Commit d0e5f49f authored by pengjun's avatar pengjun

add compatibility with java sdk:

1. update blake2b to sha256 2. update pre random bitlen to bitlen(baseN)-1 3. modify aes key length 128 4. add pre test
parent da5d4bcf
...@@ -79,11 +79,9 @@ func TestAddress(t *testing.T) { ...@@ -79,11 +79,9 @@ func TestAddress(t *testing.T) {
} }
func TestKDF(t *testing.T) { func TestKDF(t *testing.T) {
key := []byte{0x1, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, 0x11} keyf := KDF([]byte("kdf test"), 16)
fmt.Println(types.ToHex(keyf))
keyf := KDF(key, 32) assert.Equal(t, 16, len(keyf))
fmt.Println(keyf)
fmt.Println(len(keyf))
} }
func TestED25519(t *testing.T) { func TestED25519(t *testing.T) {
......
...@@ -2,8 +2,8 @@ package crypto ...@@ -2,8 +2,8 @@ package crypto
import ( import (
"crypto/sha256" "crypto/sha256"
"encoding/binary"
"golang.org/x/crypto/ripemd160" "golang.org/x/crypto/ripemd160"
"math/big"
) )
...@@ -41,15 +41,22 @@ func Rimp160(b []byte) []byte { ...@@ -41,15 +41,22 @@ func Rimp160(b []byte) []byte {
return out[:] return out[:]
} }
func intToBytes(x int) []byte {
var buf = make([]byte, 4)
binary.BigEndian.PutUint32(buf, uint32(x))
return buf
}
func KDF(x []byte, length int) []byte { func KDF(x []byte, length int) []byte {
var c []byte var c []byte
var ct int64 = 1 var ct = 1
h := sha256.New() h := sha256.New()
for i, j := 0, (length+31)/32; i < j; i++ { for i, j := 0, (length+31)/32; i < j; i++ {
h.Reset() h.Reset()
h.Write(x) h.Write(x)
h.Write(big.NewInt(ct).Bytes()) h.Write(intToBytes(ct))
hash := h.Sum(nil) hash := h.Sum(nil)
if i+1 == j && length%32 != 0 { if i+1 == j && length%32 != 0 {
c = append(c, hash[:length%32]...) c = append(c, hash[:length%32]...)
......
...@@ -2,17 +2,21 @@ package sdk ...@@ -2,17 +2,21 @@ package sdk
import ( import (
"crypto/rand" "crypto/rand"
"crypto/sha256"
"errors" "errors"
"fmt" "fmt"
"github.com/33cn/chain33-sdk-go/crypto" "github.com/33cn/chain33-sdk-go/crypto"
"github.com/33cn/chain33-sdk-go/types" "github.com/33cn/chain33-sdk-go/types"
secp256k1 "github.com/btcsuite/btcd/btcec" secp256k1 "github.com/btcsuite/btcd/btcec"
"golang.org/x/crypto/blake2b"
"math/big" "math/big"
) )
var baseN = secp256k1.S256().Params().N var baseN = secp256k1.S256().Params().N
const (
encKeyLength = 16 // 对称秘钥长度,兼容jdk
)
type KFrag struct { type KFrag struct {
Random string Random string
Value string Value string
...@@ -34,7 +38,7 @@ type EccPoit struct { ...@@ -34,7 +38,7 @@ type EccPoit struct {
func NewEccPoint(pubStr string) (*EccPoit, error) { func NewEccPoint(pubStr string) (*EccPoit, error) {
reKeyRByte, err := types.FromHex(pubStr) reKeyRByte, err := types.FromHex(pubStr)
if err != nil { if err != nil {
fmt.Errorf("get reKeyRByte err", err) fmt.Errorf("get reKeyRByte err, %s", err.Error())
return nil, err return nil, err
} }
reKeyR := crypto.PublicFromByte(reKeyRByte) reKeyR := crypto.PublicFromByte(reKeyRByte)
