def verify(self,salt, alpha, k, e, len, info:golberg_output) -> bool:
if info != NULL and info.firstTuple != NULL and info.firstTuple.getComponentByName('modulus') >= 2 ** (len-1):
if millerRabin(e):
#Set m1, m2
m1= int(abs( k/ (log2(alpha)) ))
m2= int(abs( k / ( log2( (1/alpha) + (1/e) * (1 - (1 / alpha)) ) ) ))
if info.secondTuple!= NULL and info.secondTuple.count == m2:
#Primes vector that included all primes numbers <= alpha-1
primes_vector = sieve_of_eratosthenes(alpha-1)
if math.gcd(primorial(primes_vector),
info.firstTuple.getComponentByName('modulus')) == 1 :
weird_key = AsnPubKey()
weird_key.setComponentByName('modulus', info.firstTuple.getComponentByName('modulus'))
weird_key.setComponentByName('publicExponent', e * info.firstTuple.getComponentByName('modulus'))
for i in range(0,m2):
pi=self.getRho(info.firstTuple, salt, i+1,len,m2)
if i<=m1 and pi!=self.RSAVP1(weird_key, info.secondTuple[i]):
#ρi = RSAVP1((N, eN), σi)
return False
elif pi!=self.RSAVP1(info.firstTuple, info.secondTuple[i]):
#ρi = RSAVP1(PK , σi)
return False
return True
return False
def golberg(self, p:int, q:int) -> golberg_output:
#Step 1
m1= int(abs( self.k / (log2(self.alpha)) ))
m2= int(abs( -self.k / ( log2( (1/self.alpha) + (1/self.e) * (1 - (1 / self.alpha)) ) ) ))
#Step 2
N = p*q
#Step 3: get rsa key
d_np = gmpy2.invert(self.e*N, p-1) #N^-1 mod p-1
d_nq = gmpy2.invert(self.e*N, q-1) #N^-1 mod q-1
#qInv = (inverse of q) mod p
q_inv = gmpy2.invert(q, p)
k = golberg_key(p,q, d_np, d_nq, q_inv)
k_prima = golberg_key(p,q, d_np, d_nq, q_inv)
#Step 5
i=1
result=golberg_output()
asnKRSA= AsnPubKey()
asnKRSA.setComponentByName('modulus', N)
asnKRSA.setComponentByName('publicExponent', self.e)
for i in range(1,m2+1):
p_i = self.getRho(asnKRSA, self.salt, i, self.len, m2)
if p_i not in range(0, N-1):
raise ValueError("Golberg: Message representative out of range")
if i <= m1:
result.secondTuple.append(self.RSASP1(k_prima, p_i))
continue
result.secondTuple.append(self.RSASP1(k, p_i))
return result
def to_pem(self, pem_format='PKCS8'):
if isinstance(self._prepared_key, pyrsa.PrivateKey):
der = self._prepared_key.save_pkcs1(format='DER')
if pem_format == 'PKCS8':
pem = pyrsa_pem.save_pem(PKCS8_RSA_HEADER + der, pem_marker='PRIVATE KEY')
elif pem_format == 'PKCS1':
pem = pyrsa_pem.save_pem(der, pem_marker='RSA PRIVATE KEY')
else:
raise ValueError("Invalid pem format specified: %r" % (pem_format,))
else:
if pem_format == 'PKCS8':
asn_key = AsnPubKey()
asn_key.setComponentByName('modulus', self._prepared_key.n)
asn_key.setComponentByName('publicExponent', self._prepared_key.e)
der = encoder.encode(asn_key)
header = PubKeyHeader()
header['oid'] = univ.ObjectIdentifier('1.2.840.113549.1.1.1')
pub_key = OpenSSLPubKey()
pub_key['header'] = header
pub_key['key'] = univ.BitString.fromOctetString(der)
der = encoder.encode(pub_key)
pem = pyrsa_pem.save_pem(der, pem_marker='PUBLIC KEY')
elif pem_format == 'PKCS1':
der = self._prepared_key.save_pkcs1(format='DER')
pem = pyrsa_pem.save_pem(der, pem_marker='RSA PUBLIC KEY')
else:
raise ValueError("Invalid pem format specified: %r" % (pem_format,))
return pem
def to_pem(self, pem_format='PKCS8'):
if isinstance(self._prepared_key, pyrsa.PrivateKey):
der = self._prepared_key.save_pkcs1(format='DER')
if pem_format == 'PKCS8':
pem = pyrsa_pem.save_pem(PKCS8_RSA_HEADER + der, pem_marker='PRIVATE KEY')
elif pem_format == 'PKCS1':
pem = pyrsa_pem.save_pem(der, pem_marker='RSA PRIVATE KEY')
else:
raise ValueError("Invalid pem format specified: %r" % (pem_format,))
else:
if pem_format == 'PKCS8':
asn_key = AsnPubKey()
asn_key.setComponentByName('modulus', self._prepared_key.n)
asn_key.setComponentByName('publicExponent', self._prepared_key.e)
der = encoder.encode(asn_key)
header = PubKeyHeader()
header['oid'] = univ.ObjectIdentifier('1.2.840.113549.1.1.1')
pub_key = OpenSSLPubKey()
pub_key['header'] = header
pub_key['key'] = univ.BitString.fromOctetString(der)
der = encoder.encode(pub_key)
pem = pyrsa_pem.save_pem(der, pem_marker='PUBLIC KEY')
