From 613784cfdf130bebeb92d889f98b00aba8528bca Mon Sep 17 00:00:00 2001 From: Luca Spinazzola Date: Thu, 10 Nov 2022 18:35:15 -0500 Subject: [PATCH] use secp256k1 moved to kryptools and import as dependency --- gradle/libs.versions.toml | 1 + secretk/build.gradle.kts | 1 + .../crypto/ExtendedSecp256k1Signature.kt | 3 - .../io/eqoty/secretk/crypto/Secp256k1.kt | 100 --- .../kotlin/io/eqoty/secretk/crypto/Slip10.kt | 173 ---- .../io/eqoty/secretk/crypto/Slip10RawIndex.kt | 30 - .../io/eqoty/secretk/crypto/deriveHKDFKey.kt | 63 -- .../secretk/crypto/elliptic/BasePoint.kt | 552 ------------ .../io/eqoty/secretk/crypto/elliptic/Curve.kt | 375 -------- .../secretk/crypto/elliptic/biginteger/BN.kt | 659 -------------- .../crypto/elliptic/curves/PresetCurve.kt | 28 - .../crypto/elliptic/curves/Scep256k1Preset.kt | 839 ------------------ .../io/eqoty/secretk/crypto/elliptic/ec/EC.kt | 102 --- .../secretk/crypto/elliptic/ec/KeyPair.kt | 88 -- .../crypto/elliptic/ec/KeyPairOptions.kt | 8 - .../secretk/crypto/elliptic/json/Doubles.kt | 7 - .../eqoty/secretk/crypto/elliptic/json/Naf.kt | 7 - .../elliptic/json/PrecomputedScep256k1.kt | 7 - .../secretk/crypto/elliptic/utils/Utils.kt | 88 -- .../io/eqoty/secretk/utils/EnigmaUtils.kt | 2 +- .../io/eqoty/secretk/wallet/BaseWallet.kt | 8 +- 21 files changed, 7 insertions(+), 3134 deletions(-) delete mode 100644 secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/ExtendedSecp256k1Signature.kt delete mode 100644 secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/Secp256k1.kt delete mode 100644 secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/Slip10.kt delete mode 100644 secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/Slip10RawIndex.kt delete mode 100644 secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/deriveHKDFKey.kt delete mode 100644 secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/BasePoint.kt delete mode 100644 secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/Curve.kt delete mode 100644 secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/biginteger/BN.kt delete mode 100644 secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/curves/PresetCurve.kt delete mode 100644 secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/curves/Scep256k1Preset.kt delete mode 100644 secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/ec/EC.kt delete mode 100644 secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/ec/KeyPair.kt delete mode 100644 secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/ec/KeyPairOptions.kt delete mode 100644 secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/json/Doubles.kt delete mode 100644 secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/json/Naf.kt delete mode 100644 secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/json/PrecomputedScep256k1.kt delete mode 100644 secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/utils/Utils.kt diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 7fcb3ca..5704bf1 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -132,3 +132,4 @@ org-cryptomator-sivMode = { module = "org.cryptomator:siv-mode", version.ref = " io-eqoty-kryptools-aessiv = { module = "io.eqoty.kryptools:aes-siv", version.ref = "kryptools" } io-eqoty-kryptools-bech32 = { module = "io.eqoty.kryptools:bech32", version.ref = "kryptools" } io-eqoty-kryptools-axlsign = { module = "io.eqoty.kryptools:axlsign", version.ref = "kryptools" } +io-eqoty-kryptools-secp256k1 = { module = "io.eqoty.kryptools:secp256k1", version.ref = "kryptools" } diff --git a/secretk/build.gradle.kts b/secretk/build.gradle.kts index 67d58f2..5018e58 100644 --- a/secretk/build.gradle.kts +++ b/secretk/build.gradle.kts @@ -92,6 +92,7 @@ kotlin { implementation(libs.io.eqoty.kryptools.aessiv) implementation(libs.io.eqoty.kryptools.bech32) implementation(libs.io.eqoty.kryptools.axlsign) + implementation(libs.io.eqoty.kryptools.secp256k1) } } val commonTest by getting { diff --git a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/ExtendedSecp256k1Signature.kt b/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/ExtendedSecp256k1Signature.kt deleted file mode 100644 index ddc94de..0000000 --- a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/ExtendedSecp256k1Signature.kt +++ /dev/null @@ -1,3 +0,0 @@ -package io.eqoty.secretk.crypto - -data class ExtendedSecp256k1Signature(val r: UByteArray, val s: UByteArray, val recoveryParam: Int) \ No newline at end of file diff --git a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/Secp256k1.kt b/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/Secp256k1.kt deleted file mode 100644 index ede70dd..0000000 --- a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/Secp256k1.kt +++ /dev/null @@ -1,100 +0,0 @@ -package io.eqoty.secretk.crypto - -import io.eqoty.secretk.crypto.elliptic.biginteger.BN -import io.eqoty.secretk.crypto.elliptic.ec.EC -import io.eqoty.secretk.crypto.elliptic.ec.KeyPairSignOptions - -object Secp256k1 { - - val secp256k1 = EC.scep256k1 - - private val secp256k1N = BN("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141") - - /** - * Takes a 32 byte private key and returns a privkey/pubkey pair. - * - * The resulting pubkey is uncompressed. For the use in Cosmos it should - * be compressed first using `Secp256k1.compressPubkey`. - */ - fun makeKeypair(privkey: UByteArray): Secp256k1Keypair { - if (privkey.size != 32) { - // is this check missing in secp256k1.validatePrivateKey? - // https://github.com/bitjson/bitcoin-ts/issues/4 - throw Error("input data is not a valid secp256k1 private key") - } - - val keypair = secp256k1.keyFromPrivate(privkey) - if (!keypair.validate().result) { - throw Error("input data is not a valid secp256k1 private key") - } - - // range test that is not part of the elliptic implementation - val privkeyAsBigInteger = BN(privkey) - if (privkeyAsBigInteger >= secp256k1N) { - // not strictly smaller than N - throw Error("input data is not a valid secp256k1 private key") - } - - val out = Secp256k1Keypair( - privkey = keypair.getPrivate()!!, - // encodes uncompressed as - // - 1-byte prefix "04" - // - 32-byte x coordinate - // - 32-byte y coordinate - pubkey = keypair.getPublicEncoded() - ) - return out - } - - /** - * Takes a compressed or uncompressed pubkey and return a compressed one. - * - * This function is idempotent. - */ - fun compressPubkey(pubkey: UByteArray): UByteArray { - when (pubkey.size) { - 33 -> - return pubkey - - 65 -> - return secp256k1.keyFromPublic(pubkey).getPublicEncoded(true) - - else -> - throw Error("Invalid pubkey length") - } - } - - fun createSignature(messageHash: UByteArray, privkey: UByteArray): ExtendedSecp256k1Signature { - if (messageHash.isEmpty()) { - throw Error("Message hash must not be empty") - } - if (messageHash.size > 32) { - throw Error("Message hash length must not exceed 32 bytes") - } - - val keypair = secp256k1.keyFromPrivate(privkey) - // the `canonical` option ensures creation of lowS signature representations -// var messageHash = intArrayOf(123, 34, 97, 99, 99, 111, 117, 110, 116, 95, 110, 117, 109, 98, 101, 114, 34, 58, 34, 49, 49, 34, 44, 34, 99, 104, 97, 105, 110, 95, 105, 100, 34, 58, 34, 115, 101, 99, 114, 101, 116, 100, 101, 118, 45, 49, 34, 44, 34, 102, 101, 101, 34, 58, 123, 34, 97, 109, 111, 117, 110, 116, 34, 58, 91, 123, 34, 100, 101, 110, 111, 109, 34, 58, 34, 117, 115, 99, 114, 116, 34, 44, 34, 97, 109, 111, 117, 110, 116, 34, 58, 34, 53, 48, 95, 48, 48, 48, 34, 125, 93, 44, 34, 103, 97, 115, 34, 58, 34, 50, 48, 48, 95, 48, 48, 48, 34, 125, 44, 34, 109, 101, 109, 111, 34, 58, 34, 34, 44, 34, 109, 115, 103, 115, 34, 58, 91, 123, 34, 116, 121, 112, 101, 34, 58, 34, 119, 97, 115, 109, 47, 77, 115, 103, 69, 120, 101, 99, 117, 116, 101, 67, 111, 110, 116, 114, 97, 99, 116, 34, 44, 34, 118, 97, 108, 117, 101, 34, 58, 123, 34, 115, 101, 110, 100, 101, 114, 34, 58, 34, 115, 101, 99, 114, 101, 116, 49, 102, 100, 107, 100, 109, 102, 108, 110, 114, 121, 115, 114, 118, 103, 51, 110, 99, 52, 121, 109, 55, 122, 100, 115, 110, 50, 114, 109, 53, 97, 116, 115, 122, 110, 57, 113, 50, 121, 34, 44, 34, 99, 111, 110, 116, 114, 97, 99, 116, 34, 58, 34, 115, 101, 99, 114, 101, 116, 49, 56, 118, 100, 56, 102, 112, 119, 120, 122, 99, 107, 57, 51, 113, 108, 119, 103, 104, 97, 106, 54, 97, 114, 104, 52, 112, 55, 99, 53, 110, 56, 57, 55, 56, 118, 115, 121, 103, 34, 44, 34, 109, 115, 103, 34, 58, 34, 82, 75, 51, 100, 72, 103, 70, 73, 115, 74, 70, 68, 57, 105, 55, 119, 120, 113, 49, 97, 73, 102, 115, 104, 85, 104, 102, 98, 66, 66, 79, 55, 48, 48, 56, 82, 102, 104, 73, 50, 110, 55, 118, 114, 99, 98, 71, 122, 49, 56, 51, 83, 47, 88, 67, 73, 108, 112, 98, 119, 87, 85, 98, 48, 88, 103, 120, 110, 114, 118, 56, 99, 104, 101, 55, 57, 101, 75, 87, 80, 47, 54, 69, 47, 70, 105, 55, 73, 122, 79, 98, 80, 48, 82, 103, 114, 121, 70, 115, 101, 71, 71, 56, 104, 116, 43, 69, 97, 80, 80, 51, 76, 108, 120, 69, 108, 108, 87, 121, 79, 113, 52, 86, 108, 50, 98, 65, 122, 65, 78, 112, 104, 118, 97, 99, 102, 52, 97, 97, 98, 107, 105, 109, 66, 86, 105, 66, 87, 110, 54, 116, 76, 122, 79, 73, 49, 79, 112, 120, 68, 107, 50, 77, 112, 100, 106, 101, 84, 85, 57, 75, 77, 47, 56, 57, 110, 68, 56, 120, 122, 121, 115, 66, 74, 54, 84, 76, 68, 99, 109, 105, 102, 75, 115, 97, 71, 112, 87, 52, 112, 77, 106, 47, 67, 51, 70, 72, 90, 112, 113, 114, 122, 66, 66, 65, 78, 88, 51, 48, 76, 116, 47, 49, 88, 47, 81, 97, 85, 98, 43, 69, 82, 107, 109, 72, 88, 54, 73, 112, 112, 77, 48, 116, 78, 98, 107, 71, 87, 98, 110, 66, 76, 79, 103, 87, 120, 52, 80, 53, 69, 102, 87, 115, 83, 69, 80, 120, 122, 101, 113, 51, 103, 121, 55, 53, 109, 75, 122, 98, 74, 34, 44, 34, 115, 101, 110, 116, 95, 102, 117, 110, 100, 115, 34, 58, 91, 93, 125, 125, 93, 44, 34, 115, 101, 113, 117, 101, 110, 99, 101, 34, 58, 34, 49, 49, 34, 125); -// var messageHash2 = messageHash.map { it.toUByte() }.toUByteArray() - val keyPairSignResult = keypair.sign(messageHash, null, KeyPairSignOptions(canonical = true, k = null)) - val recoveryParam = keyPairSignResult.recoveryParam ?: throw Error("Recovery param missing") - val r = keyPairSignResult.r - val s = keyPairSignResult.s - return ExtendedSecp256k1Signature(r.number.toUByteArray(), s.number.toUByteArray(), recoveryParam) - } -} - - -data class Secp256k1Keypair( - /** A 32 byte private key */ - val pubkey: UByteArray, - /** - * A raw secp256k1 public key. - * - * The type itself does not give you any guarantee if this is - * compressed or uncompressed. If you are unsure where the data - * is coming from, use `Secp256k1.compressPubkey` or - * `Secp256k1.uncompressPubkey` (both idempotent) before processing it. - */ - val privkey: UByteArray -) \ No newline at end of file diff --git a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/Slip10.kt b/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/Slip10.kt deleted file mode 100644 index 4fb8657..0000000 --- a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/Slip10.kt +++ /dev/null @@ -1,173 +0,0 @@ -package io.eqoty.secretk.crypto - -import com.ionspin.kotlin.bignum.integer.BigInteger -import com.ionspin.kotlin.bignum.integer.Sign -import io.eqoty.secretk.crypto.elliptic.biginteger.BN -import io.eqoty.secretk.crypto.elliptic.ec.EC -import io.eqoty.secretk.utils.toByteString -import okio.Buffer -import okio.ByteString.Companion.toByteString - -/** - * Raw values must match the curve string in SLIP-0010 master key generation - * - * @see https://github.com/satoshilabs/slips/blob/master/slip-0010.md#master-key-generation - */ -enum class Slip10Curve(val key: String) { - Secp256k1("Bitcoin seed"), - Ed25519("ed25519 seed") -} - -data class Slip10Result( - val chainCode: UByteArray, - val privkey: UByteArray -) - -//https://github.com/bluesky66-dev/X-Wallet-iOS/blob/master/Modules/walletkit/WalletKitCore/src/hedera/BRHederaCrypto.c -object Slip10 { - - val secp256k1 = EC.scep256k1 - - fun derivePath(curve: Slip10Curve, seed: UByteArray, path: Array): Slip10Result { - var result = this.master(curve, seed) - for (rawIndex in path) { - result = this.child(curve, result.privkey, result.chainCode, rawIndex) - } - return result - } - - private fun master(curve: Slip10Curve, seed: UByteArray): Slip10Result { - val firstKey = curve.key.encodeToByteArray().toByteString() - val i = seed.toByteString().hmacSha512(firstKey).toByteArray().toUByteArray() - val il = UByteArray(32).apply { - i.copyInto(this, 0, 0, i.size / 2) - } - val ir = UByteArray(32).apply { - i.copyInto(this, 0, i.size / 2, i.size) - } - - if (curve !