U-Prove JavaScript SDK (Oct 2014 version)

This commit is contained in:
Christian Paquin 2021-04-02 07:07:38 -04:00
Родитель 44e570179b
Коммит 34d4bf915e
24 изменённых файлов: 9423 добавлений и 8 удалений

Просмотреть файл

@ -0,0 +1,38 @@
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT license.
using System.Reflection;
using System.Runtime.CompilerServices;
using System.Runtime.InteropServices;
// General Information about an assembly is controlled through the following
// set of attributes. Change these attribute values to modify the information
// associated with an assembly.
[assembly: AssemblyTitle("U-Prove JavaScript SDK")]
[assembly: AssemblyDescription("")]
[assembly: AssemblyConfiguration("")]
[assembly: AssemblyCompany("Microsoft Research")]
[assembly: AssemblyProduct("U-Prove JavaScript SDK")]
[assembly: AssemblyCopyright("Copyright © 2014")]
[assembly: AssemblyTrademark("")]
[assembly: AssemblyCulture("")]
// Setting ComVisible to false makes the types in this assembly not visible
// to COM components. If you need to access a type in this assembly from
// COM, set the ComVisible attribute to true on that type.
[assembly: ComVisible(false)]
// The following GUID is for the ID of the typelib if this project is exposed to COM
[assembly: Guid("5ed23584-d5d2-44a6-9fbd-038b29912198")]
// Version information for an assembly consists of the following four values:
//
// Major Version
// Minor Version
// Build Number
// Revision
//
// You can specify all the values or you can default the Revision and Build Numbers
// by using the '*' as shown below:
[assembly: AssemblyVersion("1.0.0.0")]
[assembly: AssemblyFileVersion("1.0.0.0")]

Просмотреть файл

@ -1,14 +1,8 @@
# Project
> This repo has been populated by an initial template to help get you started. Please
> make sure to update the content to build a great experience for community-building.
The U-Prove JavaScript SDK implements the client-side of the [U-Prove Cryptographic Specification](http://research.microsoft.com/apps/pubs/default.aspx?id=166969), and is a companion to the [U-Prove C# SDK](https://uprovecsharp.codeplex.com/). It can be used to write web clients interacting with U-Prove services. The SDK makes use of the [MSR JavaScript Cryptography Library](http://research.microsoft.com/en-us/downloads/29f9385d-da4c-479a-b2ea-2a7bb335d727/).
As the maintainer of this project, please make a few updates:
- Improving this README.MD file to provide a great experience
- Updating SUPPORT.MD with content about this project's support experience
- Understanding the security reporting process in SECURITY.MD
- Remove this section from the README
For more information about the U-Prove technology, please visit http://www.microsoft.com/uprove.
## Contributing

Просмотреть файл

@ -0,0 +1,58 @@
U-Prove Recommended Parameters (L2048N256)
OID = 1.3.6.1.4.1.311.75.1.1.1
p = ef0990061db67a9eaeba265f1b8fa12b553390a8175bcb3d0c2e5ee5dfb826e229ad37431148ce31f8b0e531777f19c1e381c623e600bff7c55a23a8e649ccbcf833f2dba99e6ad66e52378e92f7492b24ff8c1e6fb189fa8434f5402fe415249ae02bf92b3ed8eaaaa2202ec3417b2079da4f35e985bb42a421cfaba8160b66949983384e56365a4486c046229fc8c818f930b80a60d6c2c2e20c5df880534d4240d0d81e9a370eef676a1c3b0ed1d8ff30340a96b21b89f69c54ceb8f3df17e31bc20c5b601e994445a1d347a45d95f41ae07176c7380c60db2aceddeeda5c5980964362e3a8dd3f973d6d4b241bcf910c7f7a02ed3b60383a0102d8060c27
q = c8f750941d91791904c7186d62368ec19e56b330b669d08708f882e4edb82885
g = bca29a2d4b226f594591ecedbd1859ccb0ba3d20186b30e0ffbf05ba25788a6720005194c1f005b2ced980ca160254bb48a0e2d756ddcc919afe9017a47905154177fb2c37fb6cc0f4423e8f4a8b8376e0043dddf06255050523d4ee1f68748d0d415732686f01d88d98c75bd1e25fa48cd5bf4cc69b6d67bf0dd5c9cf18ee91ae17ebf128151286de3ab17ac4025a91168d42532144b7357e423f1b8d9dbcee68df89b44150e496ff6d416e4376e2daf9e422807d276572cec335d0587a5d798022415e3737326251d304fd7129183357ef9c8d194447705360b5bb270a2ce6194e5894c1fafad3ca78af080f500227564d43cb63462b1084e9ccd55d002e19
domainParamSeed = 227cc83035ac2c68e6b4e5fe4b59c0a84ae80330f380de03223e378136d76fc0
g1 = b97134cdcdb52c11b28f53a3dde83582728603a1d4314da644335514f2fcbd3c141e3219c73f42346d4a3a487744656e1c29916a1d8ac9e12fd7d5bac0d28986208c7393f503be33e3eb4a45b80f6080c047bebf5ac4b768496cbc20e4d76c2c1b33e9e21d37f6361aa6ee654dca79164fc275c01759b1c4c3b0ef2d4c72e45efead2c6b054656ba78e639d38e8aef21bba8b117aa1cb8ab7d51ab95993fa445b1df7d3c5877da2606274f83160ee17afe401b3847fe0c9745e995fcb9590c9b794eb931de43d1375c0feda5411023242be913d84972f2526c3834ce9c689d706c4bf27e8b9d8ea35b8043bfd5ed2308eeb172743b6d0ea0f62ac55268ac371
g2 = bff5b5fb31f227fc38389194b0ac9ff60c8d8cbde7cafe52e2c26ce4bb04623f469d250de495a5895d804890a87cacf7ecb8661d21fe94e9a7b05b95ea6c5943a535b4570a61b2dd5c221aedac4b2d20759115fd779e9af18357ee5a9c9dcf88d02ee45aa624235a24edcb0850a27e00760cb5613a16ca619359fc644b6f202ed36f0c19053b0a39b999900330c0f59d6af7e45e881873c7cf3e710ec2ccbd0fd41078694021b6c8a665862ead51a5e84a160cefebdc0d04352170ab76fbbd80e56ae736d658f6aa3ff041b6728ed1e37fd915d58af628b4526464faea3af081bb1f633ecbd0e8574235f2e0220bb083b7597301f451977efa6140dd56cf021e
g3 = 4a6a6d07614a449b10e207cf209b4c812c7dd4547610bea2a5d3adf5ec7df1a7bb961144a86c6ee897966712457261651f4c90e933a847505eb96f33a3bc35efe6eae28384810ea023a27b3b96cd60829327e1af3b2eabf23aad422652fc791bbb6c91d0b8e03a13dc9b63a2a12c2821fc308338824faedd54d22fb106edb2ce9b6a041a79568aadfb781df43bfa9556668acecae96a18335e3da5c4f94db278226682dda176a73d095de063f83b6e81c21ae9cc14ac9f4099bcfaa80128f332d597a5f81c9131a9ecea28b339c933935c387626e0760589ff83948e39c80df96fa7a1edea177ec0eed7c41f3f8c1d5b45cde0dbdd1bf6e2eaa5c2e75a9b73f5
g4 = 3254822a81327c8b5d1c26c2f3b4b953192eb4a70e094d6a355ac96f4af49632c0094f82b15b24c355bbfa057d1c1e99c9ae1a86b5a8c09caf412d0ca5b2a78f90425a4cbb5c95d2bced87b21bd04a5d07ff6d098dd5f45ddb36e8692e5e866bca9c5cce1e864cb999fa2e4a1763a17ff07ee2c43c566a2a5ac62d5726d74b13d1f78a18057d969c8b6cdb0d60b16de69fbeae70bb5635255d41067247b81614adf575f2c976394e024e4add330a3fcd6edfa1767644c272f67968080b902d54dde4af9f57d4efc62e7a09305ba8c237015513563545f8d670c7ce636732d4611fae45edb2c317b62cb3b1f07146b8313bec7cd396829c0bb3f1c96cd8bfad9f
g5 = 81e675f9eb6a8c919eb3d0bc9836e4e49c8606d618bc2e071e7f3f5e47886f1a9c82e22e972131875c8824e38fe9a7487416b5975ee357c06b9f30d660c3f49b15197b0dbae624863e3acfdb0312dec3d038d82f4ab24817a541ca1af2bdd7e033a8fd296c8ead83fb8487654ab67eaf563b97719b92a55660e8f101108741792204272782e8aeb8a4d2b5390ae2e82abe9fc617bd227bc594bbacb946416bca6431d21f7b41dfbcf909a165dd7aa6d198e8e2082c7d4c39e93d2dabc4795e0262d997b6df4c42d0d7a31adeacbb0f9f01cc44512df90edab7111b6215326f7b785da702403a7a3f1b0dfd58d00d8385632d4d88b9b68cc48a29010dd07f1a9e
g6 = 62ebc21296d84c29ea41bc5eddf3ecaec2e5a9d8731ff560f53e0bb2cd633581e55dcf1efccbea9782c126606c98bc5d4407b6a665883615d87f4fc1ba549e0586d10a4cd7479695c1dd319b6c2f32298ab64a138f41e7d56aefa871e5246d18f9fa40f8df3e5ab9f9c07120552896832196f7a909574480007910a29fcf5f59f6da51d6b2d3c9c3952d0f3fc675f75bae1ebfe3c2dd3311050dc01a00f68bf5ba61cba240be8882d4614689ef00166ce46a53c7bfa5af63f0834b9581438324b8241ca1657fbcf480695524365f57877c0a8a5afd61e83efda89dba8678a1ee19e730e83c7eacfff95f78bfed6e75a8071c99f61d20739225d4a06edd39a059
g7 = 9c36437103795b91095d4eabee16d0922cbf4e14f6e14a95464cfdfac5a5dac9406ae91d468d09530eae6ca903f818c852639877a89f0259b210ded9af3afe42cb495cd89553e6149709f391996f0d574a47b0258a080292d4d4d2ac44db9169b83edae35a6eaa96ec92ba136970acf9114c9356ef5337b657e49c86482028d24177ebb5bb8a43e00fe17686dc46d97a04e26fcf13b1b9925d8867dc1c39a4e55ac237ad02c14a81325919820686ff1bbc0007d2143d506510a72ff871839e0449a2e14d01cd23ca08aa0bde8e8e66733b52ad4405f6c2496f846f7a41efa20422fb1ed47e840cd965f24309c6b9388b25f00caa9aefaf6851108766356f8ad1
g8 = 97786f500577c95adc8d33f5a287a89eda04a7055b53a33221004653b64dca1ff7d138a2005652908d53c4d5e178d78308a0459b342050b3bf5aa3125d2fce715f8b95de4b63d00633df8ab5fddf3ac41629a1990865b94e4242757c33f6c53a8b4294d01265dcf734c145a55f5e760aaf1eb83623f5da375bdcc1db17cf46f6f5cce4233d1fde5b8aee752e5a62f831c7cc5418b184d7fd43db2bdfb6b7fe3fa677472217b87ce184a76d59afa9201081b89879c9a3b0d89aa9b77112bfcc93d96df067850172e03d0f461e598dd494eb4c5a8d0de12a416d9a67169359f8f104191ade727f2063763409f02b8998447fb25058c53e69d55e9c1aa12d4fe99d
g9 = 243c1274881f76db009564932f16a49c8ff0d89eab78eb22f38110d84c652ec01a833ebfda16f8cefca289e85dd497ec1ce036921404d72022c9bd138efd7e48225e09c6e01017ce11e46145e26f5c37782b5a3b3b673143896bf3d5960792866fe78e48acb14fce59763087905c752bce4dbf8f627b8f6929bf3e223deae76f025d17f9ee66ba84dafd26bc51b84cb2007899ab96f7147121571a5ad5afa21f10b631af26a9620cc2572d2fb8e49044c2c875508f848fa40465a73eeb1a5e4fafb217abcb994e227cbf2aa9b8a5d788961a79b4475b21cf6d532765e8904c86f242d3d3273c911e8c20f719431b11bc6306413f2ea2be54df8dbac0fb6a4c1d
g10 = d244bd10f5762fe7a81fb97676f673f82b1279c98e4b664e73bc9997f458ca801476a9851158d8fc09dc092e6148050194ce3023282fd19e1e98c7de238e981b246315432606fa12c7cbc387e0fe812362b8922635a213259cb154e23157fa28822a441ed59dac8f42893c31b0dbaaba0ed75f79135875eb6099bd9b1ef2425e89a09c8de73cdb16d386cbd0bba1e5b00f284f632939d12172325f410a7213b8e690cd38b6321df8165f3fa46f16223ebfd1637dab3d7548843ea3d67f6ef14e3e2a5f85664007f44945b3f6ca0160631f4f125367eb00c9f2381697f708f31c81aa7ae686b03cc523809f254efa8936918222a9fdf4778ffbdcf20cc8de6c9c
g11 = 255ab8e2c5d04133feaed2edef61bcad2d428bed1998fafa624b01d051de4e5b00595365110efb4febc5f9fb0633d0bfa92bd864cf678c969726f234aeb79cc4dce1b9ce68563ed049e9f8a5331cb87d12dde81b42fdd9012b9deed417da911f74c4864b17b9d259498cf8978167994d786323a48a972d623e1e7bb097fbbc44eda8ce8175cdcc8d2d6df15eed5a98e21bc3e5ffce5b9cba5228c4f6c08aeae77476f683cd10e9225def3212baa1ef105f6711e9edbfe803086a2b23fa9310a4f64ed9870f91ed7eed101ba90d71deadd8ba6091b32a32c547f16080b01904e8ac958fd20bb558b4040056456495b08922bb9a1d74ad24c9c01f820d0aa72932
g12 = c619f23cfc03cbcda3808a418d16b89fd00623f7ab6fba880cc7f45d879c88cd1cde8395008fda9c2b2c4ad07189eb55a359ba04d275614d4d25452887679cc29d2bbc980830fa77e1d76ddddd0e4b1502168f5f27d188ddbb5d32554c621042d6333c3b9f774d44b620c68c64355143e98eae39ec29ba812b817a4d7ffa5b322fd49bd9c1c3a2f7b5560c166699a9f9c0f71e2a49b7dc2806da246b1897af7fcdc90b5971613704fb49331ffc11e8f874728563b90ec38c97ee4b30441b97a194a4558440816ba830669181f0544138787f3a249756a55db772ea217242e9b5606fb9c8f4a23e1d3eab88cdb0da393f7aa7a8eabb80ebdfcf67c1558b36419b
g13 = 4b42fae293f2971135ed30967c63a6ff75fc9449dbd7f0754d4b752ad72a81c0fa5abff49f2726c4af04c72d3a7b8a096170abb958c17999e9c97464d8749b4fb17e5e1b2554c8c61ba852cbcfbe24f1744a602078f55e5a81da48f86f546dde8fad26c0e0e0a8f244ada1630dfed441ee5d7b233e50b85c11185554e3f3ee104c54651683794801ccacb0fb9c548c801003f53c43c3bd4e3752da9e1a7032ae093c8c3a85d34903d8d2b1b97126044f6867a0b7286775edb6dfee6f1844a13350c746e56895e275c5f4f2c87791b1cd0c8c2f6ed81e68ab3120bfabe2b20c2f6695223a95b3c16e451af9f0c1bee2a70f8335ed461b05c060c51c3450e00c31
g14 = 8b723c1bc1385cc9af0c6b4701ec3acf1265ab3727293f7798dc740b7d7997c6399f5883ba08dbf77af08f89f856f38d80287efb5b939c730ca830a2ebda6e62ad57e6ade3e6196a1995cbbf6bfe2be3c8a84fb6f39cfac44c85cbf400dc50a80d9165b560a94f7df1a3f52cc755105db6d1b01ab2876ab01af5acce6cfd35e7592a1f0f9808db4e5c79ac1a8965836244b0efa817eba2f82a3bb31c595d531da1c55d1d5a4cc2fc4f8885b87782b791c62ec33b426f0d1755e4c3b8cc3cb9948da6a3fb71cde01be68ca0988eef9a4597c3f423ed7d9bea7ccf84e21f9ee140aa4c7f335bd066532fa386fdd817f74c68e226001010edea2a90dd95cdfcd0e3
g15 = 973ff266bb2b99478b08a132e56b46943a49de4bdf21d85f14688135771e06bd76547ef58e338aadbfaf6bebfd382e198f1c16cc87a368cfa22699b65d2ba15c431c5d1a10e30fb6dbf9ac5af5f197defa7b88ddbca4acf327a0b4705e7ab392042d71ddf797c3d61724a05550cfd1e10a9650c0998171422676b184a95ac6955021f968260115feb95b13a7607e0fa3a38c5bf50033795cae1fe0aa094076f0c1ee3a909757118fca156e9aaf2eb7aac1b8e530b23181073fa985d548b0f1709a908bd792e97081c663acab54e0b7f3010a364768f03e03db0ff00c634a8d5da404735ca08c49e0a685ae919c6afe81ddb7377cff5323a3339cfea6de130283
g16 = 158f857b499cf962d81396ea280f94dee4b499b17d187a4d6d53b16c824985d9aead7c215799b82c8fbe77a0e3c63f3c0d43042285305f291b3fe3f48f4596e31264520ccd8e212a037603025239529af51b6af89fe5d6cc19e438d243f1ce3510807f0e09229b44680933b2517827a37c0604fc08e5da117dddb12b9460bdb2c68528e98af4da0e74ee1080c6e735f3f6af74ab4de1c2b2a44f85534d5cb24dd218725dc9be09265de4d3b4d3dbda74628c1482c8ec58450d90d635eaeb3c3b7bb051874cac728345820ae973ab76c07b0d8f6a912f8135a0c13725386f533885738b6bc70961467752adfc1649ec1512a23b55dde13854d249566b8a7a8192
g17 = 1edc0b0a85d295dcaea33cf82c694c33dde5191c48cd7fe944960d8a297370db6f96a0d83365036994d254429bd27e5d25d7021ed5f85efb79b02bd704d95382fa9ccbda410d88479a8fadeaae2a7de611d281d14cfaa345ded9ff3e97c59e1d26679fb446063ce54e9b99cbb99e01763a5b2f61111e4e23a18719761bc5fdb87a417d4ad69aa517c5f165b8b16a2d29827a39e8fb8358cea660f6b2091cd1b127f7c8c864f328a859abd8b333ef857db00d9b4a22d4427e4a030e9d56b27ba78fc3810b38b446eb67e12d263493df20eb07314eba1227e4855fd899ce80fcdffa24631373af84bb4116d37a95ee0280d48823d61c6a6e581218dd62ea4d147b
g18 = 860e6baddc4e3ba2dfe7c3dc8462bcff074da3fe5830894ccb9f43f2ec917d7f36f7638070e35f8933b53f20d2266bad0f696af2668e1e7205cc2883c9a50845cfdb1aee30a3ffcf34a5e68942266d9ae5c3e822a51401b59171c9696b636ad7a8c8d0c0e02b18b4459e3613c34db98ce42f328d63924caff9f483900580bd80142db61ec985cb629ee3ee1550ebc26c268f8273ea75ad947963f8f41a8397fb8a1ac42f19d3d77f9070c792cf62f4ebe8d63657d15f9d46910613b38d16b26c10a4239b69d45e30faf83283cf8e536097f088a3ce667d29b551ebfa19f8de90706e09b3de4c118b4b66c91920dedc0a29762e1854e9dd038bc7034d69abbd14
g19 = 3d10db2c984c24607c7d79eeee1cdd63b2222b76188f68a629177df62e634d2227696ed318ea97716e346c580c47f368fc3533efdb8210ed02397418eebf008b28b48d287c8a03fd0af8ca8844aa10aae63d69a9d256c3e153a2c844af7999d77541d95d6cfe66a42ffb6e20fde6c1273f7d916ce341e59f9ad1d61734edfef42c3cf358d947f8c2430619ca77ecabdb39d5f105f5ec64d85e9f26e2927587234d00a0a9c9bf883fe6cfa80883be484ef29636db4c9dac44670fc8a68b548ba6f3f992b722ea669cb822906969ed684d28cdb83d2e6abb66935c9fdca2beaea20ba36862a162ac5b2099042b6fe79dceae094eea0f5fce53112779bca573954a
g20 = 71cb2376e64839001ad1bc7e6d4ea099d49e2873cedc2b3327c5893eab26b73531b2af18f47bce335aa36364c1c97184a68eb8aaf74cba6dfc0eafdfcdbd5f8ae9a6e93059416d206f47710ec47273d30d98feb24627d6e138346701d68e8edd4c2e4667b115cd8185a9e02840546e499a1c193c103ce5b1364f1161c87ddcf4ffea650e36ae952a4a7aadb351a196a7fee0636de546c33b90970cd9ae3867d875ed5676e8613b88158daa4bf3db51bdbb8d6121af48f2c44e2216405239921f1b0deaa09ac289a09ea038a6cc62c288e8ab56d96cb4eef5daabb1cd96bf20dba4253ce1850dbfd87e98131a961769772efb7c29b210f102c1d285a996f94660
g21 = 24ac79d4bf1f93b92ed7ec636d2cdf5ddc0f6a5c7aacff8164380c52af0682395c24d7f51f0604d09997de9f09728bd90f2df028128aca80a983d0454912670f0392deda1cdbf2b3284c34eb5d2f87b7d0f94a63aafcfb97eba7cbb8b6dd927137375e697d7059ebefb71d8e90c1a3dcc169618c52002cb7823d0cd9fc7842b458882cbab04accd79bb2cbb9782384c930a6b18055b9d3215640579a71d1ce868c43db959a9c0b4c76edcc9026d43b370312ed9e9ad4f47d50430348afc97859e125f5f333f29085773173a6da43dd356c2c60d951415f3eb9ea6d6b1f5095c07c2ade0338fbe038d14e3fcaeca7c699a2559332d6fb474fc806509507e931
g22 = 67d44a1199606baa4af7fbea8656300e48e4d224059638013c3d10c38d8f00d4c4d2ee0339c3d8f6a5ba39d61d78992385eda39fec792f575eed3ceed326752066942d94186b8837191b68ce751957404f97560c8ac537fa2a3d5ab02db1ad6a81e8aba19ebc9031625daa70ed6d816c93e69811176c8b2d4106987fde0ad3cf08647a21d1f1aba970d3562311e07b8441a1819d1fc656e0b96252a2726ceb299597f8805ab395f04ca0bf2b029febf95e1dc25114d18d1f8b74276579a982332d64adb5dce5643a7f776d349a34850e7517b45d0b36edc5a89cc62e489a867c046eea19ec4f7337c9b89116ae7217cb6d736c0b727172b90748f52da95c4572
g23 = 3cd021abfc57bf0d66198eb5f3a20af03affba9819a5bdb4e3783d2022cb63111c679cdc3c06480e88d6ad72fda423b9719aee5f74b0874a7ea53f23ee5b9dc07179727269f563a8a48b564196ced7b9412d8e3a40f17ff458a456b71cc7c839e689a67ed6e8e226a5a8b9aa002cdd774d9f6dc03f237780f1f97a7c003397f7a14d9ed8b01fae278ac43fc2eae3f89bb4563d0c21ef6bd67a9e7352ddfc45c488252c8ad1d65dabe33edc03f7694a2fe7d1ba48c6e0a7e96aca194a23f799e5528dcd99e4e07a4796bd6463bcd7fa1c108da1c6791369e1712672a04e7ba115d9735dabaf676760b77ad74fc6c0f36a45e051f503295822c439de260abda51b
g24 = 4c0e01d5cbae889dbeb06893ea8a38254d4c2c75fb13ab1273c73baf48c1bce844f724e5498cd6acee990f2c1628169572ce50f1f188138e56dcbead958caa5001f588a35e0f4b373aacc169222121ec41e33b99cc9ec57a607bdaf162961a3080fa75a99a3457a41c88502f541c0d8585f9d73bf4497b7be7e464b732c3a3d5e84446b8c840024b371b4093ab588e9580125f4dfa6246824caee9ad3985ea621e56af2cfd684cd5e7378b7aedf687e5502269cf00b8b20f240ed8427daa667999922473a1605284aa178790b9485923041287f016035ff9ff851483e0db38eb7c25a3bb5a600967f5f4164cdb310ec28602d18a22b0959a944fd78e66656ff2
g25 = 5f0c334aaf9722235f9ab3af5323c27636b0a71a8b5f7316183dadc892b7b1b22934376cc4b485a029195511962036ef10159cdebdb77a7607f692bf17c0a67ddeb254265c89de7fd0e463f33d6a6442fa1235eac19792e7f497750104980abf39e2ab1cb43ec2f5fbaa47caa9ce0f1b3d952477a469aeefb39fc50af807a35b000e8f196dfca6d58446cf7e1c8d8a5a0635bfa880a6934247e16a0bc6dbfeefd4b994bba8506c0a8602936adf728afd3dd93d01d3eae2595a8c49c1842786a183adb1ab8aa9a61cc8ec74c9bd6c295150d9d8a121402e92a4eca3868a56f15a417f3dee07f6dd3508304e7b27c2b1d43eeed6d1d71763e413f4609f1652450
g26 = 5365ae844436f2a05bedb52cecf66ba0a8e825779522bc58e73970b9b2b981b4461c264d69562394cd9c8646786ba59d4547e76b80243a9cb31b2782fff5b3d947f1ee1d88709c08e13fd050fdb4cf29108d6e04157945582614407d60f8b39b87a649aaa2fb0b31d380a530ea5cfaa6bb126771cb0a68b5085c577f5e66c1fea33fbe9d604415c00761fedd47e5e4d9462c2d340e7c3058cb569e0ab32ec70e4e4e4093458f395f95e4570cabdf0766e3c474e42702c947695b26a691184d0af2d4652439a219840f25d32cf6e5914d7af5fd6f93cc9116a9d84ee1a2ff6d040d3820928c8e87d3f66b1970a1055b3ab39e025daabe2649b2615e3eb1c49df1
g27 = 4d9ff922621537b781bc5345e882a666c89aa3401354ea09ce2a63e70128e1c10fd79d0ff529c775386e94611b4a1c7e6237c7fb14757a37fcb9a9974a7eda0d975c7216008c59c6f9c772ef6cbed445120126c4864eda45c513523a853c5bf2a0908ffea40090c68febed894e32e3d9f6c818365f05a7fa3e78619aa9d67d5edc4471e1acff94c67cae60872ca28b7178d5da3efad704a36e514ed40834980ceb55a2f9d091792f7aa5d901fdb36709668f02a4e3809111dd9b4668094fbb526bb1691d56c55979559a485c52194dc7ca6d575cf8f3f41e892bb0e72528bdc34223c6b82a207808c1db325535a85d29f128e293295efc266f158974d1e2e422
g28 = 652f95e56d98bb8c8e36edcbb3e94b27e8f5efce3472c9f8b1ac52f880eaed16b11d1ce8e43ed485edcc6e898e8120fca10aab6bb4c98a62a0004d856536b30b176a2bf318b37ac4e22a2d3c36137913acd01e951ea890a28a19216cecf335aa7e763092442b2492c864e0b457f77ea15a35e50d106a1c226dcf9a939422a63e4254f0df77b4d3685e2075ba03830fdf83b94df2b754d5bb09a86a3dccd59689fb9fb8aea5e9e6ce7269423bb5c6ef4bf4144b8865eb222a7056031ce45cda8ad5b5f09c158d8a5d76c6491819b8d6a0f567b633906e8207bb6e030acd1af6e363f7f86203289a866ecb8933f4d1245360a8cb22268cd0011197bb94825c3057
g29 = 4637c6880a3ae0520cdb9447345713fcdb19caf397dad11950abb5126a52cf3f77f7417642649b1599150b4979b65ee5814342c24e9856d54f9ed95bc48ea03090b4c1ed01aa6c88604ffd269eac96d59ca15a76b29107c4f60f127a7c29442d1295d45caaba459103413444e830d5c44f657d81f41f58b0514c55f6b922ef979ba900f9d1fe8322696255e860714c0a1dc0d8245bccb2e7bf68a53545fbb0fff51cd6618f0f44df2510a5640ecfe840be49355d1caab68c17908acc697a63ec70525792bbe47215531304920126db27beda03db640ec2e8936fda3c1d293050874152c5c8fd7113dd142cb1c2a9a015c9145d15170a4b37f03812e1ebee026e
g30 = e53dd59dafd6d5cf96bfcfd279838701f3ddbb4afa88fd85bbaf8c9f356a900619282854e9d5aaaa016253672e42a0a7b7ab0ce5bb14c713101bb4233f598e803e032835e0b01f184567c55265d0b9a7584dd7a51743c0207640f758d866aa6aa85f0d0053a207942fd3553b0b94c0ac5adcd51d7420a8063b3195d0cb91b85acedf975413c10bf958f6f7ea9bde5363dff54f609c084f2c910ffd7d70a385f58dafa3969bb8e456915df7626a787160b04b21ec4521a6d63a908531e2f578d0736c2ec3161095b90439160992fee43a7844e58e5c0afca7cc1fd2b55872728a4b4b9d038f9e38cbcce138d117de16672e031eac7a0fef2569e55b7bf0b328d4
g31 = 1916c671b85f3a642b3100b3a26a2aac9bb567e669f01a4b3c7930884f04b86090b6541b6b0fbbc64a264058ce8f65eb7aa138f6e93b2a5870cf322b395c61a2bf773ccdf07af6829c5a32e0ae2fd0656586c618f15605add76706aa48f93b5cac90917c62f5a87337d9b9d6185e44ddeec5392b4543517a750ceb84e9e2e7a15d49da9bf074506b2f1a20a49812feb6e0f9c681a99a0a16cec1c0a038b8c8f894dce32a697595045a92c1f95b5b03b277d8bab53c3ffc6270312b47c47aaab777a54680ec13b2177ad5139e914887fa749ab81c3f8b484313746c12627365a7037454422bf2139550522f75994c7558964a38e8816382bfc3097ace95c15744
g32 = cdb208f5c6910a6a723802dacb2cb7c1919bd19c96b70ff6113986b99472a8245933a0a9cf62556252963d09bc19f6d00e4447ab228e202bbf163580fbd999f5c73b315e0b5b11b2694ba55f8abbdd56041edf4008100ccf1c4b139015ff6b88d97c05e49d258451888677ee7d4e945e0e87ae900da2fd08b56d80b95e008cef08c10a330d7810d536744f7bb57bf0a4efb4aae8a2de50e1d660113a7137877bb5e2b30fd5ede3bca911266e45984b0ce5e7f9ba5afcd9c95015347b04d7c03f85dae5d85b4eb439c3afd2336f448c288781902b7562ebeea6ae018ae04e7ee904626bb6547b7293991c43ad4d3f306b203a40137232fd308a7476d52d13cbad
g33 = 91de45b520104797fc3d5e853262434f3f05da173292041f26ddd46378095e7ff012d7e5fe27647890273127eecab952f273a0f30eb9a67b1203b295aa6010e5fd0755a18d53e034761b49bd9ed297469c561c1e2f030ff6b403b5978a498f926ad9687f668c179aa3b66f34b4cccd93e8328adf50aa79b84a4c0166bd4729035e618c92cb4d58a983df6815cff82a252a6afc9b4750abdebe242b9ca000c3ed96c4cf81e17918c2069ecdba0a0ab32a6c8f093b9517c0358040949a938dc64f49c80e5a3a7c41f249d7cec1aecacb5921e412f9efce6829e4af7013befca2e8053a0ef9364efdfa4391c79901bc73dec9c7f85cbdd4aee1d7fc13622b7006ec
g34 = 7288ffff90cf31e8ee7e7f4d1d424a84b8930c47e712fa507250deb0562474e3b44ac0ab2b4ed149e6ea90fdd62ead7ad52055cde67318c9c1d78080238c040c6bb02f9a7ea96c733884943b24ced763757283edc50401f0b070e238241115a8e463e1332ce050646f96d7d16f5ca3c506aa534447f216ffac9f78e23e8cb085416346d0e71db995f5fa565aecc4c99b46e36cb40195e2f46283ba06966b52e980e4c25add9ee17d4fe0435bdd9f4b85f596fc3dcfcd59ce7b9bd2df84382183a4e7dc962369e79d8e78cfcfde8f4c7d882e3399262d51e1b38a3bac6eb21cb1dfd42a997429dfe22a4fc502ec3d98bcb06f311cb5f96297d8d7deee8cb93edf
g35 = e36d796e6bb30ec1676b22c6c64d580c8ead1698dfbdd9b30498ced818256d4e2e25753b189efbe696b4bdfb0043b5041bb36f126e4c0f525e9fc6eae74e402c32ac5188bc239fe8c8914ea8f4366a2a56999174783fbafbb8123e4fa2bd6c682dbfe0c9192657e3659b5b6baee31477bfe8337e99e224554def715ca4964447d3582b3bb02c15f90825cc2dea1b1eec7196382aafaeb78df75e2c2129029027314b1473c894777a60d091b8af1afda2dcedf637d75c5b7d6c88fe418d6cb4400a851bd17a1d838a6adcbb8ea48e69a210ae7800a6655cd9fe85f5b4c3af39a8133fa867224f65a57b37b2de445ef0499edb070b14d83723f5222a004104317b
g36 = 22daddb1c6847ee6c29e558a1fb029ca497007903818e3233b532aad2e2dfc2b479dcc8c5722c219af8eb3402e3f4b1b0ae7c3fbb72c4f144604cf2cf3915d4d4f8efb1d392c2d353e06e4d6d5def66b2fbb35888977cdebc7a4038fc9843880a7204451dbf7ee89af9fc9914c68e9a4d8f012ca73e7975465e9ae27e867f65563412f7407a04982977e8d6512d044cf1f4f06e271cb0cae64c108365f956325b2e226cc59c353b5eed9a968b60192effc20292b435242d0a094743af0a6a1abbdf525d1ee8de5293c650f9765c38c66e328e2aa8ceb0d29285084e2addb0f1f5548594fca0759e2c48ff6f6dce578c02ec3a5cde913a301864e69a784a20b7f
g37 = b6d03b7fc016dcb6483cfe00fff6de486f84de1e8226825416ae5fd895dcc3b34e9080ad692abb921a6b6c0bd9c0c3e8125c8dfcf114c038634392152ef2ff4ccde150e4a083e5560b4fb0211b2c1d85a37abeef846ac6593f2273e4db0806f278602e650f15e102bcf0d88d8a189298d94cc1343219ee34030b947c37ede2f14597afd084367d600670db5ba8c41023e6e0c242d5b2adf41dfe34cce1088f292a93811d787699e2c50e113ed5e2a99ea1c8c878118540b2527cb1c6aec2e3dc5fa2752d3dc979f040844204ac1a05cd1922701b0dd1ae2964b905824ba2431f45ce2995308acf290b944a65e0ea95b6af94d614a2f38444b49c85f8ff2bcba9
g38 = 2e232340e5b6615e8a25139635ac30bd15281820bb068f8de23431c520e7c141c4f271967ca547230a7144f6a17dc5bb564825786b44025b5fb6af06e655ab0e5e06f7f8eda7d04e31f12b31273dc04158fff6a7f30358208b63b3609dffcf3a2ce15cbd7870c497724b0f1968e8667177a52ac56840e3b2065bbca71fbf336ee7a709d61695ddb6513c22ab7b4401b3cf32e1d4fb44dc647594830e35917fe4f8d59fb95bf4b515b3e06ec7b1198a707ad74733ebd98791488eb890265dbd178bef121a329225c7156ac9be015a398abe6be544ec3b0d9a0b1e7627eec27d4cfec88eebaff402b5227e96a08ca49573bfed27c318238aef19dc4c71c6939ca9
g39 = a0ce5ed6c778fb18ceb3a57765470076c62b069cfede8dfb70e6156e36f70ecb7a093cd475fe87667f86946862267660dd76ce2fb680a040d229b0a0fa28527d30d3aab04d0f1106b2237729f1f28a87f2f167b6015018c6945089654c93da9d65aab8149e20fd8277debad980428b55540b71c995ea3b87d3a45234756672170aaeb877ebaf3e03b2d428d1cd219984712d18cb76d927e39fd2b788136c08a8ab16f633b99c712fe10da8683e73b4edf83c368a08eba604385b10441192cc076a9740364ed63486f3a46cdb25ef0b5120ebe54e6aa06b4c60f6337d3f566994784882093932c963473d4c1fdef100e0ab9ae632364417f7b2c550df6b48b347
g40 = 1b3ad950ef15fe8f1915d90872900fa14eda2fd2c431941d70b3b8ceab96999002d74e4aa0991266cc791791604ec09b907d253517e7a4dafb9bb16697c51c11feb440ba411bcfe8d0271830e5118bd85a8421bdd45d8e96cba9454f4f861224add92e1a799d36dd295af57d94c768627f108bf8a3ad95e76e2443c162042ce464d44d7ef915d9ca4cdc7bac0081b991d47b9618c5e45e91412a165534a5583f7d7fd407936b2daf3f6a9f84fa15496bdbb85f655b2afb7215836af1ad9f88c13fc5f0a29d3573446ae1b374e242c4e15098176f3a3fbad5a3b7bed3119691493b48639d87faced853d199383e591f9e32d46f6f5b72a9ceec8335c6003784a7
g41 = e2d2ad63c6ab014de42ec3a2f7e5db70b7fdebe03d9c258f19a786c89211519c2cfbc9fae0a82fc957bd42924fadaff20e22d2842a330158691cbd2f15328a521262a578ef309e4332ac9504f019d58986f0791fdcd7437c3f7b4686bec7521755dff3e11493547142ca30b85d2589b96aa37ea67ed5152e09d07a2e85b8e0491d04a1769046525bfcb86f897b9036887effdb6fd86911c160a6d991be4649c9b35f28efcd2d3da929a490d0054897d24228155e0cc190d2e280c0e4e8d1574704cb7ff5c6107a65ae37c8f8036bfb587ca45db30480a2fb89bdb305695b227412e90b04554ffa40bc27b8efc47517db9fea3c45177c5ef721876e9fe40662bb
g42 = 81fc66ae02d11bf04100161bec9eff07e60809a466cf492d06be233b3045ad5a4b6005ca113e688e20419c52b4f23102552cc669403e4e6f21ae203a82ddddac05c166cd432e2a9ecfa87f68c9040fcd0b67b25a3b1a258decdf3d2ae56e6035d809ccc406e72cc02c910f809d05dc6435bbc00a29d2ce2d0ae31c7f1557b1d9b3c68d17f9a1b0e2ef9bac5989a8e762dc2b96f95941fa2aa4069b99402643ecf8403269dcb121b1e4549d242f86299d068e3cbae6e44a8ee67e113840a9503ef8c15cae828e2b8ce864bb7a5087d8ffc42f524ceaafafaceac343c0642c9242f0b46001db9ff2ed2523c732f041cd303c7d99bd14326ef5102f8ac859a4264b
g43 = 2afe920b1f3a3563729b149ac7124fe8bdc8587288e11179a263fc3b688077dbf25a96e03deebc66117f88b900ca24dae186aa9fb915f502a1fcb40d25a4e84a3b961c03a311d7f0a1ae58854e5caa7959f05346bbb933510b6cf38110e25c79edc223c9179379da2b97401585e2f51847d094637c0e581c19982d08965c0d52cfb1094e765e0d9ec702eb2e436080359dddba25d3894edad6d914c7232fdad22fcba182622cc1f2a50dc0feeea3475b8aaee86b13a5ad2d8bbcdfcf0fc234d0826d44f12da171a45443e3ab012d8b20af1a119b2f4535893584c6111a9b4318fd5f707e1c79f5ed48d980abfbc3353e42d7954c761df2b6f5b808335e571bf2
g44 = bbe4e4b8c5d54cb28b1f1b5e4d7e633c2930300c74275c915f6ec7f82d5149923b711928d0eb5962cd7341940adbfe3ff303ac00bb4d3a1e2fe7074fd7af339cda5e99758abad767d9feb1ec5af37d3ce942a7d4e808c19cc0a9a53de1b5b5fefe97fb53d6c158ca3e2534972821a949a69d1bfd198e2ec21dfe4bb672196d44c5a5206af444db247de59d5520372d46c84593a1d4f966c5db93c3d20ef8e6b29d3eb7d45aeeecdc91a1de787037196cb27210e20353812d4777a341f411ec9ab66a128b4545f2017e3fc1b86c8ed18b8a9ecf9f6e20533c79fabb8666f46bb3ddf9247d01b1a7a1c4b6d6dca0ecb9a4f5c0a33733d30d376bbfe8c55e50205e
g45 = 92337c39b3f221b8a493a620cbcbb509d378c88f7b689f81e4ed3cf9ba7e3b4d02da9d3f1245e2afd2bb347a9272ec2af1d5454654bdf6ee5f26258b8bfa4780d8a126b966c68134e74974c3837589fde57726bc5aa7e21f70b0047e0751ee8de613cb22f1b2f8c8d60fb190b0c6d8223d438a7a29d9690fbc1ab576d1fda6fa17de157cd030dc3d19efec4283a246c31b6925828e72c63380a0b8e055cdc5926a3a5db68fa82740dca8181f8b1068abbac122eadc2e21a8efeb323e4577d79eb579451dd1d3d3c9d9907cec5b9ec4e137eae3035f414a52d71ae65f765e19705603ebe0ff216caa1ad6e72d5c95943db2bbf1306893f412c01f83ee684a2c35
g46 = cf261067a85092e7726ec2b89b6e3e74d73d4b9df7bb16e1780201f6fce2f7e786ed09696100867419099c2ce2da5644e313b3ab435a198e846da930ac6de5af1100952b3ad6d6d754e857aef43372d5197580eaf2436be2806eb5a48f813f96256faf71251ba7f68bb53123258c0adf49d676e49d29513faa5c3ab87b6d1e9e0dcde6625f842c0eca08e1ed011eafe6010b86bccf868ef02db9d6266e7abff82559aae589195212f7952d2907cd2d2b524b5229469bad962faae44012dd800c1a82754a470544897bd822a37b31ad253edb038c1fa6fdcd59ff7619ded23c1d35496d72ab31e5be0ca41d1c29358341118ece8e00c81e8ec497ead0a3083b48
g47 = e0f9a0ac36e271ddbf61d1d8fe7eb18dd83decbfa7ac6b4d11ed36a99b487d243be9057edce74ab16b76bf5b608d5e35109444b94a7b92a669c010d18249b26cc2d27fc7d2da0ff7a2ae7436d5ca2f63b77097555bf200e54cbc977d2d7f36a0b97faf53e4e56e6d24f37bdea537b279b2e25364d27ab75d961c89470f9a0d82f18de10364419886423d35ee13fcd60c601449f58fea951b9ea0c4458765dbb0935398387e5877859494334c18f58f73ebeb5ff0495ac96f7a0afd6016028a370eb155d31a4109a157ea31ee223520a8b53fd1dd90e454e1171f6b6b145dd44d3c1dff52159d0ffa0fb9f187f5743732e3cb88917725ffa096ad148600419778
g48 = 3a6d3760ee62e43b2f51740eeea2c537c1e9094b159656bcaa930da5c3180c0618548a33bb00f21be7948645db50c7fb7e8c6d8ec20da55096b7c9762f4991aea4b5a4f171523f272f7cdc7d43a4d735119d4a9a6e2e901735dacb35858b1d9b0953335228e6a3636e01e4f18b178d31a8d6e2334333d79592663c8ad3f7190e9dae22a4192e2eff94f2d803b7335a999ac6cc0f9174dea082d0043b9eaddf5839648bef578e6940ea18e698ab40e4b6f0d716e8688358209f8cd5d1f8ba19b2cfdb5cfa2d9fda5b3dbd2bbd0238ecf9f69126fc4785054e5833b619a67ce7fdeee618343abe7bba60b73ddd70702adc94599ffe8e8ef6f409475eb0510a1b5d
g49 = 62453773cd4614914205f351443a29fb27d9365fccc35b204ef2d2c1a96cb32cf2c49778e2e86b49483b1f89e784b3cd8baa46b264c902dd30853a3ab99e8006c8c47490b1eba7932992a716e51f1df283d9b2fef3fd993faaac08193505592077225502b119c582a7733dd4d54b7952a77e35854f72cb81d5eebe8aa2a9fa38a9480a5dd27a5b60189eabf7b6fd8ae1f14917718faddeac9b879017d7a8ba411f02e7e7686e39f07b7bcbc705d943a1af5bb08e057e3516919611334bf1ffec7d7aa9848713986c8e693394fe2ccb1e3b1e3ee2bfaa6554acfe6aebe22b0f3580d25e604090f9b2b9449f93d027b559f8282f83a86e228157f5b0b9242d7513
g50 = ad2b486bbeb2c05f2b26584fd03b929b300331dfd2b1089a0409615ad7b8578311350f390fba0672e42d83a71aec370bf39998913b05e21d2178c51e85831b0bf5d2693a8ec5142d44c6557b78487865ecf849f4b6e7a702c37c8f1e50f60b740057c97746678f96b4d038cdab3df415211864c9efab10850e2df55fc3422b218692e3b5ecc2ffc333b914485ef577f643a7739b0797c4de194ba6c19e1c1fc64f2d30ab182cb88b910b3c609df1d61dcf734f7d7f0e09abc55bdaa25bd0f06c0750ced3426596a21bcaf441ed1e57b14d657d78408e23e56e607b8bef016e8f7904e30789d37ca2b98bcc126ba35859f84b70518eea5f12e05ff3596c205b9e
gt = e7bd5ba14a14848513f5e56ebdc623f20865479728dd01e18ef920818f83d364e165ecdb12ce11a22ece2c9de7109455418af504ce4592dbc7e53a09ca2e47538dfe3de8a2d1ec7b983680d7355b7474642d2677e9e8c2efd6dd120c9dba69e1dc625a97c04ddc0a1de3d90cddcf8118a7292af2902f51121ddf5cf7ceda8ba682aa2414d9ce9f7c149675c3d1f2df6b1039d1c3890e5cf93f637fc9c8ffb55854378227a47bb77b183e343abb2751d6201243b7f2b4835e97dfae4c9b6edefe7b9de064e063ef9f7151bb35231f3cb70d4fcce6de2de0a354d57750c8b8fed579fbbd22976db4e979b3eba3284e8a0385eec44afb3e8338c0df2df2ddf787f
gd = 487813c6d3efc50b646745573142de47649cc77789aa545d2fca97e9e5e94639810fda34e77cff614b3a86715c7ae093a1070987b183c3c7efa892e3dca1f98fcfaa39e1d649aaae00f89473db7c8cf92037ad771fc464cb6b76f18325a1b02ea41d29276a1cf9b9bd7b25bb5f9a219ab022c7ab8d25378bcc7b9ffcdb70971c03d320fbff71797338ff24007bd785cfbdaaf4bb219b079b96382dff211e23f554092c3aa8af79e8a60d21355e7d026b3c8207fe4feeaca8a9a8dc5fc8333817c67bf805bbe0c032b10839a9026ba9c9bb120bd4ceebacd3152b66b256e41e4a06224ba3f2d3ab99a26c364fe822c0d2c5e972545c2572561c795fbb68a34018

