/*
* Class: edu_biu_scapi_primitives_dlog_miracl_MiraclDlogECF2m
* Method: initF2mExponentiateWithPrecomputedValues
* Signature: (JIIII[B[BJ[BII)J
*
* This function wraps the creation of an ebrick structure used to precompute exponentiations for a certain base for Dlog groups over Fp. It returns
* a pointer to the ebrick structure which will be kept by the calling application (edu.biu.scapi...) in some data structure and will
* be used for further calls to exponentiations with the same base.
*/
JNIEXPORT jlong JNICALL Java_edu_biu_scapi_primitives_dlog_miracl_MiraclDlogECF2m_initF2mExponentiateWithPrecomputedValues
(JNIEnv * env, jobject, jlong mipp, jint mod, jint k1, jint k2, jint k3, jbyteArray a, jbyteArray b, jlong base, jint window, jint maxBits){
//translate parameters to miracl notation
miracl* mip = (miracl*)mipp;
big aB = byteArrayToMiraclBig(env, mip, a);
big bB = byteArrayToMiraclBig(env, mip, b);
//Get the coordinates (x,y) from the requested base point:
big x, y;
x = mirvar(mip, 0);
y = mirvar(mip, 0);
epoint2_get(mip, (epoint*)base, x, y);
//Create a new structure to hold the precomputed values for given base and exponent
ebrick2* exponentiations = new ebrick2();
//Perform precomputation
ebrick2_init(mip, exponentiations, x, y, aB, bB, mod, k1, k2, k3, window, maxBits);
//clean up
mirkill(aB);
mirkill(bB);
//May be clan up also x and y
mirkill(x);
mirkill(y);
//Return the pointer to the structure where the precomputed values are held
return (jlong)exponentiations;
}
void epoint_free(_MIPD_ epoint *p)
{ /* clean up point */
mirkill(_MIPP_ p->X);
mirkill(_MIPP_ p->Y);
if (p->Z!=NULL) mirkill(_MIPP_ p->Z);
mr_free(_MIPP_ p);
}
/*
* Class: edu_biu_scapi_primitives_dlog_miracl_MiraclDlogECFp
* Method: computeFpExponentiateWithPrecomputedValue
* Signature: (JJ[B)J
*
* This function wraps the actual computation of the exponentation with precomputed values for the requested base for Dlog groups over Fp. It gets as a parameter
* a pointer to the ebrick structure created by a previous call to initFpExponentiateWithPrecomputedValues. This implies that initFpExponentiateWithPrecomputedValues
* MUST have been called prior to this function for the same base.
*/
JNIEXPORT jlong JNICALL Java_edu_biu_scapi_primitives_dlog_miracl_MiraclDlogECFp_computeFpExponentiateWithPrecomputedValues
(JNIEnv * env, jobject, jlong m, jlong ebrickPointer, jbyteArray exponent){
//translate parameters to miracl notation
miracl* mip = (miracl*)m;
big exponentB = byteArrayToMiraclBig(env, mip, exponent);
//(x,y) are the coordinates of the point which is the result of the exponentiation
big x, y;
x = mirvar(mip, 0);
y = mirvar(mip, 0);
//calculates the required exponent
mul_brick(mip, (ebrick*)ebrickPointer, exponentB, x, y);
//printf("The result of mul_brick(mip, exponentiations, exponent, x, y) is x=%d, y=%d\n", (*x).w,(*y).w);
epoint* p = new epoint();
p = epoint_init(mip);
epoint_set(mip, x, y, 0, p);
mirkill(x);
mirkill(y);
return (jlong)p;
}
/* function validateF2mGenerator : This function checks if the accepted point is the generator of EC over
F2m, by compare its values to the accepted x,y values
* param m : miracl pointer
* param generator : ellitic curve point to check
* param xVal : x value of the generator
* param yVal : y value of the generator
* return : true if the generator is valid or not
*/
JNIEXPORT jboolean JNICALL Java_edu_biu_scapi_primitives_dlog_miracl_MiraclAdapterDlogEC_validateF2mGenerator
(JNIEnv *env, jobject obj, jlong m, jlong generator, jbyteArray xVal, jbyteArray yVal){
/* convert the accepted parameters to MIRACL parameters*/
miracl* mip = (miracl*)m;
big x = byteArrayToMiraclBig(env, mip, xVal);
big y = byteArrayToMiraclBig(env, mip, yVal);
/* get the point's x,y values */
big genX, genY;
jboolean result;
genX= mirvar(mip, 0);
genY= mirvar(mip, 0);
epoint2_get(mip, (epoint*)generator, genX, genY);
/* check if the values are as expected, return the result */
if (mr_compare(genX, x)==0 && mr_compare(genY, y)==0)
result = 1;
else result = 0;
mirkill(x);
mirkill(y);
mirkill(genX);
mirkill(genY);
return result;
}
/*
* Class: edu_biu_scapi_primitives_dlog_miracl_MiraclDlogECF2m
* Method: computeF2mExponentiateWithPrecomputedValues
* Signature: (JJ[B)J
* This function wraps the actual computation of the exponentation with precomputed values for the requested base for Dlog groups over F2m. It gets as a parameter
* a pointer to the ebrick structure created by a previous call to initFpExponentiateWithPrecomputedValues. This implies that initFpExponentiateWithPrecomputedValues
* MUST have been called prior to this function for the same base.
