You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@milagro.apache.org by sa...@apache.org on 2016/09/01 07:25:34 UTC
[06/12] incubator-milagro-crypto git commit: MILAGRO-14.Updating
package name with apache git
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/85fabaa6/go/examples-go/timempinWrap.go
----------------------------------------------------------------------
diff --git a/go/examples-go/timempinWrap.go b/go/examples-go/timempinWrap.go
new file mode 100644
index 0000000..520b1a9
--- /dev/null
+++ b/go/examples-go/timempinWrap.go
@@ -0,0 +1,84 @@
+/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/
+
+package main
+
+import (
+ "encoding/hex"
+ "flag"
+ "log"
+ "os"
+ "runtime/pprof"
+ "time"
+
+ "git.apache.org/incubator-milagro-crypto.git/go/amcl-go"
+)
+
+// Number of iterations to time functions
+const nIter int = 1000
+
+var cpuprofile = flag.String("cpuprofile", "", "write cpu profile to file")
+
+func main() {
+ flag.Parse()
+ if *cpuprofile != "" {
+ f, err := os.Create(*cpuprofile)
+ if err != nil {
+ log.Fatal(err)
+ }
+ pprof.StartCPUProfile(f)
+ defer pprof.StopCPUProfile()
+ }
+
+ // Assign the End-User an ID
+ IDstr := "testUser@miracl.com"
+ ID := []byte(IDstr)
+
+ // Epoch time in days
+ date := 16673
+
+ // Epoch time in seconds
+ timeValue := 1440594584
+
+ SSHex := "07f8181687f42ce22ea0dee4ba9df3f2cea67ad2d79e59adc953142556d510831bbd59e9477ac479019887020579aed16af43dc7089ae8c14262e64b5d09740109917efd0618c557fbf7efaa68fb64e8d46b3766bb184dea9bef9638f23bbbeb03aedbc6e4eb9fbd658719aab26b849638690521723c0efb9c8622df2a8efa3c"
+ SS, _ := hex.DecodeString(SSHex)
+ UHex := "0403e76a28df08ea591912e0ff84ebf419e21aadf8ec5aed4b0f3cd0fc1cdea14a06f05a3be4f9f2d16530c6b4934da2e3439ea287796faac079d396f8cdb9f565"
+ U, _ := hex.DecodeString(UHex)
+ UTHex := "041012e53c991edc9514889de50fb7d893c406dc9bf4c89d46fec9ba408cc5f596226402e7c468c823a28b9003a3944c4600a1b797f10cf01060d3729729212932"
+ UT, _ := hex.DecodeString(UTHex)
+ SECHex := "04051b0d3e9dfdb2a378f0ac7056fb264a900d0867e39c334950527d8c460d76132346bf8ed8a419e2eab4ad52a8b7a51d8c09cbcfa4e80bc0487965ece72ab0ce"
+ SEC, _ := hex.DecodeString(SECHex)
+ var MESSAGE []byte
+ // MESSAGE := []byte("test sign message")
+
+ t0 := time.Now()
+ var rtn int
+ for i := 0; i < nIter; i++ {
+ rtn, _, _, _, _, _ = amcl.MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], SEC[:], ID[:], MESSAGE[:])
+ }
+ t1 := time.Now()
+ log.Printf("Number Iterations: %d Time: %v\n", nIter, t1.Sub(t0))
+
+ if rtn != 0 {
+ log.Printf("Authentication failed Error Code %d\n", rtn)
+ return
+ } else {
+ log.Printf("Authenticated ID: %s \n", IDstr)
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/85fabaa6/go/readme.txt
----------------------------------------------------------------------
diff --git a/go/readme.txt b/go/readme.txt
index 3ba399c..d27f74d 100644
--- a/go/readme.txt
+++ b/go/readme.txt
@@ -16,13 +16,13 @@ For a quick jumpstart:-
export GOPATH=$PWD
-go run ./src/github.com/miracl/examples-go/mpin.go
+go run ./examples-go/mpin.go
or
-go run ./src/github.com/miracl/examples-go/ecdh.go
+go run ./examples-go/ecdh.go
or
-go run ./src/github.com/miracl/examples-go/rsa.go
+go run ./examples-go/rsa.go
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/85fabaa6/go/src/github.com/miracl/amcl-cgo/README.txt
----------------------------------------------------------------------
diff --git a/go/src/github.com/miracl/amcl-cgo/README.txt b/go/src/github.com/miracl/amcl-cgo/README.txt
deleted file mode 100644
index 79b1cee..0000000
--- a/go/src/github.com/miracl/amcl-cgo/README.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-When the library is built with;
-
--D USE_ANONYMOUS=on
-
-then set
-
-const USE_ANONYMOUS = true
-
-in crypto_test.go
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/85fabaa6/go/src/github.com/miracl/amcl-cgo/crypto.go
----------------------------------------------------------------------
diff --git a/go/src/github.com/miracl/amcl-cgo/crypto.go b/go/src/github.com/miracl/amcl-cgo/crypto.go
deleted file mode 100644
index 2207490..0000000
--- a/go/src/github.com/miracl/amcl-cgo/crypto.go
+++ /dev/null
@@ -1,828 +0,0 @@
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-package amcl
-
-/*
-#cgo CFLAGS: -std=c99 -O3 -I/opt/amcl/include
-#cgo LDFLAGS: -L/opt/amcl/lib -lmpin -lamcl -lm
-#include <stdio.h>
-#include <stdlib.h>
-#include "amcl.h"
-#include "mpin.h"
-#include "utils.h"
-*/
-import "C"
-import (
- "encoding/hex"
- "fmt"
- "unsafe"
-
- amcl "github.com/miracl/amcl-go"
-)
-
-const EAS int = int(C.PAS)
-const EGS int = int(C.PGS)
-const EFS int = int(C.PFS)
-const HASH_BYTES int = int(C.HASH_BYTES)
-const IVS int = 12
-const G1S = 2*EFS + 1
-const G2S = 4 * EFS
-const GTS = 12 * EFS
-
-var RNG C.csprng
-
-func OCT_free(valOctet *C.octet) {
- C.free(unsafe.Pointer(valOctet.val))
-}
-
-func GetOctetZero(lenStr int) C.octet {
- valBytes := make([]byte, lenStr)
- val := string(valBytes)
- valCS := C.CString(val)
- lenCS := C.int(lenStr)
- octetVal := C.octet{lenCS, lenCS, valCS}
- return octetVal
-}
-
-func GetOctet(valStr string) C.octet {
- valCS := C.CString(valStr)
- lenCS := C.int(len(valStr))
- octetVal := C.octet{lenCS, lenCS, valCS}
- return octetVal
-}
-
-func GetOctetHex(valHex string) C.octet {
- valBytes, err := hex.DecodeString(valHex)
- if err != nil {
- octetVal := GetOctetZero(0)
- return octetVal
- }
- valStr := string(valBytes)
- octetVal := GetOctet(valStr)
- return octetVal
-}
-
-func OCT_len(valOctet *C.octet) int {
- return int(valOctet.len)
-}
-
-// Convert an octet to a string
-func OCT_toStr(valOct *C.octet) string {
- dstLen := OCT_len(valOct)
- dstBytes := make([]byte, dstLen)
- dstStr := string(dstBytes)
- dst := C.CString(dstStr)
- C.OCT_toStr(valOct, dst)
- dstStr = C.GoStringN(dst, valOct.len)
- C.free(unsafe.Pointer(dst))
- return dstStr
-}
-
-// Convert an octet to bytes
-func OCT_toBytes(valOct *C.octet) []byte {
- dstLen := OCT_len(valOct)
- dstBytes := make([]byte, dstLen)
- dstStr := string(dstBytes)
- dst := C.CString(dstStr)
- C.OCT_toStr(valOct, dst)
- dstStr = C.GoStringN(dst, valOct.len)
- C.free(unsafe.Pointer(dst))
- dstBytes = []byte(dstStr)
- return dstBytes
-}
-
-// Convert an octet to a hex string
-func OCT_toHex(valOctet *C.octet) string {
- dstLen := OCT_len(valOctet)
- dstBytes := make([]byte, hex.EncodedLen(dstLen))
- dstStr := string(dstBytes)
- dst := C.CString(dstStr)
- C.OCT_toHex(valOctet, dst)
- dstStr = C.GoString(dst)
- C.free(unsafe.Pointer(dst))
- return dstStr
-}
-
-/* return time in slots since epoch */
-func MPIN_today() int {
- date := C.MPIN_today()
- return int(date)
-}
-
-/* return time since epoch */
-func MPIN_GET_TIME() int {
- timeValue := C.MPIN_GET_TIME()
- return int(timeValue)
-}
-
-func MPIN_CREATE_CSPRNG(RNG *C.csprng, SEED []byte) {
- // Form Octet
- SEEDStr := string(SEED)
- SEEDOct := GetOctet(SEEDStr)
- defer OCT_free(&SEEDOct)
- C.MPIN_CREATE_CSPRNG(RNG, &SEEDOct)
-}
-
-func MPIN_HASH_ID(ID []byte) (HASHID []byte) {
- // Form Octets
- IDStr := string(ID)
- IDOct := GetOctet(IDStr)
- defer OCT_free(&IDOct)
- HASHIDOct := GetOctetZero(HASH_BYTES)
- defer OCT_free(&HASHIDOct)
-
- // Hash MPIN_ID
- C.MPIN_HASH_ID(&IDOct, &HASHIDOct)
-
- // Convert octet to bytes
- HASHID = OCT_toBytes(&HASHIDOct)
-
- return
-}
-
-/* create random secret S. Use GO RNG */
-func MPIN_RANDOM_GENERATE_WRAP(RNG *amcl.RAND) (int, []byte) {
- var S [EGS]byte
- errorCode := amcl.MPIN_RANDOM_GENERATE(RNG, S[:])
- return errorCode, S[:]
-}
-
-/* create random secret S. Use C RNG */
-func MPIN_RANDOM_GENERATE_C(RNG *C.csprng) (errorCode int, S []byte) {
- // Form Octet
- SOct := GetOctetZero(EGS)
- defer OCT_free(&SOct)
-
- rtn := C.MPIN_RANDOM_GENERATE(RNG, &SOct)
- errorCode = int(rtn)
-
- // Convert octet to bytes
- S = OCT_toBytes(&SOct)
-
- return
-}
-
-/* Extract Server Secret SS=S*Q where Q is fixed generator in G2 and S is master secret */
-func MPIN_GET_SERVER_SECRET_WRAP(S []byte) (errorCode int, SS []byte) {
- // Form Octets
- SStr := string(S)
- SOct := GetOctet(SStr)
- defer OCT_free(&SOct)
- SSOct := GetOctetZero(G2S)
- defer OCT_free(&SSOct)
-
- rtn := C.MPIN_GET_SERVER_SECRET(&SOct, &SSOct)
- errorCode = int(rtn)
-
- // Convert octet to bytes
- SS = OCT_toBytes(&SSOct)
-
- return
-}
-
-/* R=R1+R2 in group G1 */
-func MPIN_RECOMBINE_G1_WRAP(R1 []byte, R2 []byte) (errorCode int, R []byte) {
- // Form Octets
- R1Str := string(R1)
- R1Oct := GetOctet(R1Str)
- defer OCT_free(&R1Oct)
- R2Str := string(R2)
- R2Oct := GetOctet(R2Str)
- defer OCT_free(&R2Oct)
- ROct := GetOctetZero(G1S)
- defer OCT_free(&ROct)
-
- rtn := C.MPIN_RECOMBINE_G1(&R1Oct, &R2Oct, &ROct)
- errorCode = int(rtn)
-
- // Convert octet to bytes
- R = OCT_toBytes(&ROct)
-
- return
-}
-
-/* W=W1+W2 in group G2 */
-func MPIN_RECOMBINE_G2_WRAP(W1 []byte, W2 []byte) (errorCode int, W []byte) {
- // Form Octets
- W1Str := string(W1)
- W1Oct := GetOctet(W1Str)
- defer OCT_free(&W1Oct)
- W2Str := string(W2)