Просмотреть файл

@ -0,0 +1,113 @@
U-Prove Recommended Parameters (P-256)
OID = 1.3.6.1.4.1.311.75.1.2.1
p = ffffffff00000001000000000000000000000000ffffffffffffffffffffffff
a = ffffffff00000001000000000000000000000000fffffffffffffffffffffffc
b = 5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b
n = ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551
h = 1
g.x = 6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296
g.y = 4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5
g1.x = f1b986d5d11f43483ae736e886af750e870d7f0c2312aad8db5c8a3e34f5391e
g1.y = 64347b7f493187a53b370894b8f8e38fd22cb99302393d79dce225918eba61ee
g2.x = 1554cf983e0b060c78705ed7d14a4941b02e608cdb78f6a75a52345978141fd3
g2.y = 62540e690c8fa9fe107e2141dfc6907f74f5feebdf5b12d7153b4635a2df6a76
g3.x = 32791a779e9aa475ba2666a0e47a928b21ab1905faaf48bb8062bae9009eb27d
g3.y = 1874ba86ea194fb14dcce9fa22366f4735caea2119beb63f2baec19a9e93a545
g4.x = c0efadb5c3015e42c1d71ac390c4d22a6f5d552f63bbcc59190aea6aee16354a
g4.y = 53f0133ea44da20c509a4e5be9b027dbe13e3a60439dbe72084b0c75a049723f
g5.x = bd5f29df6640493ff96c6cbc49cb8e5f61462792db75f20ef49bf86e260dc955
g5.y = 204c440ef8c6eb2bec0c343ace9c6d64e188c8b4f0613d64846adbdc3d8fdfad
g6.x = d91abda26ec5c3001cf1ca2c09ad88662558426dc3b4d1b501e7abc2db080cdc
g6.y = 54ebb17fed855a36c1f74ab8256208e86307a9f2b756d7c84b4fb9485e0ff5f5
g7.x = 86eb2c94e2b6d620a391b4080dfe2b377cc20d981b5bc0cca94e865697959ebe
g7.y = 26ac1589c52880c3b8f81d2bf32976636019f16d8efa1f4d20950b9908ceb7e1
g8.x = 5553148e44252692d9e7ea9c189469dd2c0e8bd449405b6f3b1f279245b37f0d
g8.y = 790ca4ce90e048a7425b662a631612d0224f208e4be6e907c3e7d9607a997f6d
g9.x = 77668d97bff7d5da695d6d72e4f840205de289ce8ff1e9952435b0b4dd4e222e
g9.y = 1476060b33fe636bb9b75f10785d4b431905cd006f832bf73103b9f880378556
g10.x = 729a72be8375888f67df96d2a52e1b384af1c68ff8b73cadf6296c72c2c1fab2
g10.y = 13120e6942d0740a25f8b871e1f2fe9a8604977d1daa18af0e4fed570c6ea2e
g11.x = cfba014ef2734bb0d51863a1e6ae8eb4ae189f8c19432af46d9f16fdd43fbc18
g11.y = 1256c784f827c31ad23d8d233678ce2eebce344629e7a5f7a6d94adc0ff47a7e
g12.x = 6c1407c49a51f67625eb8b2995ac11944288995b3a81789a5eb3e6bf4f2ded78
g12.y = 16d872494fc18d77404f906e58902150e1fcdda0cf211516f6f19415e8892f26
g13.x = d9231c315baf722469f74fba55ba661777e91ca6320a8825bda1cbf0ea206092
g13.y = 36e4cd1288088deceea8e7b6d22cfd97b99f87facc95f1891fc6a28bd81e5f50
g14.x = 35358711384106b862a2cf0b403e8055920c7598bfb49987a89c3569e5a05b61
g14.y = 18edfa1dfc653a0574ca88fdaaecdfe9eb75309aacbe926c2110e92678c84e3d
g15.x = 25d05c261772166c08483d00003f443520e91324cbe918fc34008a932716d7eb
g15.y = 668a13c5d163f6646bf2e8f42d1f48e79a9ead020922b383006b676d29d35a42
g16.x = fc035c85aa0e9c527ea7dca26a2db74dc250e8a5abe853bbded15959d7230f43
g16.y = 65f052a382b2c78caa9fcfc952096f4ccc4772546e5798649123fef94ec95acc
g17.x = 85b3873fd911bf06a978fa40e261e1c856f638ca9ec8cbe8826a6082c8452d0f
g17.y = 3cf00d69586f56bed849d5e9e2825a003ce562aab5f81bd718a4e941989e1101
g18.x = 4549f8c621eaba57ed2336d51920f6fc4dc34e047db134c61980e4e358c5e324
g18.y = 39e8be23f04033a0f8bc43d5a11b1e798d25b5c75d740efd309985edc5dedb98
g19.x = b8ad386b54f9766e5cb1a2f050cbca2a22619ba008fdf9496df38a6cea784eb2
g19.y = 5b333a0cde9ddc8d6571b1cac456a47144c9c16ece866a538494ea0feaeef0ac
g20.x = 56628c7d6366e1c4a9361e5f7e49415c80fda14c04f106f0638ec8cf59aa0485
g20.y = 74fdc260802b6df55a640233889535cd04e0df84b66d9da4645da31193995046
g21.x = 8f1f5a0e342e6557b955355438608db09e4d237ec7230e2c836bd5f3e91c6c12
g21.y = 2c1a2102a69ef74a006353c2d2d1dd9dbdfab007fd08e7c88eb869a0a669b1
g22.x = beaf7757a3ce43dc8d4a0732e1e318f49755e61e5f57a85beccf21b7dcc818e2
g22.y = 40d26c2adc3f41d09156025a9dc34fd3ca6b96809d3d7cf5f28d00a1edbd6995
g23.x = e513c3e50efa4436199c5a51fd691ea4dcabbc202a8029ba3df0336f12d82663
g23.y = 75f42f58480d2cad569b0f13cbf376c3913271d9f7844242b870519d2be8398e
g24.x = b42b3b05bcafbb72800ee242ab4cb7abd77f1fceac7ce1d327eec25b3de6c43d
g24.y = 725f5b3d0cdd1b86bd7a8bd635c1acedbac91d6c35163eae66810751f4d46288
g25.x = c8a4a7df6bef6c61ef50bffd9cfa7efde22530f0b2d0371e819b80e885d592dd
g25.y = 196e7e0a81d03b38a8f99104812f64784b62d41991f566de27847b6bb9baa251
g26.x = a22af45e5a7a9a9f94910e8cdb5e649e83c38fc1369f1ca9fa1d51887c38ddf1
g26.y = 759bd38c6e09fe2cd75b4f355f4420e2e7b2dfd9f7147aa03d5373b3612b8389
g27.x = 22f47a6aaec142359481eea49098882b3ecac4625b1d2562b0271848762c5dde
g27.y = 3e0b7e0c51a063303580ca25e326ae7e61086ea6e4c495d25162867039d9fe4c
g28.x = eae24e9cbf4a8eb92c1cc80d75dcf44c39dfe4edcf13c3e5e4b7ba08c329378d
g28.y = 2f7ffffa43a2d0268c25e4f08663fef26c57962fd5f623292f061ea19c5710a1
g29.x = ad92b098528ae208572474e3ca2b1f6fbe133cb4fab5eeba0e46100c684d5bbc
g29.y = 47978685fa8f41ca5246bd6347ba65f670ec65a136166c75e7936346e16ad790
g30.x = dc5abc9d9e2a04a7ba38346e827119f50fa311b8cb4b12cf53602f3482a609c0
g30.y = e94f73d5d9641942188fd0ff64a7751021faf6cc9c4d2aa0318e94f05978be
g31.x = 5d008b9bdebb3824935bdc68a7ac426c554058a9dc4ed8bea2ea74a92df47fc3
g31.y = 1805d5f8f097ea8b3b8608dc5f016fd909781b75900d53ce8b65846518ca0bda
g32.x = 4bff16067e37798ff3e3242b11be39f83dd7451ebe1101eac4887a6f93d50206
g32.y = 65e5e31e150136036e1922549b9fd9a855997129f4566d3f5acf8a1e4d0ac83
g33.x = aecba7f0745123d9c6a60e9bd461a8636131b095f59617849d335d2a7d8b187b
g33.y = 5f62d5eaf4a9a892488c0de95d8d85eda9035b6597ea2674d7a7ee7d4a535ebd
g34.x = a74ecb80732496e8f6ce72f4556937c237e19efac7567c151f386b650656a226
g34.y = 4f661415313284d904485e6f6db8fe94782b2ba24c0cba6ca77557efcd8f05e
g35.x = ed0e965669017aa71f342ec8a099bbf01a0b9eab94f62623ecf96bcc0e14e4ab
g35.y = 244bf125523ef2978db06006cda7cf3e4d58397711d92897603dbae29b82864b
g36.x = 69b843bdbf017d416a767d134e1c2d497fad2cdaae36b275370ff512a34bfa7
g36.y = 3d3be3d2e86eb07a87849b2ef16ee30310b86e63b3478163fd06b6592bbde545
g37.x = 592d48158a6358a2900d453d79e88d6bc20b7fa8cb2bfcfcdfd082960525ad83
g37.y = 7231c3d1f86fcc1b6c9e8c16ae45a93508c9c49e8a745e64b07636fc6b03103f
g38.x = 18ffac7507b8f022eba9722aea93c6ca7470825a787c1f982b083dda0490ed32
g38.y = 304b83604a94ff8a2787b047e823e50a64edca0b1dccb9381196597a1c63b362
g39.x = dde5dfc2867a61ba2e046dd52576d3d33a24173e32d716caf0d6bc4bd1194374
g39.y = 79b6e30b1822d61eade59b0ab3edbe8f4291c8e081ddcedeff00bc32ebfc1a93
g40.x = e0f72a8c71395e19063b0e09f947f86c06f4b300c81d3bbbc48dcb219ab960aa
g40.y = 6f231e0a538c8f54c066c93e1af857bc3b1c418802274cbdf5e387d88736f576
g41.x = 385388078ea2b4792dac8fbe0b4748b99800ca086662fa8eabd62596dd7e5c53
g41.y = 4d2112111d5bf47baed1c4a2688cfa616e7bbb64d412f16b371288bfe957ea61
g42.x = b108aa3e8bf1f707f6ba9556aa0f1871519734a698203f7532925443b2020cbd
g42.y = 5a75fae7ad0be23520734779ef11f325dde7a6edc63336ef9fb58661fccc46a5
g43.x = 605b3505f77e74b22ea7e67c3333ff3b7b771738389d305aa594d8f550237db
g43.y = 7487adb2e07c3ab92e1386546790a011497eb9fb9846716b04793dcea430c7ab
g44.x = d81883a9cf1dc3043c44f9f0f9ff502cd045e4294c375a30a8a65abc0dd28264
g44.y = 1d75c99eb44e2d8b43a53f69b6881f96929435e2b3850a3701aed026e80a3291
g45.x = 93ec90879cd2d86a2276f44b42df736283d297470759de0af2c6c92f168482af
g45.y = 1f45f480a0ec7607516679c2bb9f677a89d450ec469ac930a10d213c1eb2a9cf
g46.x = 4e9e9eb8e267c0d61760ecabc9ac19ddac5db95c28334ec99d49d74d40b66daf
g46.y = 5dd71c92d311ec15d5e2e6d3b8d51336415a608e14048c86ceec764e6de6df49
g47.x = ceb4ca98f62019596b9bc6234ea5c2029990f08d068f27eef4fa7d9897bfaf62
g47.y = 4160fbddaf2986f3a11e29b589b9d91d8b15c5f8bbf02f7f175f6ef8e7c2b1a4
g48.x = 80e8706709bd25a84937417e2d6a6dafa83d3738dfb42f8eefa0fb5247d69985
g48.y = 6a8f2ea6b2301e3aefbd8246f6eb97ea0ce1155ce0b72c471d01b0d0b88da2ca
g49.x = 13bd26060667f8eb7e56e782854af3b3e010cf1825a684bc72b287ea7b2c234c
g49.y = 1871c15aa6f8cc3ada2d4bf6bb2bc6296ca6587c122df3b47a9faa3025863a8c
g50.x = 7d5e69bace920e8ed2d0b43ad14849d71e26729cb37f009ae14e6d8a065e9079
g50.y = 13d6c8d6ae0273a1890129779fce34f0caf6f353bfde9ee337278678c9b6e758
gt.x = e2ab81def593e999c975a8a48668b9a07e5594cfd68fac29f17a811cb26b3e10
gt.y = 756311f896c503ecdb2f608a1ccbfa378a95eb4578e65f190f1a8b544d20b082
gd.x = 4ca625118d0a05d04d275dae1ff096361ebeba345c31270982f796639b1ca574
gd.y = 142d150c855ba9aa7dcc71821a538edb544836df8050912679ccd7233fbba636

