323 lines
7.2 KiB
C++
323 lines
7.2 KiB
C++
|
/*
|
||
|
|
* Copyright (c) 2012-2020 MIRACL UK Ltd.
|
||
|
|
*
|
||
|
|
* This file is part of MIRACL Core
|
||
|
|
* (see https://github.com/miracl/core).
|
||
|
|
*
|
||
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||
|
|
* you may not use this file except in compliance with the License.
|
||
|
|
* You may obtain a copy of the License at
|
||
|
|
*
|
||
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||
|
|
*
|
||
|
|
* Unless required by applicable law or agreed to in writing, software
|
||
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||
|
|
* See the License for the specific language governing permissions and
|
||
|
|
* limitations under the License.
|
||
|
|
*/
|
||
|
|
|
||
|
|
/* Test driver and function exerciser for Boneh-Lynn-Shacham BLS Signature API Functions */
|
||
|
|
|
||
|
|
#include <stdio.h>
|
||
|
|
#include <stdlib.h>
|
||
|
|
#include <string.h>
|
||
|
|
#include <time.h>
|
||
|
|
#include "bls_BN254.h"
|
||
|
|
|
||
|
|
#if CHUNK==32 || CHUNK==64
|
||
|
|
#include "bls_BLS12383.h"
|
||
|
|
#include "bls192_BLS24479.h"
|
||
|
|
#include "bls256_BLS48556.h"
|
||
|
|
#endif
|
||
|
|
|
||
|
|
#include "randapi.h"
|
||
|
|
|
||
|
|
/* To reverse the groups G1 and G2, edit BLS*.cpp
|
||
|
|
|
||
|
|
Swap G1 <-> G2
|
||
|
|
Swap ECP <-> ECPn
|
||
|
|
Disable G2 precomputation
|
||
|
|
Switch G1/G2 parameter order in pairing function calls
|
||
|
|
|
||
|
|
#define REVERSE here
|
||
|
|
|
||
|
|
See BLSREV*.cpp
|
||
|
|
|
||
|
|
*/
|
||
|
|
|
||
|
|
//#define REVERSE
|
||
|
|
|
||
|
|
using namespace core;
|
||
|
|
|
||
|
|
static char message[] = "This is a test message";
|
||
|
|
|
||
|
|
int bls_BN254(csprng *RNG)
|
||
|
|
{
|
||
|
|
using namespace BN254;
|
||
|
|
|
||
|
|
int i,res;
|
||
|
|
char s[BGS_BN254];
|
||
|
|
char ikm[64];
|
||
|
|
#ifdef REVERSE
|
||
|
|
char w[BFS_BN254+1], sig[4 * BFS_BN254 + 1]; // w is 2* if not compressed else 1*. sig is 4* if not compressed, else 2*
|
||
|
|
#else
|
||
|
|
char w[4 * BFS_BN254 + 1], sig[BFS_BN254 + 1]; // w is 4* if not compressed else 2*. sig is 2* if not compressed, else 1*
|
||
|
|
#endif
|
||
|
|
octet S = {0, sizeof(s), s};
|
||
|
|
octet W = {0, sizeof(w), w};
|
||
|
|
octet SIG = {0, sizeof(sig), sig};
|
||
|
|
octet IKM = {0, sizeof(ikm), ikm};
|
||
|
|
octet M = {0,sizeof(message), message};
|
||
|
|
|
||
|
|
OCT_jstring(&M,message);
|
||
|
|
|
||
|
|
res = BLS_INIT();
|
||
|
|
if (res == BLS_FAIL)
|
||
|
|
{
|
||
|
|
printf("Failed to initialize\n");
|
||
|
|
return res;
|
||
|
|
}
|
||
|
|
|
||
|
|
OCT_rand(&IKM,RNG,32);
|
||
|
|
//IKM.len=32;
|
||
|
|
//for (i=0;i<IKM.len;i++)
|
||
|
|
// IKM.val[i]=i+1;
|
||
|
|
|
||
|
|
res = BLS_KEY_PAIR_GENERATE(&IKM, &S, &W);
|
||
|
|
if (res == BLS_FAIL)
|
||
|
|
{
|
||
|
|
printf("Failed to generate keys\n");
|
||
|
|
return res;
|
||
|
|
}
|
||
|
|
|
||
|
|
printf("Private key= 0x");
|
||
|
|
OCT_output(&S);
|
||
|
|
printf("Public key= 0x");
|
||
|
|
OCT_output(&W);
|
||
|
|
|
||
|
|
BLS_CORE_SIGN(&SIG, &M, &S);
|
||
|
|
