def benchBatchVerification(N, equation, sdl_dict, vars, precompute, _verbose): rop_batch = RecordOperations(vars) rop_batch.visit(equation, {}) if _verbose: print("<====\tBATCH\t====>") print("Equation =>", equation) print("<===\tOperations count\t===>") for i in precompute.keys(): if type(i) != str: if checkForSigs(precompute[i]): data = {'key':['N'], 'N': N } else: data = {} rop_batch.visit(precompute[i], data) if _verbose: print("Precompute:", i, ":=", precompute[i]) else: if i == 'delta': # estimate cost of random small exponents rop_batch.ops['prng'] += N if _verbose: print("Precompute:", i, ":=", precompute[i]) else: # estimate cost of some precomputations bp = SDLParser() index = BinaryNode( i ) if 'j' in index.attr_index: compute = bp.parse( "for{z:=1, N} do " + precompute[i] ) rop_batch.visit(compute, {}) if _verbose: print("Precompute:", i, ":=", compute) else: if _verbose: print("TODO: need to account for this: ", i, ":=", precompute[i]) if _verbose: print_results(rop_batch.ops) return calculate_times(rop_batch.ops, curve[param_id], N)
def newProdNode(self, key=None, end=None): p = SDLParser() if key and end: new_node = p.parse("prod{"+key+":=0,"+end+"} on x") else: new_node = p.parse("prod{z:=0, N} on x") return new_node
def newProdNode(self, key=None, end=None): p = SDLParser() if key and end: new_node = p.parse("prod{" + key + ":=0," + end + "} on x") else: new_node = p.parse("prod{z:=0, N} on x") return new_node
def getAssignmentForName(var, varTypes): global assignInfo (funcName, varInfo) = getVarNameEntryFromAssignInfo(assignInfo, var) if funcName != None: funcStmts = sdl.getVarInfoFuncStmts( funcName ) Stmts = funcStmts[0] StmtTypes = funcStmts[1] if varInfo.getIsList(): assignNode = varInfo.getAssignNode() varList = assignNode.getRight().listNodes #print("assignNode: ", assignNode) #print("full varList: ", varList) resultVars = [] for i in varList: varType = varTypes.get(i) theType = varType.getType() if theType == types.G1: print(i, ":", theType) resultVars.append(i) if theType in [types.list, types.listG1]: print("Find all refs: ", i) for j,k in Stmts.items(): if Type(k.getAssignNode()) == ops.EQ: kvar = k.getAssignVar() if i in kvar and StmtTypes.get(kvar).getType() == types.G1: if kvar not in resultVars: resultVars.append(str(kvar)) print("pruned varList: ", resultVars) return resultVars
def getFuncLines(self, funcName): funcConfig = sdl.getVarInfoFuncStmts(funcName) Stmts = funcConfig[0] begin = "BEGIN :: func:" + funcName end = "END :: func:" + funcName lines = list(Stmts.keys()) lines.sort() newLines = [begin] for index, i in enumerate(lines): assert type( Stmts[i] ) == sdl.VarInfo, "transformFunction: blockStmts must be VarInfo Objects." if Stmts[i].getIsExpandNode() or Stmts[i].getIsList(): newLines.append(str(Stmts[i].getAssignNode())) elif Stmts[i].getIsForLoopBegin(): if Stmts[i].getIsForType(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' for') elif Stmts[i].getIsForAllType(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' forall') newLines.append(str(Stmts[i].getAssignNode())) elif Stmts[i].getIsForLoopEnd(): newLines.append(str(Stmts[i].getAssignNode())) elif Stmts[i].getIsIfElseBegin(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' if') newLines.append(str(Stmts[i].getAssignNode())) else: newLines.append(str(Stmts[i].getAssignNode())) newLines.append(end) return newLines
def getFuncLines(self, funcName): funcConfig = sdl.getVarInfoFuncStmts( funcName ) Stmts = funcConfig[0] begin = "BEGIN :: func:" + funcName end = "END :: func:" + funcName lines = list(Stmts.keys()) lines.sort() newLines = [begin] for index, i in enumerate(lines): assert type(Stmts[i]) == sdl.VarInfo, "transformFunction: blockStmts must be VarInfo Objects." if Stmts[i].getIsExpandNode() or Stmts[i].getIsList(): newLines.append( str(Stmts[i].getAssignNode()) ) elif Stmts[i].getIsForLoopBegin(): if Stmts[i].getIsForType(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' for') elif Stmts[i].getIsForAllType(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' forall') newLines.append(str(Stmts[i].getAssignNode())) elif Stmts[i].getIsForLoopEnd(): newLines.append(str(Stmts[i].getAssignNode())) elif Stmts[i].getIsIfElseBegin(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' if') newLines.append( str(Stmts[i].getAssignNode()) ) else: newLines.append(str(Stmts[i].getAssignNode())) newLines.append( end ) return newLines
def applyBSTransform(sdl_file, config): """ read sdl file to determine interfaces and variable types, etc""" global assignInfo sdl.parseFile(sdl_file, False, ignoreCloudSourcing=True) assignInfo = sdl.getAssignInfo() allTypes = sdl.getVarTypes() varTypes = allTypes.get(sdl.TYPES_HEADER) # 1. extract each function inputSchemeApi = {keygenFuncName:None, signFuncName:None, verifyFuncName:None} funcVars = set() for i in config.functionOrder: print("processing func: ", i) inputSchemeApi[i], _funcVars = getInterface(assignInfo, i) funcVars = funcVars.union(_funcVars) funcVars = list(funcVars) print("funcVars: ", funcVars) schemeTypes = getInterfaceTypes(allTypes, funcVars) name = sdl.assignInfo[sdl.NONE_FUNC_NAME][sdl.SDL_NAME].getAssignNode().getRight().getAttribute() setting = sdl.assignInfo[sdl.NONE_FUNC_NAME][sdl.ALGEBRAIC_SETTING].getAssignNode().getRight().getAttribute() schemeCalls = {} funcInput = {} funcOutput = {} for i in config.functionOrder: schemeCalls[i] = "%s.%s(%s)" % (name, i, getArgString(inputSchemeApi[i][inputKeyword])) print("funcCall: ", schemeCalls[i]) funcInput[i] = inputSchemeApi[i][inputKeyword] funcOutput[i] = inputSchemeApi[i][outputKeyword] bsT = BSTransform(assignInfo, varTypes, schemeTypes, schemeCalls, funcInput, funcOutput) bsT.setSchemeName(name) bsT.setSetting(setting) bsT.constructSDL(config) return
def newExpNode(self): # exp = BinaryNode(ops.EXP) p = SDLParser() _node = p.parse("a ^ b_i") return _node
