http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/85fabaa6/go/src/github.com/miracl/amcl-go/crypto_test.go ---------------------------------------------------------------------- diff --git a/go/src/github.com/miracl/amcl-go/crypto_test.go b/go/src/github.com/miracl/amcl-go/crypto_test.go deleted file mode 100644 index 710204e..0000000 --- a/go/src/github.com/miracl/amcl-go/crypto_test.go +++ /dev/null @@ -1,1194 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -package amcl - -import ( - "crypto/rand" - "encoding/hex" - "fmt" - mathrand "math/rand" - "testing" - - "github.com/stretchr/testify/assert" -) - -const nIter int = 1000 - -func TestCryptoGoodPIN(t *testing.T) { - want := 0 - // Assign the End-User an ID - IDstr := "[email protected]" - ID := []byte(IDstr) - - // Epoch time in days - date := 16660 - - // Epoch time in seconds - timeValue := 1439465203 - - // PIN variable to create token - PIN1 := 1234 - // PIN variable to authenticate - PIN2 := 1234 - - // Seed value for Random Number Generator (RNG) - seedHex := "9e8b4178790cd57a5761c4a6f164ba72" - seed, err := hex.DecodeString(seedHex) - if err != nil { - fmt.Println("Error decoding seed value") - return - } - rng := NewRAND() - rng.Seed(len(seed), seed) - - // Message to sign - var MESSAGE []byte - - // Generate Master Secret Share 1 - _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Generate Master Secret Share 2 - _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Either Client or TA calculates Hash(ID) - HCID := MPIN_HASH_ID(ID) - - // Generate server secret share 1 - _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:]) - - // Generate server secret share 2 - _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:]) - - // Combine server secret shares - _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:]) - - // Generate client secret share 1 - _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID) - - // Generate client secret share 2 - _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID) - - // Combine client secret shares - CS := make([]byte, G1S) - _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:]) - - // Generate time permit share 1 - _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID) - - // Generate time permit share 2 - _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID) - - // Combine time permit shares - _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:]) - - // Create token - _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:]) - - // Send U, UT, V, timeValue and Message to server - var X [EGS]byte - _, _, _, V, U, UT := MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:]) - - got, _, _, _, _, _ := MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], ID[:], MESSAGE[:]) - assert.Equal(t, want, got, "Should be equal") -} - -func TestCryptoBadPIN(t *testing.T) { - want := -19 - // Assign the End-User an ID - IDstr := "[email protected]" - ID := []byte(IDstr) - - // Epoch time in days - date := 16660 - - // Epoch time in seconds - timeValue := 1439465203 - - // PIN variable to create token - PIN1 := 1234 - // PIN variable to authenticate - PIN2 := 1235 - - // Seed value for Random Number Generator (RNG) - seedHex := "9e8b4178790cd57a5761c4a6f164ba72" - seed, err := hex.DecodeString(seedHex) - if err != nil { - fmt.Println("Error decoding seed value") - return - } - rng := NewRAND() - rng.Seed(len(seed), seed) - - // Message to sign - var MESSAGE []byte - - // Generate Master Secret Share 1 - _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Generate Master Secret Share 2 - _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Either Client or TA calculates Hash(ID) - HCID := MPIN_HASH_ID(ID) - - // Generate server secret share 1 - _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:]) - - // Generate server secret share 2 - _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:]) - - // Combine server secret shares - _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:]) - - // Generate client secret share 1 - _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID) - - // Generate client secret share 2 - _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID) - - // Combine client secret shares - CS := make([]byte, G1S) - _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:]) - - // Generate time permit share 1 - _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID) - - // Generate time permit share 2 - _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID) - - // Combine time permit shares - _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:]) - - // Create token - _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:]) - - ////// Client ////// - - // Send U, UT, V, timeValue and Message to server - var X [EGS]byte - _, _, _, V, U, UT := MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:]) - - ////// Server ////// - got, _, _, _, _, _ := MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], ID[:], MESSAGE[:]) - assert.Equal(t, want, got, "Should be equal") -} - -func TestCryptoBadToken(t *testing.T) { - want := -19 - // Assign the End-User an ID - IDstr := "[email protected]" - ID := []byte(IDstr) - - // Epoch time in days - date := 16660 - - // Epoch time in seconds - timeValue := 1439465203 - - // PIN variable to create token - PIN1 := 1234 - // PIN variable to authenticate - PIN2 := 1234 - - // Seed value for Random Number Generator (RNG) - seedHex := "9e8b4178790cd57a5761c4a6f164ba72" - seed, err := hex.DecodeString(seedHex) - if err != nil { - fmt.Println("Error decoding seed value") - return - } - rng := NewRAND() - rng.Seed(len(seed), seed) - - // Message to sign - var MESSAGE []byte - - // Generate Master Secret Share 1 - _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Generate Master Secret Share 2 - _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Either Client or TA calculates Hash(ID) - HCID := MPIN_HASH_ID(ID) - - // Generate server secret share 1 - _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:]) - - // Generate server secret share 2 - _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:]) - - // Combine server secret shares - _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:]) - - // Generate client secret share 1 - _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID) - - // Generate client secret share 2 - _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID) - - // Combine client secret shares - CS := make([]byte, G1S) - _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:]) - - // Generate time permit share 1 - _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID) - - // Generate time permit share 2 - _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID) - - // Combine time permit shares - _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:]) - - // Create token - _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:]) - - // Send U, UT, V, timeValue and Message to server - var X [EGS]byte - _, _, _, _, U, UT := MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:]) - - // Send UT as V to model bad token - got, _, _, _, _, _ := MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], UT[:], ID[:], MESSAGE[:]) - assert.Equal(t, want, got, "Should be equal") -} - -func TestCryptoRandom(t *testing.T) { - want := 0 - - for i := 0; i < nIter; i++ { - - // Seed value for Random Number Generator (RNG) - seed := make([]byte, 16) - rand.Read(seed) - rng := NewRAND() - rng.Seed(len(seed), seed) - - // Epoch time in days - date := MPIN_today() - - // Epoch time in seconds - timeValue := MPIN_GET_TIME() - - // PIN variable to create token - PIN1 := mathrand.Intn(10000) - // PIN variable to authenticate - PIN2 := PIN1 - - // Assign the End-User a random ID - ID := make([]byte, 16) - rand.Read(ID) - - // Message to sign - var MESSAGE []byte - - // Generate Master Secret Share 1 - _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Generate Master Secret Share 2 - _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Either Client or TA calculates Hash(ID) - HCID := MPIN_HASH_ID(ID) - - // Generate server secret share 1 - _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:]) - - // Generate server secret share 2 - _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:]) - - // Combine server secret shares - _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:]) - - // Generate client secret share 1 - _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID) - - // Generate client secret share 2 - _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID) - - // Combine client secret shares - CS := make([]byte, G1S) - _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:]) - - // Generate time permit share 1 - _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID) - - // Generate time permit share 2 - _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID) - - // Combine time permit shares - _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:]) - - // Create token - _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:]) - - // Send U, UT, V, timeValue and Message to server - var X [EGS]byte - _, _, _, V, U, UT := MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:]) - - got, _, _, _, _, _ := MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], ID[:], MESSAGE[:]) - assert.Equal(t, want, got, "Should be equal") - } -} - -func TestCryptoGoodSignature(t *testing.T) { - want := 0 - // Assign the End-User an ID - IDstr := "[email protected]" - ID := []byte(IDstr) - - // Message to sign - MESSAGE := []byte("test message to sign") - - // Epoch time in days - date := 16660 - - // Epoch time in seconds - timeValue := 1439465203 - - // PIN variable to create token - PIN1 := 1234 - // PIN variable to authenticate - PIN2 := 1234 - - // Seed value for Random Number Generator (RNG) - seedHex := "9e8b4178790cd57a5761c4a6f164ba72" - seed, err := hex.DecodeString(seedHex) - if err != nil { - fmt.Println("Error decoding seed value") - return - } - rng := NewRAND() - rng.Seed(len(seed), seed) - - // Generate Master Secret Share 1 - _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Generate Master Secret Share 2 - _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Either Client or