*/
JNIEXPORT jlong JNICALL Java_edu_biu_scapi_primitives_dlog_miracl_MiraclDlogECF2m_computeF2mExponentiateWithPrecomputedValues
(JNIEnv * env, jobject, jlong mipp, jlong ebrick2Pointer, jbyteArray exponent){
//private native long computeF2mExponentiateWithPrecomputedValues(long mip, long ebrickPointer, byte[] exponent);
//translate parameters to miracl notation
miracl* mip = (miracl*)mipp;
big exponentB = byteArrayToMiraclBig(env, mip, exponent);
//(x,y) are the coordinates of the point which is the result of the exponentiation
big x, y;
x = mirvar(mip, 0);
y = mirvar(mip, 0);
//calculates the required exponent
mul2_brick(mip, (ebrick2*)ebrick2Pointer, exponentB, x, y);
epoint* p = new epoint();
p = epoint_init(mip);
bool valid = epoint2_set(mip, x, y, 0, p);
mirkill(x);
mirkill(y);
return (jlong)p;
}
void DH1080_DeInit()
{
if(mip)
{
mirkill(b_1);
mirkill(b_prime1080);
mirexit();
}
}
/* function initF2mCurve : This function initializes an elliptic curve over F2m according to the accepted values
* param m :
* param k1 : The integer k1 where x^m+x^k1+x^k2+x^k3+1 represents the reduction polynomial f(z)
* param k2 : The integer k2 where x^m+x^k1+x^k2+x^k3+1 represents the reduction polynomial f(z)
* param k3 : The integer k3 where x^m+x^k1+x^k2+x^k3+1 represents the reduction polynomial f(z)
* param aVal : a value of the equation
* param bVal : b value of the equation
* return : the created miracl pointer.
*/
JNIEXPORT void JNICALL Java_edu_biu_scapi_primitives_dlog_miracl_MiraclDlogECF2m_initF2mCurve
(JNIEnv *env, jobject obj, jlong m, jint mod, jint k1, jint k2, jint k3, jbyteArray aVal, jbyteArray bVal){
big a, b;
/* convert the accepted parameters to MIRACL parameters*/
miracl* mip = (miracl*)m;
a = byteArrayToMiraclBig(env, mip, aVal);
b = byteArrayToMiraclBig(env, mip, bVal);
/* initialize the curve */
ecurve2_init(mip, mod, k1, k2, k3, a, b, 0, MR_PROJECTIVE);
mirkill(a);
mirkill(b);
}
// Input: MyPrivKey = Your private key
// HisPubKey = Someones public key
// Output: MyPrivKey has been destroyed for security reasons
// HisPubKey = the secret key
int DH1080_comp(char *MyPrivKey, char *HisPubKey)
{
int i=0, len, iRet;
unsigned char SHA256digest[35], base64_tmp[160];
big b_myPrivkey, b_HisPubkey, b_theKey;
// Verify base64 strings
if((strspn(MyPrivKey, B64ABC) != strlen(MyPrivKey)) || (strspn(HisPubKey, B64ABC) != strlen(HisPubKey)))
{
memset(MyPrivKey, 0x20, strlen(MyPrivKey));
memset(HisPubKey, 0x20, strlen(HisPubKey));
return 0;
}
b_HisPubkey=mirvar(0);
b_theKey=mirvar(0);
len=b64toh(HisPubKey, base64_tmp);
bytes_to_big(len, base64_tmp, b_HisPubkey);
if(DH_verifyPubKey(b_HisPubkey))
{
b_myPrivkey=mirvar(0);
len=b64toh(MyPrivKey, base64_tmp);
bytes_to_big(len, base64_tmp, b_myPrivkey);
memset(MyPrivKey, 0x20, strlen(MyPrivKey));
powmod(b_HisPubkey, b_myPrivkey, b_prime1080, b_theKey);
mirkill(b_myPrivkey);
len=big_to_bytes(sizeof(base64_tmp), b_theKey, base64_tmp, FALSE);
SHA256_memory(base64_tmp, len, SHA256digest);
htob64(SHA256digest, HisPubKey, 32);
iRet=1;
}
else iRet=0;
ZeroMemory(base64_tmp, sizeof(base64_tmp));
ZeroMemory(SHA256digest, sizeof(SHA256digest));
mirkill(b_theKey);
mirkill(b_HisPubkey);
return iRet;
}
/*
* Returns the identity point
*/
epoint* getIdentity(miracl* mip, int field){
big x,y;
epoint* identity = epoint_init(mip);
x = mirvar(mip, 0);
y = mirvar(mip, 0);
//creation of the point depends on the field type
if (field == 1)
epoint_set(mip, x, y, 0, identity);
else
epoint2_set(mip, x, y, 0, identity);
mirkill(x);
mirkill(y);
return identity;
}
void mcl_ecpbs_import_pk(mcl_ecpbs_pk *pk) {
FILE *fp;
int compressed_y;
big x;
fp = fopen("keys/ec160.public", "rt");
if (fp == NULL) {
printf("file ec.public does not exist\n");
exit(0);
}
x = mirvar(0);
/* import the compressed y value */
fscanf(fp, "%d", &compressed_y);
/* import the x coordinate on the curve */
innum(x, fp);
fclose(fp);
/* check if x is valid on the curve */
if (!epoint_x(x)) {
printf(
"Problem - imported x value of the public key is not on the active curve\n");
exit(0);
}
/* decompress point */
if (!epoint_set(x, x, compressed_y, pk->key)) {
printf("Problem - public key point (x,y) is not on the curve\n");
exit(0);
}
mirkill(x);
}
/* function initFpCurve : This function initializes an elliptic curve over Fp according to the accepted values
* param p : field's prime
* param aVal : a value of the equation
* param bVal : b value of the equation
* return : the created miracl pointer.
