You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@milagro.apache.org by br...@apache.org on 2018/11/08 00:13:05 UTC
[45/51] [partial] incubator-milagro-crypto-c git commit: update code
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/doc/latex/words.eps
----------------------------------------------------------------------
diff --git a/doc/latex/words.eps b/doc/latex/words.eps
new file mode 100644
index 0000000..6651c4b
--- /dev/null
+++ b/doc/latex/words.eps
@@ -0,0 +1,469 @@
+%!PS-Adobe-2.0 EPSF-2.0
+%%Title: C:\Users\Shamus\Pictures\words.dia
+%%Creator: Dia v0.97.2
+%%CreationDate: Tue Jul 29 11:17:31 2014
+%%For: Shamus
+%%Orientation: Portrait
+%%Magnification: 1.0000
+%%BoundingBox: 0 0 966 249
+%%BeginSetup
+%%EndSetup
+%%EndComments
+%%BeginProlog
+[ /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef
+/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef
+/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef
+/.notdef /.notdef /space /exclam /quotedbl /numbersign /dollar /percent /ampersand /quoteright
+/parenleft /parenright /asterisk /plus /comma /hyphen /period /slash /zero /one
+/two /three /four /five /six /seven /eight /nine /colon /semicolon
+/less /equal /greater /question /at /A /B /C /D /E
+/F /G /H /I /J /K /L /M /N /O
+/P /Q /R /S /T /U /V /W /X /Y
+/Z /bracketleft /backslash /bracketright /asciicircum /underscore /quoteleft /a /b /c
+/d /e /f /g /h /i /j /k /l /m
+/n /o /p /q /r /s /t /u /v /w
+/x /y /z /braceleft /bar /braceright /asciitilde /.notdef /.notdef /.notdef
+/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef
+/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef
+/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef
+/space /exclamdown /cent /sterling /currency /yen /brokenbar /section /dieresis /copyright
+/ordfeminine /guillemotleft /logicalnot /hyphen /registered /macron /degree /plusminus /twosuperior /threesuperior
+/acute /mu /paragraph /periodcentered /cedilla /onesuperior /ordmasculine /guillemotright /onequarter /onehalf
+/threequarters /questiondown /Agrave /Aacute /Acircumflex /Atilde /Adieresis /Aring /AE /Ccedilla
+/Egrave /Eacute /Ecircumflex /Edieresis /Igrave /Iacute /Icircumflex /Idieresis /Eth /Ntilde
+/Ograve /Oacute /Ocircumflex /Otilde /Odieresis /multiply /Oslash /Ugrave /Uacute /Ucircumflex
+/Udieresis /Yacute /Thorn /germandbls /agrave /aacute /acircumflex /atilde /adieresis /aring
+/ae /ccedilla /egrave /eacute /ecircumflex /edieresis /igrave /iacute /icircumflex /idieresis
+/eth /ntilde /ograve /oacute /ocircumflex /otilde /odieresis /divide /oslash /ugrave
+/uacute /ucircumflex /udieresis /yacute /thorn /ydieresis] /isolatin1encoding exch def
+/cp {closepath} bind def
+/c {curveto} bind def
+/f {fill} bind def
+/a {arc} bind def
+/ef {eofill} bind def
+/ex {exch} bind def
+/gr {grestore} bind def
+/gs {gsave} bind def
+/sa {save} bind def
+/rs {restore} bind def
+/l {lineto} bind def
+/m {moveto} bind def
+/rm {rmoveto} bind def
+/n {newpath} bind def
+/s {stroke} bind def
+/sh {show} bind def
+/slc {setlinecap} bind def
+/slj {setlinejoin} bind def
+/slw {setlinewidth} bind def
+/srgb {setrgbcolor} bind def
+/rot {rotate} bind def
+/sc {scale} bind def
+/sd {setdash} bind def
+/ff {findfont} bind def
+/sf {setfont} bind def
+/scf {scalefont} bind def
+/sw {stringwidth pop} bind def
+/tr {translate} bind def
+
+/ellipsedict 8 dict def
+ellipsedict /mtrx matrix put
+/ellipse
+{ ellipsedict begin
+ /endangle exch def
+ /startangle exch def
+ /yrad exch def
+ /xrad exch def
+ /y exch def
+ /x exch def /savematrix mtrx currentmatrix def
+ x y tr xrad yrad sc
+ 0 0 1 startangle endangle arc
+ savematrix setmatrix
+ end
+} def
+
+/mergeprocs {
+dup length
+3 -1 roll
+dup
+length
+dup
+5 1 roll
+3 -1 roll
+add
+array cvx
+dup
+3 -1 roll
+0 exch
+putinterval
+dup
+4 2 roll
+putinterval
+} bind def
+/Times-Roman-latin1
+ /Times-Roman findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Times-Italic-latin1
+ /Times-Italic findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Times-Bold-latin1
+ /Times-Bold findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Times-BoldItalic-latin1
+ /Times-BoldItalic findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/AvantGarde-Gothic-latin1
+ /AvantGarde-Gothic findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/AvantGarde-BookOblique-latin1
+ /AvantGarde-BookOblique findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/AvantGarde-Demi-latin1
+ /AvantGarde-Demi findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/AvantGarde-DemiOblique-latin1
+ /AvantGarde-DemiOblique findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Bookman-Light-latin1
+ /Bookman-Light findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Bookman-LightItalic-latin1
+ /Bookman-LightItalic findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Bookman-Demi-latin1
+ /Bookman-Demi findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Bookman-DemiItalic-latin1
+ /Bookman-DemiItalic findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Courier-latin1
+ /Courier findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Courier-Oblique-latin1
+ /Courier-Oblique findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Courier-Bold-latin1
+ /Courier-Bold findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Courier-BoldOblique-latin1
+ /Courier-BoldOblique findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Helvetica-latin1
+ /Helvetica findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Helvetica-Oblique-latin1
+ /Helvetica-Oblique findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Helvetica-Bold-latin1
+ /Helvetica-Bold findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Helvetica-BoldOblique-latin1
+ /Helvetica-BoldOblique findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Helvetica-Narrow-latin1
+ /Helvetica-Narrow findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Helvetica-Narrow-Oblique-latin1
+ /Helvetica-Narrow-Oblique findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Helvetica-Narrow-Bold-latin1
+ /Helvetica-Narrow-Bold findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Helvetica-Narrow-BoldOblique-latin1
+ /Helvetica-Narrow-BoldOblique findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/NewCenturySchlbk-Roman-latin1
+ /NewCenturySchlbk-Roman findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/NewCenturySchlbk-Italic-latin1
+ /NewCenturySchlbk-Italic findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/NewCenturySchlbk-Bold-latin1
+ /NewCenturySchlbk-Bold findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/NewCenturySchlbk-BoldItalic-latin1
+ /NewCenturySchlbk-BoldItalic findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Palatino-Roman-latin1
+ /Palatino-Roman findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Palatino-Italic-latin1
+ /Palatino-Italic findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Palatino-Bold-latin1
+ /Palatino-Bold findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Palatino-BoldItalic-latin1
+ /Palatino-BoldItalic findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/Symbol-latin1
+ /Symbol findfont
+definefont pop
+/ZapfChancery-MediumItalic-latin1
+ /ZapfChancery-MediumItalic findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+/ZapfDingbats-latin1
+ /ZapfDingbats findfont
+ dup length dict begin
+ {1 index /FID ne {def} {pop pop} ifelse} forall
+ /Encoding isolatin1encoding def
+ currentdict end
+definefont pop
+28.346000 -28.346000 scale
+-4.000000 2.867500 translate
+%%EndProlog
+
+
+0.100000 slw
+[] 0 sd
+[] 0 sd
+0 slj
+0.000000 0.000000 0.000000 srgb
+n 5.000000 -10.000000 m 5.000000 -7.000000 l 14.000000 -7.000000 l 14.000000 -10.000000 l cp s
+0.100000 slw
+[] 0 sd
+[] 0 sd
+0 slc
+n 8.000000 -10.000000 m 8.000000 -7.000000 l s
+0.100000 slw
+[] 0 sd
+[] 0 sd
+0 slj
+n 15.000000 -10.000000 m 15.000000 -7.000000 l 24.000000 -7.000000 l 24.000000 -10.000000 l cp s
+0.100000 slw
+[] 0 sd
+[] 0 sd
+0 slc
+n 16.000000 -10.000000 m 16.000000 -7.000000 l s
+0.100000 slw
+[] 0 sd
+[] 0 sd
+0 slj
+n 29.000000 -10.000000 m 29.000000 -7.000000 l 38.000000 -7.000000 l 38.000000 -10.000000 l cp s
+0.100000 slw
+[] 0 sd
+[] 0 sd
+0 slc
+n 30.000000 -10.000000 m 30.000000 -7.000000 l s
+0.100000 slw
+[] 0 sd
+[] 0 sd
+0 slc
+n 11.000000 -10.000000 m 11.000000 -7.000000 l s
+0.100000 slw
+[] 0 sd
+[] 0 sd
+0 slc
+n 6.000000 -10.000000 m 6.000000 -7.000000 l s
+0.100000 slw
+[] 0 sd
+[] 0 sd
+0 slc
+n 18.000000 -10.000000 m 18.000000 -7.000000 l s
+0.100000 slw
+[] 0 sd
+[] 0 sd
+0 slc
+n 32.000000 -10.000000 m 32.000000 -7.000000 l s
+/Helvetica-latin1 ff 0.560000 scf sf
+(Sign bit) 4.000000 -3.120000 m
+ gs 1 -1 sc sh gr
+0.100000 slw
+[] 0 sd
+[] 0 sd
+0 slc
+n 5.000000 -4.000000 m 5.000000 -5.513197 l s
+[] 0 sd
+0 slj
+0 slc
+n 5.000000 -5.888197 m 5.250000 -5.388197 l 5.000000 -5.513197 l 4.750000 -5.388197 l ef
+n 5.000000 -5.888197 m 5.250000 -5.388197 l 5.000000 -5.513197 l 4.750000 -5.388197 l cp s
+/Helvetica-latin1 ff 0.560000 scf sf
+(Field Excess) 8.000000 -3.120000 m
+ gs 1 -1 sc sh gr
+0.100000 slw