elif pem_format == 'PKCS1':
der = self._prepared_key.save_pkcs1(format='DER')
pem = pyrsa_pem.save_pem(der, pem_marker='RSA PUBLIC KEY')
else:
raise ValueError("Invalid pem format specified: %r" % (pem_format,))
return pem
def pkgvr() -> pkgvr_output:
r_u = bytearray(mkNonce(), 'ascii')
r_u_aux = copy.copy(r_u)
# r'u=hash(0||ru)
r_u[0:0] = int.to_bytes(0, 2, 'big')
r_prima_u = generate_hash(r_u)
r_u = copy.copy(r_u_aux)
r_u_aux[0:0] = int.to_bytes(1, 2, 'big')
p_u = generate_hash(r_u_aux)
r_u_aux = copy.copy(r_u)
r_u[0:0] = int.to_bytes(2, 2, 'big')
s_prima = generate_hash(r_u)
#pedersen_commitment(r_prima_u,p_u)
r_prima_u_asInteger = int.from_bytes(r_prima_u, 'big')
p_u_asInteger = int.from_bytes(p_u, 'big')
pedersen = pedersen_commitment()
c = pedersen.commitment(r_prima_u_asInteger, p_u_asInteger)
#----------------------------> send commitment to CA
#rca received
r_ca = bytearray(mkNonce(), 'ascii')
s = xor(r_prima_u_asInteger, int.from_bytes(generate_hash(r_ca), 'big'))
#Algorithm 2
hmac = hmac_class()
alg2_collection: algorithm_2_output = algorithm_2(T, s, e, r_w, s_prima,
hmac)
if alg2_collection.i == -1:
raise_exception(
Exception(
"Algorithm 2: Impossible to get a valid collection of primes"))
#Set p, q and N
p = alg2_collection.a_collection.pop(alg2_collection.i)
j = alg2_collection.a_collection.count
q = alg2_collection.a_collection.pop(j)
N = p * q
#golberg
salt = univ.OctetString(
os.urandom(32)) #Nist recommend salt string of at least 32 bit
#HMAC(s',j+2,r_w)
golberg = golberg_et_al(salt, s_prima,
alg2_collection.a_collection.count + 2, e, r_w)
proof_w = golberg.golberg(p, q)
#----------------------------> send proof to CA
if golberg.verify(salt, generate_hash(r_ca),
alg2_collection.a_collection.count + 2, e, r_w, proof_w):
asnPK = AsnPubKey()
asnPK.setComponentByName('modulus', N)
asnPK.setComponentByName('publicExponent', e)
return pkgvr_output(publicKeyRSA(N, e), privateKeyRSA(p, q, e))
raise_exception(Exception("golberg Proof: Not valid"))
def _save_pkcs1_der(self) -> bytes:
from pyasn1.codec.der import encoder
from rsa.asn1 import AsnPubKey
# Create the ASN object
asn_key = AsnPubKey()
asn_key.setComponentByName('modulus', self.n)
asn_key.setComponentByName('publicExponent', self.e)
return encoder.encode(asn_key)
def _save_pkcs1_der(self):
'''Saves the public key in PKCS#1 DER format.
@returns: the DER-encoded public key.
'''
from pyasn1.codec.der import encoder
from rsa.asn1 import AsnPubKey
# Create the ASN object
asn_key = AsnPubKey()
asn_key.setComponentByName('modulus', self.n)
asn_key.setComponentByName('publicExponent', self.e)
return encoder.encode(asn_key)
def _save_pkcs1_der(self) -> bytes:
"""Saves the public key in PKCS#1 DER format.
:returns: the DER-encoded public key.
:rtype: bytes
"""
from pyasn1.codec.der import encoder
from rsa.asn1 import AsnPubKey
# Create the ASN object
asn_key = AsnPubKey()
asn_key.setComponentByName("modulus", self.n)
asn_key.setComponentByName("publicExponent", self.e)
return encoder.encode(asn_key)
def ca():
lock_InformationPipe.acquire()
c = pipe.pop()
writeOutputFile('Commitment received from user: '******'ascii')
writeOutputFile('r_ca has been established: ' + r_ca.hex())
#----------------------------> send r_ca to user
pipe.append(r_ca)
writeOutputFile('r_ca sent to user --------->')
writeOutputFile('')
lock_InformationPipe.release()
time.sleep(3)
#----------------------------> waiting proof, N, j
lock_InformationPipe.acquire()
proof_w = pipe.pop()
writeOutputFile('Proof from user: '******'j from user: '******'p from user: '******'p from user: '******'modulus', p * q)
asnPK.setComponentByName('publicExponent', e)
pipe.append(True)
writeOutputFile('golberg Proof: valid.')
writeOutputFile('OK sent to user --------->')
lock_InformationPipe.release()
return asnPK
writeOutputFile('golberg Proof: Not valid. Error sent to user --------->')
pipe.append(False)
lock_InformationPipe.release()
raise_exception(Exception("golberg Proof: Not valid"))