adam
/
zenroom
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

zencode improve test and documentation for simple and dp3t scenarios

master
Jaromil 4 years ago
parent
f9bfb20ccf
commit
e6339c45ae
8 changed files with 174 additions and 77 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 15
      build/zencode_scenario.sh
  2. 4
      docs/Makefile
  3. 38
      docs/pages/zencode.md
  4. 6
      src/lua/zenroom_common.lua
  5. 4
      test/zencode_data.lua
  6. 52
      test/zencode_dp3t/run.sh
  7. 8
      test/zencode_numericals.lua
  8. 124
      test/zencode_simple/run.sh

15
build/zencode_scenario.sh
View File

@ -0,0 +1,15 @@
#!/usr/bin/env zsh
#
# build the zencode scenario test scripts and copy them into the
# documentation folder. called from zenroom/docs
scen="$1"
R="$PWD/.."
[[ -r "$R/test/zencode_${scen}" ]] || {
echo "error in script $0"
echo "scenario not found: $R/test/zencode_${scen}"
exit 1 }
pushd $R/test/zencode_${scen}
./run.sh
cp -av *zen *json $R/docs/_media/examples/zencode_${scen}
popd

4
docs/Makefile
View File

@ -14,7 +14,9 @@ website:
@ln -fs _media/js/zenroom.data .
@mkdir -p _media/examples
@cp -v ../examples/*.keys ../examples/*.data ../examples/*.lua _media/examples/
@cp -av ../test/zencode_coconut ../test/zencode_simple _media/examples/
@../build/zencode_scenario.sh dp3t
@../build/zencode_scenario.sh simple
@cp -av ../test/zencode_coconut _media/examples/
@cp -v ../bindings/javascript/README.md pages/javascript.md
@cp -v ../bindings/python3/README.md pages/python.md

38
docs/pages/zencode.md
View File

@ -58,18 +58,11 @@ In this phase each participant will create his/her own keypair, store it and com
The statement to generate a keypair (public and private keys) is simple:
[](../_media/examples/zencode_simple/AES01.zen ':include :type=code gherkin')
[](../_media/examples/zencode_simple/alice_keygen.zen ':include :type=code gherkin')
It will produce something like this:
```json
"Alice": {
"keypair": {
"private_key": "u64:F_NaS3Y6Xw6BW...",
"public_key": "u64:BLG0OGDwzP_gY41TZgGpUB4lTYCgpx9BJVScxSQAfwqEi..."
}
}
```
[](../_media/examples/zencode_simple/alice_keypair.json ':include :type=code json')
Where the public key is usually a longer octet and actually an [Elliptic Curve Point](/lua/modules/ECP.html) coordinate.
@ -96,14 +89,10 @@ After both Alice and Bob have their own keypairs and they both know