+[] 0 sd
+[] 0 sd
+0 slc
+n 9.000000 -4.000000 m 9.000000 -5.513197 l s
+[] 0 sd
+0 slj
+0 slc
+n 9.000000 -5.888197 m 9.250000 -5.388197 l 9.000000 -5.513197 l 8.750000 -5.388197 l ef
+n 9.000000 -5.888197 m 9.250000 -5.388197 l 9.000000 -5.513197 l 8.750000 -5.388197 l cp s
+/Helvetica-latin1 ff 0.560000 scf sf
+(Word Excess) 15.000000 -3.120000 m
+ gs 1 -1 sc sh gr
+/Helvetica-latin1 ff 0.560000 scf sf
+(Word Excess) 29.000000 -3.120000 m
+ gs 1 -1 sc sh gr
+0.100000 slw
+[] 0 sd
+[] 0 sd
+0 slc
+n 17.000000 -4.000000 m 17.000000 -5.513197 l s
+[] 0 sd
+0 slj
+0 slc
+n 17.000000 -5.888197 m 17.250000 -5.388197 l 17.000000 -5.513197 l 16.750000 -5.388197 l ef
+n 17.000000 -5.888197 m 17.250000 -5.388197 l 17.000000 -5.513197 l 16.750000 -5.388197 l cp s
+0.100000 slw
+[] 0 sd
+[] 0 sd
+0 slc
+n 31.000000 -4.000000 m 31.000000 -5.513197 l s
+[] 0 sd
+0 slj
+0 slc
+n 31.000000 -5.888197 m 31.250000 -5.388197 l 31.000000 -5.513197 l 30.750000 -5.388197 l ef
+n 31.000000 -5.888197 m 31.250000 -5.388197 l 31.000000 -5.513197 l 30.750000 -5.388197 l cp s
+/Helvetica-latin1 ff 0.560000 scf sf
+(Base Bits) 20.000000 -8.120000 m
+ gs 1 -1 sc sh gr
+/Helvetica-latin1 ff 0.560000 scf sf
+(Base Bits) 34.000000 -8.120000 m
+ gs 1 -1 sc sh gr
+/Helvetica-latin1 ff 0.560000 scf sf
+(Top Bits) 11.000000 -8.120000 m
+ gs 1 -1 sc sh gr
+/Helvetica-latin1 ff 0.560000 scf sf
+(..........) 26.000000 -7.120000 m
+ gs 1 -1 sc sh gr
+/Helvetica-latin1 ff 0.560000 scf sf
+(Most Significant Word) 7.000000 -11.120000 m
+ gs 1 -1 sc sh gr
+/Helvetica-latin1 ff 0.560000 scf sf
+(Least Significant Word) 30.000000 -11.120000 m
+ gs 1 -1 sc sh gr
+showpage
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/examples/CMakeLists.txt
----------------------------------------------------------------------
diff --git a/examples/CMakeLists.txt b/examples/CMakeLists.txt
new file mode 100644
index 0000000..e7c6467
--- /dev/null
+++ b/examples/CMakeLists.txt
@@ -0,0 +1,58 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+cmake_minimum_required(VERSION 3.1 FATAL_ERROR)
+
+foreach(curve ${AMCL_CURVE})
+ amcl_curve_field(PF "${curve}")
+ amcl_curve_field(TC "${curve}")
+ amcl_curve_field(CS "${curve}")
+
+ amcl_configure_file_curve(testecdh_ZZZ.c.in testecdh_${TC}.c "${curve}" testecdh_${TC}_GEN_SRCS)
+ add_executable(testecdh_${TC} ${testecdh_${TC}_GEN_SRCS})
+ target_link_libraries(testecdh_${TC} PRIVATE amcl_curve_${TC})
+
+ if(TARGET amcl_mpin_${TC})
+ amcl_configure_file_curve(testmpin_ZZZ.c.in testmpin_${TC}.c "${curve}" testmpin_${TC}_GEN_SRCS)
+ add_executable(testmpin_${TC} ${testmpin_${TC}_GEN_SRCS})
+ target_link_libraries(testmpin_${TC} PRIVATE amcl_mpin_${TC})
+
+ amcl_configure_file_curve(testdvs_ZZZ.c.in testdvs_${TC}.c "${curve}" testdvs_${TC}_GEN_SRCS)
+ add_executable(testdvs_${TC} ${testdvs_${TC}_GEN_SRCS})
+ target_link_libraries(testdvs_${TC} PRIVATE amcl_mpin_${TC})
+ endif()
+
+ if(TARGET amcl_wcc_${TC})
+ amcl_configure_file_curve(testwcc_ZZZ.c.in testwcc_${TC}.c "${curve}" testwcc_${TC}_GEN_SRCS)
+ add_executable(testwcc_${TC} ${testwcc_${TC}_GEN_SRCS})
+ target_link_libraries(testwcc_${TC} PRIVATE amcl_wcc_${TC})
+
+ amcl_configure_file_curve(testwcc_dta_ZZZ.c.in testwcc_dta_${TC}.c "${curve}" testwcc_dta_${TC}_GEN_SRCS)
+ add_executable(testwcc_dta_${TC} ${testwcc_dta_${TC}_GEN_SRCS})
+ target_link_libraries(testwcc_dta_${TC} PRIVATE amcl_wcc_${TC})
+ endif()
+
+endforeach()
+
+foreach(level ${AMCL_RSA})
+ amcl_rsa_field(TFF "${level}")
+
+ amcl_configure_file_rsa(testrsa_WWW.c.in testrsa_${TFF}.c "${level}" testrsa_${TFF}_GEN_SRCS)
+ add_executable(testrsa_${TFF} ${testrsa_${TFF}_GEN_SRCS})
+ target_link_libraries(testrsa_${TFF} PRIVATE amcl_rsa_${TFF})
+
+endforeach()
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/examples/amcl_build.c
----------------------------------------------------------------------
diff --git a/examples/amcl_build.c b/examples/amcl_build.c
new file mode 100644
index 0000000..e2b0f93
--- /dev/null
+++ b/examples/amcl_build.c
@@ -0,0 +1,32 @@
+/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/
+
+/* Test version function */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "amcl.h"
+#include "version.h"
+
+int main()
+{
+ amcl_version();
+ return 0;
+}
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/examples/testall.c
----------------------------------------------------------------------
diff --git a/examples/testall.c b/examples/testall.c
new file mode 100644
index 0000000..ec961db
--- /dev/null
+++ b/examples/testall.c
@@ -0,0 +1,913 @@
+/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/
+
+/* test driver and function exerciser for ECDH/ECIES/ECDSA API Functions */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include "ecdh_ED25519.h"
+#include "mpin_BN254CX.h"
+#include "rsa_2048.h"
+#include "rsa_3072.h"
+#include "randapi.h"
+
+#if CHUNK!=16
+#include "ecdh_NIST256.h"
+#include "ecdh_GOLDILOCKS.h"
+#endif
+
+int ecdh_ED25519(csprng *RNG)
+{
+ int i,res;
+ unsigned long ran;
+ char *pp="M0ng00se";
+ // These octets are automatically protected against buffer overflow attacks
+ // Note salt must be big enough to include an appended word
+ // Note ECIES ciphertext C must be big enough to include at least 1 appended block
+ // Recall EFS_ED25519 is field size in bytes. So EFS_ED25519=32 for 256-bit curve
+ char s0[2*EGS_ED25519],s1[EGS_ED25519],w0[2*EFS_ED25519+1],w1[2*EFS_ED25519+1],z0[EFS_ED25519],z1[EFS_ED25519],key[EAS_ED25519],salt[40],pw[40];
+ octet S0= {0,sizeof(s0),s0};
+ octet S1= {0,sizeof(s1),s1};
+ octet W0= {0,sizeof(w0),w0};
+ octet W1= {0,sizeof(w1),w1};
+ octet Z0= {0,sizeof(z0),z0};
+ octet Z1= {0,sizeof(z1),z1};
+ octet KEY= {0,sizeof(key),key};
+ octet SALT= {0,sizeof(salt),salt};
+ octet PW= {0,sizeof(pw),pw};
+
+ SALT.len=8;
+ for (i=0; i<8; i++) SALT.val[i]=i+1; // set Salt
+
+ printf("Alice's Passphrase= %s\n",pp);
+
+ OCT_empty(&PW);
+ OCT_jstring(&PW,pp); // set Password from string
+
+ // private key S0 of size EGS_ED25519 bytes derived from Password and Salt
+
+ PBKDF2(HASH_TYPE_ECC_ED25519,&PW,&SALT,1000,EGS_ED25519,&S0);
+
+ printf("Alices private key= 0x");
+ OCT_output(&S0);
+
+ // Generate Key pair S/W
+
+ ECP_ED25519_KEY_PAIR_GENERATE(NULL,&S0,&W0);
+ printf("Alices public key= 0x");
+ OCT_output(&W0);
+
+ res=ECP_ED25519_PUBLIC_KEY_VALIDATE(&W0);
+ if (res!=0)
+ {
+ printf("ECP Public Key is invalid!\n");
+ return 0;
+ }
+
+ // Random private key for other party
+ ECP_ED25519_KEY_PAIR_GENERATE(RNG,&S1,&W1);
+ res=ECP_ED25519_PUBLIC_KEY_VALIDATE(&W1);
+ if (res!=0)
+ {
+ printf("ECP Public Key is invalid!\n");
+ return 0;
+ }
+ printf("Servers private key= 0x");
+ OCT_output(&S1);
+ printf("Servers public key= 0x");
+ OCT_output(&W1);
+
+ // Calculate common key using DH - IEEE 1363 method
+
+ ECP_ED25519_SVDP_DH(&S0,&W1,&Z0);
+ ECP_ED25519_SVDP_DH(&S1,&W0,&Z1);
+
+ if (!OCT_comp(&Z0,&Z1))
+ {
+ printf("*** ECPSVDP-DH Failed\n");
+ return 0;
+ }
+
+ KDF2(HASH_TYPE_ECC_ED25519,&Z0,NULL,EAS_ED25519,&KEY);
+
+ printf("Alice's DH Key= 0x");
+ OCT_output(&KEY);
+ printf("Servers DH Key= 0x");
+ OCT_output(&KEY);
+
+#if CURVETYPE_ED25519 != MONTGOMERY
+
+ char ds[EGS_ED25519],p1[30],p2[30],v[2*EFS_ED25519+1],m[32],c[64],t[32],cs[EGS_ED25519];
+ octet DS= {0,sizeof(ds),ds};
+ octet CS= {0,sizeof(cs),cs};
+ octet P1= {0,sizeof(p1),p1};
+ octet P2= {0,sizeof(p2),p2};
+ octet V= {0,sizeof(v),v};
+ octet M= {0,sizeof(m),m};
+ octet C= {0,sizeof(c),c};
+ octet T= {0,sizeof(t),t};
+
+ printf("Testing ECIES\n");
+
+ P1.len=3;
+ P1.val[0]=0x0;
+ P1.val[1]=0x1;
+ P1.val[2]=0x2;
+ P2.len=4;
+ P2.val[0]=0x0;
+ P2.val[1]=0x1;
+ P2.val[2]=0x2;
+ P2.val[3]=0x3;
+
+ M.len=17;
+ for (i=0; i<=16; i++) M.val[i]=i;
+
+ ECP_ED25519_ECIES_ENCRYPT(HASH_TYPE_ECC_ED25519,&P1,&P2,RNG,&W1,&M,12,&V,&C,&T);
+
+ printf("Ciphertext= \n");
+ printf("V= 0x");
+ OCT_output(&V);
+ printf("C= 0x");
+ OCT_output(&C);
+ printf("T= 0x");
+ OCT_output(&T);
+
+ if (!ECP_ED25519_ECIES_DECRYPT(HASH_TYPE_ECC_ED25519,&P1,&P2,&V,&C,&T,&S1,&M))
+ {
+ printf("*** ECIES Decryption Failed\n");
+ return 0;
+ }
+ else printf("Decryption succeeded\n");
+
+ printf("Message is 0x");
+ OCT_output(&M);
+
+
+ printf("Testing ECDSA\n");
+
+ if (ECP_ED25519_SP_DSA(HASH_TYPE_ECC_ED25519,RNG,NULL,&S0,&M,&CS,&DS)!=0)
+ {
+ printf("***ECDSA Signature Failed\n");
+ return 0;
+ }
+
+ printf("Signature C = 0x");
+ OCT_output(&CS);
+ printf("Signature D = 0x");
+ OCT_output(&DS);
+
+ if (ECP_ED25519_VP_DSA(HASH_TYPE_ECC_ED25519,&W0,&M,&CS,&DS)!=0)
+ {
+ printf("***ECDSA Verification Failed\n");
+ return 0;
+ }
+ else
+ {
+ printf("ECDSA Signature/Verification succeeded\n");
+ }
+
+#endif
+
+ return 0;
+}
+
+#if CHUNK!=16
+int ecdh_NIST256(csprng *RNG)
+{
+ int i,res;
+ unsigned long ran;
+ char *pp="M0ng00se";
+ // These octets are automatically protected against buffer overflow attacks
+ // Note salt must be big enough to include an appended word
+ // Note ECIES ciphertext C must be big enough to include at least 1 appended block
+ // Recall EFS_NIST256 is field size in bytes. So EFS_NIST256=32 for 256-bit curve
