def test_cfrag_serialization_with_proof_but_no_metadata( prepared_capsule, kfrags): for kfrag in kfrags: cfrag = pre.reencrypt(kfrag, prepared_capsule, provide_proof=True) cfrag_bytes = cfrag.to_bytes() proof = cfrag.proof assert proof is not None assert proof.metadata is None # A CFrag can be represented as the 131 total bytes of three Points (33 each) and a CurveBN (32). # TODO: Figure out final size for CFrags with proofs # assert len(cfrag_bytes) == 33 + 33 + 33 + 32 == 131 new_cfrag = CapsuleFrag.from_bytes(cfrag_bytes) assert new_cfrag.point_e1 == cfrag.point_e1 assert new_cfrag.point_v1 == cfrag.point_v1 assert new_cfrag.kfrag_id == cfrag.kfrag_id assert new_cfrag.point_precursor == cfrag.point_precursor new_proof = new_cfrag.proof assert new_proof is not None assert new_proof.point_e2 == proof.point_e2 assert new_proof.point_v2 == proof.point_v2 assert new_proof.point_kfrag_commitment == proof.point_kfrag_commitment assert new_proof.point_kfrag_pok == proof.point_kfrag_pok assert new_proof.bn_sig == proof.bn_sig assert new_proof.metadata is None
def test_cfrag_serialization_with_proof_and_metadata(prepared_capsule, kfrags): # Example of potential metadata to describe the re-encryption request metadata = b'This is an example of metadata for re-encryption request' for kfrag in kfrags: cfrag = pre.reencrypt(kfrag, prepared_capsule, provide_proof=True, metadata=metadata) cfrag_bytes = cfrag.to_bytes() proof = cfrag.proof assert proof is not None assert proof.metadata is not None new_cfrag = CapsuleFrag.from_bytes(cfrag_bytes) assert new_cfrag.point_e1 == cfrag.point_e1 assert new_cfrag.point_v1 == cfrag.point_v1 assert new_cfrag.kfrag_id == cfrag.kfrag_id assert new_cfrag.point_precursor == cfrag.point_precursor new_proof = new_cfrag.proof assert new_proof is not None assert new_proof.point_e2 == proof.point_e2 assert new_proof.point_v2 == proof.point_v2 assert new_proof.point_kfrag_commitment == proof.point_kfrag_commitment assert new_proof.point_kfrag_pok == proof.point_kfrag_pok assert new_proof.bn_sig == proof.bn_sig assert new_proof.metadata == metadata assert new_proof.metadata == proof.metadata
def decrypt(): api = ipfsapi.connect('127.0.0.1', 5001) res = {} cfrags = list() if request.headers['Content-Type'] == 'application/json': account = request.json['account'] ciphertexthex = request.json['ciphertext'] b_ciphertext = bytes.fromhex(ciphertexthex) decryptkey = request.json['decryptkey'] b_decryptkey = bytes.fromhex(decryptkey) deckey = UmbralPrivateKey.from_bytes(b_decryptkey) capsuleaddr = request.json['capsule'] b_capsule_all = api.cat(capsuleaddr) splitarr1 = b_capsule_all.split(b'ZAtech') b_basic_capsule = splitarr1[0] capsule = Capsule.from_bytes(b_basic_capsule, UmbralParameters(Curve(714))) print("0") correctness_keys = splitarr1[1] splitarr2 = correctness_keys.split(b'ZBtech') delegating = UmbralPublicKey.from_bytes(splitarr2[0]) receiving = UmbralPublicKey.from_bytes(splitarr2[1]) verifying = UmbralPublicKey.from_bytes(splitarr2[2]) # 用带入的参数capsule_all的各种byte,重现绑定correctness keys的capsule. capsule.set_correctness_keys(delegating=delegating, receiving=receiving, verifying=verifying) print("1") b_cfrag_all = splitarr1[2].split(b'ZCtech') for b_cfrag in b_cfrag_all: cfrags.append(CapsuleFrag.from_bytes(b_cfrag)) for cfrag in cfrags: capsule.attach_cfrag(cfrag) print("2") print(capsule) print(capsule.get_correctness_keys()) print(cfrags) cleartext = pre.decrypt(ciphertext=b_ciphertext, capsule=capsule, decrypting_key=deckey) print("3") res = {"cleartext": cleartext.decode("utf-8")} print("\nbob_cleartext: ") print(cleartext) return jsonify(res), {'Content-Type': 'application/json'} return