printf("Signature= 0x");
|
||
|
|
OCT_output(&SIG);
|
||
|
|
|
||
|
|
//message[7]='f'; // change the message
|
||
|
|
|
||
|
|
res = BLS_CORE_VERIFY(&SIG, &M, &W);
|
||
|
|
if (res == BLS_OK) printf("Signature is OK\n");
|
||
|
|
else printf("Signature is *NOT* OK\n");
|
||
|
|
return res;
|
||
|
|
}
|
||
|
|
|
||
|
|
#if CHUNK==32 || CHUNK==64
|
||
|
|
|
||
|
|
int bls_BLS12383(csprng *RNG)
|
||
|
|
{
|
||
|
|
using namespace BLS12383;
|
||
|
|
|
||
|
|
int i,res;
|
||
|
|
char s[BGS_BLS12383];
|
||
|
|
char ikm[64];
|
||
|
|
#ifdef REVERSE
|
||
|
|
char w[BFS_BLS12383+1], sig[4 * BFS_BLS12383 + 1];
|
||
|
|
#else
|
||
|
|
char w[4 * BFS_BLS12383 + 1], sig[BFS_BLS12383 + 1];
|
||
|
|
#endif
|
||
|
|
octet S = {0, sizeof(s), s};
|
||
|
|
octet W = {0, sizeof(w), w};
|
||
|
|
octet SIG = {0, sizeof(sig), sig};
|
||
|
|
octet IKM = {0, sizeof(ikm), ikm};
|
||
|
|
octet M = {0,sizeof(message), message};
|
||
|
|
|
||
|
|
OCT_jstring(&M,message);
|
||
|
|
|
||
|
|
res = BLS_INIT();
|
||
|
|
if (res == BLS_FAIL)
|
||
|
|
{
|
||
|
|
printf("Failed to initialize\n");
|
||
|
|
return res;
|
||
|
|
}
|
||
|
|
|
||
|
|
OCT_rand(&IKM,RNG,32);
|
||
|
|
//IKM.len=32;
|
||
|
|
//for (i=0;i<IKM.len;i++)
|
||
|
|
// IKM.val[i]=i+1;
|
||
|
|
|
||
|
|
res = BLS_KEY_PAIR_GENERATE(&IKM, &S, &W);
|
||
|
|
if (res == BLS_FAIL)
|
||
|
|
{
|
||
|
|
printf("Failed to generate keys\n");
|
||
|
|
return res;
|
||
|
|
}
|
||
|
|
|
||
|
|
printf("Private key= 0x");
|
||
|
|
OCT_output(&S);
|
||
|
|
printf("Public key= 0x");
|
||
|
|
OCT_output(&W);
|
||
|
|
|
||
|
|
BLS_CORE_SIGN(&SIG, &M, &S);
|
||
|
|
printf("Signature= 0x");
|
||
|
|
OCT_output(&SIG);
|
||
|
|
|
||
|
|
//message[7]='f'; // change the message
|
||
|
|
|
||
|
|
res = BLS_CORE_VERIFY(&SIG, &M, &W);
|
||
|
|
if (res == BLS_OK) printf("Signature is OK\n");
|
||
|
|
else printf("Signature is *NOT* OK\n");
|
||
|
|
return res;
|
||
|
|
}
|
||
|
|
|
||
|
|
int bls_BLS24479(csprng *RNG)
|
||
|
|
{
|
||
|
|
using namespace BLS24479;
|
||
|
|
|
||
|
|
int i,res;
|
||
|
|
char s[BGS_BLS24479];
|
||
|
|
char ikm[64];
|
||
|
|
#ifdef REVERSE
|
||
|
|
char w[BFS_BLS24479+1], sig[8 * BFS_BLS24479 + 1];
|
||
|
|
#else
|
||
|
|
char w[8 * BFS_BLS24479 + 1], sig[BFS_BLS24479 + 1];
|
||
|
|
#endif
|
||
|
|
octet S = {0, sizeof(s), s};
|
||
|
|
octet W = {0, sizeof(w), w};
|
||
|
|
octet SIG = {0, sizeof(sig), sig};
|
||
|
|
octet IKM = {0, sizeof(ikm), ikm};
|
||
|
|
octet M = {0,sizeof(message), message};
|
||
|
|
|
||
|
|
OCT_jstring(&M,message);
|
||
|
|
|
||
|
|
res = BLS_INIT();
|
||
|
|
if (res == BLS_FAIL)
|
||
|
|
{
|
||
|
|
printf("Failed to initialize\n");
|
||
|
|
return res;
|
||
|
|
}
|
||
|
|
|
||
|
|
OCT_rand(&IKM,RNG,48);
|
||
|
|
//IKM.len=48;
|
||
|
|
//for (i=0;i<IKM.len;i++)
|
||
|
|
// IKM.val[i]=i+1;
|
||
|
|
|
||
|
|
res = BLS_KEY_PAIR_GENERATE(&IKM, &S, &W);
|
||
|
|
if (res == BLS_FAIL)
|
||
|
|
{
|
||
|
|
printf("Failed to generate keys\n");
|
||
|
|
return res;
|
||
|
|
}
|
||
|
|
|
||
|
|
printf("Private key= 0x");
|
||
|
|
OCT_output(&S);
|
||
|
|
printf("Public key= 0x");
|
||
|
|