+ char s0[2*EGS_NIST256],s1[EGS_NIST256],w0[2*EFS_NIST256+1],w1[2*EFS_NIST256+1],z0[EFS_NIST256],z1[EFS_NIST256],key[EAS_NIST256],salt[40],pw[40];
+ octet S0= {0,sizeof(s0),s0};
+ octet S1= {0,sizeof(s1),s1};
+ octet W0= {0,sizeof(w0),w0};
+ octet W1= {0,sizeof(w1),w1};
+ octet Z0= {0,sizeof(z0),z0};
+ octet Z1= {0,sizeof(z1),z1};
+ octet KEY= {0,sizeof(key),key};
+ octet SALT= {0,sizeof(salt),salt};
+ octet PW= {0,sizeof(pw),pw};
+
+ SALT.len=8;
+ for (i=0; i<8; i++) SALT.val[i]=i+1; // set Salt
+
+ printf("Alice's Passphrase= %s\n",pp);
+
+ OCT_empty(&PW);
+ OCT_jstring(&PW,pp); // set Password from string
+
+ // private key S0 of size EGS_NIST256 bytes derived from Password and Salt
+
+ PBKDF2(HASH_TYPE_ECC_NIST256,&PW,&SALT,1000,EGS_NIST256,&S0);
+
+ printf("Alices private key= 0x");
+ OCT_output(&S0);
+
+ // Generate Key pair S/W
+
+ ECP_NIST256_KEY_PAIR_GENERATE(NULL,&S0,&W0);
+ printf("Alices public key= 0x");
+ OCT_output(&W0);
+
+ res=ECP_NIST256_PUBLIC_KEY_VALIDATE(&W0);
+ if (res!=0)
+ {
+ printf("ECP Public Key is invalid!\n");
+ return 0;
+ }
+
+ // Random private key for other party
+ ECP_NIST256_KEY_PAIR_GENERATE(RNG,&S1,&W1);
+ res=ECP_NIST256_PUBLIC_KEY_VALIDATE(&W1);
+ if (res!=0)
+ {
+ printf("ECP Public Key is invalid!\n");
+ return 0;
+ }
+ printf("Servers private key= 0x");
+ OCT_output(&S1);
+ printf("Servers public key= 0x");
+ OCT_output(&W1);
+
+ // Calculate common key using DH - IEEE 1363 method
+
+ ECP_NIST256_SVDP_DH(&S0,&W1,&Z0);
+ ECP_NIST256_SVDP_DH(&S1,&W0,&Z1);
+
+ if (!OCT_comp(&Z0,&Z1))
+ {
+ printf("*** ECPSVDP-DH Failed\n");
+ return 0;
+ }
+
+ KDF2(HASH_TYPE_ECC_NIST256,&Z0,NULL,EAS_NIST256,&KEY);
+
+ printf("Alice's DH Key= 0x");
+ OCT_output(&KEY);
+ printf("Servers DH Key= 0x");
+ OCT_output(&KEY);
+
+#if CURVETYPE_NIST256 != MONTGOMERY
+
+ char ds[EGS_NIST256],p1[30],p2[30],v[2*EFS_NIST256+1],m[32],c[64],t[32],cs[EGS_NIST256];
+ octet DS= {0,sizeof(ds),ds};
+ octet CS= {0,sizeof(cs),cs};
+ octet P1= {0,sizeof(p1),p1};
+ octet P2= {0,sizeof(p2),p2};
+ octet V= {0,sizeof(v),v};
+ octet M= {0,sizeof(m),m};
+ octet C= {0,sizeof(c),c};
+ octet T= {0,sizeof(t),t};
+
+ printf("Testing ECIES\n");
+
+ P1.len=3;
+ P1.val[0]=0x0;
+ P1.val[1]=0x1;
+ P1.val[2]=0x2;
+ P2.len=4;
+ P2.val[0]=0x0;
+ P2.val[1]=0x1;
+ P2.val[2]=0x2;
+ P2.val[3]=0x3;
+
+ M.len=17;
+ for (i=0; i<=16; i++) M.val[i]=i;
+
+ ECP_NIST256_ECIES_ENCRYPT(HASH_TYPE_ECC_NIST256,&P1,&P2,RNG,&W1,&M,12,&V,&C,&T);
+
+ printf("Ciphertext= \n");
+ printf("V= 0x");
+ OCT_output(&V);
+ printf("C= 0x");
+ OCT_output(&C);
+ printf("T= 0x");
+ OCT_output(&T);
+
+ if (!ECP_NIST256_ECIES_DECRYPT(HASH_TYPE_ECC_NIST256,&P1,&P2,&V,&C,&T,&S1,&M))
+ {
+ printf("*** ECIES Decryption Failed\n");
+ return 0;
+ }
+ else printf("Decryption succeeded\n");
+
+ printf("Message is 0x");
+ OCT_output(&M);
+
+
+ printf("Testing ECDSA\n");
+
+ if (ECP_NIST256_SP_DSA(HASH_TYPE_ECC_NIST256,RNG,NULL,&S0,&M,&CS,&DS)!=0)
+ {
+ printf("***ECDSA Signature Failed\n");
+ return 0;
+ }
+
+ printf("Signature C = 0x");
+ OCT_output(&CS);
+ printf("Signature D = 0x");
+ OCT_output(&DS);
+
+ if (ECP_NIST256_VP_DSA(HASH_TYPE_ECC_NIST256,&W0,&M,&CS,&DS)!=0)
+ {
+ printf("***ECDSA Verification Failed\n");
+ return 0;
+ }
+ else
+ {
+ printf("ECDSA Signature/Verification succeeded\n");
+ }
+
+#endif
+
+ return 0;
+}
+
+int ecdh_GOLDILOCKS(csprng *RNG)
+{
+ int i,res;
+ unsigned long ran;
+ char *pp="M0ng00se";
+ // These octets are automatically protected against buffer overflow attacks
+ // Note salt must be big enough to include an appended word
+ // Note ECIES ciphertext C must be big enough to include at least 1 appended block
+ // Recall EFS_GOLDILOCKS is field size in bytes. So EFS_GOLDILOCKS=32 for 256-bit curve
+ char s0[2*EGS_GOLDILOCKS],s1[EGS_GOLDILOCKS],w0[2*EFS_GOLDILOCKS+1],w1[2*EFS_GOLDILOCKS+1],z0[EFS_GOLDILOCKS],z1[EFS_GOLDILOCKS],key[EAS_GOLDILOCKS],salt[40],pw[40];
+ octet S0= {0,sizeof(s0),s0};
+ octet S1= {0,sizeof(s1),s1};
+ octet W0= {0,sizeof(w0),w0};
+ octet W1= {0,sizeof(w1),w1};
+ octet Z0= {0,sizeof(z0),z0};
+ octet Z1= {0,sizeof(z1),z1};
+ octet KEY= {0,sizeof(key),key};
+ octet SALT= {0,sizeof(salt),salt};
+ octet PW= {0,sizeof(pw),pw};
+
+ SALT.len=8;
+ for (i=0; i<8; i++) SALT.val[i]=i+1; // set Salt
+
+ printf("Alice's Passphrase= %s\n",pp);
+
+ OCT_empty(&PW);
+ OCT_jstring(&PW,pp); // set Password from string
+
+ // private key S0 of size EGS_GOLDILOCKS bytes derived from Password and Salt
+
+ PBKDF2(HASH_TYPE_ECC_GOLDILOCKS,&PW,&SALT,1000,EGS_GOLDILOCKS,&S0);
+
+ printf("Alices private key= 0x");
+ OCT_output(&S0);
+
+ // Generate Key pair S/W
+
+ ECP_GOLDILOCKS_KEY_PAIR_GENERATE(NULL,&S0,&W0);
+ printf("Alices public key= 0x");
+ OCT_output(&W0);
+
+ res=ECP_GOLDILOCKS_PUBLIC_KEY_VALIDATE(&W0);
+ if (res!=0)
+ {
+ printf("ECP Public Key is invalid!\n");
+ return 0;
+ }
+
+ // Random private key for other party
+ ECP_GOLDILOCKS_KEY_PAIR_GENERATE(RNG,&S1,&W1);
+ res=ECP_GOLDILOCKS_PUBLIC_KEY_VALIDATE(&W1);
+ if (res!=0)
+ {
+ printf("ECP Public Key is invalid!\n");
+ return 0;
+ }
+ printf("Servers private key= 0x");
+ OCT_output(&S1);
+ printf("Servers public key= 0x");
+ OCT_output(&W1);
+
+ // Calculate common key using DH - IEEE 1363 method
+
+ ECP_GOLDILOCKS_SVDP_DH(&S0,&W1,&Z0);
+ ECP_GOLDILOCKS_SVDP_DH(&S1,&W0,&Z1);
+
+ if (!OCT_comp(&Z0,&Z1))
+ {
+ printf("*** ECPSVDP-DH Failed\n");
+ return 0;
+ }
+
+ KDF2(HASH_TYPE_ECC_GOLDILOCKS,&Z0,NULL,EAS_GOLDILOCKS,&KEY);
+
+ printf("Alice's DH Key= 0x");
+ OCT_output(&KEY);
+ printf("Servers DH Key= 0x");
+ OCT_output(&KEY);
+
+#if CURVETYPE_GOLDILOCKS != MONTGOMERY
+
+ char ds[EGS_GOLDILOCKS],p1[30],p2[30],v[2*EFS_GOLDILOCKS+1],m[32],c[64],t[32],cs[EGS_GOLDILOCKS];
+ octet DS= {0,sizeof(ds),ds};
+ octet CS= {0,sizeof(cs),cs};
+ octet P1= {0,sizeof(p1),p1};
+ octet P2= {0,sizeof(p2),p2};
+ octet V= {0,sizeof(v),v};
+ octet M= {0,sizeof(m),m};
+ octet C= {0,sizeof(c),c};
+ octet T= {0,sizeof(t),t};
+
+ printf("Testing ECIES\n");
+
+ P1.len=3;
+ P1.val[0]=0x0;
+ P1.val[1]=0x1;
+ P1.val[2]=0x2;
+ P2.len=4;
+ P2.val[0]=0x0;
+ P2.val[1]=0x1;
+ P2.val[2]=0x2;
+ P2.val[3]=0x3;
+
+ M.len=17;
+ for (i=0; i<=16; i++) M.val[i]=i;
+
+ ECP_GOLDILOCKS_ECIES_ENCRYPT(HASH_TYPE_ECC_GOLDILOCKS,&P1,&P2,RNG,&W1,&M,12,&V,&C,&T);
+
+ printf("Ciphertext= \n");
+ printf("V= 0x");
+ OCT_output(&V);
+ printf("C= 0x");
+ OCT_output(&C);
+ printf("T= 0x");
+ OCT_output(&T);
+
+ if (!ECP_GOLDILOCKS_ECIES_DECRYPT(HASH_TYPE_ECC_GOLDILOCKS,&P1,&P2,&V,&C,&T,&S1,&M))
+ {
+ printf("*** ECIES Decryption Failed\n");
+ return 0;
+ }
+ else printf("Decryption succeeded\n");
+
+ printf("Message is 0x");
+ OCT_output(&M);
+
+
+ printf("Testing ECDSA\n");
+
+ if (ECP_GOLDILOCKS_SP_DSA(HASH_TYPE_ECC_GOLDILOCKS,RNG,NULL,&S0,&M,&CS,&DS)!=0)
+ {
+ printf("***ECDSA Signature Failed\n");
+ return 0;
+ }
+
+ printf("Signature C = 0x");
+ OCT_output(&CS);
+ printf("Signature D = 0x");
+ OCT_output(&DS);
+
+ if (ECP_GOLDILOCKS_VP_DSA(HASH_TYPE_ECC_GOLDILOCKS,&W0,&M,&CS,&DS)!=0)
+ {
+ printf("***ECDSA Verification Failed\n");
+ return 0;
+ }
+ else
+ {
+ printf("ECDSA Signature/Verification succeeded\n");
+ }
+
+#endif
+
+ return 0;
+}
+#endif
+
+#define PERMITS // for time permits ON or OFF
+#define PINERROR // For PIN ERROR detection ON or OFF
+#define FULL // for M-Pin Full or M-Pin regular
+
+int mpin_BN254CX(csprng *RNG)
+{
+ int i,pin,rtn,err;
+#ifdef PERMITS
+ int date=today();
+#else
+ int date=0;
+#endif
+ unsigned long ran;
+ char x[PGS_BN254CX],s[PGS_BN254CX],y[PGS_BN254CX],client_id[100],sst[4*PFS_BN254CX],token[2*PFS_BN254CX+1],sec[2*PFS_BN254CX+1],permit[2*PFS_BN254CX+1],xcid[2*PFS_BN254CX+1],xid[2*PFS_BN254CX+1],e[12*PFS_BN254CX],f[12*PFS_BN254CX];
+ char hcid[PFS_BN254CX],hsid[PFS_BN254CX],hid[2*PFS_BN254CX+1],htid[2*PFS_BN254CX+1],h[PGS_BN254CX];
+#ifdef FULL
+ char r[PGS_BN254CX],z[2*PFS_BN254CX+1],w[PGS_BN254CX],t[2*PFS_BN254CX+1];
+ char g1[12*PFS_BN254CX],g2[12*PFS_BN254CX];
+ char ck[MPIN_PAS],sk[MPIN_PAS];
+#endif
+ octet S= {0,sizeof(s),s};
+ octet X= {0,sizeof(x),x};
+ octet Y= {0,sizeof(y),y};
+ octet H= {0,sizeof(h),h};
+ octet CLIENT_ID= {0,sizeof(client_id),client_id};
+ octet SST= {0,sizeof(sst),sst};
+ octet TOKEN= {0,sizeof(token),token};
+ octet SEC= {0,sizeof(sec),sec};
+ octet PERMIT= {0,sizeof(permit),permit};
+ octet xCID= {0,sizeof(xcid),xcid};
+ octet xID= {0,sizeof(xid),xid};
+ octet HCID= {0,sizeof(hcid),hcid};
+ octet HSID= {0,sizeof(hsid),hsid};
+ octet HID= {0,sizeof(hid),hid};
+ octet HTID= {0,sizeof(htid),htid};
+ octet E= {0,sizeof(e),e};
+ octet F= {0,sizeof(f),f};
+#ifdef FULL
+ octet R= {0,sizeof(r),r};
+ octet Z= {0,sizeof(z),z};
+ octet W= {0,sizeof(w),w};
+ octet T= {0,sizeof(t),t};
+ octet G1= {0,sizeof(g1),g1};
+ octet G2= {0,sizeof(g2),g2};
+ octet SK= {0,sizeof(sk),sk};
+ octet CK= {0,sizeof(ck),ck};
+#endif
+ octet *pxID,*pxCID,*pHID,*pHTID,*pE,*pF,*pPERMIT,*prHID;
+ char idhex[100];
+
+ // Trusted Authority set-up
+ MPIN_BN254CX_RANDOM_GENERATE(RNG,&S);
+ printf("Master Secret= ");
+ OCT_output(&S);
+
+ // Create Client Identity
+ OCT_jstring(&CLIENT_ID,"testUser@miracl.com");
+ HASH_ID(HASH_TYPE_MPIN_BN254CX,&CLIENT_ID,&HCID); // Either Client or TA calculates Hash(ID) - you decide!
