Google Git
Sign in
apache / incubator-milagro / 21a9ce31501cc56b7c6d3b166bd02cf3a18ea776 / . / website / static / mpcdocs / mpc_8h.html
blob: 17edbaa0b9e1e8a553767175e9925a34483e5aee [file] [log] [blame]
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=9"/>
<meta name="generator" content="Doxygen 1.9.1"/>
<meta name="viewport" content="width=device-width, initial-scale=1"/>
<title>libmpc: mpc.h File Reference</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="jquery.js"></script>
<script type="text/javascript" src="dynsections.js"></script>
<link href="search/search.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="search/searchdata.js"></script>
<script type="text/javascript" src="search/search.js"></script>
<script type="text/x-mathjax-config">
MathJax.Hub.Config({
extensions: ["tex2jax.js"],
jax: ["input/TeX","output/HTML-CSS"],
});
</script>
<script type="text/javascript" async="async" src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.5/MathJax.js"></script>
<link href="doxygen.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
<div id="titlearea">
<table cellspacing="0" cellpadding="0">
<tbody>
<tr style="height: 56px;">
<td id="projectalign" style="padding-left: 0.5em;">
<div id="projectname">libmpc
</div>
</td>
</tr>
</tbody>
</table>
</div>
<!-- end header part -->
<!-- Generated by Doxygen 1.9.1 -->
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
var searchBox = new SearchBox("searchBox", "search",false,'Search','.html');
/* @license-end */
</script>
<script type="text/javascript" src="menudata.js"></script>
<script type="text/javascript" src="menu.js"></script>
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
$(function() {
initMenu('',true,false,'search.php','Search');
$(document).ready(function() { init_search(); });
});
/* @license-end */</script>
<div id="main-nav"></div>
<!-- window showing the filter options -->
<div id="MSearchSelectWindow"
onmouseover="return searchBox.OnSearchSelectShow()"
onmouseout="return searchBox.OnSearchSelectHide()"
onkeydown="return searchBox.OnSearchSelectKey(event)">
</div>
<!-- iframe showing the search results (closed by default) -->
<div id="MSearchResultsWindow">
<iframe src="javascript:void(0)" frameborder="0"
name="MSearchResults" id="MSearchResults">
</iframe>
</div>
<div id="nav-path" class="navpath">
<ul>
<li class="navelem"><a class="el" href="dir_d44c64559bbebec7f509842c48db8b23.html">include</a></li><li class="navelem"><a class="el" href="dir_a166689341c37329f24f96bdba87a08b.html">amcl</a></li> </ul>
</div>
</div><!-- top -->
<div class="header">
<div class="summary">
<a href="#define-members">Macros</a> &#124;
<a href="#func-members">Functions</a> </div>
<div class="headertitle">
<div class="title">mpc.h File Reference</div> </div>
</div><!--header-->
<div class="contents">
<p>MPC declarations.
