问题
I have the following equation:
c = SHA-256(Q, K(i,0), K(i,1), ..., K(i,k-1), h(i,0), h(i,2), …, h(i,k-1)) mod q
and the input values:
k1 = 26629345189088775121568614899346754418407425670282456807855951340359412290983328619915824219380693572974892394721160483070683405782674706936012623642495432802102362447142115308612541414114873855847753397157927768798152813362950360882910824404185543828373250626406490554333742647857888385433264463011767352745302500858815513643866365318023238515892185480255556180043825147988975721600405726006369401295379371876907754637420274357720509199471355271282430522552899184689005974089671519735287643350136311957077142232015824857171723946921408511190415079318863767715152598154929621042345763672724819984668317829111226813269324209780774070525891398264036597683937747328345947347006730334861476983902927279277507787575185292041114946942224086350752748835970487839469028361776247769179401048268608771986025484163476920237083790508471442085270390251953238194531355009119632874716585236991029452845316964868506545640819423936068521643730339939001494181525262110553268664909094721286556270076920384038188879583376531394141804457267751604148270282108259247832356847127150570530180974823739916755872393975601311483606457834350419278739508231896982519584456058749640647320286547658303183817323255694318300072593537885262339027581180645983887817698
c1 = 734543921447752682860963741453271489254669074261452175542578379592174452839224593393703391880811403700322170448354231579471856009386877575200881769436034155106097824226934309597824740339277501680651938212698873436444596418869933750778491012116425109317627750740344709043308724472066983029401792501819476640899479142794577184544149738356048994164406614202147840757079571415055902412124590217393369133432772089352174603222770484553027183660348288914566202679602860020529368818277755524985768471918648089084661467706102641509311739166386367723205389105075633496812514886817188079551423050513374871126883407747450151616425645668060446634154143217625159743590285484972355255238869505937349605491386760180995206011578729743013682469984157163036398663818798440392573212425655089539747818287610595634083808227422158212010691046377845002010543256975163259924983922679163639111554660321472736871186841262131253852347056806886358462294157243037821998920179238526878715076500283110919518891844033357565717323278006862495035476503209297028628017256090700319869519223575598336559377555360887798178911373373442813544654297399825285204120194023356602791705863456979459155048848360183764309689023948392715748473787550542570249723129662907674477638155
k2 = 724306184502452816914739636531581573398224256279083526602303340064699627757014049622722889151635945057642978593144466015150186765749429007022463174881008385163668958538291569232830916960267390644040463451545083453683137865954156414068207252834671150050230255180288936398706033028362268184070023700566186274532263796291894927127975670890282152122433688726389989701586888271064122385183397877731811664221480084098496216725545564395282084139240651524033726896508389071330557491953584326868064837709120578687992214838787904024645756660442212940703778909386591826708938137607549444028276378620609318898454821291364028468209002629435384439334275676426619969415671283814148831406419950854501712607728573652310442073075148545691196141281959772421121788160611597927035716264228366448773758536392715750804355693616056767759733884275733248674940223335744206764349613456780149740515230706213960637774640903260073440687688080738513266487388466874967097580183317352352528411749422080000701364398585637123229143584857790913010601582400680315552121860435131370132521955498539709027515119810680201720176721371774526144957969963795913966561771154554007108017412796782369595818252395204162594183872855697712261245935201585493709477582706545110177215821
c2 = 960221739782881106555520690425010021039585697375816813285014948220116582496349414446142162406509753922593294847577826271344763374425662278801507623833820453216455460185550582399315410348641894949519588859323455000172448782529224481484918103318720863771957070639951336008985481947370670335767955378467353564540035526375700200523121630039790665126285801382016391303110496204411872885996357354686792750135457983293270066969146882695818607312528809187016517329593195740668810983171380331914401335171387213965098493731439319476275893571797762861205757895023884585731945877491242801012769926227492771321066531612791066707440624147290380155429468669494769813751862398804945260809411280200398348147795410174888383205691492187198062430278675590774396397281939708919378301067496400267178657524850286567847615206797163142422024404626731519858652912211514019423275106047908769463693293757782776222110798002284650689612049828032376408961151193626321252723460150586589089554245715379071888777564666860949848005686192812909337601685707804165804391349748040122892709856331573634788924909137912414238191925947288844267171022696511723826646623945630158106755346844078558126606952907847470260872591076346814485117343087981545828213509231993289085481079
