def test_cfrag_str(capsule, kfrags): cfrag0 = reencrypt(capsule, kfrags[0]) s = str(cfrag0) assert 'VerifiedCapsuleFrag' in s s = str(CapsuleFrag.from_bytes(bytes(cfrag0))) assert "VerifiedCapsuleFrag" not in s assert "CapsuleFrag" in s
def test_decrypt_unverified_cfrag(verification_keys, bobs_keys, capsule_and_ciphertext, kfrags): verifying_pk, delegating_pk, receiving_pk = verification_keys receiving_sk, _receiving_pk = bobs_keys capsule, ciphertext = capsule_and_ciphertext cfrags = [reencrypt(capsule, kfrag) for kfrag in kfrags] cfrags[0] = CapsuleFrag.from_bytes(bytes(cfrags[0])) with pytest.raises(TypeError): plaintext_reenc = decrypt_reencrypted( receiving_sk=receiving_sk, delegating_pk=delegating_pk, capsule=capsule, verified_cfrags=cfrags, ciphertext=ciphertext, )
def test_cfrag_with_wrong_capsule(verification_keys, kfrags, capsule_and_ciphertext, message): capsule, ciphertext = capsule_and_ciphertext verifying_pk, delegating_pk, receiving_pk = verification_keys capsule_alice1 = capsule capsule_alice2, _unused_key2 = Capsule.from_public_key(delegating_pk) cfrag = reencrypt(capsule_alice2, kfrags[0]) cfrag = CapsuleFrag.from_bytes(bytes(cfrag)) # de-verify with pytest.raises(VerificationError): cfrag.verify(capsule_alice1, verifying_pk=verifying_pk, delegating_pk=delegating_pk, receiving_pk=receiving_pk, )
def test_cfrag_with_wrong_data(verification_keys, kfrags, capsule_and_ciphertext, message): capsule, ciphertext = capsule_and_ciphertext verifying_pk, delegating_pk, receiving_pk = verification_keys cfrag = reencrypt(capsule, kfrags[0]) # Let's put random garbage in one of the cfrags cfrag = CapsuleFrag.from_bytes(bytes(cfrag)) # de-verify cfrag.point_e1 = CurvePoint.random() cfrag.point_v1 = CurvePoint.random() with pytest.raises(VerificationError): cfrag.verify(capsule, verifying_pk=verifying_pk, delegating_pk=delegating_pk, receiving_pk=receiving_pk, )
def test_cfrag_is_hashable(verification_keys, capsule, kfrags): verifying_pk, delegating_pk, receiving_pk = verification_keys cfrag0 = reencrypt(capsule, kfrags[0]) cfrag1 = reencrypt(capsule, kfrags[1]) assert hash(cfrag0) != hash(cfrag1) new_cfrag = CapsuleFrag.from_bytes(bytes(cfrag0)) assert hash(new_cfrag) != hash(cfrag0) verified_cfrag = new_cfrag.verify(capsule, verifying_pk=verifying_pk, delegating_pk=delegating_pk, receiving_pk=receiving_pk, ) assert hash(verified_cfrag) == hash(cfrag0)
def test_cfrag_serialization(verification_keys, capsule, kfrags): verifying_pk, delegating_pk, receiving_pk = verification_keys for kfrag in kfrags: cfrag = reencrypt(capsule, kfrag) cfrag_bytes = bytes(cfrag) new_cfrag = CapsuleFrag.from_bytes(cfrag_bytes) verified_cfrag = new_cfrag.verify(capsule, verifying_pk=verifying_pk, delegating_pk=delegating_pk, receiving_pk=receiving_pk, ) assert verified_cfrag == cfrag # Wrong delegating key with pytest.raises(VerificationError): new_cfrag.verify(capsule, verifying_pk=verifying_pk, delegating_pk=receiving_pk, receiving_pk=receiving_pk, ) # Wrong receiving key with pytest.raises(VerificationError): new_cfrag.verify(capsule, verifying_pk=verifying_pk, delegating_pk=delegating_pk, receiving_pk=delegating_pk, ) # Wrong signing key with pytest.raises(VerificationError): new_cfrag.verify(capsule, verifying_pk=receiving_pk, delegating_pk=delegating_pk, receiving_pk=receiving_pk, )
def test_serialized_size(capsule, kfrags): verified_cfrag = reencrypt(capsule, kfrags[0]) cfrag = CapsuleFrag.from_bytes(bytes(verified_cfrag)) assert verified_cfrag.serialized_size() == cfrag.serialized_size()
# Bob must gather at least `threshold` `cfrags` in order to open the capsule. cfrags = list() # Bob's cfrag collection for kfrag in kfrags: cfrag = reencrypt(capsule=capsule, kfrag=kfrag) cfrags.append(cfrag) # Bob collects a cfrag assert len(cfrags) == 10 # Bob checks the capsule fragments # -------------------------------- # If Bob received the capsule fragments in serialized form, # he can verify that they are valid and really originate from Alice, # using Alice's public keys. suspicious_cfrags = [CapsuleFrag.from_bytes(bytes(cfrag)) for cfrag in cfrags] cfrags = [cfrag.verify(capsule, verifying_pk=alices_verifying_key, delegating_pk=alices_public_key, receiving_pk=bobs_public_key, ) for cfrag in suspicious_cfrags] # Bob opens the capsule # ------------------------------------ # Finally, Bob decrypts the re-encrypted ciphertext using his key. bob_cleartext = decrypt_reencrypted(receiving_sk=bobs_secret_key, delegating_pk=alices_public_key, capsule=bob_capsule,
verifying_pk = signing_sk.public_key() delegating_pk = delegating_sk.public_key() receiving_pk = receiving_sk.public_key() kfrags = generate_kfrags(delegating_sk=delegating_sk, receiving_pk=receiving_pk, signer=Signer(signing_sk), threshold=6, shares=10, ) plain_data = b'peace at dawn' capsule, ciphertext = encrypt(delegating_pk, plain_data) cfrag = CapsuleFrag.from_bytes(bytes(reencrypt(capsule, kfrags[0]))) points = [capsule.point_e, cfrag.point_e1, cfrag.proof.point_e2, capsule.point_v, cfrag.point_v1, cfrag.proof.point_v2, cfrag.proof.kfrag_commitment, cfrag.proof.kfrag_pok] z = cfrag.proof.signature ########################### # CurveScalar arithmetics # ########################### # Let's generate two random CurveScalars bn1 = CurveScalar.random_nonzero() bn2 = CurveScalar.random_nonzero()