add compatibility with java sdk:

1. update blake2b to sha256 2. update pre random bitlen to bitlen(baseN)-1 3. modify aes key length 128 4. add pre test

add compatibility with java sdk:
d0e5f49f · pengjun · da5d4bcf · d0e5f49f · d0e5f49f · d0e5f49f
Commit d0e5f49f authored Jul 02, 2020 by pengjun
Show whitespace changes
Inline Side-by-side

Showing with 153 additions and 41 deletions

crypto_test.go crypto/crypto_test.go +3 -5

hash.go crypto/hash.go +10 -3

pre.go pre.go +26 -33

pre_test.go pre_test.go +114 -0

No files found.
--- a/crypto/crypto_test.go
+++ b/crypto/crypto_test.go
@@ -79,11 +79,9 @@ func TestAddress(t *testing.T) {
 }

 func TestKDF(t *testing.T) {
-	key := []byte{0x1, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, 0x11}
-
-	keyf := KDF(key, 32)
-	fmt.Println(keyf)
-	fmt.Println(len(keyf))
+	keyf := KDF([]byte("kdf test"), 16)
+	fmt.Println(types.ToHex(keyf))
+	assert.Equal(t, 16, len(keyf))
 }

 func TestED25519(t *testing.T) {

--- a/crypto/hash.go
+++ b/crypto/hash.go
@@ -2,8 +2,8 @@ package crypto

 import (
 	"crypto/sha256"
+	"encoding/binary"
 	"golang.org/x/crypto/ripemd160"
-	"math/big"
 )


@@ -41,15 +41,22 @@ func Rimp160(b []byte) []byte {
 	return out[:]
 }

+func intToBytes(x int) []byte {
+	var buf = make([]byte, 4)
+
+	binary.BigEndian.PutUint32(buf, uint32(x))
+	return buf
+}
+
 func KDF(x []byte, length int) []byte {
 	var c []byte

-	var ct int64 = 1
+	var ct = 1
 	h := sha256.New()
 	for i, j := 0, (length+31)/32; i < j; i++ {
 		h.Reset()
 		h.Write(x)
-		h.Write(big.NewInt(ct).Bytes())
+		h.Write(intToBytes(ct))
 		hash := h.Sum(nil)
 		if i+1 == j && length%32 != 0 {
 			c = append(c, hash[:length%32]...)

--- a/pre.go
+++ b/pre.go
@@ -2,17 +2,21 @@ package sdk

 import (
 	"crypto/rand"
+	"crypto/sha256"
 	"errors"
 	"fmt"
 	"github.com/33cn/chain33-sdk-go/crypto"
 	"github.com/33cn/chain33-sdk-go/types"
 	secp256k1 "github.com/btcsuite/btcd/btcec"
-	"golang.org/x/crypto/blake2b"
 	"math/big"
 )

 var baseN = secp256k1.S256().Params().N

+const (
+	encKeyLength  = 16 // 对称秘钥长度，兼容jdk
+)
+
 type KFrag struct {
 	Random    string
 	Value     string
@@ -34,7 +38,7 @@ type EccPoit struct {
 func NewEccPoint(pubStr string) (*EccPoit, error) {
 	reKeyRByte, err := types.FromHex(pubStr)
 	if err != nil {
-		fmt.Errorf("get reKeyRByte err", err)
+		fmt.Errorf("get reKeyRByte err, %s", err.Error())
 		return nil, err
 	}
 	reKeyR := crypto.PublicFromByte(reKeyRByte)
@@ -132,8 +136,8 @@ func calcLambdaCoeff(inId *big.Int, selectedIds []*big.Int) *big.Int {
 	return result
 }

-func getRandomInt(order *big.Int) *big.Int {
-	randInt, err := rand.Int(rand.Reader, order)
+func getRandomInt(bitlen int) *big.Int {
+	randInt, err := rand.Prime(rand.Reader, bitlen)
 	if err != nil {
 		panic(err)
 	}
@@ -155,7 +159,7 @@ func GeneratePreEncryptKey(pubOwner []byte) ([]byte, string, string) {
 	pub_r := types.ToHex((*secp256k1.PublicKey)(&priv_r.PublicKey).SerializeCompressed())
 	pub_u := types.ToHex((*secp256k1.PublicKey)(&priv_u.PublicKey).SerializeCompressed())

