- paillier implementation and test

author: Florian Dold <florian.dold@gmail.com> 2014-01-20 23:45:10 +0000
committer: Florian Dold <florian.dold@gmail.com> 2014-01-20 23:45:10 +0000
commit: 6c403a7e4bffbd1e46f75f05190a145bb87de833 (patch)
tree: 92fca7368b6e3a4c1b88a0bb4a57698a77c60250 /src
parent: bcc39cb537deecab2c3e577d67bf2b0f724bbbd7 (diff)
download: gnunet-6c403a7e4bffbd1e46f75f05190a145bb87de833.tar.gz
gnunet-6c403a7e4bffbd1e46f75f05190a145bb87de833.zip
3 files changed, 246 insertions, 0 deletions
diff --git a/src/util/Makefile.am b/src/util/Makefile.am
index 4fb80285b..dd85f2c09 100644
--- a/src/util/Makefile.am
+++ b/src/util/Makefile.am
@@ -245,6 +245,7 @@ check_PROGRAMS = \
 test_crypto_ecdhe \
 test_crypto_hash \
 test_crypto_hkdf \
+ test_crypto_paillier \
 test_crypto_random \
 test_disk \
 test_getopt \
@@ -397,6 +398,11 @@ test_crypto_hkdf_SOURCES = \
 test_crypto_hkdf_LDADD = \
 $(top_builddir)/src/util/libgnunetutil.la
+test_crypto_paillier_SOURCES = \
+ test_crypto_paillier.c
+test_crypto_paillier_LDADD = \
+ $(top_builddir)/src/util/libgnunetutil.la
 test_crypto_random_SOURCES = \
 test_crypto_random.c
 test_crypto_random_LDADD = \
diff --git a/src/util/crypto_paillier.c b/src/util/crypto_paillier.c
index b4c2df9b8..4697f14c3 100644
--- a/src/util/crypto_paillier.c
+++ b/src/util/crypto_paillier.c
@@ -28,4 +28,189 @@
 #include <gcrypt.h>
 #include "gnunet_util_lib.h"
+/**
+ * Create a freshly generated paillier public key.
+ *
+ * @param[out] public_key Where to store the public key?
+ * @param[out] private_key Where to store the private key?
+ */
+void
+GNUNET_CRYPTO_paillier_create (struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
+                               struct GNUNET_CRYPTO_PaillierPrivateKey *private_key)
+{
+  gcry_mpi_t p;
+  gcry_mpi_t q;
+  gcry_mpi_t phi;
+  gcry_mpi_t n;
+  GNUNET_assert (NULL != (phi = gcry_mpi_new (GNUNET_CRYPTO_PAILLIER_BITS)));
+  GNUNET_assert (NULL != (n = gcry_mpi_new (GNUNET_CRYPTO_PAILLIER_BITS)));
+  p = q = NULL;
+  // Generate two distinct primes.
+  // The probability that the loop body
+  // is executed more than once is very low.
+  do {
+    if (NULL != p)
+      gcry_mpi_release (p);
+    if (NULL != q)
+      gcry_mpi_release (q);
+    // generate rsa modulus
+    GNUNET_assert (0 == gcry_prime_generate (&p, GNUNET_CRYPTO_PAILLIER_BITS / 2, 0, NULL, NULL, NULL,
+                                             GCRY_WEAK_RANDOM, 0));
+    GNUNET_assert (0 == gcry_prime_generate (&q, GNUNET_CRYPTO_PAILLIER_BITS / 2, 0, NULL, NULL, NULL,
+                                             GCRY_WEAK_RANDOM, 0));
+  } while (0 == gcry_mpi_cmp (p, q));
+  gcry_mpi_mul (n, p, q);
+  GNUNET_CRYPTO_mpi_print_unsigned (public_key, sizeof (struct GNUNET_CRYPTO_PaillierPublicKey), n);
+  // compute phi(n) = (p-1)(q-1)
+  gcry_mpi_sub_ui (p, p, 1);
+  gcry_mpi_sub_ui (q, q, 1);
+  gcry_mpi_mul (phi, p, q);
+  // lambda equals phi(n) in the simplified key generation
+  GNUNET_CRYPTO_mpi_print_unsigned (private_key->lambda, GNUNET_CRYPTO_PAILLIER_BITS / 8, phi);
+  // invert phi and abuse the phi mpi to store the result ...
