Merge pull request 'main' (#24) from sangge/tpre-python:main into main

Reviewed-on: #24

.gitea/workflows/ci.yaml

@@ -0,0 +1,23 @@
+name: Test CI
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  test:
+    name: test speed
+    runs-on: ubuntu-latest  
+
+    container:
+      image: catthehacker/ubuntu:act-latest
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    - name: Run script in Docker container
+      run: |
+        ls $PWD/src
+        docker run --rm -v .:/app git.mamahaha.work/sangge/tpre:base ls

.gitignore

@@ -8,3 +8,7 @@ example.py
 ReEncrypt.py
 src/temp_message_file
 src/temp_key_file
+src/client.db
+src/server.db
+build
+src/tpre.cpython-311-x86_64-linux-gnu.so

FQA.md

@@ -0,0 +1,61 @@
+# 答辩问题准备
+
+1. **Q:数据安全与隐私**：您的系统在分布式环境中如何确保数据安全和隐私，尤其是在密钥管理方面的挑战？  
+
+    **A:** 通过代理服务器来转换密文，使其从一个密钥加密变为另一个密钥加密，而不需要将密文解密为明文；客户端每次启动时会生成新的公私密钥对，在随后的通信中，随机选取一次性对称密钥。
+
+2. **Q:国家安全标准的遵循**：您能详细说明您的系统如何符合中国的国家安全标准，特别是对于政府和金融等敏感领域？  
+
+    **A:** 使用国产的SM算法，减小对外国算法的依赖，增强自主控制的能力，可以有效防止潜在的后门和安全漏洞。
+
+3. **Q:系统架构**：您的分布式架构如何提高系统的性能和可伸缩性？  
+
+    **A:** 性能方面，我们采用了门限方案，在解密时不需要接收所有的密文片段；密文重加密和解密使用对称密钥，加快加解密速度。可以认为每次都可以"挑选"较高性能的节点进行计算。可伸缩性方面，动态进行节点的添加与退出，客户端也可以动态更新节点。
+
+4. **Q:算法效率**：您能讨论一下您系统中使用的门限代理重加密技术的效率和计算要求吗？  
+
+    **A:** 性能开销最大的是重加密密钥的生成和解密，其余步骤开销极小；计算要求：64位CPU，512MB内存，可以运行Docker
+
+5. **Q:兼容性与鲁棒性**：您的系统如何确保与各种环境（如分布式隐私计算）的兼容性，并且如何处理节点故障或恶意节点？  
+
+    **A:** 兼容性：使用容器化部署，保证运行环境的一致性，兼容多个操作系统和CPU架构；鲁棒性：在异常和危险情况下系统生存的能力。比如说，计算机软件在输入错误、磁盘故障、网络过载或有意攻击情况下，能否不死机、不崩溃，就是该软件的鲁棒性。体现：对恶意数据进行过滤；使用python异常处理机制，手动捕获错误并防止程序崩溃退出；使用心跳包技术检测节点存活状态。对于故障节点使用心跳包检测节点存活状态；对于恶意节点，我们尚未实现相关功能，但是我们计划使用信誉系统对节点进行评分，客户端可向中心服务器反馈恶意节点，中心服务器通过相关算法降低恶意节点被分配到的权重，如果确定是恶意节点，则进行黑名单限制。
+
+6. **Q:实际应用场景**：您的系统在哪些实际场景中可以最有效地使用，这些场景中可能的局限性或挑战是什么？  
+
+    **A:** 区块链中的分布式计算和数据安全共享场景、数据安全授权、分布式密钥管理；计算资源受限，加密算法缺乏软硬件层面的深度定制优化。
+
+7. **Q:代码结构与模块化**：您的项目代码是如何组织的？您如何确保代码的模块化和可读性？  
+
+    **A:** 我们先实现了算法部份，利用函数调用来实现算法的每个步骤。然后我们按照系统角色功能，分别编写了客户端、节点、中心服务器的代码。使用前后端分离。可读性方面，我们采用了下划线命名法，REST编程风格，使用类型提示来确保我们在开发过程中有着良好的可读性。
+
+8. **Q:算法实现**：在代码中，您如何实现门限代理重加密算法？有哪些关键的算法优化或创新点？  
+
+    **A:** 融合了代理重加密和shamir秘密共享以及混合加密机制；使用雅各比坐标系加快椭圆曲线上的点的计算。使用fastapi框架实现原生高性能api以及异步编程。使用sqlite，减少计算资源开销，免去复杂的数据库配置。
+
+9. **Q:性能测试**：您是否对代码进行了性能测试？测试结果显示的主要瓶颈和优化机会是什么？  
+
+    **A:** 是的，我们使用了line_profiler这个工具进行性能测试。测试结果显示的主要瓶颈在于重加密密钥生成和解密这两个步骤。在这两个步骤中涉及到了椭圆曲线上的计算。我们使用了雅各比坐标系加快了计算速度。(雅各比坐标系通过减少在有限域中进行的昂贵的模逆运算，以及优化乘法操作的数量，使得椭圆曲线上的点加和点倍运算更加高效。这些优化对于加密和解密操作的速度至关重要，特别是在资源受限的环境)。再有，sqlite不支持高并发场景，在写入时存在资源抢占，但是我们使用了消息队列将并发的数据转换为串行，提高了写入效率。
+
+10. **Q:安全性考虑**：在代码实现中，您如何处理潜在的安全漏洞，特别是与加密和数据传输相关的？  
+
+    **A:**  我们使用了参数化查询，参数化查询避免了将用户输入直接拼接到SQL语句中。可以使用https加密传输数据。
+
+11. **Q:错误处理和日志记录**：您的代码中是否包含了错误处理和日志记录机制？这些机制如何帮助监控和调试系统？  
+
+    **A:** 我们使用了python内置的异常处理来处理错误。日志使用的是print函数来输出。我们为代码添加了不同的返回值，所以在调试的时候如果出错，我们可以很方便的定位错误。同时异常处理保证了程序不会异常退出。  
+
+12. **Q:项目是如何应用在区块链中的:**  如题
+
+    **A:** 加密数据：将使用私钥加密的密文上传到区块链；授权访问：数据请求方发送访问请求给数据持有方；代理重加密：代理节点重加密密文，数据请求方使用自己的私钥进行解密；所有的访问请求和重加密操作都在区块链上记录，提供了完整的审计追踪功能
+
+13. **Q:简单介绍一下代理重加密的数学原理：**  如题
+
+    **A:** 代理重加密为一种三方协议，可以简单理解为三个人的DHKE。A将秘密拆分为两个部分，一部分给B，一部分给代理节点。在重加密时，代理节点将这部分密码附加进密文，此时B收到可以通过另一部分秘密来恢复完整的秘密。
+
+14. **Q:选择密文攻击，选择明文攻击**  如题
+
+    **A:**
+
+15. **Q:国密SM2 SM3 SM4**  如题
+
+    **A:**  

README.md

@@ -15,16 +15,15 @@ gmssl-python
 
 ## 安装步骤
 
-```
+```bash
 pip install
 ```
 
-
 ## 使用说明
 
-
 ## 参考文献  
-https://www.cnblogs.com/pam-sh/p/17364656.html#tprelib%E7%AE%97%E6%B3%95
+
+<https://www.cnblogs.com/pam-sh/p/17364656.html#tprelib%E7%AE%97%E6%B3%95>
 
 ## 许可证
 

README_en.md

@@ -7,9 +7,11 @@ This project is designed for the National Cryptography Competition and is implem
 The project uses the Chinese national standard cryptography algorithm to implement distributed proxy re-encryption (TPRE).
 
 ## Project Structure
+
 .  
 ├── basedockerfile (being used to build base iamge)  
 ├── dockerfile (being used to build application)  
+├── doc (development documents)  
 ├── include (gmssl header)  
 ├── lib (gmssl shared object)  
 ├── LICENSE  
@@ -20,52 +22,73 @@ The project uses the Chinese national standard cryptography algorithm to impleme
 
 ## Environment Dependencies
 
+### Bare mental version(UNTESTED)
+
 System requirements:  
+
 - Linux
 - Windows(may need to complie and install gmssl yourself)
 
 The project relies on the following software:  
+
 - Python 3.11
 - gmssl
 - gmssl-python
 
+### Docker installer
+
+```bash
+apt update && apt install mosh -y 
+chmod +x install_docker.sh
+./install_docker.sh
+```
+
+### Docker version
+
+docker version:  
+
+- Version:           24.0.5  
+- API version:       1.43  
+- Go version:        go1.20.6  
+
 ## Installation Steps
 
 ### Pre-installation
+
 This project depends on gmssl, so you need to compile it from source first.  
 Visit [GmSSL](https://github.com/guanzhi/GmSSL) to learn how to install.  
 
+Then install essential python libs  
+
 ```bash
 pip install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple
 ```
 
-
 ## Docker Installation
-my docker version:
-- Version:           24.0.5
-- API version:       1.43
-- Go version:        go1.20.6
 
 ### Use base image and build yourself
+
 ```bash
-docker pull git.mamahaha.work/sangge/tpre:base  
+docker build . -f basedockerfile -t git.mamahaha.work/sangge/tpre:base
+(or docker pull git.mamahaha.work/sangge/tpre:base)  
 docker build . -t your_image_name
-docker run your_image_name
 ```
 
 ### Use pre-build image
+
 ```bash
 docker pull git.mamahaha.work/sangge/tpre:latest
-docker run git.mamahaha.work/sangge/tpre:latest
 ```
 
 ## Usage Instructions
 
+details in [docs](doc/README_app_en.md)
 
 ## References  
+
 [TPRE Algorithm Blog Post](https://www.cnblogs.com/pam-sh/p/17364656.html#tprelib%E7%AE%97%E6%B3%95)  
 [Gmssl-python library](https://github.com/GmSSL/GmSSL-Python)
 
-
 ## License
+
 GNU GENERAL PUBLIC LICENSE v3

basedockerfile

@@ -1,6 +1,12 @@
 FROM python:3.11
 
-COPY src /app
+COPY requirements.txt /app/
+
+# 设置目标平台参数
+ARG TARGETPLATFORM
+
+# 根据目标平台复制相应架构的库文件
+COPY lib/${TARGETPLATFORM}/* /lib/
 
 WORKDIR /app
 

doc/README_app_en.md

@@ -0,0 +1,73 @@
+# APP Doc
+
+## Run docker
+
+```bash
+docker run -it -p 8000-8002:8000-8002 -v ~/mimajingsai/src:/app -e HOST_IP=60.204.193.58 git.mamahaha.work/sangge/tpre:base bash  
+docker run -it -p 8000-8002:8000-8002 -v ~/mimajingsai/src:/app -e HOST_IP=119.3.125.234 git.mamahaha.work/sangge/tpre:base bash 
+docker run -it -p 8000-8002:8000-8002 -v ~/mimajingsai/src:/app -e HOST_IP=124.70.165.73 git.mamahaha.work/sangge/tpre:base bash 
+```
+
+```bash
+tpre3: docker run -it -p 8000:8000 -p 8001:8001 -p 8002:8002 -v ~/mimajingsai:/app -e HOST_IP=60.204.233.103 git.mamahaha.work/sangge/tpre:base bash
+```
+
+## Start application
+
+```bash
+nohup python server.py &
+nohup python node.py &
+nohup python client.py &
+cat nohup.out
+```
+
+## Cloud server ip
+
+**tpre1**: 110.41.155.96  
+**tpre2**: 110.41.130.197  
+**tpre3**: 110.41.21.35  
+
+## Agent re-encryption process
+
+### Client request message
+
+```bash
+python client_cli.py 124.70.165.73 name
+python client_cli.py 124.70.165.73 environment
+```
+
+## Client router
+
+**/receive_messages**  
+post method
+
+**/request_message**  
+post method
+
+**/receive_request**  
+post method
+
+**/recieve_pk**  
+post method  
+
+## Central server router
+
+**/server/show_nodes**  
+get method  
+
+**/server/get_node**  
+get method  
+
+**/server/delete_node**  
+get method  
+
+**/server/heartbeat**  
+get method  
+
+**/server/send_nodes_list**  
+get method  
+
+## Node router
+
+**/user_src**  
+post method  

include/gmssl/aead.h

@@ -84,9 +84,6 @@ typedef struct {
 } SM4_GCM_CTX;
 
 #define SM4_GCM_KEY_SIZE 16
-#define SM4_GCM_MIN_IV_SIZE 1
-#define SM4_GCM_DEFAULT_IV_SIZE 12
-#define SM4_GCM_MAX_IV_SIZE 64
 #define SM4_GCM_DEFAULT_TAG_SIZE 16
 
 _gmssl_export int sm4_gcm_encrypt_init(SM4_GCM_CTX *ctx,

include/gmssl/api.h

@@ -13,10 +13,11 @@
 
 #ifdef WIN32
 #define _gmssl_export  __declspec(dllexport)
-#else
+#elif defined(__GNUC__)
 // use -fvisibility=hidden to change the "default" behavior
 #define _gmssl_export  __attribute__((visibility("default")))
+#else
+#define _gmssl_export
 #endif
 
-
 #endif

include/gmssl/rand.h

@@ -1,5 +1,5 @@
 /*
- *  Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
+ *  Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
  *
  *  Licensed under the Apache License, Version 2.0 (the License); you may
  *  not use this file except in compliance with the License.
@@ -19,12 +19,8 @@
 extern "C" {
 #endif
 
-/*
-Rand Public API
 
-	rand_bytes
-
-*/
+#define RAND_BYTES_MAX_SIZE	(256)
 
 _gmssl_export int rand_bytes(uint8_t *buf, size_t buflen);
 

include/gmssl/sm2_z256.h

@@ -1,86 +0,0 @@
-/*
- *  Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
- *
- *  Licensed under the Apache License, Version 2.0 (the License); you may
- *  not use this file except in compliance with the License.
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- */
-
-
-
-#ifndef GMSSL_SM2_Z256_H
-#define GMSSL_SM2_Z256_H
-
-#include <stdio.h>
-#include <stdint.h>
-#include <stdlib.h>
-#include <gmssl/sm3.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-
-void sm2_z256_copy(uint64_t r[4], const uint64_t a[4]);
-void sm2_z256_copy_conditional(uint64_t dst[4], const uint64_t src[4], uint64_t move);
-void sm2_z256_from_bytes(uint64_t r[4], const uint8_t in[32]);
-void sm2_z256_to_bytes(const uint64_t a[4], uint8_t out[32]);
-int sm2_z256_cmp(const uint64_t a[4], const uint64_t b[4]);
-uint64_t sm2_z256_equ(const uint64_t a[4], const uint64_t b[4]);
-uint64_t sm2_z256_add(uint64_t r[4], const uint64_t a[4], const uint64_t b[4]);
-uint64_t sm2_z256_sub(uint64_t r[4], const uint64_t a[4], const uint64_t b[4]);
-void sm2_z256_mul(uint64_t r[8], const uint64_t a[4], const uint64_t b[4]);
-uint64_t sm2_z512_add(uint64_t r[8], const uint64_t a[8], const uint64_t b[8]);
-int sm2_z256_get_booth(const uint64_t a[4], unsigned int window_size, int i);
-void sm2_z256_from_hex(uint64_t r[4], const char *hex);
-int sm2_z256_print(FILE *fp, int ind, int fmt, const char *label, const uint64_t a[4]);
-int sm2_z512_print(FILE *fp, int ind, int fmt, const char *label, const uint64_t a[8]);
-
-void sm2_z256_modp_add(uint64_t r[4], const uint64_t a[4], const uint64_t b[4]);
-void sm2_z256_modp_sub(uint64_t r[4], const uint64_t a[4], const uint64_t b[4]);
-void sm2_z256_modp_neg(uint64_t r[4], const uint64_t a[4]);
-void sm2_z256_modp_mul_by_2(uint64_t r[4], const uint64_t a[4]);
-void sm2_z256_modp_mul_by_3(uint64_t r[4], const uint64_t a[4]);
-void sm2_z256_modp_div_by_2(uint64_t r[4], const uint64_t a[4]);
-
-void sm2_z256_mont_mul(uint64_t r[4], const uint64_t a[4], const uint64_t b[4]);
-void sm2_z256_mont_sqr(uint64_t r[4], const uint64_t a[4]);
-void sm2_z256_mont_inv(uint64_t r[4], const uint64_t a[4]);
-void sm2_z256_from_mont(uint64_t r[4], const uint64_t a[4]);
-void sm2_z256_to_mont(const uint64_t a[4], uint64_t r[4]);
-int sm2_z256_mont_print(FILE *fp, int ind, int fmt, const char *label, const uint64_t a[4]);
-
-
-typedef struct {
-	uint64_t X[4];
-	uint64_t Y[4];
-	uint64_t Z[4];
-} SM2_Z256_POINT;
-
-void sm2_z256_point_dbl(SM2_Z256_POINT *R, const SM2_Z256_POINT *A);
-void sm2_z256_point_add(SM2_Z256_POINT *r, const SM2_Z256_POINT *a, const SM2_Z256_POINT *b);
-void sm2_z256_point_neg(SM2_Z256_POINT *R, const SM2_Z256_POINT *P);
-void sm2_z256_point_sub(SM2_Z256_POINT *R, const SM2_Z256_POINT *A, const SM2_Z256_POINT *B);
-void sm2_z256_point_get_affine(const SM2_Z256_POINT *P, uint64_t x[4], uint64_t y[4]);
-int sm2_z256_point_print(FILE *fp, int fmt, int ind, const char *label, const SM2_Z256_POINT *P);
-
-
-typedef struct {
-	uint64_t x[4];
-	uint64_t y[4];
-} SM2_Z256_POINT_AFFINE;
-
-void sm2_z256_point_copy_affine(SM2_Z256_POINT *R, const SM2_Z256_POINT_AFFINE *P);
-void sm2_z256_point_add_affine(SM2_Z256_POINT *r, const SM2_Z256_POINT *a, const SM2_Z256_POINT_AFFINE *b);
-void sm2_z256_point_sub_affine(SM2_Z256_POINT *R, const SM2_Z256_POINT *A, const SM2_Z256_POINT_AFFINE *B);
-int sm2_z256_point_affine_print(FILE *fp, int fmt, int ind, const char *label, const SM2_Z256_POINT_AFFINE *P);
-
-void sm2_z256_point_mul_generator(SM2_Z256_POINT *R, const uint64_t k[4]);
-void sm2_z256_point_mul(SM2_Z256_POINT *R, const SM2_Z256_POINT *P, const uint64_t k[4]);
-void sm2_z256_point_mul_sum(SM2_Z256_POINT *R, const uint64_t t[4], const SM2_Z256_POINT *P, const uint64_t s[4]);
-
-#ifdef __cplusplus
-}
-#endif
-#endif

include/gmssl/sm4.h

@@ -73,17 +73,28 @@ void sm4_ctr_encrypt(const SM4_KEY *key, uint8_t ctr[SM4_BLOCK_SIZE],
 
 
 #define SM4_GCM_IV_MIN_SIZE		1
-#define SM4_GCM_IV_MAX_SIZE		((uint64_t)(1 << (64-3)))
+#define SM4_GCM_IV_MAX_SIZE		(((uint64_t)1 << (64-3)) - 1) // 2305843009213693951
+
 #define SM4_GCM_IV_DEFAULT_BITS		96
 #define SM4_GCM_IV_DEFAULT_SIZE		12
 
+//#define NIST_SP800_GCM_MAX_IV_SIZE	(((uint64_t)1 << (64-3)) - 1) // 2305843009213693951
+
+#define SM4_GCM_MAX_IV_SIZE		64
+#define SM4_GCM_MIN_IV_SIZE		1
+#define SM4_GCM_DEFAULT_IV_SIZE		12
+
 #define SM4_GCM_MIN_AAD_SIZE		0
-#define SM4_GCM_MAX_AAD_SIZE		((uint64_t)(1 << (64-3)))
+#define SM4_GCM_MAX_AAD_SIZE		(((uint64_t)1 << (64-3)) - 1) // 2305843009213693951
 
 #define SM4_GCM_MIN_PLAINTEXT_SIZE	0
-#define SM4_GCM_MAX_PLAINTEXT_SIZE	((((uint64_t)1 << 39) - 256) >> 3)
+#define SM4_GCM_MAX_PLAINTEXT_SIZE	((((uint64_t)1 << 39) - 256) >> 3) // 68719476704
 
 #define SM4_GCM_MAX_TAG_SIZE		16
+#define SM4_GCM_MIN_TAG_SIZE		12
+// For certain applications (voice or video), tag may be 64 or 32 bits
+// see NIST Special Publication 800-38D, Appendix C for more details
+
 
 int sm4_gcm_encrypt(const SM4_KEY *key, const uint8_t *iv, size_t ivlen,
 	const uint8_t *aad, size_t aadlen, const uint8_t *in, size_t inlen,

include/gmssl/version.h

@@ -18,15 +18,10 @@
 extern "C" {
 #endif
 
-/*
-Version Public API
-
-	gmssl_version_num
-	gmssl_version_str
-*/
 
+// Also update CPACK_PACKAGE_VERSION in CMakeLists.txt
 #define GMSSL_VERSION_NUM	30101
-#define GMSSL_VERSION_STR	"GmSSL 3.1.1 Dev"
+#define GMSSL_VERSION_STR	"GmSSL 3.1.1 PR1"
 
 _gmssl_export int gmssl_version_num(void);
 _gmssl_export const char *gmssl_version_str(void);

install_docker.sh

@@ -0,0 +1,8 @@
+for pkg in docker.io docker-doc docker-compose podman-docker containerd runc; do apt-get remove $pkg; done
+
+apt update
+apt install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
+apt update
+apt install docker-ce docker-ce-cli containerd.io

requirements.txt

@@ -1 +1,4 @@
-gmssl-python
+gmssl-python
+fastapi
+uvicorn
+requests

src/client.ini

@@ -0,0 +1,3 @@
+[settings]
+server_address = 60.204.236.38:8000
+version = 1.0

src/client.py

@@ -0,0 +1,475 @@
+from fastapi import FastAPI, HTTPException
+import requests
+import os
+from typing import Tuple
+from tpre import *
+import sqlite3
+from contextlib import asynccontextmanager
+from pydantic import BaseModel
+import socket
+import random
+import time
+import base64
+import json
+import pickle
+from fastapi.responses import JSONResponse
+import asyncio
+
+# 测试文本
+test_msessgaes = {
+    "name": b"proxy re-encryption",
+    "environment": b"distributed environment"
+}
+
+
+@asynccontextmanager
+async def lifespan(app: FastAPI):
+    init()
+    yield
+    clean_env()
+
+
+app = FastAPI(lifespan=lifespan)
+
+
+def init():
+    global pk, sk, server_address
+    init_db()
+    pk, sk = GenerateKeyPair()
+
+    # load config from config file
+    init_config()
+    get_node_list(2, server_address)  # type: ignore
+
+
+def init_db():
+    with sqlite3.connect("client.db") as db:
+        # message table
+        db.execute(
+            """
+            CREATE TABLE IF NOT EXISTS message (
+                id INTEGER PRIMARY KEY,
+                capsule BLOB,
+                ct TEXT,
+                senderip TEXT
+            );
+        """
+        )
+
+        # node ip table
+        db.execute(
+            """
+            CREATE TABLE IF NOT EXISTS node (
+                id INTEGER PRIMARY KEY,
+                nodeip TEXT
+            );
+        """
+        )
+
+        # sender info table
+        db.execute(
+            """
+            CREATE TABLE IF NOT EXISTS senderinfo (
+                id INTEGER PRIMARY KEY,
+                ip TEXT,
+                pkx TEXT,
+                pky TEXT,
+                threshold INTEGER
+            )
+            """
+        )
+        db.commit()
+        print("Init Database Successful")
+
+
+# load config from config file
+def init_config():
+    import configparser
+
+    global server_address
+    config = configparser.ConfigParser()
+    config.read("client.ini")
+
+    server_address = config["settings"]["server_address"]
+
+
+# execute on exit
+def clean_env():
+    global message, node_response
+    message = b""
+    node_response = False
+    with sqlite3.connect("client.db") as db:
+        db.execute("DELETE FROM node")
+        db.execute("DELETE FROM message")
+        db.execute("DELETE FROM senderinfo")
+        db.commit()
+    print("Exit app")
+
+
+# main page
+@app.get("/")
+async def read_root():
+    return {"message": "Hello, World!"}
+
+
+class C(BaseModel):
+    Tuple: Tuple[Tuple[Tuple[int, int], Tuple[int, int], int, Tuple[int, int]], int]
+    ip: str
+
+
+# receive messages from nodes
+@app.post("/receive_messages")
+async def receive_messages(message: C):
+    """
+    receive capsule and ip from nodes
+    params:
+    Tuple: capsule and ct
+    ip: sender ip
+    return:
+    status_code
+    """
+    print(f"Received message: {message}")
+
+    if not message.Tuple or not message.ip:
+        print("Invalid input data received.")
+        raise HTTPException(status_code=400, detail="Invalid input data")
+
+    C_capsule, C_ct = message.Tuple
+    ip = message.ip
+
+    # Serialization
+    bin_C_capsule = pickle.dumps(C_capsule)
+
+    # insert record into database
+    with sqlite3.connect("client.db") as db:
+        try:
+            db.execute(
+                """
+                INSERT INTO message 
+                (capsule, ct, senderip) 
+                VALUES 
+                (?, ?, ?)
+                """,
+                (bin_C_capsule, str(C_ct), ip),
+            )
+            db.commit()
+            print("Data inserted successfully into database.")
+            check_merge(C_ct, ip)
+            return HTTPException(status_code=200, detail="Message received")
+        except Exception as e:
+            print(f"Error occurred: {e}")
+            db.rollback()
+            return HTTPException(status_code=400, detail="Database error")
+
+
+# check record count
+def check_merge(ct: int, ip: str):
+    global sk, pk, node_response, message
+    """
+    CREATE TABLE IF NOT EXISTS senderinfo (
+        id INTEGER PRIMARY KEY,
+        ip TEXT,
+        pkx TEXT,
+        pky TEXT,
+        threshold INTEGER
+    )
+    """
+    with sqlite3.connect("client.db") as db:
+        # Check if the combination of ct_column and ip_column appears more than once.
+        cursor = db.execute(
+            """
+        SELECT capsule, ct 
+        FROM message  
+        WHERE ct = ? AND senderip = ?
+        """,
+            (str(ct), ip),
+        )
+        # [(capsule, ct), ...]
+        cfrag_cts = cursor.fetchall()
+
+        # get _sender_pk
+        cursor = db.execute(
+            """
+        SELECT pkx, pky
+        FROM senderinfo
+        WHERE ip = ?
+        """,
+            (ip,),
+        )
+        result = cursor.fetchall()
+        try:
+            pkx, pky = result[0]  # result[0] = (pkx, pky)
+            pk_sender = (int(pkx), int(pky))
+        except:
+            pk_sender, T = 0, -1
+
+    T = 2
+    if len(cfrag_cts) >= T:
+        # Deserialization
+        temp_cfrag_cts = []
+        for i in cfrag_cts:
+            capsule = pickle.loads(i[0])
+            byte_length = (ct.bit_length() + 7) // 8
+            temp_cfrag_cts.append((capsule, int(i[1]).to_bytes(byte_length)))
+
+        cfrags = mergecfrag(temp_cfrag_cts)
+
+        print("sk:", type(sk))
+        print("pk:", type(pk))
+        print("pk_sender:", type(pk_sender))
+        print("cfrags:", type(cfrags))
+        message = DecryptFrags(sk, pk, pk_sender, cfrags)  # type: ignore
+
+        print("merge success", message)
+        node_response = True
+
+        print("merge:", node_response)
+
+
+# send message to node
+async def send_messages(
+    node_ips: tuple[str, ...], message: bytes, dest_ip: str, pk_B: point, shreshold: int
+):
+    global pk, sk
+    id_list = []
+
+    # calculate id of nodes
+    for node_ip in node_ips:
+        node_ip = node_ip[0]
+        ip_parts = node_ip.split(".")
