def test_invalid_digest_size(self, backend): with pytest.raises(ValueError): hashes.BLAKE2b(digest_size=65) with pytest.raises(ValueError): hashes.BLAKE2b(digest_size=0) with pytest.raises(ValueError): hashes.BLAKE2b(digest_size=-1)
def mac_gen(self, my_text): if (self.digest == "SHA256"): h = hmac.HMAC(self.symmetric_key, hashes.SHA256(), backend=default_backend()) elif (self.digest == "SHA384"): h = hmac.HMAC(self.symmetric_key, hashes.SHA384(), backend=default_backend()) elif (self.digest == "MD5"): h = hmac.HMAC(self.symmetric_key, hashes.MD5(), backend=default_backend()) elif (self.digest == "SHA512"): h = hmac.HMAC(self.symmetric_key, hashes.SHA512(), backend=default_backend()) elif (self.digest == "BLAKE2"): h = hmac.HMAC(self.symmetric_key, hashes.BLAKE2b(64), backend=default_backend()) h.update(my_text) self.mac = binascii.hexlify(h.finalize())
def symmetric_key_gen(self): if (self.digest == "SHA256"): alg = hashes.SHA256() elif (self.digest == "SHA384"): alg = hashes.SHA384() elif (self.digest == "MD5"): alg = hashes.MD5() elif (self.digest == "SHA512"): alg = hashes.SHA512() elif (self.digest == "BLAKE2"): alg = hashes.BLAKE2b(64) kdf = HKDF(algorithm=alg, length=32, salt=None, info=b'handshake data', backend=default_backend()) key = kdf.derive(self.shared_key) if self.symmetric_cipher == 'AES': self.symmetric_key = key[:16] elif self.symmetric_cipher == '3DES': self.symmetric_key = key[:8] elif self.symmetric_cipher == 'ChaCha20': self.symmetric_key = key[:32]
def split_rekey(priv_a: Union[UmbralPrivateKey, CurveBN], pubkey_b_point: Union[UmbralPublicKey, Point], threshold: int, N: int, params: UmbralParameters=None) -> List[KFrag]: """ Creates a re-encryption key from Alice to Bob and splits it in KFrags, using Shamir's Secret Sharing. Requires a threshold number of KFrags out of N to guarantee correctness of re-encryption. Returns a list of KFrags. """ params = params if params is not None else default_params() if isinstance(priv_a, UmbralPrivateKey): priv_a = priv_a.bn_key if isinstance(pubkey_b_point, UmbralPublicKey): pubkey_b_point = pubkey_b_point.point_key g = params.g pubkey_a_point = priv_a * g x = CurveBN.gen_rand(params.curve) xcomp = x * g d = CurveBN.hash(xcomp, pubkey_b_point, pubkey_b_point * x, params=params) coeffs = [priv_a * (~d)] coeffs += [CurveBN.gen_rand(params.curve) for _ in range(threshold - 1)] u = params.u g_ab = priv_a * pubkey_b_point blake2b = hashes.Hash(hashes.BLAKE2b(64), backend=backend) blake2b.update(pubkey_a_point.to_bytes()) blake2b.update(pubkey_b_point.to_bytes()) blake2b.update(g_ab.to_bytes()) hashed_dh_tuple = blake2b.finalize() kfrags = [] for _ in range(N): id_kfrag = CurveBN.gen_rand(params.curve) share_x = CurveBN.hash(id_kfrag, hashed_dh_tuple, params=params) rk = poly_eval(coeffs, share_x) u1 = rk * u y = CurveBN.gen_rand(params.curve) signature_input = [y * g, id_kfrag, pubkey_a_point, pubkey_b_point, u1, xcomp] z1 = CurveBN.hash(*signature_input, params=params) z2 = y - priv_a * z1 kfrag = KFrag(bn_id=id_kfrag, bn_key=rk, point_noninteractive=xcomp, point_commitment=u1, bn_sig1=z1, bn_sig2=z2) kfrags.append(kfrag) return kfrags
