aboutsummaryrefslogtreecommitdiff
path: root/src/ringct
diff options
context:
space:
mode:
Diffstat (limited to 'src/ringct')
-rw-r--r--src/ringct/rctSigs.cpp33
-rw-r--r--src/ringct/rctSigs.h4
2 files changed, 16 insertions, 21 deletions
diff --git a/src/ringct/rctSigs.cpp b/src/ringct/rctSigs.cpp
index 2e56dad58..2a7b36b66 100644
--- a/src/ringct/rctSigs.cpp
+++ b/src/ringct/rctSigs.cpp
@@ -173,7 +173,7 @@ namespace rct {
// P[l] == p*G
// C[l] == z*G
// C[i] == C_nonzero[i] - C_offset (for hashing purposes) for all i
- clsag CLSAG_Gen(const key &message, const keyV & P, const key & p, const keyV & C, const key & z, const keyV & C_nonzero, const key & C_offset, const unsigned int l, const multisig_kLRki *kLRki, key *mscout, key *mspout) {
+ clsag CLSAG_Gen(const key &message, const keyV & P, const key & p, const keyV & C, const key & z, const keyV & C_nonzero, const key & C_offset, const unsigned int l, const multisig_kLRki *kLRki, key *mscout, key *mspout, hw::device &hwdev) {
clsag sig;
size_t n = P.size(); // ring size
CHECK_AND_ASSERT_THROW_MES(n == C.size(), "Signing and commitment key vector sizes must match!");
@@ -189,16 +189,21 @@ namespace rct {
ge_p3_tobytes(H.bytes,&H_p3);
key D;
- scalarmultKey(D,H,z);
+
+ // Initial values
+ key a;
+ key aG;
+ key aH;
// Multisig
if (kLRki)
{
sig.I = kLRki->ki;
+ scalarmultKey(D,H,z);
}
else
{
- scalarmultKey(sig.I,H,p);
+ hwdev.clsag_prepare(p,z,sig.I,D,H,a,aG,aH);
}
geDsmp I_precomp;
@@ -209,13 +214,6 @@ namespace rct {
// Offset key image
scalarmultKey(sig.D,D,INV_EIGHT);
- // Initial values
- key a;
- key aG;
- key aH;
- skpkGen(a,aG);
- scalarmultKey(aH,H,a);
-
// Aggregation hashes
keyV mu_P_to_hash(2*n+4); // domain, I, D, P, C, C_offset
keyV mu_C_to_hash(2*n+4); // domain, I, D, P, C, C_offset
@@ -266,7 +264,7 @@ namespace rct {
c_to_hash[2*n+3] = aG;
c_to_hash[2*n+4] = aH;
}
- c = hash_to_scalar(c_to_hash);
+ hwdev.clsag_hash(c_to_hash,c);
size_t i;
i = (l + 1) % n;
@@ -305,7 +303,7 @@ namespace rct {
c_to_hash[2*n+3] = L;
c_to_hash[2*n+4] = R;
- c_new = hash_to_scalar(c_to_hash);
+ hwdev.clsag_hash(c_to_hash,c_new);
copy(c,c_new);
i = (i + 1) % n;
@@ -314,11 +312,8 @@ namespace rct {
}
// Compute final scalar
- key s0_p_mu_P;
- sc_mul(s0_p_mu_P.bytes,mu_P.bytes,p.bytes);
- key s0_add_z_mu_C;
- sc_muladd(s0_add_z_mu_C.bytes,mu_C.bytes,z.bytes,s0_p_mu_P.bytes);
- sc_mulsub(sig.s[l].bytes,c.bytes,s0_add_z_mu_C.bytes,a.bytes);
+ hwdev.clsag_sign(c,a,p,z,mu_P,mu_C,sig.s[l]);
+ memwipe(&a, sizeof(key));
if (mscout)
*mscout = c;
@@ -329,7 +324,7 @@ namespace rct {
}
clsag CLSAG_Gen(const key &message, const keyV & P, const key & p, const keyV & C, const key & z, const keyV & C_nonzero, const key & C_offset, const unsigned int l) {
- return CLSAG_Gen(message, P, p, C, z, C_nonzero, C_offset, l, NULL, NULL, NULL);
+ return CLSAG_Gen(message, P, p, C, z, C_nonzero, C_offset, l, NULL, NULL, NULL, hw::get_device("default"));
}
// MLSAG signatures
@@ -748,7 +743,7 @@ namespace rct {
sk[0] = copy(inSk.dest);
sc_sub(sk[1].bytes, inSk.mask.bytes, a.bytes);
- clsag result = CLSAG_Gen(message, P, sk[0], C, sk[1], C_nonzero, Cout, index, kLRki, mscout, mspout);
+ clsag result = CLSAG_Gen(message, P, sk[0], C, sk[1], C_nonzero, Cout, index, kLRki, mscout, mspout, hwdev);
memwipe(sk.data(), sk.size() * sizeof(key));
return result;
}
diff --git a/src/ringct/rctSigs.h b/src/ringct/rctSigs.h
index 199ad9aef..a0346b34e 100644
--- a/src/ringct/rctSigs.h
+++ b/src/ringct/rctSigs.h
@@ -77,8 +77,8 @@ namespace rct {
mgSig MLSAG_Gen(const key &message, const keyM & pk, const keyV & xx, const multisig_kLRki *kLRki, key *mscout, const unsigned int index, size_t dsRows, hw::device &hwdev);
bool MLSAG_Ver(const key &message, const keyM &pk, const mgSig &sig, size_t dsRows);
- clsag CLSAG_Gen(const key &message, const keyV & P, const key & p, const keyV & C, const keyV & C_nonzero, const key & C_offset, const key & z, const unsigned int l, const multisig_kLRki *kLRki, key *mscout, key *mspout);
- clsag CLSAG_Gen(const key &message, const keyV & P, const key & p, const keyV & C, const keyV & C_nonzero, const key & C_offset, const key & z, const unsigned int l);
+ clsag CLSAG_Gen(const key &message, const keyV & P, const key & p, const keyV & C, const key & z, const keyV & C_nonzero, const key & C_offset, const unsigned int l, const multisig_kLRki *kLRki, key *mscout, key *mspout, hw::device &hwdev);
+ clsag CLSAG_Gen(const key &message, const keyV & P, const key & p, const keyV & C, const key & z, const keyV & C_nonzero, const key & C_offset, const unsigned int l);
clsag proveRctCLSAGSimple(const key &, const ctkeyV &, const ctkey &, const key &, const key &, const multisig_kLRki *, key *, key *, unsigned int, hw::device &);
bool verRctCLSAGSimple(const key &, const clsag &, const ctkeyV &, const key &);