size_t readConfig(char *param, size_t size)
{
FILE* fp = fopen("a1.param", "r");
if (!fp) pbc_die("error opening param file");
size_t count = fread(param, 1, size, fp);
if (!count) pbc_die("input error");
fclose(fp);
return count;
}
static inline void pbc_single_pairing_init(pairing_t pairing, int argc, char *argv) {
char s[16384];
FILE *fp = stdin;
if (argc > 1) {
fp = fopen(argv, "r");
if (!fp) pbc_die("error opening %s", argv);
}
size_t count = fread(s, 1, 16384, fp);
if (!count) pbc_die("input error");
fclose(fp);
if (pairing_init_set_buf(pairing, s, count)) pbc_die("pairing init failed");
}
void setup_global_broadcast_params(global_broadcast_params_t *sys, int num_users)
{
global_broadcast_params_t gbs;
gbs = pbc_malloc(sizeof(struct global_broadcast_params_s));
// Setup curve in gbp
size_t count = strlen(PBC_PAIRING_PARAMS);
if (!count) pbc_die("input error");
if (pairing_init_set_buf(gbs->pairing, PBC_PAIRING_PARAMS, count))
pbc_die("pairing init failed");
gbs->num_users = num_users;
element_t *lgs;
int i;
lgs = pbc_malloc(2 * num_users * sizeof(element_t));
if(!(lgs)) {
printf("\nMalloc Failed\n");
printf("Didn't finish system setup\n\n");
}
//Set g as a chosen public value
element_init(gbs->g, gbs->pairing->G1);
i=element_set_str(gbs->g, PUBLIC_G, PBC_CONVERT_BASE);
//Get alpha from Zp as mentioned in the paper
element_init_Zr(gbs->alpha, gbs->pairing);
element_random(gbs->alpha); //pick random alpha value and later delete from memory
//i=element_set_str(gbs->alpha, PRIVATE_ALPHA, PBC_CONVERT_BASE); //alpha is initialised as secret and later removed from memory
//Make the 0th element equal to g^alpha
element_init(lgs[0], gbs->pairing->G1);
element_pow_zn(lgs[0],gbs->g, gbs->alpha);
//Fill in the gs and the hs arrays
for(i = 1; i < 2*num_users; i++) {
//raise alpha to one more power
element_init(lgs[i], gbs->pairing->G1);
element_pow_zn(lgs[i], lgs[i-1], gbs->alpha);
}
element_clear(lgs[num_users]); //remove g^(alpha^(n+1)) as it can leak info about parameters
//For simplicity & so code was easy to read
gbs->gs = lgs;
*sys = gbs;
}
void consumerShares(signed long int *codeword){
pairing_t pairing;
element_t g, r, a, e_g_g, share;
char *argv = "./param/a.param";
char s[16384];
signed long int temp_share;
FILE *fp = stdin;
fp = fopen(argv, "r");
if (!fp)
pbc_die("error opening %s\n", argv);
size_t count = fread(s, 1, 16384, fp);
if(!count)
pbc_die("read parameter failure\n");
fclose(fp);
if(pairing_init_set_buf(pairing, s, count))
pbc_die("pairing init failed\n");
if(!pairing_is_symmetric(pairing)) pbc_die("pairing is not symmetric\n");
element_init_G1(g, pairing);
element_init_Zr(r, pairing);
element_init_Zr(a, pairing);
element_init_Zr(share, pairing);
element_init_GT(e_g_g, pairing);
//find the generator of the group
element_set(g, ((curve_data_ptr)((a_pairing_data_ptr)
pairing->data)->Eq->data)->gen);
element_random(r);
element_random(a);
//compute e(g, g)
element_pairing(e_g_g, g, g);
//compute e(g, g)^r
element_pow_zn(e_g_g, e_g_g, r);
//compute e(g,g)^ra
element_pow_zn(e_g_g, e_g_g, a);
temp_share = codeword[0];
//transfer signed long int type ecret shares to an element_t type before we do the power of
//e_g_g
element_set_si(share, temp_share);
element_pow_zn(e_g_g, e_g_g, share);
}
static void *default_pbc_realloc(void *old, size_t new_size) {
