add kdf && update hashToModInt

crypto/crypto_test.go

@@ -76,3 +76,11 @@ func TestAddress(t *testing.T) {
 
 	fmt.Println(addr)
 }
+
+func TestKDF(t *testing.T) {
+	key := []byte{0x1, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, 0x11}
+
+	keyf := KDF(key, 32)
+	fmt.Println(keyf)
+	fmt.Println(len(keyf))
+}

crypto/hash.go

@@ -3,6 +3,7 @@ package crypto
 import (
 	"crypto/sha256"
 	"golang.org/x/crypto/ripemd160"
+	"math/big"
 )
 
 
@@ -39,3 +40,24 @@ func Rimp160(b []byte) []byte {
 	rimpHash(b, out[:])
 	return out[:]
 }
+
+func KDF(x []byte, length int) []byte {
+	var c []byte
+
+	var ct int64 = 1
+	h := sha256.New()
+	for i, j := 0, (length+31)/32; i < j; i++ {
+		h.Reset()
+		h.Write(x)
+		h.Write(big.NewInt(ct).Bytes())
+		hash := h.Sum(nil)
+		if i+1 == j && length%32 != 0 {
+			c = append(c, hash[:length%32]...)
+		} else {
+			c = append(c, hash...)
+		}
+		ct++
+	}
+
+	return c
+}
\ No newline at end of file

pre.go

@@ -4,10 +4,9 @@ import (
 	"crypto/rand"
 	"errors"
 	"fmt"
-	secp256k1 "github.com/btcsuite/btcd/btcec"
 	"github.com/33cn/chain33-sdk-go/crypto"
 	"github.com/33cn/chain33-sdk-go/types"
-
+	secp256k1 "github.com/btcsuite/btcd/btcec"
 	"golang.org/x/crypto/blake2b"
 	"math/big"
 )
@@ -67,15 +66,18 @@ func (p *EccPoit) ToPublicKey() *secp256k1.PublicKey {
 }
 
 func hashToModInt(digest []byte) *big.Int {
-	sum := new(big.Int).SetBytes(digest)
-	one := big.NewInt(1)
-	order_minus_1 := big.NewInt(0)
-	order_minus_1.Sub(baseN, one)
-
-	bigNum := big.NewInt(0)
-	bigNum.Mod(sum, order_minus_1).Add(bigNum, one)
+	orderBits := baseN.BitLen()
+	orderBytes := (orderBits + 7) / 8
+	if len(digest) > orderBytes {
+		digest = digest[:orderBytes]
+	}
 
-	return bigNum
+	ret := new(big.Int).SetBytes(digest)
+	excess := len(digest)*8 - orderBits
+	if excess > 0 {
+		ret.Rsh(ret, uint(excess))
+	}
+	return ret
 }
 
 func makeShamirPolyCoeff(threshold int) []*big.Int {
@@ -153,8 +155,8 @@ func GeneratePreEncryptKey(pubOwner []byte) ([]byte, string, string) {
 	pub_r := types.ToHex((*secp256k1.PublicKey)(&priv_r.PublicKey).SerializeCompressed())
 	pub_u := types.ToHex((*secp256k1.PublicKey)(&priv_u.PublicKey).SerializeCompressed())
 
-
-	return result.SerializeCompressed()[1:], pub_r, pub_u
+	share_key := crypto.KDF(result.SerializeCompressed(), 32)
+	return share_key, pub_r, pub_u
 }
 
 func GenerateKeyFragments(privOwner []byte, pubRecipient []byte, numSplit, threshold int) ([]*KFrag, error) {
@@ -226,7 +228,7 @@ func AssembleReencryptFragment(privRecipient []byte, reKeyFrags []*ReKeyFrag) ([
 	dhBob := dBobHash.Sum(nil)
 	dhBobBN := hashToModInt(dhBob)
 
-	var share_key *EccPoit
+	var result *EccPoit
 	if len(reKeyFrags) == 1 {
 		rPoint, err := NewEccPoint(reKeyFrags[0].ReKeyR)
 		if err != nil {
@@ -239,7 +241,7 @@ func AssembleReencryptFragment(privRecipient []byte, reKeyFrags []*ReKeyFrag) ([
 			return nil, err
 		}
 
-		share_key = rPoint.Add(uPoint).MulInt(dhBobBN)
+		result = rPoint.Add(uPoint).MulInt(dhBobBN)
 	} else {
 		var eFinal, vFinal *EccPoit
 
@@ -281,8 +283,9 @@ func AssembleReencryptFragment(privRecipient []byte, reKeyFrags []*ReKeyFrag) ([
 			eFinal = e.Add(eFinal)
 			vFinal = v.Add(vFinal)
 		}
-		share_key = eFinal.Add(vFinal).MulInt(dhBobBN)
+		result = eFinal.Add(vFinal).MulInt(dhBobBN)
 	}
 
-	return share_key.ToPublicKey().SerializeCompressed(), nil
+	share_key := crypto.KDF(result.ToPublicKey().SerializeCompressed(), 32)
+	return share_key, nil
 }
\ No newline at end of file