+        id = 0
+        for i in range(4):
+            id += int(ip_parts[i]) << (24 - (8 * i))
+        id_list.append(id)
+    print(f"Calculated IDs: {id_list}")
+    # generate rk
+    rk_list = GenerateReKey(sk, pk_B, len(node_ips), shreshold, tuple(id_list))  # type: ignore
+    print(f"Generated ReKey list: {rk_list}")
+    capsule, ct = Encrypt(pk, message)  # type: ignore
+    # capsule_ct = (capsule, int.from_bytes(ct))
+    print(f"Encrypted message to capsule={capsule}, ct={ct}")
+
+    for i in range(len(node_ips)):
+        url = "http://" + node_ips[i][0] + ":8001" + "/user_src"
+        payload = {
+            "source_ip": local_ip,
+            "dest_ip": dest_ip,
+            "capsule": capsule,
+            "ct": int.from_bytes(ct),
+            "rk": rk_list[i],
+        }
+        print(f"Sending payload to {url}: {json.dumps(payload)}")
+        response = requests.post(url, json=payload)
+
+        if response.status_code == 200:
+            print(f"send to {node_ips[i]} successful")
+        else:
+            print(
+                f"Failed to send to {node_ips[i]}. Response code: {response.status_code}, Response text: {response.text}"
+            )
+    return 0
+
+
+class IP_Message(BaseModel):
+    dest_ip: str
+    message_name: str
+    source_ip: str
+    pk: Tuple[int, int]
+
+
+class Request_Message(BaseModel):
+    dest_ip: str
+    message_name: str
+
+
+# request message from others
+@app.post("/request_message")
+async def request_message(i_m: Request_Message):
+    global message, node_response, pk
+    print(
+        f"Function 'request_message' called with: dest_ip={i_m.dest_ip}, message_name={i_m.message_name}"
+    )
+    dest_ip = i_m.dest_ip
+    # dest_ip = dest_ip.split(":")[0]
+    message_name = i_m.message_name
+    source_ip = get_own_ip()
+    dest_port = "8002"
+    url = "http://" + dest_ip + ":" + dest_port + "/receive_request"
+    payload = {
+        "dest_ip": dest_ip,
+        "message_name": message_name,
+        "source_ip": source_ip,
+        "pk": pk,
+    }
+    print(f"Sending request to {url} with payload: {payload}")
+    try:
+        response = requests.post(url, json=payload, timeout=1)
+        print(f"Response received from {url}: {response.text}")
+        # print("menxian and pk", response.text)
+
+    except requests.Timeout:
+        print("Timeout error: can't post to the destination.")
+        # print("can't post")
+        # content = {"message": "post timeout", "error": str(e)}
+        # return JSONResponse(content, status_code=400)
+
+    # wait 3s to receive message from nodes
+    for _ in range(10):
+        print(f"Waiting for node_response... Current value: {node_response}")
+        # print("wait:", node_response)
+        if node_response:
+            data = message
+            print(f"Node response received with message: {data}")
+            # reset message and node_response
+            message = b""
+            node_response = False
+
+            # return message to frontend
+            return {"message": str(data)}
+        await asyncio.sleep(0.2)
+    print("Timeout while waiting for node_response.")
+    content = {"message": "receive timeout"}
+    return JSONResponse(content, status_code=400)
+
+
+# receive request from others
+@app.post("/receive_request")
+async def receive_request(i_m: IP_Message):
+    global pk
+    print(
+        f"Function 'receive_request' called with: dest_ip={i_m.dest_ip}, source_ip={i_m.source_ip}, pk={i_m.pk}"
+    )
+    source_ip = get_own_ip()
+    print(f"Own IP: {source_ip}")
+    if source_ip != i_m.dest_ip:
+        print("Mismatch in destination IP.")
+        return HTTPException(status_code=400, detail="Wrong ip")
+    dest_ip = i_m.source_ip
+    # threshold = random.randrange(1, 2)
+    threshold = 2
+    own_public_key = pk
+    pk_B = i_m.pk
+    print(f"Using own public key: {own_public_key} and received public key: {pk_B}")
+
+    with sqlite3.connect("client.db") as db:
+        cursor = db.execute(
+            """
+                   SELECT nodeip
+                   FROM node
+                   LIMIT ?
+                   """,
+            (threshold,),
+        )
+        node_ips = cursor.fetchall()
+    print(f"Selected node IPs from database: {node_ips}")
+
+    # message name
+    # message_name = i_m.message_name
+    # message = xxxxx
+
+    # 根据message name到测试文本查找对应值
+    try:
+        message = test_msessgaes[i_m.message_name]
+
+    except:
+        message = b"hello world" + random.randbytes(8)
+    print(f"Message to be send: {message}")
+
+    # send message to nodes
+    await send_messages(tuple(node_ips), message, dest_ip, pk_B, threshold)
+    response = {"threshold": threshold, "public_key": own_public_key}
+    print(f"Sending response: {response}")
+    return response
+
+
+def get_own_ip() -> str:
+    ip = os.environ.get("HOST_IP")
+    if not ip:  # 如果环境变量中没有IP
+        try:
+            # 从网卡获取IP
+            s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
+            s.connect(("8.8.8.8", 80))  # 通过连接Google DNS获取IP
+            ip = s.getsockname()[0]
+            s.close()
+        except:
+            raise ValueError("Unable to get IP")
+    return str(ip)
+
+
+# get node list from central server
+def get_node_list(count: int, server_addr: str):
+    url = "http://" + server_addr + "/server/send_nodes_list?count=" + str(count)
+    response = requests.get(url, timeout=3)
+    # Checking the response
+    if response.status_code == 200:
+        print("Success get node list")
+        node_ip = response.text
+        node_ip = eval(node_ip)
+        print(node_ip)
+        # insert node ip to database
+        with sqlite3.connect("client.db") as db:
+            db.executemany(
+                """
+                INSERT INTO node 
+                (nodeip) 
+                VALUES (?)
+                """,
+                [(ip,) for ip in node_ip],
+            )
+            db.commit()
+        print("Success add node ip")
+    else:
+        print("Failed:", response.status_code, response.text)
+
+
+# send pk to others
+@app.get("/get_pk")
+async def get_pk():
+    global pk, sk
+    print(sk)
+    return {"pkx": str(pk[0]), "pky": str(pk[1])}
+
+
+class pk_model(BaseModel):
+    pkx: str
+    pky: str
+    ip: str
+
+
+# recieve pk from frontend
+@app.post("/recieve_pk")
+async def recieve_pk(pk: pk_model):
+    pkx = pk.pkx
+    pky = pk.pky
+    dest_ip = pk.ip
+    try:
+        threshold = 2
+        with sqlite3.connect("client.db") as db:
+            db.execute(
+                """
+        INSERT INTO senderinfo
+        (ip, pkx, pky, threshold)
+        VALUES
+        (?, ?, ?, ?)
+        """,
+                (str(dest_ip), pkx, pky, threshold),
+            )
+    except Exception as e:
+        # raise error
+        print("Database error")
+        content = {"message": "Database Error", "error": str(e)}
+        return JSONResponse(content, status_code=400)
+    return {"message": "save pk in database"}
+
+
+pk = (0, 0)
+sk = 0
+server_address = str
+node_response = False
+message = bytes
+local_ip = get_own_ip()
+
+if __name__ == "__main__":
+    import uvicorn  # pylint: disable=e0401
+
+    uvicorn.run("client:app", host="0.0.0.0", port=8002, reload=True, log_level="debug")

src/client_cli.py

@@ -0,0 +1,41 @@
+import argparse
+import requests
+import json
+
+
+def send_post_request(ip_addr, message_name):
+    url = f"http://localhost:8002/request_message"
+    data = {"dest_ip": ip_addr, "message_name": message_name}
+    response = requests.post(url, json=data)
+    return response.text
+
+
+def get_pk(ip_addr):
+    url = f"http://" + ip_addr + ":8002/get_pk"
+    response = requests.get(url, timeout=1)
+    print(response.text)
+    json_pk = json.loads(response.text)
+    payload = {"pkx": json_pk["pkx"], "pky": json_pk["pky"], "ip": ip_addr}
+    response = requests.post("http://localhost:8002/recieve_pk", json=payload)
+
+    return response.text
+
+
+
+def main():
+    parser = argparse.ArgumentParser(description="Send POST request to a specified IP.")
+    parser.add_argument("ip_addr", help="IP address to send request to.")
+    parser.add_argument("message_name", help="Message name to send.")
+
+    args = parser.parse_args()
+    
+    response = get_pk(args.ip_addr)
+    print(response)
+    
+    response = send_post_request(args.ip_addr, args.message_name)
+    
+    print(response)
+
+
+if __name__ == "__main__":
+    main()

src/client_demo.py

@@ -0,0 +1,4 @@
+from tpre import *
+
+# local {"pkx":"110913495319893280527511520027612816833094668640322629943553195742251267532611","pky":"42442813417048462506373786007682778510807282038950736216326706485290996455738"}
+# pkb (110913495319893280527511520027612816833094668640322629943553195742251267532611,42442813417048462506373786007682778510807282038950736216326706485290996455738

src/demo.py

@@ -1,30 +0,0 @@
-from tpre import *
-
-# 1
-pk_a, sk_a = GenerateKeyPair()
-m = b"hello world"
-
-# 2
-capsule_ct = Encrypt(pk_a, m)
-
-# 3
-pk_b, sk_b = GenerateKeyPair()
-
-N = 70
-T = 49
-
-# 5
-rekeys = GenerateReKey(sk_a, pk_b, N, T)
-
-# 7
-cfrag_cts = []
-
-for rekey in rekeys:
-    cfrag_ct = ReEncrypt(rekey, capsule_ct)
-    cfrag_cts.append(cfrag_ct)
-
-# 9
-cfrags = mergecfrag(cfrag_cts)
-m = DecryptFrags(sk_b, pk_b, pk_a, cfrags)
-
-print(m)

src/demo2.py

@@ -0,0 +1,93 @@
+from tpre import *
+import time
+import openpyxl
+
+# 初始化Excel工作簿和工作表
+wb = openpyxl.Workbook()
+ws = wb.active
+ws.title = "算法性能结果"
+headers = [
+    "门限值 N",
+    "门限值 T",
+    "密钥生成运行时间",
+    "加密算法运行时间",
+    "重加密密钥生成算法运行时间",
+    "重加密算法运行时间",
+    "解密算法运行时间",
+    "算法总运行时间",
+]
+ws.append(headers)
+
+
+for N in range(4, 21, 2):
+    T = N // 2
+    print(f"当前门限值: N = {N}, T = {T}")
+
+    start_total_time = time.time()
+    # 1
+    start_time = time.time()
+    pk_a, sk_a = GenerateKeyPair()
+    m = b"hello world"
+    end_time = time.time()
+    elapsed_time_key_gen = end_time - start_time
+    print(f"密钥生成运行时间:{elapsed_time_key_gen}秒")
+
+    # ... [中间代码不变]
+    # 2
+    start_time = time.time()
+    capsule_ct = Encrypt(pk_a, m)
+    end_time = time.time()
+    elapsed_time_enc = end_time - start_time
+    print(f"加密算法运行时间:{elapsed_time_enc}秒")
+
+    # 3
+    pk_b, sk_b = GenerateKeyPair()
+
+    # 5
+    start_time = time.time()
+    id_tuple = tuple(range(N))
+    rekeys = GenerateReKey(sk_a, pk_b, N, T, id_tuple)
+    end_time = time.time()
+    elapsed_time_rekey_gen = end_time - start_time
+    print(f"重加密密钥生成算法运行时间:{elapsed_time_rekey_gen}秒")
+
+    # 7
+    start_time = time.time()
+    cfrag_cts = []
+
+    for rekey in rekeys:
+        cfrag_ct = ReEncrypt(rekey, capsule_ct)
+        cfrag_cts.append(cfrag_ct)
+    end_time = time.time()
+    re_elapsed_time = (end_time - start_time) / len(rekeys)
+    print(f"重加密算法运行时间:{re_elapsed_time}秒")
+
+    # 9
+    start_time = time.time()
+    cfrags = mergecfrag(cfrag_cts)
+    m = DecryptFrags(sk_b, pk_b, pk_a, cfrags)
+    end_time = time.time()
+    elapsed_time_dec = end_time - start_time
+    end_total_time = time.time()
+    total_time = end_total_time - start_total_time - re_elapsed_time * len(rekeys)
+    print(f"解密算法运行时间:{elapsed_time_dec}秒")
+    print("成功解密:", m)
+    print(f"算法总运行时间:{total_time}秒")
+    print()
+
+    # 将结果保存到Excel
+    ws.append(
+        [
+            N,
+            T,
+            elapsed_time_key_gen,
+            elapsed_time_enc,
+            elapsed_time_rekey_gen,
+            re_elapsed_time,
+            elapsed_time_dec,
+            total_time,
+        ]
+    )
+
+# 保存Excel文件
+wb.save("结果.xlsx")

src/lenth_test.py

@@ -0,0 +1,63 @@
+from tpre import *
+import time
+
+N = 20
+T = N // 2
+print(f"当前门限值: N = {N}, T = {T}")
+
+for i in range(1, 10):
+    total_time = 0
+
+    # 1
+    start_time = time.time()
+    pk_a, sk_a = GenerateKeyPair()
+    m = b"hello world" * pow(10, i)
+    print(f"明文长度:{len(m)}")
+    end_time = time.time()
+    elapsed_time = end_time - start_time
+    total_time += elapsed_time
+    print(f"密钥生成运行时间:{elapsed_time}秒")
+
+    # 2
+    start_time = time.time()
+    capsule_ct = Encrypt(pk_a, m)
+    end_time = time.time()
+    elapsed_time = end_time - start_time
+    total_time += elapsed_time
+    print(f"加密算法运行时间:{elapsed_time}秒")
+
+    # 3
+    pk_b, sk_b = GenerateKeyPair()
+
+    # 5
+    start_time = time.time()
+    id_tuple = tuple(range(N))
+    rekeys = GenerateReKey(sk_a, pk_b, N, T, id_tuple)
+    end_time = time.time()
+    elapsed_time = end_time - start_time
+    total_time += elapsed_time
+    print(f"重加密密钥生成算法运行时间:{elapsed_time}秒")
+
+    # 7
+    start_time = time.time()
+    cfrag_cts = []
+
+    for rekey in rekeys:
+        cfrag_ct = ReEncrypt(rekey, capsule_ct)
+        cfrag_cts.append(cfrag_ct)
+    end_time = time.time()
+    elapsed_time = (end_time - start_time) / len(rekeys)
+    total_time += elapsed_time
+    print(f"重加密算法运行时间:{elapsed_time}秒")
+
+    # 9
+    start_time = time.time()
+    cfrags = mergecfrag(cfrag_cts)
+    m = DecryptFrags(sk_b, pk_b, pk_a, cfrags)
+    end_time = time.time()
+    elapsed_time = end_time - start_time
+    total_time += elapsed_time
+    print(f"解密算法运行时间:{elapsed_time}秒")
+    print("成功解密:")
+    print(f"算法总运行时间:{total_time}秒")
+    print()

src/maxnode_test.py

@@ -0,0 +1,66 @@
+from tpre import *
+import time
+
+N = 80
+total_time = 0
+
+while total_time < 1:
+
+    T = N // 2
+    print(f"当前门限值: N = {N}, T = {T}")
+
+    total_time = 0
+
+    # 1
+    start_time = time.time()
+    pk_a, sk_a = GenerateKeyPair()
+    m = b"hello world"
+    end_time = time.time()
+    elapsed_time = end_time - start_time
+    total_time += elapsed_time
+    # print(f"密钥生成运行时间:{elapsed_time}秒")
+
+    # 2
+    start_time = time.time()
+    capsule_ct = Encrypt(pk_a, m)
+    end_time = time.time()
+    elapsed_time = end_time - start_time
+    total_time += elapsed_time
+    # print(f"加密算法运行时间:{elapsed_time}秒")
+
+    # 3 
+    pk_b, sk_b = GenerateKeyPair()
+
+    # 5
+    start_time = time.time()
+    id_tuple = tuple(range(N))
+    rekeys = GenerateReKey(sk_a, pk_b, N, T, id_tuple)
+    end_time = time.time()
+    elapsed_time = end_time - start_time
+    total_time += elapsed_time
+    # print(f"重加密密钥生成算法运行时间:{elapsed_time}秒")
+
+    # 7
+    start_time = time.time()
+    cfrag_cts = []
+
+    for rekey in rekeys:
+        cfrag_ct = ReEncrypt(rekey, capsule_ct)
+        cfrag_cts.append(cfrag_ct)
+    end_time = time.time()
+    elapsed_time = (end_time - start_time) / len(rekeys)
+    total_time += elapsed_time
+    # print(f"重加密算法运行时间:{elapsed_time}秒")
+
+    # 9
+    start_time = time.time()
+    cfrags = mergecfrag(cfrag_cts)
+    m = DecryptFrags(sk_b, pk_b, pk_a, cfrags)
+    end_time = time.time()
+    elapsed_time = end_time - start_time
+    total_time += elapsed_time
+    # print(f"解密算法运行时间:{elapsed_time}秒")
+    # print("成功解密:", m)
+    print(f"算法总运行时间:{total_time}秒")
+    print()
+    N += 1

src/node.py

@@ -0,0 +1,157 @@
+from fastapi import FastAPI, Request, HTTPException
+import requests
+from contextlib import asynccontextmanager
+import socket
+import asyncio
+from pydantic import BaseModel
+from tpre import *
+import os
+from typing import Any, Tuple
+import base64
+import logging
+
+
+@asynccontextmanager
+async def lifespan(app: FastAPI):
+    init()
+    yield
+    clear()
+
+
+app = FastAPI(lifespan=lifespan)
+server_address = "http://60.204.236.38:8000/server"
+id = 0
+ip = ""
+client_ip_src = ""  # 发送信息用户的ip
+client_ip_des = ""  # 接收信息用户的ip
+processed_message = ()  # 重加密后的数据
+
+logger = logging.getLogger("uvicorn")
+
+
+# class C(BaseModel):
+#     Tuple: Tuple[capsule, int]
+#     ip_src: str
+
+
+# 向中心服务器发送自己的IP地址,并获取自己的id
+def send_ip():
+    url = server_address + "/get_node?ip=" + ip  # type: ignore
+    # ip = get_local_ip() # type: ignore
+    global id
+    id = requests.get(url, timeout=3)
+    logger.info(f"中心服务器返回节点ID为: {id}")
+    print("中心服务器返回节点ID为: ", id)
+
+
+# 用环境变量获取本机ip
+def get_local_ip():
+    global ip
+    ip = os.environ.get("HOST_IP")
+    if not ip:  # 如果环境变量中没有IP
+        try:
+            # 从网卡获取IP
+            s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
+            s.connect(("8.8.8.8", 80))  # 通过连接Google DNS获取IP
+            ip = str(s.getsockname()[0])
+            s.close()
+        except:
+            raise ValueError("Unable to get IP")
+
+
+def init():
+    get_local_ip()
+    send_ip()
+    asyncio.create_task(send_heartbeat_internal())
+    print("Finish init")
+
+
+def clear():
+    print("exit node")
+
+
+# 接收用户发来的消息，经过处理之后，再将消息发送给其他用户
+
+
+async def send_heartbeat_internal() -> None:
+    timeout = 30
+    global ip
+    url = server_address + "/heartbeat?ip=" + ip  # type: ignore
+    while True:
+        # print('successful send my_heart')
+        try:
+            requests.get(url, timeout=3)
+        except:
+            logger.error("Central server error")
+            print("Central server error")
+
+        # 删除超时的节点
+        await asyncio.sleep(timeout)
+
+
+class Req(BaseModel):
+    source_ip: str
+    dest_ip: str
+    capsule: capsule
+    ct: int
+    rk: list
+
+
+@app.post("/user_src")  # 接收用户1发送的信息
+async def user_src(message: Req):
+    global client_ip_src, client_ip_des
+    print(
+        f"Function 'user_src' called with: source_ip={message.source_ip}, dest_ip={message.dest_ip}, capsule={message.capsule}, ct={message.ct}, rk={message.rk}"
+    )
+    # kfrag , capsule_ct ,client_ip_src , client_ip_des   = json_data[]
+    """
+    payload = {
+            "source_ip": local_ip,
+            "dest_ip": dest_ip,
+            "capsule_ct": capsule_ct,
+            "rk": rk_list[i],
+        }
+    """
+    logger.info(f"node: {message}")
+    print("node: ", message)
+    source_ip = message.source_ip
+    dest_ip = message.dest_ip
+    capsule = message.capsule
+    ct = message.ct
+
+    byte_length = (ct.bit_length() + 7) // 8
+    capsule_ct = (capsule, ct.to_bytes(byte_length))
+
+    rk = message.rk
+    logger.info(f"Computed capsule_ct: {capsule_ct}")
+    print(f"Computed capsule_ct: {capsule_ct}")
+
+    a, b = ReEncrypt(rk, capsule_ct)  # type: ignore
+    processed_message = (a, int.from_bytes(b))
+
+    logger.info(f"Re-encrypted message: {processed_message}")
+    print(f"Re-encrypted message: {processed_message}")
+
+    await send_user_des_message(source_ip, dest_ip, processed_message)
+
+    logger.info("Message sent to destination user.")