-	share_key := crypto.KDF(result.SerializeCompressed(), 32)
+	share_key := crypto.KDF(result.SerializeCompressed(), encKeyLength)
 	return share_key, pub_r, pub_u
 }

@@ -167,11 +171,8 @@ func GenerateKeyFragments(privOwner []byte, pubRecipient []byte, numSplit, thres
 	pubRecipientKey := crypto.PublicFromByte(pubRecipient)

 	dh_Alice_poit_x := types.ECDH(precursor, pubRecipientKey)
-	dAliceHash, err := blake2b.New256(precursor.X.Bytes())
-	if err != nil {
-		fmt.Errorf("Generate precursor Key err", err)
-		return nil, err
-	}
+	dAliceHash := sha256.New()
+	dAliceHash.Write(precursor.X.Bytes())
 	dAliceHash.Write(pubRecipientKey.X.Bytes())
 	dAliceHash.Write(dh_Alice_poit_x)
 	dAlice := dAliceHash.Sum(nil)
@@ -183,7 +184,7 @@ func GenerateKeyFragments(privOwner []byte, pubRecipient []byte, numSplit, thres

 	kFrags := make([]*KFrag, numSplit)
 	if numSplit == 1 {
-		id := getRandomInt(baseN)
+		id := getRandomInt(baseN.BitLen()-1)
 		kFrags[0] = &KFrag{Random: id.String(), Value: f0.String(), PrecurPub: precurPub}
 	} else {
 		coeffs := makeShamirPolyCoeff(threshold)
@@ -191,12 +192,9 @@ func GenerateKeyFragments(privOwner []byte, pubRecipient []byte, numSplit, thres

 		// rk[i] = f2*id^2 + f1*id + f0
 		for i, _ := range kFrags {
-			id := getRandomInt(baseN)
-			dShareHash, err := blake2b.New256(precursor.X.Bytes())
-			if err != nil {
-				fmt.Errorf("Generate precursor Key err", err)
-				return nil, err
-			}
+			id := getRandomInt(baseN.BitLen()-1)
+			dShareHash := sha256.New()
+			dShareHash.Write(precursor.X.Bytes())
 			dShareHash.Write(pubRecipientKey.X.Bytes())
 			dShareHash.Write(dh_Alice_poit_x)
 			dShareHash.Write(id.Bytes())
@@ -213,16 +211,13 @@ func AssembleReencryptFragment(privRecipient []byte, reKeyFrags []*ReKeyFrag) ([
 	privRecipientKey := crypto.PrivateFromByte(privRecipient)
 	precursor, err := types.FromHex(reKeyFrags[0].PrecurPub)
 	if err != nil {
-		fmt.Errorf("FromHex", err)
+		fmt.Errorf("FromHex, %s", err.Error())
 		return nil, err
 	}
 	precursorPubKey := crypto.PublicFromByte(precursor)
 	dh_Bob_poit_x := types.ECDH(privRecipientKey, precursorPubKey)
-	dBobHash, err := blake2b.New256(precursorPubKey.X.Bytes())
-	if err != nil {
-		fmt.Errorf("Generate precursor Key err", err)
-		return nil, err
-	}
+	dBobHash := sha256.New()
+	dBobHash.Write(precursorPubKey.X.Bytes())
 	dBobHash.Write(privRecipientKey.X.Bytes())
 	dBobHash.Write(dh_Bob_poit_x)
 	dhBob := dBobHash.Sum(nil)
@@ -232,12 +227,12 @@ func AssembleReencryptFragment(privRecipient []byte, reKeyFrags []*ReKeyFrag) ([
 	if len(reKeyFrags) == 1 {
 		rPoint, err := NewEccPoint(reKeyFrags[0].ReKeyR)
 		if err != nil {
-			fmt.Errorf("get reKeyRByte err", err)
+			fmt.Errorf("get reKeyRByte err, %s", err.Error())
 			return nil, err
 		}
 		uPoint, err := NewEccPoint(reKeyFrags[0].ReKeyU)
 		if err != nil {
-			fmt.Errorf("get reKeyRByte err", err)
+			fmt.Errorf("get reKeyRByte err, %s", err.Error())
 			return nil, err
 		}

