You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@milagro.apache.org by km...@apache.org on 2019/06/26 13:43:29 UTC
[incubator-milagro-crypto-js] branch issue7 updated (adc1453 ->
65f4b6b)
This is an automated email from the ASF dual-hosted git repository.
kmccusker pushed a change to branch issue7
in repository https://gitbox.apache.org/repos/asf/incubator-milagro-crypto-js.git.
from adc1453 add BLS test vectors
new 8631f9e sync code
new 3600422 moved examples to BLS381 curve
new 65f4b6b removed some brower tests
The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
examples/browser/example_AES_ENCRYPTION.html | 149 ---
examples/browser/example_BLS.html | 2 +-
examples/browser/example_DVS_BLS383.html | 162 ---
examples/browser/example_ECC_BLS383_NIST521.html | 217 ----
examples/browser/example_ECC_NIST256.html | 201 ---
examples/browser/example_HASH.html | 115 --
examples/browser/example_MPIN_BLS383.html | 224 ----
examples/browser/example_MPIN_FULL_BLS383.html | 272 -----
examples/browser/example_MPIN_ONE_PASS_BLS383.html | 228 ----
examples/browser/example_MPIN_TP_BLS383.html | 210 ----
.../browser/example_RSA2048_ECDSA_NIST256.html | 211 ----
examples/browser/example_RSA2048_GENKEY.html | 176 ---
examples/browser/example_all.html | 1276 ++++++++++++++++++++
...example_DVS_BLS383.js => example_DVS_BLS381.js} | 2 +-
...83_NIST521.js => example_ECC_BLS381_NIST521.js} | 4 +-
...ample_MPIN_BLS383.js => example_MPIN_BLS381.js} | 2 +-
..._FULL_BLS383.js => example_MPIN_FULL_BLS381.js} | 2 +-
...S_BLS383.js => example_MPIN_ONE_PASS_BLS381.js} | 2 +-
src/ecp.js | 25 +-
src/ecp2.js | 23 +-
src/ecp4.js | 23 +-
src/ecp8.js | 23 +-
src/pair.js | 31 +-
src/pair192.js | 31 +-
src/pair256.js | 31 +-
25 files changed, 1386 insertions(+), 2256 deletions(-)
delete mode 100644 examples/browser/example_AES_ENCRYPTION.html
delete mode 100644 examples/browser/example_DVS_BLS383.html
delete mode 100644 examples/browser/example_ECC_BLS383_NIST521.html
delete mode 100644 examples/browser/example_ECC_NIST256.html
delete mode 100644 examples/browser/example_HASH.html
delete mode 100644 examples/browser/example_MPIN_BLS383.html
delete mode 100644 examples/browser/example_MPIN_FULL_BLS383.html
delete mode 100644 examples/browser/example_MPIN_ONE_PASS_BLS383.html
delete mode 100644 examples/browser/example_MPIN_TP_BLS383.html
delete mode 100644 examples/browser/example_RSA2048_ECDSA_NIST256.html
delete mode 100644 examples/browser/example_RSA2048_GENKEY.html
create mode 100644 examples/browser/example_all.html
rename examples/node/{example_DVS_BLS383.js => example_DVS_BLS381.js} (99%)
rename examples/node/{example_ECC_BLS383_NIST521.js => example_ECC_BLS381_NIST521.js} (98%)
rename examples/node/{example_MPIN_BLS383.js => example_MPIN_BLS381.js} (99%)
rename examples/node/{example_MPIN_FULL_BLS383.js => example_MPIN_FULL_BLS381.js} (99%)
rename examples/node/{example_MPIN_ONE_PASS_BLS383.js => example_MPIN_ONE_PASS_BLS381.js} (99%)
[incubator-milagro-crypto-js] 01/03: sync code
Posted by km...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
kmccusker pushed a commit to branch issue7
in repository https://gitbox.apache.org/repos/asf/incubator-milagro-crypto-js.git
commit 8631f9ec6c4bcfc6290f42ab45cc6e7daf55556a
Author: Kealan McCusker <ke...@gmail.com>
AuthorDate: Wed Jun 26 13:26:52 2019 +0100
sync code
---
src/ecp.js | 25 ++++++++++++++++---------
src/ecp2.js | 23 +++++++++++++++--------
src/ecp4.js | 23 +++++++++++++++--------
src/ecp8.js | 23 +++++++++++++++--------
src/pair.js | 31 ++++++++++++++-----------------
src/pair192.js | 31 ++++++++++++++-----------------
src/pair256.js | 31 ++++++++++++++-----------------
7 files changed, 103 insertions(+), 84 deletions(-)
diff --git a/src/ecp.js b/src/ecp.js
index 97c2918..e6c078e 100644
--- a/src/ecp.js
+++ b/src/ecp.js
@@ -23,13 +23,21 @@ var ECP = function(ctx) {
"use strict";
/* Constructor */
- var ECP = function() {
- this.x = new ctx.FP(0);
- this.y = new ctx.FP(1);
- if (ECP.CURVETYPE != ECP.EDWARDS) {
- this.z = new ctx.FP(0);
+ var ECP = function(input) {
+ if (input instanceof ECP) {
+ // copy constructor
+ this.x = new ctx.FP(input.x);
+ this.y = new ctx.FP(input.y);
+ this.z = new ctx.FP(input.z);
} else {
- this.z = new ctx.FP(1);
+ // default constructor (point at infinity)
+ this.x = new ctx.FP(0);
+ this.y = new ctx.FP(1);
+ if (ECP.CURVETYPE != ECP.EDWARDS) {
+ this.z = new ctx.FP(0);
+ } else {
+ this.z = new ctx.FP(1);
+ }
}
};
@@ -1337,8 +1345,7 @@ var ECP = function(ctx) {
return ECP;
};
+// CommonJS module exports
if (typeof module !== "undefined" && typeof module.exports !== "undefined") {
- module.exports = {
- ECP: ECP
- };
+ module.exports.ECP = ECP;
}
diff --git a/src/ecp2.js b/src/ecp2.js
index b8ce9af..a813edd 100644
--- a/src/ecp2.js
+++ b/src/ecp2.js
@@ -22,11 +22,19 @@
var ECP2 = function(ctx) {
"use strict";
- /* Constructor, set this=O */
- var ECP2 = function() {
- this.x = new ctx.FP2(0);
- this.y = new ctx.FP2(1);
- this.z = new ctx.FP2(0);
+ /* Constructor */
+ var ECP2 = function(input) {
+ if (input instanceof ECP2) {
+ // copy constructor
+ this.x = new ctx.FP2(input.x);
+ this.y = new ctx.FP2(input.y);
+ this.z = new ctx.FP2(input.z);
+ } else {
+ // default constructor (point at infinity)
+ this.x = new ctx.FP2(0);
+ this.y = new ctx.FP2(1);
+ this.z = new ctx.FP2(0);
+ }
};
ECP2.prototype = {
@@ -779,8 +787,7 @@ var ECP2 = function(ctx) {
return ECP2;
};
+// CommonJS module exports
if (typeof module !== "undefined" && typeof module.exports !== "undefined") {
- module.exports = {
- ECP2: ECP2
- };
+ module.exports.ECP2 = ECP2;
}
diff --git a/src/ecp4.js b/src/ecp4.js
index 82fbce3..9726b89 100644
--- a/src/ecp4.js
+++ b/src/ecp4.js
@@ -22,11 +22,19 @@
var ECP4 = function(ctx) {
"use strict";
- /* Constructor, set this=O */
- var ECP4 = function() {
- this.x = new ctx.FP4(0);
- this.y = new ctx.FP4(1);
- this.z = new ctx.FP4(0);
+ /* Constructor */
+ var ECP4 = function(input) {
+ if (input instanceof ECP4) {
+ // copy constructor
+ this.x = new ctx.FP4(input.x);
+ this.y = new ctx.FP4(input.y);
+ this.z = new ctx.FP4(input.z);
+ } else {
+ // default constructor (point at infinity)
+ this.x = new ctx.FP4(0);
+ this.y = new ctx.FP4(1);
+ this.z = new ctx.FP4(0);
+ }
};
ECP4.prototype = {
@@ -838,8 +846,7 @@ var ECP4 = function(ctx) {
return ECP4;
};
+// CommonJS module exports
if (typeof module !== "undefined" && typeof module.exports !== "undefined") {
- module.exports = {
- ECP4: ECP4
- };
+ module.exports.ECP4 = ECP4;
}
diff --git a/src/ecp8.js b/src/ecp8.js
index 593f739..644f27f 100644
--- a/src/ecp8.js
+++ b/src/ecp8.js
@@ -22,11 +22,19 @@
var ECP8 = function(ctx) {
"use strict";
- /* Constructor, set this=O */
- var ECP8 = function() {
- this.x = new ctx.FP8(0);
- this.y = new ctx.FP8(1);
- this.z = new ctx.FP8(0);
+ /* Constructor */
+ var ECP8 = function(input) {
+ if (input instanceof ECP8) {
+ // copy constructor
+ this.x = new ctx.FP8(input.x);
+ this.y = new ctx.FP8(input.y);
+ this.z = new ctx.FP8(input.z);
+ } else {
+ // default constructor (point at infinity)
+ this.x = new ctx.FP8(0);
+ this.y = new ctx.FP8(1);
+ this.z = new ctx.FP8(0);
+ }
};
ECP8.prototype = {
@@ -1044,8 +1052,7 @@ var ECP8 = function(ctx) {
return ECP8;
};
+// CommonJS module exports
if (typeof module !== "undefined" && typeof module.exports !== "undefined") {
- module.exports = {
- ECP8: ECP8
- };
+ module.exports.ECP8 = ECP8;
}
diff --git a/src/pair.js b/src/pair.js
index 36e60d0..bf009a7 100644
--- a/src/pair.js
+++ b/src/pair.js
@@ -127,7 +127,7 @@ var PAIR = function(ctx) {
return r;
},
-/* prepare for multi-pairing */
+ /* prepare for multi-pairing */
initmp: function() {
var r=[];
for (var i=0;i<ctx.ECP.ATE_BITS;i++)
@@ -135,7 +135,7 @@ var PAIR = function(ctx) {
return r;
},
-/* basic Miller loop */
+ /* basic Miller loop */
miller: function(r) {
var res=new ctx.FP12(1);
for (var i=ctx.ECP.ATE_BITS-1; i>=1; i--)
@@ -151,7 +151,7 @@ var PAIR = function(ctx) {
return res;
},
-/* Accumulate another set of line functions for n-pairing */
+ /* Accumulate another set of line functions for n-pairing */
another: function(r,P1,Q1) {
var f;
@@ -309,8 +309,7 @@ var PAIR = function(ctx) {
return r;
},
- /* Optimal R-ate double pairing e(P,Q).e(R,S) */
-
+ /* Optimal R-ate double pairing e(P,Q).e(R,S) */
ate2: function(P1, Q1, R1, S1) {
var fa, fb, f, x, n, n3, K, lv, lv2,
Qx, Qy, Sx, Sy, A, B, NP,NR,r, nb, bt,
@@ -444,11 +443,11 @@ var PAIR = function(ctx) {
r.frob(f);
r.frob(f);
r.mul(lv);
- if (r.isunity())
- {
- r.zero();
- return r;
- }
+// if (r.isunity())
+// {
+// r.zero();
+// return r;
+// }
/* Hard part of final exp */
if (ctx.ECP.CURVE_PAIRING_TYPE == ctx.ECP.BN) {
lv.copy(r);
@@ -565,9 +564,8 @@ var PAIR = function(ctx) {
}
};
-/* prepare ate parameter, n=6u+2 (BN) or n=u (BLS), n3=3*n */
- PAIR.lbits = function(n3,n)
- {
+ /* prepare ate parameter, n=6u+2 (BN) or n=u (BLS), n3=3*n */
+ PAIR.lbits = function(n3,n) {
n.rcopy(ctx.ROM_CURVE.CURVE_Bnx);
if (ctx.ECP.CURVE_PAIRING_TYPE==ctx.ECP.BN)
{
@@ -585,7 +583,7 @@ var PAIR = function(ctx) {
n3.pmul(3);
n3.norm();
return n3.nbits();
- },
+ };
/* GLV method */
PAIR.glv = function(e) {
@@ -827,8 +825,7 @@ var PAIR = function(ctx) {
return PAIR;
};
+// CommonJS module exports
if (typeof module !== "undefined" && typeof module.exports !== "undefined") {
- module.exports = {
- PAIR: PAIR
- };
+ module.exports.PAIR = PAIR;
}
diff --git a/src/pair192.js b/src/pair192.js
index 74e9c72..b01ced3 100644
--- a/src/pair192.js
+++ b/src/pair192.js
@@ -125,7 +125,7 @@ var PAIR192 = function(ctx) {
return r;
},
-/* prepare for multi-pairing */
+ /* prepare for multi-pairing */
initmp: function() {
var r=[];
for (var i=0;i<ctx.ECP.ATE_BITS;i++)
@@ -133,7 +133,7 @@ var PAIR192 = function(ctx) {
return r;
},
-/* basic Miller loop */
+ /* basic Miller loop */
miller: function(r) {
var res=new ctx.FP24(1);
for (var i=ctx.ECP.ATE_BITS-1; i>=1; i--)
@@ -149,16 +149,15 @@ var PAIR192 = function(ctx) {
return res;
},
-/* Accumulate another set of line functions for n-pairing */
+ /* Accumulate another set of line functions for n-pairing */
another: function(r,P1,Q1) {
-
var f;
var n=new ctx.BIG(0);
var n3=new ctx.BIG(0);
var lv,lv2;
var bt;
-// P is needed in affine form for line function, Q for (Qx,Qy) extraction
+ // P is needed in affine form for line function, Q for (Qx,Qy) extraction
var P=new ctx.ECP4(); P.copy(P1); P.affine();
var Q=new ctx.ECP(); Q.copy(Q1); Q.affine();
@@ -335,11 +334,11 @@ var PAIR192 = function(ctx) {
lv.copy(r);
r.frob(f,4);
r.mul(lv);
- if (r.isunity())
- {
- r.zero();
- return r;
- }
+// if (r.isunity())
+// {
+// r.zero();
+// return r;
+// }
/* Hard part of final exp */
// Ghamman & Fouotsa Method
t7=new ctx.FP24(r); t7.usqr();
@@ -415,15 +414,14 @@ var PAIR192 = function(ctx) {
}
};
-/* prepare ate parameter, n=6u+2 (BN) or n=u (BLS), n3=3*n */
- PAIR192.lbits = function(n3,n)
- {
+ /* prepare ate parameter, n=6u+2 (BN) or n=u (BLS), n3=3*n */
+ PAIR192.lbits = function(n3,n) {
n.rcopy(ctx.ROM_CURVE.CURVE_Bnx);
n3.copy(n);
n3.pmul(3);
n3.norm();
return n3.nbits();
- },
+ };
/* GLV method */
PAIR192.glv = function(e) {
@@ -607,8 +605,7 @@ var PAIR192 = function(ctx) {
return PAIR192;
};
+// CommonJS module exports
if (typeof module !== "undefined" && typeof module.exports !== "undefined") {
- module.exports = {
- PAIR192: PAIR192
- };
+ module.exports.PAIR192 = PAIR192;
}
diff --git a/src/pair256.js b/src/pair256.js
index 5dca245..b48126f 100644
--- a/src/pair256.js
+++ b/src/pair256.js
@@ -125,7 +125,7 @@ var PAIR256 = function(ctx) {
return r;
},
-/* prepare for multi-pairing */
+ /* prepare for multi-pairing */
initmp: function() {
var r=[];
for (var i=0;i<ctx.ECP.ATE_BITS;i++)
@@ -133,7 +133,7 @@ var PAIR256 = function(ctx) {
return r;
},
-/* basic Miller loop */
+ /* basic Miller loop */
miller: function(r) {
var res=new ctx.FP48(1);
for (var i=ctx.ECP.ATE_BITS-1; i>=1; i--)
@@ -149,16 +149,15 @@ var PAIR256 = function(ctx) {
return res;
},
-/* Accumulate another set of line functions for n-pairing */
+ /* Accumulate another set of line functions for n-pairing */
another: function(r,P1,Q1) {
-
var f;
var n=new ctx.BIG(0);
var n3=new ctx.BIG(0);
var lv,lv2;
var bt;
-// P is needed in affine form for line function, Q for (Qx,Qy) extraction
+ // P is needed in affine form for line function, Q for (Qx,Qy) extraction
var P=new ctx.ECP8(); P.copy(P1); P.affine();
var Q=new ctx.ECP(); Q.copy(Q1); Q.affine();
@@ -335,11 +334,11 @@ var PAIR256 = function(ctx) {
lv.copy(r);
r.frob(f,8);
r.mul(lv);
- if (r.isunity())
- {
- r.zero();
- return r;
- }
+// if (r.isunity())
+// {
+// r.zero();
+// return r;
+// }
/* Hard part of final exp */
// Ghamman & Fouotsa Method
t7=new ctx.FP48(r); t7.usqr();
@@ -486,15 +485,14 @@ var PAIR256 = function(ctx) {
}
};
-/* prepare ate parameter, n=6u+2 (BN) or n=u (BLS), n3=3*n */
- PAIR256.lbits = function(n3,n)
- {
+ /* prepare ate parameter, n=6u+2 (BN) or n=u (BLS), n3=3*n */
+ PAIR256.lbits = function(n3,n) {
n.rcopy(ctx.ROM_CURVE.CURVE_Bnx);
n3.copy(n);
n3.pmul(3);
n3.norm();
return n3.nbits();
- },
+ };
/* GLV method */
PAIR256.glv = function(e) {
@@ -684,8 +682,7 @@ var PAIR256 = function(ctx) {
return PAIR256;
};
+// CommonJS module exports
if (typeof module !== "undefined" && typeof module.exports !== "undefined") {
- module.exports = {
- PAIR256: PAIR256
- };
+ module.exports.PAIR256 = PAIR256;
}
[incubator-milagro-crypto-js] 03/03: removed some brower tests
Posted by km...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
kmccusker pushed a commit to branch issue7
in repository https://gitbox.apache.org/repos/asf/incubator-milagro-crypto-js.git
commit 65f4b6bc0b3d327c0716a9606fac8872882eb298
Author: Kealan McCusker <ke...@gmail.com>
AuthorDate: Wed Jun 26 14:43:04 2019 +0100
removed some brower tests
---
examples/browser/example_AES_ENCRYPTION.html | 149 -----------
examples/browser/example_DVS_BLS381.html | 162 ------------
examples/browser/example_ECC_BLS381_NIST521.html | 217 ----------------
examples/browser/example_ECC_NIST256.html | 201 ---------------
examples/browser/example_HASH.html | 115 ---------
examples/browser/example_MPIN_BLS381.html | 224 -----------------
examples/browser/example_MPIN_FULL_BLS381.html | 272 ---------------------
examples/browser/example_MPIN_ONE_PASS_BLS381.html | 228 -----------------
examples/browser/example_MPIN_TP_BLS381.html | 210 ----------------
.../browser/example_RSA2048_ECDSA_NIST256.html | 211 ----------------
examples/browser/example_RSA2048_GENKEY.html | 176 -------------
11 files changed, 2165 deletions(-)
diff --git a/examples/browser/example_AES_ENCRYPTION.html b/examples/browser/example_AES_ENCRYPTION.html
deleted file mode 100644
index 288ce63..0000000
--- a/examples/browser/example_AES_ENCRYPTION.html
+++ /dev/null
@@ -1,149 +0,0 @@
-<!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN>
-<html>
-<head>
-<title>Browser test</title>
-<script src="src/rand.js"></script>
-<script src="src/rom_curve.js"></script>
