def test_5(self):
"""test_5 Make sure all client secret are unique"""
# random number generator
RNG = ffi.new("csprng*")
libmpin.MPIN_CREATE_CSPRNG(RNG, self.RAW)
# Generate master secret share
rtn = libmpin.MPIN_RANDOM_GENERATE(RNG, MS1)
self.assertEqual(rtn, 0)
s = set()
match = 0
for i in range(1, 1000):
rand_val = os.urandom(32)
HASH_MPIN_ID = ffi.new("octet*")
HASH_MPIN_IDval = ffi.new("char [%s]" % HASH_BYTES, rand_val)
HASH_MPIN_ID[0].val = HASH_MPIN_IDval
HASH_MPIN_ID[0].max = HASH_BYTES
HASH_MPIN_ID[0].len = HASH_BYTES
# Generate client secret shares
rtn = libmpin.MPIN_GET_CLIENT_SECRET(MS1, HASH_MPIN_ID, CS1)
self.assertEqual(rtn, 0)
cs1Hex = toHex(CS1)
if cs1Hex in s:
match = 1
self.assertEqual(match, 0)
s.add(cs1Hex)
RAW[0].max = len(seed)
if DEBUG:
print "RAW: %s" % toHex(RAW)
# random number generator
RNG = ffi.new("csprng*")
libmpin.MPIN_CREATE_CSPRNG(RNG, RAW)
# Hash MPIN_ID
libmpin.MPIN_HASH_ID(MPIN_ID, HASH_MPIN_ID)
if DEBUG:
print "MPIN_ID: %s" % toHex(MPIN_ID)
print "HASH_MPIN_ID: %s" % toHex(HASH_MPIN_ID)
# Generate master secret for MIRACL and Customer
rtn = libmpin.MPIN_RANDOM_GENERATE(RNG, MS1)
if rtn != 0:
print "libmpin.MPIN_RANDOM_GENERATE(RNG,MS1) Error %s", rtn
rtn = libmpin.MPIN_RANDOM_GENERATE(RNG, MS2)
if rtn != 0:
print "libmpin.MPIN_RANDOM_GENERATE(RNG,MS2) Error %s" % rtn
if DEBUG:
print "MS1: %s" % toHex(MS1)
print "MS2: %s" % toHex(MS2)
# Generate server secret shares
rtn = libmpin.MPIN_GET_SERVER_SECRET(MS1, SS1)
if rtn != 0:
print "libmpin.MPIN_GET_SERVER_SECRET(MS1,SS1) Error %s" % rtn
rtn = libmpin.MPIN_GET_SERVER_SECRET(MS2, SS2)
if rtn != 0:
def test_3(self):
"""test_3 Good PIN and bad token"""
PIN1 = 1234
PIN2 = 1234
# random number generator
RNG = ffi.new("csprng*")
libmpin.MPIN_CREATE_CSPRNG(RNG, self.RAW)
# Generate Client master secret share for MIRACL and Customer
rtn = libmpin.MPIN_RANDOM_GENERATE(RNG, MS1)
self.assertEqual(rtn, 0)
rtn = libmpin.MPIN_RANDOM_GENERATE(RNG, MS2)
self.assertEqual(rtn, 0)
# Generate server secret shares
rtn = libmpin.MPIN_GET_SERVER_SECRET(MS1, SS1)
self.assertEqual(rtn, 0)
rtn = libmpin.MPIN_GET_SERVER_SECRET(MS2, SS2)
self.assertEqual(rtn, 0)
# Combine server secret shares
rtn = libmpin.MPIN_RECOMBINE_G2(SS1, SS2, SERVER_SECRET)
self.assertEqual(rtn, 0)
# Generate client secret shares
rtn = libmpin.MPIN_GET_CLIENT_SECRET(MS1, self.HASH_MPIN_ID, CS1)
self.assertEqual(rtn, 0)
rtn = libmpin.MPIN_GET_CLIENT_SECRET(MS2, self.HASH_MPIN_ID, CS2)
self.assertEqual(rtn, 0)
# Combine client secret shares : TOKEN is the full client secret
rtn = libmpin.MPIN_RECOMBINE_G1(CS1, CS2, TOKEN)
self.assertEqual(rtn, 0)
# Generate Time Permit shares
rtn = libmpin.MPIN_GET_CLIENT_PERMIT(self.date, MS1, self.HASH_MPIN_ID, TP1)
self.assertEqual(rtn, 0)
rtn = libmpin.MPIN_GET_CLIENT_PERMIT(self.date, MS2, self.HASH_MPIN_ID, TP2)
self.assertEqual(rtn, 0)
# Combine Time Permit shares
rtn = libmpin.MPIN_RECOMBINE_G1(TP1, TP2, TIME_PERMIT)
self.assertEqual(rtn, 0)
# Client extracts PIN from secret to create Token
PIN1 = 1234
rtn = libmpin.MPIN_EXTRACT_PIN(self.MPIN_ID, PIN1, TOKEN)
self.assertEqual(rtn, 0)
# Client first pass
rtn = libmpin.MPIN_CLIENT_1(self.date, self.MPIN_ID, RNG, X, PIN2, TOKEN, SEC, U, UT, TIME_PERMIT)
self.assertEqual(rtn, 0)
# Server calculates H(ID) and H(T|H(ID))
libmpin.MPIN_SERVER_1(self.date, self.HASH_MPIN_ID, HID, HTID)
# Server generates Random number Y and sends it to Client
rtn = libmpin.MPIN_RANDOM_GENERATE(RNG, Y)
self.assertEqual(rtn, 0)
# Client second pass
rtn = libmpin.MPIN_CLIENT_2(X, Y, SEC)
self.assertEqual(rtn, 0)
# Server second pass
# clientSecret aka V is equal to UT to model a bad token
rtn = libmpin.MPIN_SERVER_2(self.date, HID, HTID, Y, SERVER_SECRET, U, UT, UT, E, F)
self.assertEqual(rtn, -19)