bls_sig

package
v1.8.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 11, 2022 License: Apache-2.0 Imports: 10 Imported by: 43

Documentation

Overview

Package bls_sig is an implementation of the BLS signature defined in https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

Index

Constants

View Source 
const (
	// Public key size in G2
	PublicKeyVtSize = 96
	// Signature size in G1
	SignatureVtSize = 48
	// Proof of Possession in G1
	ProofOfPossessionVtSize = 48
)
View Source 
const (
	// Public key size in G1
	PublicKeySize = 48
	// Signature size in G2
	SignatureSize = 96
	// Proof of Possession in G2
	ProofOfPossessionSize = 96
)
View Source 
const SecretKeyShareSize = 33

Secret key share with identifier byte in Fr

View Source 
const SecretKeySize = 32

Secret key in Fr

Variables

This section is empty.

Functions

This section is empty.

Types

type BlsScheme 

type BlsScheme interface {
	Keygen() (*PublicKey, *SecretKey, error)
	KeygenWithSeed(ikm []byte) (*PublicKey, *SecretKey, error)
	Sign(sk *SecretKey, msg []byte) (*Signature, error)
	Verify(pk *PublicKey, msg []byte, sig *Signature) bool
	AggregateVerify(pks []*PublicKey, msgs [][]byte, sigs []*Signature) bool
}

type BlsSchemeVt 

type BlsSchemeVt interface {
	Keygen() (*PublicKeyVt, *SecretKey, error)
	KeygenWithSeed(ikm []byte) (*PublicKeyVt, *SecretKey, error)
	Sign(sk *SecretKey, msg []byte) (*SignatureVt, error)
	Verify(pk *PublicKeyVt, msg []byte, sig *SignatureVt) bool
	AggregateVerify(pks []*PublicKeyVt, msgs [][]byte, sigs []*SignatureVt) bool
}

type MultiPublicKey 

type MultiPublicKey struct {
	// contains filtered or unexported fields
}

Represents accumulated multiple Public Keys in G1 for verifying a multisignature

func (MultiPublicKey) MarshalBinary 

func (pk MultiPublicKey) MarshalBinary() ([]byte, error)

Serialize a public key to a byte array in compressed form. See https://github.com/zcash/librustzcash/blob/master/pairing/src/bls12_381/README.md#serialization https://docs.rs/bls12_381/0.1.1/bls12_381/notes/serialization/index.html

func (*MultiPublicKey) UnmarshalBinary 

func (pk *MultiPublicKey) UnmarshalBinary(data []byte) error

Deserialize a public key from a byte array in compressed form. See https://github.com/zcash/librustzcash/blob/master/pairing/src/bls12_381/README.md#serialization https://docs.rs/bls12_381/0.1.1/bls12_381/notes/serialization/index.html If successful, it will assign the public key otherwise it will return an error

type MultiPublicKeyVt 

type MultiPublicKeyVt struct {
	// contains filtered or unexported fields
}

Represents accumulated multiple Public Keys in G2 for verifying a multisignature

func (*MultiPublicKeyVt) MarshalBinary 

func (pk *MultiPublicKeyVt) MarshalBinary() ([]byte, error)

Serialize a public key to a byte array in compressed form. See https://github.com/zcash/librustzcash/blob/master/pairing/src/bls12_381/README.md#serialization https://docs.rs/bls12_381/0.1.1/bls12_381/notes/serialization/index.html

func (*MultiPublicKeyVt) UnmarshalBinary 

func (pk *MultiPublicKeyVt) UnmarshalBinary(data []byte) error

Deserialize a public key from a byte array in compressed form. See https://github.com/zcash/librustzcash/blob/master/pairing/src/bls12_381/README.md#serialization https://docs.rs/bls12_381/0.1.1/bls12_381/notes/serialization/index.html If successful, it will assign the public key otherwise it will return an error

type MultiSignature 

type MultiSignature struct {
	// contains filtered or unexported fields
}

Represents an MultiSignature in G2. A multisignature is used when multiple signatures are calculated over the same message vs an aggregate signature where each message signed is a unique.

func (MultiSignature) MarshalBinary 

func (sig MultiSignature) MarshalBinary() ([]byte, error)