*/
JNIEXPORT void JNICALL Java_edu_biu_scapi_primitives_dlog_miracl_MiraclDlogECFp_initFpCurve
(JNIEnv *env, jobject obj, jlong m, jbyteArray pVal, jbyteArray aVal, jbyteArray bVal){
big p, a, b;
/* convert the accepted parameters to MIRACL parameters*/
miracl* mip = (miracl*)m;
p = byteArrayToMiraclBig(env, mip, pVal);
a = byteArrayToMiraclBig(env, mip, aVal);
b = byteArrayToMiraclBig(env, mip, bVal);
/* initialize the curve */
ecurve_init(mip, a, b, p, 2);
mirkill(a);
mirkill(b);
mirkill(p);
}
/*
* computes the loop of the algorithm.
* for k=0 to h-1
* e=0
* for i=kw to kw+w-1
* if the bitIndex bit in ci is set:
* calculate e += 2^(i-kw)
* result = result *preComp[k][e]
*/
epoint* computeLoop(miracl* mip, big* exponentiations, int w, int h, epoint*** preComp, epoint* result, int bitIndex, int n, int field){
int e = 0, k, i, twoPow;
big temp = mirvar(mip, 0);
for (k=0; k<h; k++){
for (i=k*w; i<(k * w + w); i++){
if (i < n){
copy(exponentiations[i], temp);
//check if the bit in bitIndex is set.
//shift the big number bitIndex times
sftbit(mip, temp, bitIndex*-1, temp);
//check if the shifted big is divisible by two. if not - the first bit is set.
if (subdivisible(mip, temp, 2) == 0){
twoPow = pow((double)2, i-k*w);
e += twoPow;
}
}
}
//multiply operation depends on the field
if (field == 1)
ecurve_add(mip, preComp[k][e], result);
else
ecurve2_add(mip, preComp[k][e], result);
e = 0;
}
mirkill(temp);
return result;
}
/* function createInfinityF2mPoint : This function creates the infinity point in F2m
* param m : miracl pointer
* return : true if the point is on the curve, false otherwise
*/
JNIEXPORT jlong JNICALL Java_edu_biu_scapi_primitives_dlog_miracl_MiraclDlogECF2m_createInfinityF2mPoint
(JNIEnv *env, jobject obj, jlong m){
/* convert the accepted parameters to MIRACL parameters*/
miracl* mip = (miracl*)m;
//create a point with the coordinates 0,0 which is the infinity point in miracl implementation
big x,y;
epoint* p = epoint_init(mip);
x = mirvar(mip, 0);
y = mirvar(mip, 0);
epoint2_set(mip, x, y, 0, (epoint*)p);
mirkill(x);
mirkill(y);
return (jlong) p;
}
void envirment_init() {
big a, b, p, x, y;
#if MIRACL==16
#ifdef MR_FLASH
miracl *mip = mirsys(500,10); /* initialise system to base 10, 500 digits per "big" */
#else
miracl *mip = mirsys(5000,10); /* bigger numbers possible if no flash arithmetic */
#endif
#else
miracl *mip = mirsys(5000,10); /* 5000 digits per "big" */
#endif
// init
a = mirvar(-3);
b = mirvar(0);
ECC_N = mirvar(0);
p = mirvar(0);
x = mirvar(0);
y = mirvar(0);
ECC_G = epoint_init();
ECC_H = epoint_init();
mip->IOBASE = 10;
// init curve
cinstr(b, bChar);
cinstr(ECC_N, nChar);
cinstr(p, pChar);
ecurve_init(a, b, p, MR_PROJECTIVE);
// init point: G, H
cinstr(x, gxChar);
cinstr(y, gyChar);
epoint_set(x, y, 0, ECC_G);
cinstr(x, hxChar);
cinstr(y, hyChar);
epoint_set(x, y, 0, ECC_H);
mip->IOBASE = 16;
mirkill(a);
mirkill(b);
mirkill(p);
mirkill(x);
mirkill(y);
}
/* function getXValue : This function return the x coordinate of the given point
* param m : pointer to mip
* param point : pointer to the point
* return : the x coordinate of the given point
*/
JNIEXPORT jbyteArray JNICALL Java_edu_biu_scapi_primitives_dlog_miracl_ECF2mPointMiracl_getXValueF2mPoint
(JNIEnv *env, jobject obj, jlong m, jlong point){
/* convert the accepted parameters to MIRACL parameters*/
miracl* mip = (miracl*)m;
big x, y;
jbyteArray xBytes;
x= mirvar(mip, 0);
y= mirvar(mip, 0);