def modifySign(self, config, sigma): # Steps to create the strong 'sign' algorithm # 1. select a new random variable, s (seed) signConfig = sdl.getVarInfoFuncStmts(config.signFuncName) Stmts = signConfig[0] begin = "BEGIN :: func:" + config.signFuncName end = "END :: func:" + config.signFuncName # 2. obtain program slice of \sigma_2 variables? and include lines = list(Stmts.keys()) lines.sort() newLines = [begin] sigma2 = list(sigma['sigma2']) sigmaStr = "" for i in sigma['sigma2']: sigmaStr += i + ", " sigmaStr = sigmaStr[:-2] self.sigma2str = sigmaStr for index, i in enumerate(lines): assert type( Stmts[i] ) == sdl.VarInfo, "Stmts not VarInfo Objects for some reason." if self.messageVarInBody != None and str( Stmts[i].getAssignVar()) == self.messageVarInBody: sdl.ASTVisitor(SubstituteVar( self.messageVar, self.newMsgVal)).preorder( Stmts[i].getAssignNode()) # modify in place self.oldMsgStmt = str(Stmts[i].getAssignNode()) Stmts[i].skipMe = True sigma2Fixed = False passedInputLine = False for index, i in enumerate(lines): assert type( Stmts[i] ) == sdl.VarInfo, "transformFunction: blockStmts must be VarInfo Objects." if hasattr(Stmts[i], "skipMe") and Stmts[i].skipMe: continue if sigma2Fixed: # 4. add the rest of code and substitute references from m to m' if self.messageVar in Stmts[i].getVarDeps(): sdl.ASTVisitor( SubstituteVar( self.messageVar, self.newMsgVal)).preorder( Stmts[i].getAssignNode()) # modify in place if passedInputLine: if self.singleSKeys and config.keygenSecVar in Stmts[ i].getVarDeps(): sdl.ASTVisitor( SubstituteVar( config.keygenSecVar, self.newSKvar)).preorder( Stmts[i].getAssignNode()) # modify in place if self.singlePKeys and config.keygenPubVar in Stmts[ i].getVarDeps(): sdl.ASTVisitor( SubstituteVar( config.keygenPubVar, self.newPKvar)).preorder( Stmts[i].getAssignNode()) # modify in place if Stmts[i].getIsExpandNode(): if str(Stmts[i].getAssignVar()) == config.keygenPubVar: Stmts[i].getAssignNode().getRight().listNodes.insert( 0, self.chK) #print("new list: ", Stmts[i].getAssignNode().getRight()) elif str(Stmts[i].getAssignVar()) == config.keygenSecVar: Stmts[i].getAssignNode().getRight().listNodes.insert( 0, self.chK) Stmts[i].getAssignNode().getRight().listNodes.insert( 0, self.chT) newLines.append(str(Stmts[i].getAssignNode())) elif Stmts[i].getIsForLoopBegin(): if Stmts[i].getIsForType(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' for') elif Stmts[i].getIsForAllType(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' forall') newLines.append(str(Stmts[i].getAssignNode())) elif Stmts[i].getIsIfElseBegin(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' if') newLines.append(str(Stmts[i].getAssignNode())) else: assignVar = str(Stmts[i].getAssignVar()) if assignVar in sigma2: newLines.append(str(Stmts[i].getAssignNode())) # 3. add statement for computing m' using original m and \sigma_2 sigma2.remove(assignVar) if len(sigma2) == 0: newLines.append(self.seed + " := random(ZR)") newLines.append( self.hashVal + " := H(concat{%s, %s, %s}, ZR)" % (self.chK, self.messageVar, self.sigma2str) ) # s1 := H(concat{k, m, r}, ZR) newLines.append( self.newMsgVal + " := %s(%s, %s, %s)" % (self.chamH, self.chpk, self.hashVal, self.seed) ) # mpr := chamH(chpk, s1, s) if self.messageVarInBody != None: newLines.append(self.oldMsgStmt) sigma2Fixed = True elif assignVar == config.signatureVar: # 5. add seed to output as part of signature if Stmts[i].getIsList(): if Stmts[i].getAssignNode().getRight() != None: Stmts[i].getAssignNode().getRight( ).listNodes.append(self.seed) newLines.append(str(Stmts[i].getAssignNode())) else: print("TODO: ", assignVar, " has unexpected structure.") elif assignVar == inputKeyword: passedInputLine = True inputlistNodes = [] if Stmts[i].getAssignNode().getRight() != None: Stmts[i].getAssignNode().getRight().listNodes.insert( 0, self.chpk) inputlistNodes = Stmts[i].getAssignNode().getRight( ).listNodes newLines.append(str(Stmts[i].getAssignNode())) if self.singleSKeys and config.keygenSecVar in inputlistNodes: newLines.append(config.keygenSecVar + " := expand" + self.singleSKeysStr) if self.singlePKeys and config.keygenPubVar in inputlistNodes: newLines.append(config.keygenSecVar + " := expand" + self.singlePKeysStr) # update old references else: newLines.append(str(Stmts[i].getAssignNode())) newLines.append(end) return newLines
def newProdNode(self): p = SDLParser() new_node = p.parse("prod{z:=0, N} on x") return new_node
def run_main(opts, start=None, stop=None): """main entry point for generating batch verification algorithms""" global singleVE, crypto_library, curve, param_id, assignInfo, varTypes, global_count, delta_count, applied_technique_list verbose = opts['verbose'] statement = opts['test_stmt'] file = opts['sdl_file'] crypto_library = opts['library'] proof_flag = opts['proof'] benchmark_batcher = opts['benchmark'] curve, param_id = getBenchmarkInfo(crypto_library) if statement: debug = levels.all parser = SDLParser() final = parser.parse(statement) print("Final statement(%s): '%s'" % (type(final), final)) sys.exit(0) else: # Parse the SDL file into binary tree # ast_struct = parseFile(file) parseFile(file, verbose, ignoreCloudSourcing=True) setting = SDLSetting(verbose) setting.parse(getAssignInfo(), getVarTypes()) # check for errors and pass on to user before continuing # process single or multiple equations verify_eq, N = [], None #for n in ast_struct[ OTHER ]: if len(setting.getVerifyEq()) == 0: print(setting.getVerifyEq()) sys.exit("Could not locate the individual verification equation. Please edit SDL file.\n"); verifyEqDict = setting.getVerifyEq() verifyEqUpdated = {} isSingleEquation = {} verifyList = list(verifyEqDict.keys()) verifyList.sort() for k in verifyList: # print("k := ", k, ", v := ", verifyEqDict[k]) if VERIFY in k: (result, singleEq) = handleVerifyEq(verifyEqDict[k].get(VERIFY), delta_count, setting, verbose) delta_count += 1 # where we do actual verification on # of eqs verifyEqUpdated[ k ] = result isSingleEquation[ k ] = singleEq # santiy checks to verify setting makes sense for given equation variables = setting.getTypes() for k,v in verifyEqUpdated.items(): bte = BasicTypeExist( variables ) ASTVisitor( bte ).preorder( v ) bte.report( v ) #sys.exit(0) # initiate the proof generator if benchmark_batcher and type(start) == list: start[0] = time.clock() print("Single verification equation: ", singleVE) genProof = GenerateProof(singleVE) # process settings i = 1 finalVerifyList = [] types = setting.getTypes() if len(verifyList) == 2: batch_precompute = {} sdlOutFile = None for k in verifyList: loopDetails = None if verifyEqDict[ k ][ hasLoop ]: try: endValue = str(eval(verifyEqDict[k][endVal], setting.getTypes())) # updates the types section to store the value for estimation purposes setting.getTypes()[verifyEqDict[k][endVal]] = endValue except: print("Could not determine loop end value. Please define: ", verifyEqDict[k][endVal]) sys.exit(0) loopDetails = (verifyEqDict[k][loopVar], verifyEqDict[k][startVal], endValue) genProof.setPrefix('EQ' + str(i + 1)) (sdlOutFile, sdl_data, verify2, batch_precompute0, var_count) = runBatcher2(opts, genProof, file + str(i), verifyEqUpdated[k], setting, loopDetails, i) genProof.changeMode( isSingleEquation[ k ] ) i += 1 # print("BATCH