Beispiel #1
0
        print "tp1: %s" % tp1.encode("hex")
        print "tp2: %s" % tp2.encode("hex")

    # Combine Time Permit shares
    rtn, time_permit = mpin.recombine_G1(tp1, tp2)
    if rtn != 0:
        print "recombine_G1(tp1, tp2) Error %s" % rtn
    if DEBUG:
        print "time_permit: %s" % time_permit.encode("hex")

    # Client extracts PIN from secret to create Token
    PIN = 1234
    time_func(
        'rtn, token = mpin.extract_pin(HASH_TYPE_MPIN, mpin_id, PIN, client_secret)',
        nIter)
    rtn, token = mpin.extract_pin(HASH_TYPE_MPIN, mpin_id, PIN, client_secret)
    if rtn != 0:
        print "extract_pin(HASH_TYPE_MPIN, mpin_id, PIN, token) Error %s" % rtn
    print "Token: %s" % token.encode("hex")

    if ONE_PASS:
        print "M-Pin One Pass"
        PIN = 1234
        time_func('epoch_time = mpin.get_time()', nIter)
        epoch_time = mpin.get_time()
        if DEBUG:
            print "epoch_time %s" % epoch_time

        # Client precomputation
        if MPIN_FULL:
            time_func('rtn, pc1, pc2 = mpin.precompute(token, hash_mpin_id)',
Beispiel #2
0
    def test_1(self):
        """test_1 Test Vector test"""
        vectors = json.load(open("./MPINTestVectors.json", "r"))
        for vector in vectors:
            print "Test vector {}".format(vector['test_no'])

            PIN1 = vector['PIN1']
            PIN2 = vector['PIN2']
            date = vector['DATE']

            MS1_HEX = vector['MS1']
            MS2_HEX = vector['MS2']

            ms1 = MS1_HEX.decode("hex")
            ms2 = MS2_HEX.decode("hex")

            # Generate server secret shares
            rtn, ss1 = mpin.get_server_secret(ms1)
            self.assertEqual(rtn, 0)
            self.assertEqual(vector['SS1'], ss1.encode("hex"))
            rtn, ss2 = mpin.get_server_secret(ms2)
            self.assertEqual(rtn, 0)
            self.assertEqual(vector['SS2'], ss2.encode("hex"))

            # Combine server secret shares
            rtn, server_secret = mpin.recombine_G2(ss1, ss2)
            self.assertEqual(rtn, 0)
            self.assertEqual(vector['SERVER_SECRET'],
                             server_secret.encode("hex"))

            mpin_id = vector['MPIN_ID_HEX'].decode("hex")

            # Hash value of MPIN_ID
            hash_mpin_id = mpin.hash_id(HASH_TYPE_MPIN, mpin_id)
            self.assertEqual(vector['HASH_MPIN_ID_HEX'],
                             hash_mpin_id.encode("hex"))

            # Generate client secret shares
            rtn, cs1 = mpin.get_client_secret(ms1, hash_mpin_id)
            self.assertEqual(rtn, 0)
            self.assertEqual(vector['CS1'], cs1.encode("hex"))
            rtn, cs2 = mpin.get_client_secret(ms2, hash_mpin_id)
            self.assertEqual(rtn, 0)
            self.assertEqual(vector['CS2'], cs2.encode("hex"))

            # Combine client secret shares : TOKEN is the full client secret
            rtn, client_secret = mpin.recombine_G1(cs1, cs2)
            self.assertEqual(rtn, 0)
            self.assertEqual(vector['CLIENT_SECRET'],
                             client_secret.encode("hex"))

            # Generate Time Permit shares
            rtn, tp1 = mpin.get_client_permit(HASH_TYPE_MPIN, date, ms1,
                                              hash_mpin_id)
            self.assertEqual(rtn, 0)
            self.assertEqual(vector['TP1'], tp1.encode("hex"))
            rtn, tp2 = mpin.get_client_permit(HASH_TYPE_MPIN, date, ms2,
                                              hash_mpin_id)
            self.assertEqual(rtn, 0)
            self.assertEqual(vector['TP2'], tp2.encode("hex"))

            # Combine Time Permit shares
            rtn, time_permit = mpin.recombine_G1(tp1, tp2)
            self.assertEqual(rtn, 0)
            self.assertEqual(vector['TIME_PERMIT'], time_permit.encode("hex"))