-<script src="src/rom_field.js"></script>
-<script src="src/uint64.js"></script>
-<script src="src/aes.js"></script>
-<script src="src/big.js"></script>
-<script src="src/gcm.js"></script>
-<script src="src/hash256.js"></script>
-<script src="src/hash384.js"></script>
-<script src="src/hash512.js"></script>
-<script src="src/sha3.js"></script>
-<script src="src/newhope.js"></script>
-<script src="src/nhs.js"></script>
-<script src="src/fp.js"></script>
-<script src="src/fp2.js"></script>
-<script src="src/fp4.js"></script>
-<script src="src/fp12.js"></script>
-<script src="src/ff.js"></script>
-<script src="src/rsa.js"></script>
-<script src="src/ecp.js"></script>
-<script src="src/ecp2.js"></script>
-<script src="src/ecdh.js"></script>
-<script src="src/pair.js"></script>
-<script src="src/mpin.js"></script>
-<script src="src/ctx.js"></script>
-</head>
-
-<body>
-<h1>Browser test</h1>
-
-<script type="text/javascript">
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-/* Test HASH function - test driver and function exerciser for SHA256, SHA384, SHA512 API Functions */
-
-
-var ctx = new CTX();
-
-var bytestostring = function(b) {
- var s = "";
- var len = b.length;
- var ch;
-
- for (var i = 0; i < len; i++) {
- ch = b[i];
- s += ((ch >>> 4) & 15).toString(16);
- s += (ch & 15).toString(16);
- }
-
- return s;
-};
-
-var hextobytes = function(value_hex) {
- // "use strict";
- var len, byte_value, i;
-
- len = value_hex.length;
- byte_value = [];
-
- for (i = 0; i < len; i += 2) {
- byte_value[(i / 2)] = parseInt(value_hex.substr(i, 2), 16);
- }
-
- return byte_value;
-};
-
-var AES_ENCRYPT = function(mode, K, M) {
- /* Input is from an octet string M, output is to an octet string C */
- /* Input is padded as necessary to make up a full final block */
- var a = new ctx.AES();
- var fin;
- var i, j, ipt, opt;
- var buff = [];
- /*var clen=16+(Math.floor(M.length/16))*16;*/
-
- var C = [];
- var padlen;
-
- a.init(mode, K.length, K, null);
-
- ipt = opt = 0;
- fin = false;
- for (;;) {
- for (i = 0; i < 16; i++) {
- if (ipt < M.length) {
- buff[i] = M[ipt++];
- } else {
- fin = true;
- break;
- }
- }
- if (fin) {
- break;
- }
- a.encrypt(buff);
- for (i = 0; i < 16; i++) {
- C[opt++] = buff[i];
- }
- }
-
- /* last block, filled up to i-th index */
-
- padlen = 16 - i;
- for (j = i; j < 16; j++) {
- buff[j] = padlen;
- }
- a.encrypt(buff);
- for (i = 0; i < 16; i++) {
- C[opt++] = buff[i];
- }
- a.end();
- return C;
-};
-
-var KEY = "edfdb257cb37cdf182c5455b0c0efebb";
-
-console.log("Encryption Key: ", KEY);
-
-var PLAINTEXT = "1695fe475421cace3557daca01f445ff";
-
-console.log("Plaintext: ", PLAINTEXT);
-
-var Cout = AES_ENCRYPT(ctx.AES.ECB, hextobytes(KEY), hextobytes(PLAINTEXT));
-
-console.log("Ciphertext: ", bytestostring(Cout));
-</script>
-</body>
-</html>
diff --git a/examples/browser/example_DVS_BLS381.html b/examples/browser/example_DVS_BLS381.html
deleted file mode 100644
index ad11117..0000000
--- a/examples/browser/example_DVS_BLS381.html
+++ /dev/null
@@ -1,162 +0,0 @@
-<!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN>
-<html>
-<head>
-<title>Browser test</title>
-<script src="src/rand.js"></script>
-<script src="src/rom_curve.js"></script>
-<script src="src/rom_field.js"></script>
-<script src="src/uint64.js"></script>
-<script src="src/aes.js"></script>
-<script src="src/big.js"></script>
-<script src="src/gcm.js"></script>
-<script src="src/hash256.js"></script>
-<script src="src/hash384.js"></script>
-<script src="src/hash512.js"></script>
-<script src="src/sha3.js"></script>
-<script src="src/newhope.js"></script>
-<script src="src/nhs.js"></script>
-<script src="src/fp.js"></script>
-<script src="src/fp2.js"></script>
-<script src="src/fp4.js"></script>
-<script src="src/fp12.js"></script>
-<script src="src/ff.js"></script>
-<script src="src/rsa.js"></script>
-<script src="src/ecp.js"></script>
-<script src="src/ecp2.js"></script>
-<script src="src/ecdh.js"></script>
-<script src="src/pair.js"></script>
-<script src="src/mpin.js"></script>
-<script src="src/ctx.js"></script>
-</head>
-
-<body>
-<h1>Browser test</h1>
-
-<script type="text/javascript">
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-/* Test DVS - test driver and function exerciser for Designated Verifier Signature API Functions */
-
-
-var ctx = new CTX("BLS381");
-
-var RAW = [];
-var rng = new ctx.RAND();
-rng.clean();
-for (i = 0; i < 100; i++) {
- RAW[i] = i;
-}
-
-rng.seed(100, RAW);
-
-var res;
-
-var S = [];
-var SST = [];
-var TOKEN = [];
-var SEC = [];
-var xID = [];
-var X = [];
-var Y1 = [];
-var Y2 = [];
-var Z = [];
-var Pa = [];
-var U = [];
-
-var sha = ctx.ECP.HASH_TYPE;
-
-/* Trusted Authority set-up */
-ctx.MPIN.RANDOM_GENERATE(rng, S);
-console.log("M-Pin Master Secret s: 0x" + ctx.MPIN.bytestostring(S));
-
-/* Create Client Identity */
-var IDstr = "testuser@milagro.com";
-var CLIENT_ID = ctx.MPIN.stringtobytes(IDstr);
-
-console.log("Client ID= " + ctx.MPIN.bytestostring(CLIENT_ID));
-
-/* Generate random public key and z */
-res = ctx.MPIN.GET_DVS_KEYPAIR(rng, Z, Pa);
-if (res != 0) {
- console.log("Can't generate DVS keypair, error ", res);
-}
-
-console.log("Z: 0x" + ctx.MPIN.bytestostring(Z));
-console.log("Pa: 0x" + ctx.MPIN.bytestostring(Pa));
-
-/* Append Pa to ID */
-for (var i = 0; i < Pa.length; i++) {
- CLIENT_ID.push(Pa[i]);
-}
-console.log("ID|Pa: 0x" + ctx.MPIN.bytestostring(CLIENT_ID));
-/* Hash Client ID */
-var HCID = ctx.MPIN.HASH_ID(sha, CLIENT_ID);
-
-/* Client and Server are issued secrets by DTA */
-ctx.MPIN.GET_SERVER_SECRET(S, SST);
-console.log("Server Secret SS: 0x" + ctx.MPIN.bytestostring(SST));
-
-ctx.MPIN.GET_CLIENT_SECRET(S, HCID, TOKEN);
-console.log("Client Secret CS: 0x" + ctx.MPIN.bytestostring(TOKEN));
-
-/* Compute client secret for key escrow less scheme z.CS */
-res = ctx.MPIN.GET_G1_MULTIPLE(null, 0, Z, TOKEN, TOKEN);
-if (res != 0) {
- console.log("Failed to compute z.CS, error ", res);
-}
-console.log("z.CS: 0x" + ctx.MPIN.bytestostring(TOKEN));
-
-/* Client extracts PIN from secret to create Token */
-var pin = 1234;
-console.log("Client extracts PIN= " + pin);
-res = ctx.MPIN.EXTRACT_PIN(sha, CLIENT_ID, pin, TOKEN);
-if (res != 0) {
- console.log("Failed to extract PIN, Error: ", res);
-}
-
-console.log("Client Token TK: 0x" + ctx.MPIN.bytestostring(TOKEN));
-
-var timeValue = ctx.MPIN.GET_TIME();
-
-var message = "Message to sign";
-
-res = ctx.MPIN.CLIENT(sha, 0, CLIENT_ID, rng, X, pin, TOKEN, SEC, U, null, null, timeValue, Y1, message);
-if (res != 0) {
- console.log("Failed to extract PIN, error ", res);
-}
-
-console.log("U: 0x" + ctx.MPIN.bytestostring(U));
-
-console.log("Y1: 0x" + ctx.MPIN.bytestostring(Y1));
-console.log("V: 0x" + ctx.MPIN.bytestostring(SEC));
-
-/* Server */
-res = ctx.MPIN.SERVER(sha, 0, xID, null, Y2, SST, U, null, SEC, null, null, CLIENT_ID, timeValue, message, Pa);
-console.log("Y2: 0x" + ctx.MPIN.bytestostring(Y2));
-
-if (res != 0) {
- console.log("FAILURE Signature Verification, error", res);
-} else {
- console.log("SUCCESS Error Code ", res);
-}
-
-</script>
-</body>
-</html>
diff --git a/examples/browser/example_ECC_BLS381_NIST521.html b/examples/browser/example_ECC_BLS381_NIST521.html
deleted file mode 100644
index 43a4057..0000000
--- a/examples/browser/example_ECC_BLS381_NIST521.html
+++ /dev/null
@@ -1,217 +0,0 @@
-<!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN>
-<html>
-<head>
-<title>Browser test</title>
-<script src="src/rand.js"></script>
-<script src="src/rom_curve.js"></script>
-<script src="src/rom_field.js"></script>
-<script src="src/uint64.js"></script>
-<script src="src/aes.js"></script>
-<script src="src/big.js"></script>
-<script src="src/gcm.js"></script>
-<script src="src/hash256.js"></script>
-<script src="src/hash384.js"></script>
-<script src="src/hash512.js"></script>
-<script src="src/sha3.js"></script>
-<script src="src/newhope.js"></script>
-<script src="src/nhs.js"></script>
-<script src="src/fp.js"></script>
-<script src="src/fp2.js"></script>
-<script src="src/fp4.js"></script>
-<script src="src/fp12.js"></script>
-<script src="src/ff.js"></script>
-<script src="src/rsa.js"></script>
-<script src="src/ecp.js"></script>
-<script src="src/ecp2.js"></script>
-<script src="src/ecdh.js"></script>
-<script src="src/pair.js"></script>
-<script src="src/mpin.js"></script>
-<script src="src/ctx.js"></script>
-</head>
-
-<body>
-<h1>Browser test</h1>
-
-<script type="text/javascript">
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-
-/* Test ECC - test driver and function exerciser for ECDH/ECIES/ECDSA API Functions */
-
-
-var ctx1 = new CTX("BLS381");
-var ctx2 = new CTX("NIST521");
-
-console.log("Start testing BLS381");
-
-var pp = "M0ng00se",
- res,
- i;
-
-var S1 = [];
-var W0 = [];
-var W1 = [];
-var Z0 = [];
-var Z1 = [];
-var RAW = [];
-var SALT = [];
-
-var rng = new ctx1.RAND();
-
-rng.clean();
-for (i = 0; i < 100; i++) {
- RAW[i] = i;
-}
-
-rng.seed(100, RAW);
-
-
-for (i = 0; i < 8; i++) {
- SALT[i] = (i + 1);
-} // set Salt
-
-console.log("Alice's Passphrase= " + pp);
-
-var PW = ctx1.ECDH.stringtobytes(pp);
-// private key S0 of size EGS bytes derived from Password and Salt
-var S0 = ctx1.ECDH.PBKDF2(ctx1.ECP.HASH_TYPE, PW, SALT, 1000, ctx1.ECP.AESKEY);
-
-console.log("Alice's private key= 0x" + ctx1.ECDH.bytestostring(S0));
-// Generate Key pair S/W
-ctx1.ECDH.KEY_PAIR_GENERATE(null, S0, W0);
-
-//console.log("Alice's public key= 0x" + ctx1.ECDH.bytestostring(W0));
-
-res = ctx1.ECDH.PUBLIC_KEY_VALIDATE(W0);
-if (res != 0) {
- console.error("ECP_ZZZ Public Key is invalid!");
-}
-// Random private key for other party
-ctx1.ECDH.KEY_PAIR_GENERATE(rng, S1, W1);
-
-console.log("Servers private key= 0x" + ctx1.ECDH.bytestostring(S1));
-//console.log("Servers public key= 0x" + ctx1.ECDH.bytestostring(W1));
-
-res = ctx1.ECDH.PUBLIC_KEY_VALIDATE(W1);
-if (res != 0) {
- console.error("ECP_ZZZ Public Key is invalid!");
-}
-
-// Calculate common key using DH - IEEE 1363 method
-
-ctx1.ECDH.ECPSVDP_DH(S0, W1, Z0);
-ctx1.ECDH.ECPSVDP_DH(S1, W0, Z1);
-
-var same = true;
-for (i = 0; i < ctx1.ECDH.EFS; i++) {
- if (Z0[i] != Z1[i]) {
- same = false;
- }
-}
-
-if (!same) {
- console.error("ECP_ZZZSVDP-DH Failed");
-}
-
-var KEY = ctx1.ECDH.KDF2(ctx1.ECP.HASH_TYPE, Z0, null, ctx1.ECP.AESKEY);
-
-console.log("Alice's ECDH Key= 0x" + ctx1.ECDH.bytestostring(KEY));
-console.log("Servers ECDH Key= 0x" + ctx1.ECDH.bytestostring(KEY));
-
-
-console.log("\ntart testing NIST251");
-
-var i,
- res;
-var pp = "M0ng00se";
-
-var S1 = [];
-var W0 = [];
-var W1 = [];
-var Z0 = [];
-var Z1 = [];
-var RAW = [];
-var SALT = [];
-
-var rng = new ctx2.RAND();
-
-rng.clean();
-for (i = 0; i < 100; i++) {
- RAW[i] = i;
-}
-
-rng.seed(100, RAW);
-
-for (i = 0; i < 8; i++) {
- SALT[i] = (i + 1);
-} // set Salt
-
-console.log("Alice's Passphrase= " + pp);
-
-var PW = ctx2.ECDH.stringtobytes(pp);
-// private key S0 of size EGS bytes derived from Password and Salt
-var S0 = ctx2.ECDH.PBKDF2(ctx2.ECP.HASH_TYPE, PW, SALT, 1000, ctx1.ECDH.EGS);
-
-console.log("Alice's private key= 0x" + ctx2.ECDH.bytestostring(S0));
-// Generate Key pair S/W
-ctx2.ECDH.KEY_PAIR_GENERATE(null, S0, W0);
-
-//console.log("Alice's public key= 0x" + ctx2.ECDH.bytestostring(W0));
-
-res = ctx2.ECDH.PUBLIC_KEY_VALIDATE(W0);
-if (res != 0) {
- console.error("ECP_ZZZ Public Key is invalid!");
-}
-// Random private key for other party
-ctx2.ECDH.KEY_PAIR_GENERATE(rng, S1, W1);
-
-console.log("Servers private key= 0x" + ctx2.ECDH.bytestostring(S1));
-//console.log("Servers public key= 0x" + ctx2.ECDH.bytestostring(W1));
-
-res = ctx2.ECDH.PUBLIC_KEY_VALIDATE(W1);
-if (res != 0) {
- console.error("ECP_ZZZ Public Key is invalid!");
-}
-
-// Calculate common key using DH - IEEE 1363 method
-
-ctx2.ECDH.ECPSVDP_DH(S0, W1, Z0);
-ctx2.ECDH.ECPSVDP_DH(S1, W0, Z1);
-
-var same = true;
-for (i = 0; i < ctx2.ECDH.EFS; i++) {
- if (Z0[i] != Z1[i]) {
- same = false;
- }
-}
-
-if (!same) {
- console.error("ECP_ZZZSVDP-DH Failed");
-}
-
-var KEY = ctx2.ECDH.KDF2(ctx2.ECP.HASH_TYPE, Z0, null, ctx2.ECP.AESKEY);
-
-console.log("Alice's ECDH Key= 0x" + ctx2.ECDH.bytestostring(KEY));
-console.log("Servers ECDH Key= 0x" + ctx2.ECDH.bytestostring(KEY));
-
-console.log("SUCCESS");
-</script>
-</body>
-</html>
diff --git a/examples/browser/example_ECC_NIST256.html b/examples/browser/example_ECC_NIST256.html
deleted file mode 100644
index fec675f..0000000
--- a/examples/browser/example_ECC_NIST256.html
+++ /dev/null
@@ -1,201 +0,0 @@
-<!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN>
-<html>
-<head>
-<title>Browser test</title>
-<script src="src/rand.js"></script>
-<script src="src/rom_curve.js"></script>
-<script src="src/rom_field.js"></script>
-<script src="src/uint64.js"></script>
-<script src="src/aes.js"></script>
-<script src="src/big.js"></script>
-<script src="src/gcm.js"></script>
-<script src="src/hash256.js"></script>
-<script src="src/hash384.js"></script>
-<script src="src/hash512.js"></script>
-<script src="src/sha3.js"></script>
-<script src="src/newhope.js"></script>
-<script src="src/nhs.js"></script>
-<script src="src/fp.js"></script>
-<script src="src/fp2.js"></script>
-<script src="src/fp4.js"></script>
-<script src="src/fp12.js"></script>
-<script src="src/ff.js"></script>
-<script src="src/rsa.js"></script>
-<script src="src/ecp.js"></script>
-<script src="src/ecp2.js"></script>
-<script src="src/ecdh.js"></script>
-<script src="src/pair.js"></script>
-<script src="src/mpin.js"></script>
-<script src="src/ctx.js"></script>
-</head>
-
-<body>
-<h1>Browser test</h1>
-
-<script type="text/javascript">
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-
-/* Test ECC - test driver and function exerciser for ECDH/ECIES/ECDSA API Functions */
-
-
-console.log("Start testing ECDH with NIST256");
-
-var ctx = new CTX("NIST256");
-
-var i,
- res;
-var pp = "M0ng00se";
-
-var EGS = ctx.ECP.AESKEY;
-var sha = ctx.ECP.HASH_TYPE;
-
-var S1 = [];
-var W0 = [];
-var W1 = [];
-var Z0 = [];
-var Z1 = [];
-var RAW = [];
-var SALT = [];
-var P1 = [];
-var P2 = [];
-var V = [];
-var M = [];
-var T = new Array(12); // must specify required length
-var CS = [];
-var DS = [];
-
-var rng = new ctx.RAND();
-
-rng.clean();
-for (i = 0; i < 100; i++) {
- RAW[i] = i;
-}
-
-rng.seed(100, RAW);
-
-
-for (i = 0; i < 8; i++) {
- SALT[i] = (i + 1);
-} // set Salt
-
-console.log("Alice's Passphrase= " + pp);
-
-var PW = ctx.ECDH.stringtobytes(pp);
-// private key S0 of size EGS bytes derived from Password and Salt
-var S0 = ctx.ECDH.PBKDF2(sha, PW, SALT, 1000, EGS);
-
-console.log("Alice's private key= 0x" + ctx.ECDH.bytestostring(S0));
-// Generate Key pair S/W
-ctx.ECDH.KEY_PAIR_GENERATE(null, S0, W0);
-
-console.log("Alice's public key= 0x" + ctx.ECDH.bytestostring(W0));
-
-res = ctx.ECDH.PUBLIC_KEY_VALIDATE(W0);
-if (res != 0) {
- console.error("ECP Public Key is invalid!");
-}
-// Random private key for other party
-ctx.ECDH.KEY_PAIR_GENERATE(rng, S1, W1);
-
