n); 206 | param.set_f(f); 207 | }else{ 208 | const BN &f = param.f(); 209 | if(f <= 0 || f >= n || f.Gcd(n) != 1){ 210 | return false; 211 | } 212 | } 213 | 214 | // check vku: vku < n , gcd(vku, n) = 1, jacobi(vku, n) == -1 215 | if(param.vku() == 0){ 216 | BN vku; 217 | do{ 218 | vku = safeheron::rand::RandomBNLtGcd(n); 219 | } while (safeheron::bignum::BN::JacobiSymbol(vku, n) != -1); 220 | param.set_vku(vku); 221 | }else{ 222 | const BN &vku = param.vku(); 223 | if(vku <= 0 || vku >= n || vku.Gcd(n) != 1 || BN::JacobiSymbol(vku, n) != -1){ 224 | return false; 225 | } 226 | } 227 | 228 | return InternalGenerateKey(key_bits_length, l, k, private_key_share_arr, public_key, key_meta, param); 229 | } 230 | 231 | 232 | /** 233 | * Combine all the shares of signature to make a real signature. 234 | * @param[in] x: a big number related to prepared hash 235 | * @param[in] sig_arr : the shares of signature. 236 | * @param[in] public_key: public key. 237 | * @param[in] key_meta: key meta data. 238 | * @param[out] out_sig: a real signature. 239 | * @return true on success, false on error. 240 | */ 241 | bool InternalCombineSignatures(const safeheron::bignum::BN &_x, 242 | const std::vector &sig_arr, 243 | const RSAPublicKey &public_key, 244 | const RSAKeyMeta &key_meta, 245 | const bool validate_sig, 246 | safeheron::bignum::BN &out_sig){ 247 | // e' is always set to 4. 248 | BN ep(4); 249 | 250 | // x = m , if (m, n) == 1 251 | // x = m*u^e, if (m, n) == -1 252 | BN x = _x; 253 | int jacobi_m_n = BN::JacobiSymbol(x, public_key.n()); 254 | if( jacobi_m_n == -1){ 255 | x = (x * key_meta.vku().PowM(public_key.e(), public_key.n())) % public_key.n(); 256 | } 257 | 258 | // Validate signature share 259 | if(validate_sig) { 260 | bool is_valid_sig = true; 261 | for (const auto &sig: sig_arr) { 262 | RSASigShareProof proof(sig.z(), sig.c()); 263 | is_valid_sig &= proof.Verify(key_meta.vkv(), key_meta.vki(sig.index() - 1), x, public_key.n(), 264 | sig.sig_share()); 265 | if (!is_valid_sig) return false; 266 | } 267 | } 268 | 269 | // Compute \Delta = l! 270 | BN delta(1); 271 | for(int i = 1; i <= key_meta.l(); i++){ 272 | delta *= i; 273 | } 274 | 275 | // S is a subset of (1, ... ,l) 276 | std::vector S; 277 | for(const auto &item : sig_arr){ 278 | S.emplace_back(BN(item.index())); 279 | } 280 | 281 | // w = x_{i_1}^{2 \lambda_{0,i_1}^S} \dots x_{i_k}^{2 \lambda_{0,i_k}^S} \pmod n 282 | BN w(1); 283 | for(const auto &item : sig_arr){ 284 | BN lam = lambda(BN(0), BN(item.index()), S, delta); 285 | w = (w * item.sig_share().PowM(lam * 2, public_key.n())) % public_key.n(); 286 | } 287 | 288 | // y = w^a x^b \pmod n 289 | BN d, a, b; 290 | BN::ExtendedEuclidean(ep, public_key.e(), a, b, d); 291 | BN y = w.PowM(a, public_key.n()) * x.PowM(b, public_key.n()) % public_key.n(); 292 | if (jacobi_m_n == -1) { 293 | y = (y * key_meta.vku().InvM(public_key.n())) % public_key.n(); 294 | } 295 | out_sig = y; 296 | return true; 297 | } 298 | 299 | /** 300 | * Combine all the shares of signature to make a real signature. 