├── Version.cs
├── UProveUnitTest
├── Test References
│ └── UProveCrypto.accessor
├── SerializationReference
│ ├── 02rk4voo.f1g.dat
│ ├── 1ix3fvka.xgs.dat
│ ├── 2uh5aedr.uqn.dat
│ ├── 3gtpktbe.qk4.dat
│ ├── 3xzzeehs.guo.dat
│ ├── cp43c2er.hir.dat
│ ├── czffp04i.lqx.dat
│ ├── fsqy2es0.k5q.dat
│ ├── ibyv5x2r.w1w.dat
│ ├── ieuj1g4c.hvl.dat
│ ├── ifjblypy.pz3.dat
│ ├── j5odrhud.cva.dat
│ ├── kk3hxavb.h3y.dat
│ ├── m4hhndwk.upd.dat
│ ├── olum50se.ioh.dat
│ ├── pwm4jkg3.3v0.dat
│ ├── q11ffyt5.qny.dat
│ ├── qak5crhu.s4b.dat
│ └── vhglqtik.udc.dat
├── UProveUnitTest.csproj
├── TestVectorData.cs
├── Properties
│ └── AssemblyInfo.cs
├── StaticTestHelpers.cs
├── TestVectorData
│ ├── testvectors_EC_D5_lite_doc.txt
│ ├── testvectors_EC_D2_lite_doc.txt
│ ├── testvectors_EC_Device_D5_lite_doc.txt
│ ├── testvectors_EC_D0_lite_doc.txt
│ ├── testvectors_EC_D5_doc.txt
│ ├── testvectors_EC_Device_D2_lite_doc.txt
│ ├── testvectors_EC_Device_D0_lite_doc.txt
│ └── testvectors_EC_Device_D5_doc.txt
├── ProtocolHelperTest.cs
└── RandomNumberGeneratorTest.cs
├── .vscode
├── settings.json
├── extensions.json
├── launch.json
└── tasks.json
├── ThirdParty
└── BouncyCastle
│ ├── bc-trimmed
│ ├── Arrays.cs
│ ├── Platform.cs
│ ├── BigIntegers.cs
│ ├── ECMultiplier.cs
│ ├── PreCompInfo.cs
│ ├── WNafL2RMultiplier.cs
│ ├── WNafPreCompInfo.cs
│ ├── ReferenceMultiplier.cs
│ ├── bc-trimmed.csproj
│ ├── Properties
│ │ └── AssemblyInfo.cs
│ ├── IFiniteField.cs
│ ├── multiplier
│ │ ├── PreCompInfo.cs
│ │ ├── AbstractECMultiplier.cs
│ │ ├── ECMultiplier.cs
│ │ ├── DoubleAddMultiplier.cs
│ │ ├── ReferenceMultiplier.cs
│ │ ├── WNafPreCompInfo.cs
│ │ └── WNafL2RMultiplier.cs
│ ├── ECPointMap.cs
│ ├── Integers.cs
│ ├── AbstractECMultiplier.cs
│ ├── DoubleAddMultiplier.cs
│ ├── PrimeField.cs
│ ├── FiniteFields.cs
│ └── ECDomainParameters.cs
│ └── bc
│ └── README.txt
├── docs
├── U-Prove Technology Overview V1.1 Revision 3.pdf
├── U-Prove Cryptographic Specification V1.1 Revision 5.pdf
├── U-Prove Recommended Parameters Profile V1.1 Revision 3.pdf
└── testvectors
│ ├── testvectors_hashing.txt
│ ├── TESTVECTORS_README.txt
│ ├── testvectors_EC_D5_lite_doc.txt
│ ├── testvectors_EC_D5_doc.txt
│ ├── testvectors_EC_D2_lite_doc.txt
│ ├── testvectors_EC_Device_D5_lite_doc.txt
│ ├── testvectors_EC_D0_lite_doc.txt
│ ├── testvectors_EC_Device_D5_doc.txt
│ ├── testvectors_EC_Device_D2_lite_doc.txt
│ └── testvectors_EC_Device_D0_lite_doc.txt
├── UProveCrypto.slnf
├── UProveParams
├── UProveParams.csproj
├── RecommendedParameters.cs
├── Properties
│ └── AssemblyInfo.cs
└── Program.cs
├── UProveTestVectors
├── UProveTestVectors.csproj
├── RecommendedParameters.cs
├── Properties
│ └── AssemblyInfo.cs
└── Math.cs
├── UProveCrypto
├── Math
│ ├── ECGroupElement.cs
│ ├── bc
│ │ └── ECGroupElementBCImpl.cs
│ └── ECGroup.cs
├── GroupType.cs
├── DeviceException.cs
├── UProveCrypto.csproj
├── InvalidUProveArtifactException.cs
├── Properties
│ └── AssemblyInfo.cs
├── IDevice.cs
├── IssuanceProtocolParameters.cs
├── UProveKeyAndToken.cs
├── SerializableWrapperClasses.cs
├── GroupElement.cs
├── Serialize.cs
├── IssuerKeyAndParameters.cs
└── ParameterSet.cs
├── .github
└── workflows
│ └── dotnet.yml
├── UProveSample
├── UProveSample.csproj
└── Properties
│ └── AssemblyInfo.cs
├── SECURITY.md
├── UProveCrypto.sln
└── README.md
/Version.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/Version.cs
--------------------------------------------------------------------------------
/UProveUnitTest/Test References/UProveCrypto.accessor:
--------------------------------------------------------------------------------
1 | UProveCrypto.dll
2 | Desktop
3 |
--------------------------------------------------------------------------------
/.vscode/settings.json:
--------------------------------------------------------------------------------
1 | {
2 | "dotnet-test-explorer.testProjectPath": "UProveUnitTest/",
3 | }
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/Arrays.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/ThirdParty/BouncyCastle/bc-trimmed/Arrays.cs
--------------------------------------------------------------------------------
/.vscode/extensions.json:
--------------------------------------------------------------------------------
1 | {
2 | "recommendations": [
3 | "ms-dotnettools.csharp",
4 | "formulahendry.dotnet-test-explorer"
5 | ]
6 | }
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/Platform.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/ThirdParty/BouncyCastle/bc-trimmed/Platform.cs
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/BigIntegers.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/ThirdParty/BouncyCastle/bc-trimmed/BigIntegers.cs
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/ECMultiplier.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/ThirdParty/BouncyCastle/bc-trimmed/ECMultiplier.cs
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/PreCompInfo.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/ThirdParty/BouncyCastle/bc-trimmed/PreCompInfo.cs
--------------------------------------------------------------------------------
/docs/U-Prove Technology Overview V1.1 Revision 3.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/docs/U-Prove Technology Overview V1.1 Revision 3.pdf
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/WNafL2RMultiplier.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/ThirdParty/BouncyCastle/bc-trimmed/WNafL2RMultiplier.cs
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/WNafPreCompInfo.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/ThirdParty/BouncyCastle/bc-trimmed/WNafPreCompInfo.cs
--------------------------------------------------------------------------------
/UProveUnitTest/SerializationReference/02rk4voo.f1g.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/UProveUnitTest/SerializationReference/02rk4voo.f1g.dat
--------------------------------------------------------------------------------
/UProveUnitTest/SerializationReference/1ix3fvka.xgs.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/UProveUnitTest/SerializationReference/1ix3fvka.xgs.dat
--------------------------------------------------------------------------------
/UProveUnitTest/SerializationReference/2uh5aedr.uqn.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/UProveUnitTest/SerializationReference/2uh5aedr.uqn.dat
--------------------------------------------------------------------------------
/UProveUnitTest/SerializationReference/3gtpktbe.qk4.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/UProveUnitTest/SerializationReference/3gtpktbe.qk4.dat
--------------------------------------------------------------------------------
/UProveUnitTest/SerializationReference/3xzzeehs.guo.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/UProveUnitTest/SerializationReference/3xzzeehs.guo.dat
--------------------------------------------------------------------------------
/UProveUnitTest/SerializationReference/cp43c2er.hir.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/UProveUnitTest/SerializationReference/cp43c2er.hir.dat
--------------------------------------------------------------------------------
/UProveUnitTest/SerializationReference/czffp04i.lqx.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/UProveUnitTest/SerializationReference/czffp04i.lqx.dat
--------------------------------------------------------------------------------
/UProveUnitTest/SerializationReference/fsqy2es0.k5q.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/UProveUnitTest/SerializationReference/fsqy2es0.k5q.dat
--------------------------------------------------------------------------------
/UProveUnitTest/SerializationReference/ibyv5x2r.w1w.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/UProveUnitTest/SerializationReference/ibyv5x2r.w1w.dat
--------------------------------------------------------------------------------
/UProveUnitTest/SerializationReference/ieuj1g4c.hvl.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/UProveUnitTest/SerializationReference/ieuj1g4c.hvl.dat
--------------------------------------------------------------------------------
/UProveUnitTest/SerializationReference/ifjblypy.pz3.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/UProveUnitTest/SerializationReference/ifjblypy.pz3.dat
--------------------------------------------------------------------------------
/UProveUnitTest/SerializationReference/j5odrhud.cva.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/UProveUnitTest/SerializationReference/j5odrhud.cva.dat
--------------------------------------------------------------------------------
/UProveUnitTest/SerializationReference/kk3hxavb.h3y.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/UProveUnitTest/SerializationReference/kk3hxavb.h3y.dat
--------------------------------------------------------------------------------
/UProveUnitTest/SerializationReference/m4hhndwk.upd.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/UProveUnitTest/SerializationReference/m4hhndwk.upd.dat
--------------------------------------------------------------------------------
/UProveUnitTest/SerializationReference/olum50se.ioh.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/UProveUnitTest/SerializationReference/olum50se.ioh.dat
--------------------------------------------------------------------------------
/UProveUnitTest/SerializationReference/pwm4jkg3.3v0.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/UProveUnitTest/SerializationReference/pwm4jkg3.3v0.dat
--------------------------------------------------------------------------------
/UProveUnitTest/SerializationReference/q11ffyt5.qny.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/UProveUnitTest/SerializationReference/q11ffyt5.qny.dat
--------------------------------------------------------------------------------
/UProveUnitTest/SerializationReference/qak5crhu.s4b.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/UProveUnitTest/SerializationReference/qak5crhu.s4b.dat
--------------------------------------------------------------------------------
/UProveUnitTest/SerializationReference/vhglqtik.udc.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/UProveUnitTest/SerializationReference/vhglqtik.udc.dat
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/ReferenceMultiplier.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/ThirdParty/BouncyCastle/bc-trimmed/ReferenceMultiplier.cs
--------------------------------------------------------------------------------
/docs/U-Prove Cryptographic Specification V1.1 Revision 5.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/docs/U-Prove Cryptographic Specification V1.1 Revision 5.pdf
--------------------------------------------------------------------------------
/docs/U-Prove Recommended Parameters Profile V1.1 Revision 3.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/microsoft/uprove-csharp-sdk/HEAD/docs/U-Prove Recommended Parameters Profile V1.1 Revision 3.pdf
--------------------------------------------------------------------------------
/UProveCrypto.slnf:
--------------------------------------------------------------------------------
1 | {
2 | "solution": {
3 | "path": "UProveCrypto.sln",
4 | "projects": [
5 | "ThirdParty\\BouncyCastle\\bc-trimmed\\bc-trimmed.csproj",
6 | "UProveCrypto\\UProveCrypto.csproj",
7 | "UProveSample\\UProveSample.csproj",
8 | "UProveUnitTest\\UProveUnitTest.csproj"
9 | ]
10 | }
11 | }
--------------------------------------------------------------------------------
/.vscode/launch.json:
--------------------------------------------------------------------------------
1 | {
2 | // Use IntelliSense to learn about possible attributes.
3 | // Hover to view descriptions of existing attributes.
4 | // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
5 | "version": "0.2.0",
6 | "configurations": [
7 | {
8 | "name": ".NET Core Attach",
9 | "type": "coreclr",
10 | "request": "attach"
11 | }
12 | ]
13 | }
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc/README.txt:
--------------------------------------------------------------------------------
1 | Recommended parameters and test vectors used by the U-Prove SDK can be re-generated
2 | for validation purposes by loading and running the UProveParams and UProveTestVectors
3 | projects, respectively. The projects depend on the full BouncyCastle library: it must
4 | be obtained from http://www.bouncycastle.org/csharp/, the compiled DLL must be placed
5 | in this directory, and the two projects must be added to the solution before compiling it.
6 |
--------------------------------------------------------------------------------
/UProveParams/UProveParams.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 | net6.0
4 | Exe
5 | false
6 |
7 |
8 |
9 | Version.cs
10 |
11 |
12 |
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/UProveTestVectors/UProveTestVectors.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 | net6.0
4 | Exe
5 | false
6 |
7 |
8 |
9 | Version.cs
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
--------------------------------------------------------------------------------
/docs/testvectors/testvectors_hashing.txt:
--------------------------------------------------------------------------------
1 | U-Prove Cryptographic test vectors - V1.1 Revision 3
2 | UIDh = SHA-256
3 | hash_byte (0x01) = 4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a
4 | hash_octectstring (0x0102030405) = 16df7d2d0c3882334fe0457d298a7b2413e1e5b7a880f0b5ec79eeeae7f58dd8
5 | hash_null (null) = df3f619804a92fdb4057192dc43dd748ea778adc52bc498ce80524c014b81119
6 | hash_list [0x01, 0x0102030405, null] = dfd6a31f867566ffeb6c657af1dafb564c3de74485058426633d4b6c8bad6732
7 | hash_group (1.3.6.1.4.1.311.75.1.1.1) = 7b36c8a3cf1552077e1cacb365888d25c9dc54f3faed7aff9b11859aa8e4ba06
8 | hash_group (1.3.6.1.4.1.311.75.1.2.1) = 02bb879cb2f89c19579105be662247db15ab45875cfc63a58745361d193ba248
9 |
--------------------------------------------------------------------------------
/UProveCrypto/Math/ECGroupElement.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | namespace UProveCrypto.Math
15 | {
16 | ///
17 | /// An element of a group using the elliptic curve construction.
18 | ///
19 | public abstract class ECGroupElement : GroupElement
20 | {
21 | }
22 | }
23 |
--------------------------------------------------------------------------------
/docs/testvectors/TESTVECTORS_README.txt:
--------------------------------------------------------------------------------
1 | These test vectors can be used to validate that an implementation conforms to the U-Prove Cryptographic Specification V1.1 Revision 3.
2 |
3 | The testvectors_hashing.txt file contains hash formatting test vectors.
4 |
5 | The other files contain values of protocol runs with different parameters. The filenames indicate the protocol options:
6 | * "_SG" for the subgroup construction, "_EC" for the elliptic curve construction
7 | * "_Dx" indicates the number of disclosed attributes; x = 0, 2, or 5
8 | * "_lite" indicates a protocol run without pseudonyms and commitments
9 | * "_Device" indicates a Device-protected token
10 |
11 | Note that "ie_" values in the files are for the identity escrow extension available from http://www.microsoft.com/uprove.
12 |
13 |
--------------------------------------------------------------------------------
/UProveTestVectors/RecommendedParameters.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using UProveParams;
15 |
16 | namespace UProveTestVectors
17 | {
18 | class RecommendedParameters
19 | {
20 | static public ECRecommendedParameters.ECParams P256 = ECRecommendedParameters.ecParams[(int)ECRecommendedParameters.CurveNames.P256];
21 | }
22 | }
23 |
--------------------------------------------------------------------------------
/UProveCrypto/GroupType.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | namespace UProveCrypto
15 | {
16 | ///
17 | /// Defines the supported group ECC construction.
18 | ///
19 | public enum GroupType
20 | {
21 | ///
22 | /// A group which uses the Elliptic Curve construction.
23 | ///
24 | ECC
25 | };
26 | }
--------------------------------------------------------------------------------
/UProveParams/RecommendedParameters.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | namespace UProveParams
15 | {
16 | ///
17 | /// Base class for recommended parameters.
18 | ///
19 | abstract public class RecommendedParameters
20 | {
21 | // Number of pregenrated generators.
22 | static public int NumberOfPregeneratedGenerators = 50;
23 | }
24 | }
25 |
--------------------------------------------------------------------------------
/UProveUnitTest/UProveUnitTest.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 | net6.0
4 | Library
5 | false
6 | en-US
7 |
8 |
9 |
10 | Version.cs
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/.github/workflows/dotnet.yml:
--------------------------------------------------------------------------------
1 | # This workflow will build a .NET project
2 | # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-net
3 |
4 | name: .NET 6.0.x Build & Test CI
5 |
6 | on:
7 | push:
8 | branches: [ master ]
9 | pull_request:
10 | branches: [ master ]
11 | workflow_dispatch:
12 |
13 | jobs:
14 | build:
15 |
16 | runs-on: ${{ matrix.os }}
17 |
18 | strategy:
19 | matrix:
20 | os: [ubuntu-18.04, ubuntu-20.04, ubuntu-latest, windows-latest, macos-latest]
21 | version: [6.0.x, 7.0.x]
22 |
23 | steps:
24 | - uses: actions/checkout@v3
25 | - name: Setup .NET
26 | uses: actions/setup-dotnet@v3
27 | with:
28 | dotnet-version: ${{ matrix.version }}
29 |
30 | - name: Restore dependencies
31 | run: dotnet restore
32 | - name: Build
33 | run: dotnet build --no-restore
34 | - name: Test
35 | run: dotnet test --no-build --verbosity normal
36 |
--------------------------------------------------------------------------------
/UProveSample/UProveSample.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 | net6.0
4 | x86
5 | Exe
6 | false
7 |
8 |
9 | TRACE;DEBUG;ABC4Trust
10 |
11 |
12 | TRACE;ABC4Trust
13 | true
14 |
15 |
16 |
17 | Version.cs
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/bc-trimmed.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 | net6.0
4 | Library
5 | bc_trimmed
6 | false
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
--------------------------------------------------------------------------------
/UProveCrypto/DeviceException.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using System;
15 |
16 | namespace UProveCrypto
17 | {
18 | ///
19 | /// Exception thrown by a device implementation
20 | ///
21 | public class DeviceException : Exception
22 | {
23 | ///
24 | /// Initializes a new instance of the class.
25 | ///
26 | /// The message.
27 | public DeviceException(string message)
28 | : base(message)
29 | {
30 | }
31 | }
32 | }
33 |
--------------------------------------------------------------------------------
/UProveCrypto/UProveCrypto.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 | net6.0
4 |
5 |
6 | 1591
7 |
8 |
12 | false
13 |
14 |
15 |
16 | TRACE;DEBUG;BOUNCY_CASTLE
17 | bin\Debug\UProveCrypto.XML
18 |
19 |
20 | TRACE;BOUNCY_CASTLE
21 | true
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
--------------------------------------------------------------------------------
/UProveUnitTest/TestVectorData.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using System;
15 |
16 | namespace UProveCryptoTest
17 | {
18 | static class TestVectorData
19 | {
20 | public class HashVectors
21 | {
22 | public static String UIDh = "SHA-256";
23 | public static String hash_byte = "4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a";
24 | public static String hash_octetstring = "16df7d2d0c3882334fe0457d298a7b2413e1e5b7a880f0b5ec79eeeae7f58dd8";
25 | public static String hash_null = "df3f619804a92fdb4057192dc43dd748ea778adc52bc498ce80524c014b81119";
26 | public static String hash_list = "dfd6a31f867566ffeb6c657af1dafb564c3de74485058426633d4b6c8bad6732";
27 | public static String hash_ecgroup = "02bb879cb2f89c19579105be662247db15ab45875cfc63a58745361d193ba248";
28 | }
29 | }
30 | }
--------------------------------------------------------------------------------
/UProveCrypto/InvalidUProveArtifactException.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using System;
15 |
16 | namespace UProveCrypto
17 | {
18 | ///
19 | /// This exception is thrown when a U-Prove artifact (an IssuerParameters, a UProveToken, or a PresentationProof)
20 | /// is invalid.
21 | ///
22 | public class InvalidUProveArtifactException : Exception
23 | {
24 | ///
25 | /// Constructs a new InvalidUProveArtifactException.
26 | ///
27 | public InvalidUProveArtifactException()
28 | {
29 | }
30 |
31 | ///
32 | /// Constructs a new InvalidUProveArtifactException.
33 | ///
34 | /// The exception message.
35 | public InvalidUProveArtifactException(string message) : base(message)
36 | {
37 | }
38 | }
39 | }
40 |
--------------------------------------------------------------------------------
/UProveParams/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using System.Reflection;
15 | using System.Runtime.InteropServices;
16 |
17 | // General Information about an assembly is controlled through the following
18 | // set of attributes. Change these attribute values to modify the information
19 | // associated with an assembly.
20 | [assembly: AssemblyTitle("UProveParams")]
21 | [assembly: AssemblyDescription("")]
22 | [assembly: AssemblyConfiguration("")]
23 | [assembly: AssemblyProduct("UProveParams")]
24 |
25 | // Setting ComVisible to false makes the types in this assembly not visible
26 | // to COM components. If you need to access a type in this assembly from
27 | // COM, set the ComVisible attribute to true on that type.
28 | [assembly: ComVisible(false)]
29 |
30 | // The following GUID is for the ID of the typelib if this project is exposed to COM
31 | [assembly: Guid("001f7008-99c4-4770-bafc-e2a34b4af4af")]
32 |
33 |
--------------------------------------------------------------------------------
/UProveSample/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using System.Reflection;
15 | using System.Runtime.InteropServices;
16 |
17 | // General Information about an assembly is controlled through the following
18 | // set of attributes. Change these attribute values to modify the information
19 | // associated with an assembly.
20 | [assembly: AssemblyTitle("UProveSample")]
21 | [assembly: AssemblyDescription("")]
22 | [assembly: AssemblyConfiguration("")]
23 | [assembly: AssemblyProduct("UProveSample")]
24 |
25 | // Setting ComVisible to false makes the types in this assembly not visible
26 | // to COM components. If you need to access a type in this assembly from
27 | // COM, set the ComVisible attribute to true on that type.
28 | [assembly: ComVisible(false)]
29 |
30 | // The following GUID is for the ID of the typelib if this project is exposed to COM
31 | [assembly: Guid("1f56de9c-3328-412e-93e6-da2bd6be8e7e")]
32 |
33 |
--------------------------------------------------------------------------------
/UProveUnitTest/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using System.Reflection;
15 | using System.Runtime.InteropServices;
16 |
17 | // General Information about an assembly is controlled through the following
18 | // set of attributes. Change these attribute values to modify the information
19 | // associated with an assembly.
20 | [assembly: AssemblyTitle("UProveUnitTest")]
21 | [assembly: AssemblyDescription("")]
22 | [assembly: AssemblyConfiguration("")]
23 | [assembly: AssemblyProduct("UProveUnitTest")]
24 |
25 | // Setting ComVisible to false makes the types in this assembly not visible
26 | // to COM components. If you need to access a type in this assembly from
27 | // COM, set the ComVisible attribute to true on that type.
28 | [assembly: ComVisible(false)]
29 |
30 | // The following GUID is for the ID of the typelib if this project is exposed to COM
31 | [assembly: Guid("3c9c1d3f-06e7-42f5-9be9-edb222899a01")]
32 |
--------------------------------------------------------------------------------
/UProveTestVectors/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using System.Reflection;
15 | using System.Runtime.InteropServices;
16 |
17 | // General Information about an assembly is controlled through the following
18 | // set of attributes. Change these attribute values to modify the information
19 | // associated with an assembly.
20 | [assembly: AssemblyTitle("UProveTestVectors")]
21 | [assembly: AssemblyDescription("")]
22 | [assembly: AssemblyConfiguration("")]
23 | [assembly: AssemblyProduct("UProveTestVectors")]
24 |
25 | // Setting ComVisible to false makes the types in this assembly not visible
26 | // to COM components. If you need to access a type in this assembly from
27 | // COM, set the ComVisible attribute to true on that type.
28 | [assembly: ComVisible(false)]
29 |
30 | // The following GUID is for the ID of the typelib if this project is exposed to COM
31 | [assembly: Guid("5c958f36-dc9e-4a2e-b85d-3de8a891e735")]
32 |
33 |
--------------------------------------------------------------------------------
/UProveCrypto/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using System.Reflection;
15 | using System.Runtime.CompilerServices;
16 | using System.Runtime.InteropServices;
17 |
18 | // General Information about an assembly is controlled through the following
19 | // set of attributes. Change these attribute values to modify the information
20 | // associated with an assembly.
21 | [assembly: AssemblyTitle("UProveCrypto")]
22 | [assembly: AssemblyDescription("")]
23 | [assembly: AssemblyConfiguration("")]
24 | [assembly: AssemblyProduct("UProveCrypto")]
25 |
26 | // Setting ComVisible to false makes the types in this assembly not visible
27 | // to COM components. If you need to access a type in this assembly from
28 | // COM, set the ComVisible attribute to true on that type.
29 | [assembly: ComVisible(false)]
30 |
31 | // The following GUID is for the ID of the typelib if this project is exposed to COM
32 | [assembly: Guid("515961ab-ac10-4ed8-99fa-427a59a8103c")]
33 |
34 |
35 | [assembly: InternalsVisibleTo("UProveUnitTest")]
36 |
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | [assembly: AssemblyTitle("bc-trimmed")]
9 | [assembly: AssemblyDescription("Trimmed version of Bouncy Castle")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("")]
12 | [assembly: AssemblyProduct("bc-trimmed")]
13 | [assembly: AssemblyCopyright("")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 | [assembly: Guid("f1b671fd-3707-4315-99cb-9c83840dc772")]
24 |
25 | // Version information for an assembly consists of the following four values:
26 | //
27 | // Major Version
28 | // Minor Version
29 | // Build Number
30 | // Revision
31 | //
32 | // You can specify all the values or you can default the Build and Revision Numbers
33 | // by using the '*' as shown below:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.0.0")]
36 | [assembly: AssemblyFileVersion("1.0.0.0")]
37 |
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/IFiniteField.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // This file was imported from the C# Bouncy Castle project. Original license header is retained:
4 | //
5 | //
6 | // License
7 | // Copyright (c) 2000-2014 The Legion of the Bouncy Castle Inc. (http://www.bouncycastle.org)
8 | //
9 | // Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
10 | //
11 | // The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
12 | //
13 | // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
14 | //
15 | //*********************************************************
16 |
17 | using System;
18 |
19 | namespace BouncyCastle
20 | {
21 | public interface IFiniteField
22 | {
23 | BigInteger Characteristic { get; }
24 |
25 | int Dimension { get; }
26 | }
27 | }
28 |
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/multiplier/PreCompInfo.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // This file was imported from the C# Bouncy Castle project. Original license header is retained:
4 | //
5 | //
6 | // License
7 | // Copyright (c) 2000-2014 The Legion of the Bouncy Castle Inc. (http://www.bouncycastle.org)
8 | //
9 | // Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
10 | //
11 | // The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
12 | //
13 | // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
14 | //
15 | //*********************************************************
16 |
17 | namespace BouncyCastle
18 | {
19 | /**
20 | * Interface for classes storing precomputation data for multiplication
21 | * algorithms. Used as a Memento (see GOF patterns) for
22 | * WNafMultiplier.
23 | */
24 | public interface PreCompInfo
25 | {
26 | }
27 | }
28 |
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/ECPointMap.cs:
--------------------------------------------------------------------------------
1 | //***********************************************************************************************
2 | //
3 | // This file was imported from the C# Bouncy Castle project. Original license header is retained:
4 | //
5 | //
6 | // The Bouncy Castle Cryptographic C#® API
7 | //
8 | // License:
9 | //
10 | // The Bouncy Castle License
11 | // Copyright (c) 2000-2014 The Legion of the Bouncy Castle Inc. (http://www.bouncycastle.org)
12 | // Permission is hereby granted, free of charge, to any person obtaining a copy of this software
13 | // and associated documentation files (the "Software"), to deal in the Software without restriction,
14 | // including without limitation the rights to use, copy, modify, merge, publish, distribute,
15 | // sub license, and/or sell copies of the Software, and to permit persons to whom the Software is
16 | // furnished to do so, subject to the following conditions:
17 | // The above copyright notice and this permission notice shall be included in all copies or
18 | // substantial portions of the Software.
19 | // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
20 | // INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
21 | // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
22 | // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
23 | // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
24 | // DEALINGS IN THE SOFTWARE.
25 | //
26 | //***********************************************************************************************
27 |
28 | using System;
29 |
30 | namespace Org.BouncyCastle.Math.EC
31 | {
32 | public interface ECPointMap
33 | {
34 | ECPoint Map(ECPoint p);
35 | }
36 | }
37 |
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/Integers.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // This file was imported from the C# Bouncy Castle project. Original license header is retained:
4 | //
5 | //
6 | // License
7 | // Copyright (c) 2000-2014 The Legion of the Bouncy Castle Inc. (http://www.bouncycastle.org)
8 | //
9 | // Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
10 | //
11 | // The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
12 | //
13 | // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
14 | //
15 | //*********************************************************
16 |
17 | using System;
18 |
19 | namespace BouncyCastle
20 | {
21 | public abstract class Integers
22 | {
23 | public static int RotateLeft(int i, int distance)
24 | {
25 | return (i << distance) ^ (int)((uint)i >> -distance);
26 | }
27 |
28 | public static int RotateRight(int i, int distance)
29 | {
30 | return (int)((uint)i >> distance) ^ (i << -distance);
31 | }
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/multiplier/AbstractECMultiplier.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // This file was imported from the C# Bouncy Castle project. Original license header is retained:
4 | //
5 | //
6 | // License
7 | // Copyright (c) 2000-2014 The Legion of the Bouncy Castle Inc. (http://www.bouncycastle.org)
8 | //
9 | // Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
10 | //
11 | // The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
12 | //
13 | // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
14 | //
15 | //*********************************************************
16 |
17 | namespace BouncyCastle
18 | {
19 | public abstract class AbstractECMultiplier
20 | : ECMultiplier
21 | {
22 | public virtual ECPoint Multiply(ECPoint p, BigInteger k)
23 | {
24 | int sign = k.SignValue;
25 | if (sign == 0 || p.IsInfinity)
26 | return p.Curve.Infinity;
27 |
28 | ECPoint positive = MultiplyPositive(p, k.Abs());
29 | return sign > 0 ? positive : positive.Negate();
30 | }
31 |
32 | protected abstract ECPoint MultiplyPositive(ECPoint p, BigInteger k);
33 | }
34 | }
35 |
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/multiplier/ECMultiplier.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // This file was imported from the C# Bouncy Castle project. Original license header is retained:
4 | //
5 | //
6 | // License
7 | // Copyright (c) 2000-2014 The Legion of the Bouncy Castle Inc. (http://www.bouncycastle.org)
8 | //
9 | // Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
10 | //
11 | // The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
12 | //
13 | // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
14 | //
15 | //*********************************************************
16 |
17 | namespace BouncyCastle
18 | {
19 | /**
20 | * Interface for classes encapsulating a point multiplication algorithm
21 | * for ECPoints.
22 | */
23 | public interface ECMultiplier
24 | {
25 | /**
26 | * Multiplies the ECPoint p by k, i.e.
27 | * p is added k times to itself.
28 | * @param p The ECPoint to be multiplied.
29 | * @param k The factor by which p is multiplied.
30 | * @return p multiplied by k.
31 | */
32 | ECPoint Multiply(ECPoint p, BigInteger k);
33 | }
34 | }
35 |
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/multiplier/DoubleAddMultiplier.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // This file was imported from the C# Bouncy Castle project. Original license header is retained:
4 | //
5 | //
6 | // License
7 | // Copyright (c) 2000-2014 The Legion of the Bouncy Castle Inc. (http://www.bouncycastle.org)
8 | //
9 | // Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
10 | //
11 | // The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
12 | //
13 | // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
14 | //
15 | //*********************************************************
16 |
17 | namespace BouncyCastle
18 | {
19 | public class DoubleAddMultiplier
20 | : AbstractECMultiplier
21 | {
22 | /**
23 | * Joye's double-add algorithm.
24 | */
25 | protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k)
26 | {
27 | ECPoint[] R = new ECPoint[] { p.Curve.Infinity, p };
28 |
29 | int n = k.BitLength;
30 | for (int i = 0; i < n; ++i)
31 | {
32 | int b = k.TestBit(i) ? 1 : 0;
33 | int bp = 1 - b;
34 | R[bp] = R[bp].TwicePlus(R[b]);
35 | }
36 |
37 | return R[0];
38 | }
39 | }
40 | }
41 |
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/AbstractECMultiplier.cs:
--------------------------------------------------------------------------------
1 | //***********************************************************************************************
2 | //
3 | // This file was imported from the C# Bouncy Castle project. Original license header is retained:
4 | //
5 | //
6 | // The Bouncy Castle Cryptographic C#® API
7 | //
8 | // License:
9 | //
10 | // The Bouncy Castle License
11 | // Copyright (c) 2000-2014 The Legion of the Bouncy Castle Inc. (http://www.bouncycastle.org)
12 | // Permission is hereby granted, free of charge, to any person obtaining a copy of this software
13 | // and associated documentation files (the "Software"), to deal in the Software without restriction,
14 | // including without limitation the rights to use, copy, modify, merge, publish, distribute,
15 | // sub license, and/or sell copies of the Software, and to permit persons to whom the Software is
16 | // furnished to do so, subject to the following conditions:
17 | // The above copyright notice and this permission notice shall be included in all copies or
18 | // substantial portions of the Software.
19 | // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
20 | // INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
21 | // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
22 | // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
23 | // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
24 | // DEALINGS IN THE SOFTWARE.
25 | //
26 | //***********************************************************************************************
27 |
28 | namespace Org.BouncyCastle.Math.EC.Multiplier
29 | {
30 | public abstract class AbstractECMultiplier
31 | : ECMultiplier
32 | {
33 | public virtual ECPoint Multiply(ECPoint p, BigInteger k)
34 | {
35 | int sign = k.SignValue;
36 | if (sign == 0 || p.IsInfinity)
37 | return p.Curve.Infinity;
38 |
39 | ECPoint positive = MultiplyPositive(p, k.Abs());
40 | return sign > 0 ? positive : positive.Negate();
41 | }
42 |
43 | protected abstract ECPoint MultiplyPositive(ECPoint p, BigInteger k);
44 | }
45 | }
46 |
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/DoubleAddMultiplier.cs:
--------------------------------------------------------------------------------
1 | //***********************************************************************************************
2 | //
3 | // This file was imported from the C# Bouncy Castle project. Original license header is retained:
4 | //
5 | //
6 | // The Bouncy Castle Cryptographic C#® API
7 | //
8 | // License:
9 | //
10 | // The Bouncy Castle License
11 | // Copyright (c) 2000-2014 The Legion of the Bouncy Castle Inc. (http://www.bouncycastle.org)
12 | // Permission is hereby granted, free of charge, to any person obtaining a copy of this software
13 | // and associated documentation files (the "Software"), to deal in the Software without restriction,
14 | // including without limitation the rights to use, copy, modify, merge, publish, distribute,
15 | // sub license, and/or sell copies of the Software, and to permit persons to whom the Software is
16 | // furnished to do so, subject to the following conditions:
17 | // The above copyright notice and this permission notice shall be included in all copies or
18 | // substantial portions of the Software.
19 | // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
20 | // INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
21 | // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
22 | // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
23 | // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
24 | // DEALINGS IN THE SOFTWARE.
25 | //
26 | //***********************************************************************************************
27 |
28 | namespace Org.BouncyCastle.Math.EC.Multiplier
29 | {
30 | public class DoubleAddMultiplier
31 | : AbstractECMultiplier
32 | {
33 | /**
34 | * Joye's double-add algorithm.
35 | */
36 | protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k)
37 | {
38 | ECPoint[] R = new ECPoint[]{ p.Curve.Infinity, p };
39 |
40 | int n = k.BitLength;
41 | for (int i = 0; i < n; ++i)
42 | {
43 | int b = k.TestBit(i) ? 1 : 0;
44 | int bp = 1 - b;
45 | R[bp] = R[bp].TwicePlus(R[b]);
46 | }
47 |
48 | return R[0];
49 | }
50 | }
51 | }
52 |
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/PrimeField.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // This file was imported from the C# Bouncy Castle project. Original license header is retained:
4 | //
5 | //
6 | // License
7 | // Copyright (c) 2000-2014 The Legion of the Bouncy Castle Inc. (http://www.bouncycastle.org)
8 | //
9 | // Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
10 | //
11 | // The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
12 | //
13 | // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
14 | //
15 | //*********************************************************
16 |
17 | using System;
18 |
19 | namespace BouncyCastle
20 | {
21 | internal class PrimeField
22 | : IFiniteField
23 | {
24 | protected readonly BigInteger characteristic;
25 |
26 | internal PrimeField(BigInteger characteristic)
27 | {
28 | this.characteristic = characteristic;
29 | }
30 |
31 | public virtual BigInteger Characteristic
32 | {
33 | get { return characteristic; }
34 | }
35 |
36 | public virtual int Dimension
37 | {
38 | get { return 1; }
39 | }
40 |
41 | public override bool Equals(object obj)
42 | {
43 | if (this == obj)
44 | {
45 | return true;
46 | }
47 | PrimeField other = obj as PrimeField;
48 | if (null == other)
49 | {
50 | return false;
51 | }
52 | return characteristic.Equals(other.characteristic);
53 | }
54 |
55 | public override int GetHashCode()
56 | {
57 | return characteristic.GetHashCode();
58 | }
59 | }
60 | }
61 |
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/multiplier/ReferenceMultiplier.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // This file was imported from the C# Bouncy Castle project. Original license header is retained:
4 | //
5 | //
6 | // License
7 | // Copyright (c) 2000-2014 The Legion of the Bouncy Castle Inc. (http://www.bouncycastle.org)
8 | //
9 | // Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
10 | //
11 | // The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
12 | //
13 | // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
14 | //
15 | //*********************************************************
16 |
17 | namespace BouncyCastle
18 | {
19 | public class ReferenceMultiplier
20 | : AbstractECMultiplier
21 | {
22 | /**
23 | * Simple shift-and-add multiplication. Serves as reference implementation
24 | * to verify (possibly faster) implementations in
25 | * {@link org.bouncycastle.math.ec.ECPoint ECPoint}.
26 | *
27 | * @param p The point to multiply.
28 | * @param k The factor by which to multiply.
29 | * @return The result of the point multiplication k * p.
30 | */
31 | protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k)
32 | {
33 | ECPoint q = p.Curve.Infinity;
34 | int t = k.BitLength;
35 | if (t > 0)
36 | {
37 | if (k.TestBit(0))
38 | {
39 | q = p;
40 | }
41 | for (int i = 1; i < t; i++)
42 | {
43 | p = p.Twice();
44 | if (k.TestBit(i))
45 | {
46 | q = q.Add(p);
47 | }
48 | }
49 | }
50 | return q;
51 | }
52 | }
53 | }
54 |
--------------------------------------------------------------------------------
/UProveUnitTest/StaticTestHelpers.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using System;
15 | using UProveCrypto;
16 |
17 | namespace UProveUnitTest
18 | {
19 | static class StaticTestHelpers
20 | {
21 | private static System.Text.UTF8Encoding encoding = new System.Text.UTF8Encoding();
22 |
23 | public static void GenerateTestIssuanceParameters(string uidp, string spec, int numberOfAttributes, bool useRecommendedParameters, int numberOfTokens, out IssuerKeyAndParameters ikap, out IssuerProtocolParameters ipp, out ProverProtocolParameters ppp)
24 | {
25 | IssuerSetupParameters isp = new IssuerSetupParameters();
26 | isp.UidP = (uidp == null ? null : encoding.GetBytes(uidp));
27 | isp.E = IssuerSetupParameters.GetDefaultEValues(numberOfAttributes);
28 | isp.UseRecommendedParameterSet = useRecommendedParameters;
29 | isp.S = (spec == null ? null : encoding.GetBytes(spec));
30 | ikap = isp.Generate();
31 | IssuerParameters ip = ikap.IssuerParameters;
32 |
33 | // Issuance
34 | byte[][] attributes = new byte[numberOfAttributes][];
35 | for (int i = 0; i < numberOfAttributes; i++)
36 | {
37 | attributes[i] = encoding.GetBytes("attribute value " + (i + 1));
38 | }
39 | byte[] tokenInformation = encoding.GetBytes("token information field");
40 | byte[] proverInformation = encoding.GetBytes("prover information field");
41 |
42 | ipp = new IssuerProtocolParameters(ikap);
43 | ipp.Attributes = attributes;
44 | ipp.NumberOfTokens = numberOfTokens;
45 | ipp.TokenInformation = tokenInformation;
46 |
47 | ppp = new ProverProtocolParameters(ip);
48 | ppp.Attributes = attributes;
49 | ppp.NumberOfTokens = numberOfTokens;
50 | ppp.TokenInformation = tokenInformation;
51 | ppp.ProverInformation = proverInformation;
52 | }
53 |
54 | public static byte[] IntToBigEndianBytes(int integer)
55 | {
56 | byte[] bytes = BitConverter.GetBytes(integer);
57 | Array.Reverse(bytes, 0, bytes.Length);
58 | return bytes;
59 | }
60 | }
61 | }
62 |
--------------------------------------------------------------------------------
/UProveCrypto/IDevice.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using System;
15 | using UProveCrypto.Math;
16 |
17 | namespace UProveCrypto
18 | {
19 | ///
20 | /// Simple Device Interface
21 | ///
22 | public interface IDevice : IDisposable
23 | {
24 | ///
25 | /// Returns the Device public key h_d.
26 | ///
27 | /// h_d.
28 | GroupElement GetDevicePublicKey();
29 |
30 | ///
31 | /// Gets the presentation context.
32 | ///
33 | /// A presentation context.
34 | IDevicePresentationContext GetPresentationContext();
35 | }
36 |
37 | ///
38 | /// Interface for a device presentation context
39 | ///
40 | public interface IDevicePresentationContext : IDisposable
41 | {
42 | ///
43 | /// Returns the Device initial witness for a U-Prove token presentation.
44 | ///
45 | /// a.
46 | GroupElement GetInitialWitness();
47 |
48 | ///
49 | /// Returns the Device initial witness for a U-Prove token presentation.
50 | ///
51 | /// A group element derived from the pseudonym scope
52 | /// The ap' value.
53 | /// The Ps value.
54 | /// a.
55 | GroupElement GetInitialWitnessesAndPseudonym(GroupElement gs, out GroupElement apPrime, out GroupElement Ps);
56 |
57 | ///
58 | /// Returns the Device response for a U-Prove token presentation.
59 | ///
60 | /// The message for the Device.
61 | /// The partial challenge digest.
62 | /// The hash algorithm OID for the challenge generation.
63 | /// r_d.
64 | FieldZqElement GetDeviceResponse(byte[] messageForDevice, byte[] partialChallengeDigest, string hashOID);
65 | }
66 | }
67 |
--------------------------------------------------------------------------------
/.vscode/tasks.json:
--------------------------------------------------------------------------------
1 | {
2 | "version": "2.0.0",
3 | "tasks": [
4 | {
5 | "label": "build debug",
6 | "command": "dotnet",
7 | "type": "process",
8 | "args": [
9 | "build",
10 | "${workspaceFolder}",
11 | "/property:GenerateFullPaths=true",
12 | "/consoleloggerparameters:NoSummary"
13 | ],
14 | "problemMatcher": "$msCompile"
15 | },
16 | {
17 | "label": "build Release",
18 | "command": "dotnet",
19 | "type": "process",
20 | "args": [
21 | "build",
22 | "${workspaceFolder}",
23 | "-c",
24 | "Release"
25 | ],
26 | "problemMatcher": "$msCompile",
27 | "group": {
28 | "kind": "build",
29 | "isDefault": true
30 | }
31 | },
32 | {
33 | "label": "clean Debug",
34 | "command": "dotnet",
35 | "type": "process",
36 | "args": [
37 | "clean",
38 | "-c",
39 | "Debug"
40 | ],
41 | "problemMatcher": "$msCompile"
42 | },
43 | {
44 | "label": "clean Release",
45 | "command": "dotnet",
46 | "type": "process",
47 | "args": [
48 | "clean",
49 | "-c",
50 | "Release"
51 | ],
52 | "problemMatcher": "$msCompile"
53 | },
54 | {
55 | "label": "test",
56 | "command": "dotnet",
57 | "type": "process",
58 | "args": [
59 | "test",
60 | "--verbosity",
61 | "normal"
62 | ],
63 | "problemMatcher": "$msCompile"
64 | },
65 | {
66 | "label": "test with debugger",
67 | "type": "process",
68 | "isBackground": true,
69 | "command": "dotnet",
70 | "args": [
71 | "test",
72 | "-c",
73 | "Debug",
74 | "--verbosity",
75 | "normal"
76 | ],
77 | "options": {
78 | "cwd": "${workspaceFolder}",
79 | "env": {
80 | "VSTEST_HOST_DEBUG": "1"
81 | },
82 | },
83 | "group": "test",
84 | "presentation": {
85 | "echo": true,
86 | "reveal": "always",
87 | "focus": false,
88 | "panel": "shared"
89 | },
90 | "problemMatcher": []
91 | }
92 | ]
93 | }
--------------------------------------------------------------------------------
/SECURITY.md:
--------------------------------------------------------------------------------
1 |
2 |
3 | ## Security
4 |
5 | Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/).
6 |
7 | If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://aka.ms/opensource/security/definition), please report it to us as described below.
8 |
9 | ## Reporting Security Issues
10 |
11 | **Please do not report security vulnerabilities through public GitHub issues.**
12 |
13 | Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://aka.ms/opensource/security/create-report).
14 |
15 | If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://aka.ms/opensource/security/pgpkey).
16 |
17 | You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://aka.ms/opensource/security/msrc).
18 |
19 | Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
20 |
21 | * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
22 | * Full paths of source file(s) related to the manifestation of the issue
23 | * The location of the affected source code (tag/branch/commit or direct URL)
24 | * Any special configuration required to reproduce the issue
25 | * Step-by-step instructions to reproduce the issue
26 | * Proof-of-concept or exploit code (if possible)
27 | * Impact of the issue, including how an attacker might exploit the issue
28 |
29 | This information will help us triage your report more quickly.
30 |
31 | If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://aka.ms/opensource/security/bounty) page for more details about our active programs.
32 |
33 | ## Preferred Languages
34 |
35 | We prefer all communications to be in English.
36 |
37 | ## Policy
38 |
39 | Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://aka.ms/opensource/security/cvd).
40 |
41 |
42 |
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/multiplier/WNafPreCompInfo.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // This file was imported from the C# Bouncy Castle project. Original license header is retained:
4 | //
5 | //
6 | // License
7 | // Copyright (c) 2000-2014 The Legion of the Bouncy Castle Inc. (http://www.bouncycastle.org)
8 | //
9 | // Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
10 | //
11 | // The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
12 | //
13 | // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
14 | //
15 | //*********************************************************
16 |
17 | namespace BouncyCastle
18 | {
19 | /**
20 | * Class holding precomputation data for the WNAF (Window Non-Adjacent Form)
21 | * algorithm.
22 | */
23 | public class WNafPreCompInfo
24 | : PreCompInfo
25 | {
26 | /**
27 | * Array holding the precomputed ECPoints used for a Window
28 | * NAF multiplication.
29 | */
30 | protected ECPoint[] m_preComp = null;
31 |
32 | /**
33 | * Array holding the negations of the precomputed ECPoints used
34 | * for a Window NAF multiplication.
35 | */
36 | protected ECPoint[] m_preCompNeg = null;
37 |
38 | /**
39 | * Holds an ECPoint representing Twice(this). Used for the
40 | * Window NAF multiplication to create or extend the precomputed values.
41 | */
42 | protected ECPoint m_twice = null;
43 |
44 | public virtual ECPoint[] PreComp
45 | {
46 | get { return m_preComp; }
47 | set { this.m_preComp = value; }
48 | }
49 |
50 | public virtual ECPoint[] PreCompNeg
51 | {
52 | get { return m_preCompNeg; }
53 | set { this.m_preCompNeg = value; }
54 | }
55 |
56 | public virtual ECPoint Twice
57 | {
58 | get { return m_twice; }
59 | set { this.m_twice = value; }
60 | }
61 | }
62 | }
63 |
--------------------------------------------------------------------------------
/UProveCrypto/IssuanceProtocolParameters.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using System;
15 |
16 | namespace UProveCrypto
17 | {
18 | ///
19 | /// Version numbers for the U-Prove protocol.
20 | ///
21 | public enum ProtocolVersion {
22 | /// Version 1.1
23 | V1_1
24 | };
25 |
26 | ///
27 | /// Contains parameters for an issuance protocol participant (Issuer or Prover).
28 | ///
29 | abstract public class IssuanceProtocolParameters
30 | {
31 | ///
32 | /// The protocol version.
33 | ///
34 | public ProtocolVersion ProtocolVersion { set; get; }
35 |
36 | private int numberOfTokens = 1;
37 | ///
38 | /// The number of tokens to issue. Must be a positive number.
39 | ///
40 | public int NumberOfTokens {
41 | get
42 | {
43 | return numberOfTokens;
44 | }
45 | set
46 | {
47 | if (value <= 0)
48 | {
49 | throw new ArgumentException("NumberOfTokens must be greater than 0");
50 | }
51 | numberOfTokens = value;
52 | }
53 | }
54 |
55 | ///
56 | /// The token attributes. Either this or the Gamma property
57 | /// must be set. If both are set, then the Gamma value takes priority.
58 | ///
59 | public byte[][] Attributes { get; set; }
60 |
61 | ///
62 | /// The token gamma value encoding the attribute values. Either this or the
63 | /// Attributes property must be set. If both are set, then the
64 | /// Gamma value takes priority.
65 | ///
66 | public GroupElement Gamma { get; set; }
67 |
68 | ///
69 | /// The token information field value. Can be null.
70 | ///
71 | public byte[] TokenInformation { get; set; }
72 |
73 | ///
74 | /// The device's public key. Can be null.
75 | ///
76 | public GroupElement DevicePublicKey { get; set; }
77 |
78 | ///
79 | /// Validates the parameters object.
80 | ///
81 | public abstract void Validate();
82 | }
83 | }
84 |
--------------------------------------------------------------------------------
/UProveParams/Program.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using System;
15 | using System.IO;
16 |
17 | namespace UProveParams
18 | {
19 | ///
20 | /// This program generates the U-Prove recommended parameters for issuers.
21 | ///
22 | public class Program
23 | {
24 | static string[] groupNames = { "P-256", "P-384", "P-521" };
25 | static Formatter.Type[] formatterTypes = {
26 | // Formatter.Type.code, // uncomment to generate C++ code-style output
27 | // Formatter.Type.codeCSharp, // uncomment to generate C# code-style output
28 | Formatter.Type.doc
29 | };
30 |
31 | ///
32 | /// Generates the recommended parameters.
33 | ///
34 | /// Output directory.
35 | static void Main(string[] args)
36 | {
37 | string outputPath;
38 | if (args != null && args.Length > 1)
39 | {
40 | outputPath = args[0];
41 | if (!Directory.Exists(outputPath))
42 | {
43 | throw new ArgumentException(outputPath + " does not exist");
44 | }
45 | }
46 | else
47 | {
48 | outputPath = Directory.GetCurrentDirectory();
49 | }
50 | System.IO.StreamWriter writer = null;
51 | try
52 | {
53 | foreach (Formatter.Type formatterType in formatterTypes)
54 | {
55 | foreach (string groupName in groupNames)
56 | {
57 | string outputFile = Path.Combine(outputPath, "recommendedparams_" + groupName + "_" + formatterType + ".txt");
58 | writer = new System.IO.StreamWriter(outputFile);
59 | Formatter formatter = new Formatter(formatterType, writer);
60 | formatter.PrintText("U-Prove Recommended Parameters (" + groupName + ")");
61 | ECRecommendedParameters.Print(formatter, groupName);
62 | Console.WriteLine("recommended parameters " + groupName + " written to " + outputFile);
63 | writer.Close();
64 | writer = null;
65 | }
66 | }
67 | }
68 | catch (Exception e)
69 | {
70 | Console.Error.WriteLine(e.Message);
71 | Console.Error.WriteLine(e.StackTrace);
72 | }
73 | finally
74 | {
75 | if (writer != null)
76 | {
77 | writer.Close();
78 | }
79 | }
80 | Console.WriteLine("completed");
81 | Console.ReadLine();
82 | }
83 | }
84 | }
85 |
--------------------------------------------------------------------------------
/UProveCrypto/UProveKeyAndToken.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using System.ComponentModel;
15 | using System.Runtime.Serialization;
16 | using UProveCrypto.Math;
17 |
18 | namespace UProveCrypto
19 | {
20 | ///
21 | /// Represents a U-Prove key and token.
22 | ///
23 | [DataContract]
24 | public class UProveKeyAndToken : IParametrizedDeserialization
25 | {
26 | private UProveToken token;
27 | private FieldZqElement privateKey;
28 |
29 | ///
30 | /// Constructs a new UProveKeyAndToken instance.
31 | ///
32 | public UProveKeyAndToken()
33 | {
34 | }
35 |
36 | ///
37 | /// Gets or sets the U-Prove token.
38 | ///
39 | [DataMember(Name = "token", Order = 1)]
40 | public UProveToken Token
41 | {
42 | get { return token; }
43 | set { token = value; }
44 | }
45 |
46 | ///
47 | /// Gets or sets the public key.
48 | ///
49 | public FieldZqElement PrivateKey
50 | {
51 | get { return privateKey; }
52 | set { privateKey = value; }
53 | }
54 |
55 | #region Serialization
56 |
57 | [DataMember(Name = "key", Order = 2)]
58 | [EditorBrowsable(EditorBrowsableState.Never)]
59 | internal string _key;
60 |
61 | [OnSerializing]
62 | [EditorBrowsable(EditorBrowsableState.Never)]
63 | internal void OnSerializing(StreamingContext context)
64 | {
65 | _key = this.PrivateKey.ToBase64String();
66 | }
67 |
68 | bool deserializationStarted = false;
69 | [OnDeserialized]
70 | [EditorBrowsable(EditorBrowsableState.Never)]
71 | internal void OnDeserialized(StreamingContext context)
72 | {
73 | if (_key == null)
74 | throw new UProveSerializationException("key");
75 | deserializationStarted = true;
76 | }
77 |
78 | void IParametrizedDeserialization.FinishDeserialization(IssuerParameters ip)
79 | {
80 | try
81 | {
82 | if (!this.deserializationStarted)
83 | {
84 | throw new SerializationException("deserialization not started");
85 | }
86 |
87 | this.PrivateKey = _key.ToFieldZqElement(ip.Zq);
88 | (this.Token as IParametrizedDeserialization).FinishDeserialization(ip);
89 | }
90 | catch
91 | {
92 | throw;
93 | }
94 | finally
95 | {
96 | this.deserializationStarted = false;
97 | }
98 | }
99 |
100 |
101 | #endregion Serialization
102 |
103 | }
104 | }
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/FiniteFields.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // This file was imported from the C# Bouncy Castle project. Original license header is retained:
4 | //
5 | //
6 | // License
7 | // Copyright (c) 2000-2014 The Legion of the Bouncy Castle Inc. (http://www.bouncycastle.org)
8 | //
9 | // Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
10 | //
11 | // The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
12 | //
13 | // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
14 | //
15 | //*********************************************************
16 |
17 | using System;
18 |
19 | namespace BouncyCastle
20 | {
21 | public abstract class FiniteFields
22 | {
23 | internal static readonly IFiniteField GF_2 = new PrimeField(BigInteger.ValueOf(2));
24 | internal static readonly IFiniteField GF_3 = new PrimeField(BigInteger.ValueOf(3));
25 |
26 | //public static IPolynomialExtensionField GetBinaryExtensionField(int[] exponents)
27 | //{
28 | // if (exponents[0] != 0)
29 | // {
30 | // throw new ArgumentException("Irreducible polynomials in GF(2) must have constant term", "exponents");
31 | // }
32 | // for (int i = 1; i < exponents.Length; ++i)
33 | // {
34 | // if (exponents[i] <= exponents[i - 1])
35 | // {
36 | // throw new ArgumentException("Polynomial exponents must be montonically increasing", "exponents");
37 | // }
38 | // }
39 |
40 | // return new GenericPolynomialExtensionField(GF_2, new GF2Polynomial(exponents));
41 | //}
42 |
43 | // public static IPolynomialExtensionField GetTernaryExtensionField(Term[] terms)
44 | // {
45 | // return new GenericPolynomialExtensionField(GF_3, new GF3Polynomial(terms));
46 | // }
47 |
48 | public static IFiniteField GetPrimeField(BigInteger characteristic)
49 | {
50 | int bitLength = characteristic.BitLength;
51 | if (characteristic.SignValue <= 0 || bitLength < 2)
52 | {
53 | throw new ArgumentException("Must be >= 2", "characteristic");
54 | }
55 |
56 | if (bitLength < 3)
57 | {
58 | switch (characteristic.IntValue)
59 | {
60 | case 2:
61 | return GF_2;
62 | case 3:
63 | return GF_3;
64 | }
65 | }
66 |
67 | return new PrimeField(characteristic);
68 | }
69 | }
70 | }
71 |
--------------------------------------------------------------------------------
/UProveCrypto.sln:
--------------------------------------------------------------------------------
1 | Microsoft Visual Studio Solution File, Format Version 12.00
2 | # Visual Studio Version 17
3 | VisualStudioVersion = 17.5.33414.496
4 | MinimumVisualStudioVersion = 10.0.40219.1
5 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "UProveUnitTest", "UProveUnitTest\UProveUnitTest.csproj", "{61263EB0-5263-4FDA-BEC8-CC1403B973CF}"
6 | EndProject
7 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "UProveCrypto", "UProveCrypto\UProveCrypto.csproj", "{3C8F664A-B85A-4F53-87D9-AC3354085ED0}"
8 | EndProject
9 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "UProveSample", "UProveSample\UProveSample.csproj", "{46E74C02-29FB-4EBB-945A-98DAD73AC1A8}"
10 | EndProject
11 | # Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "bc-trimmed", "ThirdParty\BouncyCastle\bc-trimmed\bc-trimmed.csproj", "{E6F1B45A-7EF6-4620-A8AE-2F74AB1A5489}"
12 | # EndProject
13 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "UProveParams", "UProveParams\UProveParams.csproj", "{A60D1870-B799-4813-A491-C56D6C5AAFC9}"
14 | EndProject
15 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "UProveTestVectors", "UProveTestVectors\UProveTestVectors.csproj", "{6D1FA73C-266E-40FB-AA10-FE6B09DB69DB}"
16 | EndProject
17 | Global
18 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
19 | Release|Any CPU = Release|Any CPU
20 | Debug|Any CPU = Debug|Any CPU
21 | EndGlobalSection
22 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
23 | {3C8F664A-B85A-4F53-87D9-AC3354085ED0}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
24 | {3C8F664A-B85A-4F53-87D9-AC3354085ED0}.Debug|Any CPU.Build.0 = Debug|Any CPU
25 | {3C8F664A-B85A-4F53-87D9-AC3354085ED0}.Release|Any CPU.ActiveCfg = Release|Any CPU
26 | {3C8F664A-B85A-4F53-87D9-AC3354085ED0}.Release|Any CPU.Build.0 = Release|Any CPU
27 | {46E74C02-29FB-4EBB-945A-98DAD73AC1A8}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
28 | {46E74C02-29FB-4EBB-945A-98DAD73AC1A8}.Debug|Any CPU.Build.0 = Debug|Any CPU
29 | {46E74C02-29FB-4EBB-945A-98DAD73AC1A8}.Release|Any CPU.ActiveCfg = Release|Any CPU
30 | {46E74C02-29FB-4EBB-945A-98DAD73AC1A8}.Release|Any CPU.Build.0 = Release|Any CPU
31 | {61263EB0-5263-4FDA-BEC8-CC1403B973CF}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
32 | {61263EB0-5263-4FDA-BEC8-CC1403B973CF}.Debug|Any CPU.Build.0 = Debug|Any CPU
33 | {61263EB0-5263-4FDA-BEC8-CC1403B973CF}.Release|Any CPU.ActiveCfg = Release|Any CPU
34 | {61263EB0-5263-4FDA-BEC8-CC1403B973CF}.Release|Any CPU.Build.0 = Release|Any CPU
35 | {E6F1B45A-7EF6-4620-A8AE-2F74AB1A5489}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
36 | {E6F1B45A-7EF6-4620-A8AE-2F74AB1A5489}.Debug|Any CPU.Build.0 = Debug|Any CPU
37 | {E6F1B45A-7EF6-4620-A8AE-2F74AB1A5489}.Release|Any CPU.ActiveCfg = Release|Any CPU
38 | {E6F1B45A-7EF6-4620-A8AE-2F74AB1A5489}.Release|Any CPU.Build.0 = Release|Any CPU
39 | {A60D1870-B799-4813-A491-C56D6C5AAFC9}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
40 | {A60D1870-B799-4813-A491-C56D6C5AAFC9}.Debug|Any CPU.Build.0 = Debug|Any CPU
41 | {A60D1870-B799-4813-A491-C56D6C5AAFC9}.Release|Any CPU.ActiveCfg = Release|Any CPU
42 | {A60D1870-B799-4813-A491-C56D6C5AAFC9}.Release|Any CPU.Build.0 = Release|Any CPU
43 | {6D1FA73C-266E-40FB-AA10-FE6B09DB69DB}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
44 | {6D1FA73C-266E-40FB-AA10-FE6B09DB69DB}.Debug|Any CPU.Build.0 = Debug|Any CPU
45 | {6D1FA73C-266E-40FB-AA10-FE6B09DB69DB}.Release|Any CPU.ActiveCfg = Release|Any CPU
46 | {6D1FA73C-266E-40FB-AA10-FE6B09DB69DB}.Release|Any CPU.Build.0 = Release|Any CPU
47 | EndGlobalSection
48 | GlobalSection(SolutionProperties) = preSolution
49 | HideSolutionNode = FALSE
50 | EndGlobalSection
51 | EndGlobal
--------------------------------------------------------------------------------
/docs/testvectors/testvectors_EC_D5_lite_doc.txt:
--------------------------------------------------------------------------------
1 | U-Prove Cryptographic test vectors - V1.1 Revision 3
2 | UIDh = SHA-256
3 | UIDp = 56312e31205265766973696f6e20335465737420566563746f7273202336
4 | GroupName = 1.3.6.1.4.1.311.75.1.2.1
5 | y0 = eeefea0efe0bb2ee36f5f826d782467b29437702ff3f0cc56ff655c3b6c71f8
6 | g0.x = 527fcbb21aabff695403aa13f903eca88dcd5a236eb2caef700d6046888c3bde
7 | g0.y = d881e2fcd897515b72bfb4ee82d3d3fadb7c09d392b95d2f95cec85cf3e04c92
8 | e1 = 01
9 | e2 = 01
10 | e3 = 01
11 | e4 = 00
12 | e5 = 00
13 | S = 49737375657220706172616d65746572732073706563696669636174696f6e
14 | A1 = 416c69636520536d697468
15 | A2 = 5741
16 | A3 = 313031302043727970746f20537472656574
17 | A4 = 01
18 | A5 = 499602d2
19 | TI = 546f6b656e20696e666f726d6174696f6e206669656c642076616c7565
20 | PI = 50726f76657220696e666f726d6174696f6e206669656c642076616c7565
21 | x1 = 3e4668267d6a6fe778ec3a189b384b44d029f3edc3532d618b88a729adaea673
22 | x2 = af93c647ca51d4c950a616f6aa4cca9c3995589b0710783c3e3a513caf244772
23 | x3 = 58f98bdb5985d501eac1de1057505c3782948c1b5949261d67cdeddf1bf49a5c
24 | x4 = 1
25 | x5 = 499602d2
26 | P = bc7247ec451cf424fb39e0ca304023bef8dbc059e48d6ad40ce47e4138005ce8
27 | xt = 919abc838ee6a31115f589b8b31a2d3ec2694f874eb8e81da68fc7af8d9a5651
28 | gamma.x = 7398bc214613bd7609f8da04bc973a1936d75ebae11a61672c1b57d937d27514
29 | gamma.y = c8a96c01888c8702b0f598ff2f1435eb88f57b5ccaa24f559516cf0bd33edf50
30 | sigmaZ.x = 91afd9e74dc06eb3bacec1d7169da5b10cab8a1a5e3cdee3463a06bb6f0800c5
31 | sigmaZ.y = 9a8e4c5c83bed417a30e96c3c36b67462336b1cedd5fa165feedb21f536f3224
32 | w = 1794f7eefbea6b61e802cf08fb273164e2df6dd550faff1bfd324af07b5ef376
33 | sigmaA.x = f65a304f8816de4f0af6aa7958897415536ca0e33bda734c8a448a2d9eff7ed3
34 | sigmaA.y = 72c353b43a293659f1bdd793478c418deaac5149d36b7bddc1cdbcd746c1a177
35 | sigmaB.x = 5948b01a4d42e8b719aa70574ad52ecbaed2cae03da107d2fbc7500355b36b
36 | sigmaB.y = 98b83f7d5d97667ab95f08d6b30fc594e8bb62942ca338aad36c4097305f5a19
37 | alpha = fd676bd980356bc828d5882d24e8d02ece01795cff9ca71c94dbf1c99f7be689
38 | beta1 = f580b94bc58e3ac73a5ac7a72d2f715611b217ae4977660bf4e44a544a228ac
39 | beta2 = efff1dcbdc3c72751dcce85aef2daac2e4db6784596ba478e2aad46d143d68d0
40 | h.x = fca85a117876d887c8abe3286323dfb97334b05e8d1ca11682fd2ce1e2e2301e
41 | h.y = fd4aa1d8bda8a9970ad2842120fee8de919dd0d9ba023ddfd625deeb43109cc3
42 | alphaInverse = 8987e2bf7e3822f4fcef5c8b3664e34df38549b1548a91467aefd04b4603ed7a
43 | sigmaZPrime.x = b958a62fce0c11cc38349158412146824b2754c7e61bce21e1f0652da09effcb
44 | sigmaZPrime.y = 6c6d65833bdaa67459e570f13ba292d88f6a4551a9a79b912cd230a7b9676ef4
45 | sigmaAPrime.x = 335dae046dac839a5f52fe398d77dbba4e37edea6cac2bdc95d20f9b00c1c9b4
46 | sigmaAPrime.y = 603cc292e747d4ae94da48d3901e84a0b7e434c169139b19cb31a235498bd251
47 | sigmaBPrime.x = 2bba13497b263a72845e9e5e66e1cbc8334e6e1bcf15f0ef02b92eb2793e80d7
48 | sigmaBPrime.y = ae23fccaaa6b345e8c6b29daf1f80b3e8fdd6cc02462cc20f3b2ad6be72bf306
49 | sigmaCPrime = 95a16e13f60f749cf4f09a75fa270bad8de712d7bea61821c68825cc8be191b9
50 | sigmaC = a4f979a8b2685849689646f06cfa02c2ef023452a33d8e8285d66a71d083ba65
51 | sigmaR = a9eeffa13fade72012a0e6fdc0d4cbab118d72e4131194b13b4af519d2505443
52 | sigmaRPrime = 99ee1d6e1bea5994306dcf58b002766e3981dfbac5659aa52a3bfec3ea2a97c2
53 | D = 1,2,3,4,5
54 | U =
55 | m = 56657269666965725549442b72616e646f6d2064617461
56 | md = 446972656374206d657373616765
57 | w0 = 7d008b72b42b3825a8ac5c17ae1c7192a381c0683ba352835aa5e932670560e0
58 | a = 60828464b61729d88a79a4217b7bd0dd32040ff27e58dab766ed003a9d473d56
59 | UIDt = 2e125fb0c213d8ef3953f23d7e674c5cbad19e3be7f75bd1cea018906df0d3fe
60 | cp = 8b96e6854cf51cc863985abc3ac0a2589c05bedea015a5cff513285b1005c8b9
61 | c = a0cf0c3247546f025e2b625e29c7192b71fe8a017c516cc8ba9083c7887832b
62 | r0 = abaff8765de2c7558180cb016174b918963f593fa5885bfa7c22459a5a7e2aa1
63 |
--------------------------------------------------------------------------------
/UProveTestVectors/Math.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using Org.BouncyCastle.Math;
15 | using Org.BouncyCastle.Math.EC;
16 | using UProveParams;
17 |
18 | namespace UProveTestVectors
19 | {
20 | public abstract class Group
21 | {
22 | public string OID { get; internal set; }
23 | public abstract GroupElement Identity { get; }
24 | public abstract BigInteger Order { get; }
25 | public abstract GroupElement Generator { get; }
26 | }
27 |
28 | public class P256ECGroup : Group
29 | {
30 | public P256ECGroup()
31 | {
32 | OID = RecommendedParameters.P256.Oid;
33 | }
34 |
35 | public override GroupElement Identity
36 | {
37 | get { return new ECElement(RecommendedParameters.P256.parameters.Curve.Infinity as FpPoint); }
38 | }
39 |
40 | public override BigInteger Order
41 | {
42 | get { return RecommendedParameters.P256.parameters.N; }
43 | }
44 |
45 | public override GroupElement Generator
46 | {
47 | get { return new ECElement(RecommendedParameters.P256.g); }
48 | }
49 |
50 | }
51 |
52 | public abstract class GroupElement
53 | {
54 | public abstract GroupElement Multiply(GroupElement other);
55 | public abstract GroupElement Exponentiate(BigInteger exponent);
56 | public abstract void Print(string varLabel, string varType, string varNamespace, Formatter formatter);
57 | public void Print(string varLabel, Formatter formatter)
58 | {
59 | Print(varLabel, null, null, formatter);
60 | }
61 | public abstract byte[] ToByteArray();
62 | public abstract string ToString(int radix = 16);
63 | }
64 |
65 | public class ECElement : GroupElement
66 | {
67 | public FpPoint point;
68 | public ECElement(FpPoint point)
69 | {
70 | this.point = point;
71 | }
72 |
73 | public override GroupElement Multiply(GroupElement other)
74 | {
75 | return new ECElement(point.Add((other as ECElement).point) as FpPoint);
76 | }
77 |
78 | public override GroupElement Exponentiate(BigInteger exponent)
79 | {
80 | return new ECElement(point.Multiply(exponent) as FpPoint);
81 | }
82 |
83 | public override void Print(string varLabel, string varType, string varNamespace, Formatter formatter)
84 | {
85 | formatter.PrintPoint(varLabel, varType, varNamespace, point);
86 | }
87 |
88 | public override byte[] ToByteArray()
89 | {
90 | return point.GetEncoded();
91 | }
92 |
93 | public override bool Equals(object o)
94 | {
95 | if (o == null) { return false; }
96 | ECElement e = o as ECElement;
97 | if ((System.Object)e == null)
98 | {
99 | return false;
100 | }
101 | return point.Equals(e.point);
102 | }
103 |
104 | public override string ToString(int radix = 16)
105 | {
106 | return "x=" + point.XCoord.ToBigInteger().ToString(radix) + "," + "y=" + point.YCoord.ToBigInteger().ToString(radix);
107 | }
108 |
109 | }
110 | }
111 |
--------------------------------------------------------------------------------
/UProveCrypto/SerializableWrapperClasses.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using System.Runtime.Serialization;
15 | using UProveCrypto.Math;
16 |
17 | namespace UProveCrypto
18 | {
19 |
20 | #region Serializable Wrapper Classes
21 |
22 | ///
23 | /// This class is a serializable version of Group used only during serialization.
24 | /// Serializing Group will result in the creation and serialization of this class instead.
25 | /// This class is also created upon deserialization. The ToGroup() method will be called
26 | /// by the surrogate class to create a new Group from this class.
27 | ///
28 | [DataContract]
29 | public class GroupSerializable
30 | {
31 | ///
32 | /// The type of the group.
33 | ///
34 | [DataMember(Order=0)]
35 | public string type;
36 |
37 | ///
38 | /// The name of the group.
39 | ///
40 | [DataMember(Name = "name", Order = 1, EmitDefaultValue = false)]
41 | public string name;
42 |
43 | ///
44 | /// Construct a GroupSerializable object from a Group object.
45 | ///
46 | /// The Group object being serialized.
47 | public GroupSerializable(Group group)
48 | {
49 | if (this.InRecommendedGroup(group.GroupName))
50 | {
51 | this.type = "named";
52 | this.name = group.GroupName;
53 | }
54 | else if (group.Type == GroupType.ECC)
55 | {
56 | this.type = "ec";
57 | this.name = null;
58 | }
59 | else
60 | {
61 | throw new UProveSerializationException("Invalid GroupConstruction");
62 | }
63 |
64 | return;
65 | }
66 |
67 | ///
68 | /// Deserialize this object into a Group object.
69 | ///
70 | /// The Group object represented by this GroupSerializable object.
71 | public Group ToGroup()
72 | {
73 | ParameterSet parameterSet;
74 |
75 | switch (type)
76 | {
77 | case "named":
78 | if (ParameterSet.TryGetNamedParameterSet(name, out parameterSet) == false)
79 | throw new UProveSerializationException("Unsupported named group :" + this.name);
80 | break;
81 |
82 | default:
83 | throw new UProveSerializationException("Invalid GroupConstruction: " + this.type);
84 | }
85 |
86 | return parameterSet.Group;
87 | }
88 |
89 | private bool InRecommendedGroup(string groupName)
90 | {
91 | switch (groupName)
92 | {
93 | case ECParameterSets.ParamSet_EC_P256_V1Name:
94 | case ECParameterSets.ParamSet_EC_P384_V1Name:
95 | case ECParameterSets.ParamSet_EC_P521_V1Name:
96 | case ECParameterSets.ParamSet_EC_BN254_V1Name:
97 | return true;
98 |
99 | default:
100 | return false;
101 | }
102 | }
103 |
104 | }
105 |
106 | #endregion
107 |
108 | }
109 |
--------------------------------------------------------------------------------
/UProveUnitTest/TestVectorData/testvectors_EC_D5_lite_doc.txt:
--------------------------------------------------------------------------------
1 | // U-Prove Cryptographic test vectors - V1.1 Revision 3
2 | // The following prefixes identify values for U-Prove extensions:
3 | // * 'ie_': identity escrow extension - draft revision 1
4 | // * 'r_': designated-verifier accumulator revocation extension - draft revision 2
5 | // * 'sm_': set membership extension - draft revision 1
6 | UIDh = SHA-256
7 | UIDp = 56312e31205265766973696f6e20335465737420566563746f7273202336
8 | GroupName = 1.3.6.1.4.1.311.75.1.2.1
9 | y0 = 4880a2d70dc48309857b4a14b9ac7086fe9660e1175e37c2fb45084de4cb2592
10 | g0.x = b3846b0f96190d5edbf17e7c63a06f3b83c95d2a4072dcdaf3dc65fc9eebb8ca
11 | g0.y = 33019f8098ccc7af12d515aa6a5296b6509e5847a574eed42acf0282aa1ecc81
12 | e1 = 00
13 | e2 = 01
14 | e3 = 01
15 | e4 = 00
16 | e5 = 00
17 | S = 49737375657220706172616d65746572732073706563696669636174696f6e
18 | A1 = 499602d2
19 | A2 = 416c69636520536d697468
20 | A3 = 555341
21 | A4 = 02
22 | A5 = 19
23 | TI = 546f6b656e20696e666f726d6174696f6e206669656c642076616c7565
24 | PI = 50726f76657220696e666f726d6174696f6e206669656c642076616c7565
25 | x1 = 499602d2
26 | x2 = 3e4668267d6a6fe778ec3a189b384b44d029f3edc3532d618b88a729adaea673
27 | x3 = 6ea19dcd4945a99795edb377600622d522b2e1986265efc569186ad3326c7427
28 | x4 = 2
29 | x5 = 19
30 | P = 9e3fc5141df5f6e3108b731c2150b16223cff964d308036cd417f347561e23f8
31 | xt = 424fc35d4eea72125ffa84ab303178ba9eed71d97848b1d8100ba8d06f47536
32 | gamma.x = e024cbe0dddd0c20e36b9b20b6d13586578ea86826bc5d30b795b8dda3ae0bb3
33 | gamma.y = b4441ca11ac09670a9680c9635fbd9c81115fc3f7dccc10d874c7dc2d35c1919
34 | sigmaZ.x = 2eaadac5b563ecb5faa369294ea3f89ef8dc519b395aa5d130d6d571d6594a3b
35 | sigmaZ.y = f9eccea4106534dbdf95ebefb691b6ca22ffb500233bcabfe9c40c85756ab784
36 | w = 12d895b8d4b281bf342dbcaac9c2c4c678ba31df61b1a3e949dfdbc7bc3625b9
37 | sigmaA.x = a5ba097ab26063c0afa1e7630715048ca5211b083b7bd35ed2b1121a56364bff
38 | sigmaA.y = 59a37c0a7e9e53ada69602cebecc52d692cd528b3f78866e2ab82962dd21c286
39 | sigmaB.x = 6aad42a2a6c5a7847518148c42a25906bd9eba51186761720cfb0b5e7c8f631
40 | sigmaB.y = 1c6f85a017aa50db7d2139237156f2a3db4bec358b0472b49657bb3af510402f
41 | alpha = 55b802e016b8b24b14a0ace9a28cf9398142d4299a46306035ac6ef4d7b903fe
42 | beta1 = 8025411c0e4afc007e5cac104ba46bde6a1467961fb1f0f87a1aa6a4abd735a
43 | beta2 = 9dade0a037e7789c921421b47c6f5b7b65b10e3573899d0ce345891f3945764a
44 | h.x = 8c7adb92f27a511f6dd945eefc107e991e8adbcf9853463e6a595f0427b752fb
45 | h.y = c018e7ac7b5670421a7846365ad0f5c5752211b7368dc99fdd1883f1feb56971
46 | alphaInverse = a8f67de337a1daa9be692f3c6c408005d682dca6a0648f5e155044ea9eabed57
47 | sigmaZPrime.x = b479827bedd95ea87f784a7a6bea995d5254dc026fe391c7ff4ede115361a38
48 | sigmaZPrime.y = 29fde9a816e52a93c1481bb9c21c939d725092e5daa8ff8f3663d0c6bd221d04
49 | sigmaAPrime.x = af6bea602b69aaca943d7ef1375632ad6b475e94016f1062ac9407118ba8a35c
50 | sigmaAPrime.y = 805d0f2aea97b056a115eec101f7cff778a1d3afbabdc6cdafbc9ef1c1a1e55e
51 | sigmaBPrime.x = 188b3e7946dce50effd499f4900177ae74d3bbc99c996cc68b4e28f5ac73572f
52 | sigmaBPrime.y = 238b04bca6e80ff071eabc845201809c8773cbe95d81f0f6f6885ff9b3e2b89
53 | sigmaCPrime = 3ea867bf361fb1e3bb76f52070a652b131c26a95080938e4068b0e284aa72af3
54 | sigmaC = 46aabbd0f70461a3c35cbfe17560996f1863b10e6a0457f38e2cb89295649e4d
55 | sigmaR = 92335914b9c420083e3a3d1b89c0d19ef2cab44b3c326e456cc0461084f769b3
56 | sigmaRPrime = 2fe139b5f1ab98a3d04e5ed006302d1a9b94c7d308a46ccd5c4c046cc1d9baac
57 | D = 1,2,3,4,5
58 | U =
59 | m = 56657269666965725549442b72616e646f6d2064617461
60 | md = 446972656374206d657373616765
61 | w0 = 726f2457d9a685ff29a9e74dd96a9218452e0498af3de71310d3bcf15d59634c
62 | a = 815cd87140dcf1e41ac6d17987de5127dfa7d0f847e6a6b81f2218694a08b851
63 | UIDt = 89c944f596400b3aa25a0a85e2e39c0742eaff36863f089a34634acf2052c79e
64 | cp = 1c94e7591c53bdf5daca336eeafd473bd08ab9b274b71801668e0cca6c102191
65 | c = 61c25ee023537bb7d51b174a3cca44100aaceb8b5d86ff3c7f77bbf89311a57d
66 | r0 = 994c90427bd57f573b7187ba44d98b1ed95f916258c7a4509a68a30ce9fecb45
67 |
--------------------------------------------------------------------------------
/UProveUnitTest/ProtocolHelperTest.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using Microsoft.VisualStudio.TestTools.UnitTesting;
15 | using UProveCrypto;
16 | using UProveCrypto.Math;
17 |
18 | namespace UProveUnitTest
19 | {
20 | [TestClass]
21 | public class ProtocolHelperTest
22 | {
23 |
24 | ///
25 | ///A test for ToBigInteger
26 | ///
27 | [TestMethod()]
28 | public void EncodingTest()
29 | {
30 | // a large value
31 | byte[] modulus = new byte[] {
32 | 0xef, 0x09, 0x90, 0x06, 0x1d, 0xb6, 0x7a, 0x9e,
33 | 0xae, 0xba, 0x26, 0x5f, 0x1b, 0x8f, 0xa1, 0x2b,
34 | 0x55, 0x33, 0x90, 0xa8, 0x17, 0x5b, 0xcb, 0x3d,
35 | 0x0c, 0x2e, 0x5e, 0xe5, 0xdf, 0xb8, 0x26, 0xe2,
36 | 0x29, 0xad, 0x37, 0x43, 0x11, 0x48, 0xce, 0x31,
37 | 0xf8, 0xb0, 0xe5, 0x31, 0x77, 0x7f, 0x19, 0xc1,
38 | 0xe3, 0x81, 0xc6, 0x23, 0xe6, 0x00, 0xbf, 0xf7,
39 | 0xc5, 0x5a, 0x23, 0xa8, 0xe6, 0x49, 0xcc, 0xbc,
40 | 0xf8, 0x33, 0xf2, 0xdb, 0xa9, 0x9e, 0x6a, 0xd6,
41 | 0x6e, 0x52, 0x37, 0x8e, 0x92, 0xf7, 0x49, 0x2b,
42 | 0x24, 0xff, 0x8c, 0x1e, 0x6f, 0xb1, 0x89, 0xfa,
43 | 0x84, 0x34, 0xf5, 0x40, 0x2f, 0xe4, 0x15, 0x24,
44 | 0x9a, 0xe0, 0x2b, 0xf9, 0x2b, 0x3e, 0xd8, 0xea,
45 | 0xaa, 0xa2, 0x20, 0x2e, 0xc3, 0x41, 0x7b, 0x20,
46 | 0x79, 0xda, 0x4f, 0x35, 0xe9, 0x85, 0xbb, 0x42,
47 | 0xa4, 0x21, 0xcf, 0xab, 0xa8, 0x16, 0x0b, 0x66,
48 | 0x94, 0x99, 0x83, 0x38, 0x4e, 0x56, 0x36, 0x5a,
49 | 0x44, 0x86, 0xc0, 0x46, 0x22, 0x9f, 0xc8, 0xc8,
50 | 0x18, 0xf9, 0x30, 0xb8, 0x0a, 0x60, 0xd6, 0xc2,
51 | 0xc2, 0xe2, 0x0c, 0x5d, 0xf8, 0x80, 0x53, 0x4d,
52 | 0x42, 0x40, 0xd0, 0xd8, 0x1e, 0x9a, 0x37, 0x0e,
53 | 0xef, 0x67, 0x6a, 0x1c, 0x3b, 0x0e, 0xd1, 0xd8,
54 | 0xff, 0x30, 0x34, 0x0a, 0x96, 0xb2, 0x1b, 0x89,
55 | 0xf6, 0x9c, 0x54, 0xce, 0xb8, 0xf3, 0xdf, 0x17,
56 | 0xe3, 0x1b, 0xc2, 0x0c, 0x5b, 0x60, 0x1e, 0x99,
57 | 0x44, 0x45, 0xa1, 0xd3, 0x47, 0xa4, 0x5d, 0x95,
58 | 0xf4, 0x1a, 0xe0, 0x71, 0x76, 0xc7, 0x38, 0x0c,
59 | 0x60, 0xdb, 0x2a, 0xce, 0xdd, 0xee, 0xda, 0x5c,
60 | 0x59, 0x80, 0x96, 0x43, 0x62, 0xe3, 0xa8, 0xdd,
61 | 0x3f, 0x97, 0x3d, 0x6d, 0x4b, 0x24, 0x1b, 0xcf,
62 | 0x91, 0x0c, 0x7f, 0x7a, 0x02, 0xed, 0x3b, 0x60,
63 | 0x38, 0x3a, 0x01, 0x02, 0xd8, 0x06, 0x0c, 0x27};
64 |
65 | FieldZq field = FieldZq.CreateFieldZq(modulus);
66 | for (int i=0; i<20; i++)
67 | {
68 | FieldZqElement r = field.GetRandomElement(false);
69 | FieldZqElement r2 = field.GetElement(r.ToByteArray());
70 | Assert.AreEqual(r, r2);
71 | }
72 | }
73 |
74 | ///
75 | ///A test for VerifyIssuerParameters
76 | ///
77 | [TestMethod()]
78 | public void VerifyIssuerParametersTest()
79 | {
80 | IssuerSetupParameters isp = new IssuerSetupParameters();
81 | isp.UidP = new byte[] { 1, 2, 3, 4, 5 };
82 | isp.E = IssuerSetupParameters.GetDefaultEValues(7);
83 | isp.UseRecommendedParameterSet = false;
84 | isp.GroupConstruction = GroupType.ECC;
85 | IssuerKeyAndParameters ikap = isp.Generate();
86 | IssuerParameters ip = ikap.IssuerParameters;
87 | ProtocolHelper.VerifyIssuerParameters(ip, false);
88 | byte[] g0Bytes = ip.G[0].GetEncoded();
89 | g0Bytes[g0Bytes.Length - 1]++;
90 | ip.G[0] = (ECGroupElement)ip.Gq.CreateGroupElement(g0Bytes);
91 | try { ProtocolHelper.VerifyIssuerParameters(ip, false); Assert.Fail(); } catch (InvalidUProveArtifactException) { }
92 | }
93 |
94 | }
95 | }
96 |
--------------------------------------------------------------------------------
/docs/testvectors/testvectors_EC_D5_doc.txt:
--------------------------------------------------------------------------------
1 | U-Prove Cryptographic test vectors - V1.1 Revision 3
2 | UIDh = SHA-256
3 | UIDp = 56312e31205265766973696f6e20335465737420566563746f7273202333
4 | GroupName = 1.3.6.1.4.1.311.75.1.2.1
5 | y0 = 706829ae33976b21ccc05acda91509ab06f6a64e58fb1998f01540ea145a877b
6 | g0.x = 41046b02e9075cd246fb294158dd2295e2619dade7c31118e0829dd0db82e2a5
7 | g0.y = 12334f0ba07345e0184141e06f8586a8e34fbe4e4cc7532f7631a76a19d3600d
8 | e1 = 01
9 | e2 = 01
10 | e3 = 01
11 | e4 = 00
12 | e5 = 00
13 | S = 49737375657220706172616d65746572732073706563696669636174696f6e
14 | ie_x = 54269903872b8bd8fed5496198e75c100f575696975fd754f90be1e57800c71
15 | ie_H.x = a11720d60652d6f8607e1cec625b0258f549703530fa51991164c563f47e4b72
16 | ie_H.y = 15acdf4ac6450d2ac72627f0a80cfd6412144a2689a7811f7438ceabb41ae6fc
17 | ie_additionalInfo = 494420457363726f7720706f6c696379
18 | A1 = 416c69636520536d697468
19 | A2 = 5741
20 | A3 = 313031302043727970746f20537472656574
21 | A4 = 01
22 | A5 = 499602d2
23 | TI = 546f6b656e20696e666f726d6174696f6e206669656c642076616c7565
24 | PI = 50726f76657220696e666f726d6174696f6e206669656c642076616c7565
25 | x1 = 3e4668267d6a6fe778ec3a189b384b44d029f3edc3532d618b88a729adaea673
26 | x2 = af93c647ca51d4c950a616f6aa4cca9c3995589b0710783c3e3a513caf244772
27 | x3 = 58f98bdb5985d501eac1de1057505c3782948c1b5949261d67cdeddf1bf49a5c
28 | x4 = 1
29 | x5 = 499602d2
30 | P = 659b0efa0a267396d74417b09ed6d42306bff82234efe76cf6c02e38831827c1
31 | xt = 62ae7f552399dd6e2f1d5a8d8183b9e9882afdc5f8302c5df0975e9c82548993
32 | gamma.x = 7c8a5b54fb33aea8259a16f042bf596da7bebdd68defdcc7b0bbb74bc795a7f7
33 | gamma.y = 8eb0f7194a0d56b90da7c9c09d13cf3332313b00041f3d7e59de15a34b2d818a
34 | sigmaZ.x = 6b94964cf943f3c5031fed96e0dbaabf93621b2fc1ce8a8ae5c3c5e0710657ef
35 | sigmaZ.y = 898b57596a5983704ab6860ff1c6b3c17c0ce458098b754f5d117cb155cb85d2
36 | w = 39dfc766ac7972943de9be6ba6837f619f7ee91fe51e119045f340a8b39a660f
37 | sigmaA.x = f4a389f4426c12c6dbc1a44dd2462bb917613cb75b3319d4693422a8660c516d
38 | sigmaA.y = a0babae2154280fa04a535dffad0f8dd72434751c522071a681a10022bb07d6e
39 | sigmaB.x = 811991f666f076c771d930567336f2f3e0b12ead7174b4808f38582f6bff7955
40 | sigmaB.y = e4f8b9a7c355439eb7a3223dab4c86be4fad32a27124ac9dee3ae6f580b3be4d
41 | alpha = e1e25c39c60f158783e02b80b692cfcc105c7ed996ed8c1acd3721b838cae0a2
42 | beta1 = 82af89c326459a9068619c04f290d9b2247497561c8d78f355416c8eed5d4fb8
43 | beta2 = ff88fd07080ba5cbc2ed70345088283c5e6e94c3338986f536966de4d90ba20b
44 | h.x = 2e4ab7f17a0654cc1efbe753c0ad950a8094ff1910effc07ba5011212183ebe0
45 | h.y = c85a14388a7dafcb3f793f04707619dbaee7e76027de599abaf1c18941b9a028
46 | alphaInverse = 41d41f4dcdad6cef2febf2cd6d4f92194262956bd260e3e5d5d3959c1dcded4a
47 | sigmaZPrime.x = f7653c98c12773f16b916f811f0acdeb30881c4f48a42745a06894219c0c714e
48 | sigmaZPrime.y = 8a8e5fbf7a0b7b5569da247645c612176a1375185b4fe1db44be47cec48bd44
49 | sigmaAPrime.x = 635384b3092dbeb6fd5db9df802a1934163d664ef7f504b423a7e8edde63e60d
50 | sigmaAPrime.y = f12c99db33cd175068288dc3c86ac8b8e379bac076467fbb768fa35a12df4545
51 | sigmaBPrime.x = f8304dd5c3b56031eb90b71a7bc47df54d395a34a573511db7bcfcf5139af050
52 | sigmaBPrime.y = a5d7dc9c3f88e824546852413eb4a9f8fe05f558a8cbbe5c2a7ceb31d7077fb7
53 | sigmaCPrime = 5c66599c41d84bc55bb4513113e12330f0c31cf4334d689036d8a7c2c5fd424b
54 | sigmaC = df15e35f681de655c415ed360671fce31537b44a4fdae1838c1a1451b35a9203
55 | sigmaR = 9820594467a37bf3d1162d576bb7ab181d82d92756bf1b5d7369a51636505741
56 | sigmaRPrime = 97a9564c6faf21be94039d8bbc3fd354bf0a733ce33103cdb646483812f8d3fb
57 | D = 1,2,3,4,5
58 | U =
59 | m = 56657269666965725549442b72616e646f6d2064617461
60 | md = 446972656374206d657373616765
61 | w0 = 12e3046993d1aa18cecc942e1c43a2cd192f307fc88c85760208d0729dc1f1b7
62 | a = 5690371bf8a8425281e473c26f15bf05e995eb4ae7d0ecd7349c734df592ce8f
63 | UIDt = ec3adb95938b977307009d66e83cfe71bd2a0dafd9e238762a596697f97dbd0b
64 | cp = ec9869e4d56f54ce1fe18a856d0fbd2955b2204d2ab442e5f1cd702727a4b839
65 | c = 3fb3474e1cc538c8c910b15ceb03a5f7fb3ad8cb090250d40c44fb27079e2597
66 | r0 = a0016de5979139da258bdc6a29e90e6c42f6bae6a43afc1745e03c898c1fb348
67 |
--------------------------------------------------------------------------------
/UProveCrypto/Math/bc/ECGroupElementBCImpl.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | #if BOUNCY_CASTLE
15 |
16 | using System;
17 | using BouncyCastle;
18 |
19 | namespace UProveCrypto.Math.BC
20 | {
21 | ///
22 | /// An element of a group using the elliptic curve construction.
23 | ///
24 | internal class ECGroupElementBCImpl : ECGroupElement
25 | {
26 | ///
27 | /// A Bouncy Castle FpPoint representing the point.
28 | ///
29 | internal FpPoint Point { get; private set; }
30 |
31 | ///
32 | /// Create an ECGroupElementBCImpl object.
33 | ///
34 | /// A Bouncy Castle FpPoint object.
35 | public ECGroupElementBCImpl(FpPoint point)
36 | {
37 | Point = point.Normalize() as FpPoint;
38 | }
39 |
40 | ///
41 | /// Returns this^exponent.
42 | ///
43 | /// The exponent.
44 | /// A group element.
45 | public override GroupElement Exponentiate(FieldZqElement exponent)
46 | {
47 | return new ECGroupElementBCImpl(
48 | Point.Multiply( (exponent as FieldZqElementBCImpl).i) as FpPoint );
49 | }
50 |
51 | ///
52 | /// Returns this*a.
53 | ///
54 | /// The operand.
55 | /// A group element.
56 | public override GroupElement Multiply(GroupElement a)
57 | {
58 | return new ECGroupElementBCImpl(
59 | Point.Add( (a as ECGroupElementBCImpl).Point) as FpPoint );
60 | }
61 |
62 | ///
63 | /// Returns a value indiciating whether this instance is equal to the
64 | /// specified object.
65 | ///
66 | /// An object to compare to this instance.
67 | /// True if this object equals the other object.
68 | public override bool Equals(Object o)
69 | {
70 | if (o == null)
71 | {
72 | return false;
73 | }
74 |
75 | ECGroupElementBCImpl e = o as ECGroupElementBCImpl;
76 | if (e == null)
77 | {
78 | return false;
79 | }
80 |
81 | return Point.Equals(e.Point);
82 | }
83 |
84 | ///
85 | /// Returns the hashcode for this instance.
86 | ///
87 | /// The hashcode for this instance.
88 | public override int GetHashCode()
89 | {
90 | return Point.GetHashCode();
91 | }
92 |
93 | ///
94 | /// Updates the specified hash function with the group element.
95 | ///
96 | /// An instanciated hash function.
97 | internal override void UpdateHash(HashFunction h)
98 | {
99 | h.Hash(Point.GetEncoded());
100 | }
101 |
102 | ///
103 | /// Returns an encoded group element. The element can be parsed by calling
104 | /// the corresponding group's CreateGroupElement method.
105 | ///
106 | /// Encoded group element.
107 | public override byte[] GetEncoded()
108 | {
109 | return Point.GetEncoded();
110 | }
111 | }
112 | }
113 |
114 | #endif
--------------------------------------------------------------------------------
/docs/testvectors/testvectors_EC_D2_lite_doc.txt:
--------------------------------------------------------------------------------
1 | U-Prove Cryptographic test vectors - V1.1 Revision 3
2 | UIDh = SHA-256
3 | UIDp = 56312e31205265766973696f6e20335465737420566563746f7273202335
4 | GroupName = 1.3.6.1.4.1.311.75.1.2.1
5 | y0 = a6aba74b82f70f5fbc6366442fa8fa8dba7af900841fa4d3030cbba57526f3e
6 | g0.x = 29fb21eec2ca3b81e5e8261debe078afc6b8ceb0e55d3a6a5fb463e9ca9bf9c2
7 | g0.y = 6d3963868d3b7f0555e6fd8789c1e332cd2820e22934e7b5312cba80a074ff4e
8 | e1 = 01
9 | e2 = 01
10 | e3 = 01
11 | e4 = 00
12 | e5 = 00
13 | S = 49737375657220706172616d65746572732073706563696669636174696f6e
14 | A1 = 416c69636520536d697468
15 | A2 = 5741
16 | A3 = 313031302043727970746f20537472656574
17 | A4 = 01
18 | A5 = 499602d2
19 | TI = 546f6b656e20696e666f726d6174696f6e206669656c642076616c7565
20 | PI = 50726f76657220696e666f726d6174696f6e206669656c642076616c7565
21 | x1 = 3e4668267d6a6fe778ec3a189b384b44d029f3edc3532d618b88a729adaea673
22 | x2 = af93c647ca51d4c950a616f6aa4cca9c3995589b0710783c3e3a513caf244772
23 | x3 = 58f98bdb5985d501eac1de1057505c3782948c1b5949261d67cdeddf1bf49a5c
24 | x4 = 1
25 | x5 = 499602d2
26 | P = e46030735af47d7f6f7003a2932dc675e2df71c2225b80c2a2916b9f2060449d
27 | xt = 737e093c37e7ce3da686d4ef42f7663da6f16e49eb718c29b1736f8e8ed12c7b
28 | gamma.x = 9f7d798e68b8f58dc84b0ccbfd07c088f8d0fd68ba61a28bd9924ab9d5e53b89
29 | gamma.y = ab3fd9346277deb4fdfbd4cf40cbb37f3f90b6960d419508fb1249e2c89bcfc1
30 | sigmaZ.x = b661e7e747d912e456e1b6536e682e4b57bb31906f6de0d06a6ce1809720963c
31 | sigmaZ.y = be542941febcb7957a169a4bea41cb221d2a44a2c1b003e80788781c4bb276db
32 | w = 3a938308c8b73a93883df4b440fe9d692b084b0d2b8eb1c8706c438763b69da8
33 | sigmaA.x = 58b27f3183e89943d898e8e273b7e464d7d03c88d8f8a58e2b2708cacdbbc5f6
34 | sigmaA.y = a6bdd5b8caa59a39b052db325c69740256184b0525fc058f238e4dec74dc45fb
35 | sigmaB.x = 8b8ddb541070bb4f5805e33b0464963e864edaeeb7ca350e7bbb4e97a302c5c4
36 | sigmaB.y = fe30399f487cba7c191d3a7d08507912173e74c45b39f5e9657b486403d747cd
37 | alpha = 56f729ae7786df236c1c08cb4d450d3293618e4f066112ace2ba975c73b22fd1
38 | beta1 = 9f4b5d48d4eef2a42928a00f85e67a2a5f11f401274ea1f4e47cccbcef83afba
39 | beta2 = ec362b01e8c45da46fea26dec10326fc406dfc62bd2eaa51aa6863572236b5a6
40 | h.x = bab28428a4fcdac09f489b8a60ac464acbc658bc9bb3d9b76ceebbb9aaca6c0c
41 | h.y = 64cb93c0c508dc8bc5a84d47ee52afade1f57f4047000f9bfc0262b26da064f
42 | alphaInverse = 74cff87d69124a6b0f9b7a754cb199054841cf156edafebb8a79624f0aeee1d1
43 | sigmaZPrime.x = b7307306b0710e153c0040239b03e3ac72ee0b4c09fe7431bf230d841aa7ac36
44 | sigmaZPrime.y = 5fc3cf6eaa31dae0b8eee9a4984c84fd2d7248f5b54b62b3fd089adea547f008
45 | sigmaAPrime.x = 6fe4049ec212765b219d7925e9fba1b8769641e5a2d8cc7d3afaad7061bac830
46 | sigmaAPrime.y = efe335d7759ba9a2e0fa11949e1f5565ddca6d4e09496cc6987f143a1faac91b
47 | sigmaBPrime.x = 82ffd18b249e58b677bc1076d90c5bec5bc6524f60ae6407cb6885b871f7aa89
48 | sigmaBPrime.y = 90073801c10de596b2b9e1064a2185432fad755552e8d2e460c03fe01cd030a3
49 | sigmaCPrime = 6391255cd7aafe8f11866f4eb81326cefa0350b1f06c028a0209ac16a2a9eba2
50 | sigmaC = 2dc82a6ac99f1323aaf0f5e3df9a0f99c2e4a0570a305f9f2ccae1095ca760b
51 | sigmaR = e78e209c2c59dd3b9ffb176bb7809ac440dd0bf015a14ca0fe0f657681fe1a21
52 | sigmaRPrime = d3c44b9f151e3adf0fe53e4a7883c1c0c4640da52bb8586db4bdfe0aa7d1aa76
53 | D = 2,5
54 | U = 1,3,4
55 | m = 56657269666965725549442b72616e646f6d2064617461
56 | md = 446972656374206d657373616765
57 | w0 = 78e6234fba78429bb450923d27c233e156d07b81864dfcbe8cd9577f60058138
58 | w1 = 348066dadfd741c72b61ad6d9b6c29e734810151ba331f2aea65c3e021c23aae
59 | w3 = ce5a08a75b59027f8fb456259f8e221fb06f4adf042f7d01613cef7a1460a568
60 | w4 = 27ff9e4164818cdb7f82c205dcf98a5b42a330b2775aa99edc07461f69876b2e
61 | a = cc7e6606fc61063b92e8d0eaa7dbb0942f99ad02af355df01ba9d56b1fd58333
62 | UIDt = c9a4c12c656ab5fb3134d14d48d1020354c5f17d2258fdc4c65e57673ecc24dc
63 | cp = 0ee624e85271137640fa27fc1039c0326f7943ae0f963e88d6b3d4da8ced7d49
64 | c = da609b238aed949ba91ef469dadd20602f1f8bdafdbc52824caaf8eb920e851f
65 | r0 = a9297d8e3eb3e788c83283de11544546c92c04d54b09b056f6545e5d7274e866
66 | r1 = b649f1ed298fac8040d9d10972c9d6f90309227678dcf9c1c9ccd9d7e6e15fe8
67 | r3 = 86c33e1156b947789e23a969017f3680f2b53d9f60afee5296f5d3cdb1e2fb95
68 | r4 = 4d9f031cd993f840d663cd9c021c69fad06a9f8520b5f5a1831617f6d3dc0b60
69 |
--------------------------------------------------------------------------------
/UProveCrypto/GroupElement.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using System.Runtime.Serialization;
15 | using UProveCrypto.Math;
16 |
17 | namespace UProveCrypto
18 | {
19 | ///
20 | /// Represents an element of Gq.
21 | /// The group operation uses the multiplication notation.
22 | ///
23 | [DataContract]
24 | public abstract class GroupElement
25 | {
26 | #region Static Methods
27 | ///
28 | /// Returns a*b.
29 | ///
30 | /// First operand.
31 | /// Second operand.
32 | /// A group element.
33 | public static GroupElement operator *(GroupElement a, GroupElement b)
34 | {
35 | return a.Multiply(b);
36 | }
37 |
38 | ///
39 | /// Returns true if a == b, false otherwise.
40 | ///
41 | /// First operand.
42 | /// Second operand.
43 | /// True if a == b.
44 | public static bool operator ==(GroupElement a, GroupElement b)
45 | {
46 | if ((object)a == null)
47 | {
48 | return ((object)b == null);
49 | }
50 |
51 | return a.Equals(b);
52 | }
53 |
54 | ///
55 | /// Returns true if a != b, false otherwise.
56 | ///
57 | /// First operand.
58 | /// Second operand.
59 | /// True if a != b.
60 | public static bool operator !=(GroupElement a, GroupElement b)
61 | {
62 | return !(a == b);
63 | }
64 |
65 | #endregion
66 |
67 | ///
68 | /// Returns this^exponent.
69 | ///
70 | /// The exponent.
71 | /// A group element.
72 | public abstract GroupElement Exponentiate(FieldZqElement exponent);
73 |
74 | ///
75 | /// Returns this*a.
76 | ///
77 | /// The operand.
78 | /// A group element.
79 | public abstract GroupElement Multiply(GroupElement a);
80 |
81 | ///
82 | /// Returns a value indiciating whether this instance is equal to the
83 | /// specified object.
84 | ///
85 | /// An object to compare to this instance.
86 | /// True if this object equals the other object.
87 | public override abstract bool Equals(object obj);
88 |
89 | ///
90 | /// Returns the hashcode for this instance.
91 | ///
92 | /// The hashcode for this instance.
93 | public override abstract int GetHashCode();
94 |
95 | ///
96 | /// Updates the specified hash function with the group element.
97 | ///
98 | /// An instanciated hash function.
99 | internal abstract void UpdateHash(HashFunction h);
100 |
101 | ///
102 | /// Returns an encoded group element. The element can be parsed by calling
103 | /// the corresponding group's CreateGroupElement method.
104 | ///
105 | /// Encoded group element.
106 | public abstract byte[] GetEncoded();
107 | }
108 | }
109 |
--------------------------------------------------------------------------------
/UProveUnitTest/TestVectorData/testvectors_EC_D2_lite_doc.txt:
--------------------------------------------------------------------------------
1 | // U-Prove Cryptographic test vectors - V1.1 Revision 3
2 | // The following prefixes identify values for U-Prove extensions:
3 | // * 'ie_': identity escrow extension - draft revision 1
4 | // * 'r_': designated-verifier accumulator revocation extension - draft revision 2
5 | // * 'sm_': set membership extension - draft revision 1
6 | UIDh = SHA-256
7 | UIDp = 56312e31205265766973696f6e20335465737420566563746f7273202335
8 | GroupName = 1.3.6.1.4.1.311.75.1.2.1
9 | y0 = 5add26600d2bc6e87e88974eb27caee520f254c4dc722f2eb020e999649defd
10 | g0.x = 51bb138a475ae99181270e9e8e1b08f4b87ee6f45682844db4481def0779d3c2
11 | g0.y = 872f871cfdb22bfc0115d8f45cbb50c9a59ef54d069253c2cf41049958bc4e89
12 | e1 = 00
13 | e2 = 01
14 | e3 = 01
15 | e4 = 00
16 | e5 = 00
17 | S = 49737375657220706172616d65746572732073706563696669636174696f6e
18 | A1 = 499602d2
19 | A2 = 416c69636520536d697468
20 | A3 = 555341
21 | A4 = 02
22 | A5 = 19
23 | TI = 546f6b656e20696e666f726d6174696f6e206669656c642076616c7565
24 | PI = 50726f76657220696e666f726d6174696f6e206669656c642076616c7565
25 | x1 = 499602d2
26 | x2 = 3e4668267d6a6fe778ec3a189b384b44d029f3edc3532d618b88a729adaea673
27 | x3 = 6ea19dcd4945a99795edb377600622d522b2e1986265efc569186ad3326c7427
28 | x4 = 2
29 | x5 = 19
30 | P = f2ea8c368e8f3456e95376fb8977a0a18178bffccb1849033c662dd9a7f708c2
31 | xt = 1c1debf03e2c79b895c1ed4d095a7a744a76e326da15b982dcc17dfa8cd6fc0b
32 | gamma.x = e4ecff64de99b14249c01ff467d720b0175f62a545452e7c53c87a8247fd5992
33 | gamma.y = f7b6c63b855c17083fcbe8358f9dfdeec7512ed455c712277dd34208a848703a
34 | sigmaZ.x = 9464ffed301fa4d89d95056edba4d38b044d13ce3749d576d09cb7d9b9248836
35 | sigmaZ.y = 1526893d276421f0b2fb76744789fe6c1c41b89cd16b5f64b879bc46058d6d6
36 | w = 9db5e1dcf6a13637e680d6c44b18fbf81bd37d39e400ea3e8ae07bfec422d83d
37 | sigmaA.x = 7dee3bfc8be4fa84dc16ff26877c90397a6d0cb47dba1af968ec0e08112dcf2d
38 | sigmaA.y = 1b56f696ec591ec71ba0e824d263233cea97686202440c035faa2f948e3d201e
39 | sigmaB.x = 360dd80a5cef05b47bdaaab29aa26e5d605ef9912de08d62dd375faddbfa5c14
40 | sigmaB.y = d70c25f7c0cd9c636ec506127b2835f220a725f616707d36a8b738c1525fca58
41 | alpha = 98bd73645eef8b1d9ee66cdf15da7d207157dc2cba5199ccba35115263873c3
42 | beta1 = a898babf41c4b32cdbcc60f59a1d4d2c38a9f6aea5157264723a6ba19de38aa1
43 | beta2 = 7ba22458a2e890426150e7fe442302ad5624dc7c41c41e9226564c0759118ff7
44 | h.x = 85ab09885d81bfc06a9718a18e5dc4050557a56ae046afb678008d872111be38
45 | h.y = d5e6fd47625e7bbd3f128765cb53e1063470f4c3878ec50ead9db36d4b68dd3d
46 | alphaInverse = 6dd6fa61327745f4e0e33fe68dca2c9e58003e6655f81d0901b0a18541ba14f7
47 | sigmaZPrime.x = dac50059403908f014cfbcb17fc8b83448abea3dbb43b7a06aaa973b6167be60
48 | sigmaZPrime.y = 701481293c092cdf384d91243afaac1a3c668116461e1b505bbee234f394178e
49 | sigmaAPrime.x = 6c0ab7b700658bcc844cc0b1cc4daca1531bb5e9fedb2b50efbcbe3646b1ee32
50 | sigmaAPrime.y = 4b22113a5ff5b20d8938126d9a89ba2e49e0b0785eb0fe329a71a8c08698b8e4
51 | sigmaBPrime.x = 65e1860d6ba8744b90e937b898fc338e25ec79a0ca56036f80cf166719bfe5f3
52 | sigmaBPrime.y = caa40ea452b1b0039e3c386723289282bed4abc8e745b1a2e1ea7c4729cdb129
53 | sigmaCPrime = cafe9a80d3088db7f7ef95e456dbe352cedc5656c409f24422bd3ec2490f9312
54 | sigmaC = 7397554114cd40e3d3bbf6d9f0f9307f4a9f5257c207c623a13ddfa0ea8ff862
55 | sigmaR = 8bd10a9754d3c0ca936fbff85deb5d702bbfb62e9a0fdcc2e6b8a709a19c50ac
56 | sigmaRPrime = 7732ef0f7bc510bf4c0a7f6a20e601dc4fd97fd34bc5cd01955284dfe4abb52
57 | D = 2,5
58 | U = 1,3,4
59 | m = 56657269666965725549442b72616e646f6d2064617461
60 | md = 446972656374206d657373616765
61 | w0 = 42bf7af7f8f48a5019b34c542e73204f37bd4b78060d5fb68492324c9c88e850
62 | w1 = c0efbc85a80bb4629a8c638e77ca63b235fcd09cc617f13460c37266c13db490
63 | w3 = cafc933eb79aa72b08e8de7aaad13fba2e80169fb84c89a9fd8825e4994ea05d
64 | w4 = d7d3c37a3625fa9b55a493dd3977898f84b837412614d77d72e9402f75c292ba
65 | a = 3d7516061cb24f54a27adef41f526b6d7567a76aaa8ea37cea98f3becc707ef8
66 | UIDt = a5c1244139cf04a5e0d131f95ac1ee938c4a3e301b54ec5d422511f27e1fd8af
67 | cp = 2ffb644c0d13c7298c985a31f89a24339fee2035eb3ab9a95c58c8e0b23ba480
68 | c = 887c1712690ae48924e295c32848be87bba971002f6e3eba17bdb06428570136
69 | r0 = 1846f2aeda5788cc954d3187a9e4ac75cd1674a224ead4010b83a83d399f354b
70 | r1 = e6fda6418aae4ceb2cabaa32784d637bb6332ef2f5d3fca4fa2ca67494eafd7f
71 | r3 = 9a7d4c12fcc86984df27e28748a61e4b58746c732a4406a931ed93d90482230
72 | r4 = c6db95546410318a0bdf6856e8e60c7fca4c4fee6e4ff88e3727aa2a2177b59f
73 |
--------------------------------------------------------------------------------
/UProveCrypto/Serialize.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using System;
15 | using System.IO;
16 | using System.Runtime.Serialization;
17 | using System.Runtime.Serialization.Json;
18 | using System.Text;
19 |
20 | namespace UProveCrypto
21 | {
22 | ///
23 | /// Defines an object that requires an IssuerParameters instance to
24 | /// complete the deserialization of an object.
25 | ///
26 | public interface IParametrizedDeserialization
27 | {
28 | ///
29 | /// Completes the deserialization of the object.
30 | ///
31 | /// The Issuer parameters used to parse the algebraic elements.
32 | void FinishDeserialization(IssuerParameters ip);
33 | }
34 |
35 | ///
36 | /// An object used for serializing various U-Prove types.
37 | ///
38 | public class Serializer
39 | {
40 |
41 | private static Type[] knownTypes = new Type[] { };
42 |
43 | internal string GetJson(T obj)
44 | {
45 | string result;
46 |
47 | try
48 | {
49 | using (MemoryStream ms = new MemoryStream())
50 | {
51 | DataContractJsonSerializer jsonSerializer =
52 | new DataContractJsonSerializer(typeof(T), Serializer.knownTypes);
53 |
54 | jsonSerializer.WriteObject(ms, obj);
55 | ms.Position = 0;
56 |
57 | StreamReader reader = new StreamReader(ms);
58 | result = reader.ReadToEnd();
59 | }
60 | }
61 | catch (UProveSerializationException exp)
62 | {
63 | throw new SerializationException(typeof(T).Name + ":" + exp.Field);
64 | }
65 | catch (Exception exp)
66 | {
67 | throw new SerializationException(typeof(T).Name, exp);
68 | }
69 |
70 | return result;
71 | }
72 |
73 | internal T FromJson(string jsonString)
74 | {
75 | T result = default(T);
76 |
77 | UTF8Encoding encoding = new UTF8Encoding();
78 | byte[] bytes = encoding.GetBytes(jsonString);
79 |
80 | try
81 | {
82 | using (MemoryStream ms = new MemoryStream(bytes))
83 | {
84 | DataContractJsonSerializer jsonSerializer =
85 | new DataContractJsonSerializer(typeof(T), Serializer.knownTypes);
86 |
87 | result = (T)jsonSerializer.ReadObject(ms);
88 | }
89 | }
90 | catch (UProveSerializationException exp)
91 | {
92 | throw new SerializationException(typeof(T).Name + ":" + exp.Field);
93 | }
94 | catch (Exception exp)
95 | {
96 | throw new SerializationException(typeof(T).Name, exp);
97 | }
98 |
99 | return result;
100 | }
101 | }
102 |
103 | ///
104 | /// An exception caused in the process of serializing U-Prove types.
105 | ///
106 | public class UProveSerializationException : Exception
107 | {
108 | internal UProveSerializationException()
109 | {
110 |
111 | }
112 |
113 | ///
114 | /// Construct a serialization exception.
115 | ///
116 | /// The name of the field being serialized/deserialized.
117 | public UProveSerializationException(string fieldName)
118 | {
119 | this.Field = fieldName;
120 | }
121 |
122 | internal string Field
123 | {
124 | get;
125 | set;
126 | }
127 | }
128 | }
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # U-Prove Crypto SDK V1.1.3 (C# Edition)
2 |
3 |
4 | The __U-Prove Crypto SDK__ V1.1 (C# Edition) implements the U-Prove Cryptographic
5 | Specification V1.1 Revision 5 [UPCS]. This SDK was developed by Microsoft to
6 | support experimentation with the foundational features of the U-Prove technology.
7 | It is made available under the Apache 2.0 open-source license, with patent
8 | rights granted under the Open Specification Promise.
9 |
10 | For an overview of the U-Prove technology, see the [technology overview](./docs/U-Prove%20Technology%20Overview%20V1.1%20Revision%203.pdf).
11 | For more information about U-Prove, visit http://www.microsoft.com/u-prove.
12 |
13 |
14 |
15 | ## CONTENTS:
16 |
17 | - LICENSE: The license and patent grant under which this package is distributed
18 | - docs\: documentation and test vectors
19 | - ThirdParty\: Bouncy Castle library files
20 | - UProveCrypto.sln: Visual Studio solution file
21 | - UProveCrypto\: SDK project
22 | - UProveParams\: Recommended parameters generation project (not included in
23 | solution by default)
24 | - UProveSample\: Sample project
25 | - UProveTestVectors\: Test vectors generation project (not included in
26 | solution by default)
27 | - UProveUnitTest\: Unit test project
28 |
29 |
30 |
31 | ## REQUIREMENTS
32 | - .NET SDK 6.0.x or 7.0.x https://dotnet.microsoft.com/en-us/download/dotnet/6.0
33 | - C#
34 |
35 |
36 |
37 | ## BUILDING THE SDK:
38 |
39 | #### Visual Studio 2022
40 | Open the solution file (UProveCrypto.sln) in Visual Studio 2022 and select __Build Solution__ from the __Build__ menu.
41 |
42 | #### Visual Studio Code
43 | Open the project folder with VS Code. Select the __Terminal__ menu; select __Run Build Task...__ (Ctrl+Shift+b)_ to perform a build. For a Debug build, select the __Terminal__ menu; select __Run Task...__; select __build Debug__ from the command menu.
44 |
45 | #### Command Line
46 | One a command line with __dotnet__ (6.0.x+) available, run `dotnet build`. You can specifiy the build config with the additional `-c Debug` or `-c Release` parameters.
47 |
48 |
49 |
50 | ## GENERATING RECOMMENDED PARAMETERS AND TEST VECTORS
51 |
52 | Recommended parameters [UPRP] and test vectors [UPTV] used by the U-Prove SDK
53 | can be re-generated for validation purposes by loading and running the UProveParams
54 | and UProveTestVectors projects, respectively. The projects depend on the full
55 | BouncyCastle library, and are therefore not included in the UProveCrypto.sln file
56 | by default. BouncyCastle must be obtained from
57 | http://www.bouncycastle.org/csharp/, the compiled DLL must be placed under
58 | "ThirdParty\BouncyCastle\bc\BouncyCastle.dll", and the two projects must be added
59 | to the solution before compiling it.
60 |
61 |
62 |
63 | ## USING THE UNIT TESTS:
64 |
65 | #### Visual Studio 2022
66 |
67 | In the __Test__ menu of Visual Studio, select the __Run All Tests__ (Ctrl+R,A). Note that a complete test run takes some
68 | time to complete.
69 |
70 | #### Visual Studio Code
71 | Select the __Terminal__ menu; select __Run Task...__; select __test__ from the command menu.
72 |
73 | #### Command Line
74 | One a command line with __dotnet__ (6.0.x) available, run `dotnet test -v n`.
75 |
76 |
77 |
78 | ## USING THE SDK:
79 |
80 | Add the UProveCrypto assembly to the set of References for a project.
81 |
82 |
83 |
84 | ## NOTES:
85 |
86 | This code was formerly hosted on CodePlex (https://uprovecsharp.codeplex.com).
87 | The following changes have been made to the original code:
88 | - The solution has been updated to Visual Studio 2022.
89 | - The Bouncy Castle patch (https://uprovecsharp.codeplex.com/SourceControl/list/patches)
90 | has been applied, improving efficiency of math operations.
91 |
92 |
93 |
94 | ## REFERENCES:
95 |
96 |
97 | [UPCS] Christian Paquin, Greg Zaverucha. U-Prove Cryptographic Specification V1.1 Revision 5.
98 | Microsoft Corporation, March 2023.
99 | ([link](./docs/U-Prove%20Cryptographic%20Specification%20V1.1%20Revision%205.pdf))
100 |
101 | [UPTV] U-Prove Cryptographic Test Vectors V1.1 Revision 3
102 | [docs/testvectors](./docs/testvectors/)
103 |
104 | [UPRP] U-Prove Recommended Parameters Profile V1.1 Revision 3
105 | ([link](./docs/U-Prove%20Recommended%20Parameters%20Profile%20V1.1%20Revision%203.pdf))
106 |
--------------------------------------------------------------------------------
/docs/testvectors/testvectors_EC_Device_D5_lite_doc.txt:
--------------------------------------------------------------------------------
1 | U-Prove Cryptographic test vectors - V1.1 Revision 3
2 | UIDh = SHA-256
3 | UIDp = 56312e31205265766973696f6e20335465737420566563746f727320233138
4 | GroupName = 1.3.6.1.4.1.311.75.1.2.1
5 | y0 = fb5b0af72f61b4bd8d403c28beff4b0af7c50b3d7dac94e10f9cf787d444dcae
6 | g0.x = aad30ee459d7b51e231546b5eb24ee32b1953968159a728e885ea1c071423f43
7 | g0.y = 9d019ab6e29997e5b3830e287e55a59fbc10360e1b1e00f044106d15512ed7ba
8 | e1 = 01
9 | e2 = 01
10 | e3 = 01
11 | e4 = 00
12 | e5 = 00
13 | S = 49737375657220706172616d65746572732073706563696669636174696f6e
14 | A1 = 416c69636520536d697468
15 | A2 = 5741
16 | A3 = 313031302043727970746f20537472656574
17 | A4 = 01
18 | A5 = 499602d2
19 | TI = 546f6b656e20696e666f726d6174696f6e206669656c642076616c7565
20 | PI = 50726f76657220696e666f726d6174696f6e206669656c642076616c7565
21 | x1 = 3e4668267d6a6fe778ec3a189b384b44d029f3edc3532d618b88a729adaea673
22 | x2 = af93c647ca51d4c950a616f6aa4cca9c3995589b0710783c3e3a513caf244772
23 | x3 = 58f98bdb5985d501eac1de1057505c3782948c1b5949261d67cdeddf1bf49a5c
24 | x4 = 1
25 | x5 = 499602d2
26 | P = 81667e59b43b4c8f6d6ef0294166c39ef3a34e0e43c1878991d0d516334534c6
27 | xt = 15e353d2cdf9e8f33ee289256c65b2c4d357bf6cc36876229f0fc54b322deb47
28 | xd = 6d227887737cd0299a985728849fee621a269d8917bdcef503116943e3f64a11
29 | hd.x = 793ebe3840a373eab3abb004aa3d613ff0c1a9e1621052f8c50f187e7b76edb
30 | hd.y = c1d952f2c5df767df26416eb584c64180d2a7f28368b91a2d90525bc46e5b9ee
31 | gamma.x = 36cae92c40c80b32c4df0819cde10a0b782205bc18f509eefcf54f98318af725
32 | gamma.y = c815f349c4a559272f47b333da680f25331b7cb074adef73bc884d661948fdfc
33 | sigmaZ.x = c1c1cd831b0abcb09323190231004ebb37673b40b1fa6af7e5652946312ad82e
34 | sigmaZ.y = 2f671f4dfe97de16a3a47a17eb6f3ecf5a8311e8dfff15aa17bfaed48bf9de2d
35 | w = 84a1ebf214c6537dfd659ec69e99fc67fdb7eafe33423d4fc728e793692de848
36 | sigmaA.x = cadf9bca70a5d7730d6ac05574eeaa4f8a63eb561e0b1fe6a778d873e7d78696
37 | sigmaA.y = 5f27a044497521acf49423251a00f3cb532630c476af123115bf7946e449404a
38 | sigmaB.x = 9488353ea511126c017c683245c1df8fcb6c5014d2cdee962b9007a3e20ac52e
39 | sigmaB.y = 5d7ec425738ba214e96840dccf2cc42bdc7bf57436c182f1d6d7ff79a1cc9779
40 | alpha = 638ea41d1459f531728d40180dce42769f8f891d5ade7b41649c2aebdfc013d0
41 | beta1 = 7c566210f5df53a4c1b98ca5022441f9e670f3daa3caee851362b8782e0951b1
42 | beta2 = 79709bb76b3181c03ce55ba152d53e3f5a31046ecd392cb167ddfd9226db75b7
43 | h.x = b32e00dca64a7e3618e540bc19eb0179668b5b7e1363983e95a1f2f6bad58d43
44 | h.y = 3f3051119060b4e1d4ca42178fb8dc66cc1820f3bfc41deda71b71871508f0d6
45 | alphaInverse = 11116ca23c84f32b161bf5cea606a875b48f8e9a629701d38688e6704af2110f
46 | sigmaZPrime.x = 3b89b54b6e92ba2fea0bc33ce49e630dc22c053f504eced2b02772e8f8956110
47 | sigmaZPrime.y = 3365f070b4abaeb05c7f44ff4fa454dbf8e96e9416d9a987b52c905bf8178796
48 | sigmaAPrime.x = 4d8f8595354e313d38b70f6b0cc11a13be72a9f3b6f4998165309f19d5c70c71
49 | sigmaAPrime.y = 9697e1aea2b80da339f2b52c663b4bafa51f2b8225d83d360003c159b174ec87
50 | sigmaBPrime.x = c6d67265d145ab798c4795b24bc36e8c425697a48aaf0fa4772c5790758edb71
51 | sigmaBPrime.y = 60a40b0a4b6578282fb44f828d78b87318d5696a0f4f550d3003ac5bbcddbde2
52 | sigmaCPrime = e8505da68045ca72b54c6eef01c65b65b14350f06516eab42e947c09ac6ab95f
53 | sigmaC = 64a6bfb876251e167705fb9403ea9d5fdacd4a1d61ca3ab44e3d69bede10e5bf
54 | sigmaR = 169f06cf98b3cdc6b70f296a53bf77073675204fc08308c469d9c2c75d0d4e1d
55 | sigmaRPrime = 900fa28703e54f86f3f4850ba694b54690a624be8dbc3575d1b7c05983e8c3d4
56 | D = 1,2,3,4,5
57 | U =
58 | m = 56657269666965725549442b72616e646f6d2064617461
59 | md = 446972656374206d657373616765
60 | w0 = 67da2c92898a8db5ee329ebe6f4d323d23791dfd05e2e33f43e94f8e34ef9a60
61 | wd = 6fa43977a9acb5d0a34f809b9b6d421aaabf6eacbd78b284f6ec4ea03aff80ff
62 | wdPrime = 973d4ecb13bb9477c34d59b56248a4d6a634e37580eda2f7f1b480bc5e1595a4
63 | ad.x = 752e51edd621b79a6a4a7802df05a65f67e0863eb28807f05b5a7e96ad745099
64 | ad.y = 1d75de279ffe5d3c5914b32c89ebe6ec36cc242cc9a0b3a40e8c36b31969d0ee
65 | a = eac85d39e2309630d1d8720bc1aa4f805493f3c6ec92c94a368b3c69d853dbe8
66 | UIDt = bcd25e4744f3784805904e5b5ca7ef326b2b3d1f64df41a426b3e980b8799395
67 | cp = 237a255eff59f19d1c7a1c5e53de51004fe3e6d5809c455bb0dc771700e3b54a
68 | c = 80bbdd98d49f7291c80ca333fc5b0b3da1e5bfcee1c239011fa633ea648e8925
69 | r0 = 2ccb327465a83b4828cd1a7969b77a0cc1f540102dcb9a9bd7d5306354a88c41
70 | rdPrime = 50fa7d5574914518860f6b67c649be8da17c01938de49ffeae71eaf9c9511e67
71 | rd = c09eb6cd1e3dfae9295eec0361b700a84c3b70404b5d5283a55e399a04509f66
72 |
--------------------------------------------------------------------------------
/UProveCrypto/IssuerKeyAndParameters.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using System;
15 | using System.ComponentModel;
16 | using System.Runtime.Serialization;
17 | using UProveCrypto.Math;
18 |
19 | namespace UProveCrypto
20 | {
21 | ///
22 | /// Contains an Issuer parameters and the associated private key.
23 | ///
24 | [DataContract]
25 | public class IssuerKeyAndParameters : IParametrizedDeserialization
26 | {
27 | private FieldZqElement privateKey;
28 | private IssuerParameters issuerParameters;
29 |
30 | ///
31 | /// Constructs an IssuerKeyAndParameters instance.
32 | ///
33 | /// The private key.
34 | /// The Issuer parameters.
35 | public IssuerKeyAndParameters(FieldZqElement privateKey, IssuerParameters issuerParameters)
36 | {
37 | if (privateKey == null)
38 | {
39 | throw new ArgumentNullException("privateKey");
40 | }
41 | if (issuerParameters == null)
42 | {
43 | throw new ArgumentNullException("issuerParameters");
44 | }
45 | this.privateKey = privateKey;
46 | this.issuerParameters = issuerParameters;
47 | }
48 |
49 | ///
50 | /// Constructs an IssuerKeyAndParameters instance from serialized strings.
51 | ///
52 | /// The serialized private key.
53 | /// The serialized Issuer parameters.
54 | public IssuerKeyAndParameters(string serializedPrivateKey, string serializedIssuerParameters)
55 | {
56 | this.IssuerParameters = new IssuerParameters(serializedIssuerParameters);
57 | this.privateKey = serializedPrivateKey.ToFieldZqElement(IssuerParameters.Zq);
58 | }
59 |
60 | ///
61 | /// The private key.
62 | ///
63 | public FieldZqElement PrivateKey
64 | {
65 | get { return privateKey; }
66 | set { privateKey = value; }
67 | }
68 |
69 | ///
70 | /// The Issuer parameters.
71 | ///
72 | public IssuerParameters IssuerParameters
73 | {
74 | get { return issuerParameters; }
75 | set { issuerParameters = value; }
76 | }
77 |
78 |
79 | #region Serialization
80 |
81 | [DataMember(Name = "ip", Order = 1)]
82 | [EditorBrowsable(EditorBrowsableState.Never)]
83 | internal IssuerParameters _issuerParameters;
84 |
85 | [DataMember(Name = "key", Order = 2)]
86 | [EditorBrowsable(EditorBrowsableState.Never)]
87 | internal string _privateKey;
88 |
89 | [OnSerializing]
90 | [EditorBrowsable(EditorBrowsableState.Never)]
91 | internal void OnSerializing(StreamingContext context)
92 | {
93 | this._issuerParameters = this.issuerParameters;
94 | this._privateKey = this.PrivateKey.ToBase64String();
95 | }
96 |
97 | [OnDeserialized]
98 | [EditorBrowsable(EditorBrowsableState.Never)]
99 | internal void OnDeserialized(StreamingContext context)
100 | {
101 | if (_issuerParameters == null)
102 | throw new UProveSerializationException("ip");
103 | if (_privateKey == null)
104 | throw new UProveSerializationException("key");
105 |
106 | this.issuerParameters = _issuerParameters;
107 | this.privateKey = _privateKey.ToFieldElement(this.issuerParameters);
108 | }
109 |
110 | void IParametrizedDeserialization.FinishDeserialization(IssuerParameters ip)
111 | {
112 | // nothing to do
113 | }
114 | #endregion
115 | }
116 | }
117 |
--------------------------------------------------------------------------------
/docs/testvectors/testvectors_EC_D0_lite_doc.txt:
--------------------------------------------------------------------------------
1 | U-Prove Cryptographic test vectors - V1.1 Revision 3
2 | UIDh = SHA-256
3 | UIDp = 56312e31205265766973696f6e20335465737420566563746f7273202334
4 | GroupName = 1.3.6.1.4.1.311.75.1.2.1
5 | y0 = 4a65226d83bea98cc47cf467f558d9f3f3a0cba9db2343855e8e678b00377a0d
6 | g0.x = c2258ac39e9edb3219f337035618e9b6333e0f7fc8c8d226764e0da502a4d6a1
7 | g0.y = ca35a2213aaed3092cba5a4f80cb5c6e663e52bbb6b0fbe083078a766a1fe6f0
8 | e1 = 01
9 | e2 = 01
10 | e3 = 01
11 | e4 = 00
12 | e5 = 00
13 | S = 49737375657220706172616d65746572732073706563696669636174696f6e
14 | A1 = 416c69636520536d697468
15 | A2 = 5741
16 | A3 = 313031302043727970746f20537472656574
17 | A4 = 01
18 | A5 = 499602d2
19 | TI = 546f6b656e20696e666f726d6174696f6e206669656c642076616c7565
20 | PI = 50726f76657220696e666f726d6174696f6e206669656c642076616c7565
21 | x1 = 3e4668267d6a6fe778ec3a189b384b44d029f3edc3532d618b88a729adaea673
22 | x2 = af93c647ca51d4c950a616f6aa4cca9c3995589b0710783c3e3a513caf244772
23 | x3 = 58f98bdb5985d501eac1de1057505c3782948c1b5949261d67cdeddf1bf49a5c
24 | x4 = 1
25 | x5 = 499602d2
26 | P = 0d993002b44da48a33ac04c1cd6b16770eb82e6e31327ed255aa2b839b10c4b3
27 | xt = f875bfda378e09043e43e1abb60f7e42abdd30b7ecc24409642bd56f5326bcd7
28 | gamma.x = 71d2e913dcf93cde507617ab7b729f757b2505d1bcdfb01f6c85ec7e27bb9f0d
29 | gamma.y = e2e30682a6b14e3a04f3a7c2869aad67cf789fdd8cbfa5c8e3d5884faca8cc26
30 | sigmaZ.x = 7fe68d4ea72f3a223eaf13e6442aa2d3d6877a71283ee81fbe9d75e36f6646b2
31 | sigmaZ.y = 4b288b849191c6d3bc67f59aa1c959e8788632295a49848254ed4f30d85adb17
32 | w = dadde3b62035495b85a3bb4c971e80a92edd7ffdf547dc27229c0ef5561e8b8c
33 | sigmaA.x = 828758319db789cb4421ae2b2dd732c457c9d56e6243d698cc186854180f948
34 | sigmaA.y = f19a675ee902baad5d064077f1139898963c8011a2bd598d2e6b5beee48712dc
35 | sigmaB.x = 11571adc5e09166b2c6a876a71496f160e6befe25b4f2fb8815538d0789984b7
36 | sigmaB.y = e15b8687c5c8f3253ca9edcb3e5efa68e577f34bf32d1cc645855f87747fec1c
37 | alpha = 1e78c187422d2bd5670243768f6ee3f0dbd5c23b87c179201bc948326540467
38 | beta1 = 172e4aaf9168350b0bc1a78523a4be2baecee798c268d484cff916b88e4e9601
39 | beta2 = 6bbd1f39ac3eaea4885017f6d5916f5cfd68d5576d6ba4af5ac5df97517d7dbc
40 | h.x = 1a7aed27e2d58ecdcd272d786d4d7a65bac9dbc41a9a323671b756e6844d915b
41 | h.y = 3f77b190bf92916441dc076534efca7b2ca8f9ba9941266b564574da2ac527be
42 | alphaInverse = 555ef21a4f323b0c074694608f388fa1dda99344b9428a42fe4bf726a31d16f1
43 | sigmaZPrime.x = a579df71e12ab61231de04d49d059ba977fff97f3a77cdcdd4b83eaee72ba6bb
44 | sigmaZPrime.y = bb21e97cd5480af4eddb374b4d586d983f2a23111a3d1ee15505c42f706f2653
45 | sigmaAPrime.x = 7ecba1ae2cfa5940b7efd0f35990b993f9ab8a3a0f95b312c07e50a4aeddaa94
46 | sigmaAPrime.y = 884a304cb1df91e32919ee1fe47ac5c8731ca698a77f8d465e4ac57dd33faaad
47 | sigmaBPrime.x = 4cb57ad9012ab371c258b865498626105b22cf476831fc914205830ac4c111bc
48 | sigmaBPrime.y = 1dfc98555e69069947e52b45230d587a794a0a9acfda23968359562ebeb84e3
49 | sigmaCPrime = 4e58071033b8d5db978c672a5d31188e3e472b276ce33fd42e9cdb544ec05f9f
50 | sigmaC = 658651bfc5210ae6a34e0eaf80d5d6b9ed1612c02f4c1458fe95f20cdd0ef5a0
51 | sigmaR = da2f62d680b5e08fbc346f8ceeedc80841459e1019fc838ed7d376cd33bbec78
52 | sigmaRPrime = 45ec82112cf48f3344848783c47f376581c778b9e05089b93edf8ba188d644e3
53 | D =
54 | U = 1,2,3,4,5
55 | m = 56657269666965725549442b72616e646f6d2064617461
56 | md = 446972656374206d657373616765
57 | w0 = 2aa6196685847f6f2042107150ddaf3e8ababa25783f94001870dfe65e16530b
58 | w1 = d35bcc2e7808d778e966372a5b335e7d15a10d97c25743eb11194e15a599100a
59 | w2 = ef059df51180c581e3423c120869a5e41162d0bc09bb497b17e01c5fbac1d250
60 | w3 = 552c3b5695686c95dc8bb47f1b31e3a873690343c8530133bb22de306366c721
61 | w4 = 6febbcdb2e4f4ea9f53be07e07c95fe5fd74eb50be8f87022b079a73893b3175
62 | w5 = c3931030740779241a5a4d8d73832cf2c3f933ef7b7662df64bab027b5db1fba
63 | a = 17d5dc189ddcfec6015952acf80160549350563eb5944421513ec10082362dc1
64 | UIDt = b3495fa40084391877ba73e1f841c071b62d765b8b2bdb38b564c4aa19c2cdcc
65 | cp = 08c174664d6152f7ffddc66f84f83ff34f5cdbf59897dc2bf17c0d8da11a1071
66 | c = 53fdb16c0da62fdd4f4cfafe17d25f7a5bdc4dd88c3b5e1c7efbf0090f4d4b84
67 | r0 = 93e431a3efa328b7ee4f2b9f694b22f39610becbfbe91479ee7a7c7aad09af4d
68 | r1 = 16969100e288344f592864c7ea076df9bb155c88d663da4e1351d72cc4c133a4
69 | r2 = 17b187c8bfa2ec3c58c3bf9498f5bd408022d6e5edcdef6acdff8ddcaae42d2b
70 | r3 = 62b9aaaae9a0a712c64954ff5e0ca0b194b70a53e8f5a779218bb8247ad35ad3
71 | r4 = 1bee0b6f20a91ecca5eee57feff7006ba1989d78325428e5ac0baa6a79ede5f1
72 | r5 = 4bbbb41e62f9f76ed917a7067fa5308dfc865971416ae879756ad314c0483bc
73 |
--------------------------------------------------------------------------------
/UProveUnitTest/TestVectorData/testvectors_EC_Device_D5_lite_doc.txt:
--------------------------------------------------------------------------------
1 | // U-Prove Cryptographic test vectors - V1.1 Revision 3
2 | // The following prefixes identify values for U-Prove extensions:
3 | // * 'ie_': identity escrow extension - draft revision 1
4 | // * 'r_': designated-verifier accumulator revocation extension - draft revision 2
5 | // * 'sm_': set membership extension - draft revision 1
6 | UIDh = SHA-256
7 | UIDp = 56312e31205265766973696f6e20335465737420566563746f727320233138
8 | GroupName = 1.3.6.1.4.1.311.75.1.2.1
9 | y0 = 1f3dcdd5f8914c9162f75dc2bc64bfb1d8009d015b9f7681c433092b8876b38a
10 | g0.x = 15d3036153bffb6a09e9abde439f5cbd79950117be6c31cf387c5567c3ab2fe9
11 | g0.y = 8cfcb38a4bc2dd1af7d15b74848b55295b3154675c96458d87487fa609cb7a96
12 | e1 = 00
13 | e2 = 01
14 | e3 = 01
15 | e4 = 00
16 | e5 = 00
17 | S = 49737375657220706172616d65746572732073706563696669636174696f6e
18 | A1 = 499602d2
19 | A2 = 416c69636520536d697468
20 | A3 = 555341
21 | A4 = 02
22 | A5 = 19
23 | TI = 546f6b656e20696e666f726d6174696f6e206669656c642076616c7565
24 | PI = 50726f76657220696e666f726d6174696f6e206669656c642076616c7565
25 | x1 = 499602d2
26 | x2 = 3e4668267d6a6fe778ec3a189b384b44d029f3edc3532d618b88a729adaea673
27 | x3 = 6ea19dcd4945a99795edb377600622d522b2e1986265efc569186ad3326c7427
28 | x4 = 2
29 | x5 = 19
30 | P = 6453474f3be3efcaf90e653905d814046c79729b517f7c562c442c8446232c41
31 | xt = bc44e552edb6bf85a50970fc65ed9567434a7f3c09e5242fe1e4fa72349190d2
32 | xd = 6d227887737cd0299a985728849fee621a269d8917bdcef503116943e3f64a11
33 | hd.x = 793ebe3840a373eab3abb004aa3d613ff0c1a9e1621052f8c50f187e7b76edb
34 | hd.y = c1d952f2c5df767df26416eb584c64180d2a7f28368b91a2d90525bc46e5b9ee
35 | gamma.x = 982176799ce76411e5e472f89b358fd3fd6170eb8e44a170efd7149b5a201aa4
36 | gamma.y = a7e42faa1f5b591d46e2b2e24e2d9589390795b9ede10713bf523d1a4be34589
37 | sigmaZ.x = add443e3dc2202a2114881c56a6f8e7dd2d67a4e7919c29ff3bdd121c3e867ae
38 | sigmaZ.y = afae98b085fdc2740c24804eeb9414b574bef073d025ae3c4682b24d85d80be8
39 | w = cce4279b3fe04b007fa65549e2aff5b889ff1395ae62b97fc74c11c4882108ec
40 | sigmaA.x = ec572789337002f79c80756df026c0f3bfcb6f13b6c18be360793a73ab15fc7d
41 | sigmaA.y = a819e9d2eefa5775dd9ec7b1efd1b1c655c974497dd61fd4d2dd9cbf7be9f880
42 | sigmaB.x = 2aa9e3586d6adca2b407e7d8ed339fefd1e6b30493c81c05c0a336290ba13f6a
43 | sigmaB.y = 1c9e2f2b3f86e3adff9a69f3d58e1f7aae63c6228cc0769167d77d66084a2559
44 | alpha = 44d3f6d73d2372f7b49d82b54a2c9f143e51a189621edc6a2aa7d4f2cf87775d
45 | beta1 = 9d68050eb91e7a668c1ce010df04359aadfc86377f7f8925f78cac964e7f272d
46 | beta2 = 252417e127905b20d63bfc463dcb8a26713a45d30140dd1edfe0172c71e4170d
47 | h.x = 513a4ab5e22d19467c6477465e9d6b39fb2e9e3a7242e1e21eeb72e3a14eb786
48 | h.y = e85b4eacd39e3012c1f0ca40d376d15e7b02969266666485727489ca33ca2f06
49 | alphaInverse = 7c565046ca3c123a2eeb1c2820e21052f76d558dc9f4e8458413ec4ecd49ccbf
50 | sigmaZPrime.x = 2472b1a6de72d3a9994445ab235bd56256b7eaf209c1c5c8f0bca822f06ff581
51 | sigmaZPrime.y = d240d683cd49beb70aae2053a66c58bedda991e91965f320856ee4a3c565334a
52 | sigmaAPrime.x = e2e1fe596b37dde50386ca57b5ea0203d3005b013a452da3f1ca377377b16766
53 | sigmaAPrime.y = 133a43f1798967f3d13f96989ad34fa59528f20ba230a4d0395a0f3fb3b885b5
54 | sigmaBPrime.x = 238c2538e46018c4ccff8d45de47f4411a14704010b01a3db912888750403c0e
55 | sigmaBPrime.y = 4f32fc36a35179f1da95a1d1b8a40c922575137cdabbbbd13ee8c3bf182b1710
56 | sigmaCPrime = ed580ecd01b730c771c43826d3f3ba61a4739cf29b6831b51889c0ab28953d8b
57 | sigmaC = 8ac013dcbad5ab2cfde11837b2f7effc9589287c73d01c561c5ca27e7ab13f67
58 | sigmaR = b1a80bb7edc19fa32e65bca3c3a37fc15f2ccf6b1b242ae12030fa907af967a8
59 | sigmaRPrime = d6cc23991551fac404a1b8ea016f09e7d067153e1c650800001111bcecdd7eb5
60 | D = 1,2,3,4,5
61 | U =
62 | m = 56657269666965725549442b72616e646f6d2064617461
63 | md = 446972656374206d657373616765
64 | w0 = f4b3ebbbec54731da06560448242e82b018524143a532ce546f90247792eaef2
65 | wd = 24ef5289e0ce3a1dc728339bdf999b9cf7eb2becbf02d2a0870575f2522ca471
66 | wdPrime = b76e1f93f05e4b334a074d12209005ac5d654f8d03c233211cb102da5947cb9b
67 | ad.x = e1ef09c1d16d580351609f2e5d84e8e761ff57c5c0253784379f2f18a840ed96
68 | ad.y = 47e67f96c3521f309de0bcf9b2fbc2a2756501f5f0a0273bce9aa5ca92baae5f
69 | a = a2896df649dd3a0983dd1a7b439c1a190661f6bd2fafff0a157143faae7c0f66
70 | UIDt = 353087accd1f6670538a015ff6b3668efc262e7e6b799b8fdfa4d64de1e5ef9a
71 | cp = 67b77bd8b182b7d8ee88bf4450ac58f2ceb9f793c0da8e1166b958571281ffb0
72 | c = f050293c1e0e06f09dbf9f4e401cc6fafdc834a354697c995940c254c60a20d4
73 | r0 = 6ae271527d7837db6bd923021b7b6b4d31a69bf17ab256cdcada5fa09302ae50
74 | rdPrime = a96ce25db20bcb959606e1ee75131a06444eccf70debb75bd015ebb6d7d4d006
75 | rd = ce5c34e792da05b35d2f158a54acb5a33c39f8e3ccee89fc571b61a92a017477
76 |
--------------------------------------------------------------------------------
/UProveUnitTest/TestVectorData/testvectors_EC_D0_lite_doc.txt:
--------------------------------------------------------------------------------
1 | // U-Prove Cryptographic test vectors - V1.1 Revision 3
2 | // The following prefixes identify values for U-Prove extensions:
3 | // * 'ie_': identity escrow extension - draft revision 1
4 | // * 'r_': designated-verifier accumulator revocation extension - draft revision 2
5 | // * 'sm_': set membership extension - draft revision 1
6 | UIDh = SHA-256
7 | UIDp = 56312e31205265766973696f6e20335465737420566563746f7273202334
8 | GroupName = 1.3.6.1.4.1.311.75.1.2.1
9 | y0 = 358541503910c39b7459fda280b2b82d48f06587b71ba4a2870b69a03df73bd0
10 | g0.x = bd823377593334318824c94108bb1f447276737ce11a3c842ddbcaa2c706622b
11 | g0.y = 7565b029d69cc634174cd1e7e61fe79c74fdae23661870c9467dc8d7ef0ab251
12 | e1 = 00
13 | e2 = 01
14 | e3 = 01
15 | e4 = 00
16 | e5 = 00
17 | S = 49737375657220706172616d65746572732073706563696669636174696f6e
18 | A1 = 499602d2
19 | A2 = 416c69636520536d697468
20 | A3 = 555341
21 | A4 = 02
22 | A5 = 19
23 | TI = 546f6b656e20696e666f726d6174696f6e206669656c642076616c7565
24 | PI = 50726f76657220696e666f726d6174696f6e206669656c642076616c7565
25 | x1 = 499602d2
26 | x2 = 3e4668267d6a6fe778ec3a189b384b44d029f3edc3532d618b88a729adaea673
27 | x3 = 6ea19dcd4945a99795edb377600622d522b2e1986265efc569186ad3326c7427
28 | x4 = 2
29 | x5 = 19
30 | P = 9b5a52802f27e57a3c34e28411f139208e13301ebaebd963c8876b218c9fa789
31 | xt = c00661df12b4d2f8b9fb66682ece4e4659bdbc8d2334a3a03427a8721f2384a9
32 | gamma.x = efdbaf50f022bc0fa639e532400e6f8e78b8c649c15e1fabb7f29d3b94d17422
33 | gamma.y = a8526c71368775a7972e66c3d0e8b8e866a38473ed50a0c011d3a2b8d2931a78
34 | sigmaZ.x = 6a241ec67f7f093051fb0a104a78564008387d84dce3680a7cad95dc929c83f5
35 | sigmaZ.y = 96c1ea63849c842c1fdd0d5cef7c952c5d08061cef1a74522e4aeb720af925a2
36 | w = 70f632c492d743783ed6ad6a56403e88839c12d9c7392319e09fc92da7225d7d
37 | sigmaA.x = cafff2a3ed5349e59410bc040dccb136b1f1474137d7e7df479124a16644b24f
38 | sigmaA.y = 8de5fc55337eebfa2ba967bf619f366d412a8d4cf806a1685980f83f040af505
39 | sigmaB.x = 2bc45053ccc552ba20355c00e4936405c17d43e8f3f6e1a6fc27321d383e9f96
40 | sigmaB.y = d18738fd95f108220d9ef025954629842def88f196caae08b1178d391a5e98cd
41 | alpha = 1d2c318980f39b70aded48e06e394b46cde01da1e4610936d218e4f30e16d11c
42 | beta1 = 792f4d290eb4088f00a12cdaf042aba753825fc604bc98bb23fab7680fa76296
43 | beta2 = 1c2c673eec223718d88ea043352f45906d3ca08cb60a18bc97910514fd9f8059
44 | h.x = 9d7127b357f74c04dc6b69b8c88dcabd619d67841720af188a303ca1820e18b5
45 | h.y = 4388007e5be518ed1c54db77725554639934017d5c6aaeaca081e6e966e9faec
46 | alphaInverse = eba8c800bd5c783b84a9342028dffd8b50060b6131ed3731cb942ed432ed6b3d
47 | sigmaZPrime.x = 98bda249a442b63890ab2b3ce78f416143001ce594c0ab0b83e82815be088fa2
48 | sigmaZPrime.y = ee06c02f3bcf561c110c07668e57e448bbcbad384853a620e52cb77d927d2db1
49 | sigmaAPrime.x = a2d425f7811157215e36aa92aa8db94d60bc5863b880c194fc44e1ecec9e3c9
50 | sigmaAPrime.y = 50c7f4f18bfcca9a95f58a6ec42ee6f7efe5d0b097de6ed0836075eae7a2cf23
51 | sigmaBPrime.x = cb6e9cd5bd660397e0fd398a6a3b3817b4b3828938734a215d3302e60d413a56
52 | sigmaBPrime.y = 4d2aece9a5276e148dae13db706826bf63f6cd47a4cc0a7d59fcc23e1621964
53 | sigmaCPrime = 11cb1fe2e1784348811c6b6c543bc411eecf0dca39179fdc43a3a99d8fc31ba
54 | sigmaC = 7a4bff273ccb8cc388b2f391b58667e8726f50a2a84e12b8e834f201e8a39450
55 | sigmaR = c97d9f5ff64a4dfdf481e23a39b06af990e4c2f48e2344f8c34ad9741e71ac4b
56 | sigmaRPrime = e5aa069ee26c8516cd10827d6edfb089fe216381442d5db55adbde891c112ca4
57 | D =
58 | U = 1,2,3,4,5
59 | m = 56657269666965725549442b72616e646f6d2064617461
60 | md = 446972656374206d657373616765
61 | w0 = 3f96bdc4da6cbb304a47ee761b5586f4b426fbd207d6df1213aaa75a1c231a38
62 | w1 = d47049e7180b5008170416f1ca2a1420b115fd6a4ae5168b6abb12fc5601326
63 | w2 = 2cb568d450e7833471fa5097956ff57109644e0bc444945ef59be8c5cf853a21
64 | w3 = 5c1a436739cdf1248d2b64a95ebad346b53f2661120762e7210adeb5ffbd64ec
65 | w4 = c02f3a7a2c8e383c732a7d99dfea003bc7a10f905ed90f54b75b452eef3b25d0
66 | w5 = c678e92e7f591a2706eaede789c8083609a2ee5dadd48de620e6c2d048094d37
67 | a = 037201db6650b96df15b031167ec133297ca2b435dbbaa8f9691fe858aae04c6
68 | UIDt = 75c1e3f9593839c45a49eff6d1676549de42e38125b758c61be474c637a7c1af
69 | cp = 456f7a75f77db157ef6ced901656a613c4f8bd8f4e7a3fa11257cdd7368e49d5
70 | c = 6c981094e5ce76d11298cda948f17555424df08779ca682b8f60916d507a14f9
71 | r0 = 17e703ea6b641c47c4579df771d9a25f318a9fc86f1150ddb49e6011f63e8a09
72 | r1 = 7c6abacc339e2233477ea20f4b9a31c7a005dcd15486a7a8130f9689d922a11b
73 | r2 = 6eb0086b154c0deb6e09eecd522402d83714a6536c241dd3065832e2821f3544
74 | r3 = 4ac96a878c07cae89aa5fecbc76570645de84094e187352e4fc1890fe6bbcf21
75 | r4 = e6ff194f60f14a9b4df8e2474e071590ffec292f125bdd828c53ed174aaa212f
76 | r5 = 2b9f4a9a0e2f7fc635fed85f6a3392dff10c3beb4ffc92d6a5ba7ac147fcb610
77 |
--------------------------------------------------------------------------------
/UProveCrypto/ParameterSet.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | namespace UProveCrypto
15 | {
16 | ///
17 | /// Specifies a group and group generators to create a set of issuer parameters.
18 | ///
19 | public class ParameterSet
20 | {
21 | ///
22 | /// Constructs a new parameter set.
23 | ///
24 | /// The name of set.
25 | /// The group.
26 | /// An array of group generators.
27 | /// The device generator.
28 | internal ParameterSet(string name, Group group, GroupElement[] g, GroupElement gd)
29 | {
30 | this.Name = name;
31 | this.Group = group;
32 | this.G = g;
33 | this.Gd = gd;
34 | }
35 |
36 | ///
37 | /// Gets or sets the set name.
38 | ///
39 | public string Name { get; private set; }
40 |
41 | ///
42 | /// Gets or sets the set group.
43 | ///
44 | public Group Group { get; private set; }
45 |
46 | ///
47 | /// Gets or sets the generators.
48 | ///
49 | public GroupElement[] G { get; private set; }
50 |
51 | ///
52 | /// Gets or sets the set device generator.
53 | ///
54 | public GroupElement Gd { get; private set; }
55 |
56 | ///
57 | /// Returns true if the requested parameter set is found, false otherwise.
58 | ///
59 | /// The OID of the parameters set.
60 | /// true if the requested parameter set is found, false otherwise.
61 | public static bool ContainsParameterSet(string oid)
62 | {
63 | if (oid == ECParameterSets.ParamSet_EC_P256_V1Name ||
64 | oid == ECParameterSets.ParamSet_EC_P384_V1Name ||
65 | oid == ECParameterSets.ParamSet_EC_P521_V1Name ||
66 | oid == ECParameterSets.ParamSet_EC_BN254_V1Name)
67 | {
68 | return true;
69 | }
70 | else
71 | {
72 | return false;
73 | }
74 | }
75 |
76 | ///
77 | /// Returns the identified parameter set if it exists. Valid values are
78 | /// ,
79 | /// , and
80 | /// .
81 | ///
82 | /// The OID of the parameters set.
83 | /// The requested parameter set, if found.
84 | /// true if the requested parameter set is found, false otherwise.
85 | public static bool TryGetNamedParameterSet(string oid, out ParameterSet set)
86 | {
87 | set = null;
88 |
89 | if (oid == ECParameterSets.ParamSet_EC_P256_V1Name)
90 | {
91 | set = ECParameterSets.ParamSet_EC_P256_V1;
92 | }
93 | else if (oid == ECParameterSets.ParamSet_EC_P384_V1Name)
94 | {
95 | set = ECParameterSets.ParamSet_EC_P384_V1;
96 | }
97 | else if (oid == ECParameterSets.ParamSet_EC_P521_V1Name)
98 | {
99 | set = ECParameterSets.ParamSet_EC_P521_V1;
100 | }
101 | else if (oid == ECParameterSets.ParamSet_EC_BN254_V1Name)
102 | {
103 | set = ECParameterSets.ParamSet_EC_BN254_V1;
104 | }
105 | return set != null;
106 | }
107 |
108 | ///
109 | /// The number of issuer generators included in the (pre-generated) parameter sets.
110 | ///
111 | public static readonly int NumberOfIssuerGenerators = 50;
112 | }
113 |
114 | }
115 |
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/ECDomainParameters.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // This file was imported from the C# Bouncy Castle project. Original license header is retained:
4 | //
5 | //
6 | // License
7 | // Copyright (c) 2000-2014 The Legion of the Bouncy Castle Inc. (http://www.bouncycastle.org)
8 | //
9 | // Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
10 | //
11 | // The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
12 | //
13 | // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
14 | //
15 | //*********************************************************
16 |
17 | using System;
18 |
19 | namespace BouncyCastle
20 | {
21 | public class ECDomainParameters
22 | {
23 | internal ECCurve curve;
24 | internal byte[] seed;
25 | internal ECPoint g;
26 | internal BigInteger n;
27 | internal BigInteger h;
28 |
29 | public ECDomainParameters(
30 | ECCurve curve,
31 | ECPoint g,
32 | BigInteger n)
33 | : this(curve, g, n, BigInteger.One)
34 | {
35 | }
36 |
37 | public ECDomainParameters(
38 | ECCurve curve,
39 | ECPoint g,
40 | BigInteger n,
41 | BigInteger h)
42 | : this(curve, g, n, h, null)
43 | {
44 | }
45 |
46 | public ECDomainParameters(
47 | ECCurve curve,
48 | ECPoint g,
49 | BigInteger n,
50 | BigInteger h,
51 | byte[] seed)
52 | {
53 | if (curve == null)
54 | throw new ArgumentNullException("curve");
55 | if (g == null)
56 | throw new ArgumentNullException("g");
57 | if (n == null)
58 | throw new ArgumentNullException("n");
59 | if (h == null)
60 | throw new ArgumentNullException("h");
61 |
62 | this.curve = curve;
63 | this.g = g.Normalize();
64 | this.n = n;
65 | this.h = h;
66 | this.seed = (seed == null ? null : (byte[])seed.Clone());
67 | }
68 |
69 | public ECCurve Curve
70 | {
71 | get { return curve; }
72 | }
73 |
74 | public ECPoint G
75 | {
76 | get { return g; }
77 | }
78 |
79 | public BigInteger N
80 | {
81 | get { return n; }
82 | }
83 |
84 | public BigInteger H
85 | {
86 | get { return h; }
87 | }
88 |
89 | public byte[] GetSeed()
90 | {
91 | return (seed == null ? null : (byte[])seed.Clone());
92 | }
93 |
94 | public override bool Equals(
95 | object obj)
96 | {
97 | if (obj == this)
98 | return true;
99 |
100 | ECDomainParameters other = obj as ECDomainParameters;
101 |
102 | if (other == null)
103 | return false;
104 |
105 | return Equals(other);
106 | }
107 |
108 | protected bool Equals(
109 | ECDomainParameters other)
110 | {
111 | return curve.Equals(other.curve)
112 | && g.Equals(other.g)
113 | && n.Equals(other.n)
114 | && h.Equals(other.h)
115 | && true; // TODO: FIXME Arrays.AreEqual(seed, other.seed);
116 | }
117 |
118 | public override int GetHashCode()
119 | {
120 | return curve.GetHashCode()
121 | ^ g.GetHashCode()
122 | ^ n.GetHashCode()
123 | ^ h.GetHashCode()
124 |
125 | //TODO: FIXME ^ Arrays.GetHashCode(seed)
126 | ;
127 | }
128 | }
129 |
130 | }
131 |
--------------------------------------------------------------------------------
/docs/testvectors/testvectors_EC_Device_D5_doc.txt:
--------------------------------------------------------------------------------
1 | U-Prove Cryptographic test vectors - V1.1 Revision 3
2 | UIDh = SHA-256
3 | UIDp = 56312e31205265766973696f6e20335465737420566563746f727320233135
4 | GroupName = 1.3.6.1.4.1.311.75.1.2.1
5 | y0 = aafa4a56822bc6bcb5aea6aab64603a650d80e179a560254b505bc1dc390f99d
6 | g0.x = c6ec7592ad6bb887b7885645b8d94937e56e62cf3b82d4dfe22f9922439523cf
7 | g0.y = 82f2cba900b7515de3e59b5c1231ed2ed0ebbbe4fb33b4ef0c8e07937ed03ef4
8 | e1 = 01
9 | e2 = 01
10 | e3 = 01
11 | e4 = 00
12 | e5 = 00
13 | S = 49737375657220706172616d65746572732073706563696669636174696f6e
14 | ie_x = 58666a40698ac2debbc5107921f30930423d1f955af66e53f8f6a07c6ea8f924
15 | ie_H.x = fb5da9ee38adbfd5412bb3ce44838333fed97b524372c93142779b2c8453f614
16 | ie_H.y = f730f8ba1bde6325f45448b174109667bc31f2d3a2f1ad9eb167e6cf0bbcb82f
17 | ie_additionalInfo = 494420457363726f7720706f6c696379
18 | A1 = 416c69636520536d697468
19 | A2 = 5741
20 | A3 = 313031302043727970746f20537472656574
21 | A4 = 01
22 | A5 = 499602d2
23 | TI = 546f6b656e20696e666f726d6174696f6e206669656c642076616c7565
24 | PI = 50726f76657220696e666f726d6174696f6e206669656c642076616c7565
25 | x1 = 3e4668267d6a6fe778ec3a189b384b44d029f3edc3532d618b88a729adaea673
26 | x2 = af93c647ca51d4c950a616f6aa4cca9c3995589b0710783c3e3a513caf244772
27 | x3 = 58f98bdb5985d501eac1de1057505c3782948c1b5949261d67cdeddf1bf49a5c
28 | x4 = 1
29 | x5 = 499602d2
30 | P = e01bb1ff5c20d7dcf951df8bfe1a7fe54ed8bddcc5e3ba612b9e6ce2248dc873
31 | xt = 9d79d058dcdf10084835a8dddfae286003a42d8144900f10223ceb078894e353
32 | xd = 6d227887737cd0299a985728849fee621a269d8917bdcef503116943e3f64a11
33 | hd.x = 793ebe3840a373eab3abb004aa3d613ff0c1a9e1621052f8c50f187e7b76edb
34 | hd.y = c1d952f2c5df767df26416eb584c64180d2a7f28368b91a2d90525bc46e5b9ee
35 | gamma.x = adb48b4b73885abef1fbbe31769b60ac609551522a0d4f1dae8a7e5748bc0ba2
36 | gamma.y = 867a1b29f878b429fd56827c2a0bbafad50c171eefd794bb8e2759c8abf6497b
37 | sigmaZ.x = 6d3cf4d3028a17bf9dbba8d7e81c8f8b00c49194ceaa62b757df28d059d5f52b
38 | sigmaZ.y = 107ba5524db6b0b9ce914cd0b50b1c4c3c8bd1f83ed7494f0dc72924e7e5d1a
39 | w = b408514fdcc33dc6152f5bd4458933c1fb8cdb8570644261f8164772e9467012
40 | sigmaA.x = ea3a097d01226bd1e4875c86c77987c2900bda3f84d329faccc4abf50498e5a0
41 | sigmaA.y = 33ccddebea4bea70d517984826cd512f05fab29f9938c2ccd0f990c0d0f1bd73
42 | sigmaB.x = b69dcad4248c18f88a3e7021d15df144b36184085ccee0d9f0296ece785eefae
43 | sigmaB.y = fefd40c75e1459214a6db23386b832bc28615e48a5da8632172e8c06eaaa3b7
44 | alpha = ccebc518a2ba547e00597f2b9b990e6fc3df80e2cd73b450c6f057c67bcadccf
45 | beta1 = bf48085ac41a1f41385c8517e417c55e07d8af0ac58d4458377552b1638d0336
46 | beta2 = 7cb06b5291b4aba8bf3faa71ee9c6bae2af8bea21ad10a3103af224fc86ddeaa
47 | h.x = 2664f3046f6b52db6a80598eafe7df91515c05a432db43a58d7910c33472b589
48 | h.y = b0ca67e84525988494b9f82675b67683d2ac2e2eb6d26f5388d5abe24156968a
49 | alphaInverse = 796df1d084769c5c55398c808e6629ac7a98b0609628056c619593c7ffc144cb
50 | sigmaZPrime.x = 1b2d2426a7d110f9947b3684f0baf1c8b88d305d9493e1a0f82ad14e7397b7b4
51 | sigmaZPrime.y = 66bd8e15309e1859a193d6ee49d8114e101d6e082e314f699214d7066071fc6e
52 | sigmaAPrime.x = 7f18f20202cdea20acd00502e0107225024a24434a3b4daad0a279dc3edb1ecf
53 | sigmaAPrime.y = 5bd8c37263d8da1ac45b220ab73aefd6ae8dd1f26cd3a6ce80b800617b99309c
54 | sigmaBPrime.x = da474051d072cda5f2c0e0e84a5bdfc44982f087b71aeda14a019c4ef36c61d6
55 | sigmaBPrime.y = 1c5f3fc9d33ff0eed610b76e59c8c7f01ab83c0f112173fb4806ecb30a8dc297
56 | sigmaCPrime = 460d186531cbc7690fad829841fd4a1c745a4f22b597cf82cfdc8ea8f8e295a
57 | sigmaC = c3a8d9e11736dbb7c9575d41683799ffcf1e53fcf0e6c15064731b9bf31b2c90
58 | sigmaR = 6814dbf4d5e2787c9d8768269a943f800b00cae3af8c0b6e27e10d50eb223a38
59 | sigmaRPrime = e4c54747679724255cc712988930ab2e35f98985ca5d159f2b902fa0b39018e2
60 | D = 1,2,3,4,5
61 | U =
62 | m = 56657269666965725549442b72616e646f6d2064617461
63 | md = 446972656374206d657373616765
64 | w0 = 584e9a33ab72cc532d064b86e3d3699a09a3876acf601baba63a4fe2915cdf51
65 | wd = 60ff19a0023803b72c6b741486834e3045884525e673dbf833ef8d7123e9c1d1
66 | wdPrime = 26f925e3b9c998d19fd03e63eb072522eb1e9d0916ba6bec24206c12aa929342
67 | ad.x = 40b9df40b67c6a10d1c0e883e6ebd9b6ca5248405f523dab433a2bad4c73b60c
68 | ad.y = 4c037d5e9f78291bf2b9f3c16f0b88c4f23b8280ccab6a515389122ba08489fd
69 | a = 6d1e2252b53ef3492f7d9b9c9b1c4a822066e4d105b05b2df10a409aa75e0750
70 | UIDt = 28c7331c20ff559a9126075009bb808fc754ec4ad017c27c30c68128cd80f008
71 | cp = f850650d0014121f891d2ffbdb80ecdcfa1ef7607d24ac5ff93e6fcdac16ca4c
72 | c = 34257cc748c83082a5db5a59ae0346ba570686fc4230b653c1e069e9e27054b6
73 | r0 = 5536ef653d44d267eb586c35219ff8c5a39052e000933498b0543df7313f84ea
74 | rdPrime = 785c8e6e0f00cc654737b503e14cbf5753d52d4d357b14e224aa4c518ded290a
75 | rd = d95ba80e1138d01c73a3291867d00d87995d72731beef0da5899d9c2b1d6eadb
76 |
--------------------------------------------------------------------------------
/UProveUnitTest/TestVectorData/testvectors_EC_D5_doc.txt:
--------------------------------------------------------------------------------
1 | // U-Prove Cryptographic test vectors - V1.1 Revision 3
2 | // The following prefixes identify values for U-Prove extensions:
3 | // * 'ie_': identity escrow extension - draft revision 1
4 | // * 'r_': designated-verifier accumulator revocation extension - draft revision 2
5 | // * 'sm_': set membership extension - draft revision 1
6 | UIDh = SHA-256
7 | UIDp = 56312e31205265766973696f6e20335465737420566563746f7273202333
8 | GroupName = 1.3.6.1.4.1.311.75.1.2.1
9 | y0 = f9638a5cb2d8a452c629128e2b8a79a40ae264b142cec77dca0cc8bd0bc6935
10 | g0.x = 570849732df4d9764bdffc20673ef89068d760c0800748b6549221910205f442
11 | g0.y = 85db65a71a582aa8c9bbcad1c6a519603c23dc0ac5cf7e64e564fabd6a96f4b5
12 | e1 = 00
13 | e2 = 01
14 | e3 = 01
15 | e4 = 00
16 | e5 = 00
17 | S = 49737375657220706172616d65746572732073706563696669636174696f6e
18 | ie_x = 2a79e75d30c00140ec08ee9cfc29796d8a6323ef096200e2aac0c92b60ff7470
19 | ie_H.x = 67c99fd73369c3f9ab7c1ffd575626bb13b80b4278170811d7c5e1b34a39f9a0
20 | ie_H.y = 247ade968d3f8d49655eb317db4a46271d134c0d7a5efa13e877c4e4c7316555
21 | ie_additionalInfo = 494420457363726f7720706f6c696379
22 | r_delta = f85cfe68d149697face55e0b3e507ab3275f016c997a2bc77805b270f7d6e0ed
23 | r_K.x = c2a70e538772e072d3775ffd1ea18f733bc0df29167d4f1e68ef0f4169f33f10
24 | r_K.y = ef8f6663d9c48eba050c4fa28e3a22b18d5f4bbeaf3f3562bcf3fc1b750db0ca
25 | r_R1 = 937ea3a02a109b40faa3422304f5a35a46150301fd08d67e3137f0cc96f988d6
26 | r_R2 = 57077c0acda8916c3c172f63807c282615829e2d2dfef8ba7246ef31fcfa901
27 | r_R3 = 1b6b1e937de3ad6b8bec3d3c96df4629746d6b3ecfa5032580ec18886b95f6f4
28 | r_R4 = 1770dbcce92f057eabbd56e5a2b2f5c8de457fb2646b317568f81291cb2500f6
29 | r_V.x = 1ea546032bccb3b1aec1638a08a3261001679804e85df88d1abec9106b065cd8
30 | r_V.y = 6a0db6a591943d1b57086436e459347c079ddf7f3e8f7bb9eac2b51a60dda9e
31 | A1 = 499602d2
32 | A2 = 416c69636520536d697468
33 | A3 = 555341
34 | A4 = 02
35 | A5 = 19
36 | TI = 546f6b656e20696e666f726d6174696f6e206669656c642076616c7565
37 | PI = 50726f76657220696e666f726d6174696f6e206669656c642076616c7565
38 | x1 = 499602d2
39 | x2 = 3e4668267d6a6fe778ec3a189b384b44d029f3edc3532d618b88a729adaea673
40 | x3 = 6ea19dcd4945a99795edb377600622d522b2e1986265efc569186ad3326c7427
41 | x4 = 2
42 | x5 = 19
43 | P = c53fdde1ab7a69449c3b0261c632477f026ec54ea4efac88ab6b61972b38c3fe
44 | xt = 8b5baa21b7571684a9766c15c8b7d13341f11006efb68084129b2ad4766b713d
45 | gamma.x = 5418ec174263087a7ffc93b5aa59488622c7905fdfc7adfb6fc41be48e5d2cad
46 | gamma.y = 10cf02caf60d2f72a9e49883c1c9338a916fbcb7c11714c011f8fdd7f7e5b171
47 | sigmaZ.x = 163d728bebf339a789cacc324912bbbd769f2b36fa6cb1c1673940863e4c68ec
48 | sigmaZ.y = 7dff98df9234a99f515e3be178e41909c7e4450cabb3d4fac6afee74dd9226ca
49 | w = f54824250479404568ec92114e1d83cdf750a925164490ac3f6564f01c74b286
50 | sigmaA.x = c3e0b5bca1b008b7ad1c422959d13b742ee493d76ac018942eadd0c0401dd9cd
51 | sigmaA.y = e194d026922dab93495d4605bb15db773a16a0b853c8f5626e298c14ea75295e
52 | sigmaB.x = 7aa5d313a89fdc0499c8fdf997e6ebef9e353cb62c0ea085c77eb4573d71b4d8
53 | sigmaB.y = e03fb7420f53f8aad349fe207411ec03ec1e150d90608a0a6374dbdea9cd4d40
54 | alpha = bd60f0598ecfc364053a4977d820264a74459a7a7bdadfb0b878e69f154f29f4
55 | beta1 = 3a0c53ee2d2a3f278c4420dcfa19d41e3f1a7bd6da380ae2803fa115e9244fb6
56 | beta2 = 11553dcccc381c4a0572ed36ba03b69fa3c75ffbd3521a0201716dee89293d68
57 | h.x = 132b9ad159102a67971cf60881cd0a843bee0976b89238da2ab417b5c9109254
58 | h.y = 6b6cf9706e55c3352236335c43c9b0cfd12ccb65168d6f6a107844d0739d8fa7
59 | alphaInverse = d557466253b04df1e589c52136eebd624de40161a5388cce48960483dd54535d
60 | sigmaZPrime.x = 1039386942c97ea5daf79fc8ffecda3e0c0069866b6ac9a96110ef6de353980e
61 | sigmaZPrime.y = 65bcae04abdc7034a3a97beca30f72a15dac4abbbfdd708625612b049f8d33af
62 | sigmaAPrime.x = d7b21df0bdc09d60fe1e926e9166dba2df3751ea9f7010d90b1dcfd29496f4e9
63 | sigmaAPrime.y = 43a021581c0f0da026eca3e35da585e6c627703dc5eb2ff2374418eaa4d027c5
64 | sigmaBPrime.x = 8f546c30391531ecfc1e8b452ea18010a7165c6f001553d836c2acdccbc8777c
65 | sigmaBPrime.y = 7a1730e4dce30fad8bd49a7d50ddd17705ecfa6a3d7fcb7422744fc8abd9d03f
66 | sigmaCPrime = 9f1e4203f50c1a0b04dcc7fee2c376cec1ce1ef40ae24049da6cc2c3a4052a74
67 | sigmaC = d92a95f2223659329120e8dbdcdd4aed00e89acae51a4b2c5aac63d98d297a2a
68 | sigmaR = e5e4f73180c65d51e5166f80c7fc49670b54202745d52fd31645e4c169408335
69 | sigmaRPrime = f73a34fe4cfe799bea895cb782000006af1b8023192749d517b752aff269c09d
70 | D = 1,2,3,4,5
71 | U =
72 | m = 56657269666965725549442b72616e646f6d2064617461
73 | md = 446972656374206d657373616765
74 | w0 = f569caa5dc085206fe31d1674ad3287c89017222c453e2be3b3bca5bca2dc1db
75 | a = f2a9fd20fc3b934f461b7c5aae752fc1aaf5a05cfdcb9c64de5ce97459f1e0f3
76 | UIDt = 3496afe4b78bd127c2cfb50588e36c49c501db743e5544837a0eebc5ca49cde2
77 | cp = 6f957624725ad46dd1378896d6e732ec2f5918f116cfbee9ad0bdaa6190f60cb
78 | c = 98b85c63f2a01249964bbb97b4439ef02dc2181e263c41de9a853b6fe10341bb
79 | r0 = d242c8ffc7e7ae02e3207c359efb0c1feec04ccf11f5386e4774d8ed36a8b796
80 |
--------------------------------------------------------------------------------
/docs/testvectors/testvectors_EC_Device_D2_lite_doc.txt:
--------------------------------------------------------------------------------
1 | U-Prove Cryptographic test vectors - V1.1 Revision 3
2 | UIDh = SHA-256
3 | UIDp = 56312e31205265766973696f6e20335465737420566563746f727320233137
4 | GroupName = 1.3.6.1.4.1.311.75.1.2.1
5 | y0 = 4e5f33f5f0e6d8fa619f484821cabe159c23ca144126e59a3e58d8729d74c4c6
6 | g0.x = fee98ce464a6ad00b854f6fbe0862b8d84ac8f5f4fb7c8d90807d5a6d7cc532f
7 | g0.y = e725f87f0c9470412b3e9d2c5213333771aeacfe39abd1f86a66126d7a6a05fa
8 | e1 = 01
9 | e2 = 01
10 | e3 = 01
11 | e4 = 00
12 | e5 = 00
13 | S = 49737375657220706172616d65746572732073706563696669636174696f6e
14 | A1 = 416c69636520536d697468
15 | A2 = 5741
16 | A3 = 313031302043727970746f20537472656574
17 | A4 = 01
18 | A5 = 499602d2
19 | TI = 546f6b656e20696e666f726d6174696f6e206669656c642076616c7565
20 | PI = 50726f76657220696e666f726d6174696f6e206669656c642076616c7565
21 | x1 = 3e4668267d6a6fe778ec3a189b384b44d029f3edc3532d618b88a729adaea673
22 | x2 = af93c647ca51d4c950a616f6aa4cca9c3995589b0710783c3e3a513caf244772
23 | x3 = 58f98bdb5985d501eac1de1057505c3782948c1b5949261d67cdeddf1bf49a5c
24 | x4 = 1
25 | x5 = 499602d2
26 | P = 2197e8083e58178c4f155331e231dfc6751beedf16582a85de94b764234fc407
27 | xt = 1ba86c48ab593ef7e295011fb3d917745aa8e05df990719ad16b527abc0f4bb8
28 | xd = 6d227887737cd0299a985728849fee621a269d8917bdcef503116943e3f64a11
29 | hd.x = 793ebe3840a373eab3abb004aa3d613ff0c1a9e1621052f8c50f187e7b76edb
30 | hd.y = c1d952f2c5df767df26416eb584c64180d2a7f28368b91a2d90525bc46e5b9ee
31 | gamma.x = e133ce6f4b3c520e17eaf809088c41c33960de767abc8b7b4dd9c8f8fbd7c242
32 | gamma.y = f70cab7d4736cbbe1c372bdec0e863bd9efbf7ca5d7c2a8d6fa6b183c39c0703
33 | sigmaZ.x = 9529bd97ada2c73174ef8e2b2f7977b7deb579ef71bceec4e514fde5ed479396
34 | sigmaZ.y = e79f01ba229bc95215f44d783c6b13269f17f178b80d5f7428f535f57e680235
35 | w = 9ec9b941382e318dbed4ab5bc87b1ffcb1f554fe7469a2277a98b7980d665ded
36 | sigmaA.x = 4f40368e86e17fab4f4fe0912cebb8490d74da776f9f6b2d02e33dc5292b2745
37 | sigmaA.y = c0cde0965f5c42779b483cfa236da5f44e76988d2e6b328890e9d71952ed12d1
38 | sigmaB.x = 9eeaa1dfa3d3b8fa301491a1d8e4985ad06085934bec210c8eb909ffd02ebd49
39 | sigmaB.y = f8daaa402a56690d0e2dbba347afebccb9636753fc4b38732802ae1449143a6b
40 | alpha = db82a958107ddd6ef23c556c7a89d2c238dcc0a71fc551352691c7a076988058
41 | beta1 = 77be8045d1c7eb3418e60c371335acf0c6f45f31a6b5cd153074327fb53df759
42 | beta2 = bcfdf5bc088df171f08b8e39b91921f0e4d6d981394eb2c1f06b145d946c7edb
43 | h.x = ffe1e95f67e6fc49284974c8667deac5bf0ba60d12aac8b4f582b53e0bb6f42a
44 | h.y = faab8582498421ff4f225bc14c040db0447c0b90721178775b181c1fb10b52d8
45 | alphaInverse = 317c334858ece073e7dfd6afa93e63d80fd8136908c38bacce00bdd7701a3cb2
46 | sigmaZPrime.x = 38c4a6486d53d9f8c92b8057f320d0591e5f0ef026f36de800cff402ec127a21
47 | sigmaZPrime.y = 1604f3dd242b50a72306c7b4e28796894b6bff332392735d40c836b1bb240526
48 | sigmaAPrime.x = f711ed9f9b8e2cf182bf93aae02ca7eb081a92f312b4a10230f63b1b15801506
49 | sigmaAPrime.y = 872b1d7e9cc4508fe7bb461ecbc54a3ce2d0f3cb9f9c346a32bcbd5103b39ff7
50 | sigmaBPrime.x = 9e7ea5f8e6649979f45e00f195405172e6dced6be72d43ca355797d0d3d005ee
51 | sigmaBPrime.y = 120db3d5e5cb7d3cf31d20f0a5f7cbd910b1161765adddb2f99706e503627492
52 | sigmaCPrime = 56ccb575c765cdbe4c21d85a128711338a6b7fb4f1e8b34f0c274975f685e615
53 | sigmaC = ce8b35bb992db8f26507e49125bcbe24515fdee6989e80643c9b7bf5abc3dd6e
54 | sigmaR = a13435d875af32171181a19df9f74ae0658b3a0f4a98aa4878251787e51e60a2
55 | sigmaRPrime = 5e322b957e3d2388020d2fd7b3106cd18d7b18e2dccfbe8574d661227d27ba2c
56 | D = 2,5
57 | U = 1,3,4
58 | m = 56657269666965725549442b72616e646f6d2064617461
59 | md = 446972656374206d657373616765
60 | w0 = eeb27b1640f0e83903ed401a26935c1752419adf63761f6d4b33cb9d7894dd84
61 | wd = cb34b069e0baff4eda07d4c0e979b5d0ffd0a53d19f7878920dca0d244ac06f
62 | wdPrime = 10bc0d734855794791a5f1c3f8d35fb3986e8e7b8989b26d3bd3749041a2d0a3
63 | ad.x = f182d0b6229b86d6d4e4d27bff57ea831ddfb48fe8327b11b9845f0c45eeaa6e
64 | ad.y = d66ceb3865f4e165c0c138eef3ccac08c1a14759410e05c8dbb8dadd3bb48738
65 | w1 = df0e3b528a2714b984c2c12cadb580bfae1675b5bc45e586099f3875e1e806ef
66 | w3 = d54ee3ea970d297059d4f7c6c886c08653b4e12a2d1ae79928b548eaef9fd89b
67 | w4 = bcd1575ed19627a1ed045be74e1ebd82dfb2222c06dbc1ba6749c1e2c43e80ba
68 | a = 01132a13182a0bce10f08876b7e5b9e069838263a05b13772b9df6ae14aa0bb3
69 | UIDt = c742d4477b4552c3cd2df62e1c533f1b8577eaf9688057ecce6982f808b531c2
70 | cp = 9799bf43b1d5f0f8aae3bdecbaabd19fc517c11e5008d5ce1d7d63fe1177a7db
71 | c = 56e2885dcfe9efff98c1b50f0c87736519076fbc22e7e43bf6d4f06f3fec9fc2
72 | r0 = 9e0ad09c2774ba076d1523ea6038094f67768edcd9ed71aced10d620ed25a081
73 | r1 = 5b2615ca1e9f379950bd066903f3fce2d21da62258edf64f8e2830fd05e2618a
74 | r3 = 7d1e047c75198e77d2226359e8f643aeab71400425738e32d098d67157c7d48c
75 | r4 = 65eecf0101ac37a25442a6d841974a1dc6aab26fe3f3dd7e7074d1738451e0f8
76 | rdPrime = f6c68db8db74488fda60dde999212e0219f1d663306dd262c8d4e3d7698c406b
77 | rd = 379d8c0797ff883c8015b35a7b8c95f6d07e6095af5ac566728e3219173db89
78 |
--------------------------------------------------------------------------------
/UProveCrypto/Math/ECGroup.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using System;
15 |
16 | #if BOUNCY_CASTLE
17 | using UProveCrypto.Math.BC;
18 | #endif
19 |
20 | namespace UProveCrypto.Math
21 | {
22 | ///
23 | /// Defines a elliptic-curve group.
24 | ///
25 | public abstract class ECGroup : Group
26 | {
27 | ///
28 | /// The p parameter, representing the prime field domain for the x
29 | /// and y coordinate spaces.
30 | ///
31 | protected byte[] p;
32 |
33 | ///
34 | /// The a parameter for the eliptic curve.
35 | ///
36 | protected byte[] a;
37 |
38 | ///
39 | /// The b parameter for the eliptic curve.
40 | ///
41 | protected byte[] b;
42 |
43 | ///
44 | /// The order of the curve.
45 | ///
46 | protected byte[] q;
47 |
48 | ///
49 | /// The known name of the curve, or null.
50 | ///
51 | protected string curveName;
52 |
53 | ///
54 | /// Constructs a ECGroup.
55 | /// The p parameter, representing the prime field domain for the x and y coordinate spaces.
56 | /// The a parameter for the eliptic curve.
57 | /// The b parameter for the eliptic curve.
58 | /// The x coordinate of the generator point.
59 | /// The y coordinate of the generator point.
60 | /// The order of the group.
61 | /// The known name of the group, or null.
62 | /// The known name of the curve, or null.
63 | ///
64 | protected ECGroup(
65 | byte[] p,
66 | byte[] a,
67 | byte[] b,
68 | byte[] g_x,
69 | byte[] g_y,
70 | byte[] n,
71 | string groupName,
72 | string curveName)
73 | : base(GroupType.ECC, n, groupName)
74 | {
75 | if ((p == null) ||
76 | (a == null) ||
77 | (b == null) ||
78 | (g_x == null) ||
79 | (g_y == null) ||
80 | (n == null))
81 | {
82 | throw new ArgumentNullException("No null parameters allowed to ECGroup constructor");
83 | }
84 |
85 | this.p = p;
86 | this.a = a;
87 | this.b = b;
88 | this.curveName = (curveName == null) ? "" : curveName;
89 | }
90 |
91 | ///
92 | /// Creates an ECCGroup.
93 | /// The p parameter, representing the prime field domain for the x and y coordinate spaces.
94 | /// The a parameter for the eliptic curve.
95 | /// The b parameter for the eliptic curve.
96 | /// The x coordinate of the generator point.
97 | /// The y coordinate of the generator point.
98 | /// The order of the group.
99 | /// The known name of the group, or null.
100 | /// The known name of the curve, or null.
101 | ///
102 | public static ECGroup CreateECGroup(
103 | byte[] p,
104 | byte[] a,
105 | byte[] b,
106 | byte[] g_x,
107 | byte[] g_y,
108 | byte[] n,
109 | string groupName,
110 | string curveName)
111 | {
112 | #if BOUNCY_CASTLE
113 | return new ECGroupBCImpl(p, a, b, g_x, g_y, n, groupName, curveName);
114 | #endif
115 | }
116 |
117 | ///
118 | /// Creates a group element (curve point) from a (x,y) coordinate.
119 | ///
120 | /// The x-coordinate.
121 | /// The y-coordinate.
122 | ///
123 | public abstract GroupElement CreateGroupElement(byte[] x, byte[] y);
124 |
125 | }
126 | }
127 |
--------------------------------------------------------------------------------
/UProveUnitTest/TestVectorData/testvectors_EC_Device_D2_lite_doc.txt:
--------------------------------------------------------------------------------
1 | // U-Prove Cryptographic test vectors - V1.1 Revision 3
2 | // The following prefixes identify values for U-Prove extensions:
3 | // * 'ie_': identity escrow extension - draft revision 1
4 | // * 'r_': designated-verifier accumulator revocation extension - draft revision 2
5 | // * 'sm_': set membership extension - draft revision 1
6 | UIDh = SHA-256
7 | UIDp = 56312e31205265766973696f6e20335465737420566563746f727320233137
8 | GroupName = 1.3.6.1.4.1.311.75.1.2.1
9 | y0 = e14c8fa79e25fd09ade0841f30c579a802a770f98448e8849a72c839eed5be2e
10 | g0.x = 91c2344c6cb1e2a012fc83962896114ad3e328ca84e688a5d99c6b35bd3c5f31
11 | g0.y = 32fbaeb2b04410a2859143ec9761a147a21695cc6ef5f613034e536ec17d926b
12 | e1 = 00
13 | e2 = 01
14 | e3 = 01
15 | e4 = 00
16 | e5 = 00
17 | S = 49737375657220706172616d65746572732073706563696669636174696f6e
18 | A1 = 499602d2
19 | A2 = 416c69636520536d697468
20 | A3 = 555341
21 | A4 = 02
22 | A5 = 19
23 | TI = 546f6b656e20696e666f726d6174696f6e206669656c642076616c7565
24 | PI = 50726f76657220696e666f726d6174696f6e206669656c642076616c7565
25 | x1 = 499602d2
26 | x2 = 3e4668267d6a6fe778ec3a189b384b44d029f3edc3532d618b88a729adaea673
27 | x3 = 6ea19dcd4945a99795edb377600622d522b2e1986265efc569186ad3326c7427
28 | x4 = 2
29 | x5 = 19
30 | P = 9509cfb62995fe947701974896b35534f807d84b4b075937c62e0149900dad1b
31 | xt = e798ae524df8089aa52ba360a5c6ffc884f84976245803e6c42bdffcea6275fe
32 | xd = 6d227887737cd0299a985728849fee621a269d8917bdcef503116943e3f64a11
33 | hd.x = 793ebe3840a373eab3abb004aa3d613ff0c1a9e1621052f8c50f187e7b76edb
34 | hd.y = c1d952f2c5df767df26416eb584c64180d2a7f28368b91a2d90525bc46e5b9ee
35 | gamma.x = 574f22ae30f20fe1bde346b865db99728f4627f2a2d01f9ce9f9f762275c9b00
36 | gamma.y = 29cb04d1532815b798800f275bcc34298c81c7c6b4e9a0a6174d579fbd461b34
37 | sigmaZ.x = 5124f18c3172057956eb1b5a1219899f58b9889e7deb352723454095889d4e1d
38 | sigmaZ.y = 58cb20fa14b1c67e5094f92f04d53f18b005d10fe97575ca87464fb654369eb5
39 | w = 7842fecc273e12521fd9aa42e0b4062ab13555709af51599640a0d2c5cc31bd7
40 | sigmaA.x = e49ee858cdec4072873536e048573f742309f5eb0321dae1ac884c71cbd9d97c
41 | sigmaA.y = 28896114943f83c6a3b627c85f057f4bcc4c674d580f6eca70255e78be7100d8
42 | sigmaB.x = 537c2c20bfaa1f22b7d59a1235b29d2c28810681171d4ee3bba94bd45144388e
43 | sigmaB.y = 304403d81e0b38ab4a9ca901dc53dce6593b2b864bcba42ac1422da94ca3327
44 | alpha = 2155a6eec6ad81c3951ed9aa9da5a3e56c9e88b97f4e94822d65671c31e6f55c
45 | beta1 = bed2218a0d176403b391db7c1c6afbbf6727bfbe3b6157d3c124c160466492ae
46 | beta2 = 287debca8418d8553a8405ee721766c269a8b50a2736205d7a4dc9e95503bd4e
47 | h.x = 1b74fd6eeb63832ebabc1d35ead942717a0babe92e58e7428a4d9336545b60e8
48 | h.y = 6d403d811bb6408f43e75921b708351b25c2e0a8a7c110fe906b20a1055c22be
49 | alphaInverse = 1478129cd53f61b668b49a14c5864d15d47c07e54f7fed3c33bea3284d181fab
50 | sigmaZPrime.x = 3cf39b7d798753ceabe8295272d4d74e2eb61298ca6346cd2f6610019d1ae376
51 | sigmaZPrime.y = 3fac283aea3bafa7e2fad6be5b1c5d73eaf3f124b61798238821d522105e7240
52 | sigmaAPrime.x = b996532c03b84dd62ecfa0c7b727547da7a9ae57e3569b02ddfd7df387ab5f7
53 | sigmaAPrime.y = 656e9f3a767a5e2110be008486ce48f172b56e2a9f2fdb7c04897767f2efb650
54 | sigmaBPrime.x = 645f347236f647146849d7eb4efdb007375905d1e683a501ffa3a6b8da2c9e62
55 | sigmaBPrime.y = 26392ce44354f58cd4cea23f38ffa2629c5fbda17badd83451e90adbd4f14cd2
56 | sigmaCPrime = a730b280d18f1692080416fc2307c2c9249ec292d45a271a4e7877ce90ae8441
57 | sigmaC = 6602d40bdea67a94bb95f2783f72be88cedf87a368a3e0691be36e6bdaaff19e
58 | sigmaR = 6c518d4ad6b890f1d908a2cf7df692aba28f9fecbc33bc51fbaabcc5320a06f0
59 | sigmaRPrime = 94cf79155ad16947138ca8bdf00df96e0c3854f6e369dcaf75f886ae870dc43e
60 | D = 2,5
61 | U = 1,3,4
62 | m = 56657269666965725549442b72616e646f6d2064617461
63 | md = 446972656374206d657373616765
64 | w0 = ff2d539f7e303b4e4e6a84b75c6960a9bdfef79daf8787f25c8e50364fefff37
65 | wd = c6b6ee45c4c644386d66bbbcb2690111ed1f2b560b1f9f77a66143efe005fe5f
66 | wdPrime = 6b4df0a57a1be5f7babe3049ccca3ff38d3e4830c3a82ba617779f6283545768
67 | ad.x = 78bd51a0140fd5fe8a3a2595eef2e4218f79f18ae6038d773ecab77e3f062b1f
68 | ad.y = 186726bb4f17776863378338c194cbd8e219496a5c15d54f0286b2420a103ee3
69 | w1 = 675b5165785b96d23a349c4dee56abdb225061a1bcce9cc221498d037b827365
70 | w3 = 67c8e17079d97a31a876f58e0cdeb8c1cbc44033f3b5ab98bf8e432ece9356b8
71 | w4 = c136e526743a6148d530f946d90db64391cc37b7413f72b11d49b1eb954b6315
72 | a = e4b6d59f487cb2338549c604b193ee059dc308aef46461ea4a71381f95159476
73 | UIDt = f36a74544eccbdb26956fdf0222b9f9d57febe57d9d9c6f5da1cc68df61fd6e4
74 | cp = 28d347dd54ea3e12d430cd9253e9e8dea330cd6a99e63423c12fb82e7bfbc0b6
75 | c = 3729ce1feeb43b3651337ee583c0e5f9fb304a5e17c96b41acaaaa426faf6742
76 | r0 = 1368e5b7e3f49562bf50abd2fede997992366434af315ffeb2c9f32c00dc3806
77 | r1 = e1d179f720ec932769eb84654b0c2f21a02bf3ebb548ce347de6d9afaa00cac3
78 | r3 = cee6fc5284fb0c2152224fce4811ae764b93eaa693764fac398717ed01122ccd
79 | r4 = 52e348e696d1eadc32c9fb7bd18bea4f9b6ba2fb11ac9c2dc3f45d66b5ec9491
80 | rdPrime = 67ef212028d72f4b381c003dddf5af6833f05036eaa530cf859b98e031db4070
81 | rd = 2ea60f66ed9d7382a582bbfa905eb07a642880df4ead31c23843120d157e197e
82 |
--------------------------------------------------------------------------------
/docs/testvectors/testvectors_EC_Device_D0_lite_doc.txt:
--------------------------------------------------------------------------------
1 | U-Prove Cryptographic test vectors - V1.1 Revision 3
2 | UIDh = SHA-256
3 | UIDp = 56312e31205265766973696f6e20335465737420566563746f727320233136
4 | GroupName = 1.3.6.1.4.1.311.75.1.2.1
5 | y0 = a9a3ed8c5e6b767bef74851635770c2bca6b85044cb8bb6c8e38bf995d85260d
6 | g0.x = e47c4094e7d40a4163441f9d3453311726f73267cbc1f6cab0ed15ed55f16468
7 | g0.y = 6ccb863697759a2df3192300de744dc11ca55682bb6ea5c7c38aedcfce6a036c
8 | e1 = 01
9 | e2 = 01
10 | e3 = 01
11 | e4 = 00
12 | e5 = 00
13 | S = 49737375657220706172616d65746572732073706563696669636174696f6e
14 | A1 = 416c69636520536d697468
15 | A2 = 5741
16 | A3 = 313031302043727970746f20537472656574
17 | A4 = 01
18 | A5 = 499602d2
19 | TI = 546f6b656e20696e666f726d6174696f6e206669656c642076616c7565
20 | PI = 50726f76657220696e666f726d6174696f6e206669656c642076616c7565
21 | x1 = 3e4668267d6a6fe778ec3a189b384b44d029f3edc3532d618b88a729adaea673
22 | x2 = af93c647ca51d4c950a616f6aa4cca9c3995589b0710783c3e3a513caf244772
23 | x3 = 58f98bdb5985d501eac1de1057505c3782948c1b5949261d67cdeddf1bf49a5c
24 | x4 = 1
25 | x5 = 499602d2
26 | P = 05a48f93c8ad75b5f1e0035ea4e58368b82d0571f7887840ebd118fc1f02ba69
27 | xt = a7a0af689a260cea9786685cb55d6e3b69d6a6d09380dad5e08d66c925c304a
28 | xd = 6d227887737cd0299a985728849fee621a269d8917bdcef503116943e3f64a11
29 | hd.x = 793ebe3840a373eab3abb004aa3d613ff0c1a9e1621052f8c50f187e7b76edb
30 | hd.y = c1d952f2c5df767df26416eb584c64180d2a7f28368b91a2d90525bc46e5b9ee
31 | gamma.x = 1f8633a4f23ac96b170ca2ffa90252bcfd778fa4df657dc3f7692747368f9150
32 | gamma.y = f407e3801d900fb7b5d01477fa229b18f2a28e2979f13af410906c635605a279
33 | sigmaZ.x = d095661b068f5dda044a688c29b5a50ab79f696e7a69dc6d05448507c20e9b21
34 | sigmaZ.y = da847d6150bb22a77d1be76b7f7c807be036334c5082c72c2f9c935f22e80e13
35 | w = 3cfcba481a98c480a82119a13455b7ac1340483e0c8ff5f0e780fe25abdd1e6a
36 | sigmaA.x = f72d77452e09061e294c35f3418fc43ec02a872ca33619309449e1bdd12464c3
37 | sigmaA.y = 2de21acf28e94e4252a5516c3653cf839928ff17ac92d522598268b4de005aa8
38 | sigmaB.x = 476b7951b809d4ac7cb1746552ecf4260aeb28059c10b3a09b810f6f3690ac58
39 | sigmaB.y = e09f53a0dabbc60d0c83f0b889404c5fa3090a57093e27489490e38c86e0dc32
40 | alpha = 4e77da38bdc41131a7055c2b9f1a38388113851c3de701ad07c96099999ed4ca
41 | beta1 = 2af53bc7b7eee4f2f16970632c951cd48c5a49857022d66762c31f364779808
42 | beta2 = 309128f0c77bbd022435ed2650fa7a3d789351d4fa3c730082ed464e4dfbebb7
43 | h.x = 86c5bdc7f8e2919313f7a854bb260b46c15d08b29c064a2db5061444f304cb46
44 | h.y = ee9d5fbfc98c594d724a4456b8afcbb44fc4a814299ed8bade7a3c459ce288e0
45 | alphaInverse = 67a4db5df23079fa5baf6bf6d44c81dad661a0fb8a0432d3090c284fc209bc
46 | sigmaZPrime.x = caf41737e0448fbcf29db7d7931d6c743a9ad01e9cbb97e8c2cbbe6d588b0461
47 | sigmaZPrime.y = 5163b3854fe90eabb86a116fcf9318581c95d297378a00e7f1d58892e629c56c
48 | sigmaAPrime.x = 568c8e4e2dbefa000d3c8f3fc83cc1b67a321df06f5ddff3a8fe3c1917a4a922
49 | sigmaAPrime.y = c2130c8fc51fe00ff8feac66698f7e0aa4ad533528d6a476eab7fcb743d4380a
50 | sigmaBPrime.x = afc67daa1526bc24414aef61cdbac6844e0b2b44bacfe8aa5367325a34eb1cad
51 | sigmaBPrime.y = 8d381cdf17eaf2277fa4a80993731c6556c818cc7d04fe8d38fec21bb15a88bf
52 | sigmaCPrime = df85692f0da1957d4a4a81cbe92ee11960464513c7cdd263dbf38fd28afca9b0
53 | sigmaC = e234bceb892083cc796118d21bf832e6a90be9ac1ecfffca521fc1c5ef7441b8
54 | sigmaR = f61393c1d864efb31ccda13941eab27445998825c4810c4eb15b7718f8673075
55 | sigmaRPrime = 26a4bcb39fe0acb441038e5f92e52cb20145df4d17a5e0ca408ef2a449fff6db
56 | D =
57 | U = 1,2,3,4,5
58 | m = 56657269666965725549442b72616e646f6d2064617461
59 | md = 446972656374206d657373616765
60 | w0 = 7e8fd6a1a06106cd07a274211506157bb2f47bd026c30df41e286ed9346fb429
61 | wd = 4a35a8c124d99c178c84cc58c851eb7bd7ca9b58801a90ba81e28278f32c9898
62 | wdPrime = ed4bd7df5e5457d9576344a2f7b52bcd3df20269d35ba930a5ed3f4156242460
63 | ad.x = b5df4d237dd5721a04ba66a44344b4cbf9dbb7ddc35d900dfdd49cd92f293e97
64 | ad.y = b17449b47a710edef95459a47b6da2bc2d3ae42d46592347ed0ea97de04eab31
65 | w1 = eb346a7d790c1d8373c2001cd6eec3cbb6b53b002a2ec491a1a73a7114158233
66 | w2 = 3fe3b6c34aae5331d57ff6105a8c59b62a748aa1e82336bd6fd9dbd2d2ac6e5d
67 | w3 = 40cddcf238ff8007610a2baa38b336154d8346a08be04a1cadf95371d3805e29
68 | w4 = 1099d08db0677e2af3823fdef88b85bca2c6854e65ced25f82c0453eac0f34e0
69 | w5 = ab029a9fe3a864e6051cac08a06c24217497ce0dfb10c341c6700bf0213f7de3
70 | a = a17a7b8cc1f2b35ac463b8c48a1bf8f7054b20d9949d7a7fa1944b1ab915d604
71 | UIDt = 0761fde29f4a952e5b1bbc438fe627152547fcd0c0288a6dafcf6fd34ed3a61c
72 | cp = 87a18b77183fc93af71ddae2cf47024bb4ca6f7d2f97458d14f27c195c4a029b
73 | c = e358fe0096c14f18990f9959b802ea3e12a70e51f764878bca85728ccd93bd71
74 | r0 = 88f8c3b4f03053c949506deb3d2d903b698d818fbc25b31436da422da10f3a90
75 | r1 = 4ec93fcaadea0bfd0eb9e7a8a07713826a61c8d9d5b5eec569847dfe59b71bf9
76 | r2 = 8f88d3364f9333203ce810b7bf08a14bea882facb80236c9ea299562c0897d85
77 | r3 = 2cca41103879cbed1e547552cd2a56271fe19866ebf24e0c4db65cb8b21f1c84
78 | r4 = 2d40d28c19a62f135a72a68540889b7e4d0671aa1581e958abf49d74dade9cc0
79 | r5 = 39572f109bc1c8bbe713867ea36219ed21884038029283456984b042a0928885
80 | rdPrime = ed73e4d3d8fbf8aabe996a3bb2474f373ea93747e46d4f046ebae6430040b330
81 | rd = 37a98d95fdd594c14b1e36947a993ab3598cd7f2bd704139fce39df8f70a2677
82 |
--------------------------------------------------------------------------------
/ThirdParty/BouncyCastle/bc-trimmed/multiplier/WNafL2RMultiplier.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // This file was imported from the C# Bouncy Castle project. Original license header is retained:
4 | //
5 | //
6 | // License
7 | // Copyright (c) 2000-2014 The Legion of the Bouncy Castle Inc. (http://www.bouncycastle.org)
8 | //
9 | // Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
10 | //
11 | // The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
12 | //
13 | // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
14 | //
15 | //*********************************************************
16 |
17 | using System;
18 |
19 | namespace BouncyCastle
20 | {
21 | /**
22 | * Class implementing the WNAF (Window Non-Adjacent Form) multiplication
23 | * algorithm.
