This is an automated email from the ASF dual-hosted git repository. kmccusker pushed a commit to branch develop in repository https://gitbox.apache.org/repos/asf/incubator-milagro-crypto-rust.git
commit df62cee823941598acede260afb074bf19b4aed0 Author: Kirk Baird <[email protected]> AuthorDate: Wed Mar 25 18:40:57 2020 +1100 Cleaup tests and compiler warnings Signed-off-by: Kirk Baird <[email protected]> --- Cargo.toml | 4 +- TestALL.rs | 1459 -------------------- TestBLS.rs | 190 --- TestNHS.rs | 77 -- readme.md | 2 +- src/bls.rs | 40 +- src/bls192.rs | 38 + src/bls256.rs | 38 + src/ecdh.rs | 156 +++ src/ecp.rs | 2 +- src/gcm.rs | 2 - src/lib.rs | 11 +- src/mpin.rs | 226 +++- src/mpin192.rs | 227 +++- src/mpin256.rs | 227 +++- src/nhs.rs | 50 + src/roms/{rom_bn254CX_32.rs => rom_bn254cx_32.rs} | 6 +- src/roms/{rom_bn254CX_64.rs => rom_bn254cx_64.rs} | 6 +- src/rsa.rs | 71 + src/test_utils/mod.rs | 21 + tests/test_all.rs | 1473 --------------------- tests/test_bls.rs | 190 --- tests/test_nhs.rs | 71 - 23 files changed, 1107 insertions(+), 3480 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 259e89f..834aa83 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -16,7 +16,7 @@ path = "src/lib.rs" [features] default = ["bn254"] all = [ - "anssi","bls24","bls48","bls381","bls383","bls461","bn254","bn254CX", + "anssi","bls24","bls48","bls381","bls383","bls461","bn254","bn254cx", "brainpool","c25519","c41417","ed25519","fp256BN","fp512BN","goldilocks","hifive", "nist256","nist384","nist521","nums256e","nums256w","nums384e","nums384w","nums512e", "nums512w","rsa2048","rsa3072","rsa4096","secp256k1", @@ -28,7 +28,7 @@ bls381 = [] bls383 = [] bls461 = [] bn254 = [] -bn254CX = [] +bn254cx = [] brainpool = [] c25519 = [] c41417 = [] diff --git a/TestALL.rs b/TestALL.rs deleted file mode 100644 index 9c3e1d0..0000000 --- a/TestALL.rs +++ /dev/null @@ -1,1459 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -extern crate amcl; - -use std::io; -use std::str; - -use amcl::rand::RAND; -use amcl::types::CurveType; - -pub fn printbinary(array: &[u8]) { - for i in 0..array.len() { - print!("{:02X}", array[i]) - } - println!("") -} - -fn ecdh_ed25519(mut rng: &mut RAND) { - //use amcl::ed25519; - use amcl::ed25519::ecdh; - use amcl::ed25519::ecp; - - let pw = "M0ng00se"; - let pp: &[u8] = b"M0ng00se"; - const EFS: usize = ecdh::EFS; - const EGS: usize = ecdh::EGS; - const EAS: usize = ecp::AESKEY; - - let sha = ecp::HASH_TYPE; - let mut salt: [u8; 8] = [0; 8]; - let mut s1: [u8; EGS] = [0; EGS]; - let mut w0: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; - let mut w1: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; - let mut z0: [u8; EFS] = [0; EFS]; - let mut z1: [u8; EFS] = [0; EFS]; - let mut key: [u8; EAS] = [0; EAS]; - let mut cs: [u8; EGS] = [0; EGS]; - let mut ds: [u8; EGS] = [0; EGS]; - let mut m: Vec<u8> = vec![0; 32]; // array that could be of any length. So use heap. - let mut p1: [u8; 3] = [0; 3]; - let mut p2: [u8; 4] = [0; 4]; - let mut v: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; - let mut t: [u8; 12] = [0; 12]; - - for i in 0..8 { - salt[i] = (i + 1) as u8 - } // set Salt - - println!("\nTesting ECDH/ECDSA/ECIES"); - println!("Alice's Passphrase= {}", pw); - - let mut s0: [u8; EFS] = [0; EGS]; - ecdh::pbkdf2(sha, pp, &salt, 1000, EGS, &mut s0); - - print!("Alice's private key= 0x"); - printbinary(&s0); - - /* Generate Key pair S/W */ - ecdh::key_pair_generate(None, &mut s0, &mut w0); - - print!("Alice's public key= 0x"); - printbinary(&w0); - - let mut res = ecdh::public_key_validate(&w0); - if res != 0 { - println!("ECP Public Key is invalid!"); - return; - } - - /* Random private key for other party */ - ecdh::key_pair_generate(Some(&mut rng), &mut s1, &mut w1); - - print!("Servers private key= 0x"); - printbinary(&s1); - - print!("Servers public key= 0x"); - printbinary(&w1); - - res = ecdh::public_key_validate(&w1); - if res != 0 { - println!("ECP Public Key is invalid!"); - return; - } - /* Calculate common key using DH - IEEE 1363 method */ - - ecdh::ecpsvdp_dh(&s0, &w1, &mut z0); - ecdh::ecpsvdp_dh(&s1, &w0, &mut z1); - - let mut same = true; - for i in 0..EFS { - if z0[i] != z1[i] { - same = false - } - } - - if !same { - println!("*** ECPSVDP-DH Failed"); - return; - } - - ecdh::kdf2(sha, &z0, None, EAS, &mut key); - - print!("Alice's DH Key= 0x"); - printbinary(&key); - print!("Servers DH Key= 0x"); - printbinary(&key); - - if ecp::CURVETYPE != CurveType::Montgomery { - for i in 0..17 { - m[i] = i as u8 - } - - println!("Testing ECIES"); - - p1[0] = 0x0; - p1[1] = 0x1; - p1[2] = 0x2; - p2[0] = 0x0; - p2[1] = 0x1; - p2[2] = 0x2; - p2[3] = 0x3; - - let cc = ecdh::ecies_encrypt(sha, &p1, &p2, &mut rng, &w1, &m[0..17], &mut v, &mut t); - - if let Some(mut c) = cc { - println!("Ciphertext= "); - print!("V= 0x"); - printbinary(&v); - print!("C= 0x"); - printbinary(&c); - print!("T= 0x"); - printbinary(&t); - - let mm = ecdh::ecies_decrypt(sha, &p1, &p2, &v, &mut c, &t, &s1); - if let Some(rm) = mm { - println!("Decryption succeeded"); - print!("Message is 0x"); - printbinary(&rm); - } else { - println!("*** ECIES Decryption Failed"); - return; - } - } else { - println!("*** ECIES Encryption Failed"); - return; - } - - println!("Testing ECDSA"); - - if ecdh::ecpsp_dsa(sha, &mut rng, &s0, &m[0..17], &mut cs, &mut ds) != 0 { - println!("***ECDSA Signature Failed"); - return; - } - println!("Signature= "); - print!("C= 0x"); - printbinary(&cs); - print!("D= 0x"); - printbinary(&ds); - - if ecdh::ecpvp_dsa(sha, &w0, &m[0..17], &cs, &ds) != 0 { - println!("***ECDSA Verification Failed"); - return; - } else { - println!("ECDSA Signature/Verification succeeded ") - } - } -} - -fn ecdh_nist256(mut rng: &mut RAND) { - //use amcl::nist256; - use amcl::nist256::ecdh; - use amcl::nist256::ecp; - - let pw = "M0ng00se"; - let pp: &[u8] = b"M0ng00se"; - const EFS: usize = ecdh::EFS; - const EGS: usize = ecdh::EGS; - const EAS: usize = ecp::AESKEY; - - let sha = ecp::HASH_TYPE; - let mut salt: [u8; 8] = [0; 8]; - let mut s1: [u8; EGS] = [0; EGS]; - let mut w0: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; - let mut w1: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; - let mut z0: [u8; EFS] = [0; EFS]; - let mut z1: [u8; EFS] = [0; EFS]; - let mut key: [u8; EAS] = [0; EAS]; - let mut cs: [u8; EGS] = [0; EGS]; - let mut ds: [u8; EGS] = [0; EGS]; - let mut m: Vec<u8> = vec![0; 32]; // array that could be of any length. So use heap. - let mut p1: [u8; 3] = [0; 3]; - let mut p2: [u8; 4] = [0; 4]; - let mut v: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; - let mut t: [u8; 12] = [0; 12]; - - for i in 0..8 { - salt[i] = (i + 1) as u8 - } // set Salt - - println!("\nTesting ECDH/ECDSA/ECIES"); - println!("Alice's Passphrase= {}", pw); - - let mut s0: [u8; EFS] = [0; EGS]; - ecdh::pbkdf2(sha, pp, &salt, 1000, EGS, &mut s0); - - print!("Alice's private key= 0x"); - printbinary(&s0); - - /* Generate Key pair S/W */ - ecdh::key_pair_generate(None, &mut s0, &mut w0); - - print!("Alice's public key= 0x"); - printbinary(&w0); - - let mut res = ecdh::public_key_validate(&w0); - if res != 0 { - println!("ECP Public Key is invalid!"); - return; - } - - /* Random private key for other party */ - ecdh::key_pair_generate(Some(&mut rng), &mut s1, &mut w1); - - print!("Servers private key= 0x"); - printbinary(&s1); - - print!("Servers public key= 0x"); - printbinary(&w1); - - res = ecdh::public_key_validate(&w1); - if res != 0 { - println!("ECP Public Key is invalid!"); - return; - } - /* Calculate common key using DH - IEEE 1363 method */ - - ecdh::ecpsvdp_dh(&s0, &w1, &mut z0); - ecdh::ecpsvdp_dh(&s1, &w0, &mut z1); - - let mut same = true; - for i in 0..EFS { - if z0[i] != z1[i] { - same = false - } - } - - if !same { - println!("*** ECPSVDP-DH Failed"); - return; - } - - ecdh::kdf2(sha, &z0, None, EAS, &mut key); - - print!("Alice's DH Key= 0x"); - printbinary(&key); - print!("Servers DH Key= 0x"); - printbinary(&key); - - if ecp::CURVETYPE != CurveType::Montgomery { - for i in 0..17 { - m[i] = i as u8 - } - - println!("Testing ECIES"); - - p1[0] = 0x0; - p1[1] = 0x1; - p1[2] = 0x2; - p2[0] = 0x0; - p2[1] = 0x1; - p2[2] = 0x2; - p2[3] = 0x3; - - let cc = ecdh::ecies_encrypt(sha, &p1, &p2, &mut rng, &w1, &m[0..17], &mut v, &mut t); - - if let Some(mut c) = cc { - println!("Ciphertext= "); - print!("V= 0x"); - printbinary(&v); - print!("C= 0x"); - printbinary(&c); - print!("T= 0x"); - printbinary(&t); - - let mm = ecdh::ecies_decrypt(sha, &p1, &p2, &v, &mut c, &t, &s1); - if let Some(rm) = mm { - println!("Decryption succeeded"); - print!("Message is 0x"); - printbinary(&rm); - } else { - println!("*** ECIES Decryption Failed"); - return; - } - } else { - println!("*** ECIES Encryption Failed"); - return; - } - - println!("Testing ECDSA"); - - if ecdh::ecpsp_dsa(sha, &mut rng, &s0, &m[0..17], &mut cs, &mut ds) != 0 { - println!("***ECDSA Signature Failed"); - return; - } - println!("Signature= "); - print!("C= 0x"); - printbinary(&cs); - print!("D= 0x"); - printbinary(&ds); - - if ecdh::ecpvp_dsa(sha, &w0, &m[0..17], &cs, &ds) != 0 { - println!("***ECDSA Verification Failed"); - return; - } else { - println!("ECDSA Signature/Verification succeeded ") - } - } -} - -fn ecdh_goldilocks(mut rng: &mut RAND) { - //use amcl::goldilocks; - use amcl::goldilocks::ecdh; - use amcl::goldilocks::ecp; - - let pw = "M0ng00se"; - let pp: &[u8] = b"M0ng00se"; - const EFS: usize = ecdh::EFS; - const EGS: usize = ecdh::EGS; - const EAS: usize = ecp::AESKEY; - - let sha = ecp::HASH_TYPE; - let mut salt: [u8; 8] = [0; 8]; - let mut s1: [u8; EGS] = [0; EGS]; - let mut w0: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; - let mut w1: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; - let mut z0: [u8; EFS] = [0; EFS]; - let mut z1: [u8; EFS] = [0; EFS]; - let mut key: [u8; EAS] = [0; EAS]; - let mut cs: [u8; EGS] = [0; EGS]; - let mut ds: [u8; EGS] = [0; EGS]; - let mut m: Vec<u8> = vec![0; 32]; // array that could be of any length. So use heap. - let mut p1: [u8; 3] = [0; 3]; - let mut p2: [u8; 4] = [0; 4]; - let mut v: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; - let mut t: [u8; 12] = [0; 12]; - - for i in 0..8 { - salt[i] = (i + 1) as u8 - } // set Salt - - println!("\nTesting ECDH/ECDSA/ECIES"); - println!("Alice's Passphrase= {}", pw); - - let mut s0: [u8; EFS] = [0; EGS]; - ecdh::pbkdf2(sha, pp, &salt, 1000, EGS, &mut s0); - - print!("Alice's private key= 0x"); - printbinary(&s0); - - /* Generate Key pair S/W */ - ecdh::key_pair_generate(None, &mut s0, &mut w0); - - print!("Alice's public key= 0x"); - printbinary(&w0); - - let mut res = ecdh::public_key_validate(&w0); - if res != 0 { - println!("ECP Public Key is invalid!"); - return; - } - - /* Random private key for other party */ - ecdh::key_pair_generate(Some(&mut rng), &mut s1, &mut w1); - - print!("Servers private key= 0x"); - printbinary(&s1); - - print!("Servers public key= 0x"); - printbinary(&w1); - - res = ecdh::public_key_validate(&w1); - if res != 0 { - println!("ECP Public Key is invalid!"); - return; - } - /* Calculate common key using DH - IEEE 1363 method */ - - ecdh::ecpsvdp_dh(&s0, &w1, &mut z0); - ecdh::ecpsvdp_dh(&s1, &w0, &mut z1); - - let mut same = true; - for i in 0..EFS { - if z0[i] != z1[i] { - same = false - } - } - - if !same { - println!("*** ECPSVDP-DH Failed"); - return; - } - - ecdh::kdf2(sha, &z0, None, EAS, &mut key); - - print!("Alice's DH Key= 0x"); - printbinary(&key); - print!("Servers DH Key= 0x"); - printbinary(&key); - - if ecp::CURVETYPE != CurveType::Montgomery { - for i in 0..17 { - m[i] = i as u8 - } - - println!("Testing ECIES"); - - p1[0] = 0x0; - p1[1] = 0x1; - p1[2] = 0x2; - p2[0] = 0x0; - p2[1] = 0x1; - p2[2] = 0x2; - p2[3] = 0x3; - - let cc = ecdh::ecies_encrypt(sha, &p1, &p2, &mut rng, &w1, &m[0..17], &mut v, &mut t); - - if let Some(mut c) = cc { - println!("Ciphertext= "); - print!("V= 0x"); - printbinary(&v); - print!("C= 0x"); - printbinary(&c); - print!("T= 0x"); - printbinary(&t); - - let mm = ecdh::ecies_decrypt(sha, &p1, &p2, &v, &mut c, &t, &s1); - if let Some(rm) = mm { - println!("Decryption succeeded"); - print!("Message is 0x"); - printbinary(&rm); - } else { - println!("*** ECIES Decryption Failed"); - return; - } - } else { - println!("*** ECIES Encryption Failed"); - return; - } - - println!("Testing ECDSA"); - - if ecdh::ecpsp_dsa(sha, &mut rng, &s0, &m[0..17], &mut cs, &mut ds) != 0 { - println!("***ECDSA Signature Failed"); - return; - } - println!("Signature= "); - print!("C= 0x"); - printbinary(&cs); - print!("D= 0x"); - printbinary(&ds); - - if ecdh::ecpvp_dsa(sha, &w0, &m[0..17], &cs, &ds) != 0 { - println!("***ECDSA Verification Failed"); - return; - } else { - println!("ECDSA Signature/Verification succeeded ") - } - } -} - -fn mpin_bn254(mut rng: &mut RAND) { - //use amcl::bn254; - use amcl::bn254::ecp; - use amcl::bn254::mpin; - pub const PERMITS: bool = true; - pub const PINERROR: bool = true; - pub const FULL: bool = true; - //pub const SINGLE_PASS:bool=false; - - const EFS: usize = mpin::EFS; - const EGS: usize = mpin::EGS; - - let mut s: [u8; EGS] = [0; EGS]; - const RM: usize = EFS as usize; - let mut hcid: [u8; RM] = [0; RM]; - let mut hsid: [u8; RM] = [0; RM]; - - const G1S: usize = 2 * EFS + 1; /* Group 1 Size */ - const G2S: usize = 4 * EFS; /* Group 2 Size */ - const EAS: usize = ecp::AESKEY; - - let mut sst: [u8; G2S] = [0; G2S]; - let mut token: [u8; G1S] = [0; G1S]; - let mut permit: [u8; G1S] = [0; G1S]; - let mut g1: [u8; 12 * EFS] = [0; 12 * EFS]; - let mut g2: [u8; 12 * EFS] = [0; 12 * EFS]; - let mut xid: [u8; G1S] = [0; G1S]; - let mut xcid: [u8; G1S] = [0; G1S]; - let mut x: [u8; EGS] = [0; EGS]; - let mut y: [u8; EGS] = [0; EGS]; - let mut sec: [u8; G1S] = [0; G1S]; - let mut r: [u8; EGS] = [0; EGS]; - let mut z: [u8; G1S] = [0; G1S]; - let mut hid: [u8; G1S] = [0; G1S]; - let mut htid: [u8; G1S] = [0; G1S]; - let mut rhid: [u8; G1S] = [0; G1S]; - let mut w: [u8; EGS] = [0; EGS]; - let mut t: [u8; G1S] = [0; G1S]; - let mut e: [u8; 12 * EFS] = [0; 12 * EFS]; - let mut f: [u8; 12 * EFS] = [0; 12 * EFS]; - let mut h: [u8; RM] = [0; RM]; - let mut ck: [u8; EAS] = [0; EAS]; - let mut sk: [u8; EAS] = [0; EAS]; - - let sha = ecp::HASH_TYPE; - - println!("\nTesting MPIN - PIN is 1234"); - /* Trusted Authority set-up */ - - mpin::random_generate(&mut rng, &mut s); - print!("Master Secret s: 0x"); - printbinary(&s); - - /* Create Client Identity */ - let name = "[email protected]"; - let client_id = name.as_bytes(); - - print!