def test_crypto_kx_session_keys(seed1, seed2):
s_keys = b.crypto_kx_seed_keypair(seed1)
c_keys = b.crypto_kx_seed_keypair(seed2)
server_rx_key, server_tx_key = b.crypto_kx_server_session_keys(
s_keys[0], s_keys[1], c_keys[0])
client_rx_key, client_tx_key = b.crypto_kx_client_session_keys(
c_keys[0], c_keys[1], s_keys[0])
assert client_rx_key == server_tx_key
assert server_rx_key == client_tx_key
def test_crypto_kx_session_keys(seed1, seed2):
s_keys = b.crypto_kx_seed_keypair(seed1)
c_keys = b.crypto_kx_seed_keypair(seed2)
server_rx_key, server_tx_key = \
b.crypto_kx_server_session_keys(s_keys[0], s_keys[1], c_keys[0])
client_rx_key, client_tx_key = \
b.crypto_kx_client_session_keys(c_keys[0], c_keys[1], s_keys[0])
assert client_rx_key == server_tx_key
assert server_rx_key == client_tx_key
def keyexchange(n, ip, publickey_list, secretkey_list, extra_list):
exchangeKey = []
for i in range(n):
if i == ip:
exchangeKey.append(0)
else:
if i > ip:
comKeyint, _ = xc.crypto_kx_client_session_keys(publickey_list[i], secretkey_list[i], extra_list[i])
else:
_, comKeyint = xc.crypto_kx_server_session_keys(publickey_list[i], secretkey_list[i], extra_list[i])
exchangekey = int.from_bytes(xc.crypto_hash_sha256(comKeyint), byteorder='big')
exchangeKey.append(exchangekey)
return exchangeKey
def keyexchange(n, party_i, my_pkey_list, my_skey_list, other_pkey_list):
common_key_list = []
for i in range(n):
#Generate DH (common) keys
if i == party_i:
common_key_list.append(0)
else:
if i > party_i:
common_key_raw, _ = nb.crypto_kx_client_session_keys(
my_pkey_list[i], my_skey_list[i], other_pkey_list[i])
else:
_, common_key_raw = nb.crypto_kx_server_session_keys(
my_pkey_list[i], my_skey_list[i], other_pkey_list[i])
#Hash the common keys
common_key = int.from_bytes(nb.crypto_hash_sha256(common_key_raw),
byteorder='big')
common_key_list.append(common_key)
return common_key_list
def dict_keyexchange(peer_list, self_id, my_pkeys, my_skeys, peer_pkeys):
# CDB: The last three parameters are now all dictionaries. Dictionary keys
# are peer ids to which we gave the key, or from which we received the key.
# comkeys is also now a dictionary keyed by peer id.
comkeys = {}
for peer_id in peer_list:
if peer_id > self_id:
common_key_raw, _ = nb.crypto_kx_client_session_keys(
my_pkeys[peer_id], my_skeys[peer_id], peer_pkeys[peer_id])
else:
_, common_key_raw = nb.crypto_kx_server_session_keys(
my_pkeys[peer_id], my_skeys[peer_id], peer_pkeys[peer_id])
# Hash the common keys.
comkeys[peer_id] = int.from_bytes(
nb.crypto_hash_sha256(common_key_raw), byteorder='big')
return comkeys
def encrypt_X25519_Chacha20_Poly1305(data, seckey, recipient_pubkey):
'''Computes the encrypted part'''
pubkey = bytes(PrivateKey(seckey).public_key)
#LOG.debug('Original data: %s', data.hex())
LOG.debug(" Packet data: %s", data.hex())
LOG.debug(' my public key: %s', pubkey.hex())
LOG.debug(' my secret key: %s', seckey.hex())
LOG.debug('recipient public key: %s', recipient_pubkey.hex())
# X25519 shared key
_, shared_key = crypto_kx_server_session_keys(pubkey, seckey,
recipient_pubkey)
LOG.debug('shared key: %s', shared_key.hex())
# Chacha20_Poly1305
nonce = os.urandom(12)
encrypted_data = crypto_aead_chacha20poly1305_ietf_encrypt(
data, None, nonce, shared_key) # no add
return (pubkey + nonce + encrypted_data)
def test_crypto_kx_session_wrong_key_lengths():
s_keys = b.crypto_kx_keypair()
c_keys = b.crypto_kx_keypair()
with pytest.raises(exc.TypeError):
b.crypto_kx_server_session_keys(s_keys[0][:-1], s_keys[1], c_keys[0])
with pytest.raises(exc.TypeError):
b.crypto_kx_client_session_keys(c_keys[0][:-1], c_keys[1], s_keys[0])
with pytest.raises(exc.TypeError):
b.crypto_kx_server_session_keys(s_keys[0], s_keys[1][:-1], c_keys[0])
with pytest.raises(exc.TypeError):
b.crypto_kx_client_session_keys(c_keys[0], c_keys[1][:-1], s_keys[0])
with pytest.raises(exc.TypeError):
b.crypto_kx_server_session_keys(s_keys[0], s_keys[1], c_keys[0][:-1])
with pytest.raises(exc.TypeError):
b.crypto_kx_client_session_keys(c_keys[0], c_keys[1], s_keys[0][:-1])
def test_crypto_kx_session_wrong_key_lengths():
s_keys = b.crypto_kx_keypair()
c_keys = b.crypto_kx_keypair()
with pytest.raises(exc.TypeError):
b.crypto_kx_server_session_keys(s_keys[0][:-1], s_keys[1], c_keys[0])
with pytest.raises(exc.TypeError):
b.crypto_kx_client_session_keys(c_keys[0][:-1], c_keys[1], s_keys[0])
with pytest.raises(exc.TypeError):
b.crypto_kx_server_session_keys(s_keys[0], s_keys[1][:-1], c_keys[0])
with pytest.raises(exc.TypeError):
b.crypto_kx_client_session_keys(c_keys[0], c_keys[1][:-1], s_keys[0])
with pytest.raises(exc.TypeError):
b.crypto_kx_server_session_keys(s_keys[0], s_keys[1], c_keys[0][:-1])
with pytest.raises(exc.TypeError):
b.crypto_kx_client_session_keys(c_keys[0], c_keys[1], s_keys[0][:-1])
