From 76965de11fb63053f9281380f88673a5922f6262 Mon Sep 17 00:00:00 2001 From: Gulliver Date: Sun, 14 Jul 2024 10:50:42 +0200 Subject: [PATCH 1/4] updated github flow with asio for newer crowcpp --- .github/workflows/cmake.yaml | 35 ++++++++++++++++++----------------- CMakeLists.txt | 11 +++++++---- vcpkg.json | 9 +++++++++ 3 files changed, 34 insertions(+), 21 deletions(-) create mode 100644 vcpkg.json diff --git a/.github/workflows/cmake.yaml b/.github/workflows/cmake.yaml index 6f791ad..6e86440 100644 --- a/.github/workflows/cmake.yaml +++ b/.github/workflows/cmake.yaml @@ -19,28 +19,29 @@ jobs: strategy: fail-fast: false matrix: - os: [ubuntu-latest, macos-latest, windows-latest] + os: [ubuntu-latest, + macos-latest, + windows-latest] steps: - uses: actions/checkout@v3 - name: Prepare dependencies run: | - if [ "$RUNNER_OS" == "Linux" ]; then - sudo apt-get update && \ - sudo apt-get install -yq \ - libboost-system-dev \ - libboost-date-time-dev \ - cmake \ - graphviz doxygen - elif [ "$RUNNER_OS" == "Windows" ]; then - choco install boost-msvc-14.3 graphviz doxygen.install - elif [ "$RUNNER_OS" == "macOS" ]; then - brew install boost graphviz doxygen - else - echo "$RUNNER_OS not supported" - exit 1 - fi - shell: bash + if [ "$RUNNER_OS" == "Linux" ]; then + sudo apt-get update && \ + sudo apt-get install -yq \ + libasio-dev \ + libssl-dev zlib1g-dev \ + cmake graphviz doxygen + elif [ "$RUNNER_OS" == "Windows" ]; then + VCPKG_DEFAULT_TRIPLET=x64-windows vcpkg install + elif [ "$RUNNER_OS" == "macOS" ]; then + brew install asio openssl zlib doxygen graphviz + else + echo "$RUNNER_OS not supported" + exit 1 + fi + shell: bash - name: Configure CMake run: cmake -B build shell: bash diff --git a/CMakeLists.txt b/CMakeLists.txt index 9e88286..a64be4d 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,8 +1,11 @@ -cmake_minimum_required(VERSION 3.1.3) +cmake_minimum_required(VERSION 3.15.0 FATAL_ERROR) + +project(oc-issuer VERSION 0.0.2 LANGUAGES CXX) enable_language(C) enable_language(CXX) set(CMAKE_CXX_STANDARD 17) +set(CMAKE_EXPORT_COMPILE_COMMANDS On) if(POLICY CMP0077) cmake_policy(SET CMP0077 NEW) @@ -14,7 +17,6 @@ else() add_compile_options(-Wall -Wextra -pedantic) endif() -project(oc-issuer VERSION 0.0.2 LANGUAGES CXX) include(FetchContent) @@ -25,11 +27,12 @@ set(CROW_BUILD_EXAMPLES Off) set(CROW_BUILD_TOOLS Off) set(CROW_BUILD_TESTS Off) set(CROW_BUILD_DOCS Off) +set(CROW_FEATURES "ssl;compression") # add crow project to the build FetchContent_Declare(crow GIT_REPOSITORY https://github.com/CrowCpp/Crow.git - GIT_TAG v1.0+5 + GIT_TAG v1.2.0 ) if(NOT crow_POPULATED) @@ -54,7 +57,7 @@ set(CATCH_INSTALL_EXTRAS Off) FetchContent_Declare( Catch2 GIT_REPOSITORY https://github.com/catchorg/Catch2.git - GIT_TAG v3.3.1 + GIT_TAG v3.6.0 ) FetchContent_MakeAvailable(Catch2) diff --git a/vcpkg.json b/vcpkg.json new file mode 100644 index 0000000..799abab --- /dev/null +++ b/vcpkg.json @@ -0,0 +1,9 @@ +{ + "name": "crow", + "version-string": "master", + "dependencies": [ + "asio", + "openssl", + "zlib" + ] +} From f385ad97579c555dfb84711b46ce1459dcc508da Mon Sep 17 00:00:00 2001 From: Gulliver Date: Mon, 23 Jan 2023 18:18:10 +0100 Subject: [PATCH 2/4] included crypto++ lib --- CMakeLists.txt | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index a64be4d..f3e9b79 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -49,6 +49,18 @@ if(NOT expected_POPULATED) FetchContent_Populate(expected) endif(NOT expected_POPULATED) +# add crypt++ (+cmake) library +set(CRYPTOPP_BUILD_TESTING Off) +set(CRYPTOPP_INSTALL Off) + +if(NOT cryptopp_POPULATED) + FetchContent_Declare(cryptopp + GIT_REPOSITORY https://github.com/abdes/cryptopp-cmake.git + GIT_TAG CRYPTOPP_8_7_0) + FetchContent_Populate(cryptopp) + add_subdirectory(${cryptopp_SOURCE_DIR} ${cryptopp_BINARY_DIR}) +endif(NOT cryptopp_POPULATED) + include(CTest) enable_testing() @@ -80,7 +92,7 @@ set(LIB_SOURCES src/big_int.hpp src/big_int.cpp ) add_library(oc-mint-lib ${LIB_SOURCES}) -target_link_libraries(oc-mint-lib PUBLIC Crow::Crow) +target_link_libraries(oc-mint-lib PUBLIC Crow::Crow cryptopp::cryptopp) target_include_directories(oc-mint-lib PUBLIC ${expected_SOURCE_DIR}/include src) add_executable(${PROJECT_NAME} src/main.cpp) From 96d25a0a9a084373b6113ea4bfa674fb48459d99 Mon Sep 17 00:00:00 2001 From: Gulliver Date: Thu, 20 Apr 2023 22:52:56 +0200 Subject: [PATCH 3/4] added test_crypto.cpp with first code for rsa blinding --- CMakeLists.txt | 7 +- test/test_crypto.cpp | 252 +++++++++++++++++++++++++++ test/{test.cpp => test_json_s8n.cpp} | 2 +- 3 files changed, 259 insertions(+), 2 deletions(-) create mode 100644 test/test_crypto.cpp rename test/{test.cpp => test_json_s8n.cpp} (99%) diff --git a/CMakeLists.txt b/CMakeLists.txt index f3e9b79..c04ce90 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -18,6 +18,8 @@ else() endif() +set(CMAKE_EXPORT_COMPILE_COMMANDS ON) + include(FetchContent) # @@ -99,7 +101,10 @@ add_executable(${PROJECT_NAME} src/main.cpp) target_link_libraries(${PROJECT_NAME} PRIVATE oc-mint-lib INTERFACE tl::expected::expected) ## these are unittests that can be run on any platform -add_executable(tests test/test_big_int.cpp test/test.cpp) +add_executable(tests test/test_big_int.cpp + test/test_json_s8n.cpp + test/test_crypto.cpp) + target_link_libraries(tests oc-mint-lib Catch2::Catch2WithMain) diff --git a/test/test_crypto.cpp b/test/test_crypto.cpp new file mode 100644 index 0000000..da002c5 --- /dev/null +++ b/test/test_crypto.cpp @@ -0,0 +1,252 @@ + +#include + +#include "cryptlib.h" +#include "integer.h" +#include "nbtheory.h" +#include "osrng.h" +#include "rsa.h" +#include "sha.h" + +#include +#include + + +CryptoPP::Integer blind_signature(const CryptoPP::SecByteBlock& orig, + CryptoPP::Integer& r, + const CryptoPP::RSA::PublicKey& pub_key, + const CryptoPP::RSA::PrivateKey& priv_key) { + using namespace CryptoPP; + using std::cout; + using std::endl; + + // Convenience + const Integer &n = pub_key.GetModulus(); + const Integer &e = pub_key.GetPublicExponent(); + const Integer &d = priv_key.GetPrivateExponent(); + +// For sizing the hashed message buffer. This should be SHA256 size. + const size_t sig_size = UnsignedMin(SHA256::BLOCKSIZE, n.ByteCount()); +// Scratch + SecByteBlock buff_1, buff_2, buff_3; + + Integer m(orig.data(), orig.size()); + cout << "Message: " << std::hex << m << endl; + + // Hash message per Rabin (1979) + buff_1.resize(sig_size); + SHA256 hash_1; + hash_1.CalculateTruncatedDigest(buff_1, buff_1.size(), orig, orig.size()); + + // H(m) as Integer + Integer hm(buff_1.data(), buff_1.size()); + cout << "H(m): " << std::hex << hm << endl; + + // Blinding factor + Integer b = a_exp_b_mod_c(r, e, n); + cout << "Random: " << std::hex << b << endl; + + // Alice blinded message + Integer mm = a_times_b_mod_c(hm, b, n); + cout << "Blind msg: " << std::hex << mm << endl; + + AutoSeededRandomPool prng; + + // Bob sign + Integer ss = priv_key.CalculateInverse(prng, mm); + cout << "Blind sign: " << ss << endl; + + return ss; +} + +CryptoPP::Integer unblind_signature(CryptoPP::Integer const & ss, + CryptoPP::Integer& r, + + const CryptoPP::RSA::PublicKey& pub_key) +{ + + const CryptoPP::Integer &n = pub_key.GetModulus(); + CryptoPP::Integer