def fromBytes(self,W) : FS=curve.EFS xa=big.from_bytes(W[0:FS]) xb=big.from_bytes(W[FS:2*FS]) ya=big.from_bytes(W[2*FS:3*FS]) yb=big.from_bytes(W[3*FS:4*FS]) x=Fp2(Fp(xa),Fp(xb)) y=Fp2(Fp(ya),Fp(yb)) return self.set(x,y)
def fromBytes(self, W): FS = curve.EFS typ = W[0] xa = big.from_bytes(W[1:FS + 1]) xb = big.from_bytes(W[FS + 1:2 * FS + 1]) x = Fp2(Fp(xa), Fp(xb)) if typ == 0x04: ya = big.from_bytes(W[2 * FS + 1:3 * FS + 1]) yb = big.from_bytes(W[3 * FS + 1:4 * FS + 1]) y = Fp2(Fp(ya), Fp(yb)) return self.set(x, y) else: return self.setx(x, typ & 1)
def client_2(X, Y, ID, PIN, TK): P = H(ID) S = ECp() if not S.fromBytes(TK): return bytearray(0) x = big.from_bytes(X) y = big.from_bytes(Y) x = (x + y) % curve.r x = curve.r - x S.add(PIN * P) S = x * S return S.toBytes(False)
def server(ID, Y, SS, U, V): P = H(ID) y = big.from_bytes(Y) Q = ecp2.generator() P = y * P sQ = ECp2() if not sQ.fromBytes(SS): return (False, Fp12(), Fp12()) TU = ECp() if not TU.fromBytes(U): return (False, bytearray(0), bytearray(0)) TV = ECp() if not TV.fromBytes(V): return (False, bytearray(0), bytearray(0)) TU.add(P) # TU.affine() r = pair.double_ate(Q, TV, sQ, TU) r = pair.fexp(r) if r.isone(): return (True, bytearray(0), bytearray(0)) # failed - diagnose it E = r.toBytes() r = pair.e(Q, TU) F = r.toBytes() return (False, E, F)
def fromBytes(self, W): t = W[0] # ord(W[0]) sp1 = curve.EFS + 1 # splits sp2 = sp1 + curve.EFS x = big.from_bytes(W[1:sp1]) if curve.CurveType == MONTGOMERY: return self.set(x) if t == 4: y = big.from_bytes(W[sp1:sp2]) return self.setxy(x, y) else: if t == 2: return self.set(x, 0) if t == 3: return self.set(x, 1) self.inf() return False
def fromBytes(self, W): t = W[0] #ord(W[0]) sp1 = curve.EFS + 1 # splits sp2 = sp1 + curve.EFS x = big.from_bytes(W[1:sp1]) if curve.CurveType == MONTGOMERY: return self.set(x) if t == 4: y = big.from_bytes(W[sp1:sp2]) return self.setxy(x, y) else: if t == 2: return self.set(x, 0) if t == 3: return self.set(x, 1) self.inf() return False
def BLS_H(m): h = hashlib.shake_256() h.update(bytes(m, 'utf-8')) hm = big.from_bytes(h.digest(curve.EFS)) HM = ECp() while not HM.set(hm): hm = hm + 1 return HM
def BLS_H(m): h = hashlib.shake_256() h.update(bytes(m, 'utf-8')) hm=big.from_bytes(h.digest(curve.EFS)) HM=ECp() while not HM.set(hm): hm = hm + 1 return HM
def client_1(ID, X): P = H(ID) if X: w = big.from_bytes(X) else: w = big.rand(curve.r) X = big.to_bytes(w) P = w * P return (X, P.toBytes(False))
def ECP_SpDSA(S, F): FS = curve.EFS G = generator() m = hashlib.new(curve.SHA) m.update(F) H = m.digest() HS = m.digest_size if HS >= FS: B = H[0:FS] else: B = bytearray(FS) for i in range(0, HS): B[i + FS - HS] = H[i] C = bytearray(FS) D = bytearray(FS) r = curve.r s = big.from_bytes(S) f = big.from_bytes(B) c = 0 d = 0 while d == 0: u = big.rand(curve.r) w = big.rand(curve.r) # masking V = G.copy() V = u * V vx = V.getx() c = vx % r if c == 0: continue u = big.modmul(u, w, r) u = big.invmodp(u, r) d = big.modmul(s, c, r) d += f d = big.modmul(d, w, r) d = big.modmul(d, u, r) C = big.to_bytes(c) D = big.to_bytes(d) return C, D
def H(mpin_id): p = curve.p h = hashlib.new(curve.SHA) h.update(bytes(mpin_id, 'utf-8')) x = big.from_bytes(h.digest()) x %= p P = ECp() while not P.set(x): x = x + 1 P = curve.CurveCof * P return P
def ECP_KeyPairGenerate(S): G = generator() if S is None: s = big.rand(curve.r) else: s = big.from_bytes(S) % curve.r Y = s * G SK = big.to_bytes(s) PK = Y.toBytes(False) return (SK, PK)
def ECP_SvDSA(P, F, C, D): FS = curve.EFS G = generator() m = hashlib.new(curve.SHA) m.update(F) H = m.digest() HS = m.digest_size if HS >= FS: B = H[0:FS] else: B = bytearray(FS) for i in range(0, HS): B[i + FS - HS] = H[i] c = big.from_bytes(C) d = big.from_bytes(D) f = big.from_bytes(B) r = curve.r if c == 0 or c >= r or d == 0 or d >= r: return False d = big.invmodp(d, r) f = big.modmul(f, d, r) h2 = big.modmul(c, d, r) WP = ECp() if not WP.fromBytes(P): return False P = ECp.mul(WP, h2, G, f) if P.isinf(): return False d = P.getx() % r if c != d: return False return True
def ECP_SvdpDH(S, W): s = big.from_bytes(S) WP = ECp() if not WP.fromBytes(W): return ECDH_ERROR r = curve.r s %= r WP = s * WP if WP.isinf(): return ECDH_ERROR x = WP.getx() K = big.to_bytes(x) return K
def H(mpin_id): r = curve.r p = curve.p h = hashlib.new(curve.SHA) h.update(bytes(mpin_id, 'utf-8')) x = big.from_bytes(h.digest()) x %= p P = ECp() while not P.set(x): x = x + 1 # work out co-factor nb = p.bit_length() cf = 1 cf = cf << (nb + 4) // 2 cf += p cf //= r if cf != 1: P = cf * P return P
def get_server_secret(Z): Q = ecp2.generator() s = big.from_bytes(Z) Q = s * Q return Q.toBytes()
def sign(m,SK): HM=BLS_H(m) s=big.from_bytes(SK) D=s*HM return D.toBytes(True)
def fromBytes(self, E): FS = curve.EFS a = Fp4(Fp2(Fp(big.from_bytes(E[0:FS])), Fp(big.from_bytes(E[FS:2 * FS]))), Fp2(Fp(big.from_bytes(E[2 * FS:3 * FS])), Fp(big.from_bytes(E[3 * FS:4 * FS])))) b = Fp4(Fp2(Fp(big.from_bytes(E[4 * FS:5 * FS])), Fp(big.from_bytes(E[5 * FS:6 * FS]))), Fp2(Fp(big.from_bytes(E[6 * FS:7 * FS])), Fp(big.from_bytes(E[7 * FS:8 * FS])))) c = Fp4(Fp2(Fp(big.from_bytes(E[8 * FS:9 * FS])), Fp(big.from_bytes(E[9 * FS:10 * FS]))), Fp2(Fp(big.from_bytes(E[10 * FS:11 * FS])), Fp(big.from_bytes(E[11 * FS:12 * FS])))) self.set(a, b, c)
def sign(m, SK): HM = BLS_H(m) s = big.from_bytes(SK) D = s * HM return D.toBytes(True)
def get_client_secret(Z, ID): P = H(ID) s = big.from_bytes(Z) P = s * P return P.toBytes(False)
def get_server_secret(Z): Q = ecp2.generator() s = big.from_bytes(Z) Q = s * Q return Q.toBytes(False)