- W2Oct := GetOctet(W2Str)
- defer OCT_free(&W2Oct)
- WOct := GetOctetZero(G2S)
- defer OCT_free(&WOct)
-
- rtn := C.MPIN_RECOMBINE_G2(&W1Oct, &W2Oct, &WOct)
- errorCode = int(rtn)
-
- // Convert octet to bytes
- W = OCT_toBytes(&WOct)
-
- return
-}
-
-/* Client secret CS=S*H(ID) where ID is client ID and S is master secret */
-/* CID is hashed externally */
-func MPIN_GET_CLIENT_SECRET_WRAP(S []byte, ID []byte) (errorCode int, CS []byte) {
- // Form Octets
- SStr := string(S)
- SOct := GetOctet(SStr)
- defer OCT_free(&SOct)
- IDStr := string(ID)
- IDOct := GetOctet(IDStr)
- defer OCT_free(&IDOct)
- CSOct := GetOctetZero(G1S)
- defer OCT_free(&CSOct)
-
- rtn := C.MPIN_GET_CLIENT_SECRET(&SOct, &IDOct, &CSOct)
- errorCode = int(rtn)
-
- // Convert octet to bytes
- CS = OCT_toBytes(&CSOct)
-
- return
-}
-
-/* Time Permit TP=S*(date|H(ID)) where S is master secret */
-func MPIN_GET_CLIENT_PERMIT_WRAP(date int, S, ID []byte) (errorCode int, TP []byte) {
- // Form Octets
- SStr := string(S)
- SOct := GetOctet(SStr)
- defer OCT_free(&SOct)
- IDStr := string(ID)
- IDOct := GetOctet(IDStr)
- defer OCT_free(&IDOct)
- TPOct := GetOctetZero(G1S)
- defer OCT_free(&TPOct)
-
- rtn := C.MPIN_GET_CLIENT_PERMIT(C.int(date), &SOct, &IDOct, &TPOct)
- errorCode = int(rtn)
-
- // Convert octet to bytes
- TP = OCT_toBytes(&TPOct)
-
- return
-}
-
-/* Extract PIN from CS for identity CID to form TOKEN */
-func MPIN_EXTRACT_PIN_WRAP(ID []byte, PIN int, CS []byte) (errorCode int, TOKEN []byte) {
- // Form Octets
- IDStr := string(ID)
- IDOct := GetOctet(IDStr)
- defer OCT_free(&IDOct)
- CSStr := string(CS)
- CSOct := GetOctet(CSStr)
- defer OCT_free(&CSOct)
-
- rtn := C.MPIN_EXTRACT_PIN(&IDOct, C.int(PIN), &CSOct)
- errorCode = int(rtn)
-
- // Convert octet to bytes
- TOKEN = OCT_toBytes(&CSOct)
-
- return
-}
-
-/* One pass MPIN Client. Using GO RNG */
-func MPIN_CLIENT_WRAP(date, TimeValue, PIN int, RNG *amcl.RAND, ID, X, TOKEN, TP, MESSAGE []byte) (errorCode int, XOut, Y, SEC, U, UT []byte) {
- amcl.MPIN_RANDOM_GENERATE(RNG, X[:])
- errorCode, XOut, Y, SEC, U, UT = MPIN_CLIENT_C(date, ID[:], nil, X[:], PIN, TOKEN[:], TP[:], MESSAGE[:], TimeValue)
- return
-}
-
-/* One pass MPIN Client. Using C RNG */
-func MPIN_CLIENT_C(date int, ID []byte, RNG *C.csprng, X []byte, PIN int, TOKEN []byte, TP []byte, MESSAGE []byte, TimeValue int) (errorCode int, XOut, Y, SEC, U, UT []byte) {
- // Form Octets
- IDStr := string(ID)
- IDOct := GetOctet(IDStr)
- defer OCT_free(&IDOct)
- XStr := string(X)
- XOct := GetOctet(XStr)
- defer OCT_free(&XOct)
- TOKENStr := string(TOKEN)
- TOKENOct := GetOctet(TOKENStr)
- defer OCT_free(&TOKENOct)
- TPStr := string(TP)
- TPOct := GetOctet(TPStr)
- defer OCT_free(&TPOct)
- MESSAGEStr := string(MESSAGE)
- MESSAGEOct := GetOctet(MESSAGEStr)
- defer OCT_free(&MESSAGEOct)
-
- SECOct := GetOctetZero(G1S)
- defer OCT_free(&SECOct)
- UOct := GetOctetZero(G1S)
- defer OCT_free(&UOct)
- UTOct := GetOctetZero(G1S)
- defer OCT_free(&UTOct)
- YOct := GetOctetZero(EGS)
- defer OCT_free(&YOct)
-
- rtn := C.MPIN_CLIENT(C.int(date), &IDOct, RNG, &XOct, C.int(PIN), &TOKENOct, &SECOct, &UOct, &UTOct, &TPOct, &MESSAGEOct, C.int(TimeValue), &YOct)
- errorCode = int(rtn)
-
- // Convert octet to bytes
- XOut = OCT_toBytes(&XOct)
- SEC = OCT_toBytes(&SECOct)
- U = OCT_toBytes(&UOct)
- UT = OCT_toBytes(&UTOct)
- Y = OCT_toBytes(&YOct)
-
- return
-}
-
-// Precompute values for use by the client side of M-Pin Full
-func MPIN_PRECOMPUTE_WRAP(TOKEN []byte, ID []byte) (errorCode int, GT1 []byte, GT2 []byte) {
- // Form Octets
- IDStr := string(ID)
- IDOct := GetOctet(IDStr)
- defer OCT_free(&IDOct)
- TOKENStr := string(TOKEN)
- TOKENOct := GetOctet(TOKENStr)
- defer OCT_free(&TOKENOct)
-
- GT1Oct := GetOctetZero(GTS)
- defer OCT_free(>1Oct)
- GT2Oct := GetOctetZero(GTS)
- defer OCT_free(>2Oct)
-
- rtn := C.MPIN_PRECOMPUTE(&TOKENOct, &IDOct, >1Oct, >2Oct)
- errorCode = int(rtn)
-
- // Convert octet to bytes
- GT1 = OCT_toBytes(>1Oct)
- GT2 = OCT_toBytes(>2Oct)
-
- return
-}
-
-/*
- W=x*H(G);
- if RNG == NULL then X is passed in
- if RNG != NULL the X is passed out
- if typ=0 W=x*G where G is point on the curve, else W=x*M(G), where M(G) is mapping of octet G to point on the curve
- Use GO RNG
-*/
-func MPIN_GET_G1_MULTIPLE_WRAP(RNG *amcl.RAND, typ int, X, G []byte) (errorCode int, XOut, W []byte) {
- amcl.MPIN_RANDOM_GENERATE(RNG, X[:])
- errorCode, XOut, W = MPIN_GET_G1_MULTIPLE_C(nil, typ, X[:], G[:])
- return
-}
-
-/*
- W=x*H(G);
- if RNG == NULL then X is passed in
- if RNG != NULL the X is passed out
- if typ=0 W=x*G where G is point on the curve, else W=x*M(G), where M(G) is mapping of octet G to point on the curve
- Use C RNG
-*/
-func MPIN_GET_G1_MULTIPLE_C(RNG *C.csprng, typ int, X []byte, G []byte) (errorCode int, XOut, W []byte) {
- XStr := string(X)
- XOct := GetOctet(XStr)
- defer OCT_free(&XOct)
- GStr := string(G)
- GOct := GetOctet(GStr)
- defer OCT_free(&GOct)
-
- WOct := GetOctetZero(G1S)
- defer OCT_free(&WOct)
-
- rtn := C.MPIN_GET_G1_MULTIPLE(RNG, C.int(typ), &XOct, &GOct, &WOct)
- errorCode = int(rtn)
-
- // Convert octet to bytes
- XOut = OCT_toBytes(&XOct)
- W = OCT_toBytes(&WOct)
-
- return
-}
-
-/* One pass MPIN Server */
-func MPIN_SERVER_WRAP(date, TimeValue int, SS, U, UT, V, ID, MESSAGE []byte) (errorCode int, HID, HTID, Y, E, F []byte) {
- SSStr := string(SS)
- SSOct := GetOctet(SSStr)
- defer OCT_free(&SSOct)
- UStr := string(U)
- UOct := GetOctet(UStr)
- defer OCT_free(&UOct)
- UTStr := string(UT)
- UTOct := GetOctet(UTStr)
- defer OCT_free(&UTOct)
- VStr := string(V)
- VOct := GetOctet(VStr)
- defer OCT_free(&VOct)
- IDStr := string(ID)
- IDOct := GetOctet(IDStr)
- defer OCT_free(&IDOct)
- MESSAGEStr := string(MESSAGE)
- MESSAGEOct := GetOctet(MESSAGEStr)
- defer OCT_free(&MESSAGEOct)
-
- HIDOct := GetOctetZero(G1S)
- defer OCT_free(&HIDOct)
- HTIDOct := GetOctetZero(G1S)
- defer OCT_free(&HTIDOct)
- YOct := GetOctetZero(EGS)
- defer OCT_free(&YOct)
- EOct := GetOctetZero(GTS)
- defer OCT_free(&EOct)
- FOct := GetOctetZero(GTS)
- defer OCT_free(&FOct)
-
- rtn := C.MPIN_SERVER(C.int(date), &HIDOct, &HTIDOct, &YOct, &SSOct, &UOct, &UTOct, &VOct, &EOct, &FOct, &IDOct, &MESSAGEOct, C.int(TimeValue))
- errorCode = int(rtn)
-
- // Convert octet to bytes
- HID = OCT_toBytes(&HIDOct)
- HTID = OCT_toBytes(&HTIDOct)
- Y = OCT_toBytes(&YOct)
- E = OCT_toBytes(&EOct)
- F = OCT_toBytes(&FOct)
-
- return
-}
-
-/* Pollards kangaroos used to return PIN error */
-func MPIN_KANGAROO(E []byte, F []byte) (PINError int) {
- EStr := string(E)
- EOct := GetOctet(EStr)
- defer OCT_free(&EOct)
- FStr := string(F)
- FOct := GetOctet(FStr)
- defer OCT_free(&FOct)
-
- rtn := C.MPIN_KANGAROO(&EOct, &FOct)
- PINError = int(rtn)
- return
-}
-
-/* calculate common key on server side */
-/* Z=r.A - no time permits involved */
-func MPIN_SERVER_KEY_WRAP(Z, SS, W, P, I, U, UT []byte) (errorCode int, SK []byte) {
- ZStr := string(Z)
- ZOct := GetOctet(ZStr)
- defer OCT_free(&ZOct)
- SSStr := string(SS)
- SSOct := GetOctet(SSStr)
- defer OCT_free(&SSOct)
- WStr := string(W)
- WOct := GetOctet(WStr)
- defer OCT_free(&WOct)
- PStr := string(P)
- POct := GetOctet(PStr)
- defer OCT_free(&POct)
- IStr := string(I)
- IOct := GetOctet(IStr)
- defer OCT_free(&IOct)
- UStr := string(U)
- UOct := GetOctet(UStr)
- defer OCT_free(&UOct)
- UTStr := string(UT)
- UTOct := GetOctet(UTStr)
- defer OCT_free(&UTOct)
-
- SKOct := GetOctetZero(EAS)
- defer OCT_free(&SKOct)
-
- rtn := C.MPIN_SERVER_KEY(&ZOct, &SSOct, &WOct, &POct, &IOct, &UOct, &UTOct, &SKOct)
- errorCode = int(rtn)
-
- // Convert octet to bytes
- SK = OCT_toBytes(&SKOct)
-
- return
-}
-
-/* calculate common key on client side */
-/* wCID = w.(A+AT) */
-func MPIN_CLIENT_KEY_WRAP(PIN int, GT1, GT2, R, X, P, T []byte) (errorCode int, CK []byte) {
- GT1Str := string(GT1)
- GT1Oct := GetOctet(GT1Str)
- defer OCT_free(>1Oct)
- GT2Str := string(GT2)
- GT2Oct := GetOctet(GT2Str)
- defer OCT_free(>2Oct)
- RStr := string(R)
- ROct := GetOctet(RStr)
- defer OCT_free(&ROct)
- XStr := string(X)
- XOct := GetOctet(XStr)
- defer OCT_free(&XOct)
- PStr := string(P)
- POct := GetOctet(PStr)
- defer OCT_free(&POct)
- TStr := string(T)
- TOct := GetOctet(TStr)
- defer OCT_free(&TOct)
-
- CKOct := GetOctetZero(EAS)
- defer OCT_free(&CKOct)
-
- rtn := C.MPIN_CLIENT_KEY(>1Oct, >2Oct, C.int(PIN), &ROct, &XOct, &POct, &TOct, &CKOct)
- errorCode = int(rtn)
-
- // Convert octet to bytes
- CK = OCT_toBytes(&CKOct)
-
- return
-}
-
-// Generate a random byte array
-func GENERATE_RANDOM_C(RNG *C.csprng, randomLen int) (random []byte) {
- randomOct := GetOctetZero(randomLen)
- defer OCT_free(&randomOct)
-
- C.generateRandom(RNG, &randomOct)
-
- // Convert octet to bytes
- random = OCT_toBytes(&randomOct)
-
- return
-}
-
-// Generate random six digit value
-func GENERATE_OTP_C(RNG *C.csprng) int {
- rtn := C.generateOTP(RNG)
- return int(rtn)
-}
-
-/* AES-GCM Encryption:
- K is key, H is header, IV is initialization vector and P is plaintext.
- Returns cipthertext and tag (MAC) */
-func MPIN_AES_GCM_ENCRYPT(K, IV, H, P []byte) ([]byte, []byte) {
- KStr := string(K)
- KOct := GetOctet(KStr)
- defer OCT_free(&KOct)
- IVStr := string(IV)
- IVOct := GetOctet(IVStr)
- defer OCT_free(&IVOct)
- HStr := string(H)
- HOct := GetOctet(HStr)
- defer OCT_free(&HOct)
- PStr := string(P)
- POct := GetOctet(PStr)
- defer OCT_free(&POct)
-
- TOct := GetOctetZero(16)
- defer OCT_free(&TOct)
- lenC := len(PStr)
- COct := GetOctetZero(lenC)
- defer OCT_free(&COct)
-
- C.MPIN_AES_GCM_ENCRYPT(&KOct, &IVOct, &HOct, &POct, &COct, &TOct)
-
- // Convert octet to bytes
- C := OCT_toBytes(&COct)
- T := OCT_toBytes(&TOct)
-
- return C, T[:]
-}
-
-/* AES-GCM Deryption:
- K is key, H is header, IV is initialization vector and P is plaintext.
- Returns cipthertext and tag (MAC) */
-func MPIN_AES_GCM_DECRYPT(K, IV, H, C []byte) ([]byte, []byte) {
- KStr := string(K)
- KOct := GetOctet(KStr)
- defer OCT_free(&KOct)
- IVStr := string(IV)
- IVOct := GetOctet(IVStr)
- defer OCT_free(&IVOct)
- HStr := string(H)
- HOct := GetOctet(HStr)
- defer OCT_free(&HOct)
- CStr := string(C)
- COct := GetOctet(CStr)
- defer OCT_free(&COct)
-
- TOct := GetOctetZero(16)
- defer OCT_free(&TOct)
- lenP := len(CStr)
- POct := GetOctetZero(lenP)
- defer OCT_free(&POct)
-
- C.MPIN_AES_GCM_DECRYPT(&KOct, &IVOct, &HOct, &COct, &POct, &TOct)
-
- // Convert octet to bytes
- P := OCT_toBytes(&POct)
- T := OCT_toBytes(&TOct)
-
- return P, T[:]
-}
-
-/* Password based Key Derivation Function */
-/* Input password p, salt s, and repeat count */
-/* Output key of length olen */
-func MPIN_PBKDF2(Pass, Salt []byte, rep, olen int) (Key []byte) {
- PassStr := string(Pass)
- PassOct := GetOctet(PassStr)
- defer OCT_free(&PassOct)
- SaltStr := string(Salt)
- SaltOct := GetOctet(SaltStr)
- defer OCT_free(&SaltOct)
-
- KeyOct := GetOctetZero(olen)
- defer OCT_free(&KeyOct)
-
- C.MPIN_PBKDF2(&PassOct, &SaltOct, C.int(rep), C.int(olen), &KeyOct)
-
- // Convert octet to bytes
- Key = OCT_toBytes(&KeyOct)
-
- return
-}
-
-func MPIN_printBinary(array []byte) {
- for i := 0; i < len(array); i++ {
- fmt.Printf("%02x", array[i])
- }
- fmt.Printf("\n")
-}
-
-/* Outputs H(CID) and H(T|H(CID)) for time permits. If no time permits set HID=HTID */
-func MPIN_SERVER_1_WRAP(date int, ID []byte) (HID, HTID []byte) {
- // Form Octets
- IDStr := string(ID)
- IDOct := GetOctet(IDStr)
- defer OCT_free(&IDOct)
-
- HIDOct := GetOctetZero(G1S)
- defer OCT_free(&HIDOct)
- HTIDOct := GetOctetZero(G1S)
- defer OCT_free(&HTIDOct)
-
- C.MPIN_SERVER_1(C.int(date), &IDOct, &HIDOct, &HTIDOct)
-
- // Convert octet to bytes
- HID = OCT_toBytes(&HIDOct)
- HTID = OCT_toBytes(&HTIDOct)
-
- return
-}
-
-/* Implement step 2 of MPin protocol on server side */
-func MPIN_SERVER_2_WRAP(date int, HID []byte, HTID []byte, Y []byte, SS []byte, U []byte, UT []byte, V []byte) (errorCode int, E, F []byte) {
- // Form Octets
- HIDStr := string(HID)
- HIDOct := GetOctet(HIDStr)
- defer OCT_free(&HIDOct)
- HTIDStr := string(HTID)
- HTIDOct := GetOctet(HTIDStr)
- defer OCT_free(&HTIDOct)
- YStr := string(Y)
- YOct := GetOctet(YStr)
- defer OCT_free(&YOct)
- SSStr := string(SS)
- SSOct := GetOctet(SSStr)
- defer OCT_free(&SSOct)
- UStr := string(U)
- UOct := GetOctet(UStr)
- defer OCT_free(&UOct)
- UTStr := string(UT)
- UTOct := GetOctet(UTStr)
- defer OCT_free(&UTOct)
- VStr := string(V)
- VOct := GetOctet(VStr)
- defer OCT_free(&VOct)
-
- EOct := GetOctetZero(GTS)
- defer OCT_free(&EOct)
- FOct := GetOctetZero(GTS)
- defer OCT_free(&FOct)
- rtn := C.MPIN_SERVER_2(C.int(date), &HIDOct, &HTIDOct, &YOct, &SSOct, &UOct, &UTOct, &VOct, &EOct, &FOct)
-
- errorCode = int(rtn)
- E = OCT_toBytes(&EOct)
- F = OCT_toBytes(&FOct)
-
- return
-}
-
-/* Implement step 1 on client side of MPin protocol. Use GO code to generate random X */
-func MPIN_CLIENT_1_WRAP(date int, ID []byte, RNG *amcl.RAND, X []byte, PIN int, TOKEN []byte, TP []byte) (errorCode int, XOut, SEC, U, UT []byte) {
- amcl.MPIN_RANDOM_GENERATE(RNG, X[:])
- errorCode, XOut, SEC, U, UT = MPIN_CLIENT_1_C(date, ID[:], nil, X[:], PIN, TOKEN[:], TP[:])
- return
-}
-
-/* Implement step 1 on client side of MPin protocol
- When rng=nil the X value is externally generated
-*/
-func MPIN_CLIENT_1_C(date int, ID []byte, rng *C.csprng, X []byte, PIN int, TOKEN []byte, TP []byte) (errorCode int, XOut, SEC, U, UT []byte) {
- // Form Octets
- IDStr := string(ID)
- IDOct := GetOctet(IDStr)
- defer OCT_free(&IDOct)
-
- XStr := string(X)
- XOct := GetOctet(XStr)
- defer OCT_free(&XOct)
-
- TOKENStr := string(TOKEN)
- TOKENOct := GetOctet(TOKENStr)
- defer OCT_free(&TOKENOct)
-
- TPStr := string(TP)
- TPOct := GetOctet(TPStr)
- defer OCT_free(&TPOct)
-
- SECOct := GetOctetZero(G1S)
- defer OCT_free(&SECOct)
- UOct := GetOctetZero(G1S)
- defer OCT_free(&UOct)
- UTOct := GetOctetZero(G1S)
- defer OCT_free(&UTOct)
-
- rtn := C.MPIN_CLIENT_1(C.int(date), &IDOct, rng, &XOct, C.int(PIN), &TOKENOct, &SECOct, &UOct, &UTOct, &TPOct)
-
- errorCode = int(rtn)
- // Convert octet to bytes
- XOut = OCT_toBytes(&XOct)
- SEC = OCT_toBytes(&SECOct)
- U = OCT_toBytes(&UOct)
- UT = OCT_toBytes(&UTOct)
-
- return
-}
-
-/* Implement step 2 on client side of MPin protocol */
-func MPIN_CLIENT_2_WRAP(X []byte, Y []byte, SEC []byte) (errorCode int, V []byte) {
- // Form Octets
- XStr := string(X)
- XOct := GetOctet(XStr)
- defer OCT_free(&XOct)
- YStr := string(Y)
- YOct := GetOctet(YStr)
- defer OCT_free(&YOct)
- SECStr := string(SEC)
- SECOct := GetOctet(SECStr)
- defer OCT_free(&SECOct)
-
- rtn := C.MPIN_CLIENT_2(&XOct, &YOct, &SECOct)
-
- errorCode = int(rtn)
- // Convert octet to bytes
- V = OCT_toBytes(&SECOct)
-
- return
-}
-
-func MPIN_HASH_ALL_WRAP(I, U, UT, Y, V, R, W []byte) (HM []byte) {
- // Form Octets
- IStr := string(I)
- IOct := GetOctet(IStr)
- defer OCT_free(&IOct)
-
- UStr := string(U)
- UOct := GetOctet(UStr)
- defer OCT_free(&UOct)
-
- UTStr := string(UT)
- UTOct := GetOctet(UTStr)
- defer OCT_free(&UTOct)
-
- YStr := string(Y)
- YOct := GetOctet(YStr)
- defer OCT_free(&YOct)
-
- VStr := string(V)
- VOct := GetOctet(VStr)
- defer OCT_free(&VOct)
-
- RStr := string(R)
- ROct := GetOctet(RStr)
- defer OCT_free(&ROct)
-
- WStr := string(W)
- WOct := GetOctet(WStr)
- defer OCT_free(&WOct)
-
- HMOct := GetOctetZero(HASH_BYTES)
- defer OCT_free(&HMOct)
-
- // Hash values
- C.MPIN_HASH_ALL(&IOct, &UOct, &UTOct, &YOct, &VOct, &ROct, &WOct, &HMOct)
-
- // Convert octet to bytes
- HM = OCT_toBytes(&HMOct)
-
- return
-}
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/85fabaa6/go/src/github.com/miracl/amcl-cgo/crypto_test.go
----------------------------------------------------------------------
diff --git a/go/src/github.com/miracl/amcl-cgo/crypto_test.go b/go/src/github.com/miracl/amcl-cgo/crypto_test.go
deleted file mode 100644
index 435f954..0000000
--- a/go/src/github.com/miracl/amcl-cgo/crypto_test.go
+++ /dev/null
@@ -1,1175 +0,0 @@
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-package amcl
-
-import (
- "crypto/rand"
- "encoding/hex"
- "fmt"
- mathrand "math/rand"
- "testing"
-
- "github.com/stretchr/testify/assert"
-
- amclgo "github.com/miracl/amcl-go"
-)
-
-const nIter int = 100
-
-// Set to true if library built with "-D USE_ANONYMOUS=on"
-const USE_ANONYMOUS = false
-
-func TestGoodPIN(t *testing.T) {
- want := 0
- var got int
-
- // Assign the End-User an ID
- IDstr := "testUser@miracl.com"
- ID := []byte(IDstr)
-
- // Epoch time in days
- date := 16660
-
- // Epoch time in seconds
- timeValue := 1439465203
-
- // PIN variable to create token
- PIN1 := 1234
- // PIN variable to authenticate
- PIN2 := 1234
-
- // Seed value for Random Number Generator (RNG)
- seedHex := "9e8b4178790cd57a5761c4a6f164ba72"
- seed, err := hex.DecodeString(seedHex)
- if err != nil {
- fmt.Println("Error decoding seed value")
- return
- }
- rng := amclgo.NewRAND()
- rng.Seed(len(seed), seed)
-
- // Message to sign
- var MESSAGE []byte
-
- // Generate Master Secret Share 1
- _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Generate Master Secret Share 2
- _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Either Client or TA calculates Hash(ID)
- HCID := MPIN_HASH_ID(ID)
-
- // Generate server secret share 1
- _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:])
-
- // Generate server secret share 2
- _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:])
-
- // Combine server secret shares
- _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:])
-
- // Generate client secret share 1
- _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID)
-
- // Generate client secret share 2
- _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID)
-
- // Combine client secret shares
- CS := make([]byte, G1S)
- _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:])
-
- // Generate time permit share 1
- _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID)
-
- // Generate time permit share 2
- _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID)
-
- // Combine time permit shares
- _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:])
-
- // Create token
- _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:])
-
- // Send U, UT, V, timeValue and Message to server
- var X [EGS]byte
- _, _, _, V, U, UT := MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:])
-
- if USE_ANONYMOUS {
- got, _, _, _, _, _ = MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], HCID[:], MESSAGE[:])
- } else {
- got, _, _, _, _, _ = MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], ID[:], MESSAGE[:])
- }
- assert.Equal(t, want, got, "Should be equal")
-}
-
-func TestBadPIN(t *testing.T) {
- want := -19
- var got int
-
- // Assign the End-User an ID
- IDstr := "testUser@miracl.com"
- ID := []byte(IDstr)
-
- // Epoch time in days
- date := 16660
-
- // Epoch time in seconds
- timeValue := 1439465203
-
- // PIN variable to create token
- PIN1 := 1234
- // PIN variable to authenticate
- PIN2 := 1235
-
- // Seed value for Random Number Generator (RNG)
- seedHex := "9e8b4178790cd57a5761c4a6f164ba72"
- seed, err := hex.DecodeString(seedHex)
- if err != nil {
- fmt.Println("Error decoding seed value")
- return
- }
- rng := amclgo.NewRAND()
- rng.Seed(len(seed), seed)
-
- // Message to sign
- var MESSAGE []byte
-
- // Generate Master Secret Share 1
- _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Generate Master Secret Share 2
