]> git.siccegge.de Git - software/DIPE.git/blob - src/DIPE.cxx
projects / software / DIPE.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Code drop
[software/DIPE.git] / src / DIPE.cxx
1 #include "DIPE.h"
2 #include <string.h>
3
4 struct dipe_param {
5 pairing_t pairing;
6 element_t g1;
7 element_t g2;
8 element_t gt;
9 };
10
11 struct dipe_master_publickey {
12 size_t dimension;
13 element_t a;
14 element_t* k;
15 };
16
17 struct dipe_master_secretkey {
18 size_t dimension;
19 element_t a;
20 element_t* k;
21 };
22
23 struct dipe_secretkey {
24 size_t dimension;
25 element_t d;
26 };
27
28 struct dipe_ctxt {
29 size_t dimension;
30 element_t s;
31 element_t* cx;
32 element_t c;
33 };
34
35
36 namespace {
37 size_t dipe_h_length(element_t elem, size_t dimension) {
38 return 16 /*cid*/ + dimension * element_length_in_bytes(elem);
39 }
40
41 void dipe_generate_h(char* cid, element_t* y, size_t dimension, unsigned char* result) {
42 memcpy(result, cid, 16);
43 unsigned char* next_element = result+16;
44 for (size_t i = 0; i < dimension; ++i) {
45 element_to_bytes(next_element, y[i]);
46 next_element += element_length_in_bytes(y[0]);
47 }
48 }
49 }
50
51 void dipe_init(FILE* configfp, dipe_param_t* param) {
52 char buffer[2<<16];
53 (*param) = (dipe_param_t)malloc(sizeof(dipe_param));
54 fread(buffer, 1, 2<<16, configfp);
55
56 pairing_init_set_buf((*param)->pairing, buffer, 2<<16);
57
58 element_init_G1((*param)->g1, (*param)->pairing);
59 element_init_G2((*param)->g2, (*param)->pairing);
60 element_init_GT((*param)->gt, (*param)->pairing);
61
62 element_random((*param)->g1);
63 element_random((*param)->g2);
64 pairing_apply((*param)->gt, (*param)->g1, (*param)->g2, (*param)->pairing);
65 }
66
67 pairing_t* dipe_get_pairing(dipe_param_t param) {
68 return &(param->pairing);
69 }
70
71 void dipe_master_keygen(dipe_param_t param, size_t dimension, dipe_master_publickey_t* pk, dipe_master_secretkey_t* sk) {
72 *pk = (dipe_master_publickey_t)malloc(sizeof(dipe_master_publickey));
73 *sk = (dipe_master_secretkey_t)malloc(sizeof(dipe_master_secretkey));
74
75 (*sk)->dimension = (*pk)->dimension = dimension;
76
77 element_init_Zr((*sk)->a, param->pairing);
78 element_init_GT((*pk)->a, param->pairing);
79 element_random((*sk)->a);
80 element_pow_zn((*pk)->a, param->gt, (*sk)->a);
81
82 (*sk)->k = (element_t*)calloc(dimension, sizeof(element_t));
83 (*pk)->k = (element_t*)calloc(dimension, sizeof(element_t));
84 for (size_t i = 0; i < dimension; ++i) {
85 element_init_Zr((*sk)->k[i], param->pairing);
86 element_init_G1((*pk)->k[i], param->pairing);
87 element_random((*sk)->k[i]);
88 element_pow_zn((*pk)->k[i], param->gt, (*sk)->k[i]);
89 }
90 }
91
92 void dipe_keygen(dipe_param_t param, dipe_master_secretkey_t msk, char* cid, element_t* y, dipe_secretkey_t* sk) {
93 *sk = (dipe_secretkey_t)malloc(sizeof(dipe_secretkey));
94 (*sk)->dimension = msk->dimension;
95 element_init_G2((*sk)->d, param->pairing);
96
97 size_t hash_input_length = dipe_h_length(y[0], msk->dimension);
98 unsigned char hash_input[hash_input_length];
99 element_t h;
100 element_init_G2(h, param->pairing);
101
102 dipe_generate_h(cid, y, msk->dimension, hash_input);
103 element_from_hash(h, hash_input, hash_input_length);
104
105 element_t innerp;
106 element_t tmp;
107
108 element_init_Zr(innerp, param->pairing);
109 element_init_Zr(tmp, param->pairing);
110 element_set1(innerp);
111
112 element_from_hash(h, hash_input, hash_input_length);
113
114 for (size_t i = 0; i < msk->dimension; ++i) {
115 element_mul(tmp, y[i], msk->k[i]);
116 element_add(innerp, innerp, tmp);
117 }
118
119 element_t a2;
