From 610c23a430edb37b616d1c09720ed6d1617e17a6 Mon Sep 17 00:00:00 2001 From: armfazh Date: Wed, 13 Mar 2024 12:54:33 -0700 Subject: [PATCH 1/4] Using SHAKE128 as a fixed prgn for golden files. --- abe/cpabe/tkn20/example_test.go | 7 ++++++- abe/cpabe/tkn20/gen_testdata.go | 11 +++-------- abe/cpabe/tkn20/testdata/attributeKey | Bin 2788 -> 2788 bytes abe/cpabe/tkn20/testdata/ciphertext | Bin 2376 -> 2376 bytes abe/cpabe/tkn20/testdata/publicKey | Bin 3282 -> 3282 bytes abe/cpabe/tkn20/testdata/secretKey | Bin 1136 -> 1136 bytes 6 files changed, 9 insertions(+), 9 deletions(-) diff --git a/abe/cpabe/tkn20/example_test.go b/abe/cpabe/tkn20/example_test.go index 1b263ff15..6e2c378af 100644 --- a/abe/cpabe/tkn20/example_test.go +++ b/abe/cpabe/tkn20/example_test.go @@ -84,6 +84,8 @@ func Example() { if err != nil { log.Fatalf("%s", err) } + fmt.Printf("plaintext size: %v bytes\n", len(msgStr)) + fmt.Printf("ciphertext size: %v bytes\n", len(ct)) // generate secret key for certain set of attributes wrongAttrs := cpabe.Attributes{} @@ -127,6 +129,9 @@ func Example() { log.Fatalf("recovered plaintext: %s is not equal to original msg: %s", pt, msgStr) } fmt.Println("Successfully recovered plaintext") - // Output: (occupation:doctor and country:US) + // Output: + // (occupation:doctor and country:US) + // plaintext size: 27 bytes + // ciphertext size: 2735 bytes // Successfully recovered plaintext } diff --git a/abe/cpabe/tkn20/gen_testdata.go b/abe/cpabe/tkn20/gen_testdata.go index 9629efcbc..41886e89f 100644 --- a/abe/cpabe/tkn20/gen_testdata.go +++ b/abe/cpabe/tkn20/gen_testdata.go @@ -6,11 +6,10 @@ package main import ( "encoding" - mrand "math/rand" "os" - "path/filepath" cpabe "github.com/cloudflare/circl/abe/cpabe/tkn20" + "github.com/cloudflare/circl/xof" ) func writeToFile(name string, data []byte) { @@ -30,13 +29,9 @@ func dumpToFile(name string, m encoding.BinaryMarshaler) { func main() { // Using fixed PRNG for reproducibility, - fixedSeed := int64(0xC1C1C1C1) - prng := mrand.New(mrand.NewSource(fixedSeed)) - if prng == nil { - panic("failed to create PRNG") - } + prng := xof.SHAKE128.New() - err := os.MkdirAll(filepath.Join(".", "testdata"), 0o755) + err := os.MkdirAll("testdata", 0o755) if err != nil { panic(err) } diff --git a/abe/cpabe/tkn20/testdata/attributeKey b/abe/cpabe/tkn20/testdata/attributeKey index 4658f65605c098e242480f487a183980c0b23f96..6f6ade5b1598606cddc53d313f1830abd63188e6 100644 GIT binary patch delta 2582 zcmV+x3hDLa7339=qkjjC(_M3QW`qOluHZKB80_=|G`dc=+9Hkn)c_Qxu(7hATr#|j zxnz4EIaQ{L*kA;8P-{rS-5c#vk2PO7X4^S9m7<%ie=cR2-1pF)6>6*Viq!gQ*a^o1i02tL}-~l27Qb*Jrr>l-TY&K)s#2M{xM~L-hpW{as z7tk3lPt+?AQJU#?Y7O)QKNg475d{(~*k)COp4LapxEXY!AcdkyJ7ZOF-B>9F6VfsD zC;WGQo2$fB3V)TW1A}JvikL{t)~>?3U9ldP|#_ak!0lI*)aJsb!Z42)9(<=2u{Tp$D6 z#^wbO*P^T=y8<0!1M&^V3R+!FXmar(9@&iE3GY7(EPp7Q!5Fv=hY%kZLaE*4WnkDJ z!i8+z4MFq8ie!73P=VT?0D2NOZeWX8o4gb8d?NVD2o{C(AOw!ggWyLR#k%p|YsjjM zz7LUl2~mU}@L7JfYJZ9dot`UGbwjlCqP$9+#tbf|H>s$5I*6HefJGVr6AO79zUB=d zaAR(+Jb&MpUNwDJrlCiPq{-nUQ}ROp57Y~yGELJ!cC=}VyaBN8fzsJNihIdoHox9O zi?84OLMpn8b$OU`3Pj7H-0c1k=%s`K1ONd55u<6J{+h|^Mr#(mzc5GmFSpS{iOI7P z7S3_5r%q}bh~{dGk)&OGE!f%t_u*2z3m#6H5r4@v#l7h-`?qQnjkJiyPV*zUt};y! z5z1-N%?Ru*xy(M|>cD7eLoQ+#Fay|;L+fyP7%K1(t}KxA{Lp2le-RM^S#mQ6;FjIY z5UPyp1M~@rwaI_2`2k?~rxP=zfOC3RdZwI2Pm7zT)0<_2rH-T;xV5`gZV=r#s-BfO zbbp!DOaKz^Uw*VpA3GKbQ{E7^k7I)deWPv2r|PoXQ_AdAG$Ur}%0d)f!?jU$dGc#! z!*Up-;J?`G@cPfx8nwSysZjh2kwd_(xa>)~#Cken_7Wh<|t3 zzk_vh!QoGf0-?3RY>-7fkgX3d19Qq6NxiTmSXKqw;MS+etV=EZOf<=Lcghyy;t4?} z!0S5v0{EY1m;fo&Wssf{sx&&0)2klig;jIGI<k~6)UnB9>>TaS9DWR12ibU!48kY4}aIrfb@T@ zDlU|x*7R#Y(Cgb7EmS;OR%?$+5vCIo74vYV{dhCbaHuw0R#X602FQ< zZTuRqRR*f$6Zb$1%v1{INq?w#mFJx~B?ZVMSm|up`DZcX>q3q^j;vYQuxSVI8*GuC zlj*c6%aa3bgWte@%r23&#v>dR{s|>z=nC{k-|nUgyzN-7Ejh5=uNM_-dS8>RBKz9g z&WCphvOD~I2=JouxQ9?&io55hL6=Jn=f?|HEQCMV&x@htws8p8tAC|s07dZ6^@v0C z4u~A=4ZkVYE(#GHY|XZ4DKl`DA(yo~2-RJM)*f;_WKzL|4%N*F-MC#BLR{b=lGHnEakIczclZNf zkJnQqZc|g-!!iOsRew*7vDFMRcM1JEv`WKp5fex9P~vOww;aDXB8i{ZeN+d2iX{Tz zN!V5gCLHt;8;;fd+9e;jqnl&lQFw}l5ksi1AIG18avjR^oE<~0HT{RMV031pZki^ zUd=Hdg6?rLf_A_2e6HyGh%~sFuzjgq+UG}l%}U(TJk+(+vfc@8=Iov=sEsyc*Z|zj z>y)KcDT;oJ*Q{!( zZh&+*Oco1NVt62I)8K-ULo8Tf ziG_$7)CjXVkR_VUo9&AlySN8}36~|01tzJN80a?_dW;<4DbqV#$HJ3sV)AEDXufKYC7$}Cd#K0PmfSMucj0_jEJG-4}5 sTx!gIdZ+g+L;cx0!*E6>oRAADg$L>hAKWg zHeXydT7AYwM^_W#b9uA7Ey|aj(Ud}%NPOGKz$*t80`-iHFE!c;eR%9Gx}ry|6!mQ0 zp)vUqAf^n;0FjmhMkXtyPwyJ*8--M4yNaSj#O2$>5C@Ksc7G}vsLFHDI~D9wLW~_Z z=n`lLdkcT7H%C=`!~|JOLlo@pT;hXlONlw|0u51+&@Au%KQS|+Gy>YWlH+zhf#M+& zTQ4%~<5=Iip2BmldW^)4Q5UOZZpE$m*^H4XkKjU$LANUa#Z-c?T)5lKx4ZQRqaM@A zS8T47mSig1(|=^>CE{&#Nx5v7uHF^^ddXU9*7?4Txr&~Ygv<4gPn9vc zP~Igzm?vrhXZ|Wh=8li5#;!oF&stvheJFg1AY)gvw(U6zY2<1tdlv*Ug6nRI zzMgFI*njClBP3P6b~2P({PA&cXP5r%%U zkyV)L)=_!TYSm|SR5=W@$Cd7CXZaju7J9Xt__tbB*918LZz&=4-zwIFZ7fJ6fA%y zHGc=2_)@eWD!lPGfddoqR+I6LzCrC5E3Zq+2F^5D3C0(ij`&!jcR%cJ=x(PHNcg{p z?UYXGLs#q5;sq5da5Z2!b%*RQB6y{K=&tKA+(MfO0vv={hv z_{g3Vy!2`^Hq&1Hc3=XW);c>LUTMtvmo6-By9ol)yp{2lTYsL*6RyS^D_cDwcIfZ} z00IC-RfGWq0096BGG2hH#z9oJM+=3CmVe^PZ*~a~50`1RTF{arhk-4OQMZ&O#ec!N z>_YWpmB37-7iQ}4eQMMgx2PjJEt&(S%!Q&0NyulY=)C{A3=yd|poDNk3B*iQWZtgj zAVqSC1@83$%ncqA6lC-MVUYT`zaLbyJ|jW>AH*~dE~+(iU$9iMuEEmIS4) zKWVZmy`N)khDLQA?l3S-+HL7zYo1Px8gPFjWy<6F`_yU2fl+rFw{)R7=MDFsjJMn@ zq`lv94>hVqG4R6YPZ)s2Xzzqw5?Jr%B=9YtCE^N3<4eKU4c>_s91i8BqJKz0&Lv3+ zNBxR`GOwzGg9dt2oJ@8#{f#uU_JhMkp4EGwcv~qFcr*aY&?60xN&Qd$9ijd9$4i?V z2!>aBp0*UfaGuW5U_l>xqcMBtsi_VE#}IuNH9v`ng4!V3ng7Y5~G&ntGXZ`d69hqrHkmu-3Ms*eifr#!c(qNu9%n>Fc`ij`R zmhcV3(jY8c=YKwU5xsk1q_MljO~Z6>-Bu5#?iv&h?`pQyfsSbq(7f4+VyAbfV(dpK znbvSIu3;EU2)>uUNq;mUrQ_bK5;#;pmq)Q;2sy-JuWpk}s#&EsWZ?9~h*r|B z`<%-8v#OeS83_-g3|UJfNmC)4e!6Yz6xw&(eFCl_OOhT@JUeu<4WdU~b=l6yP_B!E z!(D(?f_L`tmwNpuEMVekjZ_E5dq3 z&{Bexw1i|RMWp&M?qwyZ`~|-H<`r% zcirc-ME!QXa$nJ?SCJ1q0U8#wxkm8lidb5`Nz{QkAyRmtM9u)J=(--(!6M^Z3fT0Bq6bqi zh+-&;!KfpkSI_`Me510VPXMCWT~P@{T%r=LM>{GzAah5vf@xX+SASn3G80aXsW4I( zmL>Tr*bz1oL0yfhx5-v%X@WGb&jS-O%!P+tCc$6s8N-Y~{og@q1u{cT%d@Nl#7g!l za7~33o#nwLIVTcV(p-F zu%`g>Ub~9p0gBE*ed~IE6f=45IxCvF92)-IcHA7;G>@JT|2-4_=$SE+6WeDGhJ+I5 s{^SlsFR>3eug1SWx^C(X^U**zPwur_5HIr^%nlCR{HY5}hXaN_U4$miNB{r; diff --git a/abe/cpabe/tkn20/testdata/ciphertext b/abe/cpabe/tkn20/testdata/ciphertext index 922cf1914cdb3ee012ea76f2ce21b62d4afa4674..d96e2cb75943a60155431f099eeb8bb62450097b 100644 GIT binary patch delta 2337 zcmV++3EuX|637xFAOKyXM$1{giK?drZ=S~^W=K%Ezu)Blh}mf|H+CYKdSa0xL4OvA zJqnOtRB4v*<)8zgjI!7#{w)9`|?klL);Rs(kk75xSkCF=UAy}po z7_HFBES4izJ$adsO`>mHFN_vjpNouZha!moC-c?lr_~I!p3>!`T>J->dVzUMg@5!& znmC;_@FQ~CVK}+qG>B-19h+gu_oXa8ljm}jJE-nJf$7f#9<^Hd#Po^D3tp>l@X z)VADIUghchM*oV)C6;a-qP+5gRsi?whcBAvpw*uQCFz+N$R;yi4yeU^7&vM2S)s(9 zbj_iNyf1c1;a!`XE+dEeySy|F&xJ$r#Kp|k=u!X=W7f6m(|3={>Ts@=U4LnRe|XievN zTuY(6sZRn#EnW?W>&F*}$GpP3QMl`21VGK`_q283Pkt$%KWC3mn^ohhz}j)lx2Scx z)gOW6LFP-uIIyj?*%SM^R)26GzZoT9n)&apg-pOHmV{ zIR$p7+(5TSA<%2jN0d#c4+>^yI&uhG2_VBxb>YDs!#EC!ZUuhw7a-VjodT}`jZY94 z`;*11;}mBYl6I3#_!F21w7tw(_IEVtVn=4%enjf7T`s*tch8D(uzwk&oocCnPZe9f z@)s^5hTfW8;)NCnnRT84t)KPFs<$mdrTtRZ=L{x2IN~^D zS$&~cbMqDd3`^+=$in9m;e*am_2MHEYlWEWzRfI0V!c$FwkfmEAfMb%s-e`@zrjka zt6su5V;nC<3iSJ6Z$3I6A6@ntCWD(XZ4Cc^a* zDwuj+?^-y({pM@_I=lb}^rF-`dc#05855Fz*u|0vR%B!$Euj166G>f7#RBdcbM>UEG#3OM^E9s^U1gq# zB_q6+JkEU_=o}bNe*A2lwWk@NdTT!Je-mrkilhS-!nLzr(g#A_6c5H-7U$pufK|7u z&DPLK+%wHH0`9(>xgt`{soY&G3uMB z+Q|vz=3+7d52mn=V%{qKCT`j*e{J zP*qCdmVd=6j3I;~@ou8(P2L&1q(O+h`-($2a=v1H45;8>0*EwU(%Hfq*4yQnLsJAnWySZVC07Y zfK~i%_$;->2-~g<%Q1jO?cUwv5hL3(L0K&A<^^$_?i(zS1eM3L;S57zEqW; z^ndf4SQh4lHhVZ7FTWgF{(+g3Mi;|HfqYZG{qXK|(V6YrsQ4LEzpL%s2pMQfe+H1tQ5RN z_0BSL^zbneu2qV%EP_oqa(m{Un2H=xZ+|&om#DSf8=^ceRo`i0=z}-NWp)ApBmn~e z0RR&-=X``!KjJlhtp}AXUw%W?6+6w`E zTMcEutD=MnPv_G<^}ndEB_cD+N)A((Do5_xUJ}QfZBYBk653W)h5GEDB)b`Pw0|nO zlJlzkQ)9qmw%iHtNld)@1=^`pgI}^hQPU@H#M*!J?#;jTbHqHKpO+;J4p76u`OF`L zJMRI{%=~bG#P)qNq2r8&^#9!c)rh(co?l>`0Y@h)r>seML#eh7uvOU7`~di@yfxF* z&^y(@(k?9sYYvB{-_9h8%7qm_?0?3R%M@J$d(M|fqxXVw8G>QfWMu0DGAK)aOvc)= zL!n9>pgohXVE)b2ve^wl8tqqpuROtgp)>wRr9dU-Bmn~e0RRFWe--;yvooa1X!n)R z(sk6_M??)bs&Pphu=OsI1mU8#49>XXN*eYHkw}@uS9i62WUVnbE#t&uk5IZF+r=x$wEl@Riiz+^frWxUYAwS!%bmVbK z(x9j`=$GE5LzPdh{7bN*T-qQJ4kidVMX6$6YJzK?1`_QAtY!;?roDZe<(@tq3*0)M ziN~}5%W>xiz>1#Y0J>T7f?LRm?uQy;7qKa;)RND9 Ha<~H?$2(TC-$<%lN(&UhuDBcZNOnM5L4`(1@sPj3DY>jKWnVvjp>UtUd|mmUp52(GCKy>$~MUTE~v zP)ybgdR>S(AUvj18`EoBfMuhI{}7|rSydu|R;Oo@Rjl)dg!SqYJKhad$$TY+&A)4| zTutDxsPpt!nIJ1F-Z=RAGNSA6k$>HN`17%{sTWy-&W=oK|KEcW1{q0*g1gS>{+5JM zRnKvlr1GZvLf}M(DWmTX)j2iPRS~(~u_mS;}m&dkdA#wv48GrqjOs>r05 z;IW(C%;LQx{{(;OVSlnKG8n^U&H{D~Wamayk`U)|Ibr!kfRcrYh^C)q){}%>iORCS znzf!3>Y@Ek!gxqN>;)`W`1nY{=(RSR*|K7;Y}#AZCrind@CfJMDSskxbBH*1o-@w@ zuhA`(hnDb3tXvZ%UsZA{P=Yw;>&io{ZLEvx@XoeL)Iq0#QB9X`|1DG%bEL3TcX3-G z29M5F8~*~+mAFNlqBIMSU^=1b9WG;J#q_TUNJ;^uhVi30dCDgMHUBj#m~;B$qe6ls zSp5R6m67moRx9G5Jb&I5cG-O~{ z!hL*FVX&6H8IA7q{Z7>LPMf39jMJWxtX~!J%DpD(69k}vS${LQIEYZG0RRL81ONd5 z7=x%eugH2G^c(kEWHH3KdTWhhzVk1%yUPKm8(XNh!(o@F0M3G~6;+W#U2G^<2wsA# zA`80*oj@N@r5LncrUEy%34Z>dX|cR>BK^5bdh!b)wz*>G7Tc2-YXL!40BW7A;%4l+ zZEPNPaZECK>VKrAKF51teXbiY4Py7_+MnPC-(9V^-|{QguJX1TyAPt!5Ic{?&hehB zHpfO?%1Z4n)xPsU+4KRHomIm0dj!g;pM4_Jmhb4r?6*xWX9VQ^*V=04b57d~e(y2H zQY^<+S#ul81LV>J0)YPuTCk-#z+xfb-wO#c_M_5CpMMGHh^oz!`&M{Zx{4GJqe6}R z!8}98$%5<6UccZ2SO3`?JR47?`2G$NKb;!8y_+iIX;MiS;{gG zr*L5*&VSM=QA;Or3D6W$L~W%Fh)!AtqE*BO**W;0f+__Gg(QkB%b+tu8b;HrXo|@z zIwYNSo--X!rSAp#$D|5-X;SG0ebd&uxe;_#+bt70h zhZxn-EoB=ib$2JxdYajaM~lkvQq7<$1>(b|*q$4Q==v?7iv7oSAGWSjD7^ZY-`(D}01_?Zi8{W)2L* zd+8;|7X^R8DsV6Qs;7XK_C~su0h8i80+tOZ{WFP?wjf% z%g6fjnpw49%RbuC!K3YD1KQZUB{q78&m(av+Np@bE_S{+nOx8wea}56 zOBzhe4%AOYup+G}e^c2d)zaa;O5UlteOmT70#xT|`8Bt=jsbuV#(mijw7qSV_`oxA z!`SUt7F_)k21ROiVb#urYX-I?F@GOu2f&eHQ_zEPe%moW4G0Z|er*oK_AV)Jh9YO< zPazH2BX}JJUdN`n!N(fp1jB1w=0Dl)B?m+kMLr2wBmn~e0RR}$U2e?bh;mC77}F|h zrU`(3nI6_i7KnyKH1X!oxR26M%J|mE@xxA4YD80$)D#X)D*vNHZdwi5_kSc_3k^fb zv*9X|@}Y?t?U8HL7Pds%V>fLMrerR^xZCnGrBA^JTr^TlndC0lvzEk4tydJLN&+#W zrbw}6xa{1azaNc(O}UbY^?FI!_Yew<3=*pVOQ#9X4(nyR{$!_KEr3G&@eawM@TnAZ z$Y-6vN|G>zir8iGa|HphNq;6#iF)gS5hJ}Uior@!2V`2N*@5N6T+sOH9_mv|14Rpa zq|b^MU6C^qcDgt+@&xTX;VC{y7@r^ zBq`n_S@@n3f?4-3vq&Hb00000X8^KN0ogCI*x&tEd9^E2WQlPjJa$NC6Sa=+f#)hG zdUgT55j$#@?dX)^Gl>Z_8T%j0EhrGQsMIbXn2PcBwC5+suzTFd5j)4VI2P$Kxpvr6 zCm*}h(TeT5;ys&-9;b(^|!*H(a~D(QN#8)>{Z^x4FS&7GWLv=|XLS7+M@gvx1bE|?n zuKv<&Huh$E-69h0hDR}4jhpj|m z7;`I%?N5VQl-zj~-^Ou-56R+qKiC5rr*wdwHZ=!B*=DM7Xcrr4wzq=;a8{5X@p2IN z{<|SEKI{b=Dg5MlAyUWO&8(RtVyZ_Xc+i|-@{1n`x;1A7omPrb5{*O_ABPl;9k z(LDt?1qdVB?S5RkH3gB+OBD>hxstrOMmr81K2nI+*_NaAM4r10I^=1NOEDsvGHth@ zkav$DiuBQ1>B2_fi5R=M6h_^sDaoX4Hx8eqIJQfgj|3s}cp858ZnZ|A25lNjGyZ|r zYAJeSa6#-}Wef{Cgpxf}0cGpgym7mV6b46k{jav!do+#ueTm6%F86LfIxY>)LntxUURWdyEKTnPzs zU>gUVNvS#8)7DFJ$N7%9ZDf8`xBTx<7=9^xPfZ^3c&GMihru#9wnmtHCw~fq3IzD;9lIoRB~ZTva?j8A z7?Rida#T+tr2Tf8wO2e+lz!N#?|8YYRS@kHi)NrRQ3%1l%NX0$AoKX+h_?k7%=z?B zhhrke(I=IN8~?>ErBoNcGVZVJA0_c2x(*d~(h*N`x~M2Z!R(NLw*-QN!ctlITm%ZK zWZ#HBvn}I_5~RM{!pKbR`Bb<|AQbQMBLg6wal9^cTe*)Vc{{>^ovnYerytIWtb}@Z z5_YG;2UQazfKaVKM731IyM(#REe}4bvS6bjw*-|3LUSxg7Y2kMJ?-|;A9}!E!=0mS zryM7Dd^`Wi+PZb)xjv0N=MsZ6_9j~ITH!cFQ}^8aQTBjYzTZ95OBIxKJ=ODM8Mp+? zt-_JX6iJiinAFH{2Lt;o@?ljRwexH*bzZGzy#-G5Y^)jaUm-l0apxojGbJL4f$)p+ zrW`MC&Wkx^i3p=C|9qgXouAVHZK2Jn$I-JoiL3Gj?Y;fzeXKD6ez~LY;N21%rbAWW z8_}{D)eRe35vTr8Wq$D?D2`@$;kzlZ=CC*KVW0ThY$@1_Y{?1bTjK2v-B~dr2l2X# zY!wgit$m>MK{U<2bgi4Y{CzB3$HUGIUF?hbKdnUHgxE_#V-1a{V3T6IwHM3%JP=Ms zeEDl_JHhqf?_$TLGlGVq`7sPa$ub*K^lN*r$vS@+bW`zfc@QFeqA_}LsTEzb5KLB| z6;^3xul<(1H5W!h6A6+!7R=KRmija5yLLMBoU3P`X;5vhe*>O%I79*i00IC9mJ#_3 zgddR^TE3_*es;Q-L`7gvK!m5(V$??SbrD82+rA_ToR5Mu_>@fvcfbt|*xU*+tN-qh zpqGr^w}3S~w7t$L!Dd)7j&AC}JfWrXD@VvguPMC=6IZ&S5(l~&!8#bfdjrvfMLVu? zglEeQm>6+NCYaiJs=S{u%X{nFuHm%cauBjtOL&Cu|M?jRB5`gAQpF!?$VJj%0%&pq z?p0>D$Ix)oBY3HKbu{b#!41;hw4c><8ed2Mwcqj#k45X5^C`@yr9JiT$sRO6WC(i# z0*$Ea&4c&TwFyVL(Qt)~9BIjE{1xVK=cVHin78=R);5SFLP`%&yq4ez1hr8`(uEME zgJaw6EXXgptm%*%^Cc60I7GK%o|-$2;{<(JAWa|V`3W$1OP^8Zzd}<{bh8r zxMl5a=<{t7;wL0ibt5Bb*J|$EGYBbvC3mb^_4;aVbZNqPEmH!pj5`X?tUJ3l++q2< z`#qHqAz|_u6XHoU=`~?