- _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Either Client or TA calculates Hash(ID)
- HCID := MPIN_HASH_ID(ID)
-
- // Generate server secret share 1
- _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:])
-
- // Generate server secret share 2
- _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:])
-
- // Combine server secret shares
- _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:])
-
- // Generate client secret share 1
- _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID)
-
- // Generate client secret share 2
- _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID)
-
- // Combine client secret shares
- CS := make([]byte, G1S)
- _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:])
-
- // Generate time permit share 1
- _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID)
-
- // Generate time permit share 2
- _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID)
-
- // Combine time permit shares
- _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:])
-
- // Create token
- _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:])
-
- ////// Client //////
-
- // Send U, UT, V, timeValue and Message to server
- var X [EGS]byte
- _, _, _, V, U, UT := MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:])
-
- ////// Server //////
- if USE_ANONYMOUS {
- got, _, _, _, _, _ = MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], HCID[:], MESSAGE[:])
- } else {
- got, _, _, _, _, _ = MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], ID[:], MESSAGE[:])
- }
- assert.Equal(t, want, got, "Should be equal")
-}
-
-func TestBadToken(t *testing.T) {
- want := -19
- var got int
-
- // Assign the End-User an ID
- IDstr := "testUser@miracl.com"
- ID := []byte(IDstr)
-
- // Epoch time in days
- date := 16660
-
- // Epoch time in seconds
- timeValue := 1439465203
-
- // PIN variable to create token
- PIN1 := 1234
- // PIN variable to authenticate
- PIN2 := 1234
-
- // Seed value for Random Number Generator (RNG)
- seedHex := "9e8b4178790cd57a5761c4a6f164ba72"
- seed, err := hex.DecodeString(seedHex)
- if err != nil {
- fmt.Println("Error decoding seed value")
- return
- }
- rng := amclgo.NewRAND()
- rng.Seed(len(seed), seed)
-
- // Message to sign
- var MESSAGE []byte
-
- // Generate Master Secret Share 1
- _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Generate Master Secret Share 2
- _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Either Client or TA calculates Hash(ID)
- HCID := MPIN_HASH_ID(ID)
-
- // Generate server secret share 1
- _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:])
-
- // Generate server secret share 2
- _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:])
-
- // Combine server secret shares
- _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:])
-
- // Generate client secret share 1
- _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID)
-
- // Generate client secret share 2
- _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID)
-
- // Combine client secret shares
- CS := make([]byte, G1S)
- _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:])
-
- // Generate time permit share 1
- _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID)
-
- // Generate time permit share 2
- _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID)
-
- // Combine time permit shares
- _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:])
-
- // Create token
- _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:])
-
- // Send U, UT, V, timeValue and Message to server
- var X [EGS]byte
- _, _, _, _, U, UT := MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:])
-
- // Send UT as V to model bad token
- if USE_ANONYMOUS {
- got, _, _, _, _, _ = MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], UT[:], HCID[:], MESSAGE[:])
- } else {
- got, _, _, _, _, _ = MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], UT[:], ID[:], MESSAGE[:])
- }
- assert.Equal(t, want, got, "Should be equal")
-}
-
-func TestRandom(t *testing.T) {
- want := 0
- var got int
-
- for i := 0; i < nIter; i++ {
-
- // Seed value for Random Number Generator (RNG)
- seed := make([]byte, 16)
- rand.Read(seed)
- rng := amclgo.NewRAND()
- rng.Seed(len(seed), seed)
-
- // Epoch time in days
- date := MPIN_today()
-
- // Epoch time in seconds
- timeValue := MPIN_GET_TIME()
-
- // PIN variable to create token
- PIN1 := mathrand.Intn(10000)
- // PIN variable to authenticate
- PIN2 := PIN1
-
- // Assign the End-User a random ID
- ID := make([]byte, 16)
- rand.Read(ID)
-
- // Message to sign
- var MESSAGE []byte
-
- // Generate Master Secret Share 1
- _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Generate Master Secret Share 2
- _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Either Client or TA calculates Hash(ID)
- HCID := MPIN_HASH_ID(ID)
-
- // Generate server secret share 1
- _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:])
-
- // Generate server secret share 2
- _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:])
-
- // Combine server secret shares
- _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:])
-
- // Generate client secret share 1
- _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID)
-
- // Generate client secret share 2
- _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID)
-
- // Combine client secret shares
- CS := make([]byte, G1S)
- _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:])
-
- // Generate time permit share 1
- _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID)
-
- // Generate time permit share 2
- _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID)
-
- // Combine time permit shares
- _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:])
-
- // Create token
- _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:])
-
- // Send U, UT, V, timeValue and Message to server
- var X [EGS]byte
- _, _, _, V, U, UT := MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:])
-
- if USE_ANONYMOUS {
- got, _, _, _, _, _ = MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], HCID[:], MESSAGE[:])
- } else {
- got, _, _, _, _, _ = MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], ID[:], MESSAGE[:])
- }
- assert.Equal(t, want, got, "Should be equal")
- }
-}
-
-func TestGoodSignature(t *testing.T) {
- want := 0
- var got int
-
- // Assign the End-User an ID
- IDstr := "testUser@miracl.com"
- ID := []byte(IDstr)
-
- // Message to sign
- MESSAGE := []byte("test message to sign")
-
- // Epoch time in days
- date := 16660
-
- // Epoch time in seconds
- timeValue := 1439465203
-
- // PIN variable to create token
- PIN1 := 1234
- // PIN variable to authenticate
- PIN2 := 1234
-
- // Seed value for Random Number Generator (RNG)
- seedHex := "9e8b4178790cd57a5761c4a6f164ba72"
- seed, err := hex.DecodeString(seedHex)
- if err != nil {
- fmt.Println("Error decoding seed value")
- return
- }
- rng := amclgo.NewRAND()
- rng.Seed(len(seed), seed)
-
- // Generate Master Secret Share 1
- _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Generate Master Secret Share 2
- _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Either Client or TA calculates Hash(ID)
- HCID := MPIN_HASH_ID(ID)
-
- // Generate server secret share 1
- _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:])
-
- // Generate server secret share 2
- _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:])
-
- // Combine server secret shares
- _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:])
-
- // Generate client secret share 1
- _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID)
-
- // Generate client secret share 2
- _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID)
-
- // Combine client secret shares
- CS := make([]byte, G1S)
- _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:])
-
- // Generate time permit share 1
- _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID)
-
- // Generate time permit share 2
- _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID)
-
- // Combine time permit shares
- _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:])
-
- // Create token
- _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:])
-
- // Send U, UT, V, timeValue and Message to server
- var X [EGS]byte
- _, _, _, V, U, UT := MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:])
-
- // Authenticate
- if USE_ANONYMOUS {
- got, _, _, _, _, _ = MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], HCID[:], MESSAGE[:])
- } else {
- got, _, _, _, _, _ = MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], ID[:], MESSAGE[:])
- }
- assert.Equal(t, want, got, "Should be equal")
-}
-
-func TestSignatureExpired(t *testing.T) {
- want := -19
- var got int
-
- // Assign the End-User an ID
- IDstr := "testUser@miracl.com"
- ID := []byte(IDstr)
-
- // Message to sign
- MESSAGE := []byte("test message to sign")
-
- // Epoch time in days
- date := 16660
-
- // Epoch time in seconds
- timeValue := 1439465203
-
- // PIN variable to create token
- PIN1 := 1234
- // PIN variable to authenticate
- PIN2 := 1234
-
- // Seed value for Random Number Generator (RNG)
- seedHex := "9e8b4178790cd57a5761c4a6f164ba72"
- seed, err := hex.DecodeString(seedHex)
- if err != nil {
- fmt.Println("Error decoding seed value")
- return
- }
- rng := amclgo.NewRAND()
- rng.Seed(len(seed), seed)
-
- // Generate Master Secret Share 1
- _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Generate Master Secret Share 2
- _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Either Client or TA calculates Hash(ID)
- HCID := MPIN_HASH_ID(ID)
-
- // Generate server secret share 1
- _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:])
-
- // Generate server secret share 2
- _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:])
-
- // Combine server secret shares
- _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:])
-
- // Generate client secret share 1
- _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID)
-
- // Generate client secret share 2
- _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID)
-
- // Combine client secret shares
- CS := make([]byte, G1S)
- _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:])
-
- // Generate time permit share 1
- _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID)
-
- // Generate time permit share 2
- _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID)
-
- // Combine time permit shares
