a portable and fast pairing-based cryptography library
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
mcl/docs/demo/she.js

595 lines
17 KiB

(function(return_she) {
if (typeof exports === 'object') {
module.exports = return_she()
} else {
window.she = return_she()
}
})(function() {
const crypto = window.crypto || window.msCrypto
const MCLBN_CURVE_FP254BNB = 0
const MCLBN_CURVE_FP382_1 = 1
const MCLBN_CURVE_FP382_2 = 2
const MCLBN_FP_UNIT_SIZE = 4
const MCLBN_FP_SIZE = MCLBN_FP_UNIT_SIZE * 8
const MCLBN_G1_SIZE = MCLBN_FP_SIZE * 3
const MCLBN_G2_SIZE = MCLBN_FP_SIZE * 6
const MCLBN_GT_SIZE = MCLBN_FP_SIZE * 12
const SHE_SECRETKEY_SIZE = MCLBN_FP_SIZE * 2
const SHE_PUBLICKEY_SIZE = MCLBN_G1_SIZE + MCLBN_G2_SIZE
const SHE_CIPHERTEXT_G1_SIZE = MCLBN_G1_SIZE * 2
const SHE_CIPHERTEXT_G2_SIZE = MCLBN_G2_SIZE * 2
const SHE_CIPHERTEXT_GT_SIZE = MCLBN_GT_SIZE * 4
let mod = {}
let capi = {}
let self = {}
self.mod = mod
self.capi = capi
7 years ago
const setupWasm = function(fileName, nameSpace, setupFct) {
console.log('setupWasm ' + fileName)
fetch(fileName)
.then(response => response.arrayBuffer())
.then(buffer => new Uint8Array(buffer))
.then(binary => {
mod['wasmBinary'] = binary
mod['onRuntimeInitialized'] = function() {
setupFct(mod, nameSpace)
console.log('setupWasm end')
}
Module(mod)
})
return mod
7 years ago
}
const ptrToStr = function(pos, n) {
let s = ''
for (let i = 0; i < n; i++) {
s += String.fromCharCode(mod.HEAP8[pos + i])
}
return s
}
const Uint8ArrayToMem = function(pos, buf) {
for (let i = 0; i < buf.length; i++) {
mod.HEAP8[pos + i] = buf[i]
}
}
const AsciiStrToMem = function(pos, s) {
for (let i = 0; i < s.length; i++) {
mod.HEAP8[pos + i] = s.charCodeAt(i)
}
}
const copyToUint32Array = function(a, pos) {
for (let i = 0; i < a.length; i++) {
a[i] = mod.HEAP32[pos / 4 + i]
}
}
const copyFromUint32Array = function(pos, a) {
for (let i = 0; i < a.length; i++) {
mod.HEAP32[pos / 4 + i] = a[i]
}
}
self.toHex = function(a, start, n) {
let s = ''
for (let i = 0; i < n; i++) {
s += ('0' + a[start + i].toString(16)).slice(-2)
}
return s
}
// Uint8Array to hex string
self.toHexStr = function(a) {
return self.toHex(a, 0, a.length)
}
// hex string to Uint8Array
self.fromHexStr = function(s) {
let n = (s.length + 1) / 2
let a = new Uint8Array(n)
for (let i = 0; i < s.length / 2; i++) {
a[i] = parseInt(s.slice(i * 2, i * 2 + 2), 16)
}
if ((s.length & 1) != 0) {
a[n - 1] = parseInt(s[s.length - 1] + '0', 16)
}
return a
}
const wrap_outputString = function(func, doesReturnString = true) {
return function(x, ioMode = 0) {
let maxBufSize = 2048
let stack = mod.Runtime.stackSave()
let pos = mod.Runtime.stackAlloc(maxBufSize)
let n = func(pos, maxBufSize, x, ioMode)
if (n < 0) {
throw('err gen_str:' + x)
}
if (doesReturnString) {
let s = ptrToStr(pos, n)
mod.Runtime.stackRestore(stack)
return s
} else {
let a = new Uint8Array(n)
for (let i = 0; i < n; i++) {
a[i] = mod.HEAP8[pos + i]
}
mod.Runtime.stackRestore(stack)
return a
}
}
}
const wrap_outputArray = function(func) {
return wrap_outputString(func, false)
}
/*
argNum : n
func(x0, ..., x_(n-1), buf, ioMode)
=> func(x0, ..., x_(n-1), pos, buf.length, ioMode)
*/
const wrap_input = function(func, argNum, returnValue = false) {
