common

package
v2.1.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 24, 2026 License: MIT Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ErrGeneratorCancelled = fmt.Errorf("generator work cancelled")

ErrGeneratorCancelled is an error returned from GetRandomSafePrimesConcurrent when the work of the generator has been cancelled as a result of the context being done (cancellation or timeout).

View Source 
var File_protob_signature_proto protoreflect.FileDescriptor
View Source 
var Logger = log.Logger("tss-lib")

Logger is the package-level logger for tss-lib.

Functions

func AppendBigIntToBytesSlice 

func AppendBigIntToBytesSlice(commonBytes []byte, appended *big.Int) []byte

AppendBigIntToBytesSlice appends the byte representation of a big.Int to the given byte slice.

func BigIntsToBytes 

func BigIntsToBytes(bigInts []*big.Int) [][]byte

BigIntsToBytes converts a slice of big.Int values to a slice of byte slices.

func GetRandomBytes 

func GetRandomBytes(rand io.Reader, length int) ([]byte, error)

GetRandomBytes returns random bytes of length.

func GetRandomGeneratorOfTheQuadraticResidue 

func GetRandomGeneratorOfTheQuadraticResidue(rand io.Reader, n *big.Int) *big.Int
Return a random generator of RQn with high probability.
THIS METHOD ONLY WORKS IF N IS THE PRODUCT OF TWO SAFE PRIMES!

https://github.com/didiercrunch/paillier/blob/d03e8850a8e4c53d04e8016a2ce8762af3278b71/utils.go#L39

func GetRandomPositiveInt 

func GetRandomPositiveInt(rand io.Reader, lessThan *big.Int) *big.Int

GetRandomPositiveInt returns a random positive integer less than the given upper bound.

func GetRandomPositiveRelativelyPrimeInt 

func GetRandomPositiveRelativelyPrimeInt(rand io.Reader, n *big.Int) *big.Int

Generate a random element in the group of all the elements in Z/nZ that has a multiplicative inverse.

func GetRandomPrimeInt 

func GetRandomPrimeInt(rand io.Reader, bits int) *big.Int

GetRandomPrimeInt returns a random prime number of the specified bit length.

func GetRandomQuadraticNonResidue 

func GetRandomQuadraticNonResidue(rand io.Reader, n *big.Int) *big.Int

GetRandomQuadraticNonResidue returns a quadratic non residue of odd n.

func IsInInterval 

func IsInInterval(b *big.Int, bound *big.Int) bool

IsInInterval returns true if b is in the interval [0, bound).

func IsNumberInMultiplicativeGroup 

func IsNumberInMultiplicativeGroup(n, v *big.Int) bool

IsNumberInMultiplicativeGroup returns true if v is in the multiplicative group of integers modulo n.

func ModInt 

func ModInt(mod *big.Int) *modInt

ModInt creates a new modInt that performs arithmetic modulo the given value.

func MultiBytesToBigInts 

func MultiBytesToBigInts(bytes [][]byte) []*big.Int

MultiBytesToBigInts converts a slice of byte slices to a slice of big.Int values.

func MustGetRandomInt 

func MustGetRandomInt(rand io.Reader, bits int) *big.Int

MustGetRandomInt panics if it is unable to gather entropy from `io.Reader` or when `bits` is <= 0

func NonEmptyBytes 

func NonEmptyBytes(bz []byte) bool

Returns true when the byte slice is non-nil and non-empty

func NonEmptyMultiBytes 

func NonEmptyMultiBytes(bzs [][]byte, expectLen ...int) bool

Returns true when all of the slices in the multi-dimensional byte slice are non-nil and non-empty

func PadToLengthBytesInPlace 

func PadToLengthBytesInPlace(src []byte, length int) []byte

PadToLengthBytesInPlace pad {0, ...} to the front of src if len(src) < length output length is equal to the parameter length

func RejectionSample 

func RejectionSample(q *big.Int, eHash *big.Int) *big.Int

RejectionSample reduces a hash value modulo q. The input eHash is a 256-bit output of SHA-512/256. When q is close to or larger than 2^256 the bias from modular reduction is negligible. For smaller q values the bias is at most 2^{-128} which is within acceptable security bounds.

func SHA512_256 

func SHA512_256(in ...[]byte) []byte

SHA-512/256 is protected against length extension attacks and is more performant than SHA-256 on 64-bit architectures. https://en.wikipedia.org/wiki/Template:Comparison_of_SHA_functions

func SHA512_256i 

func SHA512_256i(in ...*big.Int) *big.Int

SHA512_256i computes the SHA-512/256 hash of the given big.Int values and returns the result as a big.Int.