- _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:])
-
- // Create token
- _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:])
-
- // Send U, UT, V, timeValue and Message to server
- var X [EGS]byte
- _, _, _, V, U, UT := MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:])
-
- timeValue += 10
- // Authenticate
- if USE_ANONYMOUS {
- got, _, _, _, _, _ = MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], HCID[:], MESSAGE[:])
- } else {
- got, _, _, _, _, _ = MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], ID[:], MESSAGE[:])
- }
- assert.Equal(t, want, got, "Should be equal")
-}
-
-func TestBadSignature(t *testing.T) {
- want := -19
- var got int
-
- // Assign the End-User an ID
- IDstr := "testUser@miracl.com"
- ID := []byte(IDstr)
-
- // Message to sign
- MESSAGE := []byte("test message to sign")
-
- // Epoch time in days
- date := 16660
-
- // Epoch time in seconds
- timeValue := 1439465203
-
- // PIN variable to create token
- PIN1 := 1234
- // PIN variable to authenticate
- PIN2 := 1234
-
- // Seed value for Random Number Generator (RNG)
- seedHex := "9e8b4178790cd57a5761c4a6f164ba72"
- seed, err := hex.DecodeString(seedHex)
- if err != nil {
- fmt.Println("Error decoding seed value")
- return
- }
- rng := amclgo.NewRAND()
- rng.Seed(len(seed), seed)
-
- // Generate Master Secret Share 1
- _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Generate Master Secret Share 2
- _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Either Client or TA calculates Hash(ID)
- HCID := MPIN_HASH_ID(ID)
-
- // Generate server secret share 1
- _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:])
-
- // Generate server secret share 2
- _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:])
-
- // Combine server secret shares
- _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:])
-
- // Generate client secret share 1
- _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID)
-
- // Generate client secret share 2
- _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID)
-
- // Combine client secret shares
- CS := make([]byte, G1S)
- _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:])
-
- // Generate time permit share 1
- _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID)
-
- // Generate time permit share 2
- _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID)
-
- // Combine time permit shares
- _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:])
-
- // Create token
- _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:])
-
- // Send U, UT, V, timeValue and Message to server
- var X [EGS]byte
- _, _, _, V, U, UT := MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:])
-
- // Authenticate
- MESSAGE[0] = 00
- if USE_ANONYMOUS {
- got, _, _, _, _, _ = MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], HCID[:], MESSAGE[:])
- } else {
- got, _, _, _, _, _ = MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], ID[:], MESSAGE[:])
- }
- assert.Equal(t, want, got, "Should be equal")
-}
-
-func TestPINError(t *testing.T) {
- want := 1001
- // Assign the End-User an ID
- IDstr := "testUser@miracl.com"
- ID := []byte(IDstr)
-
- // Epoch time in days
- date := 16660
-
- // Epoch time in seconds
- timeValue := 1439465203
-
- // PIN variable to create token
- PIN1 := 1234
- // PIN variable to authenticate
- PIN2 := 2235
-
- // Seed value for Random Number Generator (RNG)
- seedHex := "9e8b4178790cd57a5761c4a6f164ba72"
- seed, err := hex.DecodeString(seedHex)
- if err != nil {
- fmt.Println("Error decoding seed value")
- return
- }
- rng := amclgo.NewRAND()
- rng.Seed(len(seed), seed)
-
- // Message to sign
- var MESSAGE []byte
-
- // Generate Master Secret Share 1
- _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Generate Master Secret Share 2
- _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Either Client or TA calculates Hash(ID)
- HCID := MPIN_HASH_ID(ID)
-
- // Generate server secret share 1
- _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:])
-
- // Generate server secret share 2
- _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:])
-
- // Combine server secret shares
- _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:])
-
- // Generate client secret share 1
- _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID)
-
- // Generate client secret share 2
- _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID)
-
- // Combine client secret shares
- CS := make([]byte, G1S)
- _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:])
-
- // Generate time permit share 1
- _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID)
-
- // Generate time permit share 2
- _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID)
-
- // Combine time permit shares
- _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:])
-
- // Create token
- _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:])
-
- // Send U, UT, V, timeValue and Message to server
- var X [EGS]byte
- _, _, _, V, U, UT := MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:])
-
- var E []byte
- var F []byte
- if USE_ANONYMOUS {
- _, _, _, _, E, F = MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], HCID[:], MESSAGE[:])
- } else {
- _, _, _, _, E, F = MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], ID[:], MESSAGE[:])
- }
-
- got := MPIN_KANGAROO(E[:], F[:])
- assert.Equal(t, want, got, "Should be equal")
-}
-
-func TestMPINFull(t *testing.T) {
- want := "4e0317c9962dc2944c121ec41c800e16"
- // Assign the End-User an ID
- IDstr := "testUser@miracl.com"
- ID := []byte(IDstr)
-
- // Epoch time in days
- date := 16660
-
- // Epoch time in seconds
- timeValue := 1439465203
-
- // PIN variable to create token
- PIN1 := 1234
- // PIN variable to authenticate
- PIN2 := 1234
-
- // Seed value for Random Number Generator (RNG)
- seedHex := "9e8b4178790cd57a5761c4a6f164ba72"
- seed, err := hex.DecodeString(seedHex)
- if err != nil {
- fmt.Println("Error decoding seed value")
- return
- }
- rng := amclgo.NewRAND()
- rng.Seed(len(seed), seed)
-
- // Message to sign
- var MESSAGE []byte
-
- // Generate Master Secret Share 1
- _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Generate Master Secret Share 2
- _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Either Client or TA calculates Hash(ID)
- HCID := MPIN_HASH_ID(ID)
-
- // Generate server secret share 1
- _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:])
-
- // Generate server secret share 2
- _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:])
-
- // Combine server secret shares
- _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:])
-
- // Generate client secret share 1
- _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID)
-
- // Generate client secret share 2
- _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID)
-
- // Combine client secret shares
- CS := make([]byte, G1S)
- _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:])
-
- // Generate time permit share 1
- _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID)
-
- // Generate time permit share 2
- _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID)
-
- // Combine time permit shares
- _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:])
-
- // Create token
- _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:])
-
- // Precomputation
- _, G1, G2 := MPIN_PRECOMPUTE_WRAP(TOKEN[:], HCID)
-
- // Send U, UT, V, timeValue and Message to server
- var X [EGS]byte
- _, XOut, _, V, U, UT := MPIN_CLIENT_WRAP(date, timeValue, PIN2, rng, ID[:], X[:], TOKEN[:], TP[:], MESSAGE[:])
-
- // Send Z=r.ID to Server
- var R [EGS]byte
- _, ROut, Z := MPIN_GET_G1_MULTIPLE_WRAP(rng, 1, R[:], HCID[:])
-
- // Authenticate
- var HID []byte
- var HTID []byte
- var Y []byte
- if USE_ANONYMOUS {
- _, HID, HTID, Y, _, _ = MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], HCID[:], MESSAGE[:])
- } else {
- _, HID, HTID, Y, _, _ = MPIN_SERVER_WRAP(date, timeValue, SS[:], U[:], UT[:], V[:], ID[:], MESSAGE[:])
- }
-
- // send T=w.ID to client
- var W [EGS]byte
- _, WOut, T := MPIN_GET_G1_MULTIPLE_WRAP(rng, 0, W[:], HTID[:])
-
- // Hash all values
- HM := MPIN_HASH_ALL_WRAP(HCID[:], U[:], UT[:], Y[:], V[:], Z[:], T[:])
-
- _, AES_KEY_SERVER := MPIN_SERVER_KEY_WRAP(Z[:], SS[:], WOut[:], HM[:], HID[:], U[:], UT[:])
- got := hex.EncodeToString(AES_KEY_SERVER[:])
- if got != want {
- t.Errorf("%s != %s", want, got)
- }
-
- _, AES_KEY_CLIENT := MPIN_CLIENT_KEY_WRAP(PIN2, G1[:], G2[:], ROut[:], XOut[:], HM[:], T[:])
- got = hex.EncodeToString(AES_KEY_CLIENT[:])
-
- assert.Equal(t, want, got, "Should be equal")
-}
-
-func TestTwoPassGoodPIN(t *testing.T) {
- want := 0
- // Assign the End-User an ID
- IDstr := "testUser@miracl.com"
- ID := []byte(IDstr)
-
- // Epoch time in days
- date := 16660
-
- // PIN variable to create token
- PIN1 := 1234
- // PIN variable to authenticate
- PIN2 := 1234
-
- // Seed value for Random Number Generator (RNG)
- seedHex := "9e8b4178790cd57a5761c4a6f164ba72"
- seed, err := hex.DecodeString(seedHex)
- if err != nil {
- fmt.Println("Error decoding seed value")
- return
- }
- rng := amclgo.NewRAND()
- rng.Seed(len(seed), seed)
-
- // Generate Master Secret Share 1
- _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Generate Master Secret Share 2
- _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Either Client or TA calculates Hash(ID)
- HCID := MPIN_HASH_ID(ID)
-
- // Generate server secret share 1
- _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:])
-
- // Generate server secret share 2
- _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:])
-
- // Combine server secret shares
- _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:])
-
- // Generate client secret share 1
- _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID)
-
- // Generate client secret share 2
- _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID)
-
- // Combine client secret shares
- CS := make([]byte, G1S)
- _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:])
-
- // Generate time permit share 1
- _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID)
-
- // Generate time permit share 2
- _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID)
-
- // Combine time permit shares
- _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:])
-
- // Create token
- _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:])
-
- // Client Pass 1
- var X [EGS]byte