void *new = pbc_mem_malloc(new_size);
if(!new) pbc_die("realloc() error");
if(old) {
old = pbc_ptr_to_mem(old);
memcpy(pbc_mem_to_ptr(new), pbc_mem_to_ptr(old), pbc_mem_get_size(old));
pbc_mem_free(old);
}
return pbc_mem_to_ptr(new);
}
void set_up_comm(int dm, int usr) {
printf("[ setup communication ] \n");
DM_num = 0;
dms = (domain_manager* ) malloc(sizeof(domain_manager)* dm);
user_num = 0;
users = (user* ) malloc(sizeof(user)* usr);
char param[1024];
size_t count = fread(param, 1, 1024, stdin);
if (!count) pbc_die("input error");
pairing_init_set_buf(pairing, param, count);
}
static size_t gf3m_out_str(FILE *stream, int base, element_t e) {
if (base != 10 && base != 16)
pbc_die("only support base 10 and base 16");
size_t size = 0;
unsigned i;
unsigned long *d = DATA1(e);
for (i = 0; i < LEN(e) * 2; i++) {
if (base == 16)
size += fprintf(stream, "0x%lx,", d[i]);
else
size += fprintf(stream, "%lu,", d[i]);
}
return size;
}
int main(int argc, char **argv) {
pairing_t pairing;
pbc_demo_pairing_init(pairing, argc, argv);
char m[80]={0};
if (!pairing_is_symmetric(pairing)) pbc_die("pairing must be symmetric");
printf("Enter the message to be encrypted : ");
gets(m);
size_t len_m = sizeof(m);
unsigned char hash[30];
SHA1(m, len_m, hash);
printf("The hash is : %s", hash);
element_t g, h;
element_t public_key, secret_key;
element_t sig;
element_t temp1, temp2;
element_init_G2(g, pairing);
element_init_G2(public_key, pairing);
element_init_G1(h, pairing);
element_init_G1(sig, pairing);
element_init_GT(temp1, pairing);
element_init_GT(temp2, pairing);
element_init_Zr(secret_key, pairing);
element_random(g);
element_random(secret_key);
element_pow_zn(public_key, g, secret_key);
element_printf("The public key is %B\n", public_key);
element_from_hash(h, hash, 30);
element_pow_zn(sig, h, secret_key);
pairing_apply(temp1, sig, g, pairing);
pairing_apply(temp2, h, public_key, pairing);
if(!element_cmp(temp1, temp2)){
printf("\nVerified\n");}
else{
printf("\nNot verified\n");
}
}
//This function sets the global broadcast parameters downloaded as a file from the server
//Sets up the gamma value, dont forget to randomize gamma and store locally later please
void setup_global_broadcast_params(global_broadcast_params_t *sys,
unsigned char* gbs_header)
{
global_broadcast_params_t gbs;
gbs = pbc_malloc(sizeof(struct global_broadcast_params_s));
// Setup curve in gbp
size_t count = strlen(PBC_PAIRING_PARAMS);
if (pairing_init_set_buf(gbs->pairing, PBC_PAIRING_PARAMS, count))
pbc_die("pairing init failed");
int num_users;
memcpy(&num_users, gbs_header, 4);
gbs->num_users = num_users;
gbs_header= gbs_header+4;
element_t *lgs;
int i;
lgs = pbc_malloc(2 * num_users * sizeof(element_t));
//generate g from the file contents
element_init(gbs->g, gbs->pairing->G1);
gbs_header += in(gbs->g, gbs_header);
//Fill in the gi values in lgs[]
for(i = 0; i < 2*num_users; i++) {
element_init(lgs[i], gbs->pairing->G1);
if(i == num_users)
continue;
gbs_header += in(lgs[i], gbs_header);
}
element_init_Zr(gbs->gamma, gbs->pairing); //initialise gamma
element_random(gbs->gamma); //pick random value of gamma
//For simplicity & so code was easy to read
gbs->gs = lgs;
*sys = gbs;
return;
}
void *pbc_calloc(size_t nmemb, size_t size) {
void *res = pbc_malloc(nmemb * size);
if (!res) pbc_die("calloc() error");
memset(res, 0, nmemb * size);
return res;
}
int main(int argc, char **argv) {
for (;;) {
int c = getopt(argc, argv, "y");
if (c == -1) break;
switch (c) {
case 'y':
option_easy = 1;
option_prompt = "> ";
break;
default:
fprintf(stderr, "unrecognized option: %c\n", c);
break;
}
}
field_init_z(Z);
field_init_multiz(M);
symtab_init(tab);
builtin(fun_rnd);
builtin(fun_random);
builtin(fun_ord);
builtin(fun_order);
builtin(fun_nextprime);
builtin(fun_sqrt);
builtin(fun_inv);
builtin(fun_type);
builtin(fun_pairing);
builtin(fun_zmod);
builtin(fun_poly);
builtin(fun_polymod);
builtin(fun_extend);
builtin(fun_exit);
builtin(fun_CHECK);
builtin(fun_init_pairing_a);
builtin(fun_init_pairing_d);
builtin(fun_init_pairing_e);
builtin(fun_init_pairing_f);
builtin(fun_init_pairing_g);
builtin(fun_init_pairing_i);
run_init_pairing_a(NULL);
symtab_put(reserved, val_new_field(M), "M");
symtab_put(reserved, val_new_field(Z), "Z");
if (argc > optind) {
FILE *fp = fopen(argv[optind], "r");
if (!fp) pbc_die("fopen failed on %s", argv[optind]);
YY_BUFFER_STATE st = yy_create_buffer(fp, YY_BUF_SIZE);
yy_switch_to_buffer(st);
yywrapfun = yywrap_return1;
yyparse();
yy_delete_buffer(st);
}
else {
yywrapfun = yywrap_readline;
yywrap();
while (!end_of_input) {
if (2 == yyparse()) pbc_die("parser out of memory");
}
putchar('\n');
}
symtab_clear(tab);
field_clear(M);
return 0;
}
int main(void)
{
pairing_t pairing;
char param[50000];
size_t count = fread(param, 1, 50000, stdin);
if (!count) pbc_die("input error");
pairing_init_set_buf(pairing, param, count);
// int cont = 0;
struct timeval tvBegin, tvEnd;
element_t g, h;
element_t public_key, secret_key;
element_t sig;
element_t temp1, temp2;
element_init_G2(g, pairing);
element_init_G2(public_key, pairing);
element_init_G1(h, pairing);
element_init_G1(sig, pairing);
element_init_GT(temp1, pairing);
element_init_GT(temp2, pairing);
element_init_Zr(secret_key, pairing);
// Generating key
element_random(g);
element_random(secret_key);
element_pow_zn(public_key, g, secret_key);
// Generating message
element_from_hash(h, "ABCDEF", 6);
element_pow_zn(sig, h, secret_key);
// RANDOM TESTS
/*
// Fp
element_t p1, p2;
element_init(p1, element_x(h)->field);
element_init(p2, p1->field);
element_random(p1);
element_random(p2);
// multiplication
element_t puntos[2000];
for(cont = 0; cont < 1000; cont++){
element_init(puntos[cont], element_x(h)->field);
element_init(puntos[2*cont], element_x(h)->field);
element_random(puntos[cont]);
element_random(puntos[2*cont]);
}
gettimeofday(&tvBegin, NULL);
for(cont = 0; cont < 1000; cont++){
element_mul(puntos[cont], puntos[cont], puntos[2*cont]);
}
gettimeofday(&tvEnd, NULL);
timeval_subtract(&tvEnd, &tvBegin, 1);
//square
gettimeofday(&tvBegin, NULL);
for(cont = 0; cont < 1000; cont++) element_square(puntos[cont], puntos[2*cont]);
gettimeofday(&tvEnd, NULL);
timeval_subtract(&tvEnd, &tvBegin, 1);
// add
gettimeofday(&tvBegin, NULL);
for(cont = 0; cont < 1000; cont++) element_add(puntos[cont], puntos[cont], puntos[2*cont]);
gettimeofday(&tvEnd, NULL);
timeval_subtract(&tvEnd, &tvBegin, 1);
// invers
gettimeofday(&tvBegin, NULL);
for(cont = 0; cont < 1000; cont++) element_invert(puntos[cont], puntos[2*cont]);
gettimeofday(&tvEnd, NULL);
