def modifyVerify(self, config, sigma):
# Steps to create the strong 'verify' algorithm
# 1. add the statements for
verifyConfig = sdl.getVarInfoFuncStmts(config.verifyFuncName)
Stmts = verifyConfig[0]
begin = "BEGIN :: func:" + config.verifyFuncName
end = "END :: func:" + config.verifyFuncName
# 2. obtain program slice of \sigma_2 variables? and include
lines = list(Stmts.keys())
lines.sort()
newLines = [begin]
messageSlice = []
expandCount = 0
for index, i in enumerate(lines):
assert type(
Stmts[i]
) == sdl.VarInfo, "Stmts not VarInfo Objects for some reason."
if Stmts[i].getIsExpandNode(): expandCount += 1
if Stmts[i].getAssignVar() == self.messageVar:
messageSlice.append(self.messageVar)
sigma2Fixed = False
lastExpand = False
for index, i in enumerate(lines):
assert type(
Stmts[i]
) == sdl.VarInfo, "Stmts not VarInfo Objects for some reason."
if lastExpand and len(messageSlice) == 0:
newLines.append(self.hashVal +
" := H(concat{%s, %s, %s}, ZR)" %
(self.chK, self.messageVar, self.sigma2str)
) # s1 := H(concat{k, m, r}, ZR)
newLines.append(
self.newMsgVal + " := %s(%s, %s, %s)" %
(self.chamH, self.chpk, self.hashVal, self.seed)
) # mpr := chamH(chpk, s1, s)
lastExpand = False
sigma2Fixed = True
if sigma2Fixed:
# 4. add the rest of code and substitute references from m to m'
if self.messageVar in Stmts[i].getVarDeps():
sdl.ASTVisitor(
SubstituteVar(
self.messageVar, self.newMsgVal)).preorder(
Stmts[i].getAssignNode()) # modify in place
if Stmts[i].getIsExpandNode():
expandCount -= 1
if expandCount == 0: lastExpand = True
if str(Stmts[i].getAssignVar()) == config.keygenPubVar:
Stmts[i].getAssignNode().getRight().listNodes.insert(
0, self.chK)
#print("new list: ", Stmts[i].getAssignNode().getRight())
elif str(Stmts[i].getAssignVar()) == config.signatureVar:
Stmts[i].getAssignNode().getRight().listNodes.append(
self.seed)
newLines.append(str(Stmts[i].getAssignNode()))
elif Stmts[i].getIsForLoopBegin():
if Stmts[i].getIsForType():
newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP +
' for')
elif Stmts[i].getIsForAllType():
newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP +
' forall')
newLines.append(str(Stmts[i].getAssignNode()))
elif Stmts[i].getIsIfElseBegin():
newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' if')
newLines.append(str(Stmts[i].getAssignNode()))
else:
assignVar = str(Stmts[i].getAssignVar())
if assignVar == config.signatureVar:
# 5. add seed to output as part of signature
if Stmts[i].getIsExpandNode():
if Stmts[i].getAssignNode().getRight() != None:
Stmts[i].getAssignNode().getRight(
).listNodes.append(self.seed)
newLines.append(str(Stmts[i].getAssignNode()))
else:
print("TODO: ", assignVar,
" has unexpected structure.")
elif assignVar == inputKeyword:
inputlistNodes = []
if Stmts[i].getAssignNode().getRight() != None:
Stmts[i].getAssignNode().getRight().listNodes.insert(
0, self.chpk)
inputlistNodes = Stmts[i].getAssignNode().getRight(
).listNodes
# check if signature variables are contained inside the list
sigLen = len(
set(Stmts[i].getAssignNode().getRight().listNodes).
intersection(sigma['sigma1'])) + len(
set(Stmts[i].getAssignNode().getRight().listNodes).
intersection(sigma['sigma2']))
if sigLen > 0:
Stmts[i].getAssignNode().getRight().listNodes.append(
self.seed)
newLines.append(str(Stmts[i].getAssignNode()))
if self.singleSKeys and config.keygenSecVar in inputlistNodes:
newLines.append(config.keygenSecVar + " := expand" +
self.singleSKeysStr)
if self.singlePKeys and config.keygenPubVar in inputlistNodes:
newLines.append(config.keygenSecVar + " := expand" +
self.singlePKeysStr)
elif assignVar == self.messageVar:
messageSlice.remove(assignVar)
newLines.append(str(Stmts[i].getAssignNode()))
else:
newLines.append(str(Stmts[i].getAssignNode()))
newLines.append(end)
return newLines
def property2Extract(verifyFuncName, assignInfo, baseGen, generators, sigma):
#TODO: use term rewriter to breakdown and extract the verification equation
# 1) convert the pairing equation to the version expected by our Z3 solver
# 2) determine whether the equation satisfies the following constraint:
# - \sigma_1 != \sigma_1pr && verify(pk, m, \sigma_1pr, \sigma_2) ==> True
# Goal: verify that there is at most one \sigma_1 verifies with \sigma_2 under pk
verifyConfig = sdl.getVarInfoFuncStmts( verifyFuncName )
Stmts = verifyConfig[0]
lines = list(Stmts.keys())
lines.sort()
verifyConds = []
for index, i in enumerate(lines):
assert type(Stmts[i]) == sdl.VarInfo, "Stmts not VarInfo Objects for some reason."