+    print("Message sent to destination user.")
+    return HTTPException(status_code=200, detail="message recieved")
+
+
+async def send_user_des_message(source_ip: str, dest_ip: str, re_message):  # 发送消息给用户2
+    data = {"Tuple": re_message, "ip": source_ip}  # 类型不匹配
+
+    # 发送 HTTP POST 请求
+    response = requests.post(
+        "http://" + dest_ip + ":8002" + "/receive_messages", json=data
+    )
+
+    logger.info(f"send stauts: {response.text}")
+    print("send stauts:", response.text)
+
+
+if __name__ == "__main__":
+    import uvicorn  # pylint: disable=e0401
+
+    uvicorn.run("node:app", host="0.0.0.0", port=8001, reload=True, log_level="debug")

src/perf.log

@@ -0,0 +1,148 @@
+12th Gen Intel(R) Core(TM) i5-12490F
+
+0.01 cores
+当前门限值: N = 20, T = 10
+密钥生成运行时间:0.9953160285949707秒
+加密算法运行时间:0.006381511688232422秒
+重加密密钥生成算法运行时间:12.903082609176636秒
+重加密算法运行时间:0.989858603477478秒
+解密算法运行时间:19.69758915901184秒
+成功解密: b'hello world'
+算法总运行时间:34.59222791194916秒
+
+0.1 cores
+当前门限值: N = 20, T = 10
+密钥生成运行时间:0.004191160202026367秒
+加密算法运行时间:0.09498381614685059秒
+重加密密钥生成算法运行时间:0.7050104141235352秒
+重加密算法运行时间:0.09499671459197997秒
+解密算法运行时间:1.5005874633789062秒
+成功解密: b'hello world'
+算法总运行时间:2.3997695684432983秒
+
+1 cores
+当前门限值: N = 20, T = 10
+密钥生成运行时间:0.0030488967895507812秒
+加密算法运行时间:0.005570888519287109秒
+重加密密钥生成算法运行时间:0.07791781425476074秒
+重加密算法运行时间:0.006881630420684815秒
+解密算法运行时间:0.08786344528198242秒
+成功解密: b'hello world'
+算法总运行时间:0.18128267526626587秒
+
+4 cores
+当前门限值: N = 20, T = 10
+密钥生成运行时间:0.0026373863220214844秒
+加密算法运行时间:0.004965305328369141秒
+重加密密钥生成算法运行时间:0.07313323020935059秒
+重加密算法运行时间:0.006896591186523438秒
+解密算法运行时间:0.08880448341369629秒
+成功解密: b'hello world'
+算法总运行时间:0.17643699645996094秒
+
+rk3399
+0.01 cores
+当前门限值: N = 20, T = 10
+密钥生成运行时间:3.9984750747680664秒
+加密算法运行时间:9.599598169326782秒
+重加密密钥生成算法运行时间:132.99906015396118秒
+重加密算法运行时间:12.120013177394867秒
+解密算法运行时间:153.29800581932068秒
+成功解密: b'hello world'
+算法总运行时间:312.0151523947716秒
+
+0.1 cores
+当前门限值: N = 20, T = 10
+密钥生成运行时间:0.09907650947570801秒
+加密算法运行时间:0.205247163772583秒
+重加密密钥生成算法运行时间:7.498294830322266秒
+重加密算法运行时间:0.7300507187843323秒
+解密算法运行时间:8.998314619064331秒
+成功解密: b'hello world'
+算法总运行时间:17.53098384141922秒
+
+1 cores
+当前门限值: N = 20, T = 10
+密钥生成运行时间:0.008650541305541992秒
+加密算法运行时间:0.02130866050720215秒
+重加密密钥生成算法运行时间:0.30187034606933594秒
+重加密算法运行时间:0.0274674654006958秒
+解密算法运行时间:0.3521096706390381秒
+成功解密: b'hello world'
+算法总运行时间:0.7114066839218139秒
+
+4 cores
+当前门限值: N = 20, T = 10
+密钥生成运行时间:0.00883340835571289秒
+加密算法运行时间:0.021309614181518555秒
+重加密密钥生成算法运行时间:0.3036940097808838秒
+重加密算法运行时间:0.0277299165725708秒
+解密算法运行时间:0.3464491367340088秒
+成功解密: b'hello world'
+算法总运行时间:0.7080160856246949秒
+
+12th Gen Intel(R) Core(TM) i5-12490F
+
+当前门限值: N = 20, T = 10
+明文长度:110
+密钥生成运行时间:0.0033216476440429688秒
+加密算法运行时间:0.00811624526977539秒
+重加密密钥生成算法运行时间:0.11786699295043945秒
+重加密算法运行时间:0.009650790691375732秒
+解密算法运行时间:0.12125396728515625秒
+成功解密:
+算法总运行时间:0.2602096438407898秒
+
+明文长度:1100
+密钥生成运行时间:0.0034990310668945312秒
+加密算法运行时间:0.008537054061889648秒
+重加密密钥生成算法运行时间:0.10165071487426758秒
+重加密算法运行时间:0.009756004810333252秒
+解密算法运行时间:0.13438773155212402秒
+成功解密:
+算法总运行时间:0.257830536365509秒
+
+明文长度:11000
+密钥生成运行时间:0.0035142898559570312秒
+加密算法运行时间:0.005819797515869141秒
+重加密密钥生成算法运行时间:0.1130058765411377秒
+重加密算法运行时间:0.010429942607879638秒
+解密算法运行时间:0.1242990493774414秒
+成功解密:
+算法总运行时间:0.25706895589828493秒
+
+明文长度:110000
+密钥生成运行时间:0.002706289291381836秒
+加密算法运行时间:0.00833749771118164秒
+重加密密钥生成算法运行时间:0.11022734642028809秒
+重加密算法运行时间:0.010864639282226562秒
+解密算法运行时间:0.13867974281311035秒
+成功解密:
+算法总运行时间:0.2708155155181885秒
+
+明文长度:1100000
+密钥生成运行时间:0.003710031509399414秒
+加密算法运行时间:0.04558920860290527秒
+重加密密钥生成算法运行时间:0.10261368751525879秒
+重加密算法运行时间:0.009720635414123536秒
+解密算法运行时间:0.15311646461486816秒
+成功解密:
+算法总运行时间:0.3147500276565552秒
+
+明文长度:11000000
+密钥生成运行时间:0.008045673370361328秒
+加密算法运行时间:0.3575568199157715秒
+重加密密钥生成算法运行时间:0.09267783164978027秒
+重加密算法运行时间:0.009347784519195556秒
+解密算法运行时间:0.4754812717437744秒
+成功解密:
+算法总运行时间:0.9431093811988831秒
+
+当前门限值: N = 94, T = 47
+算法总运行时间:0.967951292687274秒
+
+当前门限值: N = 95, T = 47
+算法总运行时间:0.9765587304767809秒
+
+当前门限值: N = 96, T = 48
+算法总运行时间:1.019304744899273秒

src/server.py

@@ -0,0 +1,184 @@
+from fastapi import FastAPI
+from fastapi.encoders import jsonable_encoder
+from fastapi.responses import JSONResponse
+from contextlib import asynccontextmanager
+import sqlite3
+import asyncio
+import time
+import ipaddress
+
+
+@asynccontextmanager
+async def lifespan(app: FastAPI):
+    init()
+    yield
+    clean_env()
+
+
+app = FastAPI(lifespan=lifespan)
+
+
+def init():
+    asyncio.create_task(receive_heartbeat_internal())
+
+    conn = sqlite3.connect("server.db")
+    cursor = conn.cursor()
+    # init table: id: int; ip: TEXT
+    cursor.execute(
+        """CREATE TABLE IF NOT EXISTS nodes (
+                    id INTEGER PRIMARY KEY AUTOINCREMENT,
+                    ip TEXT NOT NULL,
+                    last_heartbeat INTEGER
+                )"""
+    )
+
+
+def clean_env():
+    clear_database()
+
+
+@app.get("/")
+async def home():
+    return {"message": "Hello, World!"}
+
+
+@app.get("/server/show_nodes")
+async def show_nodes() -> list:
+    nodes_list = []
+    with sqlite3.connect("server.db") as db:
+        # 查询数据
+        cursor = db.execute("SELECT * FROM nodes")
+        rows = cursor.fetchall()
+
+    for row in rows:
+        nodes_list.append(row)
+    return nodes_list
+
+
+def validate_ip(ip: str) -> bool:
+    try:
+        ipaddress.ip_address(ip)
+        return True
+    except ValueError:
+        return False
+
+
+@app.get("/server/get_node")
+async def get_node(ip: str) -> int:
+    """
+    中心服务器与节点交互, 节点发送ip, 中心服务器接收ip存入数据库并将ip转换为int作为节点id返回给节点  
+    params:  
+    ip: node ip  
+    return:  
+    id: ip按点分割成四部分, 每部分转二进制后拼接再转十进制作为节点id  
+    """
+    if not validate_ip(ip):
+        content = {"message": "invalid ip "}
+        return JSONResponse(content, status_code=400)  # type: ignore
+
+    ip_parts = ip.split(".")
