526 lines
21 KiB

/******************************************************************************
* Copyright © 2014-2016 The SuperNET Developers. *
* *
* See the AUTHORS, DEVELOPER-AGREEMENT and LICENSE files at *
* the top-level directory of this distribution for the individual copyright *
* holder information and the developer policies on copyright and licensing. *
* *
* Unless otherwise agreed in a custom licensing agreement, no part of the *
* SuperNET software, including this file may be copied, modified, propagated *
* or distributed except according to the terms contained in the LICENSE file *
* *
* Removal or modification of this copyright notice is prohibited. *
* *
******************************************************************************/
#include "pangea777.h"
bits256 cards777_initcrypt(bits256 data,bits256 privkey,bits256 pubkey,int32_t invert)
{
bits256 hash;
hash = curve25519_shared(privkey,pubkey);
if ( invert != 0 )
hash = crecip_donna(hash);
return(fmul_donna(data,hash));
}
bits256 cards777_cardpriv(bits256 playerpriv,bits256 *cardpubs,int32_t numcards,bits256 cipher)
{
bits256 cardpriv,checkpub; int32_t i;
for (i=0; i<numcards; i++)
{
cardpriv = cards777_initcrypt(cipher,playerpriv,cardpubs[i],1);
//printf("(%llx %llx) ",(long long)cardpriv.txid,(long long)curve25519_shared(playerpriv,cardpubs[i]).txid);
checkpub = curve25519(cardpriv,curve25519_basepoint9());
if ( memcmp(checkpub.bytes,cardpubs[i].bytes,sizeof(bits256)) == 0 )
{
//printf("%d ",cardpriv.bytes[1]);
//printf("decrypted card.%d %llx\n",cardpriv.bytes[1],(long long)cardpriv.txid);
return(cardpriv);
}
}
//printf("\nplayerpriv %llx cipher.%llx\n",(long long)playerpriv.txid,(long long)cipher.txid);
memset(cardpriv.bytes,0,sizeof(cardpriv));
return(cardpriv);
}
int32_t cards777_checkcard(bits256 *cardprivp,int32_t cardi,int32_t slot,int32_t destplayer,bits256 playerpriv,bits256 *cardpubs,int32_t numcards,bits256 card)
{
bits256 cardpriv;
cardpriv = cards777_cardpriv(playerpriv,cardpubs,numcards,card);
if ( cardpriv.txid != 0 )
{
if ( slot >= 0 && destplayer != slot )
printf(">>>>>>>>>>>> ERROR ");
if ( Debuglevel > 2 )
printf("slot.%d B DECODED cardi.%d destplayer.%d cardpriv.[%d]\n",slot,cardi,destplayer,cardpriv.bytes[1]);
*cardprivp = cardpriv;
return(cardpriv.bytes[1]);
}
memset(cardprivp,0,sizeof(*cardprivp));
return(-1);
}
int32_t cards777_validate(bits256 cardpriv,bits256 final,bits256 *cardpubs,int32_t numcards,bits256 *audit,int32_t numplayers,bits256 playerpub)
{
int32_t i; bits256 val,checkcard,ver;
val = final;
for (i=numplayers-1; i>0; i--)
{
val = fmul_donna(audit[i],val);
//if ( memcmp(tmp.bytes,audit[i-1].bytes,sizeof(tmp)) != 0 )
// printf("cards777_validate: mismatched audit[%d] %llx vs %llx %llx\n",i-1,(long long)tmp.txid,(long long)audit[i-1].txid,(long long)audit[i].txid);
}
checkcard = val;//fcontract(val);
if ( memcmp(checkcard.bytes,audit[0].bytes,sizeof(checkcard)) != 0 )
{