OCT_output(&W);
|
||
|
|
|
||
|
|
BLS_CORE_SIGN(&SIG, &M, &S);
|
||
|
|
printf("Signature= 0x");
|
||
|
|
OCT_output(&SIG);
|
||
|
|
|
||
|
|
//message[7]='f'; // change the message
|
||
|
|
|
||
|
|
res = BLS_CORE_VERIFY(&SIG, &M, &W);
|
||
|
|
if (res == BLS_OK) printf("Signature is OK\n");
|
||
|
|
else printf("Signature is *NOT* OK\n");
|
||
|
|
return res;
|
||
|
|
}
|
||
|
|
|
||
|
|
int bls_BLS48556(csprng *RNG)
|
||
|
|
{
|
||
|
|
using namespace BLS48556;
|
||
|
|
|
||
|
|
int i,res;
|
||
|
|
char s[BGS_BLS48556];
|
||
|
|
char ikm[64];
|
||
|
|
#ifdef REVERSE
|
||
|
|
char w[BFS_BLS48556+1], sig[16 * BFS_BLS48556 + 1];
|
||
|
|
#else
|
||
|
|
char w[16 * BFS_BLS48556 + 1], sig[BFS_BLS48556 + 1];
|
||
|
|
#endif
|
||
|
|
octet S = {0, sizeof(s), s};
|
||
|
|
octet W = {0, sizeof(w), w};
|
||
|
|
octet SIG = {0, sizeof(sig), sig};
|
||
|
|
octet IKM = {0, sizeof(ikm), ikm};
|
||
|
|
octet M = {0,sizeof(message), message};
|
||
|
|
|
||
|
|
OCT_jstring(&M,message);
|
||
|
|
|
||
|
|
res = BLS_INIT();
|
||
|
|
if (res == BLS_FAIL)
|
||
|
|
{
|
||
|
|
printf("Failed to initialize\n");
|
||
|
|
return res;
|
||
|
|
}
|
||
|
|
|
||
|
|
OCT_rand(&IKM,RNG,64);
|
||
|
|
//IKM.len=64;
|
||
|
|
//for (i=0;i<IKM.len;i++)
|
||
|
|
// IKM.val[i]=i+1;
|
||
|
|
|
||
|
|
res = BLS_KEY_PAIR_GENERATE(&IKM, &S, &W);
|
||
|
|
if (res == BLS_FAIL)
|
||
|
|
{
|
||
|
|
printf("Failed to generate keys\n");
|
||
|
|
return res;
|
||
|
|
}
|
||
|
|
|
||
|
|
printf("Private key= 0x");
|
||
|
|
OCT_output(&S);
|
||
|
|
printf("Public key= 0x");
|
||
|
|
OCT_output(&W);
|
||
|
|
|
||
|
|
BLS_CORE_SIGN(&SIG, &M, &S);
|
||
|
|
printf("Signature= 0x");
|
||
|
|
OCT_output(&SIG);
|
||
|
|
|
||
|
|
//message[7]='f'; // change the message
|
||
|
|
|
||
|
|
res = BLS_CORE_VERIFY(&SIG, &M, &W);
|
||
|
|
if (res == BLS_OK) printf("Signature is OK\n");
|
||
|
|
else printf("Signature is *NOT* OK\n");
|
||
|
|
return res;
|
||
|
|
}
|
||
|
|
|
||
|
|
#endif
|
||
|
|
|
||
|
|
int main()
|
||
|
|
{
|
||
|
|
int i, res;
|
||
|
|
unsigned long ran;
|
||
|
|
|
||
|
|
char raw[100];
|
||
|
|
octet RAW = {0, sizeof(raw), raw};
|
||
|
|
csprng RNG; // Crypto Strong RNG
|
||
|
|
|
||
|
|
time((time_t *)&ran);
|
||
|
|
|
||
|
|
RAW.len = 100; // fake random seed source
|
||
|
|
RAW.val[0] = ran;
|
||
|
|
RAW.val[1] = ran >> 8;
|
||
|
|
RAW.val[2] = ran >> 16;
|
||
|
|
RAW.val[3] = ran >> 24;
|
||
|
|
for (i = 4; i < 100; i++) RAW.val[i] = i;
|
||
|
|
|
||
|
|
CREATE_CSPRNG(&RNG, &RAW); // initialise strong RNG
|
||
|
|
|
||
|
|
printf("%d bit build\n", CHUNK);
|
||
|
|
|
||
|
|
printf("\nTesting BLS signature for curve BN254\n");
|
||
|
|
bls_BN254(&RNG);
|
||
|
|
|
||
|
|
#if CHUNK!=16
|
||
|
|
printf("\nTesting BLS signature for curve BLS12383\n");
|
||
|
|
bls_BLS12383(&RNG);
|
||
|
|
|
||
|
|
printf("\nTesting BLS signature for curve BLS24479\n");
|
||
|
|
bls_BLS24479(&RNG);
|
||
|
|
|
||
|
|
printf("\nTesting BLS signature for curve BLS48556\n");
|
||
|
|
bls_BLS48556(&RNG);
|
||
|
|
#endif
|
||
|
|
|
||
|
|
KILL_CSPRNG(&RNG);
|
||
|
|
}
|
||
|
|
|
||
|
|
|