def __initiate_client(self, client_private_key, server_public_key): sk = Data(client_private_key) pk = Data(server_public_key) client = self._lib_vsce_phe_client.vsce_phe_client_new() self._lib_vsce_phe_client.vsce_phe_client_set_keys( client, sk.data, pk.data) return client
def decrypt(self, encrypted_data, account_key): decrypted_buffer = Buffer( self._lib_vsc_phe_cipher.vsce_phe_cipher_decrypt_len( self._cipher, len(encrypted_data))) d_encrypted_data = Data(encrypted_data) d_account_key = Data(account_key) self._lib_vsc_phe_cipher.vsce_phe_cipher_decrypt( self._cipher, d_encrypted_data.data, d_account_key.data, decrypted_buffer.c_buffer) return decrypted_buffer.get_bytes()
def verify_server_response(self, client_private_key, server_public_key, password, record, response): # type: (bytearray, bytearray, bytearray, bytearray, bytearray) -> bytearray client = self.__initiate_client(client_private_key, server_public_key) pwd = Data(password) rec = Data(record) resp = Data(response) key_buffer = Buffer(self.constants.PHE_ACCOUNT_KEY_LENGTH) err = self._lib_vsce_phe_client.vsce_phe_client_check_response_and_decrypt( client, pwd.data, rec.data, resp.data, key_buffer.c_buffer) if err: raise RuntimeError("Could not validate server response") self._lib_vsce_phe_client.vsce_phe_client_destroy(client) return key_buffer.get_bytes()
def password_verify_request(self, client_private_key, server_public_key, record, password): # type: (bytearray, bytearray, bytearray, bytearray) -> bytearray client = self.__initiate_client(client_private_key, server_public_key) pwd = Data(password) rec = Data(record) req = Buffer( self._lib_vsce_phe_client. vsce_phe_client_verify_password_request_len(client)) err = self._lib_vsce_phe_client.vsce_phe_client_create_verify_password_request( client, pwd.data, rec.data, req.c_buffer) if err: raise RuntimeError("Could not create password verify request") self._lib_vsce_phe_client.vsce_phe_client_destroy(client) return req.get_bytes()
def get_enrollment(self, private_key, public_key): # type: (bytearray, bytearray) -> bytearray enrollment_buffer_size = self._lib_vsce_phe_server.vsce_phe_server_enrollment_response_len(self.server) enrollment_response = Buffer(int(enrollment_buffer_size)) server_key = Data(private_key) pub_key = Data(public_key) err = self._lib_vsce_phe_server.vsce_phe_server_get_enrollment( self.server, server_key.data, pub_key.data, enrollment_response.c_buffer ) if err: raise RuntimeError("Could not get enrollment") return enrollment_response.get_bytes()
def verify_password(self, private_key, public_key, request): # type: (bytearray, bytearray, bytearray) -> bytearray server_key = Data(private_key) pub_key = Data(public_key) req = Data(request) verify_password_response = Buffer( self._lib_vsce_phe_server.vsce_phe_server_verify_password_response_len(self.server) ) err = self._lib_vsce_phe_server.vsce_phe_server_verify_password( self.server, server_key.data, pub_key.data, req.data, verify_password_response.c_buffer ) if err: raise RuntimeError("Unable to make verify password response") return verify_password_response.get_bytes()
def enroll_account(self, client_private_key, server_public_key, response, password): # type: (bytearray, bytearray, bytearray, bytearray) -> (bytearray, bytearray) client = self.__initiate_client(client_private_key, server_public_key) resp = Data(response) pwd = Data(password) enrollment_record = Buffer( self._lib_vsce_phe_client.vsce_phe_client_enrollment_record_len( client)) key_buffer = Buffer(self.constants.PHE_ACCOUNT_KEY_LENGTH) err = self._lib_vsce_phe_client.vsce_phe_client_enroll_account( client, resp.data, pwd.data, enrollment_record.c_buffer, key_buffer.c_buffer) if err: raise RuntimeError("Could not create enrollment record") self._lib_vsce_phe_client.vsce_phe_client_destroy(client) return enrollment_record.get_bytes(), key_buffer.get_bytes()
def update(self, data): d_data = Data(data) self._lib_vscf_sha256.vscf_sha256_update(self._sha, d_data.data)
def hash(self, data): digest = Buffer(self.constants.DIGEST_LEN) d_data = Data(data) self._lib_vscf_sha256.vscf_sha256_hash(d_data.data, digest.c_buffer) return digest.get_bytes()
def derive(self, data, key_len): d_data = Data(data) key = Buffer(key_len) self._lib_vscf_kdf1.vscf_kdf1_derive(self._kdf1, d_data.data, key_len, key.c_buffer) return key.get_bytes()