This is an automated email from the ASF dual-hosted git repository. kmccusker pushed a commit to branch issue26 in repository https://gitbox.apache.org/repos/asf/incubator-milagro-crypto-c.git
commit 1efd0962cde9acc0797adc37df6e821e11e7e421 Author: Kealan McCusker <[email protected]> AuthorDate: Thu Aug 1 15:04:52 2019 +0100 add bls wrapper --- CPackConfig.cmake | 2 + cmake/PythonSiteDirs.cmake | 11 + wrappers/python/CMakeLists.txt | 5 + wrappers/python/README.md | 5 +- wrappers/python/TestMPINInstall_ZZZ.py.in | 49 ++-- wrappers/python/TestMPIN_BN254CX.py | 140 --------- wrappers/python/TimeMPIN_ZZZ.py.in | 58 ++-- wrappers/python/bls_ZZZ.py.in | 469 ++++++++++++++++++++++++++++++ wrappers/python/mpin_ZZZ.py.in | 78 ++--- wrappers/python/wcc_ZZZ.py.in | 85 +++--- 10 files changed, 631 insertions(+), 271 deletions(-) diff --git a/CPackConfig.cmake b/CPackConfig.cmake index f46fc79..fd584ae 100644 --- a/CPackConfig.cmake +++ b/CPackConfig.cmake @@ -44,6 +44,8 @@ if(${CMAKE_SYSTEM_NAME} MATCHES "Linux") list(APPEND CPACK_RPM_EXCLUDE_FROM_AUTO_FILELIST_ADDITION "${CPACK_PACKAGING_INSTALL_PREFIX}/lib") list(APPEND CPACK_RPM_EXCLUDE_FROM_AUTO_FILELIST_ADDITION "${PYTHON_SITE_LIB}") list(APPEND CPACK_RPM_EXCLUDE_FROM_AUTO_FILELIST_ADDITION "${PYTHON_SITE_PACKAGES}") + list(APPEND CPACK_RPM_EXCLUDE_FROM_AUTO_FILELIST_ADDITION "${PYTHON3_SITE_LIB}") + list(APPEND CPACK_RPM_EXCLUDE_FROM_AUTO_FILELIST_ADDITION "${PYTHON3_SITE_PACKAGES}") set(CPACK_GENERATOR "RPM") endif() diff --git a/cmake/PythonSiteDirs.cmake b/cmake/PythonSiteDirs.cmake index ea57c06..bf0f968 100644 --- a/cmake/PythonSiteDirs.cmake +++ b/cmake/PythonSiteDirs.cmake @@ -27,3 +27,14 @@ execute_process(COMMAND python -c "from distutils.sysconfig import get_python_lib; from os.path import dirname; print dirname(get_python_lib())" OUTPUT_VARIABLE PYTHON_SITE_LIB ) + +execute_process(COMMAND + python3 -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())" + OUTPUT_VARIABLE PYTHON3_SITE_PACKAGES + OUTPUT_STRIP_TRAILING_WHITESPACE +) + +execute_process(COMMAND + python3 -c "from distutils.sysconfig import get_python_lib; from os.path import dirname; print(dirname(get_python_lib()))" + OUTPUT_VARIABLE PYTHON3_SITE_LIB +) diff --git a/wrappers/python/CMakeLists.txt b/wrappers/python/CMakeLists.txt index 8063948..a0a7961 100644 --- a/wrappers/python/CMakeLists.txt +++ b/wrappers/python/CMakeLists.txt @@ -50,5 +50,10 @@ foreach(curve ${AMCL_CURVE}) amcl_configure_file_curve(wcc_ZZZ.py.in wcc_${TC}.py ${curve} amcl_wcc_${TC}_GEN_PYS) install(FILES "${amcl_wcc_${TC}_GEN_PYS}" DESTINATION ${PYTHON_SITE_PACKAGES}) endif() + + if(TARGET amcl_bls_${TC}) + amcl_configure_file_curve(bls_ZZZ.py.in bls_${TC}.py ${curve} amcl_bls_${TC}_GEN_PYS) + install(FILES "${amcl_bls_${TC}_GEN_PYS}" DESTINATION ${PYTHON3_SITE_PACKAGES}) + endif() endforeach() diff --git a/wrappers/python/README.md b/wrappers/python/README.md index 16688af..a65806e 100644 --- a/wrappers/python/README.md +++ b/wrappers/python/README.md @@ -3,5 +3,6 @@ interacts with the c code using CFFI. To run all MPIN tests - ./TestMPINInstall.py -v - +``` +./TestMPINInstall.py -v +``` diff --git a/wrappers/python/TestMPINInstall_ZZZ.py.in b/wrappers/python/TestMPINInstall_ZZZ.py.in index 28f3a1b..1b46807 100644 --- a/wrappers/python/TestMPINInstall_ZZZ.py.in +++ b/wrappers/python/TestMPINInstall_ZZZ.py.in @@ -24,9 +24,6 @@ import json import hashlib import mpin_ZZZ -HASH_TYPE_MPIN_ZZZ = mpin_ZZZ.SHA256 - - class TestMPIN(unittest.TestCase): """Tests M-Pin crypto code""" @@ -42,7 +39,7 @@ class TestMPIN(unittest.TestCase): self.mpin_id = json.dumps(endUserData) # Hash value of MPIN_ID - self.hash_mpin_id = mpin_ZZZ.hash_id(HASH_TYPE_MPIN_ZZZ, self.mpin_id) + self.hash_mpin_id = mpin_ZZZ.hash_id(mpin_ZZZ.HASH_TYPE_ZZZ, self.mpin_id) # Assign a seed value seedHex = "3ade3d4a5c698e8910bf92f25d97ceeb7c25ed838901a5cb5db2cf25434c1fe76c7f79b7af2e5e1e4988e4294dbd9bd9fa3960197fb7aec373609fb890d74b16a4b14b2ae7e23b75f15d36c21791272372863c4f8af39980283ae69a79cf4e48e908f9e0" @@ -86,10 +83,10 @@ class TestMPIN(unittest.TestCase): # Generate Time Permit shares rtn, tp1 = mpin_ZZZ.get_client_permit( - HASH_TYPE_MPIN_ZZZ, self.date, ms1, self.hash_mpin_id) + mpin_ZZZ.HASH_TYPE_ZZZ, self.date, ms1, self.hash_mpin_id) self.assertEqual(rtn, 0) rtn, tp2 = mpin_ZZZ.get_client_permit( - HASH_TYPE_MPIN_ZZZ, self.date, ms2, self.hash_mpin_id) + mpin_ZZZ.HASH_TYPE_ZZZ, self.date, ms2, self.hash_mpin_id) self.assertEqual(rtn, 0) # Combine Time Permit shares @@ -98,17 +95,17 @@ class TestMPIN(unittest.TestCase): # Client extracts PIN from secret to create Token rtn, token = mpin_ZZZ.extract_pin( - HASH_TYPE_MPIN_ZZZ, self.mpin_id, PIN1, client_secret) + mpin_ZZZ.HASH_TYPE_ZZZ, self.mpin_id, PIN1, client_secret) self.assertEqual(rtn, 0) # Client first pass rtn, x, u, ut, sec = mpin_ZZZ.client_1( - HASH_TYPE_MPIN_ZZZ, self.date, self.mpin_id, rng, None, PIN2, token, time_permit) + mpin_ZZZ.HASH_TYPE_ZZZ, self.date, self.mpin_id, rng, None, PIN2, token, time_permit) self.assertEqual(rtn, 0) # Server calculates H(ID) and H(T|H(ID)) HID, HTID = mpin_ZZZ.server_1( - HASH_TYPE_MPIN_ZZZ, self.date, self.mpin_id) + mpin_ZZZ.HASH_TYPE_ZZZ, self.date, self.mpin_id) # Server generates Random number Y and sends it to Client rtn, y = mpin_ZZZ.random_generate(rng) @@ -159,10 +156,10 @@ class TestMPIN(unittest.TestCase): # Generate Time Permit shares rtn, tp1 = mpin_ZZZ.get_client_permit( - HASH_TYPE_MPIN_ZZZ, self.date, ms1, self.hash_mpin_id) + mpin_ZZZ.HASH_TYPE_ZZZ, self.date, ms1, self.hash_mpin_id) self.assertEqual(rtn, 0) rtn, tp2 = mpin_ZZZ.get_client_permit( - HASH_TYPE_MPIN_ZZZ, self.date, ms2, self.hash_mpin_id) + mpin_ZZZ.HASH_TYPE_ZZZ, self.date, ms2, self.hash_mpin_id) self.assertEqual(rtn, 0) # Combine Time Permit shares @@ -171,17 +168,17 @@ class TestMPIN(unittest.TestCase): # Client extracts PIN from secret to create Token rtn, token = mpin_ZZZ.extract_pin( - HASH_TYPE_MPIN_ZZZ, self.mpin_id, PIN1, client_secret) + mpin_ZZZ.HASH_TYPE_ZZZ, self.mpin_id, PIN1, client_secret) self.assertEqual(rtn, 0) # Client first pass rtn, x, u, ut, sec = mpin_ZZZ.client_1( - HASH_TYPE_MPIN_ZZZ, self.date, self.mpin_id, rng, None, PIN2, token, time_permit) + mpin_ZZZ.HASH_TYPE_ZZZ, self.date, self.mpin_id, rng, None, PIN2, token, time_permit) self.assertEqual(rtn, 0) # Server calculates H(ID) and H(T|H(ID)) HID, HTID = mpin_ZZZ.server_1( - HASH_TYPE_MPIN_ZZZ, self.date, self.mpin_id) + mpin_ZZZ.HASH_TYPE_ZZZ, self.date, self.mpin_id) # Server generates Random number Y and sends it to Client rtn, y = mpin_ZZZ.random_generate(rng) @@ -232,10 +229,10 @@ class TestMPIN(unittest.TestCase): # Generate Time Permit shares rtn, tp1 = mpin_ZZZ.get_client_permit( - HASH_TYPE_MPIN_ZZZ, self.date, ms1, self.hash_mpin_id) + mpin_ZZZ.HASH_TYPE_ZZZ, self.date, ms1, self.hash_mpin_id) self.assertEqual(rtn, 0) rtn, tp2 = mpin_ZZZ.get_client_permit( - HASH_TYPE_MPIN_ZZZ, self.date, ms2, self.hash_mpin_id) + mpin_ZZZ.HASH_TYPE_ZZZ, self.date, ms2, self.hash_mpin_id) self.assertEqual(rtn, 0) # Combine Time Permit shares @@ -244,17 +241,17 @@ class TestMPIN(unittest.TestCase): # Client extracts PIN from secret to create Token rtn, token = mpin_ZZZ.extract_pin( - HASH_TYPE_MPIN_ZZZ, self.mpin_id, PIN1, client_secret) + mpin_ZZZ.HASH_TYPE_ZZZ, self.mpin_id, PIN1, client_secret) self.assertEqual(rtn, 0) # Client first pass rtn, x, u, ut, sec = mpin_ZZZ.client_1( - HASH_TYPE_MPIN_ZZZ, self.date, self.mpin_id, rng, None, PIN2, token, time_permit) + mpin_ZZZ.HASH_TYPE_ZZZ, self.date, self.mpin_id, rng, None, PIN2, token, time_permit) self.assertEqual(rtn, 0) # Server calculates H(ID) and H(T|H(ID)) HID, HTID = mpin_ZZZ.server_1( - HASH_TYPE_MPIN_ZZZ, self.date, self.mpin_id) + mpin_ZZZ.HASH_TYPE_ZZZ, self.date, self.mpin_id) # Server generates Random number Y and sends it to Client rtn, y = mpin_ZZZ.random_generate(rng) @@ -283,7 +280,7 @@ class TestMPIN(unittest.TestCase): match = 0 for i in range(1, 1000): rand_val = os.urandom(32) - hash_mpin_id = mpin_ZZZ.hash_id(HASH_TYPE_MPIN_ZZZ, rand_val) + hash_mpin_id = mpin_ZZZ.hash_id(mpin_ZZZ.HASH_TYPE_ZZZ, rand_val) # Generate client secret shares rtn, cs1 = mpin_ZZZ.get_client_secret(ms1, hash_mpin_id) @@ -329,8 +326,8 @@ class TestMPIN(unittest.TestCase): def test_7(self): """test_7 AES-GCM: Successful encryption and decryption""" - # Generate 16 byte key - key = os.urandom(mpin_ZZZ.PAS) + # Generate key + key = os.urandom(mpin_ZZZ.AESKEY_ZZZ) # Generate 12 byte IV iv = os.urandom(mpin_ZZZ.IVL) @@ -353,8 +350,8 @@ class TestMPIN(unittest.TestCase): def test_8(self): """test_8 AES-GCM: Failed encryption and decryption by changing a ciphertext byte""" - # Generate 16 byte key - key = os.urandom(mpin_ZZZ.PAS) + # Generate key + key = os.urandom(mpin_ZZZ.AESKEY_ZZZ) # Generate 12 byte IV iv = os.urandom(mpin_ZZZ.IVL) @@ -381,8 +378,8 @@ class TestMPIN(unittest.TestCase): def test_9(self): """test_9 AES-GCM: Failed encryption and decryption by changing a header byte""" - # Generate 16 byte key - key = os.urandom(mpin_ZZZ.PAS) + # Generate key + key = os.urandom(mpin_ZZZ.AESKEY_ZZZ) # Generate 12 byte IV iv = os.urandom(mpin_ZZZ.IVL) diff --git a/wrappers/python/TestMPIN_BN254CX.py b/wrappers/python/TestMPIN_BN254CX.py deleted file mode 100644 index 1939704..0000000 --- a/wrappers/python/TestMPIN_BN254CX.py +++ /dev/null @@ -1,140 +0,0 @@ -#!/usr/bin/env python - -""" -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -""" -import unittest -import json -import mpin_BN254CX - -HASH_TYPE_MPIN_ZZZ = mpin_BN254CX.SHA256 - - -class TestMPIN(unittest.TestCase): - """Tests M-Pin crypto code""" - - def setUp(self): - pass - - def test_1(self): - """test_1 Test Vector test""" - vectors = json.load(open("./MPINTestVectors.json", "r")) - for vector in vectors: - print "Test vector {}".format(vector['test_no']) - - PIN1 = vector['PIN1'] - PIN2 = vector['PIN2'] - date = vector['DATE'] - - MS1_HEX = vector['MS1'] - MS2_HEX = vector['MS2'] - - ms1 = MS1_HEX.decode("hex") - ms2 = MS2_HEX.decode("hex") - - # Generate server secret shares - rtn, ss1 = mpin_BN254CX.get_server_secret(ms1) - self.assertEqual(rtn, 0) - self.assertEqual(vector['SS1'], ss1.encode("hex")) - rtn, ss2 = mpin_BN254CX.get_server_secret(ms2) - self.assertEqual(rtn, 0) - self.assertEqual(vector['SS2'], ss2.encode("hex")) - - # Combine server secret shares - rtn, server_secret = mpin_BN254CX.recombine_G2(ss1, ss2) - self.assertEqual(rtn, 0) - self.assertEqual( - vector['SERVER_SECRET'], - server_secret.encode("hex")) - - mpin_id = vector['MPIN_ID_HEX'].decode("hex") - - # Hash value of MPIN_ID - hash_mpin_id = mpin_BN254CX.hash_id(HASH_TYPE_MPIN_ZZZ, mpin_id) - self.assertEqual( - vector['HASH_MPIN_ID_HEX'], - hash_mpin_id.encode("hex")) - - # Generate client secret shares - rtn, cs1 = mpin_BN254CX.get_client_secret(ms1, hash_mpin_id) - self.assertEqual(rtn, 0) - self.assertEqual(vector['CS1'], cs1.encode("hex")) - rtn, cs2 = mpin_BN254CX.get_client_secret(ms2, hash_mpin_id) - self.assertEqual(rtn, 0) - self.assertEqual(vector['CS2'], cs2.encode("hex")) - - # Combine client secret shares : TOKEN is the full client secret - rtn, client_secret = mpin_BN254CX.recombine_G1(cs1, cs2) - self.assertEqual(rtn, 0) - self.assertEqual( - vector['CLIENT_SECRET'], - client_secret.encode("hex")) - - # Generate Time Permit shares - rtn, tp1 = mpin_BN254CX.get_client_permit( - HASH_TYPE_MPIN_ZZZ, date, ms1, hash_mpin_id) - self.assertEqual(rtn, 0) - self.assertEqual(vector['TP1'], tp1.encode("hex")) - rtn, tp2 = mpin_BN254CX.get_client_permit( - HASH_TYPE_MPIN_ZZZ, date, ms2, hash_mpin_id) - self.assertEqual(rtn, 0) - self.assertEqual(vector['TP2'], tp2.encode("hex")) - - # Combine Time Permit shares - rtn, time_permit = mpin_BN254CX.recombine_G1(tp1, tp2) - self.assertEqual(rtn, 0) - self.assertEqual(vector['TIME_PERMIT'], time_permit.encode("hex")) - - # Client extracts PIN from secret to create Token - rtn, token = mpin_BN254CX.extract_pin( - HASH_TYPE_MPIN_ZZZ, mpin_id, PIN1, client_secret) - self.assertEqual(rtn, 0) - self.assertEqual(vector['TOKEN'], token.encode("hex")) - - x = vector['X'].decode("hex") - - # Client first pass. Use X value from test vectors - rtn, x, u, ut, sec = mpin_BN254CX.client_1( - HASH_TYPE_MPIN_ZZZ, date, mpin_id, None, x, PIN2, token, time_permit) - self.assertEqual(rtn, 0) - self.assertEqual(vector['X'], x.encode("hex")) - self.assertEqual(vector['U'], u.encode("hex")) - self.assertEqual(vector['UT'], ut.encode("hex")) - self.assertEqual(vector['SEC'], sec.encode("hex")) - - # Server calculates H(ID) and H(T|H(ID)) - HID, HTID = mpin_BN254CX.server_1( - HASH_TYPE_MPIN_ZZZ, date, mpin_id) - - # Use Y value from test vectors - y = vector['Y'].decode("hex") - - # Client second pass - rtn, v = mpin_BN254CX.client_2(x, y, sec) - self.assertEqual(rtn, 0) - self.assertEqual(vector['V'], v.encode("hex")) - - # Server second pass - rtn, E, F = mpin_BN254CX.server_2( - date, HID, HTID, y, server_secret, u, ut, v, None) - self.assertEqual(rtn, vector['SERVER_OUTPUT']) - - -if __name__ == '__main__': - # Run tests - unittest.main() diff --git a/wrappers/python/TimeMPIN_ZZZ.py.in b/wrappers/python/TimeMPIN_ZZZ.py.in index 548a4bc..8305fb0 100755 --- a/wrappers/python/TimeMPIN_ZZZ.py.in +++ b/wrappers/python/TimeMPIN_ZZZ.py.in @@ -38,8 +38,6 @@ def time_func(stmt, n=10, setup='from __main__ import *'): nIter = 100 -HASH_TYPE_MPIN_ZZZ = mpin_ZZZ.SHA256 - if __name__ == "__main__": # Print hex values DEBUG = False @@ -65,7 +63,7 @@ if __name__ == "__main__": mpin_id = "[email protected]" # Hash mpin_id - hash_mpin_id = mpin_ZZZ.hash_id(HASH_TYPE_MPIN_ZZZ, mpin_id) + hash_mpin_id = mpin_ZZZ.hash_id(mpin_ZZZ.HASH_TYPE_ZZZ, mpin_id) if DEBUG: print "mpin_id: %s" % mpin_id.encode("hex") print "hash_mpin_id: %s" % hash_mpin_id.encode("hex") @@ -127,16 +125,16 @@ if __name__ == "__main__": if DEBUG: print "Date %s" % date time_func( - 'rtn, tp1 = mpin_ZZZ.get_client_permit(HASH_TYPE_MPIN_ZZZ, date, ms1, hash_mpin_id)', + 'rtn, tp1 = mpin_ZZZ.get_client_permit(mpin_ZZZ.HASH_TYPE_ZZZ, date, ms1, hash_mpin_id)', nIter) rtn, tp1 = mpin_ZZZ.get_client_permit( - HASH_TYPE_MPIN_ZZZ, date, ms1, hash_mpin_id) + mpin_ZZZ.HASH_TYPE_ZZZ, date, ms1, hash_mpin_id) if rtn != 0: - print "get_client_permit(HASH_TYPE_MPIN_ZZZ, date, ms1, hash_mpin_id) Error %s" % rtn + print "get_client_permit(mpin_ZZZ.HASH_TYPE_ZZZ, date, ms1, hash_mpin_id) Error %s" % rtn rtn, tp2 = mpin_ZZZ.get_client_permit( - HASH_TYPE_MPIN_ZZZ, date, ms2, hash_mpin_id) + mpin_ZZZ.HASH_TYPE_ZZZ, date, ms2, hash_mpin_id) if rtn != 0: - print "get_client_permit(HASH_TYPE_MPIN_ZZZ, date, ms2, hash_mpin_id) Error %s" % rtn + print "get_client_permit(mpin_ZZZ.HASH_TYPE_ZZZ, date, ms2, hash_mpin_id) Error %s" % rtn if DEBUG: print "tp1: %s" % tp1.encode("hex") print "tp2: %s" % tp2.encode("hex") @@ -151,12 +149,12 @@ if __name__ == "__main__": # Client extracts PIN from secret to create Token PIN = 1234 time_func( - 'rtn, token = mpin_ZZZ.extract_pin(HASH_TYPE_MPIN_ZZZ, mpin_id, PIN, client_secret)', + 'rtn, token = mpin_ZZZ.extract_pin(mpin_ZZZ.HASH_TYPE_ZZZ, mpin_id, PIN, client_secret)', nIter) rtn, token = mpin_ZZZ.extract_pin( - HASH_TYPE_MPIN_ZZZ, mpin_id, PIN, client_secret) + mpin_ZZZ.HASH_TYPE_ZZZ, mpin_id, PIN, client_secret) if rtn != 0: - print "extract_pin(HASH_TYPE_MPIN_ZZZ, mpin_id, PIN, token) Error %s" % rtn + print "extract_pin(mpin_ZZZ.HASH_TYPE_ZZZ, mpin_id, PIN, token) Error %s" % rtn print "Token: %s" % token.encode("hex") if ONE_PASS: @@ -176,10 +174,10 @@ if __name__ == "__main__": # Client MPIN time_func( - 'rtn, x, u, ut, v, y = mpin_ZZZ.client(HASH_TYPE_MPIN_ZZZ, date, mpin_id, rng, None, PIN, token, time_permit, None, epoch_time)', + 'rtn, x, u, ut, v, y = mpin_ZZZ.client(mpin_ZZZ.HASH_TYPE_ZZZ, date, mpin_id, rng, None, PIN, token, time_permit, None, epoch_time)', nIter) rtn, x, u, ut, v, y = mpin_ZZZ.client( - HASH_TYPE_MPIN_ZZZ, date, mpin_id, rng, None, PIN, token, time_permit, None, epoch_time) + mpin_ZZZ.HASH_TYPE_ZZZ, date, mpin_id, rng, None, PIN, token, time_permit, None, epoch_time) if rtn != 0: print "MPIN_CLIENT ERROR %s" % rtn @@ -192,10 +190,10 @@ if __name__ == "__main__": # Server MPIN time_func( - 'rtn, HID, HTID, E, F, y2 = mpin_ZZZ.server(HASH_TYPE_MPIN_ZZZ, date, server_secret, u, ut, v, mpin_id, None, epoch_time, None)', + 'rtn, HID, HTID, E, F, y2 = mpin_ZZZ.server(mpin_ZZZ.HASH_TYPE_ZZZ, date, server_secret, u, ut, v, mpin_id, None, epoch_time, None)', nIter) rtn, HID, HTID, E, F, y2 = mpin_ZZZ.server( - HASH_TYPE_MPIN_ZZZ, date, server_secret, u, ut, v, mpin_id, None, epoch_time, None) + mpin_ZZZ.HASH_TYPE_ZZZ, date, server_secret, u, ut, v, mpin_id, None, epoch_time, None) if DEBUG: print "y2 ", y2.encode("hex") if rtn != 0: @@ -225,22 +223,22 @@ if __name__ == "__main__": if MPIN_FULL: time_func( - 'HM = mpin_ZZZ.hash_all(HASH_TYPE_MPIN_ZZZ, hash_mpin_id, u, ut, v, y, Z, T)', + 'HM = mpin_ZZZ.hash_all(mpin_ZZZ.HASH_TYPE_ZZZ, hash_mpin_id, u, ut, v, y, Z, T)', nIter) HM = mpin_ZZZ.hash_all( - HASH_TYPE_MPIN_ZZZ, hash_mpin_id, u, ut, v, y, Z, T) + mpin_ZZZ.HASH_TYPE_ZZZ, hash_mpin_id, u, ut, v, y, Z, T) time_func( - 'rtn, client_aes_key = mpin_ZZZ.client_key(HASH_TYPE_MPIN_ZZZ, pc1, pc2, PIN, r, x, HM, T)', + 'rtn, client_aes_key = mpin_ZZZ.client_key(mpin_ZZZ.HASH_TYPE_ZZZ, pc1, pc2, PIN, r, x, HM, T)', nIter) rtn, client_aes_key = mpin_ZZZ.client_key( - HASH_TYPE_MPIN_ZZZ, pc1, pc2, PIN, r, x, HM, T) + mpin_ZZZ.HASH_TYPE_ZZZ, pc1, pc2, PIN, r, x, HM, T) if rtn != 0: print "ERROR: Generating client_aes_key %s" % rtn print "Client AES Key: %s" % client_aes_key.encode("hex") rtn, server_aes_key = mpin_ZZZ.server_key( - HASH_TYPE_MPIN_ZZZ, Z, server_secret, w, HM, HID, u, ut) + mpin_ZZZ.HASH_TYPE_ZZZ, Z, server_secret, w, HM, HID, u, ut) if rtn != 0: print "ERROR: Generating server_aes_key %s" % rtn print "Server AES Key: %s" % server_aes_key.encode("hex") @@ -258,10 +256,10 @@ if __name__ == "__main__": # Client first pass time_func( - 'rtn, x, u, ut, sec = mpin_ZZZ.client_1(HASH_TYPE_MPIN_ZZZ, date, mpin_id, rng, None, PIN, token, time_permit)', + 'rtn, x, u, ut, sec = mpin_ZZZ.client_1(mpin_ZZZ.HASH_TYPE_ZZZ, date, mpin_id, rng, None, PIN, token, time_permit)', nIter) rtn, x, u, ut, sec = mpin_ZZZ.client_1( - HASH_TYPE_MPIN_ZZZ, date, mpin_id, rng, None, PIN, token, time_permit) + mpin_ZZZ.HASH_TYPE_ZZZ, date, mpin_id, rng, None, PIN, token, time_permit) if rtn != 0: print "client_1 ERROR %s" % rtn if DEBUG: @@ -270,9 +268,9 @@ if __name__ == "__main__": # Server calculates H(ID) and H(T|H(ID)) (if time permits enabled), # and maps them to points on the curve HID and HTID resp. time_func( - 'HID, HTID = mpin_ZZZ.server_1(HASH_TYPE_MPIN_ZZZ, date, mpin_id)', + 'HID, HTID = mpin_ZZZ.server_1(mpin_ZZZ.HASH_TYPE_ZZZ, date, mpin_id)', nIter) - HID, HTID = mpin_ZZZ.server_1(HASH_TYPE_MPIN_ZZZ, date, mpin_id) + HID, HTID = mpin_ZZZ.server_1(mpin_ZZZ.HASH_TYPE_ZZZ, date, mpin_id) # Server generates Random number y and sends it to Client time_func('rtn, y = mpin_ZZZ.random_generate(rng)', nIter) @@ -324,25 +322,25 @@ if __name__ == "__main__": print "ERROR: Generating T %s" % rtn time_func( - 'HM = mpin_ZZZ.hash_all(HASH_TYPE_MPIN_ZZZ, hash_mpin_id, u, ut, v, y, Z, T)', + 'HM = mpin_ZZZ.hash_all(mpin_ZZZ.HASH_TYPE_ZZZ, hash_mpin_id, u, ut, v, y, Z, T)', nIter) HM = mpin_ZZZ.hash_all( - HASH_TYPE_MPIN_ZZZ, hash_mpin_id, u, ut, v, y, Z, T) + mpin_ZZZ.HASH_TYPE_ZZZ, hash_mpin_id, u, ut, v, y, Z, T) time_func( - 'rtn, client_aes_key = mpin_ZZZ.client_key(HASH_TYPE_MPIN_ZZZ, pc1, pc2, PIN, r, x, HM, T)', + 'rtn, client_aes_key = mpin_ZZZ.client_key(mpin_ZZZ.HASH_TYPE_ZZZ, pc1, pc2, PIN, r, x, HM, T)', nIter) rtn, client_aes_key = mpin_ZZZ.client_key( - HASH_TYPE_MPIN_ZZZ, pc1, pc2, PIN, r, x, HM, T) + mpin_ZZZ.HASH_TYPE_ZZZ, pc1, pc2, PIN, r, x, HM, T) if rtn != 0: print "ERROR: Generating client_aes_key %s" % rtn print "Client AES Key: %s" % client_aes_key.encode("hex") time_func( - 'rtn, server_aes_key = mpin_ZZZ.server_key(HASH_TYPE_MPIN_ZZZ, Z, server_secret, w, HM, HID, u, ut)', + 'rtn, server_aes_key = mpin_ZZZ.server_key(mpin_ZZZ.HASH_TYPE_ZZZ, Z, server_secret, w, HM, HID, u, ut)', nIter) rtn, server_aes_key = mpin_ZZZ.server_key( - HASH_TYPE_MPIN_ZZZ, Z, server_secret, w, HM, HID, u, ut) + mpin_ZZZ.HASH_TYPE_ZZZ, Z, server_secret, w, HM, HID, u, ut) if rtn != 0: print "ERROR: Generating server_aes_key %s" % rtn print "Server AES Key: %s" % server_aes_key.encode("hex") diff --git a/wrappers/python/bls_ZZZ.py.in b/wrappers/python/bls_ZZZ.py.in new file mode 100755 index 0000000..2f78793 --- /dev/null +++ b/wrappers/python/bls_ZZZ.py.in @@ -0,0 +1,469 @@ +#!