Serialize a multi-signature to a byte array in compressed form. See https://github.com/zcash/librustzcash/blob/master/pairing/src/bls12_381/README.md#serialization https://docs.rs/bls12_381/0.1.1/bls12_381/notes/serialization/index.html

func (*MultiSignature) UnmarshalBinary 

func (sig *MultiSignature) UnmarshalBinary(data []byte) error

Deserialize a signature from a byte array in compressed form. See https://github.com/zcash/librustzcash/blob/master/pairing/src/bls12_381/README.md#serialization https://docs.rs/bls12_381/0.1.1/bls12_381/notes/serialization/index.html If successful, it will assign the Signature otherwise it will return an error

type MultiSignatureVt 

type MultiSignatureVt struct {
	// contains filtered or unexported fields
}

Represents an MultiSignature in G1. A multisignature is used when multiple signatures are calculated over the same message vs an aggregate signature where each message signed is a unique.

func (*MultiSignatureVt) MarshalBinary 

func (sig *MultiSignatureVt) MarshalBinary() ([]byte, error)

Serialize a multi-signature to a byte array in compressed form. See https://github.com/zcash/librustzcash/blob/master/pairing/src/bls12_381/README.md#serialization https://docs.rs/bls12_381/0.1.1/bls12_381/notes/serialization/index.html

func (*MultiSignatureVt) UnmarshalBinary 

func (sig *MultiSignatureVt) UnmarshalBinary(data []byte) error

Deserialize a signature from a byte array in compressed form. See https://github.com/zcash/librustzcash/blob/master/pairing/src/bls12_381/README.md#serialization https://docs.rs/bls12_381/0.1.1/bls12_381/notes/serialization/index.html If successful, it will assign the Signature otherwise it will return an error

type PartialSignature 

type PartialSignature struct {
	Identifier byte
	Signature  bls12381.G2
}

PartialSignature represents threshold Gap Diffie-Hellman BLS signature that can be combined with other partials to yield a completed BLS signature See section 3.2 in <https://www.cc.gatech.edu/~aboldyre/papers/bold.pdf>

type PartialSignatureVt 

type PartialSignatureVt struct {
	// contains filtered or unexported fields
}

PartialSignatureVt represents threshold Gap Diffie-Hellman BLS signature that can be combined with other partials to yield a completed BLS signature See section 3.2 in <https://www.cc.gatech.edu/~aboldyre/papers/bold.pdf>

type ProofOfPossession 

type ProofOfPossession struct {
	// contains filtered or unexported fields
}

A proof of possession scheme uses a separate public key validation step, called a proof of possession, to defend against rogue key attacks. This enables an optimization to aggregate signature verification for the case that all signatures are on the same message.

func (ProofOfPossession) MarshalBinary 

func (pop ProofOfPossession) MarshalBinary() ([]byte, error)

Serialize a proof of possession to a byte array in compressed form. See https://github.com/zcash/librustzcash/blob/master/pairing/src/bls12_381/README.md#serialization https://docs.rs/bls12_381/0.1.1/bls12_381/notes/serialization/index.html

func (*ProofOfPossession) UnmarshalBinary 

func (pop *ProofOfPossession) UnmarshalBinary(data []byte) error

Deserialize a proof of possession from a byte array in compressed form. See https://github.com/zcash/librustzcash/blob/master/pairing/src/bls12_381/README.md#serialization https://docs.rs/bls12_381/0.1.1/bls12_381/notes/serialization/index.html If successful, it will assign the Signature otherwise it will return an error

type ProofOfPossessionVt 

type ProofOfPossessionVt struct {
	// contains filtered or unexported fields
}

A proof of possession scheme uses a separate public key validation step, called a proof of possession, to defend against rogue key attacks. This enables an optimization to aggregate signature verification for the case that all signatures are on the same message.

func (*ProofOfPossessionVt) MarshalBinary 

func (pop *ProofOfPossessionVt) MarshalBinary() ([]byte, error)

Serialize a proof of possession to a byte array in compressed form. See https://github.com/zcash/librustzcash/blob/master/pairing/src/bls12_381/README.md#serialization https://docs.rs/bls12_381/0.1.1/bls12_381/notes/serialization/index.html

func (*ProofOfPossessionVt) UnmarshalBinary 

func (pop *ProofOfPossessionVt) UnmarshalBinary(data []byte) error

Deserialize a proof of possession from a byte array in compressed form. See https://github.com/zcash/librustzcash/blob/master/pairing/src/bls12_381/README.md#serialization https://docs.rs/bls12_381/0.1.1/bls12_381/notes/serialization/index.html If successful, it will assign the Signature otherwise it will return an error

type PublicKey 

type PublicKey struct {
	// contains filtered or unexported fields
}

Represents a public key in G1

func (PublicKey) MarshalBinary 

func (pk PublicKey) MarshalBinary() ([]byte, error)