("Client ID= "); - printbinary(&client_id); - - mpin::hash_id(sha, &client_id, &mut hcid); /* Either Client or TA calculates Hash(ID) - you decide! */ - - /* Client and Server are issued secrets by DTA */ - mpin::get_server_secret(&s, &mut sst); - print!("Server Secret SS: 0x"); - printbinary(&sst); - - mpin::get_client_secret(&mut s, &hcid, &mut token); - print!("Client Secret CS: 0x"); - printbinary(&token); - - /* Client extracts PIN from secret to create Token */ - let pin: i32 = 1234; - println!("Client extracts PIN= {}", pin); - let mut rtn = mpin::extract_pin(sha, &client_id, pin, &mut token); - if rtn != 0 { - println!("FAILURE: EXTRACT_PIN rtn: {}", rtn); - } - - print!("Client Token TK: 0x"); - printbinary(&token); - - if FULL { - mpin::precompute(&token, &hcid, &mut g1, &mut g2); - } - - let mut date = 0; - if PERMITS { - date = mpin::today(); - /* Client gets "Time Token" permit from DTA */ - - mpin::get_client_permit(sha, date, &s, &hcid, &mut permit); - print!("Time Permit TP: 0x"); - printbinary(&permit); - - /* This encoding makes Time permit look random - Elligator squared */ - mpin::encoding(&mut rng, &mut permit); - print!("Encoded Time Permit TP: 0x"); - printbinary(&permit); - mpin::decoding(&mut permit); - print!("Decoded Time Permit TP: 0x"); - printbinary(&permit); - } - - print!("\nPIN= "); - let _ = io::Write::flush(&mut io::stdout()); - let mut input_text = String::new(); - let _ = io::stdin().read_line(&mut input_text); - - let pin = input_text.trim().parse::<usize>().unwrap(); - - println!("MPIN Multi Pass"); - /* Send U=x.ID to server, and recreate secret from token and pin */ - rtn = mpin::client_1( - sha, - date, - &client_id, - Some(&mut rng), - &mut x, - pin, - &token, - &mut sec, - Some(&mut xid[..]), - Some(&mut xcid[..]), - Some(&permit[..]), - ); - if rtn != 0 { - println!("FAILURE: CLIENT_1 rtn: {}", rtn); - } - - if FULL { - mpin::hash_id(sha, &client_id, &mut hcid); - mpin::get_g1_multiple(Some(&mut rng), 1, &mut r, &hcid, &mut z); /* Also Send Z=r.ID to Server, remember random r */ - } - - /* Server calculates H(ID) and H(T|H(ID)) (if time mpin::PERMITS enabled), and maps them to points on the curve HID and HTID resp. */ - - mpin::server_1(sha, date, &client_id, &mut hid, Some(&mut htid[..])); - - if date != 0 { - rhid.clone_from_slice(&htid[..]); - } else { - rhid.clone_from_slice(&hid[..]); - } - - /* Server generates Random number Y and sends it to Client */ - mpin::random_generate(&mut rng, &mut y); - - if FULL { - mpin::hash_id(sha, &client_id, &mut hsid); - mpin::get_g1_multiple(Some(&mut rng), 0, &mut w, &rhid, &mut t); /* Also send T=w.ID to client, remember random w */ - } - - /* Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */ - rtn = mpin::client_2(&x, &y, &mut sec); - if rtn != 0 { - println!("FAILURE: CLIENT_2 rtn: {}", rtn); - } - - /* Server Second pass. Inputs hashed client id, random Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */ - /* If PIN error not required, set E and F = null */ - - if !PINERROR { - rtn = mpin::server_2( - date, - &hid, - Some(&htid[..]), - &y, - &sst, - Some(&xid[..]), - Some(&xcid[..]), - &sec, - None, - None, - ); - } else { - rtn = mpin::server_2( - date, - &hid, - Some(&htid[..]), - &y, - &sst, - Some(&xid[..]), - Some(&xcid[..]), - &sec, - Some(&mut e), - Some(&mut f), - ); - } - - if rtn == mpin::BAD_PIN { - println!("Server says - Bad Pin. I don't know you. Feck off."); - if PINERROR { - let err = mpin::kangaroo(&e, &f); - if err != 0 { - println!("(Client PIN is out by {})", err) - } - } - return; - } else { - println!("Server says - PIN is good! You really are {}", name); - } - - if FULL { - let mut pxcid = None; - if PERMITS { - pxcid = Some(&xcid[..]) - }; - - mpin::hash_all(sha, &hcid, &xid, pxcid, &sec, &y, &z, &t, &mut h); - mpin::client_key(sha, &g1, &g2, pin, &r, &x, &h, &t, &mut ck); - print!("Client Key = 0x"); - printbinary(&ck); - - mpin::hash_all(sha, &hsid, &xid, pxcid, &sec, &y, &z, &t, &mut h); - mpin::server_key(sha, &z, &sst, &w, &h, &hid, &xid, pxcid, &mut sk); - print!("Server Key = 0x"); - printbinary(&sk); - } -} - -fn mpin_bls383(mut rng: &mut RAND) { - //use amcl::bls383; - use amcl::bls383::ecp; - use amcl::bls383::mpin; - pub const PERMITS: bool = true; - pub const PINERROR: bool = true; - pub const FULL: bool = true; - //pub const SINGLE_PASS:bool=false; - - const EFS: usize = mpin::EFS; - const EGS: usize = mpin::EGS; - - let mut s: [u8; EGS] = [0; EGS]; - const RM: usize = EFS as usize; - let mut hcid: [u8; RM] = [0; RM]; - let mut hsid: [u8; RM] = [0; RM]; - - const G1S: usize = 2 * EFS + 1; /* Group 1 Size */ - const G2S: usize = 4 * EFS; /* Group 2 Size */ - const EAS: usize = ecp::AESKEY; - - let mut sst: [u8; G2S] = [0; G2S]; - let mut token: [u8; G1S] = [0; G1S]; - let mut permit: [u8; G1S] = [0; G1S]; - let mut g1: [u8; 12 * EFS] = [0; 12 * EFS]; - let mut g2: [u8; 12 * EFS] = [0; 12 * EFS]; - let mut xid: [u8; G1S] = [0; G1S]; - let mut xcid: [u8; G1S] = [0; G1S]; - let mut x: [u8; EGS] = [0; EGS]; - let mut y: [u8; EGS] = [0; EGS]; - let mut sec: [u8; G1S] = [0; G1S]; - let mut r: [u8; EGS] = [0; EGS]; - let mut z: [u8; G1S] = [0; G1S]; - let mut hid: [u8; G1S] = [0; G1S]; - let mut htid: [u8; G1S] = [0; G1S]; - let mut rhid: [u8; G1S] = [0; G1S]; - let mut w: [u8; EGS] = [0; EGS]; - let mut t: [u8; G1S] = [0; G1S]; - let mut e: [u8; 12 * EFS] = [0; 12 * EFS]; - let mut f: [u8; 12 * EFS] = [0; 12 * EFS]; - let mut h: [u8; RM] = [0; RM]; - let mut ck: [u8; EAS] = [0; EAS]; - let mut sk: [u8; EAS] = [0; EAS]; - - let sha = ecp::HASH_TYPE; - - println!("\nTesting MPIN - PIN is 1234"); - /* Trusted Authority set-up */ - - mpin::random_generate(&mut rng, &mut s); - print!("Master Secret s: 0x"); - printbinary(&s); - - /* Create Client Identity */ - let name = "[email protected]"; - let client_id = name.as_bytes(); - - print!("Client ID= "); - printbinary(&client_id); - - mpin::hash_id(sha, &client_id, &mut hcid); /* Either Client or TA calculates Hash(ID) - you decide! */ - - /* Client and Server are issued secrets by DTA */ - mpin::get_server_secret(&s, &mut sst); - print!("Server Secret SS: 0x"); - printbinary(&sst); - - mpin::get_client_secret(&mut s, &hcid, &mut token); - print!("Client Secret CS: 0x"); - printbinary(&token); - - /* Client extracts PIN from secret to create Token */ - let pin: i32 = 1234; - println!("Client extracts PIN= {}", pin); - let mut rtn = mpin::extract_pin(sha, &client_id, pin, &mut token); - if rtn != 0 { - println!("FAILURE: EXTRACT_PIN rtn: {}", rtn); - } - - print!("Client Token TK: 0x"); - printbinary(&token); - - if FULL { - mpin::precompute(&token, &hcid, &mut g1, &mut g2); - } - - let mut date = 0; - if PERMITS { - date = mpin::today(); - /* Client gets "Time Token" permit from DTA */ - - mpin::get_client_permit(sha, date, &s, &hcid, &mut permit); - print!("Time Permit TP: 0x"); - printbinary(&permit); - - /* This encoding makes Time permit look random - Elligator squared */ - mpin::encoding(&mut rng, &mut permit); - print!("Encoded Time Permit TP: 0x"); - printbinary(&permit); - mpin::decoding(&mut permit); - print!("Decoded Time Permit TP: 0x"); - printbinary(&permit); - } - - print!("\nPIN= "); - let _ = io::Write::flush(&mut io::stdout()); - let mut input_text = String::new(); - let _ = io::stdin().read_line(&mut input_text); - - let pin = input_text.trim().parse::<usize>().unwrap(); - - println!("MPIN Multi Pass"); - /* Send U=x.ID to server, and recreate secret from token and pin */ - rtn = mpin::client_1( - sha, - date, - &client_id, - Some(&mut rng), - &mut x, - pin, - &token, - &mut sec, - Some(&mut xid[..]), - Some(&mut xcid[..]), - Some(&permit[..]), - ); - if rtn != 0 { - println!("FAILURE: CLIENT_1 rtn: {}", rtn); - } - - if FULL { - mpin::hash_id(sha, &client_id, &mut hcid); - mpin::get_g1_multiple(Some(&mut rng), 1, &mut r, &hcid, &mut z); /* Also Send Z=r.ID to Server, remember random r */ - } - - /* Server calculates H(ID) and H(T|H(ID)) (if time mpin::PERMITS enabled), and maps them to points on the curve HID and HTID resp. */ - - mpin::server_1(sha, date, &client_id, &mut hid, Some(&mut htid[..])); - - if date != 0 { - rhid.clone_from_slice(&htid[..]); - } else { - rhid.clone_from_slice(&hid[..]); - } - - /* Server generates Random number Y and sends it to Client */ - mpin::random_generate(&mut rng, &mut y); - - if FULL { - mpin::hash_id(sha, &client_id, &mut hsid); - mpin::get_g1_multiple(Some(&mut rng), 0, &mut w, &rhid, &mut t); /* Also send T=w.ID to client, remember random w */ - } - - /* Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */ - rtn = mpin::client_2(&x, &y, &mut sec); - if rtn != 0 { - println!("FAILURE: CLIENT_2 rtn: {}", rtn); - } - - /* Server Second pass. Inputs hashed client id, random Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */ - /* If PIN error not required, set E and F = null */ - - if !PINERROR { - rtn = mpin::server_2( - date, - &hid, - Some(&htid[..]), - &y, - &sst, - Some(&xid[..]), - Some(&xcid[..]), - &sec, - None, - None, - ); - } else { - rtn = mpin::server_2( - date, - &hid, - Some(&htid[..]), - &y, - &sst, - Some(&xid[..]), - Some(&xcid[..]), - &sec, - Some(&mut e), - Some(&mut f), - ); - } - - if rtn == mpin::BAD_PIN { - println!("Server says - Bad Pin. I don't know you. Feck off."); - if PINERROR { - let err = mpin::kangaroo(&e, &f); - if err != 0 { - println!("(Client PIN is out by {})", err) - } - } - return; - } else { - println!("Server says - PIN is good! You really are {}", name); - } - - if FULL { - let mut pxcid = None; - if PERMITS { - pxcid = Some(&xcid[..]) - }; - - mpin::hash_all(sha, &hcid, &xid, pxcid, &sec, &y, &z, &t, &mut h); - mpin::client_key(sha, &g1, &g2, pin, &r, &x, &h, &t, &mut ck); - print!("Client Key = 0x"); - printbinary(&ck); - - mpin::hash_all(sha, &hsid, &xid, pxcid, &sec, &y, &z, &t, &mut h); - mpin::server_key(sha, &z, &sst, &w, &h, &hid, &xid, pxcid, &mut sk); - print!("Server Key = 0x"); - printbinary(&sk); - } -} - -fn mpin_bls24(mut rng: &mut RAND) { - //use amcl::bls24; - use amcl::bls24::ecp; - use amcl::bls24::mpin192; - - pub const PERMITS: bool = true; - pub const PINERROR: bool = true; - pub const FULL: bool = true; - //pub const SINGLE_PASS:bool=false; - - const EFS: usize = mpin192::EFS; - const EGS: usize = mpin192::EGS; - - let mut s: [u8; EGS] = [0; EGS]; - const RM: usize = EFS as usize; - let mut hcid: [u8; RM] = [0; RM]; - let mut hsid: [u8; RM] = [0; RM]; - - const G1S: usize = 2 * EFS + 1; /* Group 1 Size */ - const G2S: usize = 8 * EFS; /* Group 2 Size */ - const EAS: usize = ecp::AESKEY; - - let mut sst: [u8; G2S] = [0; G2S]; - let mut token: [u8; G1S] = [0; G1S]; - let mut permit: [u8; G1S] = [0; G1S]; - let mut g1: [u8; 24 * EFS] = [0; 24 * EFS]; - let mut g2: [u8; 24 * EFS] = [0; 24 * EFS]; - let mut xid: [u8; G1S] = [0; G1S]; - let mut xcid: [u8; G1S] = [0; G1S]; - let mut x: [u8; EGS] = [0; EGS]; - let mut y: [u8; EGS] = [0; EGS]; - let mut sec: [u8; G1S] = [0; G1S]; - let mut r: [u8; EGS] = [0; EGS]; - let mut z: [u8; G1S] = [0; G1S]; - let mut hid: [u8; G1S] = [0; G1S]; - let mut htid: [u8; G1S] = [0; G1S]; - let mut rhid: [u8; G1S] = [0; G1S]; - let mut w: [u8; EGS] = [0; EGS]; - let mut t: [u8; G1S] = [0; G1S]; - let mut e: [u8; 24 * EFS] = [0; 24 * EFS]; - let mut f: [u8; 24 * EFS] = [0; 24 * EFS]; - let mut h: [u8; RM] = [0; RM]; - let mut ck: [u8; EAS] = [0; EAS]; - let mut sk: [u8; EAS] = [0; EAS]; - - let sha = ecp::HASH_TYPE; - - println!("\nTesting MPIN - PIN is 1234"); - /* Trusted Authority set-up */ - - mpin192::random_generate(&mut rng, &mut s); - print!("Master Secret s: 0x"); - printbinary(&s); - - /* Create Client Identity */ - let name = "[email protected]"; - let client_id = name.as_bytes(); - - print!("Client ID= "); - printbinary(&client_id); - - mpin192::hash_id(sha, &client_id, &mut hcid); /* Either Client or TA calculates Hash(ID) - you decide! */ - - /* Client and Server are issued secrets by DTA */ - mpin192::get_server_secret(&s, &mut sst); - print!("Server Secret SS: 0x"); - printbinary(&sst); - - mpin192::get_client_secret(&mut s, &hcid, &mut token); - print!("Client Secret CS: 0x"); - printbinary(&token); - - /* Client extracts PIN from secret to create Token */ - let pin: i32 = 1234; - println!("Client extracts PIN= {}", pin); - let mut rtn = mpin192::extract_pin(sha, &client_id, pin, &mut token); - if rtn != 0 { - println!("FAILURE: EXTRACT_PIN rtn: {}", rtn); - } - - print!("Client Token TK: 0x"); - printbinary(&token); - - if FULL { - mpin192::precompute(&token, &hcid, &mut g1, &mut g2); - } - - let mut date = 0; - if PERMITS { - date = mpin192::today(); - /* Client gets "Time Token" permit from DTA */ - - mpin192::get_client_permit(sha, date, &s, &hcid, &mut permit); - print!("Time Permit TP: 0x"); - printbinary(&permit); - - /* This encoding makes Time permit look random - Elligator squared */ - mpin192::encoding(&mut rng, &mut permit); - print!("Encoded Time Permit TP: 0x"); - printbinary(&permit); - mpin192::decoding(&mut permit); - print!("Decoded Time Permit TP: 0x"); - printbinary(&permit); - } - - print!("\nPIN= "); - let _ = io::Write::flush(&mut io::stdout()); - let mut input_text = String::new(); - let _ = io::stdin().read_line(&mut input_text); - - let pin = input_text.trim().parse::<usize>().unwrap(); - - println!("MPIN Multi Pass"); - /* Send U=x.ID to server, and recreate secret from token and pin */ - rtn = mpin192::client_1( - sha, - date, - &client_id, - Some(&mut rng), - &mut x, - pin, - &token, - &mut sec, - Some(&mut xid[..]), - Some(&mut xcid[..]), - Some(&permit[..]), - ); - if rtn != 0 { - println!("FAILURE: CLIENT_1 rtn: {}", rtn); - } - - if FULL { - mpin192::hash_id(sha, &client_id, &mut hcid); - mpin192::get_g1_multiple(Some(&mut rng), 1, &mut r, &hcid, &mut z); /* Also Send Z=r.ID to Server, remember random r */ - } - - /* Server calculates H(ID) and H(T|H(ID)) (if time mpin192::PERMITS enabled), and maps them to points on the curve HID and HTID resp. */ - - mpin192::server_1(sha, date, &client_id, &mut hid, Some(&mut htid[..])); - - if date != 0 { - rhid.clone_from_slice(&htid[..]); - } else { - rhid.clone_from_slice(&hid[..]); - } - - /* Server generates Random number Y and sends it to Client */ - mpin192::random_generate(&mut rng, &mut y); - - if FULL { - mpin192::hash_id(sha, &client_id, &mut hsid); - mpin192::get_g1_multiple(Some(&mut rng), 0, &mut w, &rhid, &mut t); /* Also send T=w.ID to client, remember random w */ - } - - /* Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */ - rtn = mpin192::client_2(&x, &y, &mut sec); - if rtn != 0 { - println!