fix bign

deatil · deatil · commit e922e6a67032 · 2025-06-16T19:24:53.000+08:00
diff --git a/pubkey/bign/bign.go b/pubkey/bign/bign.go
@@ -531,3 +531,46 @@ func randFieldElement(rand io.Reader, c elliptic.Curve) (k *big.Int, err error)
     }
 }
 
+// Encrypt with Elgamal
+func ElgamalEncrypt(random io.Reader, pub *PublicKey, data []byte) (C1x, C1y *big.Int, C2 *big.Int, err error) {
+    x := new(big.Int).SetBytes(data)
+
+    curve := pub.Curve
+    n := curve.Params().N
+
+    r, err := rand.Int(random, n)
+    if err != nil {
+        err = errors.New("go-cryptobin/bign: invalid rand k")
+        return
+    }
+
+    rYx, rYy := curve.ScalarMult(pub.X, pub.Y, r.Bytes())
+    rGx, rGy := curve.ScalarBaseMult(r.Bytes())
+
+    rYBytes := elliptic.Marshal(curve, rYx, rYy)
+
+    rYval := new(big.Int).SetBytes(rYBytes)
+    C2 = new(big.Int).Add(rYval, x)
+
+    C1x, C1y = new(big.Int).Set(rGx), new(big.Int).Set(rGy)
+
+    return
+}
+
+// Decrypt with Elgamal
+func ElgamalDecrypt(priv *PrivateKey, C1x, C1y *big.Int, C2 *big.Int) (plain []byte, err error) {
+    curve := priv.Curve
+
+    xCx, xCy := curve.ScalarMult(C1x, C1y, priv.D.Bytes())
+
+    xCBytes := elliptic.Marshal(curve, xCx, xCy)
+
+    xCval := new(big.Int).SetBytes(xCBytes)
+
+    p := new(big.Int).Set(C2)
+    p.Sub(p, xCval)
+
+    plain = p.Bytes()
+
+    return
+}
diff --git a/pubkey/bign/bign_test.go b/pubkey/bign/bign_test.go
@@ -728,3 +728,69 @@ var testData2s = []testData2{
 
 
 }
+
+func Test_ElgamalEncrypt(t *testing.T) {
+    c := elliptic.P256()
+
+    priv, err := GenerateKey(rand.Reader, c)
+    if err != nil {
+        t.Fatal(err)
+    }
+
+    pub := &priv.PublicKey
+
+    data := []byte("test-data test-data test-data test-data test-data")
+
+    C1x, C1y, C2, err := ElgamalEncrypt(rand.Reader, pub, data)
+    if err != nil {
+        t.Fatal(err)
+    }
+
+    p, _ := ElgamalDecrypt(priv, C1x, C1y, C2)
+    if !bytes.Equal(data, p) {
+        t.Errorf("ElgamalDecrypt fail, got %x, want %x", p, data)
+    }
+
+}
+
+func Test_ElgamalEncrypt_Check(t *testing.T) {
+    c := elliptic.P256()
+
+    x := fromHex("67e87b98e8a4383098fedb448c1f3d278bebba50525dec57c0576c605bfffdda")
+    Y := fromHex("045ec79d828a77af85aa9c8ef3ba5afd7674376d6b134d14b10bb4afb7fd0952b0e894f696b38096ff547bbd0a0f1d14a195f2fc9ce951901fe2925560f29d98c0")
+
+    priv, err := NewPrivateKey(c, x)
+    if err != nil {
+        t.Fatal(err)
+    }
+
+    pub, err := NewPublicKey(c, Y)
+    if err != nil {
+        t.Fatal(err)
+    }
+
+    data := []byte("Hello")
+
+    C1x, C1y, C2, err := ElgamalEncrypt(rand.Reader, pub, data)
+    if err != nil {
+        t.Fatal(err)
+    }
+
+    // C1Bytes := elliptic.Marshal(pub.Curve, C1x, C1y)
+    // C1=04af7035184190ce72b1ee000ec8f18927a664c23358ce4d41ff757283a5846bb58c19c551753ea0af151c31c1a3698606af565c122a387dbe67d7fa5deba2393f
+    // t.Errorf("C1Bytes: %x", C2)
+
+    p, _ := ElgamalDecrypt(priv, C1x, C1y, C2)
+    if !bytes.Equal(data, p) {
+        t.Errorf("ElgamalDecrypt fail, got %x, want %x", p, data)
+    }
+
+    C1 := fromHex("04af7035184190ce72b1ee000ec8f18927a664c23358ce4d41ff757283a5846bb58c19c551753ea0af151c31c1a3698606af565c122a387dbe67d7fa5deba2393f")
+    C22, _ := new(big.Int).SetString("64998866770800537035816591092081487793369751526287129670052291837083837454710935744289325621649282383337514803150244272041445838052262073601284819093853352", 10)
+
+    C1x2, C1y2 := elliptic.Unmarshal(priv.Curve, C1)
+    p2, _ := ElgamalDecrypt(priv, C1x2, C1y2, C22)
+    if !bytes.Equal(data, p2) {
+        t.Errorf("Test_ElgamalEncrypt_Check fail, got %x, want %x", p2, data)
+    }
+}
