forked from QED-it/go-jubjub
-
Notifications
You must be signed in to change notification settings - Fork 2
/
grouphash.go
87 lines (70 loc) · 1.65 KB
/
grouphash.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
package grouphash
import (
"fmt"
"math/big"
"github.com/jadeydi/jubjub/pkg/blake2s"
"github.com/jadeydi/jubjub/pkg/jubjub"
)
var (
ErrInvalidPoint = fmt.Errorf("invalid point")
)
var (
urs = []byte("096b36a5804bfacef1691e173c366a47ff5ba84a44f26ddd7e8d9f79d5b42df0")
)
type GroupHasher struct {
curve *jubjub.Jubjub
domain []byte
}
func NewGroupHasher(domain []byte) (*GroupHasher, error) {
j := jubjub.NewJubjub()
return &GroupHasher{
curve: j,
domain: domain,
}, nil
}
func reverse(numbers []byte) {
for i, j := 0, len(numbers)-1; i < j; i, j = i+1, j-1 {
numbers[i], numbers[j] = numbers[j], numbers[i]
}
}
func (hasher *GroupHasher) FindGroupHash(msg []byte) (*jubjub.JubjubPoint, error) {
for i := uint8(0); i <= 255; i++ {
msgWithIndex := append(msg, i)
p, err := hasher.Hash(msgWithIndex)
if err == ErrInvalidPoint {
continue
}
return p, nil
}
return nil, fmt.Errorf("could not find a valid point")
}
func (hasher *GroupHasher) Hash(msg []byte) (*jubjub.JubjubPoint, error) {
blake, err := blake2s.New256WithPersonalization(nil, hasher.domain)
if err != nil {
return nil, err
}
_, err = blake.Write(urs)
if err != nil {
return nil, err
}
_, err = blake.Write(msg)
if err != nil {
return nil, err
}
blakeHashBytes := blake.Sum(nil)
reverse(blakeHashBytes)
y := big.NewInt(0)
y.SetBytes(blakeHashBytes)
highestBit := y.Bit(255)
//fmt.Printf("highest bit: %d\n", highestBit)
y.SetBit(y, 255, 0)
p, err := hasher.curve.GetForY(y, highestBit == 1)
if err != nil {
return nil, ErrInvalidPoint
}
p2, err := hasher.curve.MulByCofactor(p)
if err != nil {
return nil, ErrInvalidPoint
}
return p2, nil
}