def get_signer_keys (): alices_private_key = keys.UmbralPrivateKey.gen_key() alices_public_key = alices_private_key.get_pubkey() alices_signing_key = keys.UmbralPrivateKey.gen_key() alices_verifying_key = alices_signing_key.get_pubkey() alices_signer = signing.Signer(private_key=alices_signing_key) newkeys = {"privateSigningKey": alices_signing_key, "publicSigningKey": alices_verifying_key, "signer": alices_signer} # print (newkeys) with open("python/proxy/23.jpg", "rb") as imageFile: f = imageFile.read() plaintext = bytes(f) # print("imgStart") # print(b) # print("imgEnd") # plaintext = b'Proxy Re-encryption is cool!' # print("@@@@") # print(plaintext) ciphertext, capsule = pre.encrypt(alices_public_key, plaintext) # print(ciphertext) print(capsule) bob_capsule = capsule bobs_private_key = keys.UmbralPrivateKey.gen_key() bobs_public_key = bobs_private_key.get_pubkey() kfrags = pre.generate_kfrags(delegating_privkey=alices_private_key, signer=alices_signer, receiving_pubkey=bobs_public_key, threshold=10, N=20) print(kfrags) bob_capsule.set_correctness_keys(delegating=alices_public_key, receiving=bobs_public_key, verifying=alices_verifying_key)
def generate_kfrags(self, bob_pubkey_enc, signer, label: bytes, m: int, n: int ) -> Tuple[UmbralPublicKey, List]: """ Generates re-encryption key frags ("KFrags") and returns them. These KFrags can be used by Ursula to re-encrypt a Capsule for Bob so that he can activate the Capsule. :param bob_pubkey_enc: Bob's public key :param m: Minimum number of KFrags needed to rebuild ciphertext :param n: Total number of KFrags to generate """ __private_key = self._get_privkey_from_label(label) kfrags = pre.generate_kfrags(delegating_privkey=__private_key, receiving_pubkey=bob_pubkey_enc, threshold=m, N=n, signer=signer, sign_delegating_key=False, sign_receiving_key=False, ) return __private_key.get_pubkey(), kfrags
def grant_access(): if request.method == 'POST': # Get the data from the request payload and convert them to bytes bobPubKey = string_to_bytes(request.form["bobPubKey"]) bobPubKey = keys.UmbralPublicKey.from_bytes(bobPubKey) alicePrivKey = string_to_bytes(request.form["alicePrivKey"]) alicePrivKey = keys.UmbralPrivateKey.from_bytes(alicePrivKey) alicePubKey = alicePrivKey.get_pubkey() #generate the signing key alices_signing_key = keys.UmbralPrivateKey.gen_key() alices_verifying_key = alices_signing_key.get_pubkey() alices_signer = signing.Signer(private_key=alices_signing_key) # Generating kfrags global kfrags kfrags = pre.generate_kfrags(delegating_privkey=alicePrivKey, signer=alices_signer, receiving_pubkey=bobPubKey, threshold=10, N=20) # Storing the kfrags on the bob's side dataToBeStoredBob = { "alice_verifying_key": bytes_to_string(alices_verifying_key.to_bytes()), "alicePubKey": bytes_to_string(alicePubKey.to_bytes()) } with open('hospital.json', 'w') as outfile: json.dump(dataToBeStoredBob, outfile, cls=SetEncoder) return render_template('grant.html')