+  GNUNET_assert (0 != gcry_mpi_invm (phi, phi, n));
+  GNUNET_CRYPTO_mpi_print_unsigned (private_key->mu, GNUNET_CRYPTO_PAILLIER_BITS / 8, phi);
+  gcry_mpi_release (p);
+  gcry_mpi_release (q);
+  gcry_mpi_release (phi);
+  gcry_mpi_release (n);
+}
+/**
+ * Encrypt a plaintext with a paillier public key.
+ *
+ * @param public_key Public key to use.
+ * @param plaintext Plaintext to encrypt.
+ * @param[out] ciphertext Encrytion of @a plaintext with @a public_key.
+ */
+void
+GNUNET_CRYPTO_paillier_encrypt (const struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
+                                const struct GNUNET_CRYPTO_PaillierPlaintext *plaintext,
+                                struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext)
+{
+  gcry_mpi_t n_square;
+  gcry_mpi_t r;
+  gcry_mpi_t g;
+  gcry_mpi_t c;
+  gcry_mpi_t n;
+  gcry_mpi_t m;
+  GNUNET_assert (0 != (n_square = gcry_mpi_new (0)));
+  GNUNET_assert (0 != (r = gcry_mpi_new (0)));
+  GNUNET_assert (0 != (g = gcry_mpi_new (0)));
+  GNUNET_assert (0 != (c = gcry_mpi_new (0)));
+  GNUNET_CRYPTO_mpi_scan_unsigned (&m, plaintext, sizeof (struct GNUNET_CRYPTO_PaillierPlaintext));
+  GNUNET_CRYPTO_mpi_scan_unsigned (&n, public_key, sizeof (struct GNUNET_CRYPTO_PaillierPublicKey));
+  gcry_mpi_mul (n_square, n, n);
+  // generate r < n
+  do
+  {
+    gcry_mpi_randomize (r, GNUNET_CRYPTO_PAILLIER_BITS, GCRY_WEAK_RANDOM);
+  }
+  while (gcry_mpi_cmp (r, n) >= 0);
+  // c = (n+1)^m mod n^2
+  gcry_mpi_add_ui (c, n, 1);
+  gcry_mpi_powm (c, c, m, n_square);
+  // r <- r^n mod n^2
+  gcry_mpi_powm (r, r, n, n_square);
+  // c <- r*c mod n^2
+  gcry_mpi_mulm (c, r, c, n_square);
+  GNUNET_CRYPTO_mpi_print_unsigned (ciphertext, sizeof *ciphertext, c);
+  gcry_mpi_release (n_square);
+  gcry_mpi_release (r);
+  gcry_mpi_release (m);
+  gcry_mpi_release (c);
+}
+/**
+ * Decrypt a paillier ciphertext with a private key.
+ *
+ * @param private_key Private key to use for decryption.
+ * @param public_key Public key to use for decryption.
+ * @param ciphertext Ciphertext to decrypt.
+ * @param[out] plaintext Decryption of @a ciphertext with @private_key.
+ */
+void
+GNUNET_CRYPTO_paillier_decrypt (const struct GNUNET_CRYPTO_PaillierPrivateKey *private_key,
+                                const struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
+                                const struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext,
+                                struct GNUNET_CRYPTO_PaillierPlaintext *plaintext)
+{
+  gcry_mpi_t m;
+  gcry_mpi_t mu;
+  gcry_mpi_t lambda;
+  gcry_mpi_t n;
+  gcry_mpi_t n_square;
+  gcry_mpi_t c;
+  GNUNET_assert (0 != (n_square = gcry_mpi_new (0)));
+  GNUNET_assert (0 != (m = gcry_mpi_new (0)));
+  GNUNET_CRYPTO_mpi_scan_unsigned (&lambda, private_key->lambda, sizeof private_key->lambda);
+  GNUNET_CRYPTO_mpi_scan_unsigned (&mu, private_key->mu, sizeof private_key->mu);
+  GNUNET_CRYPTO_mpi_scan_unsigned (&n, public_key, sizeof *public_key);
+  GNUNET_CRYPTO_mpi_scan_unsigned (&c, ciphertext, sizeof *ciphertext);
+  gcry_mpi_mul (n_square, n, n);
+  // m = c^lambda mod n^2
+  gcry_mpi_powm (m, c, lambda, n_square);
+  // m = m - 1
+  gcry_mpi_sub_ui (m, m, 1);
+  // m <- m/n
+  gcry_mpi_div (m, NULL, m, n, 0);
+  gcry_mpi_mulm (m, m, mu, n);
+  GNUNET_CRYPTO_mpi_print_unsigned (plaintext, sizeof *plaintext, m);
+  gcry_mpi_release (m);
+  gcry_mpi_release (mu);
+  gcry_mpi_release (lambda);
+  gcry_mpi_release (n);
+  gcry_mpi_release (n_square);
+  gcry_mpi_release (c);
+}
+/**
+ * Compute a ciphertext that represents the sum of the plaintext in @a x1 and @a x2
+ *
+ * Note that this operation can only be done a finite number of times
+ * before an overflow occurs.
+ *
+ * @param x1 Paillier cipher text.
+ * @param x2 Paillier cipher text.
+ * @param[out] result Result of the homomorphic operation.
+ * @return #GNUNET_OK if the result could be computed,
+ *         #GNUNET_SYSERR if no more homomorphic operations are remaining.
+ */
+int
+GNUNET_CRYPTO_paillier_hom_add (const struct GNUNET_CRYPTO_PaillierCiphertext *x1,
+                                const struct GNUNET_CRYPTO_PaillierCiphertext *x2,
+                                const struct GNUNET_CRYPTO_PaillierCiphertext *result)
+{
+  // not implemented yet
+  GNUNET_assert (0);
+  return GNUNET_SYSERR;
+}
 /* end of crypto_paillier.c */
diff --git a/src/util/test_crypto_paillier.c b/src/util/test_crypto_paillier.c
new file mode 100644
index 000000000..f380b56f0
--- /dev/null
+++ b/src/util/test_crypto_paillier.c
@@ -0,0 +1,55 @@
+/*
+     This file is part of GNUnet.
+     (C) 2014 Christian Grothoff (and other contributing authors)
+     GNUnet is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published
+     by the Free Software Foundation; either version 3, or (at your
+     option) any later version.
+     GNUnet is distributed in the hope that it will be useful, but
+     WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     General Public License for more details.
+     You should have received a copy of the GNU General Public License
+     along with GNUnet; see the file COPYING.  If not, write to the
+     Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+     Boston, MA 02111-1307, USA.
+*/
+/**
+ * @file util/test_crypto_paillier.c
+ * @brief testcase paillier crypto
+ * @author Florian Dold
+ */
+#include "platform.h"
+#include "gnunet_util_lib.h"
+#include <gcrypt.h>
+int
+main (int argc, char *argv[])
+{
+  struct GNUNET_CRYPTO_PaillierPlaintext plaintext;
+  struct GNUNET_CRYPTO_PaillierPlaintext plaintext_result;
+  struct GNUNET_CRYPTO_PaillierCiphertext ciphertext;
+  struct GNUNET_CRYPTO_PaillierPublicKey public_key;
+  struct GNUNET_CRYPTO_PaillierPrivateKey private_key;
+  GNUNET_CRYPTO_paillier_create (&public_key, &private_key);
+  GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, &plaintext, sizeof plaintext);
+  plaintext.bits[0] = 0;
+  GNUNET_CRYPTO_paillier_encrypt (&public_key, &plaintext, &ciphertext);
+  GNUNET_CRYPTO_paillier_decrypt (&private_key, &public_key,
+                                  &ciphertext, &plaintext_result);
+  if (0 != memcmp (&plaintext, &plaintext_result, sizeof plaintext))
+    return 1;
+  return 0;
+}
+/* end of test_crypto_paillier.c */
author	Florian Dold <florian.dold@gmail.com>	2014-01-20 23:45:10 +0000
committer	Florian Dold <florian.dold@gmail.com>	2014-01-20 23:45:10 +0000
commit	6c403a7e4bffbd1e46f75f05190a145bb87de833 (patch)
tree	92fca7368b6e3a4c1b88a0bb4a57698a77c60250 /src
parent	bcc39cb537deecab2c3e577d67bf2b0f724bbbd7 (diff)
download	gnunet-6c403a7e4bffbd1e46f75f05190a145bb87de833.tar.gz gnunet-6c403a7e4bffbd1e46f75f05190a145bb87de833.zip