+
+ printf("Client ID Hash= ");
+ OCT_output(&HCID);
+ printf("\n");
+
+ OCT_toHex(&CLIENT_ID,idhex);
+ printf("Client ID= %s\n",idhex);// OCT_toHex(&CLIENT_ID); printf("\n");
+
+ MPIN_BN254CX_GET_CLIENT_SECRET(&S,&HCID,&TOKEN);
+ printf("Client Secret= ");
+ OCT_output(&TOKEN);
+
+// Client and Server are issued secrets by DTA
+ MPIN_BN254CX_GET_SERVER_SECRET(&S,&SST);
+ printf("Server Secret= ");
+ OCT_output(&SST);
+
+
+
+ // Client extracts PIN from secret to create Token
+ pin=1234;
+ printf("Client extracts PIN= %d\n",pin);
+ MPIN_BN254CX_EXTRACT_PIN(HASH_TYPE_MPIN_BN254CX,&CLIENT_ID,pin,&TOKEN);
+ printf("Client Token= ");
+ OCT_output(&TOKEN);
+
+#ifdef FULL
+ MPIN_BN254CX_PRECOMPUTE(&TOKEN,&HCID,NULL,&G1,&G2);
+#endif
+
+#ifdef PERMITS
+ // Client gets "Time Permit" from DTA
+ printf("Client gets Time Permit\n");
+
+ MPIN_BN254CX_GET_CLIENT_PERMIT(HASH_TYPE_MPIN_BN254CX,date,&S,&HCID,&PERMIT);
+ printf("Time Permit= ");
+ OCT_output(&PERMIT);
+
+ // This encoding makes Time permit look random
+ if (MPIN_BN254CX_ENCODING(RNG,&PERMIT)!=0) printf("Encoding error\n");
+ // printf("Encoded Time Permit= "); OCT_output(&PERMIT);
+ if (MPIN_BN254CX_DECODING(&PERMIT)!=0) printf("Decoding error\n");
+ // printf("Decoded Time Permit= "); OCT_output(&PERMIT);
+#endif
+
+ // MPin Protocol
+
+ // Client enters PIN
+ //printf("\nPIN= ");
+ //if(scanf("%d",&pin)) {};
+ // to avoid silly compile error
+ //getchar();
+ pin = 1234;
+
+ // Set date=0 and PERMIT=NULL if time permits not in use
+
+ // Client First pass: Inputs CLIENT_ID, optional RNG, pin, TOKEN and PERMIT. Output xID = x.H(CLIENT_ID) and re-combined secret SEC
+ // If PERMITS are is use, then date!=0 and PERMIT is added to secret and xCID = x.(H(CLIENT_ID)+H(date|H(CLIENT_ID)))
+ // Random value x is supplied externally if RNG=NULL, otherwise generated and passed out by RNG
+
+ // HSID - hashed client ID as calculated by the server
+ // HCID - hashed client ID as calculated by the client
+
+ // IMPORTANT: To save space and time..
+ // If Time Permits OFF set xCID = NULL, HTID=NULL and use xID and HID only
+ // If Time permits are ON, AND pin error detection is required then all of xID, xCID, HID and HTID are required
+ // If Time permits are ON, AND pin error detection is NOT required, set xID=NULL, HID=NULL and use xCID and HTID only.
+
+
+
+ pxID=&xID;
+ pxCID=&xCID;
+ pHID=&HID;
+ pHTID=&HTID;
+ pE=&E;
+ pF=&F;
+ pPERMIT=&PERMIT;
+
+#ifdef PERMITS
+ prHID=pHTID;
+#ifndef PINERROR
+ pxID=NULL;
+// pHID=NULL; //new
+#endif
+#else
+ prHID=pHID;
+ pPERMIT=NULL;
+ pxCID=NULL;
+ pHTID=NULL;
+#endif
+#ifndef PINERROR
+ pE=NULL;
+ pF=NULL;
+#endif
+
+ // When set only send hashed IDs to server
+ octet *pID;
+#ifdef USE_ANONYMOUS
+ pID = &HCID;
+#else
+ pID = &CLIENT_ID;
+#endif
+
+#ifdef SINGLE_PASS
+ int timeValue;
+ printf("MPIN Single Pass\n");
+ timeValue = MPIN_BN254CX_GET_TIME();
+
+ rtn=MPIN_BN254CX_CLIENT(HASH_TYPE_MPIN_BN254CX,date,&CLIENT_ID,RNG,&X,pin,&TOKEN,&SEC,pxID,pxCID,pPERMIT,NULL,timeValue,&Y);
+
+ if (rtn != 0)
+ {
+ printf("MPIN_BN254CX_CLIENT ERROR %d\n", rtn);
+ return 1;
+ }
+
+#ifdef FULL
+ MPIN_BN254CX_GET_G1_MULTIPLE(RNG,1,&R,&HCID,&Z); // Also Send Z=r.ID to Server, remember random r
+#endif
+
+
+ rtn=MPIN_BN254CX_SERVER(HASH_TYPE_MPIN_BN254CX,date,pHID,pHTID,&Y,&SST,pxID,pxCID,&SEC,pE,pF,pID,NULL,timeValue);
+
+#ifdef FULL
+ HASH_ID(HASH_TYPE_MPIN_BN254CX,&CLIENT_ID,&HSID); // new
+ MPIN_BN254CX_GET_G1_MULTIPLE(RNG,0,&W,prHID,&T); // Also send T=w.ID to client, remember random w
+#endif
+
+#else // SINGLE_PASS
+ printf("MPIN Multi Pass\n");
+ if (MPIN_BN254CX_CLIENT_1(HASH_TYPE_MPIN_BN254CX,date,&CLIENT_ID,RNG,&X,pin,&TOKEN,&SEC,pxID,pxCID,pPERMIT)!=0)
+ {
+ printf("Error from Client side - First Pass\n");
+ return 0;
+ }
+
+ // Send U=x.ID to server, and recreate secret from token and pin
+
+#ifdef FULL
+ HASH_ID(HASH_TYPE_MPIN_BN254CX,&CLIENT_ID,&HCID);
+ MPIN_BN254CX_GET_G1_MULTIPLE(RNG,1,&R,&HCID,&Z); // Also Send Z=r.ID to Server, remember random r, DH component
+#endif
+
+ // Server calculates H(ID) and H(ID)+H(T|H(ID)) (if time permits enabled), and maps them to points on the curve HID and HTID resp.
+ MPIN_BN254CX_SERVER_1(HASH_TYPE_MPIN_BN254CX,date,pID,pHID,pHTID);
+
+ // Server generates Random number Y and sends it to Client
+ MPIN_BN254CX_RANDOM_GENERATE(RNG,&Y);
+
+#ifdef FULL
+ HASH_ID(HASH_TYPE_MPIN_BN254CX,&CLIENT_ID,&HSID); //new
+ MPIN_BN254CX_GET_G1_MULTIPLE(RNG,0,&W,prHID,&T); // Also send T=w.ID to client, remember random w, DH component
+#endif
+
+ // Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC
+ if (MPIN_BN254CX_CLIENT_2(&X,&Y,&SEC)!=0)
+ {
+ printf("Error from Client side - Second Pass\n");
+ return 1;
+ }
+
+ // Server Second phase. Inputs hashed client id, random Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error.
+ // If PIN error not required, set E and F = NULL
+ rtn=MPIN_BN254CX_SERVER_2(date,pHID,pHTID,&Y,&SST,pxID,pxCID,&SEC,pE,pF,NULL);
+#endif // SINGLE_PASS
+
+ if (rtn!=0)
+ {
+ printf("Server says - Bad Pin.\n");
+#ifdef PINERROR
+
+ err=MPIN_BN254CX_KANGAROO(&E,&F);
+ if (err) printf("(Client PIN is out by %d)\n",err);
+
+#endif
+ return 1;
+ }
+ else
+ {
+ printf("Server says - PIN is good! You really are ");
+ OCT_output_string(&CLIENT_ID);
+ printf(".\n");
+ }
+
+#ifdef FULL
+
+ HASH_ALL(HASH_TYPE_MPIN_BN254CX,&HCID,pxID,pxCID,&SEC,&Y,&Z,&T,&H); // new
+ MPIN_BN254CX_CLIENT_KEY(HASH_TYPE_MPIN_BN254CX,&G1,&G2,pin,&R,&X,&H,&T,&CK); // new H
+ printf("Client Key = ");
+ OCT_output(&CK);
+
+ HASH_ALL(HASH_TYPE_MPIN_BN254CX,&HSID,pxID,pxCID,&SEC,&Y,&Z,&T,&H);
+ MPIN_BN254CX_SERVER_KEY(HASH_TYPE_MPIN_BN254CX,&Z,&SST,&W,&H,pHID,pxID,pxCID,&SK); // new H,pHID
+ printf("Server Key = ");
+ OCT_output(&SK);
+#endif
+ return 0;
+}
+
+int rsa_2048(csprng *RNG)
+{
+ int i;
+ unsigned long ran;
+ char m[RFS_2048],ml[RFS_2048],c[RFS_2048],e[RFS_2048],s[RFS_2048];
+ rsa_public_key_2048 pub;
+ rsa_private_key_2048 priv;
+
+ octet M= {0,sizeof(m),m};
+ octet ML= {0,sizeof(ml),ml};
+ octet C= {0,sizeof(c),c};
+ octet E= {0,sizeof(e),e};
+ octet S= {0,sizeof(s),s};
+
+ printf("Generating public/private key pair\n");
+ RSA_2048_KEY_PAIR(RNG,65537,&priv,&pub,NULL,NULL);
+
+ printf("Encrypting test string\n");
+ OCT_jstring(&M,(char *)"Hello World\n");
+
+ OAEP_ENCODE(HASH_TYPE_RSA_2048,&M,RNG,NULL,&E); // OAEP encode message m to e
+
+ RSA_2048_ENCRYPT(&pub,&E,&C); // encrypt encoded message
+ printf("Ciphertext= ");
+ OCT_output(&C);
+
+ printf("Decrypting test string\n");
+ RSA_2048_DECRYPT(&priv,&C,&ML); // ... and then decrypt it
+
+ OAEP_DECODE(HASH_TYPE_RSA_2048,NULL,&ML); // decode it
+ OCT_output_string(&ML);
+
+ printf("Signing message\n");
+ PKCS15(HASH_TYPE_RSA_2048,&M,&C);
+
+ RSA_2048_DECRYPT(&priv,&C,&S); // create signature in S
+
+ printf("Signature= ");
+ OCT_output(&S);
+
+ RSA_2048_ENCRYPT(&pub,&S,&ML);
+
+ if (OCT_comp(&C,&ML)) printf("Signature is valid\n");
+ else printf("Signature is INVALID\n");
+
+ RSA_2048_PRIVATE_KEY_KILL(&priv);
+
+ OCT_clear(&M);
+ OCT_clear(&ML); // clean up afterwards
+ OCT_clear(&C);
+ OCT_clear(&E);
+
+ return 0;
+}
+
+
+int rsa_3072(csprng *RNG)
+{
+ int i;
+ unsigned long ran;
+ char m[RFS_3072],ml[RFS_3072],c[RFS_3072],e[RFS_3072],s[RFS_3072];
+ rsa_public_key_3072 pub;
+ rsa_private_key_3072 priv;
+
+ octet M= {0,sizeof(m),m};
+ octet ML= {0,sizeof(ml),ml};
+ octet C= {0,sizeof(c),c};
+ octet E= {0,sizeof(e),e};
+ octet S= {0,sizeof(s),s};
+
+ printf("Generating public/private key pair\n");
+ RSA_3072_KEY_PAIR(RNG,65537,&priv,&pub,NULL,NULL);
+
+ printf("Encrypting test string\n");
+ OCT_jstring(&M,(char *)"Hello World\n");
+
+ OAEP_ENCODE(HASH_TYPE_RSA_3072,&M,RNG,NULL,&E); // OAEP encode message m to e
+
+ RSA_3072_ENCRYPT(&pub,&E,&C); // encrypt encoded message
+ printf("Ciphertext= ");
+ OCT_output(&C);
+
+ printf("Decrypting test string\n");
+ RSA_3072_DECRYPT(&priv,&C,&ML); // ... and then decrypt it
+
+ OAEP_DECODE(HASH_TYPE_RSA_3072,NULL,&ML); // decode it
+ OCT_output_string(&ML);
+
+ printf("Signing message\n");
+ PKCS15(HASH_TYPE_RSA_3072,&M,&C);
+
+ RSA_3072_DECRYPT(&priv,&C,&S); // create signature in S
+
+ printf("Signature= ");
+ OCT_output(&S);
+
+ RSA_3072_ENCRYPT(&pub,&S,&ML);
+
+ if (OCT_comp(&C,&ML)) printf("Signature is valid\n");
+ else printf("Signature is INVALID\n");
+
+ RSA_3072_PRIVATE_KEY_KILL(&priv);
+
+ OCT_clear(&M);
+ OCT_clear(&ML); // clean up afterwards
+ OCT_clear(&C);
+ OCT_clear(&E);
+
+ return 0;
+}
+
+
+int main()
+{
+ int i,res;
+ unsigned long ran;
+
+ char raw[100];
+ octet RAW= {0,sizeof(raw),raw};
+ csprng RNG; // Crypto Strong RNG
+
+ time((time_t *)&ran);
+
+ RAW.len=100; // fake random seed source
+ RAW.val[0]=ran;
+ RAW.val[1]=ran>>8;
+ RAW.val[2]=ran>>16;
+ RAW.val[3]=ran>>24;
+ for (i=0; i<100; i++) RAW.val[i]=i;
+
+ CREATE_CSPRNG(&RNG,&RAW); // initialise strong RNG
+
+ printf("\nTesting MPIN protocols for curve BN254CX\n");
+ mpin_BN254CX(&RNG);
+ printf("\nTesting ECDH protocols for curve ED25519\n");
+ ecdh_ED25519(&RNG);
+#if CHUNK!=16
+ printf("\nTesting ECDH protocols for curve NIST256\n");