printf("cards777_validate: checkcard not validated %llx vs %llx numplayers.%d\n",(long long)checkcard.txid,(long long)audit[0].txid,numplayers);
return(-1);
}
ver = cards777_initcrypt(cardpriv,cardpriv,playerpub,0);
if ( memcmp(checkcard.bytes,ver.bytes,sizeof(checkcard)) != 0 )
{
printf("cards777_validate: ver not validated %llx vs %llx\n",(long long)checkcard.txid,(long long)ver.txid);
return(-1);
}
return(cardpriv.bytes[1]);
}
int32_t cards777_shuffle(bits256 *shuffled,bits256 *cards,int32_t numcards,int32_t N)
{
int32_t i,j,pos,nonz,permi[CARDS777_MAXCARDS],desti[CARDS777_MAXCARDS]; uint8_t x; uint64_t mask;
memset(desti,0,sizeof(desti));
for (i=0; i<numcards; i++)
desti[i] = i;
for (i=0; i<numcards; i++)
{
OS_randombytes(&x,1);
pos = (x % ((numcards-1-i) + 1));
//printf("%d ",pos);
permi[i] = desti[pos];
desti[pos] = desti[numcards-1 - i];
desti[numcards-1 - i] = -1;
}
//printf("pos\n");
for (mask=i=nonz=0; i<numcards; i++)
{
if ( 0 && Debuglevel > 2 )
printf("%d ",permi[i]);
mask |= (1LL << permi[i]);
for (j=0; j<N; j++,nonz++)
shuffled[nonz] = cards[permi[i]*N + j];//, printf("%llx ",(long long)shuffled[nonz].txid);
}
if ( Debuglevel > 2 )
printf("shuffled mask.%llx err.%llx\n",(long long)mask,(long long)(mask ^ ((1LL<<numcards)-1)));
return(0);
}
void cards777_layer(bits256 *layered,bits256 *xoverz,bits256 *incards,int32_t numcards,int32_t N)
{
int32_t i,k,nonz = 0; bits256 z_x;
for (i=nonz=0; i<numcards; i++)
{
for (k=0; k<N; k++,nonz++)
{
xoverz[nonz] = xoverz_donna(rand256(1));
z_x = crecip_donna(xoverz[nonz]);
layered[nonz] = fmul_donna(z_x,incards[nonz]);
//printf("{%llx -> %llx}.%d ",(long long)incards[nonz].txid,(long long)layered[nonz].txid,nonz);
}
//printf("card.%d\n",i);
}
}
int32_t cards777_calcmofn(struct supernet_info *myinfo,uint8_t *allshares,uint8_t *myshares[],uint8_t *sharenrs,int32_t M,bits256 *xoverz,int32_t numcards,int32_t N)
{
int32_t size,j; uint8_t space[8192];
size = N * sizeof(bits256) * numcards;
calc_shares(myinfo,allshares,(void *)xoverz,size,size,M,N,sharenrs,space,sizeof(space)); // PM &allshares[playerj * size] to playerJ
for (j=0; j<N; j++)
myshares[j] = &allshares[j * size];
return(size);
}
uint8_t *cards777_recover(uint8_t *shares[],uint8_t *sharenrs,int32_t M,int32_t numcards,int32_t N)
{
void *G; int32_t i,size; uint8_t *recover,recovernrs[255],space[8192];
size = N * sizeof(bits256) * numcards;
if ( (recover= calloc(1,size)) == 0 )
{
printf("cards777_recover: unexpected out of memory error\n");
return(0);
}
memset(recovernrs,0,sizeof(recovernrs));
for (i=0; i<N; i++)
if ( shares[i] != 0 )
recovernrs[i] = sharenrs[i];
G = gfshare_ctx_initdec(recovernrs,N,size,space,sizeof(space));
for (i=0; i<N; i++)
if ( shares[i] != 0 )
gfshare_ctx_dec_giveshare(G,i,shares[i]);
gfshare_ctx_dec_newshares(G,recovernrs);
gfshare_ctx_decextract(0,0,G,recover);
gfshare_ctx_free(G);
return(recover);
}
bits256 cards777_pubkeys(bits256 *pubkeys,int32_t numcards,bits256 cmppubkey)
{
int32_t i; bits256 bp,pubkey,hash,check,prod;
memset(check.bytes,0,sizeof(check));
