29 lines
987 B
Plaintext
29 lines
987 B
Plaintext
|
import "ecc/edwardsAdd" as add;
|
||
|
|
import "ecc/edwardsScalarMult" as multiply;
|
||
|
|
import "utils/pack/bool/nonStrictUnpack256" as unpack256;
|
||
|
|
from "ecc/babyjubjubParams" import BabyJubJubParams;
|
||
|
|
|
||
|
|
/// Verifies match of a given public/private keypair.
|
||
|
|
///
|
||
|
|
/// Checks if the following equation holds for the provided keypair:
|
||
|
|
/// pk = sk*G
|
||
|
|
/// where G is the chosen base point of the subgroup
|
||
|
|
/// and * denotes scalar multiplication in the subgroup
|
||
|
|
///
|
||
|
|
/// Arguments:
|
||
|
|
/// pk: Curve point. Public key.
|
||
|
|
/// sk: Field element. Private key.
|
||
|
|
/// context: Curve parameters (including generator G) used to create keypair.
|
||
|
|
///
|
||
|
|
/// Returns:
|
||
|
|
/// Return true for pk/sk being a valid keypair, false otherwise.
|
||
|
|
def main(field[2] pk, field sk, BabyJubJubParams context) -> bool {
|
||
|
|
field[2] G = [context.Gu, context.Gv];
|
||
|
|
|
||
|
|
bool[256] skBits = unpack256(sk);
|
||
|
|
field[2] ptExp = multiply(skBits, G, context);
|
||
|
|
|
||
|
|
bool out = ptExp[0] == pk[0] && ptExp[1] == pk[1];
|
||
|
|
return out;
|
||
|
|
}
|