EQUATION: ", verify2) finalVerifyList.append(verify2) # print("FINAL VERIFY LIST: ", finalVerifyList) # sdl_data.update(sdl_data0) # types.update(types0) batch_precompute.update(batch_precompute0) eq1, eq2 = finalVerifyList finalEq = CombineEqWithoutNewDelta(eq1, eq2) if verbose: print("FINAL BATCH EQUATION:\n", finalEq) if proof_flag: genProof.setPrefix('') genProof.setNextStep('Combine equations 1 and 2, then pairings within final equation (technique 6)', finalEq) # buildSDLBatchVerifier(sdlOutFile, sdl_data, types, finalEq, batch_precompute, global_count, setting) else: for k in verifyList: loopDetails = None if verifyEqDict[ k ][ hasLoop ]: try: endValue = str(eval(verifyEqDict[k][endVal], setting.getTypes())) setting.getTypes()[verifyEqDict[k][endVal]] = endValue except: print("Could not determine loop end value. Please define: ", verifyEqDict[k][endVal]) sys.exit(0) loopDetails = (verifyEqDict[k][loopVar], verifyEqDict[k][startVal], endValue) (sdlOutFile, sdl_data, verify2, batch_precompute, global_count) = runBatcher2(opts, genProof, file, verifyEqUpdated[k], setting, loopDetails) finalEq = verify2 #buildSDLBatchVerifier(sdlOutFile, sdl_data, types, finalEq, batch_precompute, global_count, setting) if proof_flag: genProof.setNextStep('finalbatcheq', None) latex_file = types['name'].upper() if verbose: print("Generated the proof written to file: verification_gen%s.tex" % latex_file) genProof.compileProof(opts['path'], latex_file) # last step:construct SDL batch verifier #print("technique list: ", applied_technique_list) stopTime = time.clock() # in case we're benchmarking if benchmark_batcher and stop and type(stop) == list: stop[0] = stopTime return buildSDLBatchVerifier(opts, sdlOutFile, sdl_data, types, finalEq, batch_precompute, global_count, setting)
def modifyVerify(self, config, sigma): # Steps to create the strong 'verify' algorithm # 1. add the statements for verifyConfig = sdl.getVarInfoFuncStmts(config.verifyFuncName) Stmts = verifyConfig[0] begin = "BEGIN :: func:" + config.verifyFuncName end = "END :: func:" + config.verifyFuncName # 2. obtain program slice of \sigma_2 variables? and include lines = list(Stmts.keys()) lines.sort() newLines = [begin] messageSlice = [] expandCount = 0 for index, i in enumerate(lines): assert type( Stmts[i] ) == sdl.VarInfo, "Stmts not VarInfo Objects for some reason." if Stmts[i].getIsExpandNode(): expandCount += 1 if Stmts[i].getAssignVar() == self.messageVar: messageSlice.append(self.messageVar) sigma2Fixed = False lastExpand = False for index, i in enumerate(lines): assert type( Stmts[i] ) == sdl.VarInfo, "Stmts not VarInfo Objects for some reason." if lastExpand and len(messageSlice) == 0: newLines.append(self.hashVal + " := H(concat{%s, %s, %s}, ZR)" % (self.chK, self.messageVar, self.sigma2str) ) # s1 := H(concat{k, m, r}, ZR) newLines.append( self.newMsgVal + " := %s(%s, %s, %s)" % (self.chamH, self.chpk, self.hashVal, self.seed) ) # mpr := chamH(chpk, s1, s) lastExpand = False sigma2Fixed = True if sigma2Fixed: # 4. add the rest of code and substitute references from m to m' if self.messageVar in Stmts[i].getVarDeps(): sdl.ASTVisitor( SubstituteVar( self.messageVar, self.newMsgVal)).preorder( Stmts[i].getAssignNode()) # modify in place if Stmts[i].getIsExpandNode(): expandCount -= 1 if expandCount == 0: lastExpand = True if str(Stmts[i].getAssignVar()) == config.keygenPubVar: Stmts[i].getAssignNode().getRight().listNodes.insert( 0, self.chK) #print("new list: ", Stmts[i].getAssignNode().getRight()) elif str(Stmts[i].getAssignVar()) == config.signatureVar: Stmts[i].getAssignNode().getRight().listNodes.append( self.seed) newLines.append(str(Stmts[i].getAssignNode())) elif Stmts[i].getIsForLoopBegin(): if Stmts[i].getIsForType(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' for') elif Stmts[i].getIsForAllType(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' forall') newLines.append(str(Stmts[i].getAssignNode())) elif Stmts[i].getIsIfElseBegin(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' if') newLines.append(str(Stmts[i].getAssignNode())) else: assignVar = str(Stmts[i].getAssignVar()) if assignVar == config.signatureVar: # 5. add seed to output as part of signature if Stmts[i].getIsExpandNode(): if Stmts[i].getAssignNode().getRight() != None: Stmts[i].getAssignNode().getRight( ).listNodes.append(self.seed) newLines.append(str(Stmts[i].getAssignNode())) else: print("TODO: ", assignVar, " has unexpected structure.") elif assignVar == inputKeyword: inputlistNodes = [] if Stmts[i].getAssignNode().getRight() != None: Stmts[i].getAssignNode().getRight().listNodes.insert( 0, self.chpk) inputlistNodes = Stmts[i].getAssignNode().getRight( ).listNodes # check if signature variables are contained inside the list sigLen = len( set(Stmts[i].getAssignNode().getRight().listNodes). intersection(sigma['sigma1'])) + len( set(Stmts[i].getAssignNode().getRight().listNodes). intersection(sigma['sigma2'])) if sigLen > 0: Stmts[i].getAssignNode().getRight().listNodes.append( self.seed) newLines.append(str(Stmts[i].getAssignNode())) if self.singleSKeys and config.keygenSecVar in inputlistNodes: newLines.append(config.keygenSecVar + " := expand" + self.singleSKeysStr) if self.singlePKeys and config.keygenPubVar in inputlistNodes: newLines.append(config.keygenSecVar + " := expand" + self.singlePKeysStr) elif assignVar == self.messageVar: messageSlice.remove(assignVar) newLines.append(str(Stmts[i].getAssignNode())) else: newLines.append(str(Stmts[i].getAssignNode())) newLines.append(end) return newLines
def main(sdlFile, config, sdlVerbose=False): sdl.parseFile2(sdlFile, sdlVerbose, ignoreCloudSourcing=True) global assignInfo assignInfo = sdl.getAssignInfo() setting = sdl.assignInfo[sdl.NONE_FUNC_NAME][ALGEBRAIC_SETTING].getAssignNode().getRight().getAttribute() bv_name = sdl.assignInfo[sdl.NONE_FUNC_NAME][BV_NAME].getAssignNode().getRight().getAttribute() typesBlock = sdl.getFuncStmts( TYPES_HEADER ) print("name is", bv_name) print("setting is", setting) lines = list(typesBlock[0].keys()) lines.sort() typesBlockLines = [ i.rstrip() for i in sdl.getLinesOfCodeFromLineNos(lines) ] begin = ["BEGIN :: " + TYPES_HEADER] end = ["END :: " + TYPES_HEADER] newLines0 = [ BV_NAME + " := " + bv_name, SETTING + " := " + sdl.ASYMMETRIC_SETTING ] newLines1 = begin + typesBlockLines + end assert setting == sdl.SYMMETRIC_SETTING, "No need to convert to asymmetric setting." # determine user preference in terms of keygen or encrypt contarget = sdl.assignInfo[sdl.NONE_FUNC_NAME]['short'] if contarget: target = contarget.getAssignNode().right.getAttribute() if contarget == None: short = SHORT_KEYS else: short = target print("reducing size of '%s'" % short) varTypes = dict(sdl.getVarTypes().get(TYPES_HEADER)) if not hasattr(config, 'schemeType'): sys.exit("'schemeType' option missing in specified config file.") if config.schemeType == PUB_SCHEME: (stmtS, typesS, depListS, depListNoExpS, infListS, infListNoExpS) = sdl.getVarInfoFuncStmts( config.setupFuncName ) (stmtK, typesK, depListK, depListNoExpK, infListK, infListNoExpK) = sdl.getVarInfoFuncStmts( config.keygenFuncName ) (stmtE, typesE, depListE, depListNoExpE, infListE, infListNoExpE) = sdl.getVarInfoFuncStmts( config.encryptFuncName ) (stmtD, typesD, depListD, depListNoExpD, infListD, infListNoExpD) = sdl.getVarInfoFuncStmts( config.decryptFuncName ) varTypes.update(typesS) varTypes.update(typesK) varTypes.update(typesE) varTypes.update(typesD) # TODO: expand search to encrypt and portentially setup pairingSearch = [stmtD] # aka start with decrypt. elif config.schemeType == SIG_SCHEME: if hasattr(config, 'setupFuncName'): (stmtS, typesS, depListS, depListNoExpS, infListS, infListNoExpS) = sdl.getVarInfoFuncStmts( config.setupFuncName ) (stmtK, typesK, depListK, depListNoExpK, infListK, infListNoExpK) = sdl.getVarInfoFuncStmts( config.keygenFuncName ) (stmtSi, typesSi, depListSi, depListNoExpSi, infListSi, infListNoExpSi) = sdl.getVarInfoFuncStmts( config.signFuncName ) (stmtV, typesV, depListV, depListNoExpV, infListV, infListNoExpV) = sdl.getVarInfoFuncStmts( config.verifyFuncName ) varTypes.update(typesK) varTypes.update(typesSi) varTypes.update(typesV) pairingSearch = [stmtV] # aka start with verify # sys.exit("Still working on this...") else: sys.exit("'schemeType' options are 'PUB' or 'SIG'") generators = [] print("List of generators for scheme") if hasattr(config, "extraSetupFuncName"): (stmtSe, typesSe, depListSe, depListNoExpSe, infListSe, infListNoExpSe) = sdl.getVarInfoFuncStmts( config.extraSetupFuncName ) extractGeneratorList(stmtSe, typesSe, generators) varTypes.update(typesSe) if hasattr(config, 'setupFuncName'): extractGeneratorList(stmtS, typesS, generators) # extract generators from setup if defined else: sys.exit("Assumption failed: setup not defined for this function. Where to extract generators?") # need a Visitor class to build these variables # TODO: expand to other parts of algorithm including setup, keygen, encrypt hashVarList = [] pair_vars_G1_lhs = [] pair_vars_G1_rhs = [] gpv = GetPairingVariables(pair_vars_G1_lhs, pair_vars_G1_rhs) for eachStmt in pairingSearch: lines = eachStmt.keys() for i in lines: if type(eachStmt[i]) == sdl.VarInfo: print("Each: ", eachStmt[i].getAssignNode()) cfp = CheckForPairing() if eachStmt[i].getHasPairings(): sdl.ASTVisitor( gpv ).preorder( eachStmt[i].getAssignNode() ) elif eachStmt[i].getHashArgsInAssignNode(): # in case, there's a hashed values...build up list and check later to see if it appears # in pairing variable list hashVarList.append(str(eachStmt[i].getAssignVar())) else: assignNode = eachStmt[i].getAssignNode() sdl.ASTVisitor( cfp ).preorder( assignNode ) if cfp.getHasPairings(): sdl.ASTVisitor( gpv ).preorder( assignNode ) constraintList = [] # determine if any hashed values in decrypt show up in a pairing for i in hashVarList: if i in pair_vars_G1_lhs or i in pair_vars_G1_rhs: constraintList.append(i) print("pair vars LHS:", pair_vars_G1_lhs) print("pair vars RHS:", pair_vars_G1_rhs) if config.schemeType == SIG_SCHEME: sys.exit(0) # TODO: need to resolve when to incorporate the split pairings technique print("list of gens :", generators) info = {} info[ 'G1_lhs' ] = (pair_vars_G1_lhs, assignTraceback(generators, varTypes, pair_vars_G1_lhs, constraintList)) info[ 'G1_rhs' ] = (pair_vars_G1_rhs, assignTraceback(generators, varTypes, pair_vars_G1_rhs, constraintList)) print("info => G1 lhs : ", info['G1_lhs']) print("info => G1 rhs : ", info['G1_rhs']) print("<===== Determine Asymmetric Generators =====>") (generatorLines, generatorMapG1, generatorMapG2) = Step1_DeriveSetupGenerators(generators, info) print("Generators in G1: ", generatorMapG1) print("Generators in G2: ", generatorMapG2) print("<===== Determine Asymmetric Generators =====>\n") print("<===== Generate XOR clauses =====>") # let the user's preference for fixing the keys or ciphertext guide this portion of the algorithm. # info[ 'G1' ] : represents (varKeyList, depVarMap). assert len(pair_vars_G1_lhs) == len(pair_vars_G1_rhs), "Uneven number of pairings. Please inspect your bv file." varsLen = len(pair_vars_G1_lhs) xorList = [] for i in range(varsLen): xor = BinaryNode(ops.XOR) xor.left = BinaryNode(pair_vars_G1_lhs[i]) xor.right = BinaryNode(pair_vars_G1_rhs[i]) xorList.append(xor) ANDs = [ BinaryNode(ops.AND) for i in range(len(xorList)-1) ] for i in range(len(ANDs)): ANDs[i].left = BinaryNode.copy(xorList[i]) if i < len(ANDs)-1: ANDs[i].right = ANDs[i+1] else: ANDs[i].right = BinaryNode.copy(xorList[i+1]) print("XOR clause: ", ANDs[0]) txor = transformXOR(None) # accepts dictionary of fixed values sdl.ASTVisitor(txor).preorder(ANDs[0]) print("<===== Generate XOR clauses =====>") constraints = "[]" fileSuffix, resultDict = searchForSolution(short, constraintList, txor, varTypes, config) xorVarMap = txor.getVarMap() if short != SHORT_FORALL: res, resMap = NaiveEvaluation(resultDict, short) print("Group Mapping: ", res) # determine whether to make True = G1 and False = G2. # It depends on which counts more since they're interchangeable... groupInfo = DeriveGeneralSolution(res, resMap, xorVarMap, info) else: groupInfo = DeriveSpecificSolution(resultDict, xorVarMap, info) groupInfo['generators'] = generators groupInfo['generatorMapG1'] = generatorMapG1 groupInfo['generatorMapG2'] = generatorMapG2 groupInfo['baseGeneratorG1'] = info['baseGeneratorG1'] # usually 'g' groupInfo['baseGeneratorG2'] = info['baseGeneratorG2'] groupInfo['varTypes'] = {} groupInfo['varTypes'].update(varTypes) noChangeList = [] newLinesSe = [] newLinesS = [] entireSDL = sdl.getLinesOfCode() if hasattr(config, "extraSetupFuncName"): print("<===== transforming %s =====>" % config.extraSetupFuncName) newLinesSe = transformFunction(entireSDL, config.extraSetupFuncName, stmtSe, groupInfo, noChangeList, generatorLines) print("<===== transforming %s =====>" % config.extraSetupFuncName) if hasattr(config, 'setupFuncName'): print("<===== transforming %s =====>" % config.setupFuncName) newLinesS = transformFunction(entireSDL, config.setupFuncName, stmtS, groupInfo, noChangeList, generatorLines) print("<===== transforming %s =====>" % config.setupFuncName) print("<===== transforming %s =====>" % config.keygenFuncName) newLinesK = transformFunction(entireSDL, config.keygenFuncName, stmtK, groupInfo, noChangeList) print("<===== transforming %s =====>" % config.keygenFuncName) if config.schemeType == PUB_SCHEME: print("<===== transforming %s =====>" % config.encryptFuncName) newLines2 = transformFunction(entireSDL, config.encryptFuncName, stmtE, groupInfo, noChangeList) print("<===== transforming %s =====>" % config.encryptFuncName) print("<===== transforming %s =====>" % config.decryptFuncName) newLines3 = transformFunction(entireSDL, config.decryptFuncName, stmtD, groupInfo, noChangeList) print("<===== transforming %s =====>" % config.decryptFuncName) elif config.schemeType == SIG_SCHEME: print("<===== transforming %s =====>" % config.signFuncName) newLines2 = transformFunction(entireSDL, config.signFuncName, stmtSi, groupInfo, noChangeList) print("<===== transforming %s =====>" % config.signFuncName) print("<===== transforming %s =====>" % config.verifyFuncName) newLines3 = transformFunction(entireSDL, config.verifyFuncName, stmtV, groupInfo, noChangeList) print("<===== transforming %s =====>" % config.verifyFuncName) # debug print_sdl(False, newLinesS, newLinesK, newLines2, newLines3) outputFile = bv_name + "_asym_" + fileSuffix writeConfig(outputFile + ".bv", newLines0, newLines1, newLinesSe, newLinesS, newLinesK, newLines2, newLines3) return outputFile
def modifyKeygen(self, config): # append to Setup or Keygen # add chpk to output list, and chK to pk self.singlePKeys = False self.singleSKeys = False (name, varInf) = getVarNameEntryFromAssignInfo(self.assignInfo, config.keygenPubVar) print("Found public key in: ", name) # if name == "setup": # hasattr(config, "setupFuncName"): # setupConfig = sdl.getVarInfoFuncStmts( config.setupFuncName ) # Stmts = setupConfig[0] # begin = "BEGIN :: func:" + config.setupFuncName # end = "END :: func:" + config.setupFuncName # (stmt, types, depList, depListNoExp, infList, infListNoExp) = getVarInfoFuncStmts if name == config.keygenFuncName: keygenConfig = sdl.getVarInfoFuncStmts(config.keygenFuncName) Stmts = keygenConfig[0] begin = "BEGIN :: func:" + config.keygenFuncName end = "END :: func:" + config.keygenFuncName lines = list(Stmts.keys()) lines.sort() savedSK, savedPK = None, None for index, i in enumerate(lines): assert type( Stmts[i] ) == sdl.VarInfo, "transformFunction: blockStmts must be VarInfo Objects." if Stmts[i].getIsExpandNode() or Stmts[i].getIsList(): if str(Stmts[i].getAssignVar()) == config.keygenPubVar: Stmts[i].getAssignNode().getRight().listNodes.insert( 0, self.chK) savedPK = str(Stmts[i].getAssignNode()) Stmts[i].skipMe = True elif str(Stmts[i].getAssignVar()) == config.keygenSecVar: Stmts[i].getAssignNode().getRight().listNodes.insert( 0, self.chK) Stmts[i].getAssignNode().getRight().listNodes.insert( 0, self.chT) savedSK = str(Stmts[i].getAssignNode()) Stmts[i].skipMe = True elif str(Stmts[i].getAssignVar()) == config.keygenPubVar: if savedPK == None: # in case it is a single variable newPKvar = config.keygenPubVar + "0" # TODO: need to verify this variable doesn't exist already too self.newPKvar = newPKvar savedPK = newPKvar + " := " + str( Stmts[i].getAssignNode().getRight()) + "\n" self.singlePKeysStr = "{%s, %s}" % (newPKvar, self.chK) savedPK += config.keygenPubVar + " := list" + self.singlePKeysStr self.singlePKeys = True Stmts[i].skipMe = True elif str(Stmts[i].getAssignVar()) == config.keygenSecVar: if savedSK == None: # in case it is a single variable newSKvar = config.keygenSecVar + "0" # TODO: need to verify this variable doesn't exist already too self.newSKvar = newSKvar savedSK = newSKvar + " := " + str( Stmts[i].getAssignNode().getRight()) + "\n" self.singleSKeysStr = "{%s, %s, %s}" % (newSKvar, self.chK, self.chT) savedSK += config.keygenSecVar + " := list" + self.singleSKeysStr self.singleSKeys = True Stmts[i].skipMe = True newLines = [begin] for index, i in enumerate(lines): assert type( Stmts[i] ) == sdl.VarInfo, "transformFunction: blockStmts must be VarInfo Objects." if hasattr(Stmts[i], "skipMe") and Stmts[i].skipMe: continue if Stmts[i].getIsExpandNode() or Stmts[i].getIsList(): #if str(Stmts[i].getAssignVar()) == config.keygenPubVar: # continue #elif str(Stmts[i].getAssignVar()) == config.keygenSecVar: # continue if str(Stmts[i].getAssignVar()) == outputKeyword: newLines.append(self.chK + " := random(ZR)") newLines.append(self.chT + " := random(ZR)") newLines.append(self.ch0 + " := random(G1)") newLines.append(self.ch1 + " := %s ^ %s" % (self.ch0, self.chT)) newLines.append(self.chpk + " := list{" + self.ch0 + ", " + self.ch1 + "}") newLines.append(savedSK) newLines.append(savedPK) # add final output keyword Stmts[i].getAssignNode().getRight().listNodes.append( self.chpk) newLines.append(str(Stmts[i].getAssignNode())) else: newLines.append(str(Stmts[i].getAssignNode())) elif Stmts[i].getIsForLoopBegin(): if Stmts[i].getIsForType(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' for') elif Stmts[i].getIsForAllType(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' forall') newLines.append(str(Stmts[i].getAssignNode())) elif Stmts[i].getIsForLoopEnd(): newLines.append(str(Stmts[i].getAssignNode())) elif Stmts[i].getIsIfElseBegin(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' if') newLines.append(str(Stmts[i].getAssignNode())) else: if self.singleSKeys and str( Stmts[i].getAssignVar()) == config.keygenSecVar: continue if self.singlePKeys and str( Stmts[i].getAssignVar()) == config.keygenPubVar: continue newLines.append(str(Stmts[i].getAssignNode())) newLines.append(end) return newLines # key, dict[key] = value