("FAILURE: CLIENT_2 rtn: {}", rtn); - } - - /* Server Second pass. Inputs hashed client id, random Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */ - /* If PIN error not required, set E and F = null */ - - if !PINERROR { - rtn = mpin192::server_2( - date, - &hid, - Some(&htid[..]), - &y, - &sst, - Some(&xid[..]), - Some(&xcid[..]), - &sec, - None, - None, - ); - } else { - rtn = mpin192::server_2( - date, - &hid, - Some(&htid[..]), - &y, - &sst, - Some(&xid[..]), - Some(&xcid[..]), - &sec, - Some(&mut e), - Some(&mut f), - ); - } - - if rtn == mpin192::BAD_PIN { - println!("Server says - Bad Pin. I don't know you. Feck off."); - if PINERROR { - let err = mpin192::kangaroo(&e, &f); - if err != 0 { - println!("(Client PIN is out by {})", err) - } - } - return; - } else { - println!("Server says - PIN is good! You really are {}", name); - } - - if FULL { - let mut pxcid = None; - if PERMITS { - pxcid = Some(&xcid[..]) - }; - - mpin192::hash_all(sha, &hcid, &xid, pxcid, &sec, &y, &z, &t, &mut h); - mpin192::client_key(sha, &g1, &g2, pin, &r, &x, &h, &t, &mut ck); - print!("Client Key = 0x"); - printbinary(&ck); - - mpin192::hash_all(sha, &hsid, &xid, pxcid, &sec, &y, &z, &t, &mut h); - mpin192::server_key(sha, &z, &sst, &w, &h, &hid, &xid, pxcid, &mut sk); - print!("Server Key = 0x"); - printbinary(&sk); - } -} - -fn mpin_bls48(mut rng: &mut RAND) { - //use amcl::bls48; - use amcl::bls48::ecp; - use amcl::bls48::mpin256; - - pub const PERMITS: bool = true; - pub const PINERROR: bool = true; - pub const FULL: bool = true; - //pub const SINGLE_PASS:bool=false; - - const EFS: usize = mpin256::EFS; - const EGS: usize = mpin256::EGS; - - let mut s: [u8; EGS] = [0; EGS]; - const RM: usize = EFS as usize; - let mut hcid: [u8; RM] = [0; RM]; - let mut hsid: [u8; RM] = [0; RM]; - - const G1S: usize = 2 * EFS + 1; /* Group 1 Size */ - const G2S: usize = 16 * EFS; /* Group 2 Size */ - const EAS: usize = ecp::AESKEY; - - let mut sst: [u8; G2S] = [0; G2S]; - let mut token: [u8; G1S] = [0; G1S]; - let mut permit: [u8; G1S] = [0; G1S]; - let mut g1: [u8; 48 * EFS] = [0; 48 * EFS]; - let mut g2: [u8; 48 * EFS] = [0; 48 * EFS]; - let mut xid: [u8; G1S] = [0; G1S]; - let mut xcid: [u8; G1S] = [0; G1S]; - let mut x: [u8; EGS] = [0; EGS]; - let mut y: [u8; EGS] = [0; EGS]; - let mut sec: [u8; G1S] = [0; G1S]; - let mut r: [u8; EGS] = [0; EGS]; - let mut z: [u8; G1S] = [0; G1S]; - let mut hid: [u8; G1S] = [0; G1S]; - let mut htid: [u8; G1S] = [0; G1S]; - let mut rhid: [u8; G1S] = [0; G1S]; - let mut w: [u8; EGS] = [0; EGS]; - let mut t: [u8; G1S] = [0; G1S]; - let mut e: [u8; 48 * EFS] = [0; 48 * EFS]; - let mut f: [u8; 48 * EFS] = [0; 48 * EFS]; - let mut h: [u8; RM] = [0; RM]; - let mut ck: [u8; EAS] = [0; EAS]; - let mut sk: [u8; EAS] = [0; EAS]; - - let sha = ecp::HASH_TYPE; - - println!("\nTesting MPIN - PIN is 1234"); - /* Trusted Authority set-up */ - - mpin256::random_generate(&mut rng, &mut s); - print!("Master Secret s: 0x"); - printbinary(&s); - - /* Create Client Identity */ - let name = "[email protected]"; - let client_id = name.as_bytes(); - - print!("Client ID= "); - printbinary(&client_id); - - mpin256::hash_id(sha, &client_id, &mut hcid); /* Either Client or TA calculates Hash(ID) - you decide! */ - - /* Client and Server are issued secrets by DTA */ - mpin256::get_server_secret(&s, &mut sst); - print!("Server Secret SS: 0x"); - printbinary(&sst); - - mpin256::get_client_secret(&mut s, &hcid, &mut token); - print!("Client Secret CS: 0x"); - printbinary(&token); - - /* Client extracts PIN from secret to create Token */ - let pin: i32 = 1234; - println!("Client extracts PIN= {}", pin); - let mut rtn = mpin256::extract_pin(sha, &client_id, pin, &mut token); - if rtn != 0 { - println!("FAILURE: EXTRACT_PIN rtn: {}", rtn); - } - - print!("Client Token TK: 0x"); - printbinary(&token); - - if FULL { - mpin256::precompute(&token, &hcid, &mut g1, &mut g2); - } - - let mut date = 0; - if PERMITS { - date = mpin256::today(); - /* Client gets "Time Token" permit from DTA */ - - mpin256::get_client_permit(sha, date, &s, &hcid, &mut permit); - print!("Time Permit TP: 0x"); - printbinary(&permit); - - /* This encoding makes Time permit look random - Elligator squared */ - mpin256::encoding(&mut rng, &mut permit); - print!("Encoded Time Permit TP: 0x"); - printbinary(&permit); - mpin256::decoding(&mut permit); - print!("Decoded Time Permit TP: 0x"); - printbinary(&permit); - } - - print!("\nPIN= "); - let _ = io::Write::flush(&mut io::stdout()); - let mut input_text = String::new(); - let _ = io::stdin().read_line(&mut input_text); - - let pin = input_text.trim().parse::<usize>().unwrap(); - - println!("MPIN Multi Pass"); - /* Send U=x.ID to server, and recreate secret from token and pin */ - rtn = mpin256::client_1( - sha, - date, - &client_id, - Some(&mut rng), - &mut x, - pin, - &token, - &mut sec, - Some(&mut xid[..]), - Some(&mut xcid[..]), - Some(&permit[..]), - ); - if rtn != 0 { - println!("FAILURE: CLIENT_1 rtn: {}", rtn); - } - - if FULL { - mpin256::hash_id(sha, &client_id, &mut hcid); - mpin256::get_g1_multiple(Some(&mut rng), 1, &mut r, &hcid, &mut z); /* Also Send Z=r.ID to Server, remember random r */ - } - - /* Server calculates H(ID) and H(T|H(ID)) (if time mpin256::PERMITS enabled), and maps them to points on the curve HID and HTID resp. */ - - mpin256::server_1(sha, date, &client_id, &mut hid, Some(&mut htid[..])); - - if date != 0 { - rhid.clone_from_slice(&htid[..]); - } else { - rhid.clone_from_slice(&hid[..]); - } - - /* Server generates Random number Y and sends it to Client */ - mpin256::random_generate(&mut rng, &mut y); - - if FULL { - mpin256::hash_id(sha, &client_id, &mut hsid); - mpin256::get_g1_multiple(Some(&mut rng), 0, &mut w, &rhid, &mut t); /* Also send T=w.ID to client, remember random w */ - } - - /* Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */ - rtn = mpin256::client_2(&x, &y, &mut sec); - if rtn != 0 { - println!("FAILURE: CLIENT_2 rtn: {}", rtn); - } - - /* Server Second pass. Inputs hashed client id, random Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */ - /* If PIN error not required, set E and F = null */ - - if !PINERROR { - rtn = mpin256::server_2( - date, - &hid, - Some(&htid[..]), - &y, - &sst, - Some(&xid[..]), - Some(&xcid[..]), - &sec, - None, - None, - ); - } else { - rtn = mpin256::server_2( - date, - &hid, - Some(&htid[..]), - &y, - &sst, - Some(&xid[..]), - Some(&xcid[..]), - &sec, - Some(&mut e), - Some(&mut f), - ); - } - - if rtn == mpin256::BAD_PIN { - println!("Server says - Bad Pin. I don't know you. Feck off."); - if PINERROR { - let err = mpin256::kangaroo(&e, &f); - if err != 0 { - println!("(Client PIN is out by {})", err) - } - } - return; - } else { - println!("Server says - PIN is good! You really are {}", name); - } - - if FULL { - let mut pxcid = None; - if PERMITS { - pxcid = Some(&xcid[..]) - }; - - mpin256::hash_all(sha, &hcid, &xid, pxcid, &sec, &y, &z, &t, &mut h); - mpin256::client_key(sha, &g1, &g2, pin, &r, &x, &h, &t, &mut ck); - print!("Client Key = 0x"); - printbinary(&ck); - - mpin256::hash_all(sha, &hsid, &xid, pxcid, &sec, &y, &z, &t, &mut h); - mpin256::server_key(sha, &z, &sst, &w, &h, &hid, &xid, pxcid, &mut sk); - print!("Server Key = 0x"); - printbinary(&sk); - } -} - -fn rsa_2048(mut rng: &mut RAND) { - //use amcl::rsa2048; - use amcl::rsa2048::ff; - use amcl::rsa2048::rsa; - - let sha = rsa::HASH_TYPE; - let message: &[u8] = b"Hello World\n"; - const RFS: usize = rsa::RFS; - - let mut pbc = rsa::new_public_key(ff::FFLEN); - let mut prv = rsa::new_private_key(ff::HFLEN); - - let mut ml: [u8; RFS] = [0; RFS]; - let mut ms: [u8; RFS] = [0; RFS]; - let mut c: [u8; RFS] = [0; RFS]; - let mut s: [u8; RFS] = [0; RFS]; - let mut e: [u8; RFS] = [0; RFS]; - - println!("\nTesting RSA"); - println!("Generating public/private key pair"); - rsa::key_pair(&mut rng, 65537, &mut prv, &mut pbc); - - println!("Encrypting test string\n"); - rsa::oaep_encode(sha, &message, &mut rng, None, &mut e); /* OAEP encode message M to E */ - - rsa::encrypt(&pbc, &e, &mut c); /* encrypt encoded message */ - print!("Ciphertext= 0x"); - printbinary(&c); - - println!("Decrypting test string"); - rsa::decrypt(&prv, &c, &mut ml); - let mlen = rsa::oaep_decode(sha, None, &mut ml); /* OAEP decode message */ - - let mess = str::from_utf8(&ml[0..mlen]).unwrap(); - print!("{}", &mess); - - println!("Signing message"); - rsa::pkcs15(sha, message, &mut c); - - rsa::decrypt(&prv, &c, &mut s); /* create signature in S */ - - print!("Signature= 0x"); - printbinary(&s); - - rsa::encrypt(&pbc, &s, &mut ms); - - let mut cmp = true; - if c.len() != ms.len() { - cmp = false; - } else { - for j in 0..c.len() { - if c[j] != ms[j] { - cmp = false - } - } - } - if cmp { - println!("Signature is valid"); - } else { - println!("Signature is INVALID"); - } - - rsa::private_key_kill(&mut prv); -} - -//#[test] -fn main() { - let mut raw: [u8; 100] = [0; 100]; - - let mut rng = RAND::new(); - rng.clean(); - for i in 0..100 { - raw[i] = i as u8 - } - - rng.seed(100, &raw); - - ecdh_ed25519(&mut rng); - ecdh_nist256(&mut rng); - ecdh_goldilocks(&mut rng); - mpin_bn254(&mut rng); - mpin_bls383(&mut rng); - mpin_bls24(&mut rng); - mpin_bls48(&mut rng); - rsa_2048(&mut rng); -} diff --git a/TestBLS.rs b/TestBLS.rs deleted file mode 100644 index 1a54ee4..0000000 --- a/TestBLS.rs +++ /dev/null @@ -1,190 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -extern crate amcl; - -use amcl::rand::RAND; - -pub fn printbinary(array: &[u8]) { - for i in 0..array.len() { - print!("{:02X}", array[i]) - } - println!("") -} - -fn bls_bn254(mut rng: &mut RAND) { - use amcl::bn254::bls; - - const BFS: usize = bls::BFS; - const BGS: usize = bls::BGS; - - let mut s: [u8; BGS] = [0; BGS]; - - const G1S: usize = BFS + 1; /* Group 1 Size */ - const G2S: usize = 4 * BFS; /* Group 2 Size */ - - let mut w: [u8; G2S] = [0; G2S]; - let mut sig: [u8; G1S] = [0; G1S]; - - let m = String::from("This is a test message"); - - bls::key_pair_generate(&mut rng, &mut s, &mut w); - print!("Private key : 0x"); - printbinary(&s); - print!("Public key : 0x"); - printbinary(&w); - - bls::sign(&mut sig, &m, &s); - print!("Signature : 0x"); - printbinary(&sig); - - let res = bls::verify(&sig, &m, &w); - if res == 0 { - println!("Signature is OK"); - } else { - println!("Signature is *NOT* OK"); - } -} - -fn bls_bls383(mut rng: &mut RAND) { - use amcl::bls383::bls; - - const BFS: usize = bls::BFS; - const BGS: usize = bls::BGS; - - let mut s: [u8; BGS] = [0; BGS]; - - const G1S: usize = BFS + 1; /* Group 1 Size */ - const G2S: usize = 4 * BFS; /* Group 2 Size */ - - let mut w: [u8; G2S] = [0; G2S]; - let mut sig: [u8; G1S] = [0; G1S]; - - let m = String::from("This is a test message"); - - bls::key_pair_generate(&mut rng, &mut s, &mut w); - print!("Private key : 0x"); - printbinary(&s); - print!("Public key : 0x"); - printbinary(&w); - - bls::sign(&mut sig, &m, &s); - print!("Signature : 0x"); - printbinary(&sig); - - let res = bls::verify(&sig, &m, &w); - if res == 0 { - println!("Signature is OK"); - } else { - println!("Signature is *NOT* OK"); - } -} - -fn bls_bls24(mut rng: &mut RAND) { - use amcl::bls24::bls192; - - const BFS: usize = bls192::BFS; - const BGS: usize = bls192::BGS; - - let mut s: [u8; BGS] = [0; BGS]; - - const G1S: usize = BFS + 1; /* Group 1 Size */ - const G2S: usize = 8 * BFS; /* Group 2 Size */ - - let mut w: [u8; G2S] = [0; G2S]; - let mut sig: [u8; G1S] = [0; G1S]; - - let m = String::from("This is a test message"); - - bls192::key_pair_generate(&mut rng, &mut s, &mut w); - print!("Private key : 0x"); - printbinary(&s); - print!("Public key : 0x"); - printbinary(&w); - - bls192::sign(&mut sig, &m, &s); - print!("Signature : 0x"); - printbinary(&sig); - - let res = bls192::verify(&sig, &m, &w); - if res == 0 { - println!("Signature is OK"); - } else { - println!("Signature is *NOT* OK"); - } -} - -fn bls_bls48(mut rng: &mut RAND) { - use amcl::bls48::bls256; - - const BFS: usize = bls256::BFS; - const BGS: usize = bls256::BGS; - - let mut s: [u8; BGS] = [0; BGS]; - - const G1S: usize = BFS + 1; /* Group 1 Size */ - const G2S: usize = 16 * BFS; /* Group 2 Size */ - - let mut w: [u8; G2S] = [0; G2S]; - let mut sig: [u8; G1S] = [0; G1S]; - - let m = String::from("This is a test message"); - - bls256::key_pair_generate(&mut rng, &mut s, &mut w); - print!("Private key : 0x"); - printbinary(&s); - print!("Public key : 0x"); - printbinary(&w); - - bls256::sign(&mut sig, &m, &s); - print!("Signature : 0x"); - printbinary(&sig); - - let res = bls256::verify(&sig, &m, &w); - if res == 0 { - println!("Signature is OK"); - } else { - println!("Signature is *NOT* OK"); - } -} - -fn main() { - use amcl::arch; - - let mut raw: [u8; 100] = [0; 100]; - - let mut rng = RAND::new(); - rng.clean(); - for i in 0..100 { - raw[i] = i as u8 - } - - rng.seed(100, &raw); - - println!("{} bit build", arch::CHUNK); - - println!("Testing BLS signature for curve BN254"); - bls_bn254(&mut rng); - println!("\nTesting BLS signature for curve BLS383"); - bls_bls383(&mut rng); - println!("\nTesting BLS signature for curve BLS24"); - bls_bls24(&mut rng); - println!("\nTesting BLS signature for curve BLS48"); - bls_bls48(&mut rng); -} diff --git a/TestNHS.rs b/TestNHS.rs deleted file mode 100644 index 4e7ed02..0000000 --- a/TestNHS.rs +++ /dev/null @@ -1,77 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -// TestNHS.rs - Tests NewHope Simple API - -// See https://eprint.iacr.org/2016/1157 (Alkim, Ducas, Popplemann and Schwabe) - -// rustc TestNHS.rs --extern amcl=libamcl.rlib - -extern crate amcl; - -//use std::str; -//use std::io; - -use amcl::rand::RAND; -//use amcl::aes; -use amcl::nhs; - -//#[test] -fn main() -{ - let mut raw:[u8;100]=[0;100]; - - let mut srng=RAND::new(); - srng.clean(); - for i in 0..100 {raw[i]=(i+1) as u8} - - srng.seed(100,&raw); - - - let mut crng=RAND::new(); - crng.clean(); - for i in 0..100 {raw[i]=(i+2) as u8} - - crng.seed(100,&raw); - - - let mut ss:[u8;1792]=[0;1792]; - let mut sb:[u8;1824]=[0;1824]; - let mut uc:[u8;2176]=[0;2176]; - - let mut keya:[u8;32]=[0;32]; - let mut keyb:[u8;32]=[0;32]; - - nhs::server_1(&mut srng,&mut sb,&mut ss); - - nhs::client(&mut crng,&sb,&mut uc,&mut keyb); - - nhs::server_2(&ss,&uc,&mut keya); - - for i in 0..keya.len() { - print!("{:02X}", keya[i]); - } - println!(""); - - for i in 0..keyb.len() { - print!("{:02X}", keyb[i]); - } - println!(""); - -} \ No newline at end of file diff --git a/readme.md b/readme.md index 036defc..17091d5 100644 --- a/readme.md +++ b/readme.md @@ -76,7 +76,7 @@ Full list of features: * secp256k1 * Pairing-Friendly Elliptic Curves * bn254 - * bn254CX + * bn254cx * bls383 * bls381 * fp256BN diff --git a/src/bls.rs b/src/bls.rs index 07b8353..98c9a8b 100644 --- a/src/bls.rs +++ b/src/bls.rs @@ -54,7 +54,7 @@ fn bls_hashit(m: &str) -> ECP { pub fn key_pair_generate(mut rng: &mut RAND, s: &mut [u8], w: &mut [u8]) -> isize { let q = Big::new_ints(&rom::CURVE_ORDER); let g = ECP2::generator(); - let mut sc = Big::randomnum(&q, &mut rng); + let sc = Big::randomnum(&q, &mut rng); sc.tobytes(s); pair::g2mul(&g, &sc).tobytes(w); BLS_OK @@ -91,3 +91,41 @@ pub fn verify(sig: &[u8], m: &str, w: &[u8]) -> isize { } BLS_FAIL } + +#[cfg(test)] +mod tests { + use super::*; + use crate::test_utils::*; + + #[test] + fn test_bls() { + let mut rng = create_rng(); + + let mut s: [u8; BGS] = [0; BGS]; + + const G1S: usize = BFS + 1; /* Group 1 Size */ + const G2S: usize = 4 * BFS; /* Group 2 Size */ + + let mut w: [u8; G2S] = [0; G2S]; + let mut sig: [u8; G1S] = [0; G1S]; + + let m = String::from("This is a test message"); + + key_pair_generate(&mut rng, &mut s, &mut w); + print!("Private key : 0x"); + printbinary(&s); + print!("Public key : 0x"); + printbinary(&w); + + sign(&mut sig, &m, &s); + print!("Signature : 0x"); + printbinary(&sig); + + let res = verify(&sig, &m, &w); + if res == 0 { + println!("Signature is OK"); + } else { + println!("Signature is *NOT* OK"); + } + } +} diff --git a/src/bls192.rs b/src/bls192.rs index 3654452..fb8e836 100644 --- a/src/bls192.rs +++ b/src/bls192.rs @@ -93,3 +93,41 @@ pub fn verify(sig: &[u8], m: &str, w: &[u8]) -> isize { } BLS_FAIL } + +#[cfg(test)] +mod tests { + use super::*; + use crate::test_utils::*; + + #[test] + fn test_bls() { + let mut rng = create_rng(); + + let mut s: [u8; BGS] = [0; BGS]; + + const G1S: usize = BFS + 1; /* Group 1 Size */ + const G2S: usize = 4 * BFS; /* Group 2 Size */ + + let mut w: [u8; G2S] = [0; G2S]; + let mut sig: [u8; G1S] = [0; G1S]; + + let m = String::from("This is a test message"); + + key_pair_generate(&mut rng, &mut s, &mut w); + print!("Private key : 0x"); + printbinary(&s); + print!("Public key : 0x"); + printbinary(&w); + + sign(&mut sig, &m, &s); + print!("Signature : 0x"); + printbinary(&sig); + + let res = verify(&sig, &m, &w); + if res == 0 { + println!("Signature is OK"); + } else { + println!("Signature is *NOT* OK"); + } + } +} diff --git a/src/bls256.rs b/src/bls256.rs index c3722f3..b36566c 100644 --- a/src/bls256.rs +++ b/src/bls256.rs @@ -91,3 +91,41 @@ pub fn verify(sig: &[u8], m: &str, w: &[u8]) -> isize { } BLS_FAIL } + +#[cfg(test)] +mod tests { + use super::*; + use crate::test_utils::*; + + #[test] + fn test_bls() { + let mut rng = create_rng(); + + let mut s: [u8; BGS] = [0; BGS]; + + const G1S: usize = BFS + 1; /* Group 1 Size */ + const G2S: usize = 4 * BFS; /* Group 2 Size */ + + let mut w: [u8; G2S] = [0; G2S]; + let mut sig: [u8; G1S] = [0; G1S]; + + let m = String::from("This is a test message"); + + key_pair_generate(&mut rng, &mut s, &mut w); + print!("Private key : 0x"); + printbinary(&s); + print!("Public key : 0x"); + printbinary(&w); + + sign(&mut sig, &m, &s); + print!("Signature : 0x"); + printbinary(&sig); + + let res = verify(&sig, &m, &w); + if res == 0 { + println!("Signature is OK"); + } else { + println!("Signature is *NOT* OK"); + } + } +} diff --git a/src/ecdh.rs b/src/ecdh.rs index 12aa34e..7a84d6b 100644 --- a/src/ecdh.rs +++ b/src/ecdh.rs @@ -745,3 +745,159 @@ pub fn ecies_decrypt( m } + +#[cfg(test)] +mod tests { + use super::*; + use crate::test_utils::*; + use crate::types::CurveType; + + #[test] + fn test_ecdh() { + + let mut rng = create_rng(); + + let pw = "M0ng00se"; + let pp: &[u8] = b"M0ng00se"; + const EAS: usize = ecp::AESKEY; + + let sha = ecp::HASH_TYPE; + let mut salt: [u8; 8] = [0; 8]; + let mut s1: [u8; EGS] = [0; EGS]; + let mut w0: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; + let mut w1: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; + let mut z0: [u8; EFS] = [0; EFS]; + let mut z1: [u8; EFS] = [0; EFS]; + let mut key: [u8; EAS] = [0; EAS]; + let mut cs: [u8; EGS] = [0; EGS]; + let mut ds: [u8; EGS] = [0; EGS]; + let mut m: Vec<u8> = vec![0; 32]; // array that could be of any length. So use heap. + let mut p1: [u8; 3] = [0; 3]; + let mut p2: [u8; 4] = [0; 4]; + let mut v: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; + let mut t: [u8; 12] = [0; 12]; + + for i in 0..8 { + salt[i] = (i + 1) as u8 + } // set Salt + + println!("\nTesting ECDH/ECDSA/ECIES"); + println!("Alice's Passphrase= {}", pw); + + let mut s0: [u8; EFS] = [0; EGS]; + pbkdf2(sha, pp, &salt, 1000, EGS, &mut s0); + + print!("Alice's private key= 0x"); + printbinary(&s0); + + /* Generate Key pair S/W */ + key_pair_generate(None, &mut s0, &mut w0); + + print!("Alice's public key= 0x"); + printbinary(&w0); + + let mut res = public_key_validate(&w0); + if res != 0 { + println!("ECP Public Key is invalid!"); + return; + } + + /* Random private key for other party */ + key_pair_generate(Some(&mut rng), &mut s1, &mut w1); + + print!("Servers private key= 0x"); + printbinary(&s1); + + print!("Servers public key= 0x"); + printbinary(&w1); + + res = public_key_validate(&w1); + if res != 0 { + println!("ECP Public Key is invalid!"); + return; + } + /* Calculate common key using DH - IEEE 1363 method */ + + ecpsvdp_dh(&s0, &w1, &mut z0); + ecpsvdp_dh(&s1, &w0, &mut z1); + + let mut same = true; + for i in 0..EFS { + if z0[i] != z1[i] { + same = false + } + } + + if !same { + println!("*** ECPSVDP-DH Failed"); + return; + } + + kdf2(sha, &z0, None, EAS, &mut key); + + print!("Alice's DH Key= 0x"); + printbinary(&key); + print!("Servers DH Key= 0x"); + printbinary(&key); + + if ecp::CURVETYPE != CurveType::Montgomery { + for i in 0..17 { + m[i] = i as u8 + } + + println!("Testing ECIES"); + + p1[0] = 0x0; + p1[1] = 0x1; + p1[2] = 0x2; + p2[0] = 0x0; + p2[1] = 0x1; + p2[2] = 0x2; + p2[3] = 0x3; + + let cc = ecies_encrypt(sha, &p1, &p2, &mut rng, &w1, &m[0..17], &mut v, &mut t); + + if let Some(mut c) = cc { + println!("Ciphertext= "); + print!("V= 0x"); + printbinary(&v); + print!("C= 0x"); + printbinary(&c); + print!("T= 0x"); + printbinary(&t); + + let mm = ecies_decrypt(sha, &p1, &p2, &v, &mut c, &t, &s1); + if let Some(rm) = mm { + println!("Decryption succeeded"); + print!("Message is 0x"); + printbinary(&rm); + } else { + println!("*** ECIES Decryption Failed"); + return; + } + } else { + println!("*** ECIES Encryption Failed"); + return; + } + + println!("Testing ECDSA"); + + if ecpsp_dsa(sha, &mut rng, &s0, &m[0..17], &mut cs, &mut ds) != 0 { + println!("***ECDSA Signature Failed"); + return; + } + println!("Signature= "); + print!("C= 0x"); + printbinary(&cs); + print!("D= 0x"); + printbinary(&ds); + + if ecpvp_dsa(sha, &w0, &m[0..17], &cs, &ds) != 0 { + println!("***ECDSA Verification Failed"); + return; + } else { + println!("ECDSA Signature/Verification succeeded ") + } + } + } +} diff --git a/src/ecp.rs b/src/ecp.rs index b779e2d..07e19be 100644 --- a/src/ecp.rs +++ b/src/ecp.rs @@ -77,7 +77,7 @@ impl ECP { E.y.bcopy(iy); E.z.one(); E.x.norm(); - let mut rhs = ECP::rhs(&E.x); + let rhs = ECP::rhs(&E.x); if CURVETYPE == CurveType::Montgomery { if rhs.jacobi() != 1 { E.inf(); diff --git a/src/gcm.rs b/src/gcm.rs index b2c293f..6642781 100644 --- a/src/gcm.rs +++ b/src/gcm.rs @@ -22,8 +22,6 @@ const GCM_ACCEPTING_HEADER: usize = 0; const GCM_ACCEPTING_CIPHER: usize = 1; const GCM_NOT_ACCEPTING_MORE: usize = 2; const GCM_FINISHED: usize = 3; -const GCM_ENCRYPTING: usize = 0; -const GCM_DECRYPTING: usize = 1; use crate::aes; use crate::aes::AES; diff --git a/src/lib.rs b/src/lib.rs index c68a165..9849b2b 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -467,14 +467,14 @@ pub mod ed25519 { pub mod fp; } -#[cfg(feature = "bn254CX")] +#[cfg(feature = "bn254cx")] #[path = "./"] -pub mod bn254CX { +pub mod bn254cx { #[cfg(target_pointer_width = "32")] - #[path = "roms/rom_bn254CX_32.rs"] + #[path = "roms/rom_bn254cx_32.rs"] pub mod rom; #[cfg(target_pointer_width = "64")] - #[path = "roms/rom_bn254CX_64.rs"] + #[path = "roms/rom_bn254cx_64.rs"] pub mod rom; pub mod big; @@ -559,3 +559,6 @@ pub mod rsa4096 { mod rom; pub mod rsa; } + +#[cfg(test)] +pub mod test_utils; diff --git a/src/mpin.rs b/src/mpin.rs index 425d03e..795fc50 100644 --- a/src/mpin.rs +++ b/src/mpin.rs @@ -351,7 +351,7 @@ pub fn recombine_g2(w1: &[u8], w2: &[u8], w: &mut [u8]) -> isize { /* create random secret S */ pub fn random_generate(rng: &mut RAND, s: &mut [u8]) -> isize { let r = Big::new_ints(&rom::CURVE_ORDER); - let mut sc = Big::randomnum(&r, rng); + let sc = Big::randomnum(&r, rng); sc.tobytes(s); return 0; } @@ -942,3 +942,227 @@ pub fn server_key( return 0; } + +#[cfg(test)] +mod tests { + use super::*; + use crate::test_utils::*; + use std::io; + + #[test] + fn test_mpin() { + let mut rng = create_rng(); + + pub const PERMITS: bool = true; + pub const PINERROR: bool = true; + pub const FULL: bool = true; + + let mut s: [u8; EGS] = [0; EGS]; + const RM: usize = EFS as usize; + let mut hcid: [u8; RM] = [0; RM]; + let mut hsid: [u8; RM] = [0; RM]; + + const G1S: usize = 2 * EFS + 1; /* Group 1 Size */ + const G2S: usize = 4 * EFS; /* Group 2 Size */ + const EAS: usize = ecp::AESKEY; + + let mut sst: [u8; G2S] = [0; G2S]; + let mut token: [u8; G1S] = [0; G1S]; + let mut permit: [u8; G1S] = [0; G1S]; + let mut g1: [u8; 12 * EFS] = [0; 12 * EFS]; + let mut g2: [u8; 12 * EFS] = [0; 12 * EFS]; + let mut xid: [u8; G1S] = [0; G1S]; + let mut xcid: [u8; G1S] = [0; G1S]; + let mut x: [u8; EGS] = [0; EGS]; + let mut y: [u8; EGS] = [0; EGS]; + let mut sec: [u8; G1S] = [0; G1S]; + let mut r: [u8; EGS] = [0; EGS]; + let mut z: [u8; G1S] = [0; G1S]; + let mut hid: [u8; G1S] = [0; G1S]; + let mut htid: [u8; G1S] = [0; G1S]; + let mut rhid: [u8; G1S] = [0; G1S]; + let mut w: [u8; EGS] = [0; EGS]; + let mut t: [u8; G1S] = [0; G1S]; + let mut e: [u8; 12 * EFS] = [0; 12 * EFS]; + let mut f: [u8; 12 * EFS] = [0; 12 * EFS]; + let mut h: [u8; RM] = [0; RM]; + let mut ck: [u8; EAS] = [0; EAS]; + let mut sk: [u8; EAS] = [0; EAS]; + + let sha = ecp::HASH_TYPE; + + println!("\nTesting MPIN - PIN is 1234"); + /* Trusted Authority set-up */ + + random_generate(&mut rng, &mut s); + print!("Master Secret s: 0x"); + printbinary(&s); + + /* Create Client Identity */ + let name = "[email protected]"; + let client_id = name.as_bytes(); + + print!("Client ID= "); + printbinary(&client_id); + + hash_id(sha, &client_id, &mut hcid); /* Either Client or TA calculates Hash(ID) - you decide! */ + + /* Client and Server are issued secrets by DTA */ + get_server_secret(&s, &mut sst); + print!("Server Secret SS: 0x"); + printbinary(&sst); + + get_client_secret(&mut s, &hcid, &mut token); + print!("Client Secret CS: 0x"); + printbinary(&token); + + /* Client extracts PIN from secret to create Token */ + let pin: i32 = 1234; + println!("Client extracts PIN= {}", pin); + let mut rtn = extract_pin(sha, &client_id, pin, &mut token); + if rtn != 0 { + println!("FAILURE: EXTRACT_PIN rtn: {}", rtn); + } + + print!("Client Token TK: 0x"); + printbinary(&token); + + if FULL { + precompute(&token, &hcid, &mut g1, &mut g2); + } + + let mut date = 0; + if PERMITS { + date = today(); + /* Client gets "Time Token" permit from DTA */ + + get_client_permit(sha, date, &s, &hcid, &mut permit); + print!("Time Permit TP: 0x"); + printbinary(&permit); + + /* This encoding makes Time permit look random - Elligator squared */ + encoding(&mut rng, &mut permit); + print!("Encoded Time Permit TP: 0x"); + printbinary(&permit); + decoding(&mut permit); + print!("Decoded Time Permit TP: 0x"); + printbinary(&permit); + } + + print!("\nPIN= "); + let _ = io::Write::flush(&mut io::stdout()); + let mut input_text = String::new(); + let _ = io::stdin().read_line(&mut input_text); + + let pin = input_text.trim().parse::<usize>().unwrap(); + + println!("MPIN Multi Pass"); + /* Send U=x.ID to server, and recreate secret from token and pin */ + rtn = client_1( + sha, + date, + &client_id, + Some(&mut rng), + &mut x, + pin, + &token, + &mut sec, + Some(&mut xid[..]), + Some(&mut xcid[..]), + Some(&permit[..]), + ); + if rtn != 0 { + println!("FAILURE: CLIENT_1 rtn: {}", rtn); + } + + if FULL { + hash_id(sha, &client_id, &mut hcid); + get_g1_multiple(Some(&mut rng), 1, &mut r, &hcid, &mut z); /* Also Send Z=r.ID to Server, remember random r */ + } + + /* Server calculates H(ID) and H(T|H(ID)) (if time PERMITS enabled), and maps them to points on the curve HID and HTID resp. */ + + server_1(sha, date, &client_id, &mut hid, Some(&mut htid[..])); + + if date != 0 { + rhid.clone_from_slice(&htid[..]); + } else { + rhid.clone_from_slice(&hid[..]); + } + + /* Server generates Random number Y and sends it to Client */ + random_generate(&mut rng, &mut y); + + if FULL { + hash_id(sha, &client_id, &mut hsid); + get_g1_multiple(Some(&mut rng), 0, &mut w, &rhid, &mut t); /* Also send T=w.ID to client, remember random w */ + } + + /* Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */ + rtn = client_2(&x, &y, &mut sec); + if rtn != 0 { + println!("FAILURE: CLIENT_2 rtn: {}", rtn); + } + + /* Server Second pass. Inputs hashed client id, random Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */ + /* If PIN error not required, set E and F = null */ + + if !PINERROR { + rtn = server_2( + date, + &hid, + Some(&htid[..]), + &y, + &sst, + Some(&xid[..]), + Some(&xcid[..]), + &sec, + None, + None, + ); + } else { + rtn = server_2( + date, + &hid, + Some(&htid[..]), + &y, + &sst, + Some(&xid[..]), + Some(&xcid[..]), + &sec, + Some(&mut e), + Some(&mut f), + ); + } + + if rtn == BAD_PIN { + println!("Server says - Bad Pin. I don't know you. Feck off."); + if PINERROR { + let err = kangaroo(&e, &f); + if err != 0 { + println!("(Client PIN is out by {})", err) + } + } + return; + } else { + println!("Server says - PIN is good! You really are {}", name); + } + + if FULL { + let mut pxcid = None; + if PERMITS { + pxcid = Some(&xcid[..]) + }; + + hash_all(sha, &hcid, &xid, pxcid, &sec, &y, &z, &t, &mut h); + client_key(sha, &g1, &g2, pin, &r, &x, &h, &t, &mut ck); + print!("Client Key = 0x"); + printbinary(&ck); + + hash_all(sha, &hsid, &xid, pxcid, &sec, &y, &z, &t, &mut h); + server_key(sha, &z, &sst, &w, &h, &hid, &xid, pxcid, &mut sk); + print!