@@ -247,11 +242,8 @@ func AssembleReencryptFragment(privRecipient []byte, reKeyFrags []*ReKeyFrag) ([

 		ids := make([]*big.Int, len(reKeyFrags))
 		for x, _ := range ids {
-			xs, err := blake2b.New256(precursorPubKey.X.Bytes())
-			if err != nil {
-				fmt.Errorf("Generate precursor Key err", err)
-				return nil, err
-			}
+			xs := sha256.New()
+			xs.Write(precursorPubKey.X.Bytes())
 			xs.Write(privRecipientKey.X.Bytes())
 			xs.Write(dh_Bob_poit_x)
 			random, ret := new(big.Int).SetString(reKeyFrags[x].Random, 10)
@@ -270,12 +262,12 @@ func AssembleReencryptFragment(privRecipient []byte, reKeyFrags []*ReKeyFrag) ([
 			}
 			rPoint, err := NewEccPoint(reKeyFrags[i].ReKeyR)
 			if err != nil {
-				fmt.Errorf("get reKeyRByte err", err)
+				fmt.Errorf("get reKeyRByte err, %s", err.Error())
 				return nil, err
 			}
 			uPoint, err := NewEccPoint(reKeyFrags[i].ReKeyU)
 			if err != nil {
-				fmt.Errorf("get reKeyRByte err", err)
+				fmt.Errorf("get reKeyRByte err, %s", err.Error())
 				return nil, err
 			}
 			e := rPoint.MulInt(lambda)
@@ -286,6 +278,6 @@ func AssembleReencryptFragment(privRecipient []byte, reKeyFrags []*ReKeyFrag) ([
 		result = eFinal.Add(vFinal).MulInt(dhBobBN)
 	}

