Merge pull request #22 from alext-w:gmpy2_port

PiperOrigin-RevId: 623177363
google · Apr 12, 2024 · b455d4b · b455d4b
2 parents 31083a6 + d77d5ec
commit b455d4b
Show file tree

Hide file tree

Showing 22 changed files with 723 additions and 515 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,16 +1,17 @@
-# Install latest debian image
-FROM debian:latest
+# Install bookworm debian image
+FROM debian:bookworm
 
 # Create user
 RUN useradd -ms /bin/bash paranoid-user
 
 # Update Debian repository
-RUN apt update && apt install -y python3 python3-pip python3-pybind11 python3-fpylll libgmp-dev protobuf-compiler
+RUN apt update && apt install -y python3 python3-pip python3-pybind11 python3-fpylll python3-gmpy2 protobuf-compiler
 
 # Copy necessary files
-COPY ./ /home/paranoid-user/
+COPY --chown=paranoid-user ./ /home/paranoid-user/
 
 # Install package using pip
 USER paranoid-user
 WORKDIR /home/paranoid-user
-RUN python3 -m pip install .
+# PEP668 is not important in a container, thus use --break-system-packages
+RUN python3 -m pip install --break-system-packages .
diff --git a/README.md b/README.md
@@ -75,12 +75,21 @@ Clone the repository:
 
 ```$ git clone https://github.com/google/paranoid_crypto.git && cd paranoid_crypto```
 
-**NOTE**: The commands below have been tested on Debian latest stable version
-(bullseye). Make sure you will be using `python3.9` or newer.
+**NOTE**: The commands below have been tested on Debian stable version
+(bookworm). Make sure you will be using `python3.11` or newer.
 
 Install dependencies:
 
-```$ sudo apt update && sudo apt install python3 python3-pip python3-pybind11 python3-fpylll libgmp-dev protobuf-compiler```
+```$ sudo apt update && sudo apt install python3 python3-full python3-pip python3-pybind11 python3-fpylll python3-gmpy2 protobuf-compiler```
+
+Create and activate a virtual environment:
+
+```$ python3 -m venv --system-site-packages ~/paranoid-venv```
+
+```$ source ~/paranoid-venv/bin/activate```
+
+**NOTE**: If you know what you are doing, you can instead skip to the next step
+and use `--break-system-packages` switch for `pip`.
 
 Install paranoid_crypto python package:
 

diff --git a/paranoid_crypto/.gitignore b/paranoid_crypto/.gitignore
@@ -0,0 +1,5 @@
+/build/
+__pycache__/
+*_pb2.py
+*.egg-info/
+
diff --git a/paranoid_crypto/lib/cr50_u2f_weakness.py b/paranoid_crypto/lib/cr50_u2f_weakness.py
@@ -15,13 +15,13 @@
 
 from collections.abc import Iterator
 
-import gmpy
-
+import gmpy2 as gmpy
 from paranoid_crypto.lib import lll
 
 
-def Cr50U2fSubProblem(a: int, b: int, w: int, p: int,
-                      basis: list[int]) -> Iterator[tuple[int, int]]:
+def Cr50U2fSubProblem(
+    a: int, b: int, w: int, p: int, basis: list[int]
+) -> Iterator[tuple[int, int]]:
   """Generalized subproblem for the U2F weakness.
 
   This function tries to find k1, k2 of the form
@@ -56,13 +56,14 @@ def Cr50U2fSubProblem(a: int, b: int, w: int, p: int,
   reduced = lll.reduce(lat)
   for row in reduced:
     k1 = abs(sum(v * w for v, w in zip(basis, row[:words])))
-    k2 = abs(sum(v * w for v, w in zip(basis, row[words:2 * words])))
+    k2 = abs(sum(v * w for v, w in zip(basis, row[words : 2 * words])))
     if (k1 * a + k2 * b - w) % p == 0:
       yield k1, k2
 
 
-def Cr50U2fGuesses(r1: int, s1: int, z1: int, r2: int, s2: int, z2: int,
-                   n: int) -> set[int]:
+def Cr50U2fGuesses(
+    r1: int, s1: int, z1: int, r2: int, s2: int, z2: int, n: int
+) -> set[int]:
   """Checks, whether two signatures use weak nonces like in the U2F flaw.
 
   This function tries to find x, k1, k2 such that: