# Generate server secret shares
time_func('rtn, ss1 = mpin.get_server_secret(ms1)', nIter)
rtn, ss1 = mpin.get_server_secret(ms1)
if rtn != 0:
print "get_server_secret(ms1) Error %s" % rtn
rtn, ss2 = mpin.get_server_secret(ms2)
if rtn != 0:
print "get_server_secret(ms2) Error %s" % rtn
if DEBUG:
print "ss1: %s" % ss1.encode("hex")
print "ss2: %s" % ss2.encode("hex")
# Combine server secret shares
time_func('rtn, server_secret = mpin.recombine_G2(ss1, ss2)', nIter)
rtn, server_secret = mpin.recombine_G2(ss1, ss2)
if rtn != 0:
print "recombine_G2(ss1, ss2) Error %s" % rtn
if DEBUG:
print "server_secret: %s" % mpin.server_secret.encode("hex")
# Generate client secret shares
time_func('rtn, cs1 = mpin.get_client_secret(ms1, hash_mpin_id)', nIter)
rtn, cs1 = mpin.get_client_secret(ms1, hash_mpin_id)
if rtn != 0:
print "get_client_secret(ms1, hash_mpin_id) Error %s" % rtn
rtn, cs2 = mpin.get_client_secret(ms2, hash_mpin_id)
if rtn != 0:
print "get_client_secret(ms2, hash_mpin_id) Error %s" % rtn
if DEBUG:
print "cs1: %s" % cs1.encode("hex")
def test_1(self):
"""test_1 Test Vector test"""
vectors = json.load(open("./MPINTestVectors.json", "r"))
for vector in vectors:
print "Test vector {}".format(vector['test_no'])
PIN1 = vector['PIN1']
PIN2 = vector['PIN2']
date = vector['DATE']
MS1_HEX = vector['MS1']
MS2_HEX = vector['MS2']
ms1 = MS1_HEX.decode("hex")
ms2 = MS2_HEX.decode("hex")
# Generate server secret shares
rtn, ss1 = mpin.get_server_secret(ms1)
self.assertEqual(rtn, 0)
self.assertEqual(vector['SS1'], ss1.encode("hex"))
rtn, ss2 = mpin.get_server_secret(ms2)
self.assertEqual(rtn, 0)
self.assertEqual(vector['SS2'], ss2.encode("hex"))
# Combine server secret shares
rtn, server_secret = mpin.recombine_G2(ss1, ss2)
self.assertEqual(rtn, 0)
self.assertEqual(vector['SERVER_SECRET'],
server_secret.encode("hex"))
mpin_id = vector['MPIN_ID_HEX'].decode("hex")
# Hash value of MPIN_ID
hash_mpin_id = mpin.hash_id(HASH_TYPE_MPIN, mpin_id)
self.assertEqual(vector['HASH_MPIN_ID_HEX'],
hash_mpin_id.encode("hex"))
# Generate client secret shares
rtn, cs1 = mpin.get_client_secret(ms1, hash_mpin_id)
self.assertEqual(rtn, 0)
self.assertEqual(vector['CS1'], cs1.encode("hex"))
rtn, cs2 = mpin.get_client_secret(ms2, hash_mpin_id)
self.assertEqual(rtn, 0)
self.assertEqual(vector['CS2'], cs2.encode("hex"))
# Combine client secret shares : TOKEN is the full client secret
rtn, client_secret = mpin.recombine_G1(cs1, cs2)
self.assertEqual(rtn, 0)
self.assertEqual(vector['CLIENT_SECRET'],
client_secret.encode("hex"))
# Generate Time Permit shares
rtn, tp1 = mpin.get_client_permit(HASH_TYPE_MPIN, date, ms1,
hash_mpin_id)
self.assertEqual(rtn, 0)
self.assertEqual(vector['TP1'], tp1.encode("hex"))
rtn, tp2 = mpin.get_client_permit(HASH_TYPE_MPIN, date, ms2,
hash_mpin_id)
self.assertEqual(rtn, 0)
self.assertEqual(vector['TP2'], tp2.encode("hex"))
# Combine Time Permit shares
rtn, time_permit = mpin.recombine_G1(tp1, tp2)
self.assertEqual(rtn, 0)
self.assertEqual(vector['TIME_PERMIT'], time_permit.encode("hex"))
