sonr/crypto/core/mod.go

//
// Copyright Coinbase, Inc. All Rights Reserved.
//
// SPDX-License-Identifier: Apache-2.0
//
// Package core contains convenience functions for modular arithmetic.

// Package core contains a set of primitives, including but not limited to various
// elliptic curves, hashes, and commitment schemes. These primitives are used internally
// and can also be used independently on their own externally.
package core

import (
	crand "crypto/rand"
	"crypto/subtle"
	"fmt"
	"math/big"

	"github.com/onsonr/sonr/crypto/internal"
)

var (
	// Zero is additive identity in the set of integers
	Zero = big.NewInt(0)

	// One is the multiplicative identity in the set of integers
	One = big.NewInt(1)

	// Two is the odd prime
	Two = big.NewInt(2)
)

// ConstantTimeEqByte determines if a, b have identical byte serialization
// and signs. It uses the crypto/subtle package to get a constant time comparison
// over byte representations. Return value is a byte which may be
// useful in bitwise operations. Returns 0x1 if the two values have the
// identical sign and byte representation; 0x0 otherwise.
func ConstantTimeEqByte(a, b *big.Int) byte {
	if a == nil && a == b {
		return 1
	}
	if a == nil || b == nil {
		return 0
	}
	// Determine if the byte representations are the same
	var sameBytes byte
	if subtle.ConstantTimeCompare(a.Bytes(), b.Bytes()) == 1 {
		sameBytes = 1
	} else {
		sameBytes = 0
	}

	// Determine if the signs are the same
	var sameSign byte
	if a.Sign() == b.Sign() {
		sameSign = 1
	} else {
		sameSign = 0
	}

	// Report the conjunction
	return sameBytes & sameSign
}

// ConstantTimeEq determines if a, b have identical byte serialization
// and uses the crypto/subtle package to get a constant time comparison
// over byte representations.
func ConstantTimeEq(a, b *big.Int) bool {
	return ConstantTimeEqByte(a, b) == 1
}

// In determines ring membership before modular reduction: x ∈ Z_m
// returns nil if 0 ≤ x < m
func In(x, m *big.Int) error {
	if AnyNil(x, m) {
		return internal.ErrNilArguments
	}
	// subtle doesn't support constant time big.Int compare
	// just use big.Cmp for now
	// x ∈ Z_m ⇔ 0 ≤ x < m
	if x.Cmp(Zero) != -1 && x.Cmp(m) == -1 {
		return nil
	}
	return internal.ErrZmMembership
}

// Add (modular addition): z = x+y (modulo m)
func Add(x, y, m *big.Int) (*big.Int, error) {
	if AnyNil(x, y) {
		return nil, internal.ErrNilArguments
	}
	z := new(big.Int).Add(x, y)
	// Compute the residue if one is specified, otherwise
	// we leave the value as an unbound integer
	if m != nil {
		z.Mod(z, m)
	}
	return z, nil
}

// Mul (modular multiplication): z = x*y (modulo m)
func Mul(x, y, m *big.Int) (*big.Int, error) {
	if AnyNil(x, y) {
		return nil, internal.ErrNilArguments
	}
	z := new(big.Int).Mul(x, y)

	// Compute the residue if one is specified, otherwise
	// we leave the value as an unbound integer
	if m != nil {
		z.Mod(z, m)
	}
	return z, nil
}

// Exp (modular exponentiation): z = x^y (modulo m)
func Exp(x, y, m *big.Int) (*big.Int, error) {
	if AnyNil(x, y) {
		return nil, internal.ErrNilArguments
	}
	// This wrapper looks silly, but it makes the calling code read more consistently.
	return new(big.Int).Exp(x, y, m), nil
}

// Neg (modular negation): z = -x (modulo m)
func Neg(x, m *big.Int) (*big.Int, error) {
	if AnyNil(x, m) {
		return nil, internal.ErrNilArguments
	}
	z := new(big.Int).Neg(x)
	z.Mod(z, m)
	return z, nil
}

