def modifyVerify(self, config, sigma): # Steps to create the strong 'verify' algorithm # 1. add the statements for verifyConfig = sdl.getVarInfoFuncStmts(config.verifyFuncName) Stmts = verifyConfig[0] begin = "BEGIN :: func:" + config.verifyFuncName end = "END :: func:" + config.verifyFuncName # 2. obtain program slice of \sigma_2 variables? and include lines = list(Stmts.keys()) lines.sort() newLines = [begin] messageSlice = [] expandCount = 0 for index, i in enumerate(lines): assert type( Stmts[i] ) == sdl.VarInfo, "Stmts not VarInfo Objects for some reason." if Stmts[i].getIsExpandNode(): expandCount += 1 if Stmts[i].getAssignVar() == self.messageVar: messageSlice.append(self.messageVar) sigma2Fixed = False lastExpand = False for index, i in enumerate(lines): assert type( Stmts[i] ) == sdl.VarInfo, "Stmts not VarInfo Objects for some reason." if lastExpand and len(messageSlice) == 0: newLines.append(self.hashVal + " := H(concat{%s, %s, %s}, ZR)" % (self.chK, self.messageVar, self.sigma2str) ) # s1 := H(concat{k, m, r}, ZR) newLines.append( self.newMsgVal + " := %s(%s, %s, %s)" % (self.chamH, self.chpk, self.hashVal, self.seed) ) # mpr := chamH(chpk, s1, s) lastExpand = False sigma2Fixed = True if sigma2Fixed: # 4. add the rest of code and substitute references from m to m' if self.messageVar in Stmts[i].getVarDeps(): sdl.ASTVisitor( SubstituteVar( self.messageVar, self.newMsgVal)).preorder( Stmts[i].getAssignNode()) # modify in place if Stmts[i].getIsExpandNode(): expandCount -= 1 if expandCount == 0: lastExpand = True if str(Stmts[i].getAssignVar()) == config.keygenPubVar: Stmts[i].getAssignNode().getRight().listNodes.insert( 0, self.chK) #print("new list: ", Stmts[i].getAssignNode().getRight()) elif str(Stmts[i].getAssignVar()) == config.signatureVar: Stmts[i].getAssignNode().getRight().listNodes.append( self.seed) newLines.append(str(Stmts[i].getAssignNode())) elif Stmts[i].getIsForLoopBegin(): if Stmts[i].getIsForType(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' for') elif Stmts[i].getIsForAllType(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' forall') newLines.append(str(Stmts[i].getAssignNode())) elif Stmts[i].getIsIfElseBegin(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' if') newLines.append(str(Stmts[i].getAssignNode())) else: assignVar = str(Stmts[i].getAssignVar()) if assignVar == config.signatureVar: # 5. add seed to output as part of signature if Stmts[i].getIsExpandNode(): if Stmts[i].getAssignNode().getRight() != None: Stmts[i].getAssignNode().getRight( ).listNodes.append(self.seed) newLines.append(str(Stmts[i].getAssignNode())) else: print("TODO: ", assignVar, " has unexpected structure.") elif assignVar == inputKeyword: inputlistNodes = [] if Stmts[i].getAssignNode().getRight() != None: Stmts[i].getAssignNode().getRight().listNodes.insert( 0, self.chpk) inputlistNodes = Stmts[i].getAssignNode().getRight( ).listNodes # check if signature variables are contained inside the list sigLen = len( set(Stmts[i].getAssignNode().getRight().listNodes). intersection(sigma['sigma1'])) + len( set(Stmts[i].getAssignNode().getRight().listNodes). intersection(sigma['sigma2'])) if sigLen > 0: Stmts[i].getAssignNode().getRight().listNodes.append( self.seed) newLines.append(str(Stmts[i].getAssignNode())) if self.singleSKeys and config.keygenSecVar in inputlistNodes: newLines.append(config.keygenSecVar + " := expand" + self.singleSKeysStr) if self.singlePKeys and config.keygenPubVar in inputlistNodes: newLines.append(config.keygenSecVar + " := expand" + self.singlePKeysStr) elif assignVar == self.messageVar: messageSlice.remove(assignVar) newLines.append(str(Stmts[i].getAssignNode())) else: newLines.append(str(Stmts[i].getAssignNode())) newLines.append(end) return newLines
