src/bls192.c.in [227:350]:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    return BLS_OK;
}

int BLS_ZZZ_MAKE_SHARES(int k, int n, csprng *RNG, octet* X, octet* Y, octet* SKI, octet* SKO)
{
    BIG_XXX r;
    BIG_XXX_rcopy(r,CURVE_Order_ZZZ);

    // Generate polynomial: f(x) = a_0 + a_1x + a_2x^2 ... a_{k-1}x^{k-1}
    BIG_XXX poly[k];
    for(int i=0; i<k; i++)
    {
        BIG_XXX_randomnum(poly[i],r,RNG);
    }

    // Use predefined secret
    if (SKI != NULL)
    {
        BIG_XXX_fromBytes(poly[0],SKI->val);
    }

    /* Calculate f(x) = a_0 + a_1x + a_2x^2 ... a_{k-1}x^{k-1}
       a0 is the secret */
    BIG_XXX x;
    BIG_XXX_zero(x);

    BIG_XXX y;

    for(int j=0; j<n; j++)
    {
        BIG_XXX_inc(x,1);

        // Output X shares
        BIG_XXX_toBytes(X[j].val,x);
        X[j].len = MODBYTES_XXX;

        // y is the accumulator
        BIG_XXX_zero(y);

        for(int i=k-1; i>=0; i--)
        {
            BIG_XXX_modmul(y,y,x,r);
            BIG_XXX_add(y,y,poly[i]);
        }

        // Normalise input for comp
        BIG_XXX_norm(y);
        if(BIG_XXX_comp(y,r) == 1)
        {
            BIG_XXX_sub(y,y,r);
        }

        // Output Y shares
        BIG_XXX_toBytes(Y[j].val,y);
        Y[j].len = MODBYTES_XXX;
    }

    // Output secret
    BIG_XXX_toBytes(SKO->val,poly[0]);
    SKO->len = MODBYTES_XXX;

    return BLS_OK;
}

int BLS_ZZZ_RECOVER_SECRET(int k, octet* X, octet* Y, octet* SK)
{
    BIG_XXX r;
    BIG_XXX_rcopy(r,CURVE_Order_ZZZ);

    BIG_XXX y;
    BIG_XXX coefs[k];

    BIG_XXX secret;
    BIG_XXX prod;
    BIG_XXX_zero(secret);

    recover_coefficients(k, X, coefs);

    for(int i=0; i<k; i++)
    {
        BIG_XXX_fromBytes(y,Y[i].val);

        BIG_XXX_modmul(prod,y,coefs[i],r);
        BIG_XXX_add(secret, secret, prod);

        // Normalise input for comp
        BIG_XXX_norm(secret);
        if (BIG_XXX_comp(secret,r) == 1)
        {
            BIG_XXX_sub(secret,secret,r);
        }
    }

    // Output secret
    BIG_XXX_toBytes(SK->val,secret);
    SK->len = MODBYTES_XXX;

    return BLS_OK;
}

int BLS_ZZZ_RECOVER_SIGNATURE(int k, octet* X, octet* Y, octet* SIG)
{
    BIG_XXX coefs[k];
    ECP_ZZZ y;

    ECP_ZZZ sig;
    ECP_ZZZ_inf(&sig);

    recover_coefficients(k, X, coefs);

    for(int i=0; i<k; i++)
    {
        if (!ECP_ZZZ_fromOctet(&y,&Y[i]))
        {
            return BLS_INVALID_G1;
        }

        PAIR_ZZZ_G1mul(&y,coefs[i]);
        ECP_ZZZ_add(&sig,&y);
    }

    ECP_ZZZ_toOctet(SIG, &sig, true);

    return BLS_OK;
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -



src/bls256.c.in [227:350]:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    return BLS_OK;
}

int BLS_ZZZ_MAKE_SHARES(int k, int n, csprng *RNG, octet* X, octet* Y, octet* SKI, octet* SKO)
{
    BIG_XXX r;
    BIG_XXX_rcopy(r,CURVE_Order_ZZZ);

    // Generate polynomial: f(x) = a_0 + a_1x + a_2x^2 ... a_{k-1}x^{k-1}
    BIG_XXX poly[k];
    for(int i=0; i<k; i++)
    {
        BIG_XXX_randomnum(poly[i],r,RNG);
    }

    // Use predefined secret
    if (SKI != NULL)
    {
        BIG_XXX_fromBytes(poly[0],SKI->val);
    }

    /* Calculate f(x) = a_0 + a_1x + a_2x^2 ... a_{k-1}x^{k-1}
       a0 is the secret */
    BIG_XXX x;
    BIG_XXX_zero(x);

    BIG_XXX y;

    for(int j=0; j<n; j++)
    {
        BIG_XXX_inc(x,1);

        // Output X shares
        BIG_XXX_toBytes(X[j].val,x);
        X[j].len = MODBYTES_XXX;

        // y is the accumulator
        BIG_XXX_zero(y);

        for(int i=k-1; i>=0; i--)
        {
            BIG_XXX_modmul(y,y,x,r);
            BIG_XXX_add(y,y,poly[i]);
        }

        // Normalise input for comp
        BIG_XXX_norm(y);
        if(BIG_XXX_comp(y,r) == 1)
        {
            BIG_XXX_sub(y,y,r);
        }

        // Output Y shares
        BIG_XXX_toBytes(Y[j].val,y);
        Y[j].len = MODBYTES_XXX;
    }

    // Output secret
    BIG_XXX_toBytes(SKO->val,poly[0]);
    SKO->len = MODBYTES_XXX;

    return BLS_OK;
}

int BLS_ZZZ_RECOVER_SECRET(int k, octet* X, octet* Y, octet* SK)
{
    BIG_XXX r;
    BIG_XXX_rcopy(r,CURVE_Order_ZZZ);

    BIG_XXX y;
    BIG_XXX coefs[k];

    BIG_XXX secret;
    BIG_XXX prod;
    BIG_XXX_zero(secret);

    recover_coefficients(k, X, coefs);

    for(int i=0; i<k; i++)
    {
        BIG_XXX_fromBytes(y,Y[i].val);

        BIG_XXX_modmul(prod,y,coefs[i],r);
        BIG_XXX_add(secret, secret, prod);

        // Normalise input for comp
        BIG_XXX_norm(secret);
        if (BIG_XXX_comp(secret,r) == 1)
        {
            BIG_XXX_sub(secret,secret,r);
        }
    }

    // Output secret
    BIG_XXX_toBytes(SK->val,secret);
    SK->len = MODBYTES_XXX;

    return BLS_OK;
}

int BLS_ZZZ_RECOVER_SIGNATURE(int k, octet* X, octet* Y, octet* SIG)
{
    BIG_XXX coefs[k];
    ECP_ZZZ y;

    ECP_ZZZ sig;
    ECP_ZZZ_inf(&sig);

    recover_coefficients(k, X, coefs);

    for(int i=0; i<k; i++)
    {
        if (!ECP_ZZZ_fromOctet(&y,&Y[i]))
        {
            return BLS_INVALID_G1;
        }

        PAIR_ZZZ_G1mul(&y,coefs[i]);
        ECP_ZZZ_add(&sig,&y);
    }

    ECP_ZZZ_toOctet(SIG, &sig, true);

    return BLS_OK;
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -