def test_verify_election_partial_key_backup(self): # Arrange recipient_auxiliary_key_pair = generate_rsa_auxiliary_key_pair( RECIPIENT_GUARDIAN_ID, RECIPIENT_SEQUENCE_ORDER) sender_election_key_pair = generate_election_key_pair( SENDER_GUARDIAN_ID, SENDER_SEQUENCE_ORDER, QUORUM) recipient_auxiliary_public_key = AuxiliaryPublicKey( RECIPIENT_GUARDIAN_ID, RECIPIENT_SEQUENCE_ORDER, recipient_auxiliary_key_pair.public_key, ) partial_key_backup = generate_election_partial_key_backup( SENDER_GUARDIAN_ID, sender_election_key_pair.polynomial, recipient_auxiliary_public_key, identity_auxiliary_encrypt, ) # Act verification = verify_election_partial_key_backup( RECIPIENT_GUARDIAN_ID, partial_key_backup, sender_election_key_pair.share(), recipient_auxiliary_key_pair, identity_auxiliary_decrypt, ) # Assert self.assertIsNotNone(verification) self.assertEqual(verification.owner_id, SENDER_GUARDIAN_ID) self.assertEqual(verification.designated_id, RECIPIENT_GUARDIAN_ID) self.assertEqual(verification.verifier_id, RECIPIENT_GUARDIAN_ID) self.assertTrue(verification.verified)
def create_guardian_backup(request: GuardianBackupRequest) -> GuardianBackup: """ Generate all election partial key backups based on existing public keys :param request: Guardian backup request :return: Guardian backup """ encrypt = identity if request.override_rsa else rsa_encrypt backups: List[Any] = [] for auxiliary_public_key in request.auxiliary_public_keys: backup = generate_election_partial_key_backup( request.guardian_id, read_json_object(request.election_polynomial, ElectionPolynomial), AuxiliaryPublicKey( auxiliary_public_key.owner_id, auxiliary_public_key.sequence_order, auxiliary_public_key.key, ), encrypt, ) if not backup: raise HTTPException(status_code=500, detail="Backup failed to be generated") backups.append(write_json_object(backup)) return GuardianBackup( id=request.guardian_id, election_partial_key_backups=backups, )
def test_generate_election_partial_key_backup(self): # Arrange election_key_pair = generate_election_key_pair(SENDER_GUARDIAN_ID, SENDER_SEQUENCE_ORDER, QUORUM) auxiliary_key_pair = generate_rsa_auxiliary_key_pair( RECIPIENT_GUARDIAN_ID, RECIPIENT_SEQUENCE_ORDER) auxiliary_public_key = AuxiliaryPublicKey( RECIPIENT_GUARDIAN_ID, RECIPIENT_SEQUENCE_ORDER, auxiliary_key_pair.public_key, ) # Act backup = generate_election_partial_key_backup( SENDER_GUARDIAN_ID, election_key_pair.polynomial, auxiliary_public_key, identity_auxiliary_encrypt, ) # Assert self.assertIsNotNone(backup) self.assertEqual(backup.designated_id, RECIPIENT_GUARDIAN_ID) self.assertEqual(backup.designated_sequence_order, RECIPIENT_SEQUENCE_ORDER) self.assertIsNotNone(backup.encrypted_value)
def test_generate_election_partial_key_challenge(self): # Arrange recipient_auxiliary_key_pair = generate_rsa_auxiliary_key_pair( RECIPIENT_GUARDIAN_ID, RECIPIENT_SEQUENCE_ORDER) sender_election_key_pair = generate_election_key_pair( SENDER_GUARDIAN_ID, SENDER_SEQUENCE_ORDER, QUORUM) recipient_auxiliary_public_key = AuxiliaryPublicKey( RECIPIENT_GUARDIAN_ID, RECIPIENT_SEQUENCE_ORDER, recipient_auxiliary_key_pair.public_key, ) partial_key_backup = generate_election_partial_key_backup( SENDER_GUARDIAN_ID, sender_election_key_pair.polynomial, recipient_auxiliary_public_key, identity_auxiliary_encrypt, ) # Act challenge = generate_election_partial_key_challenge( partial_key_backup, sender_election_key_pair.polynomial) # Assert self.assertIsNotNone(challenge) self.assertEqual(challenge.designated_id, RECIPIENT_GUARDIAN_ID) self.assertEqual(challenge.designated_sequence_order, RECIPIENT_SEQUENCE_ORDER) self.assertIsNotNone(challenge.value) self.assertEqual(len(challenge.coefficient_commitments), QUORUM) self.assertEqual(len(challenge.coefficient_proofs), QUORUM) for proof in challenge.coefficient_proofs: self.assertTrue(proof.is_valid())
def test_generate_election_partial_key_backup(self): # Arrange election_key_pair = generate_election_key_pair(QUORUM) auxiliary_key_pair = generate_rsa_auxiliary_key_pair() auxiliary_public_key = AuxiliaryPublicKey( RECIPIENT_GUARDIAN_ID, RECIPIENT_SEQUENCE_ORDER, auxiliary_key_pair.public_key, ) # Act backup = generate_election_partial_key_backup( SENDER_GUARDIAN_ID, election_key_pair.polynomial, auxiliary_public_key, identity_auxiliary_encrypt, ) # Assert self.assertIsNotNone(backup) self.assertEqual(backup.designated_id, RECIPIENT_GUARDIAN_ID) self.assertEqual(backup.designated_sequence_order, RECIPIENT_SEQUENCE_ORDER) self.assertIsNotNone(backup.encrypted_value) self.assertEqual(len(backup.coefficient_commitments), QUORUM) self.assertEqual(len(backup.coefficient_proofs), QUORUM) for proof in backup.coefficient_proofs: self.assertTrue(proof.is_valid())
def test_verify_election_partial_key_challenge(self): # Arrange recipient_auxiliary_key_pair = generate_elgamal_auxiliary_key_pair() sender_election_key_pair = generate_election_key_pair(QUORUM) recipient_auxiliary_public_key = AuxiliaryPublicKey( RECIPIENT_GUARDIAN_ID, RECIPIENT_SEQUENCE_ORDER, recipient_auxiliary_key_pair.public_key, ) partial_key_backup = generate_election_partial_key_backup( SENDER_GUARDIAN_ID, sender_election_key_pair.polynomial, recipient_auxiliary_public_key, ) challenge = generate_election_partial_key_challenge( partial_key_backup, sender_election_key_pair.polynomial) # Act verification = verify_election_partial_key_challenge( ALTERNATE_VERIFIER_GUARDIAN_ID, challenge) # Assert self.assertIsNotNone(verification) self.assertEqual(verification.owner_id, SENDER_GUARDIAN_ID) self.assertEqual(verification.designated_id, RECIPIENT_GUARDIAN_ID) self.assertEqual(verification.verifier_id, ALTERNATE_VERIFIER_GUARDIAN_ID) self.assertTrue(verification.verified)
def _guardian_generates_backups(self, sender_id: str) -> None: """ Guardian generates a partial key backup of all other guardian keys """ backups = [] for recipient_auxiliary_key in self.auxiliary_key_pairs.values(): # Guardian skips themselves if recipient_auxiliary_key.owner_id is sender_id: continue senders_polynomial = self.election_key_pairs[sender_id].polynomial backup = generate_election_partial_key_backup( sender_id, senders_polynomial, recipient_auxiliary_key.share(), identity_auxiliary_encrypt, ) backups.append(backup) self.sent_backups[sender_id] = backups