MastersThesis/PQ_TIIGER_TLS/sal/miracl-ubuntu22-11-04-24/includes/mpin256_BLS48286.h

/*
 * Copyright (c) 2012-2020 MIRACL UK Ltd.
 *
 * This file is part of MIRACL Core
 * (see https://github.com/miracl/core).
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

/**
 * @file mpin.h
 * @author Mike Scott and Kealan McCusker
 * @date 2nd June 2015
 * @brief M-Pin Header file
 *
 * Allows some user configuration
 * defines structures
 * declares functions
 *
 */

#ifndef MPIN_BLS48286_H
#define MPIN_BLS48286_H

#include "pair8_BLS48286.h"
//#include "pbc_support.h"

using namespace core;


namespace BLS48286 {

/* Field size is assumed to be greater than or equal to group size */

#define PGS_BLS48286 MODBYTES_B288_60  /**< MPIN Group Size */
#define PFS_BLS48286 MODBYTES_B288_60  /**< MPIN Field Size */

#define MPIN_OK             0   /**< Function completed without error */
#define MPIN_INVALID_POINT  -14	/**< Point is NOT on the curve */
#define MPIN_BAD_PIN        -19 /**< Bad PIN number entered */

#define MAXPIN 10000         /**< max PIN */
#define PBLEN 14             /**< max length of PIN in bits */

//#define PAS_BLS48286 24        /**< MPIN Symmetric Key Size 192 bits  */
//#define HASH_TYPE_MPIN_BLS48286 SHA384   /**< Choose Hash function */

/* MPIN support functions */
/* MPIN primitives */

/**	@brief Encode a string to a curve point (in constant time)
 *
	@param DST is the Domain Separation Tag
    @param ID is the input string
    @param HCID is the output point in G1
*/
void MPIN_ENCODE_TO_CURVE(octet *DST,octet *ID,octet *HCID);

/**	@brief Extract a PIN number from a client secret
 *
	@param HID is the hashed-to-curve input client identity
	@param pin is an input PIN number
	@param CS is the client secret from which the PIN is to be extracted
	@return 0 or an error code
 */
int MPIN_EXTRACT_PIN(octet *HID, int pin, octet *CS);

/**	@brief Perform first pass of the client side of the 3-pass version of the M-Pin protocol
 *
	@param HID is the hashed-to-curve input client identity
	@param R is a pointer to a cryptographically secure random number generator
	@param x an output internally randomly generated if R!=NULL, otherwise must be provided as an input
	@param pin is the input PIN number
	@param T is the input M-Pin token (the client secret with PIN portion removed)
	@param S is output = CS+TP, where CS=is the reconstructed client secret, and TP is the time permit
	@param U is output = x.H(ID)
	@return 0 or an error code
 */
int MPIN_CLIENT_1(octet *HID, csprng *R, octet *x, int pin, octet *T, octet *S, octet *U);
/**	@brief Generate a random group element
 *
	@param R is a pointer to a cryptographically secure random number generator
	@param S is the output random octet
	@return 0 or an error code
 */
int MPIN_RANDOM_GENERATE(csprng *R, octet *S);
/**	@brief Perform second pass of the client side of the 3-pass version of the M-Pin protocol
 *
	@param x an input, a locally generated random number
	@param y an input random challenge from the server
	@param V on output = -(x+y).V
	@return 0 or an error code
 */
int MPIN_CLIENT_2(octet *x, octet *y, octet *V);
/**	@brief Perform third pass on the server side of the 3-pass version of the M-Pin protocol
 *
	@param HID is input H(ID), a hash of the client ID
	@param y is the input server's randomly generated challenge
	@param SS is the input server secret
	@param U is input from the client = x.H(ID)
	@param V is an input from the client
	@return 0 or an error code
 */
int MPIN_SERVER(octet *HID, octet *y, octet *SS, octet *U, octet *V);
/**	@brief Create a client secret in G1 from a master secret and the client ID
 *
	@param S is an input master secret
	@param HID is the input client identity hashed to point
	@param CS is the full client secret = s.H(ID)
	@return 0 or an error code
 */
int MPIN_GET_CLIENT_SECRET(octet *S, octet *HID, octet *CS);

/**	@brief Create a server secret in G2 from a master secret
 *
	@param S is an input master secret
	@param SS is the server secret = s.Q where Q is a fixed generator of G2
	@return 0 or an error code
 */
int MPIN_GET_SERVER_SECRET(octet *S, octet *SS);
}
#endif
update tiigertls 2024-04-15 09:53:30 +00:00			`/*`
			`* Copyright (c) 2012-2020 MIRACL UK Ltd.`
			`*`
			`* This file is part of MIRACL Core`
			`* (see https://github.com/miracl/core).`
			`*`
			`* Licensed under the Apache License, Version 2.0 (the "License");`
			`* you may not use this file except in compliance with the License.`
			`* You may obtain a copy of the License at`
			`*`
			`* http://www.apache.org/licenses/LICENSE-2.0`
			`*`
			`* Unless required by applicable law or agreed to in writing, software`
			`* distributed under the License is distributed on an "AS IS" BASIS,`
			`* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`* See the License for the specific language governing permissions and`
			`* limitations under the License.`
			`*/`

