http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/js/tests/README.md ---------------------------------------------------------------------- diff --git a/js/tests/README.md b/js/tests/README.md deleted file mode 100644 index 477e136..0000000 --- a/js/tests/README.md +++ /dev/null @@ -1,25 +0,0 @@ -# JavaScript tests - -## Description - -These tests read test vector files that have been generated from the C code -implementation of MPin. There are two test vector files; BNCX.json for three pass -and BNCSOnePass.json for one pass. The only curve tested in BNCX. - -### Dependencies - -Install the following node.js modules to run the tests - -npm install assert -npm install fs -npm install crypto - -### Configuration - -If required set DEBUG = true in config.js to enable more verbose output. - -### Run tests - -./run_test.sh - -To run individual tests look inside the script for guidance.
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/js/tests/config.js ---------------------------------------------------------------------- diff --git a/js/tests/config.js b/js/tests/config.js deleted file mode 100755 index 818bdc1..0000000 --- a/js/tests/config.js +++ /dev/null @@ -1,20 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -var DEBUG = false; http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/js/tests/find_duplicates.py ---------------------------------------------------------------------- diff --git a/js/tests/find_duplicates.py b/js/tests/find_duplicates.py deleted file mode 100755 index f9c6772..0000000 --- a/js/tests/find_duplicates.py +++ /dev/null @@ -1,40 +0,0 @@ -#!/usr/bin/env python - -""" -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -""" - - -""" - Find any duplicates in a list of x values -""" - -import sys -import json -import json - -values = json.load(open("./randomX.json", "r")) -s = set() -for x in values: - if x in s: - print "TEST FAILED" - sys.exit(1) - else: - s.add(x) -print "TEST PASSED" - http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/js/tests/run_test.sh ---------------------------------------------------------------------- diff --git a/js/tests/run_test.sh b/js/tests/run_test.sh deleted file mode 100755 index c6415f1..0000000 --- a/js/tests/run_test.sh +++ /dev/null @@ -1,68 +0,0 @@ -#!/bin/sh -# javascript tests -# -# This script runs tests that compares the js -# with the expected output from the c code -# -# usage: ./run_test.sh - -output_file="log.txt" -if [[ -f "$output_file" ]] -then - echo "rm $output_file" - rm $output_file -fi - -ln -s BNCX.json testVectors.json -ln -s BNCXOnePass.json testVectorsOnePass.json - -echo "cp ../MPIN.js ." -cp ../MPIN.js . -sed -i 's/var MPIN/MPIN/' MPIN.js - -echo "TEST 1: node test_add_shares.js" -echo "TEST 1: node test_add_shares.js" > $output_file -node test_add_shares.js >> $output_file 2>&1 - -echo "TEST 2: node test_token.js" -echo "TEST 2: node test_token.js" >> $output_file -node test_token.js >> $output_file 2>&1 - -echo "TEST 3: node test_pass1.js" -echo "TEST 3: node test_pass1.js" >> $output_file -node test_pass1.js >> $output_file 2>&1 - -echo "TEST 4: node test_pass2.js" -echo "TEST 4: node test_pass2.js" >> $output_file -node test_pass2.js >> $output_file 2>&1 - -echo "TEST 5: node test_randomX.js" -echo "TEST 5: node test_randomX.js" >> $output_file -node test_randomX.js >> $output_file 2>&1 -./find_duplicates.py >> $output_file 2>&1 - -echo "TEST 6: node test_sha256.js" -echo "TEST 6: node test_sha265.js" >> $output_file -node test_sha256.js >> $output_file 2>&1 - -echo "TEST 7: node test_onepass.js" -echo "TEST 7: node test_onepass.js" >> $output_file -node test_onepass.js >> $output_file 2>&1 - -error=$(grep -i error "${output_file}" ) -if [[ -n "$error" ]]; then - echo "ERROR. Please review ${output_file}" - exit 1 -fi - -failed=$(grep FAILED "${output_file}" ) -if [[ -n "$failed" ]]; then - echo "A TEST HAS FAILED. Please review ${output_file}" - echo "A TEST HAS FAILED. Please review ${output_file}" >> $output_file -else - echo "ALL TESTS PASSED" - echo "ALL TESTS PASSED" >> $output_file -fi - -rm testVectors.json -rm testVectorsOnePass.json http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/js/tests/test_add_shares.js ---------------------------------------------------------------------- diff --git a/js/tests/test_add_shares.js b/js/tests/test_add_shares.js deleted file mode 100755 index 8d97ac6..0000000 --- a/js/tests/test_add_shares.js +++ /dev/null @@ -1,89 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -console.log("Testing addition of shares"); -var assert = require('assert'); -var fs = require('fs'); - -// Javascript files from the PIN pad are included here: -eval(fs.readFileSync('../DBIG.js')+''); -eval(fs.readFileSync('../BIG.js')+''); -eval(fs.readFileSync('../FP.js')+''); -eval(fs.readFileSync('../ROM.js')+''); -eval(fs.readFileSync('../HASH.js')+''); -eval(fs.readFileSync('../RAND.js')+''); -eval(fs.readFileSync('../AES.js')+''); -eval(fs.readFileSync('../GCM.js')+''); -eval(fs.readFileSync('../ECP.js')+''); -eval(fs.readFileSync('../FP2.js')+''); -eval(fs.readFileSync('../ECP2.js')+''); -eval(fs.readFileSync('../FP4.js')+''); -eval(fs.readFileSync('../FP12.js')+''); -eval(fs.readFileSync('../PAIR.js')+''); -eval(fs.readFileSync('./MPIN.js')+''); -eval(fs.readFileSync('../MPINAuth.js')+''); - -// Configuration file -eval(fs.readFileSync('./config.js')+''); - -// Load test vectors -var vectors = require('./testVectors.json'); - -// Turn on DEBUG mode in MPINAuth -MPINAuth.DEBUG = DEBUG; - -for(var vector in vectors) - { - console.log("Test "+vectors[vector].test_no); - // Client secrets - if (DEBUG){console.log("CS1 "+vectors[vector].CS1);} - if (DEBUG){console.log("CS2 "+vectors[vector].CS2);} - if (DEBUG){console.log("CLIENT_SECRET "+vectors[vector].CLIENT_SECRET);} - var client_secret = MPINAuth.addShares(vectors[vector].CS1, vectors[vector].CS2); - if (DEBUG){console.log("client_secret "+client_secret);} - try - { - assert.equal(client_secret, vectors[vector].CLIENT_SECRET, "Client Secret Addition failed"); - } - catch(err) - { - txt="Error description: " + err.message; - console.error(txt); - console.log("TEST FAILED"); - return; - } - // Time permits - if (DEBUG){console.log("TP1 "+vectors[vector].TP1);} - if (DEBUG){console.log("TP2 "+vectors[vector].TP2);} - if (DEBUG){console.log("TIME_PERMIT "+vectors[vector].TIME_PERMIT);} - var time_permit = MPINAuth.addShares(vectors[vector].TP1, vectors[vector].TP2); - if (DEBUG){console.log("time_permit "+time_permit);} - try - { - assert.equal(time_permit, vectors[vector].TIME_PERMIT, "Time Permit Addition failed"); - } - catch(err) - { - txt="Error description: " + err.message; - console.error(txt); - console.log("TEST FAILED"); - return; - } - } -console.log("TEST PASSED"); http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/js/tests/test_onepass.js ---------------------------------------------------------------------- diff --git a/js/tests/test_onepass.js b/js/tests/test_onepass.js deleted file mode 100755 index 6304cdb..0000000 --- a/js/tests/test_onepass.js +++ /dev/null @@ -1,94 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -console.log("Testing client request generation"); -var assert = require('assert'); -var fs = require('fs'); - -// Javascript files from the PIN pad are included here: -eval(fs.readFileSync('../DBIG.js')+''); -eval(fs.readFileSync('../BIG.js')+''); -eval(fs.readFileSync('../FP.js')+''); -eval(fs.readFileSync('../ROM.js')+''); -eval(fs.readFileSync('../HASH.js')+''); -eval(fs.readFileSync('../RAND.js')+''); -eval(fs.readFileSync('../AES.js')+''); -eval(fs.readFileSync('../GCM.js')+''); -eval(fs.readFileSync('../ECP.js')+''); -eval(fs.readFileSync('../FP2.js')+''); -eval(fs.readFileSync('../ECP2.js')+''); -eval(fs.readFileSync('../FP4.js')+''); -eval(fs.readFileSync('../FP12.js')+''); -eval(fs.readFileSync('../PAIR.js')+''); -eval(fs.readFileSync('./MPIN.js')+''); -eval(fs.readFileSync('../MPINAuth.js')+''); - -// Configuration file -eval(fs.readFileSync('./config.js')+''); - -// Load test vectors -var vectors = require('./testVectorsOnePass.json'); - -// Set OTP switch -var requestOTP = 1; -// Set WID -var accessNumber = 123456; - -// Turn on DEBUG mode in MPINAuth -MPINAuth.DEBUG = DEBUG; - -var RAW=[]; -for (i=0;i<100;i++) RAW[i]=i; -var RAW_hex = MPIN.bytestostring(RAW); - -// Initiaize RNG -MPINAuth.initializeRNG(RAW_hex); - -for(var vector in vectors) - { - console.log("Test "+vectors[vector].test_no); - if (DEBUG){console.log("MPIN_ID_HEX "+vectors[vector].MPIN_ID_HEX);} - if (DEBUG){console.log("TIME_PERMIT "+vectors[vector].TIME_PERMIT);} - if (DEBUG){console.log("TOKEN "+vectors[vector].TOKEN);} - if (DEBUG){console.log("PIN2 "+vectors[vector].PIN2);} - if (DEBUG){console.log("X "+vectors[vector].X);} - if (DEBUG){console.log("Y "+vectors[vector].Y);} - if (DEBUG){console.log("U "+vectors[vector].U);} - if (DEBUG){console.log("UT "+vectors[vector].UT);} - if (DEBUG){console.log("TimeValue "+vectors[vector].TimeValue);} - if (DEBUG){console.log("DATE "+vectors[vector].DATE);} - if (DEBUG){console.log("SEC "+vectors[vector].SEC);} - var passSingle = MPINAuth.passRequest(vectors[vector].MPIN_ID_HEX, vectors[vector].TOKEN, vectors[vector].TIME_PERMIT, vectors[vector].PIN2, requestOTP, accessNumber, vectors[vector].DATE, vectors[vector].TimeValue, vectors[vector].X); - if (DEBUG){console.dir("passSingle "+passSingle);} - try - { - if (!vectors[vector].DATE){assert.equal(passSingle.U, vectors[vector].U, "U generation failed");} - assert.equal(passSingle.UT, vectors[vector].UT, "UT generation failed"); - assert.equal(passSingle.V, vectors[vector].SEC, "V generation failed"); - } - catch(err) - { - txt="Error description: " + err.message; - console.error(txt); - var cur_date = new Date(); - console.log("TEST FAILED: "+cur_date.toISOString()); - return; - } - } -console.log("TEST PASSED"); http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/js/tests/test_pass1.js ---------------------------------------------------------------------- diff --git a/js/tests/test_pass1.js b/js/tests/test_pass1.js deleted file mode 100755 index 5258087..0000000 --- a/js/tests/test_pass1.js +++ /dev/null @@ -1,84 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -console.log("Testing pass one request generation"); -var assert = require('assert'); -var fs = require('fs'); - -// Javascript files from the PIN pad are included here: -eval(fs.readFileSync('../DBIG.js')+''); -eval(fs.readFileSync('../BIG.js')+''); -eval(fs.readFileSync('../FP.js')+''); -eval(fs.readFileSync('../ROM.js')+''); -eval(fs.readFileSync('../HASH.js')+''); -eval(fs.readFileSync('../RAND.js')+''); -eval(fs.readFileSync('../AES.js')+''); -eval(fs.readFileSync('../GCM.js')+''); -eval(fs.readFileSync('../ECP.js')+''); -eval(fs.readFileSync('../FP2.js')+''); -eval(fs.readFileSync('../ECP2.js')+''); -eval(fs.readFileSync('../FP4.js')+''); -eval(fs.readFileSync('../FP12.js')+''); -eval(fs.readFileSync('../PAIR.js')+''); -eval(fs.readFileSync('./MPIN.js')+''); -eval(fs.readFileSync('../MPINAuth.js')+''); - -// Configuration file -eval(fs.readFileSync('./config.js')+''); - -// Load test vectors -var vectors = require('./testVectors.json'); - -// Turn on DEBUG mode in MPINAuth -MPINAuth.DEBUG = DEBUG; - -var RAW=[]; -for (i=0;i<100;i++) RAW[i]=i; -var RAW_hex = MPIN.bytestostring(RAW); - -// Initiaize RNG -MPINAuth.initializeRNG(RAW_hex); - -for(var vector in vectors) - { - console.log("Test "+vectors[vector].test_no); - if (DEBUG){console.log("MPIN_ID_HEX "+vectors[vector].MPIN_ID_HEX);} - if (DEBUG){console.log("TIME_PERMIT "+vectors[vector].TIME_PERMIT);} - if (DEBUG){console.log("TOKEN "+vectors[vector].TOKEN);} - if (DEBUG){console.log("PIN2 "+vectors[vector].PIN2);} - if (DEBUG){console.log("X "+vectors[vector].X);} - if (DEBUG){console.log("U "+vectors[vector].U);} - if (DEBUG){console.log("UT "+vectors[vector].UT);} - var pass1 = MPINAuth.pass1Request(vectors[vector].MPIN_ID_HEX, vectors[vector].TOKEN, vectors[vector].TIME_PERMIT, vectors[vector].PIN2, vectors[vector].DATE, vectors[vector].X); - if (DEBUG){console.dir("pass1 "+pass1);} - try - { - assert.equal(pass1.U, vectors[vector].U, "U generation failed"); - assert.equal(pass1.UT, vectors[vector].UT, "UT generation failed"); - } - catch(err) - { - txt="Error description: " + err.message; - console.error(txt); - var cur_date = new Date(); - console.log("TEST FAILED: "+cur_date.toISOString()); - return; - } - } -console.log("TEST PASSED"); http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/js/tests/test_pass2.js ---------------------------------------------------------------------- diff --git a/js/tests/test_pass2.js b/js/tests/test_pass2.js deleted file mode 100755 index 09a27d4..0000000 --- a/js/tests/test_pass2.js +++ /dev/null @@ -1,79 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -console.log("Testing pass two request generation"); -var assert = require('assert'); -var fs = require('fs'); - -// Javascript files from the PIN pad are included here: -eval(fs.readFileSync('../DBIG.js')+''); -eval(fs.readFileSync('../BIG.js')+''); -eval(fs.readFileSync('../FP.js')+''); -eval(fs.readFileSync('../ROM.js')+''); -eval(fs.readFileSync('../HASH.js')+''); -eval(fs.readFileSync('../RAND.js')+''); -eval(fs.readFileSync('../AES.js')+''); -eval(fs.readFileSync('../GCM.js')+''); -eval(fs.readFileSync('../ECP.js')+''); -eval(fs.readFileSync('../FP2.js')+''); -eval(fs.readFileSync('../ECP2.js')+''); -eval(fs.readFileSync('../FP4.js')+''); -eval(fs.readFileSync('../FP12.js')+''); -eval(fs.readFileSync('../PAIR.js')+''); -eval(fs.readFileSync('./MPIN.js')+''); -eval(fs.readFileSync('../MPINAuth.js')+''); - -// Configuration file -eval(fs.readFileSync('./config.js')+''); - -// Load test vectors -var vectors = require('./testVectors.json'); - -// Turn on DEBUG mode in MPINAuth -MPINAuth.DEBUG = DEBUG; - -// Set OTP switch -var requestOTP = 1; -// Set WID -var accessNumber = 123456; - -for(var vector in vectors) - { - console.log("Test "+vectors[vector].test_no); - if (DEBUG){console.log("X "+vectors[vector].X);} - if (DEBUG){console.log("Y "+vectors[vector].Y);} - if (DEBUG){console.log("SEC "+vectors[vector].SEC);} - MPINAuth.X = MPINAuth.hextobytes(vectors[vector].X); - MPINAuth.SEC = MPINAuth.hextobytes(vectors[vector].SEC); - var pass2 = MPINAuth.pass2Request(vectors[vector].Y, requestOTP, accessNumber); - if (DEBUG){console.dir("pass2 "+pass2);} - try - { - assert.equal(pass2.V, vectors[vector].V, "V generation failed"); - } - catch(err) - { - txt="Error description: " + err.message; - console.error(txt); - var cur_date = new Date(); - console.log("TEST FAILED: "+cur_date.toISOString()); - return; - } - } -console.log("TEST PASSED"); http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/js/tests/test_randomX.js ---------------------------------------------------------------------- diff --git a/js/tests/test_randomX.js b/js/tests/test_randomX.js deleted file mode 100755 index 9c7e8bb..0000000 --- a/js/tests/test_randomX.js +++ /dev/null @@ -1,98 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -console.log("Testing randomX"); -var assert = require('assert'); -var fs = require('fs'); -var crypto = require('crypto'); - -// Javascript files from the PIN pad are included here: -eval(fs.readFileSync('../DBIG.js')+''); -eval(fs.readFileSync('../BIG.js')+''); -eval(fs.readFileSync('../FP.js')+''); -eval(fs.readFileSync('../ROM.js')+''); -eval(fs.readFileSync('../HASH.js')+''); -eval(fs.readFileSync('../RAND.js')+''); -eval(fs.readFileSync('../AES.js')+''); -eval(fs.readFileSync('../GCM.js')+''); -eval(fs.readFileSync('../ECP.js')+''); -eval(fs.readFileSync('../FP2.js')+''); -eval(fs.readFileSync('../ECP2.js')+''); -eval(fs.readFileSync('../FP4.js')+''); -eval(fs.readFileSync('../FP12.js')+''); -eval(fs.readFileSync('../PAIR.js')+''); -eval(fs.readFileSync('./MPIN.js')+''); -eval(fs.readFileSync('../MPINAuth.js')+''); - -// Configuration file -eval(fs.readFileSync('./config.js')+''); - -// Turn on DEBUG mode in MPINAuth -MPINAuth.DEBUG = DEBUG; - -var x_vals=[]; - -// Initiaize RNG -var seed = crypto.randomBytes(32); -var seed_hex = seed.toString("hex"); -MPINAuth.initializeRNG(seed_hex); - -mpin_id_hex = "7b226d6f62696c65223a20312c2022697373756564223a2022323031342d31322d31385431303a32303a32395a222c2022757365724944223a20223531306263313033353530616465636332316438393730303835323763323666406365727469766f782e636f6d222c202273616c74223a202234656233336433356366323963653161227d"; -token_hex = "040128e30db2a7e5a26770498f558eab68920f58b4f707e738390160b2b4883bfb0521fe217597f279286818496a303e8d4b1a7e97b9c30d6c9fae99362c043e26"; -timePermit_hex = "041019f24b3dbae8727fef08323e38fd36dcd1193f6de3286e7c4b224c539850a8200ee94fa5c45fa3350b14d015ebc4834ac57c4705712206655252a1a57939be"; -PIN = 777 -date = 16639 - -// Assign values of x to array -for(var i = 0; i < 10;i++) - { - var pass1 = MPINAuth.pass1Request(mpin_id_hex, token_hex, timePermit_hex, PIN, date, null); - x_hex = MPIN.bytestostring(MPINAuth.X); - if(DEBUG){console.log("iter: "+i+" X: "+x_hex);} - x_vals.push(x_hex); - } - -// Model re-rendering of page -var seed = crypto.randomBytes(32); -var seed_hex = seed.toString("hex"); -MPINAuth.initializeRNG(seed_hex); - -// Assign values of x to array -for(var i = 0; i < 10;i++) - { - var pass1 = MPINAuth.pass1Request(mpin_id_hex, token_hex, timePermit_hex, PIN, date, null); - x_hex = MPIN.bytestostring(MPINAuth.X); - if(DEBUG){console.log("iter: "+i+" X: "+x_hex);} - x_vals.push(x_hex); - } - -if(DEBUG){console.dir(x_vals);} - -// Write values to file for further processing -x_json = JSON.stringify(x_vals); -if(DEBUG){console.log(x_json);} -var output_file = "./randomX.json"; -fs.writeFile(output_file, x_json, function(err) { - if(err) { - console.log(err); - console.log("Error writing to "+output_file); - } -}); -console.log(output_file+" generated"); - http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/js/tests/test_sha256.js ---------------------------------------------------------------------- diff --git a/js/tests/test_sha256.js b/js/tests/test_sha256.js deleted file mode 100755 index ceabd4b..0000000 --- a/js/tests/test_sha256.js +++ /dev/null @@ -1,92 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -console.log("Testing sha256"); -var assert = require('assert'); -var fs = require('fs'); -var crypto = require('crypto'); - -// Javascript files from the PIN pad are included here: -eval(fs.readFileSync('../DBIG.js')+''); -eval(fs.readFileSync('../BIG.js')+''); -eval(fs.readFileSync('../FP.js')+''); -eval(fs.readFileSync('../ROM.js')+''); -eval(fs.readFileSync('../HASH.js')+''); -eval(fs.readFileSync('../RAND.js')+''); -eval(fs.readFileSync('../AES.js')+''); -eval(fs.readFileSync('../GCM.js')+''); -eval(fs.readFileSync('../ECP.js')+''); -eval(fs.readFileSync('../FP2.js')+''); -eval(fs.readFileSync('../ECP2.js')+''); -eval(fs.readFileSync('../FP4.js')+''); -eval(fs.readFileSync('../FP12.js')+''); -eval(fs.readFileSync('../PAIR.js')+''); -eval(fs.readFileSync('./MPIN.js')+''); -eval(fs.readFileSync('../MPINAuth.js')+''); - -// Configuration file -eval(fs.readFileSync('./config.js')+''); - -// Turn on DEBUG mode in MPINAuth -MPINAuth.DEBUG = DEBUG; - -// Compare M-Pin sha256 with crypto version -for (i=0;i<100;i++) - { - console.log("Test "+i); - // Data for mpin_id - var randomUser = crypto.randomBytes(32); - var userID = randomUser.toString("hex"); - var cur_date = new Date(); - var issued = cur_date.toISOString(); - var salt = crypto.randomBytes(16); - var salt_hex = salt.toString("hex"); - - // Form MPin ID - var endUserdata = { - "issued": issued, - "userID": userID, - "mobile": 1, - "salt": salt_hex - }; - mpin_id = JSON.stringify(endUserdata); - hash_mpin_id_hex1 = crypto.createHash('sha256').update(mpin_id).digest('hex'); - - var mpin_id_bytes =MPIN.stringtobytes(mpin_id); - var hash_mpin_id_bytes=[]; - hash_mpin_id_bytes = MPIN.HASH_ID(mpin_id_bytes) - var hash_mpin_id_hex2 = MPIN.bytestostring(hash_mpin_id_bytes); - - if (DEBUG){console.log("hash_mpin_id_hex1: "+hash_mpin_id_hex1 + "\nhash_mpin_id_hex2: "+hash_mpin_id_hex2);} - try - { - assert.equal(hash_mpin_id_hex1, hash_mpin_id_hex2, "sha256 test failed"); - } - catch(err) - { - txt="Error description: " + err.message; - console.error(txt); - var cur_date = new Date(); - console.log("TEST FAILED: "+cur_date.toISOString()); - return; - } - - - - } http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/js/tests/test_token.js ---------------------------------------------------------------------- diff --git a/js/tests/test_token.js b/js/tests/test_token.js deleted file mode 100755 index c82ffc5..0000000 --- a/js/tests/test_token.js +++ /dev/null @@ -1,72 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -console.log("Testing token generation"); -var assert = require('assert'); -var fs = require('fs'); - -// Javascript files from the PIN pad are included here: -eval(fs.readFileSync('../DBIG.js')+''); -eval(fs.readFileSync('../BIG.js')+''); -eval(fs.readFileSync('../FP.js')+''); -eval(fs.readFileSync('../ROM.js')+''); -eval(fs.readFileSync('../HASH.js')+''); -eval(fs.readFileSync('../RAND.js')+''); -eval(fs.readFileSync('../AES.js')+''); -eval(fs.readFileSync('../GCM.js')+''); -eval(fs.readFileSync('../ECP.js')+''); -eval(fs.readFileSync('../FP2.js')+''); -eval(fs.readFileSync('../ECP2.js')+''); -eval(fs.readFileSync('../FP4.js')+''); -eval(fs.readFileSync('../FP12.js')+''); -eval(fs.readFileSync('../PAIR.js')+''); -eval(fs.readFileSync('./MPIN.js')+''); -eval(fs.readFileSync('../MPINAuth.js')+''); - -// Configuration file -eval(fs.readFileSync('./config.js')+''); - -// Load test vectors -var vectors = require('./testVectors.json'); - -// Turn on DEBUG mode in MPINAuth -MPINAuth.DEBUG = DEBUG; - -for(var vector in vectors) - { - console.log("Test "+vectors[vector].test_no); - if (DEBUG){console.log("PIN "+vectors[vector].PIN1);} - if (DEBUG){console.log("CLIENT_SECRET "+vectors[vector].CLIENT_SECRET);} - if (DEBUG){console.log("MPIN_ID_HEX "+vectors[vector].MPIN_ID_HEX);} - if (DEBUG){console.log("TOKEN "+vectors[vector].TOKEN);} - var token = MPINAuth.calculateMPinToken(vectors[vector].MPIN_ID_HEX, vectors[vector].PIN1, vectors[vector].CLIENT_SECRET); - if (DEBUG){console.log("token "+token);} - try - { - assert.equal(token, vectors[vector].TOKEN, "Token generation failed"); - } - catch(err) - { - txt="Error description: " + err.message; - console.error(txt); - console.log("TEST FAILED"); - return; - } - } -console.log("TEST PASSED"); http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/linux.md ---------------------------------------------------------------------- diff --git a/linux.md b/linux.md deleted file mode 100644 index 40556e0..0000000 --- a/linux.md +++ /dev/null @@ -1,55 +0,0 @@ -<h2>Software dependencies</h2> - -CMake is required to build the library and can usually be installed from -the operating system package manager. - -<ul type="disc"> - <li>sudo apt-get install cmake</li> -</ul> - -If not, then you can download it from www.cmake.org - -The C Foreign Function Interface for Python <a href="https://cffi.readthedocs.org/en/latest/";>CFFI</a> module -is also required if you wish to use the Python module. - -<ul type="disc"> - <li>sudo pip install cffi</li> -</ul> - -In order to build the documentation <a href="http://www.stack.nl/~dimitri/doxygen/";>doxygen</a> is required. - -<h2>Build Instructions</h2> - -<p>The default build is for 32 bit machines</p> - -<ol type="disc"> - <li>mkdir Release</li> - <li>cd Release</li> - <li>cmake ..</li> - <li>make</li> - <li>make test</li> - <li>make doc</li> - <li>sudo make install</li> -</ol> - -<p>The build can be configured using by setting flags on the command line i.e.</p> - -<ol type="disc"> - <li>cmake -DWORD_LENGTH=64 ..</li> -</ol> - -<h2>Uninstall software</h2> - -<ul type="disc"> - <li>sudo make uninstall</li> -</ul> - -<h2>Building an installer</h2> - -<p>After having built the libraries you can build a binary installer and a source distribution by running this command</p> - -<ul type="disc"> - <li>make package</li> -</ul> - - http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/mac.md ---------------------------------------------------------------------- diff --git a/mac.md b/mac.md deleted file mode 100644 index 8c24982..0000000 --- a/mac.md +++ /dev/null @@ -1,56 +0,0 @@ -<h2>Software dependencies</h2> - -Install <a href="http://brew.sh/";>Homebrew</a> - -<ul type="disc"> - <li>ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"</li> -</ul> - -Install <a href="http://www.cmake.org/download/";>cmake</a> - -<ul type="disc"> - <li>brew install cmake</li> -</ul> - -The C Foreign Function Interface for Python <a href="https://cffi.readthedocs.org/en/latest/";>CFFI</a> module -is also required if you wish to use the Python module. - -<ul type="disc"> - <li>brew install pkg-config libffi</li> - <li>sudo pip install cffi</li> -</ul> - -In order to build the documentation <a href="http://www.stack.nl/~dimitri/doxygen/";>doxygen</a> is required. - -<ul type="disc"> - <li>brew install doxygen</li> -</ul> - -<h2>Build Instructions</h2> - -<p>The default build is for 32 bit machines</p> - -<ol type="disc"> - <li>mkdir Release</li> - <li>cd Release</li> - <li>cmake ..</li> - <li>make</li> - <li>make test</li> - <li>make doc</li> - <li>sudo make install</li> -</ol> - -<p>The build can be configured using by setting flags on the command line i.e.</p> - -<ol type="disc"> - <li>cmake -DWORD_LENGTH=64 ..</li> -</ol> - -<h2>Uninstall software</h2> - -<ul type="disc"> - <li>sudo make uninstall</li> -</ul> - - - http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/pythonCFFI/CMakeLists.txt ---------------------------------------------------------------------- diff --git a/pythonCFFI/CMakeLists.txt b/pythonCFFI/CMakeLists.txt deleted file mode 100644 index 557a8e6..0000000 --- a/pythonCFFI/CMakeLists.txt +++ /dev/null @@ -1,138 +0,0 @@ -# Install M-PIN module - -if(BUILD_MPIN) - if(${CMAKE_SYSTEM_NAME} MATCHES "Linux") - INSTALL(FILES ${PROJECT_SOURCE_DIR}/pythonCFFI/mpin.py DESTINATION "${PYTHON_SITE_PACKAGES}" PERMISSIONS - OWNER_WRITE OWNER_READ OWNER_EXECUTE - GROUP_READ GROUP_EXECUTE - WORLD_READ WORLD_EXECUTE) - - if (USE_ANONYMOUS) - INSTALL(FILES ${PROJECT_SOURCE_DIR}/pythonCFFI/TestMPINAnonInstall.py DESTINATION bin PERMISSIONS - OWNER_WRITE OWNER_READ OWNER_EXECUTE - GROUP_READ GROUP_EXECUTE - WORLD_READ WORLD_EXECUTE) - else (USE_ANONYMOUS) - INSTALL(FILES ${PROJECT_SOURCE_DIR}/pythonCFFI/TestMPINInstall.py DESTINATION bin PERMISSIONS - OWNER_WRITE OWNER_READ OWNER_EXECUTE - GROUP_READ GROUP_EXECUTE - WORLD_READ WORLD_EXECUTE) - endif (USE_ANONYMOUS) - - endif(${CMAKE_SYSTEM_NAME} MATCHES "Linux") - - if(${CMAKE_SYSTEM_NAME} MATCHES "Windows") - # Windows specific code - INSTALL(FILES ${PROJECT_SOURCE_DIR}/pythonCFFI/mpin.py DESTINATION lib) - if (USE_ANONYMOUS) - INSTALL(FILES ${PROJECT_SOURCE_DIR}/pythonCFFI/TestMPINAnonInstall.py DESTINATION lib) - else (USE_ANONYMOUS) - INSTALL(FILES ${PROJECT_SOURCE_DIR}/pythonCFFI/TestMPINInstall.py DESTINATION lib) - endif (USE_ANONYMOUS) - endif(${CMAKE_SYSTEM_NAME} MATCHES "Windows") - - if(${CMAKE_SYSTEM_NAME} MATCHES "Darwin") - # Mac OS X specific code - INSTALL(FILES ${PROJECT_SOURCE_DIR}/pythonCFFI/mpin.py DESTINATION "${PYTHON_SITE_PACKAGES}" PERMISSIONS - OWNER_WRITE OWNER_READ OWNER_EXECUTE - GROUP_READ GROUP_EXECUTE - WORLD_READ WORLD_EXECUTE) - - if (USE_ANONYMOUS) - INSTALL(FILES ${PROJECT_SOURCE_DIR}/pythonCFFI/TestMPINAnonInstall.py DESTINATION bin PERMISSIONS - OWNER_WRITE OWNER_READ OWNER_EXECUTE - GROUP_READ GROUP_EXECUTE - WORLD_READ WORLD_EXECUTE) - else (USE_ANONYMOUS) - INSTALL(FILES ${PROJECT_SOURCE_DIR}/pythonCFFI/TestMPINInstall.py DESTINATION bin PERMISSIONS - OWNER_WRITE OWNER_READ OWNER_EXECUTE - GROUP_READ GROUP_EXECUTE - WORLD_READ WORLD_EXECUTE) - endif (USE_ANONYMOUS) - - endif(${CMAKE_SYSTEM_NAME} MATCHES "Darwin") - - file(COPY mpin.py DESTINATION "${PROJECT_BINARY_DIR}/pythonCFFI/") - if (USE_ANONYMOUS) - file(COPY TestMPINAnonInstall.py DESTINATION "${PROJECT_BINARY_DIR}/pythonCFFI/") - add_test (TestMPINAnonInstall python TestMPINAnonInstall.py) - else (USE_ANONYMOUS) - file(COPY TestMPINInstall.py DESTINATION "${PROJECT_BINARY_DIR}/pythonCFFI/") - add_test (TestMPINInstall python TestMPINInstall.py) - endif (USE_ANONYMOUS) - - - if(FIELD_CHOICE STREQUAL "BNCX") - if (USE_ANONYMOUS) - file(COPY TestMPINAnon.py DESTINATION "${PROJECT_BINARY_DIR}/pythonCFFI/") - add_test (TestMPINAnonBNCX python TestMPINAnon.py) - else (USE_ANONYMOUS) - file(COPY TestMPIN.py DESTINATION "${PROJECT_BINARY_DIR}/pythonCFFI/") - add_test (TestMPINBNCX python TestMPIN.py) - endif (USE_ANONYMOUS) - endif(FIELD_CHOICE STREQUAL "BNCX") - - -endif(BUILD_MPIN) - - -if(BUILD_SOK) - if(${CMAKE_SYSTEM_NAME} MATCHES "Linux") - INSTALL(FILES ${PROJECT_SOURCE_DIR}/pythonCFFI/sok.py DESTINATION "${PYTHON_SITE_PACKAGES}" PERMISSIONS - OWNER_WRITE OWNER_READ OWNER_EXECUTE - GROUP_READ GROUP_EXECUTE - WORLD_READ WORLD_EXECUTE) - INSTALL(FILES ${PROJECT_SOURCE_DIR}/pythonCFFI/TestSOKInstall.py DESTINATION bin PERMISSIONS - OWNER_WRITE OWNER_READ OWNER_EXECUTE - GROUP_READ GROUP_EXECUTE - WORLD_READ WORLD_EXECUTE) - endif(${CMAKE_SYSTEM_NAME} MATCHES "Linux") - - if(${CMAKE_SYSTEM_NAME} MATCHES "Windows") - # Windows specific code - INSTALL(FILES ${PROJECT_SOURCE_DIR}/pythonCFFI/sok.py DESTINATION lib) - INSTALL(FILES ${PROJECT_SOURCE_DIR}/pythonCFFI/TestSOKInstall.py DESTINATION lib) - endif(${CMAKE_SYSTEM_NAME} MATCHES "Windows") - - if(${CMAKE_SYSTEM_NAME} MATCHES "Darwin") - # Mac OS X specific code - INSTALL(FILES ${PROJECT_SOURCE_DIR}/pythonCFFI/sok.py DESTINATION "${PYTHON_SITE_PACKAGES}" PERMISSIONS - OWNER_WRITE OWNER_READ OWNER_EXECUTE - GROUP_READ GROUP_EXECUTE - WORLD_READ WORLD_EXECUTE) - INSTALL(FILES ${PROJECT_SOURCE_DIR}/pythonCFFI/TestSOKInstall.py DESTINATION bin PERMISSIONS - OWNER_WRITE OWNER_READ OWNER_EXECUTE - GROUP_READ GROUP_EXECUTE - WORLD_READ WORLD_EXECUTE) - endif(${CMAKE_SYSTEM_NAME} MATCHES "Darwin") - - file(COPY sok.py DESTINATION "${PROJECT_BINARY_DIR}/pythonCFFI/") - file(COPY TestSOKInstall.py DESTINATION "${PROJECT_BINARY_DIR}/pythonCFFI/") - - add_test (TestSOKInstall python TestSOKInstall.py) -endif(BUILD_SOK) - - -if(BUILD_WCC) - if(${CMAKE_SYSTEM_NAME} MATCHES "Linux") - INSTALL(FILES ${PROJECT_SOURCE_DIR}/pythonCFFI/wcc.py DESTINATION "${PYTHON_SITE_PACKAGES}" PERMISSIONS - OWNER_WRITE OWNER_READ OWNER_EXECUTE - GROUP_READ GROUP_EXECUTE - WORLD_READ WORLD_EXECUTE) - endif(${CMAKE_SYSTEM_NAME} MATCHES "Linux") - - if(${CMAKE_SYSTEM_NAME} MATCHES "Windows") - # Windows specific code - INSTALL(FILES ${PROJECT_SOURCE_DIR}/pythonCFFI/wcc.py DESTINATION lib) - endif(${CMAKE_SYSTEM_NAME} MATCHES "Windows") - - if(${CMAKE_SYSTEM_NAME} MATCHES "Darwin") - # Mac OS X specific code - INSTALL(FILES ${PROJECT_SOURCE_DIR}/pythonCFFI/wcc.py DESTINATION "${PYTHON_SITE_PACKAGES}" PERMISSIONS - OWNER_WRITE OWNER_READ OWNER_EXECUTE - GROUP_READ GROUP_EXECUTE - WORLD_READ WORLD_EXECUTE) - endif(${CMAKE_SYSTEM_NAME} MATCHES "Darwin") - - file(COPY wcc.py DESTINATION "${PROJECT_BINARY_DIR}/pythonCFFI/") -endif(BUILD_WCC) http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/pythonCFFI/README.md ---------------------------------------------------------------------- diff --git a/pythonCFFI/README.md b/pythonCFFI/README.md deleted file mode 100644 index e672502..0000000 --- a/pythonCFFI/README.md +++ /dev/null @@ -1,15 +0,0 @@ -This directory contains the python module that -interacts with the c code using CFFI. - -To run all MPIN tests - -./TestMPINInstall.py -v - -To run all SOK tests - -./TestSOKInstall.py -v - -To run all WCC tests - -./TestWCCInstall.py -v - http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/pythonCFFI/TestMPIN.py ---------------------------------------------------------------------- diff --git a/pythonCFFI/TestMPIN.py b/pythonCFFI/TestMPIN.py deleted file mode 100755 index 24cb516..0000000 --- a/pythonCFFI/TestMPIN.py +++ /dev/null @@ -1,326 +0,0 @@ -#!/usr/bin/env python - -""" -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -""" -import unittest -import json - -from mpin import ffi, G1, G2, HASH_BYTES, libmpin, PFS, PGS, toHex - -# Master Secret Shares -MS1 = ffi.new("octet*") -MS1val = ffi.new("char []", PGS) -MS1[0].val = MS1val -MS1[0].max = PGS -MS1[0].len = PGS - -MS2 = ffi.new("octet*") -MS2val = ffi.new("char []", PGS) -MS2[0].val = MS2val -MS2[0].max = PGS -MS2[0].len = PGS - -# Client secret and shares -CS1 = ffi.new("octet*") -CS1val = ffi.new("char []", G1) -CS1[0].val = CS1val -CS1[0].max = G1 -CS1[0].len = G1 - -CS2 = ffi.new("octet*") -CS2val = ffi.new("char []", G1) -CS2[0].val = CS2val -CS2[0].max = G1 -CS2[0].len = G1 - -SEC = ffi.new("octet*") -SECval = ffi.new("char []", G1) -SEC[0].val = SECval -SEC[0].max = G1 -SEC[0].len = G1 - -# Server secret and shares -SS1 = ffi.new("octet*") -SS1val = ffi.new("char []", G2) -SS1[0].val = SS1val -SS1[0].max = G2 -SS1[0].len = G2 - -SS2 = ffi.new("octet*") -SS2val = ffi.new("char []", G2) -SS2[0].val = SS2val -SS2[0].max = G2 -SS2[0].len = G2 - -SERVER_SECRET = ffi.new("octet*") -SERVER_SECRETval = ffi.new("char []", G2) -SERVER_SECRET[0].val = SERVER_SECRETval -SERVER_SECRET[0].max = G2 -SERVER_SECRET[0].len = G2 - -# Time Permit and shares -TP1 = ffi.new("octet*") -TP1val = ffi.new("char []", G1) -TP1[0].val = TP1val -TP1[0].max = G1 -TP1[0].len = G1 - -TP2 = ffi.new("octet*") -TP2val = ffi.new("char []", G1) -TP2[0].val = TP2val -TP2[0].max = G1 -TP2[0].len = G1 - -TIME_PERMIT = ffi.new("octet*") -TIME_PERMITval = ffi.new("char []", G1) -TIME_PERMIT[0].val = TIME_PERMITval -TIME_PERMIT[0].max = G1 -TIME_PERMIT[0].len = G1 - -# Token stored on computer -TOKEN = ffi.new("octet*") -TOKENval = ffi.new("char []", G1) -TOKEN[0].val = TOKENval -TOKEN[0].max = G1 -TOKEN[0].len = G1 - -UT = ffi.new("octet*") -UTval = ffi.new("char []", G1) -UT[0].val = UTval -UT[0].max = G1 -UT[0].len = G1 - -U = ffi.new("octet*") -Uval = ffi.new("char []", G1) -U[0].val = Uval -U[0].max = G1 -U[0].len = G1 - -X = ffi.new("octet*") -Xval = ffi.new("char []", PGS) -X[0].val = Xval -X[0].max = PGS -X[0].len = PGS - -Y = ffi.new("octet*") -Yval = ffi.new("char []", PGS) -Y[0].val = Yval -Y[0].max = PGS -Y[0].len = PGS - -lenEF = 12 * PFS -E = ffi.new("octet*") -Eval = ffi.new("char []", lenEF) -E[0].val = Eval -E[0].max = lenEF -E[0].len = lenEF - -F = ffi.new("octet*") -Fval = ffi.new("char []", lenEF) -F[0].val = Fval -F[0].max = lenEF -F[0].len = lenEF - -# H(ID) -HID = ffi.new("octet*") -HIDval = ffi.new("char []", G1) -HID[0].val = HIDval -HID[0].max = G1 -HID[0].len = G1 - -# H(T|H(ID)) -HTID = ffi.new("octet*") -HTIDval = ffi.new("char []", G1) -HTID[0].val = HTIDval -HTID[0].max = G1 -HTID[0].len = G1 - - -class TestMPIN(unittest.TestCase): - """Tests M-Pin crypto code""" - - def setUp(self): - - # Form MPin ID - endUserData = { - "issued": "2013-10-19T06:12:28Z", - "userID": "[email protected]", - "mobile": 1, - "salt": "e985da112a378c222cfc2f7226097b0c" - } - mpin_id = json.dumps(endUserData) - - self.MPIN_ID = ffi.new("octet*") - self.MPIN_IDval = ffi.new("char [%s]" % len(mpin_id), mpin_id) - self.MPIN_ID[0].val = self.MPIN_IDval - self.MPIN_ID[0].max = len(mpin_id) - self.MPIN_ID[0].len = len(mpin_id) - - # Hash value of MPIN_ID - self.HASH_MPIN_ID = ffi.new("octet*") - self.HASH_MPIN_IDval = ffi.new("char []", HASH_BYTES) - self.HASH_MPIN_ID[0].val = self.HASH_MPIN_IDval - self.HASH_MPIN_ID[0].max = HASH_BYTES - self.HASH_MPIN_ID[0].len = HASH_BYTES - libmpin.MPIN_HASH_ID(self.MPIN_ID, self.HASH_MPIN_ID) - - # Assign a seed value - seedHex = "3ade3d4a5c698e8910bf92f25d97ceeb7c25ed838901a5cb5db2cf25434c1fe76c7f79b7af2e5e1e4988e4294dbd9bd9fa3960197fb7aec373609fb890d74b16a4b14b2ae7e23b75f15d36c21791272372863c4f8af39980283ae69a79cf4e48e908f9e0" - self.seed = seedHex.decode("hex") - self.RAW = ffi.new("octet*") - self.RAWval = ffi.new("char [%s]" % len(self.seed), self.seed) - self.RAW[0].val = self.RAWval - self.RAW[0].len = len(self.seed) - self.RAW[0].max = len(self.seed) - - self.date = 16238 - - def test_1(self): - """test_1 Good PIN and good token""" - vectors = json.load(open("./MPINTestVectors.json", "r")) - for vector in vectors: - print "Test vector {}".format(vector['test_no']) - - PIN1 = vector['PIN1'] - PIN2 = vector['PIN2'] - date = vector['DATE'] - - # random number generator - RNG = ffi.new("csprng*") - libmpin.MPIN_CREATE_CSPRNG(RNG, self.RAW) - - MS1_HEX = vector['MS1'] - MS2_HEX = vector['MS2'] - - ms1_bin = MS1_HEX.decode("hex") - MS1 = ffi.new("octet*") - MS1val = ffi.new("char [%s]" % len(ms1_bin), ms1_bin) - MS1[0].val = MS1val - MS1[0].max = PGS - MS1[0].len = PGS - - ms2_bin = MS2_HEX.decode("hex") - MS2 = ffi.new("octet*") - MS2val = ffi.new("char [%s]" % len(ms2_bin), ms2_bin) - MS2[0].val = MS2val - MS2[0].max = PGS - MS2[0].len = PGS - - # Generate server secret shares - rtn = libmpin.MPIN_GET_SERVER_SECRET(MS1, SS1) - self.assertEqual(rtn, 0) - self.assertEqual(vector['SS1'], toHex(SS1)) - rtn = libmpin.MPIN_GET_SERVER_SECRET(MS2, SS2) - self.assertEqual(rtn, 0) - self.assertEqual(vector['SS2'], toHex(SS2)) - - # Combine server secret shares - rtn = libmpin.MPIN_RECOMBINE_G2(SS1, SS2, SERVER_SECRET) - self.assertEqual(rtn, 0) - self.assertEqual(vector['SERVER_SECRET'], toHex(SERVER_SECRET)) - - mpin_id = vector['MPIN_ID_HEX'].decode("hex") - MPIN_ID = ffi.new("octet*") - MPIN_IDval = ffi.new("char [%s]" % len(mpin_id), mpin_id) - MPIN_ID[0].val = MPIN_IDval - MPIN_ID[0].max = len(mpin_id) - MPIN_ID[0].len = len(mpin_id) - - # Hash value of MPIN_ID - HASH_MPIN_ID = ffi.new("octet*") - HASH_MPIN_IDval = ffi.new("char []", HASH_BYTES) - HASH_MPIN_ID[0].val = HASH_MPIN_IDval - HASH_MPIN_ID[0].max = HASH_BYTES - HASH_MPIN_ID[0].len = HASH_BYTES - libmpin.MPIN_HASH_ID(MPIN_ID, HASH_MPIN_ID) - self.assertEqual(vector['HASH_MPIN_ID_HEX'], toHex(HASH_MPIN_ID)) - - # Generate client secret shares - rtn = libmpin.MPIN_GET_CLIENT_SECRET(MS1, HASH_MPIN_ID, CS1) - self.assertEqual(rtn, 0) - self.assertEqual(vector['CS1'], toHex(CS1)) - rtn = libmpin.MPIN_GET_CLIENT_SECRET(MS2, HASH_MPIN_ID, CS2) - self.assertEqual(rtn, 0) - self.assertEqual(vector['CS2'], toHex(CS2)) - - # Combine client secret shares : TOKEN is the full client secret - rtn = libmpin.MPIN_RECOMBINE_G1(CS1, CS2, TOKEN) - self.assertEqual(rtn, 0) - self.assertEqual(vector['CLIENT_SECRET'], toHex(TOKEN)) - - # Generate Time Permit shares - rtn = libmpin.MPIN_GET_CLIENT_PERMIT(date, MS1, HASH_MPIN_ID, TP1) - self.assertEqual(rtn, 0) - self.assertEqual(vector['TP1'], toHex(TP1)) - rtn = libmpin.MPIN_GET_CLIENT_PERMIT(date, MS2, HASH_MPIN_ID, TP2) - self.assertEqual(rtn, 0) - self.assertEqual(vector['TP2'], toHex(TP2)) - - # Combine Time Permit shares - rtn = libmpin.MPIN_RECOMBINE_G1(TP1, TP2, TIME_PERMIT) - self.assertEqual(rtn, 0) - self.assertEqual(vector['TIME_PERMIT'], toHex(TIME_PERMIT)) - - # Client extracts PIN from secret to create Token - rtn = libmpin.MPIN_EXTRACT_PIN(MPIN_ID, PIN1, TOKEN) - self.assertEqual(rtn, 0) - self.assertEqual(vector['TOKEN'], toHex(TOKEN)) - - x = vector['X'].decode("hex") - X = ffi.new("octet*") - Xval = ffi.new("char [%s]" % PGS, x) - X[0].val = Xval - X[0].max = PGS - X[0].len = PGS - - # Client first pass. Use X value from test vectors - rtn = libmpin.MPIN_CLIENT_1(date, MPIN_ID, ffi.NULL, X, PIN2, TOKEN, SEC, U, UT, TIME_PERMIT) - self.assertEqual(rtn, 0) - self.assertEqual(vector['X'], toHex(X)) - self.assertEqual(vector['U'], toHex(U)) - self.assertEqual(vector['UT'], toHex(UT)) - self.assertEqual(vector['SEC'], toHex(SEC)) - - # Server calculates H(ID) and H(T|H(ID)) - libmpin.MPIN_SERVER_1(date, MPIN_ID, HID, HTID) - - # Server generates Random number Y and sends it to Client - # rtn = libmpin.MPIN_RANDOM_GENERATE(RNG,Y) - # self.assertEqual(rtn, 0) - - # Use Y value from test vectors - y = vector['Y'].decode("hex") - Y = ffi.new("octet*") - Yval = ffi.new("char [%s]" % PGS, y) - Y[0].val = Yval - Y[0].max = PGS - Y[0].len = PGS - - # Client second pass - rtn = libmpin.MPIN_CLIENT_2(X, Y, SEC) - self.assertEqual(rtn, 0) - self.assertEqual(vector['V'], toHex(SEC)) - - # Server second pass - rtn = libmpin.MPIN_SERVER_2(date, HID, HTID, Y, SERVER_SECRET, U, UT, SEC, E, F) - self.assertEqual(rtn, vector['SERVER_OUTPUT']) - -if __name__ == '__main__': - # Run tests - unittest.main() http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/pythonCFFI/TestMPINAnon.py ---------------------------------------------------------------------- diff --git a/pythonCFFI/TestMPINAnon.py b/pythonCFFI/TestMPINAnon.py deleted file mode 100755 index ae332c5..0000000 --- a/pythonCFFI/TestMPINAnon.py +++ /dev/null @@ -1,326 +0,0 @@ -#!/usr/bin/env python - -""" -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -""" -import unittest -import json - -from mpin import ffi, G1, G2, HASH_BYTES, libmpin, PFS, PGS, toHex - -# Master Secret Shares -MS1 = ffi.new("octet*") -MS1val = ffi.new("char []", PGS) -MS1[0].val = MS1val -MS1[0].max = PGS -MS1[0].len = PGS - -MS2 = ffi.new("octet*") -MS2val = ffi.new("char []", PGS) -MS2[0].val = MS2val -MS2[0].max = PGS -MS2[0].len = PGS - -# Client secret and shares -CS1 = ffi.new("octet*") -CS1val = ffi.new("char []", G1) -CS1[0].val = CS1val -CS1[0].max = G1 -CS1[0].len = G1 - -CS2 = ffi.new("octet*") -CS2val = ffi.new("char []", G1) -CS2[0].val = CS2val -CS2[0].max = G1 -CS2[0].len = G1 - -SEC = ffi.new("octet*") -SECval = ffi.new("char []", G1) -SEC[0].val = SECval -SEC[0].max = G1 -SEC[0].len = G1 - -# Server secret and shares -SS1 = ffi.new("octet*") -SS1val = ffi.new("char []", G2) -SS1[0].val = SS1val -SS1[0].max = G2 -SS1[0].len = G2 - -SS2 = ffi.new("octet*") -SS2val = ffi.new("char []", G2) -SS2[0].val = SS2val -SS2[0].max = G2 -SS2[0].len = G2 - -SERVER_SECRET = ffi.new("octet*") -SERVER_SECRETval = ffi.new("char []", G2) -SERVER_SECRET[0].val = SERVER_SECRETval -SERVER_SECRET[0].max = G2 -SERVER_SECRET[0].len = G2 - -# Time Permit and shares -TP1 = ffi.new("octet*") -TP1val = ffi.new("char []", G1) -TP1[0].val = TP1val -TP1[0].max = G1 -TP1[0].len = G1 - -TP2 = ffi.new("octet*") -TP2val = ffi.new("char []", G1) -TP2[0].val = TP2val -TP2[0].max = G1 -TP2[0].len = G1 - -TIME_PERMIT = ffi.new("octet*") -TIME_PERMITval = ffi.new("char []", G1) -TIME_PERMIT[0].val = TIME_PERMITval -TIME_PERMIT[0].max = G1 -TIME_PERMIT[0].len = G1 - -# Token stored on computer -TOKEN = ffi.new("octet*") -TOKENval = ffi.new("char []", G1) -TOKEN[0].val = TOKENval -TOKEN[0].max = G1 -TOKEN[0].len = G1 - -UT = ffi.new("octet*") -UTval = ffi.new("char []", G1) -UT[0].val = UTval -UT[0].max = G1 -UT[0].len = G1 - -U = ffi.new("octet*") -Uval = ffi.new("char []", G1) -U[0].val = Uval -U[0].max = G1 -U[0].len = G1 - -X = ffi.new("octet*") -Xval = ffi.new("char []", PGS) -X[0].val = Xval -X[0].max = PGS -X[0].len = PGS - -Y = ffi.new("octet*") -Yval = ffi.new("char []", PGS) -Y[0].val = Yval -Y[0].max = PGS -Y[0].len = PGS - -lenEF = 12 * PFS -E = ffi.new("octet*") -Eval = ffi.new("char []", lenEF) -E[0].val = Eval -E[0].max = lenEF -E[0].len = lenEF - -F = ffi.new("octet*") -Fval = ffi.new("char []", lenEF) -F[0].val = Fval -F[0].max = lenEF -F[0].len = lenEF - -# H(ID) -HID = ffi.new("octet*") -HIDval = ffi.new("char []", G1) -HID[0].val = HIDval -HID[0].max = G1 -HID[0].len = G1 - -# H(T|H(ID)) -HTID = ffi.new("octet*") -HTIDval = ffi.new("char []", G1) -HTID[0].val = HTIDval -HTID[0].max = G1 -HTID[0].len = G1 - - -class TestMPIN(unittest.TestCase): - """Tests M-Pin crypto code""" - - def setUp(self): - - # Form MPin ID - endUserData = { - "issued": "2013-10-19T06:12:28Z", - "userID": "[email protected]", - "mobile": 1, - "salt": "e985da112a378c222cfc2f7226097b0c" - } - mpin_id = json.dumps(endUserData) - - self.MPIN_ID = ffi.new("octet*") - self.MPIN_IDval = ffi.new("char [%s]" % len(mpin_id), mpin_id) - self.MPIN_ID[0].val = self.MPIN_IDval - self.MPIN_ID[0].max = len(mpin_id) - self.MPIN_ID[0].len = len(mpin_id) - - # Hash value of MPIN_ID - self.HASH_MPIN_ID = ffi.new("octet*") - self.HASH_MPIN_IDval = ffi.new("char []", HASH_BYTES) - self.HASH_MPIN_ID[0].val = self.HASH_MPIN_IDval - self.HASH_MPIN_ID[0].max = HASH_BYTES - self.HASH_MPIN_ID[0].len = HASH_BYTES - libmpin.MPIN_HASH_ID(self.MPIN_ID, self.HASH_MPIN_ID) - - # Assign a seed value - seedHex = "3ade3d4a5c698e8910bf92f25d97ceeb7c25ed838901a5cb5db2cf25434c1fe76c7f79b7af2e5e1e4988e4294dbd9bd9fa3960197fb7aec373609fb890d74b16a4b14b2ae7e23b75f15d36c21791272372863c4f8af39980283ae69a79cf4e48e908f9e0" - self.seed = seedHex.decode("hex") - self.RAW = ffi.new("octet*") - self.RAWval = ffi.new("char [%s]" % len(self.seed), self.seed) - self.RAW[0].val = self.RAWval - self.RAW[0].len = len(self.seed) - self.RAW[0].max = len(self.seed) - - self.date = 16238 - - def test_1(self): - """test_1 Good PIN and good token""" - vectors = json.load(open("./MPINTestVectors.json", "r")) - for vector in vectors: - print "Test vector {}".format(vector['test_no']) - - PIN1 = vector['PIN1'] - PIN2 = vector['PIN2'] - date = vector['DATE'] - - # random number generator - RNG = ffi.new("csprng*") - libmpin.MPIN_CREATE_CSPRNG(RNG, self.RAW) - - MS1_HEX = vector['MS1'] - MS2_HEX = vector['MS2'] - - ms1_bin = MS1_HEX.decode("hex") - MS1 = ffi.new("octet*") - MS1val = ffi.new("char [%s]" % len(ms1_bin), ms1_bin) - MS1[0].val = MS1val - MS1[0].max = PGS - MS1[0].len = PGS - - ms2_bin = MS2_HEX.decode("hex") - MS2 = ffi.new("octet*") - MS2val = ffi.new("char [%s]" % len(ms2_bin), ms2_bin) - MS2[0].val = MS2val - MS2[0].max = PGS - MS2[0].len = PGS - - # Generate server secret shares - rtn = libmpin.MPIN_GET_SERVER_SECRET(MS1, SS1) - self.assertEqual(rtn, 0) - self.assertEqual(vector['SS1'], toHex(SS1)) - rtn = libmpin.MPIN_GET_SERVER_SECRET(MS2, SS2) - self.assertEqual(rtn, 0) - self.assertEqual(vector['SS2'], toHex(SS2)) - - # Combine server secret shares - rtn = libmpin.MPIN_RECOMBINE_G2(SS1, SS2, SERVER_SECRET) - self.assertEqual(rtn, 0) - self.assertEqual(vector['SERVER_SECRET'], toHex(SERVER_SECRET)) - - mpin_id = vector['MPIN_ID_HEX'].decode("hex") - MPIN_ID = ffi.new("octet*") - MPIN_IDval = ffi.new("char [%s]" % len(mpin_id), mpin_id) - MPIN_ID[0].val = MPIN_IDval - MPIN_ID[0].max = len(mpin_id) - MPIN_ID[0].len = len(mpin_id) - - # Hash value of MPIN_ID - HASH_MPIN_ID = ffi.new("octet*") - HASH_MPIN_IDval = ffi.new("char []", HASH_BYTES) - HASH_MPIN_ID[0].val = HASH_MPIN_IDval - HASH_MPIN_ID[0].max = HASH_BYTES - HASH_MPIN_ID[0].len = HASH_BYTES - libmpin.MPIN_HASH_ID(MPIN_ID, HASH_MPIN_ID) - self.assertEqual(vector['HASH_MPIN_ID_HEX'], toHex(HASH_MPIN_ID)) - - # Generate client secret shares - rtn = libmpin.MPIN_GET_CLIENT_SECRET(MS1, HASH_MPIN_ID, CS1) - self.assertEqual(rtn, 0) - self.assertEqual(vector['CS1'], toHex(CS1)) - rtn = libmpin.MPIN_GET_CLIENT_SECRET(MS2, HASH_MPIN_ID, CS2) - self.assertEqual(rtn, 0) - self.assertEqual(vector['CS2'], toHex(CS2)) - - # Combine client secret shares : TOKEN is the full client secret - rtn = libmpin.MPIN_RECOMBINE_G1(CS1, CS2, TOKEN) - self.assertEqual(rtn, 0) - self.assertEqual(vector['CLIENT_SECRET'], toHex(TOKEN)) - - # Generate Time Permit shares - rtn = libmpin.MPIN_GET_CLIENT_PERMIT(date, MS1, HASH_MPIN_ID, TP1) - self.assertEqual(rtn, 0) - self.assertEqual(vector['TP1'], toHex(TP1)) - rtn = libmpin.MPIN_GET_CLIENT_PERMIT(date, MS2, HASH_MPIN_ID, TP2) - self.assertEqual(rtn, 0) - self.assertEqual(vector['TP2'], toHex(TP2)) - - # Combine Time Permit shares - rtn = libmpin.MPIN_RECOMBINE_G1(TP1, TP2, TIME_PERMIT) - self.assertEqual(rtn, 0) - self.assertEqual(vector['TIME_PERMIT'], toHex(TIME_PERMIT)) - - # Client extracts PIN from secret to create Token - rtn = libmpin.MPIN_EXTRACT_PIN(MPIN_ID, PIN1, TOKEN) - self.assertEqual(rtn, 0) - self.assertEqual(vector['TOKEN'], toHex(TOKEN)) - - x = vector['X'].decode("hex") - X = ffi.new("octet*") - Xval = ffi.new("char [%s]" % PGS, x) - X[0].val = Xval - X[0].max = PGS - X[0].len = PGS - - # Client first pass. Use X value from test vectors - rtn = libmpin.MPIN_CLIENT_1(date, MPIN_ID, ffi.NULL, X, PIN2, TOKEN, SEC, U, UT, TIME_PERMIT) - self.assertEqual(rtn, 0) - self.assertEqual(vector['X'], toHex(X)) - self.assertEqual(vector['U'], toHex(U)) - self.assertEqual(vector['UT'], toHex(UT)) - self.assertEqual(vector['SEC'], toHex(SEC)) - - # Server calculates H(ID) and H(T|H(ID)) - libmpin.MPIN_SERVER_1(date, HASH_MPIN_ID, HID, HTID) - - # Server generates Random number Y and sends it to Client - # rtn = libmpin.MPIN_RANDOM_GENERATE(RNG,Y) - # self.assertEqual(rtn, 0) - - # Use Y value from test vectors - y = vector['Y'].decode("hex") - Y = ffi.new("octet*") - Yval = ffi.new("char [%s]" % PGS, y) - Y[0].val = Yval - Y[0].max = PGS - Y[0].len = PGS - - # Client second pass - rtn = libmpin.MPIN_CLIENT_2(X, Y, SEC) - self.assertEqual(rtn, 0) - self.assertEqual(vector['V'], toHex(SEC)) - - # Server second pass - rtn = libmpin.MPIN_SERVER_2(date, HID, HTID, Y, SERVER_SECRET, U, UT, SEC, E, F) - self.assertEqual(rtn, vector['SERVER_OUTPUT']) - -if __name__ == '__main__': - # Run tests - unittest.main() http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/pythonCFFI/TestMPINAnonInstall.py ---------------------------------------------------------------------- diff --git a/pythonCFFI/TestMPINAnonInstall.py b/pythonCFFI/TestMPINAnonInstall.py deleted file mode 100755 index 7d67721..0000000 --- a/pythonCFFI/TestMPINAnonInstall.py +++ /dev/null @@ -1,703 +0,0 @@ -#!/usr/bin/env python - -""" -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -""" -import os -import unittest -import json -import hashlib - -from mpin import ffi, G1, G2, HASH_BYTES, IVL, libmpin, PAS, PFS, PGS, toHex - -# Master Secret Shares -MS1 = ffi.new("octet*") -MS1val = ffi.new("char []", PGS) -MS1[0].val = MS1val -MS1[0].max = PGS -MS1[0].len = PGS - -MS2 = ffi.new("octet*") -MS2val = ffi.new("char []", PGS) -MS2[0].val = MS2val -MS2[0].max = PGS -MS2[0].len = PGS - -# Client secret and shares -CS1 = ffi.new("octet*") -CS1val = ffi.new("char []", G1) -CS1[0].val = CS1val -CS1[0].max = G1 -CS1[0].len = G1 - -CS2 = ffi.new("octet*") -CS2val = ffi.new("char []", G1) -CS2[0].val = CS2val -CS2[0].max = G1 -CS2[0].len = G1 - -SEC = ffi.new("octet*") -SECval = ffi.new("char []", G1) -SEC[0].val = SECval -SEC[0].max = G1 -SEC[0].len = G1 - -# Server secret and shares -SS1 = ffi.new("octet*") -SS1val = ffi.new("char []", G2) -SS1[0].val = SS1val -SS1[0].max = G2 -SS1[0].len = G2 - -SS2 = ffi.new("octet*") -SS2val = ffi.new("char []", G2) -SS2[0].val = SS2val -SS2[0].max = G2 -SS2[0].len = G2 - -SERVER_SECRET = ffi.new("octet*") -SERVER_SECRETval = ffi.new("char []", G2) -SERVER_SECRET[0].val = SERVER_SECRETval -SERVER_SECRET[0].max = G2 -SERVER_SECRET[0].len = G2 - -# Time Permit and shares -TP1 = ffi.new("octet*") -TP1val = ffi.new("char []", G1) -TP1[0].val = TP1val -TP1[0].max = G1 -TP1[0].len = G1 - -TP2 = ffi.new("octet*") -TP2val = ffi.new("char []", G1) -TP2[0].val = TP2val -TP2[0].max = G1 -TP2[0].len = G1 - -TIME_PERMIT = ffi.new("octet*") -TIME_PERMITval = ffi.new("char []", G1) -TIME_PERMIT[0].val = TIME_PERMITval -TIME_PERMIT[0].max = G1 -TIME_PERMIT[0].len = G1 - -# Token stored on computer -TOKEN = ffi.new("octet*") -TOKENval = ffi.new("char []", G1) -TOKEN[0].val = TOKENval -TOKEN[0].max = G1 -TOKEN[0].len = G1 - -UT = ffi.new("octet*") -UTval = ffi.new("char []", G1) -UT[0].val = UTval -UT[0].max = G1 -UT[0].len = G1 - -U = ffi.new("octet*") -Uval = ffi.new("char []", G1) -U[0].val = Uval -U[0].max = G1 -U[0].len = G1 - -X = ffi.new("octet*") -Xval = ffi.new("char []", PGS) -X[0].val = Xval -X[0].max = PGS -X[0].len = PGS - -Y = ffi.new("octet*") -Yval = ffi.new("char []", PGS) -Y[0].val = Yval -Y[0].max = PGS -Y[0].len = PGS - -lenEF = 12 * PFS -E = ffi.new("octet*") -Eval = ffi.new("char []", lenEF) -E[0].val = Eval -E[0].max = lenEF -E[0].len = lenEF - -F = ffi.new("octet*") -Fval = ffi.new("char []", lenEF) -F[0].val = Fval -F[0].max = lenEF -F[0].len = lenEF - -# H(ID) -HID = ffi.new("octet*") -HIDval = ffi.new("char []", G1) -HID[0].val = HIDval -HID[0].max = G1 -HID[0].len = G1 - -# H(T|H(ID)) -HTID = ffi.new("octet*") -HTIDval = ffi.new("char []", G1) -HTID[0].val = HTIDval -HTID[0].max = G1 -HTID[0].len = G1 - - -class TestMPIN(unittest.TestCase): - """Tests M-Pin crypto code""" - - def setUp(self): - - # Form MPin ID - endUserData = { - "issued": "2013-10-19T06:12:28Z", - "userID": "[email protected]", - "mobile": 1, - "salt": "e985da112a378c222cfc2f7226097b0c" - } - mpin_id = json.dumps(endUserData) - - self.MPIN_ID = ffi.new("octet*") - self.MPIN_IDval = ffi.new("char [%s]" % len(mpin_id), mpin_id) - self.MPIN_ID[0].val = self.MPIN_IDval - self.MPIN_ID[0].max = len(mpin_id) - self.MPIN_ID[0].len = len(mpin_id) - - # Hash value of MPIN_ID - self.HASH_MPIN_ID = ffi.new("octet*") - self.HASH_MPIN_IDval = ffi.new("char []", HASH_BYTES) - self.HASH_MPIN_ID[0].val = self.HASH_MPIN_IDval - self.HASH_MPIN_ID[0].max = HASH_BYTES - self.HASH_MPIN_ID[0].len = HASH_BYTES - libmpin.MPIN_HASH_ID(self.MPIN_ID, self.HASH_MPIN_ID) - - # Assign a seed value - seedHex = "3ade3d4a5c698e8910bf92f25d97ceeb7c25ed838901a5cb5db2cf25434c1fe76c7f79b7af2e5e1e4988e4294dbd9bd9fa3960197fb7aec373609fb890d74b16a4b14b2ae7e23b75f15d36c21791272372863c4f8af39980283ae69a79cf4e48e908f9e0" - self.seed = seedHex.decode("hex") - self.RAW = ffi.new("octet*") - self.RAWval = ffi.new("char [%s]" % len(self.seed), self.seed) - self.RAW[0].val = self.RAWval - self.RAW[0].len = len(self.seed) - self.RAW[0].max = len(self.seed) - - self.date = 16238 - - def test_1(self): - """test_1 Good PIN and good token""" - PIN1 = 1234 - PIN2 = 1234 - - # random number generator - RNG = ffi.new("csprng*") - libmpin.MPIN_CREATE_CSPRNG(RNG, self.RAW) - - # Generate Client master secret share for MIRACL and Customer - rtn = libmpin.MPIN_RANDOM_GENERATE(RNG, MS1) - self.assertEqual(rtn, 0) - rtn = libmpin.MPIN_RANDOM_GENERATE(RNG, MS2) - self.assertEqual(rtn, 0) - - # Generate server secret shares - rtn = libmpin.MPIN_GET_SERVER_SECRET(MS1, SS1) - self.assertEqual(rtn, 0) - rtn = libmpin.MPIN_GET_SERVER_SECRET(MS2, SS2) - self.assertEqual(rtn, 0) - - # Combine server secret shares - rtn = libmpin.MPIN_RECOMBINE_G2(SS1, SS2, SERVER_SECRET) - self.assertEqual(rtn, 0) - - # Generate client secret shares - rtn = libmpin.MPIN_GET_CLIENT_SECRET(MS1, self.HASH_MPIN_ID, CS1) - self.assertEqual(rtn, 0) - rtn = libmpin.MPIN_GET_CLIENT_SECRET(MS2, self.HASH_MPIN_ID, CS2) - self.assertEqual(rtn, 0) - - # Combine client secret shares : TOKEN is the full client secret - rtn = libmpin.MPIN_RECOMBINE_G1(CS1, CS2, TOKEN) - self.assertEqual(rtn, 0) - - # Generate Time Permit shares - rtn = libmpin.MPIN_GET_CLIENT_PERMIT(self.date, MS1, self.HASH_MPIN_ID, TP1) - self.assertEqual(rtn, 0) - rtn = libmpin.MPIN_GET_CLIENT_PERMIT(self.date, MS2, self.HASH_MPIN_ID, TP2) - self.assertEqual(rtn, 0) - - # Combine Time Permit shares - rtn = libmpin.MPIN_RECOMBINE_G1(TP1, TP2, TIME_PERMIT) - self.assertEqual(rtn, 0) - - # Client extracts PIN from secret to create Token - PIN1 = 1234 - rtn = libmpin.MPIN_EXTRACT_PIN(self.MPIN_ID, PIN1, TOKEN) - self.assertEqual(rtn, 0) - - # Client first pass - rtn = libmpin.MPIN_CLIENT_1(self.date, self.MPIN_ID, RNG, X, PIN2, TOKEN, SEC, U, UT, TIME_PERMIT) - self.assertEqual(rtn, 0) - - # Server calculates H(ID) and H(T|H(ID)) - libmpin.MPIN_SERVER_1(self.date, self.HASH_MPIN_ID, HID, HTID) - - # Server generates Random number Y and sends it to Client - rtn = libmpin.MPIN_RANDOM_GENERATE(RNG, Y) - self.assertEqual(rtn, 0) - - # Client second pass - rtn = libmpin.MPIN_CLIENT_2(X, Y, SEC) - self.assertEqual(rtn, 0) - - # Server second pass - rtn = libmpin.MPIN_SERVER_2(self.date, HID, HTID, Y, SERVER_SECRET, U, UT, SEC, E, F) - self.assertEqual(rtn, 0) - - def test_2(self): - """test_2 Bad PIN and good token""" - PIN1 = 1234 - PIN2 = 2000 - - # random number generator - RNG = ffi.new("csprng*") - libmpin.MPIN_CREATE_CSPRNG(RNG, self.RAW) - - # Generate Client master secret share for MIRACL and Customer - rtn = libmpin.MPIN_RANDOM_GENERATE(RNG, MS1) - self.assertEqual(rtn, 0) - rtn = libmpin.MPIN_RANDOM_GENERATE(RNG, MS2) - self.assertEqual(rtn, 0) - - # Generate server secret shares - rtn = libmpin.MPIN_GET_SERVER_SECRET(MS1, SS1) - self.assertEqual(rtn, 0) - rtn = libmpin.MPIN_GET_SERVER_SECRET(MS2, SS2) - self.assertEqual(rtn, 0) - - # Combine server secret shares - rtn = libmpin.MPIN_RECOMBINE_G2(SS1, SS2, SERVER_SECRET) - self.assertEqual(rtn, 0) - - # Generate client secret shares - rtn = libmpin.MPIN_GET_CLIENT_SECRET(MS1, self.HASH_MPIN_ID, CS1) - self.assertEqual(rtn, 0) - rtn = libmpin.MPIN_GET_CLIENT_SECRET(MS2, self.HASH_MPIN_ID, CS2) - self.assertEqual(rtn, 0) - - # Combine client secret shares : TOKEN is the full client secret - rtn = libmpin.MPIN_RECOMBINE_G1(CS1, CS2, TOKEN) - self.assertEqual(rtn, 0) - - # Generate Time Permit shares - rtn = libmpin.MPIN_GET_CLIENT_PERMIT(self.date, MS1, self.HASH_MPIN_ID, TP1) - self.assertEqual(rtn, 0) - rtn = libmpin.MPIN_GET_CLIENT_PERMIT(self.date, MS2, self.HASH_MPIN_ID, TP2) - self.assertEqual(rtn, 0) - - # Combine Time Permit shares - rtn = libmpin.MPIN_RECOMBINE_G1(TP1, TP2, TIME_PERMIT) - self.assertEqual(rtn, 0) - - # Client extracts PIN from secret to create Token - PIN1 = 1234 - rtn = libmpin.MPIN_EXTRACT_PIN(self.MPIN_ID, PIN1, TOKEN) - self.assertEqual(rtn, 0) - - # Client first pass - rtn = libmpin.MPIN_CLIENT_1(self.date, self.MPIN_ID, RNG, X, PIN2, TOKEN, SEC, U, UT, TIME_PERMIT) - self.assertEqual(rtn, 0) - - # Server calculates H(ID) and H(T|H(ID)) - libmpin.MPIN_SERVER_1(self.date, self.HASH_MPIN_ID, HID, HTID) - - # Server generates Random number Y and sends it to Client - rtn = libmpin.MPIN_RANDOM_GENERATE(RNG, Y) - self.assertEqual(rtn, 0) - - # Client second pass - rtn = libmpin.MPIN_CLIENT_2(X, Y, SEC) - self.assertEqual(rtn, 0) - - # Server second pass - rtn = libmpin.MPIN_SERVER_2(self.date, HID, HTID, Y, SERVER_SECRET, U, UT, SEC, E, F) - self.assertEqual(rtn, -19) - - def test_3(self): - """test_3 Good PIN and bad token""" - PIN1 = 1234 - PIN2 = 1234 - - # random number generator - RNG = ffi.new("csprng*") - libmpin.MPIN_CREATE_CSPRNG(RNG, self.RAW) - - # Generate Client master secret share for MIRACL and Customer - rtn = libmpin.MPIN_RANDOM_GENERATE(RNG, MS1) - self.assertEqual(rtn, 0) - rtn = libmpin.MPIN_RANDOM_GENERATE(RNG, MS2) - self.assertEqual(rtn, 0) - - # Generate server secret shares - rtn = libmpin.MPIN_GET_SERVER_SECRET(MS1, SS1) - self.assertEqual(rtn, 0) - rtn = libmpin.MPIN_GET_SERVER_SECRET(MS2, SS2) - self.assertEqual(rtn, 0) - - # Combine server secret shares - rtn = libmpin.MPIN_RECOMBINE_G2(SS1, SS2, SERVER_SECRET) - self.assertEqual(rtn, 0) - - # Generate client secret shares - rtn = libmpin.MPIN_GET_CLIENT_SECRET(MS1, self.HASH_MPIN_ID, CS1) - self.assertEqual(rtn, 0) - rtn = libmpin.MPIN_GET_CLIENT_SECRET(MS2, self.HASH_MPIN_ID, CS2) - self.assertEqual(rtn, 0) - - # Combine client secret shares : TOKEN is the full client secret - rtn = libmpin.MPIN_RECOMBINE_G1(CS1, CS2, TOKEN) - self.assertEqual(rtn, 0) - - # Generate Time Permit shares - rtn = libmpin.MPIN_GET_CLIENT_PERMIT(self.date, MS1, self.HASH_MPIN_ID, TP1) - self.assertEqual(rtn, 0) - rtn = libmpin.MPIN_GET_CLIENT_PERMIT(self.date, MS2, self.HASH_MPIN_ID, TP2) - self.assertEqual(rtn, 0) - - # Combine Time Permit shares - rtn = libmpin.MPIN_RECOMBINE_G1(TP1, TP2, TIME_PERMIT) - self.assertEqual(rtn, 0) - - # Client extracts PIN from secret to create Token - PIN1 = 1234 - rtn = libmpin.MPIN_EXTRACT_PIN(self.MPIN_ID, PIN1, TOKEN) - self.assertEqual(rtn, 0) - - # Client first pass - rtn = libmpin.MPIN_CLIENT_1(self.date, self.MPIN_ID, RNG, X, PIN2, TOKEN, SEC, U, UT, TIME_PERMIT) - self.assertEqual(rtn, 0) - - # Server calculates H(ID) and H(T|H(ID)) - libmpin.MPIN_SERVER_1(self.date, self.HASH_MPIN_ID, HID, HTID) - - # Server generates Random number Y and sends it to Client - rtn = libmpin.MPIN_RANDOM_GENERATE(RNG, Y) - self.assertEqual(rtn, 0) - - # Client second pass - rtn = libmpin.MPIN_CLIENT_2(X, Y, SEC) - self.assertEqual(rtn, 0) - - # Server second pass - # clientSecret aka V is equal to UT to model a bad token - rtn = libmpin.MPIN_SERVER_2(self.date, HID, HTID, Y, SERVER_SECRET, U, UT, UT, E, F) - self.assertEqual(rtn, -19) - - def test_4(self): - """test_4 Test hash function""" - HASH_MPIN_ID = ffi.new("octet*") - HASH_MPIN_IDval = ffi.new("char []", HASH_BYTES) - HASH_MPIN_ID[0].val = HASH_MPIN_IDval - HASH_MPIN_ID[0].max = HASH_BYTES - HASH_MPIN_ID[0].len = HASH_BYTES - - for i in range(1, 10000): - bytesStr = os.urandom(128) - hash_object2 = hashlib.sha256(bytesStr) - digest = hash_object2.hexdigest() - MPIN_ID = ffi.new("octet*") - MPIN_IDval = ffi.new("char [%s]" % len(bytesStr), bytesStr) - MPIN_ID[0].val = MPIN_IDval - MPIN_ID[0].max = len(bytesStr) - MPIN_ID[0].len = len(bytesStr) - libmpin.MPIN_HASH_ID(MPIN_ID, HASH_MPIN_ID) - self.assertEqual(digest, toHex(HASH_MPIN_ID)) - - def test_5(self): - """test_5 Make sure all client secret are unique""" - # random number generator - RNG = ffi.new("csprng*") - libmpin.MPIN_CREATE_CSPRNG(RNG, self.RAW) - - # Generate master secret share - rtn = libmpin.MPIN_RANDOM_GENERATE(RNG, MS1) - self.assertEqual(rtn, 0) - - s = set() - match = 0 - for i in range(1, 1000): - rand_val = os.urandom(32) - HASH_MPIN_ID = ffi.new("octet*") - HASH_MPIN_IDval = ffi.new("char [%s]" % HASH_BYTES, rand_val) - HASH_MPIN_ID[0].val = HASH_MPIN_IDval - HASH_MPIN_ID[0].max = HASH_BYTES - HASH_MPIN_ID[0].len = HASH_BYTES - - # Generate client secret shares - rtn = libmpin.MPIN_GET_CLIENT_SECRET(MS1, HASH_MPIN_ID, CS1) - self.assertEqual(rtn, 0) - cs1Hex = toHex(CS1) - if cs1Hex in s: - match = 1 - self.assertEqual(match, 0) - s.add(cs1Hex) - - def test_6(self): - """test_6 Make sure all one time passwords are random i.e. they should collide""" - # random number generator - RNG = ffi.new("csprng*") - libmpin.MPIN_CREATE_CSPRNG(RNG, self.RAW) - - s = set() - match = 0 - for i in range(1, 10000): - OTP = libmpin.generateOTP(RNG) - if OTP in s: - # print i - match = 1 - s.add(OTP) - self.assertEqual(match, 1) - - def test_7(self): - """test_7 Make sure all random values are random i.e. they should collide""" - # random number generator - RNG = ffi.new("csprng*") - libmpin.MPIN_CREATE_CSPRNG(RNG, self.RAW) - - # Generate 100 byte random number - RANDOMlen = 3 - RANDOM = ffi.new("octet*") - RANDOMval = ffi.new("char []", RANDOMlen) - RANDOM[0].val = RANDOMval - RANDOM[0].max = RANDOMlen - RANDOM[0].len = RANDOMlen - - s = set() - match = 0 - for i in range(1, 10000): - libmpin.generateRandom(RNG, RANDOM) - random = toHex(RANDOM) - if random in s: - # print i - match = 1 - s.add(random) - self.assertEqual(match, 1) - - def test_8(self): - """test_8 AES-GCM: Successful encryption and decryption""" - - # Generate 16 byte key - key_val = os.urandom(PAS) - AES_KEY = ffi.new("octet*") - AES_KEYval = ffi.new("char [%s]" % PAS, key_val) - AES_KEY[0].val = AES_KEYval - AES_KEY[0].max = PAS - AES_KEY[0].len = PAS - - # Generate 12 byte IV - iv_val = os.urandom(IVL) - IV = ffi.new("octet*") - IVval = ffi.new("char [%s]" % IVL, iv_val) - IV[0].val = IVval - IV[0].max = IVL - IV[0].len = IVL - - # Generate a 32 byte random header - header_val = os.urandom(32) - HEADER = ffi.new("octet*") - HEADERval = ffi.new("char [%s]" % len(header_val), header_val) - HEADER[0].val = HEADERval - HEADER[0].max = len(header_val) - HEADER[0].len = len(header_val) - - # Plaintext input - plaintext1 = "A test message" - PLAINTEXT1 = ffi.new("octet*") - PLAINTEXT1val = ffi.new("char [%s]" % len(plaintext1), plaintext1) - PLAINTEXT1[0].val = PLAINTEXT1val - PLAINTEXT1[0].max = len(plaintext1) - PLAINTEXT1[0].len = len(plaintext1) - # print "Input message: %s" % ffi.string(PLAINTEXT1[0].val, PLAINTEXT1[0].len) - - # Ciphertext - CIPHERTEXT = ffi.new("octet*") - CIPHERTEXTval = ffi.new("char []", len(plaintext1)) - CIPHERTEXT[0].val = CIPHERTEXTval - CIPHERTEXT[0].max = len(plaintext1) - - # 16 byte authentication tag - TAG1 = ffi.new("octet*") - TAG1val = ffi.new("char []", PAS) - TAG1[0].val = TAG1val - TAG1[0].max = PAS - - libmpin.MPIN_AES_GCM_ENCRYPT(AES_KEY, IV, HEADER, PLAINTEXT1, CIPHERTEXT, TAG1) - # Plaintext output - PLAINTEXT2 = ffi.new("octet*") - PLAINTEXT2val = ffi.new("char []", CIPHERTEXT[0].len) - PLAINTEXT2[0].val = PLAINTEXT2val - PLAINTEXT2[0].max = CIPHERTEXT[0].len - PLAINTEXT2[0].len = CIPHERTEXT[0].len - - # 16 byte authentication tag - TAG2 = ffi.new("octet*") - TAG2val = ffi.new("char []", PAS) - TAG2[0].val = TAG2val - TAG2[0].max = PAS - - libmpin.MPIN_AES_GCM_DECRYPT(AES_KEY, IV, HEADER, CIPHERTEXT, PLAINTEXT2, TAG2) - self.assertEqual(toHex(TAG1), toHex(TAG2)) - self.assertEqual(toHex(PLAINTEXT1), toHex(PLAINTEXT2)) - # print "Output message: %s" % ffi.string(PLAINTEXT2[0].val, PLAINTEXT2[0].len) - - def test_9(self): - """test_9 AES-GCM: Failed encryption and decryption by changing a ciphertext byte""" - - # Generate 16 byte key - key_val = os.urandom(PAS) - AES_KEY = ffi.new("octet*") - AES_KEYval = ffi.new("char [%s]" % PAS, key_val) - AES_KEY[0].val = AES_KEYval - AES_KEY[0].max = PAS - AES_KEY[0].len = PAS - - # Generate 12 byte IV - iv_val = os.urandom(IVL) - IV = ffi.new("octet*") - IVval = ffi.new("char [%s]" % IVL, iv_val) - IV[0].val = IVval - IV[0].max = IVL - IV[0].len = IVL - - # Generate a 32 byte random header - header_val = os.urandom(32) - HEADER = ffi.new("octet*") - HEADERval = ffi.new("char [%s]" % len(header_val), header_val) - HEADER[0].val = HEADERval - HEADER[0].max = len(header_val) - HEADER[0].len = len(header_val) - - # Plaintext input - plaintext1 = "A test message" - PLAINTEXT1 = ffi.new("octet*") - PLAINTEXT1val = ffi.new("char [%s]" % len(plaintext1), plaintext1) - PLAINTEXT1[0].val = PLAINTEXT1val - PLAINTEXT1[0].max = len(plaintext1) - PLAINTEXT1[0].len = len(plaintext1) - # print "Input message: %s" % ffi.string(PLAINTEXT1[0].val, PLAINTEXT1[0].len) - - # Ciphertext - CIPHERTEXT = ffi.new("octet*") - CIPHERTEXTval = ffi.new("char []", len(plaintext1)) - CIPHERTEXT[0].val = CIPHERTEXTval - CIPHERTEXT[0].max = len(plaintext1) - - # 16 byte authentication tag - TAG1 = ffi.new("octet*") - TAG1val = ffi.new("char []", PAS) - TAG1[0].val = TAG1val - TAG1[0].max = PAS - - libmpin.MPIN_AES_GCM_ENCRYPT(AES_KEY, IV, HEADER, PLAINTEXT1, CIPHERTEXT, TAG1) - - # Change one byte of ciphertext - CIPHERTEXT[0].val[0] = "\xa5" - - # Plaintext output - PLAINTEXT2 = ffi.new("octet*") - PLAINTEXT2val = ffi.new("char []", CIPHERTEXT[0].len) - PLAINTEXT2[0].val = PLAINTEXT2val - PLAINTEXT2[0].max = CIPHERTEXT[0].len - PLAINTEXT2[0].len = CIPHERTEXT[0].len - - # 16 byte authentication tag - TAG2 = ffi.new("octet*") - TAG2val = ffi.new("char []", PAS) - TAG2[0].val = TAG2val - TAG2[0].max = PAS - - libmpin.MPIN_AES_GCM_DECRYPT(AES_KEY, IV, HEADER, CIPHERTEXT, PLAINTEXT2, TAG2) - self.assertNotEqual(toHex(TAG1), toHex(TAG2)) - self.assertNotEqual(toHex(PLAINTEXT1), toHex(PLAINTEXT2)) - # print "Output message: %s" % ffi.string(PLAINTEXT2[0].val, PLAINTEXT2[0].len) - - def test_10(self): - """test_10 AES-GCM: Failed encryption and decryption by changing a header byte""" - - # Generate 16 byte key - key_val = os.urandom(PAS) - AES_KEY = ffi.new("octet*") - AES_KEYval = ffi.new("char [%s]" % PAS, key_val) - AES_KEY[0].val = AES_KEYval - AES_KEY[0].max = PAS - AES_KEY[0].len = PAS - - # Generate 12 byte IV - iv_val = os.urandom(IVL) - IV = ffi.new("octet*") - IVval = ffi.new("char [%s]" % IVL, iv_val) - IV[0].val = IVval - IV[0].max = IVL - IV[0].len = IVL - - # Generate a 32 byte random header - header_val = os.urandom(32) - HEADER = ffi.new("octet*") - HEADERval = ffi.new("char [%s]" % len(header_val), header_val) - HEADER[0].val = HEADERval - HEADER[0].max = len(header_val) - HEADER[0].len = len(header_val) - - # Plaintext input - plaintext1 = "A test message" - PLAINTEXT1 = ffi.new("octet*") - PLAINTEXT1val = ffi.new("char [%s]" % len(plaintext1), plaintext1) - PLAINTEXT1[0].val = PLAINTEXT1val - PLAINTEXT1[0].max = len(plaintext1) - PLAINTEXT1[0].len = len(plaintext1) - # print "Input message: %s" % ffi.string(PLAINTEXT1[0].val, PLAINTEXT1[0].len) - - # Ciphertext - CIPHERTEXT = ffi.new("octet*") - CIPHERTEXTval = ffi.new("char []", len(plaintext1)) - CIPHERTEXT[0].val = CIPHERTEXTval - CIPHERTEXT[0].max = len(plaintext1) - - # 16 byte authentication tag - TAG1 = ffi.new("octet*") - TAG1val = ffi.new("char []", PAS) - TAG1[0].val = TAG1val - TAG1[0].max = PAS - - libmpin.MPIN_AES_GCM_ENCRYPT(AES_KEY, IV, HEADER, PLAINTEXT1, CIPHERTEXT, TAG1) - # Plaintext output - PLAINTEXT2 = ffi.new("octet*") - PLAINTEXT2val = ffi.new("char []", CIPHERTEXT[0].len) - PLAINTEXT2[0].val = PLAINTEXT2val - PLAINTEXT2[0].max = CIPHERTEXT[0].len - PLAINTEXT2[0].len = CIPHERTEXT[0].len - - # Change one byte of header - HEADER[0].val[0] = "\xa5" - - # 16 byte authentication tag - TAG2 = ffi.new("octet*") - TAG2val = ffi.new("char []", PAS) - TAG2[0].val = TAG2val - TAG2[0].max = PAS - - libmpin.MPIN_AES_GCM_DECRYPT(AES_KEY, IV, HEADER, CIPHERTEXT, PLAINTEXT2, TAG2) - self.assertNotEqual(toHex(TAG1), toHex(TAG2)) - self.assertEqual(toHex(PLAINTEXT1), toHex(PLAINTEXT2)) - -if __name__ == '__main__': - # Run tests - unittest.main()