Просмотреть файл

@ -0,0 +1,181 @@
// U-Prove Cryptographic test vectors - V1.1 Revision 3
// The following prefixes identify values for U-Prove extensions:
// * 'ie_': identity escrow extension - draft revision 1
// * 'r_': designated-verifier accumulator revocation extension - draft revision 2
// * 'sm_': set membership extension - draft revision 1
UIDh = SHA-256
UIDp = 56312e31205265766973696f6e20335465737420566563746f7273202332
GroupName = 1.3.6.1.4.1.311.75.1.2.1
y0 = 82af89c326459a9068619c04f290d9b2247497561c8d78f355416c8eed5d4fb8
g0.x = 7e344bd85f8a04deb60654866926dd14cdf4801a76a5e614a358dc6014be6af4
g0.y = 116459117acc5493e0cbf4095d27e47a2126538827eaff4e7045398bc1d218ef
e1 = 00
e2 = 01
e3 = 01
e4 = 00
e5 = 00
S = 49737375657220706172616d65746572732073706563696669636174696f6e
ie_x = ff88fd07080ba5cbc2ed70345088283c5e6e94c3338986f536966de4d90ba20b
ie_H.x = 3eec71cdd882f371c0274ba16b67042ae7fa07d2bdda1bde44f4acf4b0017efd
ie_H.y = 56e7ad2eeee96d59b66a2b16affbf9ab90f811cdef68d7627d92bf9331a95613
ie_additionalInfo = 494420457363726f7720706f6c696379
r_delta = 12e3046993d1aa18cecc942e1c43a2cd192f307fc88c85760208d0729dc1f1b7
r_K.x = 7dfe79395c5dfd80337f2ec96710b189bfb38679f57cf373bda5e8d2a0250f39
r_K.y = e3bbf6915abe4ec2bdcf390a96a1b8a6215cd5f96e4d7af50335361183ea8246
r_R1 = 4a65226d83bea98cc47cf467f558d9f3f3a0cba9db2343855e8e678b00377a0d
r_R2 = dadde3b62035495b85a3bb4c971e80a92edd7ffdf547dc27229c0ef5561e8b8c
r_R3 = 1e78c187422d2bd5670243768f6ee3f0dbd5c23b87c179201bc948326540467
r_R4 = 172e4aaf9168350b0bc1a78523a4be2baecee798c268d484cff916b88e4e9601
r_V.x = 661b8598eb1ea7becaa64ef520f03e8bcb7a2db0446c27cc93d784957cc466e
r_V.y = 73a5a13261efb5196dc8e7df5da8cb7892b4b1c1a43f56fd5754be8c418b1ab3
A1 = 499602d2
A2 = 416c69636520536d697468
A3 = 555341
A4 = 02
A5 = 19
TI = 546f6b656e20696e666f726d6174696f6e206669656c642076616c7565
PI = 50726f76657220696e666f726d6174696f6e206669656c642076616c7565
x1 = 499602d2
x2 = 3e4668267d6a6fe778ec3a189b384b44d029f3edc3532d618b88a729adaea673
x3 = 6ea19dcd4945a99795edb377600622d522b2e1986265efc569186ad3326c7427
x4 = 2
x5 = 19
P = e97bb76a1b42382f9891f1c9f1ff60f5bdef249694e9e8fdcdd94a590ebad0ed
xt = e602ea681bb80295cece8f5bbae76f1aa387f1ae4cbd32dc411b14fc858c824e
gamma.x = b7d63cb6fb3d5920aa05361c4ec032690a69030296f817998e6156e8a53e3b31
gamma.y = 8547d1f665b1864d775551c79b2a16c55ab34baa412b7f173c920f3012913d69
sigmaZ.x = efee019a57426aa2d5c1950b5921e8f3737dbcd4121adbdb4f9b888a1684c2fd
sigmaZ.y = 118034afff1cdba1f26e5dc0b2f1d1054cd352e72fc2a85798aa12e754beda0c
w = 6bbd1f39ac3eaea4885017f6d5916f5cfd68d5576d6ba4af5ac5df97517d7dbc
sigmaA.x = 2c8a365b3661db3b68da9fb21d7b73d1f823f536f79816d01085520f921833a8
sigmaA.y = 7bdd9faee5bc8558c660fb39b0eb550e11da222950ed98a08234850d113d5c0
sigmaB.x = 57b6e2eaa2a6b40d31f5cc98830f094a09fed0c1aff6e21d5e39f37e9507ce0f
sigmaB.y = a653372618bcd80be95587b1adc0aead2df0be473866027150e757c6bc7f43a3
alpha = 2aa6196685847f6f2042107150ddaf3e8ababa25783f94001870dfe65e16530b
beta1 = d35bcc2e7808d778e966372a5b335e7d15a10d97c25743eb11194e15a599100a
beta2 = ef059df51180c581e3423c120869a5e41162d0bc09bb497b17e01c5fbac1d250
h.x = 95b7154a3ce8c8089deedb1d4f2c41f866a431288a7924d7f11031c8e2ec2b2
h.y = 2bc6438faf89e7fb3ef1441a5de5a57ee9a3229004677c586addee17c1a30741
alphaInverse = dcbd3c56166bfc51779a19f495448c7a622439408ddc959fac9e5434ea61792e
sigmaZPrime.x = b63592ecfbc4929423bbdfc91dc4569936f2778dfcc21610b8a9bd16c5c39a1
sigmaZPrime.y = e621048a06213dc99d7841c4d1016b0fd46cc65fb83515f17c0829a9cb706300
sigmaAPrime.x = 5c959fb18fc40b2a7b09c455ec57671f3150e0b9b4c57d15c569655791a88302
sigmaAPrime.y = 9d46f2ff3d732539f3664944ea702b9a21f1c049b5db8fd30ee2dc3ca23015f
sigmaBPrime.x = a6c17f15e320a6b4c2faae38e9dbc0840c4928f9b0745dfbb1789d58819ecf8
sigmaBPrime.y = 442fc866579cacbc6d52f9b9825f8ece63cc09c83dbf138b2bf5f742ef697418
sigmaCPrime = 1f7c8b4ffed39eb20a255e26364d64a90179e707181cb04d864f4e4fe462bcfe
sigmaC = f2d8577e76dc762af38b95509180c326171af49eda73f43897689c6589fbcd08
sigmaR = 2fd98c0e515189a9dbaf4215a27c4991b6352f78cf643eee8d7b8e78e6128652
sigmaRPrime = 1edf2a0462d24f2abef17e27aae5ef760ab105873207e9e4b1a1e015a4713351
D = 2,5
U = 1,3,4
C = 1,4
p = 1
s = 5665726966696572554944
m = 56657269666965725549442b72616e646f6d2064617461
md = 446972656374206d657373616765
w0 = 552c3b5695686c95dc8bb47f1b31e3a873690343c8530133bb22de306366c721
vr_z = 8321963b170d9e25234b478d83f03828809f7ec276bbbaf27e5af0fed76aa23
gs.x = 8154dcc502cb0f7396ca02d2ff717dcba0c1f4465fc2a1b4b948fed08d09157f
gs.y = 7bef1c4bd3931fe288d8df3ebbdef609f21228599a7c258560baea0f4a079740
w1 = 6febbcdb2e4f4ea9f53be07e07c95fe5fd74eb50be8f87022b079a73893b3175
w3 = c3931030740779241a5a4d8d73832cf2c3f933ef7b7662df64bab027b5db1fba
w4 = a6aba74b82f70f5fbc6366442fa8fa8dba7af900841fa4d3030cbba57526f3e
a = 83a961e598c2409dd0634a912abf2046b8c5cbb52293a6a0f4bfd24614b34074
tildeO1 = 3a938308c8b73a93883df4b440fe9d692b084b0d2b8eb1c8706c438763b69da8
tildeW1 = 56f729ae7786df236c1c08cb4d450d3293618e4f066112ace2ba975c73b22fd1
tildeC1.x = c55925c77a98baee261deea94d6eb3161d19e566047e3a697cefb0935f0883ec
tildeC1.y = cb90a2c02e0edeeb43bb0d06b51d71c234b37992da794a380f9da28c8a20e124
tildeA1 = c74da7d0f30717f311db8baae2901d126d593f0611fde5b32db96627a82f7ab7
tildeO4 = 9f4b5d48d4eef2a42928a00f85e67a2a5f11f401274ea1f4e47cccbcef83afba
tildeW4 = ec362b01e8c45da46fea26dec10326fc406dfc62bd2eaa51aa6863572236b5a6
tildeC4.x = cd8325e3f16b3feb586531cf5b62cd54b038b5c6b6f6f96360fc20dd95394c8e
tildeC4.y = 7cd9c456d4742c748e8452109d8246800e0796b03d13131d0d82e89d88a4d7fa
tildeA4 = 54b7d986bfed10c4b1fb588d0ac6d17d0d3b7c52bfc8c802dbc9437041c0feba
ap = 57f06b20682d27aa5ae9c2e52067af372b2a4a7fc6d102613b26d7bc304df3b7
Ps.x = d34fb53d981d7a094a6725789e268ca7904259c41b4a3cd9466b8b5527895e5c
Ps.y = 3b3044dd4575fa1c9602036e163e168cbd00c96f5a309e18dc1b3bed58452e88
UIDt = 90cf15909b77542a5dcadafee4063652b58647058a454935ff0432ea9e22704b
cp = 2015a3affddff64fcb6c78b696fe523862d2b3a57aee5d495554e5e20ac2f471
c = 6ec0dd87b0961531312b7d33e277e44ad83e53e5c5b4b6e438fb02e11090c5f0
r0 = e529acfdf4f60eaef5d4a19eae304d62765487e868c39f91b62e5bdff1af64c0
r1 = 7548cac9d50539242099e1d02dcaf2c7eba707c09b43209538b3b3e5819445db
r3 = a52d479c8a1d4d93cb51f1fa8f7cef3bc179446b9275166a6e411743d90b92e5
r4 = 2ce8ff6457034694996f3bfc7e0ac712e812027223f02b09b1f490bb329408af
tildeR1 = b0b310a41889d5ab2164caf0151293c64fba625ee8803787f367007eb98fe7e3
tildeR4 = c311a0bdf44c2f15bec46b8990c9b892d865029a7ce08d5f404cb6c7b07870a3
ie_b = 1
ie_r = 78e6234fba78429bb450923d27c233e156d07b81864dfcbe8cd9577f60058138
ie_E1.x = b5300b0c4290688c81a2ad9b5728fc52883db8476a23252904afbf3ebcc81a3e
ie_E1.y = 86d4446b7cce447dff2eda43d212f66438300f097f28b1248c25bcd7402b3916
ie_E2.x = 52fbd7f6b7a198356ed54d9c5fd425952bc2f1f596420fee4cb2d7f8916d7db9
ie_E2.y = 12cb36b93e5acca6ed0d92af121e75ca29b9c4aa99c70cc541da76e851180001
ie_xbPrime = 348066dadfd741c72b61ad6d9b6c29e734810151ba331f2aea65c3e021c23aae
ie_rPrime = ce5a08a75b59027f8fb456259f8e221fb06f4adf042f7d01613cef7a1460a568
ie_obPrime = 27ff9e4164818cdb7f82c205dcf98a5b42a330b2775aa99edc07461f69876b2e
ie_CxbPrime.x = 93cb41ae58c5708b0682ef0625c97b40ca68412ca2dfba4776857bc36d78a8cf
ie_CxbPrime.y = e98b69c7fa16e8f9376f4e0daaf06b7e29e8634abe4256856c1673b64f3bf6f8
ie_E1Prime.x = faffb6191495da20ffbc5694f9e68ad31c761f5f882ba2156cb430704e7fe5a2
ie_E1Prime.y = cedb776340d23784223d350bfa03d8c2e6ec2a1c8b58203b07b6583ce0aa3c7e
ie_E2Prime.x = e49dde2bb14c8aabab09d5093e5886929943507b0a953eb3ab426a6ad624c478
ie_E2Prime.y = 346eb6a427c495478624e09be36909573188e86a4d9e7143cb43604faca7b202
ie_c = 7005b0905ea34d12175b5689e27c908f27b6dba4da68923b2d689735de23f3e7
ie_rxb = 84ad271bc6386d7a4567625749777beeff088d11f4c65d0f0385b9cc08eccd8b
ie_rr = 6fc5a14d79f7850ff634bea5c15f7a7b22763e3cd9ee41f537e2a4a8b07d25e3
ie_rob = 6d28606d75f92d6e3b5e8391a5ce3b1a88e4a378a1943498398421d281f19640
r_id = 1
r_d = 5ab156a6ee2c6f4a85cea3bd8a093575eb099bf238ed04ee713797fdbb317851
r_W.x = fab34937a193d1fe372d0350fcb8d836e17db8f1d68b91e5f0205e7439ecaaf1
r_W.y = a602e0b5209309847875d7363ef6c8c9448df4ac38b6e6e8482b9f34765c7fe9
r_Q.x = 65d65823af6c13f5312f3326605c2d89da540b8f074144c52f9c22aff576860a
r_Q.y = 4bcfbf7d27977c85c7fbfe351499074dada9eec48568e360b389d9b0a9f23de7
r_t1 = eeefea0efe0bb2ee36f5f826d782467b29437702ff3f0cc56ff655c3b6c71f8
r_t2 = 1794f7eefbea6b61e802cf08fb273164e2df6dd550faff1bfd324af07b5ef376
r_k1 = fd676bd980356bc828d5882d24e8d02ece01795cff9ca71c94dbf1c99f7be689
r_k2 = f580b94bc58e3ac73a5ac7a72d2f715611b217ae4977660bf4e44a544a228ac
r_k3 = efff1dcbdc3c72751dcce85aef2daac2e4db6784596ba478e2aad46d143d68d0
r_k4 = 7d008b72b42b3825a8ac5c17ae1c7192a381c0683ba352835aa5e932670560e0
r_k5 = 6418ddefa2370eb8a341dbad0f8ccac53842c9937dff94d9ad07180f4205bea3
r_k6 = 4b7cb3963f82f06c7308c5fac8a574cedb23f9243bcd62658303419a1fff759d
r_X.x = 3a9c6bbe141399f1bbfc2d6d4d73e22ff7541546cba0113b0d5145cc8e88d981
r_X.y = 2eaf3c02478db2f8b58dcd96418c6ffb0b8118666f67cbf83111baeef9c54dc8
r_Y.x = 633c0a3ab4900c2573c83e0ba47f90fe5fe35539bcf18913d975071f74152bca
r_Y.y = f70e6d1c6a9dc13d983eed95fad334851e31c9b8cfc7fd571f9fe4b04d87b189
r_Cd.x = cd02ad8c02104665e47626a67680499960426e40305145b3b77009a372498cf1
r_Cd.y = c862b8847bdad46316c5226eaa7c65100fbf09772a53a30ec72a234e38829344
r_w = 9804a564608217f710633a42225fe8330c04c5a88fed3ea2bf199b41b8713fc7
r_z = fd3daf46038535b0b3e069b232734a7e6e9322fab0f1c2713576c67e037eb35
r_zPrime = ed7b7de5e2084e19ed3582ecd7e273970a6a978ea1c7662c41b275d95fd2168
r_T1.x = 873097e8514744f987a1f590d3386f7de3b4295efa654f26efa52833da35a927
r_T1.y = acac0fe5c62b4616cf699a979ddeaa094c1d220d2c24bd946bfb4e8db6aa9e53
r_T2.x = aa709b0c2fdb8e057c4b93e5e910a3634cc2311d2ea72c909591f176b80763e3
r_T2.y = 4883d99c461655d9cf7fddcbc1029e9e0264d060949d148cc233cfd9b5732f04
r_T3.x = 2ea985244497ac3e58fa647338a2b8c3a5fbcbf6e731d80165142002ce36242b
r_T3.y = 23d58035d5b967d6b8fc6a068cf32725dfefb0e4911c3e43d6a5ac8b906ca222
r_cPrime = fe8ec266137004a2cecb6c7c494ee9f294905c0ee5d7c241b176281ebe619a86
r_s1 = c240f31ed3170b5eed631cb310ab28caf396fe3c7dde68636d68b7df76b8be70
r_s2 = bb1f57537af5a232fd7bc788c318e03d8f1cb43ae99732b5d599c9017e65d4ce
r_s3 = 1ba595f5b44985af5a53e843fedf47bfeb7ed43d5d8ef815721b7e9fab8ffdf8
r_s4 = 1be094f4ebb967a0df35d6b56c6bc44bd1cfb896a5963a6738076119791a18ec
r_s5 = 27a92dd4e3227f5e8af0c130946a31f03dde6278cdc284d82bf7951321544af7
r_s6 = 22d41a3c08fb74337046f8e062ea7624d783a1456580e7573fc4645e07998983
sm_x_index = 4
sm_i = 2
sm_n = 3
sm_s1 = 1
sm_s2 = 2
sm_s3 = 3
sm_c1 = 82386192d93386b6525d1f75399a11079249331f0c9a677d194d123b40554c73
sm_r1 = 9227778f44e1f5a79d42d2deaded2be8f23a08d6cb5691e8d0e3798b214a76fc
sm_a1.x = 1a47af84a719ddb3085feb17c850c26696d35392c0e694bfc9aa38c7ecbbf451
sm_a1.y = aa9b5f3bee9bfed4c3fb6590790eb5132824b098c219f99ee9eaab5709881d29
sm_c3 = 11ace2122381c3b0548c81c9c889d02b212a49054d75a83b968ebe6168698652
sm_r3 = ccd5cc010b19c4707757813ed4c82047134d6af70170af9b03a77b94c26248eb
sm_a3.x = 92e6da0d621d817ea7514f16286c0f0b66de7c85a4b2bdfe22bbd670bb40976b
sm_a3.y = dc1281770d2490a19db123c5d48666c839264389e4bd393381a28e36be3e1eb6
sm_w = 62efcf2bcce200765d88ef6f46966cd6e774d1bfe8e515b2631fe639d30ae15
sm_a2.x = 940e3d3e60669d642a4c74d0f3ff8fc70e813e921007a0e6a7879a5b0b7119a5
sm_a2.y = 214bf69f4c5afadf8ba5b36786cfc3dfdc96409533755026c392a9b4b851265c
sm_c = 3c4ea11cc00fc0f17d63202fd2edceb40eac9b336f4d0782f735e3fd3a4d3c13
sm_c2 = a8695d76c35a768bd6797ef0d0c9ed81182019bcbc54964f3b13de238df18e9f
sm_r2 = 8e6125f65aa6d9702d093e46983b2ff6f5dde23546565b94cdd1c13a56891e2a

Просмотреть файл

@ -0,0 +1,72 @@
// U-Prove Cryptographic test vectors - V1.1 Revision 3
// The following prefixes identify values for U-Prove extensions:
// * 'ie_': identity escrow extension - draft revision 1
// * 'r_': designated-verifier accumulator revocation extension - draft revision 2
// * 'sm_': set membership extension - draft revision 1
UIDh = SHA-256
UIDp = 56312e31205265766973696f6e20335465737420566563746f7273202335
GroupName = 1.3.6.1.4.1.311.75.1.2.1
y0 = 5add26600d2bc6e87e88974eb27caee520f254c4dc722f2eb020e999649defd
g0.x = 51bb138a475ae99181270e9e8e1b08f4b87ee6f45682844db4481def0779d3c2
g0.y = 872f871cfdb22bfc0115d8f45cbb50c9a59ef54d069253c2cf41049958bc4e89
e1 = 00
e2 = 01
e3 = 01
e4 = 00
e5 = 00
S = 49737375657220706172616d65746572732073706563696669636174696f6e
A1 = 499602d2
A2 = 416c69636520536d697468
A3 = 555341
A4 = 02
A5 = 19
TI = 546f6b656e20696e666f726d6174696f6e206669656c642076616c7565
PI = 50726f76657220696e666f726d6174696f6e206669656c642076616c7565
x1 = 499602d2
x2 = 3e4668267d6a6fe778ec3a189b384b44d029f3edc3532d618b88a729adaea673
x3 = 6ea19dcd4945a99795edb377600622d522b2e1986265efc569186ad3326c7427
x4 = 2
x5 = 19
P = f2ea8c368e8f3456e95376fb8977a0a18178bffccb1849033c662dd9a7f708c2
xt = 1c1debf03e2c79b895c1ed4d095a7a744a76e326da15b982dcc17dfa8cd6fc0b
gamma.x = e4ecff64de99b14249c01ff467d720b0175f62a545452e7c53c87a8247fd5992
gamma.y = f7b6c63b855c17083fcbe8358f9dfdeec7512ed455c712277dd34208a848703a
sigmaZ.x = 9464ffed301fa4d89d95056edba4d38b044d13ce3749d576d09cb7d9b9248836
sigmaZ.y = 1526893d276421f0b2fb76744789fe6c1c41b89cd16b5f64b879bc46058d6d6
w = 9db5e1dcf6a13637e680d6c44b18fbf81bd37d39e400ea3e8ae07bfec422d83d
sigmaA.x = 7dee3bfc8be4fa84dc16ff26877c90397a6d0cb47dba1af968ec0e08112dcf2d
sigmaA.y = 1b56f696ec591ec71ba0e824d263233cea97686202440c035faa2f948e3d201e
sigmaB.x = 360dd80a5cef05b47bdaaab29aa26e5d605ef9912de08d62dd375faddbfa5c14
sigmaB.y = d70c25f7c0cd9c636ec506127b2835f220a725f616707d36a8b738c1525fca58
alpha = 98bd73645eef8b1d9ee66cdf15da7d207157dc2cba5199ccba35115263873c3
beta1 = a898babf41c4b32cdbcc60f59a1d4d2c38a9f6aea5157264723a6ba19de38aa1
beta2 = 7ba22458a2e890426150e7fe442302ad5624dc7c41c41e9226564c0759118ff7
h.x = 85ab09885d81bfc06a9718a18e5dc4050557a56ae046afb678008d872111be38
h.y = d5e6fd47625e7bbd3f128765cb53e1063470f4c3878ec50ead9db36d4b68dd3d
alphaInverse = 6dd6fa61327745f4e0e33fe68dca2c9e58003e6655f81d0901b0a18541ba14f7
sigmaZPrime.x = dac50059403908f014cfbcb17fc8b83448abea3dbb43b7a06aaa973b6167be60
sigmaZPrime.y = 701481293c092cdf384d91243afaac1a3c668116461e1b505bbee234f394178e
sigmaAPrime.x = 6c0ab7b700658bcc844cc0b1cc4daca1531bb5e9fedb2b50efbcbe3646b1ee32
sigmaAPrime.y = 4b22113a5ff5b20d8938126d9a89ba2e49e0b0785eb0fe329a71a8c08698b8e4
sigmaBPrime.x = 65e1860d6ba8744b90e937b898fc338e25ec79a0ca56036f80cf166719bfe5f3
sigmaBPrime.y = caa40ea452b1b0039e3c386723289282bed4abc8e745b1a2e1ea7c4729cdb129
sigmaCPrime = cafe9a80d3088db7f7ef95e456dbe352cedc5656c409f24422bd3ec2490f9312
sigmaC = 7397554114cd40e3d3bbf6d9f0f9307f4a9f5257c207c623a13ddfa0ea8ff862
sigmaR = 8bd10a9754d3c0ca936fbff85deb5d702bbfb62e9a0fdcc2e6b8a709a19c50ac
sigmaRPrime = 7732ef0f7bc510bf4c0a7f6a20e601dc4fd97fd34bc5cd01955284dfe4abb52
D = 2,5
U = 1,3,4
m = 56657269666965725549442b72616e646f6d2064617461
md = 446972656374206d657373616765
w0 = 42bf7af7f8f48a5019b34c542e73204f37bd4b78060d5fb68492324c9c88e850
w1 = c0efbc85a80bb4629a8c638e77ca63b235fcd09cc617f13460c37266c13db490
w3 = cafc933eb79aa72b08e8de7aaad13fba2e80169fb84c89a9fd8825e4994ea05d
w4 = d7d3c37a3625fa9b55a493dd3977898f84b837412614d77d72e9402f75c292ba
a = 3d7516061cb24f54a27adef41f526b6d7567a76aaa8ea37cea98f3becc707ef8
UIDt = a5c1244139cf04a5e0d131f95ac1ee938c4a3e301b54ec5d422511f27e1fd8af
cp = 2ffb644c0d13c7298c985a31f89a24339fee2035eb3ab9a95c58c8e0b23ba480
c = 887c1712690ae48924e295c32848be87bba971002f6e3eba17bdb06428570136
r0 = 1846f2aeda5788cc954d3187a9e4ac75cd1674a224ead4010b83a83d399f354b
r1 = e6fda6418aae4ceb2cabaa32784d637bb6332ef2f5d3fca4fa2ca67494eafd7f
r3 = 9a7d4c12fcc86984df27e28748a61e4b58746c732a4406a931ed93d90482230
r4 = c6db95546410318a0bdf6856e8e60c7fca4c4fee6e4ff88e3727aa2a2177b59f

Просмотреть файл

@ -0,0 +1,151 @@
// U-Prove Cryptographic test vectors - V1.1 Revision 3
// The following prefixes identify values for U-Prove extensions:
// * 'ie_': identity escrow extension - draft revision 1
// * 'r_': designated-verifier accumulator revocation extension - draft revision 2
// * 'sm_': set membership extension - draft revision 1
UIDh = SHA-256
UIDp = 56312e31205265766973696f6e20335465737420566563746f7273202338
GroupName = 1.3.6.1.4.1.311.75.1.1.1
y0 = a9602bd6be8c34c4ce5f400c0b5ae6075e7e509795249175aba958659b3a41d1
g0 = c1b018b203970cb0a9fa4453708ac31722c192fd8e30148ae3767c6d3d9aca61d66131e58bd93cee948985d68ecd629b25a37bbb0e1a86068593079281ea4e6b5c8806e6abc098461cfc19d6a636e15a6eff2add4b3c42cc5122dd324b7ea00e829b90eae8126b31bd8eab9b9896fdadc639992e6e3bc19372b10f2cf3f37f09f15d322c3f620e38c79fff5127a293c89422ecbd5ef50f48b3df90ee6e2e0d1d1d5f2e7fcaf27797cfd13fed77e107eea8a3a3a357b9e7931b0cb397966699d43c36f5e1d111ceb9adc161df5bdbdafb6976b20871439eadc3a57334051f0e2557fa61817eb8221ce9c22a81ba48f9a702ce90181890b3b052dc0379142186ab
e1 = 00
e2 = 01
e3 = 01
e4 = 00
e5 = 00
S = 49737375657220706172616d65746572732073706563696669636174696f6e
ie_x = 703276778d780bf2c060de23846da6a7eb693311e1d65085cfb62a1533cf2893
ie_H = 442379d3d474f6a3d69cc0a141bfcdcdb536be3a1070c8ec137a8f85386bec7a2958f7d9918c083c3494b5f13bffe5e62a163c7f3b9551ac22c2dc92b56243f38d7084fa45ef023fb1823dca923b18b2a3036432b1f4144de3c8510608edcbc5203bdab5309263242d5ccb433f1855670faf5df5a7ea8ed045cd1f6bd37d65436f20308fd239a7229616b3350e7e8adbfbd2753a151702ca3243541809d3c8dadb66cd213e36a20e6057c67664ba7d3c8be66d98ebde5bd0e3cef57fa57910b62e3cab66412b1b6c2340c6de4f686095ccd45eb7d02eaa76cea188a5f44cd49064b30a5cecee04b1b537ab83ccfeaecf33e9cdb7598494802d95c2c6b7c97cd1
ie_additionalInfo = 494420457363726f7720706f6c696379
r_delta = 1d6e9bd9e46e7ae6725dd734466df13d03b179320730f099e1f1a8d74ef6bff0
r_K = 4a9bdc244f9f281575f4ae8f766b29503b2f9749925b9be98293e2b6060967a64dddefa4bffef337655ef5c07a4647cdad74a8c857fdc41bbfb22e77f14e0dc1eae047e3ca8a713ca6a725301c9973fc87af3d7ff61512be9b0fbc81ed41d1e109b4eb6a1f11f9667b9b56abf1218a4bd47d35068278322f20a2938634d90da06ca7b4406e6b1bbdc8c90fc6dc43b6883f75b445abfee1e76fb9b9a3ab2ce9bec68a728fc23d01f409022f5601734ebcfc749aa4d2a7e0a6a33def8496f7ce93408a73a35b20d673c0bbd1b333d33e6f7d19b271f0b24bf63cce4fcd31058d1a72d5d39b2dde348e3f7c7754ae04ec52632902db6d9d77c59bfbf18962782f3b
r_R1 = 384a0516d2ccc37def4d9e83ff1c3f61c5ec128255f68bed7e01f8f3c5a3977c
r_R2 = 9ee6fcfb68db6b36eefc42ba926c9ac4b1461262e43c9a41bf1897d0d4d0b74c
r_R3 = b522e5192043f9e980db9359b4d05a116733417e913598614bbb3c4f439b611e
r_R4 = 45f605708780a46e4d28e108a8418ceebd8668a18e38ba808983cd6406a9a6e5
r_V = b0393ff56fc06a9d8b605a3b40ca51667b6fef1fff71a41cea88f210387766e31ac3a31d17a484e1edf67bbf3574535806693e27117748cfc7b99945517a839a0436c0ac9eab4a51f9906b5d9c37235c5a2678c6f5325aca650a5e56beec02be37736c4b976670181396e97bc9ab157a8f806a4c88e47b06aab23e38317dc71454a5176e33bd82a5e078544a10fc8d9454716c1640349bc7ec2e15147f6bcc69043919eddb72c886b0e5fffdb602626511a1fb48d1ad38c32306a9b19c29d4c9b27f8babb17401857e5ade6b6df13f8066954f41426fe0c95cff2734bbff8227d36fe368ea9ee4002fe819e3c3b74176100b9968030bf9cdeeccaccfc2d586d0
A1 = 499602d2
A2 = 416c69636520536d697468
A3 = 555341
A4 = 02
A5 = 19
TI = 546f6b656e20696e666f726d6174696f6e206669656c642076616c7565
PI = 50726f76657220696e666f726d6174696f6e206669656c642076616c7565
x1 = 499602d2
x2 = 3e4668267d6a6fe778ec3a189b384b44d029f3edc3532d618b88a729adaea673
x3 = 6ea19dcd4945a99795edb377600622d522b2e1986265efc569186ad3326c7427
x4 = 2
x5 = 19
P = 0e67ffe8b5867c9d2724b5068f1ef5ce81a2e63d89b95cc43b69070719024a57
xt = 721c77bf383bb3402ab49794d285a7cbcfe96e6a593baf3c96ec1cd8f4eadd8d
gamma = 6d7bec414a46a03bebf465d5dd47f20072f28aa6332628614cd550b811a0df13f4882e994af89d05565618cd4d45dbc1858288e344a29c64c56541fc1d1324e4961ba428b522a22c28b59045103882141d7c0c75e6f0f6a69c4ee125b39192e4c471d9559617def14268678a7b9b1ac75563eb266aa3c98fbdbf97977486e20be6b4cb6d725bbabeef09fbd3534522c6b7f60cc9e99fdc996501b6f55a8139b596306c270d5bc92ed00ee744001f29efa1a7b12d3ba6df6b06019a24521828069156b209bd09bfd565abf3dae21d8dc4028e22aa6543f44df4178d9894b92d99bcb574cbb479cf5601f9ebf761b6927808a99f1b01715f63542f8961d5af944c
sigmaZ = a6afc8eb86feb4bb8eadb62e37c5ea4eb3956e1fd0a06a0799505bf4c23391644a2b021b1e4ce467ca9d728725ed03ecb4bdf5ce5fd61d2d962da4b7eafb4dbbdd0c872cc46981dd6498aa07a44b2eb9eaea7c6bffff0150a3b6ec75759d5c2b3fa24c7bdeca53485d2ffab32bec96ef18ae9f24b95fe24dccceef22681b11c7dbee21a210c736ce0a16b2b957939c039aa98165726f7aaccfd6834e70ce927afd7a21463349a5a89c32ddd4b923700b97805400b9f097ea5e698f9e10db1e20230ea7def44cf03e8bb99b0e199b11f9e0fdfb832ca431a05470c800f13311d29649ffa6ce88bdf009b2e81c38f9e2eb86ac21fd4c639deb15dc3c7ca577be5b
w = 797514bdcbea8ae78ed23168538fb80a2e4e92bc32c08f0d3b85e603b23f67a3
sigmaA = af344a5584362d3c561db93404bb31ce6174848375937ede80079482b409c3d66ae16372c4acdd63ffd34e3b9da60c1e824bbe492ebc60ce2f6604ed0d3b06ba7e07fc86caec71a60c5dce3159937f56691c9d9a2228932fba9eb5b99793c88049b48098d3cdf72da7c1c7391751abc96c4997de46fc69bf62d4eb34edd72a61a807f0621a9ae7d34420086110cc8e177ab494c68950e68ffbdc2192f9273845cbeaa6f4ee7a0198a9a5b918e1c6c04d895999bd25aedd4ef3525624daa3ea933536ddfd78a458843fbb1efacaf221e628437c1a0921b578ad2e4ecdbd2df10accc872620457b509e1d4f6ceb11f4f0f61cc395f8d78cdf273281693c9224633
sigmaB = 463b7a2fd235f9d5e15cc4882d48be8699094ecb7386ef81ef653efc0167863b151b07ef362409661b5cf605ca51c1fa51dcf742d769a25a941026274bac77029aefe706c01c450cd2c3a0e7bca40a0e39d5d18fb5e1570f62a1d01ec8b9209c61702baec3f1be4fcb9ffbef3630351db06dfd793a010fa9ecc1defb7d6d3d522755b7bf545e1ba01743ebe827aaff50864d071e8376ff3be90db389765911fcdc53f042345dbfa44ee1c72fecaf359e58af815ad75be7cfc9aac6a1a5db479f57c0274a1a51f072df35c4097a777a1ec577fa1e83cd4e4515b2c95d02a7b465ee2b6bd4a93ae302f6a274eaf8117bb5ad17067b99c97974e89046778ee50516
alpha = 81fc8e332dce23d2fc8112bc06522cf9cac336b817e9b3b9e60782450486344e
beta1 = 6b8de7570185dc5f2abfc0b0add206e959ec38ef09ae8c9749d54c264cddce75
beta2 = 4dc450796ad4f845e6d78d5829020b130098ec174d4545bc014f0e2c39b6124d
h = 3eddc12253afdcb194729457b704844211991779296a5d5de4804734a06e76bc4534c558fa6ca8e44dd2841142fd503075e055090a10c610fd77ddde4fbbf3f7ef38173c69a9189425f655348536f600c919afca90c173537499c4c1c3031324a38cd37935dad2155db085c6ebb5d3226501b81864587b7af36db938bf31fb05637bf9fc21739e0140dc5b926a554806df259043ed869bfbf108ffbf19c0df2f75c73b682ecbbe2f4a3849d924e1f47fbb886ac58fc5050c64c973c70bfa2c6297a5a679411e65fd21ad7681ddf1b2d1cd9ea97850da49d2b606ec78b1753d50da26d1b36f8fa9d89db17d9af27d61b970e039488b3401121d2c6a68ced792be
alphaInverse = b388d84e2e720712d9cc9ac60eb98bd88682002db787b4f5a4c73b98548e8a48
sigmaZPrime = e5faa1d9d9e85de260a4c1ae4de66d66681b1b679256dcfee4773d60ea3af9169a4aa3e804707ea677ad4d08fbfa68d8380d45f9783abceefb8979299cb2678e6a97fd0f435e3a1883d60fd3224f3a9ddee7c34b1bfc93a822b1ea2d06a0da4e2790f3eab6cfa3608523536310e155de217934c12a3a5c917a4f86e3200a307b6f3a9ae859663769d42062dd3107958444df48e30f6a2fd5fede4e3b440bb8b53620f7688dd2ac35a60210df9ed72251a41a7477ca48e9fe1761ce4830efdc19317261008ba116788a8a9664c47a2fce602d2a37f0327ec0b0dcd78b7140974e594578873e733581990235a4d612884191b476a4bce38675317b4d4d399ae7cf
sigmaAPrime = ceac126b560289f26b5166436839e94e580aba476545f0657ec6a6dafbf5e1dc2b46ccd0506c8b3136dea63a123f871a543b6eaa0ced8690c0b875f08cbdfe14f9e55ac27309e8992b307775a21ff151b63f361f7a6a06793ca3179c3abbcff4937ccbd9c21af96b69700ae041910a300eeade142a4531017ef670e59bab62efff3c60e58091144bfaced1506fe7c8ea8bb7d76242a53a74019593dc08588857b2c5d89ba552cc6a89077ff22277d370cf58885c37b81bdbcbd946715bfcbdb95d94d7cc5b030a6c01df1a26fbad4d3e93646b51d2205a0c3e4f393cecca85f61aa594511f7f07a48b2930baabc75b3dc61824bbebf5814932271ee355c9f17d
sigmaBPrime = d03006abea4ca4c7ba9c4bd1be563c9508170ff090f6724342bb359b7e1e8f0ed5faa2b79db6c2dae4e6bef97bdca3d89971188e579220919ae00bc95a7e73f1097777748836f3a9da96ffbd78c3ad64da0b8b99ac04d487289c729501141cefc877392776e379c3f835e506bffc76f55b3d3886b3eac07159f5fa0b6b878626f809efaf644862f6d44cacb02bddb05c7161b402b6dc3766955254d39e9492b118aaa52e5d66a1d6f7fde2089655cc9b0774d7ac7d17afd6211f2ffc28268a1fd161fb71e69cf570aa73c2cc22821b389d841d13055ce10ea15158f5b7cf8cc31d19dde5b7a6c7b58079a63fb1b4556815ee6fc14374bf93d18a3fbb1232fbef
sigmaCPrime = 2c8de4f841857ab397d93ea9a592f5ca10aa8f1ae038db79b4e66dee2faf059d
sigmaC = 981bcc4f430b5712c298ff5a5364fcb36a96c809e9e76810febbba147c8cd412
sigmaR = 7e32ec98475d658562fd12a1407730d7d96b2536ad0952ac7de7898cc59ff4bb
sigmaRPrime = 2ffec7d94a0e4b2450d878c0742ad293bad5e1d43e4c7e1763e14d4119dde83
D = 2,5
U = 1,3,4
C = 1,4
p = 1
s = 5665726966696572554944
m = 56657269666965725549442b72616e646f6d2064617461
md = 446972656374206d657373616765
w0 = 2753135564fc056bef2befc4bdfcdf852ae172843b4c5681759bf436d913e2aa
vr_e = 1307f3a25397a06098a1eac557f376d3411fc19c96070d6a8efcbffb8680b886c9c3d7e683236c8a9026793638a1053e23b714770e01023da82297c28bd942402687d79f9fceb62ac71f5a2a42319c228cdbf44b03c7f195f0cf6dd4d9bb94483565157a03a75bdb26aac998c5919f9b274df58b2de6683d943138b614d914a1b81434acc3492c198e1561d0e6508dc45ec321ae6dc7f3f6eb33856f01e66b24f200d55a707fac81814acb3538207940f82a475265c7c61e9da88cfd0829b5654b3ac7bef343c1e31ecccc1a10ea1f600a1c90e6b79269294901a830d2175076e
vr_U = 56657269666965725549446767656e0001
vr_W = eb642b04598a3a8cf0c0f157772ab32441b903ea7fc1ce93a0f95a3a23de73bd
gs = ceed46e1e934c3e374a31a02a996876005811c2d4a245c5b337a45c1ff9d55925a98f5e0d8e0971a88be5b0924d6520380cee6b9f51a522c35aa5eaba08f79e64599ba8b83068fe715c1953f9b3eda8fa22f591b4755f1a1c6ec0c111ea2b65146956ae52537c623e85de0fa805d8a5523df08f723cb172c1aa2e636dfcb18b2bc64ef3f92447d3731af01b4d951e499d769e9a5270d1fa08d9f645aa94577ad029a9a5e135cce53aa131a9dd948459532e0bca0e38e49a81003503ac00632eac5c7c2fa51da724fe9f1e761b83be5ff41ab1e9fe95ba5e1f08c6fb910626588994cc2641a72d43a839f635f6965f2badc8664a60749b4b3ba792a6acb0c0db0
w1 = c44067de9f2291731967245a3c139bcde0c76200915e5c39235b6aee1563be27
w3 = 1ee11d4cadff2e8da1ea821c30973caa5a5287cdb2a0cddeda36385ecaeb3531
w4 = a9fc7264a5ba025020bb5adfc4d3a7558ffef56c28c0bddc3908fc9dd563ee03
a = f28c2ba4cb9add29c5133584d096984f9cd7f6f6bce56b54226119519ea8a46f
tildeO1 = 53e3df955a66c63da7eadeaeb0bea1108665b4b9adf18ee93f952a9cbe647bbc
tildeW1 = 35f3b4dd580820f32f1abd07fd89db8c995633ff8ca84db4bfdd3e04e7156bd
tildeC1 = 91c697d1efd6de14ec749068b9b6a86e1b1ad99d0efcf2cbdb54d25e25505fc2d6e61bb1c71d453c096c474c8e82869f37d516171c58a4a0f16d28221b4bf8e191bf11bade0bed309a91dfc8a4f2b9e33a2f2ca8c04100f08d1333a428591c5297afd29b0efdc4bac04d21546a4bbac87227d530c94695b5e58844d250f7ddd601bd25f035bd995cf6294a1c723b9653a788ca408f5123736da6eaf0fb26ad0f615453a2cd9fd3ebef4e1ba0af533ce4f0ffad636446a38617c32b25b0ec1a3257e9dfcc7f742bdae5ed9d6427248258ef518a50650abaefcf8aa7cd7d24c7931399d2bbb8b935e671e4015acf6f337ed1e7a4419a1939d753a5ca67937d2efa
tildeA1 = e07fe9651411685826b48aaecd1c5cd32bb80d93f3be0d4578c47cdbe28aa31d
tildeO4 = 6f21e15933c01d756a8b82f52c50072f69af35d24d0b0d9801298cfdba35ec0d
tildeW4 = 3882cec02ed247a7cea10524b25f3504ee265c8cf4adf56413485709331fba34
tildeC4 = dc4de9fc04e1f3a2da52b37dfeefc2d13065d16cd3ba8127d58f44c54fa7d304e31280be563d8b772942af5c66c03769387ec35589be89051965e732a0b8cfb4e78dee7d2a84aed3a430fd73c7650dcb81e9f7c7f1b05568982adba31f1e0e8976a30917691e2a71e99405999e4a034cffab3f7c5390622a49195c8a16971bce6ee26024180b397991a677097a55d43e00abe82e8e12b032ff1245c6e5f04147a304e87766be2c667e1ffd106d61647bac4f2f155e0dbbf69ff8ec3be125a4571369ae131a3b72798d4e1e3873a529d5fe96a0f0776f03db2f1dcf739a9a3489cc72b90a6dac83f316b8b8cee90c557808e87cebaa0026d4fcb7f74f59f9fefe
tildeA4 = b9a66fd1ef38ca7c0d485665a7bf411773ded0fd5cc4c8b50b852fdfe48db588
ap = c1aafa5915cb9d9275c56a44119a6a0c9f13f8f0ada51a1b7d7c9f10098f4b0d
Ps = 988f45aaf75d56909560ee3c97a385772685ac40e03a9e0d81c6bec482a2eeaae2a3cd97305d2fa151e39e3b2eecaa480fafe5082afbbf75f4f525826a8e574ca1a3b36367433ac6c596c7b7066d122a32009bc3d9358f17d7a48fa43b9b1676fe1e3fbe8dc75b43dd66b7260545a293a6f4cecf662ae2769d801abdbf60f66c2ba2d54e79327a38874d64d15bafd6fb620456497d3fb177134989460d029fc6748ee2d9652d49e037fef62bebc52b9496c5e651d0db3d11a246da836d851fda886871fa081c9b438576b4105c9717cf9e21fa0549cbd04d70790bb54a90bc79f7c0fa8002ad3efbcada110fc65370e8ed2fdd4d098f58c69b1a1648d8f47ae4
UIDt = db17c922e458b4044cdc2a86295380badb6339f2f11d6a13aa561ba82f88d407
cp = 4f77b50a52f771747373a6f41d9bf819cf98dd0a07ff599ba1b910138d56857e
c = 347630c6376da94dae9b3c2de6323d7ef9dc873f7de077b9a4cb028da663a946
r0 = 2ee3db0d5d5834e765fc181880349da6de54e4df333466c7ac3c822f1047eef6
r1 = 8eda5466a32ceafa72be37c7846e9ae5931baa8dcf5fd2627bbfb71dba9ebbaf
r3 = 17c1dfd3c2ef9df5d2bb13d72b733419870ee054f2e3752b511f91c54babbcf0
r4 = 411010d836deafb4c384e283f86f2c579c45e6ed2cffce68ef72f782889c9b77
tildeR1 = 690b4abb00e3e73125c446bf50fa9bc0cfe6f2def0936c3eef2862f51141b2c
tildeR4 = 23480712e707d841221177884bfe961df73af1841203d252d5ea75de13775ab2
ie_b = 1
ie_r = 9e74bdaa82460196678e03ac05e9e5a2f3870e94d95f198b8d69ace57a3d73af
ie_E1 = 31512b287c3baa2894da9cb07cd946c8c6f977a0e776e830897b4bd089ac3cbbaead94458f874f23cd8c909fba2f5e18842569274da3802587fe74705f75688243c205c0fde4b7e107ecfd9d2cf7681698d980207285759bfd4d3f07910b896676a5cb8b8733121a072af9279df5e481fc3fbcad3bed0b0175879ffb3d7e690cb159e063203ddb68cf22fad99b4f9cba0988d742e1c3de8c5d1985aa0020c299137e95ee40c146fcd8db4b1ced428444c5872a2fd53aa6714351fc57e437194ba63f0d0a3d6ab773335cb3c0dcdad09165c796ec1c989f37bddab1a103dc0b73d1b279913b2a452d742d3800c2913b1060d50ebb5108743e2e4d5ea335438b14
ie_E2 = 15b06b44a301fcad7b0088dfd55beb3f4faf96c3d4d1d2d05a9ec1316628533ebc8471e5e7cccb8561a3a57949569c1d55ab9bda6030d46017fecd9bb4db6b5e2dde026c09fbabec2df07b1a19d24287409cdbfb404841d06e3fb3f3f0d9666f156d57fd397bd845601056849cfedfea378d2b034e77171241af59a3f8168d71dedc278c5c404841605a4485b6dc791903f021fabeb3360784d3ae88a6369d56f570b90ee8679f44cf6f5078e9db3c3c4e9e0e8dd6aa553dfeea8367e9d18dbfcbce5360b46af9b7f6efd5172705ce3a9e74cbb9b8940adda61b15acde33daccf63064124e9101423921fe66bbcde761f3bd2d8042417a6e5dc0846484893905
ie_xbPrime = 1dda34aa84fa088f1ffe0bf84811d068c55e637b59bc89b751389a33ab63f2a5
ie_rPrime = 1b53c63363a7006806666f143bb3e1440a8282c527c79ec07646e4706e680e08
ie_obPrime = aafa4a56822bc6bcb5aea6aab64603a650d80e179a560254b505bc1dc390f99d
ie_CxbPrime = d19b8e60997020bf370ecaf7e56f078225da215dafd86e7fcc64fd13d38a32ad3154702013aaf689166294ab6d9be3a4440557170dd76ab298accc762e44b42176e394630956ef83b51206a29c0822df2feecde108e46aa0f4ae9ad4c70537662bfd53c8ca7e59b73fb9876b4ca612a274b387a1f7d780c263e2c55153c167c963516dad3997c4438bf3cd06d96b2a03677dea15cda1f4670ca932e447450664d19ce13686819f7973989cf7fc637b6be7c8585cb29600cb26907d80643f5951ec055f74c81898d39842cf3d82a4b042b39ef7c5f997b931c9020491267fdb4973936f00c797d9c9cc67263bfe8c33401bc119ca36ff7441b916143cc06c13a2
ie_E1Prime = daaf44c813fc4bd7d03410930029ec55d189d44263116b677d574bbbdea9413bdd2216407e89c1c9e002937cf3ddb70db5aad0a160cb2bb54ae77b43a6ad2120e62b0064f510a1d6a685149b18db579d7c4dfe43bb11926aa780ff7e63261febd1a4cda88985953f41940c9eec8cd63baa804b7fc55da5a90b311aa6f581767c66d1963c5b6ae6f4953af3ce88ba9313fe97044da0305a70f9bc21d4e80f3623048ded71e451efdcf7b77ea99943e72504a3d5ec4f2cc1625aef8e6b5b11677ec8a6aa3d5f3852821734a4887608c361f81a0546924bfbe22317df09e405767fd082229fc2cc5deeae80b5c4a8b33f616aeacbae289abe7dab79799eaf231be2
ie_E2Prime = 63cb89a2e842dfacd4fdc3b914358830839d0c0bc0e73779058229671d762be78f8d3c0ed5816dd1f1ced0f5e38fcbd4fad1ec24cfb8b7d7616a400090ddd64affadbebc298d68f731d0ae21eb1a37112e5e0f64756b9e334c95c2e1e90ac3b401212c45a5b42727cfa5eef85c1917cbd3b91e57f5cfc26071f7d239c6ab949d14f5c387ccda7dd568be6f71071504a7661e8e7e6762188e1f5806cb1fc294954683837a78c0a6da184d966891073cb40fea2c43144cae84fa6e1e064210ad3eb0af87e618ab657ace24d63a2625bd5d2613ee0c4263f1859c2fb5dd9ff8d637fd847c7d98aef239867c49c8a16b8aac04a592266c91f00a790d9bfb49b292cb
ie_c = 193fccc82dc7b7719871e19f96513d1f5e125750b1c09587ddb22de64b4f3aae
ie_rxb = 8c02556d1afa8e8e832de44010fdfd5583fe3edfe972223ed34633c946a2d32
ie_rr = 82c63e1b825b3c1bef33b2254d7cb2de7d07dbd705809b2e0d0f3309ade93891
ie_rob = 676f449bdf37a64c5b741a30726f5a9671f5ec22e1ce2d6068493203139fa686
r_id = 1
r_d = 464f7eac295c1c5f80f520526e52d380e99378479dca0bd63370f18c2516a4d3
r_W = b6d060a9c9bfcfa8046e2c76d0345e13d7c6dad6830c965c4acee778f0ffb3f2c47961d7f1a5f253124c11ed210e80b54c414380cece1a331b6abdf68196844a325b2345dd9a88d9d681a98f150a67ab0fce2751b1f6991cdcfba4a60d85461274cc89bf2deeffca376aff803adc4a65c852354e89a705fca9fdbaf435b955dcce640652744e43de05e531e9235b6a088cccd72ad5f07568ee473a2379cd81078931050a11f19dbe2fc4627e7115f0af6bffeb150cff8129f297fb709353631fe4ac473805754937bd63a0fd8f801a22a5a75d50c4b4a5dd4d52a089e4aa32cd62cfa9af3e905a313368463b9ae1b26afab86f183187e793ae6374c77d66f268
r_Q = cbc9b2d415bee01267e4517c014d1d45634496c6b54c02b5e1363a60bda771bb265780345cad81e52a95cd50b8655770006df5d573d3eb26096e2ff2b84142c1fe59e893db198fa82d6306369e328eaac70e6355adcafeb65b57de4f87e0cc7b2a27cdfd7492aeeb62ff6a93e9d3b36c4ce1ef75b4679282a316e4f420e3d042aad8a7ea18cffc71fbe62c81b32ed9f3703248ac5c6de9b1b7abe085df916a9547929f89623f21fee0c40ae755d5a212144578c4e970e2f01d01d0eee8b7c440a7efb25312b6186428d0b21217ad93503b080e6d4b5a9045dba1ab0b33e35022d1bd38842847df6ade174c2add2ea580f66f56354f01898a3cff82f6c7a47a38
r_t1 = 58666a40698ac2debbc5107921f30930423d1f955af66e53f8f6a07c6ea8f924
r_t2 = b408514fdcc33dc6152f5bd4458933c1fb8cdb8570644261f8164772e9467012
r_k1 = 3f474848528db64fb9266be39627fae2588cdb21709e3c9bdf7d4e18e12b44a
r_k2 = bf48085ac41a1f41385c8517e417c55e07d8af0ac58d4458377552b1638d0336
r_k3 = 7cb06b5291b4aba8bf3faa71ee9c6bae2af8bea21ad10a3103af224fc86ddeaa
r_k4 = 584e9a33ab72cc532d064b86e3d3699a09a3876acf601baba63a4fe2915cdf51
r_k5 = 60ff19a0023803b72c6b741486834e3045884525e673dbf833ef8d7123e9c1d1
r_k6 = 26f925e3b9c998d19fd03e63eb072522eb1e9d0916ba6bec24206c12aa929342
r_X = a370139e2d1ec438b35bb21e5a1d51d92603dac5ab08625cf0be57b877183b6471e476703ac0b8622443dce28103d71ccbc140a2f51fc1f28983ee888788093a283aa423e9a7923d71785092a283edbdb7da230037470649268bbab6fb6dfa34e9d7a6be3ce90a37847216ce6ded972c9f2f9a59ef416543076bbebe8afb625286d5faae9f6f64db49ae45c4d2dbae7ac6ee5c007a42d6c17bb90892d90c00034b15b98a44d1ed317cd27cffd824be326aa553d0f457df12d466f9107b4a287b4557dc855e25d039a65f8b7027207e347b7298dfd7610a5535167912246e0f2d215ae166de4912a26345e2f1f74498f649d91c6f79ae8d79b557772047cb1a19
r_Y = d0f319f288428dcfb5ca0d816f83160dc2993951bdb11c4e8d8c1fef9dab7421dfba3137f294c1d6e2b4ec1c583bd12e8046a5ab8c1af554010211ae5147f6e1412fdda822475f212f0ccab89003162417c2e7ad83e342e50850541aa59328a1b424acef47321dd6a361c44e1f30bcacc99d5b209694ce5307d2ad943b10731eb66d6e59c0f172b011ff4ef8419de722e697e692fd9861ada0b8ab0dde81b623f4c753904545f45478048b6d49fb26efab535582843554044c14baa8aff0f3225166b70ddcb72e0e402f53a9b63f2cb4b9eb4ec82df24317928d067e7faa6da5cb3666ec41177016d67e65cbba7f5956a46fe9289f39dfed9bce6bce0f18cf67
r_Cd = 8b110ccae9fe55a10dd71eeb213438d12d48c5e84f92420f62d85310f3a0c32a13fb9c6527a7b039d55c34a424a66f9116e35588b4ac169f433e06b08f1288dee98785828026c81f3f4003099f460b172034ff8983b4e20bf2409136ef6301b04b17a27662b1e5ee15767372dd37bcc9e00289858ff1b8aa996251302dada301cb27593cefe2581407ddbf0aedf2703067bcb0a264fdf529f0ff1e36fcb2e12e43666a700b693c0ac1ecf571d6329b94561b429eed3ba4bd3c5fce8082cf84142aba321fe98b987561458332733c5eb175029dfe0294fbd9492f4ff2126233bae189389203775516c81e99be87734f9f8b2b0714edb1618f21c3c931110b9440
r_w = b4ec72850528b903107a1221acbf58b9d0be218e64c1649711fb62e8163188e6
r_z = 6e1007b188fd5ccdfd47e66ee4008ff48f34ed38f1f912d0ccddf5c23673eb81
r_zPrime = 6cbe21f021caee1ef670b119b1f2959d083e0d803d9c5ae080c450f0dca9b361
r_T1 = 1f5c740956448c657d47ad91066880f0460da0f2d774933271b203a7de2d2aa961b900c3cc4923211c7b360631db7de4dda8a7205fd255181605eeb7c366bd252fb6a645afef28b8a0831e85a14db6b7fdcd9ada2d7a611e89bf4ff791e30c1f35113010d898400b808b93e7b15306aba3ece59cf1b85876897cd66221dcc78278cfc7e5db20967f83f46fa7f190d48944f860aa82868aeccc70de07c0ea96f868f6475d7f94d7ac83bd2fa50b42b653e75e9300a6817b7c3c059375cac89e0bb990054751a42051eefdeb058b7707fe31124d2173517a87460283720f126d0d00aba6e38fd759abac249db4e261c1df8c458e94abdded5f4cb7ae32e6ecef78
r_T2 = 8fa80f593fe73c3ba9d55b6731c67d248aa49d1cfa76d741fd1066e14fed15bc8f2783872b7e42cce94c711d9782842339ccd6b7dc34edb7ac39d7d56ccfa3593e2fc32343020099a5643eb580e7029aeefa7c6fb47d020377d0b002756742753714cddc916b2998ab8198d4ce56197d8973a19165b8ba89c02484f7488eb37a663a3fd761350fdd955a832edbacd19574c6c05c6a642d66181421feee44a40da4f95341a9134696224e83ecf3212fc9d630f9edb4b25de34c7a090921b54317f1f0388094b67a28ed17552eb9d58f42cc75351dd19e7ecc48194aa2502aa863a918ad966c3584f3d22c67a383cd0a9d7a6b928c1ba78568b6da7d5630b9fd58
r_T3 = 7c61fe8d4f0c299ad975089096842a010031e082a860da23fd27db9d30e38ff6891122fb597c9939cdcbcf8a4e5331d88cb492b16ce8bdd1892a38c54b7d24d71d163488b75502e6ffc77e079c6bf75743e1db97cd3cfa67ecbe9faf1cd3b583925411008f37bca48528304a139903aa8788806b411481e388f4f828b78ae851558740757d0093b7c4468c27d7e3774cf17e0c19f97d65c39257b9a1b560ab45aacc40d2152ae04f75390f42d834d82b865abc9f9e178331078b59e765ff1692608326969b1edfd9e3137024926594ca88bd3e8bc568fe3866e56dec517fa652fac9cda12519afef9818f723b10bc0ef2bb42310e501ae2e769bfab519e632eb
r_cPrime = 3d710554b257f7cb697892dc00dde67f9b00ca24378a57c08d0d79b4c5485179
r_s1 = 464f6df522dbf47a44132c0939911e24576d9b8f4c4f772738cddb1956ec3260
r_s2 = b2e154bdd280be999bf46c7bed186b24b569419bb4ff4e51c192109e452fda0b
r_s3 = 2477c0f106b4675ecf61ff1085cee43f72f9ed5dd8051a28e0657b38be865d6e
r_s4 = 64798a9230ca8aa0c1c64027b7bfadf6e455a46a91516b29284fc65364a4d9d
r_s5 = 584f3bdaaa8a600df9bd63ffd7f8253d83ef968679e383d8937f422a83dc6856
r_s6 = 312bb63b5f730b437b38393c3209f1f4957af3522e64f7b766c2621a6efabde8
sm_x_index = 4
sm_i = 2
sm_n = 3
sm_s1 = 1
sm_s2 = 2
sm_s3 = 3
sm_c1 = a9a3ed8c5e6b767bef74851635770c2bca6b85044cb8bb6c8e38bf995d85260d
sm_r1 = 3cfcba481a98c480a82119a13455b7ac1340483e0c8ff5f0e780fe25abdd1e6a
sm_a1 = 27f0135dc80ddf34c1628cb05eef6a918c946a8b92b7f59a913e256f43f3ded89ff8f898657d02adac0f280e47e6da8c38c4ba5ccbbee0b63dbab197c38848e03e90d87077ce965727417f0dbef2d08dc54d8e57f864f6c1fabc14594bc69fa94d8b2c200e6eb3327b3266525ab328c52fa1ebcd0a21545b03d281665ab4200fe1301ddfe472fae78557d969f53ece7ab173b2be33e5fc9f04d37556eb852954d6e9d1087f121a18e080ca7acaf0b754da499c97232c9f5de4999ae1c98ab8a14a369d38e7ceb66c883e30154997295e64d274441c9674bd79e3d9d893be37d49e1fb19d6ba3ca07a0662e326febdc9bcc73b1e69218f1f5f3166d5fcc911cfc
sm_c3 = 4e77da38bdc41131a7055c2b9f1a38388113851c3de701ad07c96099999ed4ca
sm_r3 = 2af53bc7b7eee4f2f16970632c951cd48c5a49857022d66762c31f364779808
sm_a3 = 60458e9bfc95a5ef206e02bcae024d818894542086931b97e56f551c64afd9f779f40435696473278f7bd622398243f5a5b3bc085d90dfe32f0326963b7cb4d3178e259220a32b43209fea3ba220218fefe59383d188c71ee2f4cf4dd53d2b609e696810ed34431f885ca6f4e5560d6f90b392e39ea601efc54142dc8219e037c144db560cdfec8ac73944daa4b2d26841feb9311d38bf0ce2c128451a9ffee9696ca61f3ab4e7747d8684357698ce9eb45cc9cb41a6341d69f6d3d1d4fef437d489e3607cea8866b9fd71fb08ac2d59314a96d27df9b9013112e59a317f50a6a5f9c06229a11f6b5d7d31799eb15bbf6187bd57fb747b6844b8bde1808af46b
sm_w = 309128f0c77bbd022435ed2650fa7a3d789351d4fa3c730082ed464e4dfbebb7
sm_a2 = 625a21d169fa38c46d65a9a1d61a3d529002ff12861fe135741e6734391200322e69e7ff3e4e67afee6670f292d76094e470b2f19cbc90b54e74422ca7c39e0bcd1c2d1815bc6d7c7d5a3ccf0be62e2fc9d147b9f0371b54f885de802ea8307fd1e28daa71b4298c5b46140b049bc2d15db77b07ac60725aaa8c429b5f839a43dae2016c43fddc2aec72d83f4f61ed387422fca99c65d4a58483367a653cf064aa996357826f0091bbce78fda3810bf115e6873fe99128802d7e7795cd6e0de18fadd8581e017bf6d511622efa6e55974d1ce9ed75ccd0867e0a47cde43b36817bf292affd7d56843d6333a6a509084e18cf9acf265f6eb4864d33edece75355
sm_c = 1c961e13755214f57dc0e363a000e01386d2357f9545f9d7d5fac9ad1e1d5952
sm_c2 = b668f77694457f79f0d532fc8fdcb932780091c07779ddcc51e9af440269af85
sm_r2 = 6cb753b9a98af24736230c03ee9b03044674bf142ad285efa97c09e0e47acc77

Просмотреть файл

@ -0,0 +1,63 @@
// U-Prove Cryptographic test vectors - V1.1 Revision 3
// The following prefixes identify values for U-Prove extensions:
// * 'ie_': identity escrow extension - draft revision 1
// * 'r_': designated-verifier accumulator revocation extension - draft revision 2
// * 'sm_': set membership extension - draft revision 1
UIDh = SHA-256
UIDp = 56312e31205265766973696f6e20335465737420566563746f727320233131
GroupName = 1.3.6.1.4.1.311.75.1.1.1
y0 = 79709bb76b3181c03ce55ba152d53e3f5a31046ecd392cb167ddfd9226db75b7
g0 = e28bc9221a1f0e54f48885b9f78554064af43c0995e69d9748b30def92ed5e89d480375defab7b98832a02807ff5cb3e5091bcfc6164e2694e649ff5855e29abb331f96022ecc0ed70cafaa4785d000adbb2b00a22657a394e6ac4b11e6f2f79d7bd8bdeef8326977ba183ff3b3672b101f27122a149a7bbdc8fc329e2936c933e937b185c596ed31d2e298df1f17bcee3da866ab3a8a9c1e82e149d2cbee5d7eb0a1ed031d57737ca43fec8fc0e4109b639bf6b153bb1f3638c28fcfae0785cb501f6f04bd334c9453508e595ad561c1353b13b348f570a14a7bd78d52c5f8b2acca51d601f969c203cd23224d9e87b2010266ef5f959edc71ef9100bcc5378
e1 = 00
e2 = 01
e3 = 01
e4 = 00
e5 = 00
S = 49737375657220706172616d65746572732073706563696669636174696f6e
A1 = 499602d2
A2 = 416c69636520536d697468
A3 = 555341
A4 = 02
A5 = 19
TI = 546f6b656e20696e666f726d6174696f6e206669656c642076616c7565
PI = 50726f76657220696e666f726d6174696f6e206669656c642076616c7565
x1 = 499602d2
x2 = 3e4668267d6a6fe778ec3a189b384b44d029f3edc3532d618b88a729adaea673
x3 = 6ea19dcd4945a99795edb377600622d522b2e1986265efc569186ad3326c7427
x4 = 2
x5 = 19
P = 7928f72e8509005fb2545283eb9fefb504261f21a683288baed067c2262ba9f8
xt = c6e515f12449d7f3aa6e2d4cd450748f3d5fdaffc7f1fbc1ad456fca5bab571
gamma = 76a91e3a37809af42f29154bccd6983d555080e00242a37caedfd53d4488a949a0c8952ca9928f0393573edad9d8d927650e4d8accbab956fbc79d288f3fbb731e5202cd0b0a325acbff63f8903278afb910e0702670810b075b0ded2eff923667f2d425828a6be716c465ac6c68c2ef464385c3762f82783a2ced9c3a25183c9365f8fff135f9f67b411a69db5abf107b6fe6f99430cf316aa846449f11b0fab954ee243649effe4b6667c66fba230e64ad476bf5bae899dc11c49df59240c4f8147b8e200f3a683cfa8ebae0e7c8f5ccff2a54238904b17d2afdb6f7318d8aee7885ffbe94a6275a34cdcca1198d84760b6c1fd728394b015419457a3c5875
sigmaZ = 861dd02cd3778f55e17e375a9252d24f2c88b17fca5ba031f04e0f953dd1952cadc26e88da648afbf2fa5b705c1cee7b3802df6346ae40aaf976f278a7cd420cba6c82fed8b310fe0991f045c9c8cdad9cbd8c3c0e42ee34d17d4365f6290b3870b2a7f2fda26f328ea172e71e0ee0cd1f450d2f6b5310eb00b86803af3a18ebbb73748f25057168857737af79b9dec57985b5a3c3793630e586cf36a739c0f91377403c00dc21517a05f5178c410bfdf490b64512101d1b78c8d7ce6cc016784e54193d95be447baf1185d0b9b2502cfab271dc8a7c49eb955f919b35b92509f126fb6615622e3134b1baeb302cb18bb29b8252c9f3dbda35697526b7ea1d68
w = 67da2c92898a8db5ee329ebe6f4d323d23791dfd05e2e33f43e94f8e34ef9a60
sigmaA = d52e354004283942f55bd87c64d97c0ab704ea05b32c65315f6e888dbe62f65d51b110e11882a49a6d0574ba8bb89188a59dbb3170aa0993578fdae67dfe4540e8f67ea8948eb3582bf1229a4be1c96b2b3839f243954b3f419ada00d6587687b7643b0d464ca66b05c3e946e856155ba88ce2161d9f5aeaf84806df2b3dd7d258c8cd0f0c47d159624ea462ff2dd846fb3238348579c3c131c2e437aff6b42a47c29b7fe16622f95d4a8c6832174982cbb0002ebd3cca47041f361d14882062f209eb6994801de62a2f51fa09d6b93030027c99ad93952f48317deffba284c4b0795c7a9e1f24c816a349a72db18ab6d025b6dfe1146fea8bf67c9dc7031ade
sigmaB = d1ff392831fdd04f68eb83bd71068141716d5c4d2450c3dcd6cb6ff07a0c718ccd231b38ca9a26e991bf88a23f0336c6a495c874e28e6d9b2820dfee3bcb3340e811a686ab9a004ccdbcaf30a48c784141930d91265440e7858dfba8bb96337d7b9cb362114eae1d9e787d251a68d6a1d6e271abd286c6a5dabb4016f8768b3e996d49b225423e5da5916a5fa89f7b535af6271cdf2aa5e87ab2922359a693092a1a0dde4122e4390e60028eaa54e7108acde1929ea5ef9ed58f5e8524c03f2fd2ac211832ecf2730f1d10bac65cd2a6b710ba370741e0405f1063754576fb6dc293a683c1f09526243123d9a1dd83bbabbb326cf8be07eb7a3758a5d4a0d6d9
alpha = 6fa43977a9acb5d0a34f809b9b6d421aaabf6eacbd78b284f6ec4ea03aff80ff
beta1 = 973d4ecb13bb9477c34d59b56248a4d6a634e37580eda2f7f1b480bc5e1595a4
beta2 = 688b2ca01e58ed62630d002bcc693ecaa2245d464a1ae22925f56794d1ef029
h = 215063877aa7999f35c2f7e6ae61f12a0f54e72eb8252889d9c36bb40cd8e2effb893ecb6fd331e56bd653c2cd550a775950193b8cf148ae0d26b0cd05b637e283840712e1b00411d20271fbe6225732fdf046f362da3dde12c1a6a221be2517bed66e0676709790f28055eca437d953695d730816b681c584bebfd3d41f7bc119731154f299c54f7535c90d744d73e50a9e8e3603fc700dd3d243e9c87349857b16478d586eb966ef5bd5f7e6835e6673e2022350907d74ac68fe449d3704ede0d0c4d5cf39310e60ab673bba74b2bb4b83e934758337989edd9f13ee6ccaad5fb8f761a44865599d5b788522f58ebcc0391ad5ddca5d96632af1ec8070c8df
alphaInverse = 5323edcc06b3576fe970346977cfdf41289ae7833f366d6653d44376f721bf06
sigmaZPrime = e0f776878e504fb787c19d46e16bc9dcd9b5935fca8d9221fbd1c29ee4bcccf7722bfe53593308d75fb60b26300768de257bb9accd605af5ac0322cdd5c4592ef1554ae75c64c1c6847b470487ff3fb1673be10f289cd232ab86a0430b4578c7751697e798075a21b6b227c9ec0ca96613613804516e23548ffec56863f30c638f5d4b42bc4bdf33008ec87f9eb6fc931fb39ca9f88ee992f8aa3b6cdbd4b98f1a6f3c3d8d6ef26a7e0dcaccd17f0a87f7624c5319fdc4c7b850eacb35f14952791ffa60909619d270d1fce673439390a57be0ebcf18efef7547fc738439ae2086e7f68bcccb01c4401c6dfe630b2cf53d276c36ef59e67264a4361cda439963
sigmaAPrime = 295b5767b5fde1c90340196f65eda24f3dd0142a3c6d523c40e635570781211abdb300dbb6d5d414568c7b00ff409565f2184aee878ccc9535ff68dd68b2c7c2243d5c8b4c24cbe1606d5cfb841315a291bb0bd2ea266609eaad119a57b896125f744e2ed3b09c9387cf456c35133a0737fb058e91e8ad9deeeeae86e97b497a885af8450b057f0c2c582b1dab6a0ca6882ecf36c8a6f14d4cf36506084791d0bb94cb15651add23fc23427534d3a417d554ed0cc89788c9b6057efa4fe1d207438ed3dbd40cc85392b25f41dc93f889bce55d6f887844c1b74bef5a4ab17157b9fba26da9e32cff59ba1088f1dc3fa62f75f9427ccb6b89fcf1c85400014e3
sigmaBPrime = 86b829f506a3a521200a5ea3ae384429866b60a65bee1c808013e858d5b53c92de3739f49344fb5f3c0fc9a061773dc008002f7968995c6e09457b3be8c3084221b5766dc50fd5775d3eeddf6e4dffb3f4578ea1f5175e86338c34788b9a0154751dffccd29bdf5c15ab9355e48e3866f9780671e873b20dfe6b796dc6c10daead70ae53984b8b4c923234c3796ff1a3813c2006dfaeaf1e540fb4c8bea210fc44bc67cb87914a30159b8c88ff365a0416c37c9b46cd3381aed435a335a148c10bd24a45424685fb353d36829376d6c90f3079be2695b42f87e5a02d48a3ed6b070cafc4dced6a4b0d30e706f9b0ffa370114c7f4122bc1ff0912d48bf7cdab3
sigmaCPrime = 7ed7b7a28db1f77a3b7ca2dd60a49ebdad5da4fef5af6ddd604f4148b3d5a313
sigmaC = 4d1db5d983dc12d8fa02e42560b6b4d2b53bd543c033404e490b3f2024331032
sigmaR = bb855e81d7f5132e9bce5d3143a643ccef9974c82e931fb85cb86002aaa26852
sigmaRPrime = c20e114bd9daa204c1ff2d34006cd7b999bbba9c9334cddaef17b67bf7c1587b
D = 2,5
U = 1,3,4
m = 56657269666965725549442b72616e646f6d2064617461
md = 446972656374206d657373616765
w0 = b8b4e6e14446b62f2df44a890532d8f492d274e61c8f88c3025ac2c79da8b452
w1 = 154367d4f8aeefe9bd02bfba5fbf15a7e08f1837acc8c1a1232a5d0596366900
w3 = 40f7aaca796fdd5268722452b761020db55949b8dc4befaba88f3df4607f7ed2
w4 = 3853e6c94ad9ef0f077800f00d4071ca20d23429a5d9a8f508fe22ea31e9f2e8
a = 1b879de1e7ad79f42df140859f121d66071d6b80ea179427148d2cf2919d7a28
UIDt = 3c6e94cddbccaec62e26aaf5e82fa7e8c6cfce107f4dc0bcc6587942686a58fd
cp = e08001386b215e5d386ebb387b9535e5c6a83db71553daf603202caeb0b786c3
c = 66b86fb79b5f5b98b4ba9210a2a00e038dee08e69e2c9fe8327f98dc2f30dfac
r0 = b8443605da63aad6fb337c32963db5673523bfcdcf49b742a40ce6d22aa70bef
r1 = 4f9730704dc3047054d2a7b37fce7a20a3d81c0ec0511cec14ad3324c2736e2b
r3 = 615bc708eb265c527fce1078bbf55d375c09652b133432e9ffd89adfdd8db42b
r4 = 33da57ee31acb0f6a2c9f53c2a36e484a34cd58d1fea39abacf77416c1405c15

Просмотреть файл

@ -0,0 +1,8 @@
// U-Prove Cryptographic test vectors - V1.1 Revision 3
UIDh = SHA-256
hash_byte (0x01) = 4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a
hash_octectstring (0x0102030405) = 16df7d2d0c3882334fe0457d298a7b2413e1e5b7a880f0b5ec79eeeae7f58dd8
hash_null (null) = df3f619804a92fdb4057192dc43dd748ea778adc52bc498ce80524c014b81119
hash_list [0x01, 0x0102030405, null] = dfd6a31f867566ffeb6c657af1dafb564c3de74485058426633d4b6c8bad6732
hash_group (1.3.6.1.4.1.311.75.1.1.1) = 7b36c8a3cf1552077e1cacb365888d25c9dc54f3faed7aff9b11859aa8e4ba06
hash_group (1.3.6.1.4.1.311.75.1.2.1) = 02bb879cb2f89c19579105be662247db15ab45875cfc63a58745361d193ba248

127
UProveJavaScriptSDK.csproj Normal file
Просмотреть файл

@ -0,0 +1,127 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="12.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
<PropertyGroup>
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
<Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
<ProductVersion>
</ProductVersion>
<SchemaVersion>2.0</SchemaVersion>
<ProjectGuid>{E4DB4738-B4D7-4352-B475-A4D27CD50BAC}</ProjectGuid>
<ProjectTypeGuids>{349c5851-65df-11da-9384-00065b846f21};{fae04ec0-301f-11d3-bf4b-00c04f79efbc}</ProjectTypeGuids>
<OutputType>Library</OutputType>
<AppDesignerFolder>Properties</AppDesignerFolder>
<RootNamespace>NewJavaScriptTest</RootNamespace>
<AssemblyName>NewJavaScriptTest</AssemblyName>
<TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
<UseIISExpress>true</UseIISExpress>
<IISExpressSSLPort />
<IISExpressAnonymousAuthentication />
<IISExpressWindowsAuthentication />
<IISExpressUseClassicPipelineMode />
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
<DebugSymbols>true</DebugSymbols>
<DebugType>full</DebugType>
<Optimize>false</Optimize>
<OutputPath>bin\</OutputPath>
<DefineConstants>DEBUG;TRACE</DefineConstants>
<ErrorReport>prompt</ErrorReport>
<WarningLevel>4</WarningLevel>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
<DebugType>pdbonly</DebugType>
<Optimize>true</Optimize>
<OutputPath>bin\</OutputPath>
<DefineConstants>TRACE</DefineConstants>
<ErrorReport>prompt</ErrorReport>
<WarningLevel>4</WarningLevel>
</PropertyGroup>
<ItemGroup>
<Reference Include="Microsoft.CSharp" />
<Reference Include="System.Web.DynamicData" />
<Reference Include="System.Web.Entity" />
<Reference Include="System.Web.ApplicationServices" />
<Reference Include="System.ComponentModel.DataAnnotations" />
<Reference Include="System" />
<Reference Include="System.Data" />
<Reference Include="System.Core" />
<Reference Include="System.Data.DataSetExtensions" />
<Reference Include="System.Web.Extensions" />
<Reference Include="System.Xml.Linq" />
<Reference Include="System.Drawing" />
<Reference Include="System.Web" />
<Reference Include="System.Xml" />
<Reference Include="System.Configuration" />
<Reference Include="System.Web.Services" />
<Reference Include="System.EnterpriseServices" />
</ItemGroup>
<ItemGroup>
<None Include="Web.Debug.config">
<DependentUpon>Web.config</DependentUpon>
</None>
<None Include="Web.Release.config">
<DependentUpon>Web.config</DependentUpon>
</None>
</ItemGroup>
<ItemGroup>
<Content Include="LICENSE.txt" />
<Content Include="msrcrypto\cryptoECC.js" />
<Content Include="msrcrypto\cryptoMath.js" />
<Content Include="msrcrypto\global.js" />
<Content Include="msrcrypto\sha256.js" />
<Content Include="msrcrypto\utilities.js" />
<Content Include="index.html" />
<Content Include="README.txt" />
<Content Include="scripts\EcP256.js" />
<Content Include="scripts\SubgroupL2048N256.js" />
<Content Include="scripts\UProve.js" />
<Content Include="scripts\UProveTest.js" />
<Content Include="TestVectors\testvectors_EC_D2_doc.txt" />
<Content Include="TestVectors\testvectors_EC_D2_lite_doc.txt" />
<Content Include="TestVectors\testvectors_hashing.txt" />
<Content Include="TestVectors\testvectors_SG_D2_doc.txt" />
<Content Include="TestVectors\testvectors_SG_D2_lite_doc.txt" />
<Content Include="TestVectors\UProveRecommendedParamsL2048N256.txt" />
<Content Include="TestVectors\UProveRecommendedParamsP256.txt" />
<Content Include="Web.config">
<SubType>Designer</SubType>
</Content>
</ItemGroup>
<ItemGroup>
<Compile Include="Properties\AssemblyInfo.cs" />
</ItemGroup>
<ItemGroup />
<PropertyGroup>
<VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion>
<VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
</PropertyGroup>
<Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
<Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" />
<Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" />
<ProjectExtensions>
<VisualStudio>
<FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}">
<WebProjectProperties>
<UseIIS>True</UseIIS>
<AutoAssignPort>True</AutoAssignPort>
<DevelopmentServerPort>43549</DevelopmentServerPort>
<DevelopmentServerVPath>/</DevelopmentServerVPath>
<IISUrl>http://localhost:43549/</IISUrl>
<NTLMAuthentication>False</NTLMAuthentication>
<UseCustomServer>False</UseCustomServer>
<CustomServerUrl>
</CustomServerUrl>
<SaveServerSettingsInUserFile>False</SaveServerSettingsInUserFile>
</WebProjectProperties>
</FlavorProperties>
</VisualStudio>
</ProjectExtensions>
<!-- To modify your build process, add your task inside one of the targets below and uncomment it.
Other similar extension points exist, see Microsoft.Common.targets.
<Target Name="BeforeBuild">
</Target>
<Target Name="AfterBuild">
</Target>
-->
</Project>

22
UProveJavaScriptSDK.sln Normal file
Просмотреть файл

@ -0,0 +1,22 @@

Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio 2013
VisualStudioVersion = 12.0.21005.1
MinimumVisualStudioVersion = 10.0.40219.1
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "UProveJavaScriptSDK", "UProveJavaScriptSDK.csproj", "{E4DB4738-B4D7-4352-B475-A4D27CD50BAC}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
Release|Any CPU = Release|Any CPU
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{E4DB4738-B4D7-4352-B475-A4D27CD50BAC}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{E4DB4738-B4D7-4352-B475-A4D27CD50BAC}.Debug|Any CPU.Build.0 = Debug|Any CPU
{E4DB4738-B4D7-4352-B475-A4D27CD50BAC}.Release|Any CPU.ActiveCfg = Release|Any CPU
{E4DB4738-B4D7-4352-B475-A4D27CD50BAC}.Release|Any CPU.Build.0 = Release|Any CPU
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
EndGlobal

30
Web.Debug.config Normal file
Просмотреть файл

@ -0,0 +1,30 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- For more information on using web.config transformation visit http://go.microsoft.com/fwlink/?LinkId=125889 -->
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
<!--
In the example below, the "SetAttributes" transform will change the value of
"connectionString" to use "ReleaseSQLServer" only when the "Match" locator
finds an attribute "name" that has a value of "MyDB".
<connectionStrings>
<add name="MyDB"
connectionString="Data Source=ReleaseSQLServer;Initial Catalog=MyReleaseDB;Integrated Security=True"
xdt:Transform="SetAttributes" xdt:Locator="Match(name)"/>
</connectionStrings>
-->
<system.web>
<!--
In the example below, the "Replace" transform will replace the entire
<customErrors> section of your web.config file.
Note that because there is only one customErrors section under the
<system.web> node, there is no need to use the "xdt:Locator" attribute.
<customErrors defaultRedirect="GenericError.htm"
mode="RemoteOnly" xdt:Transform="Replace">
<error statusCode="500" redirect="InternalError.htm"/>
</customErrors>
-->
</system.web>
</configuration>

31
Web.Release.config Normal file
Просмотреть файл

@ -0,0 +1,31 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- For more information on using web.config transformation visit http://go.microsoft.com/fwlink/?LinkId=125889 -->
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
<!--
In the example below, the "SetAttributes" transform will change the value of
"connectionString" to use "ReleaseSQLServer" only when the "Match" locator
finds an attribute "name" that has a value of "MyDB".
<connectionStrings>
<add name="MyDB"
connectionString="Data Source=ReleaseSQLServer;Initial Catalog=MyReleaseDB;Integrated Security=True"
xdt:Transform="SetAttributes" xdt:Locator="Match(name)"/>
</connectionStrings>
-->
<system.web>
<compilation xdt:Transform="RemoveAttributes(debug)" />
<!--
In the example below, the "Replace" transform will replace the entire
<customErrors> section of your web.config file.
Note that because there is only one customErrors section under the
<system.web> node, there is no need to use the "xdt:Locator" attribute.
<customErrors defaultRedirect="GenericError.htm"
mode="RemoteOnly" xdt:Transform="Replace">
<error statusCode="500" redirect="InternalError.htm"/>
</customErrors>
-->
</system.web>
</configuration>

11
Web.config Normal file
Просмотреть файл

@ -0,0 +1,11 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
</system.web>
</configuration>

85
index.html Normal file
Просмотреть файл

@ -0,0 +1,85 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta charset="utf-8" />
<meta http-equiv="CACHE-CONTROL" content="NO-CACHE" />
<title>U-Prove Javascript Test Page</title>
<!-- MSR Crypto scripts -->
<script type="text/javascript" src="msrcrypto/global.js"></script>
<script type="text/javascript" src="msrcrypto/utilities.js"></script>
<script type="text/javascript" src="msrcrypto/cryptoMath.js"></script>
<script type="text/javascript" src="msrcrypto/cryptoECC.js"></script>
<script type="text/javascript" src="msrcrypto/sha256.js"></script>
<!-- U-Prove scripts -->
<script type="text/javascript" src="scripts/UProve.js"></script>
<script type="text/javascript" src="scripts/SubgroupL2048N256.js"></script>
<script type="text/javascript" src="scripts/EcP256.js"></script>
<!-- Test scripts -->
<script type="text/javascript" src="scripts/UProveTest.js"></script>
<!-- Page scripts -->
<script type="text/javascript">
"use strict";
// Catch errors and display them
window.onerror = function (message, url, linenumber) {
alert("JavaScript error: " + message + " on line " + linenumber + " for " + url);
}
// This delay (in milliseconds) allows the browser to redraw the page
var REDRAW_DELAY = 100;
// HASH TESTS ///////////////////////////////////////////////////////
function runHashTests() {
cryptoUProveTest.executeHashTests(perfResultsDiv);
setTimeout(hashTestsComplete, REDRAW_DELAY);
}
function hashTestsComplete() {
statusDiv.innerHTML = "U-Prove hashing tests completed";
}
// END HASH TESTS ///////////////////////////////////////////////////
// U-PROVE TESTS ///////////////////////////////////////////////////////
function runUProveTests() {
cryptoUProveTest.executeUProveTests(perfResultsDiv, LiteCheckbox.checked, ECCCheckbox.checked);
setTimeout(uproveTestsComplete, REDRAW_DELAY);
}
function uproveTestsComplete() {
statusDiv.innerHTML = "U-Prove tests completed";
}
// END U-PROVE TESTS ///////////////////////////////////////////////////
</script>
</head>
<body>
<b>U-Prove Javascript Test Page</b>
<br />
<br />
<p>Run test vectors hash tests</p>
<button id="HashButton" onclick="runHashTests()">Run Hash Tests</button><br />
<hr />
<p>Run test vectors protocol tests. Select Lite for the lite protocol version. Select ECC to run the ECC version.</p>
<input id="LiteCheckbox" type="checkbox" /> Lite
<input id="ECCCheckbox" type="checkbox" /> ECC
<br />
<button id="UProveButton" onclick="runUProveTests()">Run U-Prove Tests</button><br />
<hr />
<b>Status</b>
<br />
<div id="statusDiv">Waiting for input</div>
<br />
<b>Performance Results</b>
<br />
<div id="perfResultsDiv">Not executed</div>
</body>
</html>

1984
msrcrypto/cryptoECC.js Normal file

Разница между файлами не показана из-за своего большого размера Загрузить разницу

1726
msrcrypto/cryptoMath.js Normal file

Разница между файлами не показана из-за своего большого размера Загрузить разницу

98
msrcrypto/global.js Normal file
Просмотреть файл

@ -0,0 +1,98 @@
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT license.
/// #region JSCop/JsHint
/* global self */
/* jshint -W098 */
/* W098 is 'defined but not used'. These properties are used in other scripts. */
/// <reference path="jsCopDefs.js" />
// Sets the url to for this script.
// We need this to pass to webWorkers later to instantiate them.
/// <dictionary>fprng</dictionary>
/// #endregion JSCop/JsHint
var scriptUrl = (function () {
/* jshint -W117 */
if (typeof document !== "undefined") {
var scripts = document.getElementsByTagName("script");
// Since this script is currently being evaluated
// it will be the last one in the list.
return scripts[scripts.length - 1].src;
} else if (typeof self !== "undefined") {
// If this script is being run in a WebWorker, 'document' will not exist
// but we can use self.
return self.location.href;
}
// Must be running in an environment without document or self.
return null;
/* jshint +W117 */
})();
// Indication if the user provided entropy into the entropy pool.
var fprngEntropyProvided = false;
// Support for webWorkers IE10+.
var webWorkerSupport = (typeof Worker !== "undefined");
// Is this script running in an instance of a webWorker?
var runningInWorkerInstance = (typeof importScripts !== "undefined");
// Typed Arrays support?
var typedArraySupport = (typeof Uint8Array !== "undefined");
// Property setter/getter support IE9+.
var setterSupport = (function () {
try {
Object.defineProperty({}, "oncomplete", {});
return true;
} catch (ex) {
return false;
}
}());
// Run in async mode (requires web workers) and user can override to sync mode
// by setting the .forceSync property to true on the subtle interface
// this can be changes 'on the fly'.
var asyncMode = webWorkerSupport;
// Gets the type of a native object.
var type = function (item) {
return Object.prototype.toString.call(item).replace("[object ", "").replace("]", "");
};
var createProperty = function (parentObject, propertyName, /*@dynamic*/initialValue, getterFunction, setterFunction) {
/// <param name="parentObject" type="Object"/>
/// <param name="propertyName" type="String"/>
/// <param name="initialValue" type="Object"/>
/// <param name="getterFunction" type="Function"/>
/// <param name="setterFunction" type="Function" optional="true"/>
if (!setterSupport) {
parentObject[propertyName] = initialValue;
return;
}
var setGet = {};
getterFunction && (setGet.get = getterFunction);
setterFunction && (setGet.set = setterFunction);
Object.defineProperty(
parentObject,
propertyName, setGet);
};
// Collection of hash functions for global availability.
// Each hashfunction will add itself to the collection as it is evaluated.
var msrcryptoHashFunctions = {};

285
msrcrypto/sha256.js Normal file
Просмотреть файл

@ -0,0 +1,285 @@
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT license.
/// #region JSCop/JsHint
/* global operations */
/* jshint -W016 */
/* jshint -W052 */
/// <reference path="operations.js" />
/// <dictionary>msrcrypto, der, sha</dictionary>
/// <disable>JS3057.AvoidImplicitTypeCoercion</disable>
/// #endregion JSCop/JsHint
var msrcryptoSha256 = (function () {
var hashFunction = function (name, der, h, k, truncateTo) {
var blockBytes = 64;
var hv = h.slice();
var w = new Array(blockBytes);
var buffer = [];
var blocksProcessed = 0;
function hashBlocks(/*@type(Array)*/message) {
var blockCount = Math.floor(message.length / blockBytes);
var ra, rb, rc, rd, re, rf, rg, rh;
var t, block, i, temp, x1, x0, index;
// Process each 64-byte block of the message
for (block = 0; block < blockCount; block++) {
// 0 ≤ t ≤ 15
for (i = 0; i < 16; i++) {
index = block * blockBytes + i * 4;
// Convert 4 bytes to 32-bit integer
w[i] = (message[index] << 24) |
(message[index + 1] << 16) |
(message[index + 2] << 8) |
message[index + 3];
}
// 16 ≤ t ≤ 63
for (t = 16; t < 64; t++) {
x0 = w[t - 15];
x1 = w[t - 2];
w[t] = (((x1 >>> 17) | (x1 << 15)) ^ ((x1 >>> 19) | (x1 << 13)) ^ (x1 >>> 10));
w[t] += w[t - 7];
w[t] += (((x0 >>> 7) | (x0 << 25)) ^ ((x0 >>> 18) | (x0 << 14)) ^ (x0 >>> 3));
w[t] += w[t - 16];
}
ra = hv[0];
rb = hv[1];
rc = hv[2];
rd = hv[3];
re = hv[4];
rf = hv[5];
rg = hv[6];
rh = hv[7];
for (i = 0; i < 64; i++) {
temp =
rh +
((re >>> 6 | re << 26) ^ (re >>> 11 | re << 21) ^ (re >>> 25 | re << 7)) +
((re & rf) ^ ((~re) & rg)) +
k[i] + w[i];
rd += temp;
temp +=
((ra >>> 2 | ra << 30) ^ (ra >>> 13 | ra << 19) ^ (ra >>> 22 | ra << 10)) +
((ra & (rb ^ rc)) ^ (rb & rc));
rh = rg; // 'h' = g
rg = rf; // 'g' = f
rf = re; // 'f' = e
re = rd; // 'e' = d
rd = rc; // 'd' = c
rc = rb; // 'c' = b
rb = ra; // 'b' = a
ra = temp; // 'a' = temp
}
// Need to mask 32-bits when using regular arrays
hv[0] += ra & 0xFFFFFFFF;
hv[1] += rb & 0xFFFFFFFF;
hv[2] += rc & 0xFFFFFFFF;
hv[3] += rd & 0xFFFFFFFF;
hv[4] += re & 0xFFFFFFFF;
hv[5] += rf & 0xFFFFFFFF;
hv[6] += rg & 0xFFFFFFFF;
hv[7] += rh & 0xFFFFFFFF;
}
// Keep track of the number of blocks processed.
// We have to put the total message size into the padding.
blocksProcessed += blockCount;
// Return the unprocessed data.
return message.slice(blockCount * blockBytes);
}
function hashToBytes() {
var hash = new Array(256);
// Copy the 32-bit values to a byte array
for (var i = 0, byteIndex = 0; i < 8; i += 1, byteIndex += 4) {
hash[byteIndex] = hv[i] >>> 24;
hash[byteIndex + 1] = hv[i] >>> 16 & 0xFF;
hash[byteIndex + 2] = hv[i] >>> 8 & 0xFF;
hash[byteIndex + 3] = hv[i] & 0xFF;
}
return hash.slice(0, truncateTo / 8);
}
// This can be optimized.
// Currently the amount of padding is computed. Then a new array, big enough
// to hold the message + padding is created. The message is copied to the
// new array and the padding is placed at the end.
// We don't really need to create an entire new array and copy to it.
// We can just build the last padded block and store it.
// Then when computing the hash, substitute it for the last message block.
function padBlock( /*@type(Array)*/ message) {
var padLen = blockBytes - message.length;
// If there is 8 or less bytes of padding, pad an additional block.
if (padLen <= 8) {
padLen += blockBytes;
}
// Create a new Array that will contain the message + padding
var paddedMessage = message.slice();
// Set the 1 bit at the end of the message data
paddedMessage.push(128);
// Pad the array with zero. Leave 4 bytes for the message size.
for (var i = 1; i < padLen - 4; i++) {
paddedMessage.push(0);
}
// Set the length equal to the previous data len + the new data len
var messageLenBits = (message.length + blocksProcessed * blockBytes) * 8;
// Set the message length in the last 4 bytes
paddedMessage.push(messageLenBits >>> 24 & 255);
paddedMessage.push(messageLenBits >>> 16 & 255);
paddedMessage.push(messageLenBits >>> 8 & 255);
paddedMessage.push(messageLenBits & 255);
return paddedMessage;
}
function bufferToArray(buffer) {
// Checking for slice method to determine if this a regular array.
if (buffer.pop) {
return buffer;
}
return (buffer.length === 1) ? [buffer[0]] : Array.apply(null, buffer);
}
function /*@type(Array)*/ computeHash(messageBytes) {
// Convert the input to an Array - it could be a typed array
buffer = hashBlocks(bufferToArray(messageBytes));
return finish();
}
function process(messageBytes) {
// Append the new data to the buffer (previous unprocessed data)
// Convert the input to an Array - it could be a typed array
buffer = buffer.concat(bufferToArray(messageBytes));
// If there is at least one block of data, hash it
if (buffer.length >= 64) {
// The remaining unprocessed data goes back into the buffer
buffer = hashBlocks(buffer);
}
return;
}
function finish() {
// All the full blocks of data have been processed. Now we pad the rest and hash.
// Buffer should be empty now.
if (hashBlocks(padBlock(buffer)).length !== 0) {
throw new Error("buffer.length !== 0");
}
var result = hashToBytes();
// Clear the hash values so this instance can be reused
buffer = [];
hv = h.slice();
blocksProcessed = 0;
return result;
}
return {
name: name,
computeHash: computeHash,
process: process,
finish: finish,
der: der,
hashLen: truncateTo,
maxMessageSize: 0xFFFFFFFF // (2^32 - 1 is max array size in JavaScript)
};
};
var k256, h224, h256, der224, der256, upd = msrcryptoUtilities.unpackData;
h224 = upd("wQWe2DZ81QcwcN0X9w5ZOf/ACzFoWBURZPmPp776T6Q", 4, 1);
h256 = upd("agnmZ7tnroU8bvNypU/1OlEOUn+bBWiMH4PZq1vgzRk", 4, 1);
k256 = upd("QoovmHE3RJG1wPvP6bXbpTlWwltZ8RHxkj+CpKscXtXYB6qYEoNbASQxhb5VDH3Dcr5ddIDesf6b3AanwZvxdOSbacHvvkeGD8GdxiQMocwt6SxvSnSEqlywqdx2+YjamD5RUqgxxm2wAyfIv1l/x8bgC/PVp5FHBspjURQpKWcntwqFLhshOE0sbfxTOA0TZQpzVHZqCruBwskuknIshaK/6KGoGmZLwkuLcMdsUaPRkugZ1pkGJPQONYUQaqBwGaTBFh43bAgnSHdMNLC8tTkcDLNO2KpKW5zKT2gub/N0j4LueKVjb4TIeBSMxwIIkL7/+qRQbOu++aP3xnF48g", 4, 1);
// DER encoding
der224 = upd("MDEwDQYJYIZIAWUDBAIEBQAEIA");
der256 = upd("MDEwDQYJYIZIAWUDBAIBBQAEIA");
return {
sha224: hashFunction("SHA-224", der224, h224, k256, 224),
sha256: hashFunction("SHA-256", der256, h256, k256, 256)
};
})();
if (typeof operations !== "undefined") {
msrcryptoSha256.hash256 = function (/*@dynamic*/p) {
if (p.operationSubType === "process") {
msrcryptoSha256.sha256.process(p.buffer);
return;
}
if (p.operationSubType === "finish") {
return msrcryptoSha256.sha256.finish();
}
return msrcryptoSha256.sha256.computeHash(p.buffer);
};
msrcryptoSha256.hash224 = function (/*@dynamic*/p) {
if (p.operationSubType === "process") {
msrcryptoSha256.sha224.process(p.buffer);
return;
}
if (p.operationSubType === "finish") {
return msrcryptoSha256.sha224.finish();
}
return msrcryptoSha256.sha224.computeHash(p.buffer);
};
operations.register("digest", "sha-224", msrcryptoSha256.hash224);
operations.register("digest", "sha-256", msrcryptoSha256.hash256);
}
msrcryptoHashFunctions["sha-224"] = msrcryptoSha256.sha224;
msrcryptoHashFunctions["sha-256"] = msrcryptoSha256.sha256;

388
msrcrypto/utilities.js Normal file
Просмотреть файл

@ -0,0 +1,388 @@
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT license.
/// #region JSCop/JsHint
/* jshint -W016 */
/// <reference path="global.js" />
/// <reference path="jsCopDefs.js" />
/// <dictionary>
/// msrcrypto, Btoa, uint, hexval, res, xor
/// </dictionary>
/// #endregion JSCop/JsHint
var msrcryptoUtilities = (function () {
var encodingChars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
var btoaSupport = (typeof btoa !== "undefined");
function toBase64(/*@dynamic*/data, /*@optional*/ base64Url) {
/// <returns type="String"/>
var output = "";
if (!base64Url) {
base64Url = false;
}
// If the input is an array type, convert it to a string.
// The built-in btoa takes strings.
if (data.pop || data.subarray) {
data = String.fromCharCode.apply(null, data);
}
if (btoaSupport) {
output = btoa(data);
} else {
var char1, char2, char3, enc1, enc2, enc3, enc4;
var i;
for (i = 0; i < data.length; i += 3) {
// Get the next three chars.
char1 = data.charCodeAt(i);
char2 = data.charCodeAt(i + 1);
char3 = data.charCodeAt(i + 2);
// Encode three bytes over four 6-bit values.
// [A7,A6,A5,A4,A3,A2,A1,A0][B7,B6,B5,B4,B3,B2,B1,B0][C7,C6,C5,C4,C3,C2,C1,C0].
// [A7,A6,A5,A4,A3,A2][A1,A0,B7,B6,B5,B4][B3,B2,B1,B0,C7,C6][C5,C4,C3,C2,C1,C0].
// 'enc1' = high 6-bits from char1
enc1 = char1 >> 2;
// 'enc2' = 2 low-bits of char1 + 4 high-bits of char2
enc2 = ((char1 & 0x3) << 4) | (char2 >> 4);
// 'enc3' = 4 low-bits of char2 + 2 high-bits of char3
enc3 = ((char2 & 0xF) << 2) | (char3 >> 6);
// 'enc4' = 6 low-bits of char3
enc4 = char3 & 0x3F;
// 'char2' could be 'nothing' if there is only one char left to encode
// if so, set enc3 & enc4 to 64 as padding.
if (isNaN(char2)) {
enc3 = enc4 = 64;
// If there was only two chars to encode char3 will be 'nothing'
// set enc4 to 64 as padding.
} else if (isNaN(char3)) {
enc4 = 64;
}
// Lookup the base-64 value for each encoding.
output = output +
encodingChars.charAt(enc1) +
encodingChars.charAt(enc2) +
encodingChars.charAt(enc3) +
encodingChars.charAt(enc4);
}
}
if (base64Url) {
return output.replace(/\+/g, "-").replace(/\//g, "_").replace(/\=/g, "");
}
return output;
}
function base64ToString(encodedString) {
/// <param name="encodedString" type="String"/>
/// <returns type="String"/>
if (btoaSupport) {
// This could be encoded as base64url (different from base64)
encodedString = encodedString.replace(/-/g, "+").replace(/_/g, "/");
// In case the padding is missing, add some.
while (encodedString.length % 4 !== 0) {
encodedString += "=";
}
return atob(encodedString);
}
return String.fromCharCode.apply(null, base64ToBytes(encodedString));
}
function base64ToBytes(encodedString) {
/// <param name="encodedString" type="String"/>
/// <returns type="Array"/>
// This could be encoded as base64url (different from base64)
encodedString = encodedString.replace(/-/g, "+").replace(/_/g, "/");
// In case the padding is missing, add some.
while (encodedString.length % 4 !== 0) {
encodedString += "=";
}
var output = [];
var char1, char2, char3;
var enc1, enc2, enc3, enc4;
var i;
// Remove any chars not in the base-64 space.
encodedString = encodedString.replace(/[^A-Za-z0-9\+\/\=]/g, "");
for (i = 0; i < encodedString.length; i += 4) {
// Get 4 characters from the encoded string.
enc1 = encodingChars.indexOf(encodedString.charAt(i));
enc2 = encodingChars.indexOf(encodedString.charAt(i + 1));
enc3 = encodingChars.indexOf(encodedString.charAt(i + 2));
enc4 = encodingChars.indexOf(encodedString.charAt(i + 3));
// Convert four 6-bit values to three characters.
// [A7,A6,A5,A4,A3,A2][A1,A0,B7,B6,B5,B4][B3,B2,B1,B0,C7,C6][C5,C4,C3,C2,C1,C0].
// [A7,A6,A5,A4,A3,A2,A1,A0][B7,B6,B5,B4,B3,B2,B1,B0][C7,C6,C5,C4,C3,C2,C1,C0].
// 'char1' = all 6 bits of enc1 + 2 high-bits of enc2.
char1 = (enc1 << 2) | (enc2 >> 4);
// 'char2' = 4 low-bits of enc2 + 4 high-bits of enc3.
char2 = ((enc2 & 15) << 4) | (enc3 >> 2);
// 'char3' = 2 low-bits of enc3 + all 6 bits of enc4.
char3 = ((enc3 & 3) << 6) | enc4;
// Convert char1 to string character and append to output
output.push(char1);
// 'enc3' could be padding
// if so, 'char2' is ignored.
if (enc3 !== 64) {
output.push(char2);
}
// 'enc4' could be padding
// if so, 'char3' is ignored.
if (enc4 !== 64) {
output.push(char3);
}
}
return output;
}
function getObjectType(object) {
/// <param name="encodedString" type="Object"/>
/// <returns type="String"/>
return Object.prototype.toString.call(object).slice(8, -1);
}
function bytesToHexString(bytes, separate) {
/// <param name="bytes" type="Array"/>
/// <param name="separate" type="Boolean" optional="true"/>
/// <returns type="String"/>
var result = "";
if (typeof separate === "undefined") {
separate = false;
}
for (var i = 0; i < bytes.length; i++) {
if (separate && (i % 4 === 0) && i !== 0) {
result += "-";
}
var /*@type(String)*/ hexval = bytes[i].toString(16).toUpperCase();
// Add a leading zero if needed.
if (hexval.length === 1) {
result += "0";
}
result += hexval;
}
return result;
}
function stringToBytes(messageString) {
/// <param name="messageString" type="String"/>
/// <returns type="Array"/>
var bytes = new Array(messageString.length);
for (var i = 0; i < bytes.length; i++) {
bytes[i] = messageString.charCodeAt(i);
}
return bytes;
}
function hexToBytesArray(hexString) {
hexString = hexString.replace(/\-/g, "");
var result = [];
while (hexString.length >= 2) {
result.push(parseInt(hexString.substring(0, 2), 16));
hexString = hexString.substring(2, hexString.length);
}
return result;
}
function clone(/*@type(Object)*/object) {
var newObject = {};
for (var propertyName in object) {
if (object.hasOwnProperty(propertyName)) {
newObject[propertyName] = object[propertyName];
}
}
return newObject;
}
function unpackData(base64String, arraySize, toUint32s) {
var bytes = base64ToBytes(base64String),
data = [],
i;
if (isNaN(arraySize)) {
return bytes;
} else {
for (i = 0; i < bytes.length; i += arraySize) {
data.push(bytes.slice(i, i + arraySize));
}
}
if (toUint32s) {
for (i = 0; i < data.length; i++) {
data[i] = (data[i][0] << 24) + (data[i][1] << 16) + (data[i][2] << 8) + data[i][3];
}
}
return data;
}
function int32ToBytes(int32) {
return [(int32 >>> 24) & 255, (int32 >>> 16) & 255, (int32 >>> 8) & 255, int32 & 255];
}
function int32ArrayToBytes(int32Array) {
var result = [];
for (var i = 0; i < int32Array.length; i++) {
result = result.concat(int32ToBytes(int32Array[i]));
}
return result;
}
function xorVectors(a, b) {
/// <summary>Exclusive OR (XOR) two arrays.</summary>
/// <param name="a" type="Array">Input array.</param>
/// <param name="b" type="Array">Input array.</param>
/// <returns type="Array">XOR of the two arrays. The length is minimum of the two input array lengths.</returns>
var length = Math.min(a.length, b.length),
res = new Array(length);
for (var i = 0 ; i < length ; i += 1) {
res[i] = a[i] ^ b[i];
}
return res;
}
function getVector(length, /*@optional*/ fillValue) {
/// <summary>Get an array filled with zeroes.</summary>
/// <param name="length" type="Number">Requested array length.</param>
/// <returns type="Array">Array of length filled with zeroes.</returns>
// Use a default value of zero
fillValue || (fillValue = 0);
var res = new Array(length);
for (var i = 0; i < length; i += 1) {
res[i] = fillValue;
}
return res;
}
function /*@type(Array)*/ toArray(/*@type(Array)*/ typedArray) {
if (typedArray.pop) {
return typedArray;
}
// A single element array will cause a new Array to be created with the length
// equal to the value of the single element. Not what we want.
// We'll return a new single element array with the single value.
return (typedArray.length === 1) ? [typedArray[0]] : Array.apply(null, typedArray);
}
function indexOf(array, value, /*@optional*/ start) {
// If 'array' is a regular array
if (array.indexOf) {
return array.indexOf(value, start);
}
// If 'array' is a typed array (or regular array on IE8)
for (var i = start || 0; i < array.length; i += 1) {
if (array[i] === value) {
return i;
}
}
return -1;
}
function padEnd(array, value, finalLength) {
while (array.length < finalLength) {
array.push(value);
}
return array;
}
function padFront(array, value, finalLength) {
while (array.length < finalLength) {
array.unshift(value);
}
return array;
}
function arraysEqual(/*@type(Array)*/ array1, /*@type(Array)*/ array2) {
if (array1.length !== array2.length) {
return false;
}
for (var i = 0; i < array1.length; i++) {
if (array1[i] !== array2[i]) {
return false;
}
}
return true;
}
return {
toBase64: toBase64,
base64ToString: base64ToString,
base64ToBytes: base64ToBytes,
getObjectType: getObjectType,
bytesToHexString: bytesToHexString,
stringToBytes: stringToBytes,
unpackData: unpackData,
hexToBytesArray: hexToBytesArray,
int32ToBytes: int32ToBytes,
int32ArrayToBytes: int32ArrayToBytes,
indexOf: indexOf,
toArray: toArray,
arraysEqual: arraysEqual,
clone: clone,
xorVectors: xorVectors,
padEnd: padEnd,
padFront: padFront,
getVector: getVector
};
})();