			`/**`
			`* @file mpin.h`
			`* @author Mike Scott and Kealan McCusker`
			`* @date 2nd June 2015`
			`* @brief M-Pin Header file`
			`*`
			`* Allows some user configuration`
			`* defines structures`
			`* declares functions`
			`*`
			`*/`

			`#ifndef MPIN_BLS48286_H`
			`#define MPIN_BLS48286_H`

			`#include "pair8_BLS48286.h"`
			`//#include "pbc_support.h"`

			`using namespace core;`


			`namespace BLS48286 {`

			`/* Field size is assumed to be greater than or equal to group size */`

			`#define PGS_BLS48286 MODBYTES_B288_60 /*< MPIN Group Size /`
			`#define PFS_BLS48286 MODBYTES_B288_60 /*< MPIN Field Size /`

			`#define MPIN_OK 0 /*< Function completed without error /`
			`#define MPIN_INVALID_POINT -14 /*< Point is NOT on the curve /`
			`#define MPIN_BAD_PIN -19 /*< Bad PIN number entered /`

			`#define MAXPIN 10000 /*< max PIN /`
			`#define PBLEN 14 /*< max length of PIN in bits /`

			`//#define PAS_BLS48286 24 /*< MPIN Symmetric Key Size 192 bits /`
			`//#define HASH_TYPE_MPIN_BLS48286 SHA384 /*< Choose Hash function /`

			`/* MPIN support functions */`
			`/* MPIN primitives */`

			`/** @brief Encode a string to a curve point (in constant time)`
			`*`
			`@param DST is the Domain Separation Tag`
			`@param ID is the input string`
			`@param HCID is the output point in G1`
			`*/`
			`void MPIN_ENCODE_TO_CURVE(octet DST,octet ID,octet *HCID);`

			`/** @brief Extract a PIN number from a client secret`
			`*`
			`@param HID is the hashed-to-curve input client identity`
			`@param pin is an input PIN number`
			`@param CS is the client secret from which the PIN is to be extracted`
			`@return 0 or an error code`
			`*/`
			`int MPIN_EXTRACT_PIN(octet HID, int pin, octet CS);`

			`/** @brief Perform first pass of the client side of the 3-pass version of the M-Pin protocol`
			`*`
			`@param HID is the hashed-to-curve input client identity`
			`@param R is a pointer to a cryptographically secure random number generator`
			`@param x an output internally randomly generated if R!=NULL, otherwise must be provided as an input`
			`@param pin is the input PIN number`
			`@param T is the input M-Pin token (the client secret with PIN portion removed)`
			`@param S is output = CS+TP, where CS=is the reconstructed client secret, and TP is the time permit`
			`@param U is output = x.H(ID)`
			`@return 0 or an error code`
			`*/`
			`int MPIN_CLIENT_1(octet HID, csprng R, octet x, int pin, octet T, octet S, octet U);`
			`/** @brief Generate a random group element`
			`*`
			`@param R is a pointer to a cryptographically secure random number generator`
			`@param S is the output random octet`
			`@return 0 or an error code`
			`*/`
			`int MPIN_RANDOM_GENERATE(csprng R, octet S);`
			`/** @brief Perform second pass of the client side of the 3-pass version of the M-Pin protocol`
			`*`
			`@param x an input, a locally generated random number`
			`@param y an input random challenge from the server`
			`@param V on output = -(x+y).V`
			`@return 0 or an error code`
			`*/`
			`int MPIN_CLIENT_2(octet x, octet y, octet *V);`
			`/** @brief Perform third pass on the server side of the 3-pass version of the M-Pin protocol`
			`*`
			`@param HID is input H(ID), a hash of the client ID`
			`@param y is the input server's randomly generated challenge`
			`@param SS is the input server secret`
			`@param U is input from the client = x.H(ID)`
			`@param V is an input from the client`
			`@return 0 or an error code`
			`*/`
			`int MPIN_SERVER(octet HID, octet y, octet SS, octet U, octet *V);`
			`/** @brief Create a client secret in G1 from a master secret and the client ID`
			`*`
			`@param S is an input master secret`
			`@param HID is the input client identity hashed to point`
			`@param CS is the full client secret = s.H(ID)`
			`@return 0 or an error code`
			`*/`
			`int MPIN_GET_CLIENT_SECRET(octet S, octet HID, octet *CS);`

			`/** @brief Create a server secret in G2 from a master secret`
			`*`
			`@param S is an input master secret`
			`@param SS is the server secret = s.Q where Q is a fixed generator of G2`
			`@return 0 or an error code`
			`*/`
			`int MPIN_GET_SERVER_SECRET(octet S, octet SS);`
			`}`
			`#endif`