-#~1)wm?%##y8_gYr z1Ofm701+2gdcDUb{-Z9cZQ?JkoEtqoj$D)dm$)Vnnpud1nyN8Brg#S%@KTdEva;ohi=f^u5!3HX){h2(`#*x-V!l` zK|6YvoxU1#;axB&0)?oCfAZ~4lCoeO(KQ!^N^CG5`&%LPZpFHA_tz9qkqit zU8c=9oKX(#1UTv2*>m&NcKg33JO1wW60%?Ad=X(X-0|%~ z#>@KaAK?Y-{Wyl@f%NU9x-I*#tQgXWn)TJ?H6-5T)h+l+Ie=eF-v1PxyJ_YF#Z_Wi zE%!W96`KMHjSqpmjstp1rV-ZYHHM9Qv&hmQ4d|{RI-Cb8GqW^6Js3|4ncyMcPj`c4 z)~4JL7)oKdXmHUSIS#cFoH4(roD=5mT0=b|NCx?+kL0F}0V(fF`AhmLc?^t*5K zTs1f^6bHd9!9flm)=pN|Z56nAFkNnt?2KS&fN-(31!>k(ZyIGznAr3whb$X2&4KJI zUjie6!YOWEYoo#{RS)8p#I@NqE_d9jGCW7_EuAbz!i)eQ=H0#0@Y8OVxD)3Zd=H<2 zbaph<%ZzY9OSv=y6smp!Fa;C}U+g(a5}BdumwnokKU95TR=gcNTdc@(QF(&Sc1ux+p2?<>iyq!wx)&(QRH=;W%# zELAHL*PoEqo$NAI{%%nP4JRDAIGAUZ>(kDRLOk0{y?LtXeFOYhM7wpHdC#{0__V6r z2B`46iVk+?R>hPuDYAN2{|{UFei&+LP3u%&+=R$+V-Z?lb(R**y&tD2u$K-uKQxa6 znHW1oRqmfF67GQO;UTMbgUHpJgK@Q!QA9{-y9duBFSuSzEaajDyHnQ5YNhq4$9F9I zUymTF-U|#a2gWoT9C)d#!osELN(A2?h4K0}9iwC!{8Lep#t)Yn=-;eiNYo=M64vENn)v-5 Qc7g2|zSKffx~{DHgH94V!2kdN literal 3282 zcmV;@3@!5n1_S^C02o(={Cwl~uU`m2v3#{V3?W|9QT*oCtD#@ZXl|OgxszZ>&mEdE z%R4iMd4qiuFb4pI^KGbF@pBY&V(SmNn4sZA&?|lEXuTxWv3aygc-B=-i+xy*+x2w) z*A&;ofCKbW6P;gqgo!YQ*q^CVaEWyqWlk{q(`yBM~P z9<}J+dA|JftQQxj9oOoT=vZ0@63t|s8SFCr=t}0D%GburK}mP6(At#2Hg5*iC>^a0R+R z6)%k0g?%W5GM5eRRQ6W*11mR%r77`mzxtrjw~!%_J-CrP@fN#|;huT$_6?7Z5fUyK zFNp*GxFYHnUeZ8w1q>9hBauPFldk#hT}gM}JW>Ek#}hasOF^7uQKL0${zAb965zui zW-gqkX#;Tbk>|H}_&ghh;TK5;=?435=+5c1tppcK4w$uTah#!D*2r$GTtc!W8rIRU ziNWv%vgs*4&j7Bzxbss5UDdqD@Ct8Yj{!FA;p9)Bel>-pV~P}4BmI!EVf{}#R(Kgw zE9w=U&m^$f2K-mLWK3DNBYCM6RDh%H%lrK{68cBuPBch^K#b|E%oGdPf&B}WYyRTo70&u-+;ZH&twXEYrHyF>6jKWI1%Q@futXX3jCVd+zFlrb1Dt+$-K$~ z9;b`j@Sd+Oafk$0FXrg^=@Za~;14^klz?*sokuNFaP^I3m3VmU<_EjuAKLC-Kxs5$1Hneo_UM+x#7;U;E6eiqNAoanx*uD8p? zLJlGuaGjf8@RwbFL|H4Ij7?Jv;mr99NFI97841LFgT)X@NE~J-le``Cpx~yJEkV4i zovs=9z(uxw(ctwPP`s(Q36#wc*-)t&V+FkFcJg%1Lruhk@Q>I-2rUW|9SuT#4^jL8h43Tpx6q?%W<;EwaUP<%q1h7YPOD42 zeRaZ2!PfVv+#Gcd+8NDh1DzF(SJIFheEAzz?0(~Yj-Yb%8J(`G*WQJ)3tG`MOijK+ zhYr)`8aZ{6s8&rk!vbiw6#7;gXP zRS3`@$&84S_4F3RGk&oqjHjUf|2O0<1|=y^2tQy=83Sq41{8SFKyjq7l+*v=P7}9L zMMw-E&Xy07Js8XLzCmCLJ9q~<;z}QLpc2Z*Z))J8k`Ijq^+pvJUqk`}00ICAijLNv zdB>(byhHVE>63puxqr{$;NMN9T?Ua+MUnG!knTNPqUq9yo-ZIauHbkFtWkxF-L)vj z#2d{WpOHHUno>$c1S6DNZq*4LSY-+b^`L6gx10Wp-#S0jyGo5PK@Zg z%p4Nxs6-D6=k_z5tB0MFv~j2|kJ3BjE^;Y=Ji5X1;J;eAZNcYBRQ`nB zJlNWtM9IB+Nb!fwmM+*A_H-4|<78_#y3kiw@7H@tIWRg_&@2v9SJJavCjP~+

Tw z!o%i+bat!tlxjXt`x|30?k za*CZPU$KQ5?TZ4S`O>#qPjK>ZJE4roC%DHiwGRdO$bEmXYIriGHSmst8eBRD@lk*B zT2#jfWAlF?Da&?WF`$NkbMNWXPbdFayoDm#5>#W^0K-#thsoPe=$k|--qZJP6c{Lk z1Ofm701w54FsjX@a+ND%KYOv84bW0lSBrQ1`7k7Hv|uz)v#X*lvRR^q60{kD6Ti4n zunN!CvNdZ&z&KF^L{@L*bkh&aMyE}{iH5BLSvG5eRM$X*aqJMR9VxCNS9BOg+P?b>oyVg%f}=fvl@`(DnmHV1vcuxH ztvIRlUJk?QN#Ihx7p5}SLGbbY!8V>A%P^xA-#h>wtlIjPRS$t^*5@e0=|B$QQkNFT zpD|Kmqq5UEjy$E1#UA=>yp_wH;Wh~7PW|cLEQ_hl9Ta{#m#;TWL~e0^L8g3|MKs^_ zoR2(YChsW^b5GuroMnTBdbzLYQviS>k zE<511{Sc8IWuLwLR{(I?J0U(-rFJEu^9ExZcCQmvr_YN(Q%KRu(98^qMEJtEhkO^( zT%^vZ8=5!D`W5v%?UhwS+w+Tpxtrh5u8aB~ryw5FQL&a`c}G{G&PE(ckOgQ}uaYts zRN4UNQWW6G46t|Dfm6MyqV{(&3pE(esqKP^?d(eq{@PKIcd*xevF%Z$iYS482K}qG zo&riT;x4e+!#UuqJBEztD~dZa)PQEsPPPLz6w$JNV9LMv3)ASX@deK5IoJf5nhe9} zcb`pPI4SbC)IkFY25J4n1-&6A&uf=F4HRSqFBMmuQ{~2_-CeS^m8}cW!x%-cl!IOu z{*%klNKo#spMpx{jv#T@*`{%6-?3B*lwtXYh<21dpXeFPwlP6p(+?wp%*jK~^Gb`j zt|R=9Wgu5GWBq_@75@=|FiiEqoi{zx$F&gG!hkw`=m7qBMGHpt`V!fX8UQ2n@}Yh6 z9Y`~F=hAjWJU+Q0+>US5B(DI}IYj>~+tTzhsINC}cnNX7R9Sv3D&=D}iP#;2S$g5B z*9vb=I(6`EM;^MW4qo{?@Q)c1rW&8757ZQ34;V;Aff&`FNrMHyTCF+W#h6RW5jBwB zEP7{j&%rfJkUy$ej?hHGD-D1iFN1WnFB0~j%N5$)$2N6&vFn#Cb^elYIrmDuE2?$m zqDs^u92%SnP7D_IjQ=^~Y?2G6-VR(Q0J&?mztAvteWIK>%;6^Bh9~eHx?T)rvyNi`vK0Sb$7Df%?X|$mBn4j5B48fR3lw)r1 QPdGRsn5gj9z=*b*4UvCZRR910 diff --git a/abe/cpabe/tkn20/testdata/secretKey b/abe/cpabe/tkn20/testdata/secretKey index 75adb17ea041a6b26eaccf205d42f7338adc8858..cf328107e0da3e262fd0abeb8ed4949016694dc5 100644 GIT binary patch delta 1028 zcmV+f1pE8&2=E9d!