def _dump_meta(self, metafile):
"""
Dump the meta information on the metafile
:param metafile: file where meta information will be saved
:return: encrypted meta information
"""
if self.debug:
print("dumping metadata on file ", metafile)
# Encrypt symmetric key pairing group element with CP-ABE
enc_el = abe.encrypt(self.meta['el'], self.pairing_group,
next(iter(self.abe_pk.values())),
self.meta['policy'], self.debug)
# Prepare encrypted data
enc_meta = {
'policy': self.meta['policy'],
'nonce': self.meta['nonce'].hex(),
'enc_el': objectToBytes(enc_el, self.pairing_group).hex(),
'chunk_size': self.meta['chunk_size'],
'random_size': self.meta['random_size'],
're_encs': self.meta['re_encs']
}
# Check if there is re-encryption information
if len(enc_meta['re_encs']):
# Retrieve ABE public key
re_enc_op = enc_meta['re_encs'][0]
key_pair_label = re_enc_op['pk']
pk = self.abe_pk[key_pair_label]
#print('DUMP ENC META PRE ABE', re_enc_op)
# Encrypt seed
enc_seed = objectToBytes(
abe.encrypt(re_enc_op['enc_seed'], self.pairing_group, pk,
re_enc_op['policy'], self.debug),
self.pairing_group)
# Encrypt symmetric key
enc_key = objectToBytes(
abe.encrypt(re_enc_op['enc_key'], self.pairing_group, pk,
re_enc_op['policy'], self.debug),
self.pairing_group)
# Add re-encryption information to encrypted meta information
enc_meta['re_encs'][0]['enc_seed'] = hexlify(enc_seed).decode()
enc_meta['re_encs'][0]['enc_key'] = hexlify(enc_key).decode()
enc_meta['re_encs'][0]['iv'] = hexlify(re_enc_op['iv']).decode()
#print('DUMP ENC META POST ABE', enc_meta['re_encs'][0])
# Write encrypted information
with open(metafile, 'w') as f:
json.dump(enc_meta, f)
return enc_meta
def _dump_meta(self, metafile):
"""Dump the meta information on the meta file
"""
if self.debug:
print("dumping metadata on file ", metafile)
# we need to handle separately enc_el (charm.toolbox.node.BinNode) as there is no serializer
enc_el = abe.encrypt(self.meta['el'], self.pairing_group,
next(iter(self.abe_pk.values())),
self.meta['policy'], self.debug)
# write encrypted data
enc_meta = {
'policy': self.meta['policy'],
'nonce': self.meta['nonce'].hex(),
'enc_el': objectToBytes(enc_el, self.pairing_group).hex(),
'chunk_size': self.meta['chunk_size'],
'random_size': self.meta['random_size'],
're_encs': self.meta['re_encs']
}
for i in range(len(self.meta['re_encs'])):
# Retrieve public key
re_enc_op = enc_meta['re_encs'][i]
key_pair_label = re_enc_op['pk']
pk = self.abe_pk[key_pair_label]
# Encrypt seed
enc_seed = objectToBytes(
abe.encrypt(re_enc_op['enc_seed'], self.pairing_group, pk,
re_enc_op['policy'], self.debug),
self.pairing_group)
# Encrypt symmetric key
enc_key = objectToBytes(
abe.encrypt(re_enc_op['enc_key'], self.pairing_group, pk,
re_enc_op['policy'], self.debug),
self.pairing_group)
enc_meta['re_encs'][i]['enc_seed'] = hexlify(enc_seed).decode()
enc_meta['re_encs'][i]['enc_key'] = hexlify(enc_key).decode()
enc_meta['re_encs'][i]['iv'] = hexlify(re_enc_op['iv']).decode()
with open(metafile, 'w') as f:
json.dump(enc_meta, f)
return enc_meta
# ========== ENCRYPTION ========== #
for k in range(sample_num):
# Their solution
starting = time() * 1000.0
for i in range(iterations):
cpabe.encrypt(pk, pg_elem, policy)
sample_enc += ((time() * 1000.0) - starting)
print('ENC =', sample_enc / sample_num)
# ========== MODULE ENCRYPTION ========== #
for k in range(sample_num):
# Their solution
starting = time() * 1000.0
for i in range(iterations):
c = abe.encrypt(pg_elem, pairing_group, pk, policy)
sample_mod_enc += ((time() * 1000.0) - starting)
print('MODULE ENC =', sample_mod_enc / sample_num)
# ========== DECRYPTION ========== #
ciphertext['policy'] = '(DEPT1 and TEAM1)'
for k in range(sample_num):
# Their solution
starting = time() * 1000.0
for i in range(iterations):
cpabe.decrypt(pk, sk, ciphertext)
sample_dec += ((time() * 1000.0) - starting)
print('DEC =', sample_dec / sample_num)
# ========== MODULE DECRYPTION ========== #
ciphertext['policy'] = '(DEPT1 and TEAM1)'
def update_re_enc_infos(metafile, re_enc_length, pk, policy, debug=0):
"""
Update re-encryption infos contained in the metadata file adding parameters related to the latest re-encryption
operation.