TA calculates Hash(ID) - HCID := MPIN_HASH_ID(ID) - - // Generate server secret share 1 - _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:]) - - // Generate server secret share 2 - _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:]) - - // Combine server secret shares - _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:]) - - // Generate client secret share 1 - _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID) - - // Generate client secret share 2 - _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID) - - // Combine client secret shares - CS := make([]byte, G1S) - _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:]) - - // Generate time permit share 1 - _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID) - - // Generate time permit share 2 - _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID) - - // Combine time permit shares - _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:]) - - // Create token - _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:]) - - // Send U, UT, V, timeValue and Message to server - var X [EGS]byte - _, _, _, V, U, UT := MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:]) - - // Authenticate - got, _, _, _, _, _ := MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], ID[:], MESSAGE[:]) - assert.Equal(t, want, got, "Should be equal") -} - -func TestCryptoSignatureExpired(t *testing.T) { - want := -19 - // Assign the End-User an ID - IDstr := "[email protected]" - ID := []byte(IDstr) - - // Message to sign - MESSAGE := []byte("test message to sign") - - // Epoch time in days - date := 16660 - - // Epoch time in seconds - timeValue := 1439465203 - - // PIN variable to create token - PIN1 := 1234 - // PIN variable to authenticate - PIN2 := 1234 - - // Seed value for Random Number Generator (RNG) - seedHex := "9e8b4178790cd57a5761c4a6f164ba72" - seed, err := hex.DecodeString(seedHex) - if err != nil { - fmt.Println("Error decoding seed value") - return - } - rng := NewRAND() - rng.Seed(len(seed), seed) - - // Generate Master Secret Share 1 - _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Generate Master Secret Share 2 - _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Either Client or TA calculates Hash(ID) - HCID := MPIN_HASH_ID(ID) - - // Generate server secret share 1 - _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:]) - - // Generate server secret share 2 - _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:]) - - // Combine server secret shares - _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:]) - - // Generate client secret share 1 - _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID) - - // Generate client secret share 2 - _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID) - - // Combine client secret shares - CS := make([]byte, G1S) - _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:]) - - // Generate time permit share 1 - _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID) - - // Generate time permit share 2 - _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID) - - // Combine time permit shares - _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:]) - - // Create token - _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:]) - - // Send U, UT, V, timeValue and Message to server - var X [EGS]byte - _, _, _, V, U, UT := MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:]) - - timeValue += 10 - // Authenticate - got, _, _, _, _, _ := MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], ID[:], MESSAGE[:]) - assert.Equal(t, want, got, "Should be equal") -} - -func TestCryptoBadSignature(t *testing.T) { - want := -19 - // Assign the End-User an ID - IDstr := "[email protected]" - ID := []byte(IDstr) - - // Message to sign - MESSAGE := []byte("test message to sign") - - // Epoch time in days - date := 16660 - - // Epoch time in seconds - timeValue := 1439465203 - - // PIN variable to create token - PIN1 := 1234 - // PIN variable to authenticate - PIN2 := 1234 - - // Seed value for Random Number Generator (RNG) - seedHex := "9e8b4178790cd57a5761c4a6f164ba72" - seed, err := hex.DecodeString(seedHex) - if err != nil { - fmt.Println("Error decoding seed value") - return - } - rng := NewRAND() - rng.Seed(len(seed), seed) - - // Generate Master Secret Share 1 - _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Generate Master Secret Share 2 - _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Either Client or TA calculates Hash(ID) - HCID := MPIN_HASH_ID(ID) - - // Generate server secret share 1 - _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:]) - - // Generate server secret share 2 - _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:]) - - // Combine server secret shares - _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:]) - - // Generate client secret share 1 - _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID) - - // Generate client secret share 2 - _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID) - - // Combine client secret shares - CS := make([]byte, G1S) - _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:]) - - // Generate time permit share 1 - _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID) - - // Generate time permit share 2 - _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID) - - // Combine time permit shares - _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:]) - - // Create token - _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:]) - - // Send U, UT, V, timeValue and Message to server - var X [EGS]byte - _, _, _, V, U, UT := MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:]) - - // Authenticate - MESSAGE[0] = 00 - got, _, _, _, _, _ := MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], ID[:], MESSAGE[:]) - assert.Equal(t, want, got, "Should be equal") -} - -func TestCryptoPINError(t *testing.T) { - want := 1 - // Assign the End-User an ID - IDstr := "[email protected]" - ID := []byte(IDstr) - - // Epoch time in days - date := 16660 - - // Epoch time in seconds - timeValue := 1439465203 - - // PIN variable to create token - PIN1 := 1234 - // PIN variable to authenticate - PIN2 := 1235 - - // Seed value for Random Number Generator (RNG) - seedHex := "9e8b4178790cd57a5761c4a6f164ba72" - seed, err := hex.DecodeString(seedHex) - if err != nil { - fmt.Println("Error decoding seed value") - return - } - rng := NewRAND() - rng.Seed(len(seed), seed) - - // Message to sign - var MESSAGE []byte - - // Generate Master Secret Share 1 - _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Generate Master Secret Share 2 - _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Either Client or TA calculates Hash(ID) - HCID := MPIN_HASH_ID(ID) - - // Generate server secret share 1 - _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:]) - - // Generate server secret share 2 - _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:]) - - // Combine server secret shares - _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:]) - - // Generate client secret share 1 - _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID) - - // Generate client secret share 2 - _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID) - - // Combine client secret shares - CS := make([]byte, G1S) - _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:]) - - // Generate time permit share 1 - _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID) - - // Generate time permit share 2 - _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID) - - // Combine time permit shares - _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:]) - - // Create token - _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:]) - - // Send U, UT, V, timeValue and Message to server - var X [EGS]byte - _, _, _, V, U, UT := MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:]) - - _, _, _, _, E, F := MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], ID[:], MESSAGE[:]) - - got := MPIN_KANGAROO(E[:], F[:]) - assert.Equal(t, want, got, "Should be equal") -} - -func TestCryptoMPINFull(t *testing.T) { - want := "0afc948b03b2733a0663571f86411a07" - // Assign the End-User an ID - IDstr := "[email protected]" - ID := []byte(IDstr) - - // Epoch time in days - date := 16660 - - // Epoch time in seconds - timeValue := 1439465203 - - // PIN variable to create token - PIN1 := 1234 - // PIN variable to authenticate - PIN2 := 1234 - - // Seed value for Random Number Generator (RNG) - seedHex := "9e8b4178790cd57a5761c4a6f164ba72" - seed, err := hex.DecodeString(seedHex) - if err != nil { - fmt.Println("Error decoding seed value") - return - } - rng := NewRAND() - rng.Seed(len(seed), seed) - - // Message to sign - var MESSAGE []byte - - // Generate Master Secret Share 1 - _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Generate Master Secret Share 2 - _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Either Client or TA calculates Hash(ID) - HCID := MPIN_HASH_ID(ID) - - // Generate server secret share 1 - _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:]) - - // Generate server secret share 2 - _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:]) - - // Combine server secret shares - _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:]) - - // Generate client secret share 1 - _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID) - - // Generate client secret share 2 - _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID) - - // Combine client secret shares - CS := make([]byte, G1S) - _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:]) - - // Generate time permit share 1 - _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID) - - // Generate time permit share 2 - _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID) - - // Combine time permit shares - _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:]) - - // Create token - _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:]) - - // Precomputation - _, G1, G2 := MPIN_PRECOMPUTE_WRAP(TOKEN[:], HCID) - - // Send U, UT, V, timeValue and Message to server - var X [EGS]byte - _, XOut, _, V, U, UT := MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:]) - - // Send Z=r.ID to Server - var R [EGS]byte - _, ROut, Z := MPIN_GET_G1_MULTIPLE_WRAP(rng, 1, R[:], HCID[:]) - - // Authenticate - _, _, HTID, _, _, _ := MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], ID[:], MESSAGE[:]) - - // send T=w.ID to client - var W [EGS]byte - _, WOut, T := MPIN_GET_G1_MULTIPLE_WRAP(rng, 0, W[:], HTID[:]) - - _, AES_KEY_SERVER := MPIN_SERVER_KEY_WRAP(Z[:], SS[:], WOut[:], U[:], UT[:]) - got := hex.EncodeToString(AES_KEY_SERVER[:]) - if got != want { - t.Errorf("%s != %s", want, got) - } - - _, AES_KEY_CLIENT := MPIN_CLIENT_KEY_WRAP(PIN2, G1[:], G2[:], ROut[:], XOut[:], T[:]) - got = hex.EncodeToString(AES_KEY_CLIENT[:]) - assert.Equal(t, want, got, "Should be equal") -} - -// Subtract a 256 bit PIN -func TestCrypoSubBigPIN(t *testing.T) { - want := "042182235070802ebc33633e70e6628f48fd896e86dfc40c81227caa2792367a581d461dbba6efa30896c71f427df335885142cc6fb64ba082ff9573b9276475c0" - - IDHex := "7465737455736572406365727469766f782e636f6d" - ID, err := hex.DecodeString(IDHex) - assert.Equal(t, nil, err, "Should be equal") - - TOKENHex := "0422a522b5c05d06cde3a65872656ab596e111c4ea7c0c349bac26f0bdaf7d5f0a1ea8a0cab99d06677cfbc3c8d667e7b0af33b9ed4df007b0ccc8c2b77353bbe6" - TOKEN, err := hex.DecodeString(TOKENHex) - assert.Equal(t, nil, err, "Should be equal") - - // Seed value for Random Number Generator (RNG) - seedHex := "9e8b4178790cd57a5761c4a6f164ba72" - seed, err := hex.DecodeString(seedHex) - assert.Equal(t, nil, err, "Should be equal") - rng := NewRAND() - rng.Seed(len(seed), seed) - - // Generate big PIN - 256 bits - errorCode, PIN := MPIN_RANDOM_GENERATE_WRAP(rng) - assert.Equal(t, 0, errorCode, "Should be equal") - - // Extract big PIN - errorCode, TK := MPIN_EXTRACT_BIG_PIN_WRAP(ID[:], PIN[:], TOKEN[:]) - assert.Equal(t, 0, errorCode, "Should be equal") - got := hex.EncodeToString(TK[:]) - assert.Equal(t, want, got, "Should be equal") -} - -// Add a 256 bit PIN -func TestCrypoAddBigPIN(t *testing.T) { - want := "0422a522b5c05d06cde3a65872656ab596e111c4ea7c0c349bac26f0bdaf7d5f0a1ea8a0cab99d06677cfbc3c8d667e7b0af33b9ed4df007b0ccc8c2b77353bbe6" - - IDHex := "7465737455736572406365727469766f782e636f6d" - ID, err := hex.DecodeString(IDHex) - assert.Equal(t, nil, err, "Should be equal") - - TOKENHex := "042182235070802ebc33633e70e6628f48fd896e86dfc40c81227caa2792367a581d461dbba6efa30896c71f427df335885142cc6fb64ba082ff9573b9276475c0" - TOKEN, err := hex.DecodeString(TOKENHex) - assert.Equal(t, nil, err, "Should be equal") - - PINHex := "1b18b8b882daf76a18bf2278fe4e15c62eed8131e708573375fd81a8415014b3" - PIN, err := hex.DecodeString(PINHex) - assert.Equal(t, nil, err, "Should be equal") - - // Extract big PIN - errorCode, TK := MPIN_ADD_BIG_PIN_WRAP(ID[:], PIN[:], TOKEN[:]) - assert.Equal(t, 0, errorCode, "Should be equal") - got := hex.EncodeToString(TK[:]) - assert.Equal(t, want, got, "Should be equal") -} - -// Split key -func TestCryptoSplitKey(t *testing.T) { - want := "64b36b7a0395e61350de8839adb019d5ae2134052b8533e7c4bbab3965e0af1b" - - // Seed value for Random Number Generator (RNG) - seedHex := "9e8b4178790cd57a5761c4a6f164ba72" - seed, err := hex.DecodeString(seedHex) - assert.Equal(t, nil, err, "Should be equal") - rng := NewRAND() - rng.Seed(len(seed), seed) - - // Generate big PIN - 256 bits - errorCode, PIN := MPIN_RANDOM_GENERATE_WRAP(rng) - assert.Equal(t, 0, errorCode, "Should be equal") - PINHex := hex.EncodeToString(PIN[:]) - PINGoldHex := "1b18b8b882daf76a18bf2278fe4e15c62eed8131e708573375fd81a8415014b3" - assert.Equal(t, PINGoldHex, PINHex, "Should be equal") - - n := len(PIN) - // Split key by C = PIN ^ A ^ B - A := GENERATE_RANDOM(rng, n) - - B := GENERATE_RANDOM(rng, n) - - C, errorCode := XORBytes(PIN[:], A[:], B[:]) - assert.Equal(t, 0, errorCode, "Should be equal") - got := hex.EncodeToString(C[:]) - assert.Equal(t, want, got, "Should be equal") -} - -// Combine key shares -func TestCryptoCombineKey(t *testing.T) { - want := "1b18b8b882daf76a18bf2278fe4e15c62eed8131e708573375fd81a8415014b3" - - CHex := "64b36b7a0395e61350de8839adb019d5ae2134052b8533e7c4bbab3965e0af1b" - C, err := hex.DecodeString(CHex) - assert.Equal(t, nil, err, "Should be equal") - - AHex := "c5add1327790087193ae541acd6dc3264c19a12afaf196291d0820c611d3fcd4" - A, err := hex.DecodeString(AHex) - assert.Equal(t, nil, err, "Should be equal") - - BHex := "ba0602f0f6df1908dbcffe5b9e93cf35ccd5141e367cf2fdac4e0a573563477c" - B, err := hex.DecodeString(BHex) - assert.Equal(t, nil, err, "Should be equal") - - // Combine key shares PIN = A ^ B ^ C - PIN, errorCode := XORBytes(C[:], A[:], B[:]) - assert.Equal(t, 0, errorCode, "Should be equal") - got := hex.EncodeToString(PIN[:]) - assert.Equal(t, want, got, "Should be equal") -} - -func TestCryptoTwoPassGoodPIN(t *testing.T) { - want := 0 - // Assign the End-User an ID - IDstr := "[email protected]" - ID := []byte(IDstr) - - // Epoch time in days - date := 16660 - - // PIN variable to create token - PIN1 := 1234 - // PIN variable to authenticate - PIN2 := 1234 - - // Seed value for Random Number Generator (RNG) - seedHex := "9e8b4178790cd57a5761c4a6f164ba72" - seed, err := hex.DecodeString(seedHex) - if err != nil { - fmt.Println("Error decoding seed value") - return - } - rng := NewRAND() - rng.Seed(len(seed), seed) - - // Generate Master Secret Share 1 - _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Generate Master Secret Share 2 - _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Either Client or TA calculates Hash(ID) - HCID := MPIN_HASH_ID(ID) - - // Generate server secret share 1 - _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:]) - - // Generate server secret share 2 - _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:]) - - // Combine server secret shares - _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:]) - - // Generate client secret share 1 - _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID) - - // Generate client secret share 2 - _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID) - - // Combine client secret shares - CS := make([]byte, G1S) - _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:]) - - // Generate time permit share 1 - _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID) - - // Generate time permit share 2 - _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID) - - // Combine time permit shares - _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:]) - - // Create token - _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:]) - - // Client Pass 1 - var X [EGS]byte - _, _, SEC, U, UT := MPIN_CLIENT_1_WRAP(date, ID, rng, X[:], PIN2, TOKEN[:], TP[:]) - - // Server Pass 1 - HID, HTID := MPIN_SERVER_1_WRAP(date, ID) - _, Y := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Client Pass 2 - _, V := MPIN_CLIENT_2_WRAP(X[:], Y[:], SEC[:]) - - // Server Pass 2 - got, _, _ := MPIN_SERVER_2_WRAP(date, HID[:], HTID[:], Y[:], SS[:], U[:], UT[:], V[:]) - assert.Equal(t, want, got, "Should be equal") -} - -func TestCryptoTwoPassBadPIN(t *testing.T) { - want := -19 - // Assign the End-User an ID - IDstr := "[email protected]" - ID := []byte(IDstr) - - // Epoch time in days - date := 16660 - - // PIN variable to create token - PIN1 := 1234 - // PIN variable to authenticate - PIN2 := 1235 - - // Seed value for Random Number Generator (RNG) - seedHex := "9e8b4178790cd57a5761c4a6f164ba72" - seed, err := hex.DecodeString(seedHex) - if err != nil { - fmt.Println("Error decoding seed value") - return - } - rng := NewRAND() - rng.Seed(len(seed), seed) - - // Generate Master Secret Share 1 - _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Generate Master Secret Share 2 - _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Either Client or TA calculates Hash(ID) - HCID := MPIN_HASH_ID(ID) - - // Generate server secret share 1 - _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:]) - - // Generate server secret share 2 - _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:]) - - // Combine server secret shares - _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:]) - - // Generate client secret share 1 - _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID) - - // Generate client secret share 2 - _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID) - - // Combine client secret shares - CS := make([]byte, G1S) - _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:]) - - // Generate time permit share 1 - _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID) - - // Generate time permit share 2 - _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID) - - // Combine time permit shares - _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:]) - - // Create token - _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:]) - - // Client Pass 1 - var X [EGS]byte - _, _, SEC, U, UT := MPIN_CLIENT_1_WRAP(date, ID, rng, X[:], PIN2, TOKEN[:], TP[:]) - - // Server Pass 1 - HID, HTID := MPIN_SERVER_1_WRAP(date, ID) - _, Y := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Client Pass 2 - _, V := MPIN_CLIENT_2_WRAP(X[:], Y[:], SEC[:]) - - // Server Pass 2 - got, _, _ := MPIN_SERVER_2_WRAP(date, HID[:], HTID[:], Y[:], SS[:], U[:], UT[:], V[:]) - assert.Equal(t, want, got, "Should be equal") -} - -func TestCryptoTwoPassBadToken(t *testing.T) { - want := -19 - // Assign the End-User an ID - IDstr := "[email protected]" - ID := []byte(IDstr) - - // Epoch time in days - date := 16660 - - // PIN variable to create token - PIN1 := 1234 - // PIN variable to authenticate - PIN2 := 1234 - - // Seed value for Random Number Generator (RNG) - seedHex := "9e8b4178790cd57a5761c4a6f164ba72" - seed, err := hex.DecodeString(seedHex) - if err != nil { - fmt.Println("Error decoding seed value") - return - } - rng := NewRAND() - rng.Seed(len(seed), seed) - - // Generate Master Secret Share 1 - _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Generate Master Secret Share 2 - _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Either Client or TA calculates Hash(ID) - HCID := MPIN_HASH_ID(ID) - - // Generate server secret share 1 - _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:]) - - // Generate server secret share 2 - _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:]) - - // Combine server secret shares - _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:]) - - // Generate