зеркало из https://github.com/mozilla/libprio.git
109 строки
2.6 KiB
C
109 строки
2.6 KiB
C
/*
|
|
* Copyright (c) 2018, Henry Corrigan-Gibbs
|
|
*
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
*/
|
|
|
|
#include <mprio.h>
|
|
|
|
#include "rand.h"
|
|
#include "share.h"
|
|
#include "util.h"
|
|
|
|
SECStatus
|
|
share_int(const struct prio_config* cfg,
|
|
const mp_int* src,
|
|
mp_int* shareA,
|
|
mp_int* shareB)
|
|
{
|
|
SECStatus rv;
|
|
P_CHECK(rand_int(shareA, &cfg->modulus));
|
|
MP_CHECK(mp_submod(src, shareA, &cfg->modulus, shareB));
|
|
|
|
return rv;
|
|
}
|
|
|
|
BeaverTriple
|
|
BeaverTriple_new(void)
|
|
{
|
|
BeaverTriple triple = malloc(sizeof *triple);
|
|
if (!triple)
|
|
return NULL;
|
|
|
|
MP_DIGITS(&triple->a) = NULL;
|
|
MP_DIGITS(&triple->b) = NULL;
|
|
MP_DIGITS(&triple->c) = NULL;
|
|
|
|
SECStatus rv = SECSuccess;
|
|
MP_CHECKC(mp_init(&triple->a));
|
|
MP_CHECKC(mp_init(&triple->b));
|
|
MP_CHECKC(mp_init(&triple->c));
|
|
|
|
cleanup:
|
|
if (rv != SECSuccess) {
|
|
BeaverTriple_clear(triple);
|
|
return NULL;
|
|
}
|
|
return triple;
|
|
}
|
|
|
|
void
|
|
BeaverTriple_clear(BeaverTriple triple)
|
|
{
|
|
if (!triple)
|
|
return;
|
|
mp_clear(&triple->a);
|
|
mp_clear(&triple->b);
|
|
mp_clear(&triple->c);
|
|
free(triple);
|
|
}
|
|
|
|
SECStatus
|
|
BeaverTriple_set_rand(const struct prio_config* cfg,
|
|
struct beaver_triple* triple_1,
|
|
struct beaver_triple* triple_2)
|
|
{
|
|
SECStatus rv = SECSuccess;
|
|
|
|
// TODO: Can shorten this code using share_int()
|
|
|
|
// We need that
|
|
// (a1 + a2)(b1 + b2) = c1 + c2 (mod p)
|
|
P_CHECK(rand_int(&triple_1->a, &cfg->modulus));
|
|
P_CHECK(rand_int(&triple_1->b, &cfg->modulus));
|
|
P_CHECK(rand_int(&triple_2->a, &cfg->modulus));
|
|
P_CHECK(rand_int(&triple_2->b, &cfg->modulus));
|
|
|
|
// We are trying to be a little clever here to avoid the use of temp
|
|
// variables.
|
|
|
|
// c1 = a1 + a2
|
|
MP_CHECK(mp_addmod(&triple_1->a, &triple_2->a, &cfg->modulus, &triple_1->c));
|
|
|
|
// c2 = b1 + b2
|
|
MP_CHECK(mp_addmod(&triple_1->b, &triple_2->b, &cfg->modulus, &triple_2->c));
|
|
|
|
// c1 = c1 * c2 = (a1 + a2) (b1 + b2)
|
|
MP_CHECK(mp_mulmod(&triple_1->c, &triple_2->c, &cfg->modulus, &triple_1->c));
|
|
|
|
// Set c2 to random blinding value
|
|
MP_CHECK(rand_int(&triple_2->c, &cfg->modulus));
|
|
|
|
// c1 = c1 - c2
|
|
MP_CHECK(mp_submod(&triple_1->c, &triple_2->c, &cfg->modulus, &triple_1->c));
|
|
|
|
// Now we should have random tuples satisfying:
|
|
// (a1 + a2) (b1 + b2) = c1 + c2
|
|
|
|
return rv;
|
|
}
|
|
|
|
bool
|
|
BeaverTriple_areEqual(const_BeaverTriple t1, const_BeaverTriple t2)
|
|
{
|
|
return (mp_cmp(&t1->a, &t2->a) == 0 && mp_cmp(&t1->b, &t2->b) == 0 &&
|
|
mp_cmp(&t1->c, &t2->c) == 0);
|
|
}
|