...@@ -132,8 +136,8 @@ func calcLambdaCoeff(inId *big.Int, selectedIds []*big.Int) *big.Int { ...@@ -132,8 +136,8 @@ func calcLambdaCoeff(inId *big.Int, selectedIds []*big.Int) *big.Int {
return result return result
} }
func getRandomInt(order *big.Int) *big.Int { func getRandomInt(bitlen int) *big.Int {
randInt, err := rand.Int(rand.Reader, order) randInt, err := rand.Prime(rand.Reader, bitlen)
if err != nil { if err != nil {
panic(err) panic(err)
} }
...@@ -155,7 +159,7 @@ func GeneratePreEncryptKey(pubOwner []byte) ([]byte, string, string) { ...@@ -155,7 +159,7 @@ func GeneratePreEncryptKey(pubOwner []byte) ([]byte, string, string) {
pub_r := types.ToHex((*secp256k1.PublicKey)(&priv_r.PublicKey).SerializeCompressed()) pub_r := types.ToHex((*secp256k1.PublicKey)(&priv_r.PublicKey).SerializeCompressed())
pub_u := types.ToHex((*secp256k1.PublicKey)(&priv_u.PublicKey).SerializeCompressed()) pub_u := types.ToHex((*secp256k1.PublicKey)(&priv_u.PublicKey).SerializeCompressed())
share_key := crypto.KDF(result.SerializeCompressed(), 32) share_key := crypto.KDF(result.SerializeCompressed(), encKeyLength)
return share_key, pub_r, pub_u return share_key, pub_r, pub_u
} }
...@@ -167,11 +171,8 @@ func GenerateKeyFragments(privOwner []byte, pubRecipient []byte, numSplit, thres ...@@ -167,11 +171,8 @@ func GenerateKeyFragments(privOwner []byte, pubRecipient []byte, numSplit, thres
pubRecipientKey := crypto.PublicFromByte(pubRecipient) pubRecipientKey := crypto.PublicFromByte(pubRecipient)
dh_Alice_poit_x := types.ECDH(precursor, pubRecipientKey) dh_Alice_poit_x := types.ECDH(precursor, pubRecipientKey)
dAliceHash, err := blake2b.New256(precursor.X.Bytes()) dAliceHash := sha256.New()
if err != nil { dAliceHash.Write(precursor.X.Bytes())
fmt.Errorf("Generate precursor Key err", err)
return nil, err
}
dAliceHash.Write(pubRecipientKey.X.Bytes()) dAliceHash.Write(pubRecipientKey.X.Bytes())
dAliceHash.Write(dh_Alice_poit_x) dAliceHash.Write(dh_Alice_poit_x)
dAlice := dAliceHash.Sum(nil) dAlice := dAliceHash.Sum(nil)
...@@ -183,7 +184,7 @@ func GenerateKeyFragments(privOwner []byte, pubRecipient []byte, numSplit, thres ...@@ -183,7 +184,7 @@ func GenerateKeyFragments(privOwner []byte, pubRecipient []byte, numSplit, thres
kFrags := make([]*KFrag, numSplit) kFrags := make([]*KFrag, numSplit)
if numSplit == 1 { if numSplit == 1 {
id := getRandomInt(baseN) id := getRandomInt(baseN.BitLen()-1)
kFrags[0] = &KFrag{Random: id.String(), Value: f0.String(), PrecurPub: precurPub} kFrags[0] = &KFrag{Random: id.String(), Value: f0.String(), PrecurPub: precurPub}
} else { } else {
coeffs := makeShamirPolyCoeff(threshold) coeffs := makeShamirPolyCoeff(threshold)
...@@ -191,12 +192,9 @@ func GenerateKeyFragments(privOwner []byte, pubRecipient []byte, numSplit, thres ...@@ -191,12 +192,9 @@ func GenerateKeyFragments(privOwner []byte, pubRecipient []byte, numSplit, thres