+ ecdh_NIST256(&RNG);
+ printf("\nTesting ECDH protocols for curve GOLDILOCKS\n");
+ ecdh_GOLDILOCKS(&RNG);
+#endif
+ printf("\nTesting RSA protocols for 2048-bit RSA\n");
+ rsa_2048(&RNG);
+
+ printf("\nTesting RSA protocols for 3072-bit RSA\n");
+ rsa_3072(&RNG);
+
+ KILL_CSPRNG(&RNG);
+}
+
+
+
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/examples/testdvs_ZZZ.c.in
----------------------------------------------------------------------
diff --git a/examples/testdvs_ZZZ.c.in b/examples/testdvs_ZZZ.c.in
new file mode 100644
index 0000000..1168d9a
--- /dev/null
+++ b/examples/testdvs_ZZZ.c.in
@@ -0,0 +1,308 @@
+/**
+ * @file test_mpin_ZZZ.c
+ * @author Kealan McCusker
+ * @brief Test good token and correct PIN with D-TA. Single pass
+ *
+ * LICENSE
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/* Test Designated Verifier Signature (DVS) scheme */
+
+/* Build executible after installation:
+
+ gcc -std=c99 -g ./testdvs.c -I/opt/amcl/include -L/opt/amcl/lib -lamcl_mpin_ZZZ -lamcl_pairing_ZZZ -lamcl_curve_ZZZ -lamcl_core -o testdvs
+
+*/
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include "config_curve_ZZZ.h"
+#include "randapi.h"
+#if CURVE_SECURITY_ZZZ == 128
+#include "mpin_ZZZ.h"
+#elif CURVE_SECURITY_ZZZ == 192
+#include "mpin192_ZZZ.h"
+#elif CURVE_SECURITY_ZZZ == 256
+#include "mpin256_ZZZ.h"
+#endif
+
+// Support multiple security levels
+#if CURVE_SECURITY_ZZZ == 128
+#define G2LEN 4*PFS_ZZZ
+#elif CURVE_SECURITY_ZZZ == 192
+#define G2LEN 8*PFS_ZZZ
+#elif CURVE_SECURITY_ZZZ == 256
+#define G2LEN 16*PFS_ZZZ
+#endif
+
+int main()
+{
+ int i,PIN1,PIN2,rtn;
+
+ char id[256+G2LEN];
+ octet ID = {0,sizeof(id),id};
+
+ // Message to sign
+ char m[256];
+ octet M= {0,sizeof(m),m};
+
+ /* Hash of the message */
+ char hm[PFS_ZZZ];
+ octet HM= {0,sizeof(hm), hm};
+
+ char x[PGS_ZZZ],y1[PGS_ZZZ],y2[PGS_ZZZ];
+ octet X= {0, sizeof(x),x};
+ octet Y1= {0,sizeof(y1),y1};
+ octet Y2= {0,sizeof(y2),y2};
+
+ /* Master secret shares */
+ char ms1[PGS_ZZZ], ms2[PGS_ZZZ];
+ octet MS1= {0,sizeof(ms1),ms1};
+ octet MS2= {0,sizeof(ms2),ms2};
+
+ /* Hash values of Client ID */
+ char hcid[PFS_ZZZ];
+ octet HCID= {0,sizeof(hcid), hcid};
+
+ /* Client secret and shares */
+ char cs1[2*PFS_ZZZ+1], cs2[2*PFS_ZZZ+1], sec[2*PFS_ZZZ+1];
+ octet SEC= {0,sizeof(sec),sec};
+ octet CS1= {0,sizeof(cs1), cs1};
+ octet CS2= {0,sizeof(cs2), cs2};
+
+ /* Client Public Key and z */
+ char z[PGS_ZZZ], pa[G2LEN];
+ octet Z= {0,sizeof(z),z};
+ octet Pa= {0,sizeof(pa),pa};
+
+ /* Server secret and shares */
+ char ss1[G2LEN], ss2[G2LEN], serverSecret[G2LEN];
+ octet ServerSecret= {0,sizeof(serverSecret),serverSecret};
+ octet SS1= {0,sizeof(ss1),ss1};
+ octet SS2= {0,sizeof(ss2),ss2};
+
+ /* Token stored on computer */
+ char token[2*PFS_ZZZ+1];
+ octet TOKEN= {0,sizeof(token),token};
+
+ char u[2*PFS_ZZZ+1];
+ octet U= {0,sizeof(u),u};
+
+ char hid[2*PFS_ZZZ+1];
+ octet HID= {0,sizeof(hid),hid};
+
+ int TimeValue = 0;
+
+ PIN1 = 1234;
+ PIN2 = 1234;
+
+ /* Assign the End-User an ID */
+ char* user = "testuser@miracl.com";
+ OCT_jstring(&ID,user);
+ printf("CLIENT: ID %s\n", user);
+
+ char seed[32] = {0};
+ octet SEED = {0,sizeof(seed),seed};
+ csprng RNG;
+
+ /* unrandom seed value! */
+ SEED.len=32;
+ for (i=0; i<32; i++) SEED.val[i]=i+1;
+
+ /* initialise random number generator */
+ CREATE_CSPRNG(&RNG,&SEED);
+
+ /* Generate random public key and z */
+ rtn = MPIN_ZZZ_GET_DVS_KEYPAIR(&RNG,&Z,&Pa);
+ if (rtn!=0)
+ {
+ printf("MPIN_ZZZ_GET_DVS_KEYPAIR(&RNG,&Z,&Pa) Error %d\n", rtn);
+ return 1;
+ }
+ printf("Z: 0x");
+ OCT_output(&Z);
+ printf("Pa: 0x");
+ OCT_output(&Pa);
+
+ /* Append Pa to ID */
+ OCT_joctet(&ID,&Pa);
+ printf("ID|Pa: 0x");
+ OCT_output(&ID);
+
+ /* Hash ID */
+ HASH_ID(HASH_TYPE_ZZZ,&ID,&HCID);
+ printf("HCID: 0x");
+ OCT_output(&HCID);
+
+ /* Generate Client master secret for MIRACL and Customer */
+ rtn = MPIN_ZZZ_RANDOM_GENERATE(&RNG,&MS1);
+ if (rtn != 0)
+ {
+ printf("MPIN_ZZZ_RANDOM_GENERATE(&RNG,&MS1) Error %d\n", rtn);
+ return 1;
+ }
+ rtn = MPIN_ZZZ_RANDOM_GENERATE(&RNG,&MS2);
+ if (rtn != 0)
+ {
+ printf("MPIN_ZZZ_RANDOM_GENERATE(&RNG,&MS2) Error %d\n", rtn);
+ return 1;
+ }
+ printf("MASTER SECRET MIRACL:= 0x");
+ OCT_output(&MS1);
+ printf("MASTER SECRET CUSTOMER:= 0x");
+ OCT_output(&MS2);
+
+ /* Generate server secret shares */
+ rtn = MPIN_ZZZ_GET_SERVER_SECRET(&MS1,&SS1);
+ if (rtn != 0)
+ {
+ printf("MPIN_ZZZ_GET_SERVER_SECRET(&MS1,&SS1) Error %d\n", rtn);
+ return 1;
+ }
+ rtn = MPIN_ZZZ_GET_SERVER_SECRET(&MS2,&SS2);
+ if (rtn != 0)
+ {
+ printf("MPIN_ZZZ_GET_SERVER_SECRET(&MS2,&SS2) Error %d\n", rtn);
+ return 1;
+ }
+ printf("SS1 = 0x");
+ OCT_output(&SS1);
+ printf("SS2 = 0x");
+ OCT_output(&SS2);
+
+ /* Combine server secret share */
+ rtn = MPIN_ZZZ_RECOMBINE_G2(&SS1, &SS2, &ServerSecret);
+ if (rtn != 0)
+ {
+ printf("MPIN_ZZZ_RECOMBINE_G2(&SS1, &SS2, &ServerSecret) Error %d\n", rtn);
+ return 1;
+ }
+ printf("ServerSecret = 0x");
+ OCT_output(&ServerSecret);
+
+ /* Generate client secret shares */
+ rtn = MPIN_ZZZ_GET_CLIENT_SECRET(&MS1,&HCID,&CS1);
+ if (rtn != 0)
+ {
+ printf("MPIN_ZZZ_GET_CLIENT_SECRET(&MS1,&HCID,&CS1) Error %d\n", rtn);
+ return 1;
+ }
+ rtn = MPIN_ZZZ_GET_CLIENT_SECRET(&MS2,&HCID,&CS2);
+ if (rtn != 0)
+ {
+ printf("MPIN_ZZZ_GET_CLIENT_SECRET(&MS2,&HCID,&CS2) Error %d\n", rtn);
+ return 1;
+ }
+ printf("CS1 = 0x");
+ OCT_output(&CS1);
+ printf("CS2 = 0x");
+ OCT_output(&CS2);
+
+ /* Combine client secret shares : TOKEN is the full client secret */
+ rtn = MPIN_ZZZ_RECOMBINE_G1(&CS1, &CS2, &TOKEN);
+ if (rtn != 0)
+ {
+ printf("MPIN_ZZZ_RECOMBINE_G1(&CS1, &CS2, &TOKEN) Error %d\n", rtn);
+ return 1;
+ }
+ printf("Client Secret CS = 0x");
+ OCT_output(&TOKEN);
+
+ /* Compute client secret for key escrow less scheme z.CS */
+ rtn = MPIN_ZZZ_GET_G1_MULTIPLE(NULL,0,&Z,&TOKEN,&TOKEN);
+ if (rtn != 0)
+ {
+ printf("MPIN_ZZZ_GET_G1_MULTIPLE(NULL,0,&Z,&CS,&CS) Error %d\n", rtn);
+ return 1;
+ }
+ printf("z.CS: 0x");
+ OCT_output(&TOKEN);
+
+ /* Client extracts PIN1 from secret to create Token */
+ rtn = MPIN_ZZZ_EXTRACT_PIN(HASH_TYPE_ZZZ,&ID, PIN1, &TOKEN);
+ if (rtn != 0)
+ {
+ printf("MPIN_ZZZ_EXTRACT_PIN( &ID, PIN, &TOKEN) Error %d\n", rtn);
+ return 1;
+ }
+ printf("Token = 0x");
+ OCT_output(&TOKEN);
+
+ /* Client: Sign message */
+ TimeValue = GET_TIME();
+ printf("TimeValue %d \n", TimeValue);
+ char* message = "sign this message";
+ OCT_jstring(&M,message);
+ HASH_ID(HASH_TYPE_ZZZ,&M,&HM);
+ printf("HM: 0x");
+ OCT_output(&HM);
+
+ rtn = MPIN_ZZZ_CLIENT(HASH_TYPE_ZZZ,0,&ID,&RNG,&X,PIN2,&TOKEN,&SEC,&U,NULL,NULL,&HM,TimeValue,&Y1);
+ if (rtn != 0)
+ {
+ printf("MPIN_ZZZ_CLIENT ERROR %d\n", rtn);
+ return 1;
+ }
+ printf("Send to server:\n");
+ printf("ID:");
+ OCT_output(&ID);
+ printf("U:");
+ OCT_output(&U);
+ printf("V:");
+ OCT_output(&SEC);
+ printf("TimeValue %d\n", TimeValue);
+
+ /* Server: Verify message */
+ rtn = MPIN_ZZZ_SERVER(HASH_TYPE_ZZZ,0,&HID,NULL,&Y2,&ServerSecret,&U,NULL,&SEC,NULL,NULL,&ID,&HM,TimeValue,&Pa);
+ if (rtn != 0)
+ {
+ printf("FAILURE Signature Verification %d\n", rtn);
+ }
+ else
+ {
+ printf("SUCCESS Error Code %d\n", rtn);
+ }
+
+ /* clear memory */
+ OCT_clear(&ID);
+ OCT_clear(&X);
+ OCT_clear(&Y1);
+ OCT_clear(&Y2);
+ OCT_clear(&MS1);
+ OCT_clear(&MS2);
+ OCT_clear(&HCID);
+ OCT_clear(&SEC);
+ OCT_clear(&CS1);
+ OCT_clear(&CS2);
+ OCT_clear(&ServerSecret);
+ OCT_clear(&SS1);
+ OCT_clear(&SS2);
+ OCT_clear(&TOKEN);
+ OCT_clear(&U);
+ OCT_clear(&HID);
+ OCT_clear(&SEED);
+ OCT_clear(&Z);
+ OCT_clear(&Pa);
+
+ KILL_CSPRNG(&RNG);
+ return 0;
+}
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/examples/testecdh_ZZZ.c.in
----------------------------------------------------------------------
diff --git a/examples/testecdh_ZZZ.c.in b/examples/testecdh_ZZZ.c.in
new file mode 100644
index 0000000..1bbfc29
--- /dev/null
+++ b/examples/testecdh_ZZZ.c.in
@@ -0,0 +1,231 @@
+/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/
+
+/* test driver and function exerciser for ECDH/ECIES/ECDSA API Functions */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include "ecdh_ZZZ.h"
+#include "ecdh_support.h"
+#include "randapi.h"
+
+int ecdh(csprng *RNG)
+{
+ int i,res;
+ char *pp="M0ng00se";
+ /* These octets are automatically protected against buffer overflow attacks */
+ /* Note salt must be big enough to include an appended word */
+ /* Note ECIES ciphertext C must be big enough to include at least 1 appended block */
+ /* Recall EFS_ZZZ is field size in bytes. So EFS_ZZZ=32 for 256-bit curve */
+ char s0[2*EGS_ZZZ],s1[EGS_ZZZ],w0[2*EFS_ZZZ+1],w1[2*EFS_ZZZ+1],z0[EFS_ZZZ],z1[EFS_ZZZ],key[AESKEY_ZZZ],salt[40],pw[40];
+ octet S0= {0,sizeof(s0),s0};
+ octet S1= {0,sizeof(s1),s1};
+ octet W0= {0,sizeof(w0),w0};
+ octet W1= {0,sizeof(w1),w1};
+ octet Z0= {0,sizeof(z0),z0};
+ octet Z1= {0,sizeof(z1),z1};
+ octet KEY= {0,sizeof(key),key};
+ octet SALT= {0,sizeof(salt),salt};
+ octet PW= {0,sizeof(pw),pw};
+
+ SALT.len=8;
+ for (i=0; i<8; i++) SALT.val[i]=i+1; // set Salt
+
+ printf("Alice's Passphrase= %s\n",pp);
+
+ OCT_empty(&PW);