def test_cfrags(): vector_file = os.path.join('vectors', 'vectors_cfrags.json') try: with open(vector_file) as f: vector_suite = json.load(f) except OSError: raise params = default_params() capsule = pre.Capsule.from_bytes(bytes.fromhex(vector_suite['capsule']), params=params) verifying_key = UmbralPublicKey.from_bytes( bytes.fromhex(vector_suite['verifying_key'])) delegating_key = UmbralPublicKey.from_bytes( bytes.fromhex(vector_suite['delegating_key'])) receiving_key = UmbralPublicKey.from_bytes( bytes.fromhex(vector_suite['receiving_key'])) kfrags_n_cfrags = [ (KFrag.from_bytes(bytes.fromhex(json_kfrag['kfrag'])), CapsuleFrag.from_bytes(bytes.fromhex(json_kfrag['cfrag']))) for json_kfrag in vector_suite['vectors'] ] capsule.set_correctness_keys(delegating=delegating_key, receiving=receiving_key, verifying=verifying_key) for kfrag, cfrag in kfrags_n_cfrags: assert kfrag.verify(signing_pubkey=verifying_key, delegating_pubkey=delegating_key, receiving_pubkey=receiving_key), \ 'Invalid KFrag {}'.format(kfrag.to_bytes().hex()) new_cfrag = pre.reencrypt(kfrag, capsule, provide_proof=False) assert new_cfrag.point_e1 == cfrag.point_e1 assert new_cfrag.point_v1 == cfrag.point_v1 assert new_cfrag.kfrag_id == cfrag.kfrag_id assert new_cfrag.point_precursor == cfrag.point_precursor assert new_cfrag.proof is None assert cfrag.to_bytes() == new_cfrag.to_bytes()
def test_cfrag_serialization_no_proof_no_metadata(prepared_capsule, kfrags): for kfrag in kfrags: cfrag = pre.reencrypt(kfrag, prepared_capsule, provide_proof=False) cfrag_bytes = cfrag.to_bytes() proof = cfrag.proof assert proof is None assert len(cfrag_bytes) == CapsuleFrag.expected_bytes_length() new_cfrag = CapsuleFrag.from_bytes(cfrag_bytes) assert new_cfrag.point_e1 == cfrag.point_e1 assert new_cfrag.point_v1 == cfrag.point_v1 assert new_cfrag.kfrag_id == cfrag.kfrag_id assert new_cfrag.point_precursor == cfrag.point_precursor new_proof = new_cfrag.proof assert new_proof is None
def fetch(): api = ipfsapi.connect('127.0.0.1', 5001) if request.headers['Content-Type'] == 'application/json': account = request.json['account'] # 所有的传入参数都是hex key capsuleaddr = request.json['capsule'] b_capsule_all = api.cat(capsuleaddr) splitarr1 = b_capsule_all.split(b'ZAtech') b_basic_capsule = splitarr1[0] capsule = Capsule.from_bytes(b_basic_capsule, UmbralParameters(Curve(714))) correctness_keys = splitarr1[1] splitarr2 = correctness_keys.split(b'ZBtech') delegating = UmbralPublicKey.from_bytes(splitarr2[0]) receiving = UmbralPublicKey.from_bytes(splitarr2[1]) verifying = UmbralPublicKey.from_bytes(splitarr2[2]) # print(splitarr1[0]) # print(splitarr1[1]) # print(splitarr2[0]) # print(splitarr2[1]) # print(splitarr2[2]) print(delegating) print(receiving) print(verifying) caddrs = request.json['addresses'] # 用带入的参数capsule_all的各种byte,重现绑定correctness keys的capsule. capsule.set_correctness_keys(delegating=delegating, receiving=receiving, verifying=verifying) print(capsule.get_correctness_keys()) cfrags = list() all_bytes = b'' index = 0 for addr in caddrs: index += 1 b_cfrag = api.cat(addr) all_bytes += b_cfrag if index < len(caddrs): all_bytes += b'ZCtech' cfrags.append(CapsuleFrag.from_bytes(api.cat(addr))) for cfrag in cfrags: capsule.attach_cfrag(cfrag) # 再将append的内容写入capsule,然后就可以将解密单独拎出来。 b_capsule_all += b'ZAtech' + all_bytes savedcapaddr = api.add_bytes(b_capsule_all) # splitarr = b_capsule_all.split(b'ZAtech') # splitarrmiddle = splitarr[1].split(b'ZBtech') # splitarrlast = splitarr[2].split(b'ZCtech') # print(len(cfrags)) # for s in splitarrmiddle: # print(s) # print(len(splitarrlast)) # for s in splitarrlast: # print(s) res = {"capsule": savedcapaddr} return jsonify(res), {'Content-Type': 'application/json'} return
def test_lifecycle_with_serialization(N, M, signing_mode, curve=default_curve()): """ This test is a variant of test_simple_api, but with intermediate serialization/deserialization steps, modeling how pyUmbral artifacts (such as keys, ciphertexts, etc) will actually be used. These intermediate steps are in between the different 'usage domains' in NuCypher, namely, key generation, delegation, encryption, decryption by Alice, re-encryption by Ursula, and decryption by Bob. Manually injects UmbralParameters for multi-curve testing. """ # Convenience method to avoid replicating key generation code def new_keypair_bytes(): privkey = UmbralPrivateKey.gen_key(params=params) return privkey.to_bytes(), privkey.get_pubkey().to_bytes() ## SETUP params = UmbralParameters(curve=curve) delegating_privkey_bytes, delegating_pubkey_bytes = new_keypair_bytes() signing_privkey_bytes, signing_pubkey_bytes = new_keypair_bytes() receiving_privkey_bytes, receiving_pubkey_bytes = new_keypair_bytes() ## DELEGATION DOMAIN: ## Alice delegates decryption rights to some Bob by generating a set of ## KFrags, using her delegating private key and Bob's receiving public key delegating_privkey = UmbralPrivateKey.from_bytes(delegating_privkey_bytes, params=params) signing_privkey = UmbralPrivateKey.from_bytes(signing_privkey_bytes, params=params) receiving_pubkey = UmbralPublicKey.from_bytes(receiving_pubkey_bytes, params=params) signer = Signer(signing_privkey) sign_delegating_key, sign_receiving_key = signing_mode kfrags = pre.generate_kfrags(delegating_privkey=delegating_privkey, receiving_pubkey=receiving_pubkey, threshold=M, N=N, signer=signer, sign_delegating_key=sign_delegating_key, sign_receiving_key=sign_receiving_key) kfrags_bytes = tuple(map(bytes, kfrags)) del kfrags del signer del delegating_privkey del signing_privkey del receiving_pubkey del params ## ENCRYPTION DOMAIN ## params = UmbralParameters(curve=curve) delegating_pubkey = UmbralPublicKey.from_bytes(delegating_pubkey_bytes, params) plain_data = b'peace at dawn' ciphertext, capsule = pre.encrypt(delegating_pubkey, plain_data) capsule_bytes = bytes(capsule) del capsule del delegating_pubkey del params ## DECRYPTION BY ALICE ## params = UmbralParameters(curve=curve) delegating_privkey = UmbralPrivateKey.from_bytes(delegating_privkey_bytes, params=params) capsule = pre.Capsule.from_bytes(capsule_bytes, params) cleartext = pre.decrypt(ciphertext, capsule, delegating_privkey) assert cleartext == plain_data del delegating_privkey del capsule del params ## RE-ENCRYPTION DOMAIN (i.e., Ursula's side) cfrags_bytes = list() for kfrag_bytes in kfrags_bytes: params = UmbralParameters(curve=curve) delegating_pubkey = UmbralPublicKey.from_bytes(delegating_pubkey_bytes, params) signing_pubkey = UmbralPublicKey.from_bytes(signing_pubkey_bytes, params) receiving_pubkey = UmbralPublicKey.from_bytes(receiving_pubkey_bytes, params) capsule = pre.Capsule.from_bytes(capsule_bytes, params) capsule.set_correctness_keys(delegating=delegating_pubkey, receiving=receiving_pubkey, verifying=signing_pubkey) # TODO: use params instead of curve? kfrag = KFrag.from_bytes(kfrag_bytes, params.curve) assert kfrag.verify(signing_pubkey, delegating_pubkey, receiving_pubkey, params) cfrag_bytes = bytes(pre.reencrypt(kfrag, capsule)) cfrags_bytes.append(cfrag_bytes) del capsule del kfrag del params del delegating_pubkey del signing_pubkey del receiving_pubkey ## DECRYPTION DOMAIN (i.e., Bob's side) params = UmbralParameters(curve=curve) capsule = pre.Capsule.from_bytes(capsule_bytes, params) delegating_pubkey = UmbralPublicKey.from_bytes(delegating_pubkey_bytes, params) signing_pubkey = UmbralPublicKey.from_bytes(signing_pubkey_bytes, params) receiving_privkey = UmbralPrivateKey.from_bytes(receiving_privkey_bytes, params=params) receiving_pubkey = receiving_privkey.get_pubkey() capsule.set_correctness_keys(delegating=delegating_pubkey, receiving=receiving_pubkey, verifying=signing_pubkey) for cfrag_bytes in cfrags_bytes: # TODO: use params instead of curve? cfrag = CapsuleFrag.from_bytes(cfrag_bytes, params.curve) capsule.attach_cfrag(cfrag) reenc_cleartext = pre.decrypt(ciphertext, capsule, receiving_privkey) assert reenc_cleartext == plain_data