-console.log("Servers private key= 0x" + ctx.ECDH.bytestostring(S1));
-console.log("Servers public key= 0x" + ctx.ECDH.bytestostring(W1));
-
-res = ctx.ECDH.PUBLIC_KEY_VALIDATE(W1);
-if (res != 0) {
- console.error("ECP Public Key is invalid!");
-}
-
-// Calculate common key using DH - IEEE 1363 method
-
-ctx.ECDH.ECPSVDP_DH(S0, W1, Z0);
-ctx.ECDH.ECPSVDP_DH(S1, W0, Z1);
-
-var same = true;
-for (i = 0; i < ctx.ECDH.EFS; i++) {
- if (Z0[i] != Z1[i]) {
- same = false;
- }
-}
-
-if (!same) {
- console.error("ECPSVDP-DH Failed");
-}
-
-var KEY = ctx.ECDH.KDF2(sha, Z0, null, ctx.ECDH.EAS);
-
-console.log("Alice's ECDH Key= 0x" + ctx.ECDH.bytestostring(KEY));
-console.log("Servers ECDH Key= 0x" + ctx.ECDH.bytestostring(KEY));
-
-if (ctx.ECP.CURVETYPE != ctx.ECP.MONTGOMERY) {
- console.log("Testing ECIES");
-
- P1[0] = 0x0;
- P1[1] = 0x1;
- P1[2] = 0x2;
- P2[0] = 0x0;
- P2[1] = 0x1;
- P2[2] = 0x2;
- P2[3] = 0x3;
-
- for (i = 0; i <= 16; i++) {
- M[i] = i;
- }
-
- var C = ctx.ECDH.ECIES_ENCRYPT(sha, P1, P2, rng, W1, M, V, T);
-
- console.log("Ciphertext= ");
- console.log("V= 0x" + ctx.ECDH.bytestostring(V));
- console.log("C= 0x" + ctx.ECDH.bytestostring(C));
- console.log("T= 0x" + ctx.ECDH.bytestostring(T));
-
-
- M = ctx.ECDH.ECIES_DECRYPT(sha, P1, P2, V, C, T, S1);
- if (M.length == 0) {
- console.error("ECIES Decryption Failed");
- } else {
- console.log("Decryption succeeded");
- }
-
- console.log("Message is 0x" + ctx.ECDH.bytestostring(M));
-
- console.log("Testing ECDSA");
-
- if (ctx.ECDH.ECPSP_DSA(sha, rng, S0, M, CS, DS) != 0) {
- console.error("ECDSA Signature Failed");
- }
-
- console.log("Signature= ");
- console.log("C= 0x" + ctx.ECDH.bytestostring(CS));
- console.log("D= 0x" + ctx.ECDH.bytestostring(DS));
-
- if (ctx.ECDH.ECPVP_DSA(sha, W0, M, CS, DS) != 0) {
- console.error("ECDSA Verification Failed");
- } else {
- console.log("ECDSA Signature/Verification succeeded");
- }
-}
-
-rng.clean();
-
-console.log("SUCCESS");
-</script>
-</body>
-</html>
diff --git a/examples/browser/example_HASH.html b/examples/browser/example_HASH.html
deleted file mode 100644
index 60754a4..0000000
--- a/examples/browser/example_HASH.html
+++ /dev/null
@@ -1,115 +0,0 @@
-<!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN>
-<html>
-<head>
-<title>Browser test</title>
-<script src="src/rand.js"></script>
-<script src="src/rom_curve.js"></script>
-<script src="src/rom_field.js"></script>
-<script src="src/uint64.js"></script>
-<script src="src/aes.js"></script>
-<script src="src/big.js"></script>
-<script src="src/gcm.js"></script>
-<script src="src/hash256.js"></script>
-<script src="src/hash384.js"></script>
-<script src="src/hash512.js"></script>
-<script src="src/sha3.js"></script>
-<script src="src/newhope.js"></script>
-<script src="src/nhs.js"></script>
-<script src="src/fp.js"></script>
-<script src="src/fp2.js"></script>
-<script src="src/fp4.js"></script>
-<script src="src/fp12.js"></script>
-<script src="src/ff.js"></script>
-<script src="src/rsa.js"></script>
-<script src="src/ecp.js"></script>
-<script src="src/ecp2.js"></script>
-<script src="src/ecdh.js"></script>
-<script src="src/pair.js"></script>
-<script src="src/mpin.js"></script>
-<script src="src/ctx.js"></script>
-</head>
-
-<body>
-<h1>Browser test</h1>
-
-<script type="text/javascript">
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-/* Example Hash functions */
-
-
-var ctx = new CTX();
-
-var bytestostring = function(b) {
- var s = "";
- var len = b.length;
- var ch;
-
- for (var i = 0; i < len; i++) {
- ch = b[i];
- s += ((ch >>> 4) & 15).toString(16);
- s += (ch & 15).toString(16);
- }
- return s;
-};
-
-var stringtobytes = function(s) {
- var b = [];
- for (var i = 0; i < s.length; i++) {
- b.push(s.charCodeAt(i));
- }
- return b;
-};
-
-var hashit = function(sha, B) {
- var R = [],
- H;
-
- if (sha == ctx.HASH256.len) {
- H = new ctx.HASH256();
- } else if (sha == ctx.HASH384.len) {
- H = new ctx.HASH384();
- } else if (sha == ctx.HASH512.len) {
- H = new ctx.HASH512();
- }
-
- H.process_array(B);
- R = H.hash();
-
- if (R.length == 0) {
- return null;
- }
-
- return R;
-};
-
-var to_hash = "test hash";
-
-console.log("String to hash: ", to_hash);
-
-var hashed = hashit(ctx.HASH256.len, stringtobytes(to_hash));
-console.log("SHA256: ", bytestostring(hashed));
-hashed = hashit(ctx.HASH384.len, stringtobytes(to_hash));
-console.log("SHA384: ", bytestostring(hashed));
-hashed = hashit(ctx.HASH512.len, stringtobytes(to_hash));
-console.log("SHA512: ", bytestostring(hashed));
-</script>
-</body>
-</html>
diff --git a/examples/browser/example_MPIN_BLS381.html b/examples/browser/example_MPIN_BLS381.html
deleted file mode 100644
index 08d54cd..0000000
--- a/examples/browser/example_MPIN_BLS381.html
+++ /dev/null
@@ -1,224 +0,0 @@
-<!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN>
-<html>
-<head>
-<title>Browser test</title>
-<script src="src/rand.js"></script>
-<script src="src/rom_curve.js"></script>
-<script src="src/rom_field.js"></script>
-<script src="src/uint64.js"></script>
-<script src="src/aes.js"></script>
-<script src="src/big.js"></script>
-<script src="src/gcm.js"></script>
-<script src="src/hash256.js"></script>
-<script src="src/hash384.js"></script>
-<script src="src/hash512.js"></script>
-<script src="src/sha3.js"></script>
-<script src="src/newhope.js"></script>
-<script src="src/nhs.js"></script>
-<script src="src/fp.js"></script>
-<script src="src/fp2.js"></script>
-<script src="src/fp4.js"></script>
-<script src="src/fp12.js"></script>
-<script src="src/ff.js"></script>
-<script src="src/rsa.js"></script>
-<script src="src/ecp.js"></script>
-<script src="src/ecp2.js"></script>
-<script src="src/ecdh.js"></script>
-<script src="src/pair.js"></script>
-<script src="src/mpin.js"></script>
-<script src="src/ctx.js"></script>
-</head>
-
-<body>
-<h1>Browser test</h1>
-
-<script type="text/javascript">
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-/* Test MPIN - test driver and function exerciser for MPIN API Functions */
-
-
-var ctx = new CTX("BLS381");
-
-/* Test M-Pin */
-
-var RAW = [];
-var i;
-var rng = new ctx.RAND();
-rng.clean();
-for (i = 0; i < 100; i++) {
- RAW[i] = i;
-}
-
-rng.seed(100, RAW);
-
-var sha = ctx.ECP.HASH_TYPE;
-
-var S = [];
-var SST = [];
-var TOKEN = [];
-var PERMIT = [];
-var SEC = [];
-var xID = [];
-var xCID = [];
-var X = [];
-var Y = [];
-var E = [];
-var F = [];
-var HCID = [];
-var HID = [];
-var HTID = [];
-
-/* Set configuration */
-var PINERROR = true;
-var ONE_PASS = false;
-
-/* Trusted Authority set-up */
-ctx.MPIN.RANDOM_GENERATE(rng, S);
-console.log("M-Pin Master Secret s: 0x" + ctx.MPIN.bytestostring(S));
-
-/* Create Client Identity */
-var IDstr = "testUser@milagro.com";
-var CLIENT_ID = ctx.MPIN.stringtobytes(IDstr);
-HCID = ctx.MPIN.HASH_ID(sha, CLIENT_ID); /* Either Client or TA calculates Hash(ID) - you decide! */
-
-console.log("Client ID= " + ctx.MPIN.bytestostring(CLIENT_ID));
-
-/* Client and Server are issued secrets by DTA */
-ctx.MPIN.GET_SERVER_SECRET(S, SST);
-console.log("Server Secret SS: 0x" + ctx.MPIN.bytestostring(SST));
-
-ctx.MPIN.GET_CLIENT_SECRET(S, HCID, TOKEN);
-console.log("Client Secret CS: 0x" + ctx.MPIN.bytestostring(TOKEN));
-
-/* Client extracts PIN from secret to create Token */
-var pin = 1234;
-console.log("Client extracts PIN= " + pin);
-var rtn = ctx.MPIN.EXTRACT_PIN(sha, CLIENT_ID, pin, TOKEN);
-if (rtn != 0) {
- console.log("Failed to extract PIN ");
-}
-
-console.log("Client Token TK: 0x" + ctx.MPIN.bytestostring(TOKEN));
-
-var date = 0;
-
-pin = 1234;
-
-/* Set date=0 and PERMIT=null if time permits not in use
-
-Client First pass: Inputs CLIENT_ID, optional RNG, pin, TOKEN and PERMIT. Output xID = x.H(CLIENT_ID) and re-combined secret SEC
-If PERMITS are is use, then date!=0 and PERMIT is added to secret and xCID = x.(H(CLIENT_ID)+H_T(date|H(CLIENT_ID)))
-ctx.RANDom value x is supplied externally if RNG=null, otherwise generated and passed out by RNG
-
-If Time Permits OFF set xCID = null, HTID=null and use xID and HID only
-If Time permits are ON, AND pin error detection is required then all of xID, xCID, HID and HTID are required
-If Time permits are ON, AND pin error detection is NOT required, set xID=null, HID=null and use xCID and HTID only.
-
-
-*/
-var pxID = xID;
-var pxCID = xCID;
-var pHID = HID;
-var pHTID = HTID;
-var pE = E;
-var pF = F;
-var pPERMIT = PERMIT;
-
-if (date != 0) {
- if (!PINERROR) {
- pxID = null;
- // pHID=null;
- }
-} else {
- pPERMIT = null;
- pxCID = null;
- pHTID = null;
-}
-
-if (!PINERROR) {
- pE = null;
- pF = null;
-}
-
-if (ONE_PASS) {
- console.log("MPIN Single Pass ");
- var timeValue = ctx.MPIN.GET_TIME();
- console.log("Epoch " + timeValue);
-
- rtn = ctx.MPIN.CLIENT(sha, date, CLIENT_ID, rng, X, pin, TOKEN, SEC, pxID, pxCID, pPERMIT, timeValue, Y);
-
- if (rtn != 0) {
- console.error("FAILURE: CLIENT rtn: " + rtn);
- process.exit(-1);
- }
- rtn = ctx.MPIN.SERVER(sha, date, pHID, pHTID, Y, SST, pxID, pxCID, SEC, pE, pF, CLIENT_ID, timeValue);
- if (rtn != 0) {
- console.error("FAILURE: SERVER rtn: " + rtn);
- process.exit(-1);
- }
-} else {
- console.log("MPIN Multi Pass ");
- rtn = ctx.MPIN.CLIENT_1(sha, date, CLIENT_ID, rng, X, pin, TOKEN, SEC, pxID, pxCID, pPERMIT);
- if (rtn != 0) {
- console.error("FAILURE: CLIENT_1 rtn: " + rtn);
- process.exit(-1);
- }
-
- /* Server calculates H(ID) and H(T|H(ID)) (if time permits enabled), and maps them to points on the curve HID and HTID resp. */
- ctx.MPIN.SERVER_1(sha, date, CLIENT_ID, pHID, pHTID);
-
- /* Server generates ctx.RANDom number Y and sends it to Client */
- ctx.MPIN.RANDOM_GENERATE(rng, Y);
-
- /* Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */
- rtn = ctx.MPIN.CLIENT_2(X, Y, SEC);
- if (rtn != 0) {
- console.error("FAILURE: CLIENT_2 rtn: " + rtn);
- process.exit(-1);
- }
- /* Server Second pass. Inputs hashed client id, ctx.RANDom Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */
- /* If PIN error not required, set E and F = NULL */
- rtn = ctx.MPIN.SERVER_2(date, pHID, pHTID, Y, SST, pxID, pxCID, SEC, pE, pF);
-
- if (rtn != 0) {
- console.log("FAILURE: SERVER_1 rtn: " + rtn);
- process.exit(-1);
- }
-}
-
-
-if (rtn == ctx.MPIN.BAD_PIN) {
- console.log("Server says - Bad Pin.");
- if (PINERROR) {
- var err = ctx.MPIN.KANGAROO(E, F);
- if (err != 0) {
- console.log("(Client PIN is out by " + err + ")");
- process.exit(-1);
- }
- }
-} else {
- console.log("Server says - PIN is good! You really are " + IDstr);
-}
-
-console.log("SUCCESS");
-</script>
-</body>
-</html>
diff --git a/examples/browser/example_MPIN_FULL_BLS381.html b/examples/browser/example_MPIN_FULL_BLS381.html
deleted file mode 100644
index d95979f..0000000
--- a/examples/browser/example_MPIN_FULL_BLS381.html
+++ /dev/null
@@ -1,272 +0,0 @@
-<!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN>
-<html>
-<head>
-<title>Browser test</title>
-<script src="src/rand.js"></script>
-<script src="src/rom_curve.js"></script>
-<script src="src/rom_field.js"></script>
-<script src="src/uint64.js"></script>
-<script src="src/aes.js"></script>
-<script src="src/big.js"></script>
-<script src="src/gcm.js"></script>
-<script src="src/hash256.js"></script>
-<script src="src/hash384.js"></script>
-<script src="src/hash512.js"></script>
-<script src="src/sha3.js"></script>
-<script src="src/newhope.js"></script>
-<script src="src/nhs.js"></script>
-<script src="src/fp.js"></script>
-<script src="src/fp2.js"></script>
-<script src="src/fp4.js"></script>
-<script src="src/fp12.js"></script>
-<script src="src/ff.js"></script>
-<script src="src/rsa.js"></script>
-<script src="src/ecp.js"></script>
-<script src="src/ecp2.js"></script>
-<script src="src/ecdh.js"></script>
-<script src="src/pair.js"></script>
-<script src="src/mpin.js"></script>
-<script src="src/ctx.js"></script>
-</head>
-
-<body>
-<h1>Browser test</h1>
-
-<script type="text/javascript">
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-/* Test MPIN - test driver and function exerciser for MPIN API Functions */
-
-
-var ctx = new CTX("BLS381");
-
-/* Test M-Pin */
-
-var RAW = [];
-var i;
-var rng = new ctx.RAND();
-rng.clean();
-for (i = 0; i < 100; i++) {
- RAW[i] = i;
-}
-rng.seed(100, RAW);
-
-var sha = ctx.ECP.HASH_TYPE;
-
-var S = [];
-var SST = [];
-var TOKEN = [];
-var PERMIT = [];
-var SEC = [];
-var xID = [];
-var xCID = [];
-var X = [];
-var Y = [];
-var E = [];
-var F = [];
-var HCID = [];
-var HID = [];
-var HTID = [];
-
-var G1 = [];
-var G2 = [];
-var R = [];
-var Z = [];
-var W = [];
-var T = [];
-var CK = [];
-var SK = [];
-
-var HSID = [];
-
-/* Set configuration */
-var PERMITS = true;
-var PINERROR = true;
-var ONE_PASS = false;
-
-
-/* Trusted Authority set-up */
-ctx.MPIN.RANDOM_GENERATE(rng, S);
-console.log("M-Pin Master Secret s: 0x" + ctx.MPIN.bytestostring(S));
-
-/* Create Client Identity */
-var IDstr = "testUser@milagro.com";
-var CLIENT_ID = ctx.MPIN.stringtobytes(IDstr);
-HCID = ctx.MPIN.HASH_ID(sha, CLIENT_ID); /* Either Client or TA calculates Hash(ID) - you decide! */
-
-console.log("Client ID= " + ctx.MPIN.bytestostring(CLIENT_ID));
-
-/* Client and Server are issued secrets by DTA */
-ctx.MPIN.GET_SERVER_SECRET(S, SST);
-console.log("Server Secret SS: 0x" + ctx.MPIN.bytestostring(SST));
-
-ctx.MPIN.GET_CLIENT_SECRET(S, HCID, TOKEN);
-console.log("Client Secret CS: 0x" + ctx.MPIN.bytestostring(TOKEN));
-
-/* Client extracts PIN from secret to create Token */
-var pin = 1234;
-console.log("Client extracts PIN= " + pin);
-var rtn = ctx.MPIN.EXTRACT_PIN(sha, CLIENT_ID, pin, TOKEN);
-if (rtn != 0) {
- console.log("Failed to extract PIN ");
-}
-
-console.log("Client Token TK: 0x" + ctx.MPIN.bytestostring(TOKEN));
-
-ctx.MPIN.PRECOMPUTE(TOKEN, HCID, G1, G2);
-
-var date;
-if (PERMITS) {
- date = ctx.MPIN.today();
- /* Client gets "Time Token" permit from DTA */
- ctx.MPIN.GET_CLIENT_PERMIT(sha, date, S, HCID, PERMIT);
- console.log("Time Permit TP: 0x" + ctx.MPIN.bytestostring(PERMIT));
-
- /* This encoding makes Time permit look ctx.RANDom - Elligator squared */
- ctx.MPIN.ENCODING(rng, PERMIT);
- console.log("Encoded Time Permit TP: 0x" + ctx.MPIN.bytestostring(PERMIT));
- ctx.MPIN.DECODING(PERMIT);
- console.log("Decoded Time Permit TP: 0x" + ctx.MPIN.bytestostring(PERMIT));
-} else {
- date = 0;
-}
-
-pin = 1234;
-
-/* Set date=0 and PERMIT=null if time permits not in use
-
-Client First pass: Inputs CLIENT_ID, optional RNG, pin, TOKEN and PERMIT. Output xID = x.H(CLIENT_ID) and re-combined secret SEC
-If PERMITS are is use, then date!=0 and PERMIT is added to secret and xCID = x.(H(CLIENT_ID)+H_T(date|H(CLIENT_ID)))
-ctx.RANDom value x is supplied externally if RNG=null, otherwise generated and passed out by RNG
-
-If Time Permits OFF set xCID = null, HTID=null and use xID and HID only
-If Time permits are ON, AND pin error detection is required then all of xID, xCID, HID and HTID are required
-If Time permits are ON, AND pin error detection is NOT required, set xID=null, HID=null and use xCID and HTID only.
