/* Functions to support M-Pin Full */
public static int PRECOMPUTE(sbyte[] TOKEN, sbyte[] CID, sbyte[] G1, sbyte[] G2)
{
ECP P, T;
FP12 g;
T = ECP.fromBytes(TOKEN);
if (T.is_infinity())
{
return(INVALID_POINT);
}
P = mapit(CID);
ECP2 Q = new ECP2(new FP2(new BIG(ROM.CURVE_Pxa), new BIG(ROM.CURVE_Pxb)), new FP2(new BIG(ROM.CURVE_Pya), new BIG(ROM.CURVE_Pyb)));
g = PAIR.ate(Q, T);
g = PAIR.fexp(g);
g.toBytes(G1);
g = PAIR.ate(Q, P);
g = PAIR.fexp(g);
g.toBytes(G2);
return(0);
}
/* calculate common key on server side */
/* Z=r.A - no time permits involved */
public static int SERVER_KEY(sbyte[] Z, sbyte[] SST, sbyte[] W, sbyte[] xID, sbyte[] xCID, sbyte[] SK)
{
HASH H = new HASH();
sbyte[] t = new sbyte[EFS];
ECP2 sQ = ECP2.fromBytes(SST);
if (sQ.is_infinity())
{
return(INVALID_POINT);
}
ECP R = ECP.fromBytes(Z);
if (R.is_infinity())
{
return(INVALID_POINT);
}
ECP U;
if (xCID != null)
{
U = ECP.fromBytes(xCID);
}
else
{
U = ECP.fromBytes(xID);
}
if (U.is_infinity())
{
return(INVALID_POINT);
}
BIG w = BIG.fromBytes(W);
U = PAIR.G1mul(U, w);
FP12 g = PAIR.ate(sQ, R);
g = PAIR.fexp(g);
FP4 c = g.trace();
c.geta().A.toBytes(t);
H.process_array(t);
c.geta().B.toBytes(t);
H.process_array(t);
c.getb().A.toBytes(t);
H.process_array(t);
c.getb().B.toBytes(t);
H.process_array(t);
U.X.toBytes(t);
H.process_array(t);
U.Y.toBytes(t);
H.process_array(t);
t = H.hash();
for (int i = 0; i < PAS; i++)
{
SK[i] = t[i];
}
return(0);
}
/* Implement step 2 of MPin protocol on server side */
public static int SERVER_2(int date, sbyte[] HID, sbyte[] HTID, sbyte[] Y, sbyte[] SST, sbyte[] xID, sbyte[] xCID, sbyte[] mSEC, sbyte[] E, sbyte[] F)
{
BIG q = new BIG(ROM.Modulus);
ECP2 Q = new ECP2(new FP2(new BIG(ROM.CURVE_Pxa), new BIG(ROM.CURVE_Pxb)), new FP2(new BIG(ROM.CURVE_Pya), new BIG(ROM.CURVE_Pyb)));
ECP2 sQ = ECP2.fromBytes(SST);
if (sQ.is_infinity())
{
return(INVALID_POINT);
}
ECP R;
if (date != 0)
{
R = ECP.fromBytes(xCID);
}
else
{
if (xID == null)
{
return(BAD_PARAMS);
}
R = ECP.fromBytes(xID);
}
if (R.is_infinity())
{
return(INVALID_POINT);
}
BIG y = BIG.fromBytes(Y);
ECP P;
if (date != 0)
{
P = ECP.fromBytes(HTID);
}
else
{
if (HID == null)
{
return(BAD_PARAMS);
}
P = ECP.fromBytes(HID);
}
if (P.is_infinity())
{
return(INVALID_POINT);
}
P = PAIR.G1mul(P, y);
P.add(R);
R = ECP.fromBytes(mSEC);
if (R.is_infinity())
{
return(INVALID_POINT);
}
FP12 g;
// FP12 g1=new FP12(0);
g = PAIR.ate2(Q, R, sQ, P);
g = PAIR.fexp(g);
if (!g.isunity())
{
if (HID != null && xID != null && E != null && F != null)
{
g.toBytes(E);
if (date != 0)
{
P = ECP.fromBytes(HID);
if (P.is_infinity())
{
return(INVALID_POINT);
}
R = ECP.fromBytes(xID);
if (R.is_infinity())
{
return(INVALID_POINT);
}
P = PAIR.G1mul(P, y);
P.add(R);
}
g = PAIR.ate(Q, P);
g = PAIR.fexp(g);
g.toBytes(F);
}
return(BAD_PIN);
}
return(0);
}