def test_signature_str(): sk = SecretKey.random() pk = sk.public_key() signer = Signer(sk) signature = signer.sign(b'peace at dawn') s = str(signature) assert 'Signature' in s
def test_sign_and_verify(execution_number): sk = SecretKey.random() pk = sk.public_key() signer = Signer(sk) message = b"peace at dawn" + str(execution_number).encode() signature = signer.sign(message) assert signature.verify(pk, message)
def test_sign_serialize_and_verify(execution_number): sk = SecretKey.random() pk = sk.public_key() signer = Signer(sk) message = b"peace at dawn" + str(execution_number).encode() signature = signer.sign(message) signature_bytes = bytes(signature) signature_restored = Signature.from_bytes(signature_bytes) assert signature_restored.verify(pk, message)
def grant(): json_data = json.loads(request.data.decode('utf-8')) capsule_id, alice_pubkey, alice_privkey, bob_pubkey = json_data['capsule_id'], json_data[ 'alice_pubkey'], json_data['alice_privkey'], json_data['bob_pubkey'] alice_pubkey = string_to_bytes(alice_pubkey) alice_pubkey = keys.UmbralPublicKey.from_bytes(alice_pubkey) alice_privkey = string_to_bytes(alice_privkey) alice_privkey = keys.UmbralPrivateKey.from_bytes(alice_privkey) bob_pubkey = string_to_bytes(bob_pubkey) bob_pubkey = keys.UmbralPublicKey.from_bytes(bob_pubkey) alice_signing_privkey = keys.UmbralPrivateKey.gen_key() alice_signing_pubkey = alice_signing_privkey.get_pubkey() alice_signer = Signer(alice_signing_privkey) # Perform split-rekey and grant re-encryption policy alice_kfrags = pre.generate_kfrags( alice_privkey, bob_pubkey, 10, 20, alice_signer) policy_id = mock_kms.grant(alice_kfrags) alice_pubkey.from_bytes response = { "policy_id": policy_id, "capsule_id": capsule_id, "alice_pubkey": bytes_to_string(alice_pubkey.to_bytes()), "alice_signing_pubkey": bytes_to_string(alice_signing_pubkey.to_bytes()) } return jsonify(response)
def test_simple_api(N, M, curve=default_curve()): """Manually injects umbralparameters for multi-curve testing.""" params = UmbralParameters(curve=curve) delegating_privkey = UmbralPrivateKey.gen_key(params=params) delegating_pubkey = delegating_privkey.get_pubkey() signing_privkey = UmbralPrivateKey.gen_key(params=params) signing_pubkey = signing_privkey.get_pubkey() signer = Signer(signing_privkey) receiving_privkey = UmbralPrivateKey.gen_key(params=params) receiving_pubkey = receiving_privkey.get_pubkey() plain_data = b'peace at dawn' ciphertext, capsule = pre.encrypt(delegating_pubkey, plain_data) cleartext = pre.decrypt(ciphertext, capsule, delegating_privkey) assert cleartext == plain_data capsule.set_correctness_keys(delegating=delegating_pubkey, receiving=receiving_pubkey, verifying=signing_pubkey) kfrags = pre.split_rekey(delegating_privkey, signer, receiving_pubkey, M, N) for kfrag in kfrags: cfrag = pre.reencrypt(kfrag, capsule) capsule.attach_cfrag(cfrag) reenc_cleartext = pre.decrypt(ciphertext, capsule, receiving_privkey) assert reenc_cleartext == plain_data
def test_verify(testerchain, signature_verifier): message = os.urandom(100) # Generate Umbral key umbral_privkey = UmbralPrivateKey.gen_key() umbral_pubkey = umbral_privkey.get_pubkey() umbral_pubkey_bytes = umbral_pubkey.to_bytes(is_compressed=False) # Sign message using SHA-256 hash signer = Signer(umbral_privkey) signature = signer(message) # Get recovery id (v) before using contract v = get_signature_recovery_value(message, signature, umbral_pubkey) recoverable_signature = bytes(signature) + v # Verify signature assert signature_verifier.functions.verify(message, recoverable_signature, umbral_pubkey_bytes[1:], ALGORITHM_SHA256).call() # Verify signature using wrong key umbral_privkey = UmbralPrivateKey.gen_key() umbral_pubkey_bytes = umbral_privkey.get_pubkey().to_bytes(is_compressed=False) assert not signature_verifier.functions.verify(message, recoverable_signature, umbral_pubkey_bytes[1:], ALGORITHM_SHA256).call()
