in src/cg21/cg21_reshare.c [421:490]
int CG21_KEY_RESHARE_CHECK_VSS_T1(CG21_RESHARE_SETTING setting, CG21_RESHARE_ROUND1_STORE_PUB_T1 *ReceiveR3,
const CG21_RESHARE_ROUND1_STORE_PUB_T1 *myR3_T1, const SSS_shares *SS_R3, octet *myX,
octet *PK, octet *X, octet *pack_pk_sum_shares, CG21_RESHARE_ROUND4_STORE *r3Store,
int Xstatus){
/*
* Xstatus = 0 first call
* Xstatus = 1 neither first call, nor last call
* Xstatus = 2 last call
* Xstatus = 3 first and last call (t=2)
*/
// pack vss octets into one octet
if (Xstatus==0 || Xstatus==3) {
OCT_joctet(r3Store->pack_all_checks, myR3_T1->checks);
}
OCT_joctet(r3Store->pack_all_checks, ReceiveR3->checks);
// unpack checks
char cc[setting.t2][EFS_SECP256K1 + 1];
octet CC[setting.t2];
init_octets((char *)cc, CC, EFS_SECP256K1 + 1, setting.t2);
int rc = CG21_unpack(ReceiveR3->checks, setting.t2, CC, EFS_SECP256K1 + 1);
if (rc!=CG21_OK){
return rc;
}
// checks X_j == VSS_j(v_0)
rc = OCT_comp(&CC[0], ReceiveR3->Xi);
if (rc==0){
return CG21_Xs_ARE_NOT_EQUAL;
}
// Check that given shared secrets have same x-coord
rc = OCT_comp(SS_R3->X, myX);
if (rc==0){
return CG21_WRONG_SHARE_IS_GIVEN;
}
// VSS Verification for the received share
rc = VSS_verify_shares(setting.t2, SS_R3->X, SS_R3->Y, CC);
if (rc != VSS_OK)
{
return rc;
}
// check partial PK is correct based on vss checks from keygen
rc = CG21_CHECK_PARTIAL_PK(setting, pack_pk_sum_shares, myX, ReceiveR3);
if (rc!=CG21_OK){
return rc;
}
// first partial PK
if (Xstatus==0 || Xstatus==3) {
OCT_copy(X, myR3_T1->Xi);
}
CG21_ADD_TWO_PK(X, ReceiveR3->Xi);
// last partial PK
if (Xstatus==2 || Xstatus==3){
rc = OCT_comp(X, PK);
if (rc==0){
return CG21_RESHARE_CHECKS_NOT_VALID;
}
}
return CG21_OK;
}