Make golden files for cpabe.

cloudflare · Jan 23, 2023 · 2221242 · 2221242
1 parent 2038bd7
commit 2221242
Show file tree

Hide file tree

Showing 10 changed files with 134 additions and 76 deletions.
diff --git a/abe/cpabe/tkn20/gen_testdata.go b/abe/cpabe/tkn20/gen_testdata.go
@@ -0,0 +1,72 @@
+//go:build ignore
+// +build ignore
+
+// Generates golden files for tests.
+package main
+
+import (
+	"encoding"
+	mrand "math/rand"
+	"os"
+	"path/filepath"
+
+	cpabe "github.com/cloudflare/circl/abe/cpabe/tkn20"
+)
+
+func writeToFile(name string, data []byte) {
+	err := os.WriteFile("testdata/"+name, data, 0o644)
+	if err != nil {
+		panic(err)
+	}
+}
+
+func dumpToFile(name string, m encoding.BinaryMarshaler) {
+	data, err := m.MarshalBinary()
+	if err != nil {
+		panic(err)
+	}
+	writeToFile(name, data)
+}
+
+func main() {
+	// Using fixed PRNG for reproducibility,
+	fixedSeed := int64(0xC1C1C1C1)
+	prng := mrand.New(mrand.NewSource(fixedSeed))
+	if prng == nil {
+		panic("failed to create PRNG")
+	}
+
+	err := os.MkdirAll(filepath.Join(".", "testdata"), 0o755)
+	if err != nil {
+		panic(err)
+	}
+
+	publicParams, secretParams, err := cpabe.Setup(prng)
+	if err != nil {
+		panic(err)
+	}
+
+	dumpToFile("publicKey", &publicParams)
+	dumpToFile("secretKey", &secretParams)
+
+	attrs := cpabe.Attributes{}
+	attrs.FromMap(map[string]string{"country": "NL", "EU": "true"})
+
+	policy := cpabe.Policy{}
+	err = policy.FromString("EU: true")
+	if err != nil {
+		panic(err)
+	}
+	msg := []byte("Be sure to drink your ovaltine!")
+	ciphertext, err := publicParams.Encrypt(prng, policy, msg)
+	if err != nil {
+		panic(err)
+	}
+	writeToFile("ciphertext", ciphertext)
+
+	key, err := secretParams.KeyGen(prng, attrs)
+	if err != nil {
+		panic(err)
+	}
+	dumpToFile("attributeKey", &key)
+}
diff --git a/abe/cpabe/tkn20/internal/tkn/policy.go b/abe/cpabe/tkn20/internal/tkn/policy.go
@@ -76,14 +76,13 @@ type Attributes map[string]Attribute
 func (a *Attributes) marshalBinary() ([]byte, error) {
 	ret := make([]byte, 2)
 	binary.LittleEndian.PutUint16(ret[0:], uint16(len(*a)))
-	for label, attr := range *a {
-		ret = appendLenPrefixed(ret, []byte(label))
-		attrBytes, err := attr.marshalBinary()
-		if err != nil {
-			return nil, fmt.Errorf("marshalling Attributes failed: %w", err)
-		}
-		ret = append(ret, attrBytes...)
+
+	aBytes, err := marshalBinarySortedMapAttribute(*a)
+	if err != nil {
+		return nil, fmt.Errorf("marshalling Attributes failed: %w", err)
 	}
+	ret = append(ret, aBytes...)
+
 	return ret, nil
 }
 