//get x, y values of the point
epoint2_get(mip, (epoint*)point, x, y);
xBytes = miraclBigToJbyteArray(env, mip, x);
mirkill(x);
mirkill(y);
//return the bytes of x
return xBytes;
}
/* function createF2mPoint : This function creates a point of elliptic curve over F2m according to the accepted values
* param m : pointer to mip
* param xVal : x value of the point
* param yVal : y value of the point
* param validity : indicates if the point is valid for the current curve or not
* return : A pointer to the created point.
*/
JNIEXPORT jlong JNICALL Java_edu_biu_scapi_primitives_dlog_miracl_ECF2mPointMiracl_createF2mPoint
(JNIEnv *env, jobject obj, jlong m, jbyteArray xVal, jbyteArray yVal){
/* convert the accepted parameters to MIRACL parameters*/
miracl* mip = (miracl*)m;
/* create the point with x,y values */
epoint* p = epoint_init(mip);
big x = byteArrayToMiraclBig(env, mip, xVal);
big y = byteArrayToMiraclBig(env, mip, yVal);
bool valid = epoint2_set(mip, x, y, 0, p);
mirkill(x);
mirkill(y);
if (!valid) {
epoint_free(p);
return 0;
}
return (jlong) p; // return the point
}
/* function invertF2mPoint : This function return the inverse of ec point
* param m : miracl pointer
* param p1 : ellitic curve point
* return : the inverse point
*/
JNIEXPORT jlong JNICALL Java_edu_biu_scapi_primitives_dlog_miracl_MiraclDlogECF2m_invertF2mPoint
(JNIEnv *env, jobject obj, jlong m, jlong p1){
/* convert the accepted parameters to MIRACL parameters*/
miracl* mip = (miracl*)m;
big x, y;
epoint* p2;
x= mirvar(mip, 0);
y= mirvar(mip, 0);
//init the result point and copy p1 values to it
p2 = epoint_init(mip);
epoint2_get(mip, (epoint*)p1, x, y);
epoint2_set(mip, x,y,0, p2);
mirkill(x);
mirkill(y);
//inverse the point
epoint2_negate(mip, p2);
return (jlong)p2; // return the inverse
}
/* function isFpMember : This function checks if the accepted point is a point of the current elliptic curve (over Fp)
* param m : miracl pointer
* param point : ellitic curve point to check
* return : true if the point is on the curve, false otherwise
*/
JNIEXPORT jboolean JNICALL Java_edu_biu_scapi_primitives_dlog_miracl_MiraclDlogECFp_isFpMember
(JNIEnv *env, jobject obj, jlong m, jlong point){
int member = 0;
/* convert the accepted parameters to MIRACL parameters*/
miracl* mip = (miracl*)m;
/* get the x,y, values of the point */
big x,y;
epoint* p = epoint_init(mip);
x = mirvar(mip, 0);
y = mirvar(mip, 0);
epoint_get(mip, (epoint*)point, x, y);
/* try to create another point with those values. if succeded - the point is in the curve */
if (epoint_set(mip, x, y, 0, p)==1)
member = 1;
mirkill(x);
mirkill(y);
return member;
}
/* function multiplyFpPoints : This function multiplies two point of ec over Fp
* param m : miracl pointer
* param p1 : ellitic curve point
* param p2 : ellitic curve point
* return : the multiplication result
*/
JNIEXPORT jlong JNICALL Java_edu_biu_scapi_primitives_dlog_miracl_MiraclDlogECFp_multiplyFpPoints
(JNIEnv * env, jobject obj, jlong m, jlong p1, jlong p2){
big x, y;
epoint *p3;
/* convert the accepted parameters to MIRACL parameters*/
miracl* mip = (miracl*)m;
x= mirvar(mip, 0);
y= mirvar(mip, 0);
/* create the result point with the values of p2. This way, p2 values won't damage in the multiplication operation */
p3 = epoint_init(mip);
epoint_get(mip, (epoint*)p2, x, y);
epoint_set(mip, x,y,0, p3);
mirkill(x);
mirkill(y);
/* The multiply operation is converted to addition because miracl treat EC as additive group */