diff --git a/src/util/Makefile.am b/src/util/Makefile.am index 4fb80285b..dd85f2c09 100644 --- a/src/util/Makefile.am +++ b/src/util/Makefile.am
@@ -245,6 +245,7 @@ check_PROGRAMS = \
245	test_crypto_ecdhe \	245	test_crypto_ecdhe \
246	test_crypto_hash \	246	test_crypto_hash \
247	test_crypto_hkdf \	247	test_crypto_hkdf \
		248	test_crypto_paillier \
248	test_crypto_random \	249	test_crypto_random \
249	test_disk \	250	test_disk \
250	test_getopt \	251	test_getopt \
@@ -397,6 +398,11 @@ test_crypto_hkdf_SOURCES = \
397	test_crypto_hkdf_LDADD = \	398	test_crypto_hkdf_LDADD = \
398	$(top_builddir)/src/util/libgnunetutil.la	399	$(top_builddir)/src/util/libgnunetutil.la
399		400
		401	test_crypto_paillier_SOURCES = \
		402	test_crypto_paillier.c
		403	test_crypto_paillier_LDADD = \
		404	$(top_builddir)/src/util/libgnunetutil.la
		405
400	test_crypto_random_SOURCES = \	406	test_crypto_random_SOURCES = \
401	test_crypto_random.c	407	test_crypto_random.c
402	test_crypto_random_LDADD = \	408	test_crypto_random_LDADD = \


diff --git a/src/util/crypto_paillier.c b/src/util/crypto_paillier.c index b4c2df9b8..4697f14c3 100644 --- a/src/util/crypto_paillier.c +++ b/src/util/crypto_paillier.c
@@ -28,4 +28,189 @@
28	#include <gcrypt.h>	28	#include <gcrypt.h>
29	#include "gnunet_util_lib.h"	29	#include "gnunet_util_lib.h"
30		30
		31
		32	/**
		33	* Create a freshly generated paillier public key.
		34	*
		35	* @param[out] public_key Where to store the public key?
		36	* @param[out] private_key Where to store the private key?
		37	*/
		38	void
		39	GNUNET_CRYPTO_paillier_create (struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
		40	struct GNUNET_CRYPTO_PaillierPrivateKey *private_key)
		41	{
		42	gcry_mpi_t p;
		43	gcry_mpi_t q;
		44
		45	gcry_mpi_t phi;
		46	gcry_mpi_t n;
		47
		48	GNUNET_assert (NULL != (phi = gcry_mpi_new (GNUNET_CRYPTO_PAILLIER_BITS)));
		49	GNUNET_assert (NULL != (n = gcry_mpi_new (GNUNET_CRYPTO_PAILLIER_BITS)));
		50
		51	p = q = NULL;
		52
		53	// Generate two distinct primes.
		54	// The probability that the loop body
		55	// is executed more than once is very low.
		56	do {
		57	if (NULL != p)
		58	gcry_mpi_release (p);
		59	if (NULL != q)
		60	gcry_mpi_release (q);
		61	// generate rsa modulus
		62	GNUNET_assert (0 == gcry_prime_generate (&p, GNUNET_CRYPTO_PAILLIER_BITS / 2, 0, NULL, NULL, NULL,
		63	GCRY_WEAK_RANDOM, 0));
		64	GNUNET_assert (0 == gcry_prime_generate (&q, GNUNET_CRYPTO_PAILLIER_BITS / 2, 0, NULL, NULL, NULL,
		65	GCRY_WEAK_RANDOM, 0));
		66	} while (0 == gcry_mpi_cmp (p, q));
		67	gcry_mpi_mul (n, p, q);
		68	GNUNET_CRYPTO_mpi_print_unsigned (public_key, sizeof (struct GNUNET_CRYPTO_PaillierPublicKey), n);
		69
		70	// compute phi(n) = (p-1)(q-1)
		71	gcry_mpi_sub_ui (p, p, 1);
		72	gcry_mpi_sub_ui (q, q, 1);
		73	gcry_mpi_mul (phi, p, q);
		74
		75	// lambda equals phi(n) in the simplified key generation
		76	GNUNET_CRYPTO_mpi_print_unsigned (private_key->lambda, GNUNET_CRYPTO_PAILLIER_BITS / 8, phi);
		77
		78	// invert phi and abuse the phi mpi to store the result ...