return function() {
const args = [...arguments]
let buf = args[argNum]
let ioMode = args[argNum + 1] // may undefined
let stack = mod.Runtime.stackSave()
let pos = mod.Runtime.stackAlloc(buf.length)
if (typeof(buf) == "string") {
AsciiStrToMem(pos, buf)
} else {
Uint8ArrayToMem(pos, buf)
}
let r = func(...args.slice(0, argNum), pos, buf.length, ioMode)
mod.Runtime.stackRestore(stack)
if (returnValue) return r
if (r) throw('err wrap_input0 ' + buf)
}
}
const wrap_input0 = function(func, returnValue = false) {
return function(buf, ioMode = 0) {
let stack = mod.Runtime.stackSave()
let pos = mod.Runtime.stackAlloc(buf.length)
if (typeof(buf) == "string") {
AsciiStrToMem(pos, buf)
} else {
Uint8ArrayToMem(pos, buf)
}
let r = func(pos, buf.length, ioMode)
mod.Runtime.stackRestore(stack)
if (returnValue) return r
if (r) throw('err wrap_input0 ' + buf)
}
}
const wrap_input1 = function(func, returnValue = false) {
return function(x1, buf, ioMode = 0) {
let stack = mod.Runtime.stackSave()
let pos = mod.Runtime.stackAlloc(buf.length)
if (typeof(buf) == "string") {
AsciiStrToMem(pos, buf)
} else {
Uint8ArrayToMem(pos, buf)
}
let r = func(x1, pos, buf.length, ioMode)
mod.Runtime.stackRestore(stack)
if (returnValue) return r
if (r) throw('err wrap_input1 ' + buf)
}
}
const wrap_input2 = function(func, returnValue = false) {
return function(x1, x2, buf, ioMode = 0) {
let stack = mod.Runtime.stackSave()
let pos = mod.Runtime.stackAlloc(buf.length)
if (typeof(buf) == "string") {
AsciiStrToMem(pos, buf)
} else {
Uint8ArrayToMem(pos, buf)
}
let r = func(x1, x2, pos, buf.length, ioMode)
mod.Runtime.stackRestore(stack)
if (returnValue) return r
if (r) throw('err wrap_input2 ' + buf)
}
}
const callSetter = function(func, a, p1, p2) {
let pos = mod._malloc(a.length * 4)
func(pos, p1, p2) // p1, p2 may be undefined
copyToUint32Array(a, pos)
mod._free(pos)
}
const callGetter = function(func, a, p1, p2) {
let pos = mod._malloc(a.length * 4)
mod.HEAP32.set(a, pos / 4)
let s = func(pos, p1, p2)
mod._free(pos)
return s
}
const callModifier = function(func, a, p1, p2) {
let pos = mod._malloc(a.length * 4)
mod.HEAP32.set(a, pos / 4)
func(pos, p1, p2) // p1, p2 may be undefined
copyToUint32Array(a, pos)
mod._free(pos)
}
const wrap_dec = function(func) {
return function(sec, c) {
let stack = mod.Runtime.stackSave()
let pos = mod.Runtime.stackAlloc(8)
let r = func(pos, sec, c)
mod.Runtime.stackRestore(stack)
if (r != 0) throw('sheDec')
let v = mod.HEAP32[pos / 4]
return v
}
}
const callEnc = function(func, cstr, pub, m) {
let c = new cstr()
let stack = mod.Runtime.stackSave()
let cPos = mod.Runtime.stackAlloc(c.a_.length * 4)
let pubPos = mod.Runtime.stackAlloc(pub.length * 4)
copyFromUint32Array(pubPos, pub);
func(cPos, pubPos, m)
copyToUint32Array(c.a_, cPos)
mod.Runtime.stackRestore(stack)
return c
}
// return func(x, y)
const callAddSub = function(func, cstr, x, y) {
let z = new cstr()
let stack = mod.Runtime.stackSave()
let xPos = mod.Runtime.stackAlloc(x.length * 4)
let yPos = mod.Runtime.stackAlloc(y.length * 4)
let zPos = mod.Runtime.stackAlloc(z.a_.length * 4)
copyFromUint32Array(xPos, x);
copyFromUint32Array(yPos, y);
func(zPos, xPos, yPos)
copyToUint32Array(z.a_, zPos)