// Inv (modular inverse): returns y such that xy = 1 (modulo m).
func Inv(x, m *big.Int) (*big.Int, error) {
	if AnyNil(x, m) {
		return nil, internal.ErrNilArguments
	}
	z := new(big.Int).ModInverse(x, m)
	if z == nil {
		return nil, fmt.Errorf("cannot compute the multiplicative inverse")
	}
	return z, nil
}

// Rand generates a cryptographically secure random integer in the range: 1 < r < m.
func Rand(m *big.Int) (*big.Int, error) {
	if m == nil {
		return nil, internal.ErrNilArguments
	}

	// Select a random element, but not zero or one
	// The reason is the random element may be used as a Scalar or an exponent.
	// An exponent of 1 is generally acceptable because the generator can't be
	// 1. If a Scalar is combined with another Scalar like in fiat-shamir, it
	// offers no hiding properties when multiplied.
	for {
		result, err := crand.Int(crand.Reader, m)
		if err != nil {
			return nil, err
		}

		if result.Cmp(One) == 1 { // result > 1
			return result, nil
		}
	}
}

// AnyNil determines if any of values are nil
func AnyNil(values ...*big.Int) bool {
	for _, x := range values {
		if x == nil {
			return true
		}
	}
	return false
}
feature/1114 implement account interface (#1167) - refactor: move session-related code to middleware package - refactor: update PKL build process and adjust related configurations - feat: integrate base.cosmos.v1 Genesis module - refactor: pass session context to modal rendering functions - refactor: move nebula package to app directory and update templ version - refactor: Move home section video view to dedicated directory - refactor: remove unused views file - refactor: move styles and UI components to global scope - refactor: Rename images.go to cdn.go - feat: Add Empty State Illustrations - refactor: Consolidate Vault Index Logic - fix: References to App.wasm and remove Vault Directory embedded CDN files - refactor: Move CDN types to Models - fix: Correct line numbers in templ error messages for arch_templ.go - refactor: use common types for peer roles - refactor: move common types and ORM to a shared package - fix: Config import dwn - refactor: move nebula directory to app - feat: Rebuild nebula - fix: correct file paths in panels templates - feat: Remove duplicate types - refactor: Move dwn to pkg/core - refactor: Binary Structure - feat: Introduce Crypto Pkg - fix: Broken Process Start - *feat: Update pkg/ structure - feat: Refactor PKL Structure - build: update pkl build process - chore: Remove Empty Files - refactor: remove unused macaroon package - feat: Add WebAwesome Components - refactor: consolidate build and generation tasks into a single taskfile, remove redundant makefile targets - refactor: refactor server and move components to pkg/core/dwn - build: update go modules - refactor: move gateway logic into dedicated hway command - feat: Add KSS (Krawczyk-Song-Song) MPC cryptography module - feat: Implement MPC-based JWT signing and UCAN token generation - feat: add support for MPC-based JWT signing - feat: Implement MPC-based UCAN capabilities for smart accounts - feat: add address field to keyshareSource - feat: Add comprehensive MPC test suite for keyshares, UCAN tokens, and token attenuations - refactor: improve MPC keyshare management and signing process - feat: enhance MPC capability hierarchy documentation - refactor: rename GenerateKeyshares function to NewKeyshareSource for clarity - refactor: remove unused Ethereum address computation - feat: Add HasHandle and IsAuthenticated methods to HTTPContext - refactor: Add context.Context support to session HTTPContext - refactor: Resolve context interface conflicts in HTTPContext - feat: Add session ID context key and helper functions - feat: Update WebApp Page Rendering - refactor: Simplify context management by using single HTTPContext key - refactor: Simplify HTTPContext creation and context management in session middleware - refactor: refactor session middleware to use a single data structure - refactor: Simplify HTTPContext implementation and session data handling - refactor: Improve session context handling and prevent nil pointer errors - refactor: Improve session context handling with nil safety and type support - refactor: improve session data injection - feat: add full-screen modal component and update registration flow - chore: add .air.toml to .gitignore - feat: add Air to devbox and update dependencies** 2024-11-23 01:28:58 -05:00			`//`
			`// Copyright Coinbase, Inc. All Rights Reserved.`
			`//`
			`// SPDX-License-Identifier: Apache-2.0`
			`//`
			`// Package core contains convenience functions for modular arithmetic.`

