go/sonr
go/sonr
1
1
Fork 0
mirror of https://github.com/onsonr/sonr.git synced 2025-03-10 21:09:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
sonr/crypto/core/curves/native/hash2field.go
Prad Nukala 807b2e86ec
feature/1220 origin handle exists method (#1241) 
* feat: add docs and CI workflow for publishing to onsonr.dev

* (refactor): Move hway,motr executables to their own repos

* feat: simplify devnet and testnet configurations

* refactor: update import path for didcrypto package

* docs(networks): Add README with project overview, architecture, and community links

* refactor: Move network configurations to deploy directory

* build: update golang version to 1.23

* refactor: move logger interface to appropriate package

* refactor: Move devnet configuration to networks/devnet

* chore: improve release process with date variable

* (chore): Move Crypto Library

* refactor: improve code structure and readability in DID module

* feat: integrate Trunk CI checks

* ci: optimize CI workflow by removing redundant build jobs

---------

Co-authored-by: Darp Alakun <i@prad.nu>
2025-01-06 17:06:10 +00:00

108 lines
2.9 KiB
Go
Executable File
Raw Blame History

package native
import (
"hash"
"golang.org/x/crypto/sha3"
)
// OversizeDstSalt is the salt used to hash a dst over MaxDstLen
var OversizeDstSalt = []byte("H2C-OVERSIZE-DST-")
// MaxDstLen the max size for dst in hash to curve
const MaxDstLen = 255
func getDomainXmd(h hash.Hash, domain []byte) []byte {
var out []byte
if len(domain) > MaxDstLen {
h.Reset()
_, _ = h.Write(OversizeDstSalt)
_, _ = h.Write(domain)
out = h.Sum(nil)
} else {
out = domain
}
return out
}
func getDomainXof(h sha3.ShakeHash, domain []byte) []byte {
var out []byte
if len(domain) > MaxDstLen {
h.Reset()
_, _ = h.Write(OversizeDstSalt)
_, _ = h.Write(domain)
var tv [64]byte
_, _ = h.Read(tv[:])
out = tv[:]
} else {
out = domain
}
return out
}
// ExpandMsgXmd expands the msg with the domain to output a byte array
// with outLen in size using a fixed size hash.
// See https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-13#section-5.4.1
func ExpandMsgXmd(h *EllipticPointHasher, msg, domain []byte, outLen int) []byte {
domain = getDomainXmd(h.xmd, domain)
domainLen := byte(len(domain))
h.xmd.Reset()
// DST_prime = DST || I2OSP(len(DST), 1)
// b_0 = H(Z_pad || msg || l_i_b_str || I2OSP(0, 1) || DST_prime)
_, _ = h.xmd.Write(make([]byte, h.xmd.BlockSize()))
_, _ = h.xmd.Write(msg)
_, _ = h.xmd.Write([]byte{uint8(outLen >> 8), uint8(outLen)})
_, _ = h.xmd.Write([]byte{0})
_, _ = h.xmd.Write(domain)
_, _ = h.xmd.Write([]byte{domainLen})
b0 := h.xmd.Sum(nil)
// b_1 = H(b_0 || I2OSP(1, 1) || DST_prime)
h.xmd.Reset()
_, _ = h.xmd.Write(b0)
_, _ = h.xmd.Write([]byte{1})
_, _ = h.xmd.Write(domain)
_, _ = h.xmd.Write([]byte{domainLen})
b1 := h.xmd.Sum(nil)
// b_i = H(strxor(b_0, b_(i - 1)) || I2OSP(i, 1) || DST_prime)
ell := (outLen + h.xmd.Size() - 1) / h.xmd.Size()
bi := b1
out := make([]byte, outLen)
for i := 1; i < ell; i++ {
h.xmd.Reset()
// b_i = H(strxor(b_0, b_(i - 1)) || I2OSP(i, 1) || DST_prime)
tmp := make([]byte, h.xmd.Size())
for j := 0; j < h.xmd.Size(); j++ {
tmp[j] = b0[j] ^ bi[j]
}
_, _ = h.xmd.Write(tmp)
_, _ = h.xmd.Write([]byte{1 + uint8(i)})
_, _ = h.xmd.Write(domain)
_, _ = h.xmd.Write([]byte{domainLen})
// b_1 || ... || b_(ell - 1)
copy(out[(i-1)*h.xmd.Size():i*h.xmd.Size()], bi[:])
bi = h.xmd.Sum(nil)
}
// b_ell
copy(out[(ell-1)*h.xmd.Size():], bi[:])
return out[:outLen]
}
// ExpandMsgXof expands the msg with the domain to output a byte array
// with outLen in size using a xof hash
// See https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-13#section-5.4.2
func ExpandMsgXof(h *EllipticPointHasher, msg, domain []byte, outLen int) []byte {
domain = getDomainXof(h.xof, domain)
domainLen := byte(len(domain))
h.xof.Reset()
_, _ = h.xof.Write(msg)
_, _ = h.xof.Write([]byte{uint8(outLen >> 8), uint8(outLen)})
_, _ = h.xof.Write(domain)
_, _ = h.xof.Write([]byte{domainLen})
out := make([]byte, outLen)
_, _ = h.xof.Read(out)
return out
}
Reference in New Issue View Git Blame Copy Permalink