def property2Extract(verifyFuncName, assignInfo, baseGen, generators, sigma): #TODO: use term rewriter to breakdown and extract the verification equation # 1) convert the pairing equation to the version expected by our Z3 solver # 2) determine whether the equation satisfies the following constraint: # - \sigma_1 != \sigma_1pr && verify(pk, m, \sigma_1pr, \sigma_2) ==> True # Goal: verify that there is at most one \sigma_1 verifies with \sigma_2 under pk verifyConfig = sdl.getVarInfoFuncStmts( verifyFuncName ) Stmts = verifyConfig[0] lines = list(Stmts.keys()) lines.sort() verifyConds = [] for index, i in enumerate(lines): assert type(Stmts[i]) == sdl.VarInfo, "Stmts not VarInfo Objects for some reason." if Stmts[i].getIsIfElseBegin(): node = Stmts[i].getAssignNode() print("Conditional: ", node.left) # extract equality and decompose... then test whether pairings exist manually verifyConds.append( BinaryNode.copy(node.left) ) genMap = {} for i in generators: new_node = BinaryNode(ops.EXP, BinaryNode(baseGen), BinaryNode(i + "Exp")) genMap[ i ] = new_node freeVars = list(sigma['sigma1']) newVerifyConds = [] verifyThese = [] goalCond = {} for i in verifyConds: if HasPairings(i): print("Original: ", i) v = BinaryNode.copy(i) dep = Decompose(assignInfo, baseGen, freeVars) sdl.ASTVisitor(dep).postorder(i) dep2 = Decompose(assignInfo, baseGen, []) sdl.ASTVisitor(dep2).postorder(v) for x in generators: subVar = SubstituteVarWithNode(x, genMap[x]) sdl.ASTVisitor(subVar).postorder(i) sdl.ASTVisitor(subVar).postorder(v) print("\nStep 1: Decomposed: ", i) #print("\nFull Decomp: ", v) j = BinaryNode.copy(i) j = SimplifyExponents(j, baseGen) v = SimplifyExponents(v, baseGen) tf1 = Transform(baseGen, generators, None) tf2 = Transform(baseGen, generators, None) sdl.ASTVisitor(tf1).postorder(j) sdl.ASTVisitor(tf2).postorder(v) if tf1.shouldReapply(): sdl.ASTVisitor(tf1).postorder(j) if tf2.shouldReapply(): sdl.ASTVisitor(tf2).postorder(v) print("\nStep 2: Simplify & Transform: ", j) #print("\nFull Final: ", v) verifyThese.append( v ) newVerifyConds.append( j ) h = BinaryNode.copy(j) for x in freeVars: newVar = x + "pr" goalCond[ x ] = newVar # used to construct sigma_1 != sigma_1 sdl.ASTVisitor( SubstituteVar(x, newVar) ).postorder(h) newVerifyConds.append( h ) # 2. breakdown varListMap = {} for i in newVerifyConds: ga = GetAttrs(dropPounds=True) sdl.ASTVisitor(ga).postorder(i) varListMap[ str(i) ] = ga.getVarList() # Uncomment for correctness test with the original verification equation. varListMap2 = {} for i in verifyThese: ga = GetAttrs(dropPounds=True) sdl.ASTVisitor(ga).postorder(i) varListMap2[ str(i) ] = ga.getVarList() isCorrect = testCorrectWithZ3(verifyThese, varListMap2) if isCorrect == True: print("Verification Equation Correct!!") else: print("Equation NOT consistent: take a look at your SDL.") print("Result: ", isCorrect) print("\nStep 3: test partition using Z3.") return testPartWithZ3(newVerifyConds, goalCond, varListMap)
def modifySign(self, config, sigma): # Steps to create the strong 'sign' algorithm # 1. select a new random variable, s (seed) signConfig = sdl.getVarInfoFuncStmts(config.signFuncName) Stmts = signConfig[0] begin = "BEGIN :: func:" + config.signFuncName end = "END :: func:" + config.signFuncName # 2. obtain program slice of \sigma_2 variables? and include lines = list(Stmts.keys()) lines.sort() newLines = [begin] sigma2 = list(sigma['sigma2']) sigmaStr = "" for i in sigma['sigma2']: sigmaStr += i + ", " sigmaStr = sigmaStr[:-2] self.sigma2str = sigmaStr for index, i in enumerate(lines): assert type( Stmts[i] ) == sdl.VarInfo, "Stmts not VarInfo Objects for