<a href="#details">More...</a></p>
<div class="textblock"><code>#include &lt;amcl/amcl.h&gt;</code><br />
<code>#include &lt;amcl/paillier.h&gt;</code><br />
</div>
<p><a href="mpc_8h_source.html">Go to the source code of this file.</a></p>
<table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="define-members"></a>
Macros</h2></td></tr>
<tr class="memitem:a530efe0885cea4e5b99df50b80bae294"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="mpc_8h.html#a530efe0885cea4e5b99df50b80bae294">MPC_OK</a>&#160;&#160;&#160;0</td></tr>
<tr class="separator:a530efe0885cea4e5b99df50b80bae294"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a0a76c82492c2feb97c072c17dbf4151d"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="mpc_8h.html#a0a76c82492c2feb97c072c17dbf4151d">MPC_FAIL</a>&#160;&#160;&#160;71</td></tr>
<tr class="separator:a0a76c82492c2feb97c072c17dbf4151d"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:aab0897c8d775eb4331e21ad4003d08d2"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="mpc_8h.html#aab0897c8d775eb4331e21ad4003d08d2">MPC_INVALID_ECP</a>&#160;&#160;&#160;72</td></tr>
<tr class="separator:aab0897c8d775eb4331e21ad4003d08d2"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table><table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="func-members"></a>
Functions</h2></td></tr>
<tr class="memitem:ad26837e4fd74e8d6aabc6b3bfaf9a7be"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="mpc_8h.html#ad26837e4fd74e8d6aabc6b3bfaf9a7be">MPC_ECDSA_KEY_PAIR_GENERATE</a> (csprng *RNG, octet *S, octet *W)</td></tr>
<tr class="memdesc:ad26837e4fd74e8d6aabc6b3bfaf9a7be"><td class="mdescLeft">&#160;</td><td class="mdescRight">Generate an ECC public/private key pair. <a href="mpc_8h.html#ad26837e4fd74e8d6aabc6b3bfaf9a7be">More...</a><br /></td></tr>
<tr class="separator:ad26837e4fd74e8d6aabc6b3bfaf9a7be"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a5a6fb00e1b95a507e89865051e1fb54a"><td class="memItemLeft" align="right" valign="top">int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="mpc_8h.html#a5a6fb00e1b95a507e89865051e1fb54a">MPC_ECDSA_SIGN</a> (int sha, const octet *K, const octet *SK, octet *M, octet *R, octet *S)</td></tr>
<tr class="memdesc:a5a6fb00e1b95a507e89865051e1fb54a"><td class="mdescLeft">&#160;</td><td class="mdescRight">ECDSA Sign message. <a href="mpc_8h.html#a5a6fb00e1b95a507e89865051e1fb54a">More...</a><br /></td></tr>
<tr class="separator:a5a6fb00e1b95a507e89865051e1fb54a"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a4502a62e9dfbd1ebe51a9b287196766f"><td class="memItemLeft" align="right" valign="top">int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="mpc_8h.html#a4502a62e9dfbd1ebe51a9b287196766f">MPC_ECDSA_VERIFY</a> (const octet *HM, octet *PK, octet *R, octet *S)</td></tr>
<tr class="memdesc:a4502a62e9dfbd1ebe51a9b287196766f"><td class="mdescLeft">&#160;</td><td class="mdescRight">ECDSA Verify signature. <a href="mpc_8h.html#a4502a62e9dfbd1ebe51a9b287196766f">More...</a><br /></td></tr>
<tr class="separator:a4502a62e9dfbd1ebe51a9b287196766f"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a605a8cc66cd1e9a5513ef270934d10a2"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="mpc_8h.html#a605a8cc66cd1e9a5513ef270934d10a2">MPC_K_GENERATE</a> (csprng *RNG, octet *K)</td></tr>
<tr class="memdesc:a605a8cc66cd1e9a5513ef270934d10a2"><td class="mdescLeft">&#160;</td><td class="mdescRight">Generate a random K for and ECDSA signature. <a href="mpc_8h.html#a605a8cc66cd1e9a5513ef270934d10a2">More...</a><br /></td></tr>
<tr class="separator:a605a8cc66cd1e9a5513ef270934d10a2"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a7b14475ef026b509e974468fb473231c"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="mpc_8h.html#a7b14475ef026b509e974468fb473231c">MPC_INVKGAMMA</a> (const octet *KGAMMA1, const octet *KGAMMA2, octet *INVKGAMMA)</td></tr>
<tr class="memdesc:a7b14475ef026b509e974468fb473231c"><td class="mdescLeft">&#160;</td><td class="mdescRight">Calculate the inverse of the sum of kgamma values. <a href="mpc_8h.html#a7b14475ef026b509e974468fb473231c">More...</a><br /></td></tr>