ecurve_add(mip, (epoint*)p1, p3);
return (jlong)p3; //return the result
}
/* function exponentiateF2mPoint : This function exponentiate point of ec over F2m
* param m : miracl pointer
* param point : ellitic curve point
* param exponent
* return : the exponentiation result
*/
JNIEXPORT jlong JNICALL Java_edu_biu_scapi_primitives_dlog_miracl_MiraclDlogECF2m_exponentiateF2mPoint
(JNIEnv *env, jobject obj, jlong m, jlong point, jbyteArray exponent){
epoint *p2;
/* convert the accepted parameters to MIRACL parameters*/
miracl* mip = (miracl*)m;
big exp = byteArrayToMiraclBig(env, mip, exponent);
//init the result point
p2 = epoint_init(mip);
/* The exponentiate operation is converted to multiplication because miracl treat EC as additive group */
ecurve2_mult(mip, exp, (epoint*)point, p2);
mirkill(exp);
return (jlong)p2; //return the result
}
JNIEXPORT jlong JNICALL Java_edu_biu_scapi_primitives_dlog_miracl_MiraclDlogECFp_simultaneousMultiplyFp
(JNIEnv *env, jobject obj, jlong m, jlongArray elements, jobjectArray exponents){
int size = env->GetArrayLength(elements); //number of points
jlong* longElements = env->GetLongArrayElements(elements, 0); //convert JllongArray to long array
epoint ** points = (epoint**) calloc(size, sizeof(epoint*)); //create a big array to hold the points
big* bigExponents = (big*) calloc(size, sizeof(big)); //create a big array to hold the exponents
int i;
epoint *p;
jbyteArray exponent;
/* convert the accepted parameters to MIRACL parameters*/
miracl* mip = (miracl*)m;
for(i=0; i<size; i++){
points[i] = (epoint*) longElements[i];
exponent = (jbyteArray) env->GetObjectArrayElement(exponents, i);
bigExponents[i] = byteArrayToMiraclBig(env, mip, exponent);
}
// p = epoint_init(mip);
//ecurve_multn(mip, size, bigExponents, points, p);
p = computeLL(mip, points, bigExponents, size, 1);
//release the memory
for(i=0; i<size; i++){
mirkill(bigExponents[i]);
}
free(points);
free(bigExponents);
//release jbyte
env ->ReleaseLongArrayElements(elements, longElements, 0);
return (jlong)p; //return the result
}
long rho(big q,big r,big m,big n)
{ /* find q^m = r^n */
long iter,rr,i;
big ax,bx,ay,by,x,y;
ax=mirvar(0);
bx=mirvar(0);
ay=mirvar(0);
by=mirvar(0);
x=mirvar(1);
y=mirvar(1);
iter=0L;
rr=1L;
do
{ /* Brent's Cycle finder */
copy(y,x);
copy(ay,ax);
copy(by,bx);
rr*=2;
for (i=1L;i<=rr;i++)
{
iter++;
iterate(y,q,r,ay,by);
if (compare(x,y)==0) break;
}
} while (compare(x,y)!=0);
subtract(ax,ay,m);
if (size(m)<0) add_r(m,order,m);
subtract(by,bx,n);
if (size(n)<0) add_r(n,order,n);
mirkill(y);
mirkill(x);
mirkill(by);
mirkill(ay);
mirkill(bx);
mirkill(ax);
return iter;
}
void pollard(big id,big dl)
{
int i;
long iter;
big w,Q,R,m,n,q;
big_chinese bc;
w=mirvar(0);
Q=mirvar(0);
R=mirvar(0);
m=mirvar(0);
n=mirvar(0);
q=mirvar(0);
copy(id,q);
crt_init(&bc,np,pp);
for (i=0;i<np;i++)
{ /* accumulate solutions for each pp */
copy(p1,w);
divide(w,pp[i],w);
powmod(q,w,p,Q);
powltr(PROOT,w,p,R);
copy(pp[i],order);
iter=rho(Q,R,m,n);
xgcd(m,order,w,w,w);
mad(w,n,n,order,order,rem[i]);
printf("%9ld iterations needed\n",iter);
}
crt(&bc,rem,dl); /* apply chinese remainder thereom */
crt_end(&bc);
mirkill(q);
mirkill(n);
mirkill(m);
mirkill(R);
mirkill(Q);
mirkill(w);
}
BOOL gauss(flash A[][50],flash b[],int n)
{ /* solve Ax=b using Gaussian elimination *
* solution x returned in b */
int i,j,k,m;
BOOL ok;
flash w,s;
w=mirvar(0);
s=mirvar(0);
ok=TRUE;
for (i=0;i<n;i++)