-	share_key := crypto.KDF(result.ToPublicKey().SerializeCompressed(), 32)
+	share_key := crypto.KDF(result.ToPublicKey().SerializeCompressed(), encKeyLength)
 	return share_key, nil
 }
\ No newline at end of file
--- a/pre_test.go
+++ b/pre_test.go
+package sdk
+
+import (
+	"fmt"
+	"github.com/33cn/chain33-sdk-go/client"
+	"github.com/33cn/chain33-sdk-go/crypto"
+	"github.com/33cn/chain33-sdk-go/types"
+	"github.com/stretchr/testify/assert"
+	"testing"
+)
+
+type ReqSendKeyFragment struct {
+	PubOwner             string   `protobuf:"bytes,1,opt,name=pubOwner,proto3" json:"pubOwner,omitempty"`
+	PubRecipient         string   `protobuf:"bytes,2,opt,name=pubRecipient,proto3" json:"pubRecipient,omitempty"`
+	PubProofR            string   `protobuf:"bytes,3,opt,name=pubProofR,proto3" json:"pubProofR,omitempty"`
+	PubProofU            string   `protobuf:"bytes,4,opt,name=pubProofU,proto3" json:"pubProofU,omitempty"`
+	Random               string   `protobuf:"bytes,5,opt,name=random,proto3" json:"random,omitempty"`
+	Value                string   `protobuf:"bytes,6,opt,name=value,proto3" json:"value,omitempty"`
+	Expire               int64    `protobuf:"varint,7,opt,name=expire,proto3" json:"expire,omitempty"`
+	DhProof              string   `protobuf:"bytes,8,opt,name=dhProof,proto3" json:"dhProof,omitempty"`
+	PrecurPub            string   `protobuf:"bytes,9,opt,name=precurPub,proto3" json:"precurPub,omitempty"`
+}
+
+type ReqReeencryptParam struct {
+	PubOwner             string   `protobuf:"bytes,1,opt,name=pubOwner,proto3" json:"pubOwner,omitempty"`
+	PubRecipient         string   `protobuf:"bytes,2,opt,name=pubRecipient,proto3" json:"pubRecipient,omitempty"`
+}
+
+type RepReeencrypt struct {
+	ReKeyR               string   `protobuf:"bytes,1,opt,name=reKeyR,proto3" json:"reKeyR,omitempty"`
+	ReKeyU               string   `protobuf:"bytes,2,opt,name=reKeyU,proto3" json:"reKeyU,omitempty"`
+	Random               string   `protobuf:"bytes,3,opt,name=random,proto3" json:"random,omitempty"`
+	PrecurPub            string   `protobuf:"bytes,4,opt,name=precurPub,proto3" json:"precurPub,omitempty"`
+}
+
+func TestPre(t *testing.T) {
+	privOwner,_ := types.FromHex("6d52c4680c00dcdb9d904dc6878a8e1c753ecf9c43a48499d819fdc0eafa4639")
+	pubOwner,_ := types.FromHex("02e5fdf78aded517e3235c2276ed0e020226c55835dea7b8306f2e8d3d99d2d4f4")
+	serverPub,_ := types.FromHex("02005d3a38feaff00f1b83014b2602d7b5b39506ddee7919dd66539b5428358f08")
+	privRecipient, _ := types.FromHex("841e3b4ab211eecfccb475940171150fd1536cb656c870fe95d206ebf9732b6c")
+	pubRecipient, _ := types.FromHex("03b9d801f88c38522a9bf786f23544259d516ee0d1f6699f926f891ac3fb92c6d9")
+	msg := "hello proxy-re-encrypt"
+	serverList := []string {"http://192.168.0.155:11801", "http://192.168.0.155:11802", "http://192.168.0.155:11803"}
+
+	enKey, pub_r, pub_u := GeneratePreEncryptKey(pubOwner)
+	cipher, err := crypto.AESCBCPKCS7Encrypt(enKey, []byte(msg))
+	if err != nil {
+		panic(err)
+	}
+	fmt.Println(types.ToHex(cipher))
+
+	if err != nil {
+		panic(err)
+	}
+	keyFrags, err := GenerateKeyFragments(privOwner, pubRecipient, 3, 2)
+	if err != nil {
+		panic(err)
+	}
+
+	dhproof := types.ECDH(crypto.PrivateFromByte(privOwner), crypto.PublicFromByte(serverPub))
+	for i, server := range serverList {
+		jclient, err := client.NewJSONClient("Pre", server)
+		if err != nil {
+			panic(err)
+		}
+
+		var result interface{}
+		param := &ReqSendKeyFragment{
+			PubOwner:     types.ToHex(pubOwner),
+			PubRecipient: types.ToHex(pubRecipient),
+			PubProofR:    pub_r,
+			PubProofU:    pub_u,
+			Random:       keyFrags[i].Random,
+			Value:        keyFrags[i].Value,
+			Expire:       1000000,
+			DhProof:      types.ToHex(dhproof),
+			PrecurPub:    keyFrags[i].PrecurPub,
+		}
+		jclient.Call("CollectFragment", param, &result)
+	}
+
+	param := &ReqReeencryptParam{
+		PubOwner:             types.ToHex(pubOwner),
+		PubRecipient:         types.ToHex(pubRecipient),
+	}
+
+	var rekeys = make([]*ReKeyFrag, 2)
+	for i:=0; i < 2; i++ {
+		jclient, err := client.NewJSONClient("Pre", serverList[i])
+		if err != nil {
+			panic(err)
+		}
+		var result RepReeencrypt
+		jclient.Call("Reencrypt", param, &result)
+
+		rekeys[i] = &ReKeyFrag{
+			ReKeyR:    result.ReKeyR,
+			ReKeyU:    result.ReKeyU,
+			Random:    result.Random,
+			PrecurPub: result.PrecurPub,
+		}
+	}
+	encKey,err := AssembleReencryptFragment(privRecipient, rekeys)
+	if err != nil {
+		panic(err)
+	}
+	assert.Equal(t, enKey, encKey)
+
+	msgDecrypt, err := crypto.AESCBCPKCS7Decrypt(encKey, cipher)
+	if err != nil {
+		panic(err)
+	}
+	fmt.Println(string(msgDecrypt))
+}