<tr class="separator:a7b14475ef026b509e974468fb473231c"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a4b2ad033889c2765aba63f84c6465471"><td class="memItemLeft" align="right" valign="top">int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="mpc_8h.html#a4b2ad033889c2765aba63f84c6465471">MPC_R</a> (const octet *INVKGAMMA, octet *GAMMAPT1, octet *GAMMAPT2, octet *R, octet *RP)</td></tr>
<tr class="memdesc:a4b2ad033889c2765aba63f84c6465471"><td class="mdescLeft">&#160;</td><td class="mdescRight">R component. <a href="mpc_8h.html#a4b2ad033889c2765aba63f84c6465471">More...</a><br /></td></tr>
<tr class="separator:a4b2ad033889c2765aba63f84c6465471"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a0e70e4308d7a75c852bb2bfd6a57b5a9"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="mpc_8h.html#a0e70e4308d7a75c852bb2bfd6a57b5a9">MPC_HASH</a> (int sha, octet *M, octet *HM)</td></tr>
<tr class="memdesc:a0e70e4308d7a75c852bb2bfd6a57b5a9"><td class="mdescLeft">&#160;</td><td class="mdescRight">Hash the message value. <a href="mpc_8h.html#a0e70e4308d7a75c852bb2bfd6a57b5a9">More...</a><br /></td></tr>
<tr class="separator:a0e70e4308d7a75c852bb2bfd6a57b5a9"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:acfb7f28581a6a2100047aaba6d03f6dc"><td class="memItemLeft" align="right" valign="top">int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="mpc_8h.html#acfb7f28581a6a2100047aaba6d03f6dc">MPC_S</a> (const octet *HM, const octet *R, const octet *K, const octet *SIGMA, octet *S)</td></tr>
<tr class="memdesc:acfb7f28581a6a2100047aaba6d03f6dc"><td class="mdescLeft">&#160;</td><td class="mdescRight">S component. <a href="mpc_8h.html#acfb7f28581a6a2100047aaba6d03f6dc">More...</a><br /></td></tr>
<tr class="separator:acfb7f28581a6a2100047aaba6d03f6dc"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a1cca737dad0e9351f8c4d993b90e71f4"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="mpc_8h.html#a1cca737dad0e9351f8c4d993b90e71f4">MPC_SUM_S</a> (const octet *S1, const octet *S2, octet *S)</td></tr>
<tr class="memdesc:a1cca737dad0e9351f8c4d993b90e71f4"><td class="mdescLeft">&#160;</td><td class="mdescRight">Sum of ECDSA s components. <a href="mpc_8h.html#a1cca737dad0e9351f8c4d993b90e71f4">More...</a><br /></td></tr>
<tr class="separator:a1cca737dad0e9351f8c4d993b90e71f4"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a25cdf08efa8377c4521728600b3001b4"><td class="memItemLeft" align="right" valign="top">int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="mpc_8h.html#a25cdf08efa8377c4521728600b3001b4">MPC_SUM_PK</a> (octet *PK1, octet *PK2, octet *PK)</td></tr>
<tr class="memdesc:a25cdf08efa8377c4521728600b3001b4"><td class="mdescLeft">&#160;</td><td class="mdescRight">Sum of ECDSA public key shares. <a href="mpc_8h.html#a25cdf08efa8377c4521728600b3001b4">More...</a><br /></td></tr>
<tr class="separator:a25cdf08efa8377c4521728600b3001b4"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a007621069a3d86c06c3cdc113d0177ac"><td class="memItemLeft" align="right" valign="top">int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="mpc_8h.html#a007621069a3d86c06c3cdc113d0177ac">MPC_PHASE5_commit</a> (csprng *RNG, octet *R, const octet *S, octet *PHI, octet *RHO, octet *V, octet *A)</td></tr>
<tr class="memdesc:a007621069a3d86c06c3cdc113d0177ac"><td class="mdescLeft">&#160;</td><td class="mdescRight">Generate Commitment for the MPC Phase 5. <a href="mpc_8h.html#a007621069a3d86c06c3cdc113d0177ac">More...</a><br /></td></tr>
<tr class="separator:a007621069a3d86c06c3cdc113d0177ac"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a3f1907b745524b7f991a821e0bf831d1"><td class="memItemLeft" align="right" valign="top">int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="mpc_8h.html#a3f1907b745524b7f991a821e0bf831d1">MPC_PHASE5_prove</a> (const octet *PHI, const octet *RHO, octet *V[2], octet *A[2], octet *PK, const octet *HM, const octet *RX, octet *U, octet *T)</td></tr>
