def aggregate_unit_sigs(signatures: List[Signature],
players: List[int],
T: int,
ec=default_ec) -> Signature:
lambs = Threshold.lagrange_coeffs_at_zero(players, ec)
agg = AffinePoint(Fq2.zero(ec.q), Fq2.zero(ec.q), True,
ec).to_jacobian()
for i, sig in enumerate(signatures):
agg += sig.value * lambs[i]
return Signature.from_g2(agg)
def from_bytes(buffer):
bit1 = buffer[0] & 0x80
buffer = bytes([buffer[0] & 0x1f]) + buffer[1:]
x = Fq(default_ec.q, int.from_bytes(buffer, "big"))
y_values = y_for_x(Fq(default_ec.q, x))
y_values.sort()
y = y_values[0]
if bit1:
y = y_values[1]
return PublicKey(AffinePoint(x, y, False, default_ec).to_jacobian())
def aggregate(signatures):
"""
Aggregate signatures by multiplying them together. This IS secure
against rogue public key attacks, assuming these signatures were
generated using sign_prepend.
"""
q = default_ec.q
agg_sig = (AffinePoint(Fq2.zero(q), Fq2.zero(q), True,
default_ec).to_jacobian())
for sig in signatures:
agg_sig += sig.value
return PrependSignature.from_g2(agg_sig)
def aggregate_sigs_simple(signatures):
"""
Aggregate signatures by multiplying them together. This is NOT secure
against rogue public key attacks, so do not use this for signatures
on the same message.
"""
q = default_ec.q
agg_sig = (AffinePoint(Fq2.zero(q), Fq2.zero(q), True,
default_ec).to_jacobian())
for sig in signatures:
agg_sig += sig.value
return Signature.from_g2(agg_sig)
def from_bytes(buffer, aggregation_info=None):
use_big_y = buffer[0] & 0x80
buffer = bytes([buffer[0] & 0x1f]) + buffer[1:]
x0 = int.from_bytes(buffer[:48], "big")
x1 = int.from_bytes(buffer[48:], "big")
x = Fq2(default_ec.q, Fq(default_ec.q, x0), Fq(default_ec.q, x1))
ys = y_for_x(x, default_ec_twist, Fq2)
y = ys[0]
if ((use_big_y and ys[1][1] > default_ec.q // 2) or
(not use_big_y and ys[1][1] < default_ec.q // 2)):
y = ys[1]
return Signature(AffinePoint(x, y, False, default_ec_twist)
.to_jacobian(),
aggregation_info)
def from_bytes(buffer):
use_big_y = buffer[0] & 0x80
prepend = buffer[0] & 0x40
if not prepend:
raise "Should have prepend bit set"
buffer = bytes([buffer[0] & 0x1f]) + buffer[1:]
x0 = int.from_bytes(buffer[:48], "big")
x1 = int.from_bytes(buffer[48:], "big")
x = Fq2(default_ec.q, Fq(default_ec.q, x0), Fq(default_ec.q, x1))
ys = y_for_x(x, default_ec_twist, Fq2)
y = ys[0]
if ((use_big_y and ys[1][1] > default_ec.q // 2)
or (not use_big_y and ys[1][1] < default_ec.q // 2)):
y = ys[1]
return PrependSignature(
AffinePoint(x, y, False, default_ec_twist).to_jacobian())
def from_bytes(buffer, aggregation_info=None):
use_big_y = buffer[0] & 0x80
prepend = buffer[0] & 0x40
if prepend:
raise Exception("Should not have prepend bit set")
buffer = bytes([buffer[0] & 0x1F]) + buffer[1:]
x0 = int.from_bytes(buffer[:48], "big")
x1 = int.from_bytes(buffer[48:], "big")
x = Fq2(default_ec.q, Fq(default_ec.q, x0), Fq(default_ec.q, x1))
ys = y_for_x(x, default_ec_twist, Fq2)
y = ys[0]
if (use_big_y and ys[1][1] > default_ec.q // 2) or (
not use_big_y and ys[1][1] < default_ec.q // 2):
y = ys[1]
return Signature(
AffinePoint(x, y, False, default_ec_twist).to_jacobian(),
aggregation_info)