def test_kfrags_signed_without_correctness_keys(alices_keys, bobs_keys, capsule): delegating_privkey, signing_privkey = alices_keys delegating_pubkey = delegating_privkey.get_pubkey() verifying_key = signing_privkey.get_pubkey() receiving_privkey, receiving_pubkey = bobs_keys kfrags = pre.generate_kfrags(delegating_privkey=delegating_privkey, signer=Signer(signing_privkey), receiving_pubkey=receiving_pubkey, threshold=6, N=10, sign_delegating_key=False, sign_receiving_key=False) for kfrag in kfrags: # You can verify the KFrag specifying only the verifying key assert kfrag.verify(signing_pubkey=verifying_key) # ... or if it is set in the capsule, using the capsule capsule.set_correctness_keys(verifying=verifying_key) assert kfrag.verify_for_capsule(capsule) # It should even work when other keys are set in the capsule assert kfrag.verify(signing_pubkey=verifying_key, delegating_pubkey=delegating_pubkey, receiving_pubkey=receiving_pubkey)
def gen_rencryption_key(): if request.content_type.lower() != "application/json": abort(415) data = request.get_json() if "delegatorPrivateKey" in data and "delegatorSigningKey" in data and "receiverPublicKey" in data: try: start = time.perf_counter() delegatorPrivKey = keys.UmbralPrivateKey.from_bytes( bytes.fromhex(data["delegatorPrivateKey"])) delegatorSignKey = keys.UmbralPrivateKey.from_bytes( bytes.fromhex(data["delegatorSigningKey"])) receiverPublicKey = keys.UmbralPublicKey.from_hex( data["receiverPublicKey"]) signer = signing.Signer(private_key=delegatorSignKey) [kfrag] = pre.generate_kfrags(delegating_privkey=delegatorPrivKey, signer=signer, receiving_pubkey=receiverPublicKey, threshold=1, N=1) end = time.perf_counter() time_stats_endpoints["gen_renc_key"].append(end - start) return {"status": "ok", "reencKey": kfrag.to_bytes().hex()} except Exception as e: return {"status": "error", "error": str(e)} abort(400)
def generate_secret_key(): alices_private_key = keys.UmbralPrivateKey.gen_key() alices_public_key = alices_private_key.get_pubkey() alices_signing_key = keys.UmbralPrivateKey.gen_key() alices_verifying_key = alices_signing_key.get_pubkey() alices_signer = signing.Signer(private_key=alices_signing_key) # Generate Umbral keys for Bob. bobs_private_key = keys.UmbralPrivateKey.gen_key() bobs_public_key = bobs_private_key.get_pubkey() plaintext = b'Proxy Re-Encryption is cool!' ciphertext, capsule = pre.encrypt(alices_public_key, plaintext) # Decrypt data with Alice's private key. cleartext = pre.decrypt(ciphertext=ciphertext, capsule=capsule, decrypting_key=alices_private_key) kfrags = pre.generate_kfrags(delegating_privkey=alices_private_key, signer=alices_signer, receiving_pubkey=bobs_public_key, threshold=10, N=20) return jsonify( { "encrypted_result": f'{kfrags}' } )
def grant(): json_data = json.loads(request.data.decode('utf-8')) capsule_id, alice_pubkey, alice_privkey, bob_pubkey = json_data['capsule_id'], json_data[ 'alice_pubkey'], json_data['alice_privkey'], json_data['bob_pubkey'] alice_pubkey = string_to_bytes(alice_pubkey) alice_pubkey = keys.UmbralPublicKey.from_bytes(alice_pubkey) alice_privkey = string_to_bytes(alice_privkey) alice_privkey = keys.UmbralPrivateKey.from_bytes(alice_privkey) bob_pubkey = string_to_bytes(bob_pubkey) bob_pubkey = keys.UmbralPublicKey.from_bytes(bob_pubkey) alice_signing_privkey = keys.UmbralPrivateKey.gen_key() alice_signing_pubkey = alice_signing_privkey.get_pubkey() alice_signer = Signer(alice_signing_privkey) # Perform split-rekey and grant re-encryption policy alice_kfrags = pre.generate_kfrags( alice_privkey, bob_pubkey, 10, 20, alice_signer) policy_id = mock_kms.grant(alice_kfrags) alice_pubkey.from_bytes response = { "policy_id": policy_id, "capsule_id": capsule_id, "alice_pubkey": bytes_to_string(alice_pubkey.to_bytes()), "alice_signing_pubkey": bytes_to_string(alice_signing_pubkey.to_bytes()) } return jsonify(response)