+ OCT_jstring(&PW,pp); // set Password from string
+
+ /* private key S0 of size EGS_ZZZ bytes derived from Password and Salt */
+
+ PBKDF2(HASH_TYPE_ZZZ,&PW,&SALT,1000,EGS_ZZZ,&S0);
+
+ printf("Alices private key= 0x");
+ OCT_output(&S0);
+
+ /* Generate Key pair S/W */
+
+ ECP_ZZZ_KEY_PAIR_GENERATE(NULL,&S0,&W0);
+ printf("Alices public key= 0x");
+ OCT_output(&W0);
+
+ res=ECP_ZZZ_PUBLIC_KEY_VALIDATE(&W0);
+ if (res!=0)
+ {
+ printf("ECP Public Key is invalid!\n");
+ return 0;
+ }
+
+ /* Random private key for other party */
+ ECP_ZZZ_KEY_PAIR_GENERATE(RNG,&S1,&W1);
+ res=ECP_ZZZ_PUBLIC_KEY_VALIDATE(&W1);
+ if (res!=0)
+ {
+ printf("ECP Public Key is invalid!\n");
+ return 0;
+ }
+ printf("Servers private key= 0x");
+ OCT_output(&S1);
+ printf("Servers public key= 0x");
+ OCT_output(&W1);
+
+ /* Calculate common key using DH - IEEE 1363 method */
+
+ ECP_ZZZ_SVDP_DH(&S0,&W1,&Z0);
+ ECP_ZZZ_SVDP_DH(&S1,&W0,&Z1);
+
+ if (!OCT_comp(&Z0,&Z1))
+ {
+ printf("*** ECPSVDP-DH Failed\n");
+ return 0;
+ }
+
+ KDF2(HASH_TYPE_ZZZ,&Z0,NULL,AESKEY_ZZZ,&KEY);
+
+ printf("Alice's DH Key= 0x");
+ OCT_output(&KEY);
+ printf("Servers DH Key= 0x");
+ OCT_output(&KEY);
+
+#if CURVETYPE_ZZZ != MONTGOMERY
+
+ char ds[EGS_ZZZ],p1[30],p2[30],v[2*EFS_ZZZ+1],m[32],c[64],t[32],cs[EGS_ZZZ];
+ octet DS= {0,sizeof(ds),ds};
+ octet CS= {0,sizeof(cs),cs};
+ octet P1= {0,sizeof(p1),p1};
+ octet P2= {0,sizeof(p2),p2};
+ octet V= {0,sizeof(v),v};
+ octet M= {0,sizeof(m),m};
+ octet C= {0,sizeof(c),c};
+ octet T= {0,sizeof(t),t};
+
+ printf("Testing ECIES\n");
+
+ P1.len=3;
+ P1.val[0]=0x0;
+ P1.val[1]=0x1;
+ P1.val[2]=0x2;
+ P2.len=4;
+ P2.val[0]=0x0;
+ P2.val[1]=0x1;
+ P2.val[2]=0x2;
+ P2.val[3]=0x3;
+
+ M.len=17;
+ for (i=0; i<=16; i++) M.val[i]=i;
+
+ ECP_ZZZ_ECIES_ENCRYPT(HASH_TYPE_ZZZ,&P1,&P2,RNG,&W1,&M,12,&V,&C,&T);
+
+ printf("Ciphertext= \n");
+ printf("V= 0x");
+ OCT_output(&V);
+ printf("C= 0x");
+ OCT_output(&C);
+ printf("T= 0x");
+ OCT_output(&T);
+
+ if (!ECP_ZZZ_ECIES_DECRYPT(HASH_TYPE_ZZZ,&P1,&P2,&V,&C,&T,&S1,&M))
+ {
+ printf("*** ECIES Decryption Failed\n");
+ return 0;
+ }
+ else printf("Decryption succeeded\n");
+
+ printf("Message is 0x");
+ OCT_output(&M);
+
+
+ printf("Testing ECDSA\n");
+
+ if (ECP_ZZZ_SP_DSA(HASH_TYPE_ZZZ,RNG,NULL,&S0,&M,&CS,&DS)!=0)
+ {
+ printf("***ECDSA Signature Failed\n");
+ return 0;
+ }
+
+ printf("Signature C = 0x");
+ OCT_output(&CS);
+ printf("Signature D = 0x");
+ OCT_output(&DS);
+
+ if (ECP_ZZZ_VP_DSA(HASH_TYPE_ZZZ,&W0,&M,&CS,&DS)!=0)
+ {
+ printf("***ECDSA Verification Failed\n");
+ return 0;
+ }
+ else
+ {
+ printf("ECDSA Signature/Verification succeeded\n");
+ }
+
+#endif
+
+ /* clear memory */
+ OCT_clear(&S0);
+ OCT_clear(&S1);
+ OCT_clear(&W0);
+ OCT_clear(&W1);
+ OCT_clear(&Z0);
+ OCT_clear(&Z1);
+ OCT_clear(&KEY);
+ OCT_clear(&SALT);
+ OCT_clear(&PW);
+#if CURVETYPE_ZZZ != MONTGOMERY
+ OCT_clear(&DS);
+ OCT_clear(&CS);
+ OCT_clear(&P1);
+ OCT_clear(&P2);
+ OCT_clear(&V);
+ OCT_clear(&M);
+ OCT_clear(&C);
+ OCT_clear(&T);
+#endif
+ return 0;
+}
+
+int main()
+{
+ int i;
+ unsigned long ran;
+
+ char raw[100];
+ octet RAW= {0,sizeof(raw),raw};
+ /* Crypto Strong RNG */
+ csprng RNG;
+
+ time((time_t *)&ran);
+
+ /* fake random seed source */
+ RAW.len=100;
+ RAW.val[0]=ran;
+ RAW.val[1]=ran>>8;
+ RAW.val[2]=ran>>16;
+ RAW.val[3]=ran>>24;
+ for (i=0; i<100; i++) RAW.val[i]=i+1;
+
+ /* initialise strong RNG */
+ CREATE_CSPRNG(&RNG,&RAW);
+
+ ecdh(&RNG);
+
+ KILL_CSPRNG(&RNG);
+}
+
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/examples/testmpin_ZZZ.c.in
----------------------------------------------------------------------
diff --git a/examples/testmpin_ZZZ.c.in b/examples/testmpin_ZZZ.c.in
new file mode 100644
index 0000000..0fbeb6b
--- /dev/null
+++ b/examples/testmpin_ZZZ.c.in
@@ -0,0 +1,372 @@
+/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/
+
+/* test driver and function exerciser for MPIN Functions */
+/* Version 3.0 - supports Time Permits */
+
+/* Build executible after installation:
+
+ gcc -std=c99 -g ./testmpin.c -I/opt/amcl/include -L/opt/amcl/lib -lamcl_mpin_ZZZ -lamcl_pairing_ZZZ -lamcl_curve_ZZZ -lamcl_core -o testmpin_ZZZ
+
+*/
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include "config_curve_ZZZ.h"
+#include "randapi.h"
+#if CURVE_SECURITY_ZZZ == 128
+#include "mpin_ZZZ.h"
+#elif CURVE_SECURITY_ZZZ == 192
+#include "mpin192_ZZZ.h"
+#elif CURVE_SECURITY_ZZZ == 256
+#include "mpin256_ZZZ.h"
+#endif
+
+// Support multiple security levels
+#if CURVE_SECURITY_ZZZ == 128
+#define G2LEN 4*PFS_ZZZ
+#elif CURVE_SECURITY_ZZZ == 192
+#define G2LEN 8*PFS_ZZZ
+#elif CURVE_SECURITY_ZZZ == 256
+#define G2LEN 16*PFS_ZZZ
+#endif
+#define GTLEN 3*G2LEN
+
+//#define PERMITS /* for time permits ON or OFF */
+#define PINERROR /* For PIN ERROR detection ON or OFF */
+#define FULL /* for M-Pin Full or M-Pin regular */
+//#define SINGLE_MPIN_PASS /* SINGLE MPIN_PASS M-Pin */
+
+int mpin(csprng *RNG)
+{
+ int pin,pin2,rtn,err;
+#ifdef PERMITS
+ int date=today();
+#else
+ int date=0;
+#endif
+ char x[PGS_ZZZ],s[PGS_ZZZ],y[PGS_ZZZ],client_id[100],sst[G2LEN],token[2*PFS_ZZZ+1],sec[2*PFS_ZZZ+1],permit[2*PFS_ZZZ+1],xcid[2*PFS_ZZZ+1],xid[2*PFS_ZZZ+1],e[GTLEN],f[GTLEN];
+ char hcid[PFS_ZZZ],hsid[PFS_ZZZ],hid[2*PFS_ZZZ+1],htid[2*PFS_ZZZ+1],h[PGS_ZZZ];
+#ifdef FULL
+ char r[PGS_ZZZ],z[2*PFS_ZZZ+1],w[PGS_ZZZ],t[2*PFS_ZZZ+1];
+ char g1[GTLEN],g2[GTLEN];
+ char ck[AESKEY_ZZZ],sk[AESKEY_ZZZ];
+#endif
+ octet S= {0,sizeof(s),s};
+ octet X= {0,sizeof(x),x};
+ octet Y= {0,sizeof(y),y};
+ octet H= {0,sizeof(h),h};
+ octet CLIENT_ID= {0,sizeof(client_id),client_id};
+ octet SST= {0,sizeof(sst),sst};
+ octet TOKEN= {0,sizeof(token),token};
+ octet SEC= {0,sizeof(sec),sec};
+ octet PERMIT= {0,sizeof(permit),permit};
+ octet xCID= {0,sizeof(xcid),xcid};
+ octet xID= {0,sizeof(xid),xid};
+ octet HCID= {0,sizeof(hcid),hcid};
+ octet HSID= {0,sizeof(hsid),hsid};
+ octet HID= {0,sizeof(hid),hid};
+ octet HTID= {0,sizeof(htid),htid};
+ octet E= {0,sizeof(e),e};
+ octet F= {0,sizeof(f),f};
+#ifdef FULL
+ octet R= {0,sizeof(r),r};
+ octet Z= {0,sizeof(z),z};
+ octet W= {0,sizeof(w),w};
+ octet T= {0,sizeof(t),t};
+ octet G1= {0,sizeof(g1),g1};
+ octet G2= {0,sizeof(g2),g2};
+ octet SK= {0,sizeof(sk),sk};
+ octet CK= {0,sizeof(ck),ck};
+#endif
+ octet *pxID,*pxCID,*pHID,*pHTID,*pE,*pF,*pPERMIT,*prHID;
+ char idhex[100];
+
+ /* Trusted Authority set-up */
+ MPIN_ZZZ_RANDOM_GENERATE(RNG,&S);
+ printf("Master Secret= ");
+ OCT_output(&S);
+
+ /* Create Client Identity */
+ OCT_jstring(&CLIENT_ID,"testUser@miracl.com");
+ HASH_ID(HASH_TYPE_ZZZ,&CLIENT_ID,&HCID); /* Either Client or TA calculates Hash(ID) - you decide! */
+
+ printf("Client ID Hash= ");
+ OCT_output(&HCID);
+ printf("\n");
+
+ OCT_toHex(&CLIENT_ID,idhex);
+ printf("Client ID= %s\n",idhex);// OCT_toHex(&CLIENT_ID); printf("\n");
+
+ /* Client and Server are issued secrets by DTA */
+ MPIN_ZZZ_GET_SERVER_SECRET(&S,&SST);
+ printf("Server Secret= ");
+ OCT_output(&SST);
+
+ MPIN_ZZZ_GET_CLIENT_SECRET(&S,&HCID,&TOKEN);
+ printf("Client Secret= ");
+ OCT_output(&TOKEN);
+
+ /* Client extracts PIN from secret to create Token */
+ pin=1234;
+ printf("Client extracts PIN= %d\n",pin);
+ MPIN_ZZZ_EXTRACT_PIN(HASH_TYPE_ZZZ,&CLIENT_ID,pin,&TOKEN);
+ printf("Client Token= ");
+ OCT_output(&TOKEN);
+
+#ifdef FULL
+ MPIN_ZZZ_PRECOMPUTE(&TOKEN,&HCID,NULL,&G1,&G2);
+#endif
+
+ /* Client extracts PIN2 generated from bio-metric from token */
+ pin2=1212;
+ printf("Client extracts PIN= %d\n",pin2);
+ MPIN_ZZZ_EXTRACT_FACTOR(HASH_TYPE_ZZZ,&CLIENT_ID,pin2,14,&TOKEN);
+ printf("Client Token= ");
+ OCT_output(&TOKEN);
+
+#ifdef PERMITS
+ /* Client gets "Time Permit" from DTA */
+ printf("Client gets Time Permit\n");
+
+ MPIN_ZZZ_GET_CLIENT_PERMIT(HASH_TYPE_ZZZ,date,&S,&HCID,&PERMIT);
+ printf("Time Permit= ");
+ OCT_output(&PERMIT);
+
+ /* This encoding makes Time permit look random */
+ if (MPIN_ZZZ_ENCODING(RNG,&PERMIT)!=0) printf("Encoding error\n");
+ /* printf("Encoded Time Permit= "); OCT_output(&PERMIT); */
+ if (MPIN_ZZZ_DECODING(&PERMIT)!=0) printf("Decoding error\n");
+ /* printf("Decoded Time Permit= "); OCT_output(&PERMIT); */
+#endif
+
+ /* MPin Protocol */
+
+ /* Client adds PIN2 generated from bio-metric to token */
+ printf("Client adds PIN= %d\n",pin2);
+ MPIN_ZZZ_RESTORE_FACTOR(HASH_TYPE_ZZZ,&CLIENT_ID,pin2,14,&TOKEN);
+ printf("Client Token= ");
+ OCT_output(&TOKEN);
+
+ /* Client enters PIN */
+ printf("\nPIN= ");
+ if(scanf("%d",&pin)) {};
+ /* to avoid silly compile error */
+ getchar();
+
+ /* Set date=0 and PERMIT=NULL if time permits not in use
+
+ Client First pass: Inputs CLIENT_ID, optional RNG, pin, TOKEN and PERMIT. Output xID = x.H(CLIENT_ID) and re-combined secret SEC
+ If PERMITS are is use, then date!=0 and PERMIT is added to secret and xCID = x.(H(CLIENT_ID)+H(date|H(CLIENT_ID)))
+ Random value x is supplied externally if RNG=NULL, otherwise generated and passed out by RNG
+
+ HSID - hashed client ID as calculated by the server
+ HCID - hashed client ID as calculated by the client
+
+ IMPORTANT: To save space and time..
