crypto/ecpointgrouplaw: support Ed25519

getamis · Aug 25, 2021 · 4831138 · 4831138
1 parent bb68f25
commit 4831138
Show file tree

Hide file tree

Showing 4 changed files with 29 additions and 9 deletions.
diff --git a/crypto/ecpointgrouplaw/ecpointgrouplaw_test.go b/crypto/ecpointgrouplaw/ecpointgrouplaw_test.go
@@ -19,6 +19,7 @@ import (
 	"testing"
 
 	"github.com/btcsuite/btcd/btcec"
+	"github.com/decred/dcrd/dcrec/edwards/v2"
 
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
@@ -30,7 +31,7 @@ func TestEllipticcurve(t *testing.T) {
 }
 
 var (
-	curveList = []elliptic.Curve{elliptic.P224(), elliptic.P256(), elliptic.P384(), btcec.S256()}
+	curveList = []elliptic.Curve{elliptic.P224(), elliptic.P256(), elliptic.P384(), btcec.S256(), edwards.Edwards()}
 )
 
 var _ = Describe("Elliptic curves", func() {

diff --git a/crypto/ecpointgrouplaw/point.go b/crypto/ecpointgrouplaw/point.go
@@ -22,6 +22,7 @@ import (
 	"reflect"
 
 	"github.com/btcsuite/btcd/btcec"
+	"github.com/decred/dcrd/dcrec/edwards"
 )
 
 var (
@@ -103,13 +104,10 @@ func (p *ECPoint) Add(p1 *ECPoint) (*ECPoint, error) {
 		return p.Copy(), nil
 	}
 
-	// The case : aG+(-a)G. Assume that the coordinate of aG = (x,y). Then (-a)G = (x,-y). Then aG + (-a)G = identity = (nil, nil).
-	if p1.x.Cmp(p.x) == 0 {
-		tempNegative := new(big.Int).Neg(p1.y)
-		tempNegative.Mod(tempNegative, p.curve.Params().P)
-		if tempNegative.Cmp(p.y) == 0 {
-			return NewIdentity(p.curve), nil
-		}
+	// The case : aG+(-a)G.
+	minusP1 := p1.Neg()
+	if minusP1.Equal(p) {
+		return NewIdentity(p.curve), nil
 	}
 	// The case : aG + aG = 2aG.
 	if p1.x.Cmp(p.x) == 0 && p1.y.Cmp(p.y) == 0 {
@@ -138,6 +136,17 @@ func (p *ECPoint) Neg() *ECPoint {
 	if p.IsIdentity() {
 		return NewIdentity(p.curve)
 	}
+
+	// TODO: Not compare cofactor terms
+	if isSameCurve(p.curve, edwards.Edwards()) {
+		negativeX := new(big.Int).Neg(p.x)
+		negativeX = negativeX.Mod(negativeX, p.curve.Params().P)
+		return &ECPoint{
+			curve: p.curve,
+			x:     negativeX,
+			y:     new(big.Int).Set(p.y),
+		}
+	}
 	negativeY := new(big.Int).Neg(p.y)
 	negativeY = negativeY.Mod(negativeY, p.curve.Params().P)
 	return &ECPoint{
@@ -233,7 +242,7 @@ func isIdentity(x *big.Int, y *big.Int) bool {
 }
 
 func isSameCurve(curve1 elliptic.Curve, curve2 elliptic.Curve) bool {
-	return reflect.DeepEqual(curve1, curve2)
+	return reflect.DeepEqual(curve1.Params(), curve2.Params())
 }
 
 func isOnCurve(curve elliptic.Curve, x, y *big.Int) bool {

diff --git a/go.mod b/go.mod
@@ -4,6 +4,8 @@ go 1.13
 
 require (
 	github.com/btcsuite/btcd v0.20.1-beta
+	github.com/decred/dcrd/dcrec/edwards v1.0.0
+	github.com/decred/dcrd/dcrec/edwards/v2 v2.0.1
 	github.com/getamis/sirius v1.1.7
 	github.com/go-stack/stack v1.8.0 // indirect
 	github.com/gogo/protobuf v1.3.1

diff --git a/go.sum b/go.sum
@@ -5,6 +5,8 @@ github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/Kubuxu/go-os-helper v0.0.1/go.mod h1:N8B+I7vPCT80IcP58r50u4+gEEcsZETFUpAzWW2ep1Y=
 github.com/aead/siphash v1.0.1/go.mod h1:Nywa3cDsYNNK3gaciGTWPwHt0wlpNV15vwmswBAUSII=
+github.com/agl/ed25519 v0.0.0-20170116200512-5312a6153412 h1:w1UutsfOrms1J05zt7ISrnJIXKzwaspym5BTKGx93EI=
+github.com/agl/ed25519 v0.0.0-20170116200512-5312a6153412/go.mod h1:WPjqKcmVOxf0XSf3YxCJs6N6AOSrOx3obionmG7T0y0=
 github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw=
 github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
 github.com/btcsuite/btcd v0.0.0-20190213025234-306aecffea32/go.mod h1:DrZx5ec/dmnfpw9KyYoQyYo7d0KEvTkk/5M/vbZjAr8=
@@ -33,6 +35,12 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davidlazar/go-crypto v0.0.0-20170701192655-dcfb0a7ac018 h1:6xT9KW8zLC5IlbaIF5Q7JNieBoACT7iW0YTxQHR0in0=
 github.com/davidlazar/go-crypto v0.0.0-20170701192655-dcfb0a7ac018/go.mod h1:rQYf4tfk5sSwFsnDg3qYaBxSjsD9S8+59vW0dKUgme4=
+github.com/decred/dcrd v1.3.0 h1:EEXm7BdiROfazDtuFsOu9mfotnyy00bgCuVwUqaszFo=
+github.com/decred/dcrd/dcrec v1.0.0 h1:W+z6Es+Rai3MXYVoPAxYr5U1DGis0Co33scJ6uH2J6o=
+github.com/decred/dcrd/dcrec/edwards v1.0.0 h1:UDcPNzclKiJlWqV3x1Fl8xMCJrolo4PB4X9t8LwKDWU=
+github.com/decred/dcrd/dcrec/edwards v1.0.0/go.mod h1:HblVh1OfMt7xSxUL1ufjToaEvpbjpWvvTAUx4yem8BI=
+github.com/decred/dcrd/dcrec/edwards/v2 v2.0.1 h1:V6eqU1crZzuoFT4KG2LhaU5xDSdkHuvLQsj25wd7Wb4=
+github.com/decred/dcrd/dcrec/edwards/v2 v2.0.1/go.mod h1:d0H8xGMWbiIQP7gN3v2rByWUcuZPm9YsgmnfoxgbINc=
 github.com/dgraph-io/badger v1.5.5-0.20190226225317-8115aed38f8f/go.mod h1:VZxzAIRPHRVNRKRo6AXrX9BJegn6il06VMTZVJYCIjQ=
 github.com/dgraph-io/badger v1.6.0-rc1/go.mod h1:zwt7syl517jmP8s94KqSxTlM6IMsdhYy6psNgSztDR4=
 github.com/dgraph-io/badger v1.6.0/go.mod h1:zwt7syl517jmP8s94KqSxTlM6IMsdhYy6psNgSztDR4=