// rk[i] = f2*id^2 + f1*id + f0 // rk[i] = f2*id^2 + f1*id + f0
for i, _ := range kFrags { for i, _ := range kFrags {
id := getRandomInt(baseN) id := getRandomInt(baseN.BitLen()-1)
dShareHash, err := blake2b.New256(precursor.X.Bytes()) dShareHash := sha256.New()
if err != nil { dShareHash.Write(precursor.X.Bytes())
fmt.Errorf("Generate precursor Key err", err)
return nil, err
}
dShareHash.Write(pubRecipientKey.X.Bytes()) dShareHash.Write(pubRecipientKey.X.Bytes())
dShareHash.Write(dh_Alice_poit_x) dShareHash.Write(dh_Alice_poit_x)
dShareHash.Write(id.Bytes()) dShareHash.Write(id.Bytes())
...@@ -213,16 +211,13 @@ func AssembleReencryptFragment(privRecipient []byte, reKeyFrags []*ReKeyFrag) ([ ...@@ -213,16 +211,13 @@ func AssembleReencryptFragment(privRecipient []byte, reKeyFrags []*ReKeyFrag) ([
privRecipientKey := crypto.PrivateFromByte(privRecipient) privRecipientKey := crypto.PrivateFromByte(privRecipient)
precursor, err := types.FromHex(reKeyFrags[0].PrecurPub) precursor, err := types.FromHex(reKeyFrags[0].PrecurPub)
if err != nil { if err != nil {
fmt.Errorf("FromHex", err) fmt.Errorf("FromHex, %s", err.Error())
return nil, err return nil, err
} }
precursorPubKey := crypto.PublicFromByte(precursor) precursorPubKey := crypto.PublicFromByte(precursor)
dh_Bob_poit_x := types.ECDH(privRecipientKey, precursorPubKey) dh_Bob_poit_x := types.ECDH(privRecipientKey, precursorPubKey)
dBobHash, err := blake2b.New256(precursorPubKey.X.Bytes()) dBobHash := sha256.New()
if err != nil { dBobHash.Write(precursorPubKey.X.Bytes())
fmt.Errorf("Generate precursor Key err", err)
return nil, err
}
dBobHash.Write(privRecipientKey.X.Bytes()) dBobHash.Write(privRecipientKey.X.Bytes())
dBobHash.Write(dh_Bob_poit_x) dBobHash.Write(dh_Bob_poit_x)
dhBob := dBobHash.Sum(nil) dhBob := dBobHash.Sum(nil)
...@@ -232,12 +227,12 @@ func AssembleReencryptFragment(privRecipient []byte, reKeyFrags []*ReKeyFrag) ([ ...@@ -232,12 +227,12 @@ func AssembleReencryptFragment(privRecipient []byte, reKeyFrags []*ReKeyFrag) ([
if len(reKeyFrags) == 1 { if len(reKeyFrags) == 1 {
rPoint, err := NewEccPoint(reKeyFrags[0].ReKeyR) rPoint, err := NewEccPoint(reKeyFrags[0].ReKeyR)
if err != nil { if err != nil {
fmt.Errorf("get reKeyRByte err", err) fmt.Errorf("get reKeyRByte err, %s", err.Error())
return nil, err return nil, err
} }
uPoint, err := NewEccPoint(reKeyFrags[0].ReKeyU) uPoint, err := NewEccPoint(reKeyFrags[0].ReKeyU)
if err != nil { if err != nil {
fmt.Errorf("get reKeyRByte err", err) fmt.Errorf("get reKeyRByte err, %s", err.Error())
return nil, err return nil, err
} }
...@@ -247,11 +242,8 @@ func AssembleReencryptFragment(privRecipient []byte, reKeyFrags []*ReKeyFrag) ([ ...@@ -247,11 +242,8 @@ func AssembleReencryptFragment(privRecipient []byte, reKeyFrags []*ReKeyFrag) ([
