1 package civitas.crypto.proofdisclog;
2
3 import java.util.ArrayList;
4 import java.util.List;
5
6 import org.springframework.beans.factory.annotation.Autowired;
7 import org.springframework.stereotype.Controller;
8
9 import civitas.crypto.CryptoBase;
10 import civitas.crypto.algorithms.ConvertHashToBigInt;
11 import civitas.crypto.messagedigest.CryptoHash;
12 import civitas.crypto.parameters.ElGamalParameters;
13 import civitas.util.CivitasBigInteger;
14
15 @Controller
16 public class ConstructElGamalDiscLogEqualityProof {
17 @Autowired
18 CryptoBase cryptoBase;
19
20 @Autowired
21 CryptoHash cryptoHash;
22
23 @Autowired
24 ConvertHashToBigInt convertHashToBigInt;
25
26 public ElGamalProofDiscLogEquality apply(
27 final ElGamalParameters params,
28 final CivitasBigInteger g1,
29 final CivitasBigInteger g2,
30 final CivitasBigInteger x) {
31
32 CivitasBigInteger v = g1.modPow(x, params.p);
33 CivitasBigInteger w = g2.modPow(x, params.p);
34
35 CivitasBigInteger z = cryptoBase.generateRandomElement(params.q);
36 CivitasBigInteger a = g1.modPow(z, params.p);
37 CivitasBigInteger b = g2.modPow(z, params.p);
38
39 List<CivitasBigInteger> l = new ArrayList<>();
40 l.add(v);
41 l.add(w);
42 l.add(a);
43 l.add(b);
44 byte[] hash = cryptoHash.apply(l);
45 CivitasBigInteger c = convertHashToBigInt.apply(hash).mod(params.q);
46
47 CivitasBigInteger r = z.modAdd(c.modMultiply(x, params.q), params.q);
48
49 return new ElGamalProofDiscLogEquality(g1, g2, v, w, a, b, c, r);
50 }
51 }