+ If Time Permits OFF set xCID = NULL, HTID=NULL and use xID and HID only
+ If Time permits are ON, AND pin error detection is required then all of xID, xCID, HID and HTID are required
+ If Time permits are ON, AND pin error detection is NOT required, set xID=NULL, HID=NULL and use xCID and HTID only.
+
+ */
+
+ pxID=&xID;
+ pxCID=&xCID;
+ pHID=&HID;
+ pHTID=&HTID;
+ pE=&E;
+ pF=&F;
+ pPERMIT=&PERMIT;
+
+#ifdef PERMITS
+ prHID=pHTID;
+#ifndef PINERROR
+ pxID=NULL;
+// pHID=NULL; //new
+#endif
+#else
+ prHID=pHID;
+ pPERMIT=NULL;
+ pxCID=NULL;
+ pHTID=NULL;
+#endif
+#ifndef PINERROR
+ pE=NULL;
+ pF=NULL;
+#endif
+
+#ifdef SINGLE_MPIN_PASS
+ int timeValue;
+ printf("MPIN Single Pass\n");
+ timeValue = GET_TIME();
+
+ rtn=MPIN_ZZZ_CLIENT(HASH_TYPE_ZZZ,date,&CLIENT_ID,RNG,&X,pin,&TOKEN,&SEC,pxID,pxCID,pPERMIT,NULL,timeValue,&Y);
+
+ if (rtn != 0)
+ {
+ printf("MPIN_ZZZ_CLIENT ERROR %d\n", rtn);
+ return 1;
+ }
+
+#ifdef FULL
+ MPIN_ZZZ_GET_G1_MULTIPLE(RNG,1,&R,&HCID,&Z); /* Also Send Z=r.ID to Server, remember random r */
+#endif
+
+
+
+ rtn=MPIN_ZZZ_SERVER(HASH_TYPE_ZZZ,date,pHID,pHTID,&Y,&SST,pxID,pxCID,&SEC,pE,pF,&CLIENT_ID,NULL,timeValue,NULL);
+
+
+#ifdef FULL
+ HASH_ID(HASH_TYPE_ZZZ,&CLIENT_ID,&HSID); // new
+ MPIN_ZZZ_GET_G1_MULTIPLE(RNG,0,&W,prHID,&T); /* Also send T=w.ID to client, remember random w */
+#endif
+
+#else // SINGLE_MPIN_PASS
+ printf("MPIN Multi Pass\n");
+ if (MPIN_ZZZ_CLIENT_1(HASH_TYPE_ZZZ,date,&CLIENT_ID,RNG,&X,pin,&TOKEN,&SEC,pxID,pxCID,pPERMIT)!=0)
+ {
+ printf("Error from Client side - First pass\n");
+ return 0;
+ }
+
+ /* Send U=x.ID to server, and recreate secret from token and pin */
+
+#ifdef FULL
+ HASH_ID(HASH_TYPE_ZZZ,&CLIENT_ID,&HCID);
+ MPIN_ZZZ_GET_G1_MULTIPLE(RNG,1,&R,&HCID,&Z); /* Also Send Z=r.ID to Server, remember random r, DH component */
+#endif
+
+ /* Server calculates H(ID) and H(ID)+H(T|H(ID)) (if time permits enabled), and maps them to points on the curve HID and HTID resp. */
+ MPIN_ZZZ_SERVER_1(HASH_TYPE_ZZZ,date,&CLIENT_ID,pHID,pHTID);
+
+ /* Server generates Random number Y and sends it to Client */
+ MPIN_ZZZ_RANDOM_GENERATE(RNG,&Y);
+
+#ifdef FULL
+ HASH_ID(HASH_TYPE_ZZZ,&CLIENT_ID,&HSID); //new
+ MPIN_ZZZ_GET_G1_MULTIPLE(RNG,0,&W,prHID,&T); /* Also send T=w.ID to client, remember random w, DH component */
+#endif
+
+ /* Client Second pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */
+ if (MPIN_ZZZ_CLIENT_2(&X,&Y,&SEC)!=0)
+ {
+ printf("Error from Client side - Second MPIN pass\n");
+ return 1;
+ }
+
+ /* Server Second phase. Inputs hashed client id, random Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */
+ /* If PIN error not required, set E and F = NULL */
+
+ rtn=MPIN_ZZZ_SERVER_2(date,pHID,pHTID,&Y,&SST,pxID,pxCID,&SEC,pE,pF,NULL);
+
+#endif // SINGLE_MPIN_PASS
+
+ if (rtn!=0)
+ {
+ printf("Server says - Bad Pin.\n");
+#ifdef PINERROR
+
+ err=MPIN_ZZZ_KANGAROO(&E,&F);
+ if (err) printf("(Client PIN is out by %d)\n",err);
+
+#endif
+ return 1;
+ }
+ else
+ {
+ printf("Server says - PIN is good! You really are ");
+ OCT_output_string(&CLIENT_ID);
+ printf(".\n");
+ }
+
+#ifdef FULL
+ HASH_ALL(HASH_TYPE_ZZZ,&HCID,pxID,pxCID,&SEC,&Y,&Z,&T,&H); // new
+ MPIN_ZZZ_CLIENT_KEY(HASH_TYPE_ZZZ,&G1,&G2,pin,&R,&X,&H,&T,&CK); // new H
+ printf("Client Key = ");
+ OCT_output(&CK);
+
+ HASH_ALL(HASH_TYPE_ZZZ,&HSID,pxID,pxCID,&SEC,&Y,&Z,&T,&H);
+ MPIN_ZZZ_SERVER_KEY(HASH_TYPE_ZZZ,&Z,&SST,&W,&H,pHID,pxID,pxCID,&SK); // new H,pHID
+ printf("Server Key = ");
+ OCT_output(&SK);
+#endif
+
+ /* clear memory */
+ OCT_clear(&S);
+ OCT_clear(&X);
+ OCT_clear(&Y);
+ OCT_clear(&H);
+ OCT_clear(&CLIENT_ID);
+ OCT_clear(&SST);
+ OCT_clear(&TOKEN);
+ OCT_clear(&SEC);
+ OCT_clear(&PERMIT);
+ OCT_clear(&xCID);
+ OCT_clear(&xID);
+ OCT_clear(&HCID);
+ OCT_clear(&HSID);
+ OCT_clear(&HID);
+ OCT_clear(&HTID);
+ OCT_clear(&E);
+ OCT_clear(&F);
+#ifdef FULL
+ OCT_clear(&R);
+ OCT_clear(&Z);
+ OCT_clear(&W);
+ OCT_clear(&T);
+ OCT_clear(&G1);
+ OCT_clear(&G2);
+ OCT_clear(&SK);
+ OCT_clear(&CK);
+#endif
+
+ return 0;
+}
+
+int main()
+{
+ int i;
+ unsigned long ran;
+
+ char raw[100];
+ octet RAW= {0,sizeof(raw),raw};
+ /* Crypto Strong RNG */
+ csprng RNG;
+
+ time((time_t *)&ran);
+
+ /* fake random seed source */
+ RAW.len=100;
+ RAW.val[0]=ran;
+ RAW.val[1]=ran>>8;
+ RAW.val[2]=ran>>16;
+ RAW.val[3]=ran>>24;
+ for (i=0; i<100; i++) RAW.val[i]=i+1;
+
+ /* initialise strong RNG */
+ CREATE_CSPRNG(&RNG,&RAW);
+
+ mpin(&RNG);
+
+ KILL_CSPRNG(&RNG);
+}
+
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/examples/testrsa_WWW.c.in
----------------------------------------------------------------------
diff --git a/examples/testrsa_WWW.c.in b/examples/testrsa_WWW.c.in
new file mode 100644
index 0000000..8d03d05
--- /dev/null
+++ b/examples/testrsa_WWW.c.in
@@ -0,0 +1,106 @@
+/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/
+
+/* test driver and function exerciser for RSA API Functions */
+
+#include <stdio.h>
+#include <time.h>
+#include "rsa_WWW.h"
+#include "randapi.h"
+
+int rsa(csprng *RNG)
+{
+ char m[RFS_WWW],ml[RFS_WWW],c[RFS_WWW],e[RFS_WWW],s[RFS_WWW];
+ rsa_public_key_WWW pub;
+ rsa_private_key_WWW priv;
+
+ octet M= {0,sizeof(m),m};
+ octet ML= {0,sizeof(ml),ml};
+ octet C= {0,sizeof(c),c};
+ octet E= {0,sizeof(e),e};
+ octet S= {0,sizeof(s),s};
+
+ printf("Generating public/private key pair\n");
+ RSA_WWW_KEY_PAIR(RNG,65537,&priv,&pub,NULL,NULL);
+
+ printf("Encrypting test string\n");
+ OCT_jstring(&M,(char *)"Hello World\n");
+
+ OAEP_ENCODE(HASH_TYPE_RSA_WWW,&M,RNG,NULL,&E); /* OAEP encode message m to e */
+
+ RSA_WWW_ENCRYPT(&pub,&E,&C); /* encrypt encoded message */
+ printf("Ciphertext= ");
+ OCT_output(&C);
+
+ printf("Decrypting test string\n");
+ RSA_WWW_DECRYPT(&priv,&C,&ML); /* ... and then decrypt it */
+
+ OAEP_DECODE(HASH_TYPE_RSA_WWW,NULL,&ML); /* decode it */
+ OCT_output_string(&ML);
+
+ printf("Signing message\n");
+ PKCS15(HASH_TYPE_RSA_WWW,&M,&C);
+
+ RSA_WWW_DECRYPT(&priv,&C,&S); /* create signature in S */
+
+ printf("Signature= ");
+ OCT_output(&S);
+
+ RSA_WWW_ENCRYPT(&pub,&S,&ML);
+
+ if (OCT_comp(&C,&ML)) printf("Signature is valid\n");
+ else printf("Signature is INVALID\n");
+
+ RSA_WWW_PRIVATE_KEY_KILL(&priv);
+
+ /* clear memory */
+ OCT_clear(&M);
+ OCT_clear(&ML);
+ OCT_clear(&C);
+ OCT_clear(&E);
+ OCT_clear(&S);
+
+ return 0;
+}
+
+int main()
+{
+ int i;
+ unsigned long ran;
+
+ char raw[100];
+ octet RAW= {0,sizeof(raw),raw};
+ csprng RNG; /* Crypto Strong RNG */
+
+ time((time_t *)&ran);
+
+ RAW.len=100; /* fake random seed source */
+ RAW.val[0]=ran;
+ RAW.val[1]=ran>>8;
+ RAW.val[2]=ran>>16;
+ RAW.val[3]=ran>>24;
+ for (i=0; i<100; i++) RAW.val[i]=i+1;
+
+ CREATE_CSPRNG(&RNG,&RAW); /* initialise strong RNG */
+
+ rsa(&RNG);
+
+ KILL_CSPRNG(&RNG);
+}
+
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/examples/testwcc_ZZZ.c.in
----------------------------------------------------------------------
diff --git a/examples/testwcc_ZZZ.c.in b/examples/testwcc_ZZZ.c.in
new file mode 100644
index 0000000..65612dd
--- /dev/null
+++ b/examples/testwcc_ZZZ.c.in
@@ -0,0 +1,394 @@
+/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/
+
+
+/* Demonstrate WCC with one TA */
+
+/* Build executable after installation:
+ gcc -std=c99 -g testwcc_ZZZ.c -I/opt/amcl/include -L/opt/amcl/lib -lamcl_wcc_ZZZ -lamcl_pairing_ZZZ -lamcl_curve_ZZZ -lamcl_core_ZZZ -o testwcc_ZZZ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include "utils.h"
+#include "config_curve_ZZZ.h"
+#include "randapi.h"
+#if CURVE_SECURITY_ZZZ == 128
+#include "wcc_ZZZ.h"
+#elif CURVE_SECURITY_ZZZ == 192
