def verify(SIG, m, W): HM = BLS_H(m) D = ECp() D.fromBytes(SIG) if D.isinf(): return False if not (curve.r * D).isinf(): return False D = -D PK = ECp2() PK.fromBytes(W) # Use new multi-pairing mechanism r = pair.initmp() pair.another_pc(r, G2_TAB, D) pair.another(r, PK, HM) v = pair.miller(r) #.. or alternatively # G=ecp2.generator() # if G.isinf() : # return False # v = pair.double_ate(G, D, PK, HM) v = pair.fexp(v) if v.isone(): return True return False
def server(ID, Y, SS, U, V): P = H(ID) y = big.from_bytes(Y) Q = ecp2.generator() P = y * P sQ = ECp2() if not sQ.fromBytes(SS): return (False, Fp12(), Fp12()) TU = ECp() if not TU.fromBytes(U): return (False, bytearray(0), bytearray(0)) TV = ECp() if not TV.fromBytes(V): return (False, bytearray(0), bytearray(0)) TU.add(P) # TU.affine() r = pair.double_ate(Q, TV, sQ, TU) r = pair.fexp(r) if r.isone(): return (True, bytearray(0), bytearray(0)) # failed - diagnose it E = r.toBytes() r = pair.e(Q, TU) F = r.toBytes() return (False, E, F)
def add_G1(A, B): """ Add two points in G1: C = A + B """ A1 = ECp() B1 = ECp() if not A1.fromBytes(A): return None if not B1.fromBytes(B): return None A1.add(B1) return A1.toBytes(False)
def extract_pin(ID, PIN, SK): P = H(ID) P = -(PIN * P) S = ECp() if not S.fromBytes(SK): return bytearray(0) S.add(P) # S.affine() return S.toBytes(False)
def client_2(X, Y, ID, PIN, TK): P = H(ID) S = ECp() if not S.fromBytes(TK): return bytearray(0) x = big.from_bytes(X) y = big.from_bytes(Y) x = (x + y) % curve.r x = curve.r - x S.add(PIN * P) S = x * S return S.toBytes(False)
def ECP_SvdpDH(S, W): s = big.from_bytes(S) WP = ECp() if not WP.fromBytes(W): return ECDH_ERROR r = curve.r s %= r WP = s * WP if WP.isinf(): return ECDH_ERROR x = WP.getx() K = big.to_bytes(x) return K
def ECP_PublicKeyValidate(W): r = curve.r p = curve.p WP = ECp() if not WP.fromBytes(W): return ECDH_INVALID_PUBLIC_KEY nb = p.bit_length() k = 1 k = k << (nb + 4) // 2 k += p k //= r while k % 2 == 0: WP.dbl() k //= 2 if k != 1: WP = k * WP if WP.isinf(): return ECDH_INVALID_PUBLIC_KEY return 0
def ECP_SvDSA(P, F, C, D): FS = curve.EFS G = generator() m = hashlib.new(curve.SHA) m.update(F) H = m.digest() HS = m.digest_size if HS >= FS: B = H[0:FS] else: B = bytearray(FS) for i in range(0, HS): B[i + FS - HS] = H[i] c = big.from_bytes(C) d = big.from_bytes(D) f = big.from_bytes(B) r = curve.r if c == 0 or c >= r or d == 0 or d >= r: return False d = big.invmodp(d, r) f = big.modmul(f, d, r) h2 = big.modmul(c, d, r) WP = ECp() if not WP.fromBytes(P): return False P = mul(WP, h2, G, f) if P.isinf(): return False d = P.getx() % r if c != d: return False return True