def modifyVerify(self, config, sigma): # Steps to create the strong 'verify' algorithm # 1. add the statements for verifyConfig = sdl.getVarInfoFuncStmts( config.verifyFuncName ) Stmts = verifyConfig[0] begin = "BEGIN :: func:" + config.verifyFuncName end = "END :: func:" + config.verifyFuncName # 2. obtain program slice of \sigma_2 variables? and include lines = list(Stmts.keys()) lines.sort() newLines = [begin] messageSlice = [] expandCount = 0 for index, i in enumerate(lines): assert type(Stmts[i]) == sdl.VarInfo, "Stmts not VarInfo Objects for some reason." if Stmts[i].getIsExpandNode(): expandCount += 1 if Stmts[i].getAssignVar() == self.messageVar: messageSlice.append(self.messageVar) sigma2Fixed = False lastExpand = False for index, i in enumerate(lines): assert type(Stmts[i]) == sdl.VarInfo, "Stmts not VarInfo Objects for some reason." if lastExpand and len(messageSlice) == 0: newLines.append( self.hashVal + " := H(concat{%s, %s, %s}, ZR)" % (self.chK, self.messageVar, self.sigma2str) ) # s1 := H(concat{k, m, r}, ZR) newLines.append( self.newMsgVal + " := %s(%s, %s, %s)" % (self.chamH, self.chpk, self.hashVal, self.seed) ) # mpr := chamH(chpk, s1, s) lastExpand = False sigma2Fixed = True if sigma2Fixed: # 4. add the rest of code and substitute references from m to m' if self.messageVar in Stmts[i].getVarDeps(): sdl.ASTVisitor( SubstituteVar(self.messageVar, self.newMsgVal) ).preorder( Stmts[i].getAssignNode() ) # modify in place if Stmts[i].getIsExpandNode(): expandCount -= 1 if expandCount == 0: lastExpand = True if str(Stmts[i].getAssignVar()) == config.keygenPubVar: Stmts[i].getAssignNode().getRight().listNodes.insert(0, self.chK) #print("new list: ", Stmts[i].getAssignNode().getRight()) elif str(Stmts[i].getAssignVar()) == config.signatureVar: Stmts[i].getAssignNode().getRight().listNodes.append( self.seed ) newLines.append( str(Stmts[i].getAssignNode()) ) elif Stmts[i].getIsForLoopBegin(): if Stmts[i].getIsForType(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' for') elif Stmts[i].getIsForAllType(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' forall') newLines.append(str(Stmts[i].getAssignNode())) elif Stmts[i].getIsIfElseBegin(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' if') newLines.append( str(Stmts[i].getAssignNode()) ) else: assignVar = str(Stmts[i].getAssignVar()) if assignVar == config.signatureVar: # 5. add seed to output as part of signature if Stmts[i].getIsExpandNode(): if Stmts[i].getAssignNode().getRight() != None: Stmts[i].getAssignNode().getRight().listNodes.append( self.seed ) newLines.append( str(Stmts[i].getAssignNode()) ) else: print("TODO: ", assignVar, " has unexpected structure.") elif assignVar == inputKeyword: inputlistNodes = [] if Stmts[i].getAssignNode().getRight() != None: Stmts[i].getAssignNode().getRight().listNodes.insert(0, self.chpk); inputlistNodes = Stmts[i].getAssignNode().getRight().listNodes # check if signature variables are contained inside the list sigLen = len(set( Stmts[i].getAssignNode().getRight().listNodes ).intersection( sigma['sigma1'] )) + len(set( Stmts[i].getAssignNode().getRight().listNodes ).intersection( sigma['sigma2'] )) if sigLen > 0: Stmts[i].getAssignNode().getRight().listNodes.append( self.seed ) newLines.append( str(Stmts[i].getAssignNode()) ) if self.singleSKeys and config.keygenSecVar in inputlistNodes: newLines.append( config.keygenSecVar + " := expand" + self.singleSKeysStr ) if self.singlePKeys and config.keygenPubVar in inputlistNodes: newLines.append( config.keygenSecVar + " := expand" + self.singlePKeysStr ) elif assignVar == self.messageVar: messageSlice.remove(assignVar) newLines.append( str(Stmts[i].getAssignNode()) ) else: newLines.append( str(Stmts[i].getAssignNode()) ) newLines.append( end ) return newLines
def modifySign(self, config, sigma): # Steps to create the strong 'sign' algorithm # 1. select a new random variable, s (seed) signConfig = sdl.getVarInfoFuncStmts( config.signFuncName ) Stmts = signConfig[0] begin = "BEGIN :: func:" + config.signFuncName end = "END :: func:" + config.signFuncName # 2. obtain program slice of \sigma_2 variables? and include lines = list(Stmts.keys()) lines.sort() newLines = [begin] sigma2 = list(sigma['sigma2']) sigmaStr = "" for i in sigma['sigma2']: sigmaStr += i + ", " sigmaStr = sigmaStr[:-2] self.sigma2str = sigmaStr for index, i in enumerate(lines): assert type(Stmts[i]) == sdl.VarInfo, "Stmts not VarInfo Objects for some reason." if self.messageVarInBody != None and str(Stmts[i].getAssignVar()) == self.messageVarInBody: sdl.ASTVisitor( SubstituteVar(self.messageVar, self.newMsgVal) ).preorder( Stmts[i].getAssignNode() ) # modify in place self.oldMsgStmt = str(Stmts[i].getAssignNode()) Stmts[i].skipMe = True sigma2Fixed = False passedInputLine = False for index, i in enumerate(lines): assert type(Stmts[i]) == sdl.VarInfo, "transformFunction: blockStmts must be VarInfo Objects." if hasattr(Stmts[i], "skipMe") and Stmts[i].skipMe: continue if sigma2Fixed: # 4. add the rest of code and substitute references from m to m' if self.messageVar in Stmts[i].getVarDeps(): sdl.ASTVisitor( SubstituteVar(self.messageVar, self.newMsgVal) ).preorder( Stmts[i].getAssignNode() ) # modify in place if passedInputLine: if self.singleSKeys and config.keygenSecVar in Stmts[i].getVarDeps(): sdl.ASTVisitor( SubstituteVar(config.keygenSecVar, self.newSKvar) ).preorder( Stmts[i].getAssignNode() ) # modify in place if self.singlePKeys and config.keygenPubVar in Stmts[i].getVarDeps(): sdl.ASTVisitor( SubstituteVar(config.keygenPubVar, self.newPKvar) ).preorder( Stmts[i].getAssignNode() ) # modify in place if Stmts[i].getIsExpandNode(): if str(Stmts[i].getAssignVar()) == config.keygenPubVar: Stmts[i].getAssignNode().getRight().listNodes.insert(0, self.chK) #print("new list: ", Stmts[i].getAssignNode().getRight()) elif str(Stmts[i].getAssignVar()) == config.keygenSecVar: Stmts[i].getAssignNode().getRight().listNodes.insert(0, self.chK) Stmts[i].getAssignNode().getRight().listNodes.insert(0, self.chT) newLines.append( str(Stmts[i].getAssignNode()) ) elif Stmts[i].getIsForLoopBegin(): if Stmts[i].getIsForType(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' for') elif Stmts[i].getIsForAllType(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' forall') newLines.append(str(Stmts[i].getAssignNode())) elif Stmts[i].getIsIfElseBegin(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' if') newLines.append( str(Stmts[i].getAssignNode()) ) else: assignVar = str(Stmts[i].getAssignVar()) if assignVar in sigma2: newLines.append( str(Stmts[i].getAssignNode()) ) # 3. add statement for computing m' using original m and \sigma_2 sigma2.remove(assignVar) if len(sigma2) == 0: newLines.append( self.seed + " := random(ZR)" ) newLines.append( self.hashVal + " := H(concat{%s, %s, %s}, ZR)" % (self.chK, self.messageVar, self.sigma2str) ) # s1 := H(concat{k, m, r}, ZR) newLines.append( self.newMsgVal + " := %s(%s, %s, %s)" % (self.chamH, self.chpk, self.hashVal, self.seed) ) # mpr := chamH(chpk, s1, s) if self.messageVarInBody != None: newLines.append( self.oldMsgStmt ) sigma2Fixed = True elif assignVar == config.signatureVar: # 5. add seed to output as part of signature if Stmts[i].getIsList(): if Stmts[i].getAssignNode().getRight() != None: Stmts[i].getAssignNode().getRight().listNodes.append( self.seed ) newLines.append( str(Stmts[i].getAssignNode()) ) else: print("TODO: ", assignVar, " has unexpected structure.") elif assignVar == inputKeyword: passedInputLine = True inputlistNodes = [] if Stmts[i].getAssignNode().getRight() != None: Stmts[i].getAssignNode().getRight().listNodes.insert(0, self.chpk) inputlistNodes = Stmts[i].getAssignNode().getRight().listNodes newLines.append( str(Stmts[i].getAssignNode()) ) if self.singleSKeys and config.keygenSecVar in inputlistNodes: newLines.append( config.keygenSecVar + " := expand" + self.singleSKeysStr ) if self.singlePKeys and config.keygenPubVar in inputlistNodes: newLines.append( config.keygenSecVar + " := expand" + self.singlePKeysStr ) # update old references else: newLines.append( str(Stmts[i].getAssignNode()) ) newLines.append( end ) return newLines