:param metafile: metadata file where re-encryption parameters will be saved
:param re_enc_length: number of bytes to re-encrypt
:param pk: public key to encrypt re-encryption parameters
:param policy: policy to apply to the encryption
:param debug: if 1, prints will be shown during execution; default 0, no prints are shown
:return: re-encryption parameters
"""
# Read metadata and update with new re-encryption infos
with open(metafile, 'r+') as f:
metadata = json.load(f)
# Retrieve re-encryption parameters
chunk_size = metadata[const.CHUNK_SIZE]
# Generate re-encryption parameters
seed = None
seed_pg_elem = None
if re_enc_length < chunk_size:
seed, seed_pg_elem = pg.random_string_gen(pairing_group,
const.SEED_LENGTH)
key, key_pg_elem = pg.sym_key_gen(pairing_group,
const.SYM_KEY_DEFAULT_SIZE, debug)
iv = sym.iv_gen(const.IV_DEFAULT_SIZE, debug)
# Clamp the number of bytes to re-encrypt between RE_ENC_MIN_LENGTH and the chunk size
re_enc_length = fu.clamp(re_enc_length, const.RE_ENC_MIN_LENGTH,
chunk_size, debug)
if debug: # ONLY USE FOR DEBUG
print('\nCHUNK SIZE = %d' % chunk_size)
if seed:
print('SEED = (%d) %s' % (len(seed), seed))
print('SEED PG ELEM = (%s) %s' %
(type(seed_pg_elem), seed_pg_elem))
else:
print('SEED =', seed)
print('SEED PG ELEM =', seed_pg_elem)
print('KEY = (%d) %s' % (len(key), key))
print('KEY PG ELEM = (%s) %s' % (type(key_pg_elem), key_pg_elem))
print('IV = (%d) %s' % (len(iv), iv))
print('RE-ENC LEN =', re_enc_length)
# Prepare re-encryption parameters to write on the metadata file
enc_seed = objectToBytes(
abe.encrypt(seed_pg_elem, pairing_group,
bytesToObject(pk, pairing_group), policy, debug),
pairing_group) if seed is not None else seed
enc_key = objectToBytes(
abe.encrypt(key_pg_elem, pairing_group,
bytesToObject(pk, pairing_group), policy, debug),
pairing_group)
if debug: # ONLY USE FOR DEBUG
if enc_seed:
print('ENC SEED = (%d) %s' % (len(enc_seed), enc_seed))
else:
print('ENC SEED =', enc_seed)
print('ENC KEY = (%d) %s' % (len(enc_key), enc_key))
# Add re-encryption informations to metadata file
metadata['re_encs'].append({
'pk':
hashlib.sha256(pk).hexdigest(), # SHA256 of public key as hex
'policy':
policy,
'enc_seed':
hexlify(enc_seed).decode() if enc_seed is not None else enc_seed,
'enc_key':
hexlify(enc_key).decode(),
'iv':
hexlify(iv).decode(),
're_enc_length':
re_enc_length
})
if debug: # ONLY USE FOR DEBUG
print('METADATA =', metadata)
# Overwrite metadata file
f.seek(0)
json.dump(metadata, f)
return seed, key, iv, chunk_size, re_enc_length
def update_re_enc_info(metafile, re_enc_params, debug=0):
"""
Update re-encryption info contained in the metadata file adding parameters related to the latest re-encryption
operation.
:param metafile: metadata file where re-encryption parameters will be saved
:param re_enc_params: re-encryption parameters
:param debug: if 1, prints will be shown during execution; default 0, no prints are shown
:return: re-encryption parameters
"""
# Read metadata and update with new re-encryption info
with open(metafile, 'r+') as f:
metadata = json.load(f)
# Retrieve re-encryption parameters
chunk_size = metadata[const.CHUNK_SIZE]
pairing_group = re_enc_params['pairing_group']
pk = re_enc_params['pk']
policy = re_enc_params['policy']
re_enc_length = re_enc_params['re_enc_length']
seed = re_enc_params['seed']
key = re_enc_params['key']
root_iv = re_enc_params['iv']
re_encs_num = re_enc_params['re_encs_num']
# Clamp the number of bytes to re-encrypt between RE_ENC_MIN_LENGTH and the chunk size
re_enc_length = fu.clamp(re_enc_length, const.RE_ENC_MIN_LENGTH,
chunk_size, debug)
iv = fu.hash_chain(root_iv, re_encs_num)
if debug: # ONLY USE FOR DEBUG
print('CHUNK SIZE = %d' % chunk_size)
print('SEED = (%s) %s' % (type(seed), seed))
print('KEY = (%s) %s' % (type(key), key))
print('ROOT_IV = (%d) %s' % (len(root_iv), root_iv))
print('IV = (%d) %s' % (len(iv), iv))
print('RE-ENC LEN =', re_enc_length)
print('RE-ENC NUM =', re_encs_num)
# Prepare re-encryption parameters to write on the metadata file
enc_seed = objectToBytes(
abe.encrypt(seed, pairing_group, bytesToObject(pk, pairing_group),
policy, debug), pairing_group)
enc_key = objectToBytes(
abe.encrypt(key, pairing_group, bytesToObject(pk, pairing_group),
policy, debug), pairing_group)
if debug: # ONLY USE FOR DEBUG
print('ENC SEED = (%d) %s' % (len(enc_seed), enc_seed))
print('ENC KEY = (%d) %s' % (len(enc_key), enc_key))
# Create re-encryption information
re_enc_info = {
'pk':
hashlib.sha256(pk).hexdigest(), # SHA256 of public key as hex
'policy': policy,
'enc_seed': hexlify(enc_seed).decode(),
'enc_key': hexlify(enc_key).decode(),
'iv': hexlify(root_iv).decode(),
're_enc_length': re_enc_length,
're_encs_num': re_encs_num + 1
}
# Add re-encryption informations to metadata file
if len(metadata['re_encs']) > 0:
metadata['re_encs'][0] = re_enc_info
else:
metadata['re_encs'].append(re_enc_info)
if debug: # ONLY USE FOR DEBUG
print('METADATA =', metadata)
# Overwrite metadata file
f.seek(0)
json.dump(metadata, f)
f.truncate()
return objectToBytes(seed, pairing_group)[: const.SEED_LENGTH], \
objectToBytes(key, pairing_group)[: const.SYM_KEY_DEFAULT_SIZE], iv, chunk_size, re_enc_length