timeval_subtract(&tvEnd, &tvBegin, 1);
// Fpk
element_t q1, q2;
element_init_GT(q1, pairing);
element_init_GT(q2, pairing);
element_random(q1);
element_random(q2);
// multiplication
for(cont = 0; cont < 1000; cont++){
element_init_GT(puntos[cont], pairing);
element_init_GT(puntos[2*cont], pairing);
element_random(puntos[cont]);
element_random(puntos[2*cont]);
}
gettimeofday(&tvBegin, NULL);
for(cont = 0; cont < 1000; cont++) {
element_mul(puntos[cont], puntos[cont], puntos[2*cont]);
}
gettimeofday(&tvEnd, NULL);
timeval_subtract(&tvEnd, &tvBegin, 1);
//square
gettimeofday(&tvBegin, NULL);
for(cont = 0; cont < 1000; cont++) element_square(puntos[cont], puntos[cont]);
gettimeofday(&tvEnd, NULL);
timeval_subtract(&tvEnd, &tvBegin, 1);
// add
gettimeofday(&tvBegin, NULL);
for(cont = 0; cont < 1000; cont++){
element_add(element_x(puntos[cont]), element_x(puntos[cont]), element_x(puntos[2*cont]));
element_add(element_y(puntos[cont]), element_y(puntos[cont]), element_y(puntos[2*cont]));
}
gettimeofday(&tvEnd, NULL);
timeval_subtract(&tvEnd, &tvBegin, 1);
// invers
gettimeofday(&tvBegin, NULL);
for(cont = 0; cont < 1000; cont++) element_invert(puntos[cont], puntos[2*cont]);
gettimeofday(&tvEnd, NULL);
timeval_subtract(&tvEnd, &tvBegin, 1);
// CURVE OPERATIONS
element_t punto, punto2;
element_init(punto, h->field); element_random(punto);
element_init(punto2, h->field); element_random(punto2);
// add
gettimeofday(&tvBegin, NULL);
element_mul(punto, punto, punto2);
gettimeofday(&tvEnd, NULL);
timeval_subtract(&tvEnd, &tvBegin, 1);
// double
gettimeofday(&tvBegin, NULL);
element_double(punto, punto2);
gettimeofday(&tvEnd, NULL);
timeval_subtract(&tvEnd, &tvBegin, 1);
// SIZE GROUP
int m = mpz_sizeinbase(pairing->r, 2) - 2;
printf("%i\n", m);
int contador = 0;
for(;;){
if(!m) break;
if(mpz_tstbit(pairing->r,m)) contador++;
m--;
}
printf("%i\n", contador);
*/
// One pairing
gettimeofday(&tvBegin, NULL);
eval_miller(temp1, sig, g, pairing);
gettimeofday(&tvEnd, NULL);
timeval_subtract(&tvEnd, &tvBegin, 1000);
//print_contador();
// One pairing (with precomputed values)
// Original method
pairing_pp_t pp;
// Precomp
gettimeofday(&tvBegin, NULL);
pairing_pp_init(pp, sig, pairing);
gettimeofday(&tvEnd, NULL);
timeval_subtract(&tvEnd, &tvBegin, 1000);
// Eval
gettimeofday(&tvBegin, NULL);
pairing_pp_apply(temp1, g, pp);
gettimeofday(&tvEnd, NULL);
timeval_subtract(&tvEnd, &tvBegin, 1000);
pairing_pp_clear(pp);
void do_precomp(){
lpoly *list;
// precomputation
gettimeofday(&tvBegin, NULL);
list = lpoly_init();
precompute(list, pairing->r, sig, g);
gettimeofday(&tvEnd, NULL);
timeval_subtract(&tvEnd, &tvBegin, 1000);
// DMAX
printf("%i\n", list->MAXD);
// eval
gettimeofday(&tvBegin, NULL);
compute_miller(temp2, list, g, pairing);
gettimeofday(&tvEnd, NULL);
timeval_subtract(&tvEnd, &tvBegin, 1000);
lpoly_free(list);
}
static val_ptr eval_err(tree_ptr t) {
UNUSED_VAR(t);
pbc_die("BUG: shouldn't reach here!");
}
static val_ptr run_CHECK(val_ptr v[]) {
if (element_is0(v[0]->elem)) {
pbc_die("CHECK failed");
}
return v[0];
}
void LoadParams(char *systemFileName,
global_broadcast_params_t *gbp,
broadcast_system_t *sys)
{
if(!gbp) {
printf("ACK! You gave me no broadcast params! I die.\n");
return;
}
if(!gbp) {
printf("ACK! You gave me no broadcast system! I die.\n");