def test_decryption_fails_when_it_expects_a_proof_and_there_isnt(N, M, alices_keys, bobs_keys): """Manually injects umbralparameters for multi-curve testing.""" delegating_privkey, signing_privkey = alices_keys delegating_pubkey = delegating_privkey.get_pubkey() signer = Signer(signing_privkey) priv_key_bob, pub_key_bob = bobs_keys plain_data = b'peace at dawn' ciphertext, capsule = pre.encrypt(delegating_privkey.get_pubkey(), plain_data) kfrags = pre.split_rekey(delegating_privkey, signer, pub_key_bob, M, N) capsule.set_correctness_keys(delegating=delegating_privkey.get_pubkey(), receiving=pub_key_bob, verifying=signing_privkey.get_pubkey()) for kfrag in kfrags[:M]: cfrag = pre.reencrypt(kfrag, capsule) capsule.attach_cfrag(cfrag) # Even thought we can successfully attach a CFrag, if the proof is lost # (for example, it is chopped off a serialized CFrag or similar), then decrypt # will still fail. cfrag.proof = None with pytest.raises(cfrag.NoProofProvided): _cleartext = pre.decrypt(ciphertext, capsule, priv_key_bob)
def test_cfrag_serialization_no_proof_no_metadata(alices_keys, bobs_keys): delegating_privkey, signing_privkey = alices_keys delegating_pubkey = delegating_privkey.get_pubkey() _receiving_privkey, receiving_pubkey = bobs_keys signer_alice = Signer(signing_privkey) _unused_key, capsule = pre._encapsulate(delegating_pubkey.point_key) kfrags = pre.split_rekey(delegating_privkey, signer_alice, receiving_pubkey, 1, 2) cfrag = pre.reencrypt(kfrags[0], capsule, provide_proof=False) cfrag_bytes = cfrag.to_bytes() proof = cfrag.proof assert proof is None curve = default_curve() assert len(cfrag_bytes) == CapsuleFrag.expected_bytes_length(curve) new_cfrag = pre.CapsuleFrag.from_bytes(cfrag_bytes) assert new_cfrag._point_e1 == cfrag._point_e1 assert new_cfrag._point_v1 == cfrag._point_v1 assert new_cfrag._kfrag_id == cfrag._kfrag_id assert new_cfrag._point_noninteractive == cfrag._point_noninteractive new_proof = new_cfrag.proof assert new_proof is None
def encrypt(): # Get data from request json_data = json.loads(request.data.decode('utf-8')) data = json_data["hash"].encode( 'utf-8') #, json_data['alice_pubkey'], json_data['alice_privkey'] alice_pubkey, alice_privkey = gen_alice() # Encrypt some data plaintext = data ciphertext, capsule = pre.encrypt(alice_pubkey, plaintext) alice_signing_privkey = keys.UmbralPrivateKey.gen_key() alice_signing_pubkey = alice_signing_privkey.get_pubkey() alice_signer = Signer(alice_signing_privkey) # Perform split-rekey and grant re-encryption policy alice_kfrags = pre.split_rekey(alice_privkey, alice_signer, bob_pubkey, 10, 20) policy_id = mock_kms.grant(alice_kfrags) alice_pubkey.from_bytes response = { "ciphertext": bytes_to_string(ciphertext), "policy_id": policy_id, "capsule": bytes_to_string(capsule.to_bytes()), "alice_pubkey": bytes_to_string(alice_pubkey.to_bytes()), "alice_signing_pubkey": bytes_to_string(alice_signing_pubkey.to_bytes()) } return jsonify(response)
def test_kfrags_signed_without_correctness_keys(alices_keys, bobs_keys, capsule): delegating_privkey, signing_privkey = alices_keys delegating_pubkey = delegating_privkey.get_pubkey() verifying_key = signing_privkey.get_pubkey() receiving_privkey, receiving_pubkey = bobs_keys kfrags = pre.generate_kfrags(delegating_privkey=delegating_privkey, signer=Signer(signing_privkey), receiving_pubkey=receiving_pubkey, threshold=6, N=10, sign_delegating_key=False, sign_receiving_key=False) for kfrag in kfrags: # You can verify the KFrag specifying only the verifying key assert kfrag.verify(signing_pubkey=verifying_key) # ... or if it is set in the capsule, using the capsule capsule.set_correctness_keys(verifying=verifying_key) assert kfrag.verify_for_capsule(capsule) # It should even work when other keys are set in the capsule assert kfrag.verify(signing_pubkey=verifying_key, delegating_pubkey=delegating_pubkey, receiving_pubkey=receiving_pubkey)