- _, _, SEC, U, UT := MPIN_CLIENT_1_WRAP(date, ID, rng, X[:], PIN2, TOKEN[:], TP[:])
-
- // Server Pass 1
- var HID []byte
- var HTID []byte
- if USE_ANONYMOUS {
- HID, HTID = MPIN_SERVER_1_WRAP(date, HCID)
- } else {
- HID, HTID = MPIN_SERVER_1_WRAP(date, ID)
- }
- _, Y := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Client Pass 2
- _, V := MPIN_CLIENT_2_WRAP(X[:], Y[:], SEC[:])
-
- // Server Pass 2
- got, _, _ := MPIN_SERVER_2_WRAP(date, HID[:], HTID[:], Y[:], SS[:], U[:], UT[:], V[:])
- assert.Equal(t, want, got, "Should be equal")
-}
-
-func TestTwoPassBadPIN(t *testing.T) {
- want := -19
- // Assign the End-User an ID
- IDstr := "testUser@miracl.com"
- ID := []byte(IDstr)
-
- // Epoch time in days
- date := 16660
-
- // PIN variable to create token
- PIN1 := 1234
- // PIN variable to authenticate
- PIN2 := 1235
-
- // Seed value for Random Number Generator (RNG)
- seedHex := "9e8b4178790cd57a5761c4a6f164ba72"
- seed, err := hex.DecodeString(seedHex)
- if err != nil {
- fmt.Println("Error decoding seed value")
- return
- }
- rng := amclgo.NewRAND()
- rng.Seed(len(seed), seed)
-
- // Generate Master Secret Share 1
- _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Generate Master Secret Share 2
- _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Either Client or TA calculates Hash(ID)
- HCID := MPIN_HASH_ID(ID)
-
- // Generate server secret share 1
- _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:])
-
- // Generate server secret share 2
- _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:])
-
- // Combine server secret shares
- _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:])
-
- // Generate client secret share 1
- _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID)
-
- // Generate client secret share 2
- _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID)
-
- // Combine client secret shares
- CS := make([]byte, G1S)
- _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:])
-
- // Generate time permit share 1
- _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID)
-
- // Generate time permit share 2
- _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID)
-
- // Combine time permit shares
- _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:])
-
- // Create token
- _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:])
-
- // Client Pass 1
- var X [EGS]byte
- _, _, SEC, U, UT := MPIN_CLIENT_1_WRAP(date, ID, rng, X[:], PIN2, TOKEN[:], TP[:])
-
- // Server Pass 1
- var HID []byte
- var HTID []byte
- if USE_ANONYMOUS {
- HID, HTID = MPIN_SERVER_1_WRAP(date, HCID)
- } else {
- HID, HTID = MPIN_SERVER_1_WRAP(date, ID)
- }
- _, Y := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Client Pass 2
- _, V := MPIN_CLIENT_2_WRAP(X[:], Y[:], SEC[:])
-
- // Server Pass 2
- got, _, _ := MPIN_SERVER_2_WRAP(date, HID[:], HTID[:], Y[:], SS[:], U[:], UT[:], V[:])
- assert.Equal(t, want, got, "Should be equal")
-}
-
-func TestTwoPassBadToken(t *testing.T) {
- want := -19
- // Assign the End-User an ID
- IDstr := "testUser@miracl.com"
- ID := []byte(IDstr)
-
- // Epoch time in days
- date := 16660
-
- // PIN variable to create token
- PIN1 := 1234
- // PIN variable to authenticate
- PIN2 := 1234
-
- // Seed value for Random Number Generator (RNG)
- seedHex := "9e8b4178790cd57a5761c4a6f164ba72"
- seed, err := hex.DecodeString(seedHex)
- if err != nil {
- fmt.Println("Error decoding seed value")
- return
- }
- rng := amclgo.NewRAND()
- rng.Seed(len(seed), seed)
-
- // Generate Master Secret Share 1
- _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Generate Master Secret Share 2
- _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Either Client or TA calculates Hash(ID)
- HCID := MPIN_HASH_ID(ID)
-
- // Generate server secret share 1
- _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:])
-
- // Generate server secret share 2
- _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:])
-
- // Combine server secret shares
- _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:])
-
- // Generate client secret share 1
- _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID)
-
- // Generate client secret share 2
- _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID)
-
- // Combine client secret shares
- CS := make([]byte, G1S)
- _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:])
-
- // Generate time permit share 1
- _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID)
-
- // Generate time permit share 2
- _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID)
-
- // Combine time permit shares
- _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:])
-
- // Create token
- _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:])
-
- // Client Pass 1
- var X [EGS]byte
- _, _, SEC, U, UT := MPIN_CLIENT_1_WRAP(date, ID, rng, X[:], PIN2, TOKEN[:], TP[:])
-
- // Server Pass 1
- var HID []byte
- var HTID []byte
- if USE_ANONYMOUS {
- HID, HTID = MPIN_SERVER_1_WRAP(date, HCID)
- } else {
- HID, HTID = MPIN_SERVER_1_WRAP(date, ID)
- }
- _, Y := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Client Pass 2
- _, _ = MPIN_CLIENT_2_WRAP(X[:], Y[:], SEC[:])
-
- // Server Pass 2
- // Send UT as V to model bad token
- got, _, _ := MPIN_SERVER_2_WRAP(date, HID[:], HTID[:], Y[:], SS[:], U[:], UT[:], UT[:])
- assert.Equal(t, want, got, "Should be equal")
-}
-
-func TestRandomTwoPass(t *testing.T) {
- want := 0
-
- for i := 0; i < nIter; i++ {
-
- // Seed value for Random Number Generator (RNG)
- seed := make([]byte, 16)
- rand.Read(seed)
- rng := amclgo.NewRAND()
- rng.Seed(len(seed), seed)
-
- // Epoch time in days
- date := MPIN_today()
-
- // PIN variable to create token
- PIN1 := mathrand.Intn(10000)
- // PIN variable to authenticate
- PIN2 := PIN1
-
- // Assign the End-User a random ID
- ID := make([]byte, 16)
- rand.Read(ID)
-
- // Generate Master Secret Share 1
- _, MS1 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Generate Master Secret Share 2
- _, MS2 := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Either Client or TA calculates Hash(ID)
- HCID := MPIN_HASH_ID(ID)
-
- // Generate server secret share 1
- _, SS1 := MPIN_GET_SERVER_SECRET_WRAP(MS1[:])
-
- // Generate server secret share 2
- _, SS2 := MPIN_GET_SERVER_SECRET_WRAP(MS2[:])
-
- // Combine server secret shares
- _, SS := MPIN_RECOMBINE_G2_WRAP(SS1[:], SS2[:])
-
- // Generate client secret share 1
- _, CS1 := MPIN_GET_CLIENT_SECRET_WRAP(MS1[:], HCID)
-
- // Generate client secret share 2
- _, CS2 := MPIN_GET_CLIENT_SECRET_WRAP(MS2[:], HCID)
-
- // Combine client secret shares
- CS := make([]byte, G1S)
- _, CS = MPIN_RECOMBINE_G1_WRAP(CS1[:], CS2[:])
-
- // Generate time permit share 1
- _, TP1 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS1[:], HCID)
-
- // Generate time permit share 2
- _, TP2 := MPIN_GET_CLIENT_PERMIT_WRAP(date, MS2[:], HCID)
-
- // Combine time permit shares
- _, TP := MPIN_RECOMBINE_G1_WRAP(TP1[:], TP2[:])
-
- // Create token
- _, TOKEN := MPIN_EXTRACT_PIN_WRAP(ID[:], PIN1, CS[:])
-
- // Client Pass 1
- var X [EGS]byte
- _, _, SEC, U, UT := MPIN_CLIENT_1_WRAP(date, ID, rng, X[:], PIN2, TOKEN[:], TP[:])
-
- // Server Pass 1
- var HID []byte
- var HTID []byte
- if USE_ANONYMOUS {
- HID, HTID = MPIN_SERVER_1_WRAP(date, HCID)
- } else {
- HID, HTID = MPIN_SERVER_1_WRAP(date, ID)
- }
- _, Y := MPIN_RANDOM_GENERATE_WRAP(rng)
-
- // Client Pass 2
- _, V := MPIN_CLIENT_2_WRAP(X[:], Y[:], SEC[:])
-
- // Server Pass 2
- got, _, _ := MPIN_SERVER_2_WRAP(date, HID[:], HTID[:], Y[:], SS[:], U[:], UT[:], V[:])
- assert.Equal(t, want, got, "Should be equal")
-
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/85fabaa6/go/src/github.com/miracl/amcl-go/AES.go
----------------------------------------------------------------------
diff --git a/go/src/github.com/miracl/amcl-go/AES.go b/go/src/github.com/miracl/amcl-go/AES.go
deleted file mode 100644
index 598d408..0000000
--- a/go/src/github.com/miracl/amcl-go/AES.go
+++ /dev/null
@@ -1,634 +0,0 @@
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-/* AES Encryption */
-
-package amcl
-
-//import "fmt"
-
-const aes_ECB int = 0
-const aes_CBC int = 1
-const aes_CFB1 int = 2
-const aes_CFB2 int = 3
-const aes_CFB4 int = 5
-const aes_OFB1 int = 14
-const aes_OFB2 int = 15
-const aes_OFB4 int = 17
-const aes_OFB8 int = 21
-const aes_OFB16 int = 29
-
-var aes_InCo = [...]byte{0xB, 0xD, 0x9, 0xE} /* Inverse Coefficients */
-
-var aes_ptab = [...]byte{
- 1, 3, 5, 15, 17, 51, 85, 255, 26, 46, 114, 150, 161, 248, 19, 53,
- 95, 225, 56, 72, 216, 115, 149, 164, 247, 2, 6, 10, 30, 34, 102, 170,
- 229, 52, 92, 228, 55, 89, 235, 38, 106, 190, 217, 112, 144, 171, 230, 49,
- 83, 245, 4, 12, 20, 60, 68, 204, 79, 209, 104, 184, 211, 110, 178, 205,
- 76, 212, 103, 169, 224, 59, 77, 215, 98, 166, 241, 8, 24, 40, 120, 136,
- 131, 158, 185, 208, 107, 189, 220, 127, 129, 152, 179, 206, 73, 219, 118, 154,
- 181, 196, 87, 249, 16, 48, 80, 240, 11, 29, 39, 105, 187, 214, 97, 163,
- 254, 25, 43, 125, 135, 146, 173, 236, 47, 113, 147, 174, 233, 32, 96, 160,
- 251, 22, 58, 78, 210, 109, 183, 194, 93, 231, 50, 86, 250, 21, 63, 65,
- 195, 94, 226, 61, 71, 201, 64, 192, 91, 237, 44, 116, 156, 191, 218, 117,
- 159, 186, 213, 100, 172, 239, 42, 126, 130, 157, 188, 223, 122, 142, 137, 128,
- 155, 182, 193, 88, 232, 35, 101, 175, 234, 37, 111, 177, 200, 67, 197, 84,
- 252, 31, 33, 99, 165, 244, 7, 9, 27, 45, 119, 153, 176, 203, 70, 202,
- 69, 207, 74, 222, 121, 139, 134, 145, 168, 227, 62, 66, 198, 81, 243, 14,
- 18, 54, 90, 238, 41, 123, 141, 140, 143, 138, 133, 148, 167, 242, 13, 23,
- 57, 75, 221, 124, 132, 151, 162, 253, 28, 36, 108, 180, 199, 82, 246, 1}
-
-var aes_ltab = [...]byte{
- 0, 255, 25, 1, 50, 2, 26, 198, 75, 199, 27, 104, 51, 238, 223, 3,
- 100, 4, 224, 14, 52, 141, 129, 239, 76, 113, 8, 200, 248, 105, 28, 193,
- 125, 194, 29, 181, 249, 185, 39, 106, 77, 228, 166, 114, 154, 201, 9, 120,
- 101, 47, 138, 5, 33, 15, 225, 36, 18, 240, 130, 69, 53, 147, 218, 142,
- 150, 143, 219, 189, 54, 208, 206, 148, 19, 92, 210, 241, 64, 70, 131, 56,
- 102, 221, 253, 48, 191, 6, 139, 98, 179, 37, 226, 152, 34, 136, 145, 16,
- 126, 110, 72, 195, 163, 182, 30, 66, 58, 107, 40, 84, 250, 133, 61, 186,
- 43, 121, 10, 21, 155, 159, 94, 202, 78, 212, 172, 229, 243, 115, 167, 87,
- 175, 88, 168, 80, 244, 234, 214, 116, 79, 174, 233, 213, 231, 230, 173, 232,
- 44, 215, 117, 122, 235, 22, 11, 245, 89, 203, 95, 176, 156, 169, 81, 160,