== Slip10Curve.Ed25519 && (isZero(il) || isGteN(curve, il))) { - return this.master(curve, i) - } - - return Slip10Result( - chainCode = ir, - privkey = il - ) - } - - private fun child( - curve: Slip10Curve, - parentPrivkey: UByteArray, - parentChainCode: UByteArray, - rawIndex: Slip10RawIndex, - ): Slip10Result { - val i: UByteArray - if (rawIndex.isHardened()) { - val rawIndexBigEndian = Buffer().writeInt(rawIndex.toInt()).readByteArray().toUByteArray() - val payload = (ubyteArrayOf(0.toUByte()) + parentPrivkey + rawIndexBigEndian).toByteString() - i = payload.hmacSha512(parentChainCode.toByteString()).toByteArray().toUByteArray() - } else { - if (curve == Slip10Curve.Ed25519) { - throw Error("Normal keys are not allowed with ed25519") - } else { - // Step 1 of https://github.com/satoshilabs/slips/blob/master/slip-0010.md#private-parent-key--private-child-key - // Calculate I = HMAC-SHA512(Key = c_par, Data = ser_P(point(k_par)) || ser_32(i)). - // where the functions point() and ser_p() are defined in BIP-0032 - val rawIndexBigEndian = Buffer().writeInt(rawIndex.toInt()).readByteArray().toUByteArray() - val data = (serializedPoint( - curve, - BigInteger.fromUByteArray(parentPrivkey, Sign.POSITIVE) - ) + rawIndexBigEndian).toByteString() - i = data.hmacSha512(parentChainCode.toByteString()).toByteArray().toUByteArray() - } - } - - return this.childImpl(curve, parentPrivkey, parentChainCode, rawIndex, i) - } - - /** - * Implementation of ser_P(point(k_par)) from BIP-0032 - * - * @see https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki - */ - private fun serializedPoint(curve: Slip10Curve, p: BigInteger): UByteArray { - when (curve) { - Slip10Curve.Secp256k1 -> { - return secp256k1.g!!.mul(BN(p)).encodeCompressed() - } - - else -> throw Error("curve not supported") - } - } - - private fun childImpl( - curve: Slip10Curve, - parentPrivkey: UByteArray, - parentChainCode: UByteArray, - rawIndex: Slip10RawIndex, - i: UByteArray, - ): Slip10Result { - // step 2 (of the Private parent key → private child key algorithm) - - val il = UByteArray(32).apply { - i.copyInto(this, 0, 0, i.size / 2) - } - val ir = UByteArray(32).apply { - i.copyInto(this, 0, i.size / 2, i.size) - } - - // step 3 - val returnChainCode = ir - - // step 4 - if (curve === Slip10Curve.Ed25519) { - return Slip10Result( - chainCode = returnChainCode, - privkey = il - ) - } - - // step 5 - val n = n(curve) - val ilBi = BigInteger.fromUByteArray(il, Sign.POSITIVE) - val parentPrivkeyBi = BigInteger.fromUByteArray(parentPrivkey, Sign.POSITIVE) - val returnChildKeyAsNumber = ilBi.add(parentPrivkeyBi).mod(n) - val returnChildKey = returnChildKeyAsNumber.toUByteArray() - - // step 6 - if (isGteN(curve, il) || isZero(returnChildKey)) { - val payload = (byteArrayOf(0x01) + ir.toByteArray() + Buffer().writeInt(rawIndex.toInt()) - .readByteArray()).toByteString() - val newI = payload.hmacSha512(parentChainCode.toByteString()).toByteArray().toUByteArray() - return this.childImpl(curve, parentPrivkey, parentChainCode, rawIndex, newI) - } - - // step 7 - return Slip10Result( - chainCode = returnChainCode, - privkey = returnChildKey - ) - } - - - private fun isGteN(curve: Slip10Curve, privkey: UByteArray): Boolean { - val keyAsNumber = BigInteger.fromUByteArray(privkey, Sign.POSITIVE) - return keyAsNumber >= n(curve) - } - - private fun n(curve: Slip10Curve): BigInteger { - when (curve) { - Slip10Curve.Secp256k1 -> - return BigInteger.parseString("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141", 16) - - else -> throw Error("curve not supported") - } - } - - - private fun isZero(privkey: UByteArray): Boolean = - privkey.all { it == 0.toUByte() } - - -} \ No newline at end of file diff --git a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/Slip10RawIndex.kt b/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/Slip10RawIndex.kt deleted file mode 100644 index 4387400..0000000 --- a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/Slip10RawIndex.kt +++ /dev/null @@ -1,30 +0,0 @@ -package io.eqoty.secretk.crypto - -import kotlin.jvm.JvmInline -import kotlin.math.pow - -@JvmInline -value class Slip10RawIndex(val data: UInt) { - - companion object { - fun hardened(hardenedIndex: UInt): Slip10RawIndex = - Slip10RawIndex(hardenedIndex + 2.toDouble().pow(31.toDouble()).toUInt()) - - fun normal(normalIndex: UInt): Slip10RawIndex = - Slip10RawIndex(normalIndex) - } - - fun isHardened(): Boolean { - return this.data >= 2.toDouble().pow(31.toDouble()).toUInt() - } - - infix fun shr(bitCount: Int): UInt = - data.shr(bitCount) - - fun toInt(): Int = data.toInt() - - infix fun and(i: Long): UInt = data.and(i.toUInt()) - - fun toUByte(): UByte = data.toUByte() - -} \ No newline at end of file diff --git a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/deriveHKDFKey.kt b/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/deriveHKDFKey.kt deleted file mode 100644 index 8b045d6..0000000 --- a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/deriveHKDFKey.kt +++ /dev/null @@ -1,63 +0,0 @@ -package io.eqoty.secretk.crypto - -import com.ionspin.kotlin.crypto.auth.Auth -import com.ionspin.kotlin.crypto.auth.crypto_auth_BYTES -import com.ionspin.kotlin.crypto.auth.crypto_auth_KEYBYTES -import com.ionspin.kotlin.crypto.util.encodeToUByteArray -import kotlin.math.roundToInt - -sealed class HKDFError(override val message: String) : Error() -class HKDFInvalidSaltError : HKDFError("Salt length must match exactly the key length of the HMAC function.") -class HKDFInvalidLenError : HKDFError("Length of len must not be larger than 255 times the length of the hash output.") -class HMACCalculationFailedError(message: String) : HKDFError("HMAC calculation failed: $message") - - -/** -This function calculates a key using a HKDF (RFC 5869) which uses HMAC-SHA-512/256. -- Parameters: -- ikm: Input keying material -- salt: A nonce used to seed the HKDF, which must be 32 bytes long, if provided (optional) -- info: Context and application specific information (optional) -- L: Length of the output keying material in bytes, must not be larger than 255 * 32 bytes -- Returns: Output keying material of length L bytes - */ -fun deriveHKDFKey(ikm: UByteArray, _salt: UByteArray? = null, info: String = "", len: Int): UByteArray { - val hashOutputLength = crypto_auth_BYTES - val salt = _salt ?: UByteArray(hashOutputLength) { 0.toUByte() } - - if (len > 255 * hashOutputLength) { - throw HKDFInvalidLenError() - } - if (salt.size != crypto_auth_KEYBYTES) { - throw HKDFInvalidSaltError() - } - - // Step 1: Extract - val prk = try { - Auth.authHmacSha256(ikm, salt) - } catch (t: Throwable) { - throw HMACCalculationFailedError(t.message!!) - } - - // Step 2: Expand - val N = (len.toDouble() / hashOutputLength.toDouble()).roundToInt() - val T = arrayListOf() - - var lastTi = ubyteArrayOf() - for (i in 1..N) { - val message = arrayListOf() - message.addAll(lastTi) - message.addAll(info.encodeToUByteArray()) - message.add(i.toUByte()) - - val currentTi = try { - Auth.authHmacSha256(message.toUByteArray(), prk) - } catch (t: Throwable) { - throw HMACCalculationFailedError(t.message!!) - } - T.addAll(currentTi) - lastTi = currentTi - } - - return T.subList(0, len).toUByteArray() -} \ No newline at end of file diff --git a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/BasePoint.kt b/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/BasePoint.kt deleted file mode 100644 index 918dbea..0000000 --- a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/BasePoint.kt +++ /dev/null @@ -1,552 +0,0 @@ -package io.eqoty.secretk.crypto.elliptic - -import io.eqoty.secretk.crypto.elliptic.biginteger.BN -import io.eqoty.secretk.crypto.elliptic.biginteger.bitLength -import io.eqoty.secretk.crypto.elliptic.json.PrecomputedScep256k1 -import kotlinx.serialization.json.Json -import kotlinx.serialization.json.JsonArray -import kotlinx.serialization.json.decodeFromJsonElement -import kotlinx.serialization.json.jsonPrimitive -import kotlin.math.ceil - -data class PreComputed( - var beta: BasePoint?, - val doubles: ComputedDoubles?, - val naf: ComputedNaf -) - -data class ComputedDoubles(val step: Int, val points: List>) -data class ComputedNaf(val wnd: Int, val points: List>) - - -sealed class BasePoint(val curve: C, val type: String) { - abstract fun isInfinity(): Boolean - - var precomputed: PreComputed? = null - abstract val inf: Boolean - - - abstract fun mul(k: BN): BasePoint - - fun hasDoubles(k: BN): Boolean { - val doubles = precomputed?.doubles ?: return false - - return doubles.points.size >= ceil(((k.number.bitLength() + 1u) / doubles.step.toUInt()).toDouble()) - } - - fun getNAFPoints(wnd: Int): ComputedNaf { - if (precomputed?.naf != null) - return precomputed!!.naf - val res = mutableListOf(this) - val max = (1 shl wnd) - 1 - val dbl = if (max == 1) null else this.dbl() - for (i in 1 until max) { - TODO()// res[i] = res[i - 1].add(dbl) - } - return ComputedNaf( - wnd = wnd, - points = res, - ) - } - - fun encodeCompressed(): UByteArray = encode(true) - - abstract fun encode(compact: Boolean): UByteArray - - protected abstract fun dbl(): BasePoint - - fun validate(): Boolean = - curve.validate(this) - - abstract fun neg(precompute: Boolean? = null): BasePoint - abstract var x: BN? - abstract var y: BN? - - companion object - -} - -class ShortCurvePoint : BasePoint { - - override var x: BN? - override var y: BN? - override val inf: Boolean - - constructor(curve: ShortCurve, type: String, x: String?, y: String?, isRed: Boolean?) : - this( - curve, - type, - if (x != null) BN(x, 16) else x, - if (y != null) BN(y, 16) else y, - isRed - ) - - constructor(curve: ShortCurve, type: String, x: BN?, y: BN?, isRed: Boolean?) : super(curve, type) { - if (x == null && y == null) { - this.x = null - this.y = null - this.inf = true - } else { - this.x = x - this.y = y - // Force redgomery representation when loading from JSON - if (isRed == true) { - this.x = this.x!!.forceRed(this.curve.red) - this.y = this.y!!.forceRed(this.curve.red) - } - if (this.x?.red == null) - this.x = this.x!!.toRed(this.curve.red) - if (this.y?.red == null) - this.y = this.y!!.toRed(this.curve.red) - this.inf = false - } - } - - override fun isInfinity(): Boolean = inf - - - override fun mul(k: BN): BasePoint { - if (this.isInfinity()) - return this - else if (this.hasDoubles(k)) - return this.curve.fixedNafMul(this, k) - else if (this.curve.endo != null) - return this.curve.endoWnafMulAdd(listOf(this), listOf(k)) - else - return TODO() -// //return this.curve._wnafMul(this, k); - } - - - fun getDoubles(step: Int? = null, power: Int? = null): ComputedDoubles { - if (precomputed?.doubles != null) - return precomputed!!.doubles!! - -// var doubles = listOf(this) -// var acc = this; -// for ( i in 0 until power!! step step!!) { -// for (j in 0 until step) { -// acc = acc.dbl(); -// } -// doubles.push(acc); -// } -// return { -// step: step, -// points: doubles, -// } - return TODO() - } - - fun getBeta(): ShortCurvePoint? { - if (this.curve.endo == null) - return null - - var pre = this.precomputed - if (pre?.beta != null) - return pre.beta as ShortCurvePoint - - - var beta = this.curve.point(this.x!!.redMul(this.curve.endo.beta), this.y!!, null) - if (pre != null) { - var curve = this.curve - val endoMul: (ShortCurvePoint) -> ShortCurvePoint = { p -> - curve.point(p.x!!.redMul(curve.endo!!.beta), p.y!!, null) - } - - pre.beta = beta - beta.precomputed = PreComputed( - beta = null, - naf = ComputedNaf( - wnd = pre.naf.wnd, - points = pre.naf.points.map { endoMul(it as ShortCurvePoint) } - ), - doubles = ComputedDoubles( - step = pre.doubles!!.step, - points = pre.doubles!!.points.map { endoMul(it as ShortCurvePoint) } - ) - ) - } - return beta - } - - override fun neg(precompute: Boolean?): ShortCurvePoint { - if (this.inf) - return this - - val res = this.curve.point(this.x!!, this.y!!.redNeg(), null) - if (precompute != null && this.precomputed != null) { - val pre = this.precomputed!! - - val negate: (ShortCurvePoint) -> ShortCurvePoint = { p -> - p.neg() - } - - res.precomputed = PreComputed( - beta = null, - naf = ComputedNaf( - wnd = pre.naf.wnd, - points = pre.naf.points.map { negate(it as ShortCurvePoint) } - ), - doubles = ComputedDoubles( - step = pre.doubles!!.step, - points = pre.doubles.points.map { negate(it as ShortCurvePoint) } - ) - ) - } - return res - } - - fun toJ(): JPoint { - if (this.inf) - return this.curve.jpoint(null, null, null) - - val res = this.curve.jpoint(this.x, this.y, this.curve.one) - return res - } - - override fun encode(compact: Boolean): UByteArray { - val x = x!!.number.toUByteArray() - - if (compact) { - val prepend = ubyteArrayOf(if (y!!.isEven()) 0x02u else 0x03u) - return prepend + x - } - - return ubyteArrayOf(0x04u) + x + y!!.number.toUByteArray() - } - - override fun dbl(): BasePoint { - TODO("Not yet implemented") - } - - fun add(p: ShortCurvePoint): ShortCurvePoint { - // O + P = P - if (this.inf) - return p - - // P + O = P - if (p.inf) - return this - - // P + P = 2P - if (this == p) - return dbl() as ShortCurvePoint - - // P + (-P) = O - if (neg() == p) - return this.curve.point(null, null) - - // P + Q = O - if (this.x!!.compareTo(p.x!!) == 0) - return this.curve.point(null, null) - - var c = this.y!!.redSub(p.y!!) - if (c.compareTo(0) != 0) - c = c.redMul(this.x!!.redSub(p.x!!).redInvm()) - val nx = c.redSqr().redSub(this.x!!).redSub(p.x!!) - val ny = c.redMul(this.x!!.redSub(nx)).redSub(this.y!!) - return this.curve.point(nx, ny) - } - -} - - -class JPoint(curve: ShortCurve, x: BN?, y: BN?, z: BN?) : BasePoint(curve, "jacobian") { - - private var zOne: Boolean - override var x: BN? = null - override var y: BN? = null - var z: BN? - override val inf: Boolean - get() = isInfinity() - - init { - if (x === null && y === null && z === null) { - this.x = this.curve.one - this.y = this.curve.one - this.z = BN(0) - } else { - this.x = x - this.y = y - this.z = z - } - if (this.x!!.red == null) - this.x = this.x!!.toRed(this.curve.red) - if (this.y!!.red == null) - this.y = this.y!!.toRed(this.curve.red) - if (this.z!!.red == null) - this.z = this.z!!.toRed(this.curve.red) - - this.zOne = this.z === this.curve.one - } - - - override fun isInfinity(): Boolean = this.z?.compareTo(0) == 0 - - private fun zeroDbl(): JPoint { - var nx: BN - var ny: BN - var nz: BN - // Z = 1 - if (this.zOne) { - // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html - // #doubling-mdbl-2007-bl - // 1M + 5S + 14A - - // XX = X1^2 - val xx = this.x!!.redSqr() - // YY = Y1^2 - val yy = this.y!!.redSqr() - // YYYY = YY^2 - val yyyy = yy.redSqr() - // S = 2 * ((X1 + YY)^2 - XX - YYYY) - var s = this.x!!.redAdd(yy).redSqr().redSub(xx).redSub(yyyy) - s = s.redAdd(s) - // M = 3 * XX + a; a = 0 - val m = xx.redAdd(xx).redAdd(xx) - // T = M ^ 2 - 2*S - val t = m.redSqr().redSub(s).redSub(s) - - // 8 * YYYY - var yyyy8 = yyyy.redAdd(yyyy) - yyyy8 = yyyy8.redAdd(yyyy8) - yyyy8 = yyyy8.redAdd(yyyy8) - - // X3 = T - nx = t - // Y3 = M * (S - T) - 8 * YYYY - ny = m.redMul(s.redSub(t)).redSub(yyyy8) - // Z3 = 2*Y1 - nz = this.y!!.redAdd(this.y!!) - } else { - // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html - // #doubling-dbl-2009-l - // 2M + 5S + 13A - - // A = X1^2 - val a = this.x!!.redSqr() - // B = Y1^2 - val b = this.y!!.redSqr() - // C = B^2 - val c = b.redSqr() - // D = 2 * ((X1 + B)^2 - A - C) - var d = this.x!!.redAdd(b).redSqr().redSub(a).redSub(c) - d = d.redAdd(d) - // E = 3 * A - val e = a.redAdd(a).redAdd(a) - // F = E^2 - val f = e.redSqr() - - // 8 * C - var c8 = c.redAdd(c) - c8 = c8.redAdd(c8) - c8 = c8.redAdd(c8) - - // X3 = F - 2 * D - nx = f.redSub(d).redSub(d) - // Y3 = E * (D - X3) - 8 * C - ny = e.redMul(d.redSub(nx)).redSub(c8) - // Z3 = 2 * Y1 * Z1 - nz = this.y!!.redMul(this.z!!) - nz = nz.redAdd(nz) - } - - return JPoint(curve, nx, ny, nz) - } - - override fun dbl(): JPoint { - if (this.isInfinity()) - return this - - if (this.curve.zeroA) { - return this.zeroDbl() - } else if (this.curve.threeA) { - return TODO() -// return this._threeDbl(); - } else { - return dbl() - } - } - - fun dblp(pow: Int?): JPoint { - if (pow == 0) - return this - if (this.isInfinity()) - return this - if (pow == null) - return this.dbl() - - var i: Int = 0 - if (this.curve.zeroA || this.curve.threeA) { - var r = this - while (i < pow) { - r = r.dbl() - i++ - } - return r - } - return TODO() - -// // 1M + 2S + 1A + N * (4S + 5M + 8A) -// // N = 1 => 6M + 6S + 9A -// var a = this.curve.a; -// var tinv = this.curve.tinv; -// -// var jx = this.x; -// var jy = this.y; -// var jz = this.z; -// var jz4 = jz.redSqr().redSqr(); -// -// // Reuse results -// var jyd = jy.redAdd(jy); -// for (i in 0 until pow) { -// var jx2 = jx.redSqr(); -// var jyd2 = jyd.redSqr(); -// var jyd4 = jyd2.redSqr(); -// var c = jx2.redAdd(jx2).redIAdd(jx2).redIAdd(a.redMul(jz4)); -// -// var t1 = jx.redMul(jyd2); -// var nx = c.redSqr().redISub(t1.redAdd(t1)); -// var t2 = t1.redISub(nx); -// var dny = c.redMul(t2); -// dny = dny.redIAdd(dny).redISub(jyd4); -// var nz = jyd.redMul(jz); -// if (i + 1 < pow) -// jz4 = jz4.redMul(jyd4); -// -// jx = nx; -// jz = nz; -// jyd = dny; -// } -// -// return this.curve.jpoint(jx, jyd.redMul(tinv), jz); - } - - fun mixedAdd(p: ShortCurvePoint): JPoint { - // O + P = P - if (this.isInfinity()) - return p.toJ() - - // P + O = P - if (p.isInfinity()) - return this - - // 8M + 3S + 7A - val z2 = this.z!!.redSqr() - val u1 = this.x!! - val u2 = p.x!!.redMul(z2) - val s1 = this.y!! - val s2 = p.y!!.redMul(z2).redMul(this.z!!) - - val h = u1.redSub(u2) - val r = s1.redSub(s2) - if (h.compareTo(0) == 0) { - return if (r.compareTo(0) != 0) - this.curve.jpoint(null, null, null) - else - this.dbl() - } - - val h2 = h.redSqr() - val h3 = h2.redMul(h) - val v = u1.redMul(h2) - - val nx = r.redSqr().redAdd(h3).redSub(v).redSub(v) - val ny = r.redMul(v.redSub(nx)).redSub(s1.redMul(h3)) - val nz = this.z!!.redMul(h) - - return this.curve.jpoint(nx, ny, nz) - } - - fun add(p: JPoint): JPoint { - // O + P = P - if (this.isInfinity()) - return p - - // P + O = P - if (p.isInfinity()) - return this - - // 12M + 4S + 7A - val pz2 = p.z!!.redSqr() - val z2 = this.z!!.redSqr() - val u1 = this.x!!.redMul(pz2) - val u2 = p.x!!.redMul(z2) - val s1 = this.y!!.redMul(pz2.redMul(p.z!!)) - val s2 = p.y!!.redMul(z2.redMul(this.z!!)) - - val h = u1.redSub(u2) - val r = s1.redSub(s2) - if (h.compareTo(0) == 0) { - return if (r.compareTo(0) != 0) - this.curve.jpoint(null, null, null) - else - this.dbl() - } - - val h2 = h.redSqr() - val h3 = h2.redMul(h) - val v = u1.redMul(h2) - - val nx = r.redSqr().redAdd(h3).redSub(v).redSub(v) - val ny = r.redMul(v.redSub(nx)).redSub(s1.redMul(h3)) - val nz = this.z!!.redMul(p.z!!).redMul(h) - - return this.curve.jpoint(nx, ny, nz) - } - - fun toP(): ShortCurvePoint { - if (this.isInfinity()) - return this.curve.point(null, null, null) - - val zinv = this.z!!.redInvm() - val zinv2 = zinv.redSqr() - val ax = this.x!!.redMul(zinv2) - val ay = this.y!!.redMul(zinv2).redMul(zinv) - - return this.curve.point(ax, ay, null) - } - - override fun encode(compact: Boolean): UByteArray { - TODO("Not yet implemented") - } - - override fun mul(k: BN): JPoint { - return TODO() - //return this.curve.wnafMul(this, k); - } - - override fun neg(precompute: Boolean?): JPoint { - return TODO() - } - -} - - -fun BasePoint.Companion.fromJSON(curve: ShortCurve, obj: JsonArray, red: Boolean): ShortCurvePoint { - val obj0 = obj[0].jsonPrimitive.content - val obj1 = obj[1].jsonPrimitive.content - val res = curve.point(obj0, obj1, red) - - if (obj.size == 2) - return res - - val obj2point: (List) -> BasePoint = { - curve.point(it[0], it[1], red) - } - - val pre: PrecomputedScep256k1 = Json.decodeFromJsonElement(obj[2]) - - res.precomputed = PreComputed( - beta = null, - doubles = ComputedDoubles( - step = pre.doubles.step, - points = listOf(res) + pre.doubles.points.map(obj2point) - ), - naf = ComputedNaf( - wnd = pre.naf.wnd, - points = listOf(res) + pre.naf.points.map(obj2point) - ) - ) - return res -} \ No newline at end of file diff --git a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/Curve.kt b/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/Curve.kt deleted file mode 100644 index fc331c3..0000000 --- a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/Curve.kt +++ /dev/null @@ -1,375 +0,0 @@ -package io.eqoty.secretk.crypto.elliptic - -import io.eqoty.secretk.crypto.elliptic.biginteger.BN -import io.eqoty.secretk.crypto.elliptic.biginteger.mont -import io.eqoty.secretk.crypto.elliptic.biginteger.red -import io.eqoty.secretk.crypto.elliptic.curves.Endomorphism -import io.eqoty.secretk.crypto.elliptic.curves.PresetCurve -import io.eqoty.secretk.crypto.elliptic.utils.getJSF -import io.eqoty.secretk.crypto.elliptic.utils.getNAF -import kotlinx.serialization.json.Json -import kotlinx.serialization.json.jsonArray -import kotlin.math.max - -sealed class Curve(val presetCurve: PresetCurve) { - - val p = presetCurve.p - val red = if (presetCurve.prime != null) BN.red(presetCurve.prime!!) else BN.mont(p) - - // Useful for many curves - val zero = BN(0).toRed(this.red) - val one = BN(1).toRed(this.red) - val two = BN(2).toRed(this.red) - - val n = presetCurve.n - val g: BasePoint<*>? = presetCurve.g?.let { g -> - pointFromJSON(g, presetCurve.gRed) - } - - abstract fun pointFromJSON(g: String, gRed: Boolean): BasePoint<*> - - abstract fun validate(basePoint: BasePoint<*>): Boolean - - - abstract fun decodePoint(bytes: UByteArray, enc: String?): BasePoint<*> - - - // Temporary arrays - protected val _wnafT1 = Array(4) { null } - protected val _wnafT3 = Array?>(4) { null } - protected val _wnafT4 = Array(4) { null } - - protected val bitLength = if (this.n != null) this.n.bitLength() else 0u -} - -class ShortCurve(presetCurve: PresetCurve) : Curve(presetCurve) { - - - val a = presetCurve.a.toRed(red) - val b = presetCurve.b.toRed(red) - //val tinv = two.redInvm(); - - val zeroA = a.fromRed() == BN.ZERO - val threeA = this.a.fromRed().subtract(this.p).compareTo(-3) == 0 - - val endo = getEndomorphism() - - fun point(x: String, y: String, isRed: Boolean? = null): ShortCurvePoint = - ShortCurvePoint(this, "affine", x, y, isRed) - - fun point(x: BN?, y: BN?, isRed: Boolean? = null): ShortCurvePoint = - ShortCurvePoint(this, "affine", x, y, isRed) - - - private fun getEndomorphism(): Endomorphism? { - // No efficient endomorphism - if (!this.zeroA || this.g == null || this.n == null || p.mod(BN(3)) != BN.ONE) - return null - - // Compute beta and lambda, that lambda * P = (beta * Px; Py) - - - val beta = presetCurve.beta!!.toRed(red) - val lambda = presetCurve.lambda - - - // Get basis vectors, used for balanced length-two representation - val basis = presetCurve.basis - - return Endomorphism( - beta = beta, - lambda = lambda, - basis = basis, - ) - } - - private data class EndoSplit(var k1: BN, var k2: BN) - - private fun endoSplit(k: BN): EndoSplit { - val basis = this.endo!!.basis - val v1 = basis[0] - val v2 = basis[1] - - val c1 = v2.b.multiply(k).divRound(n!!) - var c2 = v1.b.negate().multiply(k).divRound(n) - - - val p1 = c1.multiply(v1.a) - val p2 = c2.multiply(v2.a) - val q1 = c1.multiply(v1.b) - val q2 = c2.multiply(v2.b) - - // Calculate answer - var k1 = k.subtract(p1).subtract(p2) - var k2 = q1.add(q2).negate() - return EndoSplit(k1 = k1, k2 = k2) - } - - fun endoWnafMulAdd( - points: List, - coeffs: List, - jacobianResult: Any? = null - ): BasePoint { - val npoints = MutableList(4) { null } - val ncoeffs = MutableList(4) { null } - for (i in points.indices) { - val split = this.endoSplit(coeffs[i]) - var p = points[i] - var beta = p.getBeta()!! - if (split.k1.negative) { - split.k1 = split.k1.negate() - p = p.neg(true) - } - if (split.k2.negative) { - split.k2 = split.k2.negate() - beta = beta.neg(true) - } - - npoints[i * 2] = p - npoints[i * 2 + 1] = beta - ncoeffs[i * 2] = split.k1 - ncoeffs[i * 2 + 1] = split.k2 - } - val res = this.wnafMulAdd(1, npoints, ncoeffs.toList(), points.size * 2, jacobianResult) - - // Clean-up references to points and coefficients - for (j in 0 until npoints.size) { - npoints[j] = null - ncoeffs[j] = null - } - return res - } - - fun wnafMulAdd( - defW: Int, - points: MutableList, - coeffs: List, - len: Int, - jacobianResult: Any? = null - ): BasePoint { - var wndWidth = this._wnafT1 - val wnd = Array?>?>(4) { null } - var naf = this._wnafT3 - - // Fill all arrays - var max = 0 -// var i; -// var j; - - for (i in 0 until len) { - val p = points[i]!! - val nafPoints = p.getNAFPoints(defW) - wndWidth[i] = nafPoints.wnd - wnd[i] = nafPoints.points as List - } - var p = points[len - 1] as BasePoint? - // Comb small window NAFs - for (i in len - 1 downTo 1 step 2) { - var a = i - 1 - var b = i - if (wndWidth[a] != 1 || wndWidth[b] != 1) { - naf[a] = getNAF(coeffs[a]!!, wndWidth[a]!!, this.bitLength.toInt()) - naf[b] = getNAF(coeffs[b]!!, wndWidth[b]!!, this.bitLength.toInt()) - max = max(naf[a]!!.size, max) - max = max(naf[b]!!.size, max) - continue - } - val comb: MutableList?> = mutableListOf( - points[a] as ShortCurvePoint, /* 1 */ - null, /* 3 */ - null, /* 5 */ - points[b] as ShortCurvePoint, /* 7 */ - ) - - // Try to avoid Projective points, if possible - if (points[a]!!.y!!.compareTo(points[b]!!.y!!) == 0) { - comb[1] = points[a]!!.add(points[b]!!) - comb[2] = points[a]!!.toJ().mixedAdd(points[b]!!.neg()) - } else if (points[a]!!.y!!.compareTo(points[b]!!.y!!.redNeg()) == 0) { - comb[1] = points[a]!!.toJ().mixedAdd(points[b]!!) - comb[2] = points[a]!!.add(points[b]!!.neg()) - } else { - comb[1] = points[a]!!.toJ().mixedAdd(points[b]!!) - comb[2] = points[a]!!.toJ().mixedAdd(points[b]!!.neg()) - } - - val index = listOf( - -3, /* -1 -1 */ - -1, /* -1 0 */ - -5, /* -1 1 */ - -7, /* 0 -1 */ - 0, /* 0 0 */ - 7, /* 0 1 */ - 5, /* 1 -1 */ - 1, /* 1 0 */ - 3, /* 1 1 */ - ) - - val jsf = getJSF(coeffs[a]!!, coeffs[b]!!) - max = max(jsf[0].size, max) - naf[a] = Array(max) { 0 } - naf[b] = Array(max) { 0 } - for (j in 0 until max) { - val ja = jsf[0][j] or 0 - val jb = jsf[1][j] or 0 - - naf[a]!![j] = index[(ja + 1) * 3 + (jb + 1)] - naf[b]!![j] = 0 - wnd[a] = comb.toList() - } - } - - var acc = JPoint(this, null, null, null) - var tmp = this._wnafT4 - var i = max - while (i >= 0) { - var k = 0 - - while (i >= 0) { - var zero = true - for (j in 0 until len) { - tmp[j] = naf[j]!!.getOrElse(i) { 0 } - if (tmp[j] != 0) - zero = false - } - if (!zero) - break - k++ - i-- - } - if (i >= 0) - k++ - acc = acc.dblp(k) - if (i < 0) - break - for (j in 0 until len) { - val z = tmp[j] - - if (z == 0) - continue - else if (z!! > 0) - p = wnd[j]!![(z - 1) shr 1] - else if (z < 0) - p = wnd[j]!![(-z - 1) shr 1]!!.neg() - - if (p!!.type == "affine") - acc = acc.mixedAdd(p as ShortCurvePoint) - else - acc = acc.add(p as JPoint) - } - i-- - } - // Zeroify references - for (i in 0 until len) { - wnd[i] = null - } - if (jacobianResult != null) - return acc - else - return acc.toP() - } - - fun jpoint(x: BN?, y: BN?, z: BN?): JPoint = JPoint(this, x, y, z) - - fun fixedNafMul(p: ShortCurvePoint, k: BN): BasePoint { - require(p.precomputed != null) - var doubles = p.getDoubles() - - var naf = getNAF(k, 1, this.bitLength.toInt()) - var I = (1 shl (doubles.step + 1)) - (if (doubles.step % 2 == 0) 2 else 1) - I /= 3 - - // Translate into more windowed form - var repr = mutableListOf() - var j = 0 - var nafW: Int? - while (j < naf.size) { - nafW = 0 - for (l in j + doubles.step - 1 downTo j) { - nafW = naf.getOrNull(l)?.plus(nafW?.shl(1) ?: 0) - } - repr.add(nafW!!) - j += doubles.step - } - - var a = this.jpoint(null, null, null) - var b = this.jpoint(null, null, null) - for (i in I downTo 1) { - for (l in 0 until repr.size) { - nafW = repr[l] - if (nafW == i) - b = b.mixedAdd(doubles.points[l] as ShortCurvePoint) - else if (nafW == -i) - b = b.mixedAdd((doubles.points[l] as ShortCurvePoint).neg()) - } - a = a.add(b) - } - return a.toP() - } - - override fun pointFromJSON(g: String, gRed: Boolean): BasePoint<*> = - BasePoint.fromJSON(this, Json.parseToJsonElement(g).jsonArray, presetCurve.gRed) - - override fun validate(_point: BasePoint<*>): Boolean { - val point = _point as ShortCurvePoint - if (point.inf) - return true - - val x = point.x - val y = point.y - - val ax = this.a.redMul(x!!) - val rhs = x.redSqr().redMul(x).redAdd(ax).redAdd(this.b) - return y!!.redSqr().redSub(rhs).compareTo(0) == 0 - } - - override fun decodePoint(bytes: UByteArray, enc: String?): ShortCurvePoint { - var len = this.p.byteLength() - - // uncompressed, hybrid-odd, hybrid-even - if ((bytes[0].toInt() == 0x04 || bytes[0].toInt() == 0x06 || bytes[0].toInt() == 0x07) && - bytes.size - 1 == 2 * len - ) { - if (bytes[0].toInt() == 0x06) - require(bytes[bytes.size - 1].toInt() % 2 == 0) - else if (bytes[0].toInt() == 0x07) - require(bytes[bytes.size - 1].toInt() % 2 == 1) - - val res = this.point( - BN(bytes.slice(IntRange(1, len)).toUByteArray()), - BN(bytes.slice(IntRange(1 + len, 2 * len)).toUByteArray()) - ) - - return res - } else if ((bytes[0].toInt() == 0x02 || bytes[0].toInt() == 0x03) && - bytes.size - 1 == len - ) { - return this.pointFromX( - bytes.slice(IntRange(1, len)).toUByteArray(), - bytes[0].toInt() == 0x03 - ) - } - throw Error("Unknown point format") - } - - private fun pointFromX(_x: UByteArray, odd: Boolean): ShortCurvePoint { - TODO() -// var x = BN(_x); -// if (x.red == null) -// x = x.toRed(this.red); -// -// val y2 = x.redSqr().redMul(x).redAdd(x.redMul(this.a)).redAdd(this.b); -// var y = y2.redSqrt(); -// if (y.redSqr().redSub(y2).cmp(this.zero) !== 0) -// throw Error("invalid point"); -// -// // XXX Is there any way to tell if the number is odd without converting it -// // to non-red form? -// var isOdd = y.fromRed().isOdd(); -// if (odd && !isOdd || !odd && isOdd) -// y = y.redNeg(); -// -// return this.point(x, y); - } - -} \ No newline at end of file diff --git a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/biginteger/BN.kt b/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/biginteger/BN.kt deleted file mode 100644 index 46e4f23..0000000 --- a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/biginteger/BN.kt +++ /dev/null @@ -1,659 +0,0 @@ -package io.eqoty.secretk.crypto.elliptic.biginteger - -import com.ionspin.kotlin.bignum.decimal.BigDecimal -import com.ionspin.kotlin.bignum.decimal.DecimalMode -import com.ionspin.kotlin.bignum.decimal.RoundingMode -import com.ionspin.kotlin.bignum.integer.BigInteger -import com.ionspin.kotlin.bignum.integer.Sign -import kotlin.math.ceil -import kotlin.math.max - -class BN { - val number: BigInteger - - // Reduction context - val red: Red? - - constructor(number: BigInteger, red: Red? = null) { - this.number = number - this.red = red - } - - constructor(string: String, base: Int = 16, red: Red? = null) { - this.number = BigInteger.parseString(string.replace(" ", ""), base) - this.red = red - } - - constructor(num: Int, red: Red? = null) { - this.number = BigInteger.fromInt(num) - this.red = red - } - - constructor(number: UByteArray, red: Red? = null) { - this.number = BigInteger.fromUByteArray(number, Sign.POSITIVE) - this.red = red - } - - fun bitLength() = number.bitLength() - - - fun toRed(ctx: Red): BN { - require(red == null) { "Already a number in reduction context" } - require(!number.isNegative) { "red works only with positives" } - return ctx.convertTo(this).forceRed(ctx) - } - - internal fun forceRed(ctx: Red): BN = BN(this.number, ctx) - - fun fromRed(): BN { - require(this.red != null) { "fromRed works only with numbers in reduction context" } - return this.red.convertFrom(this) - } - - - val negative: Boolean - get() = number.isNegative - - val zero: Boolean - get() = number.isZero() - - /** - * The least significant 26 bits == Word[0] in https://github.com/indutny/bn.js/ - */ - val word0: BN - get() = this.and(BN(0x3ffffff)) - - - fun shl(n: Int): BN = BN(number.shl(n), red) - fun shr(n: Int): BN = BN(number.shr(n), red) - - fun subtract(n: BN): BN = BN(number.subtract(n.number), red) - - fun mod(n: BN): BN = BN(number.mod(n.number), red) - - fun multiply(n: BN): BN = BN(number.multiply(n.number), red) - - fun negate(): BN = BN(number.negate(), red) - - fun add(n: BN): BN = BN(number.add(n.number), red) - - infix fun and(n: BN): BN = BN(number.and(n.number), red) - - fun gcd(n: BN): BN = BN(number.gcd(n.number), red) - - fun egcd(p: BN): EGCDResult { - require(!p.negative) - require(!p.isZero()) - - var x = this - var y = p - - if (x.negative) { - x = x.mod(p) - } - - // A * x + B * y = x - var A = BN(1) - var B = BN(0) - - // C * x + D * y = y - var C = BN(0) - var D = BN(1) - - var g = 0 - - while (x.isEven() && y.isEven()) { - x = x.shr(1) - y = y.shr(1) - ++g - } - - var yp = y - var xp = x - - while (!x.isZero()) { - var i = 0 - var im = 1 - while ((x.word0 and BN(im)) == ZERO && i < 26) { - ++i - im = im shl 1 - } - if (i > 0) { - x = x.shr(i) - while (i-- > 0) { - if (A.isOdd() || B.isOdd()) { - A = A.add(yp) - B = B.subtract(xp) - } - - A = A.shr(1) - B = B.shr(1) - } - } - - - var j = 0 - var jm = 1 - while ((y.word0 and BN(jm)) == ZERO && j < 26) { - ++j - jm = jm shl 1 - } - if (j > 0) { - y = y.shr(j) - while (j-- > 0) { - if (C.isOdd() || D.isOdd()) { - C = C.add(yp) - D = D.subtract(xp) - } - - C = C.shr(1) - D = D.shr(1) - } - } - - - if (x >= y) { - x = x.subtract(y) - A = A.subtract(C) - B = B.subtract(D) - } else { - y = y.subtract(x) - C = C.subtract(A) - D = D.subtract(B) - } - } - - return EGCDResult( - a = C, - b = D, - gcd = y.shl(g) - ) - } - - private fun isZero(): Boolean = number.isZero() - - - fun divRound(divisor: BN): BN { - val resultAndRem = number.divideAndRemainder(divisor.number) - var result = resultAndRem.first - val remainder = resultAndRem.second - - if (!result.isNegative) { - val remainderDec = BigDecimal.fromBigInteger(remainder) - val divisorDec = BigDecimal.fromBigInteger(divisor.number) - val oneHalf = BigDecimal.fromDouble(0.5) - val remainderOverDivisor = - remainderDec.divide(divisorDec, DecimalMode(decimalPrecision = 2, roundingMode = RoundingMode.FLOOR)) - if (remainderOverDivisor >= oneHalf) { - // round by adding one if remainder over divisor is >= 0.5 - result += 1 - } - return BN(result, red) - } else { - return TODO("Handle negative round") - } - } - - - // This is reduced incarnation of the binary EEA - // above, designated to invert members of the - // _prime_ fields F(p) at a maximal speed - fun _invmp(p: BN): BN { - require(!p.negative) - require(!p.zero) - - var a = this - var b = p - - if (a.negative) { - a = a.mod(p) - } - - var x1 = BN(1) - var x2 = BN(0) - - var delta = b - - - while (a > 1 && b > 1) { - var i = 0 - var im = 1 - while ((a.word0.number.intValue() and im) == 0 && i < 26) { - i++ - im = im shl 1 - } - if (i > 0) { - a = a.shr(i) - while (i-- > 0) { - if (x1.isOdd()) { - x1 = x1.add(delta) - } - - x1 = x1.shr(1) - } - } - - var j = 0 - var jm = 1 - while ((b.word0.number.intValue() and jm) == 0 && j < 26) { - j++ - jm = jm shl 1 - } - if (j > 0) { - b = b.shr(j) - while (j-- > 0) { - if (x2.isOdd()) { - x2 = x2.add(delta) - } - - x2 = x2.shr(1) - } - } - - - if (a >= b) { - a = a.subtract(b) - x1 = x1.subtract(x2) - } else { - b = b.subtract(a) - x2 = x2.subtract(x1) - } - } - - val res: BN - if (a.compareTo(1) == 0) { - res = x1 - } else { - res = x2 - } - - if (res < 0) { - res.add(p) - } - - return res - } - - fun redMul(num: BN): BN { - require(this.red != null) { "redMul works only with red numbers" } - this.red.verify2(this, num) - return this.red.mul(this, num) - } - - operator fun compareTo(i: Int): Int = number.compareTo(i) - operator fun compareTo(i: BN): Int = number.compareTo(i.number) - - override fun equals(other: Any?): Boolean { - if (other is BN) { - if (number == other.number && red != other.red) { - println("Warning: Comparing two BN numbers with same number, but different red values. Returning false. This may not be the desired behavior") - } - return number == other.number && red == other.red - } - return super.equals(other) - } - - fun redNeg(): BN { - require(this.red != null) { "redMul works only with red numbers" } - this.red.verify1(this) - return this.red.neg(this) - } - - fun andln(num: Int): Int { - val leastSignificant26Bits = word0.number.intValue() - return leastSignificant26Bits.and(num) - } - - fun invm(num: BN): BN { - return egcd(num).a.mod(num) - } - - - fun isOdd(): Boolean { - val one = BN(1) - return this.and(one).number.abs() == one.number - } - - fun isEven(): Boolean { - return !isOdd() - } - - - fun redAdd(num: BN): BN { - require(this.red != null) { "redMul works only with red numbers" } - return this.red.add(this, num) - } - - fun redInvm(): BN { - require(this.red != null) { "redMul works only with red numbers" } - this.red.verify1(this) - return this.red.invm(this) - } - - fun redSqr(): BN { - require(this.red != null) { "redMul works only with red numbers" } - this.red.verify1(this) - return this.red.sqr(this) - } - - fun redSub(num: BN): BN { - require(this.red != null) { "redMul works only with red numbers" } - return this.red.sub(this, num) - } - - fun byteLength(): Int = number.byteLength().toInt() - - - companion object { - val ZERO = BN(BigInteger.ZERO) - val ONE = BN(BigInteger.ONE) - } - -} - - -fun BN.Companion.red(m: String) = Red(m) -fun BN.Companion.mont(m: BN) = Mont(m) - -fun BN.Companion.prime(name: String): MPrime { - // Cached version of prime - if (primes[name] != null) return primes[name]!! - - val prime = - if (name == "k256") { - MPrime( - "k256", - BN( - "ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff fffffffe fffffc2f", - 16 - ) - ) - } else if (name === "p224") { - TODO() - //P224() - } else if (name === "p192") { - TODO() - //P192() - } else if (name === "p25519") { - TODO() - //P25519() - } else { - throw Error("Unknown prime $name") - } - primes[name] = prime - - return prime -} - - -private val primes = mutableMapOf( - // Prime numbers with efficient reduction - "k256" to null, - "p224" to null, - "p192" to null, - "p25519" to null -) - -// Pseudo-Mersenne prime -class MPrime(val name: String, val p: BN) { - // P = 2 ^ N - K - val n = p.bitLength().toInt() - val k = BN.ONE.shl(this.n).subtract(this.p) - -// val tmp = _tmp() -// -// private fun _tmp(): BN { -// val words : WordArray = ULongArray(ceil(this.n.toDouble() / 13.toDouble()).toInt()) { 0u } -// return BN(BigInteger.createFromWordArray(words, Sign.ZERO)) -// } - - fun ireduce(num: BN): BN { - // Assumes that `num` is less than `P^2` - // num = HI * (2 ^ N - K) + HI * K + LO = HI * K + LO (mod P) - var r = num - var rlen: ULong = 0u - - do { - val split = this.split(r) - r = split.first - val tmp = split.second - r = this.mulK(r) - r = r.add(tmp) - rlen = r.bitLength() - } while (rlen.toInt() > this.n) - val cmp = if (rlen < n.toULong()) -1 else r.compareTo(this.p) - if (cmp == 0) { - TODO() -// r.words[0] = 0; -// r.length = 1; - } else if (cmp > 0) { - r = r.subtract(this.p) - } - - return r - } - - private fun split(input: BN): Pair { - val a = BN(input.number.shr(n), input.red) - val numBytesShifted = n / 8 - val inputByteArray = input.number.toByteArray() - val inputByteSize = inputByteArray.size - val startCopyIndex = max(inputByteSize - numBytesShifted, 0) - val endCopyIndex = inputByteSize - val bByteSize = inputByteSize - startCopyIndex - val bByteArray = ByteArray(bByteSize) { 0 } - inputByteArray.copyInto(bByteArray, 0, startCopyIndex, endCopyIndex) - val b = BN(BigInteger.fromByteArray(bByteArray, Sign.POSITIVE), input.red) - return Pair(a, b) - } - - private fun mulK(num: BN): BN { - return num.multiply(this.k) - } - -} - -open class Red { - val m: BN - var prime: MPrime? - - constructor(m: String) { - val prime = BN.prime(m) - this.m = prime.p - this.prime = prime - } - - constructor(m: BN) { - require(m > 1) { "modulus must be greater than 1" } - this.m = m - this.prime = null - } - - open fun convertTo(num: BN): BN { - val r = num.mod(this.m) - return r - } - - open fun convertFrom(num: BN): BN { - return BN(num.number) - } - - internal fun verify2(a: BN, b: BN) { - require(!a.negative && !b.negative) { "red works only with positives" } - require(a.red != null && a.red == b.red) { "red works only with red numbers" } - } - - fun mul(a: BN, b: BN): BN { - this.verify2(a, b) - return this.imod(a.multiply(b)) - } - - fun imod(a: BN): BN { - if (this.prime != null) { - return this.prime!!.ireduce(a).forceRed(this) - } else return a.mod(this.m).forceRed(this) - } - - fun verify1(a: BN) { - require(!a.negative) { "red works only with positives" } - require(a.red != null) { "red works only with red numbers" } - } - - fun neg(num: BN): BN { - if (num.number.isZero()) { - return num - } - return m.subtract(num).forceRed(this) - } - - fun invm(num: BN): BN { - var inv = num._invmp(this.m) - if (inv.negative) { - return this.imod(inv).redNeg() - } else { - return this.imod(inv) - } - } - - fun sqr(num: BN): BN { - return this.mul(num, num) - } - - fun add(a: BN, b: BN): BN { - this.verify2(a, b) - - var res = a.add(b) - if (res >= this.m) { - res = res.subtract(this.m) - } - return res.forceRed(this) - } - - fun sub(a: BN, b: BN): BN { - this.verify2(a, b) - - var res = a.subtract(b) - if (res < 0) { - res = res.add(this.m) - } - return res.forceRed(this) - } -} - -class Mont(m: BN) : Red(m) { - - - init { - TODO() - } - - val shift: ULong - get() { - var tmpShift = this.m.number.bitLength() - if (tmpShift % 26u != 0.toULong()) { - tmpShift += 26u - (tmpShift % 26u) - } - return tmpShift - } - - -// val r = BN.ONE.shl(shift.toInt()) -// val r2 = this.imod(this.r.sqr()); -// this.rinv = this.r._invmp(this.m); -// -// this.minv = this.rinv.mul(this.r).isubn(1).div(this.m); -// this.minv = this.minv.umod(this.r); -// this.minv = this.r.sub(this.minv); - - override fun convertTo(num: BN): BN { - TODO() - } - - override fun convertFrom(num: BN): BN { - TODO() - } -} - -// And first word and num -fun BigInteger.andln(num: ULong): ULong { - return getBackingArrayCopy()[0] and num -} - - -fun BigInteger.countBits(w: ULong): ULong { - var t = w - var r = 0u - if (t >= 4096u) { - r += 13u - t = t shr 13 - } - if (t >= 64u) { - r += 7u - t = t shr 7 - } - if (t >= 8u) { - r += 4u - t = t shr 4 - } - if (t >= 2u) { - r += 2u - t = t shr 2 - } - return r + t -} - -fun BigInteger.bitLength(): ULong { - val byteArray = toByteArray() - if (byteArray.isEmpty()) return 0u - val leadingZeros = byteArray[0].countLeadingZeroBits().toULong() - return byteArray.size.toULong() * 8u - leadingZeros -} - -fun BigInteger.byteLength(): ULong { - return ceil(this.bitLength().toDouble() / 8.0).toULong() -} - -fun BigInteger.toArray(endian: String, length: Int?): ULongArray { - var byteLength = this.byteLength().toInt() - var reqLength = length ?: max(1, byteLength) - require(byteLength <= reqLength) { "byte array longer than desired length" } - require(reqLength > 0) { "Requested array length <= 0" } - - var littleEndian = endian == "le" - var res = ULongArray(reqLength) { 0u } - - var b: ULong - var q = BigInteger.fromBigInteger(this) - if (!littleEndian) { - // Assume big-endian - for (i in 0 until (reqLength - byteLength)) { - res[i] = 0u - } - var i = 0 - while (!q.isZero()) { - b = q.andln(255u/*0xff*/) - q = q shr 8 - - res[reqLength - i - 1] = b - i++ - } - } else { - var i = 0 - while (!q.isZero()) { - b = q.andln(255u/*0xff*/) - q = q shr 8 - - res[i] = b - i++ - } - - while (i < reqLength) { - res[i] = 0u - i++ - } - } - - return res -} - -data class EGCDResult(val a: BN, val b: BN, val gcd: BN) \ No newline at end of file diff --git a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/curves/PresetCurve.kt b/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/curves/PresetCurve.kt deleted file mode 100644 index 52470bb..0000000 --- a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/curves/PresetCurve.kt +++ /dev/null @@ -1,28 +0,0 @@ -package io.eqoty.secretk.crypto.elliptic.curves - -import io.eqoty.secretk.crypto.elliptic.biginteger.BN - - -sealed interface PresetCurve { - val gRed: Boolean - val a: BN - val b: BN - val g: String? - val n: BN? - val type: String - val prime: String? - val p: BN - val h: String - val hash: String - val lambda: BN - val beta: BN? - val basis: List -} - -data class Basis(val a: BN, val b: BN) - -data class Endomorphism( - val beta: BN, - val lambda: BN, - val basis: List -) \ No newline at end of file diff --git a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/curves/Scep256k1Preset.kt b/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/curves/Scep256k1Preset.kt deleted file mode 100644 index 5622b26..0000000 --- a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/curves/Scep256k1Preset.kt +++ /dev/null @@ -1,839 +0,0 @@ -package io.eqoty.secretk.crypto.elliptic.curves - -import io.eqoty.secretk.crypto.elliptic.biginteger.BN - - -object Scep256k1Preset : PresetCurve { - - override val gRed = false - override val type = "short" - override val prime = "k256" - override val p = BN( - "ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff fffffffe fffffc2f", - 16 - ) - override val a = BN("0", 16) - override val b = BN("7", 16) - override val n = BN( - "ffffffff ffffffff ffffffff fffffffe baaedce6 af48a03b bfd25e8c d0364141".replace(" ", ""), - 16 - ) - override val h = "1" - override val hash = "hash.sha256" - - // Precomputed endomorphism - override val beta = BN( - "7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee", - 16 - ) - override val lambda = BN( - "5363ad4cc05c30e0a5261c028812645a122e22ea20816678df02967c1b23bd72", - 16 - ) - - override val basis = listOf( - Basis( - a = BN("3086d221a7d46bcde86c90e49284eb15", 16), - b = BN("-e4437ed6010e88286f547fa90abfe4c3", 16) - ), - Basis( - a = BN("114ca50f7a8e2f3f657c1108d9d44cfd8", 16), - b = BN("3086d221a7d46bcde86c90e49284eb15", 16) - ) - ) - - - const val precomputed = - """ - { - "doubles": { - "step": 4, - "points": [ - [ - "e60fce93b59e9ec53011aabc21c23e97b2a31369b87a5ae9c44ee89e2a6dec0a", - "f7e3507399e595929db99f34f57937101296891e44d23f0be1f32cce69616821" - ], - [ - "8282263212c609d9ea2a6e3e172de238d8c39cabd5ac1ca10646e23fd5f51508", - "11f8a8098557dfe45e8256e830b60ace62d613ac2f7b17bed31b6eaff6e26caf" - ], - [ - "175e159f728b865a72f99cc6c6fc846de0b93833fd2222ed73fce5b551e5b739", - "d3506e0d9e3c79eba4ef97a51ff71f5eacb5955add24345c6efa6ffee9fed695" - ], - [ - "363d90d447b00c9c99ceac05b6262ee053441c7e55552ffe526bad8f83ff4640", - "4e273adfc732221953b445397f3363145b9a89008199ecb62003c7f3bee9de9" - ], - [ - "8b4b5f165df3c2be8c6244b5b745638843e4a781a15bcd1b69f79a55dffdf80c", - "4aad0a6f68d308b4b3fbd7813ab0da04f9e336546162ee56b3eff0c65fd4fd36" - ], - [ - "723cbaa6e5db996d6bf771c00bd548c7b700dbffa6c0e77bcb6115925232fcda", - "96e867b5595cc498a921137488824d6e2660a0653779494801dc069d9eb39f5f" - ], - [ - "eebfa4d493bebf98ba5feec812c2d3b50947961237a919839a533eca0e7dd7fa", - "5d9a8ca3970ef0f269ee7edaf178089d9ae4cdc3a711f712ddfd4fdae1de8999" - ], - [ - "100f44da696e71672791d0a09b7bde459f1215a29b3c03bfefd7835b39a48db0", - "cdd9e13192a00b772ec8f3300c090666b7ff4a18ff5195ac0fbd5cd62bc65a09" - ], - [ - "e1031be262c7ed1b1dc9227a4a04c017a77f8d4464f3b3852c8acde6e534fd2d", - "9d7061928940405e6bb6a4176597535af292dd419e1ced79a44f18f29456a00d" - ], - [ - "feea6cae46d55b530ac2839f143bd7ec5cf8b266a41d6af52d5e688d9094696d", - "e57c6b6c97dce1bab06e4e12bf3ecd5c981c8957cc41442d3155debf18090088" - ], - [ - "da67a91d91049cdcb367be4be6ffca3cfeed657d808583de33fa978bc1ec6cb1", - "9bacaa35481642bc41f463f7ec9780e5dec7adc508f740a17e9ea8e27a68be1d" - ], - [ - "53904faa0b334cdda6e000935ef22151ec08d0f7bb11069f57545ccc1a37b7c0", - "5bc087d0bc80106d88c9eccac20d3c1c13999981e14434699dcb096b022771c8" - ], - [ - "8e7bcd0bd35983a7719cca7764ca906779b53a043a9b8bcaeff959f43ad86047", - "10b7770b2a3da4b3940310420ca9514579e88e2e47fd68b3ea10047e8460372a" - ], - [ - "385eed34c1cdff21e6d0818689b81bde71a7f4f18397e6690a841e1599c43862", - "283bebc3e8ea23f56701de19e9ebf4576b304eec2086dc8cc0458fe5542e5453" - ], - [ - "6f9d9b803ecf191637c73a4413dfa180fddf84a5947fbc9c606ed86c3fac3a7", - "7c80c68e603059ba69b8e2a30e45c4d47ea4dd2f5c281002d86890603a842160" - ], - [ - "3322d401243c4e2582a2147c104d6ecbf774d163db0f5e5313b7e0e742d0e6bd", - "56e70797e9664ef5bfb019bc4ddaf9b72805f63ea2873af624f3a2e96c28b2a0" - ], - [ - "85672c7d2de0b7da2bd1770d89665868741b3f9af7643397721d74d28134ab83", - "7c481b9b5b43b2eb6374049bfa62c2e5e77f17fcc5298f44c8e3094f790313a6" - ], - [ - "948bf809b1988a46b06c9f1919413b10f9226c60f668832ffd959af60c82a0a", - "53a562856dcb6646dc6b74c5d1c3418c6d4dff08c97cd2bed4cb7f88d8c8e589" - ], - [ - "6260ce7f461801c34f067ce0f02873a8f1b0e44dfc69752accecd819f38fd8e8", - "bc2da82b6fa5b571a7f09049776a1ef7ecd292238051c198c1a84e95b2b4ae17" - ], - [ - "e5037de0afc1d8d43d8348414bbf4103043ec8f575bfdc432953cc8d2037fa2d", - "4571534baa94d3b5f9f98d09fb990bddbd5f5b03ec481f10e0e5dc841d755bda" - ], - [ - "e06372b0f4a207adf5ea905e8f1771b4e7e8dbd1c6a6c5b725866a0ae4fce725", - "7a908974bce18cfe12a27bb2ad5a488cd7484a7787104870b27034f94eee31dd" - ], - [ - "213c7a715cd5d45358d0bbf9dc0ce02204b10bdde2a3f58540ad6908d0559754", - "4b6dad0b5ae462507013ad06245ba190bb4850f5f36a7eeddff2c27534b458f2" - ], - [ - "4e7c272a7af4b34e8dbb9352a5419a87e2838c70adc62cddf0cc3a3b08fbd53c", - "17749c766c9d0b18e16fd09f6def681b530b9614bff7dd33e0b3941817dcaae6" - ], - [ - "fea74e3dbe778b1b10f238ad61686aa5c76e3db2be43057632427e2840fb27b6", - "6e0568db9b0b13297cf674deccb6af93126b596b973f7b77701d3db7f23cb96f" - ], - [ - "76e64113f677cf0e10a2570d599968d31544e179b760432952c02a4417bdde39", - "c90ddf8dee4e95cf577066d70681f0d35e2a33d2b56d2032b4b1752d1901ac01" - ], - [ - "c738c56b03b2abe1e8281baa743f8f9a8f7cc643df26cbee3ab150242bcbb891", - "893fb578951ad2537f718f2eacbfbbbb82314eef7880cfe917e735d9699a84c3" - ], - [ - "d895626548b65b81e264c7637c972877d1d72e5f3a925014372e9f6588f6c14b", - "febfaa38f2bc7eae728ec60818c340eb03428d632bb067e179363ed75d7d991f" - ], - [ - "b8da94032a957518eb0f6433571e8761ceffc73693e84edd49150a564f676e03", - "2804dfa44805a1e4d7c99cc9762808b092cc584d95ff3b511488e4e74efdf6e7" - ], - [ - "e80fea14441fb33a7d8adab9475d7fab2019effb5156a792f1a11778e3c0df5d", - "eed1de7f638e00771e89768ca3ca94472d155e80af322ea9fcb4291b6ac9ec78" - ], - [ - "a301697bdfcd704313ba48e51d567543f2a182031efd6915ddc07bbcc4e16070", - "7370f91cfb67e4f5081809fa25d40f9b1735dbf7c0a11a130c0d1a041e177ea1" - ], - [ - "90ad85b389d6b936463f9d0512678de208cc330b11307fffab7ac63e3fb04ed4", - "e507a3620a38261affdcbd9427222b839aefabe1582894d991d4d48cb6ef150" - ], - [ - "8f68b9d2f63b5f339239c1ad981f162ee88c5678723ea3351b7b444c9ec4c0da", - "662a9f2dba063986de1d90c2b6be215dbbea2cfe95510bfdf23cbf79501fff82" - ], - [ - "e4f3fb0176af85d65ff99ff9198c36091f48e86503681e3e6686fd5053231e11", - "1e63633ad0ef4f1c1661a6d0ea02b7286cc7e74ec951d1c9822c38576feb73bc" - ], - [ - "8c00fa9b18ebf331eb961537a45a4266c7034f2f0d4e1d0716fb6eae20eae29e", - "efa47267fea521a1a9dc343a3736c974c2fadafa81e36c54e7d2a4c66702414b" - ], - [ - "e7a26ce69dd4829f3e10cec0a9e98ed3143d084f308b92c0997fddfc60cb3e41", - "2a758e300fa7984b471b006a1aafbb18d0a6b2c0420e83e20e8a9421cf2cfd51" - ], - [ - "b6459e0ee3662ec8d23540c223bcbdc571cbcb967d79424f3cf29eb3de6b80ef", - "67c876d06f3e06de1dadf16e5661db3c4b3ae6d48e35b2ff30bf0b61a71ba45" - ], - [ - "d68a80c8280bb840793234aa118f06231d6f1fc67e73c5a5deda0f5b496943e8", - "db8ba9fff4b586d00c4b1f9177b0e28b5b0e7b8f7845295a294c84266b133120" - ], - [ - "324aed7df65c804252dc0270907a30b09612aeb973449cea4095980fc28d3d5d", - "648a365774b61f2ff130c0c35aec1f4f19213b0c7e332843967224af96ab7c84" - ], - [ - "4df9c14919cde61f6d51dfdbe5fee5dceec4143ba8d1ca888e8bd373fd054c96", - "35ec51092d8728050974c23a1d85d4b5d506cdc288490192ebac06cad10d5d" - ], - [ - "9c3919a84a474870faed8a9c1cc66021523489054d7f0308cbfc99c8ac1f98cd", - "ddb84f0f4a4ddd57584f044bf260e641905326f76c64c8e6be7e5e03d4fc599d" - ], - [ - "6057170b1dd12fdf8de05f281d8e06bb91e1493a8b91d4cc5a21382120a959e5", - "9a1af0b26a6a4807add9a2daf71df262465152bc3ee24c65e899be932385a2a8" - ], - [ - "a576df8e23a08411421439a4518da31880cef0fba7d4df12b1a6973eecb94266", - "40a6bf20e76640b2c92b97afe58cd82c432e10a7f514d9f3ee8be11ae1b28ec8" - ], - [ - "7778a78c28dec3e30a05fe9629de8c38bb30d1f5cf9a3a208f763889be58ad71", - "34626d9ab5a5b22ff7098e12f2ff580087b38411ff24ac563b513fc1fd9f43ac" - ], - [ - "928955ee637a84463729fd30e7afd2ed5f96274e5ad7e5cb09eda9c06d903ac", - "c25621003d3f42a827b78a13093a95eeac3d26efa8a8d83fc5180e935bcd091f" - ], - [ - "85d0fef3ec6db109399064f3a0e3b2855645b4a907ad354527aae75163d82751", - "1f03648413a38c0be29d496e582cf5663e8751e96877331582c237a24eb1f962" - ], - [ - "ff2b0dce97eece97c1c9b6041798b85dfdfb6d8882da20308f5404824526087e", - "493d13fef524ba188af4c4dc54d07936c7b7ed6fb90e2ceb2c951e01f0c29907" - ], - [ - "827fbbe4b1e880ea9ed2b2e6301b212b57f1ee148cd6dd28780e5e2cf856e241", - "c60f9c923c727b0b71bef2c67d1d12687ff7a63186903166d605b68baec293ec" - ], - [ - "eaa649f21f51bdbae7be4ae34ce6e5217a58fdce7f47f9aa7f3b58fa2120e2b3", - "be3279ed5bbbb03ac69a80f89879aa5a01a6b965f13f7e59d47a5305ba5ad93d" - ], - [ - "e4a42d43c5cf169d9391df6decf42ee541b6d8f0c9a137401e23632dda34d24f", - "4d9f92e716d1c73526fc99ccfb8ad34ce886eedfa8d8e4f13a7f7131deba9414" - ], - [ - "1ec80fef360cbdd954160fadab352b6b92b53576a88fea4947173b9d4300bf19", - "aeefe93756b5340d2f3a4958a7abbf5e0146e77f6295a07b671cdc1cc107cefd" - ], - [ - "146a778c04670c2f91b00af4680dfa8bce3490717d58ba889ddb5928366642be", - "b318e0ec3354028add669827f9d4b2870aaa971d2f7e5ed1d0b297483d83efd0" - ], - [ - "fa50c0f61d22e5f07e3acebb1aa07b128d0012209a28b9776d76a8793180eef9", - "6b84c6922397eba9b72cd2872281a68a5e683293a57a213b38cd8d7d3f4f2811" - ], - [ - "da1d61d0ca721a11b1a5bf6b7d88e8421a288ab5d5bba5220e53d32b5f067ec2", - "8157f55a7c99306c79c0766161c91e2966a73899d279b48a655fba0f1ad836f1" - ], - [ - "a8e282ff0c9706907215ff98e8fd416615311de0446f1e062a73b0610d064e13", - "7f97355b8db81c09abfb7f3c5b2515888b679a3e50dd6bd6cef7c73111f4cc0c" - ], - [ - "174a53b9c9a285872d39e56e6913cab15d59b1fa512508c022f382de8319497c", - "ccc9dc37abfc9c1657b4155f2c47f9e6646b3a1d8cb9854383da13ac079afa73" - ], - [ - "959396981943785c3d3e57edf5018cdbe039e730e4918b3d884fdff09475b7ba", - "2e7e552888c331dd8ba0386a4b9cd6849c653f64c8709385e9b8abf87524f2fd" - ], - [ - "d2a63a50ae401e56d645a1153b109a8fcca0a43d561fba2dbb51340c9d82b151", - "e82d86fb6443fcb7565aee58b2948220a70f750af484ca52d4142174dcf89405" - ], - [ - "64587e2335471eb890ee7896d7cfdc866bacbdbd3839317b3436f9b45617e073", - "d99fcdd5bf6902e2ae96dd6447c299a185b90a39133aeab358299e5e9faf6589" - ], - [ - "8481bde0e4e4d885b3a546d3e549de042f0aa6cea250e7fd358d6c86dd45e458", - "38ee7b8cba5404dd84a25bf39cecb2ca900a79c42b262e556d64b1b59779057e" - ], - [ - "13464a57a78102aa62b6979ae817f4637ffcfed3c4b1ce30bcd6303f6caf666b", - "69be159004614580ef7e433453ccb0ca48f300a81d0942e13f495a907f6ecc27" - ], - [ - "bc4a9df5b713fe2e9aef430bcc1dc97a0cd9ccede2f28588cada3a0d2d83f366", - "d3a81ca6e785c06383937adf4b798caa6e8a9fbfa547b16d758d666581f33c1" - ], - [ - "8c28a97bf8298bc0d23d8c749452a32e694b65e30a9472a3954ab30fe5324caa", - "40a30463a3305193378fedf31f7cc0eb7ae784f0451cb9459e71dc73cbef9482" - ], - [ - "8ea9666139527a8c1dd94ce4f071fd23c8b350c5a4bb33748c4ba111faccae0", - "620efabbc8ee2782e24e7c0cfb95c5d735b783be9cf0f8e955af34a30e62b945" - ], - [ - "dd3625faef5ba06074669716bbd3788d89bdde815959968092f76cc4eb9a9787", - "7a188fa3520e30d461da2501045731ca941461982883395937f68d00c644a573" - ], - [ - "f710d79d9eb962297e4f6232b40e8f7feb2bc63814614d692c12de752408221e", - "ea98e67232d3b3295d3b535532115ccac8612c721851617526ae47a9c77bfc82" - ] - ] - }, - "naf": { - "wnd": 7, - "points": [ - [ - "f9308a019258c31049344f85f89d5229b531c845836f99b08601f113bce036f9", - "388f7b0f632de8140fe337e62a37f3566500a99934c2231b6cb9fd7584b8e672" - ], - [ - "2f8bde4d1a07209355b4a7250a5c5128e88b84bddc619ab7cba8d569b240efe4", - "d8ac222636e5e3d6d4dba9dda6c9c426f788271bab0d6840dca87d3aa6ac62d6" - ], - [ - "5cbdf0646e5db4eaa398f365f2ea7a0e3d419b7e0330e39ce92bddedcac4f9bc", - "6aebca40ba255960a3178d6d861a54dba813d0b813fde7b5a5082628087264da" - ], - [ - "acd484e2f0c7f65309ad178a9f559abde09796974c57e714c35f110dfc27ccbe", - "cc338921b0a7d9fd64380971763b61e9add888a4375f8e0f05cc262ac64f9c37" - ], - [ - "774ae7f858a9411e5ef4246b70c65aac5649980be5c17891bbec17895da008cb", - "d984a032eb6b5e190243dd56d7b7b365372db1e2dff9d6a8301d74c9c953c61b" - ], - [ - "f28773c2d975288bc7d1d205c3748651b075fbc6610e58cddeeddf8f19405aa8", - "ab0902e8d880a89758212eb65cdaf473a1a06da521fa91f29b5cb52db03ed81" - ], - [ - "d7924d4f7d43ea965a465ae3095ff41131e5946f3c85f79e44adbcf8e27e080e", - "581e2872a86c72a683842ec228cc6defea40af2bd896d3a5c504dc9ff6a26b58" - ], - [ - "defdea4cdb677750a420fee807eacf21eb9898ae79b9768766e4faa04a2d4a34", - "4211ab0694635168e997b0ead2a93daeced1f4a04a95c0f6cfb199f69e56eb77" - ], - [ - "2b4ea0a797a443d293ef5cff444f4979f06acfebd7e86d277475656138385b6c", - "85e89bc037945d93b343083b5a1c86131a01f60c50269763b570c854e5c09b7a" - ], - [ - "352bbf4a4cdd12564f93fa332ce333301d9ad40271f8107181340aef25be59d5", - "321eb4075348f534d59c18259dda3e1f4a1b3b2e71b1039c67bd3d8bcf81998c" - ], - [ - "2fa2104d6b38d11b0230010559879124e42ab8dfeff5ff29dc9cdadd4ecacc3f", - "2de1068295dd865b64569335bd5dd80181d70ecfc882648423ba76b532b7d67" - ], - [ - "9248279b09b4d68dab21a9b066edda83263c3d84e09572e269ca0cd7f5453714", - "73016f7bf234aade5d1aa71bdea2b1ff3fc0de2a887912ffe54a32ce97cb3402" - ], - [ - "daed4f2be3a8bf278e70132fb0beb7522f570e144bf615c07e996d443dee8729", - "a69dce4a7d6c98e8d4a1aca87ef8d7003f83c230f3afa726ab40e52290be1c55" - ], - [ - "c44d12c7065d812e8acf28d7cbb19f9011ecd9e9fdf281b0e6a3b5e87d22e7db", - "2119a460ce326cdc76c45926c982fdac0e106e861edf61c5a039063f0e0e6482" - ], - [ - "6a245bf6dc698504c89a20cfded60853152b695336c28063b61c65cbd269e6b4", - "e022cf42c2bd4a708b3f5126f16a24ad8b33ba48d0423b6efd5e6348100d8a82" - ], - [ - "1697ffa6fd9de627c077e3d2fe541084ce13300b0bec1146f95ae57f0d0bd6a5", - "b9c398f186806f5d27561506e4557433a2cf15009e498ae7adee9d63d01b2396" - ], - [ - "605bdb019981718b986d0f07e834cb0d9deb8360ffb7f61df982345ef27a7479", - "2972d2de4f8d20681a78d93ec96fe23c26bfae84fb14db43b01e1e9056b8c49" - ], - [ - "62d14dab4150bf497402fdc45a215e10dcb01c354959b10cfe31c7e9d87ff33d", - "80fc06bd8cc5b01098088a1950eed0db01aa132967ab472235f5642483b25eaf" - ], - [ - "80c60ad0040f27dade5b4b06c408e56b2c50e9f56b9b8b425e555c2f86308b6f", - "1c38303f1cc5c30f26e66bad7fe72f70a65eed4cbe7024eb1aa01f56430bd57a" - ], - [ - "7a9375ad6167ad54aa74c6348cc54d344cc5dc9487d847049d5eabb0fa03c8fb", - "d0e3fa9eca8726909559e0d79269046bdc59ea10c70ce2b02d499ec224dc7f7" - ], - [ - "d528ecd9b696b54c907a9ed045447a79bb408ec39b68df504bb51f459bc3ffc9", - "eecf41253136e5f99966f21881fd656ebc4345405c520dbc063465b521409933" - ], - [ - "49370a4b5f43412ea25f514e8ecdad05266115e4a7ecb1387231808f8b45963", - "758f3f41afd6ed428b3081b0512fd62a54c3f3afbb5b6764b653052a12949c9a" - ], - [ - "77f230936ee88cbbd73df930d64702ef881d811e0e1498e2f1c13eb1fc345d74", - "958ef42a7886b6400a08266e9ba1b37896c95330d97077cbbe8eb3c7671c60d6" - ], - [ - "f2dac991cc4ce4b9ea44887e5c7c0bce58c80074ab9d4dbaeb28531b7739f530", - "e0dedc9b3b2f8dad4da1f32dec2531df9eb5fbeb0598e4fd1a117dba703a3c37" - ], - [ - "463b3d9f662621fb1b4be8fbbe2520125a216cdfc9dae3debcba4850c690d45b", - "5ed430d78c296c3543114306dd8622d7c622e27c970a1de31cb377b01af7307e" - ], - [ - "f16f804244e46e2a09232d4aff3b59976b98fac14328a2d1a32496b49998f247", - "cedabd9b82203f7e13d206fcdf4e33d92a6c53c26e5cce26d6579962c4e31df6" - ], - [ - "caf754272dc84563b0352b7a14311af55d245315ace27c65369e15f7151d41d1", - "cb474660ef35f5f2a41b643fa5e460575f4fa9b7962232a5c32f908318a04476" - ], - [ - "2600ca4b282cb986f85d0f1709979d8b44a09c07cb86d7c124497bc86f082120", - "4119b88753c15bd6a693b03fcddbb45d5ac6be74ab5f0ef44b0be9475a7e4b40" - ], - [ - "7635ca72d7e8432c338ec53cd12220bc01c48685e24f7dc8c602a7746998e435", - "91b649609489d613d1d5e590f78e6d74ecfc061d57048bad9e76f302c5b9c61" - ], - [ - "754e3239f325570cdbbf4a87deee8a66b7f2b33479d468fbc1a50743bf56cc18", - "673fb86e5bda30fb3cd0ed304ea49a023ee33d0197a695d0c5d98093c536683" - ], - [ - "e3e6bd1071a1e96aff57859c82d570f0330800661d1c952f9fe2694691d9b9e8", - "59c9e0bba394e76f40c0aa58379a3cb6a5a2283993e90c4167002af4920e37f5" - ], - [ - "186b483d056a033826ae73d88f732985c4ccb1f32ba35f4b4cc47fdcf04aa6eb", - "3b952d32c67cf77e2e17446e204180ab21fb8090895138b4a4a797f86e80888b" - ], - [ - "df9d70a6b9876ce544c98561f4be4f725442e6d2b737d9c91a8321724ce0963f", - "55eb2dafd84d6ccd5f862b785dc39d4ab157222720ef9da217b8c45cf2ba2417" - ], - [ - "5edd5cc23c51e87a497ca815d5dce0f8ab52554f849ed8995de64c5f34ce7143", - "efae9c8dbc14130661e8cec030c89ad0c13c66c0d17a2905cdc706ab7399a868" - ], - [ - "290798c2b6476830da12fe02287e9e777aa3fba1c355b17a722d362f84614fba", - "e38da76dcd440621988d00bcf79af25d5b29c094db2a23146d003afd41943e7a" - ], - [ - "af3c423a95d9f5b3054754efa150ac39cd29552fe360257362dfdecef4053b45", - "f98a3fd831eb2b749a93b0e6f35cfb40c8cd5aa667a15581bc2feded498fd9c6" - ], - [ - "766dbb24d134e745cccaa28c99bf274906bb66b26dcf98df8d2fed50d884249a", - "744b1152eacbe5e38dcc887980da38b897584a65fa06cedd2c924f97cbac5996" - ], - [ - "59dbf46f8c94759ba21277c33784f41645f7b44f6c596a58ce92e666191abe3e", - "c534ad44175fbc300f4ea6ce648309a042ce739a7919798cd85e216c4a307f6e" - ], - [ - "f13ada95103c4537305e691e74e9a4a8dd647e711a95e73cb62dc6018cfd87b8", - "e13817b44ee14de663bf4bc808341f326949e21a6a75c2570778419bdaf5733d" - ], - [ - "7754b4fa0e8aced06d4167a2c59cca4cda1869c06ebadfb6488550015a88522c", - "30e93e864e669d82224b967c3020b8fa8d1e4e350b6cbcc537a48b57841163a2" - ], - [ - "948dcadf5990e048aa3874d46abef9d701858f95de8041d2a6828c99e2262519", - "e491a42537f6e597d5d28a3224b1bc25df9154efbd2ef1d2cbba2cae5347d57e" - ], - [ - "7962414450c76c1689c7b48f8202ec37fb224cf5ac0bfa1570328a8a3d7c77ab", - "100b610ec4ffb4760d5c1fc133ef6f6b12507a051f04ac5760afa5b29db83437" - ], - [ - "3514087834964b54b15b160644d915485a16977225b8847bb0dd085137ec47ca", - "ef0afbb2056205448e1652c48e8127fc6039e77c15c2378b7e7d15a0de293311" - ], - [ - "d3cc30ad6b483e4bc79ce2c9dd8bc54993e947eb8df787b442943d3f7b527eaf", - "8b378a22d827278d89c5e9be8f9508ae3c2ad46290358630afb34db04eede0a4" - ], - [ - "1624d84780732860ce1c78fcbfefe08b2b29823db913f6493975ba0ff4847610", - "68651cf9b6da903e0914448c6cd9d4ca896878f5282be4c8cc06e2a404078575" - ], - [ - "733ce80da955a8a26902c95633e62a985192474b5af207da6df7b4fd5fc61cd4", - "f5435a2bd2badf7d485a4d8b8db9fcce3e1ef8e0201e4578c54673bc1dc5ea1d" - ], - [ - "15d9441254945064cf1a1c33bbd3b49f8966c5092171e699ef258dfab81c045c", - "d56eb30b69463e7234f5137b73b84177434800bacebfc685fc37bbe9efe4070d" - ], - [ - "a1d0fcf2ec9de675b612136e5ce70d271c21417c9d2b8aaaac138599d0717940", - "edd77f50bcb5a3cab2e90737309667f2641462a54070f3d519212d39c197a629" - ], - [ - "e22fbe15c0af8ccc5780c0735f84dbe9a790badee8245c06c7ca37331cb36980", - "a855babad5cd60c88b430a69f53a1a7a38289154964799be43d06d77d31da06" - ], - [ - "311091dd9860e8e20ee13473c1155f5f69635e394704eaa74009452246cfa9b3", - "66db656f87d1f04fffd1f04788c06830871ec5a64feee685bd80f0b1286d8374" - ], - [ - "34c1fd04d301be89b31c0442d3e6ac24883928b45a9340781867d4232ec2dbdf", - "9414685e97b1b5954bd46f730174136d57f1ceeb487443dc5321857ba73abee" - ], - [ - "f219ea5d6b54701c1c14de5b557eb42a8d13f3abbcd08affcc2a5e6b049b8d63", - "4cb95957e83d40b0f73af4544cccf6b1f4b08d3c07b27fb8d8c2962a400766d1" - ], - [ - "d7b8740f74a8fbaab1f683db8f45de26543a5490bca627087236912469a0b448", - "fa77968128d9c92ee1010f337ad4717eff15db5ed3c049b3411e0315eaa4593b" - ], - [ - "32d31c222f8f6f0ef86f7c98d3a3335ead5bcd32abdd94289fe4d3091aa824bf", - "5f3032f5892156e39ccd3d7915b9e1da2e6dac9e6f26e961118d14b8462e1661" - ], - [ - "7461f371914ab32671045a155d9831ea8793d77cd59592c4340f86cbc18347b5", - "8ec0ba238b96bec0cbdddcae0aa442542eee1ff50c986ea6b39847b3cc092ff6" - ], - [ - "ee079adb1df1860074356a25aa38206a6d716b2c3e67453d287698bad7b2b2d6", - "8dc2412aafe3be5c4c5f37e0ecc5f9f6a446989af04c4e25ebaac479ec1c8c1e" - ], - [ - "16ec93e447ec83f0467b18302ee620f7e65de331874c9dc72bfd8616ba9da6b5", - "5e4631150e62fb40d0e8c2a7ca5804a39d58186a50e497139626778e25b0674d" - ], - [ - "eaa5f980c245f6f038978290afa70b6bd8855897f98b6aa485b96065d537bd99", - "f65f5d3e292c2e0819a528391c994624d784869d7e6ea67fb18041024edc07dc" - ], - [ - "78c9407544ac132692ee1910a02439958ae04877151342ea96c4b6b35a49f51", - "f3e0319169eb9b85d5404795539a5e68fa1fbd583c064d2462b675f194a3ddb4" - ], - [ - "494f4be219a1a77016dcd838431aea0001cdc8ae7a6fc688726578d9702857a5", - "42242a969283a5f339ba7f075e36ba2af925ce30d767ed6e55f4b031880d562c" - ], - [ - "a598a8030da6d86c6bc7f2f5144ea549d28211ea58faa70ebf4c1e665c1fe9b5", - "204b5d6f84822c307e4b4a7140737aec23fc63b65b35f86a10026dbd2d864e6b" - ], - [ - "c41916365abb2b5d09192f5f2dbeafec208f020f12570a184dbadc3e58595997", - "4f14351d0087efa49d245b328984989d5caf9450f34bfc0ed16e96b58fa9913" - ], - [ - "841d6063a586fa475a724604da03bc5b92a2e0d2e0a36acfe4c73a5514742881", - "73867f59c0659e81904f9a1c7543698e62562d6744c169ce7a36de01a8d6154" - ], - [ - "5e95bb399a6971d376026947f89bde2f282b33810928be4ded112ac4d70e20d5", - "39f23f366809085beebfc71181313775a99c9aed7d8ba38b161384c746012865" - ], - [ - "36e4641a53948fd476c39f8a99fd974e5ec07564b5315d8bf99471bca0ef2f66", - "d2424b1b1abe4eb8164227b085c9aa9456ea13493fd563e06fd51cf5694c78fc" - ], - [ - "336581ea7bfbbb290c191a2f507a41cf5643842170e914faeab27c2c579f726", - "ead12168595fe1be99252129b6e56b3391f7ab1410cd1e0ef3dcdcabd2fda224" - ], - [ - "8ab89816dadfd6b6a1f2634fcf00ec8403781025ed6890c4849742706bd43ede", - "6fdcef09f2f6d0a044e654aef624136f503d459c3e89845858a47a9129cdd24e" - ], - [ - "1e33f1a746c9c5778133344d9299fcaa20b0938e8acff2544bb40284b8c5fb94", - "60660257dd11b3aa9c8ed618d24edff2306d320f1d03010e33a7d2057f3b3b6" - ], - [ - "85b7c1dcb3cec1b7ee7f30ded79dd20a0ed1f4cc18cbcfcfa410361fd8f08f31", - "3d98a9cdd026dd43f39048f25a8847f4fcafad1895d7a633c6fed3c35e999511" - ], - [ - "29df9fbd8d9e46509275f4b125d6d45d7fbe9a3b878a7af872a2800661ac5f51", - "b4c4fe99c775a606e2d8862179139ffda61dc861c019e55cd2876eb2a27d84b" - ], - [ - "a0b1cae06b0a847a3fea6e671aaf8adfdfe58ca2f768105c8082b2e449fce252", - "ae434102edde0958ec4b19d917a6a28e6b72da1834aff0e650f049503a296cf2" - ], - [ - "4e8ceafb9b3e9a136dc7ff67e840295b499dfb3b2133e4ba113f2e4c0e121e5", - "cf2174118c8b6d7a4b48f6d534ce5c79422c086a63460502b827ce62a326683c" - ], - [ - "d24a44e047e19b6f5afb81c7ca2f69080a5076689a010919f42725c2b789a33b", - "6fb8d5591b466f8fc63db50f1c0f1c69013f996887b8244d2cdec417afea8fa3" - ], - [ - "ea01606a7a6c9cdd249fdfcfacb99584001edd28abbab77b5104e98e8e3b35d4", - "322af4908c7312b0cfbfe369f7a7b3cdb7d4494bc2823700cfd652188a3ea98d" - ], - [ - "af8addbf2b661c8a6c6328655eb96651252007d8c5ea31be4ad196de8ce2131f", - "6749e67c029b85f52a034eafd096836b2520818680e26ac8f3dfbcdb71749700" - ], - [ - "e3ae1974566ca06cc516d47e0fb165a674a3dabcfca15e722f0e3450f45889", - "2aeabe7e4531510116217f07bf4d07300de97e4874f81f533420a72eeb0bd6a4" - ], - [ - "591ee355313d99721cf6993ffed1e3e301993ff3ed258802075ea8ced397e246", - "b0ea558a113c30bea60fc4775460c7901ff0b053d25ca2bdeee98f1a4be5d196" - ], - [ - "11396d55fda54c49f19aa97318d8da61fa8584e47b084945077cf03255b52984", - "998c74a8cd45ac01289d5833a7beb4744ff536b01b257be4c5767bea93ea57a4" - ], - [ - "3c5d2a1ba39c5a1790000738c9e0c40b8dcdfd5468754b6405540157e017aa7a", - "b2284279995a34e2f9d4de7396fc18b80f9b8b9fdd270f6661f79ca4c81bd257" - ], - [ - "cc8704b8a60a0defa3a99a7299f2e9c3fbc395afb04ac078425ef8a1793cc030", - "bdd46039feed17881d1e0862db347f8cf395b74fc4bcdc4e940b74e3ac1f1b13" - ], - [ - "c533e4f7ea8555aacd9777ac5cad29b97dd4defccc53ee7ea204119b2889b197", - "6f0a256bc5efdf429a2fb6242f1a43a2d9b925bb4a4b3a26bb8e0f45eb596096" - ], - [ - "c14f8f2ccb27d6f109f6d08d03cc96a69ba8c34eec07bbcf566d48e33da6593", - "c359d6923bb398f7fd4473e16fe1c28475b740dd098075e6c0e8649113dc3a38" - ], - [ - "a6cbc3046bc6a450bac24789fa17115a4c9739ed75f8f21ce441f72e0b90e6ef", - "21ae7f4680e889bb130619e2c0f95a360ceb573c70603139862afd617fa9b9f" - ], - [ - "347d6d9a02c48927ebfb86c1359b1caf130a3c0267d11ce6344b39f99d43cc38", - "60ea7f61a353524d1c987f6ecec92f086d565ab687870cb12689ff1e31c74448" - ], - [ - "da6545d2181db8d983f7dcb375ef5866d47c67b1bf31c8cf855ef7437b72656a", - "49b96715ab6878a79e78f07ce5680c5d6673051b4935bd897fea824b77dc208a" - ], - [ - "c40747cc9d012cb1a13b8148309c6de7ec25d6945d657146b9d5994b8feb1111", - "5ca560753be2a12fc6de6caf2cb489565db936156b9514e1bb5e83037e0fa2d4" - ], - [ - "4e42c8ec82c99798ccf3a610be870e78338c7f713348bd34c8203ef4037f3502", - "7571d74ee5e0fb92a7a8b33a07783341a5492144cc54bcc40a94473693606437" - ], - [ - "3775ab7089bc6af823aba2e1af70b236d251cadb0c86743287522a1b3b0dedea", - "be52d107bcfa09d8bcb9736a828cfa7fac8db17bf7a76a2c42ad961409018cf7" - ], - [ - "cee31cbf7e34ec379d94fb814d3d775ad954595d1314ba8846959e3e82f74e26", - "8fd64a14c06b589c26b947ae2bcf6bfa0149ef0be14ed4d80f448a01c43b1c6d" - ], - [ - "b4f9eaea09b6917619f6ea6a4eb5464efddb58fd45b1ebefcdc1a01d08b47986", - "39e5c9925b5a54b07433a4f18c61726f8bb131c012ca542eb24a8ac07200682a" - ], - [ - "d4263dfc3d2df923a0179a48966d30ce84e2515afc3dccc1b77907792ebcc60e", - "62dfaf07a0f78feb30e30d6295853ce189e127760ad6cf7fae164e122a208d54" - ], - [ - "48457524820fa65a4f8d35eb6930857c0032acc0a4a2de422233eeda897612c4", - "25a748ab367979d98733c38a1fa1c2e7dc6cc07db2d60a9ae7a76aaa49bd0f77" - ], - [ - "dfeeef1881101f2cb11644f3a2afdfc2045e19919152923f367a1767c11cceda", - "ecfb7056cf1de042f9420bab396793c0c390bde74b4bbdff16a83ae09a9a7517" - ], - [ - "6d7ef6b17543f8373c573f44e1f389835d89bcbc6062ced36c82df83b8fae859", - "cd450ec335438986dfefa10c57fea9bcc521a0959b2d80bbf74b190dca712d10" - ], - [ - "e75605d59102a5a2684500d3b991f2e3f3c88b93225547035af25af66e04541f", - "f5c54754a8f71ee540b9b48728473e314f729ac5308b06938360990e2bfad125" - ], - [ - "eb98660f4c4dfaa06a2be453d5020bc99a0c2e60abe388457dd43fefb1ed620c", - "6cb9a8876d9cb8520609af3add26cd20a0a7cd8a9411131ce85f44100099223e" - ], - [ - "13e87b027d8514d35939f2e6892b19922154596941888336dc3563e3b8dba942", - "fef5a3c68059a6dec5d624114bf1e91aac2b9da568d6abeb2570d55646b8adf1" - ], - [ - "ee163026e9fd6fe017c38f06a5be6fc125424b371ce2708e7bf4491691e5764a", - "1acb250f255dd61c43d94ccc670d0f58f49ae3fa15b96623e5430da0ad6c62b2" - ], - [ - "b268f5ef9ad51e4d78de3a750c2dc89b1e626d43505867999932e5db33af3d80", - "5f310d4b3c99b9ebb19f77d41c1dee018cf0d34fd4191614003e945a1216e423" - ], - [ - "ff07f3118a9df035e9fad85eb6c7bfe42b02f01ca99ceea3bf7ffdba93c4750d", - "438136d603e858a3a5c440c38eccbaddc1d2942114e2eddd4740d098ced1f0d8" - ], - [ - "8d8b9855c7c052a34146fd20ffb658bea4b9f69e0d825ebec16e8c3ce2b526a1", - "cdb559eedc2d79f926baf44fb84ea4d44bcf50fee51d7ceb30e2e7f463036758" - ], - [ - "52db0b5384dfbf05bfa9d472d7ae26dfe4b851ceca91b1eba54263180da32b63", - "c3b997d050ee5d423ebaf66a6db9f57b3180c902875679de924b69d84a7b375" - ], - [ - "e62f9490d3d51da6395efd24e80919cc7d0f29c3f3fa48c6fff543becbd43352", - "6d89ad7ba4876b0b22c2ca280c682862f342c8591f1daf5170e07bfd9ccafa7d" - ], - [ - "7f30ea2476b399b4957509c88f77d0191afa2ff5cb7b14fd6d8e7d65aaab1193", - "ca5ef7d4b231c94c3b15389a5f6311e9daff7bb67b103e9880ef4bff637acaec" - ], - [ - "5098ff1e1d9f14fb46a210fada6c903fef0fb7b4a1dd1d9ac60a0361800b7a00", - "9731141d81fc8f8084d37c6e7542006b3ee1b40d60dfe5362a5b132fd17ddc0" - ], - [ - "32b78c7de9ee512a72895be6b9cbefa6e2f3c4ccce445c96b9f2c81e2778ad58", - "ee1849f513df71e32efc3896ee28260c73bb80547ae2275ba497237794c8753c" - ], - [ - "e2cb74fddc8e9fbcd076eef2a7c72b0ce37d50f08269dfc074b581550547a4f7", - "d3aa2ed71c9dd2247a62df062736eb0baddea9e36122d2be8641abcb005cc4a4" - ], - [ - "8438447566d4d7bedadc299496ab357426009a35f235cb141be0d99cd10ae3a8", - "c4e1020916980a4da5d01ac5e6ad330734ef0d7906631c4f2390426b2edd791f" - ], - [ - "4162d488b89402039b584c6fc6c308870587d9c46f660b878ab65c82c711d67e", - "67163e903236289f776f22c25fb8a3afc1732f2b84b4e95dbda47ae5a0852649" - ], - [ - "3fad3fa84caf0f34f0f89bfd2dcf54fc175d767aec3e50684f3ba4a4bf5f683d", - "cd1bc7cb6cc407bb2f0ca647c718a730cf71872e7d0d2a53fa20efcdfe61826" - ], - [ - "674f2600a3007a00568c1a7ce05d0816c1fb84bf1370798f1c69532faeb1a86b", - "299d21f9413f33b3edf43b257004580b70db57da0b182259e09eecc69e0d38a5" - ], - [ - "d32f4da54ade74abb81b815ad1fb3b263d82d6c692714bcff87d29bd5ee9f08f", - "f9429e738b8e53b968e99016c059707782e14f4535359d582fc416910b3eea87" - ], - [ - "30e4e670435385556e593657135845d36fbb6931f72b08cb1ed954f1e3ce3ff6", - "462f9bce619898638499350113bbc9b10a878d35da70740dc695a559eb88db7b" - ], - [ - "be2062003c51cc3004682904330e4dee7f3dcd10b01e580bf1971b04d4cad297", - "62188bc49d61e5428573d48a74e1c655b1c61090905682a0d5558ed72dccb9bc" - ], - [ - "93144423ace3451ed29e0fb9ac2af211cb6e84a601df5993c419859fff5df04a", - "7c10dfb164c3425f5c71a3f9d7992038f1065224f72bb9d1d902a6d13037b47c" - ], - [ - "b015f8044f5fcbdcf21ca26d6c34fb8197829205c7b7d2a7cb66418c157b112c", - "ab8c1e086d04e813744a655b2df8d5f83b3cdc6faa3088c1d3aea1454e3a1d5f" - ], - [ - "d5e9e1da649d97d89e4868117a465a3a4f8a18de57a140d36b3f2af341a21b52", - "4cb04437f391ed73111a13cc1d4dd0db1693465c2240480d8955e8592f27447a" - ], - [ - "d3ae41047dd7ca065dbf8ed77b992439983005cd72e16d6f996a5316d36966bb", - "bd1aeb21ad22ebb22a10f0303417c6d964f8cdd7df0aca614b10dc14d125ac46" - ], - [ - "463e2763d885f958fc66cdd22800f0a487197d0a82e377b49f80af87c897b065", - "bfefacdb0e5d0fd7df3a311a94de062b26b80c61fbc97508b79992671ef7ca7f" - ], - [ - "7985fdfd127c0567c6f53ec1bb63ec3158e597c40bfe747c83cddfc910641917", - "603c12daf3d9862ef2b25fe1de289aed24ed291e0ec6708703a5bd567f32ed03" - ], - [ - "74a1ad6b5f76e39db2dd249410eac7f99e74c59cb83d2d0ed5ff1543da7703e9", - "cc6157ef18c9c63cd6193d83631bbea0093e0968942e8c33d5737fd790e0db08" - ], - [ - "30682a50703375f602d416664ba19b7fc9bab42c72747463a71d0896b22f6da3", - "553e04f6b018b4fa6c8f39e7f311d3176290d0e0f19ca73f17714d9977a22ff8" - ], - [ - "9e2158f0d7c0d5f26c3791efefa79597654e7a2b2464f52b1ee6c1347769ef57", - "712fcdd1b9053f09003a3481fa7762e9ffd7c8ef35a38509e2fbf2629008373" - ], - [ - "176e26989a43c9cfeba4029c202538c28172e566e3c4fce7322857f3be327d66", - "ed8cc9d04b29eb877d270b4878dc43c19aefd31f4eee09ee7b47834c1fa4b1c3" - ], - [ - "75d46efea3771e6e68abb89a13ad747ecf1892393dfc4f1b7004788c50374da8", - "9852390a99507679fd0b86fd2b39a868d7efc22151346e1a3ca4726586a6bed8" - ], - [ - "809a20c67d64900ffb698c4c825f6d5f2310fb0451c869345b7319f645605721", - "9e994980d9917e22b76b061927fa04143d096ccc54963e6a5ebfa5f3f8e286c1" - ], - [ - "1b38903a43f7f114ed4500b4eac7083fdefece1cf29c63528d563446f972c180", - "4036edc931a60ae889353f77fd53de4a2708b26b6f5da72ad3394119daf408f9" - ] - ] - } - } - """ - - override val g = - """ - [ - "79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798", - "483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8", - $precomputed - ] - """ - -} \ No newline at end of file diff --git a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/ec/EC.kt b/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/ec/EC.kt deleted file mode 100644 index 668dc30..0000000 --- a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/ec/EC.kt +++ /dev/null @@ -1,102 +0,0 @@ -package io.eqoty.secretk.crypto.elliptic.ec - -import com.ionspin.kotlin.crypto.util.LibsodiumRandom -import io.eqoty.secretk.crypto.elliptic.Curve -import io.eqoty.secretk.crypto.elliptic.ShortCurve -import io.eqoty.secretk.crypto.elliptic.biginteger.BN -import io.eqoty.secretk.crypto.elliptic.curves.Scep256k1Preset - -class EC(val curve: Curve) { - - val n = curve.n - val nh = n!!.shr(1) - val g = curve.g - - - fun keyFromPrivate(privkey: UByteArray, enc: String? = null): KeyPair = - KeyPair.fromPrivate(this, privkey, enc) - - fun keyFromPublic(pubkey: UByteArray, enc: String? = null): KeyPair = - KeyPair.fromPublic(this, pubkey, enc) - - fun sign(_msg: UByteArray, key: KeyPair, enc: String?, _options: KeyPairSignOptions?): Signature { - var options = _options ?: KeyPairSignOptions(k = null) - - val msg = this.truncateToN(BN(_msg)) - - // Zero-extend key to provide enough entropy - val bytes = this.n!!.byteLength() - var bkey = key.getPrivate()!! - - // Zero-extend nonce to have the same byte size as N - var nonce = msg - - // todo: use a HmacDRBG implementation -// // Instantiate Hmac_DRBG -// var drbg = new HmacDRBG({ -// hash: this.hash, -// entropy: bkey, -// nonce: nonce, -// pers: options.pers, -// persEnc: options.persEnc || 'utf8', -// }); - - // Number of bytes to generate - val ns1 = this.n.subtract(BN(1)) - var iter = -1 - while (true) { - iter++ - var k: BN = if (options.k != null) { - TODO() /* options.k(iter) */ - } else { - BN(LibsodiumRandom.buf(this.n.byteLength())) - } - k = this.truncateToN(k, true) - if (k <= 1 || k >= ns1) - continue - - val kp = this.g!!.mul(k) - if (kp.isInfinity()) - continue - - val kpX = kp.x!! - val r = kpX.mod(this.n) - if (r.compareTo(0) == 0) - continue - - var s = k.invm(this.n).multiply(r.multiply(BN(key.getPrivate()!!)).add(msg)) - s = s.mod(this.n) - if (s.compareTo(0) == 0) - continue - - var recoveryParam = (if (kp.y!!.isOdd()) 1 else 0) or (if (kpX.compareTo(r) != 0) 2 else 0) - - // Use complement of `s`, if it is > `n / 2` - if (options.canonical == true && s > this.nh) { - s = this.n.subtract(s) - recoveryParam = recoveryParam xor 1 - } - - return Signature(r = r, s = s, recoveryParam = recoveryParam) - } - } - - - private fun truncateToN(_msg: BN, truncOnly: Boolean = false): BN { - var msg = _msg - val delta = msg.byteLength() * 8 - n!!.bitLength().toInt() - if (delta > 0) - msg = msg.shr(delta) - if (!truncOnly && msg >= this.n) - return msg.subtract(this.n) - else - return msg - } - - - companion object { - val scep256k1: EC - get() = EC(ShortCurve(Scep256k1Preset)) - - } -} \ No newline at end of file diff --git a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/ec/KeyPair.kt b/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/ec/KeyPair.kt deleted file mode 100644 index 0f2feb4..0000000 --- a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/ec/KeyPair.kt +++ /dev/null @@ -1,88 +0,0 @@ -package io.eqoty.secretk.crypto.elliptic.ec - -import com.ionspin.kotlin.bignum.integer.BigInteger -import com.ionspin.kotlin.bignum.integer.Sign -import io.eqoty.secretk.crypto.elliptic.BasePoint -import io.eqoty.secretk.crypto.elliptic.biginteger.BN - -data class KeyPairValidateResult(val result: Boolean, val reason: String?) -data class KeyPairSignOptions(val canonical: Boolean? = null, val k: BN?) -data class Signature(val r: BN, val s: BN, val recoveryParam: Int?) - -class KeyPair(val ec: EC, options: KeyPairOptions) { - var priv: BN? = null - var pub: BasePoint<*>? = null - - init { - if (options.priv != null) - this.importPrivate(options.priv, options.privEnc) - if (options.pub != null) - this.importPublic(options.pub, options.pubEnc) - - } - - fun getPrivate() = priv?.number?.toUByteArray() - - private fun importPublic(key: UByteArray, enc: String?) { -// if (key.x or key.y) { -// // Montgomery points only have an `x` coordinate. -// // Weierstrass/Edwards points on the other hand have both `x` and -// // `y` coordinates. -// if (this.ec.curve.type === 'mont') { -// assert(key.x, 'Need x coordinate'); -// } else if (this.ec.curve.type === 'short' || -// this.ec.curve.type === 'edwards') { -// assert(key.x && key.y, 'Need both x and y coordinate'); -// } -// this.pub = this.ec.curve.point(key.x, key.y); -// return; -// } - this.pub = this.ec.curve.decodePoint(key, enc) - } - - private fun importPrivate(key: UByteArray, enc: String?) { - priv = BN(BigInteger.fromUByteArray(key, Sign.POSITIVE)) - - // Ensure that the priv won't be bigger than n, otherwise we may fail - // in fixed multiplication method - this.priv = this.priv!!.mod(this.ec.n!!) - } - - fun validate(): KeyPairValidateResult { - val pub = this.getPublic() - - if (pub.isInfinity()) - return KeyPairValidateResult(result = false, reason = "Invalid public key") - if (!pub.validate()) - return KeyPairValidateResult(result = false, reason = "'Public key is not a point") - if (!pub.mul(ec.curve.n!!).isInfinity()) - return KeyPairValidateResult(result = false, reason = "Public key * N != O") - - return KeyPairValidateResult(result = true, reason = null) - } - - private fun getPublic(): BasePoint<*> { - if (pub == null) - pub = ec.g!!.mul(this.priv!!) - - return pub!! - } - - fun getPublicEncoded(compact: Boolean = false): UByteArray { - val pub = getPublic() - return pub.encode(compact) - } - - fun sign(msg: UByteArray, enc: String? = null, options: KeyPairSignOptions? = null): Signature = - ec.sign(msg, this, enc, options) - - companion object { - fun fromPrivate(ec: EC, priv: UByteArray, enc: String? = null): KeyPair = - KeyPair(ec, KeyPairOptions(priv = priv, privEnc = enc)) - - - fun fromPublic(ec: EC, pubkey: UByteArray, enc: String? = null): KeyPair = - KeyPair(ec, KeyPairOptions(pub = pubkey, privEnc = enc)) - - } -} \ No newline at end of file diff --git a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/ec/KeyPairOptions.kt b/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/ec/KeyPairOptions.kt deleted file mode 100644 index 1337b23..0000000 --- a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/ec/KeyPairOptions.kt +++ /dev/null @@ -1,8 +0,0 @@ -package io.eqoty.secretk.crypto.elliptic.ec - -data class KeyPairOptions( - val priv: UByteArray? = null, - val pub: UByteArray? = null, - val privEnc: String? = null, - val pubEnc: String? = null -) diff --git a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/json/Doubles.kt b/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/json/Doubles.kt deleted file mode 100644 index 7cabc7e..0000000 --- a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/json/Doubles.kt +++ /dev/null @@ -1,7 +0,0 @@ -package io.eqoty.secretk.crypto.elliptic.json - -@kotlinx.serialization.Serializable -data class Doubles( - val step: Int, - val points: List> -) \ No newline at end of file diff --git a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/json/Naf.kt b/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/json/Naf.kt deleted file mode 100644 index 22cbe7f..0000000 --- a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/json/Naf.kt +++ /dev/null @@ -1,7 +0,0 @@ -package io.eqoty.secretk.crypto.elliptic.json - -@kotlinx.serialization.Serializable -data class Naf( - val wnd: Int, - val points: List> -) \ No newline at end of file diff --git a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/json/PrecomputedScep256k1.kt b/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/json/PrecomputedScep256k1.kt deleted file mode 100644 index 9794a2c..0000000 --- a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/json/PrecomputedScep256k1.kt +++ /dev/null @@ -1,7 +0,0 @@ -package io.eqoty.secretk.crypto.elliptic.json - -@kotlinx.serialization.Serializable -data class PrecomputedScep256k1( - val doubles: Doubles, - val naf: Naf -) diff --git a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/utils/Utils.kt b/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/utils/Utils.kt deleted file mode 100644 index ddbd5e6..0000000 --- a/secretk/src/commonMain/kotlin/io/eqoty/secretk/crypto/elliptic/utils/Utils.kt +++ /dev/null @@ -1,88 +0,0 @@ -package io.eqoty.secretk.crypto.elliptic.utils - -import io.eqoty.secretk.crypto.elliptic.biginteger.BN -import kotlin.math.max - - -fun getNAF(num: BN, w: Int, bits: Int): Array { - var naf = Array(max(num.bitLength().toInt(), bits) + 1) { 0 } - naf.fill(0) - - var ws = 1 shl (w + 1) - var k = num - - for (i in naf.indices) { - var z: Int - var mod = k.andln(ws - 1) - if (k.isOdd()) { - if (mod > (ws shr 1) - 1) { - z = (ws shr 1) - mod - } else { - z = mod - } - k = k.subtract(BN(z)) - } else { - z = 0 - } - - naf[i] = z - k = k.shr(1) - } - - return naf -} - -fun getJSF(_k1: BN, _k2: BN): List> { - val jsf = listOf>( - mutableListOf(), - mutableListOf() - ) - - var k1 = _k1 - var k2 = _k2 - var d1 = 0 - var d2 = 0 - var m8: Int - while (k1 > -d1 || k2 > -d2) { - // First phase - var m14 = (k1.andln(3) + d1) and 3 - var m24 = (k2.andln(3) + d2) and 3 - if (m14 == 3) - m14 = -1 - if (m24 == 3) - m24 = -1 - var u1: Int - if ((m14 and 1) == 0) { - u1 = 0 - } else { - m8 = (k1.andln(7) + d1) and 7 - if ((m8 == 3 || m8 == 5) && m24 == 2) - u1 = -m14 - else - u1 = m14 - } - jsf[0].add(u1) - - var u2: Int - if ((m24 and 1) == 0) { - u2 = 0 - } else { - m8 = (k2.andln(7) + d2) and 7 - if ((m8 == 3 || m8 == 5) && m14 == 2) - u2 = -m24 - else - u2 = m24 - } - jsf[1].add(u2) - - // Second phase - if (2 * d1 == u1 + 1) - d1 = 1 - d1 - if (2 * d2 == u2 + 1) - d2 = 1 - d2 - k1 = k1.shr(1) - k2 = k2.shr(1) - } - - return jsf -} \ No newline at end of file diff --git a/secretk/src/commonMain/kotlin/io/eqoty/secretk/utils/EnigmaUtils.kt b/secretk/src/commonMain/kotlin/io/eqoty/secretk/utils/EnigmaUtils.kt index fbb2eae..87c89d9 100644 --- a/secretk/src/commonMain/kotlin/io/eqoty/secretk/utils/EnigmaUtils.kt +++ b/secretk/src/commonMain/kotlin/io/eqoty/secretk/utils/EnigmaUtils.kt @@ -5,7 +5,7 @@ import com.ionspin.kotlin.crypto.util.encodeToUByteArray import io.eqoty.kryptools.aessiv.AesSIV import io.eqoty.kryptools.axlsign.AxlSign.generateKeyPair import io.eqoty.kryptools.axlsign.AxlSign.sharedKey -import io.eqoty.secretk.crypto.deriveHKDFKey +import io.eqoty.kryptools.deriveHKDFKey import io.ktor.client.* import io.ktor.client.call.* import io.ktor.client.plugins.* diff --git a/secretk/src/commonMain/kotlin/io/eqoty/secretk/wallet/BaseWallet.kt b/secretk/src/commonMain/kotlin/io/eqoty/secretk/wallet/BaseWallet.kt index 655adde..35ea2e2 100644 --- a/secretk/src/commonMain/kotlin/io/eqoty/secretk/wallet/BaseWallet.kt +++ b/secretk/src/commonMain/kotlin/io/eqoty/secretk/wallet/BaseWallet.kt @@ -3,10 +3,10 @@ package io.eqoty.secretk.wallet import cash.z.ecc.android.bip39.Mnemonics import cash.z.ecc.android.bip39.toSeed import co.touchlab.kermit.Logger -import io.eqoty.secretk.crypto.Secp256k1 -import io.eqoty.secretk.crypto.Slip10 -import io.eqoty.secretk.crypto.Slip10Curve -import io.eqoty.secretk.crypto.Slip10RawIndex +import io.eqoty.kryptools.Secp256k1 +import io.eqoty.kryptools.Slip10 +import io.eqoty.kryptools.Slip10Curve +import io.eqoty.kryptools.Slip10RawIndex import io.eqoty.secretk.types.StdSignDoc import io.eqoty.secretk.types.StdSignature import io.eqoty.secretk.types.proto.SignDocProto