def test_m_of_n(N, M, alices_keys, bobs_keys): delegating_privkey, signing_privkey = alices_keys delegating_pubkey = delegating_privkey.get_pubkey() signer = Signer(signing_privkey) priv_key_bob, pub_key_bob = bobs_keys params = delegating_privkey.params sym_key, capsule = pre._encapsulate(delegating_pubkey) capsule.set_correctness_keys(delegating=delegating_privkey.get_pubkey(), receiving=pub_key_bob, verifying=signing_privkey.get_pubkey()) kfrags = pre.split_rekey(delegating_privkey, signer, pub_key_bob, M, N) for kfrag in kfrags: assert kfrag.verify(signing_privkey.get_pubkey(), delegating_privkey.get_pubkey(), pub_key_bob) for i, kfrag in enumerate(kfrags[:M]): # Example of potential metadata to describe the re-encryption request metadata = "This is an example of metadata for re-encryption request #{}" metadata = metadata.format(i).encode() cfrag = pre.reencrypt(kfrag, capsule, metadata=metadata) capsule.attach_cfrag(cfrag) assert cfrag.verify_correctness(capsule) sym_key_from_capsule = pre._open_capsule(capsule, priv_key_bob) assert sym_key == sym_key_from_capsule
def test_correctness_proof_serialization(alices_keys): delegating_privkey, signing_privkey = alices_keys delegating_pubkey = delegating_privkey.get_pubkey() signer = Signer(signing_privkey) priv_key_bob = keys.UmbralPrivateKey.gen_key() pub_key_bob = priv_key_bob.get_pubkey() params = delegating_privkey.params _unused_key, capsule = pre._encapsulate(delegating_pubkey) kfrags = pre.split_rekey(delegating_privkey, signer, pub_key_bob, 1, 2) # Example of potential metadata to describe the re-encryption request metadata = b"This is an example of metadata for re-encryption request" cfrag = pre.reencrypt(kfrags[0], capsule, metadata=metadata) proof = cfrag.proof proof_bytes = proof.to_bytes() # A CorrectnessProof can be represented as # the 228 total bytes of four Points (33 each) and three BigNums (32 each). # TODO: Figure out final size for CorrectnessProofs # assert len(proof_bytes) == (33 * 4) + (32 * 3) == 228 new_proof = CorrectnessProof.from_bytes(proof_bytes) assert new_proof._point_e2 == proof._point_e2 assert new_proof._point_v2 == proof._point_v2 assert new_proof._point_kfrag_commitment == proof._point_kfrag_commitment assert new_proof._point_kfrag_pok == proof._point_kfrag_pok assert new_proof.bn_sig == proof.bn_sig assert new_proof.kfrag_signature == proof.kfrag_signature assert new_proof.metadata == proof.metadata
def _mock_ursula_reencrypts(ursula, corrupt_cfrag: bool = False): delegating_privkey = UmbralPrivateKey.gen_key() _symmetric_key, capsule = pre._encapsulate(delegating_privkey.get_pubkey()) signing_privkey = UmbralPrivateKey.gen_key() signing_pubkey = signing_privkey.get_pubkey() signer = Signer(signing_privkey) priv_key_bob = UmbralPrivateKey.gen_key() pub_key_bob = priv_key_bob.get_pubkey() kfrags = pre.generate_kfrags(delegating_privkey=delegating_privkey, signer=signer, receiving_pubkey=pub_key_bob, threshold=2, N=4, sign_delegating_key=False, sign_receiving_key=False) capsule.set_correctness_keys(delegating_privkey.get_pubkey(), pub_key_bob, signing_pubkey) ursula_pubkey = ursula.stamp.as_umbral_pubkey() alice_address = canonical_address_from_umbral_key(signing_pubkey) blockhash = bytes(32) specification = b''.join((bytes(capsule), bytes(ursula_pubkey), bytes(ursula.decentralized_identity_evidence), alice_address, blockhash)) bobs_signer = Signer(priv_key_bob) task_signature = bytes(bobs_signer(specification)) metadata = bytes(ursula.stamp(task_signature)) cfrag = pre.reencrypt(kfrags[0], capsule, metadata=metadata) if corrupt_cfrag: cfrag.proof.bn_sig = CurveBN.gen_rand(capsule.params.curve) cfrag_signature = bytes(ursula.stamp(bytes(cfrag))) bob = Bob.from_public_keys(verifying_key=pub_key_bob) task = WorkOrder.Task(capsule, task_signature, cfrag, cfrag_signature) work_order = WorkOrder(bob, None, alice_address, [task], None, ursula, blockhash) evidence = IndisputableEvidence(task, work_order) return evidence