k3 = 799737129063619060980186531810540973616519619203110282518893207950107032146263649853584297641702236374647934368387645168243333744620375086421375217304328649047889464104572220385314337647812195946053145934972855486518217344467748649395041364170018881222850516218463457694043690070610237878709202140505622325856394862233739651070594401354996501462264916343662664663750294863619369110306031216985620216531032240789225780217360237093973705672203318815400457665497655830930368916738077012489344585922166324933843097891531710057912227460681611764729991272097760822195680648333439781758314525469445823330621961732379024591923851064623673967629656983337270502231192038213311591591852092660431136466541584566799881928515491081391784205577911778860376258928442453391179453117517770706569098118773667261672847676362128880181433677057980663416494282366577752013642111948903060977493035948850819640995719344234551655987738805766061084497694525597901163154991914475628938146786417045064604883915272654028399820284008006221014104129294794152326436558376269116528596225864413103050355700341444198858362383935631584183877470020797558532096820474349736907328329150651341592335719339672129460954391715475554119213934697947889992942331391289874986722644
c3 = 931797555253192482989295432719099701351725859216950729469328137669368124524037275640969388386294393863186533642116864964902964176998076338604990103121527015467339604839513187289532824213203400067099767775735388546384888382618864386446365393297408865199811109011533921601107559078837930497335475413751998769666310700512719654775817073566628105606295367733582808225698806269677813440049932235996765125355716503296196997654429151489480851485231905421974216329262367438935656139424158432987182719342429331558088121739762373105585510925738731762080307813016673130073259117866068045713316807346582009739697941333093783066128418383088176394567764937369175627648077187727514232345675336885442770669792084018689606391841348624952897664676154759047521966624373811267917078799812617422111420583245858467168273670917230712601889749733664525919016162074632146206866827081484263360545715204692637956990824806452529593025178450715208783670127033609657051746563255216566806770015789200150070927993530100790362032729177252769026244410363639800134084155592002493615681452472126869694192600950243247202905294879485713700522046811740291436627119252689670273539661939802646693394326061378651878486620673271447923987682207439505838886221198451291168850926
Q = 409769201286042520263200333546996463643161763414612173001850880
c = 65327730069392099560592212062758966359893028444080519192014624164847259261454
q = 2**256 - 189
The trouble I am having is understanding how the input string for the SHA-256 function is generated by combining all the inputs. The only cue I have is a bunch of following C code that doesn't make much sense to me because I haven't done C programming in a while.
The C code:
void Crypto_cp_proof_challenge(struct hash *challenge_out,
struct encryption_rep encryption,
struct encryption_rep commitment,
struct hash base_hash)
{
SHA2_CTX context;
//Serialize the base hash
uint8_t *base_serial = Serialize_reserve_write_hash(base_hash);
//Generate the challenge
SHA256Init(&context);
SHA256Update(&context, base_serial, SHA256_DIGEST_LENGTH);
Crypto_hash_update_bignum_p(&context, encryption.nonce_encoding);
Crypto_hash_update_bignum_p(&context, encryption.message_encoding);
Crypto_hash_update_bignum_p(&context, commitment.nonce_encoding);
Crypto_hash_update_bignum_p(&context, commitment.message_encoding);
Crypto_hash_final(challenge_out, &context);
}
void Crypto_hash_update_bignum_p(SHA2_CTX *context, mpz_t num)
{
uint8_t *serialized_buffer = Serialize_reserve_write_bignum(num);
SHA256Update(context, serialized_buffer, 4096 / 8);
free(serialized_buffer);
}
uint8_t *Serialize_reserve_write_bignum(mpz_t in)
{
struct serialize_state state = {.status = SERIALIZE_STATE_RESERVING,
.len = 0,
.offset = 0,
.buf = NULL};
Serialize_reserve_uint4096(&state, NULL);
Serialize_allocate(&state);
Serialize_write_uint4096(&state, in);
assert(state.len == 512);
return state.buf;
}
void Serialize_write_uint4096(struct serialize_state *state, const mpz_t data)
{
Serialize_write_uint64_ts(state, data, UINT4096_WORD_COUNT);
}
void Serialize_write_uint64_ts(struct serialize_state *state, const mpz_t data,
int ct)
{
uint64_t *tmp = NULL;
bignum_status export_status = export_to_64_t(data, ct, &tmp);
if (export_status == BIGNUM_SUCCESS)
{
if (tmp != NULL)
{
for (uint32_t i = 0; i < ct; i++)
{
Serialize_write_uint64(state, &tmp[i]);
}
free(tmp);
}
else
{
DEBUG_PRINT(("\nSerialize_write_uint64_ts: tmp is null - FAILED!\n"));
}
}
else
{
DEBUG_PRINT(("\nSerialize_write_uint64_ts: export_to_64_t - FAILED!\n"));
state->status = export_status == BIGNUM_IO_ERROR
? SERIALIZE_STATE_IO_ERROR
: SERIALIZE_STATE_INSUFFICIENT_MEMORY;
}
}
I have to replicate the function in Python. I would be really thankful if somebody can help me understand the flow of data in the C code, especially how the inputs are combined into a single string that is passed to the SHA-256 function.
Thanks.
来源:https://stackoverflow.com/questions/62124312/i-need-help-understanding-how-the-input-for-a-sha-256-function-is-generated-for