return;
}
if(!systemFileName) {
printf("ACK! You gave me no system filename! I die.\n");
return;
}
global_broadcast_params_t p;
broadcast_system_t s;
p = pbc_malloc(sizeof(struct global_broadcast_params_s));
s = pbc_malloc(sizeof(struct broadcast_system_s));
FILE *sysp = fopen(systemFileName, "r");
if(!sysp) {
printf("ACK! couldn't open %s I die\n", systemFileName);
return;
}
int leng;
fread(&leng, 4, 1, sysp);
p->pairFileName = (char *) pbc_malloc(leng);
fread(p->pairFileName, 1, leng, sysp);
FILE *params = fopen(p->pairFileName, "r");
if(!params) {
printf("ACK! couldn't open %s I die\n", p->pairFileName);
return;
}
// pairing_init_inp_str(p->pairing, params);
char _s[2048];
size_t count = fread(_s, 1, 2048, params);
if (!count) pbc_die("input error");
if (pairing_init_set_buf(p->pairing, _s, count)) pbc_die("pairing init failed");
fclose(params);
//restore num_users
fread(&(p->num_users),4,1, sysp);
//restore encr_prod
element_init(s->encr_prod, p->pairing->G1);
in(s->encr_prod, sysp);
//element_out_str(stdout, 0, s->encr_prod);
//restore pub_key
element_init(s->pub_key, p->pairing->G1);
in(s->pub_key, sysp);
//element_out_str(stdout, 0, s->pub_key);
//restore g
element_init(p->g, p->pairing->G1);
in(p->g, sysp);
p->gs = pbc_malloc(2 * p->num_users * sizeof(element_t));
//restore gs
int i;
for(i = 0; i < 2*p->num_users; i++) {
if(i == p->num_users) continue;
element_init(p->gs[i], p->pairing->G1);
in(p->gs[i], sysp);
}
fclose(sysp);
//now insert a dummy private key
element_init_Zr(s->priv_key, p->pairing);
*gbp = p;
*sys = s;
return;
}
int main(int argc, char **argv) {
pairing_t pairing;
double time1, time2;
element_t P, a, b, c, Ka, Kb, Kc, t1, t2, t3, t4, t5, t6;
pbc_demo_pairing_init(pairing, argc, argv);
if (!pairing_is_symmetric(pairing)) pbc_die("pairing must be symmetric");
element_init_G1(P, pairing);
element_init_G1(t1, pairing);
element_init_G1(t2, pairing);
element_init_G1(t3, pairing);
element_init_Zr(a, pairing);
element_init_Zr(b, pairing);
element_init_Zr(c, pairing);
element_init_GT(t4, pairing);
element_init_GT(t5, pairing);
element_init_GT(t6, pairing);
element_init_GT(Ka, pairing);
element_init_GT(Kb, pairing);
element_init_GT(Kc, pairing);
time1 = pbc_get_time();
printf("Joux key agreement between A, B and C.\n");
element_random(P);
element_random(a);
element_random(b);
element_random(c);
element_mul_zn(t1, P, a);
printf("A sends B and C: aP\n");
element_printf("aP = %B\n", t1);
element_mul_zn(t2, P, b);
printf("B sends A and C: bP\n");
element_printf("bP = %B\n", t2);
element_mul_zn(t3, P, c);
printf("C sends A and B: cP\n");
element_printf("cP = %B\n", t3);
element_pairing(t4, t2, t3);
element_pow_zn(Ka, t4, a);
element_printf("Ka = %B\n", Ka);
element_pairing(t5, t1, t3);
element_pow_zn(Kb, t5, b);
element_printf("Kb = %B\n", Kb);
element_pairing(t6, t1, t2);
element_pow_zn(Kc, t6, c);
element_printf("Kc = %B\n", Kc);
printf("Shared key K = Ka = Kb = Kc\n");
time2 = pbc_get_time();
printf("All time = %fs\n", time2 - time1);
element_clear(P);
element_clear(a);
element_clear(b);
element_clear(c);
element_clear(Ka);
element_clear(Kb);
element_clear(Kc);
element_clear(t1);
element_clear(t2);
element_clear(t3);
element_clear(t4);
element_clear(t5);
element_clear(t6);
pairing_clear(pairing);
return 0;
}