-
-
-*/
-var pxID = xID;
-var pxCID = xCID;
-var pHID = HID;
-var pHTID = HTID;
-var pE = E;
-var pF = F;
-var pPERMIT = PERMIT;
-var prHID;
-
-if (date != 0) {
- prHID = pHTID;
- if (!PINERROR) {
- pxID = null;
- // pHID=null;
- }
-} else {
- prHID = pHID;
- pPERMIT = null;
- pxCID = null;
- pHTID = null;
-}
-if (!PINERROR) {
- pE = null;
- pF = null;
-}
-
-if (ONE_PASS) {
- console.log("MPIN Single Pass ");
- var timeValue = ctx.MPIN.GET_TIME();
- console.log("Epoch " + timeValue);
-
- rtn = ctx.MPIN.CLIENT(sha, date, CLIENT_ID, rng, X, pin, TOKEN, SEC, pxID, pxCID, pPERMIT, timeValue, Y);
-
- if (rtn != 0) {
- console.error("FAILURE: CLIENT rtn: " + rtn);
- process.exit(-1);
- }
- HCID = ctx.MPIN.HASH_ID(sha, CLIENT_ID);
- ctx.MPIN.GET_G1_MULTIPLE(rng, 1, R, HCID, Z); /* Also Send Z=r.ID to Server, remember ctx.RANDom r */
-
- rtn = ctx.MPIN.SERVER(sha, date, pHID, pHTID, Y, SST, pxID, pxCID, SEC, pE, pF, CLIENT_ID, timeValue);
- if (rtn != 0) {
- console.error("FAILURE: SERVER rtn: " + rtn);
- process.exit(-1);
- }
- HSID = ctx.MPIN.HASH_ID(sha, CLIENT_ID);
- ctx.MPIN.GET_G1_MULTIPLE(rng, 0, W, prHID, T); /* Also send T=w.ID to client, remember ctx.RANDom w */
-} else {
- console.log("MPIN Multi Pass ");
- rtn = ctx.MPIN.CLIENT_1(sha, date, CLIENT_ID, rng, X, pin, TOKEN, SEC, pxID, pxCID, pPERMIT);
- if (rtn != 0) {
- console.error("FAILURE: CLIENT_1 rtn: " + rtn);
- process.exit(-1);
- }
- HCID = ctx.MPIN.HASH_ID(sha, CLIENT_ID);
- ctx.MPIN.GET_G1_MULTIPLE(rng, 1, R, HCID, Z); /* Also Send Z=r.ID to Server, remember ctx.RANDom r */
-
- /* Server calculates H(ID) and H(T|H(ID)) (if time permits enabled), and maps them to points on the curve HID and HTID resp. */
- ctx.MPIN.SERVER_1(sha, date, CLIENT_ID, pHID, pHTID);
-
- /* Server generates ctx.RANDom number Y and sends it to Client */
- ctx.MPIN.RANDOM_GENERATE(rng, Y);
-
- HSID = ctx.MPIN.HASH_ID(sha, CLIENT_ID);
- ctx.MPIN.GET_G1_MULTIPLE(rng, 0, W, prHID, T); /* Also send T=w.ID to client, remember ctx.RANDom w */
-
- /* Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */
- rtn = ctx.MPIN.CLIENT_2(X, Y, SEC);
- if (rtn != 0) {
- console.error("FAILURE: CLIENT_2 rtn: " + rtn);
- process.exit(-1);
- }
- /* Server Second pass. Inputs hashed client id, ctx.RANDom Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */
- /* If PIN error not required, set E and F = NULL */
- rtn = ctx.MPIN.SERVER_2(date, pHID, pHTID, Y, SST, pxID, pxCID, SEC, pE, pF);
-
- if (rtn != 0) {
- console.error("FAILURE: SERVER_1 rtn: " + rtn);
- process.exit(-1);
- }
-}
-
-
-if (rtn == ctx.MPIN.BAD_PIN) {
- console.log("Server says - Bad Pin.");
- if (PINERROR) {
- var err = ctx.MPIN.KANGAROO(E, F);
- if (err != 0) {
- console.error("(Client PIN is out by " + err + ")");
- process.exit(-1);
- }
- }
-} else {
- console.log("Server says - PIN is good! You really are " + IDstr);
-
- var H = ctx.MPIN.HASH_ALL(sha, HCID, pxID, pxCID, SEC, Y, Z, T);
- ctx.MPIN.CLIENT_KEY(sha, G1, G2, pin, R, X, H, T, CK);
-
- console.log("Client Key = 0x" + ctx.MPIN.bytestostring(CK));
- H = ctx.MPIN.HASH_ALL(sha, HSID, pxID, pxCID, SEC, Y, Z, T);
- ctx.MPIN.SERVER_KEY(sha, Z, SST, W, H, pHID, pxID, pxCID, SK);
- console.log("Server Key = 0x" + ctx.MPIN.bytestostring(SK));
-}
-
-console.log("SUCCESS");
-</script>
-</body>
-</html>
diff --git a/examples/browser/example_MPIN_ONE_PASS_BLS381.html b/examples/browser/example_MPIN_ONE_PASS_BLS381.html
deleted file mode 100644
index 9d43ab6..0000000
--- a/examples/browser/example_MPIN_ONE_PASS_BLS381.html
+++ /dev/null
@@ -1,228 +0,0 @@
-<!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN>
-<html>
-<head>
-<title>Browser test</title>
-<script src="src/rand.js"></script>
-<script src="src/rom_curve.js"></script>
-<script src="src/rom_field.js"></script>
-<script src="src/uint64.js"></script>
-<script src="src/aes.js"></script>
-<script src="src/big.js"></script>
-<script src="src/gcm.js"></script>
-<script src="src/hash256.js"></script>
-<script src="src/hash384.js"></script>
-<script src="src/hash512.js"></script>
-<script src="src/sha3.js"></script>
-<script src="src/newhope.js"></script>
-<script src="src/nhs.js"></script>
-<script src="src/fp.js"></script>
-<script src="src/fp2.js"></script>
-<script src="src/fp4.js"></script>
-<script src="src/fp12.js"></script>
-<script src="src/ff.js"></script>
-<script src="src/rsa.js"></script>
-<script src="src/ecp.js"></script>
-<script src="src/ecp2.js"></script>
-<script src="src/ecdh.js"></script>
-<script src="src/pair.js"></script>
-<script src="src/mpin.js"></script>
-<script src="src/ctx.js"></script>
-</head>
-
-<body>
-<h1>Browser test</h1>
-
-<script type="text/javascript">
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-/* Test MPIN - test driver and function exerciser for MPIN API Functions */
-
-
-var ctx = new CTX("BLS381");
-
-/* Test M-Pin */
-
-var RAW = [];
-var i;
-var rng = new ctx.RAND();
-rng.clean();
-for (i = 0; i < 100; i++) {
- RAW[i] = i;
-}
-
-rng.seed(100, RAW);
-
-var sha = ctx.ECP.HASH_TYPE;
-
-var S = [];
-var SST = [];
-var TOKEN = [];
-var PERMIT = [];
-var SEC = [];
-var xID = [];
-var xCID = [];
-var X = [];
-var Y = [];
-var E = [];
-var F = [];
-var HCID = [];
-var HID = [];
-var HTID = [];
-
-var G1 = [];
-var G2 = [];
-var R = [];
-var Z = [];
-var W = [];
-var T = [];
-var CK = [];
-var SK = [];
-
-var HSID = [];
-
-/* Set configuration */
-var PINERROR = true;
-var FULL = true;
-
-/* Trusted Authority set-up */
-ctx.MPIN.RANDOM_GENERATE(rng, S);
-console.log("M-Pin Master Secret s: 0x" + ctx.MPIN.bytestostring(S));
-
-/* Create Client Identity */
-var IDstr = "testUser@milagro.com";
-var CLIENT_ID = ctx.MPIN.stringtobytes(IDstr);
-HCID = ctx.MPIN.HASH_ID(sha, CLIENT_ID); /* Either Client or TA calculates Hash(ID) - you decide! */
-
-console.log("Client ID= " + ctx.MPIN.bytestostring(CLIENT_ID));
-
-/* Client and Server are issued secrets by DTA */
-ctx.MPIN.GET_SERVER_SECRET(S, SST);
-console.log("Server Secret SS: 0x" + ctx.MPIN.bytestostring(SST));
-
-ctx.MPIN.GET_CLIENT_SECRET(S, HCID, TOKEN);
-console.log("Client Secret CS: 0x" + ctx.MPIN.bytestostring(TOKEN));
-
-/* Client extracts PIN from secret to create Token */
-var pin = 1234;
-console.log("Client extracts PIN= " + pin);
-var rtn = ctx.MPIN.EXTRACT_PIN(sha, CLIENT_ID, pin, TOKEN);
-if (rtn != 0) {
- console.log("Failed to extract PIN ");
-}
-
-console.log("Client Token TK: 0x" + ctx.MPIN.bytestostring(TOKEN));
-
-if (FULL) {
- ctx.MPIN.PRECOMPUTE(TOKEN, HCID, G1, G2);
-}
-
-var date = 0;
-
-pin = 1234;
-
-/* Set date=0 and PERMIT=null if time permits not in use
-
-Client First pass: Inputs CLIENT_ID, optional RNG, pin, TOKEN and PERMIT. Output xID = x.H(CLIENT_ID) and re-combined secret SEC
-If PERMITS are is use, then date!=0 and PERMIT is added to secret and xCID = x.(H(CLIENT_ID)+H_T(date|H(CLIENT_ID)))
-ctx.RANDom value x is supplied externally if RNG=null, otherwise generated and passed out by RNG
-
-If Time Permits OFF set xCID = null, HTID=null and use xID and HID only
-If Time permits are ON, AND pin error detection is required then all of xID, xCID, HID and HTID are required
-If Time permits are ON, AND pin error detection is NOT required, set xID=null, HID=null and use xCID and HTID only.
-
-
-*/
-var pxID = xID;
-var pxCID = xCID;
-var pHID = HID;
-var pHTID = HTID;
-var pE = E;
-var pF = F;
-var pPERMIT = PERMIT;
-var prHID;
-
-if (date != 0) {
- prHID = pHTID;
- if (!PINERROR) {
- pxID = null;
- // pHID=null;
- }
-} else {
- prHID = pHID;
- pPERMIT = null;
- pxCID = null;
- pHTID = null;
-}
-if (!PINERROR) {
- pE = null;
- pF = null;
-}
-
-console.log("MPIN Single Pass ");
-var timeValue = ctx.MPIN.GET_TIME();
-console.log("Epoch " + timeValue);
-
-rtn = ctx.MPIN.CLIENT(sha, date, CLIENT_ID, rng, X, pin, TOKEN, SEC, pxID, pxCID, pPERMIT, timeValue, Y);
-
-if (rtn != 0) {
- console.error("FAILURE: CLIENT rtn: " + rtn);
- process.exit(-1);
-}
-if (FULL) {
- HCID = ctx.MPIN.HASH_ID(sha, CLIENT_ID);
- ctx.MPIN.GET_G1_MULTIPLE(rng, 1, R, HCID, Z); /* Also Send Z=r.ID to Server, remember ctx.RANDom r */
-}
-
-rtn = ctx.MPIN.SERVER(sha, date, pHID, pHTID, Y, SST, pxID, pxCID, SEC, pE, pF, CLIENT_ID, timeValue);
-if (rtn != 0) {
- console.error("FAILURE: SERVER rtn: " + rtn);
- process.exit(-1);
-}
-
-if (FULL) {
- HSID = ctx.MPIN.HASH_ID(sha, CLIENT_ID);
- ctx.MPIN.GET_G1_MULTIPLE(rng, 0, W, prHID, T); /* Also send T=w.ID to client, remember ctx.RANDom w */
-}
-
-if (rtn == ctx.MPIN.BAD_PIN) {
- console.log("Server says - Bad Pin.");
- if (PINERROR) {
- var err = ctx.MPIN.KANGAROO(E, F);
- if (err != 0) {
- console.log("(Client PIN is out by " + err + ")");
- process.exit(-1);
- }
- }
-} else {
- console.log("Server says - PIN is good! You really are " + IDstr);
- if (FULL) {
- var H = ctx.MPIN.HASH_ALL(sha, HCID, pxID, pxCID, SEC, Y, Z, T);
- ctx.MPIN.CLIENT_KEY(sha, G1, G2, pin, R, X, H, T, CK);
-
- console.log("Client Key = 0x" + ctx.MPIN.bytestostring(CK));
- H = ctx.MPIN.HASH_ALL(sha, HSID, pxID, pxCID, SEC, Y, Z, T);
- ctx.MPIN.SERVER_KEY(sha, Z, SST, W, H, pHID, pxID, pxCID, SK);
- console.log("Server Key = 0x" + ctx.MPIN.bytestostring(SK));
- }
-}
-console.log("SUCCESS");
-</script>
-</body>
-</html>
diff --git a/examples/browser/example_MPIN_TP_BLS381.html b/examples/browser/example_MPIN_TP_BLS381.html
deleted file mode 100644
index c29c250..0000000
--- a/examples/browser/example_MPIN_TP_BLS381.html
+++ /dev/null
@@ -1,210 +0,0 @@
-<!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN>
-<html>
-<head>
-<title>Browser test</title>
-<script src="src/rand.js"></script>
-<script src="src/rom_curve.js"></script>
-<script src="src/rom_field.js"></script>
-<script src="src/uint64.js"></script>
-<script src="src/aes.js"></script>
-<script src="src/big.js"></script>
-<script src="src/gcm.js"></script>
-<script src="src/hash256.js"></script>
-<script src="src/hash384.js"></script>
-<script src="src/hash512.js"></script>
-<script src="src/sha3.js"></script>
-<script src="src/newhope.js"></script>
-<script src="src/nhs.js"></script>
-<script src="src/fp.js"></script>
-<script src="src/fp2.js"></script>
-<script src="src/fp4.js"></script>
-<script src="src/fp12.js"></script>
-<script src="src/ff.js"></script>
-<script src="src/rsa.js"></script>
-<script src="src/ecp.js"></script>
-<script src="src/ecp2.js"></script>
-<script src="src/ecdh.js"></script>
-<script src="src/pair.js"></script>
-<script src="src/mpin.js"></script>
-<script src="src/ctx.js"></script>
-</head>
-
-<body>
-<h1>Browser test</h1>
-
-<script type="text/javascript">
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-/* Test MPIN - test driver and function exerciser for MPIN API Functions */
-
-
-var ctx = new CTX("BLS381");
-
-/* Test M-Pin */
-
-var RAW = [];
-var i;
-
-var rng = new ctx.RAND();
-rng.clean();
-for (i = 0; i < 100; i++) {
- RAW[i] = i;
-}
-
-rng.seed(100, RAW);
-
-var sha = ctx.ECP.HASH_TYPE;
-
-var S = [];
-var SST = [];
-var TOKEN = [];
-var PERMIT = [];
-var SEC = [];
-var xID = [];
-var xCID = [];
-var X = [];
-var Y = [];
-var E = [];
-var F = [];
-var HCID = [];
-var HID = [];
-var HTID = [];
-
-/* Set configuration */
-var PINERROR = true;
-
-/* Trusted Authority set-up */
-ctx.MPIN.RANDOM_GENERATE(rng, S);
-console.log("M-Pin Master Secret s: 0x" + ctx.MPIN.bytestostring(S));
-
-/* Create Client Identity */
-var IDstr = "testUser@milagro.com";
-var CLIENT_ID = ctx.MPIN.stringtobytes(IDstr);
-HCID = ctx.MPIN.HASH_ID(sha, CLIENT_ID); /* Either Client or TA calculates Hash(ID) - you decide! */
-
-console.log("Client ID= " + ctx.MPIN.bytestostring(CLIENT_ID));
-
-/* Client and Server are issued secrets by DTA */
-ctx.MPIN.GET_SERVER_SECRET(S, SST);
-console.log("Server Secret SS: 0x" + ctx.MPIN.bytestostring(SST));
-
-ctx.MPIN.GET_CLIENT_SECRET(S, HCID, TOKEN);
-console.log("Client Secret CS: 0x" + ctx.MPIN.bytestostring(TOKEN));
-
-/* Client extracts PIN from secret to create Token */
-var pin = 1234;
-console.log("Client extracts PIN= " + pin);
-var rtn = ctx.MPIN.EXTRACT_PIN(sha, CLIENT_ID, pin, TOKEN);
-if (rtn != 0) {
- console.log("Failed to extract PIN ");
-}
-
-console.log("Client Token TK: 0x" + ctx.MPIN.bytestostring(TOKEN));
-
-var date = ctx.MPIN.today();
-/* Client gets "Time Token" permit from DTA */
-ctx.MPIN.GET_CLIENT_PERMIT(sha, date, S, HCID, PERMIT);
-console.log("Time Permit TP: 0x" + ctx.MPIN.bytestostring(PERMIT));
-
-/* This encoding makes Time permit look ctx.RANDom - Elligator squared */
-ctx.MPIN.ENCODING(rng, PERMIT);
-console.log("Encoded Time Permit TP: 0x" + ctx.MPIN.bytestostring(PERMIT));
-ctx.MPIN.DECODING(PERMIT);
-console.log("Decoded Time Permit TP: 0x" + ctx.MPIN.bytestostring(PERMIT));
-
-pin = 1234;
-
-/* Set date=0 and PERMIT=null if time permits not in use
-
-Client First pass: Inputs CLIENT_ID, optional RNG, pin, TOKEN and PERMIT. Output xID = x.H(CLIENT_ID) and re-combined secret SEC
-If PERMITS are is use, then date!=0 and PERMIT is added to secret and xCID = x.(H(CLIENT_ID)+H_T(date|H(CLIENT_ID)))
-ctx.RANDom value x is supplied externally if RNG=null, otherwise generated and passed out by RNG
-
-If Time Permits OFF set xCID = null, HTID=null and use xID and HID only
-If Time permits are ON, AND pin error detection is required then all of xID, xCID, HID and HTID are required
-If Time permits are ON, AND pin error detection is NOT required, set xID=null, HID=null and use xCID and HTID only.