def modifyKeygen(self, config): # append to Setup or Keygen # add chpk to output list, and chK to pk self.singlePKeys = False self.singleSKeys = False (name, varInf) = getVarNameEntryFromAssignInfo(self.assignInfo, config.keygenPubVar) print("Found public key in: ", name) # if name == "setup": # hasattr(config, "setupFuncName"): # setupConfig = sdl.getVarInfoFuncStmts( config.setupFuncName ) # Stmts = setupConfig[0] # begin = "BEGIN :: func:" + config.setupFuncName # end = "END :: func:" + config.setupFuncName # (stmt, types, depList, depListNoExp, infList, infListNoExp) = getVarInfoFuncStmts if name == config.keygenFuncName: keygenConfig = sdl.getVarInfoFuncStmts( config.keygenFuncName ) Stmts = keygenConfig[0] begin = "BEGIN :: func:" + config.keygenFuncName end = "END :: func:" + config.keygenFuncName lines = list(Stmts.keys()) lines.sort() savedSK, savedPK = None, None for index, i in enumerate(lines): assert type(Stmts[i]) == sdl.VarInfo, "transformFunction: blockStmts must be VarInfo Objects." if Stmts[i].getIsExpandNode() or Stmts[i].getIsList(): if str(Stmts[i].getAssignVar()) == config.keygenPubVar: Stmts[i].getAssignNode().getRight().listNodes.insert(0, self.chK) savedPK = str(Stmts[i].getAssignNode()) Stmts[i].skipMe = True elif str(Stmts[i].getAssignVar()) == config.keygenSecVar: Stmts[i].getAssignNode().getRight().listNodes.insert(0, self.chK) Stmts[i].getAssignNode().getRight().listNodes.insert(0, self.chT) savedSK = str(Stmts[i].getAssignNode()) Stmts[i].skipMe = True elif str(Stmts[i].getAssignVar()) == config.keygenPubVar: if savedPK == None: # in case it is a single variable newPKvar = config.keygenPubVar + "0" # TODO: need to verify this variable doesn't exist already too self.newPKvar = newPKvar savedPK = newPKvar + " := " + str(Stmts[i].getAssignNode().getRight()) + "\n" self.singlePKeysStr = "{%s, %s}" % (newPKvar, self.chK) savedPK += config.keygenPubVar + " := list" + self.singlePKeysStr self.singlePKeys = True Stmts[i].skipMe = True elif str(Stmts[i].getAssignVar()) == config.keygenSecVar: if savedSK == None: # in case it is a single variable newSKvar = config.keygenSecVar + "0" # TODO: need to verify this variable doesn't exist already too self.newSKvar = newSKvar savedSK = newSKvar + " := " + str(Stmts[i].getAssignNode().getRight()) + "\n" self.singleSKeysStr = "{%s, %s, %s}" % (newSKvar, self.chK, self.chT) savedSK += config.keygenSecVar + " := list" + self.singleSKeysStr self.singleSKeys = True Stmts[i].skipMe = True newLines = [begin] for index, i in enumerate(lines): assert type(Stmts[i]) == sdl.VarInfo, "transformFunction: blockStmts must be VarInfo Objects." if hasattr(Stmts[i], "skipMe") and Stmts[i].skipMe: continue if Stmts[i].getIsExpandNode() or Stmts[i].getIsList(): #if str(Stmts[i].getAssignVar()) == config.keygenPubVar: # continue #elif str(Stmts[i].getAssignVar()) == config.keygenSecVar: # continue if str(Stmts[i].getAssignVar()) == outputKeyword: newLines.append( self.chK + " := random(ZR)" ) newLines.append( self.chT + " := random(ZR)" ) newLines.append( self.ch0 + " := random(G1)" ) newLines.append( self.ch1 + " := %s ^ %s" % (self.ch0, self.chT)) newLines.append( self.chpk + " := list{" + self.ch0 + ", " + self.ch1 + "}" ) newLines.append( savedSK ) newLines.append( savedPK ) # add final output keyword Stmts[i].getAssignNode().getRight().listNodes.append( self.chpk ) newLines.append( str(Stmts[i].getAssignNode()) ) else: newLines.append( str(Stmts[i].getAssignNode()) ) elif Stmts[i].getIsForLoopBegin(): if Stmts[i].getIsForType(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' for') elif Stmts[i].getIsForAllType(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' forall') newLines.append(str(Stmts[i].getAssignNode())) elif Stmts[i].getIsForLoopEnd(): newLines.append(str(Stmts[i].getAssignNode())) elif Stmts[i].getIsIfElseBegin(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' if') newLines.append( str(Stmts[i].getAssignNode()) ) else: if self.singleSKeys and str(Stmts[i].getAssignVar()) == config.keygenSecVar: continue if self.singlePKeys and str(Stmts[i].getAssignVar()) == config.keygenPubVar: continue newLines.append(str(Stmts[i].getAssignNode())) newLines.append( end ) return newLines # key, dict[key] = value
def runAutoStrong(sdlFile, config, options, sdlVerbose=False): sdl.parseFile(sdlFile, sdlVerbose, ignoreCloudSourcing=True) global assignInfo assignInfo = sdl.getAssignInfo() setting = sdl.assignInfo[sdl.NONE_FUNC_NAME][ALGEBRAIC_SETTING].getAssignNode().getRight().getAttribute() assert setting == sdl.SYMMETRIC_SETTING, "AutoStrong requires a symmetric scheme for simplicity." origVarTypes = dict(sdl.getVarTypes().get(sdl.TYPES_HEADER)) # extract property 1 details... generators = [] if hasattr(config, "setupFuncName"): setupConfig = sdl.getVarInfoFuncStmts( config.setupFuncName ) theStmt, theTypes = setupConfig[0], setupConfig[1] extractGenerators(theStmt, theTypes, generators) if hasattr(config, "keygenFuncName"): keygenConfig = sdl.getVarInfoFuncStmts( config.keygenFuncName ) theStmt, theTypes = keygenConfig[0], keygenConfig[1] extractGenerators(theStmt, theTypes, generators) signConfig = sdl.getVarInfoFuncStmts( config.signFuncName ) signStmts, signTypes = signConfig[0], signConfig[1] extractGenerators(signStmts, signTypes, generators) verifyConfig = sdl.getVarInfoFuncStmts( config.verifyFuncName ) theStmt, theTypes = verifyConfig[0], verifyConfig[1] extractGenerators(theStmt, theTypes, generators) assert len(generators) != 0, "signature scheme does not select any generators?" baseGen = generators[0] print("Base generator: ", baseGen) generators.remove(baseGen) print("Other generator: ", generators) #get config parameters msg = config.messageVar msgList = traceMessage(signStmts, signTypes, msg) if len(msgList) == 0: # msg used directly msgVar = msg else: # indirection on msg msgList.append(msg) msgVar = msgList print("msgVar: ", msgVar) sigVar = config.signatureVar (name, varInf) = getVarNameEntryFromAssignInfo(assignInfo, sigVar) if name != config.signFuncName: sys.exit("runAutoStrong: '%s' not in the sign function." % sigVar) #print("identified signature: ", varInf.getAssignNode()) listVars = varInf.getListNodesList() if len(listVars) == 0: listVars.append(sigVar) # probably just one element in signature #print("list of possible vars: ", listVars) sigma = property1Extract(config.signFuncName, assignInfo, listVars, msgVar) #if testForSUCMA: # quick test for whether scheme is SU-CMA secure already # sigma['sigma1'] += sigma['sigma2'] # sigma['sigma2'] = [] if sdlVerbose: print("sigma1 => ", sigma['sigma1']) print("sigma2 => ", sigma['sigma2']) prop2Result = property2Extract(config.verifyFuncName, assignInfo, baseGen, generators, sigma) noSigma2Result = noSigma2Check(sigma) if options.get(skipTransform): return "skip_transform" if prop2Result and not noSigma2Result: print("Applying BSW transformation...") # extract types for all variables varTypes = sdl.getVarTypes().get(TYPES_HEADER) for i in config.functionOrder: #print("Processing func: ", i) varTypes.update( sdl.getVarTypes().get(i) ) #print("Type variables for all: ", varTypes.keys()) bsw = BSWTransform(assignInfo, origVarTypes, varTypes, msgVar, msgList) newSDL = bsw.constructSDL(config, options, sigma) return newSDL elif prop2Result and noSigma2Result: #print("Signature Scheme Already Strongly Unforgeable!") sys.exit(0) else: print("Applying BS transformation...") return applyBSTransform(sdlFile, config)
def buildMap(generators, varTypes, varList, var, constraintList): global assignInfo removeList = [] if (not set(var).issubset(generators)): print("var keys: ", var) (name, varInf) = getVarNameEntryFromAssignInfo(assignInfo, var) if(name == None): if varInf != None: print("Var : ", varInf.getVarDepsNoExponents()) elif var.find(LIST_INDEX_SYMBOL) != -1: varInf = findVarInfo(var, varTypes) return l = varInf.getVarDepsNoExponents() # print("var:", var, ", output: ", l) # prune 'l' here for i in l: print("name: ", i) # uncomment for ckrs09 error typeI = sdl.getVarTypeFromVarName(i, None, True) print("getVarTypeFromVarName: ", i,":", typeI) if typeI == types.NO_TYPE: node = BinaryNode(ops.ATTR) node.setAttribute(i) print("getVarNameFromListIndices req node: ", node) (funcName , newVarName) = getVarNameFromListIndices(assignInfo, varTypes, node, True) print("funcName: ", funcName) print("newVarName: ", newVarName) if newVarName != None: print("newVarName := ", newVarName) resultVarName = sdl.getVarTypeFromVarName(newVarName, None, True) #print("second attempt: ", newVarName, ":", resultVarName) varList.append(newVarName) else: pass # print("JAA: ADDING to varList: ", i) # varList.append(i) elif typeI in [types.G1]: varList.append(i) elif typeI in [types.ZR, types.str, types.list, types.pol]: (name, varInf) = getVarNameEntryFromAssignInfo(assignInfo, i) if varInf.getIsUsedInHashCalc(): print("adding", i, "to the list") varList.append(str(i)) constraintList.append(str(var)) continue else: pass # print("TODO: missing a case in buildMap: ", typeI) # varList.extend(l) varsToCheck = list(l) for i in varsToCheck: lenBefore = len(varList) buildMap(generators, varTypes, varList, i, constraintList) lenAfter = len(varList) if lenBefore == lenAfter: node = BinaryNode(ops.ATTR) node.setAttribute(i) print("Node :=>", node) (funcName, string) = getVarNameFromListIndices(assignInfo, varTypes, node, True) if string != None: varList.append(string) # for i in removeList: # print("REMOVING: ", i) # print("varList: ", varList) return
def property2Extract(verifyFuncName, assignInfo, baseGen, generators, sigma): #TODO: use term rewriter to breakdown and extract the verification equation # 1) convert the pairing equation to the version expected by our Z3 solver # 2) determine whether the equation satisfies the following constraint: # - \sigma_1 != \sigma_1pr && verify(pk, m, \sigma_1pr, \sigma_2) ==> True # Goal: verify that there is at most one \sigma_1 verifies with \sigma_2 under pk verifyConfig = sdl.getVarInfoFuncStmts( verifyFuncName ) Stmts = verifyConfig[0] lines = list(Stmts.keys()) lines.sort() verifyConds = [] for index, i in enumerate(lines): assert type(Stmts[i]) == sdl.VarInfo, "Stmts not VarInfo Objects for some reason." if Stmts[i].getIsIfElseBegin(): node = Stmts[i].getAssignNode() print("Conditional: ", node.left) # extract equality and decompose... then test whether pairings exist manually verifyConds.append( BinaryNode.copy(node.left) ) genMap = {} for i in generators: new_node = BinaryNode(ops.EXP, BinaryNode(baseGen), BinaryNode(i + "Exp")) genMap[ i ] = new_node freeVars = list(sigma['sigma1']) newVerifyConds = [] verifyThese = [] goalCond = {} for i in verifyConds: if HasPairings(i): print("Original: ", i) v = BinaryNode.copy(i) dep = Decompose(assignInfo, baseGen, freeVars) sdl.ASTVisitor(dep).postorder(i) dep2 = Decompose(assignInfo, baseGen, []) sdl.ASTVisitor(dep2).postorder(v) for x in generators: subVar = SubstituteVarWithNode(x, genMap[x]) sdl.ASTVisitor(subVar).postorder(i) sdl.ASTVisitor(subVar).postorder(v) print("\nStep 1: Decomposed: ", i) #print("\nFull Decomp: ", v) j = BinaryNode.copy(i) j = SimplifyExponents(j, baseGen) v = SimplifyExponents(v, baseGen) tf1 = Transform(baseGen, generators, None) tf2 = Transform(baseGen, generators, None) sdl.ASTVisitor(tf1).postorder(j) sdl.ASTVisitor(tf2).postorder(v) if tf1.shouldReapply(): sdl.ASTVisitor(tf1).postorder(j) if tf2.shouldReapply(): sdl.ASTVisitor(tf2).postorder(v) print("\nStep 2: Simplify & Transform: ", j) #print("\nFull Final: ", v) verifyThese.append( v ) newVerifyConds.append( j ) h = BinaryNode.copy(j) for x in freeVars: newVar = x + "pr" goalCond[ x ] = newVar # used to construct sigma_1 != sigma_1 sdl.ASTVisitor( SubstituteVar(x, newVar) ).postorder(h) newVerifyConds.append( h ) # 2. breakdown varListMap = {} for i in newVerifyConds: ga = GetAttrs(dropPounds=True) sdl.ASTVisitor(ga).postorder(i) varListMap[ str(i) ] = ga.getVarList() # Uncomment for correctness test with the original verification equation. varListMap2 = {} for i in verifyThese: ga = GetAttrs(dropPounds=True) sdl.ASTVisitor(ga).postorder(i) varListMap2[ str(i) ] = ga.getVarList() isCorrect = testCorrectWithZ3(verifyThese, varListMap2) if isCorrect == True: print("Verification Equation Correct!!") else: print("Equation NOT consistent: take a look at your SDL.") print("Result: ", isCorrect) print("\nStep 3: test partition using Z3.") return testPartWithZ3(newVerifyConds, goalCond, varListMap)