<tr class="memdesc:a3f1907b745524b7f991a821e0bf831d1"><td class="mdescLeft">&#160;</td><td class="mdescRight">Generate Proof for the MPC Phase 5. <a href="mpc_8h.html#a3f1907b745524b7f991a821e0bf831d1">More...</a><br /></td></tr>
<tr class="separator:a3f1907b745524b7f991a821e0bf831d1"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:aba1ebc625244ce42e60a17f5edd2f71f"><td class="memItemLeft" align="right" valign="top">int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="mpc_8h.html#aba1ebc625244ce42e60a17f5edd2f71f">MPC_PHASE5_verify</a> (octet *U[2], octet *T[2])</td></tr>
<tr class="memdesc:aba1ebc625244ce42e60a17f5edd2f71f"><td class="mdescLeft">&#160;</td><td class="mdescRight">Verify Proof for the MPC Phase 5. <a href="mpc_8h.html#aba1ebc625244ce42e60a17f5edd2f71f">More...</a><br /></td></tr>
<tr class="separator:aba1ebc625244ce42e60a17f5edd2f71f"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:af1096af9d7fa21d31bfcc538201ef976"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="mpc_8h.html#af1096af9d7fa21d31bfcc538201ef976">MPC_DUMP_PAILLIER_SK</a> (PAILLIER_private_key *PRIV, octet *P, octet *Q)</td></tr>
<tr class="memdesc:af1096af9d7fa21d31bfcc538201ef976"><td class="mdescLeft">&#160;</td><td class="mdescRight">Write Paillier keys to octets. <a href="mpc_8h.html#af1096af9d7fa21d31bfcc538201ef976">More...</a><br /></td></tr>
<tr class="separator:af1096af9d7fa21d31bfcc538201ef976"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table>
<h2 class="groupheader">Macro Definition Documentation</h2>
<a id="a0a76c82492c2feb97c072c17dbf4151d"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a0a76c82492c2feb97c072c17dbf4151d">&#9670;&nbsp;</a></span>MPC_FAIL</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">#define MPC_FAIL&#160;&#160;&#160;71</td>
</tr>
</table>
</div><div class="memdoc">
<p>Failure </p>
</div>
</div>
<a id="aab0897c8d775eb4331e21ad4003d08d2"></a>
<h2 class="memtitle"><span class="permalink"><a href="#aab0897c8d775eb4331e21ad4003d08d2">&#9670;&nbsp;</a></span>MPC_INVALID_ECP</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">#define MPC_INVALID_ECP&#160;&#160;&#160;72</td>
</tr>
</table>
</div><div class="memdoc">
<p>Input is not a valid point on the curve </p>
</div>
</div>
<a id="a530efe0885cea4e5b99df50b80bae294"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a530efe0885cea4e5b99df50b80bae294">&#9670;&nbsp;</a></span>MPC_OK</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">#define MPC_OK&#160;&#160;&#160;0</td>
</tr>
</table>
</div><div class="memdoc">
<p>Execution Successful </p>
</div>
</div>
<h2 class="groupheader">Function Documentation</h2>
<a id="af1096af9d7fa21d31bfcc538201ef976"></a>
<h2 class="memtitle"><span class="permalink"><a href="#af1096af9d7fa21d31bfcc538201ef976">&#9670;&nbsp;</a></span>MPC_DUMP_PAILLIER_SK()</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">void MPC_DUMP_PAILLIER_SK </td>
<td>(</td>
<td class="paramtype">PAILLIER_private_key *&#160;</td>
<td class="paramname"><em>PRIV</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>P</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>Q</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">PRIV</td><td>Paillier secret key </td></tr>
<tr><td class="paramname">P</td><td>Secret prime number </td></tr>
<tr><td class="paramname">Q</td><td>Secret prime number </td></tr>
</table>
</dd>
</dl>
</div>
</div>
<a id="ad26837e4fd74e8d6aabc6b3bfaf9a7be"></a>
<h2 class="memtitle"><span class="permalink"><a href="#ad26837e4fd74e8d6aabc6b3bfaf9a7be">&#9670;&nbsp;</a></span>MPC_ECDSA_KEY_PAIR_GENERATE()</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">void MPC_ECDSA_KEY_PAIR_GENERATE </td>
<td>(</td>
<td class="paramtype">csprng *&#160;</td>
<td class="paramname"><em>RNG</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>S</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>W</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Generat an ECC public/private key pair W = s.G, where G is a fixed public generator</p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">RNG</td><td>is a pointer to a cryptographically secure random number generator </td></tr>
<tr><td class="paramname">S</td><td>the private key, an output internally randomly generated if R!=NULL, otherwise must be provided as an input </td></tr>
<tr><td class="paramname">W</td><td>the output public key, which is s.G, where G is a fixed generator </td></tr>
</table>
</dd>
</dl>
</div>
</div>
<a id="a5a6fb00e1b95a507e89865051e1fb54a"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a5a6fb00e1b95a507e89865051e1fb54a">&#9670;&nbsp;</a></span>MPC_ECDSA_SIGN()</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int MPC_ECDSA_SIGN </td>
<td>(</td>
<td class="paramtype">int&#160;</td>
<td class="paramname"><em>sha</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const octet *&#160;</td>
<td class="paramname"><em>K</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const octet *&#160;</td>
<td class="paramname"><em>SK</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>M</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>R</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>S</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Generate the ECDSA signature on message, M, with outputs (R,S)</p>
<ol>
<li>
Choose a random non-zero value \( k \in F_q \) where \(q\) is the curve order </li>
<li>
\( r_x, r_y = k^{-1}G \) where G is the group generator </li>
<li>
\( r = rx \text{ }\mathrm{mod}\text{ }q \) </li>
<li>
\( z = hash(message) \) </li>
<li>
\( s = k.(z + r.sk) \text{ }\mathrm{mod}\text{ }q \) where \( sk \) is the ECDSA secret key </li>
</ol>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">sha</td><td>is the hash type </td></tr>
<tr><td class="paramname">K</td><td>Ephemeral key. </td></tr>
<tr><td class="paramname">SK</td><td>the input private signing key </td></tr>
<tr><td class="paramname">M</td><td>the input message to be signed </td></tr>
<tr><td class="paramname">R</td><td>component of the signature </td></tr>
<tr><td class="paramname">S</td><td>component of the signature </td></tr>
</table>
</dd>
</dl>
</div>
</div>
<a id="a4502a62e9dfbd1ebe51a9b287196766f"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a4502a62e9dfbd1ebe51a9b287196766f">&#9670;&nbsp;</a></span>MPC_ECDSA_VERIFY()</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int MPC_ECDSA_VERIFY </td>
<td>(</td>
<td class="paramtype">const octet *&#160;</td>
<td class="paramname"><em>HM</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>PK</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>R</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>S</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Verify the ECDSA signature (R,S) on a message</p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">HM</td><td>Hash of the message </td></tr>
<tr><td class="paramname">PK</td><td>ECDSA public key </td></tr>
<tr><td class="paramname">R</td><td>R component of signature </td></tr>
<tr><td class="paramname">S</td><td>S component of signature </td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>Returns 0 or else error code </dd></dl>
</div>
</div>
<a id="a0e70e4308d7a75c852bb2bfd6a57b5a9"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a0e70e4308d7a75c852bb2bfd6a57b5a9">&#9670;&nbsp;</a></span>MPC_HASH()</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">void MPC_HASH </td>
<td>(</td>
<td class="paramtype">int&#160;</td>
<td class="paramname"><em>sha</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>M</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>HM</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Hash the message value</p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">sha</td><td>Hash type </td></tr>
<tr><td class="paramname">M</td><td>Message to be hashed </td></tr>
<tr><td class="paramname">HM</td><td>Hash value </td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>Returns 0 or else error code </dd></dl>
</div>
</div>