-
-
-*/
-var pxID = xID;
-var pxCID = xCID;
-var pHID = HID;
-var pHTID = HTID;
-var pE = E;
-var pF = F;
-var pPERMIT = PERMIT;
-
-if (date != 0) {
- if (!PINERROR) {
- pxID = null;
- // pHID=null;
- }
-} else {
- pPERMIT = null;
- pxCID = null;
- pHTID = null;
-}
-if (!PINERROR) {
- pE = null;
- pF = null;
-}
-
-console.log("MPIN Multi Pass ");
-rtn = ctx.MPIN.CLIENT_1(sha, date, CLIENT_ID, rng, X, pin, TOKEN, SEC, pxID, pxCID, pPERMIT);
-if (rtn != 0) {
- console.error("FAILURE: CLIENT_1 rtn: " + rtn);
- process.exit(-1);
-}
-/* Server calculates H(ID) and H(T|H(ID)) (if time permits enabled), and maps them to points on the curve HID and HTID resp. */
-ctx.MPIN.SERVER_1(sha, date, CLIENT_ID, pHID, pHTID);
-
-/* Server generates ctx.RANDom number Y and sends it to Client */
-ctx.MPIN.RANDOM_GENERATE(rng, Y);
-
-/* Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */
-rtn = ctx.MPIN.CLIENT_2(X, Y, SEC);
-if (rtn != 0) {
- console.error("FAILURE: CLIENT_2 rtn: " + rtn);
- process.exit(-1);
-}
-/* Server Second pass. Inputs hashed client id, ctx.RANDom Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */
-/* If PIN error not required, set E and F = NULL */
-rtn = ctx.MPIN.SERVER_2(date, pHID, pHTID, Y, SST, pxID, pxCID, SEC, pE, pF);
-
-if (rtn != 0) {
- console.error("FAILURE: SERVER_1 rtn: " + rtn);
- process.exit(-1);
-}
-if (rtn == ctx.MPIN.BAD_PIN) {
- console.log("Server says - Bad Pin.");
- if (PINERROR) {
- var err = ctx.MPIN.KANGAROO(E, F);
- if (err != 0) {
- console.log("(Client PIN is out by " + err + ")");
- }
- }
-} else {
- console.log("Server says - PIN is good! You really are " + IDstr);
-}
-
-console.log("SUCCESS");
-</script>
-</body>
-</html>
diff --git a/examples/browser/example_RSA2048_ECDSA_NIST256.html b/examples/browser/example_RSA2048_ECDSA_NIST256.html
deleted file mode 100644
index 6836342..0000000
--- a/examples/browser/example_RSA2048_ECDSA_NIST256.html
+++ /dev/null
@@ -1,211 +0,0 @@
-<!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN>
-<html>
-<head>
-<title>Browser test</title>
-<script src="src/rand.js"></script>
-<script src="src/rom_curve.js"></script>
-<script src="src/rom_field.js"></script>
-<script src="src/uint64.js"></script>
-<script src="src/aes.js"></script>
-<script src="src/big.js"></script>
-<script src="src/gcm.js"></script>
-<script src="src/hash256.js"></script>
-<script src="src/hash384.js"></script>
-<script src="src/hash512.js"></script>
-<script src="src/sha3.js"></script>
-<script src="src/newhope.js"></script>
-<script src="src/nhs.js"></script>
-<script src="src/fp.js"></script>
-<script src="src/fp2.js"></script>
-<script src="src/fp4.js"></script>
-<script src="src/fp12.js"></script>
-<script src="src/ff.js"></script>
-<script src="src/rsa.js"></script>
-<script src="src/ecp.js"></script>
-<script src="src/ecp2.js"></script>
-<script src="src/ecdh.js"></script>
-<script src="src/pair.js"></script>
-<script src="src/mpin.js"></script>
-<script src="src/ctx.js"></script>
-</head>
-
-<body>
-<h1>Browser test</h1>
-
-<script type="text/javascript">
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-'License'); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-'AS IS' BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-/* Test RSA - test driver and function exerciser for RSA_2048 and ECDSA with NIST256 */
-
-
-var ctx1 = new CTX("RSA2048");
-
-console.log("Start test RSA2048");
-
-var i, j = 0;
-
-var RAW = [];
-var rng = new ctx1.RAND();
-rng.clean();
-for (i = 0; i < 100; i++) {
- RAW[i] = i;
-}
-
-rng.seed(100, RAW);
-
-var sha = ctx1.RSA.HASH_TYPE;
-var message = "Hello World\n";
-var pub = new ctx1.rsa_public_key(ctx1.FF.FFLEN);
-var priv = new ctx1.rsa_private_key(ctx1.FF.HFLEN);
-
-var ML = [];
-var C = [];
-var S = [];
-var SALT = [];
-var pp = "M0ng00se";
-var CS = [];
-var DS = [];
-var S0 = [];
-var W0 = [];
-
-var start, end, time;
-start = new Date().getTime();
-console.log("Generate RSA public/private key pair");
-
-ctx1.RSA.KEY_PAIR(rng, 65537, priv, pub);
-
-end = new Date().getTime();
-time = end - start;
-console.log("Time in ms= " + time);
-
-var M = ctx1.RSA.stringtobytes(message);
-console.log("Encrypting test string");
-
-var E = ctx1.RSA.OAEP_ENCODE(sha, M, rng, null); /* OAEP encode message m to e */
-console.log("Encoding= 0x" + ctx1.RSA.bytestohex(E));
-
-console.log("Public key= 0x" + pub.n.toString());
-
-start = new Date().getTime();
-ctx1.RSA.ENCRYPT(pub, E, C); /* encrypt encoded message */
-end = new Date().getTime();
-time = end - start;
-console.log("Time in ms= " + time);
-
-console.log("Ciphertext= 0x" + ctx1.RSA.bytestohex(C));
-
-console.log("Decrypting test string");
-start = new Date().getTime();
-ctx1.RSA.DECRYPT(priv, C, ML);
-end = new Date().getTime();
-time = end - start;
-console.log("Time in ms= " + time);
-
-var cmp = true;
-if (E.length != ML.length) {
- cmp = false;
-} else {
- for (j = 0; j < E.length; j++) {
- if (E[j] != ML[j]) {
- cmp = false;
- }
- }
-}
-if (cmp) {
- console.log("Decryption is OK");
-} else {
- console.error("Decryption Failed");
- process.exit(-1);
-}
-
-var MS = ctx1.RSA.OAEP_DECODE(sha, null, ML); /* OAEP decode message */
-console.log("Decoding= 0x" + ctx1.RSA.bytestohex(MS));
-
-console.log("message= " + ctx1.RSA.bytestostring(MS));
-
-console.log("Start test RSA signature");
-
-ctx1.RSA.PKCS15(sha, M, C);
-
-ctx1.RSA.DECRYPT(priv, C, S); /* create signature in S */
-
-console.log("Signature= 0x" + ctx1.RSA.bytestohex(S));
-
-ctx1.RSA.ENCRYPT(pub, S, ML);
-
-cmp = true;
-if (C.length != ML.length) {
- cmp = false;
-} else {
- for (j = 0; j < C.length; j++) {
- if (C[j] != ML[j]) {
- cmp = false;
- }
- }
-}
-if (cmp) {
- console.log("Signature is valid");
-} else {
- console.error("Signature is INVALID");
- process.exit(-1);
-}
-ctx1.RSA.PRIVATE_KEY_KILL(priv);
-
-console.log("SUCCESS");
-
-
-var ctx2 = new CTX("NIST256");
-
-console.log("\n\nStart test ECDSA NIST256");
-
-for (i = 0; i < 8; i++) {
- SALT[i] = (i + 1);
-} // set Salt
-
-console.log("Alice's Passphrase= " + pp);
-
-// Random private key for other party
-ctx2.ECDH.KEY_PAIR_GENERATE(rng, S0, W0);
-
-// message
-for (i = 0; i <= 16; i++) {
- M[i] = i;
-}
-
-if (ctx2.ECDH.ECPSP_DSA(sha, rng, S0, M, CS, DS) != 0) {
- console.error("ECDSA Signature Failed");
-}
-
-console.log("Signature= ");
-console.log("C= 0x" + ctx2.ECDH.bytestostring(CS));
-console.log("D= 0x" + ctx2.ECDH.bytestostring(DS));
-
-if (ctx2.ECDH.ECPVP_DSA(sha, W0, M, CS, DS) != 0) {
- console.error("ECDSA Verification Failed");
-} else {
- console.log("ECDSA Signature/Verification succeeded");
-}
-
-rng.clean();
-
-console.log("SUCCESS");
-</script>
-</body>
-</html>
diff --git a/examples/browser/example_RSA2048_GENKEY.html b/examples/browser/example_RSA2048_GENKEY.html
deleted file mode 100644
index 6ffa893..0000000
--- a/examples/browser/example_RSA2048_GENKEY.html
+++ /dev/null
@@ -1,176 +0,0 @@
-<!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN>
-<html>
-<head>
-<title>Browser test</title>
-<script src="src/rand.js"></script>
-<script src="src/rom_curve.js"></script>
-<script src="src/rom_field.js"></script>
-<script src="src/uint64.js"></script>
-<script src="src/aes.js"></script>
-<script src="src/big.js"></script>
-<script src="src/gcm.js"></script>
-<script src="src/hash256.js"></script>
-<script src="src/hash384.js"></script>
-<script src="src/hash512.js"></script>
-<script src="src/sha3.js"></script>
-<script src="src/newhope.js"></script>
-<script src="src/nhs.js"></script>
-<script src="src/fp.js"></script>
-<script src="src/fp2.js"></script>
-<script src="src/fp4.js"></script>
-<script src="src/fp12.js"></script>
-<script src="src/ff.js"></script>
-<script src="src/rsa.js"></script>
-<script src="src/ecp.js"></script>
-<script src="src/ecp2.js"></script>
-<script src="src/ecdh.js"></script>
-<script src="src/pair.js"></script>
-<script src="src/mpin.js"></script>
-<script src="src/ctx.js"></script>
-</head>
-
-<body>
-<h1>Browser test</h1>
-
-<script type="text/javascript">
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-'License'); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-'AS IS' BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-/* Test RSA - test driver and function exerciser for RSA_2048 API Functions */
-
-
-var ctx = new CTX("RSA2048");
-
-console.log("Start test RSA 2048 with key generation");
-
-var i, j = 0;
-
-var RAW = [];
-var rng = new ctx.RAND();
-rng.clean();
-for (i = 0; i < 100; i++) {
- RAW[i] = i;
-}
-
-rng.seed(100, RAW);
-
-var sha = ctx.RSA.HASH_TYPE;
-var message = "Hello World\n";
-var pub = new ctx.rsa_public_key(ctx.FF.FFLEN);
-var priv = new ctx.rsa_private_key(ctx.FF.HFLEN);
-
-var ML = [];
-var C = [];
-var S = [];
-
-var start, end, time;
-start = new Date().getTime();
-console.log("Generating RSA public/private key pair (slow!)");
-ctx.RSA.KEY_PAIR(rng, 65537, priv, pub);
-console.log("PR.p: " + priv.p.toString());
-console.log("PR.q: " + priv.q.toString());
-console.log("PR.dp: " + priv.dp.toString());
-console.log("PR.dq: " + priv.dq.toString());
-console.log("PR.c: " + priv.c.toString());
-console.log("PUB.n: " + pub.n.toString());
-
-
-end = new Date().getTime();
-time = end - start;
-console.log("Time in ms= " + time);
-
-var M = ctx.RSA.stringtobytes(message);
-console.log("Encrypting test string");
-
-var E = ctx.RSA.OAEP_ENCODE(sha, M, rng, null); /* OAEP encode message m to e */
-console.log("Encoding= 0x" + ctx.RSA.bytestohex(E));
-
-console.log("Public key= 0x" + pub.n.toString());
-
-start = new Date().getTime();
-ctx.RSA.ENCRYPT(pub, E, C); /* encrypt encoded message */
-end = new Date().getTime();
-time = end - start;
-console.log("Time in ms= " + time);
-
-console.log("Ciphertext= 0x" + ctx.RSA.bytestohex(C));
-
-console.log("Decrypting test string");
-start = new Date().getTime();
-ctx.RSA.DECRYPT(priv, C, ML);
-end = new Date().getTime();
-time = end - start;
-console.log("Time in ms= " + time);
-
-var cmp = true;
-if (E.length != ML.length) {
- cmp = false;
-} else {
- for (j = 0; j < E.length; j++) {
- if (E[j] != ML[j]) {
- cmp = false;
- }
- }
-}
-
-if (cmp) {
- console.log("Decryption is OK");
-} else {
- console.error("Decryption Failed");
- process.exit(-1);
-}
-
-var MS = ctx.RSA.OAEP_DECODE(sha, null, ML); /* OAEP decode message */
-console.log("Decoding= 0x" + ctx.RSA.bytestohex(MS));
-
-console.log("message= " + ctx.RSA.bytestostring(MS));
-
-console.log("Start test RSA signature");
-
-ctx.RSA.PKCS15(sha, M, C);
-
-ctx.RSA.DECRYPT(priv, C, S); /* create signature in S */
-
-console.log("Signature= 0x" + ctx.RSA.bytestohex(S));
-
-ctx.RSA.ENCRYPT(pub, S, ML);
-
-cmp = true;
-if (C.length != ML.length) {
- cmp = false;
-} else {
- for (j = 0; j < C.length; j++) {
- if (C[j] != ML[j]) {
- cmp = false;
- }
- }
-}
-
-if (cmp) {
- console.log("Signature is valid");
-} else {
- console.error("Signature is INVALID");
- process.exit(-1);
-}
-ctx.RSA.PRIVATE_KEY_KILL(priv);
-
-console.log("SUCCESS");
-</script>
-</body>
-</html>
[incubator-milagro-crypto-js] 02/03: moved examples to BLS381 curve
Posted by km...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
kmccusker pushed a commit to branch issue7
in repository https://gitbox.apache.org/repos/asf/incubator-milagro-crypto-js.git
commit 36004222bd841fd345bd7b6d7acac7350464a771
Author: Kealan McCusker <ke...@gmail.com>
AuthorDate: Wed Jun 26 14:37:18 2019 +0100
moved examples to BLS381 curve
---
examples/browser/example_BLS.html | 2 +-
...ple_DVS_BLS383.html => example_DVS_BLS381.html} | 2 +-
...IST521.html => example_ECC_BLS381_NIST521.html} | 4 +-
...e_MPIN_BLS383.html => example_MPIN_BLS381.html} | 2 +-
...L_BLS383.html => example_MPIN_FULL_BLS381.html} | 2 +-
...S383.html => example_MPIN_ONE_PASS_BLS381.html} | 2 +-
..._TP_BLS383.html => example_MPIN_TP_BLS381.html} | 2 +-
examples/browser/example_all.html | 1276 ++++++++++++++++++++
...example_DVS_BLS383.js => example_DVS_BLS381.js} | 2 +-
...83_NIST521.js => example_ECC_BLS381_NIST521.js} | 4 +-
...ample_MPIN_BLS383.js => example_MPIN_BLS381.js} | 2 +-
..._FULL_BLS383.js => example_MPIN_FULL_BLS381.js} | 2 +-
...S_BLS383.js => example_MPIN_ONE_PASS_BLS381.js} | 2 +-
13 files changed, 1290 insertions(+), 14 deletions(-)
diff --git a/examples/browser/example_BLS.html b/examples/browser/example_BLS.html
index 67418e3..ab8cbf4 100644
--- a/examples/browser/example_BLS.html
+++ b/examples/browser/example_BLS.html
@@ -46,7 +46,7 @@
<p><a id="myLink4" href="#" onclick="location.reload(false);bn254();">BN254 254-bit k=12 Pairing-Friendly BN Curve Boneh-Lynn-Shacham</a></p>
-<p><a id="myLink5" href="#" onclick="location.reload(false);bls383();">BLS381 381-bit k=12 Pairing-Friendly BLS Curve Boneh-Lynn-Shacham</a></p>
+<p><a id="myLink5" href="#" onclick="location.reload(false);bls381();">BLS381 381-bit k=12 Pairing-Friendly BLS Curve Boneh-Lynn-Shacham</a></p>
<p><a id="myLink6" href="#" onclick="location.reload(false);bls24();">BLS24 479-bit k=24 Pairing-Friendly BLS Curve Boneh-Lynn-Shacham</a></p>
<p><a id="myLink7" href="#" onclick="location.reload(false);bls48();">BLS48 556-bit k=48 Pairing-Friendly BLS Curve Boneh-Lynn-Shacham</a></p>
diff --git a/examples/browser/example_DVS_BLS383.html b/examples/browser/example_DVS_BLS381.html
similarity index 99%
rename from examples/browser/example_DVS_BLS383.html
rename to examples/browser/example_DVS_BLS381.html
index d5c0183..ad11117 100644
--- a/examples/browser/example_DVS_BLS383.html
+++ b/examples/browser/example_DVS_BLS381.html
@@ -55,7 +55,7 @@ under the License.
/* Test DVS - test driver and function exerciser for Designated Verifier Signature API Functions */
-var ctx = new CTX("BLS383");
+var ctx = new CTX("BLS381");
var RAW = [];
var rng = new ctx.RAND();
diff --git a/examples/browser/example_ECC_BLS383_NIST521.html b/examples/browser/example_ECC_BLS381_NIST521.html
similarity index 98%
rename from examples/browser/example_ECC_BLS383_NIST521.html
rename to examples/browser/example_ECC_BLS381_NIST521.html
index ea61f8e..43a4057 100644
--- a/examples/browser/example_ECC_BLS383_NIST521.html
+++ b/examples/browser/example_ECC_BLS381_NIST521.html
@@ -56,10 +56,10 @@ under the License.
/* Test ECC - test driver and function exerciser for ECDH/ECIES/ECDSA API Functions */
-var ctx1 = new CTX("BLS383");
+var ctx1 = new CTX("BLS381");
var ctx2 = new CTX("NIST521");
-console.log("Start testing BLS383");
+console.log("Start testing BLS381");
var pp = "M0ng00se",
res,
diff --git a/examples/browser/example_MPIN_BLS383.html b/examples/browser/example_MPIN_BLS381.html
similarity index 99%
rename from examples/browser/example_MPIN_BLS383.html
rename to examples/browser/example_MPIN_BLS381.html
index 6ca6b73..08d54cd 100644
--- a/examples/browser/example_MPIN_BLS383.html
+++ b/examples/browser/example_MPIN_BLS381.html
@@ -55,7 +55,7 @@ under the License.
/* Test MPIN - test driver and function exerciser for MPIN API Functions */
-var ctx = new CTX("BLS383");
+var ctx = new CTX("BLS381");
/* Test M-Pin */
diff --git a/examples/browser/example_MPIN_FULL_BLS383.html b/examples/browser/example_MPIN_FULL_BLS381.html
similarity index 99%
rename from examples/browser/example_MPIN_FULL_BLS383.html
rename to examples/browser/example_MPIN_FULL_BLS381.html
index 9a572bb..d95979f 100644
--- a/examples/browser/example_MPIN_FULL_BLS383.html
+++ b/examples/browser/example_MPIN_FULL_BLS381.html
@@ -55,7 +55,7 @@ under the License.
/* Test MPIN - test driver and function exerciser for MPIN API Functions */
-var ctx = new CTX("BLS383");
+var ctx = new CTX("BLS381");
/* Test M-Pin */
diff --git a/examples/browser/example_MPIN_ONE_PASS_BLS383.html b/examples/browser/example_MPIN_ONE_PASS_BLS381.html
similarity index 99%
rename from examples/browser/example_MPIN_ONE_PASS_BLS383.html
rename to examples/browser/example_MPIN_ONE_PASS_BLS381.html
index a798a31..9d43ab6 100644
--- a/examples/browser/example_MPIN_ONE_PASS_BLS383.html
+++ b/examples/browser/example_MPIN_ONE_PASS_BLS381.html
@@ -55,7 +55,7 @@ under the License.
/* Test MPIN - test driver and function exerciser for MPIN API Functions */
-var ctx = new CTX("BLS383");
+var ctx = new CTX("BLS381");
/* Test M-Pin */
diff --git a/examples/browser/example_MPIN_TP_BLS383.html b/examples/browser/example_MPIN_TP_BLS381.html
similarity index 99%
rename from examples/browser/example_MPIN_TP_BLS383.html
rename to examples/browser/example_MPIN_TP_BLS381.html
index 8f8c1d2..c29c250 100644
--- a/examples/browser/example_MPIN_TP_BLS383.html
+++ b/examples/browser/example_MPIN_TP_BLS381.html
@@ -55,7 +55,7 @@ under the License.
