Beispiel #1
0
def test_capsule_is_hashable(alices_keys):

    delegating_sk, _signing_sk = alices_keys
    delegating_pk = delegating_sk.public_key()

    capsule1, key1 = Capsule.from_public_key(delegating_pk)
    capsule2, key2 = Capsule.from_public_key(delegating_pk)

    assert capsule1 != capsule2
    assert key1 != key2
    assert hash(capsule1) != hash(capsule2)

    new_capsule = Capsule.from_bytes(bytes(capsule1))
    assert hash(new_capsule) == hash(capsule1)
Beispiel #2
0
def test_capsule_serialization(alices_keys):

    delegating_sk, _signing_sk = alices_keys
    delegating_pk = delegating_sk.public_key()

    capsule, _key = Capsule.from_public_key(delegating_pk)
    new_capsule = Capsule.from_bytes(bytes(capsule))

    assert capsule == new_capsule

    # Deserializing a bad capsule triggers verification error
    capsule.point_e = CurvePoint.random()
    capsule_bytes = bytes(capsule)

    with pytest.raises(ValueError):
        Capsule.from_bytes(capsule_bytes)
Beispiel #3
0
def test_open_original(alices_keys):

    delegating_sk, _signing_sk = alices_keys
    delegating_pk = delegating_sk.public_key()

    capsule, key = Capsule.from_public_key(delegating_pk)
    key_back = capsule.open_original(delegating_sk)
    assert key == key_back
Beispiel #4
0
def test_open_reencrypted(alices_keys, bobs_keys):

    threshold = 6
    shares = 10

    delegating_sk, signing_sk = alices_keys
    receiving_sk, receiving_pk = bobs_keys

    signer = Signer(signing_sk)
    delegating_pk = delegating_sk.public_key()

    capsule, key = Capsule.from_public_key(delegating_pk)
    kfrags = generate_kfrags(delegating_sk=delegating_sk,
                             signer=signer,
                             receiving_pk=receiving_pk,
                             threshold=threshold,
                             shares=shares)

    cfrags = [reencrypt(capsule, kfrag).cfrag for kfrag in kfrags]
    key_back = capsule.open_reencrypted(receiving_sk, delegating_pk,
                                        cfrags[:threshold])
    assert key_back == key

    # No cfrags at all
    with pytest.raises(ValueError, match="Empty CapsuleFrag sequence"):
        capsule.open_reencrypted(receiving_sk, delegating_pk, [])

    # Not enough cfrags
    with pytest.raises(ValueError, match="Internal validation failed"):
        capsule.open_reencrypted(receiving_sk, delegating_pk,
                                 cfrags[:threshold - 1])

    # Repeating cfrags
    with pytest.raises(ValueError,
                       match="Some of the CapsuleFrags are repeated"):
        capsule.open_reencrypted(receiving_sk, delegating_pk,
                                 [cfrags[0]] + cfrags[:threshold - 1])

    # Mismatched cfrags
    kfrags2 = generate_kfrags(delegating_sk=delegating_sk,
                              signer=signer,
                              receiving_pk=receiving_pk,
                              threshold=threshold,
                              shares=shares)
    cfrags2 = [reencrypt(capsule, kfrag).cfrag for kfrag in kfrags2]
    with pytest.raises(ValueError,
                       match="CapsuleFrags are not pairwise consistent"):
        capsule.open_reencrypted(receiving_sk, delegating_pk,
                                 [cfrags2[0]] + cfrags[:threshold - 1])
Beispiel #5
0
def test_cfrag_with_wrong_capsule(verification_keys, kfrags, capsule_and_ciphertext, message):

    capsule, ciphertext = capsule_and_ciphertext
    verifying_pk, delegating_pk, receiving_pk = verification_keys

    capsule_alice1 = capsule
    capsule_alice2, _unused_key2 = Capsule.from_public_key(delegating_pk)

    cfrag = reencrypt(capsule_alice2, kfrags[0])
    cfrag = CapsuleFrag.from_bytes(bytes(cfrag)) # de-verify

    with pytest.raises(VerificationError):
        cfrag.verify(capsule_alice1,
                     verifying_pk=verifying_pk,
                     delegating_pk=delegating_pk,
                     receiving_pk=receiving_pk,
                     )