def __init__(self, app, pipeline, id=None, config=None): super().__init__(app, pipeline, id, config) self.Backend = default_backend() algorithm = self.Config['algorithm'].upper() if algorithm == "SHA224": self.Algorithm = hashes.SHA224() elif algorithm == "SHA256": self.Algorithm = hashes.SHA256() elif algorithm == "SHA384": self.Algorithm = hashes.SHA384() elif algorithm == "SHA512": self.Algorithm = hashes.SHA512() elif algorithm == "SHA1": self.Algorithm = hashes.SHA1() elif algorithm == "MD5": self.Algorithm = hashes.MD5() elif algorithm == "BLAKE2B": digest_size = int(self.Config['digest_size']) self.Algorithm = hashes.BLAKE2b(digest_size) elif algorithm == "BLAKE2S": digest_size = int(self.Config['digest_size']) self.Algorithm = hashes.BLAKE2s(digest_size) else: L.error("Unknown hashing algorithm '{}'".format( self.Config['algorithm'])) raise RuntimeError("Unknown hashing algorithm '{}'".format( self.Config['algorithm']))
class TestBLAKE2b(object): test_b2b = generate_hash_test( load_hash_vectors, os.path.join("hashes", "blake2"), ["blake2b.txt"], hashes.BLAKE2b(digest_size=64), )
def hash_to_bn(cls, *crypto_items, params=None): params = params if params is not None else default_params() # TODO: Clean this in an upcoming cleanup of pyUmbral blake2b = hashes.Hash(hashes.BLAKE2b(64), backend=backend) for item in crypto_items: try: item_bytes = item.to_bytes() except AttributeError: if not isinstance(item, bytes): raise TypeError( "{} is not acceptable type, received {}".format( item, type(item))) item_bytes = item blake2b.update(item_bytes) i = 0 h = 0 while h < params.CURVE_MINVAL_HASH_512: blake2b_i = blake2b.copy() blake2b_i.update(i.to_bytes(params.CURVE_KEY_SIZE_BYTES, 'big')) hash_digest = blake2b_i.finalize() h = int.from_bytes(hash_digest, byteorder='big', signed=False) i += 1 hash_bn = h % int(params.order) res = cls.from_int(hash_bn, params.curve) return res
def hash(cls, *crypto_items, params: UmbralParameters) -> 'CurveBN': # TODO: Clean this in an upcoming cleanup of pyUmbral blake2b = hashes.Hash(hashes.BLAKE2b(64), backend=backend) for item in crypto_items: try: item_bytes = item.to_bytes() except AttributeError: if isinstance(item, bytes): item_bytes = item else: raise TypeError( "{} is not acceptable type, received {}".format( item, type(item))) blake2b.update(item_bytes) hash_digest = openssl._bytes_to_bn(blake2b.finalize()) _1 = backend._lib.BN_value_one() order_minus_1 = openssl._get_new_BN() res = backend._lib.BN_sub(order_minus_1, params.curve.order, _1) backend.openssl_assert(res == 1) bignum = openssl._get_new_BN() with backend._tmp_bn_ctx() as bn_ctx: res = backend._lib.BN_mod(bignum, hash_digest, order_minus_1, bn_ctx) backend.openssl_assert(res == 1) res = backend._lib.BN_add(bignum, bignum, _1) backend.openssl_assert(res == 1) return cls(bignum, params.curve)
def generate_shared_key(private_key, public_key_pem, algorithm): """ It generates the shared key of Diffie Hellman. :param private_key: :param public_key_pem: :param algorithm: The digestion algorithm """ public_key = serialization.load_pem_public_key( public_key_pem, backend=default_backend() ) shared_key = private_key.exchange(public_key) if algorithm == "SHA256": hash_algorithm = hashes.SHA256() elif algorithm == "SHA512": hash_algorithm = hashes.SHA512() elif algorithm == "BLAKE2": hash_algorithm = hashes.BLAKE2b(64) else: raise Exception("Hash Algorithm name not found") derived_key = HKDF( algorithm=hash_algorithm, length=32, salt=None, info=b"handshake data", backend=default_backend(), ).derive(shared_key) logger.info(f"My Shared Key: {derived_key}") return derived_key
def hash_content(file_name, hash_function, avalanche=""): # possible cryptographic hash function options = {'MD5': hashes.MD5(), 'SHA-256': hashes.SHA256(), 'SHA-384': hashes.SHA384() \ ,'SHA-512': hashes.SHA512(), 'BLAKE-2': hashes.BLAKE2b(64)} if hash_function not in options: print(f"Incorrect cryptographic hash function: {hash_function}") print(f"Available cryptographic hash functions: {hashes}") digest = hashes.Hash(options[hash_function], backend=default_backend()) data = [] with open(file_name, "r") as fr: blob = fr.read(1024) encoded = blob.encode() byte_arr = bytearray(encoded) byte_arr[0] = byte_arr[0] ^ 1 digest.update(byte_arr) while blob: blob = fr.read(1024) digest.update(blob.encode()) with open(hash_function.lower() + avalanche + ".txt", "w") as fw: fw.write(f"{hash_function}: {binascii.hexlify(digest.finalize())}")
def test_blake2b(self, backend): h = hmac.HMAC(b"0" * 64, hashes.BLAKE2b(digest_size=64), backend) h.update(b"test") digest = h.finalize() assert digest == binascii.unhexlify( b"b5319122f8a24ba134a0c9851922448104e25be5d1b91265c0c68b22722f0f29" b"87dba4aeaa69e6bed7edc44f48d6b1be493a3ce583f9c737c53d6bacc09e2f32" )
def kdf(ecpoint, key_length): data = ecpoint.to_bytes(is_compressed=True) return HKDF(algorithm=hashes.BLAKE2b(64), length=key_length, salt=None, info=None, backend=default_backend()).derive(data)
def split_rekey(priv_a: Union[UmbralPrivateKey, BigNum], pub_b: Union[UmbralPublicKey, Point], threshold: int, N: int, params: UmbralParameters = None) -> List[KFrag]: """ Creates a re-encryption key from Alice to Bob and splits it in KFrags, using Shamir's Secret Sharing. Requires a threshold number of KFrags out of N to guarantee correctness of re-encryption. Returns a list of KFrags. """ params = params if params is not None else default_params() if isinstance(priv_a, UmbralPrivateKey): priv_a = priv_a.bn_key if isinstance(pub_b, UmbralPublicKey): pub_b = pub_b.point_key g = params.g pub_a = priv_a * g x = BigNum.gen_rand(params.curve) xcomp = x * g d = hash_to_bn([xcomp, pub_b, pub_b * x], params) coeffs = [priv_a * (~d)] coeffs += [BigNum.gen_rand(params.curve) for _ in range(threshold - 1)] u = params.u g_ab = priv_a * pub_b blake2b = hashes.Hash(hashes.BLAKE2b(64), backend=backend) blake2b.update(pub_a.to_bytes()) blake2b.update(pub_b.to_bytes()) blake2b.update(g_ab.to_bytes()) hashed_dh_tuple = blake2b.finalize() kfrags = [] for _ in range(N): id_kfrag = BigNum.gen_rand(params.curve) share_x = hash_to_bn([id_kfrag, hashed_dh_tuple], params) rk = poly_eval(coeffs, share_x) u1 = rk * u y = BigNum.gen_rand(params.curve) z1 = hash_to_bn([y * g, id_kfrag, pub_a, pub_b, u1, xcomp], params) z2 = y - priv_a * z1 kfrag = KFrag(id_=id_kfrag, key=rk, x=xcomp, u1=u1, z1=z1, z2=z2) kfrags.append(kfrag) return kfrags
def get_digest(self, hash_algorithm): self.supported_digest_algorithms(hash_algorithm) if hash_algorithm == SHA256: return hashes.SHA256() elif hash_algorithm == SHA512: return hashes.SHA512() elif hash_algorithm == BLAKE2: return hashes.BLAKE2b(64)
def _reconstruct_shamirs_secret( self, priv_b: Union[UmbralPrivateKey, CurveBN]) -> None: g = self._umbral_params.g if isinstance(priv_b, UmbralPrivateKey): pub_b = priv_b.get_pubkey() priv_b = priv_b.bn_key else: pub_b = priv_b * g cfrag_0 = self._attached_cfrags[0] id_0 = cfrag_0._kfrag_id ni = cfrag_0._point_noninteractive xcoord = cfrag_0._point_xcoord dh_xcoord = priv_b * xcoord blake2b = hashes.Hash(hashes.BLAKE2b(64), backend=backend) blake2b.update(xcoord.to_bytes()) blake2b.update(pub_b.to_bytes()) blake2b.update(dh_xcoord.to_bytes()) hashed_dh_tuple = blake2b.finalize() if len(self._attached_cfrags) > 1: xs = [ CurveBN.hash(cfrag._kfrag_id, hashed_dh_tuple, params=self._umbral_params) for cfrag in self._attached_cfrags ] x_0 = CurveBN.hash(id_0, hashed_dh_tuple, params=self._umbral_params) lambda_0 = lambda_coeff(x_0, xs) e = lambda_0 * cfrag_0._point_e1 v = lambda_0 * cfrag_0._point_v1 for cfrag in self._attached_cfrags[1:]: if (ni, xcoord) != (cfrag._point_noninteractive, cfrag._point_xcoord): raise ValueError( "Attached CFrags are not pairwise consistent") x_i = CurveBN.hash(cfrag._kfrag_id, hashed_dh_tuple, params=self._umbral_params) lambda_i = lambda_coeff(x_i, xs) e = e + (lambda_i * cfrag._point_e1) v = v + (lambda_i * cfrag._point_v1) else: e = cfrag_0._point_e1 v = cfrag_0._point_v1 self._point_e_prime = e self._point_v_prime = v self._point_noninteractive = ni
def checksum_file(self, p_algo2checksum, p_file_path, p_file_name): # Prepare _inputs = f"{self.inputs}|{p_algo2checksum}|{p_file_path}|{p_file_name}" _module_name = __name__ _func_name = inspect.currentframe().f_code.co_name _response_tuple = None _msg = None _file = f"{p_file_path}{p_file_name}" _algo_checksum_file = None _checksum = None _checksum_b64encode = None _output_value_string = None # Choose Algorithm if p_algo2checksum.lower() == 'sha256': _algo_checksum_file = hashes.SHA256() elif p_algo2checksum.lower() == 'blake2': _algo_checksum_file = hashes.BLAKE2b(64) else: _msg = 'Unknown algorithm' _response_tuple = ( 'NOK', f"{ utility.my_log('Error',_module_name,_func_name,inspect.currentframe().f_lineno,_inputs, _msg)}" ) return (_response_tuple) if os.path.exists(_file): with open(_file, "rb") as f: try: _file_hash = hashes.Hash(_algo_checksum_file, backend=self.backend) while chunk := f.read( 8192): # Read the binary file to the end (8192) _file_hash.update(chunk) except Exception: _response_tuple = ( 'NOK', f"{ utility.my_log('Exception',_module_name,_func_name,inspect.currentframe().f_lineno,_inputs,_msg)}" ) _checksum = _file_hash.finalize() _checksum_b64encode = base64.urlsafe_b64encode(_checksum) _output_value_string = self.byte_representation( 'from_bin', _checksum_b64encode) _response_tuple = ('OK', _output_value_string) else: _msg = 'File does not exist' _response_tuple = ( 'NOK', f"{ utility.my_log('Error',_module_name,_func_name,inspect.currentframe().f_lineno,_inputs, _msg)}" ) return (_response_tuple)
def _derive_wrapping_key_from_key_material(salt: bytes, key_material: bytes) -> bytes: """ Uses HKDF to derive a 32 byte wrapping key to encrypt key material with. """ wrapping_key = HKDF(algorithm=hashes.BLAKE2b(64), length=64, salt=salt, info=b'NuCypher-KeyWrap', backend=default_backend()).derive(key_material) return wrapping_key[:32]
def _kdf(eph_pk: bytes, shared_key: bytes) -> Tuple[bytes, bytes]: """ Key derivation function """ # Hashing key_material = hashes.Hash(hashes.BLAKE2b(64), backend=default_backend()) key_material.update(_KDF_TAG) key_material.update(eph_pk) key_material.update(shared_key) key_material = key_material.finalize() assert len(key_material) == _KEY_MATERIAL_LENGTH_BYTES return \ key_material[:_SYM_KEY_LENGTH_BYTES], \ key_material[_SYM_KEY_LENGTH_BYTES:]
def create_digest(message, digst_algorithm): hash_algorithm = None if digst_algorithm == "SHA512": hash_algorithm = hashes.SHA512_256() elif digst_algorithm == "BLAKE2": hash_algorithm = hashes.BLAKE2b(64) else: raise Exception("Digest Algorithm name not found!") digest = hashes.Hash(hash_algorithm) digest.update(message) return digest.finalize()
def kdf( ecpoint: Point, key_length: int, salt: Optional[bytes] = None, info: Optional[bytes] = None, ) -> bytes: data = ecpoint.to_bytes(is_compressed=True) hkdf = HKDF(algorithm=hashes.BLAKE2b(64), length=key_length, salt=salt, info=info, backend=default_backend()) return hkdf.derive(data)
class TestBLAKE2b(object): test_blake2b = generate_base_hash_test( hashes.BLAKE2b(digest_size=64), digest_size=64, ) def test_invalid_digest_size(self, backend): with pytest.raises(ValueError): hashes.BLAKE2b(digest_size=65) with pytest.raises(ValueError): hashes.BLAKE2b(digest_size=0) with pytest.raises(ValueError): hashes.BLAKE2b(digest_size=-1)
def dechachacry(data, salt, nonce): keyraw = salt + bytes(getpass(), "UTF-8") key = hashes.Hash(hashes.BLAKE2b(64), backend=default_backend()) key.update(keyraw) key = key.finalize() k3y = bytes() for bits in range(0, 32, 1): stream = [key[bits] ^ key[(bits + 32)]] k3y = k3y + bytes(stream) if bits == 31: key = k3y algorithm = algorithms.ChaCha20(key, nonce) cipher = Cipher(algorithm, mode=None, backend=default_backend()) decrypt = cipher.decryptor() return decrypt.update(data)
def __init__(self): nonce = bytes(token_hex(8), "utf-8") key = bytes(token_hex(32), "utf-8") hasher = hashes.Hash(hashes.BLAKE2b(64), backend=default_backend()) hasher.update(key) key = hasher.finalize() prekey = bytes() for bits in range(0,32,1): stream = [key[bits] ^ key[(bits+32)]] prekey = prekey + bytes(stream) if bits == 31: key = prekey algorithm = algorithms.ChaCha20(key, nonce) cipher = Cipher(algorithm, mode=None, backend=default_backend()) self.encryptor = cipher.encryptor()
def unsafe_hash_to_point(data: bytes = b'', params: UmbralParameters = None, label: bytes = b'') -> 'Point': """ Hashes arbitrary data into a valid EC point of the specified curve, using the try-and-increment method. It admits an optional label as an additional input to the hash function. It uses BLAKE2b (with a digest size of 64 bytes) as the internal hash function. WARNING: Do not use when the input data is secret, as this implementation is not in constant time, and hence, it is not safe with respect to timing attacks. """ params = params if params is not None else default_params() len_data = len(data).to_bytes(4, byteorder='big') len_label = len(label).to_bytes(4, byteorder='big') label_data = len_label + label + len_data + data # We use an internal 32-bit counter as additional input i = 0 while i < 2**32: ibytes = i.to_bytes(4, byteorder='big') blake2b = hashes.Hash(hashes.BLAKE2b(64), backend=backend) blake2b.update(label_data + ibytes) hash_digest = blake2b.finalize()[:1 + params.CURVE_KEY_SIZE_BYTES] sign = b'\x02' if hash_digest[0] & 1 == 0 else b'\x03' compressed_point = sign + hash_digest[1:] try: return Point.from_bytes(compressed_point, params.curve) except InternalError as e: # We want to catch specific InternalExceptions: # - Point not in the curve (code 107) # - Invalid compressed point (code 110) # https://github.com/openssl/openssl/blob/master/include/openssl/ecerr.h#L228 if e.err_code[0].reason in (107, 110): pass else: # Any other exception, we raise it raise e i += 1 # Only happens with probability 2^(-32) raise ValueError('Could not hash input into the curve')
def _reconstruct_shamirs_secret(self, pub_a: Union[UmbralPublicKey, Point], priv_b: Union[UmbralPrivateKey, BigNum], params: UmbralParameters = None) -> None: params = params if params is not None else default_params() if isinstance(priv_b, UmbralPrivateKey): priv_b = priv_b.bn_key if isinstance(pub_a, UmbralPublicKey): pub_a = pub_a.point_key g = params.g pub_b = priv_b * g g_ab = priv_b * pub_a blake2b = hashes.Hash(hashes.BLAKE2b(64), backend=backend) blake2b.update(pub_a.to_bytes()) blake2b.update(pub_b.to_bytes()) blake2b.update(g_ab.to_bytes()) hashed_dh_tuple = blake2b.finalize() id_cfrag_pairs = list(self._attached_cfrags.items()) id_0, cfrag_0 = id_cfrag_pairs[0] x_0 = BigNum.hash_to_bn(id_0, hashed_dh_tuple, params=params) if len(id_cfrag_pairs) > 1: xs = [ BigNum.hash_to_bn(_id, hashed_dh_tuple, params=params) for _id in self._attached_cfrags.keys() ] lambda_0 = lambda_coeff(x_0, xs) e = lambda_0 * cfrag_0.point_eph_e1 v = lambda_0 * cfrag_0.point_eph_v1 for id_i, cfrag in id_cfrag_pairs[1:]: x_i = BigNum.hash_to_bn(id_i, hashed_dh_tuple, params=params) lambda_i = lambda_coeff(x_i, xs) e = e + (lambda_i * cfrag.point_eph_e1) v = v + (lambda_i * cfrag.point_eph_v1) else: e = cfrag_0.point_eph_e1 v = cfrag_0.point_eph_v1 self._point_eph_e_prime = e self._point_eph_v_prime = v self._point_noninteractive = cfrag_0.point_eph_ni
def unsafe_hash_to_point(data, params: UmbralParameters, label=None) -> 'Point': """ Hashes arbitrary data into a valid EC point of the specified curve, using the try-and-increment method. It admits an optional label as an additional input to the hash function. It uses BLAKE2b (with a digest size of 64 bytes) as the internal hash function. WARNING: Do not use when the input data is secret, as this implementation is not in constant time, and hence, it is not safe with respect to timing attacks. TODO: Check how to uniformly generate ycoords. Currently, it only outputs points where ycoord is even (i.e., starting with 0x02 in compressed notation) """ if label is None: label = [] # We use a 32-bit counter as additional input i = 1 while i < 2**32: ibytes = i.to_bytes(4, byteorder='big') blake2b = hashes.Hash(hashes.BLAKE2b(64), backend=backend) blake2b.update(label + ibytes + data) hash_digest = blake2b.finalize()[:params.CURVE_KEY_SIZE_BYTES] compressed02 = b"\x02" + hash_digest try: return Point.from_bytes(compressed02, params.curve) except InternalError as e: # We want to catch specific InternalExceptions: # - Point not in the curve (code 107) # - Invalid compressed point (code 110) # https://github.com/openssl/openssl/blob/master/include/openssl/ecerr.h#L228 if e.err_code[0].reason in (107, 110): pass else: # Any other exception, we raise it raise e i += 1 # Only happens with probability 2^(-32) raise ValueError('Could not hash input into the curve')
def _reconstruct_shamirs_secret(self, pub_a: Union[UmbralPublicKey, Point], priv_b: Union[UmbralPrivateKey, CurveBN], params: UmbralParameters=None) -> None: params = params if params is not None else default_params() if isinstance(priv_b, UmbralPrivateKey): priv_b = priv_b.bn_key if isinstance(pub_a, UmbralPublicKey): pub_a = pub_a.point_key g = params.g pub_b = priv_b * g g_ab = priv_b * pub_a blake2b = hashes.Hash(hashes.BLAKE2b(64), backend=backend) blake2b.update(pub_a.to_bytes()) blake2b.update(pub_b.to_bytes()) blake2b.update(g_ab.to_bytes()) hashed_dh_tuple = blake2b.finalize() cfrag_0 = self._attached_cfrags[0] id_0 = cfrag_0._bn_kfrag_id x_0 = CurveBN.hash(id_0, hashed_dh_tuple, params=params) if len(self._attached_cfrags) > 1: xs = [CurveBN.hash(cfrag._bn_kfrag_id, hashed_dh_tuple, params=params) for cfrag in self._attached_cfrags] lambda_0 = lambda_coeff(x_0, xs) e = lambda_0 * cfrag_0._point_e1 v = lambda_0 * cfrag_0._point_v1 for cfrag in self._attached_cfrags[1:]: x_i = CurveBN.hash(cfrag._bn_kfrag_id, hashed_dh_tuple, params=params) lambda_i = lambda_coeff(x_i, xs) e = e + (lambda_i * cfrag._point_e1) v = v + (lambda_i * cfrag._point_v1) else: e = cfrag_0._point_e1 v = cfrag_0._point_v1 self._point_e_prime = e self._point_v_prime = v self._point_noninteractive = cfrag_0._point_noninteractive
def derive_privkey_by_label(self, label: bytes, salt: bytes=None, params: UmbralParameters=None): """ Derives an UmbralPrivateKey using a KDF from this instance of UmbralKeyingMaterial, a label, and an optional salt. """ params = params if params is not None else default_params() key_material = HKDF( algorithm=hashes.BLAKE2b(64), length=64, salt=salt, info=b"NuCypherKMS/KeyDerivation/"+label, backend=default_backend() ).derive(self.keying_material) bn_key = CurveBN.hash(key_material, params=params) return UmbralPrivateKey(bn_key, params)
def hash(cls, *crypto_items, params=None): params = params if params is not None else default_params() curve_nid = backend._elliptic_curve_to_nid(params.curve) order = openssl._get_ec_order_by_curve_nid(curve_nid) group = openssl._get_ec_group_by_curve_nid(curve_nid) # TODO: Clean this in an upcoming cleanup of pyUmbral blake2b = hashes.Hash(hashes.BLAKE2b(64), backend=backend) for item in crypto_items: try: item_bytes = item.to_bytes() except AttributeError: if isinstance(item, bytes): item_bytes = item else: raise TypeError( "{} is not acceptable type, received {}".format( item, type(item))) blake2b.update(item_bytes) hash_digest = blake2b.finalize() hash_digest = int.from_bytes(hash_digest, byteorder='big', signed=False) hash_digest = openssl._int_to_bn(hash_digest) _1 = backend._lib.BN_value_one() order_minus_1 = openssl._get_new_BN() res = backend._lib.BN_sub(order_minus_1, order, _1) backend.openssl_assert(res == 1) bignum = openssl._get_new_BN() with backend._tmp_bn_ctx() as bn_ctx: res = backend._lib.BN_mod(bignum, hash_digest, order_minus_1, bn_ctx) backend.openssl_assert(res == 1) res = backend._lib.BN_add(bignum, bignum, _1) backend.openssl_assert(res == 1) return cls(bignum, curve_nid, group, order)
def enchachacry(data): nonce = bytes(token_hex(8), "UTF-8") salt = bytes(token_hex(8), "UTF-8") keyraw = salt + bytes(getpass(), "UTF-8") key = hashes.Hash(hashes.BLAKE2b(64), backend=default_backend()) key.update(keyraw) key = key.finalize() k3y = bytes() for bits in range(0, 32, 1): stream = [key[bits] ^ key[(bits + 32)]] k3y = k3y + bytes(stream) if bits == 31: key = k3y algorithm = algorithms.ChaCha20(key, nonce) cipher = Cipher(algorithm, mode=None, backend=default_backend()) marker = bytes( b"\x8c\x14\xf6t\xea\xd5\xe3\x88Z\xa8~\xceE\x02w\\\xf4/w\xfa\xc6\xc5g}") encrypt = cipher.encryptor() return (marker + salt + nonce + encrypt.update(data))