copy(b[i],A[i][n]);
for (i=0;i<n;i++)
{ /* Gaussian elimination */
m=i;
for (j=i+1;j<n;j++)
{
absol(A[j][i],w);
absol(A[m][i],s);
if (fcomp(w,s)>0) m=j;
}
if (m!=i) for (k=i;k<=n;k++)
{
copy(A[i][k],w);
copy(A[m][k],A[i][k]);
copy(w,A[m][k]);
}
if (size(A[i][i])==0)
{
ok=FALSE;
break;
}
for (j=i+1;j<n;j++)
{
fdiv(A[j][i],A[i][i],s);
for (k=n;k>=i;k--)
{
fmul(s,A[i][k],w);
fsub(A[j][k],w,A[j][k]);
}
}
}
if (ok) for (j=n-1;j>=0;j--)
{ /* Backward substitution */
zero(s);
for (k=j+1;k<n;k++)
{
fmul(A[j][k],b[k],w);
fadd(s,w,s);
}
fsub(A[j][n],s,w);
if (size(A[j][j])==0)
{
ok=FALSE;
break;
}
fdiv(w,A[j][j],b[j]);
}
mirkill(s);
mirkill(w);
return ok;
}
JNIEXPORT jobjectArray JNICALL
Java_com_sunshuzhou_experiment_1miracl_Verify_computeForServer(JNIEnv *env, jobject instance,
jstring ux_, jstring uy_,
jstring u1x_, jstring u1y_,
jstring wx_, jstring wy_,
jstring com1x_, jstring com1y_,
jstring N1_, jstring sid_,
jstring alpha_, jstring beta_,
jstring zeta_) {
const char *ux = (*env)->GetStringUTFChars(env, ux_, 0);
const char *uy = (*env)->GetStringUTFChars(env, uy_, 0);
const char *u1x = (*env)->GetStringUTFChars(env, u1x_, 0);
const char *u1y = (*env)->GetStringUTFChars(env, u1y_, 0);
const char *wx = (*env)->GetStringUTFChars(env, wx_, 0);
const char *wy = (*env)->GetStringUTFChars(env, wy_, 0);
const char *com1x = (*env)->GetStringUTFChars(env, com1x_, 0);
const char *com1y = (*env)->GetStringUTFChars(env, com1y_, 0);
const char *N1 = (*env)->GetStringUTFChars(env, N1_, 0);
const char *sid = (*env)->GetStringUTFChars(env, sid_, 0);
const char *alpha = (*env)->GetStringUTFChars(env, alpha_, 0);
const char *beta = (*env)->GetStringUTFChars(env, beta_, 0);
const char *zeta = (*env)->GetStringUTFChars(env, zeta_, 0);
big x, y, d, k1, N2, sum, big1;
epoint *u, *u1, *w, *com1, *w1, *epoint1, *com, *K;
int message_len, i;
unsigned char key[300], tag[SHA1_HASH_SIZE], hexdigest[SHA1_HASH_SIZE * 2 + 1], message[1000], tempChars[300];
jclass jclass1 = (*env)->FindClass(env, "java/lang/String");
jobjectArray result;
envirment_init();
x = mirvar(0);
y = mirvar(0);
d = mirvar(0);
k1 = mirvar(0);
N2 = mirvar(0);
sum = mirvar(0);
big1 = mirvar(0);
u = epoint_init();
u1 = epoint_init();
w = epoint_init();
com1 = epoint_init();
w1 = epoint_init();
epoint1 = epoint_init();
com = epoint_init();
K = epoint_init();
cinstr(x, ux);
cinstr(y, uy);
epoint_set(x, y, 0, u);
cinstr(x, u1x);
cinstr(y, u1y);
epoint_set(x, y, 0, u1);
cinstr(x, wx);
cinstr(y, wy);
epoint_set(x, y, 0, w);
cinstr(x, com1x);
cinstr(y, com1y);
epoint_set(x, y, 0, com1);
irand((long)time(0));
bigrand(ECC_N, d);
bigrand(ECC_N, k1);
bigbits(80, N2);
// sum = alpha + beta + zeta
cinstr(big1, alpha);
cinstr(sum, beta);
add(big1, sum, sum);
cinstr(big1, zeta);
add(big1, sum, sum);
// w1 = k1 * H
ecurve_mult(k1, ECC_H, w1);
// com = (alpha + beta + zeta) * u + d * H
ecurve_mult(sum, u, com);
ecurve_mult(d, ECC_H, epoint1);
ecurve_add(epoint1, com);
// K = d * w + k1 * (com1 - sum * u1)
ecurve_mult(d, w, K);
ecurve_mult(sum, u1, epoint1);
ecurve_sub(epoint1, com1);
ecurve_mult(k1, com1, com1);
ecurve_add(com1, K);
// K.y as key
epoint_get(K, x, y);
cotstr(y, key);
// message: u.y || u1.y || w.y || com1.y || N1 || sid
epoint_get(u, x, y);
cotstr(y, message);
message_len = strlen(message);
epoint_get(u1, x, y);
cotstr(y, &message[message_len]);
message_len = strlen(message);
epoint_get(w, x, y);
cotstr(y, &message[message_len]);
message_len = strlen(message);
