in src/cg21/cg21_reshare.c [537:595]
int CG21_KEY_RESHARE_CHECK_VSS_N2(CG21_RESHARE_SETTING setting, CG21_RESHARE_ROUND1_STORE_PUB_T1 *ReceiveR3,
const SSS_shares *SS_R3, const octet *myX, const octet *PK, octet *X, octet *pack_pk_sum_shares,
CG21_RESHARE_ROUND4_STORE *r4Store, int Xstatus){
// pack vss octets into one octet
OCT_joctet(r4Store->pack_all_checks, ReceiveR3->checks);
// unpack checks
char cc[setting.t2][EFS_SECP256K1 + 1];
octet CC[setting.t2];
init_octets((char *)cc, CC, EFS_SECP256K1 + 1, setting.t2);
int rc = CG21_unpack(ReceiveR3->checks, setting.t2, CC, EFS_SECP256K1 + 1);
if (rc!=CG21_OK){
return rc;
}
// checks X_j == VSS_j(v_0)
rc = OCT_comp(CC, ReceiveR3->Xi);
if (rc==0){
return CG21_Xs_ARE_NOT_EQUAL;
}
// Check that given shared secrets have same x-coord
rc = OCT_comp(SS_R3->X, myX);
if (rc==0){
return CG21_WRONG_SHARE_IS_GIVEN;
}
// VSS Verification for the received share
rc = VSS_verify_shares(setting.t2, SS_R3->X, SS_R3->Y, CC);
if (rc != VSS_OK)
{
return rc;
}
// check partial PK is correct based on vss checks from keygen
rc = CG21_CHECK_PARTIAL_PK(setting, pack_pk_sum_shares, myX, ReceiveR3);
if (rc!=CG21_OK){
return rc;
}
// first partial PK
if (Xstatus==0) {
OCT_copy(X, ReceiveR3->Xi);
}
else {
CG21_ADD_TWO_PK(X, ReceiveR3->Xi);
}
// last partial PK
if (Xstatus == 2) {
rc = OCT_comp(X, PK);
if (rc == 0) {
return CG21_RESHARE_CHECKS_NOT_VALID;
}
}
return CG21_OK;
}