some reason." if self.messageVarInBody != None and str( Stmts[i].getAssignVar()) == self.messageVarInBody: sdl.ASTVisitor(SubstituteVar( self.messageVar, self.newMsgVal)).preorder( Stmts[i].getAssignNode()) # modify in place self.oldMsgStmt = str(Stmts[i].getAssignNode()) Stmts[i].skipMe = True sigma2Fixed = False passedInputLine = False for index, i in enumerate(lines): assert type( Stmts[i] ) == sdl.VarInfo, "transformFunction: blockStmts must be VarInfo Objects." if hasattr(Stmts[i], "skipMe") and Stmts[i].skipMe: continue if sigma2Fixed: # 4. add the rest of code and substitute references from m to m' if self.messageVar in Stmts[i].getVarDeps(): sdl.ASTVisitor( SubstituteVar( self.messageVar, self.newMsgVal)).preorder( Stmts[i].getAssignNode()) # modify in place if passedInputLine: if self.singleSKeys and config.keygenSecVar in Stmts[ i].getVarDeps(): sdl.ASTVisitor( SubstituteVar( config.keygenSecVar, self.newSKvar)).preorder( Stmts[i].getAssignNode()) # modify in place if self.singlePKeys and config.keygenPubVar in Stmts[ i].getVarDeps(): sdl.ASTVisitor( SubstituteVar( config.keygenPubVar, self.newPKvar)).preorder( Stmts[i].getAssignNode()) # modify in place if Stmts[i].getIsExpandNode(): if str(Stmts[i].getAssignVar()) == config.keygenPubVar: Stmts[i].getAssignNode().getRight().listNodes.insert( 0, self.chK) #print("new list: ", Stmts[i].getAssignNode().getRight()) elif str(Stmts[i].getAssignVar()) == config.keygenSecVar: Stmts[i].getAssignNode().getRight().listNodes.insert( 0, self.chK) Stmts[i].getAssignNode().getRight().listNodes.insert( 0, self.chT) newLines.append(str(Stmts[i].getAssignNode())) elif Stmts[i].getIsForLoopBegin(): if Stmts[i].getIsForType(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' for') elif Stmts[i].getIsForAllType(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' forall') newLines.append(str(Stmts[i].getAssignNode())) elif Stmts[i].getIsIfElseBegin(): newLines.append("\n" + START_TOKEN + " " + BLOCK_SEP + ' if') newLines.append(str(Stmts[i].getAssignNode())) else: assignVar = str(Stmts[i].getAssignVar()) if assignVar in sigma2: newLines.append(str(Stmts[i].getAssignNode())) # 3. add statement for computing m' using original m and \sigma_2 sigma2.remove(assignVar) if len(sigma2) == 0: newLines.append(self.seed + " := random(ZR)") newLines.append( self.hashVal + " := H(concat{%s, %s, %s}, ZR)" % (self.chK, self.messageVar, self.sigma2str) ) # s1 := H(concat{k, m, r}, ZR) newLines.append( self.newMsgVal + " := %s(%s, %s, %s)" % (self.chamH, self.chpk, self.hashVal, self.seed) ) # mpr := chamH(chpk, s1, s) if self.messageVarInBody != None: newLines.append(self.oldMsgStmt) sigma2Fixed = True elif assignVar == config.signatureVar: # 5. add seed to output as part of signature if Stmts[i].getIsList(): if Stmts[i].getAssignNode().getRight() != None: Stmts[i].getAssignNode().getRight( ).listNodes.append(self.seed) newLines.append(str(Stmts[i].getAssignNode())) else: print("TODO: ", assignVar, " has unexpected structure.") elif assignVar == inputKeyword: passedInputLine = True inputlistNodes = [] if Stmts[i].getAssignNode().getRight() != None: Stmts[i].getAssignNode().getRight().listNodes.insert( 0, self.chpk) inputlistNodes = Stmts[i].getAssignNode().getRight( ).listNodes newLines.append(str(Stmts[i].getAssignNode())) if self.singleSKeys and config.keygenSecVar in inputlistNodes: newLines.append(config.keygenSecVar + " := expand" + self.singleSKeysStr) if self.singlePKeys and config.keygenPubVar in inputlistNodes: newLines.append(config.keygenSecVar + " := expand" + self.singlePKeysStr) # update old references else: newLines.append(str(Stmts[i].getAssignNode())) newLines.append(end) return newLines