816
scripts/EcP256.js Normal file
Просмотреть файл

@ -0,0 +1,816 @@
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT license.
// U-Prove ECP256 Recommended Parameters.
// See http://www.microsoft.com/uprove for details.
var UProve = UProve || {};
UProve.ECGroup = function ECGroup(curve) {
this.curve = curve;
this.ecOperator = new cryptoECC.EllipticCurveOperatorFp(curve);
// allocates an element to store some computation results
this.getIdentityElement = function () {
// return the point at infinity
return curve.createPointAtInfinity();
}
// creates an element from the serialized bytes
this.createElementFromBytes = function (bytes) {
return cryptoECC.sec1EncodingFp().decodePoint(bytes, this.curve);
}
this.createPoint = function (x, y) {
return new cryptoECC.EllipticCurvePointFp(
this.curve,
false,
cryptoMath.bytesToDigits(x),
cryptoMath.bytesToDigits(y)
);
}
// computes result = [scalar] point.
this.modexp = function (point, scalar, result) {
// point must be in Affine, Montgomery form
if (!point.isAffine) this.ecOperator.convertToAffineForm(point);
if (!point.isInMontgomeryForm) this.ecOperator.convertToMontgomeryForm(point);
// scalar multiplication
this.ecOperator.scalarMultiply(scalar.m_digits, point, result);
// convert everyone back to Affine, Standard form
if (!point.isAffine) this.ecOperator.convertToAffineForm(point);
if (point.isInMontgomeryForm) this.ecOperator.convertToStandardForm(point);
if (!result.isAffine) this.ecOperator.convertToAffineForm(result);
if (result.isInMontgomeryForm) this.ecOperator.convertToStandardForm(result);
}
// computes result = a + b
this.multiply = function (a, b, result) {
// result must be in Jacobian, Montgomery form for the mixed add
var temp = this.curve.allocatePointStorage();
this.ecOperator.convertToMontgomeryForm(temp);
this.ecOperator.convertToJacobianForm(temp);
// "a" must be in Jacobian, Montgomery form
if (!a.isInMontgomeryForm) this.ecOperator.convertToMontgomeryForm(a);
if (a.isAffine) this.ecOperator.convertToJacobianForm(a);
// "b" must be in Affine, Montgomery form
if (!b.isAffine) this.ecOperator.convertToAffineForm(b);
if (!b.isInMontgomeryForm) this.ecOperator.convertToMontgomeryForm(b);
// perform the mixed add
this.ecOperator.mixedAdd(a, b, temp);
// now convert everyone back to Affine, Standard form
this.ecOperator.convertToAffineForm(a);
this.ecOperator.convertToStandardForm(a);
// b already in affine form
this.ecOperator.convertToStandardForm(b);
this.ecOperator.convertToAffineForm(temp);
this.ecOperator.convertToStandardForm(temp);
temp.copy(result);
}
}
UProve.ECP256 = function ECP256() {
// number of pregenerated generators
this.n = 50;
// gt index
this.t = this.n + 1;
this.generatorsX = [
cryptoMath.createArray([
0xf1, 0xb9, 0x86, 0xd5, 0xd1, 0x1f, 0x43, 0x48,
0x3a, 0xe7, 0x36, 0xe8, 0x86, 0xaf, 0x75, 0x0e,
0x87, 0x0d, 0x7f, 0x0c, 0x23, 0x12, 0xaa, 0xd8,
0xdb, 0x5c, 0x8a, 0x3e, 0x34, 0xf5, 0x39, 0x1e
]),
cryptoMath.createArray([
0x15, 0x54, 0xcf, 0x98, 0x3e, 0x0b, 0x06, 0x0c,
0x78, 0x70, 0x5e, 0xd7, 0xd1, 0x4a, 0x49, 0x41,
0xb0, 0x2e, 0x60, 0x8c, 0xdb, 0x78, 0xf6, 0xa7,
0x5a, 0x52, 0x34, 0x59, 0x78, 0x14, 0x1f, 0xd3
]),
cryptoMath.createArray([
0x32, 0x79, 0x1a, 0x77, 0x9e, 0x9a, 0xa4, 0x75,
0xba, 0x26, 0x66, 0xa0, 0xe4, 0x7a, 0x92, 0x8b,
0x21, 0xab, 0x19, 0x05, 0xfa, 0xaf, 0x48, 0xbb,
0x80, 0x62, 0xba, 0xe9, 0x00, 0x9e, 0xb2, 0x7d
]),
cryptoMath.createArray([
0xc0, 0xef, 0xad, 0xb5, 0xc3, 0x01, 0x5e, 0x42,
0xc1, 0xd7, 0x1a, 0xc3, 0x90, 0xc4, 0xd2, 0x2a,
0x6f, 0x5d, 0x55, 0x2f, 0x63, 0xbb, 0xcc, 0x59,
0x19, 0x0a, 0xea, 0x6a, 0xee, 0x16, 0x35, 0x4a
]),
cryptoMath.createArray([
0xbd, 0x5f, 0x29, 0xdf, 0x66, 0x40, 0x49, 0x3f,
0xf9, 0x6c, 0x6c, 0xbc, 0x49, 0xcb, 0x8e, 0x5f,
0x61, 0x46, 0x27, 0x92, 0xdb, 0x75, 0xf2, 0x0e,
0xf4, 0x9b, 0xf8, 0x6e, 0x26, 0x0d, 0xc9, 0x55
]),
cryptoMath.createArray([
0xd9, 0x1a, 0xbd, 0xa2, 0x6e, 0xc5, 0xc3, 0x00,
0x1c, 0xf1, 0xca, 0x2c, 0x09, 0xad, 0x88, 0x66,
0x25, 0x58, 0x42, 0x6d, 0xc3, 0xb4, 0xd1, 0xb5,
0x01, 0xe7, 0xab, 0xc2, 0xdb, 0x08, 0x0c, 0xdc
]),
cryptoMath.createArray([
0x86, 0xeb, 0x2c, 0x94, 0xe2, 0xb6, 0xd6, 0x20,
0xa3, 0x91, 0xb4, 0x08, 0x0d, 0xfe, 0x2b, 0x37,
0x7c, 0xc2, 0x0d, 0x98, 0x1b, 0x5b, 0xc0, 0xcc,
0xa9, 0x4e, 0x86, 0x56, 0x97, 0x95, 0x9e, 0xbe
]),
cryptoMath.createArray([
0x55, 0x53, 0x14, 0x8e, 0x44, 0x25, 0x26, 0x92,
0xd9, 0xe7, 0xea, 0x9c, 0x18, 0x94, 0x69, 0xdd,
0x2c, 0x0e, 0x8b, 0xd4, 0x49, 0x40, 0x5b, 0x6f,
0x3b, 0x1f, 0x27, 0x92, 0x45, 0xb3, 0x7f, 0x0d
]),
cryptoMath.createArray([
0x77, 0x66, 0x8d, 0x97, 0xbf, 0xf7, 0xd5, 0xda,
0x69, 0x5d, 0x6d, 0x72, 0xe4, 0xf8, 0x40, 0x20,
0x5d, 0xe2, 0x89, 0xce, 0x8f, 0xf1, 0xe9, 0x95,
0x24, 0x35, 0xb0, 0xb4, 0xdd, 0x4e, 0x22, 0x2e
]),
cryptoMath.createArray([
0x72, 0x9a, 0x72, 0xbe, 0x83, 0x75, 0x88, 0x8f,
0x67, 0xdf, 0x96, 0xd2, 0xa5, 0x2e, 0x1b, 0x38,
0x4a, 0xf1, 0xc6, 0x8f, 0xf8, 0xb7, 0x3c, 0xad,
0xf6, 0x29, 0x6c, 0x72, 0xc2, 0xc1, 0xfa, 0xb2
]),
cryptoMath.createArray([
0xcf, 0xba, 0x01, 0x4e, 0xf2, 0x73, 0x4b, 0xb0,
0xd5, 0x18, 0x63, 0xa1, 0xe6, 0xae, 0x8e, 0xb4,
0xae, 0x18, 0x9f, 0x8c, 0x19, 0x43, 0x2a, 0xf4,
0x6d, 0x9f, 0x16, 0xfd, 0xd4, 0x3f, 0xbc, 0x18
]),
cryptoMath.createArray([
0x6c, 0x14, 0x07, 0xc4, 0x9a, 0x51, 0xf6, 0x76,
0x25, 0xeb, 0x8b, 0x29, 0x95, 0xac, 0x11, 0x94,
0x42, 0x88, 0x99, 0x5b, 0x3a, 0x81, 0x78, 0x9a,
0x5e, 0xb3, 0xe6, 0xbf, 0x4f, 0x2d, 0xed, 0x78
]),
cryptoMath.createArray([
0xd9, 0x23, 0x1c, 0x31, 0x5b, 0xaf, 0x72, 0x24,
0x69, 0xf7, 0x4f, 0xba, 0x55, 0xba, 0x66, 0x17,
0x77, 0xe9, 0x1c, 0xa6, 0x32, 0x0a, 0x88, 0x25,
0xbd, 0xa1, 0xcb, 0xf0, 0xea, 0x20, 0x60, 0x92
]),
cryptoMath.createArray([
0x35, 0x35, 0x87, 0x11, 0x38, 0x41, 0x06, 0xb8,
0x62, 0xa2, 0xcf, 0x0b, 0x40, 0x3e, 0x80, 0x55,
0x92, 0x0c, 0x75, 0x98, 0xbf, 0xb4, 0x99, 0x87,
0xa8, 0x9c, 0x35, 0x69, 0xe5, 0xa0, 0x5b, 0x61
]),
cryptoMath.createArray([
0x25, 0xd0, 0x5c, 0x26, 0x17, 0x72, 0x16, 0x6c,
0x08, 0x48, 0x3d, 0x00, 0x00, 0x3f, 0x44, 0x35,
0x20, 0xe9, 0x13, 0x24, 0xcb, 0xe9, 0x18, 0xfc,
0x34, 0x00, 0x8a, 0x93, 0x27, 0x16, 0xd7, 0xeb
]),
cryptoMath.createArray([
0xfc, 0x03, 0x5c, 0x85, 0xaa, 0x0e, 0x9c, 0x52,
0x7e, 0xa7, 0xdc, 0xa2, 0x6a, 0x2d, 0xb7, 0x4d,
0xc2, 0x50, 0xe8, 0xa5, 0xab, 0xe8, 0x53, 0xbb,
0xde, 0xd1, 0x59, 0x59, 0xd7, 0x23, 0x0f, 0x43
]),
cryptoMath.createArray([
0x85, 0xb3, 0x87, 0x3f, 0xd9, 0x11, 0xbf, 0x06,
0xa9, 0x78, 0xfa, 0x40, 0xe2, 0x61, 0xe1, 0xc8,
0x56, 0xf6, 0x38, 0xca, 0x9e, 0xc8, 0xcb, 0xe8,
0x82, 0x6a, 0x60, 0x82, 0xc8, 0x45, 0x2d, 0x0f
]),
cryptoMath.createArray([
0x45, 0x49, 0xf8, 0xc6, 0x21, 0xea, 0xba, 0x57,
0xed, 0x23, 0x36, 0xd5, 0x19, 0x20, 0xf6, 0xfc,
0x4d, 0xc3, 0x4e, 0x04, 0x7d, 0xb1, 0x34, 0xc6,
0x19, 0x80, 0xe4, 0xe3, 0x58, 0xc5, 0xe3, 0x24
]),
cryptoMath.createArray([
0xb8, 0xad, 0x38, 0x6b, 0x54, 0xf9, 0x76, 0x6e,
0x5c, 0xb1, 0xa2, 0xf0, 0x50, 0xcb, 0xca, 0x2a,
0x22, 0x61, 0x9b, 0xa0, 0x08, 0xfd, 0xf9, 0x49,
0x6d, 0xf3, 0x8a, 0x6c, 0xea, 0x78, 0x4e, 0xb2
]),
cryptoMath.createArray([
0x56, 0x62, 0x8c, 0x7d, 0x63, 0x66, 0xe1, 0xc4,
0xa9, 0x36, 0x1e, 0x5f, 0x7e, 0x49, 0x41, 0x5c,
0x80, 0xfd, 0xa1, 0x4c, 0x04, 0xf1, 0x06, 0xf0,
0x63, 0x8e, 0xc8, 0xcf, 0x59, 0xaa, 0x04, 0x85
]),
cryptoMath.createArray([
0x8f, 0x1f, 0x5a, 0x0e, 0x34, 0x2e, 0x65, 0x57,
0xb9, 0x55, 0x35, 0x54, 0x38, 0x60, 0x8d, 0xb0,
0x9e, 0x4d, 0x23, 0x7e, 0xc7, 0x23, 0x0e, 0x2c,
0x83, 0x6b, 0xd5, 0xf3, 0xe9, 0x1c, 0x6c, 0x12
]),
cryptoMath.createArray([
0xbe, 0xaf, 0x77, 0x57, 0xa3, 0xce, 0x43, 0xdc,
0x8d, 0x4a, 0x07, 0x32, 0xe1, 0xe3, 0x18, 0xf4,
0x97, 0x55, 0xe6, 0x1e, 0x5f, 0x57, 0xa8, 0x5b,
0xec, 0xcf, 0x21, 0xb7, 0xdc, 0xc8, 0x18, 0xe2
]),
cryptoMath.createArray([
0xe5, 0x13, 0xc3, 0xe5, 0x0e, 0xfa, 0x44, 0x36,
0x19, 0x9c, 0x5a, 0x51, 0xfd, 0x69, 0x1e, 0xa4,
0xdc, 0xab, 0xbc, 0x20, 0x2a, 0x80, 0x29, 0xba,
0x3d, 0xf0, 0x33, 0x6f, 0x12, 0xd8, 0x26, 0x63
]),
cryptoMath.createArray([
0xb4, 0x2b, 0x3b, 0x05, 0xbc, 0xaf, 0xbb, 0x72,
0x80, 0x0e, 0xe2, 0x42, 0xab, 0x4c, 0xb7, 0xab,
0xd7, 0x7f, 0x1f, 0xce, 0xac, 0x7c, 0xe1, 0xd3,
0x27, 0xee, 0xc2, 0x5b, 0x3d, 0xe6, 0xc4, 0x3d
]),
cryptoMath.createArray([
0xc8, 0xa4, 0xa7, 0xdf, 0x6b, 0xef, 0x6c, 0x61,
0xef, 0x50, 0xbf, 0xfd, 0x9c, 0xfa, 0x7e, 0xfd,
0xe2, 0x25, 0x30, 0xf0, 0xb2, 0xd0, 0x37, 0x1e,
0x81, 0x9b, 0x80, 0xe8, 0x85, 0xd5, 0x92, 0xdd
]),
cryptoMath.createArray([
0xa2, 0x2a, 0xf4, 0x5e, 0x5a, 0x7a, 0x9a, 0x9f,
0x94, 0x91, 0x0e, 0x8c, 0xdb, 0x5e, 0x64, 0x9e,
0x83, 0xc3, 0x8f, 0xc1, 0x36, 0x9f, 0x1c, 0xa9,
0xfa, 0x1d, 0x51, 0x88, 0x7c, 0x38, 0xdd, 0xf1
]),
cryptoMath.createArray([
0x22, 0xf4, 0x7a, 0x6a, 0xae, 0xc1, 0x42, 0x35,
0x94, 0x81, 0xee, 0xa4, 0x90, 0x98, 0x88, 0x2b,
0x3e, 0xca, 0xc4, 0x62, 0x5b, 0x1d, 0x25, 0x62,
0xb0, 0x27, 0x18, 0x48, 0x76, 0x2c, 0x5d, 0xde
]),
cryptoMath.createArray([
0xea, 0xe2, 0x4e, 0x9c, 0xbf, 0x4a, 0x8e, 0xb9,
0x2c, 0x1c, 0xc8, 0x0d, 0x75, 0xdc, 0xf4, 0x4c,
0x39, 0xdf, 0xe4, 0xed, 0xcf, 0x13, 0xc3, 0xe5,
0xe4, 0xb7, 0xba, 0x08, 0xc3, 0x29, 0x37, 0x8d
]),
cryptoMath.createArray([
0xad, 0x92, 0xb0, 0x98, 0x52, 0x8a, 0xe2, 0x08,
0x57, 0x24, 0x74, 0xe3, 0xca, 0x2b, 0x1f, 0x6f,
0xbe, 0x13, 0x3c, 0xb4, 0xfa, 0xb5, 0xee, 0xba,
0x0e, 0x46, 0x10, 0x0c, 0x68, 0x4d, 0x5b, 0xbc
]),
cryptoMath.createArray([
0xdc, 0x5a, 0xbc, 0x9d, 0x9e, 0x2a, 0x04, 0xa7,
0xba, 0x38, 0x34, 0x6e, 0x82, 0x71, 0x19, 0xf5,
0x0f, 0xa3, 0x11, 0xb8, 0xcb, 0x4b, 0x12, 0xcf,
0x53, 0x60, 0x2f, 0x34, 0x82, 0xa6, 0x09, 0xc0
]),
cryptoMath.createArray([
0x5d, 0x00, 0x8b, 0x9b, 0xde, 0xbb, 0x38, 0x24,
0x93, 0x5b, 0xdc, 0x68, 0xa7, 0xac, 0x42, 0x6c,
0x55, 0x40, 0x58, 0xa9, 0xdc, 0x4e, 0xd8, 0xbe,
0xa2, 0xea, 0x74, 0xa9, 0x2d, 0xf4, 0x7f, 0xc3
]),
cryptoMath.createArray([
0x4b, 0xff, 0x16, 0x06, 0x7e, 0x37, 0x79, 0x8f,
0xf3, 0xe3, 0x24, 0x2b, 0x11, 0xbe, 0x39, 0xf8,
0x3d, 0xd7, 0x45, 0x1e, 0xbe, 0x11, 0x01, 0xea,
0xc4, 0x88, 0x7a, 0x6f, 0x93, 0xd5, 0x02, 0x06
]),
cryptoMath.createArray([
0xae, 0xcb, 0xa7, 0xf0, 0x74, 0x51, 0x23, 0xd9,
0xc6, 0xa6, 0x0e, 0x9b, 0xd4, 0x61, 0xa8, 0x63,
0x61, 0x31, 0xb0, 0x95, 0xf5, 0x96, 0x17, 0x84,
0x9d, 0x33, 0x5d, 0x2a, 0x7d, 0x8b, 0x18, 0x7b
]),
cryptoMath.createArray([
0xa7, 0x4e, 0xcb, 0x80, 0x73, 0x24, 0x96, 0xe8,
0xf6, 0xce, 0x72, 0xf4, 0x55, 0x69, 0x37, 0xc2,
0x37, 0xe1, 0x9e, 0xfa, 0xc7, 0x56, 0x7c, 0x15,
0x1f, 0x38, 0x6b, 0x65, 0x06, 0x56, 0xa2, 0x26
]),
cryptoMath.createArray([
0xed, 0x0e, 0x96, 0x56, 0x69, 0x01, 0x7a, 0xa7,
0x1f, 0x34, 0x2e, 0xc8, 0xa0, 0x99, 0xbb, 0xf0,
0x1a, 0x0b, 0x9e, 0xab, 0x94, 0xf6, 0x26, 0x23,
0xec, 0xf9, 0x6b, 0xcc, 0x0e, 0x14, 0xe4, 0xab
]),
cryptoMath.createArray([
0x06, 0x9b, 0x84, 0x3b, 0xdb, 0xf0, 0x17, 0xd4,
0x16, 0xa7, 0x67, 0xd1, 0x34, 0xe1, 0xc2, 0xd4,
0x97, 0xfa, 0xd2, 0xcd, 0xaa, 0xe3, 0x6b, 0x27,
0x53, 0x70, 0xff, 0x51, 0x2a, 0x34, 0xbf, 0xa7
]),
cryptoMath.createArray([
0x59, 0x2d, 0x48, 0x15, 0x8a, 0x63, 0x58, 0xa2,
0x90, 0x0d, 0x45, 0x3d, 0x79, 0xe8, 0x8d, 0x6b,
0xc2, 0x0b, 0x7f, 0xa8, 0xcb, 0x2b, 0xfc, 0xfc,
0xdf, 0xd0, 0x82, 0x96, 0x05, 0x25, 0xad, 0x83
]),
cryptoMath.createArray([
0x18, 0xff, 0xac, 0x75, 0x07, 0xb8, 0xf0, 0x22,
0xeb, 0xa9, 0x72, 0x2a, 0xea, 0x93, 0xc6, 0xca,
0x74, 0x70, 0x82, 0x5a, 0x78, 0x7c, 0x1f, 0x98,
0x2b, 0x08, 0x3d, 0xda, 0x04, 0x90, 0xed, 0x32
]),
cryptoMath.createArray([
0xdd, 0xe5, 0xdf, 0xc2, 0x86, 0x7a, 0x61, 0xba,
0x2e, 0x04, 0x6d, 0xd5, 0x25, 0x76, 0xd3, 0xd3,
0x3a, 0x24, 0x17, 0x3e, 0x32, 0xd7, 0x16, 0xca,
0xf0, 0xd6, 0xbc, 0x4b, 0xd1, 0x19, 0x43, 0x74
]),
cryptoMath.createArray([
0xe0, 0xf7, 0x2a, 0x8c, 0x71, 0x39, 0x5e, 0x19,
0x06, 0x3b, 0x0e, 0x09, 0xf9, 0x47, 0xf8, 0x6c,
0x06, 0xf4, 0xb3, 0x00, 0xc8, 0x1d, 0x3b, 0xbb,
0xc4, 0x8d, 0xcb, 0x21, 0x9a, 0xb9, 0x60, 0xaa
]),
cryptoMath.createArray([
0x38, 0x53, 0x88, 0x07, 0x8e, 0xa2, 0xb4, 0x79,
0x2d, 0xac, 0x8f, 0xbe, 0x0b, 0x47, 0x48, 0xb9,
0x98, 0x00, 0xca, 0x08, 0x66, 0x62, 0xfa, 0x8e,
0xab, 0xd6, 0x25, 0x96, 0xdd, 0x7e, 0x5c, 0x53
]),
cryptoMath.createArray([
0xb1, 0x08, 0xaa, 0x3e, 0x8b, 0xf1, 0xf7, 0x07,
0xf6, 0xba, 0x95, 0x56, 0xaa, 0x0f, 0x18, 0x71,
0x51, 0x97, 0x34, 0xa6, 0x98, 0x20, 0x3f, 0x75,
0x32, 0x92, 0x54, 0x43, 0xb2, 0x02, 0x0c, 0xbd
]),
cryptoMath.createArray([
0x06, 0x05, 0xb3, 0x50, 0x5f, 0x77, 0xe7, 0x4b,
0x22, 0xea, 0x7e, 0x67, 0xc3, 0x33, 0x3f, 0xf3,
0xb7, 0xb7, 0x71, 0x73, 0x83, 0x89, 0xd3, 0x05,
0xaa, 0x59, 0x4d, 0x8f, 0x55, 0x02, 0x37, 0xdb
]),
cryptoMath.createArray([
0xd8, 0x18, 0x83, 0xa9, 0xcf, 0x1d, 0xc3, 0x04,
0x3c, 0x44, 0xf9, 0xf0, 0xf9, 0xff, 0x50, 0x2c,
0xd0, 0x45, 0xe4, 0x29, 0x4c, 0x37, 0x5a, 0x30,
0xa8, 0xa6, 0x5a, 0xbc, 0x0d, 0xd2, 0x82, 0x64
]),
cryptoMath.createArray([
0x93, 0xec, 0x90, 0x87, 0x9c, 0xd2, 0xd8, 0x6a,
0x22, 0x76, 0xf4, 0x4b, 0x42, 0xdf, 0x73, 0x62,
0x83, 0xd2, 0x97, 0x47, 0x07, 0x59, 0xde, 0x0a,
0xf2, 0xc6, 0xc9, 0x2f, 0x16, 0x84, 0x82, 0xaf
]),
cryptoMath.createArray([
0x4e, 0x9e, 0x9e, 0xb8, 0xe2, 0x67, 0xc0, 0xd6,
0x17, 0x60, 0xec, 0xab, 0xc9, 0xac, 0x19, 0xdd,
0xac, 0x5d, 0xb9, 0x5c, 0x28, 0x33, 0x4e, 0xc9,
0x9d, 0x49, 0xd7, 0x4d, 0x40, 0xb6, 0x6d, 0xaf
]),
cryptoMath.createArray([
0xce, 0xb4, 0xca, 0x98, 0xf6, 0x20, 0x19, 0x59,
0x6b, 0x9b, 0xc6, 0x23, 0x4e, 0xa5, 0xc2, 0x02,
0x99, 0x90, 0xf0, 0x8d, 0x06, 0x8f, 0x27, 0xee,
0xf4, 0xfa, 0x7d, 0x98, 0x97, 0xbf, 0xaf, 0x62
]),
cryptoMath.createArray([
0x80, 0xe8, 0x70, 0x67, 0x09, 0xbd, 0x25, 0xa8,
0x49, 0x37, 0x41, 0x7e, 0x2d, 0x6a, 0x6d, 0xaf,
0xa8, 0x3d, 0x37, 0x38, 0xdf, 0xb4, 0x2f, 0x8e,
0xef, 0xa0, 0xfb, 0x52, 0x47, 0xd6, 0x99, 0x85
]),
cryptoMath.createArray([
0x13, 0xbd, 0x26, 0x06, 0x06, 0x67, 0xf8, 0xeb,
0x7e, 0x56, 0xe7, 0x82, 0x85, 0x4a, 0xf3, 0xb3,
0xe0, 0x10, 0xcf, 0x18, 0x25, 0xa6, 0x84, 0xbc,
0x72, 0xb2, 0x87, 0xea, 0x7b, 0x2c, 0x23, 0x4c
]),
cryptoMath.createArray([
0x7d, 0x5e, 0x69, 0xba, 0xce, 0x92, 0x0e, 0x8e,
0xd2, 0xd0, 0xb4, 0x3a, 0xd1, 0x48, 0x49, 0xd7,
0x1e, 0x26, 0x72, 0x9c, 0xb3, 0x7f, 0x00, 0x9a,
0xe1, 0x4e, 0x6d, 0x8a, 0x06, 0x5e, 0x90, 0x79
]),
cryptoMath.createArray([
0xe2, 0xab, 0x81, 0xde, 0xf5, 0x93, 0xe9, 0x99,
0xc9, 0x75, 0xa8, 0xa4, 0x86, 0x68, 0xb9, 0xa0,
0x7e, 0x55, 0x94, 0xcf, 0xd6, 0x8f, 0xac, 0x29,
0xf1, 0x7a, 0x81, 0x1c, 0xb2, 0x6b, 0x3e, 0x10
]),
cryptoMath.createArray([
0x4c, 0xa6, 0x25, 0x11, 0x8d, 0x0a, 0x05, 0xd0,
0x4d, 0x27, 0x5d, 0xae, 0x1f, 0xf0, 0x96, 0x36,
0x1e, 0xbe, 0xba, 0x34, 0x5c, 0x31, 0x27, 0x09,
0x82, 0xf7, 0x96, 0x63, 0x9b, 0x1c, 0xa5, 0x74
])
];
this.generatorsY = [
cryptoMath.createArray([
0x64, 0x34, 0x7b, 0x7f, 0x49, 0x31, 0x87, 0xa5,
0x3b, 0x37, 0x08, 0x94, 0xb8, 0xf8, 0xe3, 0x8f,
0xd2, 0x2c, 0xb9, 0x93, 0x02, 0x39, 0x3d, 0x79,
0xdc, 0xe2, 0x25, 0x91, 0x8e, 0xba, 0x61, 0xee
]),
cryptoMath.createArray([
0x62, 0x54, 0x0e, 0x69, 0x0c, 0x8f, 0xa9, 0xfe,
0x10, 0x7e, 0x21, 0x41, 0xdf, 0xc6, 0x90, 0x7f,
0x74, 0xf5, 0xfe, 0xeb, 0xdf, 0x5b, 0x12, 0xd7,
0x15, 0x3b, 0x46, 0x35, 0xa2, 0xdf, 0x6a, 0x76
]),
cryptoMath.createArray([
0x18, 0x74, 0xba, 0x86, 0xea, 0x19, 0x4f, 0xb1,
0x4d, 0xcc, 0xe9, 0xfa, 0x22, 0x36, 0x6f, 0x47,
0x35, 0xca, 0xea, 0x21, 0x19, 0xbe, 0xb6, 0x3f,
0x2b, 0xae, 0xc1, 0x9a, 0x9e, 0x93, 0xa5, 0x45
]),
cryptoMath.createArray([
0x53, 0xf0, 0x13, 0x3e, 0xa4, 0x4d, 0xa2, 0x0c,
0x50, 0x9a, 0x4e, 0x5b, 0xe9, 0xb0, 0x27, 0xdb,
0xe1, 0x3e, 0x3a, 0x60, 0x43, 0x9d, 0xbe, 0x72,
0x08, 0x4b, 0x0c, 0x75, 0xa0, 0x49, 0x72, 0x3f
]),
cryptoMath.createArray([
0x20, 0x4c, 0x44, 0x0e, 0xf8, 0xc6, 0xeb, 0x2b,
0xec, 0x0c, 0x34, 0x3a, 0xce, 0x9c, 0x6d, 0x64,
0xe1, 0x88, 0xc8, 0xb4, 0xf0, 0x61, 0x3d, 0x64,
0x84, 0x6a, 0xdb, 0xdc, 0x3d, 0x8f, 0xdf, 0xad
]),
cryptoMath.createArray([
0x54, 0xeb, 0xb1, 0x7f, 0xed, 0x85, 0x5a, 0x36,
0xc1, 0xf7, 0x4a, 0xb8, 0x25, 0x62, 0x08, 0xe8,
0x63, 0x07, 0xa9, 0xf2, 0xb7, 0x56, 0xd7, 0xc8,
0x4b, 0x4f, 0xb9, 0x48, 0x5e, 0x0f, 0xf5, 0xf5
]),
cryptoMath.createArray([
0x26, 0xac, 0x15, 0x89, 0xc5, 0x28, 0x80, 0xc3,
0xb8, 0xf8, 0x1d, 0x2b, 0xf3, 0x29, 0x76, 0x63,
0x60, 0x19, 0xf1, 0x6d, 0x8e, 0xfa, 0x1f, 0x4d,
0x20, 0x95, 0x0b, 0x99, 0x08, 0xce, 0xb7, 0xe1
]),
cryptoMath.createArray([
0x79, 0x0c, 0xa4, 0xce, 0x90, 0xe0, 0x48, 0xa7,
0x42, 0x5b, 0x66, 0x2a, 0x63, 0x16, 0x12, 0xd0,
0x22, 0x4f, 0x20, 0x8e, 0x4b, 0xe6, 0xe9, 0x07,
0xc3, 0xe7, 0xd9, 0x60, 0x7a, 0x99, 0x7f, 0x6d
]),
cryptoMath.createArray([
0x14, 0x76, 0x06, 0x0b, 0x33, 0xfe, 0x63, 0x6b,
0xb9, 0xb7, 0x5f, 0x10, 0x78, 0x5d, 0x4b, 0x43,
0x19, 0x05, 0xcd, 0x00, 0x6f, 0x83, 0x2b, 0xf7,
0x31, 0x03, 0xb9, 0xf8, 0x80, 0x37, 0x85, 0x56
]),
cryptoMath.createArray([
0x01, 0x31, 0x20, 0xe6, 0x94, 0x2d, 0x07, 0x40,
0xa2, 0x5f, 0x8b, 0x87, 0x1e, 0x1f, 0x2f, 0xe9,
0xa8, 0x60, 0x49, 0x77, 0xd1, 0xda, 0xa1, 0x8a,
0xf0, 0xe4, 0xfe, 0xd5, 0x70, 0xc6, 0xea, 0x2e
]),
cryptoMath.createArray([
0x12, 0x56, 0xc7, 0x84, 0xf8, 0x27, 0xc3, 0x1a,
0xd2, 0x3d, 0x8d, 0x23, 0x36, 0x78, 0xce, 0x2e,
0xeb, 0xce, 0x34, 0x46, 0x29, 0xe7, 0xa5, 0xf7,
0xa6, 0xd9, 0x4a, 0xdc, 0x0f, 0xf4, 0x7a, 0x7e
]),
cryptoMath.createArray([
0x16, 0xd8, 0x72, 0x49, 0x4f, 0xc1, 0x8d, 0x77,
0x40, 0x4f, 0x90, 0x6e, 0x58, 0x90, 0x21, 0x50,
0xe1, 0xfc, 0xdd, 0xa0, 0xcf, 0x21, 0x15, 0x16,
0xf6, 0xf1, 0x94, 0x15, 0xe8, 0x89, 0x2f, 0x26
]),
cryptoMath.createArray([
0x36, 0xe4, 0xcd, 0x12, 0x88, 0x08, 0x8d, 0xec,
0xee, 0xa8, 0xe7, 0xb6, 0xd2, 0x2c, 0xfd, 0x97,
0xb9, 0x9f, 0x87, 0xfa, 0xcc, 0x95, 0xf1, 0x89,
0x1f, 0xc6, 0xa2, 0x8b, 0xd8, 0x1e, 0x5f, 0x50
]),
cryptoMath.createArray([
0x18, 0xed, 0xfa, 0x1d, 0xfc, 0x65, 0x3a, 0x05,
0x74, 0xca, 0x88, 0xfd, 0xaa, 0xec, 0xdf, 0xe9,
0xeb, 0x75, 0x30, 0x9a, 0xac, 0xbe, 0x92, 0x6c,
0x21, 0x10, 0xe9, 0x26, 0x78, 0xc8, 0x4e, 0x3d
]),
cryptoMath.createArray([
0x66, 0x8a, 0x13, 0xc5, 0xd1, 0x63, 0xf6, 0x64,
0x6b, 0xf2, 0xe8, 0xf4, 0x2d, 0x1f, 0x48, 0xe7,
0x9a, 0x9e, 0xad, 0x02, 0x09, 0x22, 0xb3, 0x83,
0x00, 0x6b, 0x67, 0x6d, 0x29, 0xd3, 0x5a, 0x42
]),
cryptoMath.createArray([
0x65, 0xf0, 0x52, 0xa3, 0x82, 0xb2, 0xc7, 0x8c,
0xaa, 0x9f, 0xcf, 0xc9, 0x52, 0x09, 0x6f, 0x4c,
0xcc, 0x47, 0x72, 0x54, 0x6e, 0x57, 0x98, 0x64,
0x91, 0x23, 0xfe, 0xf9, 0x4e, 0xc9, 0x5a, 0xcc
]),
cryptoMath.createArray([
0x3c, 0xf0, 0x0d, 0x69, 0x58, 0x6f, 0x56, 0xbe,
0xd8, 0x49, 0xd5, 0xe9, 0xe2, 0x82, 0x5a, 0x00,
0x3c, 0xe5, 0x62, 0xaa, 0xb5, 0xf8, 0x1b, 0xd7,
0x18, 0xa4, 0xe9, 0x41, 0x98, 0x9e, 0x11, 0x01
]),
cryptoMath.createArray([
0x39, 0xe8, 0xbe, 0x23, 0xf0, 0x40, 0x33, 0xa0,
0xf8, 0xbc, 0x43, 0xd5, 0xa1, 0x1b, 0x1e, 0x79,
0x8d, 0x25, 0xb5, 0xc7, 0x5d, 0x74, 0x0e, 0xfd,
0x30, 0x99, 0x85, 0xed, 0xc5, 0xde, 0xdb, 0x98
]),
cryptoMath.createArray([
0x5b, 0x33, 0x3a, 0x0c, 0xde, 0x9d, 0xdc, 0x8d,
0x65, 0x71, 0xb1, 0xca, 0xc4, 0x56, 0xa4, 0x71,
0x44, 0xc9, 0xc1, 0x6e, 0xce, 0x86, 0x6a, 0x53,
0x84, 0x94, 0xea, 0x0f, 0xea, 0xee, 0xf0, 0xac
]),
cryptoMath.createArray([
0x74, 0xfd, 0xc2, 0x60, 0x80, 0x2b, 0x6d, 0xf5,
0x5a, 0x64, 0x02, 0x33, 0x88, 0x95, 0x35, 0xcd,
0x04, 0xe0, 0xdf, 0x84, 0xb6, 0x6d, 0x9d, 0xa4,
0x64, 0x5d, 0xa3, 0x11, 0x93, 0x99, 0x50, 0x46
]),
cryptoMath.createArray([
0x2c, 0x1a, 0x21, 0x02, 0xa6, 0x9e, 0xf7, 0x4a,
0x00, 0x63, 0x53, 0xc2, 0xd2, 0xd1, 0xdd, 0x9d,
0xbd, 0xfa, 0xb0, 0x07, 0xfd, 0x08, 0xe7, 0xc8,
0x8e, 0xb8, 0x69, 0xa0, 0xa6, 0x69, 0xb1
]),
cryptoMath.createArray([
0x40, 0xd2, 0x6c, 0x2a, 0xdc, 0x3f, 0x41, 0xd0,
0x91, 0x56, 0x02, 0x5a, 0x9d, 0xc3, 0x4f, 0xd3,
0xca, 0x6b, 0x96, 0x80, 0x9d, 0x3d, 0x7c, 0xf5,
0xf2, 0x8d, 0x00, 0xa1, 0xed, 0xbd, 0x69, 0x95
]),
cryptoMath.createArray([
0x75, 0xf4, 0x2f, 0x58, 0x48, 0x0d, 0x2c, 0xad,
0x56, 0x9b, 0x0f, 0x13, 0xcb, 0xf3, 0x76, 0xc3,
0x91, 0x32, 0x71, 0xd9, 0xf7, 0x84, 0x42, 0x42,
0xb8, 0x70, 0x51, 0x9d, 0x2b, 0xe8, 0x39, 0x8e
]),
cryptoMath.createArray([
0x72, 0x5f, 0x5b, 0x3d, 0x0c, 0xdd, 0x1b, 0x86,
0xbd, 0x7a, 0x8b, 0xd6, 0x35, 0xc1, 0xac, 0xed,
0xba, 0xc9, 0x1d, 0x6c, 0x35, 0x16, 0x3e, 0xae,
0x66, 0x81, 0x07, 0x51, 0xf4, 0xd4, 0x62, 0x88
]),
cryptoMath.createArray([
0x19, 0x6e, 0x7e, 0x0a, 0x81, 0xd0, 0x3b, 0x38,
0xa8, 0xf9, 0x91, 0x04, 0x81, 0x2f, 0x64, 0x78,
0x4b, 0x62, 0xd4, 0x19, 0x91, 0xf5, 0x66, 0xde,
0x27, 0x84, 0x7b, 0x6b, 0xb9, 0xba, 0xa2, 0x51
]),
cryptoMath.createArray([
0x75, 0x9b, 0xd3, 0x8c, 0x6e, 0x09, 0xfe, 0x2c,
0xd7, 0x5b, 0x4f, 0x35, 0x5f, 0x44, 0x20, 0xe2,
0xe7, 0xb2, 0xdf, 0xd9, 0xf7, 0x14, 0x7a, 0xa0,
0x3d, 0x53, 0x73, 0xb3, 0x61, 0x2b, 0x83, 0x89
]),
cryptoMath.createArray([
0x3e, 0x0b, 0x7e, 0x0c, 0x51, 0xa0, 0x63, 0x30,
0x35, 0x80, 0xca, 0x25, 0xe3, 0x26, 0xae, 0x7e,
0x61, 0x08, 0x6e, 0xa6, 0xe4, 0xc4, 0x95, 0xd2,
0x51, 0x62, 0x86, 0x70, 0x39, 0xd9, 0xfe, 0x4c
]),
cryptoMath.createArray([
0x2f, 0x7f, 0xff, 0xfa, 0x43, 0xa2, 0xd0, 0x26,
0x8c, 0x25, 0xe4, 0xf0, 0x86, 0x63, 0xfe, 0xf2,
0x6c, 0x57, 0x96, 0x2f, 0xd5, 0xf6, 0x23, 0x29,
0x2f, 0x06, 0x1e, 0xa1, 0x9c, 0x57, 0x10, 0xa1
]),
cryptoMath.createArray([
0x47, 0x97, 0x86, 0x85, 0xfa, 0x8f, 0x41, 0xca,
0x52, 0x46, 0xbd, 0x63, 0x47, 0xba, 0x65, 0xf6,
0x70, 0xec, 0x65, 0xa1, 0x36, 0x16, 0x6c, 0x75,
0xe7, 0x93, 0x63, 0x46, 0xe1, 0x6a, 0xd7, 0x90
]),
cryptoMath.createArray([
0xe9, 0x4f, 0x73, 0xd5, 0xd9, 0x64, 0x19, 0x42,
0x18, 0x8f, 0xd0, 0xff, 0x64, 0xa7, 0x75, 0x10,
0x21, 0xfa, 0xf6, 0xcc, 0x9c, 0x4d, 0x2a, 0xa0,
0x31, 0x8e, 0x94, 0xf0, 0x59, 0x78, 0xbe
]),
cryptoMath.createArray([
0x18, 0x05, 0xd5, 0xf8, 0xf0, 0x97, 0xea, 0x8b,
0x3b, 0x86, 0x08, 0xdc, 0x5f, 0x01, 0x6f, 0xd9,
0x09, 0x78, 0x1b, 0x75, 0x90, 0x0d, 0x53, 0xce,
0x8b, 0x65, 0x84, 0x65, 0x18, 0xca, 0x0b, 0xda
]),
cryptoMath.createArray([
0x06, 0x5e, 0x5e, 0x31, 0xe1, 0x50, 0x13, 0x60,
0x36, 0xe1, 0x92, 0x25, 0x49, 0xb9, 0xfd, 0x9a,
0x85, 0x59, 0x97, 0x12, 0x9f, 0x45, 0x66, 0xd3,
0xf5, 0xac, 0xf8, 0xa1, 0xe4, 0xd0, 0xac, 0x83
]),
cryptoMath.createArray([
0x5f, 0x62, 0xd5, 0xea, 0xf4, 0xa9, 0xa8, 0x92,
0x48, 0x8c, 0x0d, 0xe9, 0x5d, 0x8d, 0x85, 0xed,
0xa9, 0x03, 0x5b, 0x65, 0x97, 0xea, 0x26, 0x74,
0xd7, 0xa7, 0xee, 0x7d, 0x4a, 0x53, 0x5e, 0xbd
]),
cryptoMath.createArray([
0x04, 0xf6, 0x61, 0x41, 0x53, 0x13, 0x28, 0x4d,
0x90, 0x44, 0x85, 0xe6, 0xf6, 0xdb, 0x8f, 0xe9,
0x47, 0x82, 0xb2, 0xba, 0x24, 0xc0, 0xcb, 0xa6,
0xca, 0x77, 0x55, 0x7e, 0xfc, 0xd8, 0xf0, 0x5e
]),
cryptoMath.createArray([
0x24, 0x4b, 0xf1, 0x25, 0x52, 0x3e, 0xf2, 0x97,
0x8d, 0xb0, 0x60, 0x06, 0xcd, 0xa7, 0xcf, 0x3e,
0x4d, 0x58, 0x39, 0x77, 0x11, 0xd9, 0x28, 0x97,
0x60, 0x3d, 0xba, 0xe2, 0x9b, 0x82, 0x86, 0x4b
]),
cryptoMath.createArray([
0x3d, 0x3b, 0xe3, 0xd2, 0xe8, 0x6e, 0xb0, 0x7a,
0x87, 0x84, 0x9b, 0x2e, 0xf1, 0x6e, 0xe3, 0x03,
0x10, 0xb8, 0x6e, 0x63, 0xb3, 0x47, 0x81, 0x63,
0xfd, 0x06, 0xb6, 0x59, 0x2b, 0xbd, 0xe5, 0x45
]),
cryptoMath.createArray([
0x72, 0x31, 0xc3, 0xd1, 0xf8, 0x6f, 0xcc, 0x1b,
0x6c, 0x9e, 0x8c, 0x16, 0xae, 0x45, 0xa9, 0x35,
0x08, 0xc9, 0xc4, 0x9e, 0x8a, 0x74, 0x5e, 0x64,
0xb0, 0x76, 0x36, 0xfc, 0x6b, 0x03, 0x10, 0x3f
]),
cryptoMath.createArray([
0x30, 0x4b, 0x83, 0x60, 0x4a, 0x94, 0xff, 0x8a,
0x27, 0x87, 0xb0, 0x47, 0xe8, 0x23, 0xe5, 0x0a,
0x64, 0xed, 0xca, 0x0b, 0x1d, 0xcc, 0xb9, 0x38,
0x11, 0x96, 0x59, 0x7a, 0x1c, 0x63, 0xb3, 0x62
]),
cryptoMath.createArray([
0x79, 0xb6, 0xe3, 0x0b, 0x18, 0x22, 0xd6, 0x1e,
0xad, 0xe5, 0x9b, 0x0a, 0xb3, 0xed, 0xbe, 0x8f,
0x42, 0x91, 0xc8, 0xe0, 0x81, 0xdd, 0xce, 0xde,
0xff, 0x00, 0xbc, 0x32, 0xeb, 0xfc, 0x1a, 0x93
]),
cryptoMath.createArray([
0x6f, 0x23, 0x1e, 0x0a, 0x53, 0x8c, 0x8f, 0x54,
0xc0, 0x66, 0xc9, 0x3e, 0x1a, 0xf8, 0x57, 0xbc,
0x3b, 0x1c, 0x41, 0x88, 0x02, 0x27, 0x4c, 0xbd,
0xf5, 0xe3, 0x87, 0xd8, 0x87, 0x36, 0xf5, 0x76
]),
cryptoMath.createArray([
0x4d, 0x21, 0x12, 0x11, 0x1d, 0x5b, 0xf4, 0x7b,
0xae, 0xd1, 0xc4, 0xa2, 0x68, 0x8c, 0xfa, 0x61,
0x6e, 0x7b, 0xbb, 0x64, 0xd4, 0x12, 0xf1, 0x6b,
0x37, 0x12, 0x88, 0xbf, 0xe9, 0x57, 0xea, 0x61
]),
cryptoMath.createArray([
0x5a, 0x75, 0xfa, 0xe7, 0xad, 0x0b, 0xe2, 0x35,
0x20, 0x73, 0x47, 0x79, 0xef, 0x11, 0xf3, 0x25,
0xdd, 0xe7, 0xa6, 0xed, 0xc6, 0x33, 0x36, 0xef,
0x9f, 0xb5, 0x86, 0x61, 0xfc, 0xcc, 0x46, 0xa5
]),
cryptoMath.createArray([
0x74, 0x87, 0xad, 0xb2, 0xe0, 0x7c, 0x3a, 0xb9,
0x2e, 0x13, 0x86, 0x54, 0x67, 0x90, 0xa0, 0x11,
0x49, 0x7e, 0xb9, 0xfb, 0x98, 0x46, 0x71, 0x6b,
0x04, 0x79, 0x3d, 0xce, 0xa4, 0x30, 0xc7, 0xab
]),
cryptoMath.createArray([
0x1d, 0x75, 0xc9, 0x9e, 0xb4, 0x4e, 0x2d, 0x8b,
0x43, 0xa5, 0x3f, 0x69, 0xb6, 0x88, 0x1f, 0x96,
0x92, 0x94, 0x35, 0xe2, 0xb3, 0x85, 0x0a, 0x37,
0x01, 0xae, 0xd0, 0x26, 0xe8, 0x0a, 0x32, 0x91
]),
cryptoMath.createArray([
0x1f, 0x45, 0xf4, 0x80, 0xa0, 0xec, 0x76, 0x07,
0x51, 0x66, 0x79, 0xc2, 0xbb, 0x9f, 0x67, 0x7a,
0x89, 0xd4, 0x50, 0xec, 0x46, 0x9a, 0xc9, 0x30,
0xa1, 0x0d, 0x21, 0x3c, 0x1e, 0xb2, 0xa9, 0xcf
]),
cryptoMath.createArray([
0x5d, 0xd7, 0x1c, 0x92, 0xd3, 0x11, 0xec, 0x15,
0xd5, 0xe2, 0xe6, 0xd3, 0xb8, 0xd5, 0x13, 0x36,
0x41, 0x5a, 0x60, 0x8e, 0x14, 0x04, 0x8c, 0x86,
0xce, 0xec, 0x76, 0x4e, 0x6d, 0xe6, 0xdf, 0x49
]),
cryptoMath.createArray([
0x41, 0x60, 0xfb, 0xdd, 0xaf, 0x29, 0x86, 0xf3,
0xa1, 0x1e, 0x29, 0xb5, 0x89, 0xb9, 0xd9, 0x1d,
0x8b, 0x15, 0xc5, 0xf8, 0xbb, 0xf0, 0x2f, 0x7f,
0x17, 0x5f, 0x6e, 0xf8, 0xe7, 0xc2, 0xb1, 0xa4
]),
cryptoMath.createArray([
0x6a, 0x8f, 0x2e, 0xa6, 0xb2, 0x30, 0x1e, 0x3a,
0xef, 0xbd, 0x82, 0x46, 0xf6, 0xeb, 0x97, 0xea,
0x0c, 0xe1, 0x15, 0x5c, 0xe0, 0xb7, 0x2c, 0x47,
0x1d, 0x01, 0xb0, 0xd0, 0xb8, 0x8d, 0xa2, 0xca
]),
cryptoMath.createArray([
0x18, 0x71, 0xc1, 0x5a, 0xa6, 0xf8, 0xcc, 0x3a,
0xda, 0x2d, 0x4b, 0xf6, 0xbb, 0x2b, 0xc6, 0x29,
0x6c, 0xa6, 0x58, 0x7c, 0x12, 0x2d, 0xf3, 0xb4,
0x7a, 0x9f, 0xaa, 0x30, 0x25, 0x86, 0x3a, 0x8c
]),
cryptoMath.createArray([
0x13, 0xd6, 0xc8, 0xd6, 0xae, 0x02, 0x73, 0xa1,
0x89, 0x01, 0x29, 0x77, 0x9f, 0xce, 0x34, 0xf0,
0xca, 0xf6, 0xf3, 0x53, 0xbf, 0xde, 0x9e, 0xe3,
0x37, 0x27, 0x86, 0x78, 0xc9, 0xb6, 0xe7, 0x58
]),
cryptoMath.createArray([
0x75, 0x63, 0x11, 0xf8, 0x96, 0xc5, 0x03, 0xec,
0xdb, 0x2f, 0x60, 0x8a, 0x1c, 0xcb, 0xfa, 0x37,
0x8a, 0x95, 0xeb, 0x45, 0x78, 0xe6, 0x5f, 0x19,
0x0f, 0x1a, 0x8b, 0x54, 0x4d, 0x20, 0xb0, 0x82
]),
cryptoMath.createArray([
0x14, 0x2d, 0x15, 0x0c, 0x85, 0x5b, 0xa9, 0xaa,
0x7d, 0xcc, 0x71, 0x82, 0x1a, 0x53, 0x8e, 0xdb,
0x54, 0x48, 0x36, 0xdf, 0x80, 0x50, 0x91, 0x26,
0x79, 0xcc, 0xd7, 0x23, 0x3f, 0xbb, 0xa6, 0x36
])
];
// P256 curve
this.p256 = cryptoECC.createP256();
// recommended parameters
this.Gq = new UProve.ECGroup(this.p256);
this.getGq = function () {
return this.Gq;
}
this.Zq = new cryptoMath.IntegerGroup(cryptoMath.createArray(cryptoMath.digitsToBytes(this.p256.order)));
this.getZq = function () {
return this.Zq;
}
this.getGenerator = function () {
return this.p256.generator;
}
// update the hash with the group values
// hash - UProve.Hash - the hash function to update
this.updateHash = function (hash) {
// H(p,a,b,g,q,1)
hash.updateBytes(cryptoMath.digitsToBytes(this.p256.p));
hash.updateBytes(cryptoMath.digitsToBytes(this.p256.a));
hash.updateBytes(cryptoMath.digitsToBytes(this.p256.b));
hash.updatePoint(this.p256.generator);
hash.updateBytes(cryptoMath.digitsToBytes(this.p256.order));
hash.updateBytes([0x01]);
}
// returns an array of n + 2 pre-generated generators: 1, g1, ..., gn, gt.
// The first element (g0) is set to 1 and must be replaced by caller with
// an Issuer-specific value.
this.getPreGenGenerators = function (n) {
var gen = new Array(n + 2);
gen[0] = this.Gq.getIdentityElement(); // to be replaced by caller
for (var i = 1; i <= n ; i++) { // g1, ..., gn
gen[i] = this.Gq.createPoint(this.generatorsX[i - 1], this.generatorsY[i - 1]);
}
gen[n + 1] = this.Gq.createPoint(this.generatorsX[this.t - 1], this.generatorsY[this.t - 1]);
return gen;
}
this.getX = function (input, counter) {
var numIterations = 1; // for P-256/SHA-256, ratio is 1
var H = new UProve.Hash();
var zeroByte = 0x30; // ascii value for 0
H.updateRawBytes(input);
// Hash([index, count, iteration]). index always 0 for generation scope, iteration always 0 for P-256/SHA-256
H.updateRawBytes([zeroByte, zeroByte + counter, zeroByte]);
var digest = H.digest();
return this.Gp.createElementFromBytes(digest);
}
this.Gp = new cryptoMath.IntegerGroup(cryptoMath.digitsToBytes(this.p256.p), true);
this.GpZero = this.Gp.createElementFromInteger(0);
this.generateScopeElement = function (s) {
if (!s) {
throw "invalid scope";
}
var sqrtSolver = new cryptoMath.ModularSquareRootSolver(this.p256.p /*, rand*/); // no need to set rand when using NIST curves
var x = null;
var y = null;
var count = 0;
var index = 0;
while (y === null) {
var x = this.getX(s, count);
// z = x^3 + ax + b mod p
var z = this.Gp.getIdentityElement();
this.Gp.modmul(x, x, z); // z = x^2 mod p
var a = this.Gp.createElementFromDigits(this.p256.a);
this.Gp.add(z, a, z); // z = x^2 + a mod p
this.Gp.modmul(z, x, z); // z = x^3 + ax mod p
var b = this.Gp.createElementFromDigits(this.p256.b);
this.Gp.add(z, b, z); // z = x^3 + ax + b mod p
if (cryptoMath.compareDigits(z.m_digits, this.GpZero.m_digits)) {
y = z;
}
else {
// y = Sqrt(z)
// i.e. y such that y^2 === z mod p
// or null if no such element exists
y = sqrtSolver.squareRoot(z.m_digits);
}
count++;
}
// take the smallest sqrt of y
var finalY = cryptoMath.intToDigits(0, this.Gp.m_digitWidth);
cryptoMath.subtract(this.p256.p, y, finalY);
if (cryptoMath.compareDigits(y, finalY) < 0) {
finalY = y;
}
counter = count - 1;
return this.Gq.createPoint(x.toByteArrayUnsigned(), cryptoMath.digitsToBytes(finalY));
}
}
UProve.ECP256.OID = "1.3.6.1.4.1.311.75.1.2.1";

1954
scripts/SubgroupL2048N256.js Normal file

Разница между файлами не показана из-за своего большого размера Загрузить разницу

784
scripts/UProve.js Normal file
Просмотреть файл

@ -0,0 +1,784 @@
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT license.
"use strict";
var UProve = UProve || {};
UProve.Uint8ArrayToArray = function (uint8Array) {
return (uint8Array.length === 1) ? [uint8Array[0]] : Array.apply(null, uint8Array);
}
//
// Hash
//
// Constructs a new Hash object with an underlying SHA256 hash.
// Usage: create the Hash object, call update... methods, and
// call digest to finalize the hash computation.
UProve.Hash = function Hash() {
// the underlying hash function
this.sha256 = msrcryptoSha256.sha256;
// update the hash with one byte
// b - byte - the byte value to hash
this.updateByte = function (b) {
this.sha256.process([b]);
}
// update the hash with the size of an input
// size - number - the value to hash
this.updateUint32 = function (size) {
var buffer = [
(size >> 24),
(size >> 16),
(size >> 8),
size
];
this.sha256.process(buffer);
}
// update the hash with a byte array
// bytes - UintArray - the bytes to hash
this.updateBytes = function (bytes) {
this.updateUint32(bytes.length);
this.sha256.process(UProve.Uint8ArrayToArray(bytes));
}
// update the hash with a byte array directly without using U-Prove formatting
// bytes - UintArray - the bytes to hash
this.updateRawBytes = function (bytes) {
this.sha256.process(UProve.Uint8ArrayToArray(bytes));
}
// update the hash with a null value
this.updateNull = function () {
this.updateUint32(0);
}
// update the hash with a list of bytes
this.updateListOfBytes = function (list) {
this.updateUint32(list.length);
for (var i = 0; i < list.length; i++) {
this.updateByte(list[i]);
}
}
// update the hash with a list of byte arrays
this.updateListOfByteArrays = function (list) {
this.updateUint32(list.length);
for (var i = 0; i < list.length; i++) {
this.updateBytes(list[i]);
}
}
// update the hash with a list of indices
this.updateListOfIndices = function (list) {
this.updateUint32(list.length);
for (var i = 0; i < list.length; i++) {
this.updateUint32(list[i]);
}
}
// update the hash with a list of integer
this.updateListOfIntegers = function (list) {
this.updateUint32(list.length);
for (var i = 0; i < list.length; i++) {
this.updateBytes(list[i].toByteArrayUnsigned());
}
}
// update the hash with an elliptic curve point
this.updatePoint = function (point) {
this.updateBytes(cryptoECC.sec1EncodingFp().encodePoint(point));
}
// returns the hash digest
this.digest = function () {
return new Uint8Array(this.sha256.finish());
}
}
//
// Helpers
//
UProve.uint8ArrayToBase64 = function (bytes) {
return btoa(String.fromCharCode.apply(null, bytes));
}
UProve.base64ToArray = function (b64String) {
return atob(b64String).split("").map(function (c) { return c.charCodeAt(0); });
}
UProve.base64ToUint8Array = function (b64String) {
return new Uint8Array(UProve.base64ToArray(b64String));
}
// Computes a*b+c mod q
UProve.ATimesBPlusCModQ = function ATimesBPlusCModQ(Zq, a, b, c) {
var result = Zq.createElementFromInteger(0);
Zq.multiply(a, b, result);
Zq.add(result, c, result);
return result;
}
UProve.multiModExp = function (Gq, bases, exponents) {
if (bases.length != exponents.length) {
throw "bases and exponents have different lengths";
}
var result = Gq.getIdentityElement();
var temp = Gq.getIdentityElement();
for (var i = 0; i < bases.length; i++) {
Gq.modexp(bases[i], exponents[i], temp);
Gq.multiply(result, temp, result);
}
return result;
}
UProve.computeX = function (Zq, A, e) {
var x;
if (e === 1) {
if (A === null) {
x = 0;
} else {
var H = new UProve.Hash();
H.updateBytes(A);
x = Zq.createModElementFromBytes(H.digest());
}
} else if (e === 0) {
x = Zq.createModElementFromBytes(A);
} else {
throw "invalid e value: " + e;
}
return x;
}
UProve.computeXArray = function (Zq, attributes, e) {
var n = attributes.length;
if (n != e.length) {
throw "arguments must have the same length";
}
var x = new Array(n);
for (var i = 0; i < n; i++) {
x[i] = UProve.computeX(Zq, attributes[i], e[i]);
}
return x;
}
UProve.computeXt = function (Zq, ip, ti) {
var P = ip.computeDigest();
var H = new UProve.Hash();
H.updateByte(1);
H.updateBytes(P);
H.updateBytes(ti);
return Zq.createModElementFromBytes(H.digest());
}
UProve.computeTokenId = function (token) {
var hash = new UProve.Hash();
hash.updateBytes(token.h.toByteArrayUnsigned());
hash.updateBytes(token.szp.toByteArrayUnsigned());
hash.updateBytes(token.scp.toByteArrayUnsigned());
hash.updateBytes(token.srp.toByteArrayUnsigned());
return hash.digest();
}
UProve.computeSigmaCPrime = function (Zq, h, pi, sigmaZPrime, sigmaAPrime, sigmaBPrime) {
var hash = new UProve.Hash();
hash.updateBytes(h.toByteArrayUnsigned());
hash.updateBytes(pi);
hash.updateBytes(sigmaZPrime.toByteArrayUnsigned());
hash.updateBytes(sigmaAPrime.toByteArrayUnsigned());
hash.updateBytes(sigmaBPrime.toByteArrayUnsigned());
return Zq.createModElementFromBytes(hash.digest());
}
UProve.generateChallenge = function (Zq, issuerParam, token, a, D, disclosedX, C, tildeC, tildeA, p, ap, Ps, m, md) {
// cp = H(uidt, a, <D>, <{xi}_in D>, C, <{tildeCi}_in C>, <{tildeAi}_in C>, p', ap, Ps, m)
var uidt = UProve.computeTokenId(token);
var hash = new UProve.Hash();
hash.updateBytes(uidt);
hash.updateBytes(a);
hash.updateListOfIndices(D);
hash.updateListOfIntegers(disclosedX);
C ? hash.updateListOfIndices(C) : hash.updateNull();
tildeC ? hash.updateListOfIntegers(tildeC) : hash.updateNull();
tildeA ? hash.updateListOfByteArrays(tildeA) : hash.updateNull();
hash.updateUint32(p); // p'
ap ? hash.updateBytes(ap) : hash.updateNull();
Ps ? hash.updateBytes(Ps.toByteArrayUnsigned()) : hash.updateNull();
hash.updateBytes(m);
var cp = hash.digest();
// c = H(<cp, md>) --> Zq
hash = new UProve.Hash();
hash.updateUint32(2);
hash.updateBytes(cp);
md ? hash.updateBytes(md) : hash.updateNull();
return Zq.createModElementFromBytes(hash.digest());
}
UProve.generateIdEscrowChallenge = function (Zq, UIDp, UIDt, H, CbBytes, E1, E2, CbPrime, E1Prime, E2Prime, additionalInfo) {
// H(UID_p, UID_t, H, Cxb, E1, E2, Cxb', E1', E2', additionalInfo)
var hash = new UProve.Hash();
hash.updateBytes(UIDp);
hash.updateBytes(UIDt);
hash.updateBytes(H.toByteArrayUnsigned());
hash.updateBytes(CbBytes);
hash.updateBytes(E1.toByteArrayUnsigned());
hash.updateBytes(E2.toByteArrayUnsigned());
hash.updateBytes(CbPrime.toByteArrayUnsigned());
hash.updateBytes(E1Prime.toByteArrayUnsigned());
hash.updateBytes(E2Prime.toByteArrayUnsigned());
hash.updateBytes(additionalInfo);
return Zq.createModElementFromBytes(hash.digest());
}
UProve.IssuerParams = function IssuerParams(uidp, descGq, g, e, s) {
this.uidp = uidp;
this.descGq = descGq;
this.g = g;
this.e = e;
this.s = s;
UProve.IssuerParams.prototype.isValid = function () {
// verify that g0 is a group element, all other params are fixed
return true;
}
UProve.IssuerParams.prototype.computeDigest = function () {
if (this.P === undefined) {
var H = new UProve.Hash();
H.updateBytes(this.uidp);
this.descGq.updateHash(H);
H.updateListOfIntegers(this.g);
H.updateListOfBytes(this.e);
H.updateBytes(this.s);
this.P = H.digest();
}
return this.P;
}
UProve.IssuerParams.prototype.ParseFirstMessage = function (fmObj) {
try {
if (!fmObj.sz || !fmObj.sa || !fmObj.sb || fmObj.sa.length != fmObj.sb.length) {
throw "invalid serialization";
}
var firstMsg = {};
var Gq = this.descGq.getGq();
firstMsg.sz = Gq.createElementFromBytes(UProve.base64ToUint8Array(fmObj.sz));
var numberOfTokens = fmObj.sa.length;
firstMsg.sa = new Array(numberOfTokens);
firstMsg.sb = new Array(numberOfTokens);
for (var i = 0; i < numberOfTokens; i++) {
firstMsg.sa[i] = Gq.createElementFromBytes(UProve.base64ToUint8Array(fmObj.sa[i]));
firstMsg.sb[i] = Gq.createElementFromBytes(UProve.base64ToUint8Array(fmObj.sb[i]));
}
} catch (e) {
throw new "can't parse first message: " + e;
}
return firstMsg;
}
UProve.IssuerParams.prototype.ParseThirdMessage = function (tmObj) {
try {
if (!tmObj.sr) {
throw "invalid serialization";
}
var thirdMsg = {};
var Zq = this.descGq.getZq();
var numberOfTokens = tmObj.sr.length;
thirdMsg.sr = new Array(numberOfTokens);
for (var i = 0; i < numberOfTokens; i++) {
thirdMsg.sr[i] = Zq.createElementFromBytes(UProve.base64ToUint8Array(tmObj.sr[i]));
}
} catch (e) {
throw new "can't parse third message: " + e;
}
return thirdMsg;
}
UProve.IssuerParams.prototype.ParseKeyAndToken = function (ukatObj) {
var keyAndToken = {};
var Gq = this.descGq.getGq();
var Zq = this.descGq.getZq();
try {
if (!ukatObj.token || !ukatObj.key || !ukatObj.token.uidp || !ukatObj.token.h || !ukatObj.token.szp || !ukatObj.token.scp || !ukatObj.token.srp) {
throw "invalid serialization";
}
keyAndToken.token = {
"uidp": UProve.base64ToUint8Array(ukatObj.token.uidp),
"h": Gq.createElementFromBytes(UProve.base64ToUint8Array(ukatObj.token.h)),
"ti": ukatObj.token.ti ? UProve.base64ToUint8Array(ukatObj.token.ti) : null,
"pi": ukatObj.token.pi ? UProve.base64ToUint8Array(ukatObj.token.pi) : null,
"szp": Gq.createElementFromBytes(UProve.base64ToUint8Array(ukatObj.token.szp)),
"scp": Zq.createElementFromBytes(UProve.base64ToUint8Array(ukatObj.token.scp)),
"srp": Zq.createElementFromBytes(UProve.base64ToUint8Array(ukatObj.token.srp)),
"d": false
}
keyAndToken.key = Zq.createElementFromBytes(UProve.base64ToUint8Array(ukatObj.key));
} catch (e) {
throw new "can't parse key and token: " + e;
}
return keyAndToken;
}
UProve.ParseIDEscrowParams = function (ieParamsObj) {
var obj = {}
try {
if (!ieParamsObj.uidp || !ieParamsObj.ge) {
throw "missing field";
}
obj.uipd = UProve.base64ToUint8Array(ieParamsObj.uidp);
obj.ge = this.descGq.getGq().createElementFromBytes(UProve.base64ToUint8Array(ieParamsObj.ge));
} catch (e) {
throw "can't parse id escrow params: " + e;
}
return obj;
}
UProve.ParseIDEscrowPublicKey = function (iePubKeyObj) {
var obj = {}
try {
if (!iePubKeyObj.H) {
throw "missing field";
}
obj.H = this.descGq.getGq().createElementFromBytes(UProve.base64ToUint8Array(iePubKeyObj.H));
} catch (e) {
throw "can't parse id escrow params: " + e;
}
return obj;
}
}
UProve.ParseIssuerParams = function (ipObj) {
try {
if (!ipObj.uidp || !ipObj.descGq || !ipObj.e || !ipObj.g || !ipObj.s) {
throw "missing field";
}
var uidp = UProve.base64ToUint8Array(ipObj.uidp);
var descGq;
if (ipObj.descGq.name == UProve.L2048N256.OID) {
descGq = new UProve.L2048N256();
} else if (ipObj.descGq.name == UProve.ECP256.OID) {
descGq = new UProve.ECP256();
} else {
throw "unknown group: " + ipObj.descGq.name;
}
var e = UProve.base64ToArray(ipObj.e);
var numAttribs = e.length;
var g = descGq.getPreGenGenerators(numAttribs);
g[0] = descGq.getGq().createElementFromBytes(UProve.base64ToUint8Array(ipObj.g[0]));
var s = UProve.base64ToUint8Array(ipObj.s);
} catch (e) {
throw "can't parse issuer parameters: " + e;
}
return new UProve.IssuerParams(uidp, descGq, g, e, s);
}
UProve.Prover = function Prover(rng, ip) {
this.rng = rng;
this.ip = ip;
this.Gq = this.ip.descGq.getGq();
this.Zq = this.ip.descGq.getZq();
UProve.Prover.prototype.generateSecondMessage = function (numberOfTokens, attributes, ti, pi, externalGamma, firstMsg, skipTokenValidation) {
var validateToken = skipTokenValidation ? false : true;
this.ti = ti;
this.pi = pi;
var generator = this.ip.descGq.getGenerator();
this.numberOfTokens = numberOfTokens;
this.secondMsg = { "sc" : [] }
this.h = new Array(this.numberOfTokens);
this.alphaInverse = new Array(this.numberOfTokens);
this.beta2 = new Array(this.numberOfTokens);
this.sigmaZPrime = new Array(this.numberOfTokens);
this.sigmaCPrime = new Array(this.numberOfTokens);
if (validateToken) {
this.tokenValidationValue = new Array(this.numberOfTokens);
}
// Prover input
var gamma;
if (!externalGamma) {
var x = UProve.computeXArray(this.Zq, attributes, this.ip.e);
x.unshift(this.Zq.createElementFromInteger(1)); // exponent 1 for g0
x.push(UProve.computeXt(this.Zq, this.ip, ti));
// compute gamma = g0 * g1^x1 * ... * gn^xn * gt^xt
gamma = UProve.multiModExp(this.Gq, this.ip.g, x);
} else {
gamma = this.Gq.createElementFromBytes(externalGamma);
}
var sigmaZ = firstMsg.sz;
for (var i = 0; i < this.numberOfTokens; i++) {
// Prover precomputation
var alpha = this.rng.getRandomZqElement();
var beta1 = this.rng.getRandomZqElement();
this.beta2[i] = this.rng.getRandomZqElement();
// compute h = gamma^alpha
this.h[i] = this.Gq.getIdentityElement();
this.Gq.modexp(gamma, alpha, this.h[i]);
// compute alpha^-1
this.alphaInverse[i] = this.Zq.createElementFromInteger(0);
this.Zq.inverse(alpha, this.alphaInverse[i]);
var sigmaA = firstMsg.sa[i];
var sigmaB = firstMsg.sb[i];
// compute sigmaZPrime = sigmaZ ^ alpha
this.sigmaZPrime[i] = this.Gq.getIdentityElement();
this.Gq.modexp(sigmaZ, alpha, this.sigmaZPrime[i]);
// compute sigmaAPrime = g0^beta1 * g^beta2 * sigmaA
var bases = new Array(this.ip.g[0], generator);
var exponents = new Array(beta1, this.beta2[i]);
var sigmaAPrime = UProve.multiModExp(this.Gq, bases, exponents);
this.Gq.multiply(sigmaAPrime, sigmaA, sigmaAPrime);
// compute sigmaBPrime = sigmaZPrime^beta1 * h^beta2 * sigmaB^alpha
bases = new Array(this.sigmaZPrime[i], this.h[i], sigmaB);
exponents = new Array(beta1, this.beta2[i], alpha);
var sigmaBPrime = UProve.multiModExp(this.Gq, bases, exponents);
// compute sigmaCPrime = H(h, PI, sigmaZPrime, sigmaAPrime, sigmaBPrime) mod q
this.sigmaCPrime[i] = UProve.computeSigmaCPrime(this.Zq, this.h[i], pi, this.sigmaZPrime[i], sigmaAPrime, sigmaBPrime);
// compute sigmaC = sigmaCPrime + beta1
var sigmaC = this.Zq.createElementFromInteger(0);
this.Zq.add(this.sigmaCPrime[i], beta1, sigmaC);
this.secondMsg.sc[i] = UProve.uint8ArrayToBase64(sigmaC.toByteArrayUnsigned());
if (validateToken) {
// value = sigmaA' . sigmaB' . (g0 . sigmaZ')^sigmaC'
var value = this.Gq.getIdentityElement();
var temp = this.Gq.getIdentityElement();
this.Gq.multiply(sigmaAPrime, sigmaBPrime, value);
this.Gq.multiply(this.ip.g[0], this.sigmaZPrime[i], temp);
this.Gq.modexp(temp, this.sigmaCPrime[i], temp);
this.Gq.multiply(value, temp, value);
this.tokenValidationValue[i] = value;
}
}
return this.secondMsg;
}
UProve.Prover.prototype.getIssuanceState = function () {
var state = {};
state.h = new Array(this.numberOfTokens);
state.alphaInverse = new Array(this.numberOfTokens);
state.beta2 = new Array(this.numberOfTokens);
state.sigmaZPrime = new Array(this.numberOfTokens);
state.sigmaCPrime = new Array(this.numberOfTokens);
if (this.tokenValidationValue) {
state.tokenValidationValue = new Array(this.numberOfTokens);
}
for (var i = 0; i < this.numberOfTokens; i++) {
state.h[i] = UProve.uint8ArrayToBase64(this.h[i].toByteArrayUnsigned());
state.alphaInverse[i] = UProve.uint8ArrayToBase64(this.alphaInverse[i].toByteArrayUnsigned());
state.beta2[i] = UProve.uint8ArrayToBase64(this.beta2[i].toByteArrayUnsigned());
state.sigmaZPrime[i] = UProve.uint8ArrayToBase64(this.sigmaZPrime[i].toByteArrayUnsigned());
state.sigmaCPrime[i] = UProve.uint8ArrayToBase64(this.sigmaCPrime[i].toByteArrayUnsigned());
if (this.tokenValidationValue) {
state.tokenValidationValue[i] = UProve.uint8ArrayToBase64(this.tokenValidationValue[i].toByteArrayUnsigned());
}
}
return state;
}
UProve.Prover.prototype.setIssuanceState = function (state) {
if (!state || !state.h || !state.alphaInverse || !state.beta2 || !state.sigmaZPrime || !state.sigmaCPrime) {
throw "invalid state";
}
this.numberOfTokens = state.h.length;
this.h = new Array(this.numberOfTokens);
this.alphaInverse = new Array(this.numberOfTokens);
this.beta2 = new Array(this.numberOfTokens);
this.sigmaZPrime = new Array(this.numberOfTokens);
this.sigmaCPrime = new Array(this.numberOfTokens);
if (state.tokenValidationValue) {
this.tokenValidationValue = new Array(this.numberOfTokens);
}
for (var i = 0; i < this.numberOfTokens; i++) {
this.h[i] = this.Gq.createElementFromBytes(UProve.base64ToUint8Array(state.h[i]));
this.alphaInverse[i] = this.Zq.createElementFromBytes(UProve.base64ToUint8Array(state.alphaInverse[i]));
this.beta2[i] = this.Zq.createElementFromBytes(UProve.base64ToUint8Array(state.beta2[i]));
this.sigmaZPrime[i] = this.Gq.createElementFromBytes(UProve.base64ToUint8Array(state.sigmaZPrime[i]));
this.sigmaCPrime[i] = this.Zq.createElementFromBytes(UProve.base64ToUint8Array(state.sigmaCPrime[i]));
if (state.tokenValidationValue) {
this.tokenValidationValue[i] = this.Gq.createElementFromBytes(UProve.base64ToUint8Array(state.tokenValidationValue[i]));
}
}
}
UProve.Prover.prototype.generateTokens = function (thirdMsg) {
if (this.numberOfTokens != thirdMsg.sr.length) {
throw "invalid length for message";
}
var keyAndTokens = new Array(this.numberOfTokens);
for (var i = 0; i < this.numberOfTokens; i++) {
var sigmaR = thirdMsg.sr[i];
var sigmaRPrime = this.Zq.createElementFromInteger(0);
this.Zq.add(sigmaR, this.beta2[i], sigmaRPrime);
// validate the token
if (this.tokenValidationValue) {
var temp = this.Gq.getIdentityElement();
this.Gq.multiply(this.ip.descGq.getGenerator(), this.h[i], temp);
this.Gq.modexp(temp, sigmaRPrime, temp);
if (!this.tokenValidationValue[i].equals(temp)) {
throw "invalid signature for token " + i;
}
}
keyAndTokens[i] = {
token: {
"h": UProve.uint8ArrayToBase64(this.h[i].toByteArrayUnsigned()),
"szp": UProve.uint8ArrayToBase64(this.sigmaZPrime[i].toByteArrayUnsigned()),
"scp": UProve.uint8ArrayToBase64(this.sigmaCPrime[i].toByteArrayUnsigned()),
"srp": UProve.uint8ArrayToBase64(sigmaRPrime.toByteArrayUnsigned()),
},
key: UProve.uint8ArrayToBase64(this.alphaInverse[i].toByteArrayUnsigned())
}
}
return keyAndTokens;
}
UProve.Prover.prototype.generateProof = function (keyAndToken, D, C, m, md, attributes, scopeData, commitmentPrivateValues) {
if (!keyAndToken || !keyAndToken.key || !keyAndToken.token) {
throw "invalid key and token";
}
var n = ip.e.length;
var t = n + 1;
if (n != attributes.length) {
throw "wrong number of attributes";
}
if (scopeData) {
if (!scopeData.p || scopeData.p <= 0 || scopeData.p >= n) {
throw "invalid pseudonym index: " + scopeData.p;
}
if (!scopeData.s && !scopeData.gs) {
throw "either scopeData.s or scopeData.gs must be set";
}
}
var token = keyAndToken.token;
// make sure D and C arrays is sorted
D.sort(function (a, b) { return a - b; } ); // from Crockford's "JavaScript: the good parts"
if (C) {
C.sort(function (a, b) { return a - b; } ); // from Crockford's "JavaScript: the good parts"
}
var x = new Array(n + 2);
var size = 1 + (n - D.length);
var disclosedA = new Array(D.length);
var disclosedX = new Array(D.length);
var w = new Array(size);
var bases = new Array(size);
w[0] = this.rng.getRandomZqElement();
bases[0] = token.h;
var uIndex = 1;
var dIndex = 0;
var cIndex = 0;
var wpIndex = 0;
var commitmentData = {};
if (C) {
commitmentData.tildeC = new Array(C.length);
commitmentData.tildeA = new Array(C.length);
commitmentData.tildeO = new Array(C.length);
commitmentData.tildeW = new Array(C.length);
}
for (var i = 1; i <= n; i++) {
x[i] = UProve.computeX(this.Zq, attributes[i - 1], this.ip.e[i - 1]);
if (i == D[dIndex]) {
// xi is disclosed
disclosedX[dIndex] = x[i];
disclosedA[dIndex] = UProve.uint8ArrayToBase64(attributes[i - 1]);
dIndex++;
} else {
// xi is undisclosed
w[uIndex] = this.rng.getRandomZqElement();
bases[uIndex] = this.ip.g[i];
if (scopeData && scopeData.p == i) {
wpIndex = uIndex;
}
if (C && C.lastIndexOf(i.toString()) >= 0) {
// xi is committed
commitmentData.tildeO[cIndex] = this.rng.getRandomZqElement();
commitmentData.tildeW[cIndex] = this.rng.getRandomZqElement();
var cBases = [this.ip.descGq.getGenerator(), this.ip.g[1]];
commitmentData.tildeC[cIndex] = UProve.multiModExp(this.Gq, cBases, [x[i], commitmentData.tildeO[cIndex]]);
var tildeAInput = UProve.multiModExp(this.Gq, cBases, [w[uIndex], commitmentData.tildeW[cIndex]]);
var hash = new UProve.Hash();
hash.updateBytes(tildeAInput.toByteArrayUnsigned());
commitmentData.tildeA[cIndex] = hash.digest();
cIndex++;
}
uIndex++;
}
}
x[t] = UProve.computeXt(this.Zq, this.ip, token.ti); // xt
var aInput = UProve.multiModExp(this.Gq, bases, w);
var hash = new UProve.Hash();
hash.updateBytes(aInput.toByteArrayUnsigned());
var a = hash.digest();
var ap = null;
var Ps = null;
if (scopeData) {
var gs;
if (scopeData.gs) {
gs = this.Gq.createElementFromBytes(scopeData.gs);
} else {
gs = this.ip.descGq.generateScopeElement(scopeData.s);
}
var apInput = this.Gq.getIdentityElement();
this.Gq.modexp(gs, w[wpIndex], apInput);
var hash = new UProve.Hash();
hash.updateBytes(apInput.toByteArrayUnsigned());
ap = hash.digest();
Ps = this.Gq.getIdentityElement();
this.Gq.modexp(gs, x[scopeData.p], Ps);
}
/* FIXME: delete
if (C) {
commitmentData.tildeC = new Array(C.length);
commitmentData.tildeA = new Array(C.length);
commitmentData.tildeO = new Array(C.length);
commitmentData.tildeW = new Array(C.length);
for (var i = 0; i < C.length; i++) {
commitmentData.tildeO[i] = this.rng.getRandomZqElement();
commitmentData.tildeW[i] = this.rng.getRandomZqElement();
var bases = new Array(this.ip.descGq.getGenerator(), this.ip.g[1]);
var exponents = new Array(x[C[i]], commitmentData.tildeO[i]);
commitmentData.tildeC[i] = UProve.multiModExp(this.Gq, bases, exponents);
exponents = new Array(w[i+1], commitmentData.tildeW[i]);
var tildeAInput = UProve.multiModExp(this.Gq, bases, exponents);
var hash = new UProve.Hash();
hash.updateBytes(tildeAInput.toByteArrayUnsigned());
commitmentData.tildeA[i] = hash.digest();
}
*/
var c = UProve.generateChallenge(this.Zq, this.ip, token, a, D, disclosedX, C, commitmentData.tildeC, commitmentData.tildeA, scopeData ? scopeData.p : 0, ap, Ps, m, md);
var cNegate = this.Zq.createElementFromInteger(0);
this.Zq.subtract(this.Zq.createElementFromInteger(0), c, cNegate);
var r = new Array(size);
r[0] = UProve.uint8ArrayToBase64(UProve.ATimesBPlusCModQ(this.Zq, c, keyAndToken.key, w[0]).toByteArrayUnsigned());
dIndex = 0;
uIndex = 1;
for (var i = 1; i <= n; i++) {
if (i == D[dIndex]) {
// xi is disclosed
dIndex++;
} else {
// xi is undisclosed, compute a response
r[uIndex] = UProve.uint8ArrayToBase64(UProve.ATimesBPlusCModQ(this.Zq, cNegate, x[i], w[uIndex]).toByteArrayUnsigned());
uIndex++;
}
}
if (C) {
commitmentData.tildeR = new Array(C.length);
for (var i = 0; i < C.length; i++) {
commitmentData.tildeR[i] = UProve.uint8ArrayToBase64(
UProve.ATimesBPlusCModQ(this.Zq, cNegate,
commitmentData.tildeO[i], commitmentData.tildeW[i]).toByteArrayUnsigned());
commitmentData.tildeC[i] = UProve.uint8ArrayToBase64(commitmentData.tildeC[i].toByteArrayUnsigned());
commitmentData.tildeA[i] = UProve.uint8ArrayToBase64(commitmentData.tildeA[i]);
}
}
var proof = {
"D": disclosedA,
"a": UProve.uint8ArrayToBase64(a),
"r": r
}
if (scopeData) {
proof.ap = UProve.uint8ArrayToBase64(ap);
proof.Ps = UProve.uint8ArrayToBase64(Ps.toByteArrayUnsigned());
}
if (C) {
proof.tc = commitmentData.tildeC;
proof.ta = commitmentData.tildeA;
proof.tr = commitmentData.tildeR;
}
if (commitmentPrivateValues && commitmentData.tildeO) {
commitmentPrivateValues.tildeO = commitmentData.tildeO;
}
return proof;
}
UProve.Prover.prototype.verifiableEncrypt = function (escrowParams, escrowPublicKey, token, additionalInfo, proof, commitmentPrivateValue, commitmentBytes, idAttribIndex, attribute) {
var temp = this.Gq.getIdentityElement();
var generator = this.ip.descGq.getGenerator();
var r = this.rng.getRandomZqElement();
var E1 = this.Gq.getIdentityElement();
this.Gq.modexp(generator, r, E1); // E1 = g^r
var xb = UProve.computeX(this.Zq, attribute, this.ip.e[idAttribIndex - 1]);
var E2 = this.Gq.getIdentityElement();
this.Gq.modexp(generator, xb, E2); // E2 = g^xb
this.Gq.modexp(escrowPublicKey.H, r, temp); // temp = H^r
this.Gq.multiply(E2, temp, E2); // E2 = g^xb H^r
var xbPrime = this.rng.getRandomZqElement();
var obPrime = this.rng.getRandomZqElement();
var CbPrime = this.Gq.getIdentityElement();
this.Gq.modexp(generator, xbPrime, CbPrime); // C'b = g^xb'
this.Gq.modexp(this.ip.g[1], obPrime, temp); // temp = g1^ob'
this.Gq.multiply(CbPrime, temp, CbPrime); // C'b = g^xb' g1^ob'
var rPrime = this.rng.getRandomZqElement();
var E1Prime = this.Gq.getIdentityElement();
this.Gq.modexp(generator, rPrime, E1Prime); // E1' = g^r'
var E2Prime = this.Gq.getIdentityElement();
this.Gq.modexp(generator, xbPrime, E2Prime); // E2' = g^xb'
this.Gq.modexp(escrowPublicKey.H, rPrime, temp); // temp = H^r'
this.Gq.multiply(E2Prime, temp, E2Prime); // E2' = g^xb' H^r'
var c = UProve.generateIdEscrowChallenge(
this.Zq, this.ip.uidp, UProve.computeTokenId(token), escrowPublicKey.H, commitmentBytes, E1, E2, CbPrime, E1Prime, E2Prime, additionalInfo);
var cNegate = this.Zq.createElementFromInteger(0);
this.Zq.subtract(this.Zq.createElementFromInteger(0), c, cNegate);
var rxb = UProve.ATimesBPlusCModQ(this.Zq, cNegate, xb, xbPrime); // rXb = xb' - c.xb
var rr = UProve.ATimesBPlusCModQ(this.Zq, cNegate, r, rPrime); // rr = r' - c.r
var rob = UProve.ATimesBPlusCModQ(this.Zq, cNegate, commitmentPrivateValue, obPrime); // ro = ob' - c.ob
var ieProof = {
"E1": UProve.uint8ArrayToBase64(E1.toByteArrayUnsigned()),
"E2": UProve.uint8ArrayToBase64(E2.toByteArrayUnsigned()),
"info": UProve.uint8ArrayToBase64(additionalInfo),
"ieproof": {
"c": UProve.uint8ArrayToBase64(c.toByteArrayUnsigned()),
"rXb": UProve.uint8ArrayToBase64(rxb.toByteArrayUnsigned()),
"rR": UProve.uint8ArrayToBase64(rr.toByteArrayUnsigned()),
"rOb": UProve.uint8ArrayToBase64(rob.toByteArrayUnsigned())
}
}
return ieProof;
}
}