each other public key we can move forward to do asymmetric encryption
and signatures.
[](../_media/examples/zencode_simple/AES02.zen ':include :type=code gherkin')
[](../_media/examples/zencode_simple/alice_keypub.zen ':include :type=code gherkin')
```json
"Alice": {
"public_key": "u64:BLG0OGDwzP_gY41TZgGpUB4lTYCgpx9BJVScxSQAfwqEi..."
}
```
[](../_media/examples/zencode_simple/alice_pub.json ':include :type=code json')
The advantage of using Zencode here is the use of the `valid` keyword which effectively parses the `public key` object and verifies it as valid, in this case as being a valid point on the elliptic curve in use. This greatly reduces the possibility of common mistakes.
@ -121,14 +110,7 @@ Before getting to the encryption 2 other objects must be given:
So with an input separated between DATA and KEYS or grouped together in an array like:
```json
[
{"Bob": {"public_key":"u64:BGF59uMP0DkHoTjMT..."} },
{"Alice": { "keypair": {
"private_key": "u64:F_NaS3Y6Xw6BW...",
"public_key": "u64:BLG0OGDwzP_gY41TZgGpUB4lTYCgpx9BJVScxSQAfwqEi..." } } }
]
```
[](../_media/examples/zencode_simple/bob_keyring.json ':include :type=code json')
[](../_media/examples/zencode_simple/AES05.zen ':include :type=code gherkin')
@ -150,12 +132,15 @@ sequenceDiagram
**1. Alice encrypts the message using Bob's public key**
[](../_media/examples/zencode_simple/AES05.zen ':include :type=code gherkin')
**2. Bob prepares a keyring with Alice's public key**
[](../_media/examples/zencode_simple/AES06.zen ':include :type=code gherkin')
**3. Bob decrypts the message using Alice's public key**
[](../_media/examples/zencode_simple/AES07.zen ':include :type=code gherkin')
In this basic example the session key for encryption is made combining
@ -255,12 +240,7 @@ These 3 arguments can be written or imported, but must given before using the `I
The output is returned in `secret message` and it looks like:
```json
{"secret_message":{"iv":"u64:-tU2gbox9kATCeC2k_zkhYM-PBA3IzvN7HtfyVXdzB4",
"header":"u64:dGhpc19pc19mb3JfQm9i",
"text":"u64:cw4M3FBO3zaPRAB26d6y8SMPGgAo_0AmJUrhg5dmKwoEB7BWLAAD_A2h",
"checksum":"u64:UugLrIuxRX46BETc1-XkrA"}}
```
[](../_media/examples/zencode_simple/cipher_message.json ':include :type=code json')
To decode make sure to have that secret password and that a valid `secret message` is given, then use:

6
src/lua/zenroom_common.lua
View File

@ -230,10 +230,12 @@ local function split(src,pat)
src:gsub(pat, function(x) tbl[#tbl+1]=x end)
return tbl
end
function strtok(src)
function strtok(src, pat)
if not src then return { } end
pat = pat or "%S+"
ZEN.assert(luatype(src) == "string", "strtok error: argument is not a string")
return split(src, "%S+") end
return split(src, pat)
end
-- assert all values in table are converted to zenroom types
-- used in zencode when transitioning out of given memory

4
test/zencode_data.lua
View File

@ -14,8 +14,8 @@ rule check version 1.0.0
rule input encoding string
Given I have a 'inside' inside 'first'
and I have a 'third'
When I write 'first.inside' in 'test'
and I write 'three' in 'tertiur'
When I write string 'first.inside' in 'test'
and I write string 'three' in 'tertiur'
and I verify 'third' is equal to 'tertiur'
Then print the 'test' as 'string'
]])

52
test/zencode_dp3t/run.sh
View File

@ -2,38 +2,16 @@
# https://github.com/DP-3T/documents
# use executable in current directory
Z=../../src/zenroom
D=.
####################
# common script init
if ! test -r ../utils.sh; then
echo "run executable from its own directory: $0"; exit 1; fi
. ../utils.sh
Z="`detect_zenroom_path` `detect_zenroom_conf`"
####################
if test -r ./zenroom-linux-amd64; then
Z=./zenroom-linux-amd64
D=./out-dp3t
elif test -r ./zenroom-osx.command; then
Z=./zenroom-osx.command;
D=./out-dp3t
elif test -r ./src/zenroom; then
Z=./src/zenroom
D=./out-dp3t
elif test -r ../../src/zenroom; then
Z=../../src/zenroom
D=./out-dp3t
fi
if ! test -r $Z; then
echo "Zenroom executable not found"
echo "download yours from https://files.dyne.org/zenroom/nightly/"
exit 1
fi
alias zenroom=$Z
chmod +x $Z
echo "Zenroom executable: $Z"
mkdir -p $D
echo "destination dir: $D"
cat <<EOF | $Z -z | tee $D/SK1.json
cat <<EOF | tee dp3t_keygen.zen | $Z -z | tee SK1.json
rule check version 1.0.0
rule input encoding hex
rule output encoding hex
@ -44,7 +22,7 @@ Then print the 'secret day key'
EOF
cat <<EOF | $Z -z -a $D/SK1.json | tee $D/SK2.json
cat <<EOF | tee dp3t_keyderiv.zen | $Z -z -a SK1.json | tee SK2.json
scenario 'dp3t': Decentralized Privacy-Preserving Proximity Tracing
rule check version 1.0.0
rule input encoding hex
@ -54,11 +32,7 @@ When I renew the secret day key to a new day
Then print the 'secret day key'
EOF
cat <<EOF | tee $D/moments.json
{ "moments": "8" }
EOF
cat <<EOF | $Z -z -k $D/SK2.json | tee $D/EphID_2.json
cat <<EOF | tee dp3t_ephidgen.zen | $Z -z -k SK2.json | tee EphID_2.json
scenario 'dp3t': Decentralized Privacy-Preserving Proximity Tracing
rule check version 1.0.0
rule input encoding hex
@ -73,7 +47,7 @@ EOF
# now generate a test with 40.000 infected SK
cat <<EOF | $Z -c memmanager=sys -z > $D/SK_infected_40k.json
cat <<EOF | $Z -z > SK_infected_40k.json
rule check version 1.0.0
rule input encoding hex
rule output encoding hex
@ -84,7 +58,7 @@ Then print the 'list of infected'
EOF
# extract a few random infected ephemeral ids to simulate proximity
cat <<EOF | $Z -c memmanager=sys,debug=1 -z -a $D/SK_infected_40k.json | tee $D/EphID_infected.json
cat <<EOF | $Z -z -a SK_infected_40k.json | tee EphID_infected.json
scenario 'dp3t'
rule check version 1.0.0
rule input encoding hex
@ -100,7 +74,7 @@ Then print the 'ephemeral ids'
EOF
# given a list of infected and a list of ephemeral ids
cat <<EOF | time $Z -c memmanager=sys,debug=1 -z -a $D/SK_infected_40k.json -k $D/EphID_infected.json
cat <<EOF | tee dp3t_check.zen | $Z -z -a SK_infected_40k.json -k EphID_infected.json
scenario 'dp3t'
rule check version 1.0.0
rule input encoding hex

8
test/zencode_numericals.lua
View File

@ -7,8 +7,8 @@ ZEN:begin()
ZEN:parse([[
rule check version 1.0.0
Given nothing
When I set 'left' to '10'
and I set 'right' to '20'
When I write number '10' in 'left'
and I write number '20' in 'right'
and number 'left' is less or equal than 'right'
Then print 'OK'
]])
@ -31,8 +31,8 @@ ZEN:begin()
ZEN:parse([[
rule check version 1.0.0
Given nothing
When I set 'left' to '0a' formatted as 'hex'
and I set 'right' to '14' formatted as 'hex'
When I set 'left' to '0a' base '16'
and I set 'right' to '14' base '16'
and number 'left' is less than 'right'
Then print 'OK'
]])