("Server Key = 0x"); + printbinary(&sk); + } + } +} diff --git a/src/mpin192.rs b/src/mpin192.rs index 63970d1..d2ed7b9 100644 --- a/src/mpin192.rs +++ b/src/mpin192.rs @@ -367,7 +367,7 @@ pub fn recombine_g2(w1: &[u8], w2: &[u8], w: &mut [u8]) -> isize { /* create random secret S */ pub fn random_generate(rng: &mut RAND, s: &mut [u8]) -> isize { let r = Big::new_ints(&rom::CURVE_ORDER); - let mut sc = Big::randomnum(&r, rng); + let sc = Big::randomnum(&r, rng); sc.tobytes(s); return 0; } @@ -957,3 +957,228 @@ pub fn server_key( return 0; } + +#[cfg(test)] +mod tests { + use super::*; + use crate::test_utils::*; + use std::io; + + #[test] + fn test_mpin192() { + let mut rng = create_rng(); + + pub const PERMITS: bool = true; + pub const PINERROR: bool = true; + pub const FULL: bool = true; + //pub const SINGLE_PASS:bool=false; + + let mut s: [u8; EGS] = [0; EGS]; + const RM: usize = EFS as usize; + let mut hcid: [u8; RM] = [0; RM]; + let mut hsid: [u8; RM] = [0; RM]; + + const G1S: usize = 2 * EFS + 1; /* Group 1 Size */ + const G2S: usize = 16 * EFS; /* Group 2 Size */ + const EAS: usize = ecp::AESKEY; + + let mut sst: [u8; G2S] = [0; G2S]; + let mut token: [u8; G1S] = [0; G1S]; + let mut permit: [u8; G1S] = [0; G1S]; + let mut g1: [u8; 48 * EFS] = [0; 48 * EFS]; + let mut g2: [u8; 48 * EFS] = [0; 48 * EFS]; + let mut xid: [u8; G1S] = [0; G1S]; + let mut xcid: [u8; G1S] = [0; G1S]; + let mut x: [u8; EGS] = [0; EGS]; + let mut y: [u8; EGS] = [0; EGS]; + let mut sec: [u8; G1S] = [0; G1S]; + let mut r: [u8; EGS] = [0; EGS]; + let mut z: [u8; G1S] = [0; G1S]; + let mut hid: [u8; G1S] = [0; G1S]; + let mut htid: [u8; G1S] = [0; G1S]; + let mut rhid: [u8; G1S] = [0; G1S]; + let mut w: [u8; EGS] = [0; EGS]; + let mut t: [u8; G1S] = [0; G1S]; + let mut e: [u8; 48 * EFS] = [0; 48 * EFS]; + let mut f: [u8; 48 * EFS] = [0; 48 * EFS]; + let mut h: [u8; RM] = [0; RM]; + let mut ck: [u8; EAS] = [0; EAS]; + let mut sk: [u8; EAS] = [0; EAS]; + + let sha = ecp::HASH_TYPE; + + println!("\nTesting MPIN - PIN is 1234"); + /* Trusted Authority set-up */ + + random_generate(&mut rng, &mut s); + print!("Master Secret s: 0x"); + printbinary(&s); + + /* Create Client Identity */ + let name = "[email protected]"; + let client_id = name.as_bytes(); + + print!("Client ID= "); + printbinary(&client_id); + + hash_id(sha, &client_id, &mut hcid); /* Either Client or TA calculates Hash(ID) - you decide! */ + + /* Client and Server are issued secrets by DTA */ + get_server_secret(&s, &mut sst); + print!("Server Secret SS: 0x"); + printbinary(&sst); + + get_client_secret(&mut s, &hcid, &mut token); + print!("Client Secret CS: 0x"); + printbinary(&token); + + /* Client extracts PIN from secret to create Token */ + let pin: i32 = 1234; + println!("Client extracts PIN= {}", pin); + let mut rtn = extract_pin(sha, &client_id, pin, &mut token); + if rtn != 0 { + println!("FAILURE: EXTRACT_PIN rtn: {}", rtn); + } + + print!("Client Token TK: 0x"); + printbinary(&token); + + if FULL { + precompute(&token, &hcid, &mut g1, &mut g2); + } + + let mut date = 0; + if PERMITS { + date = today(); + /* Client gets "Time Token" permit from DTA */ + + get_client_permit(sha, date, &s, &hcid, &mut permit); + print!("Time Permit TP: 0x"); + printbinary(&permit); + + /* This encoding makes Time permit look random - Elligator squared */ + encoding(&mut rng, &mut permit); + print!("Encoded Time Permit TP: 0x"); + printbinary(&permit); + decoding(&mut permit); + print!("Decoded Time Permit TP: 0x"); + printbinary(&permit); + } + + print!("\nPIN= "); + let _ = io::Write::flush(&mut io::stdout()); + let mut input_text = String::new(); + let _ = io::stdin().read_line(&mut input_text); + + let pin = input_text.trim().parse::<usize>().unwrap(); + + println!("MPIN Multi Pass"); + /* Send U=x.ID to server, and recreate secret from token and pin */ + rtn = client_1( + sha, + date, + &client_id, + Some(&mut rng), + &mut x, + pin, + &token, + &mut sec, + Some(&mut xid[..]), + Some(&mut xcid[..]), + Some(&permit[..]), + ); + if rtn != 0 { + println!("FAILURE: CLIENT_1 rtn: {}", rtn); + } + + if FULL { + hash_id(sha, &client_id, &mut hcid); + get_g1_multiple(Some(&mut rng), 1, &mut r, &hcid, &mut z); /* Also Send Z=r.ID to Server, remember random r */ + } + + /* Server calculates H(ID) and H(T|H(ID)) (if time PERMITS enabled), and maps them to points on the curve HID and HTID resp. */ + + server_1(sha, date, &client_id, &mut hid, Some(&mut htid[..])); + + if date != 0 { + rhid.clone_from_slice(&htid[..]); + } else { + rhid.clone_from_slice(&hid[..]); + } + + /* Server generates Random number Y and sends it to Client */ + random_generate(&mut rng, &mut y); + + if FULL { + hash_id(sha, &client_id, &mut hsid); + get_g1_multiple(Some(&mut rng), 0, &mut w, &rhid, &mut t); /* Also send T=w.ID to client, remember random w */ + } + + /* Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */ + rtn = client_2(&x, &y, &mut sec); + if rtn != 0 { + println!("FAILURE: CLIENT_2 rtn: {}", rtn); + } + + /* Server Second pass. Inputs hashed client id, random Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */ + /* If PIN error not required, set E and F = null */ + + if !PINERROR { + rtn = server_2( + date, + &hid, + Some(&htid[..]), + &y, + &sst, + Some(&xid[..]), + Some(&xcid[..]), + &sec, + None, + None, + ); + } else { + rtn = server_2( + date, + &hid, + Some(&htid[..]), + &y, + &sst, + Some(&xid[..]), + Some(&xcid[..]), + &sec, + Some(&mut e), + Some(&mut f), + ); + } + + if rtn == BAD_PIN { + println!("Server says - Bad Pin. I don't know you. Feck off."); + if PINERROR { + let err = kangaroo(&e, &f); + if err != 0 { + println!("(Client PIN is out by {})", err) + } + } + return; + } else { + println!("Server says - PIN is good! You really are {}", name); + } + + if FULL { + let mut pxcid = None; + if PERMITS { + pxcid = Some(&xcid[..]) + }; + + hash_all(sha, &hcid, &xid, pxcid, &sec, &y, &z, &t, &mut h); + client_key(sha, &g1, &g2, pin, &r, &x, &h, &t, &mut ck); + print!("Client Key = 0x"); + printbinary(&ck); + + hash_all(sha, &hsid, &xid, pxcid, &sec, &y, &z, &t, &mut h); + server_key(sha, &z, &sst, &w, &h, &hid, &xid, pxcid, &mut sk); + print!("Server Key = 0x"); + printbinary(&sk); + } + } +} diff --git a/src/mpin256.rs b/src/mpin256.rs index 5f9cee9..65a06d9 100644 --- a/src/mpin256.rs +++ b/src/mpin256.rs @@ -400,7 +400,7 @@ pub fn recombine_g2(w1: &[u8], w2: &[u8], w: &mut [u8]) -> isize { /* create random secret S */ pub fn random_generate(rng: &mut RAND, s: &mut [u8]) -> isize { let r = Big::new_ints(&rom::CURVE_ORDER); - let mut sc = Big::randomnum(&r, rng); + let sc = Big::randomnum(&r, rng); sc.tobytes(s); return 0; } @@ -991,3 +991,228 @@ pub fn server_key( return 0; } + +#[cfg(test)] +mod tests { + use super::*; + use crate::test_utils::*; + use std::io; + + #[test] + fn test_mpin256() { + let mut rng = create_rng(); + + pub const PERMITS: bool = true; + pub const PINERROR: bool = true; + pub const FULL: bool = true; + //pub const SINGLE_PASS:bool=false; + + let mut s: [u8; EGS] = [0; EGS]; + const RM: usize = EFS as usize; + let mut hcid: [u8; RM] = [0; RM]; + let mut hsid: [u8; RM] = [0; RM]; + + const G1S: usize = 2 * EFS + 1; /* Group 1 Size */ + const G2S: usize = 16 * EFS; /* Group 2 Size */ + const EAS: usize = ecp::AESKEY; + + let mut sst: [u8; G2S] = [0; G2S]; + let mut token: [u8; G1S] = [0; G1S]; + let mut permit: [u8; G1S] = [0; G1S]; + let mut g1: [u8; 48 * EFS] = [0; 48 * EFS]; + let mut g2: [u8; 48 * EFS] = [0; 48 * EFS]; + let mut xid: [u8; G1S] = [0; G1S]; + let mut xcid: [u8; G1S] = [0; G1S]; + let mut x: [u8; EGS] = [0; EGS]; + let mut y: [u8; EGS] = [0; EGS]; + let mut sec: [u8; G1S] = [0; G1S]; + let mut r: [u8; EGS] = [0; EGS]; + let mut z: [u8; G1S] = [0; G1S]; + let mut hid: [u8; G1S] = [0; G1S]; + let mut htid: [u8; G1S] = [0; G1S]; + let mut rhid: [u8; G1S] = [0; G1S]; + let mut w: [u8; EGS] = [0; EGS]; + let mut t: [u8; G1S] = [0; G1S]; + let mut e: [u8; 48 * EFS] = [0; 48 * EFS]; + let mut f: [u8; 48 * EFS] = [0; 48 * EFS]; + let mut h: [u8; RM] = [0; RM]; + let mut ck: [u8; EAS] = [0; EAS]; + let mut sk: [u8; EAS] = [0; EAS]; + + let sha = ecp::HASH_TYPE; + + println!("\nTesting MPIN - PIN is 1234"); + /* Trusted Authority set-up */ + + random_generate(&mut rng, &mut s); + print!("Master Secret s: 0x"); + printbinary(&s); + + /* Create Client Identity */ + let name = "[email protected]"; + let client_id = name.as_bytes(); + + print!("Client ID= "); + printbinary(&client_id); + + hash_id(sha, &client_id, &mut hcid); /* Either Client or TA calculates Hash(ID) - you decide! */ + + /* Client and Server are issued secrets by DTA */ + get_server_secret(&s, &mut sst); + print!("Server Secret SS: 0x"); + printbinary(&sst); + + get_client_secret(&mut s, &hcid, &mut token); + print!("Client Secret CS: 0x"); + printbinary(&token); + + /* Client extracts PIN from secret to create Token */ + let pin: i32 = 1234; + println!("Client extracts PIN= {}", pin); + let mut rtn = extract_pin(sha, &client_id, pin, &mut token); + if rtn != 0 { + println!("FAILURE: EXTRACT_PIN rtn: {}", rtn); + } + + print!("Client Token TK: 0x"); + printbinary(&token); + + if FULL { + precompute(&token, &hcid, &mut g1, &mut g2); + } + + let mut date = 0; + if PERMITS { + date = today(); + /* Client gets "Time Token" permit from DTA */ + + get_client_permit(sha, date, &s, &hcid, &mut permit); + print!("Time Permit TP: 0x"); + printbinary(&permit); + + /* This encoding makes Time permit look random - Elligator squared */ + encoding(&mut rng, &mut permit); + print!("Encoded Time Permit TP: 0x"); + printbinary(&permit); + decoding(&mut permit); + print!("Decoded Time Permit TP: 0x"); + printbinary(&permit); + } + + print!("\nPIN= "); + let _ = io::Write::flush(&mut io::stdout()); + let mut input_text = String::new(); + let _ = io::stdin().read_line(&mut input_text); + + let pin = input_text.trim().parse::<usize>().unwrap(); + + println!("MPIN Multi Pass"); + /* Send U=x.ID to server, and recreate secret from token and pin */ + rtn = client_1( + sha, + date, + &client_id, + Some(&mut rng), + &mut x, + pin, + &token, + &mut sec, + Some(&mut xid[..]), + Some(&mut xcid[..]), + Some(&permit[..]), + ); + if rtn != 0 { + println!("FAILURE: CLIENT_1 rtn: {}", rtn); + } + + if FULL { + hash_id(sha, &client_id, &mut hcid); + get_g1_multiple(Some(&mut rng), 1, &mut r, &hcid, &mut z); /* Also Send Z=r.ID to Server, remember random r */ + } + + /* Server calculates H(ID) and H(T|H(ID)) (if time PERMITS enabled), and maps them to points on the curve HID and HTID resp. */ + + server_1(sha, date, &client_id, &mut hid, Some(&mut htid[..])); + + if date != 0 { + rhid.clone_from_slice(&htid[..]); + } else { + rhid.clone_from_slice(&hid[..]); + } + + /* Server generates Random number Y and sends it to Client */ + random_generate(&mut rng, &mut y); + + if FULL { + hash_id(sha, &client_id, &mut hsid); + get_g1_multiple(Some(&mut rng), 0, &mut w, &rhid, &mut t); /* Also send T=w.ID to client, remember random w */ + } + + /* Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */ + rtn = client_2(&x, &y, &mut sec); + if rtn != 0 { + println!("FAILURE: CLIENT_2 rtn: {}", rtn); + } + + /* Server Second pass. Inputs hashed client id, random Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */ + /* If PIN error not required, set E and F = null */ + + if !PINERROR { + rtn = server_2( + date, + &hid, + Some(&htid[..]), + &y, + &sst, + Some(&xid[..]), + Some(&xcid[..]), + &sec, + None, + None, + ); + } else { + rtn = server_2( + date, + &hid, + Some(&htid[..]), + &y, + &sst, + Some(&xid[..]), + Some(&xcid[..]), + &sec, + Some(&mut e), + Some(&mut f), + ); + } + + if rtn == BAD_PIN { + println!("Server says - Bad Pin. I don't know you. Feck off."); + if PINERROR { + let err = kangaroo(&e, &f); + if err != 0 { + println!("(Client PIN is out by {})", err) + } + } + return; + } else { + println!("Server says - PIN is good! You really are {}", name); + } + + if FULL { + let mut pxcid = None; + if PERMITS { + pxcid = Some(&xcid[..]) + }; + + hash_all(sha, &hcid, &xid, pxcid, &sec, &y, &z, &t, &mut h); + client_key(sha, &g1, &g2, pin, &r, &x, &h, &t, &mut ck); + print!("Client Key = 0x"); + printbinary(&ck); + + hash_all(sha, &hsid, &xid, pxcid, &sec, &y, &z, &t, &mut h); + server_key(sha, &z, &sst, &w, &h, &hid, &xid, pxcid, &mut sk); + print!("Server Key = 0x"); + printbinary(&sk); + } + } +} diff --git a/src/nhs.rs b/src/nhs.rs index dda49b0..cf0f9c2 100644 --- a/src/nhs.rs +++ b/src/nhs.rs @@ -703,3 +703,53 @@ fn main() { } */ + +#[cfg(test)] +mod tests { + use super::*; + + #[test] + fn test_nhs() { + let mut raw: [u8; 100] = [0; 100]; + + let mut srng = RAND::new(); + srng.clean(); + for i in 0..100 { + raw[i] = (i + 1) as u8 + } + + srng.seed(100, &raw); + + let mut crng = RAND::new(); + crng.clean(); + for i in 0..100 { + raw[i] = (i + 2) as u8 + } + + crng.seed(100, &raw); + + let mut ss: [u8; 1792] = [0; 1792]; + let mut sb: [u8; 1824] = [0; 1824]; + let mut uc: [u8; 2176] = [0; 2176]; + + let mut keya: [u8; 32] = [0; 32]; + let mut keyb: [u8; 32] = [0; 32]; + + server_1(&mut srng, &mut sb, &mut ss); + + client(&mut crng, &sb, &mut uc, &mut keyb); + + server_2(&ss, &uc, &mut keya); + + for i in 0..keya.len() { + print!("{:02X}", keya[i]); + } + println!(""); + + for i in 0..keyb.len() { + print!("{:02X}", keyb[i]); + } + println!(""); + } + +} diff --git a/src/roms/rom_bn254CX_32.rs b/src/roms/rom_bn254cx_32.rs similarity index 99% rename from src/roms/rom_bn254CX_32.rs rename to src/roms/rom_bn254cx_32.rs index a6e7ef8..8884db3 100644 --- a/src/roms/rom_bn254CX_32.rs +++ b/src/roms/rom_bn254cx_32.rs @@ -18,11 +18,11 @@ under the License. */ use super::super::arch::Chunk; -use bn254CX::big::NLEN; +use bn254cx::big::NLEN; use types::{CurvePairingType, CurveType, ModType, SexticTwist, SignOfX}; // Base Bits= 28 -// bn254CX Modulus +// bn254cx Modulus pub const MODULUS: [Chunk; NLEN] = [ 0xC1B55B3, 0x6623EF5, 0x93EE1BE, 0xD6EE180, 0x6D3243F, 0x647A636, 0xDB0BDDF, 0x8702A0, 0x4000000, 0x2, @@ -41,7 +41,7 @@ pub const FRB: [Chunk; NLEN] = [ 0xA6F7D0, 0x1, ]; -// bn254CX Curve +// bn254cx Curve pub const CURVE_COF_I: isize = 1; pub const CURVE_A: isize = 0; pub const CURVE_B_I: isize = 2; diff --git a/src/roms/rom_bn254CX_64.rs b/src/roms/rom_bn254cx_64.rs similarity index 99% rename from src/roms/rom_bn254CX_64.rs rename to src/roms/rom_bn254cx_64.rs index 097e205..8aa4f06 100644 --- a/src/roms/rom_bn254CX_64.rs +++ b/src/roms/rom_bn254cx_64.rs @@ -18,11 +18,11 @@ under the License. */ use super::super::arch::Chunk; -use bn254CX::big::NLEN; +use bn254cx::big::NLEN; use types::{CurvePairingType, CurveType, ModType, SexticTwist, SignOfX}; // Base Bits= 56 -// bn254CX Modulus +// bn254cx Modulus pub const MODULUS: [Chunk; NLEN] = [ 0x6623EF5C1B55B3, 0xD6EE18093EE1BE, @@ -53,7 +53,7 @@ pub const FRB: [Chunk; NLEN] = [ 0x10A6F7D0, ]; -// bn254CX Curve +// bn254cx Curve pub const CURVE_COF_I: isize = 1; pub const CURVE_A: isize = 0; pub const CURVE_B_I: isize = 2; diff --git a/src/rsa.rs b/src/rsa.rs index 1a59f7a..a3022e0 100644 --- a/src/rsa.rs +++ b/src/rsa.rs @@ -467,3 +467,74 @@ pub fn decrypt(prv: &RsaPrivateKey, g: &[u8], f: &mut [u8]) { r.tobytes(f); } + +#[cfg(test)] +mod tests { + use super::*; + use crate::test_utils::*; + use std::str; + + #[test] + fn test_rsa() { + let mut rng = create_rng(); + + let sha = super::HASH_TYPE; + let message: &[u8] = b"Hello World\n"; + const RFS: usize = super::RFS; + + let mut pbc = super::new_public_key(ff::FFLEN); + let mut prv = super::new_private_key(ff::HFLEN); + + let mut ml: [u8; RFS] = [0; RFS]; + let mut ms: [u8; RFS] = [0; RFS]; + let mut c: [u8; RFS] = [0; RFS]; + let mut s: [u8; RFS] = [0; RFS]; + let mut e: [u8; RFS] = [0; RFS]; + + println!