301 | * @param[in] doc: doc 302 | * @param[in] sig_arr : the shares of signature. 303 | * @param[in] public_key: public key. 304 | * @param[in] key_meta: key meta data. 305 | * @param[out] out_sig: a real signature. 306 | * @return true on success, false on error. 307 | */ 308 | bool CombineSignatures(const std::string &doc, 309 | const std::vector &sig_arr, 310 | const RSAPublicKey &public_key, 311 | const RSAKeyMeta &key_meta, 312 | safeheron::bignum::BN &out_sig){ 313 | BN x = BN::FromBytesBE(doc); 314 | return InternalCombineSignatures(x, sig_arr, public_key, key_meta, true, out_sig); 315 | } 316 | 317 | /** 318 | * Combine all the shares of signature without validation on signature shares to make a real signature. 319 | * @param[in] doc: doc 320 | * @param[in] sig_arr : the shares of signature. 321 | * @param[in] public_key: public key. 322 | * @param[in] key_meta: key meta data. 323 | * @param[out] out_sig: a real signature. 324 | * @return true on success, false on error. 325 | */ 326 | bool CombineSignaturesWithoutValidation(const std::string &doc, 327 | const std::vector &sig_arr, 328 | const RSAPublicKey &public_key, 329 | const RSAKeyMeta &key_meta, 330 | safeheron::bignum::BN &out_sig){ 331 | BN x = BN::FromBytesBE(doc); 332 | return InternalCombineSignatures(x, sig_arr, public_key, key_meta, false, out_sig); 333 | } 334 | 335 | }; 336 | }; 337 | -------------------------------------------------------------------------------- /src/crypto-tss-rsa/tss_rsa.h: -------------------------------------------------------------------------------- 1 | #ifndef SAFEHERON_TSS_RSA_H 2 | #define SAFEHERON_TSS_RSA_H 3 | 4 | #include "RSAPrivateKeyShare.h" 5 | #include "RSAPublicKey.h" 6 | #include "RSASigShare.h" 7 | #include "RSAKeyMeta.h" 8 | #include "KeyGenParam.h" 9 | #include "emsa_pss.h" 10 | #include 11 | 12 | namespace safeheron { 13 | namespace tss_rsa { 14 | 15 | /** 16 | * Generate private key shares, public key, key meta data. 17 | * 18 | * @param[in] key_bits_length: 2048, 3072, 4096 is advised. 19 | * @param[in] l: total number of private key shares. 20 | * @param[in] k: threshold, k < l and k >= (l/2+1) 21 | * @param[out] private_key_share_arr: shares of private key. 22 | * @param[out] public_key: public key. 23 | * @param[out] key_meta: key meta data. 24 | * @return true on success, false on error. 25 | */ 26 | bool GenerateKey(size_t key_bits_length, int l, int k, 27 | std::vector &private_key_share_arr, 28 | RSAPublicKey &public_key, 29 | RSAKeyMeta &key_meta); 30 | 31 | /** 32 | * Generate private key shares, public key, key meta data with specified parameters. 33 | * 34 | * @param[in] key_bits_length: 2048, 3072, 4096 is advised. 35 | * @param[in] l: total number of private key shares. 36 | * @param[in] k: threshold, k < l and k >= (l/2+1) 37 | * @param[in] param: specified parameters. 38 | * @param[out] private_key_share_arr: shares of private key. 39 | * @param[out] public_key: public key. 40 | * @param[out] key_meta: key meta data. 41 | * @return true on success, false on error. 