client secret share 1 - _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID) - - // Generate client secret share 2 - _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID) - - // Combine client secret shares - CS := make([]byte, G1S) - _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:]) - - // Generate time permit share 1 - _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID) - - // Generate time permit share 2 - _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID) - - // Combine time permit shares - _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:]) - - // Create token - _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:]) - - // Client Pass 1 - var X [EGS]byte - _, _, SEC, U, UT := MPIN_CLIENT_1_WRAP(date, ID, rng, X[:], PIN2, TOKEN[:], TP[:]) - - // Server Pass 1 - HID, HTID := MPIN_SERVER_1_WRAP(date, ID) - _, Y := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Client Pass 2 - _, _ = MPIN_CLIENT_2_WRAP(X[:], Y[:], SEC[:]) - - // Server Pass 2 - // Send UT as V to model bad token - got, _, _ := MPIN_SERVER_2_WRAP(date, HID[:], HTID[:], Y[:], SS[:], U[:], UT[:], UT[:]) - assert.Equal(t, want, got, "Should be equal") -} - -func TestCryptoRandomTwoPass(t *testing.T) { - want := 0 - - for i := 0; i < nIter; i++ { - - // Seed value for Random Number Generator (RNG) - seed := make([]byte, 16) - rand.Read(seed) - rng := NewRAND() - rng.Seed(len(seed), seed) - - // Epoch time in days - date := MPIN_today() - - // PIN variable to create token - PIN1 := mathrand.Intn(10000) - // PIN variable to authenticate - PIN2 := PIN1 - - // Assign the End-User a random ID - ID := make([]byte, 16) - rand.Read(ID) - - // Generate Master Secret Share 1 - _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Generate Master Secret Share 2 - _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Either Client or TA calculates Hash(ID) - HCID := MPIN_HASH_ID(ID) - - // Generate server secret share 1 - _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:]) - - // Generate server secret share 2 - _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:]) - - // Combine server secret shares - _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:]) - - // Generate client secret share 1 - _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID) - - // Generate client secret share 2 - _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID) - - // Combine client secret shares - CS := make([]byte, G1S) - _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:]) - - // Generate time permit share 1 - _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID) - - // Generate time permit share 2 - _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID) - - // Combine time permit shares - _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:]) - - // Create token - _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:]) - - // Client Pass 1 - var X [EGS]byte - _, _, SEC, U, UT := MPIN_CLIENT_1_WRAP(date, ID, rng, X[:], PIN2, TOKEN[:], TP[:]) - - // Server Pass 1 - HID, HTID := MPIN_SERVER_1_WRAP(date, ID) - _, Y := MPIN_RANDOM_GENERATE_WRAP(rng) - - // Client Pass 2 - _, V := MPIN_CLIENT_2_WRAP(X[:], Y[:], SEC[:]) - - // Server Pass 2 - got, _, _ := MPIN_SERVER_2_WRAP(date, HID[:], HTID[:], Y[:], SS[:], U[:], UT[:], V[:]) - assert.Equal(t, want, got, "Should be equal") - - } -}
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/85fabaa6/go/src/github.com/miracl/examples-cgo/README.txt ---------------------------------------------------------------------- diff --git a/go/src/github.com/miracl/examples-cgo/README.txt b/go/src/github.com/miracl/examples-cgo/README.txt deleted file mode 100644 index cc05766..0000000 --- a/go/src/github.com/miracl/examples-cgo/README.txt +++ /dev/null @@ -1,5 +0,0 @@ -When the library is built with; - --D USE_ANONYMOUS=on - -then the only example that works is mpinfullAnon.go http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/85fabaa6/go/src/github.com/miracl/examples-cgo/mpin.go ---------------------------------------------------------------------- diff --git a/go/src/github.com/miracl/examples-cgo/mpin.go b/go/src/github.com/miracl/examples-cgo/mpin.go deleted file mode 100644 index c25b2b2..0000000 --- a/go/src/github.com/miracl/examples-cgo/mpin.go +++ /dev/null @@ -1,221 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -package main - -import ( - "encoding/hex" - "fmt" - - amclcgo "github.com/miracl/amcl-cgo" - amclgo "github.com/miracl/amcl-go" -) - -func main() { - // Assign the End-User an ID - IDstr := "[email protected]" - ID := []byte(IDstr) - fmt.Printf("ID: ") - amclcgo.MPIN_printBinary(ID) - fmt.Printf("\n") - - // Epoch time in days - date := amclcgo.MPIN_today() - - // Epoch time in seconds - timeValue := amclcgo.MPIN_GET_TIME() - - // PIN variable to create token - PIN1 := -1 - // PIN variable to authenticate - PIN2 := -1 - - // Seed value for Random Number Generator (RNG) - seedHex := "9e8b4178790cd57a5761c4a6f164ba72" - seed, err := hex.DecodeString(seedHex) - if err != nil { - fmt.Println("Error decoding seed value") - return - } - rng := amclgo.NewRAND() - rng.Seed(len(seed), seed) - - // Message to sign - var MESSAGE []byte - // MESSAGE := []byte("test sign message") - - // Generate Master Secret Share 1 - rtn, MS1 := amclcgo.MPIN_RANDOM_GENERATE_WRAP(rng) - if rtn != 0 { - fmt.Println("MPIN_RANDOM_GENERATE Error:", rtn) - return - } - fmt.Printf("MS1: 0x") - amclcgo.MPIN_printBinary(MS1[:]) - - // Generate Master Secret Share 2 - rtn, MS2 := amclcgo.MPIN_RANDOM_GENERATE_WRAP(rng) - if rtn != 0 { - fmt.Println("MPIN_RANDOM_GENERATE Error:", rtn) - return - } - fmt.Printf("MS2: 0x") - amclcgo.MPIN_printBinary(MS2[:]) - - // Either Client or TA calculates Hash(ID) - HCID := amclcgo.MPIN_HASH_ID(ID) - - // Generate server secret share 1 - rtn, SS1 := amclcgo.MPIN_GET_SERVER_SECRET_WRAP(MS1[:]) - if rtn != 0 { - fmt.Println("MPIN_GET_SERVER_SECRET Error:", rtn) - return - } - fmt.Printf("SS1: 0x") - amclcgo.MPIN_printBinary(SS1[:]) - - // Generate server secret share 2 - rtn, SS2 := amclcgo.MPIN_GET_SERVER_SECRET_WRAP(MS2[:]) - if rtn != 0 { - fmt.Println("MPIN_GET_SERVER_SECRET Error:", rtn) - return - } - fmt.Printf("SS2: 0x") - amclcgo.MPIN_printBinary(SS2[:]) - - // Combine server secret shares - rtn, SS := amclcgo.MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:]) - if rtn != 0 { - fmt.Println("MPIN_RECOMBINE_G2(SS1, SS2) Error:", rtn) - return - } - fmt.Printf("SS: 0x") - amclcgo.MPIN_printBinary(SS[:]) - - // Generate client secret share 1 - rtn, CS1 := amclcgo.MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID) - if rtn != 0 { - fmt.Println("MPIN_GET_CLIENT_SECRET Error:", rtn) - return - } - fmt.Printf("Client Secret Share CS1: 0x") - amclcgo.MPIN_printBinary(CS1[:]) - - // Generate client secret share 2 - rtn, CS2 := amclcgo.MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID) - if rtn != 0 { - fmt.Println("MPIN_GET_CLIENT_SECRET Error:", rtn) - return - } - fmt.Printf("Client Secret Share CS2: 0x") - amclcgo.MPIN_printBinary(CS2[:]) - - // Combine client secret shares - CS := make([]byte, amclcgo.G1S) - rtn, CS = amclcgo.MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:]) - if rtn != 0 { - fmt.Println("MPIN_RECOMBINE_G1 Error:", rtn) - return - } - fmt.Printf("Client Secret CS: 0x") - amclcgo.MPIN_printBinary(CS[:]) - - // Generate time permit share 1 - rtn, TP1 := amclcgo.MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID) - if rtn != 0 { - fmt.Println("MPIN_GET_CLIENT_PERMIT Error:", rtn) - return - } - fmt.Printf("TP1: 0x") - amclcgo.MPIN_printBinary(TP1[:]) - - // Generate time permit share 2 - rtn, TP2 := amclcgo.MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID) - if rtn != 0 { - fmt.Println("MPIN_GET_CLIENT_PERMIT Error:", rtn) - return - } - fmt.Printf("TP2: 0x") - amclcgo.MPIN_printBinary(TP2[:]) - - // Combine time permit shares - rtn, TP := amclcgo.MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:]) - if rtn != 0 { - fmt.Println("MPIN_RECOMBINE_G1(TP1, TP2) Error:", rtn) - return - } - - // Client extracts PIN1 from secret to create Token - for PIN1 < 0 { - fmt.Printf("Please enter PIN to create token: ") - fmt.Scan(&PIN1) - } - - rtn, TOKEN := amclcgo.MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:]) - if rtn != 0 { - fmt.Printf("FAILURE: EXTRACT_PIN rtn: %d\n", rtn) - return - } - fmt.Printf("Client Token TK: 0x") - amclcgo.MPIN_printBinary(TOKEN[:]) - - ////// Client ////// - - for PIN2 < 0 { - fmt.Printf("Please enter PIN to authenticate: ") - fmt.Scan(&PIN2) - } - - // Send U, UT, V, timeValue and Message to server - var X [amclcgo.EGS]byte - fmt.Printf("X: 0x") - amclcgo.MPIN_printBinary(X[:]) - rtn, XOut, Y1, SEC, U, UT := amclcgo.MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:]) - if rtn != 0 { - fmt.Printf("FAILURE: CLIENT rtn: %d\n", rtn) - return - } - fmt.Printf("Y1: 0x") - amclcgo.MPIN_printBinary(Y1[:]) - fmt.Printf("XOut: 0x") - amclcgo.MPIN_printBinary(XOut[:]) - - ////// Server ////// - rtn, HID, HTID, Y2, E, F := amclcgo.MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], SEC[:], ID[:], MESSAGE[:]) - if rtn != 0 { - fmt.Printf("FAILURE: SERVER rtn: %d\n", rtn) - } - fmt.Printf("Y2: 0x") - amclcgo.MPIN_printBinary(Y2[:]) - fmt.Printf("HID: 0x") - amclcgo.MPIN_printBinary(HID[:]) - fmt.Printf("HTID: 0x") - amclcgo.MPIN_printBinary(HTID[:]) - - if rtn != 0 { - fmt.Printf("Authentication failed Error Code %d\n", rtn) - err := amclcgo.MPIN_KANGAROO(E[:], F[:]) - if err != 0 { - fmt.Printf("PIN Error %d\n", err) - } - return - } else { - fmt.Printf("Authenticated ID: %s \n", IDstr) - } -} http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/85fabaa6/go/src/github.com/miracl/examples-cgo/mpinTwoPass.go ---------------------------------------------------------------------- diff --git a/go/src/github.com/miracl/examples-cgo/mpinTwoPass.go b/go/src/github.com/miracl/examples-cgo/mpinTwoPass.go deleted file mode 100644 index 63b541b..0000000 --- a/go/src/github.com/miracl/examples-cgo/mpinTwoPass.go +++ /dev/null @@ -1,227 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -package main - -import ( - "encoding/hex" - "fmt" - - amclcgo "github.com/miracl/amcl-cgo" - amclgo "github.com/miracl/amcl-go" -) - -func main() { - // Assign the End-User an ID - IDstr := "[email protected]" - ID := []byte(IDstr) - fmt.Printf("ID: ") - amclcgo.MPIN_printBinary(ID) - fmt.Printf("\n") - - // Epoch time in days - date := amclcgo.MPIN_today() - - // PIN variable to create token - PIN1 := -1 - // PIN variable to authenticate - PIN2 := -1 - - // Seed value for Random Number Generator (RNG) - seedHex := "9e8b4178790cd57a5761c4a6f164ba72" - seed, err := hex.DecodeString(seedHex) - if err != nil { - fmt.Println("Error decoding seed value") - return - } - rng := amclgo.NewRAND() - rng.Seed(len(seed), seed) - - // Generate Master Secret Share 1 - rtn, MS1 := amclcgo.MPIN_RANDOM_GENERATE_WRAP(rng) - if rtn != 0 { - fmt.Println("MPIN_RANDOM_GENERATE Error:", rtn) - return - } - fmt.Printf("MS1: 0x") - amclcgo.MPIN_printBinary(MS1[:]) - - // Generate Master Secret Share 2 - rtn, MS2 := amclcgo.MPIN_RANDOM_GENERATE_WRAP(rng) - if rtn != 0 { - fmt.Println("MPIN_RANDOM_GENERATE Error:", rtn) - return - } - fmt.Printf("MS2: 0x") - amclcgo.MPIN_printBinary(MS2[:]) - - // Either Client or TA calculates Hash(ID) - HCID := amclcgo.MPIN_HASH_ID(ID) - - // Generate server secret share 1 - rtn, SS1 := amclcgo.MPIN_GET_SERVER_SECRET_WRAP(MS1[:]) - if rtn != 0 { - fmt.Println("MPIN_GET_SERVER_SECRET Error:", rtn) - return - } - fmt.Printf("SS1: 0x") - amclcgo.MPIN_printBinary(SS1[:]) - - // Generate server secret share 2 - rtn, SS2 := amclcgo.MPIN_GET_SERVER_SECRET_WRAP(MS2[:]) - if rtn != 0 { - fmt.Println("MPIN_GET_SERVER_SECRET Error:", rtn) - return - } - fmt.Printf("SS2: 0x") - amclcgo.MPIN_printBinary(SS2[:]) - - // Combine server secret shares - rtn, SS := amclcgo.MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:]) - if rtn != 0 { - fmt.Println("MPIN_RECOMBINE_G2(SS1, SS2) Error:", rtn) - return - } - fmt.Printf("SS: 0x") - amclcgo.MPIN_printBinary(SS[:]) - - // Generate client secret share 1 - rtn, CS1 := amclcgo.MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID) - if rtn != 0 { - fmt.Println("MPIN_GET_CLIENT_SECRET Error:", rtn) - return - } - fmt.Printf("Client Secret Share CS1: 0x") - amclcgo.MPIN_printBinary(CS1[:]) - - // Generate client secret share 2 - rtn, CS2 := amclcgo.MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID) - if rtn != 0 { - fmt.Println("MPIN_GET_CLIENT_SECRET Error:", rtn) - return - } - fmt.Printf("Client Secret Share CS2: 0x") - amclcgo.MPIN_printBinary(CS2[:]) - - // Combine client secret shares - CS := make([]byte, amclcgo.G1S) - rtn, CS = amclcgo.MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:]) - if rtn != 0 { - fmt.Println("MPIN_RECOMBINE_G1 Error:", rtn) - return - } - fmt.Printf("Client Secret CS: 0x") - amclcgo.MPIN_printBinary(CS[:]) - - // Generate time permit share 1 - rtn, TP1 := amclcgo.MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID) - if rtn != 0 { - fmt.Println("MPIN_GET_CLIENT_PERMIT Error:", rtn) - return - } - fmt.Printf("TP1: 0x") - amclcgo.MPIN_printBinary(TP1[:]) - - // Generate time permit share 2 - rtn, TP2 := amclcgo.MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID) - if rtn != 0 { - fmt.Println("MPIN_GET_CLIENT_PERMIT Error:", rtn) - return - } - fmt.Printf("TP2: 0x") - amclcgo.MPIN_printBinary(TP2[:]) - - // Combine time permit shares - rtn, TP := amclcgo.MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:]) - if rtn != 0 { - fmt.Println("MPIN_RECOMBINE_G1(TP1, TP2) Error:", rtn) - return - } - - // Client extracts PIN1 from secret to create Token - for PIN1 < 0 { - fmt.Printf("Please enter PIN to create token: ") - fmt.Scan(&PIN1) - } - - rtn, TOKEN := amclcgo.MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:]) - if rtn != 0 { - fmt.Printf("FAILURE: EXTRACT_PIN rtn: %d\n", rtn) - return - } - fmt.Printf("Client Token TK: 0x") - amclcgo.MPIN_printBinary(TOKEN[:]) - - ////// Client ////// - - for PIN2 < 0 { - fmt.Printf("Please enter PIN to authenticate: ") - fmt.Scan(&PIN2) - } - - ////// Client Pass 1 ////// - // Send U and UT to server - var X [amclcgo.EGS]byte - fmt.Printf("X: 0x") - amclcgo.MPIN_printBinary(X[:]) - rtn, XOut, SEC, U, UT := amclcgo.MPIN_CLIENT_1_WRAP(date, ID, rng, X[:], PIN2, TOKEN[:], TP[:]) - if rtn != 0 { - fmt.Printf("FAILURE: CLIENT rtn: %d\n", rtn) - return - } - fmt.Printf("XOut: 0x") - amclcgo.MPIN_printBinary(XOut[:]) - - ////// Server Pass 1 ////// - /* Calculate H(ID) and H(T|H(ID)) (if time permits enabled), and maps them to points on the curve HID and HTID resp. */ - HID, HTID := amclcgo.MPIN_SERVER_1_WRAP(date, ID) - - /* Send Y to Client */ - rtn, Y := amclcgo.MPIN_RANDOM_GENERATE_WRAP(rng) - if rtn != 0 { - fmt.Println("MPIN_RANDOM_GENERATE Error:", rtn) - return - } - fmt.Printf("Y: 0x") - amclcgo.MPIN_printBinary(Y[:]) - - /* Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */ - rtn, V := amclcgo.MPIN_CLIENT_2_WRAP(X[:], Y[:], SEC[:]) - if rtn != 0 { - fmt.Printf("FAILURE: CLIENT_2 rtn: %d\n", rtn) - } - - /* Server Second pass. Inputs hashed client id, random Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */ - /* If PIN error not required, set E and F = null */ - rtn, _, _ = amclcgo.MPIN_SERVER_2_WRAP(date, HID[:], HTID[:], Y[:], SS[:], U[:], UT[:], V[:]) - if rtn != 0 { - fmt.Printf("FAILURE: MPIN_SERVER_2 rtn: %d\n", rtn) - } - fmt.Printf("HID: 0x") - amclcgo.MPIN_printBinary(HID[:]) - fmt.Printf("HTID: 0x") - amclcgo.MPIN_printBinary(HTID[:]) - - if rtn != 0 { - fmt.Printf("Authentication failed Error Code %d\n", rtn) - return - } else { - fmt.Printf("Authenticated ID: %s \n", IDstr) - } -} http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/85fabaa6/go/src/github.com/miracl/examples-cgo/mpinfull.go ---------------------------------------------------------------------- diff --git a/go/src/github.com/miracl/examples-cgo/mpinfull.go b/go/src/github.com/miracl/examples-cgo/mpinfull.go deleted file mode 100644 index 3d19092..0000000 --- a/go/src/github.com/miracl/examples-cgo/mpinfull.go +++ /dev/null @@ -1,293 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -package main - -import ( - "encoding/hex" - "fmt" - - amclcgo "github.com/miracl/amcl-cgo" - amclgo "github.com/miracl/amcl-go" -) - -func main() { - // Assign the End-User an ID - IDstr := "[email protected]" - ID := []byte(IDstr) - fmt.Printf("ID: ") - amclcgo.MPIN_printBinary(ID) - fmt.Printf("\n") - - // Epoch time in days - date := amclcgo.MPIN_today() - - // Epoch time in seconds - timeValue := amclcgo.MPIN_GET_TIME() - - // PIN variable to create token - PIN1 := -1 - // PIN variable to authenticate - PIN2 := -1 - - // Seed value for Random Number Generator (RNG) - seedHex := "9e8b4178790cd57a5761c4a6f164ba72" - seed, err := hex.DecodeString(seedHex) - if err != nil { - fmt.Println("Error decoding seed value") - return - } - rng := amclgo.NewRAND() - rng.Seed(len(seed), seed) - - // Message to sign - var MESSAGE []byte - // MESSAGE := []byte("test sign message") - - // Generate Master Secret Share 1 - rtn, MS1 := amclcgo.MPIN_RANDOM_GENERATE_WRAP(rng) - if rtn != 0 { - fmt.Println("MPIN_RANDOM_GENERATE Error:", rtn) - return - } - fmt.Printf("MS1: 0x") - amclcgo.MPIN_printBinary(MS1[:]) - - // Generate Master Secret Share 2 - rtn, MS2 := amclcgo.MPIN_RANDOM_GENERATE_WRAP(rng) - if rtn != 0 { - fmt.Println("MPIN_RANDOM_GENERATE Error:", rtn) - return - } - fmt.Printf("MS2: 0x") - amclcgo.MPIN_printBinary(MS2[:]) - - // Either Client or TA calculates Hash(ID) - HCID := amclcgo.MPIN_HASH_ID(ID) - - // Generate server secret share 1 - rtn, SS1 := amclcgo.MPIN_GET_SERVER_SECRET_WRAP(MS1[:]) - if rtn != 0 { - fmt.Println("MPIN_GET_SERVER_SECRET Error:", rtn) - return - } - fmt.Printf("SS1: 0x") - amclcgo.MPIN_printBinary(SS1[:]) - - // Generate server secret share 2 - rtn, SS2 := amclcgo.MPIN_GET_SERVER_SECRET_WRAP(MS2[:]) - if rtn != 0 { - fmt.Println("MPIN_GET_SERVER_SECRET Error:", rtn) - return - } - fmt.Printf("SS2: 0x") - amclcgo.MPIN_printBinary(SS2[:]) - - // Combine server secret shares - rtn, SS := amclcgo.MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:]) - if rtn != 0 { - fmt.Println("MPIN_RECOMBINE_G2(SS1, SS2) Error:", rtn) - return - } - fmt.Printf("SS: 0x") - amclcgo.MPIN_printBinary(SS[:]) - - // Generate client secret share 1 - rtn, CS1 := amclcgo.MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID) - if rtn != 0 { - fmt.Println("MPIN_GET_CLIENT_SECRET Error:", rtn) - return - } - fmt.Printf("Client Secret Share CS1: 0x") - amclcgo.MPIN_printBinary(CS1[:]) - - // Generate client secret share 2 - rtn, CS2 := amclcgo.MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID) - if rtn != 0 { - fmt.Println("MPIN_GET_CLIENT_SECRET Error:", rtn) - return - } - fmt.Printf("Client Secret Share CS2: 0x") - amclcgo.MPIN_printBinary(CS2[:]) - - // Combine client secret shares - CS := make([]byte, amclcgo.G1S) - rtn, CS = amclcgo.MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:]) - if rtn != 0 { - fmt.Println("MPIN_RECOMBINE_G1 Error:", rtn) - return - } - fmt.Printf("Client Secret CS: 0x") - amclcgo.MPIN_printBinary(CS[:]) - - // Generate time permit share 1 - rtn, TP1 := amclcgo.MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID) - if rtn != 0 { - fmt.Println("MPIN_GET_CLIENT_PERMIT Error:", rtn) - return - } - fmt.Printf("TP1: 0x") - amclcgo.MPIN_printBinary(TP1[:]) - - // Generate time permit share 2 - rtn, TP2 := amclcgo.MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID) - if rtn != 0 { - fmt.Println("MPIN_GET_CLIENT_PERMIT Error:", rtn) - return - } - fmt.Printf("TP2: 0x") - amclcgo.MPIN_printBinary(TP2[:]) - - // Combine time permit shares - rtn, TP := amclcgo.MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:]) - if rtn != 0 { - fmt.Println("MPIN_RECOMBINE_G1(TP1, TP2) Error:", rtn) - return - } - - // Client extracts PIN1 from secret to create Token - for PIN1 < 0 { - fmt.Printf("Please enter PIN to create token: ") - fmt.Scan(&PIN1) - } - - rtn, TOKEN := amclcgo.MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:]) - if rtn != 0 { - fmt.Printf("FAILURE: EXTRACT_PIN rtn: %d\n", rtn) - return - } - fmt.Printf("Client Token TK: 0x") - amclcgo.MPIN_printBinary(TOKEN[:]) - - ////// Client ////// - - // Precomputation - rtn, G1, G2 := amclcgo.MPIN_PRECOMPUTE_WRAP(TOKEN[:], HCID) - if rtn != 0 { - fmt.Println("MPIN_PRECOMPUTE(TOKEN[:], HCID) Error:", rtn) - return - } - - for PIN2 < 0 { - fmt.Printf("Please enter PIN to authenticate: ") - fmt.Scan(&PIN2) - } - - // Send U, UT, V, timeValue and Message to server - var X [amclcgo.EGS]byte - fmt.Printf("X: 0x") - amclcgo.MPIN_printBinary(X[:]) - rtn, XOut, Y1, V, U, UT := amclcgo.MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:]) - if rtn != 0 { - fmt.Printf("FAILURE: CLIENT rtn: %d\n", rtn) - return - } - fmt.Printf("Y1: 0x") - amclcgo.MPIN_printBinary(Y1[:]) - fmt.Printf("XOut: 0x") - amclcgo.MPIN_printBinary(XOut[:]) - - // Send Z=r.ID to Server - var R [amclcgo.EGS]byte - fmt.Printf("R: 0x") - amclcgo.MPIN_printBinary(R[:]) - rtn, ROut, Z := amclcgo.MPIN_GET_G1_MULTIPLE_WRAP(rng, 1, R[:], HCID[:]) - fmt.Printf("ROut: 0x") - amclcgo.MPIN_printBinary(ROut[:]) - - ////// Server ////// - rtn, HID, HTID, Y2, E, F := amclcgo.MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], ID[:], MESSAGE[:]) - if rtn != 0 { - fmt.Printf("FAILURE: SERVER rtn: %d\n", rtn) - } - fmt.Printf("Y2: 0x") - amclcgo.MPIN_printBinary(Y2[:]) - fmt.Printf("HID: 0x") - amclcgo.MPIN_printBinary(HID[:]) - fmt.Printf("HTID: 0x") - amclcgo.MPIN_printBinary(HTID[:]) - - if rtn != 0 { - fmt.Printf("Authentication failed Error Code %d\n", rtn) - err := amclcgo.MPIN_KANGAROO(E[:], F[:]) - if err != 0 { - fmt.Printf("PIN Error %d\n", err) - } - return - } else { - fmt.Printf("Authenticated ID: %s \n", IDstr) - } - - // send T=w.ID to client - var W [amclcgo.EGS]byte - fmt.Printf("W: 0x") - amclcgo.MPIN_printBinary(W[:]) - rtn, WOut, T := amclcgo.MPIN_GET_G1_MULTIPLE_WRAP(rng, 0, W[:], HTID[:]) - fmt.Printf("WOut: 0x") - amclcgo.MPIN_printBinary(WOut[:]) - fmt.Printf("T: 0x") - amclcgo.MPIN_printBinary(T[:]) - - // Hash all values - HM := amclcgo.MPIN_HASH_ALL_WRAP(ID[:],U[:],UT[:],Y2[:],V[:],Z[:],T[:]) - - rtn, AES_KEY_SERVER := amclcgo.MPIN_SERVER_KEY_WRAP(Z[:], SS[:], WOut[:], HM[:],HID[:],U[:], UT[:]) - fmt.Printf("Server Key = 0x") - amclcgo.MPIN_printBinary(AES_KEY_SERVER[:]) - - rtn, AES_KEY_CLIENT := amclcgo.MPIN_CLIENT_KEY_WRAP(PIN2, G1[:], G2[:], ROut[:], XOut[:], HM[:],T[:]) - fmt.Printf("Client Key = 0x") - amclcgo.MPIN_printBinary(AES_KEY_CLIENT[:]) - - ////// Server ////// - - // Initialization vector - IV := amclgo.GENERATE_RANDOM(rng, 12) - fmt.Printf("IV: 0x") - amclcgo.MPIN_printBinary(IV[:]) - - // header - HEADER := amclgo.GENERATE_RANDOM(rng, 16) - fmt.Printf("HEADER: 0x") - amclcgo.MPIN_printBinary(HEADER[:]) - - // Input plaintext - plaintextStr := "A test message" - PLAINTEXT1 := []byte(plaintextStr) - fmt.Printf("String to encrypt: %s \n", plaintextStr) - fmt.Printf("PLAINTEXT1: 0x") - amclcgo.MPIN_printBinary(PLAINTEXT1[:]) - - // AES-GCM Encryption - CIPHERTEXT, TAG1 := amclcgo.MPIN_AES_GCM_ENCRYPT(AES_KEY_SERVER[:], IV[:], HEADER[:], PLAINTEXT1[:]) - fmt.Printf("CIPHERTEXT: 0x") - amclcgo.MPIN_printBinary(CIPHERTEXT[:]) - fmt.Printf("TAG1: 0x") - amclcgo.MPIN_printBinary(TAG1[:]) - - // Send IV, HEADER, CIPHERTEXT and TAG1 to client - - // AES-GCM Decryption - PLAINTEXT2, TAG2 := amclcgo.MPIN_AES_GCM_DECRYPT(AES_KEY_CLIENT[:], IV[:], HEADER[:], CIPHERTEXT[:]) - fmt.Printf("PLAINTEXT2: 0x") - amclcgo.MPIN_printBinary(PLAINTEXT2[:]) - fmt.Printf("TAG2: 0x") - amclcgo.MPIN_printBinary(TAG2[:]) - fmt.Printf("Decrypted string: %s \n", string(PLAINTEXT2)) -} http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/85fabaa6/go/src/github.com/miracl/examples-cgo/mpinfullAnon.go ---------------------------------------------------------------------- diff --git a/go/src/github.com/miracl/examples-cgo/mpinfullAnon.go b/go/src/github.com/miracl/examples-cgo/mpinfullAnon.go deleted file mode 100644 index b5cfe3b..0000000 --- a/go/src/github.com/miracl/examples-cgo/mpinfullAnon.go +++ /dev/null @@ -1,295 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -// Use MPIN with only hashed IDs to the server - -package main - -import ( - "encoding/hex" - "fmt" - - amclcgo "github.com/miracl/amcl-cgo" - amclgo "github.com/miracl/amcl-go" -) - -func main() { - // Assign the End-User an ID - IDstr := "[email protected]" - ID := []byte(IDstr) - fmt.Printf("ID: ") - amclcgo.MPIN_printBinary(ID) - fmt.Printf("\n") - - // Epoch time in days - date := amclcgo.MPIN_today() - - // Epoch time in seconds - timeValue := amclcgo.MPIN_GET_TIME() - - // PIN variable to create token - PIN1 := -1 - // PIN variable to authenticate - PIN2 := -1 - - // Seed value for Random Number Generator (RNG) - seedHex := "9e8b4178790cd57a5761c4a6f164ba72" - seed, err := hex.DecodeString(seedHex) - if err != nil { - fmt.Println("Error decoding seed value") - return - } - rng := amclgo.NewRAND() - rng.Seed(len(seed), seed) - - // Message to sign - var MESSAGE []byte - // MESSAGE := []byte("test sign message") - - // Generate Master Secret Share 1 - rtn, MS1 := amclcgo.MPIN_RANDOM_GENERATE_WRAP(rng) - if rtn != 0 { - fmt.Println("MPIN_RANDOM_GENERATE Error:", rtn) - return - } - fmt.Printf("MS1: 0x") - amclcgo.MPIN_printBinary(MS1[:]) - - // Generate Master Secret Share 2 - rtn, MS2 := amclcgo.MPIN_RANDOM_GENERATE_WRAP(rng) - if rtn != 0 { - fmt.Println("MPIN_RANDOM_GENERATE Error:", rtn) - return - } - fmt.Printf("MS2: 0x") - amclcgo.MPIN_printBinary(MS2[:]) - - // Either Client or TA calculates Hash(ID) - HCID := amclcgo.MPIN_HASH_ID(ID) - - // Generate server secret share 1 - rtn, SS1 := amclcgo.MPIN_GET_SERVER_SECRET_WRAP(MS1[:]) - if rtn != 0 { - fmt.Println("MPIN_GET_SERVER_SECRET Error:", rtn) - return - } - fmt.Printf("SS1: 0x") - amclcgo.MPIN_printBinary(SS1[:]) - - // Generate server secret share 2 - rtn, SS2 := amclcgo.MPIN_GET_SERVER_SECRET_WRAP(MS2[:]) - if rtn != 0 { - fmt.Println("MPIN_GET_SERVER_SECRET Error:", rtn) - return - } - fmt.Printf("SS2: 0x") - amclcgo.MPIN_printBinary(SS2[:]) - - // Combine server secret shares - rtn, SS := amclcgo.MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:]) - if rtn != 0 { - fmt.Println("MPIN_RECOMBINE_G2(SS1, SS2) Error:", rtn) - return - } - fmt.Printf("SS: 0x") - amclcgo.MPIN_printBinary(SS[:]) - - // Generate client secret share 1 - rtn, CS1 := amclcgo.MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID) - if rtn != 0 { - fmt.Println("MPIN_GET_CLIENT_SECRET Error:", rtn) - return - } - fmt.Printf("Client Secret Share CS1: 0x") - amclcgo.MPIN_printBinary(CS1[:]) - - // Generate client secret share 2 - rtn, CS2 := amclcgo.MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID) - if rtn != 0 { - fmt.Println("MPIN_GET_CLIENT_SECRET Error:", rtn) - return - } - fmt.Printf("Client Secret Share CS2: 0x") - amclcgo.MPIN_printBinary(CS2[:]) - - // Combine client secret shares - CS := make([]byte, amclcgo.G1S) - rtn, CS = amclcgo.MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:]) - if rtn != 0 { - fmt.Println("MPIN_RECOMBINE_G1 Error:", rtn) - return - } - fmt.Printf("Client Secret CS: 0x") - amclcgo.MPIN_printBinary(CS[:]) - - // Generate time permit share 1 - rtn, TP1 := amclcgo.MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID) - if rtn != 0 { - fmt.Println("MPIN_GET_CLIENT_PERMIT Error:", rtn) - return - } - fmt.Printf("TP1: 0x") - amclcgo.MPIN_printBinary(TP1[:]) - - // Generate time permit share 2 - rtn, TP2 := amclcgo.MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID) - if rtn != 0 { - fmt.Println("MPIN_GET_CLIENT_PERMIT Error:", rtn) - return - } - fmt.Printf("TP2: 0x") - amclcgo.MPIN_printBinary(TP2[:]) - - // Combine time permit shares - rtn, TP := amclcgo.MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:]) - if rtn != 0 { - fmt.Println("MPIN_RECOMBINE_G1(TP1, TP2) Error:", rtn) - return - } - - // Client extracts PIN1 from secret to create Token - for PIN1 < 0 { - fmt.Printf("Please enter PIN to create token: ") - fmt.Scan(&PIN1) - } - - rtn, TOKEN := amclcgo.MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:]) - if rtn != 0 { - fmt.Printf("FAILURE: EXTRACT_PIN rtn: %d\n", rtn) - return - } - fmt.Printf("Client Token TK: 0x") - amclcgo.MPIN_printBinary(TOKEN[:]) - - ////// Client ////// - - // Precomputation - rtn, G1, G2 := amclcgo.MPIN_PRECOMPUTE_WRAP(TOKEN[:], HCID) - if rtn != 0 { - fmt.Println("MPIN_PRECOMPUTE(TOKEN[:], HCID) Error:", rtn) - return - } - - for PIN2 < 0 { - fmt.Printf("Please enter PIN to authenticate: ") - fmt.Scan(&PIN2) - } - - // Send U, UT, V, timeValue and Message to server - var X [amclcgo.EGS]byte - fmt.Printf("X: 0x") - amclcgo.MPIN_printBinary(X[:]) - rtn, XOut, Y1, V, U, UT := amclcgo.MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:]) - if rtn != 0 { - fmt.Printf("FAILURE: CLIENT rtn: %d\n", rtn) - return - } - fmt.Printf("Y1: 0x") - amclcgo.MPIN_printBinary(Y1[:]) - fmt.Printf("XOut: 0x") - amclcgo.MPIN_printBinary(XOut[:]) - - // Send Z=r.ID to Server - var R [amclcgo.EGS]byte - fmt.Printf("R: 0x") - amclcgo.MPIN_printBinary(R[:]) - rtn, ROut, Z := amclcgo.MPIN_GET_G1_MULTIPLE_WRAP(rng, 1, R[:], HCID[:]) - fmt.Printf("ROut: 0x") - amclcgo.MPIN_printBinary(ROut[:]) - - ////// Server ////// - rtn, HID, HTID, Y2, E, F := amclcgo.MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], HCID[:], MESSAGE[:]) - if rtn != 0 { - fmt.Printf("FAILURE: SERVER rtn: %d\n", rtn) - } - fmt.Printf("Y2: 0x") - amclcgo.MPIN_printBinary(Y2[:]) - fmt.Printf("HID: 0x") - amclcgo.MPIN_printBinary(HID[:]) - fmt.Printf("HTID: 0x") - amclcgo.MPIN_printBinary(HTID[:]) - - if rtn != 0 { - fmt.Printf("Authentication failed Error Code %d\n", rtn) - err := amclcgo.MPIN_KANGAROO(E[:], F[:]) - if err != 0 { - fmt.Printf("PIN Error %d\n", err) - } - return - } else { - fmt.Printf("Authenticated ID: %s \n", IDstr) - } - - // send T=w.ID to client - var W [amclcgo.EGS]byte - fmt.Printf("W: 0x") - amclcgo.MPIN_printBinary(W[:]) - rtn, WOut, T := amclcgo.MPIN_GET_G1_MULTIPLE_WRAP(rng, 0, W[:], HTID[:]) - fmt.Printf("WOut: 0x") - amclcgo.MPIN_printBinary(WOut[:]) - fmt.Printf("T: 0x") - amclcgo.MPIN_printBinary(T[:]) - - // Hash all values - HM := amclcgo.MPIN_HASH_ALL_WRAP(HCID[:], U[:], UT[:], Y2[:], V[:], Z[:], T[:]) - - rtn, AES_KEY_SERVER := amclcgo.MPIN_SERVER_KEY_WRAP(Z[:], SS[:], WOut[:], HM[:], HID[:], U[:], UT[:]) - fmt.Printf("Server Key = 