24 | */
25 | public class WNafL2RMultiplier
26 | : AbstractECMultiplier
27 | {
28 | /**
29 | * Multiplies this by an integer k using the
30 | * Window NAF method.
31 | * @param k The integer by which this is multiplied.
32 | * @return A new ECPoint which equals this
33 | * multiplied by k.
34 | */
35 | protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k)
36 | {
37 | // Clamp the window width in the range [2, 16]
38 | int width = System.Math.Max(2, System.Math.Min(16, GetWindowSize(k.BitLength)));
39 |
40 | WNafPreCompInfo wnafPreCompInfo = WNafUtilities.Precompute(p, width, true);
41 | ECPoint[] preComp = wnafPreCompInfo.PreComp;
42 | ECPoint[] preCompNeg = wnafPreCompInfo.PreCompNeg;
43 |
44 | int[] wnaf = WNafUtilities.GenerateCompactWindowNaf(width, k);
45 |
46 | ECPoint R = p.Curve.Infinity;
47 |
48 | int i = wnaf.Length;
49 |
50 | /*
51 | * NOTE: We try to optimize the first window using the precomputed points to substitute an
52 | * addition for 2 or more doublings.
53 | */
54 | if (i > 1)
55 | {
56 | int wi = wnaf[--i];
57 | int digit = wi >> 16, zeroes = wi & 0xFFFF;
58 |
59 | int n = System.Math.Abs(digit);
60 | ECPoint[] table = digit < 0 ? preCompNeg : preComp;
61 |
62 | // Optimization can only be used for values in the lower half of the table
63 | if ((n << 2) < (1 << width))
64 | {
65 | int highest = BigInteger.BitLengthTable[n];
66 |
67 | // TODO Get addition/doubling cost ratio from curve and compare to 'scale' to see if worth substituting?
68 | int scale = width - highest;
69 | int lowBits = n ^ (1 << (highest - 1));
70 |
71 | int i1 = ((1 << (width - 1)) - 1);
72 | int i2 = (lowBits << scale) + 1;
73 | R = table[i1 >> 1].Add(table[i2 >> 1]);
74 |
75 | zeroes -= scale;
76 |
77 | //Console.WriteLine("Optimized: 2^" + scale + " * " + n + " = " + i1 + " + " + i2);
78 | }
79 | else
80 | {
81 | R = table[n >> 1];
82 | }
83 |
84 | R = R.TimesPow2(zeroes);
85 | }
86 |
87 | while (i > 0)
88 | {
89 | int wi = wnaf[--i];
90 | int digit = wi >> 16, zeroes = wi & 0xFFFF;
91 |
92 | int n = System.Math.Abs(digit);
93 | ECPoint[] table = digit < 0 ? preCompNeg : preComp;
94 | ECPoint r = table[n >> 1];
95 |
96 | R = R.TwicePlus(r);
97 | R = R.TimesPow2(zeroes);
98 | }
99 |
100 | return R;
101 | }
102 |
103 | /**
104 | * Determine window width to use for a scalar multiplication of the given size.
105 | *
106 | * @param bits the bit-length of the scalar to multiply by
107 | * @return the window size to use
108 | */
109 | protected virtual int GetWindowSize(int bits)
110 | {
111 | return WNafUtilities.GetWindowSize(bits);
112 | }
113 | }
114 | }
115 |
--------------------------------------------------------------------------------
/UProveUnitTest/TestVectorData/testvectors_EC_Device_D0_lite_doc.txt:
--------------------------------------------------------------------------------
1 | // U-Prove Cryptographic test vectors - V1.1 Revision 3
2 | // The following prefixes identify values for U-Prove extensions:
3 | // * 'ie_': identity escrow extension - draft revision 1
4 | // * 'r_': designated-verifier accumulator revocation extension - draft revision 2
5 | // * 'sm_': set membership extension - draft revision 1
6 | UIDh = SHA-256
7 | UIDp = 56312e31205265766973696f6e20335465737420566563746f727320233136
8 | GroupName = 1.3.6.1.4.1.311.75.1.2.1
9 | y0 = f3003d14cc87f431d23a56545d2c47dc7671ae281b5e1ab099a44e8877a6b74f
10 | g0.x = e0198129a1fdf1e45af0d133b6499acdbd4cb87bc672510c6902ebbb293dd680
11 | g0.y = 29116f6d112650c1677d7238c92ecfeffa40b604ec9f1a19286877a19e9ee400
12 | e1 = 00
13 | e2 = 01
14 | e3 = 01
15 | e4 = 00
16 | e5 = 00
17 | S = 49737375657220706172616d65746572732073706563696669636174696f6e
18 | A1 = 499602d2
19 | A2 = 416c69636520536d697468
20 | A3 = 555341
21 | A4 = 02
22 | A5 = 19
23 | TI = 546f6b656e20696e666f726d6174696f6e206669656c642076616c7565
24 | PI = 50726f76657220696e666f726d6174696f6e206669656c642076616c7565
25 | x1 = 499602d2
26 | x2 = 3e4668267d6a6fe778ec3a189b384b44d029f3edc3532d618b88a729adaea673
27 | x3 = 6ea19dcd4945a99795edb377600622d522b2e1986265efc569186ad3326c7427
28 | x4 = 2
29 | x5 = 19
30 | P = 05570eb875b9b8b8127f60a826b7cac4c8a8823b88d4723ef3c6cf4ee7688a62
31 | xt = 51e8d052a529caa290720b66bd0d1f0eb0db441053d164f6045d0e45702b2ff8
32 | xd = 6d227887737cd0299a985728849fee621a269d8917bdcef503116943e3f64a11
33 | hd.x = 793ebe3840a373eab3abb004aa3d613ff0c1a9e1621052f8c50f187e7b76edb
34 | hd.y = c1d952f2c5df767df26416eb584c64180d2a7f28368b91a2d90525bc46e5b9ee
35 | gamma.x = a20eaf59178e84ac1215f2c765b52533b4eaa7bef1592bac1281b3bf5c369ca
36 | gamma.y = 4d9048d9fad1522555ae1dbc034a4c26ef691bae9c57e37ca139a2e17f8265fc
37 | sigmaZ.x = e73da43ee94fda9d26a96b1927710f980eb551939a5fa3d8f8ae97966851053e
38 | sigmaZ.y = 20a2418d052ba7d360aa5ce99653b20b728f55907fea5559062aca435a294fe6
39 | w = 3e872bd73e5dbc7c28e5169fd601da19e2ca97ca7545a095e58c7b27386cba2b
40 | sigmaA.x = 66087a3dc09dff096f93c50225f478427b69f0617f5746f08ab0145a31a8b202
41 | sigmaA.y = ce4264f7720f3ab9e16e293ec320794ac2681a9cfb035e803d51370ce5a8147d
42 | sigmaB.x = ee703cabc309f3cf5b7fe01489b4bee1af1ff9dd5507d160e7377512371b891e
43 | sigmaB.y = aaa446d658a01ce90c35e4fdde9856c84a63c454f226f531344d0435a8ab8af9
44 | alpha = 830615d601709e19b5320035477bda97c934a5ad0eecdaf9e695f1b1e29443bb
45 | beta1 = 2bea1bd0eb0418722c7e1543446b4d6ab2e35e04c60c1c962c1cef6b7fec3621
46 | beta2 = ee440a5c5f09acc51c338190d797b47b4887fffe363ff51ece84a3cf14adf33f
47 | h.x = 7a1fa2b675f52476a084d911d440b7eae851217cc03e545b68941469d74ffa0a
48 | h.y = 7d707d355b56a00685317e9086b793a2b357fb00679311928e260464e8716d40
49 | alphaInverse = 78f9f0a6411e132f31a34d6f2ad1463f232d60148d81a7bebe81511e0f591d3b
50 | sigmaZPrime.x = f8d1c2d9489aaffa1e8b3c14e1952637d03851fd09a8ae5c39c5465f13b3f256
51 | sigmaZPrime.y = 60c5169177e590e741e5509456dde333a841eba313f78aaf7df0330467ece088
52 | sigmaAPrime.x = bbeb709dd2f2279a2f733c28a0cde96211358df754933d74c5d735d877860e99
53 | sigmaAPrime.y = 2b9c665c0676706338d5f6e0d2b6bf67f9628fa1e8d941f28dcf21935fe1a08
54 | sigmaBPrime.x = 7ba32b29689289d04b87c0411f94b4dff0b992bcffac4f0de271b79835b1e98
55 | sigmaBPrime.y = b8cf439c32ce877f071b6ba70f627fbca6c8a18a55a61a4a4944e6e6eebf4ae0
56 | sigmaCPrime = c080ea7177924e71473f924a65808fa8bb1f5b538f2aa5afaa84fb0522e9f69
57 | sigmaC = 37f22a78027d3d5940f20e67eac356653e9553b9fefec6f126c53f1bd21ad58a
58 | sigmaR = 18ecf9bd07206050d5f2f9501f6e47414ad2db0f485eaf5b892ccaf5d2fccafe
59 | sigmaRPrime = 731041a662a0d14f2267ae0f705fbbcd673e05fd78705f563f7a401eb4798ec
60 | D =
61 | U = 1,2,3,4,5
62 | m = 56657269666965725549442b72616e646f6d2064617461
63 | md = 446972656374206d657373616765
64 | w0 = 47f3540061f10aa83798e7938b8cbf95677423f7ec38ebaf4feb8edb66dcb16e
65 | wd = 404148e342b41a567c57c69d57629341c50e679f8afb530f07a4b075632f425a
66 | wdPrime = e779524a43db52b35acc7b95714e58ec584c16587511e444ed39dc9e03a4f34d
67 | ad.x = febeadd354e0da7975b834fc4f5711bad612887cc7f26d5d24cb114e2f3c0516
68 | ad.y = 212aef20adabe37d1f905706c496cefeeace1f2648f296ea62cea0d706b6625e
69 | w1 = 156bb5dd0f48fee9bbb345bd80bd9db94bc41d1619e9e5d6940e5c09ffb4b0b6
70 | w2 = d82d8006987add0f4e2c9cc1cc26c4309c22523f86dd342b86df4801ebf4e907
71 | w3 = 38ee5523d9620d1e70dc7ec4d23096e492c6ddd61702ffbf95580b931db245a
72 | w4 = 4395be3d4171f205018158781547dd62d5dab8be860ca5925fe959e716679f0b
73 | w5 = e96da9b865cc2dd73967dbe018b6e6b1771de3572365d336ef2bdd58180aef99
74 | a = f0874d7d1f8ed9ed35adcec7b39d32ec3c95ad203a3063ff312ceb4814a38aa1
75 | UIDt = bd91329357098ff0dd8ea123959281eea6866c50c3477ff7f6d0cf080e24289c
76 | cp = ea38add7ac11759b1fa67b87463780a52725308d9b054c2400c7485ff07b1563
77 | c = a519e4bb5f5d23322eeda87f8b6f8c18ddcbf69325ba13a1a7cb69edcc1fe33f
78 | r0 = 2a0c1cbe486d2f6bfee1c62daff4ed342bae0ce24cb190add858065026782ecd
79 | r1 = cef40c965b47984c47ef8bb705e315a6de6e73e18da9862a330df33e1a6063c0
80 | r2 = b37db69ee2c8864965c6f516f48e591810a909eb84b1b6e2365fa0d88e583662
81 | r3 = 3144d3b829272013a551800c5293cfb76e83e957ae9d540c729572e838f1bbb8
82 | r4 = f961f4c482b7aba2a3a60778fe68c5309410c0f388c7bb58f7c61b9176ee232f
83 | r5 = c9e6535c15b3be00a432676b7ad2383f9ca279d2e5b3d0bcc7eb314eef201382
84 | rdPrime = 906e8c8cfa2a393b47b67d9940c74863403c2bbcfb242f1b75f70407bd1e1ff5
85 | rd = d0afd5703cde5391c40e44369829dba5054a935c861f822a7d9bb47d204d624f
86 |
--------------------------------------------------------------------------------
/UProveUnitTest/RandomNumberGeneratorTest.cs:
--------------------------------------------------------------------------------
1 | //*********************************************************
2 | //
3 | // Copyright (c) Microsoft. All rights reserved.
4 | // This code is licensed under the Apache License
5 | // Version 2.0.
6 | //
7 | // THIS CODE IS PROVIDED *AS IS* WITHOUT WARRANTY OF
8 | // ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY
9 | // IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR
10 | // PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
11 | //
12 | //*********************************************************
13 |
14 | using Microsoft.VisualStudio.TestTools.UnitTesting;
15 | using System;
16 | using System.Collections.Generic;
17 | using UProveCrypto.Math;
18 |
19 | namespace UProveUnitTest
20 | {
21 | ///
22 | ///This is a test class for RandomNumberGeneratorTest and is intended
23 | ///to contain all RandomNumberGeneratorTest Unit Tests
24 | ///
25 | [TestClass()]
26 | public class RandomNumberGeneratorTest
27 | {
28 |
29 |
30 | private TestContext testContextInstance;
31 |
32 | ///
33 | ///Gets or sets the test context which provides
34 | ///information about and functionality for the current test run.
35 | ///
36 | public TestContext TestContext
37 | {
38 | get
39 | {
40 | return testContextInstance;
41 | }
42 | set
43 | {
44 | testContextInstance = value;
45 | }
46 | }
47 |
48 | #region Additional test attributes
49 | //
50 | //You can use the following additional attributes as you write your tests:
51 | //
52 | //Use ClassInitialize to run code before running the first test in the class
53 | //[ClassInitialize()]
54 | //public static void MyClassInitialize(TestContext testContext)
55 | //{
56 | //}
57 | //
58 | //Use ClassCleanup to run code after all tests in a class have run
59 | //[ClassCleanup()]
60 | //public static void MyClassCleanup()
61 | //{
62 | //}
63 | //
64 | //Use TestInitialize to run code before running each test
65 | //[TestInitialize()]
66 | //public void MyTestInitialize()
67 | //{
68 | //}
69 | //
70 | //Use TestCleanup to run code after each test has run
71 | //[TestCleanup()]
72 | //public void MyTestCleanup()
73 | //{
74 | //}
75 | //
76 | #endregion
77 |
78 | //private void CheckArray(BigInteger[] a, BigInteger expected)
79 | //{
80 | // foreach (BigInteger i in a)
81 | // {
82 | // Assert.AreEqual(i, expected);
83 | // }
84 | //}
85 |
86 | ///
87 | ///A test for GetRandomValue
88 | ///
89 | [TestMethod()]
90 | public void GetRandomValueTest()
91 | {
92 | RandomElementTest(1, false, true); // cant force non-zero here b/c 0 is the only el
93 | RandomElementTest(2, true, true);
94 | RandomElementTest(2, false, true);
95 | RandomElementTest(5, true, true);
96 | RandomElementTest(5, false, true);
97 | RandomElementTest(631, true, true);
98 | RandomElementTest(631, false, true);
99 | }
100 |
101 | private void RandomElementTest(int fieldSize, bool nonZero, bool checkDistribution)
102 | {
103 | byte[] modulusBytes = BitConverter.GetBytes(fieldSize);
104 | Array.Reverse(modulusBytes); // need big endian
105 | FieldZq field = FieldZq.CreateFieldZq(modulusBytes);
106 |
107 | Dictionary counts = new Dictionary();
108 |
109 | int rangeSize = (nonZero) ? fieldSize - 1 : fieldSize;
110 | int iters = (checkDistribution) ? 1000 * rangeSize : 5 * rangeSize;
111 |
112 | for (int i = 0; i < iters; i++)
113 | {
114 | FieldZqElement el = field.GetRandomElement(nonZero);
115 |
116 | if (counts.ContainsKey(el))
117 | {
118 | int val = counts[el];
119 | val++;
120 | counts.Remove(el);
121 | counts.Add(el, val);
122 | }
123 | else
124 | {
125 | counts.Add(el, 1);
126 | }
127 |
128 | if (nonZero)
129 | {
130 | Assert.AreNotEqual(el, field.Zero);
131 | }
132 | }
133 |
134 | double expectedHitRate = 1.0f / (double)rangeSize;
135 | double errorMargin = .3 * expectedHitRate;
136 |
137 | foreach (KeyValuePair kvp in counts)
138 | {
139 | double hitRate = (double)kvp.Value / (double)iters;
140 |
141 | if (Math.Abs(hitRate - expectedHitRate) > errorMargin)
142 | {
143 | Assert.Fail("Random number generator did not produce a good distribution");
144 | }
145 | }
146 | }
147 | }
148 | }
149 |
--------------------------------------------------------------------------------
/UProveUnitTest/TestVectorData/testvectors_EC_Device_D5_doc.txt:
--------------------------------------------------------------------------------
1 | // U-Prove Cryptographic test vectors - V1.1 Revision 3
2 | // The following prefixes identify values for U-Prove extensions:
3 | // * 'ie_': identity escrow extension - draft revision 1
4 | // * 'r_': designated-verifier accumulator revocation extension - draft revision 2
5 | // * 'sm_': set membership extension - draft revision 1
6 | UIDh = SHA-256
7 | UIDp = 56312e31205265766973696f6e20335465737420566563746f727320233135
8 | GroupName = 1.3.6.1.4.1.311.75.1.2.1
9 | y0 = dae4fad5a882e769932fcda5e2c2d63ce0ec8ad75016f5e63e9f75f41cb68dd9
10 | g0.x = 5094a5280121aee723a8e8f4fa7c14f330f92298ebf63c6c7f39b45191ca3f14
11 | g0.y = fff92de5a01c311742feab3d355e6fce3fd7dc61cf79200d63fd23023d417d63
12 | e1 = 00
13 | e2 = 01
14 | e3 = 01
15 | e4 = 00
16 | e5 = 00
17 | S = 49737375657220706172616d65746572732073706563696669636174696f6e
18 | ie_x = 309e640ca22a3e62f33f8304dde0d78923712c986ddc8dc3ef1396090cf34ddc
19 | ie_H.x = 3ca37fe8394ffdc3fd5c6de8ec53e010ad8a42a315f3d66b12ddf63685ac8bfe
20 | ie_H.y = 73e89c5faf3f00eebe460f102ab8addb55053ecf6786236c037b812c36d262b4
21 | ie_additionalInfo = 494420457363726f7720706f6c696379
22 | r_delta = a1f475435dca9ab6ae28e31093f0095ec8ecd0aa89f56b5410a01d8e93355500
23 | r_K.x = c2586dbf92621ce1abf8e1c207c2c3536dd7601731f7bb1b5ca4e4bc1d557892
24 | r_K.y = e2eabd1cec6da5810f6b0b20e0541a6c591a2f1f361e2432d43e96c712a2a214
25 | r_R1 = f2a663e86a932b59d676e944f87d30fe0a38402022a252ab892133bdac0c2279
26 | r_R2 = d3e31eec8c20f335c177d4130b265b93701e835bf434dd4f53b75f49606dacca
27 | r_R3 = 537071155e4372e9450b5fabce3f9f62c59f4d8e88c7859f06cf99d5c1a9d553
28 | r_R4 = cb09c09bb546352cac9915e8d531801417fc84c0201d428bebd20e8faa9c289b
29 | r_V.x = 324ab0b3bb64d7c3bc384a7ef124e2c45839652423c925515ad798fecdc802ff
30 | r_V.y = d6ad9b1a6a0440dbe3b74bf03389627fd089c03145fcf925ced7435c69bebb5
31 | A1 = 499602d2
32 | A2 = 416c69636520536d697468
33 | A3 = 555341
34 | A4 = 02
35 | A5 = 19
36 | TI = 546f6b656e20696e666f726d6174696f6e206669656c642076616c7565
37 | PI = 50726f76657220696e666f726d6174696f6e206669656c642076616c7565
38 | x1 = 499602d2
39 | x2 = 3e4668267d6a6fe778ec3a189b384b44d029f3edc3532d618b88a729adaea673
40 | x3 = 6ea19dcd4945a99795edb377600622d522b2e1986265efc569186ad3326c7427
41 | x4 = 2
42 | x5 = 19
43 | P = 407fe414f05a2017f574004000a9c605f81d8ddfef67e611ff4508a778fe3a91
44 | xt = 3231d7e5ef84c4b5168dec23de72cb0f808cbd8c4c1557d08ce56af7e0a11179
45 | xd = 6d227887737cd0299a985728849fee621a269d8917bdcef503116943e3f64a11
46 | hd.x = 793ebe3840a373eab3abb004aa3d613ff0c1a9e1621052f8c50f187e7b76edb
47 | hd.y = c1d952f2c5df767df26416eb584c64180d2a7f28368b91a2d90525bc46e5b9ee
48 | gamma.x = aaeca8959cb600d208e2c007740b65679456a18b4fa430cb961b236be2a7513e
49 | gamma.y = c1d77f0e701ad99b6358a197e94b7c39361fd85d08ee44525fa5f83d71bd72b5
50 | sigmaZ.x = 6d8123884c46f54fd911c8e66cf3d83c8ab0e3264be4f5de5202311c8ef3595c
51 | sigmaZ.y = b1911b652c1156adba0cf820009d172c0ab7d6ca819bc3d7d6907377cbb67331
52 | w = 360cdfc47f04ad7e6a20e2eeb19cc9d44e84bdc4251432adc734b0e338a5820f
53 | sigmaA.x = 5184de704d72723080527cae50e353d9fa4da434416cc046d86e180a1b305aba
54 | sigmaA.y = 74e6bca19a65215b7167f829e63db206d1dfd3d51959f59273397fc6c34041d0
55 | sigmaB.x = b1bb2836a6891f2798eb34c1fccbcda30d3caeac8e9b420ff88f7ce77f30f73c
56 | sigmaB.y = 9b08ca53b32b4bf2aed1e14506671560293e506bd8ba96ea38674d52ece5245
57 | alpha = 717ab1c952bb95134f0556ff3b54da4e083a4025df637622d931fd4a54c946c4
58 | beta1 = 9ed37c37ea008292efaa741fbe3272725961dbfd645c300d038fef20be4abf85
59 | beta2 = bf916167d7a36307b8ae3634ee5763a6bf8af1f2ee495f41a36f335a1161d4a4
60 | h.x = 8f4ce06aeb78012bd074cbe506d63afd8aa57238d392d8a4019109cfb76679aa
61 | h.y = 3d23e8e2c70934c18e4488c9fa4ed8ea0f5868dbbb04f4fff53b5d33c2f4bc18
62 | alphaInverse = 28244006acc1bf049bda74b2316a60c2c744c1a7c9ad8b84d79e005b8c595da3
63 | sigmaZPrime.x = e955cedd5381875112d1ae12e8034371bcb19a2a90ec3f0394062c23602ced5e
64 | sigmaZPrime.y = bf024e6e6e636a016f99feb9ae0783fd62239f28066124992db99845a6e3bf1b
65 | sigmaAPrime.x = 8e11f1f4f32aea9916588e69c5288e672b627374362ef1061f0cb7b21ab3d734
66 | sigmaAPrime.y = 26ff40731fe78cc5ef080ad63f8bea86d5b592ed891ddd3ffb663c77643c9cb5
67 | sigmaBPrime.x = 5d171221921c33e4f874ce33576d2548352e3d286c9a16f61492ee9e30ba7fa9
68 | sigmaBPrime.y = 80083550f6bbade56d0df9ba26d4489b403209a3cb07626a219423fd9640b391
69 | sigmaCPrime = 29af05640a6ab1adc897a13c19f9f1f833ace230240d61f49c547e268ae9db2b
70 | sigmaC = c882819bf46b3440b842155bd82c646a8d0ebe2d886992019fe46d4749349ab0
71 | sigmaR = 4dfd69146d6d1474f09a8f8e9853123baf1e8a18ea979f812227a82b91af9e33
72 | sigmaRPrime = d8eca7d4510777ba948c5c386aa75e2b1c2815e31c9603dd1dd10c2a6ae4d86
73 | D = 1,2,3,4,5
74 | U =
75 | m = 56657269666965725549442b72616e646f6d2064617461
76 | md = 446972656374206d657373616765
77 | w0 = ebef5f2cd10a9bb6fdd345b626fb1eac2b48613359cc9676311fc4686f08f556
78 | wd = d99149fff737d5b4ef3af51b03a91ba750862fc800a14b1e58e9fab1463346f4
79 | wdPrime = ddeedc94b21eb4f472ac431ed77b7288031d17e8d92c5538462aa70e3c236ebc
80 | ad.x = cac3447b50a25958c257e62eb45dc2c60c6693118d3c4e128e2fccbbd8aa1742
81 | ad.y = 6032a22204d378e201d6178baee82306c34027240779c1876d9473ffea9110b5
82 | a = c59f993e59152432f5902dfbdb0aead53f177895fd02f65f5aa1b596c08cbcbf
83 | UIDt = 4bd5c24ea1f1c11b7a7bc8b7d8eed6d6395f9a097a7643e8138ff5fe85601ff5
84 | cp = de2982fb1e76308f19c9653395b667b833d78f7e74b21e672f82599f643a1a2a
85 | c = a3a2762b38d0587d4adfd4dfeb4c6268005f727f9e58d2a062c872697933086b
86 | r0 = 5977481035c86225a0396a8fe69736fca5101d919098c57d0e081f3955038d98
87 | rdPrime = 8f25e05c944320e3634eafb2f90196a9aa02f07e5916ae4211ba148d6a7f07d8
88 | rd = 68b72a5d8b7af6975289a4cdfcaab2513da22598b2a05adb76ea447bb44f297b
89 |
--------------------------------------------------------------------------------