124
test/zencode_simple/run.sh
View File

@ -0,0 +1,124 @@
#!/usr/bin/env bash
####################
# common script init
if ! test -r ../utils.sh; then
echo "run executable from its own directory: $0"; exit 1; fi
. ../utils.sh
Z="`detect_zenroom_path` `detect_zenroom_conf`"
####################
cat <<EOF | tee SYM01.zen | $Z -z > secret.json
rule check version 1.0.0
Scenario simple: Generate a random password
Given nothing
When I create a random 'password'
Then print the 'password'
EOF
cat <<EOF | tee SYM02.zen | $Z -z > cipher_message.json
Scenario simple: Encrypt a message with the password
Given nothing
# only inline input, no KEYS or DATA passed
When I write string 'my secret word' in 'password'
and I write string 'a very short but very confidential message' in 'whisper'
and I write string 'for your eyes only' in 'header'
# header is implicitly used when encrypt
and I encrypt the secret message 'whisper' with 'password'
# anything introduced by 'the' becomes a new variable
Then print the 'secret message'
EOF
cat <<EOF | tee SYM03.zen | $Z -a cipher_message.json -z
Scenario simple: Decrypt the message with the password
Given I have a valid 'secret message'
When I write string 'my secret word' in 'password'
and I decrypt the secret message with 'password'
Then print as 'string' the 'text' inside 'message'
and print as 'string' the 'header' inside 'message'
EOF
cat <<EOF | tee alice_keygen.zen | $Z -z > alice_keypair.json
Scenario 'simple': Create the keypair
Given that I am known as 'Alice'
When I create the keypair
Then print my data
EOF
cat <<EOF | tee alice_keypub.zen | $Z -z -k alice_keypair.json > alice_pub.json
Scenario 'simple': Publish the public key
Given that I am known as 'Alice'
and I have my valid 'public key'
Then print my 'public key'
EOF
cat <<EOF | tee DSA01.zen | $Z -z -k alice_keypair.json | tee alice_signs_to_bob.json
Rule check version 1.0.0
Scenario 'simple': Alice signs a message for Bob
Given that I am known as 'Alice'
and I have my valid 'keypair'
When I write string 'This is my signed message to Bob.' in 'draft'
and I create the signature of 'draft'
Then print my 'signature'
and print my 'draft'
EOF
cat <<EOF | tee DSA02.zen | $Z -z -k alice_pub.json -a alice_signs_to_bob.json
rule check version 1.0.0
Scenario 'simple': Bob verifies the signature from Alice
Given that I am known as 'Bob'
and I have a valid 'public key' from 'Alice'
and I have a valid 'signature' from 'Alice'
and I have a 'draft'
When I verify the 'draft' is signed by 'Alice'
Then print 'signature' 'correct' as 'string'
and print as 'string' the 'draft'
EOF
cat <<EOF | tee bob_keygen.zen | $Z -z > bob_keypair.json
Scenario 'simple': Create the keypair
Given that I am known as 'Bob'
When I create the keypair
Then print my data
EOF
cat <<EOF | tee bob_keypub.zen | $Z -z -k bob_keypair.json > bob_pub.json
Scenario 'simple': Publish the public key
Given that I am known as 'Bob'
and I have my valid 'public key'
Then print my 'public key'
EOF
cat <<EOF | tee AES05.zen | $Z -z -k alice_keypair.json -a bob_pub.json | tee alice_to_bob.json
Rule check version 1.0.0
Scenario 'simple': Alice encrypts a message for Bob
Given that I am known as 'Alice'
and I have my valid 'keypair'
and I have a valid 'public key' from 'Bob'
When I write string 'This is my secret message.' in 'message'
and I write string 'This is the header' in 'header'
and I encrypt the message for 'Bob'
Then print the 'secret message'
EOF
cat <<EOF | tee AES06.zen | $Z -z -k bob_keypair.json -a alice_pub.json | tee bob_keyring.json
Rule check version 1.0.0
Scenario 'simple': Bob gathers public keys in his keyring
Given that I am 'Bob'
and I have my valid 'keypair'
and I have a valid 'public key' from 'Alice'
Then print my 'keypair'
and print the 'public key'
EOF
cat <<EOF | tee AES07.zen | $Z -z -k bob_keyring.json -a alice_to_bob.json
Rule check version 1.0.0
Scenario 'simple': Bob decrypts the message from Alice
Given that I am known as 'Bob'
and I have my valid 'keypair'
and I have a valid 'public key' from 'Alice'
and I have a valid 'secret message'
When I decrypt the secret message from 'Alice'
Then print as 'string' the 'message'
and print as 'string' the 'header' inside 'secret message'
EOF
Write Preview
Loading…
Cancel
Save