/* Test MPIN - test driver and function exerciser for MPIN API Functions */
-var ctx = new CTX("BLS383");
+var ctx = new CTX("BLS381");
/* Test M-Pin */
diff --git a/examples/browser/example_all.html b/examples/browser/example_all.html
new file mode 100644
index 0000000..9c96ad9
--- /dev/null
+++ b/examples/browser/example_all.html
@@ -0,0 +1,1276 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+<title>JavaScript Test ALL</title>
+</head>
+<body>
+<h1>JavaScript Test All Examples</h1>
+<script src="src/rand.js"></script>
+<script src="src/rom_curve.js"></script>
+<script src="src/rom_field.js"></script>
+<script src="src/uint64.js"></script>
+<script src="src/aes.js"></script>
+<script src="src/big.js"></script>
+<script src="src/gcm.js"></script>
+<script src="src/hash256.js"></script>
+<script src="src/hash384.js"></script>
+<script src="src/hash512.js"></script>
+<script src="src/sha3.js"></script>
+<script src="src/nhs.js"></script>
+<script src="src/fp.js"></script>
+<script src="src/fp2.js"></script>
+<script src="src/fp4.js"></script>
+<script src="src/fp12.js"></script>
+<script src="src/ff.js"></script>
+<script src="src/rsa.js"></script>
+<script src="src/ecp.js"></script>
+<script src="src/ecp2.js"></script>
+<script src="src/ecdh.js"></script>
+<script src="src/pair.js"></script>
+<script src="src/bls.js"></script>
+<script src="src/mpin.js"></script>
+<script src="src/ctx.js"></script>
+
+<script src="src/fp8.js"></script>
+<script src="src/fp16.js"></script>
+<script src="src/fp24.js"></script>
+<script src="src/fp48.js"></script>
+<script src="src/ecp4.js"></script>
+<script src="src/ecp8.js"></script>
+<script src="src/pair192.js"></script>
+<script src="src/pair256.js"></script>
+<script src="src/mpin192.js"></script>
+<script src="src/mpin256.js"></script>
+<script src="src/bls192.js"></script>
+<script src="src/bls256.js"></script>
+
+
+<p><a id="myLink1" href="#" onclick="location.reload(false);ed25519();">ED25519 255-bit Edwards Elliptic Curve ECDH/ECIES/ECDSA</a></p>
+<p><a id="myLink2" href="#" onclick="location.reload(false);nist256();">NIST256 256-bit Weierstrass Elliptic Curve ECDH/ECIES/ECDSA</a></p>
+<p><a id="myLink3" href="#" onclick="location.reload(false);goldilocks();">GOLDILOCKS 448-bit Edwards Elliptic Curve ECDH/ECIES/ECDSA</a></p>
+<p><a id="myLink5" href="#" onclick="location.reload(false);bls381();">BLS381 381-bit k=12 Pairing-Friendly BLS Curve MPIN</a></p>
+<p><a id="myLink6" href="#" onclick="location.reload(false);bls24();">BLS24 479-bit k=24 Pairing-Friendly BLS Curve MPIN</a></p>
+<p><a id="myLink7" href="#" onclick="location.reload(false);bls48();">BLS48 556-bit k=48 Pairing-Friendly BLS Curve MPIN</a></p>
+<p><a id="myLink8" href="#" onclick="location.reload(false);rsa2048();">RSA2048 2048-bit RSA Key generation/Encryption/Decryption</a></p>
+
+
+<script>
+
+/* Test ECC */
+/* test driver and function exerciser for ECDH/ECIES/ECDSA API Functions */
+
+// ED25519 context
+function ed25519() {
+ var ctx = new CTX('ED25519');
+
+ mywindow=window.open();
+
+ mywindow.document.write("<br> ED25519 Curve "+ "<br>");
+
+ var i,j=0,res;
+ var result;
+ var pp="M0ng00se";
+
+ var EGS=ctx.ECDH.EGS;
+ var EFS=ctx.ECDH.EFS;
+ var EAS=ctx.ECP.AESKEY;
+ var sha=ctx.ECP.HASH_TYPE;
+
+ var S1=[];
+ var W0=[];
+ var W1=[];
+ var Z0=[];
+ var Z1=[];
+ var RAW=[];
+ var SALT=[];
+ var P1=[];
+ var P2=[];
+ var V=[];
+ var M=[];
+ var T=new Array(12); // must specify required length
+ var CS=[];
+ var DS=[];
+
+ var rng=new ctx.RAND();
+
+ rng.clean();
+ for (i=0;i<100;i++) RAW[i]=i;
+
+ rng.seed(100,RAW);
+
+ for (i=0;i<8;i++) SALT[i]=(i+1); // set Salt
+
+ mywindow.document.write("Alice's Passphrase= " + pp + "<br>");
+
+ var PW=ctx.ECDH.stringtobytes(pp);
+/* private key S0 of size EGS bytes derived from Password and Salt */
+ var S0=ctx.ECDH.PBKDF2(sha,PW,SALT,1000,EGS);
+
+ mywindow.document.write("Alice's private key= 0x"+ctx.ECDH.bytestostring(S0)+ "<br>");
+/* Generate Key pair S/W */
+ ctx.ECDH.KEY_PAIR_GENERATE(null,S0,W0);
+
+ mywindow.document.write("Alice's public key= 0x"+ctx.ECDH.bytestostring(W0)+ "<br>");
+
+ res=ctx.ECDH.PUBLIC_KEY_VALIDATE(W0);
+ if (res!=0)
+ alert("ECP Public Key is invalid!");
+/* Random private key for other party */
+ ctx.ECDH.KEY_PAIR_GENERATE(rng,S1,W1);
+
+ mywindow.document.write("Servers private key= 0x"+ctx.ECDH.bytestostring(S1)+ "<br>");
+ mywindow.document.write("Servers public key= 0x"+ctx.ECDH.bytestostring(W1)+ "<br>");
+
+ res=ctx.ECDH.PUBLIC_KEY_VALIDATE(W1);
+ if (res!=0)
+ alert("ECP Public Key is invalid!");
+
+
+/* Calculate common key using DH - IEEE 1363 method */
+
+ ctx.ECDH.ECPSVDP_DH(S0,W1,Z0);
+ ctx.ECDH.ECPSVDP_DH(S1,W0,Z1);
+
+ var same=true;
+ for (i=0;i<ctx.ECDH.EFS;i++)
+ if (Z0[i]!=Z1[i]) same=false;
+
+ if (!same)
+ alert("*** ECPSVDP-DH Failed");
+
+ var KEY=ctx.ECDH.KDF2(sha,Z0,null,ctx.ECP.AESKEY);
+
+ mywindow.document.write("Alice's ECDH Key= 0x"+ctx.ECDH.bytestostring(KEY)+ "<br>");
+ mywindow.document.write("Servers ECDH Key= 0x"+ctx.ECDH.bytestostring(KEY)+ "<br>");
+
+ if (ctx.ECP.CURVETYPE!=ctx.ECP.MONTGOMERY)
+ {
+ mywindow.document.write("Testing ECIES"+ "<br>");
+
+ P1[0]=0x0; P1[1]=0x1; P1[2]=0x2;
+ P2[0]=0x0; P2[1]=0x1; P2[2]=0x2; P2[3]=0x3;
+
+ for (i=0;i<=16;i++) M[i]=i;
+
+ var C=ctx.ECDH.ECIES_ENCRYPT(sha,P1,P2,rng,W1,M,V,T);
+
+ mywindow.document.write("Ciphertext= "+ "<br>");
+ mywindow.document.write("V= 0x"+ctx.ECDH.bytestostring(V)+ "<br>");
+ mywindow.document.write("C= 0x"+ctx.ECDH.bytestostring(C)+ "<br>");
+ mywindow.document.write("T= 0x"+ctx.ECDH.bytestostring(T)+ "<br>");
+
+
+ M=ctx.ECDH.ECIES_DECRYPT(sha,P1,P2,V,C,T,S1);
+ if (M.length==0)
+ alert("*** ECIES Decryption Failed ");
+ else mywindow.document.write("Decryption succeeded"+ "<br>");
+
+ mywindow.document.write("Message is 0x"+ctx.ECDH.bytestostring(M)+ "<br>");
+
+ mywindow.document.write("Testing ECDSA"+ "<br>");
+
+ if (ctx.ECDH.ECPSP_DSA(sha,rng,S0,M,CS,DS)!=0)
+ alert("***ECDSA Signature Failed");
+
+ mywindow.document.write("Signature= "+ "<br>");
+ mywindow.document.write("C= 0x"+ctx.ECDH.bytestostring(CS)+ "<br>");
+ mywindow.document.write("D= 0x"+ctx.ECDH.bytestostring(DS)+ "<br>");
+
+ if (ctx.ECDH.ECPVP_DSA(sha,W0,M,CS,DS)!=0)
+ alert("***ECDSA Verification Failed");
+ else mywindow.document.write("ECDSA Signature/Verification succeeded "+ "<br>");
+ }
+
+}
+// NIST256 context
+
+function nist256() {
+ var ctx = new CTX('NIST256');
+ mywindow=window.open();
+
+ mywindow.document.write("<br> NIST256 Curve "+ "<br>");
+ var i,j=0,res;
+ var result;
+ var pp="M0ng00se";
+
+ var EGS=ctx.ECDH.EGS;
+ var EFS=ctx.ECDH.EFS;
+ var EAS=ctx.ECP.AESKEY;
+ var sha=ctx.ECP.HASH_TYPE;
+
+ var S1=[];
+ var W0=[];
+ var W1=[];
+ var Z0=[];
+ var Z1=[];
+ var RAW=[];
+ var SALT=[];
+ var P1=[];
+ var P2=[];
+ var V=[];
+ var M=[];
+ var T=new Array(12); // must specify required length
+ var CS=[];
+ var DS=[];
+
+ var rng=new ctx.RAND();
+
+ rng.clean();
+ for (i=0;i<100;i++) RAW[i]=i;
+
+ rng.seed(100,RAW);
+
+
+ for (i=0;i<8;i++) SALT[i]=(i+1); // set Salt
+
+ mywindow.document.write("Alice's Passphrase= " + pp + "<br>");
+
+ var PW=ctx.ECDH.stringtobytes(pp);
+/* private key S0 of size EGS bytes derived from Password and Salt */
+ var S0=ctx.ECDH.PBKDF2(sha,PW,SALT,1000,EGS);
+
+ mywindow.document.write("Alice's private key= 0x"+ctx.ECDH.bytestostring(S0)+ "<br>");
+/* Generate Key pair S/W */
+ ctx.ECDH.KEY_PAIR_GENERATE(null,S0,W0);
+
+ mywindow.document.write("Alice's public key= 0x"+ctx.ECDH.bytestostring(W0)+ "<br>");
+
+ res=ctx.ECDH.PUBLIC_KEY_VALIDATE(W0);
+ if (res!=0)
+ alert("ECP Public Key is invalid!");
+/* Random private key for other party */
+ ctx.ECDH.KEY_PAIR_GENERATE(rng,S1,W1);
+
+ mywindow.document.write("Servers private key= 0x"+ctx.ECDH.bytestostring(S1)+ "<br>");
+ mywindow.document.write("Servers public key= 0x"+ctx.ECDH.bytestostring(W1)+ "<br>");
+
+ res=ctx.ECDH.PUBLIC_KEY_VALIDATE(W1);
+ if (res!=0)
+ alert("ECP Public Key is invalid!");
+
+
+/* Calculate common key using DH - IEEE 1363 method */
+
+ ctx.ECDH.ECPSVDP_DH(S0,W1,Z0);
+ ctx.ECDH.ECPSVDP_DH(S1,W0,Z1);
+
+ var same=true;
+ for (i=0;i<ctx.ECDH.EFS;i++)
+ if (Z0[i]!=Z1[i]) same=false;
+
+ if (!same)
+ alert("*** ECPSVDP-DH Failed");
+
+ var KEY=ctx.ECDH.KDF2(sha,Z0,null,ctx.ECP.AESKEY);
+
+ mywindow.document.write("Alice's ECDH Key= 0x"+ctx.ECDH.bytestostring(KEY)+ "<br>");
+ mywindow.document.write("Servers ECDH Key= 0x"+ctx.ECDH.bytestostring(KEY)+ "<br>");
+
+ if (ctx.ECP.CURVETYPE!=ctx.ECP.MONTGOMERY)
+ {
+ mywindow.document.write("Testing ECIES"+ "<br>");
+
+ P1[0]=0x0; P1[1]=0x1; P1[2]=0x2;
+ P2[0]=0x0; P2[1]=0x1; P2[2]=0x2; P2[3]=0x3;
+
+ for (i=0;i<=16;i++) M[i]=i;
+
+ var C=ctx.ECDH.ECIES_ENCRYPT(sha,P1,P2,rng,W1,M,V,T);
+
+ mywindow.document.write("Ciphertext= "+ "<br>");
+ mywindow.document.write("V= 0x"+ctx.ECDH.bytestostring(V)+ "<br>");
+ mywindow.document.write("C= 0x"+ctx.ECDH.bytestostring(C)+ "<br>");
+ mywindow.document.write("T= 0x"+ctx.ECDH.bytestostring(T)+ "<br>");
+
+
+ M=ctx.ECDH.ECIES_DECRYPT(sha,P1,P2,V,C,T,S1);
+ if (M.length==0)
+ alert("*** ECIES Decryption Failed ");
+ else mywindow.document.write("Decryption succeeded"+ "<br>");
+
+ mywindow.document.write("Message is 0x"+ctx.ECDH.bytestostring(M)+ "<br>");
+
+ mywindow.document.write("Testing ECDSA"+ "<br>");
+
+ if (ctx.ECDH.ECPSP_DSA(sha,rng,S0,M,CS,DS)!=0)
+ alert("***ECDSA Signature Failed");
+
+ mywindow.document.write("Signature= "+ "<br>");
+ mywindow.document.write("C= 0x"+ctx.ECDH.bytestostring(CS)+ "<br>");
+ mywindow.document.write("D= 0x"+ctx.ECDH.bytestostring(DS)+ "<br>");
+
+ if (ctx.ECDH.ECPVP_DSA(sha,W0,M,CS,DS)!=0)
+ alert("***ECDSA Verification Failed");
+ else mywindow.document.write("ECDSA Signature/Verification succeeded "+ "<br>");
+ }
+
+}
+
+
+// GOLDILOCKS context
+function goldilocks() {
+ var ctx = new CTX('GOLDILOCKS');
+ mywindow=window.open();
+
+ mywindow.document.write("<br> GOLDILOCKS Curve "+ "<br>");
+
+ var i,j=0,res;
+ var result;
+ var pp="M0ng00se";
+
+ var EGS=ctx.ECDH.EGS;
+ var EFS=ctx.ECDH.EFS;
+ var EAS=ctx.ECP.AESKEY;
+ var sha=ctx.ECP.HASH_TYPE;
+
+ var S1=[];
+ var W0=[];
+ var W1=[];
+ var Z0=[];
+ var Z1=[];
+
+ var SALT=[];
+ var P1=[];
+ var P2=[];
+ var V=[];
+ var M=[];
+ var T=new Array(12); // must specify required length
+ var CS=[];
+ var DS=[];
+
+ var RAW=[];
+ var rng=new ctx.RAND();
+
+ rng.clean();
+ for (i=0;i<100;i++) RAW[i]=i;
+
+ rng.seed(100,RAW);
+
+
+ for (i=0;i<8;i++) SALT[i]=(i+1); // set Salt
+
+ mywindow.document.write("Alice's Passphrase= " + pp + "<br>");
+
+ var PW=ctx.ECDH.stringtobytes(pp);
+/* private key S0 of size EGS bytes derived from Password and Salt */
+ var S0=ctx.ECDH.PBKDF2(sha,PW,SALT,1000,EGS);
+
+ mywindow.document.write("Alice's private key= 0x"+ctx.ECDH.bytestostring(S0)+ "<br>");
+/* Generate Key pair S/W */
+ ctx.ECDH.KEY_PAIR_GENERATE(null,S0,W0);
+
+ mywindow.document.write("Alice's public key= 0x"+ctx.ECDH.bytestostring(W0)+ "<br>");
+
+ res=ctx.ECDH.PUBLIC_KEY_VALIDATE(W0);
+ if (res!=0)
+ alert("ECP Public Key is invalid!");
+/* Random private key for other party */
+ ctx.ECDH.KEY_PAIR_GENERATE(rng,S1,W1);
+
+ mywindow.document.write("Servers private key= 0x"+ctx.ECDH.bytestostring(S1)+ "<br>");
+ mywindow.document.write("Servers public key= 0x"+ctx.ECDH.bytestostring(W1)+ "<br>");
+
+ res=ctx.ECDH.PUBLIC_KEY_VALIDATE(W1);
+ if (res!=0)
+ alert("ECP Public Key is invalid!");
+
+
+/* Calculate common key using DH - IEEE 1363 method */
+
+ ctx.ECDH.ECPSVDP_DH(S0,W1,Z0);
+ ctx.ECDH.ECPSVDP_DH(S1,W0,Z1);
+
+ var same=true;
+ for (i=0;i<ctx.ECDH.EFS;i++)
+ if (Z0[i]!=Z1[i]) same=false;
+
+ if (!same)
+ alert("*** ECPSVDP-DH Failed");
+
+ var KEY=ctx.ECDH.KDF2(sha,Z0,null,ctx.ECP.AESKEY);
+
+ mywindow.document.write("Alice's ECDH Key= 0x"+ctx.ECDH.bytestostring(KEY)+ "<br>");
+ mywindow.document.write("Servers ECDH Key= 0x"+ctx.ECDH.bytestostring(KEY)+ "<br>");
+
+ if (ctx.ECP.CURVETYPE!=ctx.ECP.MONTGOMERY)
+ {
+ mywindow.document.write("Testing ECIES"+ "<br>");
+
+ P1[0]=0x0; P1[1]=0x1; P1[2]=0x2;
+ P2[0]=0x0; P2[1]=0x1; P2[2]=0x2; P2[3]=0x3;
+
+ for (i=0;i<=16;i++) M[i]=i;
+
+ var C=ctx.ECDH.ECIES_ENCRYPT(sha,P1,P2,rng,W1,M,V,T);
+
+ mywindow.document.write("Ciphertext= "+ "<br>");
+ mywindow.document.write("V= 0x"+ctx.ECDH.bytestostring(V)+ "<br>");
+ mywindow.document.write("C= 0x"+ctx.ECDH.bytestostring(C)+ "<br>");
+ mywindow.document.write("T= 0x"+ctx.ECDH.bytestostring(T)+ "<br>");
+
+
+ M=ctx.ECDH.ECIES_DECRYPT(sha,P1,P2,V,C,T,S1);
+ if (M.length==0)
+ alert("*** ECIES Decryption Failed ");
+ else mywindow.document.write("Decryption succeeded"+ "<br>");
+
+ mywindow.document.write("Message is 0x"+ctx.ECDH.bytestostring(M)+ "<br>");
+
+ mywindow.document.write("Testing ECDSA"+ "<br>");
+
+ if (ctx.ECDH.ECPSP_DSA(sha,rng,S0,M,CS,DS)!=0)
+ alert("***ECDSA Signature Failed");
+
+ mywindow.document.write("Signature= "+ "<br>");
+ mywindow.document.write("C= 0x"+ctx.ECDH.bytestostring(CS)+ "<br>");
+ mywindow.document.write("D= 0x"+ctx.ECDH.bytestostring(DS)+ "<br>");
+
+ if (ctx.ECDH.ECPVP_DSA(sha,W0,M,CS,DS)!=0)
+ alert("***ECDSA Verification Failed");