memset(bp.bytes,0,sizeof(bp)), bp.bytes[0] = 9;
prod = fmul_donna(bp,crecip_donna(bp));
for (i=0; i<numcards; i++)
{
pubkey = pubkeys[i];
vcalc_sha256(0,hash.bytes,pubkey.bytes,sizeof(pubkey));
hash.bytes[0] &= 0xf8, hash.bytes[31] &= 0x7f, hash.bytes[31] |= 64;
prod = fmul_donna(prod,hash);
}
check = prod;
if ( cmppubkey.txid != 0 )
{
if ( memcmp(check.bytes,cmppubkey.bytes,sizeof(check)) != 0 )
printf("cards777_pubkeys: mismatched pubkeys permicheck.%llx != prod.%llx\n",(long long)check.txid,(long long)pubkey.txid);
//else printf("pubkeys matched\n");
}
return(check);
}
bits256 cards777_initdeck(bits256 *cards,bits256 *cardpubs,int32_t numcards,int32_t N,bits256 *playerpubs,bits256 *playerprivs)
{
char buf[4096]; bits256 privkey,pubkey,hash, bp,prod; int32_t i,j,nonz,num = 0; uint64_t mask = 0;
bp = curve25519_basepoint9();
prod = crecip_donna(bp);
prod = fmul_donna(bp,prod);
if ( Debuglevel > 2 )
printf("card777_initdeck unit.%llx\n",(long long)prod.txid);
nonz = 0;
while ( mask != (1LL << numcards)-1 )
{
privkey = curve25519_keypair(&pubkey);
buf[0] = 0;
if ( (i=privkey.bytes[1]) < numcards && ((1LL << i) & mask) == 0 )
{
mask |= (1LL << i);
cardpubs[num] = pubkey;
if ( playerprivs != 0 )
sprintf(buf+strlen(buf),"%llx.",(long long)privkey.txid);
for (j=0; j<N; j++,nonz++)
{
cards[nonz] = cards777_initcrypt(privkey,privkey,playerpubs[j],0);
if ( playerprivs != 0 )
sprintf(buf+strlen(buf),"[%llx * %llx -> %llx] ",(long long)cards[nonz].txid,(long long)curve25519_shared(playerprivs[j],pubkey).txid,(long long)cards777_initcrypt(cards[nonz],playerprivs[j],pubkey,1).txid);
}
vcalc_sha256(0,hash.bytes,pubkey.bytes,sizeof(pubkey));
hash.bytes[0] &= 0xf8, hash.bytes[31] &= 0x7f, hash.bytes[31] |= 64;
prod = fmul_donna(prod,hash);
//printf("(%s) num.%d [%llx] %d prod.%llx\n",buf,num,(long long)mask ^ ((1LL << numcards)-1),i,(long long)prod.txid);
num++;
}
}
if ( playerprivs != 0 )
printf("\n%llx %llx playerprivs\n",(long long)playerprivs[0].txid,(long long)playerprivs[1].txid);
//if ( 0 && Debuglevel > 2 )
{
for (i=0; i<numcards; i++)
printf("%d ",cards[i*N].bytes[1]);
printf("init order %llx (%llx %llx)\n",(long long)prod.txid,(long long)playerpubs[0].txid,(long long)playerpubs[1].txid);
}
return(prod);
}
uint8_t *cards777_encode(struct supernet_info *myinfo,bits256 *encoded,bits256 *xoverz,uint8_t *allshares,uint8_t *myshares[],uint8_t sharenrs[255],int32_t M,bits256 *ciphers,int32_t numcards,int32_t N)
{
bits256 shuffled[CARDS777_MAXCARDS * CARDS777_MAXPLAYERS];
cards777_shuffle(shuffled,ciphers,numcards,N);
cards777_layer(encoded,xoverz,shuffled,numcards,N);
memset(sharenrs,0,255);
init_sharenrs(sharenrs,0,N,N);
cards777_calcmofn(myinfo,allshares,myshares,sharenrs,M,xoverz,numcards,N);
memcpy(ciphers,shuffled,numcards * N * sizeof(bits256));
if ( (0) )
{
/*{
init_hexbytes_noT(nrs,dp->hand.sharenrs,dp->N);
if ( (nrs= jstr(json,"sharenrs")) != 0 )
decode_hex(dp->hand.sharenrs,(int32_t)strlen(nrs)>>1,nrs);
}*/
