Lines Matching refs:xb
10 * In the definition, (xa, xb, xc, xd) are Alice's (x1, x2, x3, x4) or
31 BIGNUM *xb; /* Alice's x2 or Bob's x4 */
91 ctx->xb = BN_new();
100 BN_clear_free(ctx->xb);
255 /* Generate each party's random numbers. xa is in [0, q), xb is in [1, q). */
268 /* ... and xb in [0, q-1) */
269 BN_rand_range(ctx->xb, qm1);
271 BN_add_word(ctx->xb, 1);
281 generate_step_part(&send->p2, ctx->xb, ctx->p.g, ctx);
353 * X = g^{(xa + xc + xd) * xb * s}
361 /* t2 = xb * s */
362 BN_mod_mul(t2, ctx->xb, ctx->secret, ctx->p.q, ctx->ctx);
365 * ZKP(xb * s)
370 * as the generator, which means X is g'^{xb * s}
371 * X = t1^{t2} = t1^{xb * s} = g^{(xa + xc + xd) * xb * s}
382 /* gx = g^{xc + xa + xb} * xd * s */
390 * K = (gx/g^{xb * xd * s})^{xb}
391 * = (g^{(xc + xa + xb) * xd * s - xb * xd *s})^{xb}
392 * = (g^{(xa + xc) * xd * s})^{xb}
393 * = g^{(xa + xc) * xb * xd * s}
397 /* t1 = (g^{xd})^{xb} = g^{xb * xd} */
398 BN_mod_exp(t1, ctx->p.gxd, ctx->xb, ctx->p.p, ctx->ctx);
401 /* t3 = t1^t2 = g^{-xb * xd * s} */
403 /* t1 = gx * t3 = X/g^{xb * xd * s} */
405 /* K = t1^{xb} */
406 BN_mod_exp(ctx->key, t1, ctx->xb, ctx->p.p, ctx->ctx);
423 * g' = g^{xc + xa + xb} [from our POV]
424 * t1 = xa + xb
426 BN_mod_add(t1, ctx->xa, ctx->xb, ctx->p.q, ctx->ctx);
427 /* t2 = g^{t1} = g^{xa+xb} */
429 /* t1 = g^{xc} * t2 = g^{xc + xa + xb} */