public static ASNLSignatureType Generate(List <byte[]> x, List <Cryptography.ECC.ECPoint> P1, List <Cryptography.ECC.ECPoint> P2, List <int> indices) { List <byte[]> s1 = new List <byte[]>(); ASNLSignatureType asnlSig = new ASNLSignatureType(); asnlSig.InitSField(); for (int i = 0; i < AMOUNT_SIZE; i++) { SchnorrSignatureType schnorrSig = SchnorrNonLinkable.Generate(x[i], P1[i], P2[i], indices[i]); if (!SchnorrNonLinkable.Verify(P1[i], P2[i], schnorrSig)) { throw new Exception("Schnorr Sign Error!"); } asnlSig.L1.Add(schnorrSig.L1); s1.Add(schnorrSig.s1); asnlSig.s2.Add(schnorrSig.s2); asnlSig.s = ScalarFunctions.Add(asnlSig.s, s1[i]); } return(asnlSig.Exports()); }
public static bool Verify(List <ECPoint> P1, List <ECPoint> P2, ASNLSignatureType sig) { ECPoint LHS = sig.L1[0]; ECPoint RHS = ECCurve.Secp256r1.G * sig.s; for (int i = 0; i < AMOUNT_SIZE; i++) { byte[] c2 = Crypto.Default.Hash256(sig.L1[i].EncodePoint(true)); ECPoint L2 = ECCurve.Secp256r1.G * sig.s2[i] + P2[i] * c2; byte[] c1 = Crypto.Default.Hash256(L2.EncodePoint(true)); if (i > 0) { LHS = LHS + sig.L1[i]; } RHS = RHS + P1[i] * c1; } return(LHS.ToString() == RHS.ToString()); }
public void ASNL_Allow_Test() { List <byte[]> x = new List <byte[]>(); List <ECPoint> P1 = new List <ECPoint>(); List <ECPoint> P2 = new List <ECPoint>(); List <int> indices = new List <int>(); for (int i = 0; i < ASNLRingSignature.AMOUNT_SIZE; i++) { //byte[] x1 = SchnorrNonLinkable.GenerateRandomScalar(); byte[] x1 = new byte[32]; byte[] x2 = SchnorrNonLinkable.GenerateRandomScalar(); ECPoint p1 = ECCurve.Secp256r1.G * x1; ECPoint p2 = ECCurve.Secp256r1.G * x2; P1.Add(p1); P2.Add(p2); Random rnd = new Random(i); int iRand = rnd.Next(2); if (iRand == 0) { x.Add(x1); indices.Add(0); } else { x.Add(x2); indices.Add(1); } } ASNLSignatureType sig = ASNLRingSignature.Generate(x, P1, P2, indices); ASNLRingSignature.Verify(P1, P2, sig).Should().Be(true); }