if Stmts[i].getIsIfElseBegin():
node = Stmts[i].getAssignNode()
print("Conditional: ", node.left) # extract equality and decompose... then test whether pairings exist manually
verifyConds.append( BinaryNode.copy(node.left) )
genMap = {}
for i in generators:
new_node = BinaryNode(ops.EXP, BinaryNode(baseGen), BinaryNode(i + "Exp"))
genMap[ i ] = new_node
freeVars = list(sigma['sigma1'])
newVerifyConds = []
verifyThese = []
goalCond = {}
for i in verifyConds:
if HasPairings(i):
print("Original: ", i)
v = BinaryNode.copy(i)
dep = Decompose(assignInfo, baseGen, freeVars)
sdl.ASTVisitor(dep).postorder(i)
dep2 = Decompose(assignInfo, baseGen, [])
sdl.ASTVisitor(dep2).postorder(v)
for x in generators:
subVar = SubstituteVarWithNode(x, genMap[x])
sdl.ASTVisitor(subVar).postorder(i)
sdl.ASTVisitor(subVar).postorder(v)
print("\nStep 1: Decomposed: ", i)
#print("\nFull Decomp: ", v)
j = BinaryNode.copy(i)
j = SimplifyExponents(j, baseGen)
v = SimplifyExponents(v, baseGen)
tf1 = Transform(baseGen, generators, None)
tf2 = Transform(baseGen, generators, None)
sdl.ASTVisitor(tf1).postorder(j)
sdl.ASTVisitor(tf2).postorder(v)
if tf1.shouldReapply(): sdl.ASTVisitor(tf1).postorder(j)
if tf2.shouldReapply(): sdl.ASTVisitor(tf2).postorder(v)
print("\nStep 2: Simplify & Transform: ", j)
#print("\nFull Final: ", v)
verifyThese.append( v )
newVerifyConds.append( j )
h = BinaryNode.copy(j)
for x in freeVars:
newVar = x + "pr"
goalCond[ x ] = newVar # used to construct sigma_1 != sigma_1
sdl.ASTVisitor( SubstituteVar(x, newVar) ).postorder(h)
newVerifyConds.append( h )
# 2. breakdown
varListMap = {}
for i in newVerifyConds:
ga = GetAttrs(dropPounds=True)
sdl.ASTVisitor(ga).postorder(i)
varListMap[ str(i) ] = ga.getVarList()
# Uncomment for correctness test with the original verification equation.
varListMap2 = {}
for i in verifyThese:
ga = GetAttrs(dropPounds=True)
sdl.ASTVisitor(ga).postorder(i)
varListMap2[ str(i) ] = ga.getVarList()
isCorrect = testCorrectWithZ3(verifyThese, varListMap2)
if isCorrect == True:
print("Verification Equation Correct!!")
else:
print("Equation NOT consistent: take a look at your SDL.")
print("Result: ", isCorrect)
print("\nStep 3: test partition using Z3.")
return testPartWithZ3(newVerifyConds, goalCond, varListMap)
def modifySign(self, config, sigma):
# Steps to create the strong 'sign' algorithm
# 1. select a new random variable, s (seed)
signConfig = sdl.getVarInfoFuncStmts(config.signFuncName)
Stmts = signConfig[0]
begin = "BEGIN :: func:" + config.signFuncName
end = "END :: func:" + config.signFuncName
# 2. obtain program slice of \sigma_2 variables? and include
lines = list(Stmts.keys())
lines.sort()
newLines = [begin]
sigma2 = list(sigma['sigma2'])
sigmaStr = ""
for i in sigma['sigma2']:
sigmaStr += i + ", "
sigmaStr = sigmaStr[:-2]
self.sigma2str = sigmaStr
for index, i in enumerate(lines):
assert type(
Stmts[i]
) == sdl.VarInfo, "Stmts not VarInfo Objects for some reason."