			`// Package core contains a set of primitives, including but not limited to various`
			`// elliptic curves, hashes, and commitment schemes. These primitives are used internally`
			`// and can also be used independently on their own externally.`
			`package core`

			`import (`
			`crand "crypto/rand"`
			`"crypto/subtle"`
			`"fmt"`
			`"math/big"`

feature/1121 implement ucan validation (#1176) - refactor: remove unused auth components - refactor: improve devbox configuration and deployment process - refactor: improve devnet and testnet setup - fix: update templ version to v0.2.778 - refactor: rename pkl/net.matrix to pkl/matrix.net - refactor: migrate webapp components to nebula - refactor: protobuf types - chore: update dependencies for improved security and stability - feat: implement landing page and vault gateway servers - refactor: Migrate data models to new module structure and update related files - feature/1121-implement-ucan-validation - refactor: Replace hardcoded constants with model types in attns.go - feature/1121-implement-ucan-validation - chore: add origin Host struct and update main function to handle multiple hosts - build: remove unused static files from dwn module - build: remove unused static files from dwn module - refactor: Move DWN models to common package - refactor: move models to pkg/common - refactor: move vault web app assets to embed module - refactor: update session middleware import path - chore: configure port labels and auto-forwarding behavior - feat: enhance devcontainer configuration - feat: Add UCAN middleware for Echo with flexible token validation - feat: add JWT middleware for UCAN authentication - refactor: update package URI and versioning in PklProject files - fix: correct sonr.pkl import path - refactor: move JWT related code to auth package - feat: introduce vault configuration retrieval and management - refactor: Move vault components to gateway module and update file paths - refactor: remove Dexie and SQLite database implementations - feat: enhance frontend with PWA features and WASM integration - feat: add Devbox features and streamline Dockerfile - chore: update dependencies to include TigerBeetle - chore(deps): update go version to 1.23 - feat: enhance devnet setup with PATH environment variable and updated PWA manifest - fix: upgrade tigerbeetle-go dependency and remove indirect dependency - feat: add PostgreSQL support to devnet and testnet deployments - refactor: rename keyshare cookie to token cookie - feat: upgrade Go version to 1.23.3 and update dependencies - refactor: update devnet and testnet configurations - feat: add IPFS configuration for devnet - I'll help you update the ipfs.config.pkl to include all the peers from the shell script. Here's the updated configuration: - refactor: move mpc package to crypto directory - feat: add BIP32 support for various cryptocurrencies - feat: enhance ATN.pkl with additional capabilities - refactor: simplify smart account and vault attenuation creation - feat: add new capabilities to the Attenuation type - refactor: Rename MPC files for clarity and consistency - feat: add DIDKey support for cryptographic operations - feat: add devnet and testnet deployment configurations - fix: correct key derivation in bip32 package - refactor: rename crypto/bip32 package to crypto/accaddr - fix: remove duplicate indirect dependency - refactor: move vault package to root directory - refactor: update routes for gateway and vault - refactor: remove obsolete web configuration file - refactor: remove unused TigerBeetle imports and update host configuration - refactor: adjust styles directory path - feat: add broadcastTx and simulateTx functions to gateway - feat: add PinVault handler 2024-12-02 14:27:18 -05:00			`"github.com/onsonr/sonr/crypto/internal"`
feature/1114 implement account interface (#1167) - refactor: move session-related code to middleware package - refactor: update PKL build process and adjust related configurations - feat: integrate base.cosmos.v1 Genesis module - refactor: pass session context to modal rendering functions - refactor: move nebula package to app directory and update templ version - refactor: Move home section video view to dedicated directory - refactor: remove unused views file - refactor: move styles and UI components to global scope - refactor: Rename images.go to cdn.go - feat: Add Empty State Illustrations - refactor: Consolidate Vault Index Logic - fix: References to App.wasm and remove Vault Directory embedded CDN files - refactor: Move CDN types to Models - fix: Correct line numbers in templ error messages for arch_templ.go - refactor: use common types for peer roles - refactor: move common types and ORM to a shared package - fix: Config import dwn - refactor: move nebula directory to app - feat: Rebuild nebula - fix: correct file paths in panels templates - feat: Remove duplicate types - refactor: Move dwn to pkg/core - refactor: Binary Structure - feat: Introduce Crypto Pkg - fix: Broken Process Start - *feat: Update pkg/ structure - feat: Refactor PKL Structure - build: update pkl build process - chore: Remove Empty Files - refactor: remove unused macaroon package - feat: Add WebAwesome Components - refactor: consolidate build and generation tasks into a single taskfile, remove redundant makefile targets - refactor: refactor server and move components to pkg/core/dwn - build: update go modules - refactor: move gateway logic into dedicated hway command - feat: Add KSS (Krawczyk-Song-Song) MPC cryptography module - feat: Implement MPC-based JWT signing and UCAN token generation - feat: add support for MPC-based JWT signing - feat: Implement MPC-based UCAN capabilities for smart accounts - feat: add address field to keyshareSource - feat: Add comprehensive MPC test suite for keyshares, UCAN tokens, and token attenuations - refactor: improve MPC keyshare management and signing process - feat: enhance MPC capability hierarchy documentation - refactor: rename GenerateKeyshares function to NewKeyshareSource for clarity - refactor: remove unused Ethereum address computation - feat: Add HasHandle and IsAuthenticated methods to HTTPContext - refactor: Add context.Context support to session HTTPContext - refactor: Resolve context interface conflicts in HTTPContext - feat: Add session ID context key and helper functions - feat: Update WebApp Page Rendering - refactor: Simplify context management by using single HTTPContext key - refactor: Simplify HTTPContext creation and context management in session middleware - refactor: refactor session middleware to use a single data structure - refactor: Simplify HTTPContext implementation and session data handling - refactor: Improve session context handling and prevent nil pointer errors - refactor: Improve session context handling with nil safety and type support - refactor: improve session data injection - feat: add full-screen modal component and update registration flow - chore: add .air.toml to .gitignore - feat: add Air to devbox and update dependencies** 2024-11-23 01:28:58 -05:00			`)`