42 | */ 43 | bool GenerateKeyEx(size_t key_bits_length, int l, int k, 44 | const KeyGenParam ¶m, 45 | std::vector &private_key_share_arr, 46 | RSAPublicKey &public_key, 47 | RSAKeyMeta &key_meta); 48 | 49 | /** 50 | * Combine all the shares of signature to make a real signature. 51 | * @param[in] doc: doc 52 | * @param[in] sig_arr : the shares of signature. 53 | * @param[in] public_key: public key. 54 | * @param[in] key_meta: key meta data. 55 | * @param[out] out_sig: a real signature. 56 | * @return true on success, false on error. 57 | */ 58 | bool CombineSignatures(const std::string &doc, 59 | const std::vector &sig_arr, 60 | const RSAPublicKey &public_key, 61 | const RSAKeyMeta &key_meta, 62 | safeheron::bignum::BN &out_sig); 63 | 64 | 65 | /** 66 | * Combine all the shares of signature without validation on signature shares to make a real signature. 67 | * @note The function "CombineSignaturesWithoutValidation" is very fast. It's about 50 times faster than "CombineSignatures". 68 | * @param[in] doc: doc 69 | * @param[in] sig_arr : the shares of signature. 70 | * @param[in] public_key: public key. 71 | * @param[in] key_meta: key meta data. 72 | * @param[out] out_sig: a real signature. 73 | * @return true on success, false on error. 74 | */ 75 | bool CombineSignaturesWithoutValidation(const std::string &doc, 76 | const std::vector &sig_arr, 77 | const RSAPublicKey &public_key, 78 | const RSAKeyMeta &key_meta, 79 | safeheron::bignum::BN &out_sig); 80 | 81 | 82 | }; 83 | }; 84 | 85 | 86 | #endif //SAFEHERON_TSS_RSA_H -------------------------------------------------------------------------------- /test/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | find_package(GTest REQUIRED) 2 | find_package(benchmark REQUIRED) 3 | find_package(SafeheronCryptoSuites REQUIRED) 4 | 5 | include_directories(../src 6 | ${SafeheronCryptoSuites_INCLUDE_DIRS} 7 | ${GTEST_INCLUDE_DIRS}) 8 | link_libraries(CryptoTSSRSA 9 | ${GTEST_BOTH_LIBRARIES} 10 | ${PROTOBUF_LIBRARY_DIRS} 11 | benchmark::benchmark 12 | pthread) 13 | 14 | add_executable(pure-tss-rsa-test pure-tss-rsa-test.cpp) 15 | add_test(NAME pure-tss-rsa-test COMMAND pure-tss-rsa-test) 16 | 17 | add_executable(tss-rsa-test tss-rsa-test.cpp) 18 | add_test(NAME tss-rsa-test COMMAND tss-rsa-test) 19 | 20 | if (${ENABLE_BENCHMARK}) 21 | add_executable(tss-rsa-benchmark-test tss-rsa-benchmark-test.cpp) 22 | add_test(NAME tss-rsa-benchmark-test COMMAND tss-rsa-benchmark-test) 23 | endif() 24 | 25 | -------------------------------------------------------------------------------- /test/pure-tss-rsa-test.cpp: -------------------------------------------------------------------------------- 1 | #include "gtest/gtest.h" 2 | #include "crypto-bn/bn.h" 3 | #include "crypto-bn/rand.h" 4 | #include "exception/safeheron_exceptions.h" 5 | #include "crypto-tss-rsa/tss_rsa.h" 6 | 7 | using safeheron::bignum::BN; 8 | using safeheron::tss_rsa::RSAPrivateKeyShare; 9 | using safeheron::tss_rsa::RSAPublicKey; 10 | using safeheron::tss_rsa::RSAKeyMeta; 11 | using safeheron::tss_rsa::RSASigShare; 12 | using safeheron::tss_rsa::KeyGenParam; 13 | using