int32_t i,j,m,size; uint8_t *recover,*testshares[CARDS777_MAXPLAYERS],testnrs[255];
size = N * sizeof(bits256) * numcards;
for (j=0; j<1; j++)
{
memset(testnrs,0,sizeof(testnrs));
memset(testshares,0,sizeof(testshares));
m = (rand() % N) + 1;
if ( m < M )
m = M;
if ( init_sharenrs(testnrs,sharenrs,m,N) < 0 )
{
printf("iter.%d error init_sharenrs(m.%d of n.%d)\n",j,m,N);
return(0);
}
for (i=0; i<N; i++)
if ( testnrs[i] == sharenrs[i] )
testshares[i] = myshares[i];
if ( (recover= cards777_recover(testshares,sharenrs,M,numcards,N)) != 0 )
{
if ( memcmp(xoverz,recover,size) != 0 )
fprintf(stderr,"(ERROR m.%d M.%d N.%d)\n",m,M,N);
else fprintf(stderr,"reconstructed with m.%d M.%d N.%d\n",m,M,N);
free(recover);
} else printf("nullptr from cards777_recover\n");
}
}
return(allshares);
}
bits256 cards777_decode(bits256 *seedp,bits256 *xoverz,int32_t destplayer,bits256 cipher,bits256 *outcards,int32_t numcards,int32_t N)
{
int32_t i,ind;
memset(seedp->bytes,0,sizeof(*seedp));
for (i=0; i<numcards; i++)
{
ind = i*N + destplayer;
//printf("[%llx] ",(long long)outcards[ind].txid);
if ( memcmp(outcards[ind].bytes,cipher.bytes,32) == 0 )
{
*seedp = xoverz[ind];
cipher = fmul_donna(xoverz[ind],cipher);
//printf("matched %d -> %llx\n",i,(long long)cipher.txid);
return(cipher);
}
}
if ( i == numcards )
{
printf("decryption error %llx: destplayer.%d no match\n",(long long)cipher.txid,destplayer);
memset(cipher.bytes,0,sizeof(cipher));
//cipher = cards777_cardpriv(playerpriv,cardpubs,numcards,cipher);
}
return(cipher);
}
#ifdef notyet
struct cards777_privdata *cards777_allocpriv(int32_t numcards,int32_t N)
{
struct cards777_privdata *priv;
if ( (priv= calloc(1,sizeof(*priv) + sizeof(bits256) * (2*((N * numcards * N) + (N * numcards))))) == 0 )
{
printf("cards777_allocpriv: unexpected out of memory error\n");
return(0);
}
priv->audits = &priv->data[0];
priv->outcards = &priv->audits[N * numcards * N];
priv->xoverz = &priv->outcards[N * numcards];
priv->allshares = (void *)&priv->xoverz[N * numcards]; // N*numcards*N
return(priv);
}
struct cards777_pubdata *cards777_allocpub(int32_t M,int32_t numcards,int32_t N)
{
struct cards777_pubdata *dp;
if ( (dp= calloc(1,sizeof(*dp) + sizeof(bits256) * ((numcards + 1) + (N * numcards)))) == 0 )
{
printf("cards777_allocpub: unexpected out of memory error\n");
return(0);
}
dp->M = M, dp->N = N, dp->numcards = numcards;
dp->hand.cardpubs = &dp->data[0];
dp->hand.final = &dp->hand.cardpubs[numcards + 1];
return(dp);
}
int32_t cards777_testinit(struct hostnet777_server *srv,int32_t M,struct hostnet777_client **clients,int32_t N,int32_t numcards)
{
//static int64_t balances[9];
int32_t i; uint8_t sharenrs[255]; //,destplayer,cardibits256 *ciphers,cardpriv,card; uint64_t mask = 0;
struct cards777_pubdata *dp; //struct cards777_privdata *priv; struct pangea_info *sp;
if ( srv->num != N )
{
printf("srv->num.%d != N.%d\n",srv->num,N);
return(-1);
}
memset(sharenrs,0,sizeof(sharenrs));
init_sharenrs(sharenrs,0,N,N); // this needs to be done to start a hand
for (i=0; i<N; i++)