			`var (`
			`// Zero is additive identity in the set of integers`
			`Zero = big.NewInt(0)`

			`// One is the multiplicative identity in the set of integers`
			`One = big.NewInt(1)`

			`// Two is the odd prime`
			`Two = big.NewInt(2)`
			`)`

			`// ConstantTimeEqByte determines if a, b have identical byte serialization`
			`// and signs. It uses the crypto/subtle package to get a constant time comparison`
			`// over byte representations. Return value is a byte which may be`
			`// useful in bitwise operations. Returns 0x1 if the two values have the`
			`// identical sign and byte representation; 0x0 otherwise.`
			`func ConstantTimeEqByte(a, b *big.Int) byte {`
			`if a == nil && a == b {`
			`return 1`
			`}`
			`if a == nil \|\| b == nil {`
			`return 0`
			`}`
			`// Determine if the byte representations are the same`
			`var sameBytes byte`
			`if subtle.ConstantTimeCompare(a.Bytes(), b.Bytes()) == 1 {`
			`sameBytes = 1`
			`} else {`
			`sameBytes = 0`
			`}`

			`// Determine if the signs are the same`
			`var sameSign byte`
			`if a.Sign() == b.Sign() {`
			`sameSign = 1`
			`} else {`
			`sameSign = 0`
			`}`