s = a_times_b_mod_c(ss, r.InverseMod(n), n); + return s; +} + +CryptoPP::Integer verify(CryptoPP::Integer const & ss, + CryptoPP::Integer& r, + + const CryptoPP::RSA::PublicKey& pub_key) +{ + CryptoPP::Integer s = unblind_signature(ss,r,pub_key); + CryptoPP::Integer v = pub_key.ApplyFunction(s); + return v; +} + +TEST_CASE("cryptopp1", "[crypto]") { + using namespace CryptoPP; + using std::cout; + using std::endl; + using std::runtime_error; + + // Bob artificially small key pair + AutoSeededRandomPool prng; + RSA::PrivateKey priv_key; + + priv_key.GenerateRandomWithKeySize(prng, 64U); + RSA::PublicKey pub_key(priv_key); + + // Convenience + const Integer &n = pub_key.GetModulus(); + const Integer &e = pub_key.GetPublicExponent(); + const Integer &d = priv_key.GetPrivateExponent(); + + // Print params + cout << "Pub mod: " << std::hex << pub_key.GetModulus() << endl; + cout << "Pub exp: " << std::hex << e << endl; + cout << "Priv mod: " << std::hex << priv_key.GetModulus() << endl; + cout << "Priv exp: " << std::hex << d << endl; + const char* MESSAGE = "secret"; + SecByteBlock orig((const byte *)MESSAGE, 6U); + + // Alice blinding + Integer r; + do { + r.Randomize(prng, Integer::One(), n - Integer::One()); + } while (!RelativelyPrime(r, n)); + CryptoPP::Integer ss = blind_signature(orig, + r, + pub_key, + priv_key); + // Alice checks s(s'(x)) = x. This is from Chaum's paper + Integer c = pub_key.ApplyFunction(ss); + cout << "Check sign: " << c << endl; + //if (c != mm) { + // throw runtime_error("Alice cross-check failed"); + // } + // Alice remove blinding + Integer s = unblind_signature(ss, r, pub_key); + cout << "Unblind sign: " << s << endl; + + // Eve verifies + Integer v = verify(ss, r, pub_key); + cout << "Verify: " << std::hex << v << endl; + + // Scratch + SecByteBlock buff_2, buff_3; + + // Convert to a string + size_t req = v.MinEncodedSize(); + buff_2.resize(req); + v.Encode(&buff_2[0], buff_2.size()); + + // Hash message per Rabin (1979) + const size_t sig_size = UnsignedMin(SHA256::BLOCKSIZE, n.ByteCount()); + buff_3.resize(sig_size); + SHA256 hash_2; + hash_2.CalculateTruncatedDigest(buff_3, buff_3.size(), orig, orig.size()); + + // Constant time compare + bool equal = buff_2.size() == buff_3.size() && + VerifyBufsEqual(buff_2.data(), buff_3.data(), buff_3.size()); + + if (!equal) { + throw runtime_error("Eve verified failed"); + } + cout << "Verified signature" << endl; + + +} + +TEST_CASE("cryptopp", "[crypto]") { + using namespace CryptoPP; + using std::cout; + using std::endl; + using std::runtime_error; + + // Bob artificially small key pair + AutoSeededRandomPool prng; + RSA::PrivateKey priv_key; + + priv_key.GenerateRandomWithKeySize(prng, 64U); + RSA::PublicKey pub_key(priv_key); + + // Convenience + const Integer &n = pub_key.GetModulus(); + const Integer &e = pub_key.GetPublicExponent(); + const Integer &d = priv_key.GetPrivateExponent(); + + // Print params + cout << "Pub mod: " << std::hex << pub_key.GetModulus() << endl; + cout << "Pub exp: " << std::hex << e << endl; + cout << "Priv mod: " << std::hex << priv_key.GetModulus() << endl; + cout << "Priv exp: " << std::hex << d << endl; + + // For sizing the hashed message buffer. This should be SHA256 size. + const size_t sig_size = UnsignedMin(SHA256::BLOCKSIZE, n.ByteCount()); + + // Scratch + SecByteBlock buff_1, buff_2, buff_3; + + // Alice original message to be signed by Bob + SecByteBlock orig((const byte *)"secret", 6U); + Integer m(orig.data(), orig.size()); + cout << "Message: " << std::hex << m << endl; + + // Hash message per Rabin (1979) + buff_1.resize(sig_size); + SHA256 