Esempio n. 1
0
    def from_bytes(cls, capsule_bytes: bytes, curve: ec.EllipticCurve = None):
        """
        Instantiates a Capsule object from the serialized data.
        """
        curve = curve if curve is not None else default_curve()
        key_size = get_curve_keysize_bytes(curve)
        capsule_buff = BytesIO(capsule_bytes)

        # BigNums are the keysize in bytes, Points are compressed and the
        # keysize + 1 bytes long.
        if len(capsule_bytes) == 197:
            eph_e = Point.from_bytes(capsule_buff.read(key_size + 1), curve)
            eph_v = Point.from_bytes(capsule_buff.read(key_size + 1), curve)
            sig = BigNum.from_bytes(capsule_buff.read(key_size), curve)
            e_prime = Point.from_bytes(capsule_buff.read(key_size + 1), curve)
            v_prime = Point.from_bytes(capsule_buff.read(key_size + 1), curve)
            eph_ni = Point.from_bytes(capsule_buff.read(key_size + 1), curve)
        else:
            eph_e = Point.from_bytes(capsule_buff.read(key_size + 1), curve)
            eph_v = Point.from_bytes(capsule_buff.read(key_size + 1), curve)
            sig = BigNum.from_bytes(capsule_buff.read(key_size), curve)
            e_prime = v_prime = eph_ni = None

        return cls(point_eph_e=eph_e,
                   point_eph_v=eph_v,
                   bn_sig=sig,
                   e_prime=e_prime,
                   v_prime=v_prime,
                   noninteractive_point=eph_ni)
Esempio n. 2
0
    def from_bytes(data: bytes, curve: ec.EllipticCurve = None):
        """
        Instantiate a KFrag object from the serialized data.
        """
        curve = curve if curve is not None else default_curve()
        key_size = get_curve_keysize_bytes(curve)
        data = BytesIO(data)

        # BigNums are the keysize in bytes, Points are compressed and the
        # keysize + 1 bytes long.
        id = BigNum.from_bytes(data.read(key_size), curve)
        key = BigNum.from_bytes(data.read(key_size), curve)
        eph_ni = Point.from_bytes(data.read(key_size + 1), curve)
        commitment = Point.from_bytes(data.read(key_size + 1), curve)
        sig1 = BigNum.from_bytes(data.read(key_size), curve)
        sig2 = BigNum.from_bytes(data.read(key_size), curve)

        return KFrag(id, key, eph_ni, commitment, sig1, sig2)
Esempio n. 3
0
    def from_bytes(cls, data: bytes, curve: ec.EllipticCurve = None):
        """
        Instantiate ChallengeResponse from serialized data.
        """
        curve = curve if curve is not None else default_curve()
        key_size = get_curve_keysize_bytes(curve)
        data = BytesIO(data)

        # BigNums are the keysize in bytes, Points are compressed and the
        # keysize + 1 bytes long.
        e2 = Point.from_bytes(data.read(key_size + 1), curve)
        v2 = Point.from_bytes(data.read(key_size + 1), curve)
        kfrag_commitment = Point.from_bytes(data.read(key_size + 1), curve)
        kfrag_pok = Point.from_bytes(data.read(key_size + 1), curve)
        kfrag_sig1 = BigNum.from_bytes(data.read(key_size), curve)
        kfrag_sig2 = BigNum.from_bytes(data.read(key_size), curve)
        sig = BigNum.from_bytes(data.read(key_size), curve)

        return cls(e2, v2, kfrag_commitment, kfrag_pok, kfrag_sig1, kfrag_sig2,
                   sig)
Esempio n. 4
0
    def from_bytes(data: bytes, curve: ec.EllipticCurve = None):
        """
        Instantiates a CapsuleFrag object from the serialized data.
        """
        curve = curve if curve is not None else default_curve()
        key_size = get_curve_keysize_bytes(curve)
        data = BytesIO(data)

        # BigNums are the keysize in bytes, Points are compressed and the
        # keysize + 1 bytes long.
        e1 = Point.from_bytes(data.read(key_size + 1), curve)
        v1 = Point.from_bytes(data.read(key_size + 1), curve)
        kfrag_id = BigNum.from_bytes(data.read(key_size), curve)
        eph_ni = Point.from_bytes(data.read(key_size + 1), curve)

        return CapsuleFrag(e1, v1, kfrag_id, eph_ni)
Esempio n. 5
0
    def from_bytes(cls, data, curve: ec.EllipticCurve = None):
        """
        Returns a Point object from the given byte data on the curve provided.
        """
        curve = curve if curve is not None else default_curve()
        try:
            curve_nid = backend._elliptic_curve_to_nid(curve)
        except AttributeError:
            # Presume that the user passed in the curve_nid
            curve_nid = curve

        # Check if compressed
        if data[0] in [2, 3]:
            type_y = data[0] - 2

            if len(data[1:]) > get_curve_keysize_bytes(curve):
                raise ValueError("X coordinate too large for curve.")

            affine_x = BigNum.from_bytes(data[1:], curve)

            ec_point = backend._lib.EC_POINT_new(affine_x.group)
            backend.openssl_assert(ec_point != backend._ffi.NULL)
            ec_point = backend._ffi.gc(ec_point,
                                       backend._lib.EC_POINT_clear_free)

            with backend._tmp_bn_ctx() as bn_ctx:
                res = backend._lib.EC_POINT_set_compressed_coordinates_GFp(
                    affine_x.group, ec_point, affine_x.bignum, type_y, bn_ctx)
                backend.openssl_assert(res == 1)

            return cls(ec_point, curve_nid, affine_x.group)

        # Handle uncompressed point
        elif data[0] == 4:
            key_size = get_curve_keysize_bytes(curve)
            affine_x = int.from_bytes(data[1:key_size + 1], 'big')
            affine_y = int.from_bytes(data[1 + key_size:], 'big')

            return Point.from_affine((affine_x, affine_y), curve)
        else:
            raise ValueError("Invalid point serialization.")
Esempio n. 6
0
    def from_bytes(cls,
                   key_bytes: bytes,
                   params: UmbralParameters = None,
                   password: bytes = None,
                   _scrypt_cost: int = 20,
                   decoder: Callable = None):
        """
        Loads an Umbral private key from bytes.
        Optionally, allows a decoder function to be passed as a param to decode
        the data provided before converting to an Umbral key.
        Optionally, if a password is provided it will decrypt the key using
        nacl's Salsa20-Poly1305 and Scrypt key derivation.

        WARNING: RFC7914 recommends that you use a 2^20 cost value for sensitive
        files. Unless you changed this when you called `to_bytes`, you should
        not change it here. It is NOT recommended to change the `_scrypt_cost`
        value unless you know what you're doing.
        """
        if params is None:
            params = default_params()

        if decoder:
            key_bytes = decoder(key_bytes)

        if password:
            salt = key_bytes[-16:]
            key_bytes = key_bytes[:-16]

            key = Scrypt(salt=salt,
                         length=SecretBox.KEY_SIZE,
                         n=2**_scrypt_cost,
                         r=8,
                         p=1,
                         backend=default_backend()).derive(password)

            key_bytes = SecretBox(key).decrypt(key_bytes)

        bn_key = BigNum.from_bytes(key_bytes, params.curve)
        return cls(bn_key, params)
Esempio n. 7
0
def test_point_curve_mult_regression():
    k256_point_bytes = b'\x03\xe0{\x1bQ\xbf@\x1f\x95\x8d\xe1\x17\xa7\xbe\x9e-G`T\xbf\xd7\x9e\xa7\x10\xc8uA\xc0z$\xc0\x92\x8a'
    k256_bn_bytes = b'4u\xd70-\xa0h\xdeG\xf0\x143\x06!\x91\x05{\xe4jC\n\xf1h\xed7a\xf8\x9d\xec^\x19\x8c'

    k256_point = Point.from_bytes(k256_point_bytes)
    k256_bn = BigNum.from_bytes(k256_bn_bytes)

    product_with_star_operator = k256_point * k256_bn

    # Make sure we have instantiated a new, unequal point in the same curve and group
    assert isinstance(product_with_star_operator,
                      Point), "Point.__mul__ did not return a point instance"
    assert k256_point != product_with_star_operator
    assert k256_point.curve_nid == product_with_star_operator.curve_nid
    assert k256_point.group == product_with_star_operator.group

    product_bytes = b'\x03\xc9\xda\xa2\x88\xe2\xa0+\xb1N\xb6\xe6\x1c\xa5(\xe6\xe0p\xf6\xf4\xa9\xfc\xb1\xfaUV\xd3\xb3\x0e4\x94\xbe\x12'
    product_point = Point.from_bytes(product_bytes)
    assert product_with_star_operator.to_bytes() == product_bytes
    assert product_point == product_with_star_operator

    # Repeating the operation, should return the same result.
    product_with_star_operator_again = k256_point * k256_bn
    assert product_with_star_operator == product_with_star_operator_again