diff --git a/abe/cpabe/tkn20/internal/tkn/tk.go b/abe/cpabe/tkn20/internal/tkn/tk.go
@@ -210,24 +210,20 @@ func (a *AttributesKey) MarshalBinary() ([]byte, error) {
 	ret = appendLenPrefixed(ret, k2Bytes)
 	ret = append(ret, 0, 0)
 	binary.LittleEndian.PutUint16(ret[len(ret)-2:], uint16(len(a.k3)))
-	for s, m := range a.k3 {
-		ret = appendLenPrefixed(ret, []byte(s))
-		g1Bytes, err := m.marshalBinary()
-		if err != nil {
-			return nil, fmt.Errorf("AttributesKey serializing failed: %w", err)
-		}
-		ret = appendLenPrefixed(ret, g1Bytes)
+	k3Bytes, err := marshalBinarySortedMapMatrixG1(a.k3)
+	if err != nil {
+		return nil, fmt.Errorf("AttributesKey serializing failed: %w", err)
 	}
+	ret = append(ret, k3Bytes...)
+
 	ret = append(ret, 0, 0)
 	binary.LittleEndian.PutUint16(ret[len(ret)-2:], uint16(len(a.k3wild)))
-	for s, m := range a.k3wild {
-		ret = appendLenPrefixed(ret, []byte(s))
-		g1Bytes, err := m.marshalBinary()
-		if err != nil {
-			return nil, fmt.Errorf("AttributesKey serializing failed: %w", err)
-		}
-		ret = appendLenPrefixed(ret, g1Bytes)
+	k3wildBytes, err := marshalBinarySortedMapMatrixG1(a.k3wild)
+	if err != nil {
+		return nil, fmt.Errorf("AttributesKey serializing failed: %w", err)
 	}
+	ret = append(ret, k3wildBytes...)
+
 	return ret, nil
 }
 

diff --git a/abe/cpabe/tkn20/internal/tkn/util.go b/abe/cpabe/tkn20/internal/tkn/util.go
@@ -4,6 +4,7 @@ import (
 	"encoding/binary"
 	"errors"
 	"fmt"
+	"sort"
 
 	pairing "github.com/cloudflare/circl/ecc/bls12381"
 	"golang.org/x/crypto/blake2b"
@@ -60,6 +61,49 @@ func removeLenPrefixed(data []byte) (next []byte, remainder []byte, err error) {
 	return data[2 : 2+itemLen], data[2+itemLen:], nil
 }
 
+func marshalBinarySortedMapMatrixG1(m map[string]*matrixG1) ([]byte, error) {
+	sortedKeys := make([]string, 0, len(m))
+	for key := range m {
+		sortedKeys = append(sortedKeys, key)
+	}
+	sort.Strings(sortedKeys)
+
+	ret := []byte{}
+	for _, key := range sortedKeys {
+		b, err := m[key].marshalBinary()
+		if err != nil {
+			return nil, err
+		}
+
+		ret = appendLenPrefixed(ret, []byte(key))
+		ret = appendLenPrefixed(ret, b)
+	}
+
+	return ret, nil
+}
+
+func marshalBinarySortedMapAttribute(m map[string]Attribute) ([]byte, error) {
+	sortedKeys := make([]string, 0, len(m))
+	for key := range m {
+		sortedKeys = append(sortedKeys, key)
+	}
+	sort.Strings(sortedKeys)
+
+	ret := []byte{}
+	for _, key := range sortedKeys {
+		a := m[key]
+		b, err := a.marshalBinary()
+		if err != nil {
+			return nil, err
+		}
+
+		ret = appendLenPrefixed(ret, []byte(key))
+		ret = append(ret, b...)
+	}
+
+	return ret, nil
+}
+
 var (
 	errBadMatrixSize       = errors.New("matrix inputs do not conform")
 	errMatrixNonInvertible = errors.New("matrix has no inverse")

diff --git a/abe/cpabe/tkn20/testdata/attributeKey b/abe/cpabe/tkn20/testdata/attributeKey
diff --git a/abe/cpabe/tkn20/testdata/ciphertext b/abe/cpabe/tkn20/testdata/ciphertext
diff --git a/abe/cpabe/tkn20/testdata/publicKey b/abe/cpabe/tkn20/testdata/publicKey
diff --git a/abe/cpabe/tkn20/testdata/secretKey b/abe/cpabe/tkn20/testdata/secretKey
diff --git a/abe/cpabe/tkn20/testdata/serialize.go b/abe/cpabe/tkn20/testdata/serialize.go
diff --git a/abe/cpabe/tkn20/tkn20.go b/abe/cpabe/tkn20/tkn20.go
@@ -1,3 +1,5 @@
+//go:generate go run gen_testdata.go
+
 // Package tkn20 implements a ciphertext-policy ABE by Tomida, Kawahara, Nishimaki.
 //
 // This is an implementation of an IND-CCA2 secure variant of the Ciphertext-Policy