hash_1; + hash_1.CalculateTruncatedDigest(buff_1, buff_1.size(), orig, orig.size()); + + // H(m) as Integer + Integer hm(buff_1.data(), buff_1.size()); + cout << "H(m): " << std::hex << hm << endl; + + // Alice blinding + Integer r; + do { + r.Randomize(prng, Integer::One(), n - Integer::One()); + } while (!RelativelyPrime(r, n)); + + // Blinding factor + Integer b = a_exp_b_mod_c(r, e, n); + cout << "Random: " << std::hex << b << endl; + + // Alice blinded message + Integer mm = a_times_b_mod_c(hm, b, n); + cout << "Blind msg: " << std::hex << mm << endl; + + // Bob sign + Integer ss = priv_key.CalculateInverse(prng, mm); + cout << "Blind sign: " << ss << endl; + + // Alice checks s(s'(x)) = x. This is from Chaum's paper + Integer c = pub_key.ApplyFunction(ss); + cout << "Check sign: " << c << endl; + if (c != mm) { + throw runtime_error("Alice cross-check failed"); + } + // Alice remove blinding + Integer s = a_times_b_mod_c(ss, r.InverseMod(n), n); + cout << "Unblind sign: " << s << endl; + + // Eve verifies + Integer v = pub_key.ApplyFunction(s); + cout << "Verify: " << std::hex << v << endl; + + // Convert to a string + size_t req = v.MinEncodedSize(); + buff_2.resize(req); + v.Encode(&buff_2[0], buff_2.size()); + + // Hash message per Rabin (1979) + buff_3.resize(sig_size); + SHA256 hash_2; + hash_2.CalculateTruncatedDigest(buff_3, buff_3.size(), orig, orig.size()); + + // Constant time compare + bool equal = buff_2.size() == buff_3.size() && + VerifyBufsEqual(buff_2.data(), buff_3.data(), buff_3.size()); + + if (!equal) { + throw runtime_error("Eve verified failed"); + } + cout << "Verified signature" << endl; +} diff --git a/test/test.cpp b/test/test_json_s8n.cpp similarity index 99% rename from test/test.cpp rename to test/test_json_s8n.cpp index 5045313..a5f46a1 100644 --- a/test/test.cpp +++ b/test/test_json_s8n.cpp @@ -12,7 +12,7 @@ TEST_CASE( "PublicKey::to_json", "[to_json]" ) { REQUIRE( json["modulus"].dump() == "\"" + k.modulus.to_string() + "\"" ); REQUIRE( json["public_exponent"].dump() == "\"" + k.public_exponent.to_string()+"\"" ); REQUIRE( json["type"].dump() == "\"rsa public key\"" ); - REQUIRE( json.keys().size() == 3 ); + REQUIRE( json.keys().size() == 3U ); } TEST_CASE("RequestCDDCSerial::from_string", "[from_string]") { From 2a33e4137679331f6b8d65d3f14e2f99cffb0628 Mon Sep 17 00:00:00 2001 From: Gulliver Date: Sun, 14 Jul 2024 10:18:41 +0200 Subject: [PATCH 4/4] removed cryptopp, openssl shall be used instead for blinding (but not implemented yet) --- CMakeLists.txt | 21 ++- test/test_crypto.cpp | 438 +++++++++++++++++++++---------------------- 2 files changed, 229 insertions(+), 230 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index c04ce90..b17bc32 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -7,6 +7,7 @@ enable_language(CXX) set(CMAKE_CXX_STANDARD 17) set(CMAKE_EXPORT_COMPILE_COMMANDS On) +set(CMAKE_POLICY_DEFAULT_CMP0077 NEW) if(POLICY CMP0077) cmake_policy(SET CMP0077 NEW) endif() @@ -52,16 +53,16 @@ if(NOT expected_POPULATED) endif(NOT expected_POPULATED) # add crypt++ (+cmake) library -set(CRYPTOPP_BUILD_TESTING Off) -set(CRYPTOPP_INSTALL Off) +#set(CRYPTOPP_BUILD_TESTING Off) +#set(CRYPTOPP_INSTALL Off) -if(NOT cryptopp_POPULATED) - FetchContent_Declare(cryptopp - GIT_REPOSITORY https://github.com/abdes/cryptopp-cmake.git - GIT_TAG CRYPTOPP_8_7_0) - FetchContent_Populate(cryptopp) - add_subdirectory(${cryptopp_SOURCE_DIR} ${cryptopp_BINARY_DIR}) -endif(NOT cryptopp_POPULATED) +#if(NOT cryptopp_POPULATED) +# FetchContent_Declare(cryptopp +# GIT_REPOSITORY https://github.com/abdes/cryptopp-cmake.git +# GIT_TAG CRYPTOPP_8_7_0_1) +# FetchContent_Populate(cryptopp) +# add_subdirectory(${cryptopp_SOURCE_DIR} ${cryptopp_BINARY_DIR}) +#endif(NOT cryptopp_POPULATED) include(CTest) enable_testing() @@ -94,7 +95,7 @@ set(LIB_SOURCES src/big_int.hpp src/big_int.cpp ) add_library(oc-mint-lib ${LIB_SOURCES}) -target_link_libraries(oc-mint-lib PUBLIC Crow::Crow cryptopp::cryptopp) +target_link_libraries(oc-mint-lib PUBLIC Crow::Crow) # cryptopp::cryptopp) target_include_directories(oc-mint-lib PUBLIC ${expected_SOURCE_DIR}/include src) add_executable(${PROJECT_NAME} src/main.cpp) diff --git a/test/test_crypto.cpp b/test/test_crypto.cpp index da002c5..5b5e485 100644 --- a/test/test_crypto.cpp +++ b/test/test_crypto.cpp @@ -1,252 +1,250 @@ #include -#include "cryptlib.h" -#include "integer.h" -#include "nbtheory.h" -#include "osrng.h" -#include "rsa.h" -#include "sha.h" +//#include "cryptlib.h" +//#include "integer.h" +//#include "nbtheory.h" +//#include "osrng.h" +//#include "rsa.h" +//#include "sha.h" #include #include - -CryptoPP::Integer blind_signature(const CryptoPP::SecByteBlock& orig, - CryptoPP::Integer& r, - const CryptoPP::RSA::PublicKey& pub_key, - const CryptoPP::RSA::PrivateKey& priv_key) { - using namespace CryptoPP; - using std::cout; - using std::endl; +/* +CryptoPP::Integer blind_signature(const CryptoPP::SecByteBlock &orig, + const CryptoPP::Integer &r, + const CryptoPP::RSA::PublicKey &pub_key, + const CryptoPP::RSA::PrivateKey &priv_key) { + using namespace CryptoPP; + using std::cout; + using std::endl; // Convenience - const Integer &n = pub_key.GetModulus(); - const Integer &e = pub_key.GetPublicExponent(); - const Integer &d = priv_key.GetPrivateExponent(); + const Integer &n = pub_key.GetModulus(); + const Integer &e = pub_key.GetPublicExponent(); +// const Integer &d = priv_key.GetPrivateExponent(); // For sizing the hashed message buffer. This should be SHA256 size. - const size_t sig_size = UnsignedMin(SHA256::BLOCKSIZE, n.ByteCount()); + const size_t sig_size = UnsignedMin(SHA256::BLOCKSIZE, n.ByteCount()); // Scratch - SecByteBlock buff_1, buff_2, buff_3; + SecByteBlock buff_1, buff_2, buff_3; - Integer m(orig.data(), orig.size()); - cout << "Message: " << std::hex << m << endl; + Integer m(orig.data(), orig.size()); + cout << "Message: " << std::hex << m << endl; - // Hash message per Rabin (1979) - buff_1.resize(sig_size); - SHA256 hash_1; - hash_1.CalculateTruncatedDigest(buff_1, buff_1.size(), orig, orig.size()); + // Hash message per Rabin (1979) + buff_1.resize(sig_size); + SHA256 hash_1; + hash_1.CalculateTruncatedDigest(buff_1, buff_1.size(), orig, orig.size()); - // H(m) as Integer - Integer hm(buff_1.data(), buff_1.size()); - cout << "H(m): " << std::hex << hm << endl; + // H(m) as Integer + Integer hm(buff_1.data(), buff_1.size()); + cout << "H(m): " << std::hex << hm << endl; - // Blinding factor - Integer b = a_exp_b_mod_c(r, e, n); - cout << "Random: " << std::hex << b << endl; + // Blinding factor + Integer b = a_exp_b_mod_c(r, e, n); + cout << "Random: " << std::hex << b << endl; - // Alice blinded message - Integer mm = a_times_b_mod_c(hm, b, n); - cout << "Blind msg: " << std::hex << mm << endl; + // Alice blinded message + Integer mm = a_times_b_mod_c(hm, b, n); + cout << "Blind msg: " << std::hex << mm << endl; - AutoSeededRandomPool prng; + AutoSeededRandomPool prng; - // Bob sign - Integer ss = priv_key.CalculateInverse(prng, mm); - cout << "Blind sign: " << ss << endl; + // Bob sign + Integer ss = priv_key.CalculateInverse(prng, mm); + cout << "Blind sign: " << ss << endl; - return ss; + return ss; } -CryptoPP::Integer