("\nTesting RSA"); + println!("Generating public/private key pair"); + super::key_pair(&mut rng, 65537, &mut prv, &mut pbc); + + println!("Encrypting test string\n"); + super::oaep_encode(sha, &message, &mut rng, None, &mut e); /* OAEP encode message M to E */ + + super::encrypt(&pbc, &e, &mut c); /* encrypt encoded message */ + print!("Ciphertext= 0x"); + printbinary(&c); + + println!("Decrypting test string"); + super::decrypt(&prv, &c, &mut ml); + let mlen = super::oaep_decode(sha, None, &mut ml); /* OAEP decode message */ + + let mess = str::from_utf8(&ml[0..mlen]).unwrap(); + print!("{}", &mess); + + println!("Signing message"); + super::pkcs15(sha, message, &mut c); + + super::decrypt(&prv, &c, &mut s); /* create signature in S */ + + print!("Signature= 0x"); + printbinary(&s); + + super::encrypt(&pbc, &s, &mut ms); + + let mut cmp = true; + if c.len() != ms.len() { + cmp = false; + } else { + for j in 0..c.len() { + if c[j] != ms[j] { + cmp = false + } + } + } + if cmp { + println!("Signature is valid"); + } else { + println!("Signature is INVALID"); + } + + super::private_key_kill(&mut prv); + } +} diff --git a/src/test_utils/mod.rs b/src/test_utils/mod.rs new file mode 100644 index 0000000..4c85c50 --- /dev/null +++ b/src/test_utils/mod.rs @@ -0,0 +1,21 @@ +use crate::rand::RAND; + +pub fn printbinary(array: &[u8]) { + for i in 0..array.len() { + print!("{:02X}", array[i]) + } + println!("") +} + +pub fn create_rng() -> RAND { + let mut raw: [u8; 100] = [0; 100]; + + let mut rng = RAND::new(); + rng.clean(); + for i in 0..100 { + raw[i] = i as u8 + } + + rng.seed(100, &raw); + rng +} diff --git a/tests/test_all.rs b/tests/test_all.rs deleted file mode 100644 index c543dac..0000000 --- a/tests/test_all.rs +++ /dev/null @@ -1,1473 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -extern crate amcl; - -use std::io; -use std::str; - -use amcl::rand::RAND; -use amcl::types::CurveType; - -pub fn printbinary(array: &[u8]) { - for i in 0..array.len() { - print!("{:02X}", array[i]) - } - println!("") -} - -fn create_rng() -> RAND { - let mut raw: [u8; 100] = [0; 100]; - - let mut rng = RAND::new(); - rng.clean(); - for i in 0..100 { - raw[i] = i as u8 - } - - rng.seed(100, &raw); - rng -} - -#[test] -fn ecdh_ed25519() { - //use amcl::ed25519; - use amcl::ed25519::ecdh; - use amcl::ed25519::ecp; - - let mut rng = create_rng(); - - let pw = "M0ng00se"; - let pp: &[u8] = b"M0ng00se"; - const EFS: usize = ecdh::EFS; - const EGS: usize = ecdh::EGS; - const EAS: usize = ecp::AESKEY; - - let sha = ecp::HASH_TYPE; - let mut salt: [u8; 8] = [0; 8]; - let mut s1: [u8; EGS] = [0; EGS]; - let mut w0: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; - let mut w1: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; - let mut z0: [u8; EFS] = [0; EFS]; - let mut z1: [u8; EFS] = [0; EFS]; - let mut key: [u8; EAS] = [0; EAS]; - let mut cs: [u8; EGS] = [0; EGS]; - let mut ds: [u8; EGS] = [0; EGS]; - let mut m: Vec<u8> = vec![0; 32]; // array that could be of any length. So use heap. - let mut p1: [u8; 3] = [0; 3]; - let mut p2: [u8; 4] = [0; 4]; - let mut v: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; - let mut t: [u8; 12] = [0; 12]; - - for i in 0..8 { - salt[i] = (i + 1) as u8 - } // set Salt - - println!("\nTesting ECDH/ECDSA/ECIES"); - println!("Alice's Passphrase= {}", pw); - - let mut s0: [u8; EFS] = [0; EGS]; - ecdh::pbkdf2(sha, pp, &salt, 1000, EGS, &mut s0); - - print!("Alice's private key= 0x"); - printbinary(&s0); - - /* Generate Key pair S/W */ - ecdh::key_pair_generate(None, &mut s0, &mut w0); - - print!("Alice's public key= 0x"); - printbinary(&w0); - - let mut res = ecdh::public_key_validate(&w0); - if res != 0 { - println!("ECP Public Key is invalid!"); - return; - } - - /* Random private key for other party */ - ecdh::key_pair_generate(Some(&mut rng), &mut s1, &mut w1); - - print!("Servers private key= 0x"); - printbinary(&s1); - - print!("Servers public key= 0x"); - printbinary(&w1); - - res = ecdh::public_key_validate(&w1); - if res != 0 { - println!("ECP Public Key is invalid!"); - return; - } - /* Calculate common key using DH - IEEE 1363 method */ - - ecdh::ecpsvdp_dh(&s0, &w1, &mut z0); - ecdh::ecpsvdp_dh(&s1, &w0, &mut z1); - - let mut same = true; - for i in 0..EFS { - if z0[i] != z1[i] { - same = false - } - } - - if !same { - println!("*** ECPSVDP-DH Failed"); - return; - } - - ecdh::kdf2(sha, &z0, None, EAS, &mut key); - - print!("Alice's DH Key= 0x"); - printbinary(&key); - print!("Servers DH Key= 0x"); - printbinary(&key); - - if ecp::CURVETYPE != CurveType::Montgomery { - for i in 0..17 { - m[i] = i as u8 - } - - println!("Testing ECIES"); - - p1[0] = 0x0; - p1[1] = 0x1; - p1[2] = 0x2; - p2[0] = 0x0; - p2[1] = 0x1; - p2[2] = 0x2; - p2[3] = 0x3; - - let cc = ecdh::ecies_encrypt(sha, &p1, &p2, &mut rng, &w1, &m[0..17], &mut v, &mut t); - - if let Some(mut c) = cc { - println!("Ciphertext= "); - print!("V= 0x"); - printbinary(&v); - print!("C= 0x"); - printbinary(&c); - print!("T= 0x"); - printbinary(&t); - - let mm = ecdh::ecies_decrypt(sha, &p1, &p2, &v, &mut c, &t, &s1); - if let Some(rm) = mm { - println!("Decryption succeeded"); - print!("Message is 0x"); - printbinary(&rm); - } else { - println!("*** ECIES Decryption Failed"); - return; - } - } else { - println!("*** ECIES Encryption Failed"); - return; - } - - println!("Testing ECDSA"); - - if ecdh::ecpsp_dsa(sha, &mut rng, &s0, &m[0..17], &mut cs, &mut ds) != 0 { - println!("***ECDSA Signature Failed"); - return; - } - println!("Signature= "); - print!("C= 0x"); - printbinary(&cs); - print!("D= 0x"); - printbinary(&ds); - - if ecdh::ecpvp_dsa(sha, &w0, &m[0..17], &cs, &ds) != 0 { - println!("***ECDSA Verification Failed"); - return; - } else { - println!("ECDSA Signature/Verification succeeded ") - } - } -} - -#[test] -fn ecdh_nist256() { - use amcl::nist256::ecdh; - use amcl::nist256::ecp; - - let mut rng = create_rng(); - - let pw = "M0ng00se"; - let pp: &[u8] = b"M0ng00se"; - const EFS: usize = ecdh::EFS; - const EGS: usize = ecdh::EGS; - const EAS: usize = ecp::AESKEY; - - let sha = ecp::HASH_TYPE; - let mut salt: [u8; 8] = [0; 8]; - let mut s1: [u8; EGS] = [0; EGS]; - let mut w0: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; - let mut w1: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; - let mut z0: [u8; EFS] = [0; EFS]; - let mut z1: [u8; EFS] = [0; EFS]; - let mut key: [u8; EAS] = [0; EAS]; - let mut cs: [u8; EGS] = [0; EGS]; - let mut ds: [u8; EGS] = [0; EGS]; - let mut m: Vec<u8> = vec![0; 32]; // array that could be of any length. So use heap. - let mut p1: [u8; 3] = [0; 3]; - let mut p2: [u8; 4] = [0; 4]; - let mut v: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; - let mut t: [u8; 12] = [0; 12]; - - for i in 0..8 { - salt[i] = (i + 1) as u8 - } // set Salt - - println!("\nTesting ECDH/ECDSA/ECIES"); - println!("Alice's Passphrase= {}", pw); - - let mut s0: [u8; EFS] = [0; EGS]; - ecdh::pbkdf2(sha, pp, &salt, 1000, EGS, &mut s0); - - print!("Alice's private key= 0x"); - printbinary(&s0); - - /* Generate Key pair S/W */ - ecdh::key_pair_generate(None, &mut s0, &mut w0); - - print!("Alice's public key= 0x"); - printbinary(&w0); - - let mut res = ecdh::public_key_validate(&w0); - if res != 0 { - println!("ECP Public Key is invalid!"); - return; - } - - /* Random private key for other party */ - ecdh::key_pair_generate(Some(&mut rng), &mut s1, &mut w1); - - print!("Servers private key= 0x"); - printbinary(&s1); - - print!("Servers public key= 0x"); - printbinary(&w1); - - res = ecdh::public_key_validate(&w1); - if res != 0 { - println!("ECP Public Key is invalid!"); - return; - } - /* Calculate common key using DH - IEEE 1363 method */ - - ecdh::ecpsvdp_dh(&s0, &w1, &mut z0); - ecdh::ecpsvdp_dh(&s1, &w0, &mut z1); - - let mut same = true; - for i in 0..EFS { - if z0[i] != z1[i] { - same = false - } - } - - if !same { - println!("*** ECPSVDP-DH Failed"); - return; - } - - ecdh::kdf2(sha, &z0, None, EAS, &mut key); - - print!("Alice's DH Key= 0x"); - printbinary(&key); - print!("Servers DH Key= 0x"); - printbinary(&key); - - if ecp::CURVETYPE != CurveType::Montgomery { - for i in 0..17 { - m[i] = i as u8 - } - - println!("Testing ECIES"); - - p1[0] = 0x0; - p1[1] = 0x1; - p1[2] = 0x2; - p2[0] = 0x0; - p2[1] = 0x1; - p2[2] = 0x2; - p2[3] = 0x3; - - let cc = ecdh::ecies_encrypt(sha, &p1, &p2, &mut rng, &w1, &m[0..17], &mut v, &mut t); - - if let Some(mut c) = cc { - println!("Ciphertext= "); - print!("V= 0x"); - printbinary(&v); - print!("C= 0x"); - printbinary(&c); - print!("T= 0x"); - printbinary(&t); - - let mm = ecdh::ecies_decrypt(sha, &p1, &p2, &v, &mut c, &t, &s1); - if let Some(rm) = mm { - println!("Decryption succeeded"); - print!("Message is 0x"); - printbinary(&rm); - } else { - println!("*** ECIES Decryption Failed"); - return; - } - } else { - println!("*** ECIES Encryption Failed"); - return; - } - - println!("Testing ECDSA"); - - if ecdh::ecpsp_dsa(sha, &mut rng, &s0, &m[0..17], &mut cs, &mut ds) != 0 { - println!("***ECDSA Signature Failed"); - return; - } - println!("Signature= "); - print!("C= 0x"); - printbinary(&cs); - print!("D= 0x"); - printbinary(&ds); - - if ecdh::ecpvp_dsa(sha, &w0, &m[0..17], &cs, &ds) != 0 { - println!("***ECDSA Verification Failed"); - return; - } else { - println!("ECDSA Signature/Verification succeeded ") - } - } -} - -#[test] -fn ecdh_goldilocks() { - use amcl::goldilocks::ecdh; - use amcl::goldilocks::ecp; - - let mut rng = create_rng(); - - let pw = "M0ng00se"; - let pp: &[u8] = b"M0ng00se"; - const EFS: usize = ecdh::EFS; - const EGS: usize = ecdh::EGS; - const EAS: usize = ecp::AESKEY; - - let sha = ecp::HASH_TYPE; - let mut salt: [u8; 8] = [0; 8]; - let mut s1: [u8; EGS] = [0; EGS]; - let mut w0: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; - let mut w1: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; - let mut z0: [u8; EFS] = [0; EFS]; - let mut z1: [u8; EFS] = [0; EFS]; - let mut key: [u8; EAS] = [0; EAS]; - let mut cs: [u8; EGS] = [0; EGS]; - let mut ds: [u8; EGS] = [0; EGS]; - let mut m: Vec<u8> = vec![0; 32]; // array that could be of any length. So use heap. - let mut p1: [u8; 3] = [0; 3]; - let mut p2: [u8; 4] = [0; 4]; - let mut v: [u8; 2 * EFS + 1] = [0; 2 * EFS + 1]; - let mut t: [u8; 12] = [0; 12]; - - for i in 0..8 { - salt[i] = (i + 1) as u8 - } // set Salt - - println!("\nTesting ECDH/ECDSA/ECIES"); - println!("Alice's Passphrase= {}", pw); - - let mut s0: [u8; EFS] = [0; EGS]; - ecdh::pbkdf2(sha, pp, &salt, 1000, EGS, &mut s0); - - print!("Alice's private key= 0x"); - printbinary(&s0); - - /* Generate Key pair S/W */ - ecdh::key_pair_generate(None, &mut s0, &mut w0); - - print!("Alice's public key= 0x"); - printbinary(&w0); - - let mut res = ecdh::public_key_validate(&w0); - if res != 0 { - println!("ECP Public Key is invalid!"); - return; - } - - /* Random private key for other party */ - ecdh::key_pair_generate(Some(&mut rng), &mut s1, &mut w1); - - print!("Servers private key= 0x"); - printbinary(&s1); - - print!("Servers public key= 0x"); - printbinary(&w1); - - res = ecdh::public_key_validate(&w1); - if res != 0 { - println!("ECP Public Key is invalid!"); - return; - } - /* Calculate common key using DH - IEEE 1363 method */ - - ecdh::ecpsvdp_dh(&s0, &w1, &mut z0); - ecdh::ecpsvdp_dh(&s1, &w0, &mut z1); - - let mut same = true; - for i in 0..EFS { - if z0[i] != z1[i] { - same = false - } - } - - if !same { - println!("*** ECPSVDP-DH Failed"); - return; - } - - ecdh::kdf2(sha, &z0, None, EAS, &mut key); - - print!("Alice's DH Key= 0x"); - printbinary(&key); - print!("Servers DH Key= 0x"); - printbinary(&key); - - if ecp::CURVETYPE != CurveType::Montgomery { - for i in 0..17 { - m[i] = i as u8 - } - - println!("Testing ECIES"); - - p1[0] = 0x0; - p1[1] = 0x1; - p1[2] = 0x2; - p2[0] = 0x0; - p2[1] = 0x1; - p2[2] = 0x2; - p2[3] = 0x3; - - let cc = ecdh::ecies_encrypt(sha, &p1, &p2, &mut rng, &w1, &m[0..17], &mut v, &mut t); - - if let Some(mut c) = cc { - println!("Ciphertext= "); - print!("V= 0x"); - printbinary(&v); - print!("C= 0x"); - printbinary(&c); - print!("T= 0x"); - printbinary(&t); - - let mm = ecdh::ecies_decrypt(sha, &p1, &p2, &v, &mut c, &t, &s1); - if let Some(rm) = mm { - println!("Decryption succeeded"); - print!("Message is 0x"); - printbinary(&rm); - } else { - println!("*** ECIES Decryption Failed"); - return; - } - } else { - println!("*** ECIES Encryption Failed"); - return; - } - - println!("Testing ECDSA"); - - if ecdh::ecpsp_dsa(sha, &mut rng, &s0, &m[0..17], &mut cs, &mut ds) != 0 { - println!("***ECDSA Signature Failed"); - return; - } - println!("Signature= "); - print!("C= 0x"); - printbinary(&cs); - print!("D= 0x"); - printbinary(&ds); - - if ecdh::ecpvp_dsa(sha, &w0, &m[0..17], &cs, &ds) != 0 { - println!("***ECDSA Verification Failed"); - return; - } else { - println!("ECDSA Signature/Verification succeeded ") - } - } -} - -#[test] -fn mpin_bn254() { - use amcl::bn254::ecp; - use amcl::bn254::mpin; - - let mut rng = create_rng(); - - pub const PERMITS: bool = true; - pub const PINERROR: bool = true; - pub const FULL: bool = true; - //pub const SINGLE_PASS:bool=false; - - const EFS: usize = mpin::EFS; - const EGS: usize = mpin::EGS; - - let mut s: [u8; EGS] = [0; EGS]; - const RM: usize = EFS as usize; - let mut hcid: [u8; RM] = [0; RM]; - let mut hsid: [u8; RM] = [0; RM]; - - const G1S: usize = 2 * EFS + 1; /* Group 1 Size */ - const G2S: usize = 4 * EFS; /* Group 2 Size */ - const EAS: usize = ecp::AESKEY; - - let mut sst: [u8; G2S] = [0; G2S]; - let mut token: [u8; G1S] = [0; G1S]; - let mut permit: [u8; G1S] = [0; G1S]; - let mut g1: [u8; 12 * EFS] = [0; 12 * EFS]; - let mut g2: [u8; 12 * EFS] = [0; 12 * EFS]; - let mut xid: [u8; G1S] = [0; G1S]; - let mut xcid: [u8; G1S] = [0; G1S]; - let mut x: [u8; EGS] = [0; EGS]; - let mut y: [u8; EGS] = [0; EGS]; - let mut sec: [u8; G1S] = [0; G1S]; - let mut r: [u8; EGS] = [0; EGS]; - let mut z: [u8; G1S] = [0; G1S]; - let mut hid: [u8; G1S] = [0; G1S]; - let mut htid: [u8; G1S] = [0; G1S]; - let mut rhid: [u8; G1S] = [0; G1S]; - let mut w: [u8; EGS] = [0; EGS]; - let mut t: [u8; G1S] = [0; G1S]; - let mut e: [u8; 12 * EFS] = [0; 12 * EFS]; - let mut f: [u8; 12 * EFS] = [0; 12 * EFS]; - let mut h: [u8; RM] = [0; RM]; - let mut ck: [u8; EAS] = [0; EAS]; - let mut sk: [u8; EAS] = [0; EAS]; - - let sha = ecp::HASH_TYPE; - - println!("\nTesting MPIN - PIN is 1234"); - /* Trusted Authority set-up */ - - mpin::random_generate(&mut rng, &mut s); - print!("Master Secret s: 0x"); - printbinary(&s); - - /* Create Client Identity */ - let name = "[email protected]"; - let client_id = name.as_bytes(); - - print!("Client ID= "); - printbinary(&client_id); - - mpin::hash_id(sha, &client_id, &mut hcid); /* Either Client or TA calculates Hash(ID) - you decide! */ - - /* Client and Server are issued secrets by DTA */ - mpin::get_server_secret(&s, &mut sst); - print!("Server Secret SS: 0x"); - printbinary(&sst); - - mpin::get_client_secret(&mut s, &hcid, &mut token); - print!("Client Secret CS: 0x"); - printbinary(&token); - - /* Client extracts PIN from secret to create Token */ - let pin: i32 = 1234; - println!("Client extracts PIN= {}", pin); - let mut rtn = mpin::extract_pin(sha, &client_id, pin, &mut token); - if rtn != 0 { - println!("FAILURE: EXTRACT_PIN rtn: {}", rtn); - } - - print!("Client Token TK: 0x"); - printbinary(&token); - - if FULL { - mpin::precompute(&token, &hcid, &mut g1, &mut g2); - } - - let mut date = 0; - if PERMITS { - date = mpin::today(); - /* Client gets "Time Token" permit from DTA */ - - mpin::get_client_permit(sha, date, &s, &hcid, &mut permit); - print!("Time Permit TP: 0x"); - printbinary(&permit); - - /* This encoding makes Time permit look random - Elligator squared */ - mpin::encoding(&mut rng, &mut permit); - print!("Encoded Time Permit TP: 0x"); - printbinary(&permit); - mpin::decoding(&mut permit); - print!("Decoded Time Permit TP: 0x"); - printbinary(&permit); - } - - print!("\nPIN= "); - let _ = io::Write::flush(&mut io::stdout()); - let mut input_text = String::new(); - let _ = io::stdin().read_line(&mut input_text); - - let pin = input_text.trim().parse::<usize>().unwrap(); - - println!("MPIN Multi Pass"); - /* Send U=x.ID to server, and recreate secret from token and pin */ - rtn = mpin::client_1( - sha, - date, - &client_id, - Some(&mut rng), - &mut x, - pin, - &token, - &mut sec, - Some(&mut xid[..]), - Some(&mut xcid[..]), - Some(&permit[..]), - ); - if rtn != 0 { - println!("FAILURE: CLIENT_1 rtn: {}", rtn); - } - - if FULL { - mpin::hash_id(sha, &client_id, &mut hcid); - mpin::get_g1_multiple(Some(&mut rng), 1, &mut r, &hcid, &mut z); /* Also Send Z=r.ID to Server, remember random r */ - } - - /* Server calculates H(ID) and H(T|H(ID)) (if time mpin::PERMITS enabled), and maps them to points on the curve HID and HTID resp. */ - - mpin::server_1(sha, date, &client_id, &mut hid, Some(&mut htid[..])); - - if date != 0 { - rhid.clone_from_slice(&htid[..]); - } else { - rhid.clone_from_slice(&hid[..]); - } - - /* Server generates Random number Y and sends it to Client */ - mpin::random_generate(&mut rng, &mut y); - - if FULL { - mpin::hash_id(sha, &client_id, &mut hsid); - mpin::get_g1_multiple(Some(&mut rng), 0, &mut w, &rhid, &mut t); /* Also send T=w.ID to client, remember random w */ - } - - /* Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */ - rtn = mpin::client_2(&x, &y, &mut sec); - if rtn != 0 { - println!("FAILURE: CLIENT_2 rtn: {}", rtn); - } - - /* Server Second pass. Inputs hashed client id, random Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */ - /* If PIN error not required, set E and F = null */ - - if !PINERROR { - rtn = mpin::server_2( - date, - &hid, - Some(&htid[..]), - &y, - &sst, - Some(&xid[..]), - Some(&xcid[..]), - &sec, - None, - None, - ); - } else { - rtn = mpin::server_2( - date, - &hid, - Some(&htid[..]), - &y, - &sst, - Some(&xid[..]), - Some(&xcid[..]), - &sec, - Some(&mut e), - Some(&mut f), - ); - } - - if rtn == mpin::BAD_PIN { - println!("Server says - Bad Pin. I don't know you. Feck off."); - if PINERROR { - let err = mpin::kangaroo(&e, &f); - if err != 0 { - println!("(Client PIN is out by {})", err) - } - } - return; - } else { - println!("Server says - PIN is good! You really are {}", name); - } - - if FULL { - let mut pxcid = None; - if PERMITS { - pxcid = Some(&xcid[..]) - }; - - mpin::hash_all(sha, &hcid, &xid, pxcid, &sec, &y, &z, &t, &mut h); - mpin::client_key(sha, &g1, &g2, pin, &r, &x, &h, &t, &mut ck); - print!("Client Key = 0x"); - printbinary(&ck); - - mpin::hash_all(sha, &hsid, &xid, pxcid, &sec, &y, &z, &t, &mut h); - mpin::server_key(sha, &z, &sst, &w, &h, &hid, &xid, pxcid, &mut sk); - print!("Server Key = 0x"); - printbinary(&sk); - } -} - -#[test] -fn mpin_bls383() { - //use amcl::bls383; - use amcl::bls383::ecp; - use amcl::bls383::mpin; - - let mut rng = create_rng(); - - pub const PERMITS: bool = true; - pub const PINERROR: bool = true; - pub const FULL: bool = true; - //pub const SINGLE_PASS:bool=false; - - const EFS: usize = mpin::EFS; - const EGS: usize = mpin::EGS; - - let mut s: [u8; EGS] = [0; EGS]; - const RM: usize = EFS as usize; - let mut hcid: [u8; RM] = [0; RM]; - let mut hsid: [u8; RM] = [0; RM]; - - const G1S: usize = 2 * EFS + 1; /* Group 1 Size */ - const G2S: usize = 4 * EFS; /* Group 2 Size */ - const EAS: usize = ecp::AESKEY; - - let mut sst: [u8; G2S] = [0; G2S]; - let mut token: [u8; G1S] = [0; G1S]; - let mut permit: [u8; G1S] = [0; G1S]; - let mut g1: [u8; 12 * EFS] = [0; 12 * EFS]; - let mut g2: [u8; 12 * EFS] = [0; 12 * EFS]; - let mut xid: [u8; G1S] = [0; G1S]; - let mut xcid: [u8; G1S] = [0; G1S]; - let mut x: [u8; EGS] = [0; EGS]; - let mut y: [u8; EGS] = [0; EGS]; - let mut sec: [u8; G1S] = [0; G1S]; - let mut r: [u8; EGS] = [0; EGS]; - let mut z: [u8; G1S] = [0; G1S]; - let mut hid: [u8; G1S] = [0; G1S]; - let mut htid: [u8; G1S] = [0; G1S]; - let mut rhid: [u8; G1S] = [0; G1S]; - let mut w: [u8; EGS] = [0; EGS]; - let mut t: [u8; G1S] = [0; G1S]; - let mut e: [u8; 12 * EFS] = [0; 12 * EFS]; - let mut f: [u8; 12 * EFS] = [0; 12 * EFS]; - let mut h: [u8; RM] = [0; RM]; - let mut ck: [u8; EAS] = [0; EAS]; - let mut sk: [u8; EAS] = [0; EAS]; - - let sha = ecp::HASH_TYPE; - - println!("\nTesting MPIN - PIN is 1234"); - /* Trusted Authority set-up */ - - mpin::random_generate(&mut rng, &mut s); - print!("Master Secret s: 0x"); - printbinary(&s); - - /* Create Client Identity */ - let name = "[email protected]"; - let client_id = name.as_bytes(); - - print!("Client ID= "); - printbinary(&client_id); - - mpin::hash_id(sha, &client_id, &mut hcid); /* Either Client or TA calculates Hash(ID) - you decide! */ - - /* Client and Server are issued secrets by DTA */ - mpin::get_server_secret(&s, &mut sst); - print!("Server Secret SS: 0x"); - printbinary(&sst); - - mpin::get_client_secret(&mut s, &hcid, &mut token); - print!("Client Secret CS: 0x"); - printbinary(&token); - - /* Client extracts PIN from secret to create Token */ - let pin: i32 = 1234; - println!("Client extracts PIN= {}", pin); - let mut rtn = mpin::extract_pin(sha, &client_id, pin, &mut token); - if rtn != 0 { - println!("FAILURE: EXTRACT_PIN rtn: {}", rtn); - } - - print!("Client Token TK: 0x"); - printbinary(&token); - - if FULL { - mpin::precompute(&token, &hcid, &mut g1, &mut g2); - } - - let mut date = 0; - if PERMITS { - date = mpin::today(); - /* Client gets "Time Token" permit from DTA */ - - mpin::get_client_permit(sha, date, &s, &hcid, &mut permit); - print!("Time Permit TP: 0x"); - printbinary(&permit); - - /* This encoding makes Time permit look random - Elligator squared */ - mpin::encoding(&mut rng, &mut permit); - print!("Encoded Time Permit TP: 0x"); - printbinary(&permit); - mpin::decoding(&mut permit); - print!("Decoded Time Permit TP: 0x"); - printbinary(&permit); - } - - print!("\nPIN= "); - let _ = io::Write::flush(&mut io::stdout()); - let mut input_text = String::new(); - let _ = io::stdin().read_line(&mut input_text); - - let pin = input_text.trim().parse::<usize>().unwrap(); - - println!("MPIN Multi Pass"); - /* Send U=x.ID to server, and recreate secret from token and pin */ - rtn = mpin::client_1( - sha, - date, - &client_id, - Some(&mut rng), - &mut x, - pin, - &token, - &mut sec, - Some(&mut xid[..]), - Some(&mut xcid[..]), - Some(&permit[..]), - ); - if rtn != 0 { - println!("FAILURE: CLIENT_1 rtn: {}", rtn); - } - - if FULL { - mpin::hash_id(sha, &client_id, &mut hcid); - mpin::get_g1_multiple(Some(&mut rng), 1, &mut r, &hcid, &mut z); /* Also Send Z=r.ID to Server, remember random r */ - } - - /* Server calculates H(ID) and H(T|H(ID)) (if time mpin::PERMITS enabled), and maps them to points on the curve HID and HTID resp. */ - - mpin::server_1(sha, date, &client_id, &mut hid, Some(&mut htid[..])); - - if date != 0 { - rhid.clone_from_slice(&htid[..]); - } else { - rhid.clone_from_slice(&hid[..]); - } - - /* Server generates Random number Y and sends it to Client */ - mpin::random_generate(&mut rng, &mut y); - - if FULL { - mpin::hash_id(sha, &client_id, &mut hsid); - mpin::get_g1_multiple(Some(&mut rng), 0, &mut w, &rhid, &mut t); /* Also send T=w.ID to client, remember random w */ - } - - /* Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */ - rtn = mpin::client_2(&x, &y, &mut sec); - if rtn != 0 { - println!("FAILURE: CLIENT_2 rtn: {}", rtn); - } - - /* Server Second pass. Inputs hashed client id, random Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */ - /* If PIN error not required, set E and F = null */ - - if !PINERROR { - rtn = mpin::server_2( - date, - &hid, - Some(&htid[..]), - &y, - &sst, - Some(&xid[..]), - Some(&xcid[..]), - &sec, - None, - None, - ); - } else { - rtn = mpin::server_2( - date, - &hid, - Some(&htid[..]), - &y, - &sst, - Some(&xid[..]), - Some(&xcid[..]), - &sec, - Some(&mut e), - Some(&mut f), - ); - } - - if rtn == mpin::BAD_PIN { - println!("Server says - Bad Pin. I don't know you. Feck off."); - if PINERROR { - let err = mpin::kangaroo(&e, &f); - if err != 0 { - println!("(Client PIN is out by {})", err) - } - } - return; - } else { - println!("Server says - PIN is good! You really are {}", name); - } - - if FULL { - let mut pxcid = None; - if PERMITS { - pxcid = Some(&xcid[..]) - }; - - mpin::hash_all(sha, &hcid, &xid, pxcid, &sec, &y, &z, &t, &mut h); - mpin::client_key(sha, &g1, &g2, pin, &r, &x, &h, &t, &mut ck); - print!("Client Key = 0x"); - printbinary(&ck); - - mpin::hash_all(sha, &hsid, &xid, pxcid, &sec, &y, &z, &t, &mut h); - mpin::server_key(sha, &z, &sst, &w, &h, &hid, &xid, pxcid, &mut sk); - print!("Server Key = 0x"); - printbinary(&sk); - } -} - -#[test] -fn mpin_bls24() { - //use amcl::bls24; - use amcl::bls24::ecp; - use amcl::bls24::mpin192; - - let mut rng = create_rng(); - - pub const PERMITS: bool = true; - pub const PINERROR: bool = true; - pub const FULL: bool = true; - //pub const SINGLE_PASS:bool=false; - - const EFS: usize = mpin192::EFS; - const EGS: usize = mpin192::EGS; - - let mut s: [u8; EGS] = [0; EGS]; - const RM: usize = EFS as usize; - let mut hcid: [u8; RM] = [0; RM]; - let mut hsid: [u8; RM] = [0; RM]; - - const G1S: usize = 2 * EFS + 1; /* Group 1 Size */ - const G2S: usize = 8 * EFS; /* Group 2 Size */ - const EAS: usize = ecp::AESKEY; - - let mut sst: [u8; G2S] = [0; G2S]; - let mut token: [u8; G1S] = [0; G1S]; - let mut permit: [u8; G1S] = [0; G1S]; - let mut g1: [u8; 24 * EFS] = [0; 24 * EFS]; - let mut g2: [u8; 24 * EFS] = [0; 24 * EFS]; - let mut xid: [u8; G1S] = [0; G1S]; - let mut xcid: [u8; G1S] = [0; G1S]; - let mut x: [u8; EGS] = [0; EGS]; - let mut y: [u8; EGS] = [0; EGS]; - let mut sec: [u8; G1S] = [0; G1S]; - let mut r: [u8; EGS] = [0; EGS]; - let mut z: [u8; G1S] = [0; G1S]; - let mut hid: [u8; G1S] = [0; G1S]; - let mut htid: [u8; G1S] = [0; G1S]; - let mut rhid: [u8; G1S] = [0; G1S]; - let mut w: [u8; EGS] = [0; EGS]; - let mut t: [u8; G1S] = [0; G1S]; - let mut e: [u8; 24 * EFS] = [0; 24 * EFS]; - let mut f: [u8; 24 * EFS] = [0; 24 * EFS]; - let mut h: [u8; RM] = [0; RM]; - let mut ck: [u8; EAS] = [0; EAS]; - let mut sk: [u8; EAS] = [0; EAS]; - - let sha = ecp::HASH_TYPE; - - println!("\nTesting MPIN - PIN is 1234"); - /* Trusted Authority set-up */ - - mpin192::random_generate(&mut rng, &mut s); - print!("Master Secret s: 0x"); - printbinary(&s); - - /* Create Client Identity */ - let name = "[email protected]"; - let client_id = name.as_bytes(); - - print!("Client ID= "); - printbinary(&client_id); - - mpin192::hash_id(sha, &client_id, &mut hcid); /* Either Client or TA calculates Hash(ID) - you decide! */ - - /* Client and Server are issued secrets by DTA */ - mpin192::get_server_secret(&s, &mut sst); - print!("Server Secret SS: 0x"); - printbinary(&sst); - - mpin192::get_client_secret(&mut s, &hcid, &mut token); - print!("Client Secret CS: 0x"); - printbinary(&token); - - /* Client extracts PIN from secret to create Token */ - let pin: i32 = 1234; - println!("Client extracts PIN= {}", pin); - let mut rtn = mpin192::extract_pin(sha, &client_id, pin, &mut token); - if rtn != 0 { - println!("FAILURE: EXTRACT_PIN rtn: {}", rtn); - } - - print!("Client Token TK: 0x"); - printbinary(&token); - - if FULL { - mpin192::precompute(&token, &hcid, &mut g1, &mut g2); - } - - let mut date = 0; - if PERMITS { - date = mpin192::today(); - /* Client gets "Time Token" permit from DTA */ - - mpin192::get_client_permit(sha, date, &s, &hcid, &mut permit); - print!("Time Permit TP: 0x"); - printbinary(&permit); - - /* This encoding makes Time permit look random - Elligator squared */ - mpin192::encoding(&mut rng, &mut permit); - print!("Encoded Time Permit TP: 0x"); - printbinary(&permit); - mpin192::decoding(&mut permit); - print!("Decoded Time Permit TP: 0x"); - printbinary(&permit); - } - - print!("\nPIN= "); - let _ = io::Write::flush(&mut io::stdout()); - let mut input_text = String::new(); - let _ = io::stdin().read_line(&mut input_text); - - let pin = input_text.trim().parse::<usize>().unwrap(); - - println!("MPIN Multi Pass"); - /* Send U=x.ID to server, and recreate secret from token and pin */ - rtn = mpin192::client_1( - sha, - date, - &client_id, - Some(&mut rng), - &mut x, - pin, - &token, - &mut sec, - Some(&mut xid[..]), - Some(&mut xcid[..]), - Some(&permit[..]), - ); - if rtn != 0 { - println!