def test_wrong_N_M_in_split_rekey(N, M, alices_keys, bobs_keys): delegating_privkey, signing_privkey = alices_keys signer = Signer(signing_privkey) _receiving_privkey, receiving_pubkey = bobs_keys with pytest.raises(ValueError): _kfrags = pre.split_rekey(delegating_privkey, signer, receiving_pubkey, M, N)
def test_verification_fail(): sk = SecretKey.random() pk = sk.public_key() signer = Signer(sk) message = b"peace at dawn" signature = signer.sign(message) # wrong message wrong_message = b"no peace at dawn" assert not signature.verify(pk, wrong_message) # bad signature signature_bytes = bytes(signature) signature_bytes = b'\x00' + signature_bytes[1:] signature_restored = Signature.from_bytes(signature_bytes) assert not signature_restored.verify(pk, message)
def kfrags(alices_keys, bobs_keys): delegating_privkey, signing_privkey = alices_keys delegating_pubkey = delegating_privkey.get_pubkey() signer_alice = Signer(signing_privkey) receiving_privkey, receiving_pubkey = bobs_keys yield pre.split_rekey(delegating_privkey, signer_alice, receiving_pubkey, 6, 10)
def kfrags(alices_keys, bobs_keys): delegating_privkey, signing_privkey = alices_keys signer_alice = Signer(signing_privkey) receiving_privkey, receiving_pubkey = bobs_keys yield pre.generate_kfrags(delegating_privkey=delegating_privkey, signer=signer_alice, receiving_pubkey=receiving_pubkey, threshold=6, N=10)
def ursula(mocker): identity_evidence = os.urandom(LENGTH_ECDSA_SIGNATURE_WITH_RECOVERY) ursula_privkey = UmbralPrivateKey.gen_key() ursula_stamp = SignatureStamp(verifying_key=ursula_privkey.pubkey, signer=Signer(ursula_privkey)) ursula = mocker.Mock(stamp=ursula_stamp, decentralized_identity_evidence=identity_evidence) ursula.mature = lambda: True ursula._stamp_has_valid_signature_by_worker = lambda: True return ursula
def mock_ursula(testerchain, account): ursula_privkey = UmbralPrivateKey.gen_key() ursula_stamp = SignatureStamp(verifying_key=ursula_privkey.pubkey, signer=Signer(ursula_privkey)) signed_stamp = testerchain.client.sign_message(account=account, message=bytes(ursula_stamp)) ursula = Mock(stamp=ursula_stamp, decentralized_identity_evidence=signed_stamp) return ursula
def test_signature_is_hashable(): sk = SecretKey.random() pk = sk.public_key() signer = Signer(sk) message = b'peace at dawn' message2 = b'no peace at dawn' signature = signer.sign(message) signature2 = signer.sign(message2) assert hash(signature) != hash(signature2) signature_restored = Signature.from_bytes(bytes(signature)) assert signature == signature_restored assert hash(signature) == hash(signature_restored) # Different hash, since signing involves some randomness signature3 = signer.sign(message) assert hash(signature) != hash(signature3)
def test_cheating_ursula_sends_garbage(N, M, alices_keys): delegating_privkey, signing_privkey = alices_keys delegating_pubkey = delegating_privkey.get_pubkey() signer = Signer(signing_privkey) priv_key_bob = keys.UmbralPrivateKey.gen_key() pub_key_bob = priv_key_bob.get_pubkey() params = delegating_privkey.params sym_key, capsule_alice = pre._encapsulate(delegating_pubkey) kfrags = pre.split_rekey(delegating_privkey, signer, pub_key_bob, M, N) capsule_alice.set_correctness_keys(delegating=delegating_pubkey, receiving=pub_key_bob, verifying=signing_privkey.get_pubkey()) cfrags, metadata = [], [] for i, kfrag in enumerate(kfrags[:M]): # Example of potential metadata to describe the re-encryption request metadata_i = "This is an example of metadata for re-encryption