else: print "M-Pin Three Pass" PIN = 1234 if MPIN_FULL: time_func('rtn, pc1, pc2 = mpin.precompute(token, hash_mpin_id)', nIter) rtn, pc1, pc2 = mpin.precompute(token, hash_mpin_id) if rtn != 0: print "precompute(token, hash_mpin_id) ERROR %s" % rtn # Client first pass time_func( 'rtn, x, u, ut, sec = mpin.client_1(HASH_TYPE_MPIN, date, mpin_id, rng, None, PIN, token, time_permit)', nIter) rtn, x, u, ut, sec = mpin.client_1(HASH_TYPE_MPIN, date, mpin_id, rng, None, PIN, token, time_permit) if rtn != 0: print "client_1 ERROR %s" % rtn if DEBUG: print "x: %s" % x.encode("hex") # Server calculates H(ID) and H(T|H(ID)) (if time permits enabled), # and maps them to points on the curve HID and HTID resp. time_func('HID, HTID = mpin.server_1(HASH_TYPE_MPIN, date, pID)', nIter) HID, HTID = mpin.server_1(HASH_TYPE_MPIN, date, pID) # Server generates Random number y and sends it to Client time_func('rtn, y = mpin.random_generate(rng)', nIter) rtn, y = mpin.random_generate(rng) if rtn != 0:
def test_1(self): """test_1 Test Vector test""" vectors = json.load(open("./MPINTestVectors.json", "r")) for vector in vectors: print "Test vector {}".format(vector['test_no']) PIN1 = vector['PIN1'] PIN2 = vector['PIN2'] date = vector['DATE'] MS1_HEX = vector['MS1'] MS2_HEX = vector['MS2'] ms1 = MS1_HEX.decode("hex") ms2 = MS2_HEX.decode("hex") # Generate server secret shares rtn, ss1 = mpin.get_server_secret(ms1) self.assertEqual(rtn, 0) self.assertEqual(vector['SS1'], ss1.encode("hex")) rtn, ss2 = mpin.get_server_secret(ms2) self.assertEqual(rtn, 0) self.assertEqual(vector['SS2'], ss2.encode("hex")) # Combine server secret shares rtn, server_secret = mpin.recombine_G2(ss1, ss2) self.assertEqual(rtn, 0) self.assertEqual(vector['SERVER_SECRET'], server_secret.encode("hex")) mpin_id = vector['MPIN_ID_HEX'].decode("hex") # Hash value of MPIN_ID hash_mpin_id = mpin.hash_id(HASH_TYPE_MPIN, mpin_id) self.assertEqual(vector['HASH_MPIN_ID_HEX'], hash_mpin_id.encode("hex")) # Generate client secret shares rtn, cs1 = mpin.get_client_secret(ms1, hash_mpin_id) self.assertEqual(rtn, 0) self.assertEqual(vector['CS1'], cs1.encode("hex")) rtn, cs2 = mpin.get_client_secret(ms2, hash_mpin_id) self.assertEqual(rtn, 0) self.assertEqual(vector['CS2'], cs2.encode("hex")) # Combine client secret shares : TOKEN is the full client secret rtn, client_secret = mpin.recombine_G1(cs1, cs2) self.assertEqual(rtn, 0) self.assertEqual(vector['CLIENT_SECRET'], client_secret.encode("hex")) # Generate Time Permit shares rtn, tp1 = mpin.get_client_permit(HASH_TYPE_MPIN, date, ms1, hash_mpin_id) self.assertEqual(rtn, 0) self.assertEqual(vector['TP1'], tp1.encode("hex")) rtn, tp2 = mpin.get_client_permit(HASH_TYPE_MPIN, date, ms2, hash_mpin_id) self.assertEqual(rtn, 0) self.assertEqual(vector['TP2'], tp2.encode("hex")) # Combine Time Permit shares rtn, time_permit = mpin.recombine_G1(tp1, tp2) self.assertEqual(rtn, 0) self.assertEqual(vector['TIME_PERMIT'], time_permit.encode("hex")) # Client extracts PIN