# Client extracts PIN from secret to create Token
rtn, token = mpin.extract_pin(HASH_TYPE_MPIN, mpin_id, PIN1,
client_secret)
self.assertEqual(rtn, 0)
self.assertEqual(vector['TOKEN'], token.encode("hex"))
x = vector['X'].decode("hex")
# Client first pass. Use X value from test vectors
rtn, x, u, ut, sec = mpin.client_1(HASH_TYPE_MPIN, date, mpin_id,
None, x, PIN2, token,
time_permit)
self.assertEqual(rtn, 0)
self.assertEqual(vector['X'], x.encode("hex"))
self.assertEqual(vector['U'], u.encode("hex"))
self.assertEqual(vector['UT'], ut.encode("hex"))
self.assertEqual(vector['SEC'], sec.encode("hex"))
# Server calculates H(ID) and H(T|H(ID))
HID, HTID = mpin.server_1(HASH_TYPE_MPIN, date, mpin_id)
# Use Y value from test vectors
y = vector['Y'].decode("hex")
# Client second pass
rtn, v = mpin.client_2(x, y, sec)
self.assertEqual(rtn, 0)
self.assertEqual(vector['V'], v.encode("hex"))
# Server second pass
rtn, E, F = mpin.server_2(date, HID, HTID, y, server_secret, u, ut,
v)
self.assertEqual(rtn, vector['SERVER_OUTPUT'])
def test_1(self):
"""test_1 Good PIN and good token"""
PIN1 = 1234
PIN2 = 1234
# random number generator
rng = mpin.create_csprng(self.seed)
# Generate Client master secret share for MIRACL and Customer
rtn, ms1 = mpin.random_generate(rng)
self.assertEqual(rtn, 0)
rtn, ms2 = mpin.random_generate(rng)
self.assertEqual(rtn, 0)
# Generate server secret shares
rtn, ss1 = mpin.get_server_secret(ms1)
self.assertEqual(rtn, 0)
rtn, ss2 = mpin.get_server_secret(ms2)
self.assertEqual(rtn, 0)
# Combine server secret shares
rtn, server_secret = mpin.recombine_G2(ss1, ss2)
self.assertEqual(rtn, 0)
# Generate client secret shares
rtn, cs1 = mpin.get_client_secret(ms1, self.hash_mpin_id)
self.assertEqual(rtn, 0)
rtn, cs2 = mpin.get_client_secret(ms2, self.hash_mpin_id)
self.assertEqual(rtn, 0)
# Combine client secret shares
rtn, client_secret = mpin.recombine_G1(cs1, cs2)
self.assertEqual(rtn, 0)
# Generate Time Permit shares
rtn, tp1 = mpin.get_client_permit(HASH_TYPE_MPIN, self.date, ms1,
self.hash_mpin_id)
self.assertEqual(rtn, 0)
rtn, tp2 = mpin.get_client_permit(HASH_TYPE_MPIN, self.date, ms2,
self.hash_mpin_id)
self.assertEqual(rtn, 0)
# Combine Time Permit shares
rtn, time_permit = mpin.recombine_G1(tp1, tp2)
self.assertEqual(rtn, 0)
# Client extracts PIN from secret to create Token
rtn, token = mpin.extract_pin(HASH_TYPE_MPIN, self.mpin_id, PIN1,
client_secret)
self.assertEqual(rtn, 0)
# Client first pass
rtn, x, u, ut, sec = mpin.client_1(HASH_TYPE_MPIN, self.date,
self.mpin_id, rng, None, PIN2,
token, time_permit)
self.assertEqual(rtn, 0)
# Server calculates H(ID) and H(T|H(ID))
HID, HTID = mpin.server_1(HASH_TYPE_MPIN, self.date, self.hash_mpin_id)
# Server generates Random number Y and sends it to Client
rtn, y = mpin.random_generate(rng)
self.assertEqual(rtn, 0)
# Client second pass
rtn, v = mpin.client_2(x, y, sec)
self.assertEqual(rtn, 0)
# Server second pass
rtn, E, F = mpin.server_2(self.date, HID, HTID, y, server_secret, u,
ut, v)
self.assertEqual(rtn, 0)