epoint_get(com1, x, y);
cotstr(x, &message[message_len]);
message_len = strlen(message);
strcpy(&message[message_len], N1);
message_len = strlen(message);
strcpy(&message[message_len], sid);
message_len = strlen(message);
hmac_sha1(key, strlen(key), message, message_len, tag, SHA1_HASH_SIZE);
for (i = 0; i < SHA1_HASH_SIZE; ++i) {
sprintf(&hexdigest[i * 2], "%02x", tag[i]);
}
hexdigest[40] = '\0';
(*env)->ReleaseStringUTFChars(env, ux_, ux);
(*env)->ReleaseStringUTFChars(env, uy_, uy);
(*env)->ReleaseStringUTFChars(env, u1x_, u1x);
(*env)->ReleaseStringUTFChars(env, u1y_, u1y);
(*env)->ReleaseStringUTFChars(env, wx_, wx);
(*env)->ReleaseStringUTFChars(env, wy_, wy);
(*env)->ReleaseStringUTFChars(env, com1x_, com1x);
(*env)->ReleaseStringUTFChars(env, com1y_, com1y);
(*env)->ReleaseStringUTFChars(env, N1_, N1);
(*env)->ReleaseStringUTFChars(env, sid_, sid);
(*env)->ReleaseStringUTFChars(env, alpha_, alpha);
(*env)->ReleaseStringUTFChars(env, beta_, beta);
(*env)->ReleaseStringUTFChars(env, zeta_, zeta);
result = (*env)->NewObjectArray(env, 8, jclass1, (*env)->NewStringUTF(env, ""));
epoint_get(w1, x, y);
cotstr(x, tempChars);
(*env)->SetObjectArrayElement(env, result, 0, (*env)->NewStringUTF(env, tempChars));
cotstr(y, tempChars);
(*env)->SetObjectArrayElement(env, result, 1, (*env)->NewStringUTF(env, tempChars));
epoint_get(com, x, y);
cotstr(x, tempChars);
(*env)->SetObjectArrayElement(env, result, 2, (*env)->NewStringUTF(env, tempChars));
cotstr(y, tempChars);
(*env)->SetObjectArrayElement(env, result, 3, (*env)->NewStringUTF(env, tempChars));
cotstr(N2, tempChars);
(*env)->SetObjectArrayElement(env, result, 4, (*env)->NewStringUTF(env, tempChars));
(*env)->SetObjectArrayElement(env, result, 5, (*env)->NewStringUTF(env, message));
(*env)->SetObjectArrayElement(env, result, 6, (*env)->NewStringUTF(env, hexdigest));
(*env)->SetObjectArrayElement(env, result, 7, (*env)->NewStringUTF(env, key));
mirkill(x);
mirkill(y);
mirkill(d);
mirkill(k1);
mirkill(N2);
mirkill(sum);
mirkill(big1);
return result;
}
void envirment_clear() {
mirkill(ECC_N);
}
epoint* computeLL(miracl* mip, epoint** elements, big* exponents, int n, int field){
big bigExp = mirvar(mip, 0);
big two = mirvar(mip, 2);
big zero = mirvar(mip, 0);
int t = 0, w, h, i, j;
epoint*** preComp;
epoint* result;
//get the biggest exponent
for (i=0; i<n; i++)
if (mr_compare(bigExp, exponents[i]) < 0)
bigExp = exponents[i];
//num of bitf in the biggest exponent
t = logb2(mip, bigExp);
//choose w according to the value of t
w = getLLW(t);
//h = n/w
if ((n % w) == 0){
h = n / w;
} else{
h = ((int) (n / w)) + 1;
}
//printf("n is: %d\n", n);
//printf("t is: %d\n", t);
//printf("w is: %d\n", w);
//printf("h is: %d\n", h);
//creates pre computation table
preComp = createLLPreCompTable(mip, elements, w, h, n, field);
result = getIdentity(mip, field); //holds the computation result
//computes the loop of the computation
result = computeLoop(mip, exponents, w, h, preComp, result, t-1, n, field);
//third part of computation
for (j=t-2; j>=0; j--){
//operate y^2 differently. depends on the field type
if (field==1)
ecurve_mult(mip, two, result, result);
else
ecurve2_mult(mip, two, result, result);
//computes the loop of the computation
result = computeLoop(mip, exponents, w, h, preComp, result, j, n, field);
}
//free the allocated memeory
mirkill(two);
mirkill(zero);
for (i=0; i<h; i++){
for (j=0; j<pow((double)2, w); j++){
epoint_free(preComp[i][j]);
