def crypto_kem_dec(kyber_k:variant_k, kyber_eta:variant_eta, ct:bytes_t, sk:bytes_t(kyber_secretkeybytes)) \ -> contract(symbytes_t, lambda kyber_k, kyber_eta, ct, sk: array.length(ct) == kyber_ciphertextbytes(kyber_k) and array.length(sk) == kyber_secretkeybytes(kyber_k), lambda kyber_k, kyber_eta, ct, sk, res: True): buf = array.create(2 * kyber_symbytes, uint8(0)) pk = sk[kyber_indcpa_secretkeybytes(kyber_k):( kyber_indcpa_secretkeybytes(kyber_k) + kyber_indcpa_publickeybytes(kyber_k))] sk1 = sk[0:kyber_indcpa_secretkeybytes(kyber_k)] buf[0:kyber_symbytes] = kyber_cpapke_decrypt(kyber_k, kyber_eta, ct, sk1) buf[kyber_symbytes:(2 * kyber_symbytes)] = sk[( kyber_indcpa_secretkeybytes(kyber_k) + kyber_indcpa_publickeybytes(kyber_k)):(kyber_secretkeybytes(kyber_k) - kyber_symbytes)] kr = sha3_512(2 * kyber_symbytes, buf) cmp1 = kyber_cpapke_encrypt(kyber_k, kyber_eta, buf[0:kyber_symbytes], pk, kr[kyber_symbytes:(2 * kyber_symbytes)]) kr[kyber_symbytes:(2 * kyber_symbytes)] = sha3_256( kyber_ciphertextbytes(kyber_k), ct) if (cmp1 == ct): kr[0:kyber_symbytes] = kr[0:kyber_symbytes] else: kr[0:kyber_symbytes] = sk[( kyber_secretkeybytes(kyber_k) - kyber_symbytes):kyber_secretkeybytes(kyber_k)] ss = sha3_256(2 * kyber_symbytes, kr) return ss
def sha3_test(): for i in range(len(sha3_test_vectors)): msg = bytes.from_hex(sha3_test_vectors[i]['msg']) expected224 = sha3_test_vectors[i]['expected224'] expected256 = sha3_test_vectors[i]['expected256'] expected384 = sha3_test_vectors[i]['expected384'] expected512 = sha3_test_vectors[i]['expected512'] d224 = bytes.to_hex(sha3_224(array.length(msg), msg)) d256 = bytes.to_hex(sha3_256(array.length(msg), msg)) d384 = bytes.to_hex(sha3_384(array.length(msg), msg)) d512 = bytes.to_hex(sha3_512(array.length(msg), msg)) if (expected224 == d224 and expected256 == d256 and expected384 == d384 and expected512 == d512): print("SHA-3 (224/256/384/512) Test " + str(i) + " successful!") else: print("SHA3 Test failed!") print("Computed: " + d224) print("Expected: " + expected224) print("Computed: " + d256) print("Expected: " + expected256) print("Computed: " + d384) print("Expected: " + expected384) print("Computed: " + d512) print("Expected: " + expected512) exit(1)
def crypto_kem_enc(kyber_k:variant_k, kyber_eta:variant_eta, pk:bytes_t, msgcoins:symbytes_t) \ -> contract((bytes_t, symbytes_t), lambda kyber_k, kyber_eta, pk, msgcoins: array.length(pk) == kyber_publickeybytes(kyber_k), lambda kyber_k, kyber_eta, pk, msgcoins, res: True): #array.length(fst(res)) == kyber_ciphertextbytes(kyber_k) buf = array.create(2 * kyber_symbytes, uint8(0)) buf[0:kyber_symbytes] = sha3_256(kyber_symbytes, msgcoins) buf[kyber_symbytes:(2 * kyber_symbytes)] = sha3_256( kyber_publickeybytes(kyber_k), pk) kr = sha3_512(2 * kyber_symbytes, buf) ct = kyber_cpapke_encrypt(kyber_k, kyber_eta, buf[0:kyber_symbytes], pk, kr[kyber_symbytes:(2 * kyber_symbytes)]) kr[kyber_symbytes:(2 * kyber_symbytes)] = sha3_256( kyber_ciphertextbytes(kyber_k), ct) ss = sha3_256(2 * kyber_symbytes, kr) return (ct, ss)
def test_update(): k = sha3_256() assert k.seed == '' k.update('') assert k.seed == '' k.update("foo") assert k.seed == "foo" k.update(" bar") assert k.seed == "foo bar"
def crypto_kem_keypair(kyber_k:variant_k, kyber_eta:variant_eta, keypaircoins:symbytes_t, coins:symbytes_t) \ -> contract((bytes_t, bytes_t), lambda kyber_k, kyber_eta, keypaircoins, coins: True, lambda kyber_k, kyber_eta, keypaircoins, coins, res: True): #array.length(fst(res)) == kyber_publickeybytes(kyber_k) and array.length(snd(res)) == kyber_secretkeybytes(kyber_k) sk = array.create(kyber_secretkeybytes(kyber_k), uint8(0)) pk, sk1 = kyber_cpapke_keypair(kyber_k, kyber_eta, keypaircoins) sk[0:kyber_indcpa_secretkeybytes(kyber_k)] = sk1 sk[kyber_indcpa_secretkeybytes(kyber_k):( kyber_indcpa_secretkeybytes(kyber_k) + kyber_indcpa_publickeybytes(kyber_k))] = pk sk[(kyber_indcpa_secretkeybytes(kyber_k) + kyber_indcpa_publickeybytes(kyber_k)):( kyber_secretkeybytes(kyber_k) - kyber_symbytes)] = sha3_256( kyber_publickeybytes(kyber_k), pk) sk[(kyber_secretkeybytes(kyber_k) - kyber_symbytes):kyber_secretkeybytes(kyber_k)] = coins return (pk, sk)
def get_address(public_key: PublicKey) -> str: """Derive an Ethereum-style address from the given public key.""" return '0x' + sha3_256(public_key.format(False)[1:]).hexdigest()[-40:]
def s256(seed): return sha3_256(seed).hexdigest()