120 element_init_G2(a2, param->pairing);
121 element_pow_zn(h, h, innerp);
122 element_pow_zn(a2, param->g2, msk->a);
123 element_mul((*sk)->d, a2, h);
124
125 element_clear(h);
126 element_clear(innerp);
127 element_clear(tmp);
128 element_clear(a2);
129 }
130
131 void dipe_encrypt(dipe_param_t param, dipe_master_publickey_t mpk, element_t* x, element_t ptxt, dipe_ctxt_t* ctxt) {
132 *ctxt = (dipe_ctxt_t)malloc(sizeof(dipe_ctxt));
133 (*ctxt)->dimension = mpk->dimension;
134
135 element_t r;
136 element_t s;
137 element_init_Zr(r, param->pairing);
138 element_init_Zr(s, param->pairing);
139
140 element_random(r);
141 element_random(s);
142
143 element_init_G1((*ctxt)->s, param->pairing);
144 element_pow_zn((*ctxt)->s, param->g1, s);
145
146 element_t k1;
147 element_t x1;
148 element_init_G1(k1, param->pairing);
149 element_init_G1(x1, param->pairing);
150
151 (*ctxt)->cx = (element_t*)calloc(mpk->dimension, sizeof(element_t));
152 for (size_t i = 0; i < mpk->dimension; ++i){
153 element_pow_zn(x1, param->g1, x[i]);
154 element_pow_zn(x1, x1, r);
155
156 element_pow_zn(k1, mpk->k[i], s);
157
158 element_init_G1((*ctxt)->cx[i], param->pairing);
159 element_mul((*ctxt)->cx[i], k1, x1);
160 }
161
162 element_t at;
163 element_init_GT(at, param->pairing);
164 element_pow_zn(at, mpk->a, s);
165 element_init_GT((*ctxt)->c, param->pairing);
166 element_mul((*ctxt)->c, at, ptxt);
167
168 element_clear(r);
169 element_clear(s);
170 element_clear(k1);
171 element_clear(x1);
172 element_clear(at);
173 }
174
175
176 void dipe_decrypt(dipe_param_t param, dipe_secretkey_t sk, char* cid, element_t* y, dipe_ctxt_t ctxt, element_t ptxt) {
177 size_t hash_input_length = dipe_h_length(y[0], sk->dimension);
178 unsigned char hash_input[hash_input_length];
179 element_t h;
180 element_init_G2(h, param->pairing);
181
182 dipe_generate_h(cid, y, sk->dimension, hash_input);
183 element_from_hash(h, hash_input, hash_input_length);
184
185 element_t tmp;
186 element_t innerp;
187 element_t hy;
188 element_init_GT(tmp, param->pairing);
189 element_init_GT(innerp, param->pairing);
190 element_init_G2(hy, param->pairing);
191
192 element_set1(innerp);
193 for (size_t i = 0; i < sk->dimension; ++i) {
194 element_pow_zn(hy, h, y[i]);
195 pairing_apply(tmp, ctxt->cx[i], hy, param->pairing);
196 element_mul(innerp, innerp, tmp);
197 }
198
199 pairing_apply(ptxt, ctxt->s, sk->d, param->pairing);
200 element_invert(ptxt, ptxt);
201 element_mul(ptxt, ptxt, ctxt->c);
202 element_mul(ptxt, ptxt, innerp);
203
204 element_clear(h);
205 element_clear(tmp);
206 element_clear(innerp);
207 element_clear(hy);
208 }
209
210
211 void dipe_free_param(dipe_param_t param) {
212 element_clear(param->g1);
213 element_clear(param->g2);
214 element_clear(param->gt);
215 pairing_clear(param->pairing);
216 free(param);
217 }
218
219 void dipe_free_master_secretkey(dipe_master_secretkey_t sk) {
220 for (size_t i = 0; i < sk->dimension; ++i) {
221 element_clear(sk->k[i]);
222 }
223 element_clear(sk->a);
224 free(sk->k);
225 free(sk);
226 }
227
228 void dipe_free_master_publickey(dipe_master_publickey_t pk) {
229 for (size_t i = 0; i < pk->dimension; ++i) {
230 element_clear(pk->k[i]);
231 }
232 element_clear(pk->a);
233 free(pk->k);
234 free(pk);
235 }
236
237 void dipe_free_secretkey(dipe_secretkey_t sk) {
238 element_clear(sk->d);
239 free(sk);
240 }
241
242 void dipe_free_ctxt(dipe_ctxt_t ctxt) {
243 for (size_t i = 0; i < ctxt->dimension; ++i) {
244 element_clear(ctxt->cx[i]);
245 }
246 element_clear(ctxt->c);
247 element_clear(ctxt->s);
248 free(ctxt->cx);
249 free(ctxt);
250 }
Unnamed repository; edit this file 'description' to name the repository.