private void IsValid() { // test valid key pairs NtruSign ntru = null; SignatureKeyPair kp = null; SignatureParameters[] paramSets = new SignatureParameters[] { SignatureParameters.TEST157, SignatureParameters.TEST157_PROD }; foreach (SignatureParameters param in paramSets) { ntru = new NtruSign(param); kp = ntru.generateKeyPair(); Assert.True(kp.isValid()); } // test an invalid key pair int q = kp.pub.q; kp.pub.h.Multiply(101); // make h invalid kp.pub.h.ModPositive(q); Assert.False(kp.isValid()); int inv101 = IntEuclidean.Calculate(101, q).X; kp.pub.h.Multiply(inv101); // restore h kp.pub.h.ModPositive(q); IntegerPolynomial f = kp.priv.getBasis(0).f.ToIntegerPolynomial(); f.Multiply(3); // make f invalid kp.priv.getBasis(0).f = f; Assert.False(kp.isValid()); }
private void LoadSave(SignatureParameters param) { MemoryStream os = new MemoryStream(); param.writeTo(os); MemoryStream ins = new MemoryStream(os.ToArray()); Assert.Equals(param, new SignatureParameters(ins)); }
/** * Constructs a private key that contains no bases */ public SignaturePrivateKey(SignatureParameters param) { N = param.N; q = param.q; sparse = param.sparse; polyType = param.polyType; basisType = param.basisType; keyNormBoundSq = param.keyNormBoundSq; bases = new List <Basis>(); }
/** * Constructs a private key that contains no bases */ public SignaturePrivateKey(SignatureParameters param) { N = param.N; q = param.q; sparse = param.sparse; polyType = param.polyType; basisType = param.basisType; keyNormBoundSq = param.keyNormBoundSq; bases = new List<Basis>(); }
private void CreateBasis(SignatureParameters param) { NtruSign ntru = new NtruSign(param); FGBasis basis = (FGBasis)ntru.generateBoundedBasis(); Assert.True(EqualsQ(basis.f, basis.fPrime, basis.F, basis.G, param.q, param.N)); // test KeyGenAlg.FLOAT (default=RESULTANT) param.keyGenAlg = KeyGenAlg.FLOAT; ntru = new NtruSign(param); basis = (FGBasis)ntru.generateBoundedBasis(); Assert.True(EqualsQ(basis.f, basis.fPrime, basis.F, basis.G, param.q, param.N)); }
private void EqualsHashCode(SignatureParameters param) { MemoryStream os = new MemoryStream(); param.writeTo(os); MemoryStream ins = new MemoryStream(os.ToArray()); SignatureParameters params2 = new SignatureParameters(ins); Assert.Equals(param, params2); Assert.Equals(param.GetHashCode(), params2.GetHashCode()); param.N += 1; Assert.False(param.Equals(params2)); Assert.False(param.Equals(params2)); Assert.False(param.GetHashCode() == params2.GetHashCode()); }
private void Encode(SignatureParameters param) { NtruSign ntru = new NtruSign(param); SignatureKeyPair kp = ntru.generateKeyPair(); // encode to byte[] and reconstruct byte[] pub = kp.pub.getEncoded(); byte[] priv = kp.priv.getEncoded(); SignatureKeyPair kp2 = new SignatureKeyPair(new SignaturePrivateKey(priv), new SignaturePublicKey(pub)); Assert.Equals(kp.pub, kp2.pub); Assert.Equals(kp.priv, kp2.priv); // encode to OutputStream and reconstruct MemoryStream bos1 = new MemoryStream(); MemoryStream bos2 = new MemoryStream(); kp.priv.writeTo(bos1); kp.pub.writeTo(bos2); MemoryStream bis1 = new MemoryStream(bos1.ToArray()); MemoryStream bis2 = new MemoryStream(bos2.ToArray()); SignatureKeyPair kp3 = new SignatureKeyPair(new SignaturePrivateKey(bis1), new SignaturePublicKey(bis2)); Assert.Equals(kp.pub, kp3.pub); Assert.Equals(kp.priv, kp3.priv); // Assert.assertNull(kp3.priv.getBasis(0).h); ToDo: why? }
