DEKS_Exp/peks.c at master · HustSecurityLab/DEKS_Exp · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
#include "peks.h"

static void sha256(const char * string, int len, unsigned char * buf) {
    SHA256_CTX sha256;
    SHA256_Init(&sha256);
    SHA256_Update(&sha256, string, len);
    SHA256_Final(buf, &sha256);
}

int peks_setup(int ec_param, pairing_t pairing, element_t g, element_t pk, element_t sk) {
	pbc_param_t fp;

	if (ec_param < 1) {
		pbc_die("input error");
	}
	//Init Type-F elliptic curve
	pbc_param_init_f_gen(fp, ec_param);
	pairing_init_pbc_param(pairing, fp);

    element_init_G2(g, pairing);
    element_random(g);

    element_init_Zr(sk, pairing);
    element_random(sk);

    element_init_G2(pk, pairing);
    element_pow_zn(pk, g, sk); //pk = g^sk

    pbc_param_clear(fp);

    return STS_OK;
}


int peks_encrypt(element_t Ca, unsigned char * Cb, pairing_t pairing, element_t g, element_t pk, const char * w) {
    if(w == NULL) {
        return STS_ERR;
    }

    unsigned char gt_data[GT_LEN];
    element_t r, tmp1, tmp2;

    element_init_Zr(r, pairing);
    element_init_G1(tmp1, pairing);
    element_init_GT(tmp2, pairing);

    element_from_hash(tmp1, (void*)w, strlen(w));

    element_random(r);
    element_pow_zn(Ca, g, r); //Ca = g^r
    element_pow_zn(tmp1, tmp1, r);
    element_pairing(tmp2, tmp1, pk); // e(H_1(w)^r,pk)

    element_to_bytes(gt_data, tmp2);
    sha256(gt_data, GT_LEN, Cb); //Cb = H_2( e(H_1(w)^r,pk) )

    element_clear(r);
    element_clear(tmp1);
    element_clear(tmp2);

    return STS_OK;
}


int peks_trapdoor(element_t Tw, element_t sk, const char * w) {
    if(w == NULL) {
        return STS_ERR;
    }

    element_from_hash(Tw, (void*)w, strlen(w));
    element_pow_zn(Tw, Tw, sk); //Tw = H_1(w)^sk

    return STS_OK;
}


int peks_test(pairing_t pairing, element_t Tw, element_t A, const unsigned char * B) {
    if(B == NULL) {
        return STS_ERR;
    }
    element_t tmp;
    unsigned char gt_data[GT_LEN];
    unsigned char hash_data[HASH_LEN];

    element_init_GT(tmp, pairing);
    element_pairing(tmp, Tw, A); // e(T_w,Ca)
    element_to_bytes(gt_data, tmp);
    sha256(gt_data, GT_LEN, hash_data); // H_2( e(T_w,Ca) )

    element_clear(tmp);

    if(memcmp(hash_data, B, HASH_LEN) == 0) {
        return STS_EQU;
    } else {
        return STS_OK;
    }
}