- 127, 12, 246, 111, 23, 196, 73, 236, 216, 67, 31, 45, 164, 118, 123, 183,
- 204, 187, 62, 90, 251, 96, 177, 134, 59, 82, 161, 108, 170, 85, 41, 157,
- 151, 178, 135, 144, 97, 190, 220, 252, 188, 149, 207, 205, 55, 63, 91, 209,
- 83, 57, 132, 60, 65, 162, 109, 71, 20, 42, 158, 93, 86, 242, 211, 171,
- 68, 17, 146, 217, 35, 32, 46, 137, 180, 124, 184, 38, 119, 153, 227, 165,
- 103, 74, 237, 222, 197, 49, 254, 24, 13, 99, 140, 128, 192, 247, 112, 7}
-
-var aes_fbsub = [...]byte{
- 99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215, 171, 118,
- 202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175, 156, 164, 114, 192,
- 183, 253, 147, 38, 54, 63, 247, 204, 52, 165, 229, 241, 113, 216, 49, 21,
- 4, 199, 35, 195, 24, 150, 5, 154, 7, 18, 128, 226, 235, 39, 178, 117,
- 9, 131, 44, 26, 27, 110, 90, 160, 82, 59, 214, 179, 41, 227, 47, 132,
- 83, 209, 0, 237, 32, 252, 177, 91, 106, 203, 190, 57, 74, 76, 88, 207,
- 208, 239, 170, 251, 67, 77, 51, 133, 69, 249, 2, 127, 80, 60, 159, 168,
- 81, 163, 64, 143, 146, 157, 56, 245, 188, 182, 218, 33, 16, 255, 243, 210,
- 205, 12, 19, 236, 95, 151, 68, 23, 196, 167, 126, 61, 100, 93, 25, 115,
- 96, 129, 79, 220, 34, 42, 144, 136, 70, 238, 184, 20, 222, 94, 11, 219,
- 224, 50, 58, 10, 73, 6, 36, 92, 194, 211, 172, 98, 145, 149, 228, 121,
- 231, 200, 55, 109, 141, 213, 78, 169, 108, 86, 244, 234, 101, 122, 174, 8,
- 186, 120, 37, 46, 28, 166, 180, 198, 232, 221, 116, 31, 75, 189, 139, 138,
- 112, 62, 181, 102, 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158,
- 225, 248, 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85, 40, 223,
- 140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15, 176, 84, 187, 22}
-
-var aes_rbsub = [...]byte{
- 82, 9, 106, 213, 48, 54, 165, 56, 191, 64, 163, 158, 129, 243, 215, 251,
- 124, 227, 57, 130, 155, 47, 255, 135, 52, 142, 67, 68, 196, 222, 233, 203,
- 84, 123, 148, 50, 166, 194, 35, 61, 238, 76, 149, 11, 66, 250, 195, 78,
- 8, 46, 161, 102, 40, 217, 36, 178, 118, 91, 162, 73, 109, 139, 209, 37,
- 114, 248, 246, 100, 134, 104, 152, 22, 212, 164, 92, 204, 93, 101, 182, 146,
- 108, 112, 72, 80, 253, 237, 185, 218, 94, 21, 70, 87, 167, 141, 157, 132,
- 144, 216, 171, 0, 140, 188, 211, 10, 247, 228, 88, 5, 184, 179, 69, 6,
- 208, 44, 30, 143, 202, 63, 15, 2, 193, 175, 189, 3, 1, 19, 138, 107,
- 58, 145, 17, 65, 79, 103, 220, 234, 151, 242, 207, 206, 240, 180, 230, 115,
- 150, 172, 116, 34, 231, 173, 53, 133, 226, 249, 55, 232, 28, 117, 223, 110,
- 71, 241, 26, 113, 29, 41, 197, 137, 111, 183, 98, 14, 170, 24, 190, 27,
- 252, 86, 62, 75, 198, 210, 121, 32, 154, 219, 192, 254, 120, 205, 90, 244,
- 31, 221, 168, 51, 136, 7, 199, 49, 177, 18, 16, 89, 39, 128, 236, 95,
- 96, 81, 127, 169, 25, 181, 74, 13, 45, 229, 122, 159, 147, 201, 156, 239,
- 160, 224, 59, 77, 174, 42, 245, 176, 200, 235, 187, 60, 131, 83, 153, 97,
- 23, 43, 4, 126, 186, 119, 214, 38, 225, 105, 20, 99, 85, 33, 12, 125}
-
-var aes_rco = [...]byte{1, 2, 4, 8, 16, 32, 64, 128, 27, 54, 108, 216, 171, 77, 154, 47}
-
-var aes_ftable = [...]uint32{
- 0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6, 0xdf2f2ff, 0xbd6b6bd6,
- 0xb16f6fde, 0x54c5c591, 0x50303060, 0x3010102, 0xa96767ce, 0x7d2b2b56,
- 0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec, 0x45caca8f, 0x9d82821f,
- 0x40c9c989, 0x877d7dfa, 0x15fafaef, 0xeb5959b2, 0xc947478e, 0xbf0f0fb,
- 0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45, 0xbf9c9c23, 0xf7a4a453,
- 0x967272e4, 0x5bc0c09b, 0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c,
- 0x5a36366c, 0x413f3f7e, 0x2f7f7f5, 0x4fcccc83, 0x5c343468, 0xf4a5a551,
- 0x34e5e5d1, 0x8f1f1f9, 0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a,
- 0xc040408, 0x52c7c795, 0x65232346, 0x5ec3c39d, 0x28181830, 0xa1969637,
- 0xf05050a, 0xb59a9a2f, 0x907070e, 0x36121224, 0x9b80801b, 0x3de2e2df,
- 0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea, 0x1b090912, 0x9e83831d,
- 0x742c2c58, 0x2e1a1a34, 0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b,
- 0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d, 0x7b292952, 0x3ee3e3dd,
- 0x712f2f5e, 0x97848413, 0xf55353a6, 0x68d1d1b9, 0x0, 0x2cededc1,
- 0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6, 0xbe6a6ad4, 0x46cbcb8d,
- 0xd9bebe67, 0x4b393972, 0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85,
- 0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed, 0xc5434386, 0xd74d4d9a,
- 0x55333366, 0x94858511, 0xcf45458a, 0x10f9f9e9, 0x6020204, 0x817f7ffe,
- 0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b, 0xf35151a2, 0xfea3a35d,
- 0xc0404080, 0x8a8f8f05, 0xad92923f, 0xbc9d9d21, 0x48383870, 0x4f5f5f1,
- 0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142, 0x30101020, 0x1affffe5,
- 0xef3f3fd, 0x6dd2d2bf, 0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3,
- 0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e, 0x57c4c493, 0xf2a7a755,
- 0x827e7efc, 0x473d3d7a, 0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6,
- 0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3, 0x66222244, 0x7e2a2a54,
- 0xab90903b, 0x8388880b, 0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428,
- 0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad, 0x3be0e0db, 0x56323264,
- 0x4e3a3a74, 0x1e0a0a14, 0xdb494992, 0xa06060c, 0x6c242448, 0xe45c5cb8,
- 0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4, 0xa8919139, 0xa4959531,
- 0x37e4e4d3, 0x8b7979f2, 0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda,
- 0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949, 0xb46c6cd8, 0xfa5656ac,
- 0x7f4f4f3, 0x25eaeacf, 0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810,
- 0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c, 0x241c1c38, 0xf1a6a657,
- 0xc7b4b473, 0x51c6c697, 0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e,
- 0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f, 0x907070e0, 0x423e3e7c,
- 0xc4b5b571, 0xaa6666cc, 0xd8484890, 0x5030306, 0x1f6f6f7, 0x120e0e1c,
- 0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969, 0x91868617, 0x58c1c199,
- 0x271d1d3a, 0xb99e9e27, 0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122,
- 0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433, 0xb69b9b2d, 0x221e1e3c,
- 0x92878715, 0x20e9e9c9, 0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5,
- 0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a, 0xdabfbf65, 0x31e6e6d7,
- 0xc6424284, 0xb86868d0, 0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e,
- 0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c}
-
-var aes_rtable = [...]uint32{
- 0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a, 0xcb6bab3b, 0xf1459d1f,
- 0xab58faac, 0x9303e34b, 0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5,
- 0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5, 0x495ab1de, 0x671bba25,
- 0x980eea45, 0xe1c0fe5d, 0x2752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b,
- 0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295, 0x2d83bed4, 0xd3217458,
- 0x2969e049, 0x44c8c98e, 0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927,
- 0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d, 0x184adf63, 0x82311ae5,
- 0x60335197, 0x457f5362, 0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9,
- 0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52, 0x23d373ab, 0xe2024b72,
- 0x578f1fe3, 0x2aab5566, 0x728ebb2, 0x3c2b52f, 0x9a7bc586, 0xa50837d3,
- 0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed, 0x2b1ccf8a, 0x92b479a7,
- 0xf0f207f3, 0xa1e2694e, 0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4,
- 0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4, 0x39ec830b, 0xaaef6040,
- 0x69f715e, 0x51106ebd, 0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d,
- 0xb58d5491, 0x55dc471, 0x6fd40604, 0xff155060, 0x24fb9819, 0x97e9bdd6,
- 0xcc434089, 0x779ed967, 0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879,
- 0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x0, 0x83868009, 0x48ed2b32,
- 0xac70111e, 0x4e725a6c, 0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36,
- 0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624, 0xb1670a0c, 0xfe75793,
- 0xd296eeb4, 0x9e919b1b, 0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c,
- 0xaba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12, 0xb0d090e, 0xadc78bf2,
- 0xb9a8b62d, 0xc8a91e14, 0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3,
- 0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b, 0x7629438b, 0xdcc623cb,
- 0x68fcedb6, 0x63f1e4b8, 0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684,
- 0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7, 0x4b2f9e1d, 0xf330b2dc,
- 0xec52860d, 0xd0e3c177, 0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947,
- 0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322, 0xc74e4987, 0xc1d138d9,
- 0xfea2ca8c, 0x360bd498, 0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f,
- 0xe49d3a2c, 0xd927850, 0x9bcc5f6a, 0x62467e54, 0xc2138df6, 0xe8b8d890,
- 0x5ef7392e, 0xf5afc382, 0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf,
- 0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb, 0x97826cd, 0xf418596e,
- 0x1b79aec, 0xa89a4f83, 0x656e95e6, 0x7ee6ffaa, 0x8cfbc21, 0xe6e815ef,
- 0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029, 0xafb2a431, 0x31233f2a,
- 0x3094a5c6, 0xc066a235, 0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733,
- 0x4a9804f1, 0xf7daec41, 0xe50cd7f, 0x2ff69117, 0x8dd64d76, 0x4db0ef43,
- 0x544daacc, 0xdf0496e4, 0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546,
- 0x4ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb, 0x5a1d67b3, 0x52d2db92,
- 0x335610e9, 0x1347d66d, 0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb,
- 0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a, 0x59dfd29c, 0x3f73f255,
- 0x79ce1418, 0xbf37c773, 0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478,
- 0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2, 0x72c31d16, 0xc25e2bc,
- 0x8b493c28, 0x41950dff, 0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664,
- 0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0}
-
-type AES struct {
- mode int
- fkey [44]uint32
- rkey [44]uint32
- f [16]byte
-}
-
-/* Rotates 32-bit word left by 1, 2 or 3 byte */
-
-func aes_ROTL8(x uint32) uint32 {
- return (((x) << 8) | ((x) >> 24))
-}
-
-func aes_ROTL16(x uint32) uint32 {
- return (((x) << 16) | ((x) >> 16))
-}
-
-func aes_ROTL24(x uint32) uint32 {
