-
Notifications
You must be signed in to change notification settings - Fork 15
/
public_key.go
51 lines (41 loc) · 1.34 KB
/
public_key.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
package eddsa
import (
"crypto/ed25519"
"encoding/json"
"github.com/taurusgroup/frost-ed25519/pkg/ristretto"
)
// PublicKey represents a FROST-Ed25519 verification key.
type PublicKey struct {
pk ristretto.Element
}
// NewPublicKeyFromPoint returns a PublicKey given an ristretto.Element.
func NewPublicKeyFromPoint(public *ristretto.Element) *PublicKey {
var pk PublicKey
pk.pk.Set(public)
return &pk
}
func (pk *PublicKey) Verify(message []byte, sig *Signature) bool {
challenge := ComputeChallenge(&sig.R, pk, message)
// Verify the full signature here too.
var publicNeg, RPrime ristretto.Element
publicNeg.Negate(&pk.pk)
// RPrime = [c](-A) + [s]B
RPrime.VarTimeDoubleScalarBaseMult(challenge, &publicNeg, &sig.S)
return RPrime.Equal(&sig.R) == 1
}
// Equal returns true if the public key is equal to pk0
func (pk *PublicKey) Equal(pkOther *PublicKey) bool {
return pk.pk.Equal(&pkOther.pk) == 1
}
// ToEd25519 converts the PublicKey to an ed25519 compatible format
func (pk *PublicKey) ToEd25519() ed25519.PublicKey {
return pk.pk.BytesEd25519()
}
// MarshalJSON implements the json.Marshaler interface.
func (pk PublicKey) MarshalJSON() ([]byte, error) {
return json.Marshal(&pk.pk)
}
// UnmarshalJSON implements the json.Unmarshaler interface.
func (pk *PublicKey) UnmarshalJSON(data []byte) error {
return json.Unmarshal(data, &pk.pk)
}