<a id="a7b14475ef026b509e974468fb473231c"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a7b14475ef026b509e974468fb473231c">&#9670;&nbsp;</a></span>MPC_INVKGAMMA()</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">void MPC_INVKGAMMA </td>
<td>(</td>
<td class="paramtype">const octet *&#160;</td>
<td class="paramname"><em>KGAMMA1</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const octet *&#160;</td>
<td class="paramname"><em>KGAMMA2</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>INVKGAMMA</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Calculate the inverse of the sum of kgamma values</p>
<ol>
<li>
\( invkgamma = (kgamma1 + kgamma2)^{-1} \text{ }\mathrm{mod}\text{ }q \) </li>
</ol>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">KGAMMA1</td><td>Actor 1 additive share </td></tr>
<tr><td class="paramname">KGAMMA2</td><td>Actor 2 additive share </td></tr>
<tr><td class="paramname">INVKGAMMA</td><td>Inverse of the sum of the additive shares </td></tr>
</table>
</dd>
</dl>
</div>
</div>
<a id="a605a8cc66cd1e9a5513ef270934d10a2"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a605a8cc66cd1e9a5513ef270934d10a2">&#9670;&nbsp;</a></span>MPC_K_GENERATE()</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">void MPC_K_GENERATE </td>
<td>(</td>
<td class="paramtype">csprng *&#160;</td>
<td class="paramname"><em>RNG</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>K</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Generate a random K modulo the curve order</p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">RNG</td><td>Pointer to a cryptographically secure PRNG </td></tr>
<tr><td class="paramname">K</td><td>Destination octet for the randomly generated value </td></tr>
</table>
</dd>
</dl>
</div>
</div>
<a id="a007621069a3d86c06c3cdc113d0177ac"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a007621069a3d86c06c3cdc113d0177ac">&#9670;&nbsp;</a></span>MPC_PHASE5_commit()</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int MPC_PHASE5_commit </td>
<td>(</td>
<td class="paramtype">csprng *&#160;</td>
<td class="paramname"><em>RNG</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>R</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const octet *&#160;</td>
<td class="paramname"><em>S</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>PHI</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>RHO</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>V</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>A</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Calculate player Commitment (A, V) for MPC Phase 5</p>
<ol>
<li>
\( \phi \in_R [0, \ldots, q] \) </li>
<li>
\( \rho \in_R [0, \ldots, q] \) </li>
<li>
\( V = \phi.G + s.R \) </li>
<li>
\( A = \rho.G \) </li>
</ol>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">RNG</td><td>csprng for random values generation </td></tr>
<tr><td class="paramname">R</td><td>Reconciled R for the signature </td></tr>
<tr><td class="paramname">S</td><td>Player signature share </td></tr>
<tr><td class="paramname">PHI</td><td>Random value for the commitment. If RNG is null this is read </td></tr>
<tr><td class="paramname">RHO</td><td>Random value for the commitment. If RNG is null this is read </td></tr>
<tr><td class="paramname">V</td><td>First component of the player commitment. An ECP in compressed form </td></tr>
<tr><td class="paramname">A</td><td>Second component of the player commitment. An ECP in compressed form </td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>Returns MPC_OK or an error code </dd></dl>
</div>
</div>
<a id="a3f1907b745524b7f991a821e0bf831d1"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a3f1907b745524b7f991a821e0bf831d1">&#9670;&nbsp;</a></span>MPC_PHASE5_prove()</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int MPC_PHASE5_prove </td>
<td>(</td>
<td class="paramtype">const octet *&#160;</td>
<td class="paramname"><em>PHI</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const octet *&#160;</td>