private void GetOutputLength() { SignatureParameters[] paramSets = new SignatureParameters[] { SignatureParameters.TEST157, SignatureParameters.TEST157_PROD, SignatureParameters.APR2011_439_PROD }; byte[] msg = ArrayUtils.ToBytes("test message 12345"); foreach (SignatureParameters param in paramSets) { NtruSign ntru = new NtruSign(param); SignatureKeyPair kp = ntru.generateKeyPair(); byte[] s = ntru.sign(msg, kp); Assert.Equals(param.getOutputLength(), s.Length); } }
private void CreateMsgRep(SignatureParameters param) { NtruSign ntru = new NtruSign(param); byte[] msgHash = ArrayUtils.ToBytes("adfsadfsdfs23234234"); // verify that the message representative is reproducible IntegerPolynomial i1 = ntru.createMsgRep(msgHash, 1); IntegerPolynomial i2 = ntru.createMsgRep(msgHash, 1); Assert.ArrayEquals(i1.Coeffs, i2.Coeffs); i1 = ntru.createMsgRep(msgHash, 5); i2 = ntru.createMsgRep(msgHash, 5); Assert.ArrayEquals(i1.Coeffs, i2.Coeffs); i1 = ntru.createMsgRep(msgHash, 2); i2 = ntru.createMsgRep(msgHash, 3); Assert.False(Compare.AreEqual(i1.Coeffs, i2.Coeffs)); }
private void InitUpdateSign(SignatureParameters param) { NtruSign ntru = new NtruSign(param); SignatureKeyPair kp = ntru.generateKeyPair(); Random rng = new Random(); byte[] msg = new byte[10 + rng.Next(1000)]; rng.NextBytes(msg); // sign and verify a message in two pieces each ntru.initSign(kp); int splitIdx = rng.Next(msg.Length); ntru.update(ArrayUtils.CopyOf(msg, splitIdx)); // part 1 of msg byte[] s = ntru.sign(ArrayUtils.CopyOfRange(msg, splitIdx, msg.Length)); // part 2 of msg ntru.initVerify(kp.pub); splitIdx = rng.Next(msg.Length); ntru.update(ArrayUtils.CopyOf(msg, splitIdx)); // part 1 of msg ntru.update(ArrayUtils.CopyOfRange(msg, splitIdx, msg.Length)); // part 2 of msg bool valid = ntru.verify(s); Assert.True(valid); // verify the same signature with the one-step method valid = ntru.verify(msg, s, kp.pub); Assert.True(valid); // sign using the one-step method and verify using the multi-step method s = ntru.sign(msg, kp); ntru.initVerify(kp.pub); splitIdx = rng.Next(msg.Length); ntru.update(ArrayUtils.CopyOf(msg, splitIdx)); // part 1 of msg ntru.update(ArrayUtils.CopyOfRange(msg, splitIdx, msg.Length)); // part 2 of msg valid = ntru.verify(s); Assert.True(valid); }
private void SignVerify(SignatureParameters param) { NtruSign ntru = new NtruSign(param); SignatureKeyPair kp = ntru.generateKeyPair(); Assert.Equals(param.B + 1, kp.priv.getNumBases()); Random rng = new Random(); byte[] msg = new byte[10 + rng.Next(1000)]; rng.NextBytes(msg); // sign and verify byte[] s = ntru.sign(msg, kp); bool valid = ntru.verify(msg, s, kp.pub); Assert.True(valid); // altering the signature should make it invalid s[rng.Next(param.N)] += 1; valid = ntru.verify(msg, s, kp.pub); Assert.False(valid); // test that a random signature fails rng.NextBytes(s); valid = ntru.verify(msg, s, kp.pub); Assert.False(valid); // encode, decode keypair, test SignaturePrivateKey priv = new SignaturePrivateKey(kp.priv.getEncoded()); SignaturePublicKey pub = new SignaturePublicKey(kp.pub.getEncoded()); kp = new SignatureKeyPair(priv, pub); s = ntru.sign(msg, kp); valid = ntru.verify(msg, s, kp.pub); Assert.True(valid); // altering the signature should make it invalid s[rng.Next(s.Length)] += 1; valid = ntru.verify(msg, s, kp.pub); Assert.False(valid); // sparse/dense param.sparse = !param.sparse; s = ntru.sign(msg, kp); valid = ntru.verify(msg, s, kp.pub); Assert.True(valid); s[rng.Next(s.Length)] += 1; valid = ntru.verify(msg, s, kp.pub); Assert.False(valid); param.sparse = !param.sparse; // decrease NormBound to force multiple signing attempts SignatureParameters params2 = param.Clone(); params2.normBoundSq *= (float)4.0 / 9; // works for APR2011_439_PROD but may need to be increased for different params params2.signFailTolerance = 10000; ntru = new NtruSign(params2); s = ntru.sign(msg, kp); valid = ntru.verify(msg, s, kp.pub); Assert.True(valid); // test KeyGenAlg.FLOAT (default=RESULTANT) params2 = param.Clone(); param.keyGenAlg = KeyGenAlg.FLOAT; ntru = new NtruSign(param); kp = ntru.generateKeyPair(); s = ntru.sign(msg, kp); valid = ntru.verify(msg, s, kp.pub); Assert.True(valid); s[rng.Next(s.Length)] += 1; valid = ntru.verify(msg, s, kp.pub); Assert.False(valid); }
/** * Constructs a new instance with a set of signature parameters. * @param params signature parameters * @deprecated the NtruSign algorithm is broken */ public NtruSign(SignatureParameters param) { this.param = param; }
/** * Constructs a new instance with a set of signature parameters. * @param params signature parameters * @deprecated the NtruSign algorithm is broken */ public NtruSign(SignatureParameters param) { this.param = param; }
private void Encode(SignatureParameters param) { NtruSign ntru = new NtruSign(param); SignatureKeyPair kp = ntru.generateKeyPair(); // encode to byte[] and reconstruct byte[] enc = kp.getEncoded(); SignatureKeyPair kp2 = new SignatureKeyPair(enc); Assert.Equals(kp, kp2); // encode to OutputStream and reconstruct MemoryStream bos = new MemoryStream(); kp.writeTo(bos); MemoryStream bis = new MemoryStream(bos.ToArray()); SignatureKeyPair kp3 = new SignatureKeyPair(bis); Assert.Equals(kp, kp3); }
private void Encode() { SignatureParameters[] paramSets = new SignatureParameters[] { SignatureParameters.TEST157, SignatureParameters.TEST157_PROD }; foreach (SignatureParameters param in paramSets) Encode(param); }
//@Override public override bool Equals(Object obj) { if (this == obj) { return(true); } if (obj == null) { return(false); } if (!(obj.GetType().IsAssignableFrom(typeof(SignatureParameters)))) { return(false); } SignatureParameters other = (SignatureParameters)obj; if (B != other.B) { return(false); } if (N != other.N) { return(false); } if (basisType == null) { if (other.basisType != null) { return(false); } } else if (!basisType.Equals(other.basisType)) { return(false); } if (IntUtils.floatToIntBits(beta) != IntUtils.floatToIntBits(other.beta)) { return(false); } if (IntUtils.floatToIntBits(betaSq) != IntUtils.floatToIntBits(other.betaSq)) { return(false); } if (bitsF != other.bitsF) { return(false); } if (d != other.d) { return(false); } if (d1 != other.d1) { return(false); } if (d2 != other.d2) { return(false); } if (d3 != other.d3) { return(false); } if (hashAlg == null) { if (other.hashAlg != null) { return(false); } } else if (!hashAlg.Equals(other.hashAlg)) { return(false); } if (keyGenAlg == null) { if (other.keyGenAlg != null) { return(false); } } else if (!keyGenAlg.Equals(other.keyGenAlg)) { return(false); } if (IntUtils.floatToIntBits(keyNormBound) != IntUtils.floatToIntBits(other.keyNormBound)) { return(false); } if (IntUtils.floatToIntBits(keyNormBoundSq) != IntUtils.floatToIntBits(other.keyNormBoundSq)) { return(false); } if (IntUtils.floatToIntBits(normBound) != IntUtils.floatToIntBits(other.normBound)) { return(false); } if (IntUtils.floatToIntBits(normBoundSq) != IntUtils.floatToIntBits(other.normBoundSq)) { return(false); } if (polyType == null) { if (other.polyType != null) { return(false); } } else if (!polyType.Equals(other.polyType)) { return(false); } if (primeCheck != other.primeCheck) { return(false); } if (q != other.q) { return(false); } if (signFailTolerance != other.signFailTolerance) { return(false); } if (sparse != other.sparse) { return(false); } return(true); }