Serialize a public key to a byte array in compressed form. See https://github.com/zcash/librustzcash/blob/master/pairing/src/bls12_381/README.md#serialization https://docs.rs/bls12_381/0.1.1/bls12_381/notes/serialization/index.html

func (*PublicKey) UnmarshalBinary 

func (pk *PublicKey) UnmarshalBinary(data []byte) error

Deserialize a public key from a byte array in compressed form. See https://github.com/zcash/librustzcash/blob/master/pairing/src/bls12_381/README.md#serialization https://docs.rs/bls12_381/0.1.1/bls12_381/notes/serialization/index.html If successful, it will assign the public key otherwise it will return an error

type PublicKeyVt 

type PublicKeyVt struct {
	// contains filtered or unexported fields
}

Represents a public key in G2

func (*PublicKeyVt) MarshalBinary 

func (pk *PublicKeyVt) MarshalBinary() ([]byte, error)

Serialize a public key to a byte array in compressed form. See https://github.com/zcash/librustzcash/blob/master/pairing/src/bls12_381/README.md#serialization https://docs.rs/bls12_381/0.1.1/bls12_381/notes/serialization/index.html

func (*PublicKeyVt) UnmarshalBinary 

func (pk *PublicKeyVt) UnmarshalBinary(data []byte) error

Deserialize a public key from a byte array in compressed form. See https://github.com/zcash/librustzcash/blob/master/pairing/src/bls12_381/README.md#serialization https://docs.rs/bls12_381/0.1.1/bls12_381/notes/serialization/index.html If successful, it will assign the public key otherwise it will return an error

type SecretKey 

type SecretKey struct {
	// contains filtered or unexported fields
}

Represents a value mod r where r is the curve order or order of the subgroups in G1 and G2

func (SecretKey) Generate 

func (sk SecretKey) Generate(ikm []byte) (*SecretKey, error)

Creates a new BLS secret key Input key material (ikm) MUST be at least 32 bytes long, but it MAY be longer.

func (SecretKey) GetPublicKey 

func (sk SecretKey) GetPublicKey() (*PublicKey, error)

Get the corresponding public key from a secret key Verifies the public key is in the correct subgroup

func (*SecretKey) GetPublicKeyVt 

func (sk *SecretKey) GetPublicKeyVt() (*PublicKeyVt, error)

Get the corresponding public key from a secret key Verifies the public key is in the correct subgroup

func (SecretKey) MarshalBinary 

func (sk SecretKey) MarshalBinary() ([]byte, error)

Serialize a secret key to raw bytes

func (*SecretKey) UnmarshalBinary 

func (sk *SecretKey) UnmarshalBinary(data []byte) error

Deserialize a secret key from raw bytes Cannot be zero. Must be 32 bytes and cannot be all zeroes. https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03#section-2.3

type SecretKeyShare 

type SecretKeyShare struct {
	// contains filtered or unexported fields
}

SecretKeyShare is shamir share of a private key

func (SecretKeyShare) MarshalBinary 

func (sks SecretKeyShare) MarshalBinary() ([]byte, error)

Serialize a secret key share to raw bytes

func (*SecretKeyShare) UnmarshalBinary 

func (sks *SecretKeyShare) UnmarshalBinary(data []byte) error

Deserialize a secret key share from raw bytes

type SigAug 

type SigAug struct {
	// contains filtered or unexported fields
}

SigAug is minimal-pubkey-size scheme that doesn't support FastAggregateVerificiation. see: https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03#section-4.2.2

func NewSigAug 

func NewSigAug() *SigAug

Creates a new BLS message augmentation signature scheme with the standard domain separation tag used for signatures.

func NewSigAugWithDst 

func NewSigAugWithDst(signDst string) *SigAug

Creates a new BLS message augmentation signature scheme with a custom domain separation tag used for signatures.

func (SigAug) AggregateVerify 

func (b SigAug) AggregateVerify(pks []*PublicKey, msgs [][]byte, sigs []*Signature) (bool, error)

The AggregateVerify algorithm checks an aggregated signature over several (PK, message, signature) pairs. See section 3.2.3 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

func (SigAug) CombineSignatures 

func (b SigAug) CombineSignatures(sigs ...*PartialSignature) (*Signature, error)

CombineSignatures takes partial signatures to yield a completed signature

func (SigAug) Keygen 

func (b SigAug) Keygen() (*PublicKey, *SecretKey, error)

Creates a new BLS key pair

func (SigAug) KeygenWithSeed 

func (b SigAug) KeygenWithSeed(ikm []byte) (*PublicKey, *SecretKey, error)

Creates a new BLS secret key Input key material (ikm) MUST be at least 32 bytes long, but it MAY be longer.

func (SigAug) PartialSign 

func (b SigAug) PartialSign(sks *SecretKeyShare, pk *PublicKey, msg []byte) (*PartialSignature, error)

Compute a partial signature in G2 that can be combined with other partial signature

func (SigAug) Sign 

func (b SigAug) Sign(sk *SecretKey, msg []byte) (*Signature, error)

Computes a signature in G1 from sk, a secret key, and a message See section 3.2.1 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

func (SigAug) ThresholdKeygen 

func (b SigAug) ThresholdKeygen(threshold, total uint) (*PublicKey, []*SecretKeyShare, error)

ThresholdKeyGen generates a public key and `total` secret key shares such that `threshold` of them can be combined in signatures

func (SigAug) ThresholdKeygenWithSeed 

func (b SigAug) ThresholdKeygenWithSeed(ikm []byte, threshold, total uint) (*PublicKey, []*SecretKeyShare, error)

ThresholdKeyGen generates a public key and `total` secret key shares such that `threshold` of them can be combined in signatures

func (SigAug) Verify 

func (b SigAug) Verify(pk *PublicKey, msg []byte, sig *Signature) (bool, error)

Checks that a signature is valid for the message under the public key pk See section 3.2.2 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

type SigAugVt 

type SigAugVt struct {
	// contains filtered or unexported fields
}

SigAugVt is minimal-signature-size scheme that doesn't support FastAggregateVerification. see: https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03#section-4.2.2

func NewSigAugVt 

func NewSigAugVt() *SigAugVt

Creates a new BLS message augmentation signature scheme with the standard domain separation tag used for signatures.

func NewSigAugVtWithDst 

func NewSigAugVtWithDst(signDst string) *SigAugVt

Creates a new BLS message augmentation signature scheme with a custom domain separation tag used for signatures.

func (SigAugVt) AggregateVerify 

func (b SigAugVt) AggregateVerify(pks []*PublicKeyVt, msgs [][]byte, sigs []*SignatureVt) (bool, error)

The aggregateVerify algorithm checks an aggregated signature over several (PK, message, signature) pairs. See section 3.2.3 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

func (SigAugVt) CombineSignatures 

func (b SigAugVt) CombineSignatures(sigs ...*PartialSignatureVt) (*SignatureVt, error)

CombineSignatures takes partial signatures to yield a completed signature

func (SigAugVt) Keygen 

func (b SigAugVt) Keygen() (*PublicKeyVt, *SecretKey, error)

Creates a new BLS key pair

func (SigAugVt) KeygenWithSeed 

func (b SigAugVt) KeygenWithSeed(ikm []byte) (*PublicKeyVt, *SecretKey, error)

Creates a new BLS secret key Input key material (ikm) MUST be at least 32 bytes long, but it MAY be longer.

func (SigAugVt) PartialSign 

func (b SigAugVt) PartialSign(sks *SecretKeyShare, pk *PublicKeyVt, msg []byte) (*PartialSignatureVt, error)

Compute a partial signature in G2 that can be combined with other partial signature

func (SigAugVt) Sign 

func (b SigAugVt) Sign(sk *SecretKey, msg []byte) (*SignatureVt, error)

Computes a signature in G1 from sk, a secret key, and a message See section 3.2.1 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-02

func (SigAugVt) ThresholdKeygen 

func (b SigAugVt) ThresholdKeygen(threshold, total uint) (*PublicKeyVt, []*SecretKeyShare, error)

ThresholdKeyGen generates a public key and `total` secret key shares such that `threshold` of them can be combined in signatures

func (SigAugVt) ThresholdKeygenWithSeed 

func (b SigAugVt) ThresholdKeygenWithSeed(ikm []byte, threshold, total uint) (*PublicKeyVt, []*SecretKeyShare, error)

ThresholdKeygenWithSeed generates a public key and `total` secret key shares such that `threshold` of them can be combined in signatures

func (SigAugVt) Verify 

func (b SigAugVt) Verify(pk *PublicKeyVt, msg []byte, sig *SignatureVt) (bool, error)