+ else mywindow.document.write("ECDSA Signature/Verification succeeded "+ "<br>");
+ }
+}
+
+
+/* Test RSA */
+/* test driver and function exerciser for RSA API Functions */
+
+
+// RSA2048 context
+function rsa2048() {
+ var ctx = new CTX('RSA2048');
+
+ var i,j=0,res;
+ var result;
+
+ var sha=ctx.RSA.HASH_TYPE;
+
+ var message="Hello World\n";
+
+ var pub=new ctx.rsa_public_key(ctx.FF.FFLEN);
+ var priv=new ctx.rsa_private_key(ctx.FF.HFLEN);
+
+ var ML=[];
+ var C=[];
+ var S=[];
+
+ var RAW=[];
+ var rng=new ctx.RAND();
+
+ rng.clean();
+ for (i=0;i<100;i++) RAW[i]=i;
+
+ rng.seed(100,RAW);
+
+ mywindow=window.open();
+
+ var start,end,time;
+ start=new Date().getTime();
+ mywindow.document.write("<br> Generating RSA public/private key pair (slow!) <br>");
+ ctx.RSA.KEY_PAIR(rng,65537,priv,pub);
+ end=new Date().getTime();
+ time=end-start;
+ mywindow.document.write("Time in ms= "+time+"<br>");
+
+ var M=ctx.RSA.stringtobytes(message);
+ mywindow.document.write("Encrypting test string <br>");
+
+ var E=ctx.RSA.OAEP_ENCODE(sha,M,rng,null); /* OAEP encode message m to e */
+ mywindow.document.write("Encoding= 0x" + ctx.RSA.bytestohex(E) + "<br>");
+
+ mywindow.document.write("Public key= 0x"+pub.n.toString() + "<br>");
+
+ start=new Date().getTime();
+ ctx.RSA.ENCRYPT(pub,E,C); /* encrypt encoded message */
+ end=new Date().getTime();
+ time=end-start;
+ mywindow.document.write("Time in ms= "+time+"<br>");
+
+ mywindow.document.write("Ciphertext= 0x" + ctx.RSA.bytestohex(C) + "<br>");
+
+ mywindow.document.write("Decrypting test string <br>");
+ start=new Date().getTime();
+ ctx.RSA.DECRYPT(priv,C,ML);
+ end=new Date().getTime();
+ time=end-start;
+ mywindow.document.write("Time in ms= "+time+"<br>");
+
+ var cmp=true;
+ if (E.length!=ML.length) cmp=false;
+ else
+ {
+ for (var j=0;j<E.length;j++)
+ if (E[j]!=ML[j]) cmp=false;
+ }
+ if (cmp) mywindow.document.write("Decryption is OK <br>");
+ else mywindow.document.write("Decryption Failed <br>");
+
+ var MS=ctx.RSA.OAEP_DECODE(sha,null,ML); /* OAEP decode message */
+ mywindow.document.write("Decoding= 0x" + ctx.RSA.bytestohex(MS) + "<br>");
+
+ mywindow.document.write("message= "+ctx.RSA.bytestostring(MS) + "<br>");
+
+
+ mywindow.document.write("Signing message <br>");
+ ctx.RSA.PKCS15(sha,M,C);
+
+ ctx.RSA.DECRYPT(priv,C,S); /* create signature in S */
+
+ mywindow.document.write("Signature= 0x" + ctx.RSA.bytestohex(S) + "<br>");
+
+ ctx.RSA.ENCRYPT(pub,S,ML);
+
+ cmp=true;
+ if (C.length!=ML.length) cmp=false;
+ else
+ {
+ for (var j=0;j<C.length;j++)
+ if (C[j]!=ML[j]) cmp=false;
+ }
+ if (cmp) mywindow.document.write("Signature is valid <br>");
+ else mywindow.document.write("Signature is INVALID <br>");
+
+ ctx.RSA.PRIVATE_KEY_KILL(priv);
+
+
+}
+
+/* Test M-Pin */
+
+// BLS381 context
+function bls381() {
+ var ctx = new CTX('BLS381');
+ mywindow=window.open();
+
+ mywindow.document.write("<br> BLS381 Pairing-Friendly Curve "+ "<br>");
+
+ var i,res;
+ var result;
+
+ var EGS=ctx.MPIN.EGS;
+ var EFS=ctx.MPIN.EFS;
+ var EAS=ctx.ECP.AESKEY;
+
+ var sha=ctx.ECP.HASH_TYPE;
+
+ var G1S=2*EFS+1; /* Group 1 Size */
+ var G2S=4*EFS; /* Group 2 Size */
+
+ var S=[];
+ var SST=[];
+ var TOKEN = [];
+ var PERMIT = [];
+ var SEC = [];
+ var xID = [];
+ var xCID = [];
+ var X= [];
+ var Y= [];
+ var E=[];
+ var F=[];
+ var HCID=[];
+ var HID=[];
+ var HTID=[];
+
+ var G1=[];
+ var G2=[];
+ var R=[];
+ var Z=[];
+ var W=[];
+ var T=[];
+ var CK=[];
+ var SK=[];
+
+ var HSID=[];
+
+/* Set configuration */
+ var PERMITS=true;
+ var PINERROR=true;
+ var FULL=true;
+ var ONE_PASS=false;
+
+ var RAW=[];
+ var rng=new ctx.RAND();
+
+ rng.clean();
+ for (i=0;i<100;i++) RAW[i]=i;
+
+ rng.seed(100,RAW);
+
+
+/* Trusted Authority set-up */
+ ctx.MPIN.RANDOM_GENERATE(rng,S);
+ mywindow.document.write("M-Pin Master Secret s: 0x"+ctx.MPIN.bytestostring(S) + "<br>");
+
+ /* Create Client Identity */
+ var IDstr = "testUser@miracl.com";
+ var CLIENT_ID = ctx.MPIN.stringtobytes(IDstr);
+ HCID=ctx.MPIN.HASH_ID(sha,CLIENT_ID); /* Either Client or TA calculates Hash(ID) - you decide! */
+
+ mywindow.document.write("Client ID= "+ctx.MPIN.bytestostring(CLIENT_ID) + "<br>");
+
+/* Client and Server are issued secrets by DTA */
+ ctx.MPIN.GET_SERVER_SECRET(S,SST);
+ mywindow.document.write("Server Secret SS: 0x"+ctx.MPIN.bytestostring(SST) + "<br>");
+
+ ctx.MPIN.GET_CLIENT_SECRET(S,HCID,TOKEN);
+ mywindow.document.write("Client Secret CS: 0x"+ctx.MPIN.bytestostring(TOKEN) + "<br>");
+
+/* Client extracts PIN from secret to create Token */
+ var pin=1234;
+ mywindow.document.write("Client extracts PIN= "+pin + "<br>");
+ var rtn=ctx.MPIN.EXTRACT_PIN(sha,CLIENT_ID,pin,TOKEN);
+ if (rtn != 0)
+ mywindow.document.write("Failed to extract PIN " + "<br>");
+
+ mywindow.document.write("Client Token TK: 0x"+ctx.MPIN.bytestostring(TOKEN) + "<br>");
+
+ if (FULL)
+ {
+ ctx.MPIN.PRECOMPUTE(TOKEN,HCID,G1,G2);
+ }
+
+ var date;
+ if (PERMITS)
+ {
+ date=ctx.MPIN.today();
+/* Client gets "Time Token" permit from DTA */
+ ctx.MPIN.GET_CLIENT_PERMIT(sha,date,S,HCID,PERMIT);
+ mywindow.document.write("Time Permit TP: 0x"+ctx.MPIN.bytestostring(PERMIT) + "<br>");
+
+/* This encoding makes Time permit look random - Elligator squared */
+ ctx.MPIN.ENCODING(rng,PERMIT);
+ mywindow.document.write("Encoded Time Permit TP: 0x"+ctx.MPIN.bytestostring(PERMIT) + "<br>");
+ ctx.MPIN.DECODING(PERMIT);
+ mywindow.document.write("Decoded Time Permit TP: 0x"+ctx.MPIN.bytestostring(PERMIT) + "<br>");
+ }
+ else date=0;
+
+ pin=parseInt(mywindow.prompt("Enter PIN= "));
+
+/* Set date=0 and PERMIT=null if time permits not in use
+
+Client First pass: Inputs CLIENT_ID, optional RNG, pin, TOKEN and PERMIT. Output xID = x.H(CLIENT_ID) and re-combined secret SEC
+If PERMITS are is use, then date!=0 and PERMIT is added to secret and xCID = x.(H(CLIENT_ID)+H_T(date|H(CLIENT_ID)))
+Random value x is supplied externally if RNG=null, otherwise generated and passed out by RNG
+
+If Time Permits OFF set xCID = null, HTID=null and use xID and HID only
+If Time permits are ON, AND pin error detection is required then all of xID, xCID, HID and HTID are required
+If Time permits are ON, AND pin error detection is NOT required, set xID=null, HID=null and use xCID and HTID only.
+
+
+*/
+ var pxID=xID;
+ var pxCID=xCID;
+ var pHID=HID;
+ var pHTID=HTID;
+ var pE=E;
+ var pF=F;
+ var pPERMIT=PERMIT;
+ var prHID;
+
+ if (date!=0)
+ {
+ prHID=pHTID;
+ if (!PINERROR)
+ {
+ pxID=null;
+ // pHID=null;
+ }
+ }
+ else
+ {
+ prHID=pHID;
+ pPERMIT=null;
+ pxCID=null;
+ pHTID=null;
+ }
+ if (!PINERROR)
+ {
+ pE=null;
+ pF=null;
+ }
+
+ if (ONE_PASS)
+ {
+ mywindow.document.write("MPIN Single Pass " + "<br>");
+ timeValue = ctx.MPIN.GET_TIME();
+ mywindow.document.write("Epoch " + timeValue + "<br>");
+
+ rtn=ctx.MPIN.CLIENT(sha,date,CLIENT_ID,rng,X,pin,TOKEN,SEC,pxID,pxCID,pPERMIT,timeValue,Y);
+
+ if (rtn != 0)
+ mywindow.document.write("FAILURE: CLIENT rtn: " + rtn + "<br>");
+
+ if (FULL)
+ {
+ HCID=ctx.MPIN.HASH_ID(sha,CLIENT_ID);
+ ctx.MPIN.GET_G1_MULTIPLE(rng,1,R,HCID,Z); /* Also Send Z=r.ID to Server, remember random r */
+ }
+
+ rtn=ctx.MPIN.SERVER(sha,date,pHID,pHTID,Y,SST,pxID,pxCID,SEC,pE,pF,CLIENT_ID,timeValue);
+ if (rtn != 0)
+ mywindow.document.write("FAILURE: SERVER rtn: " + rtn+ "<br>");
+
+ if (FULL)
+ {
+ HSID=ctx.MPIN.HASH_ID(sha,CLIENT_ID);
+ ctx.MPIN.GET_G1_MULTIPLE(rng,0,W,prHID,T); /* Also send T=w.ID to client, remember random w */
+ }
+ }
+ else
+ {
+ mywindow.document.write("MPIN Multi Pass " + "<br>");
+ rtn=ctx.MPIN.CLIENT_1(sha,date,CLIENT_ID,rng,X,pin,TOKEN,SEC,pxID,pxCID,pPERMIT);
+ if (rtn != 0)
+ mywindow.document.write("FAILURE: CLIENT_1 rtn: " + rtn + "<br>");
+
+ if (FULL)
+ {
+ HCID=ctx.MPIN.HASH_ID(sha,CLIENT_ID);
+ ctx.MPIN.GET_G1_MULTIPLE(rng,1,R,HCID,Z); /* Also Send Z=r.ID to Server, remember random r */
+ }
+
+ /* Server calculates H(ID) and H(T|H(ID)) (if time permits enabled), and maps them to points on the curve HID and HTID resp. */
+ ctx.MPIN.SERVER_1(sha,date,CLIENT_ID,pHID,pHTID);
+
+ /* Server generates Random number Y and sends it to Client */
+ ctx.MPIN.RANDOM_GENERATE(rng,Y);
+
+ if (FULL)
+ {
+ HSID=ctx.MPIN.HASH_ID(sha,CLIENT_ID);
+ ctx.MPIN.GET_G1_MULTIPLE(rng,0,W,prHID,T); /* Also send T=w.ID to client, remember random w */
+ }
+
+ /* Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */
+ rtn=ctx.MPIN.CLIENT_2(X,Y,SEC);
+ if (rtn != 0)
+ mywindow.document.write("FAILURE: CLIENT_2 rtn: " + rtn + "<br>");
+ /* Server Second pass. Inputs hashed client id, random Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */
+ /* If PIN error not required, set E and F = NULL */
+ rtn=ctx.MPIN.SERVER_2(date,pHID,pHTID,Y,SST,pxID,pxCID,SEC,pE,pF);
+
+ if (rtn != 0)
+ mywindow.document.write("FAILURE: SERVER_2 rtn: " + rtn+ "<br>");
+
+ }
+
+
+ if (rtn == ctx.MPIN.BAD_PIN)
+ {
+ mywindow.document.write("Server says - Bad Pin. I don't know you. Feck off." + "<br>");
+ if (PINERROR)
+ {
+ var err=ctx.MPIN.KANGAROO(E,F);
+ if (err!=0) mywindow.document.write("(Client PIN is out by "+err + ")<br>");
+ }
+ }
+ else
+ {
+ mywindow.document.write("Server says - PIN is good! You really are "+IDstr + "<br>");
+ if (FULL)
+ {
+ H=ctx.MPIN.HASH_ALL(sha,HCID,pxID,pxCID,SEC,Y,Z,T);
+ ctx.MPIN.CLIENT_KEY(sha,G1,G2,pin,R,X,H,T,CK);
+
+ mywindow.document.write("Client Key = 0x"+ctx.MPIN.bytestostring(CK) + "<br>");
+ H=ctx.MPIN.HASH_ALL(sha,HSID,pxID,pxCID,SEC,Y,Z,T);
+ ctx.MPIN.SERVER_KEY(sha,Z,SST,W,H,pHID,pxID,pxCID,SK);
+ mywindow.document.write("Server Key = 0x"+ctx.MPIN.bytestostring(SK) + "<br>");
+ }
+ }
+
+}
+
+
+
+// BLS24 context
+function bls24() {
+ var ctx = new CTX('BLS24');
+ mywindow=window.open();
+
+ mywindow.document.write("<br> BLS24 Pairing-Friendly Curve "+ "<br>");
+
+ var i,res;
+ var result;
+
+ var EGS=ctx.MPIN192.EGS;
+ var EFS=ctx.MPIN192.EFS;
+ var EAS=ctx.ECP.AESKEY;
+
+ var sha=ctx.ECP.HASH_TYPE;
+
+ var G1S=2*EFS+1; /* Group 1 Size */
+ var G2S=8*EFS; /* Group 2 Size */ /**/
+
+ var S=[];
+ var SST=[];
+ var TOKEN = [];
+ var PERMIT = [];
+ var SEC = [];
+ var xID = [];
+ var xCID = [];
+ var X= [];
+ var Y= [];
+ var E=[];
+ var F=[];
+ var HCID=[];
+ var HID=[];
+ var HTID=[];
+
+ var G1=[];
+ var G2=[];
+ var R=[];
+ var Z=[];
+ var W=[];
+ var T=[];
+ var CK=[];
+ var SK=[];
+
+ var HSID=[];
+
+/* Set configuration */
+ var PERMITS=true;
+ var PINERROR=true;
+ var FULL=true;
+ var ONE_PASS=false;
+
+ var RAW=[];
+ var rng=new ctx.RAND();
+
+ rng.clean();
+ for (i=0;i<100;i++) RAW[i]=i;
+
+ rng.seed(100,RAW);
+
+/* Trusted Authority set-up */
+ ctx.MPIN192.RANDOM_GENERATE(rng,S);
+ mywindow.document.write("M-Pin Master Secret s: 0x"+ctx.MPIN192.bytestostring(S) + "<br>");
+
+ /* Create Client Identity */
+ var IDstr = "testUser@miracl.com";
+ var CLIENT_ID = ctx.MPIN192.stringtobytes(IDstr);
+ HCID=ctx.MPIN192.HASH_ID(sha,CLIENT_ID); /* Either Client or TA calculates Hash(ID) - you decide! */
+
+ mywindow.document.write("Client ID= "+ctx.MPIN192.bytestostring(CLIENT_ID) + "<br>");
+
+/* Client and Server are issued secrets by DTA */
+ ctx.MPIN192.GET_SERVER_SECRET(S,SST);
+ mywindow.document.write("Server Secret SS: 0x"+ctx.MPIN192.bytestostring(SST) + "<br>");
+
+ ctx.MPIN192.GET_CLIENT_SECRET(S,HCID,TOKEN);
+ mywindow.document.write("Client Secret CS: 0x"+ctx.MPIN192.bytestostring(TOKEN) + "<br>");
+
+/* Client extracts PIN from secret to create Token */
+ var pin=1234;
+ mywindow.document.write("Client extracts PIN= "+pin + "<br>");
+ var rtn=ctx.MPIN192.EXTRACT_PIN(sha,CLIENT_ID,pin,TOKEN);
+ if (rtn != 0)
+ mywindow.document.write("Failed to extract PIN " + "<br>");
+
+ mywindow.document.write("Client Token TK: 0x"+ctx.MPIN192.bytestostring(TOKEN) + "<br>");
+
+ if (FULL)
+ {
+ ctx.MPIN192.PRECOMPUTE(TOKEN,HCID,G1,G2);
+ }
+
+ var date;
+ if (PERMITS)
+ {
+ date=ctx.MPIN192.today();
+/* Client gets "Time Token" permit from DTA */
+ ctx.MPIN192.GET_CLIENT_PERMIT(sha,date,S,HCID,PERMIT);
+ mywindow.document.write("Time Permit TP: 0x"+ctx.MPIN192.bytestostring(PERMIT) + "<br>");
+
+/* This encoding makes Time permit look random - Elligator squared */
+ ctx.MPIN192.ENCODING(rng,PERMIT);
+ mywindow.document.write("Encoded Time Permit TP: 0x"+ctx.MPIN192.bytestostring(PERMIT) + "<br>");
+ ctx.MPIN192.DECODING(PERMIT);
+ mywindow.document.write("Decoded Time Permit TP: 0x"+ctx.MPIN192.bytestostring(PERMIT) + "<br>");
+ }
+ else date=0;
+
+ pin=parseInt(mywindow.prompt("Enter PIN= "));
+
+/* Set date=0 and PERMIT=null if time permits not in use
+
+Client First pass: Inputs CLIENT_ID, optional RNG, pin, TOKEN and PERMIT. Output xID = x.H(CLIENT_ID) and re-combined secret SEC
+If PERMITS are is use, then date!=0 and PERMIT is added to secret and xCID = x.(H(CLIENT_ID)+H_T(date|H(CLIENT_ID)))
+Random value x is supplied externally if RNG=null, otherwise generated and passed out by RNG
+
+If Time Permits OFF set xCID = null, HTID=null and use xID and HID only
+If Time permits are ON, AND pin error detection is required then all of xID, xCID, HID and HTID are required
+If Time permits are ON, AND pin error detection is NOT required, set xID=null, HID=null and use xCID and HTID only.
