def derive_secrets(
self, initiator_nonce: bytes, responder_nonce: bytes,
remote_ephemeral_pubkey: datatypes.PublicKey,
auth_init_ciphertext: bytes, auth_ack_ciphertext: bytes
) -> Tuple[bytes, bytes, PreImage, PreImage]:
"""Derive base secrets from ephemeral key agreement."""
# ecdhe-shared-secret = ecdh.agree(ephemeral-privkey, remote-ephemeral-pubk)
ecdhe_shared_secret = ecies.ecdh_agree(self.ephemeral_privkey,
remote_ephemeral_pubkey)
# shared-secret = keccak(ecdhe-shared-secret || keccak(nonce || initiator-nonce))
shared_secret = keccak(ecdhe_shared_secret +
keccak(responder_nonce + initiator_nonce))
# aes-secret = keccak(ecdhe-shared-secret || shared-secret)
aes_secret = keccak(ecdhe_shared_secret + shared_secret)
# mac-secret = keccak(ecdhe-shared-secret || aes-secret)
mac_secret = keccak(ecdhe_shared_secret + aes_secret)
# setup keccak instances for the MACs
# egress-mac = keccak_with_digest.new(mac-secret ^ recipient-nonce || auth-sent-init)
mac1 = keccak_with_digest.new(
sxor(mac_secret, responder_nonce) + auth_init_ciphertext)
# ingress-mac = keccak_with_digest.new(mac-secret ^ initiator-nonce || auth-recvd-ack)
mac2 = keccak_with_digest.new(
sxor(mac_secret, initiator_nonce) + auth_ack_ciphertext)
if self._is_initiator:
egress_mac, ingress_mac = mac1, mac2
else:
egress_mac, ingress_mac = mac2, mac1
return aes_secret, mac_secret, egress_mac, ingress_mac
def test_update_digest_update(keccak):
preimage = keccak.new(b'')
preimage.update(b'arst')
assert preimage.digest(
) == b"\xc30[\xc9\xde\x12D\xe4\x80P\x96,\xedP\xb7Y4\xc3p\x06\xe9\x9e\x8bzb!>\x94\\=\xfc\xd7" # noqa: E501
preimage.update(b'tsra')
assert preimage.digest(
) == b"\xb1\xf3T\xb2\x8f\xf2\x84R\xd6\xb9\xd6\x1fA\x06\x1b\xbe\x82\xbe\xb1\xfc\x98\xf33d\xa8\x05\x8d\x1a]\x16M\x05" # noqa: E501
def test_copy_keccak_256_preimage(keccak):
preimage_origin = keccak.new(b'')
preimage_copy = preimage_origin.copy()
preimage_origin.update(b'arsttsra')
assert preimage_origin.digest(
) == b"\xb1\xf3T\xb2\x8f\xf2\x84R\xd6\xb9\xd6\x1fA\x06\x1b\xbe\x82\xbe\xb1\xfc\x98\xf33d\xa8\x05\x8d\x1a]\x16M\x05" # noqa: E501
assert preimage_copy.digest(
) == b"\xc5\xd2F\x01\x86\xf7#<\x92~}\xb2\xdc\xc7\x03\xc0\xe5\x00\xb6S\xca\x82';\x7b\xfa\xd8\x04]\x85\xa4p" # noqa: E501
def derive_secrets(self,
initiator_nonce: bytes,
responder_nonce: bytes,
remote_ephemeral_pubkey: datatypes.PublicKey,
auth_init_ciphertext: bytes,
auth_ack_ciphertext: bytes
) -> Tuple[bytes, bytes, PreImage, PreImage]:
"""Derive base secrets from ephemeral key agreement."""
# ecdhe-shared-secret = ecdh.agree(ephemeral-privkey, remote-ephemeral-pubk)
ecdhe_shared_secret = ecies.ecdh_agree(
self.ephemeral_privkey, remote_ephemeral_pubkey)
# shared-secret = keccak(ecdhe-shared-secret || keccak(nonce || initiator-nonce))
shared_secret = keccak(
ecdhe_shared_secret + keccak(responder_nonce + initiator_nonce))
# aes-secret = keccak(ecdhe-shared-secret || shared-secret)
aes_secret = keccak(ecdhe_shared_secret + shared_secret)
# mac-secret = keccak(ecdhe-shared-secret || aes-secret)
mac_secret = keccak(ecdhe_shared_secret + aes_secret)
# setup keccak instances for the MACs
# egress-mac = keccak_with_digest.new(mac-secret ^ recipient-nonce || auth-sent-init)
mac1 = keccak_with_digest.new(
sxor(mac_secret, responder_nonce) + auth_init_ciphertext
)
# ingress-mac = keccak_with_digest.new(mac-secret ^ initiator-nonce || auth-recvd-ack)
mac2 = keccak_with_digest.new(
sxor(mac_secret, initiator_nonce) + auth_ack_ciphertext
)
if self._is_initiator:
egress_mac, ingress_mac = mac1, mac2
else:
egress_mac, ingress_mac = mac2, mac1
return aes_secret, mac_secret, egress_mac, ingress_mac
def test_keccak_256_preimage(keccak, parts, expected_result):
preimage = keccak.new(parts[0])
for part in parts[1:]:
preimage.update(part)
assert preimage.digest() == expected_result
def keccak_hash_file_url(file_url):
response = request_get(file_url)
file = response.content
raw_hash = keccak.new(file)
return raw_hash.digest().hex()
def keccak_hash_file(file):
raw_hash = keccak.new(file)
return raw_hash.digest().hex()