+    ip_int = 0
+    for i in range(4):
+        ip_int += int(ip_parts[i]) << (24 - (8 * i))
+    print("IP", ip, "对应的ID为", ip_int)
+
+    # 获取当前时间
+    current_time = int(time.time())
+    print("当前时间: ", current_time)
+
+    with sqlite3.connect("server.db") as db:
+        # 插入数据
+        db.execute(
+            "INSERT INTO nodes (id, ip, last_heartbeat) VALUES (?, ?, ?)",
+            (ip_int, ip, current_time),
+        )
+        db.commit()
+
+    return ip_int
+
+
+@app.get("/server/delete_node")
+async def delete_node(ip: str) -> None:
+    """
+    param:  
+    ip: 待删除节点的ip地址  
+    return:  
+    None  
+    """
+    
+    with sqlite3.connect("server.db") as db:
+        # 查询要删除的节点
+        cursor = db.execute("SELECT * FROM nodes WHERE ip=?", (ip,))
+        row = cursor.fetchone()
+    if row is not None:
+        with sqlite3.connect("server.db") as db:
+            # 执行删除操作
+            db.execute("DELETE FROM nodes WHERE ip=?", (ip,))
+            db.commit()
+        print(f"Node with IP {ip} deleted successfully.")
+    else:
+        print(f"Node with IP {ip} not found.")
+
+
+# 接收节点心跳包
+@app.get("/server/heartbeat")
+async def receive_heartbeat(ip: str):
+    if not validate_ip(ip):
+        content = {"message": "invalid ip "}
+        return JSONResponse(content, status_code=400)
+    print("收到来自", ip, "的心跳包")
+    with sqlite3.connect("server.db") as db:
+        db.execute(
+            "UPDATE nodes SET last_heartbeat = ? WHERE ip = ?", (time.time(), ip)
+        )
+    return {"status": "received"}
+
+
+async def receive_heartbeat_internal():
+    while 1:
+        timeout = 70
+        with sqlite3.connect("server.db") as db:
+            # 删除超时的节点
+            db.execute(
+                "DELETE FROM nodes WHERE last_heartbeat < ?", (time.time() - timeout,)
+            )
+            db.commit()
+        await asyncio.sleep(timeout)
+
+
+@app.get("/server/send_nodes_list")
+async def send_nodes_list(count: int) -> list:
+    """
+    中心服务器与客户端交互, 客户端发送所需节点个数, 中心服务器从数据库中顺序取出节点封装成list格式返回给客户端
+    params:
+    count: 所需节点个数
+    return:
+    nodes_list: list
+    """
+    nodes_list = []
+
+    with sqlite3.connect("server.db") as db:
+        # 查询数据库中的节点数据
+        cursor = db.execute("SELECT * FROM nodes LIMIT ?", (count,))
+        rows = cursor.fetchall()
+
+    for row in rows:
+        id, ip, last_heartbeat = row
+        nodes_list.append(ip)
+
+    print("收到来自客户端的节点列表请求...")
+    print(nodes_list)
+    return nodes_list
+
+
+# @app.get("/server/clear_database")
+def clear_database() -> None:
+    with sqlite3.connect("server.db") as db:
+        db.execute("DELETE FROM nodes")
+        db.commit()
+
+
+if __name__ == "__main__":
+    import uvicorn  # pylint: disable=e0401
+
+    uvicorn.run("server:app", host="0.0.0.0", port=8000, reload=True)

src/setup.py

@@ -0,0 +1,14 @@
+from setuptools import setup, Extension
+
+# 定义您的扩展
+ext = Extension(
+    "tpreECC",
+    sources=["tpreECC.c"],
+)
+
+setup(
+    name="tpreECC",
+    version="1.0",
+    description="basic ECC written in C",
+    ext_modules=[ext],
+)

src/speed_test.py

@@ -0,0 +1,61 @@
+from tpre import *
+import time
+
+N = 20
+T = N // 2
+print(f"当前门限值: N = {N}, T = {T}")
+
+total_time = 0
+
+# 1
+start_time = time.time()
+pk_a, sk_a = GenerateKeyPair()
+m = b"hello world"
+end_time = time.time()
+elapsed_time = end_time - start_time
+total_time += elapsed_time
+print(f"密钥生成运行时间:{elapsed_time}秒")
+
+# 2
+start_time = time.time()
+capsule_ct = Encrypt(pk_a, m)
+end_time = time.time()
+elapsed_time = end_time - start_time
+total_time += elapsed_time
+print(f"加密算法运行时间:{elapsed_time}秒")
+
+# 3
+pk_b, sk_b = GenerateKeyPair()
+
+# 5
+start_time = time.time()
+id_tuple = tuple(range(N))
+rekeys = GenerateReKey(sk_a, pk_b, N, T, id_tuple)
+end_time = time.time()
+elapsed_time = end_time - start_time
+total_time += elapsed_time
+print(f"重加密密钥生成算法运行时间:{elapsed_time}秒")
+
+# 7
+start_time = time.time()
+cfrag_cts = []
+
+for rekey in rekeys:
+    cfrag_ct = ReEncrypt(rekey, capsule_ct)
+    cfrag_cts.append(cfrag_ct)
+end_time = time.time()
+elapsed_time = (end_time - start_time) / len(rekeys)
+total_time += elapsed_time
+print(f"重加密算法运行时间:{elapsed_time}秒")
+
+# 9
+start_time = time.time()
+cfrags = mergecfrag(cfrag_cts)
+m = DecryptFrags(sk_b, pk_b, pk_a, cfrags)
+end_time = time.time()
+elapsed_time = end_time - start_time
+total_time += elapsed_time
+print(f"解密算法运行时间:{elapsed_time}秒")
+print("成功解密:", m)
+print(f"算法总运行时间:{total_time}秒")
+print()

src/tpre.py

@@ -272,7 +272,9 @@ def f(x: int, f_modulus: list, T: int) -> int:
     return res
 
 
-def GenerateReKey(sk_A: int, pk_B: point, N: int, T: int) -> list:
+def GenerateReKey(
+    sk_A: int, pk_B: point, N: int, T: int, id_tuple: Tuple[int, ...]
