Crypt-OPAQUE
view release on metacpan or search on metacpan
t/05.sigma_i.t view on Meta::CPAN
);
is($cred_res_r->{masked_response},
pack("H*", 'adb901cb9a50203d9df723560fafa4ce22b66b58a31c8ff070a0bc801ab2161544475404c323712d8916620d4a184cd1603ea31cee0e341d7e3a5da01ab1eef8d6d132ee54cad7a68a72ef06ca0bdde88ac930e13aa906fd284aa79ca51e694f07'),
'create_credential_response');
my $other_data_b = encode_cbor([ @{$cred_res_r}{qw/Z masking_nonce masked_response/} ]);
my $b_send_msg2_r = b_send_msg2(
$group, $b_recv_msg1_r, $id_b, "$Bin/b_s_priv.pem",$random_range, $point_compress_t, $hash_name, $key_len, \&encode_cbor,
$mac_func,
$sign_func,
$enc_func,
$ctx,
$other_data_b,
);
### other_data_b: unpack("H*", $other_data_b)
my ( $nb, $ek_key_b_r, $derive_key_b_r, $msg2 ) = @{$b_send_msg2_r}{qw/nb y_r derive_key msg2/};
my ( $b_z, $b_ke, $b_km ) = @{$derive_key_b_r}{qw/z ke km/};
my ( $b_recv_na, $b_recv_ek_a_pub, $b_recv_ek_a_pub_pkey ) = @{$b_recv_msg1_r}{qw/na gx gx_pkey/};
my ( $ek_b, $ek_b_priv, $ek_b_pub, $ek_b_pub_hex_compressed, $ek_b_pub_pkey, $ek_b_priv_pkey ) =
@{$ek_key_b_r}{qw/priv_key priv_bn pub_point pub_hex pub_pkey priv_pkey/};
### $id_b
### $other_data_b
### nb: $nb->to_hex
write_pubkey_to_pem( 'b_ek_pub.pem', $ek_b_pub_pkey );
### $ek_b_pub_hex_compressed
write_key_to_pem( 'b_ek_priv.pem', $ek_b_priv_pkey );
### ek_b_priv: $ek_b_priv->to_hex
### msg2: unpack("H*", $msg2)
# }
# a -> b { ENC{ A, SigA(MAC(0, nb, A, g^x)) }
my $a_recv_msg2_r = a_recv_msg2(
$group, $msg1_r, $msg2,
$hash_name, $key_len,
\&decode_cbor,
$dec_func,
$ctx,
);
my $a_recv_other_data_b = $a_recv_msg2_r->{other_data_b};
my $cred_res_arr = decode_cbor $a_recv_other_data_b;
my $a_recv_cred_res_r = { Z => $cred_res_arr->[0], masking_nonce => $cred_res_arr->[1], masked_response => $cred_res_arr->[2] };
my $unpack_func = sub {
my ($r) = @_;
my $s_pub = substr $r, 0, 33;
my $nonce = substr $r, 33, 32;
my $auth_tag = substr $r, 65, 32;
### r: unpack("H*", $r)
### s_pub: unpack("H*", $s_pub)
### nonce: unpack("H*", $nonce)
### auth_tag: unpack("H*", $auth_tag)
return [ $s_pub, $nonce, $auth_tag ];
};
my $recover_r = recover_credentials($cred_req_r, $a_recv_cred_res_r, $pwd, $id_a, $a_recv_msg2_r->{id_b}, $Nseed, $group_name, $finalize_info, $finalize_DST, $hash_name, $expand_message_func, $mac_func, $pwd_harden_func, $unpack_func);
is($recover_r->{export_key}, pack("H*", '77869b0d11debf6fc88c1d192dde9546baf528b2f70c2aea89960fc2178586da'), 'recover_credentials');
is($recover_r->{c_priv}->to_hex, 'D1D280F712E4EBF3C881C686E13C281BC3A3FAB30A00411A350F4F8B7A1EA550', 'recover_credentials');
my $a_recover_a_s_priv_pkey = gen_ec_key($group_name, $recover_r->{c_priv}->to_hex);
write_key_to_pem("$Bin/a_recover_c_s_priv.pem", $a_recover_a_s_priv_pkey );
my $a_recover_b_s_pub_pkey = gen_ec_pubkey($group_name, unpack("H*", $recover_r->{s_pub}));
write_pubkey_to_pem("$Bin/a_recover_b_s_pub.pem", $a_recover_b_s_pub_pkey );
my $a_verify_msg2 = a_verify_msg2(
$msg1_r, $a_recv_msg2_r, "$Bin/a_recover_b_s_pub.pem",
\&encode_cbor,
$mac_func,
$sig_verify_func,
);
my $a_recv_ek_b_pub_pkey = gen_ec_pubkey( $group_name, unpack( "H*", $a_recv_msg2_r->{gy} ));
write_pubkey_to_pem( 'a_recv_b_ek_pub.pem', $a_recv_ek_b_pub_pkey );
my $a_send_msg3 = a_send_msg3(
$id_a,
"$Bin/a_recover_c_s_priv.pem",
$msg1_r,
$a_recv_msg2_r,
\&encode_cbor,
$mac_func,
$sign_func,
$enc_func,
);
### a_send_msg3: unpack("H*", $a_send_msg3)
# }
# b recv a { MAC(2, na, "ack")
my $msg3_verify_res = b_recv_msg3(
$b_recv_msg1_r,
$b_send_msg2_r,
$a_send_msg3,
"$Bin/b_recv_a_s_pub.pem",
\&encode_cbor, \&decode_cbor,
$mac_func,
$sig_verify_func,
$dec_func,
);
### $msg3_verify_res
my $mac4 = b_send_msg4( $b_recv_msg1_r, $b_send_msg2_r, \&encode_cbor, $mac_func );
### mac4: unpack("H*", $mac4)
# }
# a recv b {
my $res_msg4 = a_recv_msg4( $mac4, $na, $a_recv_msg2_r, \&encode_cbor, $mac_func );
### $res_msg4
# }
# ks {
my $b_ks = derive_ks( $b_z, $b_recv_na, $nb->to_bin, $hash_name, $key_len );
### b_ks: unpack("H*", $b_ks)
my $a_ks = derive_ks( $a_recv_msg2_r->{derive_key}{z}, $na->to_bin, $a_recv_msg2_r->{nb}, $hash_name, $key_len );
### a_ks: unpack("H*", $a_ks)
# }
( run in 1.854 second using v1.01-cache-2.11-cpan-99c4e6809bf )