mod.Runtime.stackRestore(stack)
return z
}
// return func(x, y)
const callMulInt = function(func, cstr, x, y) {
let z = new cstr()
let stack = mod.Runtime.stackSave()
let xPos = mod.Runtime.stackAlloc(x.length * 4)
let zPos = mod.Runtime.stackAlloc(z.a_.length * 4)
copyFromUint32Array(xPos, x);
func(zPos, xPos, y)
copyToUint32Array(z.a_, zPos)
mod.Runtime.stackRestore(stack)
return z
}
// return func(c)
const callDec = function(func, sec, c) {
let stack = mod.Runtime.stackSave()
let secPos = mod.Runtime.stackAlloc(sec.length * 4)
let cPos = mod.Runtime.stackAlloc(c.length * 4)
copyFromUint32Array(secPos, sec);
copyFromUint32Array(cPos, c);
let r = func(secPos, cPos)
mod.Runtime.stackRestore(stack)
return r
}
// reRand(c)
const callReRand = function(func, c, pub) {
let stack = mod.Runtime.stackSave()
let cPos = mod.Runtime.stackAlloc(c.length * 4)
let pubPos = mod.Runtime.stackAlloc(pub.length * 4)
copyFromUint32Array(cPos, c);
copyFromUint32Array(pubPos, pub);
let r = func(cPos, pubPos)
copyToUint32Array(c, cPos)
mod.Runtime.stackRestore(stack)
if (r) throw('callReRand err')
}
// convertFrom
const callConvertFrom = function(func, pub, c) {
let ct = new self.CipherTextGT()
let stack = mod.Runtime.stackSave()
let ctPos = mod.Runtime.stackAlloc(ct.a_.length * 4)
let pubPos = mod.Runtime.stackAlloc(pub.length * 4)
let cPos = mod.Runtime.stackAlloc(c.length * 4)
copyFromUint32Array(pubPos, pub);
copyFromUint32Array(cPos, c);
let r = func(ctPos, pubPos, cPos)
copyToUint32Array(ct.a_, ctPos)
mod.Runtime.stackRestore(stack)
if (r) throw('callConvertFrom err')
return ct
}
const define_extra_functions = function(mod) {
capi.she_free = function(p) {
mod._free(p)
}
capi.sheSecretKey_malloc = function() {
return mod._malloc(SHE_SECRETKEY_SIZE)
}
capi.shePublicKey_malloc = function() {
return mod._malloc(SHE_PUBLICKEY_SIZE)
}
capi.sheCipherTextG2_malloc = function() {
return mod._malloc(SHE_CIPHERTEXT_G2_SIZE)
}
capi.sheCipherTextGT_malloc = function() {
return mod._malloc(SHE_CIPHERTEXT_GT_SIZE)
}
capi.sheCipherTextG1_malloc = function() {
return mod._malloc(SHE_CIPHERTEXT_G1_SIZE)
}
capi.sheSecretKeySerialize = wrap_outputArray(capi._sheSecretKeySerialize)
capi.sheSecretKeyDeserialize = wrap_input(capi._sheSecretKeyDeserialize, 1)
capi.shePublicKeySerialize = wrap_outputArray(capi._shePublicKeySerialize)
capi.shePublicKeyDeserialize = wrap_input(capi._shePublicKeyDeserialize, 1)
capi.sheCipherTextG1Serialize = wrap_outputArray(capi._sheCipherTextG1Serialize)
capi.sheCipherTextG1Deserialize = wrap_input(capi._sheCipherTextG1Deserialize, 1)
capi.sheDecG1 = wrap_dec(capi._sheDecG1)
capi.sheCipherTextG2Serialize = wrap_outputArray(capi._sheCipherTextG2Serialize)
capi.sheCipherTextG2Deserialize = wrap_input(capi._sheCipherTextG2Deserialize, 1)
capi.sheDecG2 = wrap_dec(capi._sheDecG2)
capi.sheCipherTextGTSerialize = wrap_outputArray(capi._sheCipherTextGTSerialize)
capi.sheCipherTextGTDeserialize = wrap_input(capi._sheCipherTextGTDeserialize, 1)
capi.sheDecGT = wrap_dec(capi._sheDecGT)
capi.sheInit = function(curveType = MCLBN_CURVE_FP254BNB) {
let r = capi._sheInit(curveType, MCLBN_FP_UNIT_SIZE)
console.log('sheInit ' + r)
if (r) throw('sheInit')
}
class Common {