unblind_signature(CryptoPP::Integer const & ss, - CryptoPP::Integer& r, - - const CryptoPP::RSA::PublicKey& pub_key) -{ - - const CryptoPP::Integer &n = pub_key.GetModulus(); - CryptoPP::Integer s = a_times_b_mod_c(ss, r.InverseMod(n), n); - return s; +CryptoPP::Integer unblind_signature(const CryptoPP::Integer &ss, + const CryptoPP::Integer &r, + const CryptoPP::RSA::PublicKey &pub_key) { + + const CryptoPP::Integer &n = pub_key.GetModulus(); + CryptoPP::Integer s = a_times_b_mod_c(ss, r.InverseMod(n), n); + return s; } -CryptoPP::Integer verify(CryptoPP::Integer const & ss, - CryptoPP::Integer& r, - - const CryptoPP::RSA::PublicKey& pub_key) -{ - CryptoPP::Integer s = unblind_signature(ss,r,pub_key); - CryptoPP::Integer v = pub_key.ApplyFunction(s); - return v; +CryptoPP::Integer verify(CryptoPP::Integer const &ss, + const CryptoPP::Integer &r, + const CryptoPP::RSA::PublicKey &pub_key) { + CryptoPP::Integer s = unblind_signature(ss, r, pub_key); + CryptoPP::Integer v = pub_key.ApplyFunction(s); + return v; } TEST_CASE("cryptopp1", "[crypto]") { - using namespace CryptoPP; - using std::cout; - using std::endl; - using std::runtime_error; - - // Bob artificially small key pair - AutoSeededRandomPool prng; - RSA::PrivateKey priv_key; - - priv_key.GenerateRandomWithKeySize(prng, 64U); - RSA::PublicKey pub_key(priv_key); - - // Convenience - const Integer &n = pub_key.GetModulus(); - const Integer &e = pub_key.GetPublicExponent(); - const Integer &d = priv_key.GetPrivateExponent(); - - // Print params - cout << "Pub mod: " << std::hex << pub_key.GetModulus() << endl; - cout << "Pub exp: " << std::hex << e << endl; - cout << "Priv mod: " << std::hex << priv_key.GetModulus() << endl; - cout << "Priv exp: " << std::hex << d << endl; - const char* MESSAGE = "secret"; - SecByteBlock orig((const byte *)MESSAGE, 6U); - - // Alice blinding - Integer r; - do { - r.Randomize(prng, Integer::One(), n - Integer::One()); - } while (!RelativelyPrime(r, n)); - CryptoPP::Integer ss = blind_signature(orig, - r, - pub_key, - priv_key); - // Alice checks s(s'(x)) = x. This is from Chaum's paper - Integer c = pub_key.ApplyFunction(ss); - cout << "Check sign: " << c << endl; - //if (c != mm) { - // throw runtime_error("Alice cross-check failed"); - // } - // Alice remove blinding - Integer s = unblind_signature(ss, r, pub_key); - cout << "Unblind sign: " << s << endl; - - // Eve verifies - Integer v = verify(ss, r, pub_key); - cout << "Verify: " << std::hex << v << endl; - - // Scratch - SecByteBlock buff_2, buff_3; - - // Convert to a string - size_t req = v.MinEncodedSize(); - buff_2.resize(req); - v.Encode(&buff_2[0], buff_2.size()); - - // Hash message per Rabin (1979) - const size_t sig_size = UnsignedMin(SHA256::BLOCKSIZE, n.ByteCount()); - buff_3.resize(sig_size); - SHA256 hash_2; - hash_2.CalculateTruncatedDigest(buff_3, buff_3.size(), orig, orig.size()); - - // Constant time compare - bool equal = buff_2.size() == buff_3.size() && - VerifyBufsEqual(buff_2.data(), buff_3.data(), buff_3.size()); - - if (!equal) { - throw runtime_error("Eve verified failed"); - } - cout << "Verified signature" << endl; + using namespace CryptoPP; + using std::cout; + using std::endl; + using std::runtime_error; + // Bob artificially small key pair + AutoSeededRandomPool prng; + RSA::PrivateKey priv_key; + + priv_key.GenerateRandomWithKeySize(prng, 64U); + RSA::PublicKey pub_key(priv_key); + + // Convenience + const Integer &n = pub_key.GetModulus(); + const Integer &e = pub_key.GetPublicExponent(); + const Integer &d = priv_key.GetPrivateExponent(); + + // Print params + cout << "Pub mod: " << std::hex << pub_key.GetModulus() << endl; + cout << "Pub exp: " << std::hex << e << endl; + cout << "Priv mod: " << std::hex << priv_key.GetModulus() << endl; + cout << "Priv exp: " << std::hex << d << endl; + const char *MESSAGE = "secret"; + SecByteBlock orig((const byte *) MESSAGE, 6U); + + // Alice blinding + Integer r; + do { + r.Randomize(prng, Integer::One(), n - Integer::One()); + } while (!RelativelyPrime(r, n)); + CryptoPP::Integer ss = blind_signature(orig, + r, + pub_key, + priv_key); + // Alice checks s(s'(x)) = x. This is from Chaum's paper + Integer c = pub_key.ApplyFunction(ss); + cout << "Check sign: " << c << endl; + //if (c != mm) { + // throw runtime_error("Alice cross-check failed"); + // } + // Alice remove blinding + Integer s = unblind_signature(ss, r, pub_key); + cout << "Unblind sign: " << s << endl; + + // Eve verifies + Integer v = verify(ss, r, pub_key); + cout << "Verify: " << std::hex << v << endl; + + // Scratch + SecByteBlock buff_2, buff_3; + + // Convert to a string + size_t req = v.MinEncodedSize(); + buff_2.resize(req); + v.Encode(&buff_2[0], buff_2.size()); + + // Hash message per Rabin (1979) + const size_t sig_size = UnsignedMin(SHA256::BLOCKSIZE, n.ByteCount()); + buff_3.resize(sig_size); + SHA256 hash_2; + hash_2.CalculateTruncatedDigest(buff_3, buff_3.size(), orig, orig.size()); + + // Constant time compare + bool equal = buff_2.size() == buff_3.size() && + VerifyBufsEqual(buff_2.data(), buff_3.data(), buff_3.size()); + + if (!equal) { + throw runtime_error("Eve verified failed"); + } + cout << "Verified signature" << endl; -} +} +*/ +/* TEST_CASE("cryptopp", "[crypto]") { - using namespace CryptoPP; - using std::cout; - using std::endl; - using std::runtime_error; - - // Bob artificially small key pair - AutoSeededRandomPool prng; - RSA::PrivateKey priv_key; - - priv_key.GenerateRandomWithKeySize(prng, 64U); - RSA::PublicKey pub_key(priv_key); - - // Convenience - const Integer &n = pub_key.GetModulus(); - const Integer &e = pub_key.GetPublicExponent(); - const Integer &d = priv_key.GetPrivateExponent(); - - // Print params - cout << "Pub mod: " << std::hex << pub_key.GetModulus() << endl; - cout << "Pub exp: " << std::hex << e << endl; - cout << "Priv mod: " << std::hex << priv_key.GetModulus() << endl; - cout << "Priv exp: " << std::hex << d << endl; - - // For sizing the hashed message buffer. This should be SHA256 size. - const size_t sig_size = UnsignedMin(SHA256::BLOCKSIZE, n.ByteCount()); - - // Scratch - SecByteBlock buff_1, buff_2, buff_3; - - // Alice original message to be signed by Bob - SecByteBlock orig((const byte *)"secret", 6U); - Integer m(orig.data(), orig.size()); - cout << "Message: " << std::hex << m << endl; - - // Hash message per Rabin (1979) - buff_1.resize(sig_size); - SHA256 hash_1; - hash_1.CalculateTruncatedDigest(buff_1, buff_1.size(), orig, orig.size()); - - // H(m) as Integer - Integer hm(buff_1.data(), buff_1.size()); - cout << "H(m): " << std::hex << hm << endl; - - // Alice blinding - Integer r; - do { - r.Randomize(prng, Integer::One(), n - Integer::One()); - } while (!RelativelyPrime(r, n)); - - // Blinding factor - Integer b = a_exp_b_mod_c(r, e, n); - cout << "Random: " << std::hex << b << endl; - - // Alice blinded message - Integer mm = a_times_b_mod_c(hm, b, n); - cout << "Blind msg: " << std::hex << mm << endl; - - // Bob sign - Integer ss = priv_key.CalculateInverse(prng, mm); - cout << "Blind sign: " << ss << endl; - - // Alice checks s(s'(x)) = x. This is from Chaum's paper - Integer c = pub_key.ApplyFunction(ss); - cout << "Check sign: " << c << endl; - if (c != mm) { - throw runtime_error("Alice cross-check failed"); - } - // Alice remove blinding - Integer s = a_times_b_mod_c(ss, r.InverseMod(n), n); - cout << "Unblind sign: " << s << endl; - - // Eve verifies - Integer v = pub_key.ApplyFunction(s); - cout << "Verify: " << std::hex << v << endl; - - // Convert to a string - size_t req = v.MinEncodedSize(); - buff_2.resize(req); - v.Encode(&buff_2[0], buff_2.size()); - - // Hash message per Rabin (1979) - buff_3.resize(sig_size); - SHA256 hash_2; - hash_2.CalculateTruncatedDigest(buff_3, buff_3.size(), orig, orig.size()); - - // Constant time compare - bool equal = buff_2.size() == buff_3.size() && - VerifyBufsEqual(buff_2.data(), buff_3.data(), buff_3.size()); - - if (!equal) { - throw runtime_error("Eve verified failed"); - } - cout << "Verified signature" << endl; + using namespace CryptoPP; + using std::cout; + using std::endl; + using std::runtime_error; + + // Bob artificially small key pair + AutoSeededRandomPool prng; + RSA::PrivateKey priv_key; + + priv_key.GenerateRandomWithKeySize(prng, 64U); + RSA::PublicKey pub_key(priv_key); + + // Convenience + const Integer &n = pub_key.GetModulus(); + const Integer &e = pub_key.GetPublicExponent(); + const Integer &d = priv_key.GetPrivateExponent(); + + // Print params + cout << "Pub mod: " << std::hex << pub_key.GetModulus() << endl; + cout << "Pub exp: " << std::hex << e << endl; + cout << "Priv mod: " << std::hex << priv_key.GetModulus() << endl; + cout << "Priv exp: " << std::hex << d << endl; + + // For sizing the hashed message buffer. This should be SHA256 size. + const size_t sig_size = UnsignedMin(SHA256::BLOCKSIZE, n.ByteCount()); + + // Scratch + SecByteBlock buff_1, buff_2, buff_3; + + // Alice original message to be signed by Bob + SecByteBlock orig((const byte *) "secret", 6U); + Integer m(orig.data(), orig.size()); + cout << "Message: " << std::hex << m << endl; + + // Hash message per Rabin (1979) + buff_1.resize(sig_size); + SHA256 hash_1; + hash_1.CalculateTruncatedDigest(buff_1, buff_1.size(), orig, orig.size()); + + // H(m) as Integer + Integer hm(buff_1.data(), buff_1.size()); + cout << "H(m): " << std::hex << hm << endl; + + // Alice blinding + Integer r; + do { + r.Randomize(prng, Integer::One(), n - Integer::One()); + } while (!RelativelyPrime(r, n)); + + // Blinding factor + Integer b = a_exp_b_mod_c(r, e, n); + cout << "Random: " << std::hex << b << endl; + + // Alice blinded message + Integer mm = a_times_b_mod_c(hm, b, n); + cout << "Blind msg: " << std::hex << mm << endl; + + // Bob sign + Integer ss = priv_key.CalculateInverse(prng, mm); + cout << "Blind sign: " << ss << endl; + + // Alice checks s(s'(x)) = x. This is from Chaum's paper + Integer c = pub_key.ApplyFunction(ss); + cout << "Check sign: " << c << endl; + if (c != mm) { + throw runtime_error("Alice cross-check failed"); + } + // Alice remove blinding + Integer s = a_times_b_mod_c(ss, r.InverseMod(n), n); + cout << "Unblind sign: " << s << endl; + + // Eve verifies + Integer v = pub_key.ApplyFunction(s); + cout << "Verify: " << std::hex << v << endl; + + // Convert to a string + size_t req = v.MinEncodedSize(); + buff_2.resize(req); + v.Encode(&buff_2[0], buff_2.size()); + + // Hash message per Rabin (1979) + buff_3.resize(sig_size); + SHA256 hash_2; + hash_2.CalculateTruncatedDigest(buff_3, buff_3.size(), orig, orig.size()); + + // Constant time compare + bool equal = buff_2.size() == buff_3.size() && + VerifyBufsEqual(buff_2.data(), buff_3.data(), buff_3.size()); + + if (!equal) { + throw runtime_error("Eve verified failed"); + } + cout << "Verified signature" << endl; } +*/