~g>T0st-Etza8KMxq(BmEQ6Fex=KNF#<4dHnjo;5qweU>aUS8 zHIYCIAZuP#Qj-6QxC%mB#|*6k)E ze8W&@Lw=GqWw?=ZSfT5ildXff^q$Zm)D>=tO9JzHgUa=T{9>df9wpGx(pcKRZZMGU?6vSpBm z!6iJL%oQK>L~MPRNK4zqjtsiQ2v#zj&Tzq*o+%4O5g8SKnFfal4D%eni2nou1ONg6 zahp%K5L>`J({xuO|VnaT4%=0TA5MQw6b2xEbp#jPMQu_8xMU{vpb3# zQ_W0YpNH>%HlCePv$XP<^qibMfHb^cdiP8(cluT`P+ro0LxQBY2tpkQ|+7yu6 zluMN6>Rpw$&k3XG1tL_*oSSpaN=Gs7x+Wx+8|F#IhKf*c#AagR-DEQnBF2)wk8 z1ONd566t3WJYE)3?jBYz`FvouU|&$H7c*}@&cw5Ep&QoRD-+UzRy1bEB?C(L*4yzk z(~}vC1`@Jl^E)+P(w?jIE~jln4*f|!Ya`@?crzaKsoc+t=N(f(VJqW1b$CeUM=|tj yn#$=b9-989T5V}?uclGJHn?f_oZ2B=mcHk#<`4i3B-l)A6sSiSMW<3Od_4^ksOWhB delta 1028 zcmV+f1pE8&2=E9d!~g>T0svLJSFNG{;9oi;-+GNU3CR2m6TJ?6BCmY!_h#tIE@qK2 zHIYCIAQASlBb=&-79E%h4jq{_9DZx~t`JT_V-As}CPCKBSdlRwk)gh& zD^TJ7M;-Gi@+K&Y%RAv+4@7NA1ON2@KbtQKK{g4y4=i}W*5zbFcZ`1WDyR}fWNffp z60~v#Zv8L&2rDQ~Y z-#Si0kgNhq7~?vebU9jo0s-;vQzt<_tg^O=>|{SBnWyg+7e_l_p0A585Z?PK>Kdht z6-DZ9L_D8xaE;9h1ONg63kS9R zys;H0sd({gvOCOHv?oKvgC{L|=^^~vzz~j%M-yN!P}j4AvIx0|qeeZw4J}kR+K5ea z2qd91k=m%i5ZOISre~?X)$a&|<}8A4BA^^Ns})kua@GE-SDMU#ErWJ{jDHeJ1y$Y7 zlHpjQc_6YF+fNUFsZ0n>Xk(@)Qfz~<%-VT*>ajp|vy}Bxyl<~EtddP-tG*%8M&C)j zgiWi{`sKJl_W=S_EO`j$*JmCq&u8W=LOrD*WJ@(_MiZJpfr;9k3K5WW?kDgJKU$$> zUvJBjLq3-S?K%O*r*fDO#^-LFOGoT*q9mzCtMlHF!mV|GF{J5MopU&d^Xmiw1ONg6 zHPEnzL4H;#`cEa1tKwB-N4Lw~)mf9KD2(&Ug053J5@z%kUfr)nxWoeNvFdS0j@Uq; zWGe4A+fY9;UA8*`OKgMAdN(VIU6Fw2F!D`{MngrKICqWJKlwW0ApPJ25X1NNWJzt` z$#nZ1r#hm4MkmFgMZ@N8O%?XwEkt*URSII%wv z(+~QPnoI1A9;)lNP<(#%*Iyd>XB0%B9 z%$=Ll&|Fp1D;v!ROgs0i%M{XSVz0N>Hz`=>Zkw8a&7G6aQr#0Wz@)$gfYtYZu+)SA z1ONd52|!mCSL0B| y=9RlE#FY`g{W|KUWR;cRV;)$%om#@s0z(4;`$gnKc=}!DPu$xn&Zm= From 1d6cff1559e33127a732374465b83308df8a659e Mon Sep 17 00:00:00 2001 From: armfazh Date: Wed, 13 Mar 2024 14:28:40 -0700 Subject: [PATCH 2/4] Testing long plaintext. --- abe/cpabe/tkn20/longpt_test.go | 60 ++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 abe/cpabe/tkn20/longpt_test.go diff --git a/abe/cpabe/tkn20/longpt_test.go b/abe/cpabe/tkn20/longpt_test.go new file mode 100644 index 000000000..861e5facc --- /dev/null +++ b/abe/cpabe/tkn20/longpt_test.go @@ -0,0 +1,60 @@ +package tkn20_test + +import ( + "bytes" + "crypto/sha256" + "fmt" + "io" + "testing" + + cpabe "github.com/cloudflare/circl/abe/cpabe/tkn20" + "github.com/cloudflare/circl/internal/test" + "github.com/cloudflare/circl/xof" +) + +func TestLongPlaintext(t *testing.T) { + // Fixed PRNG for test reproducibility. + prng := xof.SHAKE128.New() + + pk, msk, err := cpabe.Setup(prng) + test.CheckNoErr(t, err, "setup failed") + + attrs := cpabe.Attributes{} + attrs.FromMap(map[string]string{ + "occupation": "doctor", + "country": "US", + "age": "16", + }) + + sk, err := msk.KeyGen(prng, attrs) + test.CheckNoErr(t, err, "master key generation failed") + + policy := cpabe.Policy{} + err = policy.FromString(`(occupation: doctor) and (country: US)`) + test.CheckNoErr(t, err, "policy parsing failed") + + const N = 20 // 2^N bytes of plaintext + buffer := make([]byte, 1< Date: Mon, 15 Apr 2024 15:33:19 -0700 Subject: [PATCH 3/4] Test functions working with ciphertext. --- abe/cpabe/tkn20/format_test.go | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/abe/cpabe/tkn20/format_test.go b/abe/cpabe/tkn20/format_test.go index 122bf5e06..f8c464d6b 100644 --- a/abe/cpabe/tkn20/format_test.go +++ b/abe/cpabe/tkn20/format_test.go @@ -46,15 +46,33 @@ func TestCiphertext(t *testing.T) { if err != nil { t.Fatalf("Unable to read ciphertext data") } - policyKey, err := os.ReadFile("testdata/attributeKey") + attributeKey, err := os.ReadFile("testdata/attributeKey") if err != nil { t.Fatalf("Unable to read secret key") } sk := AttributeKey{} - err = sk.UnmarshalBinary(policyKey) + err = sk.UnmarshalBinary(attributeKey) if err != nil { t.Fatalf("unable to parse secret key") } + attrs := Attributes{} + attrs.FromMap(map[string]string{"country": "NL", "EU": "true"}) + if !attrs.CouldDecrypt(ciphertext) { + t.Fatal("these attributes will be unable to decrypt message") + } + policy := Policy{} + err = policy.FromString("EU: true") + if err != nil { + t.Fatal("error creating policy from string") + } + gotPolicy := new(Policy) + err = gotPolicy.ExtractFromCiphertext(ciphertext) + if err != nil { + t.Fatal("error extracting policy from ciphertext") + } + if !policy.Equal(gotPolicy) { + t.Fatal("ciphertext's policy mismatches the original policy") + } msg, err := sk.Decrypt(ciphertext) if err != nil { t.Fatal("unable to decrypt message") From 696c01c888941e85a102b9d21c29c9e4b69d4369 Mon Sep 17 00:00:00 2001 From: armfazh Date: Wed, 13 Mar 2024 15:00:19 -0700 Subject: [PATCH 4/4] Serializing ciphertext with 32-bit prefixes. Notice about ciphertext change and testing format. Previously, tkn20 ciphertext was encoding the ciphertext header `C1`, the envelope `env` (containing inner ciphertext), and macData using 16-bit prefixes, which caused a limitation on the maximum size allowed for encrypting plaintexts. With this change, the encoding now uses 32-bit prefixes for these three elements allowing to encrypt plaintexts longer than 2^16 bytes. So, ciphertexts produced by tkn20 package are now 12 bytes longer. Ciphertexts in the previous format are still decryptable. The following functions are backwards-compatible: - AttributeKey.Decrypt - Attributes.CouldDecrypt - Policy.ExtractFromCiphertext --- abe/cpabe/tkn20/example_test.go | 2 +- abe/cpabe/tkn20/format_test.go | 17 ++++++++- abe/cpabe/tkn20/internal/tkn/bk.go | 46 ++++++++++++++++------- abe/cpabe/tkn20/internal/tkn/util.go | 27 ++++++++++++- abe/cpabe/tkn20/testdata/ciphertext | Bin 2376 -> 2388 bytes abe/cpabe/tkn20/testdata/ciphertext_v137 | Bin 0 -> 2376 bytes abe/cpabe/tkn20/tkn20.go | 9 +++++ 7 files changed, 83 insertions(+), 18 deletions(-) create mode 100644 abe/cpabe/tkn20/testdata/ciphertext_v137 diff --git a/abe/cpabe/tkn20/example_test.go b/abe/cpabe/tkn20/example_test.go index 6e2c378af..bd880333d 100644 --- a/abe/cpabe/tkn20/example_test.go +++ b/abe/cpabe/tkn20/example_test.go @@ -132,6 +132,6 @@ func Example() { // Output: // (occupation:doctor and country:US) // plaintext size: 27 bytes - // ciphertext size: 2735 bytes + // ciphertext size: 2747 bytes // Successfully recovered plaintext } diff --git a/abe/cpabe/tkn20/format_test.go b/abe/cpabe/tkn20/format_test.go index f8c464d6b..35b64e746 100644 --- a/abe/cpabe/tkn20/format_test.go +++ b/abe/cpabe/tkn20/format_test.go @@ -41,8 +41,23 @@ func TestAttributeKeyFormat(t *testing.T) { } } +func TestCiphertext_v137(t *testing.T) { + // As of v1.3.8 ciphertext format changed to use wider prefixes. + // Ciphertexts in the previous format are still decryptable. + // The following functions are backwards-compatible: + // - AttributeKey.Decrypt + // - Attributes.CouldDecrypt + // - Policy.ExtractFromCiphertext + testCiphertext(t, "testdata/ciphertext_v137") +} + func TestCiphertext(t *testing.T) { - ciphertext, err := os.ReadFile("testdata/ciphertext") + testCiphertext(t, "testdata/ciphertext") +} + +func testCiphertext(t *testing.T, ctName string) { + t.Logf("Checking ciphertext: %v\n", ctName) + ciphertext, err := os.ReadFile(ctName) if err != nil { t.Fatalf("Unable to read ciphertext data") } diff --git a/abe/cpabe/tkn20/internal/tkn/bk.go b/abe/cpabe/tkn20/internal/tkn/bk.go index 1d3fc3657..c96e86d29 100644 --- a/abe/cpabe/tkn20/internal/tkn/bk.go +++ b/abe/cpabe/tkn20/internal/tkn/bk.go @@ -1,6 +1,7 @@ package tkn import ( + "bytes" "crypto/subtle" "fmt" "io" @@ -20,6 +21,9 @@ import ( // for our output size of 256 bits. const macKeySeedSize = 72 +// As of v1.3.8, ciphertexts are prefixed with this string. +const CiphertextVersion = "v1.3.8" + func blakeEncrypt(key []byte, msg []byte) ([]byte, error) { xof, err := blake2b.NewXOF(blake2b.OutputLengthUnknown, key) if err != nil { @@ -117,27 +121,39 @@ func EncryptCCA(rand io.Reader, public *PublicParams, policy *Policy, msg []byte if err != nil { return nil, err } - macData := appendLenPrefixed(nil, C1) - macData = appendLenPrefixed(macData, env) + macData := appendLen32Prefixed(nil, C1) + macData = appendLen32Prefixed(macData, env) tag, err := blakeMac(macKey, macData) if err != nil { return nil, err } - ret := appendLenPrefixed(nil, id) - ret = appendLenPrefixed(ret, macData) + ret := append([]byte{}, []byte(CiphertextVersion)...) + ret = appendLenPrefixed(ret, id) + ret = appendLen32Prefixed(ret, macData) ret = appendLenPrefixed(ret, tag) return ret, nil } +type rmLenPref = func([]byte) ([]byte, []byte, error) + +func checkCiphertextFormat(ciphertext []byte) (ct []byte, fn rmLenPref) { + const N = len(CiphertextVersion) + if bytes.Equal(ciphertext[0:N], []byte(CiphertextVersion)) { + return ciphertext[N:], removeLen32Prefixed + } + return ciphertext, removeLenPrefixed +} + func DecryptCCA(ciphertext []byte, key *AttributesKey) ([]byte, error) { - id, rest, err := removeLenPrefixed(ciphertext) + rest, removeLenPrefixedVar := checkCiphertextFormat(ciphertext) + id, rest, err := removeLenPrefixed(rest) if err != nil { return nil, err } - macData, rest, err := removeLenPrefixed(rest) + macData, rest, err := removeLenPrefixedVar(rest) if err != nil { return nil, err } @@ -145,11 +161,11 @@ func DecryptCCA(ciphertext []byte, key *AttributesKey) ([]byte, error) { if err != nil { return nil, err } - C1, envRaw, err := removeLenPrefixed(macData) + C1, envRaw, err := removeLenPrefixedVar(macData) if err != nil { return nil, err } - env, _, err := removeLenPrefixed(envRaw) + env, _, err := removeLenPrefixedVar(envRaw) if err != nil { return nil, err } @@ -208,15 +224,16 @@ func DecryptCCA(ciphertext []byte, key *AttributesKey) ([]byte, error) { } func CouldDecrypt(ciphertext []byte, a *Attributes) bool { - id, rest, err := removeLenPrefixed(ciphertext) + rest, removeLenPrefixedVar := checkCiphertextFormat(ciphertext) + id, rest, err := removeLenPrefixed(rest) if err != nil { return false } - macData, _, err := removeLenPrefixed(rest) + macData, _, err := removeLenPrefixedVar(rest) if err != nil { return false } - C1, _, err := removeLenPrefixed(macData) + C1, _, err := removeLenPrefixedVar(macData) if err != nil { return false } @@ -237,15 +254,16 @@ func CouldDecrypt(ciphertext []byte, a *Attributes) bool { } func (p *Policy) ExtractFromCiphertext(ct []byte) error { - _, rest, err := removeLenPrefixed(ct) + rest, removeLenPrefixedVar := checkCiphertextFormat(ct) + _, rest, err := removeLenPrefixed(rest) if err != nil { return fmt.Errorf("invalid ciphertext") } - macData, _, err := removeLenPrefixed(rest) + macData, _, err := removeLenPrefixedVar(rest) if err != nil { return fmt.Errorf("invalid ciphertext") } - C1, _, err := removeLenPrefixed(macData) + C1, _, err := removeLenPrefixedVar(macData) if err != nil { return fmt.Errorf("invalid ciphertext") } diff --git a/abe/cpabe/tkn20/internal/tkn/util.go b/abe/cpabe/tkn20/internal/tkn/util.go index 9afbe88a7..0c0f94f1c 100644 --- a/abe/cpabe/tkn20/internal/tkn/util.go +++ b/abe/cpabe/tkn20/internal/tkn/util.go @@ -42,14 +42,14 @@ func HashStringToScalar(key []byte, value string) *pairing.Scalar { return s } -func appendLenPrefixed(a []byte, b []byte) []byte { +func appendLen16Prefixed(a []byte, b []byte) []byte { a = append(a, 0, 0) binary.LittleEndian.PutUint16(a[len(a)-2:], uint16(len(b))) a = append(a, b...) return a } -func removeLenPrefixed(data []byte) (next []byte, remainder []byte, err error) { +func removeLen16Prefixed(data []byte) (next []byte, remainder []byte, err error) { if len(data) < 2 { return nil, nil, fmt.Errorf("data too short") } @@ -60,6 +60,29 @@ func removeLenPrefixed(data []byte) (next []byte, remainder []byte, err error) { return data[2 : 2+itemLen], data[2+itemLen:], nil } +var ( + appendLenPrefixed = appendLen16Prefixed + removeLenPrefixed = removeLen16Prefixed +) + +func appendLen32Prefixed(a []byte, b []byte) []byte { + a = append(a, 0, 0, 0, 0) + binary.LittleEndian.PutUint32(a[len(a)-4:], uint32(len(b))) + a = append(a, b...) + return a +} + +func removeLen32Prefixed(data []byte) (next []byte, remainder []byte, err error) { + if len(data) < 4 { + return nil, nil, fmt.Errorf("data too short") + } + itemLen := int(binary.LittleEndian.Uint32(data)) + if (4 + itemLen) > len(data) { + return nil, nil, fmt.Errorf("data too short") + } + return data[4 : 4+itemLen], data[4+itemLen:], nil +} + func marshalBinarySortedMapMatrixG1(m map[string]*matrixG1) ([]byte, error) { sortedKeys := make([]string, 0, len(m)) for key := range m { diff --git a/abe/cpabe/tkn20/testdata/ciphertext b/abe/cpabe/tkn20/testdata/ciphertext index d96e2cb75943a60155431f099eeb8bb62450097b..19648be90b389f034fb7278520ea595a1221da87 100644 GIT binary patch delta 65 zcmV-H0KWgo64Vj~b}=q9E;x`P2nGoN0G9{=0I?>S2mt_-z6fd{N9_UP8EYF4^zTt? XX*$6d3sb?n8ZV7#-L?z0NlbrMZuk|g delta 53 zcmV-50LuT=637yf1|kFk36}`5FqsIG%Lr*8v18l>z>1#Y0J>T7f?LRm?uQy;7qKa; L)RND9a<<0CaM7Wgq}P>DoIQ`yUHMz!^r&Gs0vD+3?cM171^6Id@7B6OncS1Oo&B z0RR?=JqnOtRB4v*<)8zgjI!7#{w)9`|?klL);Rs(kk75xSkCF=U zAy}po7_HFBES4izJ$adsO`>mHFN_vjpNouZha!moC-c?lr_~I!p3>!`T>J->dVzUM zg@5!&nmC;_@FQ~CVK}+qG>B-19h+gu`12cQ|7Eq9XQXM~wjPWZPRbecR2^QPZbsvw za)#T~w%k-+<>~xJ|BA>ZmTn!Qyz+up0Qc*MFPi6|)t>|<>6sbGCNp0SsKtC3IBD`( zp~Rka&7p|AFLp`cU7MROBZv9Byfh8Zg+uYg#mv^|QUDKQ*0t)>caO{JaITeIX@BGK zkF^CXB+yRpZEigxR2{8iFe!SzuR2I~`)@5N1!xGjaI8r%b$5i~IRsZQ75Et0x%+5M z=XqR9p}eV20z@rd4TtN;7l_Ba!n;wp>tO^y&FJ^Eb>L5aDW5-Qk58Lb@H@<(|N!Za=07@344R&nJ^J4;a$ zp*aP1r`$ldM0(D_+kQmqu3av@LwC=Laj+SqoocCnPZe9f z@)s^5hTfW8;)NCnnRT84t)KPFs<$mdrTtRZ=L{x2IN~^D zS$&~cbMqDd3`^+=$in9m;e*am_2MHEYlWEWzRfI0V!c$FwkfmEAfMb%s-e`@zrjka ztO=r0!u1g< zn0j9CS~$S{=4<{syZ{IEqSQHh!$2_^6Ow+|#i}no5B9yT=tGijC2da?_{xc$(*S32VY<%NHQ0UzcF!ahffZi7f^T@E|Kq zd5)ZsOn{R9*YQhYihA&Q+A3?-+ zasbX3xO`INX{iCs#|{>#Y*u7sAuXW$<`YR>O~nH48guoesx%h_9P>1jW?hy4$>8Xx|wQ-=o9bR=w|+ z%wHH0`9(>xgt`{soY&G3uMB+Q|vz z=3+7d52mn=V%{qKCT`j*e{JP*qCd zmc=TJA%r6GLBZi9?sk?FkNX)I8LOQK<|%nmUlPeEr3=NnpcbN;f@7pimE1_*xTKF3 z#uac-{;5cN{1Aw>F#iuT)DwG}hfQxSxaN1sBfOll^VnJXBXZ{YS0PORlRmYmdqS}s zQ0T6cAld6f=4KB=vD&2<6vNbA>1kY}))m9*Y`Ag?VWXz}U(_*1W$eSV=>R)ERn zk#W&sKP3eVH~xsf-Wdmyo*p#{@Pg@LfEZuWl?P%qdhX8<8{BHOx zwZ#bAt_;gDfJN=z-Qy7>+cQB~EbZn6bW|5}mLK?<5kprjQi4PLtr@;lm7nzUn^+d+ zgf@FP9WTEeS^j~UlSUWAMS*-%zWwm-bkUjZ+p4n$kWIWA_24Bj3n_{X9$*WDgV8R$ z`RM9f9iheLg&N)RS6b5RL~XZi#I0Y|nOyv~uPxAqyr>*u^MMc2ovakRMD@-xbM){r z5w2B=vMhp4IC6XDo|uXpQExe4m#DSf8=^ceRo`i0=z}-NWp)ApBmn~e0RR&-=X``! zKjJlhtp}AXUw%W?6+6w`ETMcEutD=Mn zPv_G<^}ndEB_cD+N)A((Do5_xUJ}QfZBYBk653W)h5GEDB)b`Pv?{rh^Q!z)W58p! z+zIbVOuYI9+No57U$Q_^(jN?7(QC5Yjj(n3E-{&-Gnh8>wPAFOzs}|f$g}1V^ zxGxtv-@y{NtZGUJ&Ath^5+B+l@OsOF0q;obpyJ}5|9z(v)*(q(lOvZon--vpUbl#5 z${n4h6<&U^#t&uk5IZF+r=x$wEl@Riiz+^frWxUYAwS!%bmVbK(x9j`=$GE5LzPdh z{7bN*T-qQJ4kidVMX6$6YJzK?1`_QAtY!;?roDZe<(@tq3*0)Mi+yL{TnmN zP5mLsHqYx%4!*{VFl*hB1o1~^Gw|c#TUJb`OxOv?bTX_W62ttCiz@M9ytN`qtU3^8 uRrQy@pqTgZv-hZ$6lFxi{w%c{&8hLa8 literal 0 HcmV?d00001 diff --git a/abe/cpabe/tkn20/tkn20.go b/abe/cpabe/tkn20/tkn20.go index 56d4e2014..e03dc0e56 100644 --- a/abe/cpabe/tkn20/tkn20.go +++ b/abe/cpabe/tkn20/tkn20.go @@ -8,6 +8,15 @@ // attribute-based encryption. In A. Kiayias, M. Kohlweiss, P. Wallden, and // V. Zikas, editors, PKC, volume 12110 of Lecture Notes in Computer Science, // pages 3–33. Springer, 2020. https://eprint.iacr.org/2019/966 +// +// # Update v1.3.8 +// +// As of v1.3.8, ciphertext format changed to use wider prefixes. +// Ciphertexts in the previous format are still decryptable. +// The following functions are backwards-compatible: +// - [AttributeKey.Decrypt] +// - [Attributes.CouldDecrypt] +// - [Policy.ExtractFromCiphertext] package tkn20 import (