constructor(size) {
this.a_ = new Uint32Array(size / 4)
}
fromHexStr(s) {
this.deserialize(self.fromHexStr(s))
}
toHexStr() {
return self.toHexStr(this.serialize())
}
dump(msg = '') {
console.log(msg + this.toHexStr())
}
}
self.SecretKey = class extends Common {
constructor() {
super(SHE_SECRETKEY_SIZE)
}
serialize() {
return callGetter(capi.sheSecretKeySerialize, this.a_)
}
deserialize(s) {
callSetter(capi.sheSecretKeyDeserialize, this.a_, s)
}
setByCSPRNG() {
let stack = mod.Runtime.stackSave()
let secPos = mod.Runtime.stackAlloc(this.a_.length * 4)
capi.sheSecretKeySetByCSPRNG(secPos)
copyToUint32Array(this.a_, secPos)
mod.Runtime.stackRestore(stack)
}
getPublicKey() {
let pub = new self.PublicKey()
let stack = mod.Runtime.stackSave()
let secPos = mod.Runtime.stackAlloc(this.a_.length * 4)
let pubPos = mod.Runtime.stackAlloc(pub.a_.length * 4)
copyFromUint32Array(secPos, this.a_)
capi.sheGetPublicKey(pubPos, secPos)
copyToUint32Array(pub.a_, pubPos)
mod.Runtime.stackRestore(stack)
return pub
}
dec(c) {
let dec = null
if (self.CipherTextG1.prototype.isPrototypeOf(c)) {
dec = capi.sheDecG1
} else if (self.CipherTextG2.prototype.isPrototypeOf(c)) {
dec = capi.sheDecG2
} else if (self.CipherTextGT.prototype.isPrototypeOf(c)) {
dec = capi.sheDecGT
} else {
throw('self.SecretKey.dec:not supported')
}
return callDec(dec, this.a_, c.a_)
}
}
self.getSecretKeyFromHexStr = function(s) {
r = new self.SecretKey()
r.fromHexStr(s)
return r
}
self.PublicKey = class extends Common {
constructor() {
super(SHE_PUBLICKEY_SIZE)
}
serialize() {
return callGetter(capi.shePublicKeySerialize, this.a_)
}
deserialize(s) {
callSetter(capi.shePublicKeyDeserialize, this.a_, s)
}
encG1(m) {
return callEnc(capi.sheEnc32G1, self.CipherTextG1, this.a_, m)
}
encG2(m) {
return callEnc(capi.sheEnc32G2, self.CipherTextG2, this.a_, m)
}
encGT(m) {
return callEnc(capi.sheEnc32GT, self.CipherTextGT, this.a_, m)
}
reRand(c) {
let reRand = null
if (self.CipherTextG1.prototype.isPrototypeOf(c)) {
reRand = capi.sheReRandG1
} else if (self.CipherTextG2.prototype.isPrototypeOf(c)) {
reRand = capi.sheReRandG2
} else if (self.CipherTextGT.prototype.isPrototypeOf(c)) {
reRand = capi.sheReRandGT
} else {
throw('self.PublicKey.reRand:not supported')
}
return callReRand(reRand, c.a_, this.a_)
}
convertToCipherTextGT(c) {
let convertFrom = null
if (self.CipherTextG1.prototype.isPrototypeOf(c)) {
convertFrom = capi.sheConvertFromG1
} else if (self.CipherTextG2.prototype.isPrototypeOf(c)) {
convertFrom = capi.sheConvertFromG2
} else {
throw('self.PublicKey.convertToCipherTextGT:not supported')
}
return callConvertFrom(convertFrom, this.a_, c.a_)
}
}
self.getPublicKeyFromHexStr = function(s) {
r = new self.PublicKey()
r.fromHexStr(s)
return r
}
self.CipherTextG1 = class extends Common {
constructor() {
super(SHE_CIPHERTEXT_G1_SIZE)
}
serialize() {
return callGetter(capi.sheCipherTextG1Serialize, this.a_)
}
deserialize(s) {
callSetter(capi.sheCipherTextG1Deserialize, this.a_, s)
}
}
self.getCipherTextG1FromHexStr = function(s) {
r = new self.CipherTextG1()
r.fromHexStr(s)
return r
}
self.CipherTextG2 = class extends Common {
constructor() {
super(SHE_CIPHERTEXT_G2_SIZE)
}
serialize() {
