def test_simple_api(num_kfrags, threshold):
"""
This test models the main interactions between actors (i.e., Alice,
Bob, Data Source, and Ursulas) and artifacts (i.e., public and private keys,
ciphertexts, capsules, KFrags, CFrags, etc).
The test covers all the main stages of data sharing:
key generation, delegation, encryption, decryption by
Alice, re-encryption by Ursula, and decryption by Bob.
"""
# Key Generation (Alice)
delegating_sk = SecretKey.random()
delegating_pk = delegating_sk.public_key()
signing_sk = SecretKey.random()
signer = Signer(signing_sk)
verifying_pk = signing_sk.public_key()
# Key Generation (Bob)
receiving_sk = SecretKey.random()
receiving_pk = receiving_sk.public_key()
# Encryption by an unnamed data source
plaintext = b'peace at dawn'
capsule, ciphertext = encrypt(delegating_pk, plaintext)
# Decryption by Alice
plaintext_decrypted = decrypt_original(delegating_sk, capsule, ciphertext)
assert plaintext_decrypted == plaintext
# Split Re-Encryption Key Generation (aka Delegation)
kfrags = generate_kfrags(delegating_sk=delegating_sk,
receiving_pk=receiving_pk,
signer=signer,
threshold=threshold,
num_kfrags=num_kfrags)
# Bob requests re-encryption to some set of M ursulas
cfrags = [reencrypt(capsule, kfrag) for kfrag in kfrags]
# Decryption by Bob
plaintext_reenc = decrypt_reencrypted(
receiving_sk=receiving_sk,
delegating_pk=delegating_pk,
capsule=capsule,
verified_cfrags=cfrags[:threshold],
ciphertext=ciphertext,
)
assert plaintext_reenc == plaintext
def test_decrypt_unverified_cfrag(verification_keys, bobs_keys,
capsule_and_ciphertext, kfrags):
verifying_pk, delegating_pk, receiving_pk = verification_keys
receiving_sk, _receiving_pk = bobs_keys
capsule, ciphertext = capsule_and_ciphertext
cfrags = [reencrypt(capsule, kfrag) for kfrag in kfrags]
cfrags[0] = CapsuleFrag.from_bytes(bytes(cfrags[0]))
with pytest.raises(TypeError):
plaintext_reenc = decrypt_reencrypted(
receiving_sk=receiving_sk,
delegating_pk=delegating_pk,
capsule=capsule,
verified_cfrags=cfrags,
ciphertext=ciphertext,
)
cfrags.append(cfrag) # Bob collects a cfrag
assert len(cfrags) == 10
# Bob checks the capsule fragments
# --------------------------------
# If Bob received the capsule fragments in serialized form,
# he can verify that they are valid and really originate from Alice,
# using Alice's public keys.
suspicious_cfrags = [CapsuleFrag.from_bytes(bytes(cfrag)) for cfrag in cfrags]
cfrags = [cfrag.verify(capsule,
verifying_pk=alices_verifying_key,
delegating_pk=alices_public_key,
receiving_pk=bobs_public_key,
)
for cfrag in suspicious_cfrags]
# Bob opens the capsule
# ------------------------------------
# Finally, Bob decrypts the re-encrypted ciphertext using his key.
bob_cleartext = decrypt_reencrypted(receiving_sk=bobs_secret_key,
delegating_pk=alices_public_key,
capsule=bob_capsule,
verified_cfrags=cfrags,
ciphertext=ciphertext)
print(bob_cleartext)
assert bob_cleartext == plaintext