Checks that a signature is valid for the message under the public key pk See section 3.2.2 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

type SigBasic 

type SigBasic struct {
	// contains filtered or unexported fields
}

SigBasic is minimal-pubkey-size scheme that doesn't support FastAggregateVerificiation. see: https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03#section-4.2.1

func NewSigBasic 

func NewSigBasic() *SigBasic

Creates a new BLS basic signature scheme with the standard domain separation tag used for signatures.

func NewSigBasicWithDst 

func NewSigBasicWithDst(signDst string) *SigBasic

Creates a new BLS basic signature scheme with a custom domain separation tag used for signatures.

func (SigBasic) AggregateVerify 

func (b SigBasic) AggregateVerify(pks []*PublicKey, msgs [][]byte, sigs []*Signature) (bool, error)

The AggregateVerify algorithm checks an aggregated signature over several (PK, message, signature) pairs. Each message must be different or this will return false. See section 3.1.1 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

func (SigBasic) CombineSignatures 

func (b SigBasic) CombineSignatures(sigs ...*PartialSignature) (*Signature, error)

CombineSignatures takes partial signatures to yield a completed signature

func (SigBasic) Keygen 

func (b SigBasic) Keygen() (*PublicKey, *SecretKey, error)

Creates a new BLS key pair

func (SigBasic) KeygenWithSeed 

func (b SigBasic) KeygenWithSeed(ikm []byte) (*PublicKey, *SecretKey, error)

Creates a new BLS key pair Input key material (ikm) MUST be at least 32 bytes long, but it MAY be longer.

func (SigBasic) PartialSign 

func (b SigBasic) PartialSign(sks *SecretKeyShare, msg []byte) (*PartialSignature, error)

Compute a partial signature in G2 that can be combined with other partial signature

func (SigBasic) Sign 

func (b SigBasic) Sign(sk *SecretKey, msg []byte) (*Signature, error)

Computes a signature in G2 from sk, a secret key, and a message

func (SigBasic) ThresholdKeygen 

func (b SigBasic) ThresholdKeygen(threshold, total uint) (*PublicKey, []*SecretKeyShare, error)

ThresholdKeyGen generates a public key and `total` secret key shares such that `threshold` of them can be combined in signatures

func (SigBasic) ThresholdKeygenWithSeed 

func (b SigBasic) ThresholdKeygenWithSeed(ikm []byte, threshold, total uint) (*PublicKey, []*SecretKeyShare, error)

ThresholdKeyGen generates a public key and `total` secret key shares such that `threshold` of them can be combined in signatures

func (SigBasic) Verify 

func (b SigBasic) Verify(pk *PublicKey, msg []byte, sig *Signature) (bool, error)

Checks that a signature is valid for the message under the public key pk

type SigBasicVt 

type SigBasicVt struct {
	// contains filtered or unexported fields
}

SigBasic is minimal-pubkey-size scheme that doesn't support FastAggregateVerification. see: https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03#section-4.2.1

func NewSigBasicVt 

func NewSigBasicVt() *SigBasicVt

Creates a new BLS basic signature scheme with the standard domain separation tag used for signatures.

func NewSigBasicVtWithDst 

func NewSigBasicVtWithDst(signDst string) *SigBasicVt

Creates a new BLS basic signature scheme with a custom domain separation tag used for signatures.

func (SigBasicVt) AggregateVerify 

func (b SigBasicVt) AggregateVerify(pks []*PublicKeyVt, msgs [][]byte, sigs []*SignatureVt) (bool, error)

The AggregateVerify algorithm checks an aggregated signature over several (PK, message, signature) pairs. Each message must be different or this will return false. See section 3.1.1 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

func (SigBasicVt) CombineSignatures 

func (b SigBasicVt) CombineSignatures(sigs ...*PartialSignatureVt) (*SignatureVt, error)

CombineSignatures takes partial signatures to yield a completed signature

func (SigBasicVt) Keygen 

func (b SigBasicVt) Keygen() (*PublicKeyVt, *SecretKey, error)

Creates a new BLS key pair

func (SigBasicVt) KeygenWithSeed 

func (b SigBasicVt) KeygenWithSeed(ikm []byte) (*PublicKeyVt, *SecretKey, error)

Creates a new BLS key pair Input key material (ikm) MUST be at least 32 bytes long, but it MAY be longer.

func (SigBasicVt) PartialSign 

func (b SigBasicVt) PartialSign(sks *SecretKeyShare, msg []byte) (*PartialSignatureVt, error)

Compute a partial signature in G2 that can be combined with other partial signature

func (SigBasicVt) Sign 

func (b SigBasicVt) Sign(sk *SecretKey, msg []byte) (*SignatureVt, error)

Computes a signature in G1 from sk, a secret key, and a message

func (SigBasicVt) ThresholdKeygen 

func (b SigBasicVt) ThresholdKeygen(threshold, total uint) (*PublicKeyVt, []*SecretKeyShare, error)

ThresholdKeyGen generates a public key and `total` secret key shares such that `threshold` of them can be combined in signatures

func (SigBasicVt) ThresholdKeygenWithSeed 

func (b SigBasicVt) ThresholdKeygenWithSeed(ikm []byte, threshold, total uint) (*PublicKeyVt, []*SecretKeyShare, error)

ThresholdKeygenWithSeed generates a public key and `total` secret key shares such that `threshold` of them can be combined in signatures from input key material (ikm)

func (SigBasicVt) Verify 

func (b SigBasicVt) Verify(pk *PublicKeyVt, msg []byte, sig *SignatureVt) (bool, error)

Checks that a signature is valid for the message under the public key pk

type SigEth2 

type SigEth2 = SigPop

SigEth2 supports signatures on Eth2. Internally is an alias for SigPop

func NewSigEth2 

func NewSigEth2() *SigEth2

NewSigEth2 Creates a new BLS ETH2 signature scheme with the standard domain separation tag used for signatures.

type SigEth2Vt 

type SigEth2Vt = SigPopVt

SigEth2Vt supports signatures on Eth2. Internally is an alias for SigPopVt

func NewSigEth2Vt 

func NewSigEth2Vt() *SigEth2Vt

NewSigEth2Vt Creates a new BLS ETH2 signature scheme with the standard domain separation tag used for signatures.

type SigPop 

type SigPop struct {
	// contains filtered or unexported fields
}

SigPop is minimal-pubkey-size scheme that supports FastAggregateVerification and requires using proofs of possession to mitigate rogue-key attacks see: https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03#section-4.2.3

func NewSigPop 

func NewSigPop() *SigPop

Creates a new BLS proof of possession signature scheme with the standard domain separation tag used for signatures.

func NewSigPopWithDst 

func NewSigPopWithDst(signDst, popDst string) (*SigPop, error)

Creates a new BLS message proof of possession signature scheme with a custom domain separation tag used for signatures.

func (SigPop) AggregatePublicKeys 

func (b SigPop) AggregatePublicKeys(pks ...*PublicKey) (*MultiPublicKey, error)

Combine many public keys together to form a Multipublickey. Multipublickeys are used to verify multisignatures.

func (SigPop) AggregateSignatures 

func (b SigPop) AggregateSignatures(sigs ...*Signature) (*MultiSignature, error)

Combine many signatures together to form a Multisignature. Multisignatures can be created when multiple signers jointly generate signatures over the same message.

func (SigPop) AggregateVerify 

func (b SigPop) AggregateVerify(pks []*PublicKey, msgs [][]byte, sigs []*Signature) (bool, error)

The aggregateVerify algorithm checks an aggregated signature over several (PK, message, signature) pairs. Each message must be different or this will return false. See section 3.1.1 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

func (SigPop) CombineSignatures 

func (b SigPop) CombineSignatures(sigs ...*PartialSignature) (*Signature, error)

CombineSignatures takes partial signatures to yield a completed signature

func (SigPop) FastAggregateVerify 

func (b SigPop) FastAggregateVerify(pks []*PublicKey, msg []byte, asig *Signature) (bool, error)

FastAggregateVerify verifies an aggregated signature against the specified message and set of public keys. See section 3.3.4 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

func (SigPop) FastAggregateVerifyConstituent 

func (b SigPop) FastAggregateVerifyConstituent(pks []*PublicKey, msg []byte, sigs []*Signature) (bool, error)

FastAggregateVerifyConstituent aggregates all constituent signatures and the verifies them against the specified message and public keys See section 3.3.4 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

func (SigPop) Keygen 

func (b SigPop) Keygen() (*PublicKey, *SecretKey, error)

Creates a new BLS key pair

func (SigPop) KeygenWithSeed 

func (b SigPop) KeygenWithSeed(ikm []byte) (*PublicKey, *SecretKey, error)

Creates a new BLS secret key Input key material (ikm) MUST be at least 32 bytes long, but it MAY be longer.

func (SigPop) PartialSign 

func (b SigPop) PartialSign(sks *SecretKeyShare, msg []byte) (*PartialSignature, error)

