def test_3mpecdh(self): publickey.Identity('alice', basedir=self.pbp_path, create=True) publickey.Identity('bob', basedir=self.pbp_path, create=True) publickey.Identity('carol', basedir=self.pbp_path, create=True) pbp.mpecdh_start_handler('1st', 3, 'alice', '/dev/null', self.tmp_dir + '/step1', basedir=self.pbp_path) pbp.mpecdh_start_handler('1st', 3, 'bob', self.tmp_dir + '/step1', self.tmp_dir + '/step2', basedir=self.pbp_path) s1 = pbp.mpecdh_start_handler('1st', 3, 'carol', self.tmp_dir + '/step2', self.tmp_dir + '/step3', basedir=self.pbp_path) s2 = pbp.mpecdh_end_handler('1st', 'alice', self.tmp_dir + '/step3', self.tmp_dir + '/step4', basedir=self.pbp_path) s3 = pbp.mpecdh_end_handler('1st', 'bob', self.tmp_dir + '/step4', self.tmp_dir + '/step5', basedir=self.pbp_path) self.assertEquals(s1, s2) self.assertEquals(s2, s3)
def test_3mpecdh(self): publickey.Identity('alice', basedir=self.pbp_path, create=True) publickey.Identity('bob', basedir=self.pbp_path, create=True) publickey.Identity('carol', basedir=self.pbp_path, create=True) pbp.mpecdh_start_handler('1st', 3, 'alice', '/dev/null', self.tmp_dir+ '/step1', basedir=self.pbp_path) pbp.mpecdh_start_handler('1st', 3, 'bob', self.tmp_dir+'/step1', self.tmp_dir+'/step2', basedir=self.pbp_path) s1=pbp.mpecdh_start_handler('1st', 3, 'carol', self.tmp_dir+'/step2', self.tmp_dir+'/step3', basedir=self.pbp_path) s2=pbp.mpecdh_end_handler('1st', 'alice', self.tmp_dir+'/step3', self.tmp_dir+'/step4', basedir=self.pbp_path) s3=pbp.mpecdh_end_handler('1st', 'bob', self.tmp_dir+'/step4', self.tmp_dir+'/step5', basedir=self.pbp_path) self.assertEquals(s1,s2) self.assertEquals(s2,s3)
ensure_dhparam_specified(opts) ensure_dhexp_specified(opts) if PITCHFORK and opts.PITCHFORK: pitchfork.init() sec = pitchfork.end_ecdh(opts.dh_param, opts.dh_exp) else: sec = dh3_handler(binascii.unhexlify(opts.dh_param), binascii.unhexlify(opts.dh_exp)) if sec: print "[pbp] shared secret", b85encode(sec) clearmem(sec) # start MPECDH elif opts.action=='ds': ensure_self_specified(opts) ensure_dhpeers_specified(opts) ensure_name_specified(opts) sec = mpecdh_start_handler(opts.name, opts.dh_peers, opts.self, opts.infile, opts.outfile, opts.basedir) if sec: print >>sys.stderr, "[pbp] pushed shared secret, hash", b85encode(nacl.crypto_generichash(sec, outlen=6)) clearmem(sec) sec = None # finish MPECDH elif opts.action=='de': ensure_self_specified(opts) ensure_name_specified(opts) sec = mpecdh_end_handler(opts.name, opts.self, opts.infile, opts.outfile, opts.basedir) if sec: print >>sys.stderr, "[pbp] pushed shared secret, hash", b85encode(nacl.crypto_generichash(sec, outlen=6)) clearmem(sec) sec = None
elif opts.action=='E': ensure_recipient_specified(opts) ensure_only_one_recipient(opts) # TODO could try to find out this automatically if non-ambiguous ensure_self_specified(opts) chaining_decrypt_handler(opts.infile, outfile=opts.outfile, recipient=opts.recipient[0], self=opts.self, basedir=opts.basedir) # start ECDH elif opts.action=='ds': ensure_self_specified(opts) ensure_dhparam_specified(opts) ensure_name_specified(opts) sec = mpecdh_start_handler(opts.name, opts.dh_peers, opts.self, opts.infile, opts.outfile, opts.basedir) if sec: print >>sys.stderr, "pushed shared secret, hash", b85encode(nacl.crypto_generichash(sec, outlen=6)) clearmem(sec) sec = None # finish ECDH elif opts.action=='de': ensure_self_specified(opts) ensure_name_specified(opts) sec = mpecdh_end_handler(opts.name, opts.self, opts.infile, opts.outfile, opts.basedir) if sec: print >>sys.stderr, "pushed shared secret, hash", b85encode(nacl.crypto_generichash(sec, outlen=6)) clearmem(sec) sec = None