safeheron::exception::LocatedException; 14 | using safeheron::exception::OpensslException; 15 | using safeheron::exception::BadAllocException; 16 | using safeheron::exception::RandomSourceException; 17 | 18 | TEST(TSS_RSA, KeyGen2_3_Sign_3_3) { 19 | std::string json_str; 20 | std::string doc("12345678123456781234567812345678"); 21 | 22 | // Key Generation 23 | int key_bits_length = 1024; 24 | int k = 2; 25 | int l = 3; 26 | std::vector priv_arr; 27 | RSAPublicKey pub; 28 | RSAKeyMeta key_meta; 29 | bool status = safeheron::tss_rsa::GenerateKey(key_bits_length, l, k, priv_arr, pub, key_meta); 30 | EXPECT_TRUE(status); 31 | key_meta.ToJsonString(json_str); 32 | std::cout << "key meta data: " << json_str << std::endl; 33 | 34 | pub.ToJsonString(json_str); 35 | std::cout << "public key: " << json_str << std::endl; 36 | 37 | priv_arr[0].ToJsonString(json_str); 38 | std::cout << "private key share 1: " << json_str << std::endl; 39 | priv_arr[1].ToJsonString(json_str); 40 | std::cout << "private key share 2: " << json_str << std::endl; 41 | priv_arr[2].ToJsonString(json_str); 42 | std::cout << "private key share 3: " << json_str << std::endl; 43 | 44 | // Party 1 sign. 45 | RSASigShare sig_share0 = priv_arr[0].Sign(doc, key_meta, pub); 46 | sig_share0.ToJsonString(json_str); 47 | std::cout << "signature share 1: " << json_str << std::endl; 48 | // Party 2 sign. 49 | RSASigShare sig_share1 = priv_arr[1].Sign(doc, key_meta, pub); 50 | sig_share1.ToJsonString(json_str); 51 | std::cout << "signature share 2: " << json_str << std::endl; 52 | // Party 3 sign. 53 | RSASigShare sig_share2 = priv_arr[2].Sign(doc, key_meta, pub); 54 | sig_share2.ToJsonString(json_str); 55 | std::cout << "signature share 3: " << json_str << std::endl; 56 | 57 | // Combine signatures 58 | // Distributed signature 59 | std::vector sig_share_arr; 60 | sig_share_arr.push_back(sig_share0); 61 | sig_share_arr.push_back(sig_share1); 62 | sig_share_arr.push_back(sig_share2); 63 | BN sig; 64 | status = safeheron::tss_rsa::CombineSignaturesWithoutValidation(doc, sig_share_arr, pub, key_meta, sig); 65 | EXPECT_TRUE(status); 66 | std::cout << "final signature = 0x" << sig.Inspect() << std::endl; 67 | 68 | // Verify the final signature. 69 | EXPECT_TRUE(pub.VerifySignature(doc, sig)); 70 | } 71 | 72 | 73 | TEST(TSS_RSA, KeyGenEx2_3_Sign_3_3) { 74 | std::string json_str; 75 | std::string doc("12345678123456781234567812345678"); 76 | 77 | KeyGenParam param(0, 78 | BN("E4AAECAA632881A60D11813CC8379980C673BEFB959F44AA14BB15F141ADBE9E6B25FA3A8715435427B10AA608946D0A7B68A4F75BDC376E12010F813F480007", 16), 79 | BN("C32F913ECDF403DB94B07A8D02AF2934A882226F3535E6436A6A2392A2C390E525D4531D6EFF2028AE8E16F856E0945348E007EDAC43B4CE9BE5E68D76E93E63", 16), 80 | BN("77268D1F347AB0EE48741FBFFD3A052154B8FC614C0FD357F5D0E7B4119D24A4EC47FFFE68DD9BB097D2D7848B08070AEEB25C99EDAA95387F71D8589209973E538D4BC9E693963E485097EB0B8AE8ACD84A13385EC1DBEB070ABAB02E322C247DE70944B17CF3109CBF3DABAB9C66C579706C00CF719314F83A48224FF16DC9", 16), 81 | BN("1E7989EBD93507193CE394263F7C32F434E67F1750A367EC725495899BEF99EBC8FCF41148B82D66BB03BAAA25625DD12B29BAA3B43807C15988278E4BD0E64BBCC133B5583431A48BB58BA188CFBDEA1B6170EDAA4D0B1E0AA0D4CCACDB3A66A7DE6A6AC31CB14B802F45AEB4FDBD9B3D621B9BE88050749A093A382EF914C1", 16)); 82 | 83 | // Key Generation 84 | int key_bits_length = 1024; 85 | int k = 2; 86 | int l = 3; 87 | std::vector priv_arr; 88 | RSAPublicKey pub; 89 | RSAKeyMeta key_meta; 90 | bool status = safeheron::tss_rsa::GenerateKeyEx(key_bits_length, l, k, param, priv_arr, pub, key_meta); 91 | EXPECT_TRUE(status); 92 | key_meta.ToJsonString(json_str); 93 | std::cout << "key meta data: " << json_str << std::endl; 94 | 95 | pub.ToJsonString(json_str); 96 | std::cout << "public key: " << json_str << std::endl; 97 | 98 | priv_arr[0].ToJsonString(json_str); 99 | std::cout << "private key share 1: " << json_str << std::endl; 100 | priv_arr[1].ToJsonString(json_str); 101 | std::cout << "private key share 2: " << json_str << std::endl; 102 | priv_arr[2].ToJsonString(json_str); 103 | std::cout << "private key share 3: " << json_str << std::endl; 104 | 105 | // Party 1 sign. 106 | RSASigShare sig_share0 = priv_arr[0].Sign(doc, key_meta, pub); 107 | sig_share0.ToJsonString(json_str); 108 | std::cout << "signature share 1: " << json_str << std::endl; 109 | // Party 2 sign. 110 | RSASigShare sig_share1 = priv_arr[1].Sign(doc, key_meta, pub); 111 | sig_share1.ToJsonString(json_str); 112 | std::cout << "signature share 2: " << json_str << std::endl; 113 | // Party 3 sign. 114 | RSASigShare sig_share2 = priv_arr[2].Sign(doc, key_meta, pub); 115 | sig_share2.ToJsonString(json_str); 116 | std::cout << "signature share 3: " << json_str << std::endl; 117 | 118 | // Combine signatures 119 | // Distributed signature 120 | std::vector sig_share_arr; 121 | sig_share_arr.push_back(sig_share0); 122 | sig_share_arr.push_back(sig_share1); 123 | sig_share_arr.push_back(sig_share2); 124 | BN sig; 125 | status = safeheron::tss_rsa::CombineSignatures(doc ,sig_share_arr, pub, key_meta, sig); 126 | EXPECT_TRUE(status); 127 | std::cout << "final signature = 0x" << sig.Inspect() << std::endl; 128 | 129 | // Verify the final signature. 130 | EXPECT_TRUE(pub.VerifySignature(doc, sig)); 131 | } 132 | 133 | TEST(TSS_RSA, KeyGenEx2_3_Sign_2_3) { 134 | std::string json_str; 135 | std::string doc("12345678123456781234567812345678"); 136 | 137 | // Key Generation 138 | int key_bits_length = 1024; 139 | int k = 2; 140 | int l = 3; 141 | std::vector priv_arr; 142 | RSAPublicKey pub; 143 | RSAKeyMeta key_meta; 144 | bool status = safeheron::tss_rsa::GenerateKey(key_bits_length, l, k, priv_arr, pub, key_meta); 145 | EXPECT_TRUE(status); 146 | key_meta.ToJsonString(json_str); 147 | std::cout << "key meta data: " << json_str << std::endl; 148 | 149 | pub.ToJsonString(json_str); 150 | std::cout << "public key: " << json_str << std::endl; 151 | 152 | priv_arr[0].ToJsonString(json_str); 153 | std::cout << "private key share 1: " << json_str << std::endl; 154 | priv_arr[2].ToJsonString(json_str); 155 | std::cout << "private key share 3: " << json_str << std::endl; 156 | 157 | // Party 1 sign. 158 | RSASigShare sig_share0 = priv_arr[0].Sign(doc, key_meta, pub); 159 | sig_share0.ToJsonString(json_str); 160 | std::cout << "signature share 1: " << json_str << std::endl; 161 | // Party 3 sign. 162 | RSASigShare sig_share2 = priv_arr[2].Sign(doc, key_meta, pub); 163 | sig_share2.ToJsonString(json_str); 164 | std::cout << "signature share 3: " << json_str << std::endl; 165 | 166 | // Combine signatures 167 | // Distributed signature 168 | std::vector sig_share_arr; 169 | sig_share_arr.push_back(sig_share0); 170 | sig_share_arr.push_back(sig_share2); 171 | BN sig; 172 | status = safeheron::tss_rsa::CombineSignatures(doc, sig_share_arr, pub, key_meta, sig); 173 | EXPECT_TRUE(status); 174 | std::cout << "final signature = 0x" << sig.Inspect() << std::endl; 175 | 176 | // Verify the final signature. 177 | EXPECT_TRUE(pub.VerifySignature(doc, sig)); 178 | } 179 | 180 | 181 | int main(int argc, char **argv) { 182 | ::testing::InitGoogleTest(&argc, argv); 183 | int ret = RUN_ALL_TESTS(); 184 | return ret; 185 | } 186 | -------------------------------------------------------------------------------- /test/tss-rsa-benchmark-test.cpp: -------------------------------------------------------------------------------- 1 | #include 2 | #include "gtest/gtest.h" 3 | #include "crypto-bn/bn.h" 4 | #include "../src/crypto-tss-rsa/tss_rsa.h" 5 | #include "exception/safeheron_exceptions.h" 6 | using safeheron::bignum::BN; 7 | using safeheron::tss_rsa::RSAPrivateKeyShare; 8 | using safeheron::tss_rsa::RSAPublicKey; 9 | using safeheron::tss_rsa::RSAKeyMeta; 10 | using safeheron::tss_rsa::RSASigShare; 11 | using safeheron::tss_rsa::KeyGenParam; 12 | 13 | 14 | void BM_generateRandom(benchmark::State& state, int key_bits_length, int l, int k); 15 | void BM_generateEx(benchmark::State& state, int key_bits_length, int l, int k); 16 | 17 | void BM_generateSig(benchmark::State& state); 18 | void BM_combineSig(benchmark::State& state); 19 | void BM_verifySig(benchmark::State& state); 20 | 21 | std::vector< std::vector> priv_arr; 22 | std::vector pub; 23 | std::vector key_meta; 24 | std::vector< std::vector> sig_arr; 25 | std::vector sig; 26 | 27 | std::vector param; 28 | std::string doc[] = {"hello world, 1", 29 | "hello world, 2", 30 | "hello world, 3", 31 | "hello world, 4", 32 | "hello world, 5", 33 | "hello world, 6", 34 | "hello world, 7", 35 | "hello world, 8", 36 | "hello world, 9", 37 | "hello world, 10" 38 | }; 39 | 40 | void BM_generateRandom(benchmark::State& state, int key_bits_length, int l, int k) { 41 | priv_arr.resize(state.max_iterations); 42 | pub.resize(state.max_iterations); 43 | key_meta.resize(state.max_iterations); 44 | sig_arr.resize(state.max_iterations); 45 | sig.resize(state.max_iterations); 46 | int count = 0; 47 | for (auto _ : state) { 48 | priv_arr[count].clear(); 49 | safeheron::tss_rsa::GenerateKey(key_bits_length, l, k, priv_arr[count], pub[count], key_meta[count]); 50 | count++; 51 | } 52 | } 53 | 54 | void BM_generateEx(benchmark::State& state, int key_bits_length, int l, int k) { 55 | priv_arr.resize(state.max_iterations); 56 | pub.resize(state.max_iterations); 57 | key_meta.resize(state.max_iterations); 58 | sig_arr.resize(state.max_iterations); 59 | sig.resize(state.max_iterations); 60 | int count = 0; 61 | for (auto _ : state) { 62 | priv_arr[count].clear(); 63 | safeheron::tss_rsa::GenerateKeyEx(key_bits_length, l, k, param[count], priv_arr[count], pub[count], key_meta[count]); 64 | count++; 65 | } 66 | } 67 | 68 | void BM_generateSig(benchmark::State& state) { 69 | for (auto _: state) { 70 | for (size_t i = 0; i < priv_arr.size(); i++) { 71 | sig_arr[i].clear(); 72 | for (size_t j = 0; j < priv_arr[i].size(); j++) { 73 | sig_arr[i].emplace_back(priv_arr[i][j].Sign(doc[i], key_meta[i], pub[i])); 74 | } 75 | } 76 | } 77 | } 78 | 79 | void BM_combineSig(benchmark::State& state) { 80 | for (auto _ : state) { 81 | for(size_t i = 0; i < sig_arr.size(); i++) { 82 | CombineSignaturesWithoutValidation(doc[i], sig_arr[i], pub[i], key_meta[i], sig[i]); 83 | } 84 | } 85 | } 86 | 87 | void BM_verifySig(benchmark::State& state) { 88 | for (auto _ : state) { 89 | for(size_t i = 0; i < sig.size(); i++) { 90 | pub[i].VerifySignature(doc[i], sig[i]); 91 | } 92 | } 93 | for(size_t i = 0; i < sig.size(); i++) { 94 | EXPECT_TRUE(pub[i].VerifySignature(doc[i], sig[i])); 95 | } 96 | } 97 | 98 | int main(int argc, char** argv) { 99 | benchmark::Initialize(&argc, argv); 100 | int n_key_pairs = 10; 101 | // Generate "n_key_pairs" key pairs: n_key_pairs = 10 102 | ::benchmark::RegisterBenchmark("BM_generateRandom", &BM_generateRandom, 4096, 5, 3)->Iterations(n_key_pairs)->Unit(benchmark::kSecond); 103 | // Generate 10 * "n_key_pairs" signature shares 104 | ::benchmark::RegisterBenchmark("BM_generateSig", &BM_generateSig)->Iterations(10)->Unit(benchmark::kSecond); 105 | // Combine 10 * "n_key_pairs" signatures 106 | ::benchmark::RegisterBenchmark("BM_combineSig", &BM_combineSig)->Iterations(10)->Unit(benchmark::kSecond); 107 | // Verify 10 * "n_key_pairs" signatures 108 | ::benchmark::RegisterBenchmark("BM_verifySig", &BM_verifySig)->Iterations(10)->Unit(benchmark::kSecond); 109 | benchmark::RunSpecifiedBenchmarks(); 110 | benchmark::Shutdown(); 111 | return 0; 112 | } 113 | 114 | -------------------------------------------------------------------------------- /test/tss-rsa-test.cpp: -------------------------------------------------------------------------------- 1 | #include "gtest/gtest.h" 2 | #include "crypto-bn/bn.h" 3 | #include "crypto-bn/rand.h" 4 | #include "exception/safeheron_exceptions.h" 5 | #include "../src/crypto-tss-rsa/tss_rsa.h" 6 | #include "../src/crypto-tss-rsa/emsa_pss.h" 7 | #include "crypto-encode/hex.h" 8 | using safeheron::bignum::BN; 9 | using safeheron::tss_rsa::RSAPrivateKeyShare; 10 | using safeheron::tss_rsa::RSAPublicKey; 11 | using safeheron::tss_rsa::RSAKeyMeta; 12 | using safeheron::tss_rsa::RSASigShare; 13 | using safeheron::tss_rsa::KeyGenParam; 14 | using safeheron::exception::LocatedException; 15 | using safeheron::exception::OpensslException; 16 | using safeheron::exception::BadAllocException; 