{
dp = srv->clients[i].pubdata = cards777_allocpub(M,numcards,N);
//sp = dp->table;
memcpy(dp->hand.sharenrs,sharenrs,dp->N);
/*for (j=0; j<N; j++)
sp->playerpubs[j] = srv->clients[j].pubkey;
for (j=0; j<N; j++)
{
balances[j] = 100;
dp->balances[j] = &balances[j];
}*/
printf("deprecated, need to init sp->\n");
//priv = srv->clients[i].privdata = cards777_allocpriv(numcards,N);
//priv->privkey = (i == 0) ? srv->H.privkey : clients[i]->H.privkey;
/*if ( i == 0 )
dp->checkprod = cards777_initdeck(priv->outcards,dp->cardpubs,numcards,N,dp->playerpubs), refdp = dp;
else memcpy(dp->cardpubs,refdp->cardpubs,sizeof(*dp->cardpubs) * numcards);*/
}
return(0);
/*priv = srv->clients[0].privdata;
ciphers = priv->outcards;
for (i=1; i<N; i++)
{
dp = srv->clients[i].pubdata;
priv = srv->clients[i].privdata;
cards777_encode(priv->outcards,priv->xoverz,priv->allshares,priv->myshares,dp->sharenrs,dp->M,ciphers,dp->numcards,dp->N);
ciphers = priv->outcards;
}
for (cardi=0; cardi<dp->numcards; cardi++)
{
for (destplayer=0; destplayer<dp->N; destplayer++)
{
priv = srv->clients[dp->N - 1].privdata;
card = priv->outcards[cardi*dp->N + destplayer];
for (i=N-1; i>=0; i--)
{
j = (i > 0) ? i : destplayer;
//printf("cardi.%d destplayer.%d i.%d j.%d\n",cardi,destplayer,i,j);
dp = srv->clients[j].pubdata;
priv = srv->clients[j].privdata;
cardpriv = cards777_cardpriv(priv->privkey,dp->cardpubs,dp->numcards,card);
if ( cardpriv.txid != 0 )
{
mask |= (1LL << cardpriv.bytes[1]);
if ( destplayer != j )
printf(">>>>>>>>>>>> ERROR ");
printf("i.%d j.%d A DECODED cardi.%d destplayer.%d cardpriv.[%d] mask.%llx\n",i,j,cardi,destplayer,cardpriv.bytes[1],(long long)mask);
break;
}
card = cards777_decode(priv->xoverz,destplayer,card,priv->outcards,dp->numcards,dp->N);
cardpriv = cards777_cardpriv(priv->privkey,dp->cardpubs,dp->numcards,card);
if ( cardpriv.txid != 0 )
{
mask |= (1LL << cardpriv.bytes[1]);
if ( destplayer != j )
printf(">>>>>>>>>>>> ERROR ");
printf("i.%d j.%d B DECODED cardi.%d destplayer.%d cardpriv.[%d] mask.%llx\n",i,j,cardi,destplayer,cardpriv.bytes[1],(long long)mask);
break;
}
}
}
printf("cardi.%d\n\n",cardi);
}*/
return(0);
}
void cards777_initid(struct hostnet777_id *id,bits256 pubkey,struct cards777_pubdata *dp,struct cards777_privdata *priv)
{
id->pubkey = pubkey;
id->nxt64bits = acct777_nxt64bits(pubkey);
id->pubdata = dp;
id->privdata = priv;
id->pmsock = -1;
}
void cards777_test()
{
int32_t i,j,vals[52][52]; bits256 keypairs[52][2],otherpairs[52][2],matrix[52][52]; char buf[512];
FILE *fp;
if ( (fp= fopen("/persistent/test","rb")) != 0 )
{
if ( fread(buf,6,1,fp) <= 0 )
printf("read error for /persistent/test\n");
buf[6] = 0;
printf("test exists (%s)\n",buf);
fclose(fp);
} else printf("testfile not present\n");
for (i=0; i<52; i++)
keypairs[i][0] = curve25519_keypair(&keypairs[i][1]);
for (j=0; j<52; j++)
otherpairs[j][0] = curve25519_keypair(&otherpairs[j][1]);
bits256 zmone;zmone = crecip_donna(keypairs[0][0]);