func SHA512_256iOne 

func SHA512_256iOne(in *big.Int) *big.Int

SHA512_256iOne computes the SHA-512/256 hash of a single big.Int and returns the result as a big.Int.

func SHA512_256i_TAGGED 

func SHA512_256i_TAGGED(tag []byte, in ...*big.Int) *big.Int

SHA512_256i_TAGGED tagged version of SHA512_256i

Types

type GermainSafePrime 

type GermainSafePrime struct {
	// contains filtered or unexported fields
}

GermainSafePrime holds a Sophie Germain prime q and its associated safe prime p = 2q + 1.

func GetRandomSafePrimesConcurrent 

func GetRandomSafePrimesConcurrent(ctx context.Context, bitLen, numPrimes int, concurrency int, rand io.Reader) ([]*GermainSafePrime, error)

GetRandomSafePrimesConcurrent tries to find safe primes concurrently. The returned results are safe primes `p` and prime `q` such that `p=2q+1`. Concurrency level can be controlled with the `concurrencyLevel` parameter. If a safe prime could not be found before the context is done, the error is returned. Also, if at least one search process failed, error is returned as well.

How fast we generate a prime number is mostly a matter of luck and it depends on how lucky we are with drawing the first bytes. With today's multi-core processors, we can execute the process on multiple cores concurrently, accept the first valid result and cancel the rest of work. This way, with the same finding algorithm, we can get the result faster.

Concurrency level should be set depending on what `bitLen` of prime is expected. For example, as of today, on a typical workstation, for 512-bit safe prime, `concurrencyLevel` should be set to `1` as generating the prime of this length is a matter of milliseconds for a single core. For 1024-bit safe prime, `concurrencyLevel` should be usually set to at least `2` and for 2048-bit safe prime, `concurrencyLevel` must be set to at least `4` to get the result in a reasonable time.

This function generates safe primes of at least 6 `bitLen`. For every generated safe prime, the two most significant bits are always set to `1` - we don't want the generated number to be too small.

func (*GermainSafePrime) Prime 

func (sgp *GermainSafePrime) Prime() *big.Int

Prime returns the Sophie Germain prime q.

func (*GermainSafePrime) SafePrime 

func (sgp *GermainSafePrime) SafePrime() *big.Int

SafePrime returns the safe prime p = 2q + 1.

func (*GermainSafePrime) Validate 

func (sgp *GermainSafePrime) Validate() bool

Validate returns true if both q and p = 2q + 1 are prime.

type SignatureData 

type SignatureData struct {
	Signature []byte `protobuf:"bytes,1,opt,name=signature,proto3" json:"signature,omitempty"`
	// Ethereum-style recovery byte; only the first byte is relevant
	SignatureRecovery []byte `protobuf:"bytes,2,opt,name=signature_recovery,json=signatureRecovery,proto3" json:"signature_recovery,omitempty"`
	// Signature components R, S
	R []byte `protobuf:"bytes,3,opt,name=r,proto3" json:"r,omitempty"`
	S []byte `protobuf:"bytes,4,opt,name=s,proto3" json:"s,omitempty"`
	// M represents the original message digest that was signed M
	M []byte `protobuf:"bytes,5,opt,name=m,proto3" json:"m,omitempty"`
	// contains filtered or unexported fields
}

Container for output signatures, mostly used for marshalling this data structure to a mobile app

func (*SignatureData) Descriptor deprecated 

func (*SignatureData) Descriptor() ([]byte, []int)

Deprecated: Use SignatureData.ProtoReflect.Descriptor instead.

func (*SignatureData) GetM 

func (x *SignatureData) GetM() []byte

func (*SignatureData) GetR 

func (x *SignatureData) GetR() []byte

func (*SignatureData) GetS 

func (x *SignatureData) GetS() []byte

func (*SignatureData) GetSignature 

func (x *SignatureData) GetSignature() []byte

func (*SignatureData) GetSignatureObject added in v2.1.3 

func (x *SignatureData) GetSignatureObject() *secp256k1.Signature

func (*SignatureData) GetSignatureRecovery 

func (x *SignatureData) GetSignatureRecovery() []byte

func (*SignatureData) ProtoMessage 

func (*SignatureData) ProtoMessage()

func (*SignatureData) ProtoReflect 

func (x *SignatureData) ProtoReflect() protoreflect.Message

func (*SignatureData) Reset 

func (x *SignatureData) Reset()

func (*SignatureData) String 

func (x *SignatureData) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.