void pbc_param_init_i_gen(pbc_param_ptr par, int group_size) {
param_init(par);
params *p = par->data;
if (group_size <= 150) {
p->m = 97;
p->t = 12;
mpz_set_str(p->n, "2726865189058261010774960798134976187171462721", 10);
mpz_set_str(p->n2, "7", 10);
} else if (group_size <= 206) {
p->m = 199;
p->t = 164;
mpz_set_str(p->n, "167725321489096000055336949742738378351010268990525380470313869", 10);
mpz_set_str(p->n2, "527874953560391326545598291952743", 10);
} else if (group_size <= 259) {
p->m = 235;
p->t = 26;
mpz_set_str(p->n, "1124316700897695330265827797088699345032488681307846555184025129863722718180241", 10);
mpz_set_str(p->n2, "11819693021332914275777073321995059", 10);
} else if (group_size <= 316) {
p->m = 385;
p->t = 22;
mpz_set_str(p->n, "140884762419712839999909157778648717913595360839856026704744558309545986970238264714753014287541", 10);
mpz_set_str(p->n2, "34899486997246711147841377458771182755186809219564106252058066150110543296498189654810187", 10);
} else if (group_size <= 376) {
p->m = 337;
p->t = 30;
mpz_set_str(p->n, "250796519030408069744426774377542635685621984993105288007781750196791322190409525696108840742205849171229571431053", 10);
mpz_set_str(p->n2, "245777055088325363697128811262733732423405120899", 10);
} else if (group_size <= 430) {
p->m = 373;
p->t = 198;
mpz_set_str(p->n, "2840685307599487500956683789051368080919805957805957356540760731597378326586402072132959867084691357708217739285576524329854284197", 10);
mpz_set_str(p->n2, "3256903458766749542151641063558247849550904613763", 10);
} else if (group_size <= 484) {
p->m = 395;
p->t = 338;
mpz_set_str(p->n, "80172097064154181257340545445945701478615643539554910656655431171167598268341527430200810544156625333601812351266052856520678455274751591367269291", 10);
mpz_set_str(p->n2, "3621365590261279902324876775553649595261567", 10);
} else if (group_size <= 552) {
p->m = 433;
p->t = 120;
mpz_set_str(p->n, "15699907553631673835088720676147779193076555382157913339177784853763686462870506492752576492212322736133645158157557950634628006965882177348385366381692092784577773463", 10);
mpz_set_str(p->n2, "24980791723059119877470531054938874784049", 10);
} else if (group_size <= 644) {
p->m = 467;
p->t = 48;
mpz_set_str(p->n, "108220469499363631995525712756135494735252733492048868417164002000654321383482753640072319529019505742300964525569770933946381504691909098938045089999753901375631613294579329433690943459352138231", 10);
mpz_set_str(p->n2, "60438898450096967424971813347", 10);
} else if (group_size <= 696) {
p->m = 503;
p->t = 104;
mpz_set_str(p->n, "545523657676112447260904563578912738373307867219686215849632469801471112426878939776725222290437653718473962733760874627315930933126581248465899651120481066111839081575164964589811985885719017214938514563804313", 10);
mpz_set_str(p->n2, "1799606423432800810122901025413", 10);
} else if (group_size <= 803) {
p->m = 509;
p->t = 358;
mpz_set_str(p->n, "102239946202586852409809887418093021457150612495255706614733003327526279081563687830782748305746187060264985869283524441819589592750998086186315250781067131293823177124077445718802216415539934838376431091001197641295264650596195201747790167311", 10);
mpz_set_str(p->n2, "7", 10);
} else if (group_size <= 892) {
p->m = 617;
p->t = 88;