            # Client extracts PIN from secret to create Token
            rtn, token = mpin.extract_pin(HASH_TYPE_MPIN, mpin_id, PIN1,
                                          client_secret)
            self.assertEqual(rtn, 0)
            self.assertEqual(vector['TOKEN'], token.encode("hex"))

            x = vector['X'].decode("hex")

            # Client first pass. Use X value from test vectors
            rtn, x, u, ut, sec = mpin.client_1(HASH_TYPE_MPIN, date, mpin_id,
                                               None, x, PIN2, token,
                                               time_permit)
            self.assertEqual(rtn, 0)
            self.assertEqual(vector['X'], x.encode("hex"))
            self.assertEqual(vector['U'], u.encode("hex"))
            self.assertEqual(vector['UT'], ut.encode("hex"))
            self.assertEqual(vector['SEC'], sec.encode("hex"))

            # Server calculates H(ID) and H(T|H(ID))
            HID, HTID = mpin.server_1(HASH_TYPE_MPIN, date, mpin_id)

            # Use Y value from test vectors
            y = vector['Y'].decode("hex")

            # Client second pass
            rtn, v = mpin.client_2(x, y, sec)
            self.assertEqual(rtn, 0)
            self.assertEqual(vector['V'], v.encode("hex"))

            # Server second pass
            rtn, E, F = mpin.server_2(date, HID, HTID, y, server_secret, u, ut,
                                      v)
            self.assertEqual(rtn, vector['SERVER_OUTPUT'])
Beispiel #3
0
    def test_1(self):
        """test_1 Good PIN and good token"""
        PIN1 = 1234
        PIN2 = 1234

        # random number generator
        rng = mpin.create_csprng(self.seed)

        # Generate Client master secret share for MIRACL and Customer
        rtn, ms1 = mpin.random_generate(rng)
        self.assertEqual(rtn, 0)
        rtn, ms2 = mpin.random_generate(rng)
        self.assertEqual(rtn, 0)

        # Generate server secret shares
        rtn, ss1 = mpin.get_server_secret(ms1)
        self.assertEqual(rtn, 0)
        rtn, ss2 = mpin.get_server_secret(ms2)
        self.assertEqual(rtn, 0)

        # Combine server secret shares
        rtn, server_secret = mpin.recombine_G2(ss1, ss2)
        self.assertEqual(rtn, 0)

        # Generate client secret shares
        rtn, cs1 = mpin.get_client_secret(ms1, self.hash_mpin_id)
        self.assertEqual(rtn, 0)
        rtn, cs2 = mpin.get_client_secret(ms2, self.hash_mpin_id)
        self.assertEqual(rtn, 0)

        # Combine client secret shares
        rtn, client_secret = mpin.recombine_G1(cs1, cs2)
        self.assertEqual(rtn, 0)

        # Generate Time Permit shares
        rtn, tp1 = mpin.get_client_permit(HASH_TYPE_MPIN, self.date, ms1,
                                          self.hash_mpin_id)
        self.assertEqual(rtn, 0)
        rtn, tp2 = mpin.get_client_permit(HASH_TYPE_MPIN, self.date, ms2,
                                          self.hash_mpin_id)
        self.assertEqual(rtn, 0)

        # Combine Time Permit shares
        rtn, time_permit = mpin.recombine_G1(tp1, tp2)
        self.assertEqual(rtn, 0)

        # Client extracts PIN from secret to create Token
        rtn, token = mpin.extract_pin(HASH_TYPE_MPIN, self.mpin_id, PIN1,
                                      client_secret)
        self.assertEqual(rtn, 0)

        # Client first pass
        rtn, x, u, ut, sec = mpin.client_1(HASH_TYPE_MPIN, self.date,
                                           self.mpin_id, rng, None, PIN2,
                                           token, time_permit)
        self.assertEqual(rtn, 0)

        # Server calculates H(ID) and H(T|H(ID))
        HID, HTID = mpin.server_1(HASH_TYPE_MPIN, self.date, self.hash_mpin_id)

        # Server generates Random number Y and sends it to Client
        rtn, y = mpin.random_generate(rng)
        self.assertEqual(rtn, 0)

        # Client second pass
        rtn, v = mpin.client_2(x, y, sec)
        self.assertEqual(rtn, 0)

        # Server second pass
        rtn, E, F = mpin.server_2(self.date, HID, HTID, y, server_secret, u,
                                  ut, v)
        self.assertEqual(rtn, 0)