/usr/bin/env python3 + +""" +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, +software distributed under the License is distributed on an +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +KIND, either express or implied. See the License for the +specific language governing permissions and limitations +under the License. +""" + + +""" +bls + +This module use cffi to access the c functions in the BLS library. + +There is also an example usage program in this file. + +""" +import cffi +import platform +import os + +ffi = cffi.FFI() +ffi.cdef(""" +typedef struct { +unsigned int ira[21]; /* random number... */ +int rndptr; /* ...array & pointer */ +unsigned int borrow; +int pool_ptr; +char pool[32]; /* random pool */ +} csprng; + +typedef struct +{ + int len; + int max; + char *val; +} octet; + +extern void CREATE_CSPRNG(csprng *R,octet *S); +extern void KILL_CSPRNG(csprng *R); +extern void OCT_clear(octet *O); + +extern int BLS_ZZZ_KEY_PAIR_GENERATE(csprng *RNG,octet* S,octet *W); +extern int BLS_ZZZ_SIGN(octet *SIG,char *m,octet *S); +extern int BLS_ZZZ_VERIFY(octet *SIG,char *m,octet *W); +extern int BLS_ZZZ_ADD_G1(octet *R1,octet *R2,octet *R); +extern int BLS_ZZZ_ADD_G2(octet *W1,octet *W2,octet *W); + + +""") + +if (platform.system() == 'Windows'): + libamcl_bls_ZZZ = ffi.dlopen("libamcl_bls_ZZZ.dll") + libamcl_core = ffi.dlopen("libamcl_core.dll") +elif (platform.system() == 'Darwin'): + libamcl_bls_ZZZ = ffi.dlopen("libamcl_bls_ZZZ.dylib") + libamcl_core = ffi.dlopen("libamcl_core.dylib") +else: + libamcl_bls_ZZZ = ffi.dlopen("libamcl_bls_ZZZ.so") + libamcl_core = ffi.dlopen("libamcl_core.so") + +# Group Size +BGS = @NB@ +# Field Size +BFS = @NB@ + +CURVE_SECURITY = @CS@ + +G1LEN = BFS+1 + +if CURVE_SECURITY == 128: + G2LEN = 4*BFS + +if CURVE_SECURITY == 192: + G2LEN = 8*BFS + +if CURVE_SECURITY == 256: + G2LEN = 16*BFS + + +def to_hex(octet_value): + """Converts an octet type into a string + + Add all the values in an octet into an array. This arrays is then + converted to a string and hex encoded. + + Args:: + + octet_value. An octet pointer type + + Returns:: + + String + + Raises: + Exception + """ + i = 0 + val = [] + while i < octet_value.len: + val.append(octet_value.val[i]) + i = i + 1 + out=b'' + for x in val: + out = out + x + return out.hex() + +def make_octet(length, value=None): + """Generates an octet pointer + + Generates an empty octet or one filled with the input value + + Args:: + + length: Length of empty octet + value: Data to assign to octet + + Returns:: + + oct_ptr: octet pointer + val: data associated with octet to prevent garbage collection + + Raises: + + """ + oct_ptr = ffi.new("octet*") + if value: + val = ffi.new("char [%s]" % len(value), value) + oct_ptr.val = val + oct_ptr.max = len(value) + oct_ptr.len = len(value) + else: + val = ffi.new("char []", length) + oct_ptr.val = val + oct_ptr.max = length + oct_ptr.len = length + return oct_ptr, val + +def create_csprng(seed): + """Make a Cryptographically secure pseudo-random number generator instance + + Make a Cryptographically secure pseudo-random number generator instance + + Args:: + + seed: random seed value + + Returns:: + + rng: Pointer to cryptographically secure pseudo-random number generator instance + + Raises: + + """ + seed_oct, seed_val = make_octet(None, seed) + + # random number generator + rng = ffi.new('csprng*') + libamcl_core.CREATE_CSPRNG(rng, seed_oct) + libamcl_core.OCT_clear(seed_oct) + + return rng + + +def kill_csprng(rng): + """Kill a random number generator + + Deletes all internal state + + Args:: + + rng: Pointer to cryptographically secure pseudo-random number generator instance + + Returns:: + + + + Raises: + + """ + libamcl_core.KILL_CSPRNG(rng) + + return 0 + +def key_pair_generate(rng): + """Generate key pair + + Generate key pair + + Args:: + + rng: Pointer to cryptographically secure pseudo-random number generator instance + + Returns:: + + error_code: error from the C function + sk: secret key + pk: public key + + Raises: + + """ + sk1, sk1val = make_octet(BGS) + pk1, pk1val = make_octet(G2LEN) + error_code = libamcl_bls_ZZZ.BLS_ZZZ_KEY_PAIR_GENERATE(rng, sk1,pk1) + + sk_hex = to_hex(sk1) + pk_hex = to_hex(pk1) + + # clear memory + libamcl_core.OCT_clear(sk1) + libamcl_core.OCT_clear(pk1) + + sk = bytes.fromhex(sk_hex) + pk = bytes.fromhex(pk_hex) + return error_code, sk, pk + +def sign(message, sk): + """Calculate a signature + + Generate key pair + + Args:: + + message: Message to sign + sk: BLS secret key + + Returns:: + + error_code: Zero for success or else an error code + signature: BLS signature + + Raises: + + """ + sk1, sk1_val = make_octet(None, sk) + signature1, signature1_val = make_octet(G1LEN) + error_code = libamcl_bls_ZZZ.BLS_ZZZ_SIGN(signature1, message, sk1) + + signature_hex = to_hex(signature1) + + # clear memory + libamcl_core.OCT_clear(sk1) + libamcl_core.OCT_clear(signature1) + + signature = bytes.fromhex(signature_hex) + return error_code, signature + +def verify(signature, message, pk): + """Verify a signature + + Verify a signature + + Args:: + + message: Message to verify + signature: BLS signature + pk: BLS public key + + Returns:: + + error_code: Zero for success or else an error code + + Raises: + + """ + pk1, pk1_val = make_octet(None, pk) + signature1, signature1_val = make_octet(None, signature) + error_code = libamcl_bls_ZZZ.BLS_ZZZ_VERIFY(signature1, message, pk1) + + # clear memory + libamcl_core.OCT_clear(pk1) + libamcl_core.OCT_clear(signature1) + + return error_code + +def add_G1(R1, R2): + """Add two members from the group G1 + + Add two members from the group G1 + + Args:: + + R1: member of G1 + R2: member of G1 + + Returns:: + + R: member of G1. R = R1+R2 + error_code: Zero for success or else an error code + + Raises: + + """ + R11, R11_val = make_octet(None, R1) + R21, R21_val = make_octet(None, R2) + R1, R1_val = make_octet(G1LEN) + error_code = libamcl_bls_ZZZ.BLS_ZZZ_ADD_G1(R11, R21, R1) + + R_hex = to_hex(R1) + + # clear memory + libamcl_core.OCT_clear(R11) + libamcl_core.OCT_clear(R21) + libamcl_core.OCT_clear(R1) + + R = bytes.fromhex(R_hex) + return error_code, R + +def add_G2(R1, R2): + """Add two members from the group G2 + + Add two members from the group G2 + + Args:: + + R1: member of G2 + R2: member of G2 + + Returns:: + + R: member of G2. R = R1+R2 + error_code: Zero for success or else an error code + + Raises: + + """ + R11, R11_val = make_octet(None, R1) + R21, R21_val = make_octet(None, R2) + R1, R1_val = make_octet(G2LEN) + error_code = libamcl_bls_ZZZ.BLS_ZZZ_ADD_G2(R11, R21, R1) + + R_hex = to_hex(R1) + + # clear memory + libamcl_core.OCT_clear(R11) + libamcl_core.OCT_clear(R21) + libamcl_core.OCT_clear(R1) + + R = bytes.fromhex(R_hex) + return error_code, R + +if __name__ == "__main__": + # Print hex values + DEBUG = False + + # Seed + seed_hex = "78d0fb6705ce77dee47d03eb5b9c5d30" + seed = bytes.fromhex(seed_hex) + + # Message + message = b"test message" + + # random number generator + rng = create_csprng(seed) + + # Generate key pairs + rtn, sk1, pk1 = key_pair_generate(rng) + if rtn != 0: + print("Error: key_pair_generate {}".format(rtn)) + raise SystemExit(0) + print("sk1: {}".format(sk1.hex())) + print("pk1: {}".format(pk1.hex())) + + rtn, sk2, pk2 = key_pair_generate(rng) + if rtn != 0: + print("Error: key_pair_generate {}".format(rtn)) + raise SystemExit(0) + print("sk2: {}".format(sk2.hex())) + print("pk2: {}".format(pk2.hex())) + + rtn, sk3, pk3 = key_pair_generate(rng) + if rtn != 0: + print("Error: key_pair_generate {}".format(rtn)) + raise SystemExit(0) + print("sk3: {}".format(sk3.hex())) + print("pk3: {}".format(pk3.hex())) + + # Sign and verify + rtn, sig1 = sign(message, sk1) + if rtn != 0: + print("Error: sign {}".format(rtn)) + raise SystemExit(0) + print("sig1: {}".format(sig1.hex())) + + rtn = verify(sig1, message, pk1) + if rtn != 0: + print("Error: Invalid signature {}".format(rtn)) + raise SystemExit(0) + print("Success: Signature is valid") + + rtn, sig2 = sign(message, sk2) + if rtn != 0: + print("Error: sign {}".format(rtn)) + raise SystemExit(0) + print("sig2: {}".format(sig2.hex())) + + rtn = verify(sig2, message, pk2) + if rtn != 0: + print("Error: Invalid signature {}".format(rtn)) + raise SystemExit(0) + print("Success: Signature is valid") + + rtn, sig3 = sign(message, sk3) + if rtn != 0: + print("Error: sign {}".format(rtn)) + raise SystemExit(0) + print("sig3: {}".format(sig3.hex())) + + rtn = verify(sig3, message, pk3) + if rtn != 0: + print("Error: Invalid signature {}".format(rtn)) + raise SystemExit(0) + print("Success: Signature is valid") + + # Add Signatures + rtn, sig12 = add_G1(sig1, sig2) + if rtn != 0: + print("Error: add_G1 {}".format(rtn)) + raise SystemExit(0) + print("sig12: {}".format(sig12.hex())) + + rtn, sig123 = add_G1(sig12, sig3) + if rtn != 0: + print("Error: add_G1 {}".format(rtn)) + raise SystemExit(0) + print("sig123: {}".format(sig123.hex())) + + # Add Public keys + rtn, pk12 = add_G2(pk1, pk2) + if rtn != 0: + print("Error: add_G2 {}".format(rtn)) + raise SystemExit(0) + print("pk12: {}".format(pk12.hex())) + + rtn, pk123 = add_G2(pk12, pk3) + if rtn != 0: + print("Error: add_G2 {}".format(rtn)) + raise SystemExit(0) + print("pk123: {}".format(pk123.hex())) + + # Verify aggretated values + rtn = verify(sig123, message, pk123) + if rtn != 0: + print("Error: Invalid aggregated signature {}".format(rtn)) + raise SystemExit(0) + print("Success: Aggregated signature is valid") + + # Clear memory + kill_csprng(rng) + del sk1 + del pk1 + del sk2 + del pk2 + del sk3 + del pk3 diff --git a/wrappers/python/mpin_ZZZ.py.in b/wrappers/python/mpin_ZZZ.py.in index 8535820..0632cc8 100644 --- a/wrappers/python/mpin_ZZZ.py.in +++ b/wrappers/python/mpin_ZZZ.py.in @@ -32,7 +32,6 @@ import cffi import platform import os - ffi = cffi.FFI() ffi.cdef(""" typedef struct { @@ -101,22 +100,33 @@ else: libamcl_mpin_ZZZ = ffi.dlopen("libamcl_mpin_ZZZ.so") libamcl_core = ffi.dlopen("libamcl_core.so") -# MPIN Group Size +# Group Size PGS = @NB@ -# MPIN Field Size +# Field Size PFS = @NB@ + +CURVE_SECURITY = @CS@ + +if CURVE_SECURITY == 128: + G2 = 4*PFS + HASH_TYPE_ZZZ = 32 + AESKEY_ZZZ = 16 + +if CURVE_SECURITY == 192: + G2 = 8*PFS + HASH_TYPE_ZZZ = 48 + AESKEY_ZZZ = 24 + +if CURVE_SECURITY == 256: + G2 = 16*PFS + HASH_TYPE_ZZZ = 64 + AESKEY_ZZZ = 32 + G1 = 2 * PFS + 1 -G2 = 4 * PFS -GT = 12 * PFS +GT = 3*G2 + # AES-GCM IV length IVL = 12 -# MPIN Symmetric Key Size -PAS = 16 - -# Hash function choice -SHA256 = 32 -SHA384 = 48 -SHA512 = 64 def to_hex(octet_value): @@ -1164,7 +1174,7 @@ def client_key(hash_type, pc1, pc2, pin, r, x, hm, t): x1, x1_val = make_octet(None, x) hm1, hm1_val = make_octet(None, hm) t1, t1_val = make_octet(None, t) - client_aes_key1, client_aes_key_val1 = make_octet(PAS) + client_aes_key1, client_aes_key_val1 = make_octet(AESKEY_ZZZ) error_code = libamcl_mpin_ZZZ.MPIN_ZZZ_CLIENT_KEY( hash_type, pc11, @@ -1225,7 +1235,7 @@ def server_key(hash_type, z, server_secret, w, hm, HID, u, ut): HID1, HID1_val = make_octet(None, HID) u1, u1_val = make_octet(None, u) - server_aes_key1, server_aes_key1_val = make_octet(PAS) + server_aes_key1, server_aes_key1_val = make_octet(AESKEY_ZZZ) error_code = libamcl_mpin_ZZZ.MPIN_ZZZ_SERVER_KEY( hash_type, z1, @@ -1278,7 +1288,7 @@ def aes_gcm_encrypt(aes_key, iv, header, plaintext): iv1, iv1_val = make_octet(None, iv) header1, header1_val = make_octet(None, header) plaintext1, plaintext1_val = make_octet(None, plaintext) - tag1, tag1_val = make_octet(PAS) + tag1, tag1_val = make_octet(AESKEY_ZZZ) ciphertext1, ciphertext1_val = make_octet(len(plaintext)) libamcl_core.AES_GCM_ENCRYPT( @@ -1326,7 +1336,7 @@ def aes_gcm_decrypt(aes_key, iv, header, ciphertext): iv1, iv1_val = make_octet(None, iv) header1, header1_val = make_octet(None, header) ciphertext1, ciphertext1_val = make_octet(None, ciphertext) - tag1, tag1_val = make_octet(PAS) + tag1, tag1_val = make_octet(AESKEY_ZZZ) plaintext1, plaintext1_val = make_octet(len(ciphertext)) libamcl_core.AES_GCM_DECRYPT( @@ -1412,7 +1422,7 @@ if __name__ == "__main__": MPIN_ZZZ_FULL = True PIN_ERROR = True - HASH_TYPE_MPIN_ZZZ = SHA256 + if TIME_PERMITS: date = today() @@ -1433,7 +1443,7 @@ if __name__ == "__main__": mpin_id = "[email protected]" # Hash mpin_id - hash_mpin_id = hash_id(HASH_TYPE_MPIN_ZZZ, mpin_id) + hash_mpin_id = hash_id(HASH_TYPE_ZZZ, mpin_id) if DEBUG: print "mpin_id: %s" % mpin_id.encode("hex") print "hash_mpin_id: %s" % hash_mpin_id.encode("hex") @@ -1489,13 +1499,13 @@ if __name__ == "__main__": if DEBUG: print "Date %s" % date rtn, tp1 = get_client_permit( - HASH_TYPE_MPIN_ZZZ, date, ms1, hash_mpin_id) + HASH_TYPE_ZZZ, date, ms1, hash_mpin_id) if rtn != 0: - print "get_client_permit(HASH_TYPE_MPIN_ZZZ, date, ms1, hash_mpin_id) Error %s" % rtn + print "get_client_permit(HASH_TYPE_ZZZ, date, ms1, hash_mpin_id) Error %s" % rtn rtn, tp2 = get_client_permit( - HASH_TYPE_MPIN_ZZZ, date, ms2, hash_mpin_id) + HASH_TYPE_ZZZ, date, ms2, hash_mpin_id) if rtn != 0: - print "get_client_permit(HASH_TYPE_MPIN_ZZZ, date, ms2, hash_mpin_id) Error %s" % rtn + print "get_client_permit(HASH_TYPE_ZZZ, date, ms2, hash_mpin_id) Error %s" % rtn if DEBUG: print "tp1: %s" % tp1.encode("hex") print "tp2: %s" % tp2.encode("hex") @@ -1515,9 +1525,9 @@ if __name__ == "__main__": raw_input("Please enter four digit PIN to create M-Pin Token:")) else: PIN = 1234 - rtn, token = extract_pin(HASH_TYPE_MPIN_ZZZ, mpin_id, PIN, client_secret) + rtn, token = extract_pin(HASH_TYPE_ZZZ, mpin_id, PIN, client_secret) if rtn != 0: - print "extract_pin(HASH_TYPE_MPIN_ZZZ, mpin_id, PIN, token) Error %s" % rtn + print "extract_pin(HASH_TYPE_ZZZ, mpin_id, PIN, token) Error %s" % rtn print "Token: %s" % token.encode("hex") if ONE_PASS: @@ -1536,7 +1546,7 @@ if __name__ == "__main__": # Client MPIN rtn, x, u, ut, v, y = client( - HASH_TYPE_MPIN_ZZZ, date, mpin_id, rng, None, PIN, token, time_permit, None, epoch_time) + HASH_TYPE_ZZZ, date, mpin_id, rng, None, PIN, token, time_permit, None, epoch_time) if rtn != 0: print "MPIN_ZZZ_CLIENT ERROR %s" % rtn @@ -1546,7 +1556,7 @@ if __name__ == "__main__": # Server MPIN rtn, HID, HTID, E, F, y2 = server( - HASH_TYPE_MPIN_ZZZ, date, server_secret, u, ut, v, mpin_id, None, epoch_time) + HASH_TYPE_ZZZ, date, server_secret, u, ut, v, mpin_id, None, epoch_time) if DEBUG: print "y2 ", y2.encode("hex") if rtn != 0: @@ -1571,16 +1581,16 @@ if __name__ == "__main__": print "ERROR: Generating T %s" % rtn if MPIN_ZZZ_FULL: - HM = hash_all(HASH_TYPE_MPIN_ZZZ, hash_mpin_id, u, ut, v, y, Z, T) + HM = hash_all(HASH_TYPE_ZZZ, hash_mpin_id, u, ut, v, y, Z, T) rtn, client_aes_key = client_key( - HASH_TYPE_MPIN_ZZZ, pc1, pc2, PIN, r, x, HM, T) + HASH_TYPE_ZZZ, pc1, pc2, PIN, r, x, HM, T) if rtn != 0: print "ERROR: Generating client_aes_key %s" % rtn print "Client AES Key: %s" % client_aes_key.encode("hex") rtn, server_aes_key = server_key( - HASH_TYPE_MPIN_ZZZ, Z, server_secret, w, HM, HID, u, ut) + HASH_TYPE_ZZZ, Z, server_secret, w, HM, HID, u, ut) if rtn != 0: print "ERROR: Generating server_aes_key %s" % rtn print "Server AES Key: %s" % server_aes_key.encode("hex") @@ -1598,7 +1608,7 @@ if __name__ == "__main__": # Client first pass rtn, x, u, ut, sec = client_1( - HASH_TYPE_MPIN_ZZZ, date, mpin_id, rng, None, PIN, token, time_permit) + HASH_TYPE_ZZZ, date, mpin_id, rng, None, PIN, token, time_permit) if rtn != 0: print "client_1 ERROR %s" % rtn if DEBUG: @@ -1606,7 +1616,7 @@ if __name__ == "__main__": # Server calculates H(ID) and H(T|H(ID)) (if time permits enabled), # and maps them to points on the curve HID and HTID resp. - HID, HTID = server_1(HASH_TYPE_MPIN_ZZZ, date, mpin_id) + HID, HTID = server_1(HASH_TYPE_ZZZ, date, mpin_id) # Server generates