0x") - amclcgo.MPIN_printBinary(AES_KEY_SERVER[:]) - - rtn, AES_KEY_CLIENT := amclcgo.MPIN_CLIENT_KEY_WRAP(PIN2, G1[:], G2[:], ROut[:], XOut[:], HM[:], T[:]) - fmt.Printf("Client Key = 0x") - amclcgo.MPIN_printBinary(AES_KEY_CLIENT[:]) - - ////// Server ////// - - // Initialization vector - IV := amclgo.GENERATE_RANDOM(rng, 12) - fmt.Printf("IV: 0x") - amclcgo.MPIN_printBinary(IV[:]) - - // header - HEADER := amclgo.GENERATE_RANDOM(rng, 16) - fmt.Printf("HEADER: 0x") - amclcgo.MPIN_printBinary(HEADER[:]) - - // Input plaintext - plaintextStr := "A test message" - PLAINTEXT1 := []byte(plaintextStr) - fmt.Printf("String to encrypt: %s \n", plaintextStr) - fmt.Printf("PLAINTEXT1: 0x") - amclcgo.MPIN_printBinary(PLAINTEXT1[:]) - - // AES-GCM Encryption - CIPHERTEXT, TAG1 := amclcgo.MPIN_AES_GCM_ENCRYPT(AES_KEY_SERVER[:], IV[:], HEADER[:], PLAINTEXT1[:]) - fmt.Printf("CIPHERTEXT: 0x") - amclcgo.MPIN_printBinary(CIPHERTEXT[:]) - fmt.Printf("TAG1: 0x") - amclcgo.MPIN_printBinary(TAG1[:]) - - // Send IV, HEADER, CIPHERTEXT and TAG1 to client - - // AES-GCM Decryption - PLAINTEXT2, TAG2 := amclcgo.MPIN_AES_GCM_DECRYPT(AES_KEY_CLIENT[:], IV[:], HEADER[:], CIPHERTEXT[:]) - fmt.Printf("PLAINTEXT2: 0x") - amclcgo.MPIN_printBinary(PLAINTEXT2[:]) - fmt.Printf("TAG2: 0x") - amclcgo.MPIN_printBinary(TAG2[:]) - fmt.Printf("Decrypted string: %s \n", string(PLAINTEXT2)) -} http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/85fabaa6/go/src/github.com/miracl/examples-cgo/timempin.go ---------------------------------------------------------------------- diff --git a/go/src/github.com/miracl/examples-cgo/timempin.go b/go/src/github.com/miracl/examples-cgo/timempin.go deleted file mode 100644 index 70c3e21..0000000 --- a/go/src/github.com/miracl/examples-cgo/timempin.go +++ /dev/null @@ -1,84 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -package main - -import ( - "encoding/hex" - "flag" - "log" - "os" - "runtime/pprof" - "time" - - amclcgo "github.com/miracl/amcl-cgo" -) - -// Number of iterations to time functions -const nIter int = 1000 - -var cpuprofile = flag.String("cpuprofile", "", "write cpu profile to file") - -func main() { - flag.Parse() - if *cpuprofile != "" { - f, err := os.Create(*cpuprofile) - if err != nil { - log.Fatal(err) - } - pprof.StartCPUProfile(f) - defer pprof.StopCPUProfile() - } - - // Assign the End-User an ID - IDstr := "[email protected]" - ID := []byte(IDstr) - - // Epoch time in days - date := 16673 - - // Epoch time in seconds - timeValue := 1440594584 - - SSHex := "07f8181687f42ce22ea0dee4ba9df3f2cea67ad2d79e59adc953142556d510831bbd59e9477ac479019887020579aed16af43dc7089ae8c14262e64b5d09740109917efd0618c557fbf7efaa68fb64e8d46b3766bb184dea9bef9638f23bbbeb03aedbc6e4eb9fbd658719aab26b849638690521723c0efb9c8622df2a8efa3c" - SS, _ := hex.DecodeString(SSHex) - UHex := "0403e76a28df08ea591912e0ff84ebf419e21aadf8ec5aed4b0f3cd0fc1cdea14a06f05a3be4f9f2d16530c6b4934da2e3439ea287796faac079d396f8cdb9f565" - U, _ := hex.DecodeString(UHex) - UTHex := "041012e53c991edc9514889de50fb7d893c406dc9bf4c89d46fec9ba408cc5f596226402e7c468c823a28b9003a3944c4600a1b797f10cf01060d3729729212932" - UT, _ := hex.DecodeString(UTHex) - SECHex := "04051b0d3e9dfdb2a378f0ac7056fb264a900d0867e39c334950527d8c460d76132346bf8ed8a419e2eab4ad52a8b7a51d8c09cbcfa4e80bc0487965ece72ab0ce" - SEC, _ := hex.DecodeString(SECHex) - var MESSAGE []byte - // MESSAGE := []byte("test sign message") - - t0 := time.Now() - var rtn int - for i := 0; i < nIter; i++ { - rtn, _, _, _, _, _ = amclcgo.MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], SEC[:], ID[:], MESSAGE[:]) - } - t1 := time.Now() - log.Printf("Number Iterations: %d Time: %v\n", nIter, t1.Sub(t0)) - - if rtn != 0 { - log.Printf("Authentication failed Error Code %d\n", rtn) - return - } else { - log.Printf("Authenticated ID: %s \n", IDstr) - } -} http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/85fabaa6/go/src/github.com/miracl/examples-go/ecdh.go ---------------------------------------------------------------------- diff --git a/go/src/github.com/miracl/examples-go/ecdh.go b/go/src/github.com/miracl/examples-go/ecdh.go deleted file mode 100644 index 45fc091..0000000 --- a/go/src/github.com/miracl/examples-go/ecdh.go +++ /dev/null @@ -1,180 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -package main - -import ( - "fmt" - - amcl "github.com/miracl/amcl-go" -) - -func main() { - - // j:=0 - pp := "M0ng00se" - res := 0 - - var S1 [amcl.ECDH_EGS]byte - var W0 [2*amcl.ECDH_EFS + 1]byte - var W1 [2*amcl.ECDH_EFS + 1]byte - var Z0 [amcl.ECDH_EFS]byte - var Z1 [amcl.ECDH_EFS]byte - var RAW [100]byte - var SALT [8]byte - var P1 [3]byte - var P2 [4]byte - var V [2*amcl.ECDH_EFS + 1]byte - var M [17]byte - var T [12]byte - var CS [amcl.ECDH_EGS]byte - var DS [amcl.ECDH_EGS]byte - - rng := amcl.NewRAND() - - rng.Clean() - for i := 0; i < 100; i++ { - RAW[i] = byte(i) - } - - rng.Seed(100, RAW[:]) - - //for j:=0;j<100;j++ { - - for i := 0; i < 8; i++ { - SALT[i] = byte(i + 1) - } // set Salt - - fmt.Printf("Alice's Passphrase= " + pp) - fmt.Printf("\n") - PW := []byte(pp) - - /* private key S0 of size EGS bytes derived from Password and Salt */ - - S0 := amcl.PBKDF2(PW, SALT[:], 1000, amcl.ECDH_EGS) - - fmt.Printf("Alice's private key= 0x") - amcl.ECDH_printBinary(S0) - - /* Generate Key pair S/W */ - amcl.ECDH_KEY_PAIR_GENERATE(nil, S0, W0[:]) - - fmt.Printf("Alice's public key= 0x") - amcl.ECDH_printBinary(W0[:]) - - res = amcl.ECDH_PUBLIC_KEY_VALIDATE(true, W0[:]) - if res != 0 { - fmt.Printf("ECP Public Key is invalid!\n") - return - } - - /* Random private key for other party */ - amcl.ECDH_KEY_PAIR_GENERATE(rng, S1[:], W1[:]) - - fmt.Printf("Servers private key= 0x") - amcl.ECDH_printBinary(S1[:]) - - fmt.Printf("Servers public key= 0x") - amcl.ECDH_printBinary(W1[:]) - - res = amcl.ECDH_PUBLIC_KEY_VALIDATE(true, W1[:]) - if res != 0 { - fmt.Printf("ECP Public Key is invalid!\n") - return - } - /* Calculate common key using DH - IEEE 1363 method */ - - amcl.ECPSVDP_DH(S0, W1[:], Z0[:]) - amcl.ECPSVDP_DH(S1[:], W0[:], Z1[:]) - - same := true - for i := 0; i < amcl.ECDH_EFS; i++ { - if Z0[i] != Z1[i] { - same = false - } - } - - if !same { - fmt.Printf("*** ECPSVDP-DH Failed\n") - return - } - - KEY := amcl.KDF1(Z0[:], amcl.ECDH_EAS) - - fmt.Printf("Alice's DH Key= 0x") - amcl.ECDH_printBinary(KEY) - fmt.Printf("Servers DH Key= 0x") - amcl.ECDH_printBinary(KEY) - - if amcl.CURVETYPE != amcl.MONTGOMERY { - fmt.Printf("Testing ECIES\n") - - P1[0] = 0x0 - P1[1] = 0x1 - P1[2] = 0x2 - P2[0] = 0x0 - P2[1] = 0x1 - P2[2] = 0x2 - P2[3] = 0x3 - - for i := 0; i <= 16; i++ { - M[i] = byte(i) - } - - C := amcl.ECIES_ENCRYPT(P1[:], P2[:], rng, W1[:], M[:], V[:], T[:]) - - fmt.Printf("Ciphertext= \n") - fmt.Printf("V= 0x") - amcl.ECDH_printBinary(V[:]) - fmt.Printf("C= 0x") - amcl.ECDH_printBinary(C) - fmt.Printf("T= 0x") - amcl.ECDH_printBinary(T[:]) - - RM := amcl.ECIES_DECRYPT(P1[:], P2[:], V[:], C, T[:], S1[:]) - if RM == nil { - fmt.Printf("*** ECIES Decryption Failed\n") - return - } else { - fmt.Printf("Decryption succeeded\n") - } - - fmt.Printf("Message is 0x") - amcl.ECDH_printBinary(RM) - - fmt.Printf("Testing ECDSA\n") - - if amcl.ECPSP_DSA(rng, S0, M[:], CS[:], DS[:]) != 0 { - fmt.Printf("***ECDSA Signature Failed\n") - return - } - fmt.Printf("Signature= \n") - fmt.Printf("C= 0x") - amcl.ECDH_printBinary(CS[:]) - fmt.Printf("D= 0x") - amcl.ECDH_printBinary(DS[:]) - - if amcl.ECPVP_DSA(W0[:], M[:], CS[:], DS[:]) != 0 { - fmt.Printf("***ECDSA Verification Failed\n") - return - } else { - fmt.Printf("ECDSA Signature/Verification succeeded \n") - } - } -} http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/85fabaa6/go/src/github.com/miracl/examples-go/generateRandom.go ---------------------------------------------------------------------- diff --git a/go/src/github.com/miracl/examples-go/generateRandom.go b/go/src/github.com/miracl/examples-go/generateRandom.go deleted file mode 100644 index f2afcc9..0000000 --- a/go/src/github.com/miracl/examples-go/generateRandom.go +++ /dev/null @@ -1,48 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -/* Password Based Key Derivation Function Example */ - -package main - -import ( - "encoding/hex" - "fmt" - - amcl "github.com/miracl/amcl-go" -) - -func main() { - // Seed value for Random Number Generator (RNG) - seedHex := "9e8b4178790cd57a5761c4a6f164ba72" - seed, err := hex.DecodeString(seedHex) - if err != nil { - fmt.Println("Error decoding seed value") - return - } - rng := amcl.NewRAND() - rng.Seed(len(seed), seed) - - // Generate random byte values - for i := 0; i < 10; i++ { - val := amcl.GENERATE_RANDOM(rng, 12) - fmt.Printf("Random byte array %s\n", hex.EncodeToString(val)) - } - -} http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/85fabaa6/go/src/github.com/miracl/examples-go/mpin.go ---------------------------------------------------------------------- diff --git a/go/src/github.com/miracl/examples-go/mpin.go b/go/src/github.com/miracl/examples-go/mpin.go deleted file mode 100644 index 3c13e49..0000000 --- a/go/src/github.com/miracl/examples-go/mpin.go +++ /dev/null @@ -1,248 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -package main - -import ( - "fmt" - - amcl "github.com/miracl/amcl-go" -) - -/* Configure mode of operation */ - -const PERMITS bool = true -const PINERROR bool = true -const FULL bool = true -const SINGLE_PASS bool = true - -func main() { - rng := amcl.NewRAND() - var raw [100]byte - for i := 0; i < 100; i++ { - raw[i] = byte(i + 1) - } - rng.Seed(100, raw[:]) - - const EGS = amcl.MPIN_EGS - const EFS = amcl.MPIN_EFS - const G1S = 2*EFS + 1 /* Group 1 Size */ - const G2S = 4 * EFS /* Group 2 Size */ - const EAS int = 16 - - var S [EGS]byte - var SST [G2S]byte - var TOKEN [G1S]byte - var PERMIT [G1S]byte - var SEC [G1S]byte - var xID [G1S]byte - var xCID [G1S]byte - var X [EGS]byte - var Y [EGS]byte - var E [12 * EFS]byte - var F [12 * EFS]byte - var HID [G1S]byte - var HTID [G1S]byte - - var G1 [12 * EFS]byte - var G2 [12 * EFS]byte - var R [EGS]byte - var Z [G1S]byte - var W [EGS]byte - var T [G1S]byte - var CK [EAS]byte - var SK [EAS]byte - var MESSAGE [256]byte - - /* Trusted Authority set-up */ - - amcl.MPIN_RANDOM_GENERATE(rng, S[:]) - fmt.Printf("Master Secret s: 0x") - amcl.MPIN_printBinary(S[:]) - - /* Create Client Identity */ - IDstr := "[email protected]" - CLIENT_ID := []byte(IDstr) - - HCID := amcl.MPIN_HASH_ID(CLIENT_ID) /* Either Client or TA calculates Hash(ID) - you decide! */ - - fmt.Printf("Client ID= ") - amcl.MPIN_printBinary(CLIENT_ID) - fmt.Printf("\n") - - /* Client and Server are issued secrets by DTA */ - amcl.MPIN_GET_SERVER_SECRET(S[:], SST[:]) - fmt.Printf("Server Secret SS: 0x") - amcl.MPIN_printBinary(SST[:]) - - amcl.MPIN_GET_CLIENT_SECRET(S[:], HCID, TOKEN[:]) - fmt.Printf("Client Secret CS: 0x") - amcl.MPIN_printBinary(TOKEN[:]) - - /* Client extracts PIN from secret to create Token */ - pin := 1234 - fmt.Printf("Client extracts PIN= %d", pin) - fmt.Printf("\n") - rtn := amcl.MPIN_EXTRACT_PIN(CLIENT_ID, pin, TOKEN[:]) - if rtn != 0 { - fmt.Printf("FAILURE: EXTRACT_PIN rtn: %d", rtn) - fmt.Printf("\n") - } - - fmt.Printf("Client Token TK: 0x") - amcl.MPIN_printBinary(TOKEN[:]) - - if FULL { - amcl.MPIN_PRECOMPUTE(TOKEN[:], HCID, G1[:], G2[:]) - } - - date := 0 - if PERMITS { - date = amcl.MPIN_today() - /* Client gets "Time Token" permit from DTA */ - amcl.MPIN_GET_CLIENT_PERMIT(date, S[:], HCID, PERMIT[:]) - fmt.Printf("Time Permit TP: 0x") - amcl.MPIN_printBinary(PERMIT[:]) - - /* This encoding makes Time permit look random - Elligator squared */ - amcl.MPIN_ENCODING(rng, PERMIT[:]) - fmt.Printf("Encoded Time Permit TP: 0x") - amcl.MPIN_printBinary(PERMIT[:]) - amcl.MPIN_DECODING(PERMIT[:]) - fmt.Printf("Decoded Time Permit TP: 0x") - amcl.MPIN_printBinary(PERMIT[:]) - } - - pin = -1 - for pin < 0 { - fmt.Printf("\nPIN= ") - fmt.Scanf("%d", &pin) - } - - pxID := xID[:] - pxCID := xCID[:] - pHID := HID[:] - pHTID := HTID[:] - pE := E[:] - pF := F[:] - pPERMIT := PERMIT[:] - var prHID []byte - - if date != 0 { - prHID = pHTID - if !PINERROR { - pxID = nil - pHID = nil - } - } else { - prHID = pHID - pPERMIT = nil - pxCID = nil - pHTID = nil - } - if !PINERROR { - pE = nil - pF = nil - } - - if SINGLE_PASS { - fmt.Printf("MPIN Single Pass\n") - timeValue := amcl.MPIN_GET_TIME() - rtn = amcl.MPIN_CLIENT(date, CLIENT_ID, rng, X[:], pin, TOKEN[:], SEC[:], pxID, pxCID, pPERMIT, MESSAGE[:], timeValue, Y[:]) - if rtn != 0 { - fmt.Printf("FAILURE: CLIENT rtn: %d\n", rtn) - } - - if FULL { - HCID = amcl.MPIN_HASH_ID(CLIENT_ID) - amcl.MPIN_GET_G1_MULTIPLE(rng, 1, R[:], HCID, Z[:]) /* Also Send Z=r.ID to Server, remember random r */ - } - - rtn = amcl.MPIN_SERVER(date, pHID, pHTID, Y[:], SST[:], pxID, pxCID, SEC[:], pE, pF, CLIENT_ID, MESSAGE[:], timeValue) - if rtn != 0 { - fmt.Printf("FAILURE: SERVER rtn: %d\n", rtn) - } - - if FULL { - amcl.MPIN_GET_G1_MULTIPLE(rng, 0, W[:], prHID, T[:]) /* Also send T=w.ID to client, remember random w */ - } - } else { - fmt.Printf("MPIN Multi Pass\n") - /* Send U=x.ID to server, and recreate secret from token and pin */ - rtn = amcl.MPIN_CLIENT_1(date, CLIENT_ID, rng, X[:], pin, TOKEN[:], SEC[:], pxID, pxCID, pPERMIT) - if rtn != 0 { - fmt.Printf("FAILURE: CLIENT_1 rtn: %d\n", rtn) - } - - if FULL { - HCID = amcl.MPIN_HASH_ID(CLIENT_ID) - amcl.MPIN_GET_G1_MULTIPLE(rng, 1, R[:], HCID, Z[:]) /* Also Send Z=r.ID to Server, remember random r */ - } - - /* Server calculates H(ID) and H(T|H(ID)) (if time permits enabled), and maps them to points on the curve HID and HTID resp. */ - amcl.MPIN_SERVER_1(date, CLIENT_ID, pHID, pHTID) - - /* Server generates Random number Y and sends it to Client */ - amcl.MPIN_RANDOM_GENERATE(rng, Y[:]) - - if FULL { - amcl.MPIN_GET_G1_MULTIPLE(rng, 0, W[:], prHID, T[:]) /* Also send T=w.ID to client, remember random w */ - } - - /* Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */ - rtn = amcl.MPIN_CLIENT_2(X[:], Y[:], SEC[:]) - if rtn != 0 { - fmt.Printf("FAILURE: CLIENT_2 rtn: %d\n", rtn) - } - - /* Server Second pass. Inputs hashed client id, random Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */ - /* If PIN error not required, set E and F = null */ - - rtn = amcl.MPIN_SERVER_2(date, pHID, pHTID, Y[:], SST[:], pxID, pxCID, SEC[:], pE, pF) - } - - if rtn != 0 { - fmt.Printf("FAILURE: SERVER_1 rtn: %d\n", rtn) - } - - if rtn == amcl.MPIN_BAD_PIN { - fmt.Printf("Server says - Bad Pin. I don't know you. Feck off.\n") - if PINERROR { - err := amcl.MPIN_KANGAROO(E[:], F[:]) - if err != 0 { - fmt.Printf("(Client PIN is out by %d)\n", err) - } - } - return - } else { - fmt.Printf("Server says - PIN is good! You really are " + IDstr) - fmt.Printf("\n") - } - - if FULL { - amcl.MPIN_CLIENT_KEY(G1[:], G2[:], pin, R[:], X[:], T[:], CK[:]) - fmt.Printf("Client Key = 0x") - amcl.MPIN_printBinary(CK[:]) - - amcl.MPIN_SERVER_KEY(Z[:], SST[:], W[:], pxID, pxCID, SK[:]) - fmt.Printf("Server Key = 0x") - amcl.MPIN_printBinary(SK[:]) - } - -} http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/85fabaa6/go/src/github.com/miracl/examples-go/mpinTwoPass.go ---------------------------------------------------------------------- diff --git a/go/src/github.com/miracl/examples-go/mpinTwoPass.go b/go/src/github.com/miracl/examples-go/mpinTwoPass.go deleted file mode 100644 index f2c3d33..0000000 --- a/go/src/github.com/miracl/examples-go/mpinTwoPass.go +++ /dev/null @@ -1,207 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -package main - -import ( - "encoding/hex" - "fmt" - - amcl "github.com/miracl/amcl-go" -) - -func main() { - // Assign the End-User an ID - IDstr := "[email protected]" - ID := []byte(IDstr) - fmt.Printf("ID: ") - amcl.MPIN_printBinary(ID) - fmt.Printf("\n") - - // Epoch time in days - date := amcl.MPIN_today() - - // PIN variable to create token - PIN1 := -1 - // PIN variable to authenticate - PIN2 := -1 - - // Seed value for Random Number Generator (RNG) - seedHex := "9e8b4178790cd57a5761c4a6f164ba72" - seed, err := hex.DecodeString(seedHex) - if err != nil { - fmt.Println("Error decoding seed value") - return - } - rng := amcl.NewRAND() - rng.Seed(len(seed), seed) - - const EGS = amcl.MPIN_EGS - const EFS = amcl.MPIN_EFS - const G1S = 2*EFS + 1 /* Group 1 Size */ - const G2S = 4 * EFS /* Group 2 Size */ - const EAS = amcl.MPIN_PAS - - var MS1 [EGS]byte - var SS1 [G2S]byte - var CS1 [G1S]byte - var TP1 [G1S]byte - var MS2 [EGS]byte - var SS2 [G2S]byte - var CS2 [G1S]byte - var TP2 [G1S]byte - var SS [G2S]byte - var TP [G1S]byte - var TOKEN [G1S]byte - var SEC [G1S]byte - var U [G1S]byte - var UT [G1S]byte - var X [EGS]byte - var Y [EGS]byte - var E [12 * EFS]byte - var F [12 * EFS]byte - var HID [G1S]byte - var HTID [G1S]byte - - // Generate Master Secret Share 1 - amcl.MPIN_RANDOM_GENERATE(rng, MS1[:]) - fmt.Printf("MS1: 0x") - amcl.MPIN_printBinary(MS1[:]) - - // Generate Master Secret Share 2 - amcl.MPIN_RANDOM_GENERATE(rng, MS2[:]) - fmt.Printf("MS2: 0x") - amcl.MPIN_printBinary(MS2[:]) - - // Either Client or TA calculates Hash(ID) - HCID := amcl.MPIN_HASH_ID(ID) - - // Generate server secret share 1 - amcl.MPIN_GET_SERVER_SECRET(MS1[:], SS1[:]) - fmt.Printf("SS1: 0x") - amcl.MPIN_printBinary(SS1[:]) - - // Generate server secret share 2 - amcl.MPIN_GET_SERVER_SECRET(MS2[:], SS2[:]) - fmt.Printf("SS2: 0x") - amcl.MPIN_printBinary(SS2[:]) - - // Combine server secret shares - rtn := amcl.MPIN_RECOMBINE_G2(SS1[:], SS2[:], SS[:]) - if rtn != 0 { - fmt.Println("MPIN_RECOMBINE_G2(SS1, SS2, SS) Error:", rtn) - return - } - fmt.Printf("SS: 0x") - amcl.MPIN_printBinary(SS[:]) - - // Generate client secret share 1 - amcl.MPIN_GET_CLIENT_SECRET(MS1[:], HCID, CS1[:]) - fmt.Printf("Client Secret CS: 0x") - amcl.MPIN_printBinary(CS1[:]) - - // Generate client secret share 2 - amcl.MPIN_GET_CLIENT_SECRET(MS2[:], HCID, CS2[:]) - fmt.Printf("Client Secret CS: 0x") - amcl.MPIN_printBinary(CS2[:]) - - // Combine client secret shares : TOKEN is the full client secret - rtn = amcl.MPIN_RECOMBINE_G1(CS1[:], CS2[:], TOKEN[:]) - if rtn != 0 { - fmt.Println("MPIN_RECOMBINE_G1(CS1, CS2, TOKEN) Error:", rtn) - return - } - - // Generate time permit share 1 - amcl.MPIN_GET_CLIENT_PERMIT(date, MS1[:], HCID, TP1[:]) - fmt.Printf("TP1: 0x") - amcl.MPIN_printBinary(TP1[:]) - - // Generate time permit share 2 - amcl.MPIN_GET_CLIENT_PERMIT(date, MS2[:], HCID, TP2[:]) - fmt.Printf("TP2: 0x") - amcl.MPIN_printBinary(TP2[:]) - - // Combine time permit shares - rtn = amcl.MPIN_RECOMBINE_G1(TP1[:], TP2[:], TP[:]) - if rtn != 0 { - fmt.Println("MPIN_RECOMBINE_G1(TP1, TP2, TP) Error:", rtn) - return - } - - // Client extracts PIN1 from secret to create Token - for PIN1 < 0 { - fmt.Printf("Please enter PIN to create token: ") - fmt.Scan(&PIN1) - } - - rtn = amcl.MPIN_EXTRACT_PIN(ID, PIN1, TOKEN[:]) - if rtn != 0 { - fmt.Printf("FAILURE: EXTRACT_PIN rtn: %d\n", rtn) - return - } - fmt.Printf("Client Token TK: 0x") - amcl.MPIN_printBinary(TOKEN[:]) - - for PIN2 < 0 { - fmt.Printf("Please enter PIN to authenticate: ") - fmt.Scan(&PIN2) - } - - /* Clients first pass. Calculate U and UT */ - rtn = amcl.MPIN_CLIENT_1(date, ID, rng, X[:], PIN2, TOKEN[:], SEC[:], U[:], UT[:], TP[:]) - if rtn != 0 { - fmt.Printf("FAILURE: CLIENT rtn: %d\n", rtn) - return - } - - /* Server first pass. Calculate H(ID) and H(T|H(ID)) (if time permits enabled), and maps them to points on the curve HID and HTID resp. */ - amcl.MPIN_SERVER_1(date, ID, HID[:], HTID[:]) - - /* Server generates Random number Y and sends it to Client */ - amcl.MPIN_RANDOM_GENERATE(rng, Y[:]) - - /* Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */ - rtn = amcl.MPIN_CLIENT_2(X[:], Y[:], SEC[:]) - if rtn != 0 { - fmt.Printf("FAILURE: CLIENT_2 rtn: %d\n", rtn) - } - - /* Server Second pass. Inputs hashed client id, random Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */ - /* If PIN error not required, set E and F = null */ - rtn = amcl.MPIN_SERVER_2(date, HID[:], HTID[:], Y[:], SS[:], U[:], UT[:], SEC[:], E[:], F[:]) - if rtn != 0 { - fmt.Printf("FAILURE: MPIN_SERVER_2 rtn: %d\n", rtn) - } - fmt.Printf("HID: 0x") - amcl.MPIN_printBinary(HID[:]) - fmt.Printf("HTID: 0x") - amcl.MPIN_printBinary(HTID[:]) - - if rtn == amcl.MPIN_BAD_PIN { - fmt.Printf("Authentication failed Error Code %d\n", rtn) - err := amcl.MPIN_KANGAROO(E[:], F[:]) - if err != 0 { - fmt.Printf("PIN Error %d\n", err) - } - return - } else { - fmt.Printf("Authenticated ID: %s \n", IDstr) - } -}