mpz_set_str(p->n, "57591959284219511220590893724691916802833742568034971006633345422620650391172287893878655658086794200963521584019889327992536532560877385225451713282279597074750857647455565899702728629166541223955196002755787520206774906606158388947359746178875040401304783332742806641", 10);
mpz_set_str(p->n2, "42019638181715250622338241", 10);
} else
pbc_die("unsupported group size");
}
static void *default_pbc_malloc(size_t size) {
void *res = malloc(size);
if (!res) pbc_die("malloc() error");
return res;
}
static void *default_pbc_malloc(size_t size) {
void *ptr = pbc_mem_malloc(size);
if(!ptr) pbc_die("malloc() error");
return pbc_mem_to_ptr(ptr);
}
int main(int argc, char **argv) {
pairing_t pairing;
pbc_demo_pairing_init(pairing, argc, argv);
if (!pairing_is_symmetric(pairing)) pbc_die("pairing must be symmetric");
double time1, time2;
element_t P, Ppub, x, S, H, t1, t2, t3, t4;
element_init_Zr(x, pairing);
element_init_Zr(H, pairing);
element_init_Zr(t1, pairing);
element_init_G1(S, pairing);
element_init_G1(P, pairing);
element_init_G1(Ppub, pairing);
element_init_G1(t2, pairing);
element_init_GT(t3, pairing);
element_init_GT(t4, pairing);
printf("ZSS short signature schema\n");
printf("KEYGEN\n");
time1 = pbc_get_time();
element_random(x);
element_random(P);
element_mul_zn(Ppub, P, x);
element_printf("P = %B\n", P);
element_printf("x = %B\n", x);
element_printf("Ppub = %B\n", Ppub);
printf("SIGN\n");
element_from_hash(H, "Message", 7);
element_add(t1, H, x);
element_invert(t1, t1);
element_mul_zn(S, P, t1);
printf("Signature of message \"Message\" is:\n");
element_printf("S = %B\n", S);
printf("VERIFY\n");
element_from_hash(H, "Message", 7);
element_mul_zn(t2, P, H);
element_add(t2, t2, Ppub);
element_pairing(t3, t2, S);
element_pairing(t4, P, P);
element_printf("e(H(m)P + Ppub, S) = %B\n", t3);
element_printf("e(P, P) = %B\n", t4);
if (!element_cmp(t3, t4)) printf("Signature is valid\n");
else printf("Signature is invalid\n");
time2 = pbc_get_time();
printf("All time = %fs\n", time2 - time1);
element_clear(P);
element_clear(Ppub);
element_clear(x);
element_clear(S);
element_clear(H);
element_clear(t1);
element_clear(t2);
element_clear(t3);
element_clear(t4);
pairing_clear(pairing);
return 0;
}
int main(void){
pairing_t pairing;
element_t g, h, f, beta, beta_inverse;
char s[16384];
signed long int temp_share;
FILE *fp = stdin;
fp = fopen("../public/a.param", "r");
if (!fp)
pbc_die("error opening parameter file", "r");
size_t count = fread(s, 1, 16384, fp);
if(!count)
pbc_die("read parameter failure\n");
fclose(fp);
if(pairing_init_set_buf(pairing, s, count))
pbc_die("pairing init failed\n");
if(!pairing_is_symmetric(pairing)) pbc_die("pairing is not symmetric\n");
element_init_G1(g, pairing);
element_init_G1(h, pairing);
element_init_G1(f, pairing);
element_init_Zr(beta, pairing);
element_init_Zr(beta_inverse, pairing);
//(G1, g, h, f) is the public key of authorizer
//find the generator of the group
element_set(g, ((curve_data_ptr)((a_pairing_data_ptr)\
pairing->data)->Eq->data)->gen);
element_random(beta);
element_invert(beta_inverse, beta);
//h = g^beta
element_pow_zn(h, g, beta);
//f = g^(1/beta)
element_pow_zn(f, g, beta_inverse);
fp = NULL;
fp = fopen("./authorizer_public_keys.txt", "w+");
if(!fp)
pbc_die("error creating public key files");
else{