396
scripts/UProveTest.js Normal file
Просмотреть файл

@ -0,0 +1,396 @@
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT license.
"use strict";
var cryptoUProveTest = cryptoUProveTest || {};
var performanceTimer = (typeof performance === "undefined" ? Date : performance); // performance not supported on Safari
cryptoUProveTest.testVectorDirectory = "TestVectors";
// Read a byte array in comma delimited format into a Uint8Array
cryptoUProveTest.readNumberList = function (string) {
var elements = string.split(',');
var array = new Array();
for (var i = 0; i < elements.length; i++) {
var number = elements[i].valueOf();
array[i] = number;
}
return array;
};
// Read a hex string into a Uint8Array
cryptoUProveTest.readHexString = function (hexString) {
var array = new Array();
var index = 0;
if ((hexString.length % 2) != 0) {
// prepend 0
hexString = "0" + hexString;
}
for (var i = 0; i < hexString.length; i += 2) {
array[index++] = parseInt("0x" + hexString.substr(i, 2), 16);
}
var result = new Uint8Array(array);
return result;
}
cryptoUProveTest.readFileDataInDictionary = function (filename) {
var request = new XMLHttpRequest();
request.open("GET", cryptoUProveTest.testVectorDirectory + "/" + filename, false)
request.send(null);
var fileData = request.responseText;
var lines = fileData.split('\r\n');
var dictionary = {};
for (var j = 1; j < lines.length; j++) { // skip the file header in line 0
var lineData = lines[j].split(" = ");
dictionary[lineData[0]] = lineData[1];
}
return dictionary;
}
cryptoUProveTest.readTestVectors = function (filename) {
var vectorsData = cryptoUProveTest.readFileData(filename);
// put each test vector variable in a dictionary
var lines = vectorsData.split('\r\n');
var vectors = {};
for (var j = 1; j < lines.length; j++) { // skip the header
var lineData = lines[j].split(" = ");
vectors[lineData[0]] = lineData[1];
}
return vectors;
}
cryptoUProveTest.readRecommendedParams = function (filename) {
var paramsData = cryptoUProveTest.readFileData(filename);
// put each test vector variable in a dictionary
var lines = paramsData.split('\r\n');
var vectors = {};
for (var j = 1; j < lines.length; j++) { // skip the header
var lineData = lines[j].split(" = ");
vectors[lineData[0]] = lineData[1];
}
return vectors;
}
// Execute the U-Prove hashing tests
cryptoUProveTest.executeHashTests = function (outputDiv) {
// read recommended parameters
var vectors = cryptoUProveTest.readFileDataInDictionary("testvectors_hashing.txt");
cryptoUProveTest.hashUnitTest(vectors, outputDiv);
};
// U-Prove hash unit test
cryptoUProveTest.hashUnitTest = function (vectors, outputDiv) {
// clear output
outputDiv.innerHTML = "";
var t1 = performanceTimer.now();
// hash_byte (0x01) = 4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a
var testCase = "hash_byte (0x01)";
var H = new UProve.Hash();
H.updateByte(0x01);
if (!cryptoMath.sequenceEqual(H.digest(), cryptoUProveTest.readHexString(vectors[testCase]))) {
throw "invalid digest for input " + testCase;
}
// hash_octectstring (0x0102030405) = 16df7d2d0c3882334fe0457d298a7b2413e1e5b7a880f0b5ec79eeeae7f58dd8
testCase = "hash_octectstring (0x0102030405)";
var bytesx0102030405 = cryptoUProveTest.readHexString("0102030405");
H = new UProve.Hash();
H.updateBytes(bytesx0102030405);
if (!cryptoMath.sequenceEqual(H.digest(), cryptoUProveTest.readHexString(vectors[testCase]))) {
throw "invalid digest for input " + testCase;
}
// hash_null (null) = df3f619804a92fdb4057192dc43dd748ea778adc52bc498ce80524c014b81119
testCase = "hash_null (null)";
H = new UProve.Hash();
H.updateNull();
if (!cryptoMath.sequenceEqual(H.digest(), cryptoUProveTest.readHexString(vectors[testCase]))) {
throw "invalid digest for input " + testCase;
}
// hash_list [0x01, 0x0102030405, null] = dfd6a31f867566ffeb6c657af1dafb564c3de74485058426633d4b6c8bad6732
testCase = "hash_list [0x01, 0x0102030405, null]";
H = new UProve.Hash();
H.updateUint32(3);
H.updateByte(0x01);
H.updateBytes(bytesx0102030405);
H.updateNull();
if (!cryptoMath.sequenceEqual(H.digest(), cryptoUProveTest.readHexString(vectors[testCase]))) {
throw "invalid digest for input " + testCase;
}
// hash_group (1.3.6.1.4.1.311.75.1.1.1) = 7b36c8a3cf1552077e1cacb365888d25c9dc54f3faed7aff9b11859aa8e4ba06
testCase = "hash_group (1.3.6.1.4.1.311.75.1.1.1)";
H = new UProve.Hash();
var Gq = new UProve.L2048N256();
Gq.updateHash(H);
if (!cryptoMath.sequenceEqual(H.digest(), cryptoUProveTest.readHexString(vectors[testCase]))) {
throw "invalid digest for input " + testCase;
}
// hash_group (1.3.6.1.4.1.311.75.1.2.1) = 02bb879cb2f89c19579105be662247db15ab45875cfc63a58745361d193ba248
testCase = "hash_group (1.3.6.1.4.1.311.75.1.2.1)";
H = new UProve.Hash();
var Gq = new UProve.ECP256();
Gq.updateHash(H);
if (!cryptoMath.sequenceEqual(H.digest(), cryptoUProveTest.readHexString(vectors[testCase]))) {
throw "invalid digest for input " + testCase;
}
var time = performanceTimer.now() - t1;
outputDiv.innerHTML += ("Hash tests: " + time.toFixed(10) + " ms <br/>");
}
// Execute the U-Prove protocol tests
cryptoUProveTest.executeUProveTests = function (outputDiv, lite, ecc) {
cryptoUProveTest.testLiteMode = lite;
cryptoUProveTest.testECC = ecc;
cryptoUProveTest.testVectorFile = "testvectors_" + (cryptoUProveTest.testECC ? "EC" : "SG") + "_D2" + (cryptoUProveTest.testLiteMode ? "_lite" : "") + "_doc.txt";
cryptoUProveTest.recommendedParamsFile = "UProveRecommendedParams" + (cryptoUProveTest.testECC ? "P256" : "L2048N256") + ".txt";
cryptoUProveTest.params = cryptoUProveTest.readFileDataInDictionary(cryptoUProveTest.recommendedParamsFile);
// read recommended parameters
var vectors = cryptoUProveTest.readFileDataInDictionary(cryptoUProveTest.testVectorFile);
cryptoUProveTest.proverUnitTest(cryptoUProveTest.params, vectors, outputDiv);
};
// U-Prove Prover unit test
cryptoUProveTest.proverUnitTest = function (params, vectors, outputDiv) {
var numAttribs = 5;
var t = numAttribs + 1;
function readVectorElement(group, vectors, label, isEcGq) {
if (isEcGq === 'undefined') {
isEcGq = false;
}
if (isEcGq) {
return group.createPoint(cryptoUProveTest.readHexString(vectors[label + ".x"]), cryptoUProveTest.readHexString(vectors[label + ".y"]));
} else {
return group.createElementFromBytes(cryptoUProveTest.readHexString(vectors[label]));
}
}
function verifyComputation(group, v, vName, isEcGq) {
if (isEcGq === "undefined") {
isEcGq = false;
}
if (!v.equals(readVectorElement(group, vectors, vName, isEcGq))) {
throw "invalid " + vName;
}
}
function verifyArrayComputation(v, vName) {
if (!cryptoMath.sequenceEqual(v, cryptoUProveTest.readHexString(vectors[vName]))) {
throw "invalid " + vName;
}
}
////////////////////////////////////////////
// Issuance protocol
////////////////////////////////////////////
var useECC = (params["OID"] === "1.3.6.1.4.1.311.75.1.2.1");
// clear output
outputDiv.innerHTML = "";
// instantiate the group construction
var Group = null;
if (useECC) {
Group = new UProve.ECP256();
} else {
Group = new UProve.L2048N256();
}
var Gq = Group.getGq();
var Zq = Group.getZq();
var uidp = cryptoUProveTest.readHexString(vectors["UIDp"]);
var g = Group.getPreGenGenerators(numAttribs);
g[0] = readVectorElement(Gq, vectors, "g0", useECC);
var e = new Array(numAttribs);
for (var i = 1; i <= numAttribs; i++) {
if (!g[i].equals(readVectorElement(Gq, params, "g" + i, useECC))) {
throw "invalid g" + i;
}
e[i - 1] = cryptoUProveTest.readHexString(vectors["e" + i])[0]; // we only keep the first byte of the returned byte array
}
var s = cryptoUProveTest.readHexString(vectors["S"]);
var ip = new UProve.IssuerParams(uidp, Group, g, e, s);
if (!ip.isValid()) {
throw "invalid ip";
}
// check the ip digest against test vector value
verifyArrayComputation(ip.computeDigest(), "P");
// this rng will return the test vector values in order in which they are expected
var testVectorsRNG = {
values:
cryptoUProveTest.testLiteMode ?
[ // lite version
readVectorElement(Zq, vectors, "alpha"),
readVectorElement(Zq, vectors, "beta1"),
readVectorElement(Zq, vectors, "beta2"),
readVectorElement(Zq, vectors, "w0"),
readVectorElement(Zq, vectors, "w1"),
readVectorElement(Zq, vectors, "w3"),
readVectorElement(Zq, vectors, "w4"),
]
:
[ // full version
readVectorElement(Zq, vectors, "alpha"),
readVectorElement(Zq, vectors, "beta1"),
readVectorElement(Zq, vectors, "beta2"),
readVectorElement(Zq, vectors, "w0"),
readVectorElement(Zq, vectors, "w1"),
readVectorElement(Zq, vectors, "tildeO1"),
readVectorElement(Zq, vectors, "tildeW1"),
readVectorElement(Zq, vectors, "w3"),
readVectorElement(Zq, vectors, "w4"),
readVectorElement(Zq, vectors, "tildeO4"),
readVectorElement(Zq, vectors, "tildeW4"),
readVectorElement(Zq, vectors, "ie_r"),
readVectorElement(Zq, vectors, "ie_xbPrime"),
readVectorElement(Zq, vectors, "ie_obPrime"),
readVectorElement(Zq, vectors, "ie_rPrime")
],
index : -1,
getRandomZqElement: function () { this.index++; return this.values[this.index] }
};
var t1 = performanceTimer.now();
var prover = new UProve.Prover(testVectorsRNG, ip);
var time = performanceTimer.now() - t1;
outputDiv.innerHTML += ("Setup (" + (useECC ? "ECC" : "Subgroup") + "): " + time.toFixed(10) + " ms <br/>");
var totalTime = time;
//
// Second message
//
var attributes = new Array(numAttribs);
for (var i = 1; i <= numAttribs; i++) {
attributes[i - 1] = cryptoUProveTest.readHexString(vectors["A" + i]);
}
var ti = cryptoUProveTest.readHexString(vectors["TI"]);
var pi = cryptoUProveTest.readHexString(vectors["PI"]);
// verify the computation of the x_i
var x = UProve.computeXArray(Zq, attributes, e);
for (var i = 1; i <= numAttribs; i++) {
verifyComputation(Zq, x[i - 1], "x" + i);
}
verifyComputation(Zq, UProve.computeXt(Zq, ip, ti), "xt");
var firstMsg = {
"sz": readVectorElement(Gq, vectors, "sigmaZ", useECC),
"sa": [readVectorElement(Gq, vectors, "sigmaA", useECC)],
"sb": [readVectorElement(Gq, vectors, "sigmaB", useECC)]
};
var gamma = readVectorElement(Gq, vectors, "gamma", useECC).toByteArrayUnsigned();
t1 = performanceTimer.now();
var secondMsg = prover.generateSecondMessage(1, attributes, ti, pi, gamma, firstMsg);
time = performanceTimer.now() - t1;
outputDiv.innerHTML += ("Second message (with pre-computed gamma): " + time.toFixed(10) + " ms <br/>");
totalTime += time;
verifyComputation(Zq, Zq.createModElementFromBytes(UProve.base64ToUint8Array(secondMsg.sc[0])), "sigmaC");
//
// Generate token
//
var thirdMsg = {
"sr": [readVectorElement(Zq, vectors, "sigmaR")]
};
t1 = performanceTimer.now();
var keyAndToken = prover.generateTokens(thirdMsg);
time = performanceTimer.now() - t1;
totalTime += time;
outputDiv.innerHTML += ("Generate token: " + time.toFixed(10) + " ms <br/>");
outputDiv.innerHTML += ("<b>Total issuance: " + totalTime.toFixed(10) + " ms</b> <br/>");
var token = keyAndToken[0].token;
verifyComputation(Gq, Gq.createElementFromBytes(UProve.base64ToUint8Array(token.h)), "h", useECC);
verifyComputation(Gq, Gq.createElementFromBytes(UProve.base64ToUint8Array(token.szp)), "sigmaZPrime", useECC);
verifyComputation(Zq, Zq.createModElementFromBytes(UProve.base64ToUint8Array(token.scp)), "sigmaCPrime");
verifyComputation(Zq, Zq.createModElementFromBytes(UProve.base64ToUint8Array(token.srp)), "sigmaRPrime");
//
// Generate proof
//
var disclosed = cryptoUProveTest.readNumberList(vectors["D"]);
var committed = cryptoUProveTest.testLiteMode ? null : cryptoUProveTest.readNumberList(vectors["C"]);
var undisclosed = cryptoUProveTest.readNumberList(vectors["U"]);
var message = cryptoUProveTest.readHexString(vectors["m"]);
var messageD = cryptoUProveTest.readHexString(vectors["md"]);
var scopeData = cryptoUProveTest.testLiteMode ? null : {
p: vectors["p"],
gs: readVectorElement(Gq, vectors, "gs", useECC).toByteArrayUnsigned()
}
var commitmentPrivateValues = {}
t1 = performanceTimer.now();
keyAndToken[0].token.uidp = UProve.uint8ArrayToBase64(ip.uidp);
keyAndToken[0].token.ti = UProve.uint8ArrayToBase64(ti);
keyAndToken[0].token.pi = UProve.uint8ArrayToBase64(pi);
var ukat = ip.ParseKeyAndToken(keyAndToken[0]);
var proof = prover.generateProof(ukat, disclosed, committed, message, messageD, attributes, scopeData, commitmentPrivateValues);
time = performanceTimer.now() - t1;
var dSize = disclosed.length;
outputDiv.innerHTML += ("<b>Total presentation: " + time.toFixed(10) + " ms</b> <br/>");
outputDiv.innerHTML += ("( 1 token with " + numAttribs + " attributes, disclosing " + dSize + (cryptoUProveTest.testLiteMode ? "" : ", with a scope-exclusive pseudonym and commitment") + ")<br/>");
verifyArrayComputation(UProve.base64ToUint8Array(proof.a), "a");
if (!cryptoUProveTest.testLiteMode) { verifyArrayComputation(UProve.base64ToUint8Array(proof.ap), "ap"); }
if (!cryptoUProveTest.testLiteMode) { verifyComputation(Gq, Gq.createElementFromBytes(UProve.base64ToUint8Array(proof.Ps)), "Ps", useECC); }
verifyComputation(Zq, Zq.createModElementFromBytes(UProve.base64ToUint8Array(proof.r[0])), "r0");
for (var i = 1; i <= undisclosed.length; i++) {
verifyComputation(Zq, Zq.createModElementFromBytes(UProve.base64ToUint8Array(proof.r[i])), "r" + undisclosed[i - 1]);
}
if (!cryptoUProveTest.testLiteMode) {
for (var i = 0; i < committed.length; i++) {
verifyComputation(Gq, Gq.createElementFromBytes(UProve.base64ToUint8Array(proof.tc[i])), "tildeC" + committed[i], useECC);
verifyArrayComputation(UProve.base64ToUint8Array(proof.ta[i]), "tildeA" + committed[i]);
verifyComputation(Zq, Zq.createModElementFromBytes(UProve.base64ToUint8Array(proof.tr[i])), "tildeR" + committed[i]);
}
// generate ID escrow proof
var ie_escrowParams = {
"uidp": cryptoUProveTest.readHexString(vectors["UIDp"]),
"ge": Group.getGenerator().toByteArrayUnsigned()
}
var ie_escrowPublicKey = {
"H": readVectorElement(Gq, vectors, "ie_H", useECC)
}
var ie_x = readVectorElement(Zq, vectors, "ie_x");
var ie_additionalInfo = cryptoUProveTest.readHexString(vectors["ie_additionalInfo"]);
var ie_idAttribIndex = vectors["ie_b"];
t1 = performance.now();
var ie_proof = prover.verifiableEncrypt(ie_escrowParams, ie_escrowPublicKey, ukat.token, ie_additionalInfo, proof, commitmentPrivateValues.tildeO[0], UProve.base64ToUint8Array(proof.tc[0]), ie_idAttribIndex, attributes[ie_idAttribIndex - 1]);
time = performance.now() - t1;
outputDiv.innerHTML += ("Verifiable encryption: " + time.toFixed(10) + " ms <br/>");
verifyComputation(Gq, Gq.createElementFromBytes(UProve.base64ToUint8Array(ie_proof.E1)), "ie_E1", useECC);
verifyComputation(Gq, Gq.createElementFromBytes(UProve.base64ToUint8Array(ie_proof.E2)), "ie_E2", useECC);
verifyArrayComputation(UProve.base64ToUint8Array(ie_proof.info), "ie_additionalInfo");
verifyComputation(Zq, Zq.createModElementFromBytes(UProve.base64ToUint8Array(ie_proof.ieproof.c)), "ie_c");
verifyComputation(Zq, Zq.createModElementFromBytes(UProve.base64ToUint8Array(ie_proof.ieproof.rXb)), "ie_rxb");
verifyComputation(Zq, Zq.createModElementFromBytes(UProve.base64ToUint8Array(ie_proof.ieproof.rR)), "ie_rr");
verifyComputation(Zq, Zq.createModElementFromBytes(UProve.base64ToUint8Array(ie_proof.ieproof.rOb)), "ie_rob");
}
};
// Execute the modexp speed tests
cryptoUProveTest.executeModexpSpeedTests = function (exponent, outputDiv, ecc) {
cryptoUProveTest.modexpSpeedTest(exponent, outputDiv, ecc);
};