def test_crypto_kx_session_keys(seed1, seed2): s_keys = b.crypto_kx_seed_keypair(seed1) c_keys = b.crypto_kx_seed_keypair(seed2) server_rx_key, server_tx_key = b.crypto_kx_server_session_keys( s_keys[0], s_keys[1], c_keys[0]) client_rx_key, client_tx_key = b.crypto_kx_client_session_keys( c_keys[0], c_keys[1], s_keys[0]) assert client_rx_key == server_tx_key assert server_rx_key == client_tx_key
def test_crypto_kx_session_keys(seed1, seed2): s_keys = b.crypto_kx_seed_keypair(seed1) c_keys = b.crypto_kx_seed_keypair(seed2) server_rx_key, server_tx_key = \ b.crypto_kx_server_session_keys(s_keys[0], s_keys[1], c_keys[0]) client_rx_key, client_tx_key = \ b.crypto_kx_client_session_keys(c_keys[0], c_keys[1], s_keys[0]) assert client_rx_key == server_tx_key assert server_rx_key == client_tx_key
def keyexchange(n, ip, publickey_list, secretkey_list, extra_list): exchangeKey = [] for i in range(n): if i == ip: exchangeKey.append(0) else: if i > ip: comKeyint, _ = xc.crypto_kx_client_session_keys(publickey_list[i], secretkey_list[i], extra_list[i]) else: _, comKeyint = xc.crypto_kx_server_session_keys(publickey_list[i], secretkey_list[i], extra_list[i]) exchangekey = int.from_bytes(xc.crypto_hash_sha256(comKeyint), byteorder='big') exchangeKey.append(exchangekey) return exchangeKey
def keyexchange(n, party_i, my_pkey_list, my_skey_list, other_pkey_list): common_key_list = [] for i in range(n): #Generate DH (common) keys if i == party_i: common_key_list.append(0) else: if i > party_i: common_key_raw, _ = nb.crypto_kx_client_session_keys( my_pkey_list[i], my_skey_list[i], other_pkey_list[i]) else: _, common_key_raw = nb.crypto_kx_server_session_keys( my_pkey_list[i], my_skey_list[i], other_pkey_list[i]) #Hash the common keys common_key = int.from_bytes(nb.crypto_hash_sha256(common_key_raw), byteorder='big') common_key_list.append(common_key) return common_key_list
def dict_keyexchange(peer_list, self_id, my_pkeys, my_skeys, peer_pkeys): # CDB: The last three parameters are now all dictionaries. Dictionary keys # are peer ids to which we gave the key, or from which we received the key. # comkeys is also now a dictionary keyed by peer id. comkeys = {} for peer_id in peer_list: if peer_id > self_id: common_key_raw, _ = nb.crypto_kx_client_session_keys( my_pkeys[peer_id], my_skeys[peer_id], peer_pkeys[peer_id]) else: _, common_key_raw = nb.crypto_kx_server_session_keys( my_pkeys[peer_id], my_skeys[peer_id], peer_pkeys[peer_id]) # Hash the common keys. comkeys[peer_id] = int.from_bytes( nb.crypto_hash_sha256(common_key_raw), byteorder='big') return comkeys
def encrypt_X25519_Chacha20_Poly1305(data, seckey, recipient_pubkey): '''Computes the encrypted part''' pubkey = bytes(PrivateKey(seckey).public_key) #LOG.debug('Original data: %s', data.hex()) LOG.debug(" Packet data: %s", data.hex()) LOG.debug(' my public key: %s', pubkey.hex()) LOG.debug(' my secret key: %s', seckey.hex()) LOG.debug('recipient public key: %s', recipient_pubkey.hex()) # X25519 shared key _, shared_key = crypto_kx_server_session_keys(pubkey, seckey, recipient_pubkey) LOG.debug('shared key: %s', shared_key.hex()) # Chacha20_Poly1305 nonce = os.urandom(12) encrypted_data = crypto_aead_chacha20poly1305_ietf_encrypt( data, None, nonce, shared_key) # no add return (pubkey + nonce + encrypted_data)
def test_crypto_kx_session_wrong_key_lengths(): s_keys = b.crypto_kx_keypair() c_keys = b.crypto_kx_keypair() with pytest.raises(exc.TypeError): b.crypto_kx_server_session_keys(s_keys[0][:-1], s_keys[1], c_keys[0]) with pytest.raises(exc.TypeError): b.crypto_kx_client_session_keys(c_keys[0][:-1], c_keys[1], s_keys[0]) with pytest.raises(exc.TypeError): b.crypto_kx_server_session_keys(s_keys[0], s_keys[1][:-1], c_keys[0]) with pytest.raises(exc.TypeError): b.crypto_kx_client_session_keys(c_keys[0], c_keys[1][:-1], s_keys[0]) with pytest.raises(exc.TypeError): b.crypto_kx_server_session_keys(s_keys[0], s_keys[1], c_keys[0][:-1]) with pytest.raises(exc.TypeError): b.crypto_kx_client_session_keys(c_keys[0], c_keys[1], s_keys[0][:-1])