request #{}" metadata_i = metadata_i.format(i).encode() metadata.append(metadata_i) cfrag = pre.reencrypt(kfrag, capsule_alice, metadata=metadata_i) capsule_alice.attach_cfrag(cfrag) cfrags.append(cfrag) # Let's put random garbage in one of the cfrags cfrags[0]._point_e1 = Point.gen_rand() cfrags[0]._point_v1 = Point.gen_rand() capsule_alice._reconstruct_shamirs_secret(priv_key_bob) # activate capsule with pytest.raises(pre.GenericUmbralError): _unused_key = pre._decapsulate_reencrypted(priv_key_bob, capsule_alice) assert not cfrags[0].verify_correctness(capsule_alice) # The response of cheating Ursula is in cfrags[0], # so the rest of CFrags chould be correct: for cfrag_i, metadata_i in zip(cfrags[1:], metadata[1:]): assert cfrag_i.verify_correctness(capsule_alice) # Alternatively, we can try to open the capsule directly. # We should get an exception with an attached list of incorrect cfrags with pytest.raises(pre.UmbralCorrectnessError) as exception_info: _decapsulated_key = pre._open_capsule(capsule_alice, priv_key_bob) correctness_error = exception_info.value assert cfrags[0] in correctness_error.offending_cfrags assert len(correctness_error.offending_cfrags) == 1
def get_instance(self): if not self._unique_instance: set_default_curve() self.bb = BulletinBoard.get_instance() self.proxy = Proxy.get_instance() self.private_key = UmbralPrivateKey.gen_key() self.public_key = self.private_key.get_pubkey() self.singning_key = UmbralPrivateKey.gen_key() self.verifying_key = self.singning_key.get_pubkey() self.signer = Signer(private_key=self.singning_key) self.voters = [] self._unique_instance = self.__internal_new__() return self._unique_instance
def __init__(self): # Generate keys for Alice self.priv_key = keys.UmbralPrivateKey.gen_key() self.pub_key = self.priv_key.get_pubkey() self.signing_priv_key = self.priv_key self.signer = Signer(self.signing_priv_key) self.signing_pub_key = self.signing_priv_key.get_pubkey() self.box_private = hashlib.sha256( ('private' + str(time.time())).encode('utf-8')).hexdigest() self.box_public = hashlib.sha256( ('public' + str(time.time())).encode('utf-8')).hexdigest() self.capsules = {"strange_hash": (None, None)}
def test_recover(testerchain, signature_verifier): message = os.urandom(100) # Prepare message hash hash_ctx = hashes.Hash(hashes.SHA256(), backend=backend) hash_ctx.update(message) message_hash = hash_ctx.finalize() # Generate Umbral key and extract "address" from the public key umbral_privkey = UmbralPrivateKey.gen_key() umbral_pubkey = umbral_privkey.get_pubkey() umbral_pubkey_bytes = umbral_privkey.get_pubkey().to_bytes( is_compressed=False) signer_address = keccak_digest(umbral_pubkey_bytes[1:]) signer_address = to_normalized_address(signer_address[12:]) # Sign message signer = Signer(umbral_privkey) signature = signer(message) # Get recovery id (v) before using contract # If we don't have recovery id while signing then we should try to recover public key with different v # Only the correct v will match the correct public key v = get_signature_recovery_value(message, signature, umbral_pubkey) recoverable_signature = bytes(signature) + v # Check recovery method in the contract assert signer_address == to_normalized_address( signature_verifier.functions.recover(message_hash, recoverable_signature).call()) # Also numbers 27 and 28 can be used for v recoverable_signature = recoverable_signature[:-1] + bytes( [recoverable_signature[-1] + 27]) assert signer_address == to_normalized_address( signature_verifier.functions.recover(message_hash, recoverable_signature).call()) # Only number 0,1,27,28 are supported for v recoverable_signature = bytes(signature) + bytes([2]) with pytest.raises((TransactionFailed, ValueError)): signature_verifier.functions.recover(message_hash, recoverable_signature).call() # Signature must include r, s and v recoverable_signature = bytes(signature) with pytest.raises((TransactionFailed, ValueError)): signature_verifier.functions.recover(message_hash, recoverable_signature).call()