			`// Report the conjunction`
			`return sameBytes & sameSign`
			`}`

			`// ConstantTimeEq determines if a, b have identical byte serialization`
			`// and uses the crypto/subtle package to get a constant time comparison`
			`// over byte representations.`
			`func ConstantTimeEq(a, b *big.Int) bool {`
			`return ConstantTimeEqByte(a, b) == 1`
			`}`

			`// In determines ring membership before modular reduction: x ∈ Z_m`
			`// returns nil if 0 ≤ x < m`
			`func In(x, m *big.Int) error {`
			`if AnyNil(x, m) {`
			`return internal.ErrNilArguments`
			`}`
			`// subtle doesn't support constant time big.Int compare`
			`// just use big.Cmp for now`
			`// x ∈ Z_m ⇔ 0 ≤ x < m`
			`if x.Cmp(Zero) != -1 && x.Cmp(m) == -1 {`
			`return nil`
			`}`
			`return internal.ErrZmMembership`
			`}`

			`// Add (modular addition): z = x+y (modulo m)`
			`func Add(x, y, m big.Int) (big.Int, error) {`
			`if AnyNil(x, y) {`
			`return nil, internal.ErrNilArguments`
			`}`
			`z := new(big.Int).Add(x, y)`
			`// Compute the residue if one is specified, otherwise`
			`// we leave the value as an unbound integer`
			`if m != nil {`
			`z.Mod(z, m)`
			`}`
			`return z, nil`
			`}`

			`// Mul (modular multiplication): z = x*y (modulo m)`
			`func Mul(x, y, m big.Int) (big.Int, error) {`
			`if AnyNil(x, y) {`
			`return nil, internal.ErrNilArguments`
			`}`
			`z := new(big.Int).Mul(x, y)`

			`// Compute the residue if one is specified, otherwise`
			`// we leave the value as an unbound integer`
			`if m != nil {`
			`z.Mod(z, m)`
			`}`
			`return z, nil`
			`}`

			`// Exp (modular exponentiation): z = x^y (modulo m)`
			`func Exp(x, y, m big.Int) (big.Int, error) {`
			`if AnyNil(x, y) {`
			`return nil, internal.ErrNilArguments`
			`}`
			`// This wrapper looks silly, but it makes the calling code read more consistently.`
			`return new(big.Int).Exp(x, y, m), nil`
			`}`

			`// Neg (modular negation): z = -x (modulo m)`
			`func Neg(x, m big.Int) (big.Int, error) {`
			`if AnyNil(x, m) {`
			`return nil, internal.ErrNilArguments`
			`}`
			`z := new(big.Int).Neg(x)`
			`z.Mod(z, m)`
			`return z, nil`
			`}`

			`// Inv (modular inverse): returns y such that xy = 1 (modulo m).`
			`func Inv(x, m big.Int) (big.Int, error) {`
			`if AnyNil(x, m) {`
			`return nil, internal.ErrNilArguments`
			`}`
			`z := new(big.Int).ModInverse(x, m)`
			`if z == nil {`
			`return nil, fmt.Errorf("cannot compute the multiplicative inverse")`
			`}`
			`return z, nil`
			`}`

			`// Rand generates a cryptographically secure random integer in the range: 1 < r < m.`
			`func Rand(m big.Int) (big.Int, error) {`
			`if m == nil {`
			`return nil, internal.ErrNilArguments`
			`}`

			`// Select a random element, but not zero or one`
			`// The reason is the random element may be used as a Scalar or an exponent.`
			`// An exponent of 1 is generally acceptable because the generator can't be`
			`// 1. If a Scalar is combined with another Scalar like in fiat-shamir, it`
			`// offers no hiding properties when multiplied.`
			`for {`
			`result, err := crand.Int(crand.Reader, m)`
			`if err != nil {`
			`return nil, err`
			`}`

			`if result.Cmp(One) == 1 { // result > 1`
			`return result, nil`
			`}`
			`}`
			`}`

			`// AnyNil determines if any of values are nil`
			`func AnyNil(values ...*big.Int) bool {`
			`for _, x := range values {`
			`if x == nil {`
			`return true`
			`}`
			`}`
			`return false`
			`}`