Compute a partial signature in G2 that can be combined with other partial signature

func (SigPop) PopProve 

func (b SigPop) PopProve(sk *SecretKey) (*ProofOfPossession, error)

Create a proof of possession for the corresponding public key. A proof of possession must be created for each public key to be used in FastAggregateVerify or a Multipublickey to avoid rogue key attacks. See section 3.3.2 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

func (SigPop) PopVerify 

func (b SigPop) PopVerify(pk *PublicKey, pop2 *ProofOfPossession) (bool, error)

verify a proof of possession for the corresponding public key is valid. A proof of possession must be created for each public key to be used in FastAggregateVerify or a Multipublickey to avoid rogue key attacks. See section 3.3.3 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

func (SigPop) Sign 

func (b SigPop) Sign(sk *SecretKey, msg []byte) (*Signature, error)

Computes a signature in G2 from sk, a secret key, and a message See section 2.6 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

func (SigPop) ThresholdKeygen 

func (b SigPop) ThresholdKeygen(threshold, total uint) (*PublicKey, []*SecretKeyShare, error)

ThresholdKeyGen generates a public key and `total` secret key shares such that `threshold` of them can be combined in signatures

func (SigPop) ThresholdKeygenWithSeed 

func (b SigPop) ThresholdKeygenWithSeed(ikm []byte, threshold, total uint) (*PublicKey, []*SecretKeyShare, error)

ThresholdKeyGen generates a public key and `total` secret key shares such that `threshold` of them can be combined in signatures

func (SigPop) Verify 

func (b SigPop) Verify(pk *PublicKey, msg []byte, sig *Signature) (bool, error)

Checks that a signature is valid for the message under the public key pk See section 2.7 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

func (SigPop) VerifyMultiSignature 

func (b SigPop) VerifyMultiSignature(pk *MultiPublicKey, msg []byte, sig *MultiSignature) (bool, error)

Checks that a multisignature is valid for the message under the multi public key Similar to FastAggregateVerify except the keys and signatures have already been combined. See section 3.3.4 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

type SigPopVt 

type SigPopVt struct {
	// contains filtered or unexported fields
}

SigPopVt is minimal-signature-size scheme that supports FastAggregateVerification and requires using proofs of possession to mitigate rogue-key attacks see: https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03#section-4.2.3

func NewSigPopVt 

func NewSigPopVt() *SigPopVt

Creates a new BLS proof of possession signature scheme with the standard domain separation tag used for signatures.

func NewSigPopVtWithDst 

func NewSigPopVtWithDst(signDst, popDst string) (*SigPopVt, error)

Creates a new BLS message proof of possession signature scheme with a custom domain separation tag used for signatures.

func (SigPopVt) AggregatePublicKeys 

func (b SigPopVt) AggregatePublicKeys(pks ...*PublicKeyVt) (*MultiPublicKeyVt, error)

Combine many public keys together to form a Multipublickey. Multipublickeys are used to verify multisignatures.

func (SigPopVt) AggregateSignatures 

func (b SigPopVt) AggregateSignatures(sigs ...*SignatureVt) (*MultiSignatureVt, error)

Combine many signatures together to form a Multisignature. Multisignatures can be created when multiple signers jointly generate signatures over the same message.

func (SigPopVt) AggregateVerify 

func (b SigPopVt) AggregateVerify(pks []*PublicKeyVt, msgs [][]byte, sigs []*SignatureVt) (bool, error)

The aggregateVerify algorithm checks an aggregated signature over several (PK, message, signature) pairs. Each message must be different or this will return false. See section 3.1.1 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-02

func (SigPopVt) CombineSignatures 

func (b SigPopVt) CombineSignatures(sigs ...*PartialSignatureVt) (*SignatureVt, error)

CombineSignatures takes partial signatures to yield a completed signature

func (SigPopVt) FastAggregateVerify 

func (b SigPopVt) FastAggregateVerify(pks []*PublicKeyVt, msg []byte, asig *SignatureVt) (bool, error)

FastAggregateVerify verifies an aggregated signature over the same message under the given public keys. See section 3.3.4 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

func (SigPopVt) FastAggregateVerifyConstituent 

func (b SigPopVt) FastAggregateVerifyConstituent(pks []*PublicKeyVt, msg []byte, sigs []*SignatureVt) (bool, error)

FastAggregateVerifyConstituent verifies a list of signature over the same message under the given public keys. See section 3.3.4 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

func (SigPopVt) Keygen 

func (b SigPopVt) Keygen() (*PublicKeyVt, *SecretKey, error)