+) -> list:
     """
     param:
     skA, pkB, N(节点总数), T(阈值)
@@ -288,7 +290,7 @@ def GenerateReKey(sk_A: int, pk_B: point, N: int, T: int) -> list:
     # d是Bob的密钥对与临时密钥对的非交互式Diffie-Hellman密钥交换的结果
     d = hash3((X_A, pk_B, multiply(pk_B, x_A)))
 
-    # 计算多项式系数, 确定代理节点的ID(一个点)
+    # 计算多项式系数
     f_modulus = []
     # 计算f0
     # f0 = (sk_A * inv(d, G.P)) % G.P
@@ -305,10 +307,10 @@ def GenerateReKey(sk_A: int, pk_B: point, N: int, T: int) -> list:
     for i in range(N):
         y = random.randint(0, sm2p256v1.N - 1)
         Y = multiply(g, y)
-        s_x = hash5(i, D)  # id需要设置
+        s_x = hash5(id_tuple[i], D)  # id需要设置
         r_k = f(s_x, f_modulus, T)
         U1 = multiply(U, r_k)
-        kFrag = (i, r_k, X_A, U1)
+        kFrag = (id_tuple[i], r_k, X_A, U1)
         KF.append(kFrag)
 
     return KF
@@ -341,7 +343,7 @@ def Checkcapsule(capsule: capsule) -> bool:  # 验证胶囊的有效性
     return flag
 
 
-def ReEncapsulate(kFrag: list, capsule: capsule) -> Tuple[point, point, int, point]:
+def ReEncapsulate(kFrag: tuple, capsule: capsule) -> Tuple[point, point, int, point]:
     id, rk, Xa, U1 = kFrag
     E, V, s = capsule
     if not Checkcapsule(capsule):
@@ -355,7 +357,7 @@ def ReEncapsulate(kFrag: list, capsule: capsule) -> Tuple[point, point, int, poi
 
 
 def ReEncrypt(
-    kFrag: list, C: Tuple[capsule, bytes]
+    kFrag: tuple, C: Tuple[capsule, bytes]
 ) -> Tuple[Tuple[point, point, int, point], bytes]:
     capsule, enc_Data = C
 

src/tpreECC.c

@@ -0,0 +1,284 @@
+#include <Python.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+// define TPRE Big Number
+typedef uint64_t TPRE_BN[8]
+
+    // GF(p)
+    typedef TPRE_BN SM2_Fp;
+
+// GF(n)
+typedef TPRE_BN SM2_Fn;
+
+// 定义一个结构体来表示雅各比坐标系的点
+typedef struct
+{
+    TPRE_BN X;
+    TPRE_BN Y;
+    TPRE_BN Z;
+} JACOBIAN_POINT;
+
+// 定义一个结构体来表示点
+typedef struct
+{
+    uint8_t x[32];
+    uint8_t y[32];
+} TPRE_POINT;
+
+const TPRE_BN SM2_P = {
+    0xffffffff,
+    0xffffffff,
+    0x00000000,
+    0xffffffff,
+    0xffffffff,
+    0xffffffff,
+    0xffffffff,
+    0xfffffffe,
+};
+
+const TPRE_BN SM2_A = {
+    0xfffffffc,
+    0xffffffff,
+    0x00000000,
+    0xffffffff,
+    0xffffffff,
+    0xffffffff,
+    0xffffffff,
+    0xfffffffe,
+};
+
+const TPRE_BN SM2_B = {
+    0x4d940e93,
+    0xddbcbd41,
+    0x15ab8f92,
+    0xf39789f5,
+    0xcf6509a7,
+    0x4d5a9e4b,
+    0x9d9f5e34,
+    0x28e9fa9e,
+};
+
+// 生成元GX, GY
+const SM2_JACOBIAN_POINT _SM2_G = {
+    {
+        0x334c74c7,
+        0x715a4589,
+        0xf2660be1,
+        0x8fe30bbf,
+        0x6a39c994,
+        0x5f990446,
+        0x1f198119,
+        0x32c4ae2c,
+    },
+    {
+        0x2139f0a0,
+        0x02df32e5,
+        0xc62a4740,
+        0xd0a9877c,
+        0x6b692153,
+        0x59bdcee3,
+        0xf4f6779c,
+        0xbc3736a2,
+    },
+    {
+        1,
+        0,
+        0,
+        0,
+        0,
+        0,
+        0,
+        0,
+    },
+};
+
+const SM2_JACOBIAN_POINT *SM2_G = &_SM2_G;
+
+const TPRE_BN SM2_N = {
+    0x39d54123,
+    0x53bbf409,
+    0x21c6052b,
+    0x7203df6b,
+    0xffffffff,
+    0xffffffff,
+    0xffffffff,
+    0xfffffffe,
+};
+
+// u = (p - 1)/4, u + 1 = (p + 1)/4
+const TPRE_BN SM2_U_PLUS_ONE = {
+    0x00000000,
+    0x40000000,
+    0xc0000000,
+    0xffffffff,
+    0xffffffff,
+    0xffffffff,
+    0xbfffffff,
+    0x3fffffff,
+};
+
+const TPRE_BN SM2_ONE = {1, 0, 0, 0, 0, 0, 0, 0};
+const TPRE_BN SM2_TWO = {2, 0, 0, 0, 0, 0, 0, 0};
+const TPRE_BN SM2_THREE = {3, 0, 0, 0, 0, 0, 0, 0};
+
+#define GETU32(p)             \
+    ((uint32_t)(p)[0] << 24 | \
+     (uint32_t)(p)[1] << 16 | \
+     (uint32_t)(p)[2] << 8 |  \
+     (uint32_t)(p)[3])
+
+// 点乘
+static void multiply(TPRE_POINT r, const TPRE_POINT a, int64_t n)
+{
+    Point result;
+    // ...实现乘法逻辑...
+    return result;
+}
+
+// 点加
+static void add(TPRE_POINT *R, TPRE_POINT *P, TPRE_POINT *Q)
+{
+    JACOBIAN_POINT P_;
+    JACOBIAN_POINT Q_;
+
+    jacobianPoint_from_bytes(&P_, (uint8_t *)P)
+        jacobianPoint_from_bytes(&Q_, (uint8_t *)Q)
+            jacobianPoint_add(&P_, &P_, &Q_);
+    jacobianPoint_to_bytes(&P_, (uint8_t *)R);
+}
+
+// 求逆
+static void inv()
+{
+}
+
+// jacobianPoint点加
+static void jacobianPoint_add(JACOBIAN_POINT *R, const JACOBIAN_POINT *P, const JACOBIAN_POINT *Q)
+{
+    const uint64_t *X1 = P->X;
+    const uint64_t *Y1 = P->Y;
+    const uint64_t *Z1 = P->Z;
+    const uint64_t *x2 = Q->X;
+    const uint64_t *y2 = Q->Y;
+    SM2_BN T1;
+    SM2_BN T2;
+    SM2_BN T3;
+    SM2_BN T4;
+    SM2_BN X3;
+    SM2_BN Y3;
+    SM2_BN Z3;
+    if (sm2_jacobian_point_is_at_infinity(Q))
+    {
+        sm2_jacobian_point_copy(R, P);
+        return;
+    }
+
+    if (sm2_jacobian_point_is_at_infinity(P))
+    {
+        sm2_jacobian_point_copy(R, Q);
+        return;
+    }
+
+    assert(sm2_bn_is_one(Q->Z));
+
+    sm2_fp_sqr(T1, Z1);
+    sm2_fp_mul(T2, T1, Z1);
+    sm2_fp_mul(T1, T1, x2);
+    sm2_fp_mul(T2, T2, y2);
+    sm2_fp_sub(T1, T1, X1);
+    sm2_fp_sub(T2, T2, Y1);
+    if (sm2_bn_is_zero(T1))
+    {
+        if (sm2_bn_is_zero(T2))
+        {
+            SM2_JACOBIAN_POINT _Q, *Q = &_Q;
+            sm2_jacobian_point_set_xy(Q, x2, y2);
+
+            sm2_jacobian_point_dbl(R, Q);
+            return;
+        }
+        else
+        {
+            sm2_jacobian_point_set_infinity(R);
+            return;
+        }
+    }
+    sm2_fp_mul(Z3, Z1, T1);
+    sm2_fp_sqr(T3, T1);
+    sm2_fp_mul(T4, T3, T1);
+    sm2_fp_mul(T3, T3, X1);
+    sm2_fp_dbl(T1, T3);
+    sm2_fp_sqr(X3, T2);
+    sm2_fp_sub(X3, X3, T1);
+    sm2_fp_sub(X3, X3, T4);
+    sm2_fp_sub(T3, T3, X3);
+    sm2_fp_mul(T3, T3, T2);
+    sm2_fp_mul(T4, T4, Y1);
+    sm2_fp_sub(Y3, T3, T4);
+
+    sm2_bn_copy(R->X, X3);
+    sm2_bn_copy(R->Y, Y3);
+    sm2_bn_copy(R->Z, Z3);
+}
+
+// bytes转jacobianPoint
+static void jacobianPoint_from_bytes(JACOBIAN_POINT *P, const uint8_t in[64])
+{
+}
+
+// jacobianPoint转bytes
+static void jacobianPoint_to_bytes(JACOBIAN_POINT *P, const uint8_t in[64])
+{
+}
+
+static void BN_from_bytes(TPRE_BN *r, const uint8_t in[32])
+{
+    int i;
+    for (i = 7; i >= 0; i--)
+    {
+        r[i] = GETU32(in);
+        in += sizeof(uint32_t);
+    }
+}
+
+// 点乘的Python接口函数
+static PyObject *py_multiply(PyObject *self, PyObject *args)
+{
+    return
+}
+
+// 点加的Python接口函数
+static PyObject *py_add(PyObject *self, PyObject *args)
+{
+    return
+}
+
+// 求逆的Python接口函数
+static PyObject *py_inv(PyObject *self, PyObject *args)
+{
+    return
+}
+
+// 模块方法定义
+static PyMethodDef MyMethods[] = {
+    {"multiply", py_multiply, METH_VARARGS, "Multiply a point on the sm2p256v1 curve"},
+    {"add", py_add, METH_VARARGS, "Add a point on thesm2p256v1 curve"},
+    {"inv", py_inv, METH_VARARGS, "Calculate an inv of a number"},
+    {NULL, NULL, 0, NULL} // 哨兵
+};
+
+// 模块定义
+static struct PyModuleDef tpreECC = {
+    PyModuleDef_HEAD_INIT,
+    "tpreECC",
+    NULL, // 模块文档
+    -1,
+    MyMethods};
+
+// 初始化模块
+PyMODINIT_FUNC PyInit_tpre(void)
+{
+    return PyModule_Create(&tpreECC);
+}

test.py

@@ -1,6 +0,0 @@
-from gmssl import * #pylint: disable = e0401 
-
-sm3 = Sm3() #pylint: disable = e0602
-sm3.update(b'abc')
-dgst = sm3.digest()
-print("sm3('abc') : " + dgst.hex())

todo.md

@@ -0,0 +1,21 @@
+# todolist
+
+- [x] 测试单核和多核性能
+  - 这个算法在获得足够的CPU资源（即接近或等于1个完整核心）时表现最佳。  
+  - 过低的CPU资源分配会严重影响性能，而适度的分配（如0.1核心）则能提供更合理的性能。
+  - 单核和多核性能差异不大  
+
+- [x] 测试不同cpu架构性能的差异  
+  - 测试了12th Gen Intel(R) Core(TM) i5-12490F 和 rk3399两颗cpu的性能
+
+- [x] 测试不同消息长度的时间
+  - 测试了10M文本的加密速度，在1s内可以完成全部算法内容
+
+- [x] 测试极限（1s）时的节点数  
+  - 12th Gen i5 CPU大概是90多个节点时达到1s的时间上限
+
+- [x] 非docker部署需要获取本机ip  
+  - 添加了通过网卡获取ip的方法
+
+- [x] 复习预备知识  
+- [x] 准备圆场话术