("FAILURE: CLIENT_1 rtn: {}", rtn); - } - - if FULL { - mpin192::hash_id(sha, &client_id, &mut hcid); - mpin192::get_g1_multiple(Some(&mut rng), 1, &mut r, &hcid, &mut z); /* Also Send Z=r.ID to Server, remember random r */ - } - - /* Server calculates H(ID) and H(T|H(ID)) (if time mpin192::PERMITS enabled), and maps them to points on the curve HID and HTID resp. */ - - mpin192::server_1(sha, date, &client_id, &mut hid, Some(&mut htid[..])); - - if date != 0 { - rhid.clone_from_slice(&htid[..]); - } else { - rhid.clone_from_slice(&hid[..]); - } - - /* Server generates Random number Y and sends it to Client */ - mpin192::random_generate(&mut rng, &mut y); - - if FULL { - mpin192::hash_id(sha, &client_id, &mut hsid); - mpin192::get_g1_multiple(Some(&mut rng), 0, &mut w, &rhid, &mut t); /* Also send T=w.ID to client, remember random w */ - } - - /* Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */ - rtn = mpin192::client_2(&x, &y, &mut sec); - if rtn != 0 { - println!("FAILURE: CLIENT_2 rtn: {}", rtn); - } - - /* Server Second pass. Inputs hashed client id, random Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */ - /* If PIN error not required, set E and F = null */ - - if !PINERROR { - rtn = mpin192::server_2( - date, - &hid, - Some(&htid[..]), - &y, - &sst, - Some(&xid[..]), - Some(&xcid[..]), - &sec, - None, - None, - ); - } else { - rtn = mpin192::server_2( - date, - &hid, - Some(&htid[..]), - &y, - &sst, - Some(&xid[..]), - Some(&xcid[..]), - &sec, - Some(&mut e), - Some(&mut f), - ); - } - - if rtn == mpin192::BAD_PIN { - println!("Server says - Bad Pin. I don't know you. Feck off."); - if PINERROR { - let err = mpin192::kangaroo(&e, &f); - if err != 0 { - println!("(Client PIN is out by {})", err) - } - } - return; - } else { - println!("Server says - PIN is good! You really are {}", name); - } - - if FULL { - let mut pxcid = None; - if PERMITS { - pxcid = Some(&xcid[..]) - }; - - mpin192::hash_all(sha, &hcid, &xid, pxcid, &sec, &y, &z, &t, &mut h); - mpin192::client_key(sha, &g1, &g2, pin, &r, &x, &h, &t, &mut ck); - print!("Client Key = 0x"); - printbinary(&ck); - - mpin192::hash_all(sha, &hsid, &xid, pxcid, &sec, &y, &z, &t, &mut h); - mpin192::server_key(sha, &z, &sst, &w, &h, &hid, &xid, pxcid, &mut sk); - print!("Server Key = 0x"); - printbinary(&sk); - } -} - -#[test] -fn mpin_bls48() { - //use amcl::bls48; - use amcl::bls48::ecp; - use amcl::bls48::mpin256; - - let mut rng = create_rng(); - - pub const PERMITS: bool = true; - pub const PINERROR: bool = true; - pub const FULL: bool = true; - //pub const SINGLE_PASS:bool=false; - - const EFS: usize = mpin256::EFS; - const EGS: usize = mpin256::EGS; - - let mut s: [u8; EGS] = [0; EGS]; - const RM: usize = EFS as usize; - let mut hcid: [u8; RM] = [0; RM]; - let mut hsid: [u8; RM] = [0; RM]; - - const G1S: usize = 2 * EFS + 1; /* Group 1 Size */ - const G2S: usize = 16 * EFS; /* Group 2 Size */ - const EAS: usize = ecp::AESKEY; - - let mut sst: [u8; G2S] = [0; G2S]; - let mut token: [u8; G1S] = [0; G1S]; - let mut permit: [u8; G1S] = [0; G1S]; - let mut g1: [u8; 48 * EFS] = [0; 48 * EFS]; - let mut g2: [u8; 48 * EFS] = [0; 48 * EFS]; - let mut xid: [u8; G1S] = [0; G1S]; - let mut xcid: [u8; G1S] = [0; G1S]; - let mut x: [u8; EGS] = [0; EGS]; - let mut y: [u8; EGS] = [0; EGS]; - let mut sec: [u8; G1S] = [0; G1S]; - let mut r: [u8; EGS] = [0; EGS]; - let mut z: [u8; G1S] = [0; G1S]; - let mut hid: [u8; G1S] = [0; G1S]; - let mut htid: [u8; G1S] = [0; G1S]; - let mut rhid: [u8; G1S] = [0; G1S]; - let mut w: [u8; EGS] = [0; EGS]; - let mut t: [u8; G1S] = [0; G1S]; - let mut e: [u8; 48 * EFS] = [0; 48 * EFS]; - let mut f: [u8; 48 * EFS] = [0; 48 * EFS]; - let mut h: [u8; RM] = [0; RM]; - let mut ck: [u8; EAS] = [0; EAS]; - let mut sk: [u8; EAS] = [0; EAS]; - - let sha = ecp::HASH_TYPE; - - println!("\nTesting MPIN - PIN is 1234"); - /* Trusted Authority set-up */ - - mpin256::random_generate(&mut rng, &mut s); - print!("Master Secret s: 0x"); - printbinary(&s); - - /* Create Client Identity */ - let name = "[email protected]"; - let client_id = name.as_bytes(); - - print!("Client ID= "); - printbinary(&client_id); - - mpin256::hash_id(sha, &client_id, &mut hcid); /* Either Client or TA calculates Hash(ID) - you decide! */ - - /* Client and Server are issued secrets by DTA */ - mpin256::get_server_secret(&s, &mut sst); - print!("Server Secret SS: 0x"); - printbinary(&sst); - - mpin256::get_client_secret(&mut s, &hcid, &mut token); - print!("Client Secret CS: 0x"); - printbinary(&token); - - /* Client extracts PIN from secret to create Token */ - let pin: i32 = 1234; - println!("Client extracts PIN= {}", pin); - let mut rtn = mpin256::extract_pin(sha, &client_id, pin, &mut token); - if rtn != 0 { - println!("FAILURE: EXTRACT_PIN rtn: {}", rtn); - } - - print!("Client Token TK: 0x"); - printbinary(&token); - - if FULL { - mpin256::precompute(&token, &hcid, &mut g1, &mut g2); - } - - let mut date = 0; - if PERMITS { - date = mpin256::today(); - /* Client gets "Time Token" permit from DTA */ - - mpin256::get_client_permit(sha, date, &s, &hcid, &mut permit); - print!("Time Permit TP: 0x"); - printbinary(&permit); - - /* This encoding makes Time permit look random - Elligator squared */ - mpin256::encoding(&mut rng, &mut permit); - print!("Encoded Time Permit TP: 0x"); - printbinary(&permit); - mpin256::decoding(&mut permit); - print!("Decoded Time Permit TP: 0x"); - printbinary(&permit); - } - - print!("\nPIN= "); - let _ = io::Write::flush(&mut io::stdout()); - let mut input_text = String::new(); - let _ = io::stdin().read_line(&mut input_text); - - let pin = input_text.trim().parse::<usize>().unwrap(); - - println!("MPIN Multi Pass"); - /* Send U=x.ID to server, and recreate secret from token and pin */ - rtn = mpin256::client_1( - sha, - date, - &client_id, - Some(&mut rng), - &mut x, - pin, - &token, - &mut sec, - Some(&mut xid[..]), - Some(&mut xcid[..]), - Some(&permit[..]), - ); - if rtn != 0 { - println!("FAILURE: CLIENT_1 rtn: {}", rtn); - } - - if FULL { - mpin256::hash_id(sha, &client_id, &mut hcid); - mpin256::get_g1_multiple(Some(&mut rng), 1, &mut r, &hcid, &mut z); /* Also Send Z=r.ID to Server, remember random r */ - } - - /* Server calculates H(ID) and H(T|H(ID)) (if time mpin256::PERMITS enabled), and maps them to points on the curve HID and HTID resp. */ - - mpin256::server_1(sha, date, &client_id, &mut hid, Some(&mut htid[..])); - - if date != 0 { - rhid.clone_from_slice(&htid[..]); - } else { - rhid.clone_from_slice(&hid[..]); - } - - /* Server generates Random number Y and sends it to Client */ - mpin256::random_generate(&mut rng, &mut y); - - if FULL { - mpin256::hash_id(sha, &client_id, &mut hsid); - mpin256::get_g1_multiple(Some(&mut rng), 0, &mut w, &rhid, &mut t); /* Also send T=w.ID to client, remember random w */ - } - - /* Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */ - rtn = mpin256::client_2(&x, &y, &mut sec); - if rtn != 0 { - println!("FAILURE: CLIENT_2 rtn: {}", rtn); - } - - /* Server Second pass. Inputs hashed client id, random Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */ - /* If PIN error not required, set E and F = null */ - - if !PINERROR { - rtn = mpin256::server_2( - date, - &hid, - Some(&htid[..]), - &y, - &sst, - Some(&xid[..]), - Some(&xcid[..]), - &sec, - None, - None, - ); - } else { - rtn = mpin256::server_2( - date, - &hid, - Some(&htid[..]), - &y, - &sst, - Some(&xid[..]), - Some(&xcid[..]), - &sec, - Some(&mut e), - Some(&mut f), - ); - } - - if rtn == mpin256::BAD_PIN { - println!("Server says - Bad Pin. I don't know you. Feck off."); - if PINERROR { - let err = mpin256::kangaroo(&e, &f); - if err != 0 { - println!("(Client PIN is out by {})", err) - } - } - return; - } else { - println!("Server says - PIN is good! You really are {}", name); - } - - if FULL { - let mut pxcid = None; - if PERMITS { - pxcid = Some(&xcid[..]) - }; - - mpin256::hash_all(sha, &hcid, &xid, pxcid, &sec, &y, &z, &t, &mut h); - mpin256::client_key(sha, &g1, &g2, pin, &r, &x, &h, &t, &mut ck); - print!("Client Key = 0x"); - printbinary(&ck); - - mpin256::hash_all(sha, &hsid, &xid, pxcid, &sec, &y, &z, &t, &mut h); - mpin256::server_key(sha, &z, &sst, &w, &h, &hid, &xid, pxcid, &mut sk); - print!("Server Key = 0x"); - printbinary(&sk); - } -} - -#[test] -fn rsa_2048() { - //use amcl::rsa2048; - use amcl::rsa2048::ff; - use amcl::rsa2048::rsa; - - let mut rng = create_rng(); - - let sha = rsa::HASH_TYPE; - let message: &[u8] = b"Hello World\n"; - const RFS: usize = rsa::RFS; - - let mut pbc = rsa::new_public_key(ff::FFLEN); - let mut prv = rsa::new_private_key(ff::HFLEN); - - let mut ml: [u8; RFS] = [0; RFS]; - let mut ms: [u8; RFS] = [0; RFS]; - let mut c: [u8; RFS] = [0; RFS]; - let mut s: [u8; RFS] = [0; RFS]; - let mut e: [u8; RFS] = [0; RFS]; - - println!("\nTesting RSA"); - println!("Generating public/private key pair"); - rsa::key_pair(&mut rng, 65537, &mut prv, &mut pbc); - - println!("Encrypting test string\n"); - rsa::oaep_encode(sha, &message, &mut rng, None, &mut e); /* OAEP encode message M to E */ - - rsa::encrypt(&pbc, &e, &mut c); /* encrypt encoded message */ - print!("Ciphertext= 0x"); - printbinary(&c); - - println!("Decrypting test string"); - rsa::decrypt(&prv, &c, &mut ml); - let mlen = rsa::oaep_decode(sha, None, &mut ml); /* OAEP decode message */ - - let mess = str::from_utf8(&ml[0..mlen]).unwrap(); - print!("{}", &mess); - - println!("Signing message"); - rsa::pkcs15(sha, message, &mut c); - - rsa::decrypt(&prv, &c, &mut s); /* create signature in S */ - - print!("Signature= 0x"); - printbinary(&s); - - rsa::encrypt(&pbc, &s, &mut ms); - - let mut cmp = true; - if c.len() != ms.len() { - cmp = false; - } else { - for j in 0..c.len() { - if c[j] != ms[j] { - cmp = false - } - } - } - if cmp { - println!("Signature is valid"); - } else { - println!("Signature is INVALID"); - } - - rsa::private_key_kill(&mut prv); -} diff --git a/tests/test_bls.rs b/tests/test_bls.rs deleted file mode 100644 index 20cf73b..0000000 --- a/tests/test_bls.rs +++ /dev/null @@ -1,190 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -extern crate amcl; - -use amcl::rand::RAND; - -pub fn printbinary(array: &[u8]) { - for i in 0..array.len() { - print!("{:02X}", array[i]) - } - println!("") -} - -fn create_rng() -> RAND { - let mut raw: [u8; 100] = [0; 100]; - - let mut rng = RAND::new(); - rng.clean(); - for i in 0..100 { - raw[i] = i as u8 - } - - rng.seed(100, &raw); - rng -} - -#[test] -fn bls_bn254() { - use amcl::bn254::bls; - - let mut rng = create_rng(); - - const BFS: usize = bls::BFS; - const BGS: usize = bls::BGS; - - let mut s: [u8; BGS] = [0; BGS]; - - const G1S: usize = BFS + 1; /* Group 1 Size */ - const G2S: usize = 4 * BFS; /* Group 2 Size */ - - let mut w: [u8; G2S] = [0; G2S]; - let mut sig: [u8; G1S] = [0; G1S]; - - let m = String::from("This is a test message"); - - bls::key_pair_generate(&mut rng, &mut s, &mut w); - print!("Private key : 0x"); - printbinary(&s); - print!("Public key : 0x"); - printbinary(&w); - - bls::sign(&mut sig, &m, &s); - print!("Signature : 0x"); - printbinary(&sig); - - let res = bls::verify(&sig, &m, &w); - if res == 0 { - println!("Signature is OK"); - } else { - println!("Signature is *NOT* OK"); - } -} - -#[test] -fn bls_bls383() { - use amcl::bls383::bls; - - let mut rng = create_rng(); - - const BFS: usize = bls::BFS; - const BGS: usize = bls::BGS; - - let mut s: [u8; BGS] = [0; BGS]; - - const G1S: usize = BFS + 1; /* Group 1 Size */ - const G2S: usize = 4 * BFS; /* Group 2 Size */ - - let mut w: [u8; G2S] = [0; G2S]; - let mut sig: [u8; G1S] = [0; G1S]; - - let m = String::from("This is a test message"); - - bls::key_pair_generate(&mut rng, &mut s, &mut w); - print!("Private key : 0x"); - printbinary(&s); - print!("Public key : 0x"); - printbinary(&w); - - bls::sign(&mut sig, &m, &s); - print!("Signature : 0x"); - printbinary(&sig); - - let res = bls::verify(&sig, &m, &w); - if res == 0 { - println!("Signature is OK"); - } else { - println!("Signature is *NOT* OK"); - } -} - -#[test] -fn bls_bls24() { - use amcl::bls24::bls192; - - let mut rng = create_rng(); - - const BFS: usize = bls192::BFS; - const BGS: usize = bls192::BGS; - - let mut s: [u8; BGS] = [0; BGS]; - - const G1S: usize = BFS + 1; /* Group 1 Size */ - const G2S: usize = 8 * BFS; /* Group 2 Size */ - - let mut w: [u8; G2S] = [0; G2S]; - let mut sig: [u8; G1S] = [0; G1S]; - - let m = String::from("This is a test message"); - - bls192::key_pair_generate(&mut rng, &mut s, &mut w); - print!("Private key : 0x"); - printbinary(&s); - print!("Public key : 0x"); - printbinary(&w); - - bls192::sign(&mut sig, &m, &s); - print!("Signature : 0x"); - printbinary(&sig); - - let res = bls192::verify(&sig, &m, &w); - if res == 0 { - println!("Signature is OK"); - } else { - println!("Signature is *NOT* OK"); - } -} - -#[test] -fn bls_bls48() { - use amcl::bls48::bls256; - - let mut rng = create_rng(); - - const BFS: usize = bls256::BFS; - const BGS: usize = bls256::BGS; - - let mut s: [u8; BGS] = [0; BGS]; - - const G1S: usize = BFS + 1; /* Group 1 Size */ - const G2S: usize = 16 * BFS; /* Group 2 Size */ - - let mut w: [u8; G2S] = [0; G2S]; - let mut sig: [u8; G1S] = [0; G1S]; - - let m = String::from("This is a test message"); - - bls256::key_pair_generate(&mut rng, &mut s, &mut w); - print!("Private key : 0x"); - printbinary(&s); - print!("Public key : 0x"); - printbinary(&w); - - bls256::sign(&mut sig, &m, &s); - print!("Signature : 0x"); - printbinary(&sig); - - let res = bls256::verify(&sig, &m, &w); - if res == 0 { - println!("Signature is OK"); - } else { - println!("Signature is *NOT* OK"); - } -} diff --git a/tests/test_nhs.rs b/tests/test_nhs.rs deleted file mode 100644 index f272291..0000000 --- a/tests/test_nhs.rs +++ /dev/null @@ -1,71 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. -*/ - -// Tests NewHope Simple API - -// See https://eprint.iacr.org/2016/1157 (Alkim, Ducas, Popplemann and Schwabe) - -extern crate amcl; - -use amcl::nhs; -use amcl::rand::RAND; - -#[test] -fn test_nhs() { - let mut raw: [u8; 100] = [0; 100]; - - let mut srng = RAND::new(); - srng.clean(); - for i in 0..100 { - raw[i] = (i + 1) as u8 - } - - srng.seed(100, &raw); - - let mut crng = RAND::new(); - crng.clean(); - for i in 0..100 { - raw[i] = (i + 2) as u8 - } - - crng.seed(100, &raw); - - let mut ss: [u8; 1792] = [0; 1792]; - let mut sb: [u8; 1824] = [0; 1824]; - let mut uc: [u8; 2176] = [0; 2176]; - - let mut keya: [u8; 32] = [0; 32]; - let mut keyb: [u8; 32] = [0; 32]; - - nhs::server_1(&mut srng, &mut sb, &mut ss); - - nhs::client(&mut crng, &sb, &mut uc, &mut keyb); - - nhs::server_2(&ss, &uc, &mut keya); - - for i in 0..keya.len() { - print!("{:02X}", keya[i]); - } - println!(""); - - for i in 0..keyb.len() { - print!("{:02X}", keyb[i]); - } - println!(""); -}