printf("DEBUG.%d %llx vs %llx | %llx -> %llx/%llx\n",Debuglevel,(long long)keypairs[0][0].txid,(long long)fcontract(fexpand(keypairs[0][0])).txid,(long long)zmone.txid,(long long)fexpand(fmul_donna(keypairs[0][0],zmone)).txid,(long long)fmul(fexpand(keypairs[0][0]),fexpand(zmone)).txid);
for (i=0; i<52; i++)
{break;
buf[0] = 0;
for (j=0; j<52; j++)
{
matrix[i][j] = fmul_donna(keypairs[j][1],otherpairs[i][1]);
vals[i][j] = matrix[i][j].bytes[1] % 52;
sprintf(buf+strlen(buf),"%d ",vals[i][j]);
}
printf("%s\n",buf);
}
struct hostnet777_server *srv; int32_t M,N = 9; //struct hostnet777_client **clients;
struct cards777_pubdata *dp; struct cards777_privdata *priv;
bits256 checkprod,cards[52],playerpubs[9],playerprivs[9];
//clients = calloc(N+1,sizeof(*clients));
if ( (srv= hostnet777_server(keypairs[0][0],keypairs[0][1],0,0,0,N)) == 0 )
{
printf("cant create hostnet777 server\n");
return;
}
M = (N >> 1) + 1;
for (i=0; i<N; i++)
{
cards777_initid(&srv->clients[i],keypairs[i][1],cards777_allocpub(M,52,N),cards777_allocpriv(52,N));
playerprivs[i] = keypairs[i][0];
playerpubs[i] = keypairs[i][1];
if ( i == 0 )
{
srv->H.privkey = keypairs[i][0];
srv->H.pubkey = keypairs[i][1];
}
else
{
}
}
dp = srv->clients[0].pubdata;
dp->N = N; dp->M = M; dp->numcards = 52;
checkprod = cards777_initdeck(cards,dp->hand.cardpubs,52,N,playerpubs,0);
printf("deck initialzed %llx\n",(long long)checkprod.txid);
uint8_t sharenrs[255]; uint64_t mask = 0; int32_t cardi,destplayer;
bits256 card,cardpriv,seed,*ciphers = cards;
for (i=1; i<N; i++)
{
dp = srv->clients[i].pubdata;
dp->N = N; dp->M = M; dp->numcards = 52;
priv = srv->clients[i].privdata;
cards777_encode(priv->outcards,priv->xoverz,priv->allshares,priv->myshares,sharenrs,dp->M,ciphers,dp->numcards,dp->N);
ciphers = priv->outcards;
}
printf("deck encrypted\n");
for (cardi=0; cardi<dp->numcards; cardi++)
{
for (destplayer=0; destplayer<dp->N; destplayer++)
{
priv = srv->clients[dp->N - 1].privdata;
card = priv->outcards[cardi*dp->N + destplayer];
for (i=N-1; i>=0; i--)
{
j = (i > 0) ? i : destplayer;
//printf("cardi.%d destplayer.%d i.%d j.%d\n",cardi,destplayer,i,j);
dp = srv->clients[j].pubdata;
priv = srv->clients[j].privdata;
cardpriv = cards777_cardpriv(keypairs[j][0],dp->hand.cardpubs,dp->numcards,card);
if ( cardpriv.txid != 0 )
{
mask |= (1LL << cardpriv.bytes[1]);
if ( destplayer != j )
printf(">>>>>>>>>>>> ERROR ");
printf("i.%d j.%d A DECODED cardi.%d destplayer.%d cardpriv.[%d] mask.%llx\n",i,j,cardi,destplayer,cardpriv.bytes[1],(long long)mask);
break;
}
card = cards777_decode(&seed,priv->xoverz,destplayer,card,priv->outcards,dp->numcards,dp->N);
cardpriv = cards777_cardpriv(keypairs[j][0],dp->hand.cardpubs,dp->numcards,card);
if ( cardpriv.txid != 0 )
{
mask |= (1LL << cardpriv.bytes[1]);
if ( destplayer != j )
printf(">>>>>>>>>>>> ERROR ");
printf("i.%d j.%d B DECODED cardi.%d destplayer.%d cardpriv.[%d] mask.%llx\n",i,j,cardi,destplayer,cardpriv.bytes[1],(long long)mask);
break;
}
}
}
printf("cardi.%d\n\n",cardi);
break;
}
}
#endif