frosix

Multiparty signature service (experimental)
Log | Files | Refs | README | LICENSE

keygen_validate_share.c (2418B)

      1 /*
      2   This file is part of Frosix
      3   Copyright (C) 2022, 2023 Joel Urech
      4 
      5   Frosix is free software; you can redistribute it and/or modify it under the
      6   terms of the GNU Affero General Public License as published by the Free Software
      7   Foundation; either version 3, or (at your option) any later version.
      8 
      9   Frosix is distributed in the hope that it will be useful, but WITHOUT ANY
     10   WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
     11   A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more details.
     12 
     13   You should have received a copy of the GNU Affero General Public License along with
     14   Frosix; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
     15 */
     16 /**
     17  * @file keygen_validate_share.c
     18  * @brief Implements the validation of a share.
     19  * @author Joel Urech
     20 */
     21 #include "keygen.h"
     22 #include "keygen_common.h"
     23 
     24 enum GNUNET_GenericReturnValue
     25 FROST_keygen_validate_share (
     26   const struct FROST_DkgCommitment *commitment,
     27   const struct FROST_DkgShare *share,
     28   uint8_t my_index)
     29 {
     30   /* check if share is 0 - we can not multiply the curve generator with 0! */
     31   {
     32     struct FROST_Scalar zero;
     33     FROST_scalar_zero (&zero);
     34 
     35     if (0 == memcmp (&zero.scalarbytes,
     36                      &share->share.scalarbytes,
     37                      sizeof (share->share)))
     38       return GNUNET_NO;
     39   }
     40 
     41   /* g^share_i*/
     42   struct FROST_Point g_secret_share;
     43   FROST_base_mul_scalar (&g_secret_share,
     44                          &share->share);
     45 
     46   // initialize com_result
     47   struct FROST_Point com_result;
     48   FROST_point_identity (&com_result);
     49 
     50   // initialize index of receiver
     51   struct FROST_Scalar receiver_index;
     52   FROST_scalar_set_uint8 (&receiver_index,
     53                           my_index);
     54 
     55   /* reversed loop over all commitments */
     56   for (int i = commitment->shares_commitments_length - 1; i >= 0; i--)
     57   {
     58     // com_result += schare_com[i]
     59     FROST_point_add_point (&com_result,
     60                            &com_result,
     61                            &commitment->share_comm[i].sc);
     62 
     63     // we ignore the multiplication for commitment '0'
     64     if (i != 0)
     65     {
     66       // com_result *= receiver_index
     67       FROST_point_mul_scalar (&com_result,
     68                               &com_result,
     69                               &receiver_index);
     70     }
     71   }
     72 
     73   /* compare provided and computed points */
     74   return FROST_point_cmp (&com_result,
     75                           &g_secret_share);
     76 }