Creates a new BLS key pair

func (SigPopVt) KeygenWithSeed 

func (b SigPopVt) KeygenWithSeed(ikm []byte) (*PublicKeyVt, *SecretKey, error)

Creates a new BLS secret key Input key material (ikm) MUST be at least 32 bytes long, but it MAY be longer.

func (SigPopVt) PartialSign 

func (b SigPopVt) PartialSign(sks *SecretKeyShare, msg []byte) (*PartialSignatureVt, error)

Compute a partial signature in G2 that can be combined with other partial signature

func (SigPopVt) PopProve 

func (b SigPopVt) PopProve(sk *SecretKey) (*ProofOfPossessionVt, error)

Create a proof of possession for the corresponding public key. A proof of possession must be created for each public key to be used in FastAggregateVerify or a Multipublickey to avoid rogue key attacks. See section 3.3.2 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

func (SigPopVt) PopVerify 

func (b SigPopVt) PopVerify(pk *PublicKeyVt, pop1 *ProofOfPossessionVt) (bool, error)

verify a proof of possession for the corresponding public key is valid. A proof of possession must be created for each public key to be used in FastAggregateVerify or a Multipublickey to avoid rogue key attacks. See section 3.3.3 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

func (SigPopVt) Sign 

func (b SigPopVt) Sign(sk *SecretKey, msg []byte) (*SignatureVt, error)

Computes a signature in G1 from sk, a secret key, and a message See section 2.6 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

func (SigPopVt) ThresholdKeygen 

func (b SigPopVt) ThresholdKeygen(threshold, total uint) (*PublicKeyVt, []*SecretKeyShare, error)

ThresholdKeyGen generates a public key and `total` secret key shares such that `threshold` of them can be combined in signatures

func (SigPopVt) ThresholdKeygenWithSeed 

func (b SigPopVt) ThresholdKeygenWithSeed(ikm []byte, threshold, total uint) (*PublicKeyVt, []*SecretKeyShare, error)

ThresholdKeyGen generates a public key and `total` secret key shares such that `threshold` of them can be combined in signatures

func (SigPopVt) Verify 

func (b SigPopVt) Verify(pk *PublicKeyVt, msg []byte, sig *SignatureVt) (bool, error)

Checks that a signature is valid for the message under the public key pk See section 2.7 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-03

func (SigPopVt) VerifyMultiSignature 

func (b SigPopVt) VerifyMultiSignature(pk *MultiPublicKeyVt, msg []byte, sig *MultiSignatureVt) (bool, error)

Checks that a multisignature is valid for the message under the multi public key Similar to FastAggregateVerify except the keys and signatures have already been combined. See section 3.3.4 from https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-02

type Signature 

type Signature struct {
	Value bls12381.G2
}

Represents a BLS signature in G2

func (Signature) MarshalBinary 

func (sig Signature) MarshalBinary() ([]byte, error)

Serialize a signature to a byte array in compressed form. See https://github.com/zcash/librustzcash/blob/master/pairing/src/bls12_381/README.md#serialization https://docs.rs/bls12_381/0.1.1/bls12_381/notes/serialization/index.html

func (*Signature) UnmarshalBinary 

func (sig *Signature) UnmarshalBinary(data []byte) error

Deserialize a signature from a byte array in compressed form. See https://github.com/zcash/librustzcash/blob/master/pairing/src/bls12_381/README.md#serialization https://docs.rs/bls12_381/0.1.1/bls12_381/notes/serialization/index.html If successful, it will assign the Signature otherwise it will return an error

type SignatureVt 

type SignatureVt struct {
	// contains filtered or unexported fields
}

Represents a BLS signature in G1

func (*SignatureVt) MarshalBinary 

func (sig *SignatureVt) MarshalBinary() ([]byte, error)

Serialize a signature to a byte array in compressed form. See https://github.com/zcash/librustzcash/blob/master/pairing/src/bls12_381/README.md#serialization https://docs.rs/bls12_381/0.1.1/bls12_381/notes/serialization/index.html

func (*SignatureVt) UnmarshalBinary 

func (sig *SignatureVt) UnmarshalBinary(data []byte) error

Deserialize a signature from a byte array in compressed form. See https://github.com/zcash/librustzcash/blob/master/pairing/src/bls12_381/README.md#serialization https://docs.rs/bls12_381/0.1.1/bls12_381/notes/serialization/index.html If successful, it will assign the Signature otherwise it will return an error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.