fprintf(fp, "g:");
element_out_str(fp, 10, g);
fprintf(fp, "\n\nh:");
element_out_str(fp, 10, h);
fprintf(fp, "\n\nf:");
element_out_str(fp, 10, f);
fclose(fp);
}
fp = fopen("./authorizer_secret_key.txt", "w+");
if(!fp)
pbc_die("error creating secret key files");
else{
fprintf(fp, "beta:");
element_out_str(fp, 10, beta);
}
element_clear(g);
element_clear(h);
element_clear(f);
element_clear(beta);
element_clear(beta_inverse);
return 1;
}
static void *default_pbc_realloc(void *ptr, size_t size) {
void *res = realloc(ptr, size);
if (!res) pbc_die("realloc() error");
return res;
}
static void d_init_pairing(pairing_ptr pairing, void *data) {
d_param_ptr param = data;
pptr p;
element_t a, b;
element_t irred;
int d = param->k / 2;
int i;
if (param->k % 2) pbc_die("k must be even");
mpz_init(pairing->r);
mpz_set(pairing->r, param->r);
field_init_fp(pairing->Zr, pairing->r);
pairing->map = cc_pairing;
pairing->prod_pairings = cc_pairings_affine;
pairing->is_almost_coddh = cc_is_almost_coddh;
p = pairing->data = pbc_malloc(sizeof(*p));
field_init_fp(p->Fq, param->q);
element_init(a, p->Fq);
element_init(b, p->Fq);
element_set_mpz(a, param->a);
element_set_mpz(b, param->b);
field_init_curve_ab(p->Eq, a, b, pairing->r, param->h);
field_init_poly(p->Fqx, p->Fq);
element_init(irred, p->Fqx);
poly_set_coeff1(irred, d);
for (i = 0; i < d; i++) {
element_set_mpz(element_item(irred, i), param->coeff[i]);
}
field_init_polymod(p->Fqd, irred);
element_clear(irred);
p->Fqd->nqr = pbc_malloc(sizeof(element_t));
element_init(p->Fqd->nqr, p->Fqd);
element_set_mpz(((element_t *) p->Fqd->nqr->data)[0], param->nqr);
field_init_quadratic(p->Fqk, p->Fqd);
// Compute constants involved in the final powering.
if (param->k == 6) {
mpz_ptr q = param->q;
mpz_ptr z = pairing->phikonr;
mpz_init(z);
mpz_mul(z, q, q);
mpz_sub(z, z, q);
mpz_add_ui(z, z, 1);
mpz_divexact(z, z, pairing->r);
element_ptr e = p->xpowq;
element_init(e, p->Fqd);
element_set1(((element_t *) e->data)[1]);
element_pow_mpz(e, e, q);
element_init(p->xpowq2, p->Fqd);
element_square(p->xpowq2, e);
} else {
mpz_init(p->tateexp);
mpz_sub_ui(p->tateexp, p->Fqk->order, 1);
mpz_divexact(p->tateexp, p->tateexp, pairing->r);
}
field_init_curve_ab_map(p->Etwist, p->Eq, element_field_to_polymod, p->Fqd, pairing->r, NULL);
field_reinit_curve_twist(p->Etwist);
mpz_t ndonr;
mpz_init(ndonr);
// ndonr temporarily holds the trace.
mpz_sub(ndonr, param->q, param->n);
mpz_add_ui(ndonr, ndonr, 1);
// Negate it because we want the trace of the twist.
mpz_neg(ndonr, ndonr);
pbc_mpz_curve_order_extn(ndonr, param->q, ndonr, d);
mpz_divexact(ndonr, ndonr, param->r);
field_curve_set_quotient_cmp(p->Etwist, ndonr);
mpz_clear(ndonr);
element_init(p->nqrinv, p->Fqd);
element_invert(p->nqrinv, field_get_nqr(p->Fqd));
element_init(p->nqrinv2, p->Fqd);
element_square(p->nqrinv2, p->nqrinv);
pairing->G1 = p->Eq;
pairing->G2 = p->Etwist;
p->k = param->k;
pairing_GT_init(pairing, p->Fqk);
pairing->finalpow = cc_finalpow;
// By default use affine coordinates.
cc_miller_no_denom_fn = cc_miller_no_denom_affine;
pairing->option_set = d_pairing_option_set;
pairing->pp_init = d_pairing_pp_init;
pairing->pp_clear = d_pairing_pp_clear;
pairing->pp_apply = d_pairing_pp_apply;
pairing->clear_func = d_pairing_clear;
element_clear(a);
element_clear(b);
}