17 | using safeheron::exception::RandomSourceException; 18 | 19 | TEST(TSS_RSA, PSS) { 20 | std::string doc = "hello world"; 21 | KeyGenParam param(0, 22 | BN("E4AAECAA632881A60D11813CC8379980C673BEFB959F44AA14BB15F141ADBE9E6B25FA3A8715435427B10AA608946D0A7B68A4F75BDC376E12010F813F480007", 16), 23 | BN("C32F913ECDF403DB94B07A8D02AF2934A882226F3535E6436A6A2392A2C390E525D4531D6EFF2028AE8E16F856E0945348E007EDAC43B4CE9BE5E68D76E93E63", 16), 24 | BN("77268D1F347AB0EE48741FBFFD3A052154B8FC614C0FD357F5D0E7B4119D24A4EC47FFFE68DD9BB097D2D7848B08070AEEB25C99EDAA95387F71D8589209973E538D4BC9E693963E485097EB0B8AE8ACD84A13385EC1DBEB070ABAB02E322C247DE70944B17CF3109CBF3DABAB9C66C579706C00CF719314F83A48224FF16DC9", 16), 25 | BN("1E7989EBD93507193CE394263F7C32F434E67F1750A367EC725495899BEF99EBC8FCF41148B82D66BB03BAAA25625DD12B29BAA3B43807C15988278E4BD0E64BBCC133B5583431A48BB58BA188CFBDEA1B6170EDAA4D0B1E0AA0D4CCACDB3A66A7DE6A6AC31CB14B802F45AEB4FDBD9B3D621B9BE88050749A093A382EF914C1", 16)); 26 | 27 | // Key Generation 28 | int key_bits_length = 1024; 29 | int k = 2; 30 | int l = 3; 31 | 32 | RSAKeyMeta key_meta; 33 | RSAPublicKey pub; 34 | std::vector priv_arr; 35 | std::vector sig_arr; 36 | BN sig; 37 | safeheron::tss_rsa::GenerateKeyEx(key_bits_length, l, k, param, priv_arr, pub, key_meta); 38 | std::cout << "pub.n: " << pub.n().Inspect() << std::endl; 39 | std::cout << "pub.e: " << pub.e().Inspect() << std::endl; 40 | 41 | // Prepare EMSA_PSS 42 | std::string doc_pss = safeheron::tss_rsa::EncodeEMSA_PSS(doc, key_bits_length, 43 | safeheron::tss_rsa::SaltLength::AutoLength); 44 | std::cout << "doc_pss: " << safeheron::encode::hex::EncodeToHex(doc_pss) << std::endl; 45 | 46 | // Sign 47 | for(int i = 0; i < l; i++) { 48 | sig_arr.emplace_back(priv_arr[i].Sign(doc_pss, key_meta, pub)); 49 | } 50 | 51 | // Combine 52 | safeheron::tss_rsa::CombineSignatures(doc_pss, sig_arr, pub, key_meta, sig); 53 | 54 | // Verify EMSA_PSS 55 | EXPECT_TRUE(safeheron::tss_rsa::VerifyEMSA_PSS(doc, key_bits_length, safeheron::tss_rsa::SaltLength::AutoLength, doc_pss)); 56 | std::cout << "signature: " << sig.Inspect() < priv_arr; 72 | std::vector sig_arr; 73 | BN sig; 74 | safeheron::tss_rsa::GenerateKey(key_bits_length, l, k, priv_arr, pub, key_meta); 75 | std::cout << "pub.n: " << pub.n().Inspect() << std::endl; 76 | std::cout << "pub.e: " << pub.e().Inspect() << std::endl; 77 | 78 | // Prepare EMSA_PSS 79 | std::string doc_pss = safeheron::tss_rsa::EncodeEMSA_PSS(doc, key_bits_length, 80 | safeheron::tss_rsa::SaltLength::AutoLength); 81 | std::cout << "doc_pss: " << safeheron::encode::hex::EncodeToHex(doc_pss) << std::endl; 82 | 83 | // Sign 84 | for(int i = 0; i < l; i++) { 85 | sig_arr.emplace_back(priv_arr[i].Sign(doc_pss, key_meta, pub)); 86 | } 87 | 88 | // Combine 89 | safeheron::tss_rsa::CombineSignatures(doc_pss, sig_arr, pub, key_meta, sig); 90 | 91 | // Verify EMSA_PSS 92 | EXPECT_TRUE(safeheron::tss_rsa::VerifyEMSA_PSS(doc, key_bits_length, safeheron::tss_rsa::SaltLength::AutoLength, doc_pss)); 93 | std::cout << "signature: " << sig.Inspect() <