		79	GNUNET_assert (0 != gcry_mpi_invm (phi, phi, n));
		80	GNUNET_CRYPTO_mpi_print_unsigned (private_key->mu, GNUNET_CRYPTO_PAILLIER_BITS / 8, phi);
		81
		82	gcry_mpi_release (p);
		83	gcry_mpi_release (q);
		84	gcry_mpi_release (phi);
		85	gcry_mpi_release (n);
		86	}
		87
		88
		89	/**
		90	* Encrypt a plaintext with a paillier public key.
		91	*
		92	* @param public_key Public key to use.
		93	* @param plaintext Plaintext to encrypt.
		94	* @param[out] ciphertext Encrytion of @a plaintext with @a public_key.
		95	*/
		96	void
		97	GNUNET_CRYPTO_paillier_encrypt (const struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
		98	const struct GNUNET_CRYPTO_PaillierPlaintext *plaintext,
		99	struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext)
		100	{
		101	gcry_mpi_t n_square;
		102	gcry_mpi_t r;
		103	gcry_mpi_t g;
		104	gcry_mpi_t c;
		105
		106	gcry_mpi_t n;
		107	gcry_mpi_t m;
		108
		109
		110	GNUNET_assert (0 != (n_square = gcry_mpi_new (0)));
		111	GNUNET_assert (0 != (r = gcry_mpi_new (0)));
		112	GNUNET_assert (0 != (g = gcry_mpi_new (0)));
		113	GNUNET_assert (0 != (c = gcry_mpi_new (0)));
		114
		115	GNUNET_CRYPTO_mpi_scan_unsigned (&m, plaintext, sizeof (struct GNUNET_CRYPTO_PaillierPlaintext));
		116	GNUNET_CRYPTO_mpi_scan_unsigned (&n, public_key, sizeof (struct GNUNET_CRYPTO_PaillierPublicKey));
		117
		118	gcry_mpi_mul (n_square, n, n);
		119
		120	// generate r < n
		121	do
		122	{
		123	gcry_mpi_randomize (r, GNUNET_CRYPTO_PAILLIER_BITS, GCRY_WEAK_RANDOM);
		124	}
		125	while (gcry_mpi_cmp (r, n) >= 0);
		126
		127	// c = (n+1)^m mod n^2
		128	gcry_mpi_add_ui (c, n, 1);
		129	gcry_mpi_powm (c, c, m, n_square);
		130	// r <- r^n mod n^2
		131	gcry_mpi_powm (r, r, n, n_square);
		132	// c <- r*c mod n^2
		133	gcry_mpi_mulm (c, r, c, n_square);
		134
		135	GNUNET_CRYPTO_mpi_print_unsigned (ciphertext, sizeof *ciphertext, c);
		136
		137	gcry_mpi_release (n_square);
		138	gcry_mpi_release (r);
		139	gcry_mpi_release (m);
		140	gcry_mpi_release (c);
		141	}
		142
		143
		144	/**
		145	* Decrypt a paillier ciphertext with a private key.
		146	*
		147	* @param private_key Private key to use for decryption.
		148	* @param public_key Public key to use for decryption.
		149	* @param ciphertext Ciphertext to decrypt.
		150	* @param[out] plaintext Decryption of @a ciphertext with @private_key.
		151	*/
		152	void
		153	GNUNET_CRYPTO_paillier_decrypt (const struct GNUNET_CRYPTO_PaillierPrivateKey *private_key,
		154	const struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
		155	const struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext,
		156	struct GNUNET_CRYPTO_PaillierPlaintext *plaintext)
		157	{
		158	gcry_mpi_t m;
		159	gcry_mpi_t mu;
		160	gcry_mpi_t lambda;
		161	gcry_mpi_t n;
		162	gcry_mpi_t n_square;
		163	gcry_mpi_t c;
		164
		165	GNUNET_assert (0 != (n_square = gcry_mpi_new (0)));
		166	GNUNET_assert (0 != (m = gcry_mpi_new (0)));
		167
		168	GNUNET_CRYPTO_mpi_scan_unsigned (&lambda, private_key->lambda, sizeof private_key->lambda);
		169	GNUNET_CRYPTO_mpi_scan_unsigned (&mu, private_key->mu, sizeof private_key->mu);
		170	GNUNET_CRYPTO_mpi_scan_unsigned (&n, public_key, sizeof *public_key);
		171	GNUNET_CRYPTO_mpi_scan_unsigned (&c, ciphertext, sizeof *ciphertext);
		172
		173	gcry_mpi_mul (n_square, n, n);
		174	// m = c^lambda mod n^2
		175	gcry_mpi_powm (m, c, lambda, n_square);
		176	// m = m - 1
		177	gcry_mpi_sub_ui (m, m, 1);
		178	// m <- m/n
		179	gcry_mpi_div (m, NULL, m, n, 0);
		180	gcry_mpi_mulm (m, m, mu, n);
		181
		182	GNUNET_CRYPTO_mpi_print_unsigned (plaintext, sizeof *plaintext, m);
		183
		184	gcry_mpi_release (m);
		185	gcry_mpi_release (mu);
		186	gcry_mpi_release (lambda);
		187	gcry_mpi_release (n);
		188	gcry_mpi_release (n_square);
		189	gcry_mpi_release (c);
		190	}
		191
		192
		193	/**
		194	* Compute a ciphertext that represents the sum of the plaintext in @a x1 and @a x2
		195	*
		196	* Note that this operation can only be done a finite number of times
		197	* before an overflow occurs.
		198	*
		199	* @param x1 Paillier cipher text.
		200	* @param x2 Paillier cipher text.
		201	* @param[out] result Result of the homomorphic operation.
		202	* @return #GNUNET_OK if the result could be computed,
		203	* #GNUNET_SYSERR if no more homomorphic operations are remaining.
		204	*/
		205	int
		206	GNUNET_CRYPTO_paillier_hom_add (const struct GNUNET_CRYPTO_PaillierCiphertext *x1,
		207	const struct GNUNET_CRYPTO_PaillierCiphertext *x2,
		208	const struct GNUNET_CRYPTO_PaillierCiphertext *result)
		209	{
		210	// not implemented yet
		211	GNUNET_assert (0);
		212	return GNUNET_SYSERR;
		213	}
		214
		215
31	/* end of crypto_paillier.c */	216	/* end of crypto_paillier.c */


diff --git a/src/util/test_crypto_paillier.c b/src/util/test_crypto_paillier.c new file mode 100644 index 000000000..f380b56f0 --- /dev/null +++ b/src/util/test_crypto_paillier.c
@@ -0,0 +1,55 @@
		1	/*
		2	This file is part of GNUnet.
		3	(C) 2014 Christian Grothoff (and other contributing authors)
		4
		5	GNUnet is free software; you can redistribute it and/or modify
		6	it under the terms of the GNU General Public License as published
		7	by the Free Software Foundation; either version 3, or (at your
		8	option) any later version.
		9
		10	GNUnet is distributed in the hope that it will be useful, but
		11	WITHOUT ANY WARRANTY; without even the implied warranty of
		12	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
		13	General Public License for more details.
		14
		15	You should have received a copy of the GNU General Public License
		16	along with GNUnet; see the file COPYING. If not, write to the
		17	Free Software Foundation, Inc., 59 Temple Place - Suite 330,
		18	Boston, MA 02111-1307, USA.
		19
		20	*/
		21	/**
		22	* @file util/test_crypto_paillier.c
		23	* @brief testcase paillier crypto
		24	* @author Florian Dold
		25	*/
		26	#include "platform.h"
		27	#include "gnunet_util_lib.h"
		28	#include <gcrypt.h>
		29
		30
		31	int
		32	main (int argc, char *argv[])
		33	{
		34	struct GNUNET_CRYPTO_PaillierPlaintext plaintext;
		35	struct GNUNET_CRYPTO_PaillierPlaintext plaintext_result;
		36	struct GNUNET_CRYPTO_PaillierCiphertext ciphertext;
		37	struct GNUNET_CRYPTO_PaillierPublicKey public_key;
		38	struct GNUNET_CRYPTO_PaillierPrivateKey private_key;
		39
		40	GNUNET_CRYPTO_paillier_create (&public_key, &private_key);
		41
		42	GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, &plaintext, sizeof plaintext);
		43	plaintext.bits[0] = 0;
		44
		45	GNUNET_CRYPTO_paillier_encrypt (&public_key, &plaintext, &ciphertext);
		46
		47	GNUNET_CRYPTO_paillier_decrypt (&private_key, &public_key,
		48	&ciphertext, &plaintext_result);
		49
		50	if (0 != memcmp (&plaintext, &plaintext_result, sizeof plaintext))
		51	return 1;
		52	return 0;
		53	}
		54
		55	/* end of test_crypto_paillier.c */