ids := make([]*big.Int, len(reKeyFrags)) ids := make([]*big.Int, len(reKeyFrags))
for x, _ := range ids { for x, _ := range ids {
xs, err := blake2b.New256(precursorPubKey.X.Bytes()) xs := sha256.New()
if err != nil { xs.Write(precursorPubKey.X.Bytes())
fmt.Errorf("Generate precursor Key err", err)
return nil, err
}
xs.Write(privRecipientKey.X.Bytes()) xs.Write(privRecipientKey.X.Bytes())
xs.Write(dh_Bob_poit_x) xs.Write(dh_Bob_poit_x)
random, ret := new(big.Int).SetString(reKeyFrags[x].Random, 10) random, ret := new(big.Int).SetString(reKeyFrags[x].Random, 10)
...@@ -270,12 +262,12 @@ func AssembleReencryptFragment(privRecipient []byte, reKeyFrags []*ReKeyFrag) ([ ...@@ -270,12 +262,12 @@ func AssembleReencryptFragment(privRecipient []byte, reKeyFrags []*ReKeyFrag) ([
} }
rPoint, err := NewEccPoint(reKeyFrags[i].ReKeyR) rPoint, err := NewEccPoint(reKeyFrags[i].ReKeyR)
if err != nil { if err != nil {
fmt.Errorf("get reKeyRByte err", err) fmt.Errorf("get reKeyRByte err, %s", err.Error())
return nil, err return nil, err
} }
uPoint, err := NewEccPoint(reKeyFrags[i].ReKeyU) uPoint, err := NewEccPoint(reKeyFrags[i].ReKeyU)
if err != nil { if err != nil {
fmt.Errorf("get reKeyRByte err", err) fmt.Errorf("get reKeyRByte err, %s", err.Error())
return nil, err return nil, err
} }
e := rPoint.MulInt(lambda) e := rPoint.MulInt(lambda)
...@@ -286,6 +278,6 @@ func AssembleReencryptFragment(privRecipient []byte, reKeyFrags []*ReKeyFrag) ([ ...@@ -286,6 +278,6 @@ func AssembleReencryptFragment(privRecipient []byte, reKeyFrags []*ReKeyFrag) ([
result = eFinal.Add(vFinal).MulInt(dhBobBN) result = eFinal.Add(vFinal).MulInt(dhBobBN)
} }
share_key := crypto.KDF(result.ToPublicKey().SerializeCompressed(), 32) share_key := crypto.KDF(result.ToPublicKey().SerializeCompressed(), encKeyLength)
return share_key, nil return share_key, nil
} }
\ No newline at end of file
package sdk
import (
"fmt"
"github.com/33cn/chain33-sdk-go/client"
"github.com/33cn/chain33-sdk-go/crypto"
"github.com/33cn/chain33-sdk-go/types"
"github.com/stretchr/testify/assert"
"testing"
)
type ReqSendKeyFragment struct {
PubOwner string `protobuf:"bytes,1,opt,name=pubOwner,proto3" json:"pubOwner,omitempty"`
PubRecipient string `protobuf:"bytes,2,opt,name=pubRecipient,proto3" json:"pubRecipient,omitempty"`
PubProofR string `protobuf:"bytes,3,opt,name=pubProofR,proto3" json:"pubProofR,omitempty"`
PubProofU string `protobuf:"bytes,4,opt,name=pubProofU,proto3" json:"pubProofU,omitempty"`
Random string `protobuf:"bytes,5,opt,name=random,proto3" json:"random,omitempty"`
Value string `protobuf:"bytes,6,opt,name=value,proto3" json:"value,omitempty"`
Expire int64 `protobuf:"varint,7,opt,name=expire,proto3" json:"expire,omitempty"`
DhProof string `protobuf:"bytes,8,opt,name=dhProof,proto3" json:"dhProof,omitempty"`
PrecurPub string `protobuf:"bytes,9,opt,name=precurPub,proto3" json:"precurPub,omitempty"`
}