Random number y and sends it to Client rtn, y = random_generate(rng) @@ -1647,16 +1657,16 @@ if __name__ == "__main__": if rtn != 0: print "ERROR: Generating T %s" % rtn - HM = hash_all(HASH_TYPE_MPIN_ZZZ, hash_mpin_id, u, ut, v, y, Z, T) + HM = hash_all(HASH_TYPE_ZZZ, hash_mpin_id, u, ut, v, y, Z, T) rtn, client_aes_key = client_key( - HASH_TYPE_MPIN_ZZZ, pc1, pc2, PIN, r, x, HM, T) + HASH_TYPE_ZZZ, pc1, pc2, PIN, r, x, HM, T) if rtn != 0: print "ERROR: Generating client_aes_key %s" % rtn print "Client AES Key: %s" % client_aes_key.encode("hex") rtn, server_aes_key = server_key( - HASH_TYPE_MPIN_ZZZ, Z, server_secret, w, HM, HID, u, ut) + HASH_TYPE_ZZZ, Z, server_secret, w, HM, HID, u, ut) if rtn != 0: print "ERROR: Generating server_aes_key %s" % rtn print "Server AES Key: %s" % server_aes_key.encode("hex") diff --git a/wrappers/python/wcc_ZZZ.py.in b/wrappers/python/wcc_ZZZ.py.in index 4457f12..2b083e8 100644 --- a/wrappers/python/wcc_ZZZ.py.in +++ b/wrappers/python/wcc_ZZZ.py.in @@ -31,25 +31,6 @@ There is also an example usage program in this file. import cffi import platform -# WCC Group Size -PGS = @NB@ -# WCC Field Size -PFS = @NB@ -G1 = 2 * PFS + 1 -G2 = 4 * PFS -# Length of hash -HASH_BYTES = 32 -# AES-GCM IV length -IVL = 12 -# AES Key length -PAS = 16 - -# Hash function choice -SHA256 = 32 -SHA384 = 48 -SHA512 = 64 -HASH_TYPE_WCC_ZZZ = SHA256 - ffi = cffi.FFI() ffi.cdef(""" typedef struct { @@ -94,6 +75,32 @@ else: libamcl_wcc_ZZZ = ffi.dlopen("libamcl_wcc_ZZZ.so") libamcl_core = ffi.dlopen("libamcl_core.so") +# Group Size +PGS = @NB@ +# Field Size +PFS = @NB@ + +CURVE_SECURITY = @CS@ + +if CURVE_SECURITY == 128: + G2 = 4*PFS + HASH_TYPE_ZZZ = 32 + AESKEY_ZZZ = 16 + +if CURVE_SECURITY == 192: + G2 = 8*PFS + HASH_TYPE_ZZZ = 48 + AESKEY_ZZZ = 24 + +if CURVE_SECURITY == 256: + G2 = 16*PFS + HASH_TYPE_ZZZ = 64 + AESKEY_ZZZ = 32 + +G1 = 2 * PFS + 1 + +# AES-GCM IV length +IVL = 12 def toHex(octetValue): """Converts an octet type into a string @@ -151,10 +158,10 @@ if __name__ == "__main__": # Hash value of IdA HIdA = ffi.new("octet*") - HIdAval = ffi.new("char []", HASH_BYTES) + HIdAval = ffi.new("char []", PFS) HIdA[0].val = HIdAval - HIdA[0].max = HASH_BYTES - HIdA[0].len = HASH_BYTES + HIdA[0].max = PFS + HIdA[0].len = PFS # Bob Identity bob_id = raw_input("Please enter Bob's identity:") @@ -166,10 +173,10 @@ if __name__ == "__main__": # Hash value of IdB HIdB = ffi.new("octet*") - HIdBval = ffi.new("char []", HASH_BYTES) + HIdBval = ffi.new("char []", PFS) HIdB[0].val = HIdBval - HIdB[0].max = HASH_BYTES - HIdB[0].len = HASH_BYTES + HIdB[0].max = PFS + HIdB[0].len = PFS # Sender keys A1KeyG1 = ffi.new("octet*") @@ -211,16 +218,16 @@ if __name__ == "__main__": # AES Keys KEY1 = ffi.new("octet*") - KEY1val = ffi.new("char []", PAS) + KEY1val = ffi.new("char []", AESKEY_ZZZ) KEY1[0].val = KEY1val - KEY1[0].max = PAS - KEY1[0].len = PAS + KEY1[0].max = AESKEY_ZZZ + KEY1[0].len = AESKEY_ZZZ KEY2 = ffi.new("octet*") - KEY2val = ffi.new("char []", PAS) + KEY2val = ffi.new("char []", AESKEY_ZZZ) KEY2[0].val = KEY2val - KEY2[0].max = PAS - KEY2[0].len = PAS + KEY2[0].max = AESKEY_ZZZ + KEY2[0].len = AESKEY_ZZZ X = ffi.new("octet*") Xval = ffi.new("char []", PGS) @@ -284,13 +291,13 @@ if __name__ == "__main__": libamcl_core.CREATE_CSPRNG(RNG, SEED) # Hash IdA - libamcl_core.HASH_ID(HASH_TYPE_WCC_ZZZ, IdA, HIdA) + libamcl_core.HASH_ID(HASH_TYPE_ZZZ, IdA, HIdA) if DEBUG: print "IdA: %s" % toHex(IdA) print "HIdA: %s" % toHex(HIdA) # Hash IdB - libamcl_core.HASH_ID(HASH_TYPE_WCC_ZZZ, IdB, HIdB) + libamcl_core.HASH_ID(HASH_TYPE_ZZZ, IdB, HIdB) if DEBUG: print "IdB: %s" % toHex(IdB) print "HIdB: %s" % toHex(HIdB) @@ -377,18 +384,18 @@ if __name__ == "__main__": print "PbG2: %s" % toHex(PbG2) # PIA = Hq(PaG1,PbG2,PgG1,IdB) - libamcl_wcc_ZZZ.WCC_ZZZ_Hq(HASH_TYPE_WCC_ZZZ, PaG1, PbG2, PgG1, IdB, PIA) + libamcl_wcc_ZZZ.WCC_ZZZ_Hq(HASH_TYPE_ZZZ, PaG1, PbG2, PgG1, IdB, PIA) if DEBUG: print "PIA: %s" % toHex(PIA) # PIB = Hq(PbG2,PaG1,PgG1,IdA) - libamcl_wcc_ZZZ.WCC_ZZZ_Hq(HASH_TYPE_WCC_ZZZ, PbG2, PaG1, PgG1, IdA, PIB) + libamcl_wcc_ZZZ.WCC_ZZZ_Hq(HASH_TYPE_ZZZ, PbG2, PaG1, PgG1, IdA, PIB) if DEBUG: print "PIB: %s" % toHex(PIB) # Alice calculates AES Key rtn = libamcl_wcc_ZZZ.WCC_ZZZ_SENDER_KEY( - HASH_TYPE_WCC_ZZZ, + HASH_TYPE_ZZZ, X, PIA, PIB, @@ -398,12 +405,12 @@ if __name__ == "__main__": IdB, KEY1) if rtn != 0: - print "libamcl_wcc_ZZZ.WCC_ZZZ_SENDER_KEY(HASH_TYPE_WCC_ZZZ, X, PIA, PIB, PbG2, PgG1, AKeyG1, IdB, KEY1) Error %s" % rtn + print "libamcl_wcc_ZZZ.WCC_ZZZ_SENDER_KEY(HASH_TYPE_ZZZ, X, PIA, PIB, PbG2, PgG1, AKeyG1, IdB, KEY1) Error %s" % rtn print "{0}'s AES Key: {1}".format(alice_id, toHex(KEY1)) # Bob calculates AES Key rtn = libamcl_wcc_ZZZ.WCC_ZZZ_RECEIVER_KEY( - HASH_TYPE_WCC_ZZZ, + HASH_TYPE_ZZZ, Y, W, PIA, @@ -414,7 +421,7 @@ if __name__ == "__main__": IdA, KEY2) if rtn != 0: - print "libamcl_wcc_ZZZ.WCC_ZZZ_RECEIVER_KEY(HASH_TYPE_WCC_ZZZ, Y, W, PIA, PIB, PaG1, PgG1, BKeyG2, IdA, KEY2) Error %s" % rtn + print "libamcl_wcc_ZZZ.WCC_ZZZ_RECEIVER_KEY(HASH_TYPE_ZZZ, Y, W, PIA, PIB, PaG1, PgG1, BKeyG2, IdA, KEY2) Error %s" % rtn print "{0}'s AES Key: {1}".format(bob_id, toHex(KEY2)) libamcl_core.KILL_CSPRNG(RNG)