if self.messageVarInBody != None and str(
Stmts[i].getAssignVar()) == self.messageVarInBody:
sdl.ASTVisitor(SubstituteVar(
self.messageVar, self.newMsgVal)).preorder(
Stmts[i].getAssignNode()) # modify in place
self.oldMsgStmt = str(Stmts[i].getAssignNode())
Stmts[i].skipMe = True
sigma2Fixed = False
passedInputLine = False
for index, i in enumerate(lines):
assert type(
Stmts[i]
) == sdl.VarInfo, "transformFunction: blockStmts must be VarInfo Objects."
if hasattr(Stmts[i], "skipMe") and Stmts[i].skipMe: continue
if sigma2Fixed:
# 4. add the rest of code and substitute references from m to m'
if self.messageVar in Stmts[i].getVarDeps():
sdl.ASTVisitor(
SubstituteVar(
self.messageVar, self.newMsgVal)).preorder(
Stmts[i].getAssignNode()) # modify in place
if passedInputLine:
if self.singleSKeys and config.keygenSecVar in Stmts[
i].getVarDeps():
sdl.ASTVisitor(
SubstituteVar(
config.keygenSecVar, self.newSKvar)).preorder(
Stmts[i].getAssignNode()) # modify in place
if self.singlePKeys and config.keygenPubVar in Stmts[
i].getVarDeps():
sdl.ASTVisitor(
SubstituteVar(
config.keygenPubVar, self.newPKvar)).preorder(
Stmts[i].getAssignNode()) # modify in place
if Stmts[i].getIsExpandNode():
if str(Stmts[i].getAssignVar()) == config.keygenPubVar:
Stmts[i].getAssignNode().getRight().listNodes.insert(
0, self.chK)
#print("new list: ", Stmts[i].getAssignNode().getRight())
elif str(Stmts[i].getAssignVar()) == config.keygenSecVar:
Stmts[i].getAssignNode().getRight().listNodes.insert(
0, self.chK)
Stmts[i].getAssignNode().getRight().listNodes.insert(
0, self.chT)
newLines.append(str(Stmts[i].getAssignNode()))
elif Stmts[i].getIsForLoopBegin():
if Stmts[i].getIsForType():
newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP +
' for')
elif Stmts[i].getIsForAllType():
newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP +
' forall')
newLines.append(str(Stmts[i].getAssignNode()))
elif Stmts[i].getIsIfElseBegin():
newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' if')
newLines.append(str(Stmts[i].getAssignNode()))
else:
assignVar = str(Stmts[i].getAssignVar())
if assignVar in sigma2:
newLines.append(str(Stmts[i].getAssignNode()))
# 3. add statement for computing m' using original m and \sigma_2
sigma2.remove(assignVar)
if len(sigma2) == 0:
newLines.append(self.seed + " := random(ZR)")
newLines.append(
self.hashVal + " := H(concat{%s, %s, %s}, ZR)" %
(self.chK, self.messageVar, self.sigma2str)
) # s1 := H(concat{k, m, r}, ZR)
newLines.append(
self.newMsgVal + " := %s(%s, %s, %s)" %
(self.chamH, self.chpk, self.hashVal, self.seed)
) # mpr := chamH(chpk, s1, s)
if self.messageVarInBody != None:
newLines.append(self.oldMsgStmt)
sigma2Fixed = True
elif assignVar == config.signatureVar:
# 5. add seed to output as part of signature
if Stmts[i].getIsList():
if Stmts[i].getAssignNode().getRight() != None:
Stmts[i].getAssignNode().getRight(
).listNodes.append(self.seed)
newLines.append(str(Stmts[i].getAssignNode()))
else:
print("TODO: ", assignVar,
" has unexpected structure.")
elif assignVar == inputKeyword:
passedInputLine = True
inputlistNodes = []
if Stmts[i].getAssignNode().getRight() != None:
Stmts[i].getAssignNode().getRight().listNodes.insert(
0, self.chpk)
inputlistNodes = Stmts[i].getAssignNode().getRight(
).listNodes
newLines.append(str(Stmts[i].getAssignNode()))
if self.singleSKeys and config.keygenSecVar in inputlistNodes:
newLines.append(config.keygenSecVar + " := expand" +
self.singleSKeysStr)
if self.singlePKeys and config.keygenPubVar in inputlistNodes:
newLines.append(config.keygenSecVar + " := expand" +
self.singlePKeysStr)
# update old references
else:
newLines.append(str(Stmts[i].getAssignNode()))
newLines.append(end)
return newLines