}
free(preComp[i]);
}
free(preComp);
return result;
}
// Input: priv_key = buffer of 200 bytes
// pub_key = buffer of 200 bytes
// Output: priv_key = Your private key
// pub_key = Your public key
int DH1080_gen(char *priv_key, char *pub_key)
{
unsigned char raw_buf[160], iniHash[33];
unsigned long seed;
int len, iRet;
big b_privkey, b_pubkey;
csprng myRNG;
FILE *hRnd;
priv_key[0]='0';
priv_key[1]='\0';
pub_key[0]='0';
pub_key[1]='\0';
hRnd = fopen("/dev/urandom", "r"); // don't use /dev/random, it's a blocking device
if(!hRnd) return 0;
b_privkey=mirvar(0);
b_pubkey=mirvar(0);
// #*#*#*#*#* RNG START #*#*#*#*#*
time((time_t *)&seed);
seed ^= (long)hRnd << 16;
if(fread(raw_buf, 1, sizeof(raw_buf), hRnd) < 32)
{
ZeroMemory(raw_buf, sizeof(raw_buf));
fclose(hRnd);
mirkill(b_privkey);
mirkill(b_pubkey);
return 0;
}
fclose(hRnd);
sha_file(iniPath, iniHash);
memXOR(raw_buf+128, iniHash, 32);
sha_file((unsigned char *)get_irssi_config(), iniHash);
memXOR(raw_buf+128, iniHash, 32);
ZeroMemory(iniHash, sizeof(iniHash));
// first 128 byte in raw_buf: output from /dev/urandom
// last 32 byte in raw_buf: SHA-256 digest from blow.ini and irssi.conf
seed *= (unsigned long)mip;
strong_init(&myRNG, sizeof(raw_buf), raw_buf, (unsigned int)seed);
strong_rng(&myRNG);
strong_bigdig(&myRNG, 1080, 2, b_privkey);
strong_kill(&myRNG);
seed=0;
// #*#*#*#*#* RNG END #*#*#*#*#*
powltr(2, b_privkey, b_prime1080, b_pubkey);
if(DH_verifyPubKey(b_pubkey))
{
len=big_to_bytes(sizeof(raw_buf), b_privkey, raw_buf, FALSE);
htob64(raw_buf, priv_key, len);
len=big_to_bytes(sizeof(raw_buf), b_pubkey, raw_buf, FALSE);
htob64(raw_buf, pub_key, len);
iRet=1;
}
else iRet=0;
ZeroMemory(raw_buf, sizeof(raw_buf));
mirkill(b_privkey);
mirkill(b_pubkey);
return iRet;
}
void mcl_ecpbs_import_parameters(mcl_ecpbs_parameters *parameters) {
FILE *fp;
int bits;
big x, y;
miracl *mip;
/* get public curve parameters */
fp = fopen("keys/ec160.parameters", "rt");
if (fp == NULL) {
printf("file ec.parameters does not exist\n");
exit(0);
}
/* read in big number bitlength */
fscanf(fp, "%d\n", &bits);
/*
* Initialize the system, using HEX (base16) internally.
* The internal storage for each big number uses bits/4.
*/
mip = mirsys(bits / 4, 16);
/* initialize memory for parameters */
parameters->p = mirvar(0);
parameters->A = mirvar(0);
parameters->B = mirvar(0);
parameters->q = mirvar(0);
x = mirvar(0);
y = mirvar(0);
parameters->g = epoint_init();
/* import parameters */
/* p is the modulus */
innum(parameters->p, fp);
/* A and B are curve parameters */
innum(parameters->A, fp);
innum(parameters->B, fp);
/* q is the order of (x,y) */
innum(parameters->q, fp);
/* (x,y) point on curve of order q */
innum(x, fp);
innum(y, fp);
fclose(fp);
/* FIXME randomize */
irand(675822498);
/* initialize curve - can use MR_PROJECTIVE, or MR_AFFINE */
ecurve_init(parameters->A, parameters->B, parameters->p, MR_PROJECTIVE);
/* check if x is valid on the curve */
if (!epoint_x(x)) {
printf(
"Problem - imported x value of the generator is not on the active curve\n");
exit(0);
}
/* initialize generator to the point of order q */
if (!epoint_set(x, y, 0, parameters->g)) {
printf("Problem - generator point (x,y) is not on the curve\n");
exit(0);
}
mirkill(x);
mirkill(y);
}
void mcl_ecpbs_Fhash(epoint *result, char *info, mcl_ecpbs_parameters *pbs) {
big hash = mirvar(0);
mcl_ecpbs_Hhash(hash, info, pbs->q);
ecurve_mult(hash, pbs->g, result);
mirkill(hash);
}