def check_wrong_secret_key(alg_name): kem = oqs.KeyEncapsulation(alg_name) public_key = kem.generate_keypair() ciphertext, shared_secret_server = kem.encap_secret(public_key) wrong_secret_key = bytes( random.getrandbits(8) for _ in range(kem.details['length_secret_key'])) kem2 = oqs.KeyEncapsulation(alg_name, wrong_secret_key) shared_secret_client = kem2.decap_secret(ciphertext) assert shared_secret_client != shared_secret_server kem.free() kem2.free()
def test(algorithm): kem = oqs.KeyEncapsulation(algorithm) startKey = time.time() for i in range(100): public_key = kem.generate_keypair() endKey = time.time() startEncap = time.time() for x in range(100): ciphertext, shared_secret_server = kem.encap_secret(public_key) endEncap = time.time() startDecap = time.time() for j in range(100): shared_secret_client = kem.decap_secret(ciphertext) endDecap = time.time() print('Total time to genKey is ', (endKey - startKey), 'and time for 1 is ', ((endKey - startKey) / 100)) print() print('Total time to encapsulate is ', (endEncap - startEncap), 'and time for 1 is ', ((endEncap - startEncap) / 100)) print() print('Total time to decapsulate is ', (endDecap - startDecap), 'and time for 1 is ', ((endDecap - startDecap) / 100)) print()
def check_correctness(alg_name): kem = oqs.KeyEncapsulation(alg_name) public_key = kem.generate_keypair() ciphertext, shared_secret_server = kem.encap_secret(public_key) shared_secret_client = kem.decap_secret(ciphertext) assert shared_secret_client == shared_secret_server kem.free()
def decapsulate(self, secret_key: bytes, ciphertext: Ciphertext) -> SharedSecret: with oqs.KeyEncapsulation(self.system, secret_key) as client: start = current_milli_time() plaintext = client.decap_secret(ciphertext) end = current_milli_time() self.decrypt_time = end - start return plaintext
def encapsulate(self, public_key: bytes) -> Tuple[Ciphertext, SharedSecret]: with oqs.KeyEncapsulation(self.system) as client: start = current_milli_time() ciphertext, shared_secret = client.encap_secret(public_key) end = current_milli_time() self.encrypt_time = end - start return ciphertext, shared_secret
def test_not_supported(): try: kem = oqs.KeyEncapsulation('bogus') raise AssertionError("oqs.MechanismNotSupportedError was not raised.") except oqs.MechanismNotSupportedError: pass except E: raise AssertionError("An unexpected exception was raised. " + E)
def generate_key(self) -> KeyPair: with oqs.KeyEncapsulation(self.system) as client: start = current_milli_time() public_key = client.generate_keypair() secret_key = client.export_secret_key() end = current_milli_time() self.keygen_time = end - start return public_key, secret_key
def check_wrong_ciphertext(alg_name): with oqs.KeyEncapsulation(alg_name) as kem: public_key = kem.generate_keypair() ciphertext, shared_secret_server = kem.encap_secret(public_key) wrong_ciphertext = bytes( random.getrandbits(8) for _ in range(len(ciphertext))) shared_secret_client = kem.decap_secret(wrong_ciphertext) assert shared_secret_client != shared_secret_server
def generate(algorithm): kem = oqs.KeyEncapsulation(algorithm) public_key = kem.generate_keypair() ciphertext, shared_secret_server = kem.encap_secret(public_key) shared_secret_client = kem.decap_secret(ciphertext) if shared_secret_client == shared_secret_server: print ("True") else: print ("FALSE!!!!!!!!!") return False
def test_not_enabled(): # TODO: test broken as the compiled lib determines which algorithms are supported and enabled for alg_name in oqs.get_supported_KEM_mechanisms(): if alg_name not in oqs.get_enabled_KEM_mechanisms(): # found a non-enabled but supported alg try: kem = oqs.KeyEncapsulation(alg_name) raise AssertionError( "oqs.MechanismNotEnabledError was not raised.") except oqs.MechanismNotEnabledError: pass except E: raise AssertionError("An unexpected exception was raised. " + E)
def get_pwd(client_public_key): kex_alg = 'NewHope-1024-CCA' with oqs.KeyEncapsulation(kex_alg) as server: #this generates a key and encrypts it using client's public key ciphertext, shared_secret_server = server.encap_secret( client_public_key) print('Server Details') pprint(server.details) sleep(5) print('Ciphertext generated by server') print(ciphertext) print('Secret key generated by server') #printing this just for verification print(shared_secret_server) return ciphertext
def get_nist_level(kem): with oqs.KeyEncapsulation(kem) as client: level = client.details["claimed_nist_level"] return level
from pprint import pprint import oqs ####################################################################### # KEM example ####################################################################### kems = oqs.get_enabled_KEM_mechanisms() print("Enabled KEM mechanisms:") pprint(kems, compact="True") # create client and server with default KEM mechanisms kemalg = "DEFAULT" with oqs.KeyEncapsulation(kemalg) as client: with oqs.KeyEncapsulation(kemalg) as server: print("\nKey encapsulation details:") pprint(client.details) # client generates its keypair public_key = client.generate_keypair() # optionally, the secret key can be obtained by calling export_secret_key() # and the client can later be re-instantiated with the key pair: # secret_key = client.export_secret_key() # store key pair, wait... (session resumption): # client = oqs.KeyEncapsulation(kemalg, secret_key) # the server encapsulates its secret using the client's public key ciphertext, shared_secret_server = server.encap_secret(public_key)
file_ver = verification.read(BLOCK_SIDE_C) if(client_end_hash.hexdigest() == pq_hash(file_server)): #print() print('Quantum safe hash verified') else: print('File Manipulated') def cls_scr(): if os.name == 'posix': _ = os.system('clear') else: _ = os.system('cls') key_exchange = 'NewHope-1024-CCA' with oqs.KeyEncapsulation(key_exchange) as client: cls_scr() print('Client Side') print('Client Details') pprint(client.details) #public key generation public_key = client.generate_keypair() pq_file_pwd = get_pwd(public_key) file_pwd = client.decap_secret(pq_file_pwd) print('Secret key recieved by client') print(file_pwd) sleep(8) cls_scr() print("next up quantum signature verification") sleep(3)