+
+
+*/
+ var pxID=xID;
+ var pxCID=xCID;
+ var pHID=HID;
+ var pHTID=HTID;
+ var pE=E;
+ var pF=F;
+ var pPERMIT=PERMIT;
+ var prHID;
+
+ if (date!=0)
+ {
+ prHID=pHTID;
+ if (!PINERROR)
+ {
+ pxID=null;
+ // pHID=null;
+ }
+ }
+ else
+ {
+ prHID=pHID;
+ pPERMIT=null;
+ pxCID=null;
+ pHTID=null;
+ }
+ if (!PINERROR)
+ {
+ pE=null;
+ pF=null;
+ }
+
+ if (ONE_PASS)
+ {
+ mywindow.document.write("MPIN Single Pass " + "<br>");
+ timeValue = ctx.MPIN192.GET_TIME();
+ mywindow.document.write("Epoch " + timeValue + "<br>");
+
+ rtn=ctx.MPIN192.CLIENT(sha,date,CLIENT_ID,rng,X,pin,TOKEN,SEC,pxID,pxCID,pPERMIT,timeValue,Y);
+
+ if (rtn != 0)
+ mywindow.document.write("FAILURE: CLIENT rtn: " + rtn + "<br>");
+
+ if (FULL)
+ {
+ HCID=ctx.MPIN192.HASH_ID(sha,CLIENT_ID);
+ ctx.MPIN192.GET_G1_MULTIPLE(rng,1,R,HCID,Z); /* Also Send Z=r.ID to Server, remember random r */
+ }
+
+ rtn=ctx.MPIN192.SERVER(sha,date,pHID,pHTID,Y,SST,pxID,pxCID,SEC,pE,pF,CLIENT_ID,timeValue);
+ if (rtn != 0)
+ mywindow.document.write("FAILURE: SERVER rtn: " + rtn+ "<br>");
+
+ if (FULL)
+ {
+ HSID=ctx.MPIN192.HASH_ID(sha,CLIENT_ID);
+ ctx.MPIN192.GET_G1_MULTIPLE(rng,0,W,prHID,T); /* Also send T=w.ID to client, remember random w */
+ }
+ }
+ else
+ {
+ mywindow.document.write("MPIN Multi Pass " + "<br>");
+ rtn=ctx.MPIN192.CLIENT_1(sha,date,CLIENT_ID,rng,X,pin,TOKEN,SEC,pxID,pxCID,pPERMIT);
+ if (rtn != 0)
+ mywindow.document.write("FAILURE: CLIENT_1 rtn: " + rtn + "<br>");
+
+ if (FULL)
+ {
+ HCID=ctx.MPIN192.HASH_ID(sha,CLIENT_ID);
+ ctx.MPIN192.GET_G1_MULTIPLE(rng,1,R,HCID,Z); /* Also Send Z=r.ID to Server, remember random r */
+ }
+
+ /* Server calculates H(ID) and H(T|H(ID)) (if time permits enabled), and maps them to points on the curve HID and HTID resp. */
+ ctx.MPIN192.SERVER_1(sha,date,CLIENT_ID,pHID,pHTID);
+
+ /* Server generates Random number Y and sends it to Client */
+ ctx.MPIN192.RANDOM_GENERATE(rng,Y);
+
+ if (FULL)
+ {
+ HSID=ctx.MPIN192.HASH_ID(sha,CLIENT_ID);
+ ctx.MPIN192.GET_G1_MULTIPLE(rng,0,W,prHID,T); /* Also send T=w.ID to client, remember random w */
+ }
+
+ /* Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */
+ rtn=ctx.MPIN192.CLIENT_2(X,Y,SEC);
+ if (rtn != 0)
+ mywindow.document.write("FAILURE: CLIENT_2 rtn: " + rtn + "<br>");
+ /* Server Second pass. Inputs hashed client id, random Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */
+ /* If PIN error not required, set E and F = NULL */
+ rtn=ctx.MPIN192.SERVER_2(date,pHID,pHTID,Y,SST,pxID,pxCID,SEC,pE,pF);
+
+ if (rtn != 0)
+ mywindow.document.write("FAILURE: SERVER_2 rtn: " + rtn+ "<br>");
+
+ }
+
+
+ if (rtn == ctx.MPIN192.BAD_PIN)
+ {
+ mywindow.document.write("Server says - Bad Pin. I don't know you. Feck off." + "<br>");
+ if (PINERROR)
+ {
+ var err=ctx.MPIN192.KANGAROO(E,F);
+ if (err!=0) mywindow.document.write("(Client PIN is out by "+err + ")<br>");
+ }
+ }
+ else
+ {
+ mywindow.document.write("Server says - PIN is good! You really are "+IDstr + "<br>");
+ if (FULL)
+ {
+ H=ctx.MPIN192.HASH_ALL(sha,HCID,pxID,pxCID,SEC,Y,Z,T);
+ ctx.MPIN192.CLIENT_KEY(sha,G1,G2,pin,R,X,H,T,CK);
+
+ mywindow.document.write("Client Key = 0x"+ctx.MPIN192.bytestostring(CK) + "<br>");
+ H=ctx.MPIN192.HASH_ALL(sha,HSID,pxID,pxCID,SEC,Y,Z,T);
+ ctx.MPIN192.SERVER_KEY(sha,Z,SST,W,H,pHID,pxID,pxCID,SK);
+ mywindow.document.write("Server Key = 0x"+ctx.MPIN192.bytestostring(SK) + "<br>");
+ }
+ }
+
+}
+
+// BLS48 context
+function bls48() {
+ var ctx = new CTX('BLS48');
+ mywindow=window.open();
+
+ mywindow.document.write("<br> BLS48 Pairing-Friendly Curve "+ "<br>");
+
+ var i,res;
+ var result;
+
+ var EGS=ctx.MPIN256.EGS;
+ var EFS=ctx.MPIN256.EFS;
+ var EAS=ctx.ECP.AESKEY;
+
+ var sha=ctx.ECP.HASH_TYPE;
+
+ var G1S=2*EFS+1; // Group 1 Size
+ var G2S=16*EFS; // Group 2 Size **
+
+ var S=[];
+ var SST=[];
+ var TOKEN = [];
+ var PERMIT = [];
+ var SEC = [];
+ var xID = [];
+ var xCID = [];
+ var X= [];
+ var Y= [];
+ var E=[];
+ var F=[];
+ var HCID=[];
+ var HID=[];
+ var HTID=[];
+
+ var G1=[];
+ var G2=[];
+ var R=[];
+ var Z=[];
+ var W=[];
+ var T=[];
+ var CK=[];
+ var SK=[];
+
+ var HSID=[];
+
+// Set configuration
+ var PERMITS=true;
+ var PINERROR=true;
+ var FULL=true;
+ var ONE_PASS=false;
+
+ var RAW=[];
+ var rng=new ctx.RAND();
+
+ rng.clean();
+ for (i=0;i<100;i++) RAW[i]=i;
+
+ rng.seed(100,RAW);
+
+// Trusted Authority set-up
+ ctx.MPIN256.RANDOM_GENERATE(rng,S);
+
+ mywindow.document.write("M-Pin Master Secret s: 0x"+ctx.MPIN256.bytestostring(S) + "<br>");
+ // Create Client Identity
+ var IDstr = "testUser@miracl.com";
+ var CLIENT_ID = ctx.MPIN256.stringtobytes(IDstr);
+ HCID=ctx.MPIN256.HASH_ID(sha,CLIENT_ID); // Either Client or TA calculates Hash(ID) - you decide!
+
+ mywindow.document.write("Client ID= "+ctx.MPIN256.bytestostring(CLIENT_ID) + "<br>");
+
+// Client and Server are issued secrets by DTA
+ ctx.MPIN256.GET_SERVER_SECRET(S,SST);
+ mywindow.document.write("Server Secret SS: 0x"+ctx.MPIN256.bytestostring(SST) + "<br>");
+
+ ctx.MPIN256.GET_CLIENT_SECRET(S,HCID,TOKEN);
+ mywindow.document.write("Client Secret CS: 0x"+ctx.MPIN256.bytestostring(TOKEN) + "<br>");
+
+// Client extracts PIN from secret to create Token
+ var pin=1234;
+ mywindow.document.write("Client extracts PIN= "+pin + "<br>");
+ var rtn=ctx.MPIN256.EXTRACT_PIN(sha,CLIENT_ID,pin,TOKEN);
+ if (rtn != 0)
+ mywindow.document.write("Failed to extract PIN " + "<br>");
+
+ mywindow.document.write("Client Token TK: 0x"+ctx.MPIN256.bytestostring(TOKEN) + "<br>");
+
+ if (FULL)
+ {
+ ctx.MPIN256.PRECOMPUTE(TOKEN,HCID,G1,G2);
+ }
+
+ var date;
+ if (PERMITS)
+ {
+ date=ctx.MPIN256.today();
+// Client gets "Time Token" permit from DTA
+ ctx.MPIN256.GET_CLIENT_PERMIT(sha,date,S,HCID,PERMIT);
+ mywindow.document.write("Time Permit TP: 0x"+ctx.MPIN256.bytestostring(PERMIT) + "<br>");
+
+// This encoding makes Time permit look random - Elligator squared
+ ctx.MPIN256.ENCODING(rng,PERMIT);
+ mywindow.document.write("Encoded Time Permit TP: 0x"+ctx.MPIN256.bytestostring(PERMIT) + "<br>");
+ ctx.MPIN256.DECODING(PERMIT);
+ mywindow.document.write("Decoded Time Permit TP: 0x"+ctx.MPIN256.bytestostring(PERMIT) + "<br>");
+ }
+ else date=0;
+
+ pin=parseInt(mywindow.prompt("Enter PIN= "));
+
+// Set date=0 and PERMIT=null if time permits not in use
+
+//Client First pass: Inputs CLIENT_ID, optional RNG, pin, TOKEN and PERMIT. Output xID = x.H(CLIENT_ID) and re-combined secret SEC
+//If PERMITS are is use, then date!=0 and PERMIT is added to secret and xCID = x.(H(CLIENT_ID)+H_T(date|H(CLIENT_ID)))
+//Random value x is supplied externally if RNG=null, otherwise generated and passed out by RNG
+
+//If Time Permits OFF set xCID = null, HTID=null and use xID and HID only
+//If Time permits are ON, AND pin error detection is required then all of xID, xCID, HID and HTID are required
+//If Time permits are ON, AND pin error detection is NOT required, set xID=null, HID=null and use xCID and HTID only.
+
+
+ var pxID=xID;
+ var pxCID=xCID;
+ var pHID=HID;
+ var pHTID=HTID;
+ var pE=E;
+ var pF=F;
+ var pPERMIT=PERMIT;
+ var prHID;
+
+ if (date!=0)
+ {
+ prHID=pHTID;
+ if (!PINERROR)
+ {
+ pxID=null;
+ // pHID=null;
+ }
+ }
+ else
+ {
+ prHID=pHID;
+ pPERMIT=null;
+ pxCID=null;
+ pHTID=null;
+ }
+ if (!PINERROR)
+ {
+ pE=null;
+ pF=null;
+ }
+
+ if (ONE_PASS)
+ {
+ mywindow.document.write("MPIN Single Pass " + "<br>");
+ timeValue = ctx.MPIN256.GET_TIME();
+ mywindow.document.write("Epoch " + timeValue + "<br>");
+
+ rtn=ctx.MPIN256.CLIENT(sha,date,CLIENT_ID,rng,X,pin,TOKEN,SEC,pxID,pxCID,pPERMIT,timeValue,Y);
+
+ if (rtn != 0)
+ mywindow.document.write("FAILURE: CLIENT rtn: " + rtn + "<br>");
+
+ if (FULL)
+ {
+ HCID=ctx.MPIN256.HASH_ID(sha,CLIENT_ID);
+ ctx.MPIN256.GET_G1_MULTIPLE(rng,1,R,HCID,Z); // Also Send Z=r.ID to Server, remember random r
+ }
+
+ rtn=ctx.MPIN256.SERVER(sha,date,pHID,pHTID,Y,SST,pxID,pxCID,SEC,pE,pF,CLIENT_ID,timeValue);
+ if (rtn != 0)
+ mywindow.document.write("FAILURE: SERVER rtn: " + rtn+ "<br>");
+
+ if (FULL)
+ {
+ HSID=ctx.MPIN256.HASH_ID(sha,CLIENT_ID);
+ ctx.MPIN256.GET_G1_MULTIPLE(rng,0,W,prHID,T); // Also send T=w.ID to client, remember random w
+ }
+ }
+ else
+ {
+ mywindow.document.write("MPIN Multi Pass " + "<br>");
+ rtn=ctx.MPIN256.CLIENT_1(sha,date,CLIENT_ID,rng,X,pin,TOKEN,SEC,pxID,pxCID,pPERMIT);
+ if (rtn != 0)
+ mywindow.document.write("FAILURE: CLIENT_1 rtn: " + rtn + "<br>");
+
+ if (FULL)
+ {
+ HCID=ctx.MPIN256.HASH_ID(sha,CLIENT_ID);
+ ctx.MPIN256.GET_G1_MULTIPLE(rng,1,R,HCID,Z); // Also Send Z=r.ID to Server, remember random r
+ }
+
+ // Server calculates H(ID) and H(T|H(ID)) (if time permits enabled), and maps them to points on the curve HID and HTID resp.
+ ctx.MPIN256.SERVER_1(sha,date,CLIENT_ID,pHID,pHTID);
+
+ // Server generates Random number Y and sends it to Client
+ ctx.MPIN256.RANDOM_GENERATE(rng,Y);
+
+ if (FULL)
+ {
+ HSID=ctx.MPIN256.HASH_ID(sha,CLIENT_ID);
+ ctx.MPIN256.GET_G1_MULTIPLE(rng,0,W,prHID,T); // Also send T=w.ID to client, remember random w
+ }
+
+ // Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC
+ rtn=ctx.MPIN256.CLIENT_2(X,Y,SEC);
+ if (rtn != 0)
+ mywindow.document.write("FAILURE: CLIENT_2 rtn: " + rtn + "<br>");
+ // Server Second pass. Inputs hashed client id, random Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error.
+ // If PIN error not required, set E and F = NULL
+ rtn=ctx.MPIN256.SERVER_2(date,pHID,pHTID,Y,SST,pxID,pxCID,SEC,pE,pF);
+
+ if (rtn != 0)
+ mywindow.document.write("FAILURE: SERVER_2 rtn: " + rtn+ "<br>");
+
+ }
+
+
+ if (rtn == ctx.MPIN256.BAD_PIN)
+ {
+ mywindow.document.write("Server says - Bad Pin. I don't know you. Feck off." + "<br>");
+ if (PINERROR)
+ {
+ var err=ctx.MPIN256.KANGAROO(E,F);
+ if (err!=0) mywindow.document.write("(Client PIN is out by "+err + ")<br>");
+ }
+ }
+ else
+ {
+ mywindow.document.write("Server says - PIN is good! You really are "+IDstr + "<br>");
+ if (FULL)
+ {
+ H=ctx.MPIN256.HASH_ALL(sha,HCID,pxID,pxCID,SEC,Y,Z,T);
+ ctx.MPIN256.CLIENT_KEY(sha,G1,G2,pin,R,X,H,T,CK);
+
+ mywindow.document.write("Client Key = 0x"+ctx.MPIN256.bytestostring(CK) + "<br>");
+ H=ctx.MPIN256.HASH_ALL(sha,HSID,pxID,pxCID,SEC,Y,Z,T);
+ ctx.MPIN256.SERVER_KEY(sha,Z,SST,W,H,pHID,pxID,pxCID,SK);
+ mywindow.document.write("Server Key = 0x"+ctx.MPIN256.bytestostring(SK) + "<br>");
+ }
+ }
+
+}
+
+</script>
+</body>
+</html>
diff --git a/examples/node/example_DVS_BLS383.js b/examples/node/example_DVS_BLS381.js
similarity index 99%
rename from examples/node/example_DVS_BLS383.js
rename to examples/node/example_DVS_BLS381.js
index d407427..416892c 100644
--- a/examples/node/example_DVS_BLS383.js
+++ b/examples/node/example_DVS_BLS381.js
@@ -21,7 +21,7 @@ under the License.
var CTX = require("../../index");
-var ctx = new CTX("BLS383");
+var ctx = new CTX("BLS381");
var RAW = [];
var rng = new ctx.RAND();
diff --git a/examples/node/example_ECC_BLS383_NIST521.js b/examples/node/example_ECC_BLS381_NIST521.js
similarity index 98%
rename from examples/node/example_ECC_BLS383_NIST521.js
rename to examples/node/example_ECC_BLS381_NIST521.js
index 6a5e82f..9849b78 100644
--- a/examples/node/example_ECC_BLS383_NIST521.js
+++ b/examples/node/example_ECC_BLS381_NIST521.js
@@ -22,10 +22,10 @@ under the License.
var CTX = require("../../index");
-var ctx1 = new CTX("BLS383");
+var ctx1 = new CTX("BLS381");
var ctx2 = new CTX("NIST521");
-console.log("Start testing BLS383");
+console.log("Start testing BLS381");
var pp = "M0ng00se",
res,
diff --git a/examples/node/example_MPIN_BLS383.js b/examples/node/example_MPIN_BLS381.js
similarity index 99%
rename from examples/node/example_MPIN_BLS383.js
rename to examples/node/example_MPIN_BLS381.js
index 14d7fe5..11e2b78 100644
--- a/examples/node/example_MPIN_BLS383.js
+++ b/examples/node/example_MPIN_BLS381.js
@@ -21,7 +21,7 @@ under the License.
var CTX = require("../../index");
-var ctx = new CTX("BLS383");
+var ctx = new CTX("BLS381");
/* Test M-Pin */
diff --git a/examples/node/example_MPIN_FULL_BLS383.js b/examples/node/example_MPIN_FULL_BLS381.js
similarity index 99%
rename from examples/node/example_MPIN_FULL_BLS383.js
rename to examples/node/example_MPIN_FULL_BLS381.js
index c7f37df..0e9f9a3 100644
--- a/examples/node/example_MPIN_FULL_BLS383.js
+++ b/examples/node/example_MPIN_FULL_BLS381.js
@@ -21,7 +21,7 @@ under the License.
var CTX = require("../../index");
-var ctx = new CTX("BLS383");
+var ctx = new CTX("BLS381");
/* Test M-Pin */
diff --git a/examples/node/example_MPIN_ONE_PASS_BLS383.js b/examples/node/example_MPIN_ONE_PASS_BLS381.js
similarity index 99%
rename from examples/node/example_MPIN_ONE_PASS_BLS383.js
rename to examples/node/example_MPIN_ONE_PASS_BLS381.js
index 112b868..9de9ba6 100644
--- a/examples/node/example_MPIN_ONE_PASS_BLS383.js
+++ b/examples/node/example_MPIN_ONE_PASS_BLS381.js
@@ -21,7 +21,7 @@ under the License.
var CTX = require("../../index");
-var ctx = new CTX("BLS383");
+var ctx = new CTX("BLS381");
/* Test M-Pin */