+#include "wcc192_ZZZ.h"
+#elif CURVE_SECURITY_ZZZ == 256
+#include "wcc256_ZZZ.h"
+#endif
+
+#if CURVE_SECURITY_ZZZ == 128
+#define G2LEN 4*WCC_PFS_ZZZ
+#elif CURVE_SECURITY_ZZZ == 192
+#define G2LEN 8*WCC_PFS_ZZZ
+#elif CURVE_SECURITY_ZZZ == 256
+#define G2LEN 16*WCC_PFS_ZZZ
+#endif
+
+// #define DEBUG
+
+int main()
+{
+ int i,rtn;
+
+ /* Master secret */
+ char ms[WCC_PGS_ZZZ];
+ octet MS= {sizeof(ms),sizeof(ms),ms};
+
+ // sender keys
+ char akeyG1[2*WCC_PFS_ZZZ+1];
+ octet AKeyG1= {0,sizeof(akeyG1), akeyG1};
+
+ // receiver keys
+ char bkeyG2[G2LEN];
+ octet BKeyG2= {0,sizeof(bkeyG2), bkeyG2};
+
+ // Identities
+ char alice_id[256],bob_id[256];
+ octet IdA= {0,sizeof(alice_id),alice_id};
+ octet IdB= {0,sizeof(bob_id),bob_id};
+
+ // Hash of the identities
+ char hida[WCC_PFS_ZZZ], hidb[WCC_PFS_ZZZ];
+ octet HIdA = {0,sizeof(hida),hida};
+ octet HIdB = {0,sizeof(hidb),hidb};
+
+ char x[WCC_PGS_ZZZ];
+ octet X = {0,sizeof(x),x};
+ char y[WCC_PGS_ZZZ];
+ octet Y = {0,sizeof(y),y};
+ char w[WCC_PGS_ZZZ];
+ octet W = {0,sizeof(w),w};
+ char pia[WCC_PGS_ZZZ];
+ octet PIA = {0,sizeof(pia),pia};
+ char pib[WCC_PGS_ZZZ];
+ octet PIB = {0,sizeof(pib),pib};
+
+ char pgg1[2*WCC_PFS_ZZZ+1];
+ octet PgG1 = {0,sizeof(pgg1), pgg1};
+
+ char pag1[2*WCC_PFS_ZZZ+1];
+ octet PaG1 = {0,sizeof(pag1), pag1};
+
+ char pbg2[G2LEN];
+ octet PbG2 = {0,sizeof(pbg2), pbg2};
+
+ char seed[32] = {0};
+ octet SEED = {0,sizeof(seed),seed};
+ csprng RNG;
+
+ char message1[256];
+ octet MESSAGE1 = {0, sizeof(message1), message1};
+ OCT_jstring(&MESSAGE1,"Hello Bob");
+
+ char t1[PTAG]; // Tag
+ char t2[PTAG]; // Tag
+ char k1[AESKEY_ZZZ]; // AES Key
+ char k2[AESKEY_ZZZ]; // AES Key
+ char iv[PIV]; // IV - Initialization vector
+ char c[100]; // Ciphertext
+ char p[100]; // Recovered Plaintext
+ octet T1= {sizeof(t1),sizeof(t1),t1};
+ octet T2= {sizeof(t2),sizeof(t2),t2};
+ octet K1= {0,sizeof(k1),k1};
+ octet K2= {0,sizeof(k2),k2};
+ octet IV= {0,sizeof(iv),iv};
+ octet C= {0,sizeof(c),c};
+ octet P= {0,sizeof(p),p};
+
+ /* non random seed value! */
+ SEED.len=32;
+ for (i=0; i<32; i++) SEED.val[i]=i+1;
+#ifdef DEBUG
+ printf("SEED: ");
+ OCT_output(&SEED);
+ printf("\n");
+#endif
+
+ /* initialise random number generator */
+ CREATE_CSPRNG(&RNG,&SEED);
+
+ /* TA: Generate master secret */
+ rtn = WCC_ZZZ_RANDOM_GENERATE(&RNG,&MS);
+ if (rtn != 0)
+ {
+ printf("TA WCC_ZZZ_RANDOM_GENERATE(&RNG,&MS) Error %d\n", rtn);
+ return 1;
+ }
+#ifdef DEBUG
+ printf("TA MASTER SECRET: ");
+ OCT_output(&MS);
+ printf("\n");
+#endif
+
+ // Alice's ID
+ OCT_jstring(&IdA,"alice@miracl.com");
+
+ // Hash Alice's Id
+ HASH_ID(HASH_TYPE_ZZZ,&IdA,&HIdA);
+
+ // TA: Generate Alices's sender key
+ rtn = WCC_ZZZ_GET_G1_MULTIPLE(&MS,&HIdA,&AKeyG1);
+ if (rtn != 0)
+ {
+ printf("TA WCC_ZZZ_GET_G1_MULTIPLE() Error %d\n", rtn);
+ return 1;
+ }
+#ifdef DEBUG
+ printf("TA Alice's sender key: ");
+ OCT_output(&AKeyG1);
+#endif
+
+ // Bob's ID
+ OCT_jstring(&IdB,"bob@miracl.com");
+
+ // Hash Bob's Id
+ HASH_ID(HASH_TYPE_ZZZ,&IdB,&HIdB);
+
+ // TA: Generate Bob's receiver key
+ rtn = WCC_ZZZ_GET_G2_MULTIPLE(&MS,&HIdB,&BKeyG2);
+ if (rtn != 0)
+ {
+ printf("TA WCC_ZZZ_GET_G2_MULTIPLE() Error %d\n", rtn);
+ return 1;
+ }
+#ifdef DEBUG
+ printf("TA Bob's receiver key: ");
+ OCT_output(&BKeyG2);
+ printf("\n");
+#endif
+
+ printf("Alice\n");
+
+ rtn = WCC_ZZZ_RANDOM_GENERATE(&RNG,&X);
+ if (rtn != 0)
+ {
+ printf("Alice WCC_ZZZ_RANDOM_GENERATE(&RNG,&X) Error %d\n", rtn);
+ return 1;
+ }
+#ifdef DEBUG
+ printf("Alice X: ");
+ OCT_output(&X);
+ printf("\n");
+#endif
+
+ rtn = WCC_ZZZ_GET_G1_MULTIPLE(&X,&HIdA,&PaG1);
+ if (rtn != 0)
+ {
+ printf("Alice WCC_ZZZ_GET_G1_MULTIPLE() Error %d\n", rtn);
+ return 1;
+ }
+
+ printf("Alice sends IdA and PaG1 to Bob\n\n");
+ printf("Alice IdA: ");
+ OCT_output_string(&IdA);
+ printf("\n");
+ printf("Alice PaG1: ");
+ OCT_output(&PaG1);
+ printf("\n");
+
+ printf("Bob\n");
+
+ rtn = WCC_ZZZ_RANDOM_GENERATE(&RNG,&W);
+ if (rtn != 0)
+ {
+ printf("Bob WCC_ZZZ_RANDOM_GENERATE(&RNG,&W) Error %d\n", rtn);
+ return 1;
+ }
+#ifdef DEBUG
+ printf("Bob W: ");
+ OCT_output(&W);
+ printf("\n");
+#endif
+ rtn = WCC_ZZZ_GET_G1_MULTIPLE(&W,&HIdA,&PgG1);
+ if (rtn != 0)
+ {
+ printf("Bob WCC_ZZZ_GET_G1_MULTIPLE() Error %d\n", rtn);
+ return 1;
+ }
+#ifdef DEBUG
+ printf("PgG1: ");
+ OCT_output(&PgG1);
+ printf("\n");
+#endif
+
+ rtn = WCC_ZZZ_RANDOM_GENERATE(&RNG,&Y);
+ if (rtn != 0)
+ {
+ printf("Bob WCC_ZZZ_RANDOM_GENERATE(&RNG,&Y) Error %d\n", rtn);
+ return 1;
+ }
+#ifdef DEBUG
+ printf("Bob Y: ");
+ OCT_output(&Y);
+ printf("\n");
+#endif
+ rtn = WCC_ZZZ_GET_G2_MULTIPLE(&Y,&HIdB,&PbG2);
+ if (rtn != 0)
+ {
+ printf("Bob WCC_ZZZ_GET_G2_MULTIPLE() Error %d\n", rtn);
+ return 1;
+ }
+#ifdef DEBUG
+ printf("Bob PbG2: ");
+ OCT_output(&PbG2);
+ printf("\n");
+#endif
+
+ // pia = Hq(PaG1,PbG2,PgG1,IdB)
+ WCC_ZZZ_Hq(HASH_TYPE_ZZZ,&PaG1,&PbG2,&PgG1,&IdB,&PIA);
+
+ // pib = Hq(PbG2,PaG1,PgG1,IdA)
+ WCC_ZZZ_Hq(HASH_TYPE_ZZZ,&PbG2,&PaG1,&PgG1,&IdA,&PIB);
+
+#ifdef DEBUG
+ printf("Bob PIA: ");
+ OCT_output(&PIA);
+ printf("\n");
+ printf("Bob PIB: ");
+ OCT_output(&PIB);
+ printf("\n");
+#endif
+
+ // Bob calculates AES Key
+ WCC_ZZZ_RECEIVER_KEY(HASH_TYPE_ZZZ,&Y,&W,&PIA,&PIB,&PaG1,&PgG1,&BKeyG2,&IdA,&K2);
+ if (rtn != 0)
+ {
+ printf("Bob WCC_ZZZ_RECEIVER_KEY() Error %d\n", rtn);
+ return 1;
+ }
+ printf("Bob AES Key: ");
+ OCT_output(&K2);
+
+ printf("Bob sends IdB, PbG2 and PgG1 to Alice\n\n");
+ printf("Bob IdB: ");
+ OCT_output_string(&IdB);
+ printf("\n");
+ printf("Bob PbG2: ");
+ OCT_output(&PbG2);
+ printf("\n");
+ printf("Bob PgG1: ");
+ OCT_output(&PgG1);
+ printf("\n");
+
+ printf("Alice\n");
+
+ // pia = Hq(PaG1,PbG2,PgG1,IdB)
+ WCC_ZZZ_Hq(HASH_TYPE_ZZZ,&PaG1,&PbG2,&PgG1,&IdB,&PIA);
+
+ // pib = Hq(PbG2,PaG1,PgG1,IdA)
+ WCC_ZZZ_Hq(HASH_TYPE_ZZZ,&PbG2,&PaG1,&PgG1,&IdA,&PIB);
+
+#ifdef DEBUG
+ printf("Alice PIA: ");
+ OCT_output(&PIA);
+ printf("\n");
+ printf("Alice PIB: ");
+ OCT_output(&PIB);
+ printf("\n");
+#endif
+
+ // Alice calculates AES Key
+ rtn = WCC_ZZZ_SENDER_KEY(HASH_TYPE_ZZZ,&X,&PIA,&PIB,&PbG2,&PgG1,&AKeyG1,&IdB,&K1);
+ if (rtn != 0)
+ {
+ printf("Alice WCC_ZZZ_SENDER_KEY() Error %d\n", rtn);
+ return 1;
+ }
+ printf("Alice AES Key: ");
+ OCT_output(&K1);
+
+
+ // Send message
+ IV.len=12;
+ for (i=0; i<IV.len; i++)
+ IV.val[i]=i+1;
+ printf("Alice: IV ");
+ OCT_output(&IV);
+
+ printf("Alice: Message to encrypt for Bob: ");
+ OCT_output_string(&MESSAGE1);
+ printf("\n");
+
+ AES_GCM_ENCRYPT(&K1,&IV,&IdA,&MESSAGE1,&C,&T1);
+
+ printf("Alice: Ciphertext: ");
+ OCT_output(&C);
+
+ printf("Alice: Encryption Tag: ");
+ OCT_output(&T1);
+ printf("\n");
+
+ AES_GCM_DECRYPT(&K2,&IV,&IdA,&C,&P,&T2);
+
+ printf("Bob: Decrypted message received from Alice: ");
+ OCT_output_string(&P);
+ printf("\n");
+
+ printf("Bob: Decryption Tag: ");
+ OCT_output(&T2);
+ printf("\n");
+
+ if (!OCT_comp(&MESSAGE1,&P))
+ {
+ printf("FAILURE Decryption\n");
+ return 1;
+ }
+
+ if (!OCT_comp(&T1,&T2))
+ {
+ printf("FAILURE TAG mismatch\n");
+ return 1;
+ }
+
+ /* clear memory */
+ OCT_clear(&MS);
+ OCT_clear(&AKeyG1);
+ OCT_clear(&BKeyG2);
+ OCT_clear(&IdA);
+ OCT_clear(&IdB);
+ OCT_clear(&HIdA);
+ OCT_clear(&HIdB);
+ OCT_clear(&X);
+ OCT_clear(&Y);
+ OCT_clear(&W);
+ OCT_clear(&PIA);
+ OCT_clear(&PIB);
+ OCT_clear(&PgG1);
+ OCT_clear(&PaG1);
+ OCT_clear(&PbG2);
+ OCT_clear(&SEED);
+ OCT_clear(&MESSAGE1);
+ OCT_clear(&T1);
+ OCT_clear(&T2);
+ OCT_clear(&K1);
+ OCT_clear(&K2);
+ OCT_clear(&IV);
+ OCT_clear(&C);
+ OCT_clear(&P);
+
+ KILL_CSPRNG(&RNG);
+
+ return 0;
+}