from secret to create Token rtn, token = mpin.extract_pin(HASH_TYPE_MPIN, mpin_id, PIN1, client_secret) self.assertEqual(rtn, 0) self.assertEqual(vector['TOKEN'], token.encode("hex")) x = vector['X'].decode("hex") # Client first pass. Use X value from test vectors rtn, x, u, ut, sec = mpin.client_1(HASH_TYPE_MPIN, date, mpin_id, None, x, PIN2, token, time_permit) self.assertEqual(rtn, 0) self.assertEqual(vector['X'], x.encode("hex")) self.assertEqual(vector['U'], u.encode("hex")) self.assertEqual(vector['UT'], ut.encode("hex")) self.assertEqual(vector['SEC'], sec.encode("hex")) # Server calculates H(ID) and H(T|H(ID)) HID, HTID = mpin.server_1(HASH_TYPE_MPIN, date, mpin_id) # Use Y value from test vectors y = vector['Y'].decode("hex") # Client second pass rtn, v = mpin.client_2(x, y, sec) self.assertEqual(rtn, 0) self.assertEqual(vector['V'], v.encode("hex")) # Server second pass rtn, E, F = mpin.server_2(date, HID, HTID, y, server_secret, u, ut, v) self.assertEqual(rtn, vector['SERVER_OUTPUT'])
def test_1(self): """test_1 Good PIN and good token""" PIN1 = 1234 PIN2 = 1234 # random number generator rng = mpin.create_csprng(self.seed) # Generate Client master secret share for MIRACL and Customer rtn, ms1 = mpin.random_generate(rng) self.assertEqual(rtn, 0) rtn, ms2 = mpin.random_generate(rng) self.assertEqual(rtn, 0) # Generate server secret shares rtn, ss1 = mpin.get_server_secret(ms1) self.assertEqual(rtn, 0) rtn, ss2 = mpin.get_server_secret(ms2) self.assertEqual(rtn, 0) # Combine server secret shares rtn, server_secret = mpin.recombine_G2(ss1, ss2) self.assertEqual(rtn, 0) # Generate client secret shares rtn, cs1 = mpin.get_client_secret(ms1, self.hash_mpin_id) self.assertEqual(rtn, 0) rtn, cs2 = mpin.get_client_secret(ms2, self.hash_mpin_id) self.assertEqual(rtn, 0) # Combine client secret shares rtn, client_secret = mpin.recombine_G1(cs1, cs2) self.assertEqual(rtn, 0) # Generate Time Permit shares rtn, tp1 = mpin.get_client_permit(HASH_TYPE_MPIN, self.date, ms1, self.hash_mpin_id) self.assertEqual(rtn, 0) rtn, tp2 = mpin.get_client_permit(HASH_TYPE_MPIN, self.date, ms2, self.hash_mpin_id) self.assertEqual(rtn, 0) # Combine Time Permit shares rtn, time_permit = mpin.recombine_G1(tp1, tp2) self.assertEqual(rtn, 0) # Client extracts PIN from secret to create Token rtn, token = mpin.extract_pin(HASH_TYPE_MPIN, self.mpin_id, PIN1, client_secret) self.assertEqual(rtn, 0) # Client first pass rtn, x, u, ut, sec = mpin.client_1(HASH_TYPE_MPIN, self.date, self.mpin_id, rng, None, PIN2, token, time_permit) self.assertEqual(rtn, 0) # Server calculates H(ID) and H(T|H(ID)) HID, HTID = mpin.server_1(HASH_TYPE_MPIN, self.date, self.hash_mpin_id) # Server generates Random number Y and sends it to Client rtn, y = mpin.random_generate(rng) self.assertEqual(rtn, 0) # Client second pass rtn, v = mpin.client_2(x, y, sec) self.assertEqual(rtn, 0) # Server second pass rtn, E, F = mpin.server_2(self.date, HID, HTID, y, server_secret, u, ut, v) self.assertEqual(rtn, 0)