- return (((x) << 24) | ((x) >> 8))
-}
-
-func aes_pack(b [4]byte) uint32 { /* pack bytes into a 32-bit Word */
- return ((uint32(b[3]) & 0xff) << 24) | ((uint32(b[2]) & 0xff) << 16) | ((uint32(b[1]) & 0xff) << 8) | (uint32(b[0]) & 0xff)
-}
-
-func aes_unpack(a uint32) [4]byte { /* unpack bytes from a word */
- var b = [4]byte{byte(a & 0xff), byte((a >> 8) & 0xff), byte((a >> 16) & 0xff), byte((a >> 24) & 0xff)}
- return b
-}
-
-func aes_bmul(x byte, y byte) byte { /* x.y= AntiLog(Log(x) + Log(y)) */
-
- ix := int(x) & 0xff
- iy := int(y) & 0xff
- lx := int(aes_ltab[ix]) & 0xff
- ly := int(aes_ltab[iy]) & 0xff
-
- if x != 0 && y != 0 {
- return aes_ptab[(lx+ly)%255]
- } else {
- return byte(0)
- }
-}
-
-func aes_SubByte(a uint32) uint32 {
- b := aes_unpack(a)
- b[0] = aes_fbsub[int(b[0])]
- b[1] = aes_fbsub[int(b[1])]
- b[2] = aes_fbsub[int(b[2])]
- b[3] = aes_fbsub[int(b[3])]
- return aes_pack(b)
-}
-
-func aes_product(x uint32, y uint32) byte { /* dot product of two 4-byte arrays */
- xb := aes_unpack(x)
- yb := aes_unpack(y)
-
- return (aes_bmul(xb[0], yb[0]) ^ aes_bmul(xb[1], yb[1]) ^ aes_bmul(xb[2], yb[2]) ^ aes_bmul(xb[3], yb[3]))
-}
-
-func aes_InvMixCol(x uint32) uint32 { /* matrix Multiplication */
- var b [4]byte
- m := aes_pack(aes_InCo)
- b[3] = aes_product(m, x)
- m = aes_ROTL24(m)
- b[2] = aes_product(m, x)
- m = aes_ROTL24(m)
- b[1] = aes_product(m, x)
- m = aes_ROTL24(m)
- b[0] = aes_product(m, x)
- var y = aes_pack(b)
- return y
-}
-
-/* reset cipher */
-func (A *AES) Reset(m int, iv []byte) { /* reset mode, or reset iv */
- A.mode = m
- for i := 0; i < 16; i++ {
- A.f[i] = 0
- }
- if (A.mode != aes_ECB) && (iv != nil) {
- for i := 0; i < 16; i++ {
- A.f[i] = iv[i]
- }
- }
-}
-
-func (A *AES) Init(m int, key []byte, iv []byte) { /* Key=16 bytes */
- /* Key Scheduler. Create expanded encryption key */
- var CipherKey [4]uint32
- var b [4]byte
- nk := 4
- A.Reset(m, iv)
- N := 44
-
- j := 0
- for i := 0; i < nk; i++ {
- for k := 0; k < 4; k++ {
- b[k] = key[j+k]
- }
- CipherKey[i] = aes_pack(b)
- j += 4
- }
- for i := 0; i < nk; i++ {
- A.fkey[i] = CipherKey[i]
- }
- j = nk
- for k := 0; j < N; k++ {
- A.fkey[j] = A.fkey[j-nk] ^ aes_SubByte(aes_ROTL24(A.fkey[j-1])) ^ uint32(aes_rco[k])
- for i := 1; i < nk && (i+j) < N; i++ {
- A.fkey[i+j] = A.fkey[i+j-nk] ^ A.fkey[i+j-1]
- }
- j += nk
- }
-
- /* now for the expanded decrypt key in reverse order */
-
- for j := 0; j < 4; j++ {
- A.rkey[j+N-4] = A.fkey[j]
- }
- for i := 4; i < N-4; i += 4 {
- k := N - 4 - i
- for j := 0; j < 4; j++ {
- A.rkey[k+j] = aes_InvMixCol(A.fkey[i+j])
- }
- }
- for j := N - 4; j < N; j++ {
- A.rkey[j-N+4] = A.fkey[j]
- }
-}
-
-func NewAES() *AES {
- var A = new(AES)
- return A
-}
-
-func (A *AES) Getreg() [16]byte {
- var ir [16]byte
- for i := 0; i < 16; i++ {
- ir[i] = A.f[i]
- }
- return ir
-}
-
-/* Encrypt a single block */
-func (A *AES) ecb_encrypt(buff []byte) {
- var b [4]byte
- var p [4]uint32
- var q [4]uint32
-
- j := 0
- for i := 0; i < 4; i++ {
- for k := 0; k < 4; k++ {
- b[k] = buff[j+k]
- }
- p[i] = aes_pack(b)
- p[i] ^= A.fkey[i]
- j += 4
- }
-
- k := 4
-
- /* State alternates between p and q */
- for i := 1; i < 10; i++ {
- q[0] = A.fkey[k] ^ aes_ftable[int(p[0]&0xff)] ^ aes_ROTL8(aes_ftable[int((p[1]>>8)&0xff)]) ^ aes_ROTL16(aes_ftable[int((p[2]>>16)&0xff)]) ^ aes_ROTL24(aes_ftable[int((p[3]>>24)&0xff)])
-
- q[1] = A.fkey[k+1] ^ aes_ftable[int(p[1]&0xff)] ^ aes_ROTL8(aes_ftable[int((p[2]>>8)&0xff)]) ^ aes_ROTL16(aes_ftable[int((p[3]>>16)&0xff)]) ^ aes_ROTL24(aes_ftable[int((p[0]>>24)&0xff)])
-
- q[2] = A.fkey[k+2] ^ aes_ftable[int(p[2]&0xff)] ^ aes_ROTL8(aes_ftable[int((p[3]>>8)&0xff)]) ^ aes_ROTL16(aes_ftable[int((p[0]>>16)&0xff)]) ^ aes_ROTL24(aes_ftable[int((p[1]>>24)&0xff)])
-
- q[3] = A.fkey[k+3] ^ aes_ftable[int(p[3]&0xff)] ^ aes_ROTL8(aes_ftable[int((p[0]>>8)&0xff)]) ^ aes_ROTL16(aes_ftable[int((p[1]>>16)&0xff)]) ^ aes_ROTL24(aes_ftable[int((p[2]>>24)&0xff)])
-
- k += 4
- for j = 0; j < 4; j++ {
- t := p[j]
- p[j] = q[j]
- q[j] = t
- }
- }
-
- /* Last Round */
-
- q[0] = A.fkey[k] ^ uint32(aes_fbsub[int(p[0]&0xff)]) ^ aes_ROTL8(uint32(aes_fbsub[int((p[1]>>8)&0xff)])) ^ aes_ROTL16(uint32(aes_fbsub[int((p[2]>>16)&0xff)])) ^ aes_ROTL24(uint32(aes_fbsub[int((p[3]>>24)&0xff)]))
-
- q[1] = A.fkey[k+1] ^ uint32(aes_fbsub[int(p[1]&0xff)]) ^ aes_ROTL8(uint32(aes_fbsub[int((p[2]>>8)&0xff)])) ^ aes_ROTL16(uint32(aes_fbsub[int((p[3]>>16)&0xff)])) ^ aes_ROTL24(uint32(aes_fbsub[int((p[0]>>24)&0xff)]))
-
- q[2] = A.fkey[k+2] ^ uint32(aes_fbsub[int(p[2]&0xff)]) ^ aes_ROTL8(uint32(aes_fbsub[int((p[3]>>8)&0xff)])) ^ aes_ROTL16(uint32(aes_fbsub[int((p[0]>>16)&0xff)])) ^ aes_ROTL24(uint32(aes_fbsub[int((p[1]>>24)&0xff)]))
-
- q[3] = A.fkey[k+3] ^ uint32(aes_fbsub[int(p[3]&0xff)]) ^ aes_ROTL8(uint32(aes_fbsub[int((p[0]>>8)&0xff)])) ^ aes_ROTL16(uint32(aes_fbsub[int((p[1]>>16)&0xff)])) ^ aes_ROTL24(uint32(aes_fbsub[int((p[2]>>24)&0xff)]))
-
- j = 0
- for i := 0; i < 4; i++ {
- b = aes_unpack(q[i])
- for k = 0; k < 4; k++ {
- buff[j+k] = b[k]
- }
- j += 4
- }
-}
-
-/* Decrypt a single block */
-func (A *AES) ecb_decrypt(buff []byte) {
- var b [4]byte
- var p [4]uint32
- var q [4]uint32
-
- j := 0
- for i := 0; i < 4; i++ {
- for k := 0; k < 4; k++ {
- b[k] = buff[j+k]
- }
- p[i] = aes_pack(b)
- p[i] ^= A.rkey[i]
- j += 4
- }
-
- k := 4
-
- /* State alternates between p and q */
- for i := 1; i < 10; i++ {
-
- q[0] = A.rkey[k] ^ aes_rtable[int(p[0]&0xff)] ^ aes_ROTL8(aes_rtable[int((p[3]>>8)&0xff)]) ^ aes_ROTL16(aes_rtable[int((p[2]>>16)&0xff)]) ^ aes_ROTL24(aes_rtable[int((p[1]>>24)&0xff)])
-
- q[1] = A.rkey[k+1] ^ aes_rtable[int(p[1]&0xff)] ^ aes_ROTL8(aes_rtable[int((p[0]>>8)&0xff)]) ^ aes_ROTL16(aes_rtable[int((p[3]>>16)&0xff)]) ^ aes_ROTL24(aes_rtable[int((p[2]>>24)&0xff)])
-
- q[2] = A.rkey[k+2] ^ aes_rtable[int(p[2]&0xff)] ^ aes_ROTL8(aes_rtable[int((p[1]>>8)&0xff)]) ^ aes_ROTL16(aes_rtable[int((p[0]>>16)&0xff)]) ^ aes_ROTL24(aes_rtable[int((p[3]>>24)&0xff)])
-
- q[3] = A.rkey[k+3] ^ aes_rtable[int(p[3]&0xff)] ^ aes_ROTL8(aes_rtable[int((p[2]>>8)&0xff)]) ^ aes_ROTL16(aes_rtable[int((p[1]>>16)&0xff)]) ^ aes_ROTL24(aes_rtable[int((p[0]>>24)&0xff)])
-
- k += 4
- for j := 0; j < 4; j++ {
- t := p[j]
- p[j] = q[j]
- q[j] = t
- }
- }
-
- /* Last Round */
-
- q[0] = A.rkey[k] ^ uint32(aes_rbsub[int(p[0]&0xff)]) ^ aes_ROTL8(uint32(aes_rbsub[int((p[3]>>8)&0xff)])) ^ aes_ROTL16(uint32(aes_rbsub[int((p[2]>>16)&0xff)])) ^ aes_ROTL24(uint32(aes_rbsub[int((p[1]>>24)&0xff)]))
-
- q[1] = A.rkey[k+1] ^ uint32(aes_rbsub[int(p[1]&0xff)]) ^ aes_ROTL8(uint32(aes_rbsub[int((p[0]>>8)&0xff)])) ^ aes_ROTL16(uint32(aes_rbsub[int((p[3]>>16)&0xff)])) ^ aes_ROTL24(uint32(aes_rbsub[int((p[2]>>24)&0xff)]))
-
- q[2] = A.rkey[k+2] ^ uint32(aes_rbsub[int(p[2]&0xff)]) ^ aes_ROTL8(uint32(aes_rbsub[int((p[1]>>8)&0xff)])) ^ aes_ROTL16(uint32(aes_rbsub[int((p[0]>>16)&0xff)])) ^ aes_ROTL24(uint32(aes_rbsub[int((p[3]>>24)&0xff)]))
-
- q[3] = A.rkey[k+3] ^ uint32(aes_rbsub[int((p[3])&0xff)]) ^ aes_ROTL8(uint32(aes_rbsub[int((p[2]>>8)&0xff)])) ^ aes_ROTL16(uint32(aes_rbsub[int((p[1]>>16)&0xff)])) ^ aes_ROTL24(uint32(aes_rbsub[int((p[0]>>24)&0xff)]))
-
- j = 0
- for i := 0; i < 4; i++ {
- b = aes_unpack(q[i])
- for k := 0; k < 4; k++ {
- buff[j+k] = b[k]
- }
- j += 4
- }
-}
-
-/* Encrypt using selected mode of operation */
-func (A *AES) Encrypt(buff []byte) uint32 {
- var st [16]byte
-
- // Supported Modes of Operation
-
- var fell_off uint32 = 0
- switch A.mode {
- case aes_ECB:
- A.ecb_encrypt(buff)
- return 0
- case aes_CBC:
- for j := 0; j < 16; j++ {
- buff[j] ^= A.f[j]
- }
- A.ecb_encrypt(buff)
- for j := 0; j < 16; j++ {
- A.f[j] = buff[j]
- }
- return 0
-
- case aes_CFB1:
- fallthrough
- case aes_CFB2:
- fallthrough
- case aes_CFB4:
- bytes := A.mode - aes_CFB1 + 1
- for j := 0; j < bytes; j++ {
- fell_off = (fell_off << 8) | uint32(A.f[j])
- }
- for j := 0; j < 16; j++ {
- st[j] = A.f[j]
- }
- for j := bytes; j < 16; j++ {
- A.f[j-bytes] = A.f[j]
- }
- A.ecb_encrypt(st[:])
- for j := 0; j < bytes; j++ {
- buff[j] ^= st[j]
- A.f[16-bytes+j] = buff[j]
- }
- return fell_off
-
- case aes_OFB1:
- fallthrough
- case aes_OFB2:
- fallthrough
- case aes_OFB4:
- fallthrough
- case aes_OFB8:
- fallthrough
- case aes_OFB16:
-
- bytes := A.mode - aes_OFB1 + 1
- A.ecb_encrypt(A.f[:])
- for j := 0; j < bytes; j++ {
- buff[j] ^= A.f[j]
- }
- return 0
-
- default:
- return 0
- }
-}
-
-/* Decrypt using selected mode of operation */
-func (A *AES) Decrypt(buff []byte) uint32 {
-
- var st [16]byte
-
- // Supported Modes of Operation
-
- var fell_off uint32 = 0
- switch A.mode {
- case aes_ECB:
- A.ecb_decrypt(buff)
- return 0
- case aes_CBC:
- for j := 0; j < 16; j++ {
- st[j] = A.f[j]
- A.f[j] = buff[j]
- }
- A.ecb_decrypt(buff)
- for j := 0; j < 16; j++ {
- buff[j] ^= st[j]
- st[j] = 0
- }
- return 0
- case aes_CFB1:
- fallthrough
- case aes_CFB2:
- fallthrough
- case aes_CFB4:
- bytes := A.mode - aes_CFB1 + 1
- for j := 0; j < bytes; j++ {
- fell_off = (fell_off << 8) | uint32(A.f[j])
- }
- for j := 0; j < 16; j++ {
- st[j] = A.f[j]
- }
- for j := bytes; j < 16; j++ {
- A.f[j-bytes] = A.f[j]
- }
- A.ecb_encrypt(st[:])
- for j := 0; j < bytes; j++ {
- A.f[16-bytes+j] = buff[j]
- buff[j] ^= st[j]
- }
- return fell_off
- case aes_OFB1:
- fallthrough
- case aes_OFB2:
- fallthrough
- case aes_OFB4:
- fallthrough
- case aes_OFB8:
- fallthrough
- case aes_OFB16:
- bytes := A.mode - aes_OFB1 + 1
- A.ecb_encrypt(A.f[:])
- for j := 0; j < bytes; j++ {
- buff[j] ^= A.f[j]
- }
- return 0
-
- default:
- return 0
- }
-}
-
-/* Clean up and delete left-overs */
-func (A *AES) End() { // clean up
- for i := 0; i < 44; i++ {
- A.fkey[i] = 0
- A.rkey[i] = 0
- }
- for i := 0; i < 16; i++ {
- A.f[i] = 0
- }
-}
-
-/*
-func main() {
- var key [16]byte
- var block [16]byte
- var iv [16]byte
-
- for i:=0;i<16;i++ {key[i]=0}
- key[0]=1
- for i:=0;i<16;i++ {iv[i]=byte(i)}
- for i:=0;i<16;i++ {block[i]=byte(i)}
-
- a:=NewAES()
-
- a.Init(aes_CBC,key[:],iv[:])
- fmt.Printf("Plain= \n")
- for i:=0;i<16;i++ {fmt.Printf("%02X ", block[i]&0xff)}
- fmt.Printf("\n")
-
- a.Encrypt(block[:])
-
- fmt.Printf("Encrypt= \n")
- for i:=0;i<16;i++ {fmt.Printf("%02X ", block[i]&0xff)}
- fmt.Printf("\n")
-
- a.Reset(aes_CBC,iv[:])
- a.Decrypt(block[:])
-
- fmt.Printf("Decrypt= \n")
- for i:=0;i<16;i++ {fmt.Printf("%02X ", block[i]&0xff)}
- fmt.Printf("\n")
-
- a.End();
-}
-*/