return callGetter(capi.sheCipherTextG2Serialize, this.a_)
}
deserialize(s) {
callSetter(capi.sheCipherTextG2Deserialize, this.a_, s)
}
}
self.getCipherTextG2FromHexStr = function(s) {
r = new self.CipherTextG2()
r.fromHexStr(s)
return r
}
self.CipherTextGT = class extends Common {
constructor() {
super(SHE_CIPHERTEXT_GT_SIZE)
}
serialize() {
return callGetter(capi.sheCipherTextGTSerialize, this.a_)
}
deserialize(s) {
callSetter(capi.sheCipherTextGTDeserialize, this.a_, s)
}
}
self.getCipherTextGTFromHexStr = function(s) {
r = new self.CipherTextGT()
r.fromHexStr(s)
return r
}
// return x + y
self.add = function(x, y) {
if (x.a_.length != y.a_.length) throw('self.add:bad type')
let add = null
let cstr = null
if (self.CipherTextG1.prototype.isPrototypeOf(x)) {
add = capi.sheAddG1
cstr = self.CipherTextG1
} else if (self.CipherTextG2.prototype.isPrototypeOf(x)) {
add = capi.sheAddG2
cstr = self.CipherTextG2
} else if (self.CipherTextGT.prototype.isPrototypeOf(x)) {
add = capi.sheAddGT
cstr = self.CipherTextGT
} else {
throw('self.add:not supported')
}
return callAddSub(add, cstr, x.a_, y.a_)
}
// return x - y
self.sub = function(x, y) {
if (x.a_.length != y.a_.length) throw('self.sub:bad type')
let sub = null
let cstr = null
if (self.CipherTextG1.prototype.isPrototypeOf(x)) {
sub = capi.sheSubG1
cstr = self.CipherTextG1
} else if (self.CipherTextG2.prototype.isPrototypeOf(x)) {
sub = capi.sheSubG2
cstr = self.CipherTextG2
} else if (self.CipherTextGT.prototype.isPrototypeOf(x)) {
sub = capi.sheSubGT
cstr = self.CipherTextGT
} else {
throw('self.sub:not supported')
}
return callAddSub(sub, cstr, x.a_, y.a_)
}
// return x * (int)y
self.mulInt = function(x, y) {
let mulInt = null
let cstr = null
if (self.CipherTextG1.prototype.isPrototypeOf(x)) {
mulInt = capi.sheMul32G1
cstr = self.CipherTextG1
} else if (self.CipherTextG2.prototype.isPrototypeOf(x)) {
mulInt = capi.sheMul32G2
cstr = self.CipherTextG2
} else if (self.CipherTextGT.prototype.isPrototypeOf(x)) {
mulInt = capi.sheMul32GT
cstr = self.CipherTextGT
} else {
throw('self.mulInt:not supported')
}
return callMulInt(mulInt, cstr, x.a_, y)
}
// return (G1)x * (G2)y
self.mul = function(x, y) {
if (!self.CipherTextG1.prototype.isPrototypeOf(x)
|| !self.CipherTextG2.prototype.isPrototypeOf(y)) throw('self.mul:bad type')
let z = new self.CipherTextGT()
let stack = mod.Runtime.stackSave()
let xPos = mod.Runtime.stackAlloc(x.a_.length * 4)
let yPos = mod.Runtime.stackAlloc(y.a_.length * 4)
let zPos = mod.Runtime.stackAlloc(z.a_.length * 4)
copyFromUint32Array(xPos, x.a_)
copyFromUint32Array(yPos, y.a_)
capi.sheMul(zPos, xPos, yPos)
copyToUint32Array(z.a_, zPos)
mod.Runtime.stackRestore(stack)
return z
}
}
self.init = function(range = 1024, tryNum = 1024, callback = null) {
setupWasm('mclshe.wasm', null, function(_mod, ns) {
mod = _mod
fetch('exported-she.json')
.then(response => response.json())
.then(json => {
mod.json = json
json.forEach(func => {
capi[func.exportName] = mod.cwrap(func.name, func.returns, func.args)
})
define_extra_functions(mod)
capi.sheInit()
console.log('initializing sheSetRangeForDLP')
let r = capi.sheSetRangeForDLP(range, tryNum)
console.log('finished ' + r)
if (callback) callback()
})
})
}
return self
})