type ReqReeencryptParam struct {
PubOwner string `protobuf:"bytes,1,opt,name=pubOwner,proto3" json:"pubOwner,omitempty"`
PubRecipient string `protobuf:"bytes,2,opt,name=pubRecipient,proto3" json:"pubRecipient,omitempty"`
}
type RepReeencrypt struct {
ReKeyR string `protobuf:"bytes,1,opt,name=reKeyR,proto3" json:"reKeyR,omitempty"`
ReKeyU string `protobuf:"bytes,2,opt,name=reKeyU,proto3" json:"reKeyU,omitempty"`
Random string `protobuf:"bytes,3,opt,name=random,proto3" json:"random,omitempty"`
PrecurPub string `protobuf:"bytes,4,opt,name=precurPub,proto3" json:"precurPub,omitempty"`
}
func TestPre(t *testing.T) {
privOwner,_ := types.FromHex("6d52c4680c00dcdb9d904dc6878a8e1c753ecf9c43a48499d819fdc0eafa4639")
pubOwner,_ := types.FromHex("02e5fdf78aded517e3235c2276ed0e020226c55835dea7b8306f2e8d3d99d2d4f4")
serverPub,_ := types.FromHex("02005d3a38feaff00f1b83014b2602d7b5b39506ddee7919dd66539b5428358f08")
privRecipient, _ := types.FromHex("841e3b4ab211eecfccb475940171150fd1536cb656c870fe95d206ebf9732b6c")
pubRecipient, _ := types.FromHex("03b9d801f88c38522a9bf786f23544259d516ee0d1f6699f926f891ac3fb92c6d9")
msg := "hello proxy-re-encrypt"
serverList := []string {"http://192.168.0.155:11801", "http://192.168.0.155:11802", "http://192.168.0.155:11803"}
enKey, pub_r, pub_u := GeneratePreEncryptKey(pubOwner)
cipher, err := crypto.AESCBCPKCS7Encrypt(enKey, []byte(msg))
if err != nil {
panic(err)
}
fmt.Println(types.ToHex(cipher))
if err != nil {
panic(err)
}
keyFrags, err := GenerateKeyFragments(privOwner, pubRecipient, 3, 2)
if err != nil {
panic(err)
}
dhproof := types.ECDH(crypto.PrivateFromByte(privOwner), crypto.PublicFromByte(serverPub))
for i, server := range serverList {
jclient, err := client.NewJSONClient("Pre", server)
if err != nil {
panic(err)
}
var result interface{}
param := &ReqSendKeyFragment{
PubOwner: types.ToHex(pubOwner),
PubRecipient: types.ToHex(pubRecipient),
PubProofR: pub_r,
PubProofU: pub_u,
Random: keyFrags[i].Random,
Value: keyFrags[i].Value,
Expire: 1000000,
DhProof: types.ToHex(dhproof),
PrecurPub: keyFrags[i].PrecurPub,
}
jclient.Call("CollectFragment", param, &result)
}
param := &ReqReeencryptParam{
PubOwner: types.ToHex(pubOwner),
PubRecipient: types.ToHex(pubRecipient),
}
var rekeys = make([]*ReKeyFrag, 2)
for i:=0; i < 2; i++ {
jclient, err := client.NewJSONClient("Pre", serverList[i])
if err != nil {
panic(err)
}
var result RepReeencrypt
jclient.Call("Reencrypt", param, &result)
rekeys[i] = &ReKeyFrag{
ReKeyR: result.ReKeyR,
ReKeyU: result.ReKeyU,
Random: result.Random,
PrecurPub: result.PrecurPub,
}
}
encKey,err := AssembleReencryptFragment(privRecipient, rekeys)
if err != nil {
panic(err)
}
assert.Equal(t, enKey, encKey)
msgDecrypt, err := crypto.AESCBCPKCS7Decrypt(encKey, cipher)
if err != nil {
panic(err)
}
fmt.Println(string(msgDecrypt))
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment