def test_ecies_encapsulate(self): # Check from ec.element key, enc_key = api.ecies_encapsulate(self.pubkey_a) self.assertNotEqual(key, enc_key) self.assertEqual(umbral.EncryptedKey, type(enc_key)) self.assertEqual(bytes, type(key)) self.assertEqual(32, len(key)) # Check from bytes key, enc_key = api.ecies_encapsulate(self.pubkey_a_bytes) self.assertNotEqual(key, enc_key) self.assertEqual(umbral.EncryptedKey, type(enc_key)) self.assertEqual(32, len(key))
def test_ecies_combine(self): eph_priv = self.pre.gen_priv() eph_pub = self.pre.priv2pub(eph_priv) plain_key, enc_key = api.ecies_encapsulate(eph_pub) self.assertNotEqual(plain_key, enc_key) self.assertEqual(umbral.EncryptedKey, type(enc_key)) self.assertEqual(bytes, type(plain_key)) self.assertEqual(32, len(plain_key)) rk_frags = api.ecies_split_rekey(eph_priv, self.privkey_b, 6, 10) self.assertEqual(list, type(rk_frags)) self.assertEqual(10, len(rk_frags)) rk_selected = random.sample(rk_frags, 6) shares = [ api.ecies_reencrypt(rk_frag, enc_key) for rk_frag in rk_selected ] self.assertEqual(list, type(shares)) self.assertEqual(6, len(shares)) [ self.assertEqual(umbral.EncryptedKey, type(share)) for share in shares ] e_b = api.ecies_combine(shares) self.assertEqual(umbral.EncryptedKey, type(e_b)) dec_key = api.ecies_decapsulate(self.privkey_b, e_b) self.assertEqual(bytes, type(dec_key)) self.assertEqual(32, len(dec_key)) self.assertEqual(plain_key, dec_key)
def _ecies_gen_ephemeral_key( recp_pubkey: Union[bytes, elliptic_curve.ec_element] ) -> Tuple[bytes, Tuple[bytes, bytes]]: """ Generates and encrypts an ephemeral key for the `recp_pubkey`. :param recp_pubkey: Recipient's pubkey :return: Tuple of the eph_privkey, and a tuple of the encrypted symmetric key, and encrypted ephemeral privkey """ symm_key, enc_symm_key = API.ecies_encapsulate(recp_pubkey) eph_privkey = API.ecies_gen_priv() enc_eph_privkey = API.symm_encrypt(symm_key, eph_privkey) return (eph_privkey, (enc_symm_key, enc_eph_privkey))
def encrypt(self, data: bytes, pubkey: bytes = None) -> Tuple[bytes, bytes]: """ Encrypts data with Public key encryption :param data: Data to encrypt :param pubkey: publc key to encrypt for :return: (Encrypted Key, Encrypted data) """ pubkey = pubkey or self.pub_key key, enc_key = API.ecies_encapsulate(pubkey) enc_data = API.symm_encrypt(key, data) return (enc_data, API.elliptic_curve.serialize(enc_key.ekey))
def test_ecies_reencrypt(self): eph_priv = self.pre.gen_priv() eph_pub = self.pre.priv2pub(eph_priv) plain_key, enc_key = api.ecies_encapsulate(eph_pub) self.assertNotEqual(plain_key, enc_key) self.assertEqual(umbral.EncryptedKey, type(enc_key)) self.assertEqual(bytes, type(plain_key)) self.assertEqual(32, len(plain_key)) rk_eb = api.ecies_rekey(eph_priv, self.privkey_b, to_bytes=False) self.assertEqual(umbral.RekeyFrag, type(rk_eb)) self.assertEqual(ec.ec_element, type(rk_eb.key)) reenc_key = api.ecies_reencrypt(rk_eb, enc_key) dec_key = api.ecies_decapsulate(self.privkey_b, reenc_key) self.assertEqual(plain_key, dec_key)