def __standard_encryption_api() -> tuple: delegating_privkey = keys.UmbralPrivateKey.gen_key(params=PARAMS) delegating_pubkey = delegating_privkey.get_pubkey() signing_privkey = keys.UmbralPrivateKey.gen_key(params=PARAMS) signer = Signer(signing_privkey) receiving_privkey = keys.UmbralPrivateKey.gen_key(params=PARAMS) receiving_pubkey = receiving_privkey.get_pubkey() plain_data = os.urandom(32) ciphertext, capsule = pre.encrypt(delegating_pubkey, plain_data) return delegating_privkey, signer, receiving_pubkey, ciphertext, capsule
def test_prehashed_message(execution_number): privkey = UmbralPrivateKey.gen_key() pubkey = privkey.get_pubkey() signer = Signer(private_key=privkey) message = b"peace at dawn" hash_function = hashes.Hash(DEFAULT_HASH_ALGORITHM(), backend=backend) hash_function.update(message) prehashed_message = hash_function.finalize() signature = signer(message=prehashed_message, is_prehashed=True) assert signature.verify(message=prehashed_message, verifying_key=pubkey, is_prehashed=True)
def test_bad_capsule_fails_reencryption(alices_keys, bobs_keys): delegating_privkey, _signing_privkey = alices_keys signer_alice = Signer(_signing_privkey) _receiving_privkey, receiving_pubkey = bobs_keys kfrags = pre.split_rekey(delegating_privkey, signer_alice, receiving_pubkey, 1, 2) bollocks_capsule = Capsule(point_e=Point.gen_rand(), point_v=Point.gen_rand(), bn_sig=CurveBN.gen_rand()) with pytest.raises(Capsule.NotValid): pre.reencrypt(kfrags[0], bollocks_capsule)
def test_compute_proof_challenge_scalar(testerchain, reencryption_validator, mock_ursula_reencrypts): ursula_privkey = UmbralPrivateKey.gen_key() ursula_stamp = SignatureStamp(verifying_key=ursula_privkey.pubkey, signer=Signer(ursula_privkey)) ursula = Mock(stamp=ursula_stamp) # Bob prepares supporting Evidence evidence = mock_ursula_reencrypts(ursula) capsule = evidence.task.capsule cfrag = evidence.task.cfrag capsule_bytes = capsule.to_bytes() cfrag_bytes = cfrag.to_bytes() proof_challenge_scalar = int(evidence.get_proof_challenge_scalar()) computeProofChallengeScalar = reencryption_validator.functions.computeProofChallengeScalar assert proof_challenge_scalar == computeProofChallengeScalar( capsule_bytes, cfrag_bytes).call()
def fragments(metadata): delegating_privkey = UmbralPrivateKey.gen_key() _symmetric_key, capsule = pre._encapsulate(delegating_privkey.get_pubkey()) signing_privkey = UmbralPrivateKey.gen_key() signer = Signer(signing_privkey) priv_key_bob = UmbralPrivateKey.gen_key() pub_key_bob = priv_key_bob.get_pubkey() kfrags = pre.generate_kfrags(delegating_privkey=delegating_privkey, signer=signer, receiving_pubkey=pub_key_bob, threshold=2, N=4, sign_delegating_key=False, sign_receiving_key=False) capsule.set_correctness_keys(delegating_privkey.get_pubkey(), pub_key_bob, signing_privkey.get_pubkey()) cfrag = pre.reencrypt(kfrags[0], capsule, metadata=metadata) return capsule, cfrag
def test_kfrag_serialization(alices_keys, bobs_keys): delegating_privkey, signing_privkey = alices_keys signer_alice = Signer(signing_privkey) _receiving_privkey, receiving_pubkey = bobs_keys kfrags = pre.split_rekey(delegating_privkey, signer_alice, receiving_pubkey, 1, 2) kfrag_bytes = kfrags[0].to_bytes() curve = default_curve() assert len(kfrag_bytes) == KFrag.expected_bytes_length(curve) new_frag = pre.KFrag.from_bytes(kfrag_bytes) assert new_frag._id == kfrags[0]._id assert new_frag._bn_key == kfrags[0]._bn_key assert new_frag._point_noninteractive == kfrags[0]._point_noninteractive assert new_frag._point_commitment == kfrags[0]._point_commitment assert new_frag._point_xcoord == kfrags[0]._point_xcoord