<td class="paramname"><em>RHO</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>V</em>[2], </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>A</em>[2], </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>PK</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const octet *&#160;</td>
<td class="paramname"><em>HM</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const octet *&#160;</td>
<td class="paramname"><em>RX</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>U</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>T</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Calculate player Proof (U, T) for MPC Phase 5</p>
<ol>
<li>
\( m = H(M) \) </li>
<li>
\( A = A1 + A2 \) </li>
<li>
\( V = V1 + V2 \) </li>
<li>
\( U = \rho.(V - m.G - r.PK) \) </li>
<li>
\( T = \phi.A \) </li>
</ol>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">PHI</td><td>Random value used in the commitment </td></tr>
<tr><td class="paramname">RHO</td><td>Random value used in the commitment </td></tr>
<tr><td class="paramname">V</td><td>Array with the commitments V from both players. ECPs in compressed form </td></tr>
<tr><td class="paramname">A</td><td>Array with the commitments A from both players. ECPs in compressed form </td></tr>
<tr><td class="paramname">PK</td><td>Shared public key for MPC </td></tr>
<tr><td class="paramname">HM</td><td>Hash of the message being signed </td></tr>
<tr><td class="paramname">RX</td><td>x component of the reconciled R for the signature </td></tr>
<tr><td class="paramname">U</td><td>First component of the player proof. An ECP in compressed form </td></tr>
<tr><td class="paramname">T</td><td>Second component of the player proof. An ECP in compressed form </td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>Returns MPC_OK or an error code </dd></dl>
</div>
</div>
<a id="aba1ebc625244ce42e60a17f5edd2f71f"></a>
<h2 class="memtitle"><span class="permalink"><a href="#aba1ebc625244ce42e60a17f5edd2f71f">&#9670;&nbsp;</a></span>MPC_PHASE5_verify()</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int MPC_PHASE5_verify </td>
<td>(</td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>U</em>[2], </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>T</em>[2]&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Combine player Proofs and verify the consistency of the signature shares This does NOT prove that the signature is valid. It only verifies that all players know the secret quantities used to generate their shares.</p>
<ol>
<li>
\( U = U1 + U2 \) </li>
<li>
\( T = T1 + T2 \) </li>
<li>
\( U \stackrel{?}{=} T \) </li>
</ol>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">U</td><td>Array with the proofs U from both players. ECPs in compressed form </td></tr>
<tr><td class="paramname">T</td><td>Array with the proofs T from both players. ECPs in compressed form </td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>Returns MPC_OK or an error code </dd></dl>
</div>
</div>
<a id="a4b2ad033889c2765aba63f84c6465471"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a4b2ad033889c2765aba63f84c6465471">&#9670;&nbsp;</a></span>MPC_R()</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int MPC_R </td>
<td>(</td>
<td class="paramtype">const octet *&#160;</td>
<td class="paramname"><em>INVKGAMMA</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>GAMMAPT1</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>GAMMAPT2</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>R</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>RP</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Generate the ECDSA signature R component. It also outputs the ECP associate to the R component if specified</p>
<ol>
<li>
\( r_x, r_y = k^{-1}G \) where G is the group generator </li>
<li>
\( r = rx \text{ }\mathrm{mod}\text{ }q \) </li>
</ol>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">INVKGAMMA</td><td>Inverse of k times gamma </td></tr>
<tr><td class="paramname">GAMMAPT1</td><td>Actor 1 gamma point </td></tr>
<tr><td class="paramname">GAMMAPT2</td><td>Actor 2 gamma point </td></tr>
<tr><td class="paramname">R</td><td>R component of the signature </td></tr>
<tr><td class="paramname">RP</td><td>ECP associated to the R component of the signature. Optional </td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>Returns 0 or else error code </dd></dl>
</div>
</div>
<a id="acfb7f28581a6a2100047aaba6d03f6dc"></a>
<h2 class="memtitle"><span class="permalink"><a href="#acfb7f28581a6a2100047aaba6d03f6dc">&#9670;&nbsp;</a></span>MPC_S()</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int MPC_S </td>
<td>(</td>
<td class="paramtype">const octet *&#160;</td>
<td class="paramname"><em>HM</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const octet *&#160;</td>
<td class="paramname"><em>R</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const octet *&#160;</td>
<td class="paramname"><em>K</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const octet *&#160;</td>
<td class="paramname"><em>SIGMA</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>S</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Generate the ECDSA signature S component</p>
<ol>
<li>
\( s = k * (h(m) + sk * r) \text{ }\mathrm{mod}\text{ }q \) where h() means hash </li>
<li>
\( s = (k * h(m)) + (k * sk * r) \text{ }\mathrm{mod}\text{ }q \) </li>
<li>
\( s = (k * h(m)) + sigma * r) \text{ }\mathrm{mod}\text{ }q \) </li>
</ol>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">HM</td><td>Hash of the message to be signed </td></tr>
<tr><td class="paramname">R</td><td>R component input </td></tr>
<tr><td class="paramname">K</td><td>Nonce value </td></tr>
<tr><td class="paramname">SIGMA</td><td>Additive share of k.w </td></tr>
<tr><td class="paramname">S</td><td>S component output </td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>Returns 0 or else error code </dd></dl>
</div>
</div>
<a id="a25cdf08efa8377c4521728600b3001b4"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a25cdf08efa8377c4521728600b3001b4">&#9670;&nbsp;</a></span>MPC_SUM_PK()</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int MPC_SUM_PK </td>
<td>(</td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>PK1</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>PK2</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>PK</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Calculate the sum of the ECDSA public key shares</p>
<ol>
<li>
\( pk = pk1 + pk2 \text{ }\mathrm{mod}\text{ }q \) </li>
</ol>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">PK1</td><td>Actor 1 ECDSA public key share </td></tr>
<tr><td class="paramname">PK2</td><td>Actor 2 ECDSA public key share </td></tr>
<tr><td class="paramname">PK</td><td>ECDSA public key </td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>Returns 0 or else error code </dd></dl>
</div>
</div>
<a id="a1cca737dad0e9351f8c4d993b90e71f4"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a1cca737dad0e9351f8c4d993b90e71f4">&#9670;&nbsp;</a></span>MPC_SUM_S()</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">void MPC_SUM_S </td>
<td>(</td>
<td class="paramtype">const octet *&#160;</td>
<td class="paramname"><em>S1</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const octet *&#160;</td>
<td class="paramname"><em>S2</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">octet *&#160;</td>
<td class="paramname"><em>S</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Calculate the sum of the s components of the ECDSA signature</p>
<ol>
<li>
\( s = s1 + s2 \text{ }\mathrm{mod}\text{ }q \) </li>
</ol>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">S1</td><td>Actor 1 ECDSA s component </td></tr>
<tr><td class="paramname">S2</td><td>Actor 2 ECDSA s component </td></tr>
<tr><td class="paramname">S</td><td>S component sum </td></tr>
</table>
</dd>
</dl>
</div>
</div>
</div><!-- contents -->
<!-- start footer part -->
<hr class="footer"/><address class="footer"><small>
Generated by&#160;<a href="https://www.doxygen.org/index.html"><img class="footer" src="doxygen.svg" width="104" height="31" alt="doxygen"/></a> 1.9.1
</small></address>
</body>
</html>