def setup(alices_private_key, bobs_private_key, n, m): ################# # Generate Umbral keys for Alice. ################# [] # alices_private_key = keys.UmbralPrivateKey.gen_key() alices_public_key = alices_private_key.get_pubkey() print("alices_private_key", alices_private_key) alices_signing_key = keys.UmbralPrivateKey.gen_key() alices_verifying_key = alices_signing_key.get_pubkey() # assert alices_public_key == alices_verifying_key # it souldn't alices_signer = signing.Signer(private_key=alices_signing_key) # Generate Umbral keys for Bob. ################# [] # bobs_private_key = keys.UmbralPrivateKey.gen_key() bobs_public_key = bobs_private_key.get_pubkey() print("bobs_public_key", bobs_public_key) # Alice generates "M of N" re-encryption key fragments (or "KFrags") for Bob. # In this example, 10 out of 20. kfrags = pre.generate_kfrags(delegating_privkey=alices_private_key, signer=alices_signer, receiving_pubkey=bobs_public_key, threshold=m, N=n) return alices_public_key, alices_signing_key, alices_verifying_key, bobs_public_key, kfrags
def __setup(): delegating_privkey, signer, receiving_pubkey, ciphertext, capsule = __standard_encryption_api( ) kfrags = pre.generate_kfrags(delegating_privkey, receiving_pubkey, m, n, signer) one_kfrag, *remaining_kfrags = kfrags args, kwargs = tuple(), {"kfrag": one_kfrag, "capsule": capsule}, return args, kwargs
def genfrags(self, receiver, threshold=10, N=20): kfrags = pre.generate_kfrags( delegating_privkey=self.alices_private_key, signer=self.alices_signer, receiving_pubkey=receiver.bobs_public_key, threshold=threshold, N=N) import random return random.sample(kfrags, threshold)
def test_single_frag_reencryption_performance(benchmark, m: int, n: int) -> None: delegating_privkey, signer, receiving_pubkey, ciphertext, capsule = __standard_encryption_api() kfrags = pre.generate_kfrags(delegating_privkey, receiving_pubkey, m, n, signer) one_kfrag, *remaining_kfrags = kfrags args, kwargs = tuple(), {"kfrag": one_kfrag, "capsule": capsule}, print("\nBenchmarking {} with the same fragment({M} of {N}) repeatedly...".format("pre.reencrypt", M=m, N=n)) benchmark.pedantic(pre.reencrypt, args=args, kwargs=kwargs, iterations=20, rounds=100) assert True # ensure function finishes and succeeds.
def kfrags(alices_keys, bobs_keys): delegating_privkey, signing_privkey = alices_keys signer_alice = Signer(signing_privkey) receiving_privkey, receiving_pubkey = bobs_keys yield pre.generate_kfrags(delegating_privkey=delegating_privkey, signer=signer_alice, receiving_pubkey=receiving_pubkey, threshold=6, N=10)
def test_wrong_N_M_in_split_rekey(N, M, alices_keys, bobs_keys): delegating_privkey, signing_privkey = alices_keys signer = Signer(signing_privkey) _receiving_privkey, receiving_pubkey = bobs_keys with pytest.raises(ValueError): _kfrags = pre.generate_kfrags(delegating_privkey=delegating_privkey, signer=signer, receiving_pubkey=receiving_pubkey, threshold=M, N=N)
def approve(self, owner_private_key, owner_signer, asker_public_key): approve_start_time = time.time() kfrags = pre.generate_kfrags(delegating_privkey=owner_private_key, signer=owner_signer, receiving_pubkey=asker_public_key, threshold=1, N=1) approve_end_time = time.time() timeUsed = type_convert.double_process(approve_end_time - approve_start_time) return kfrags, timeUsed
def generate_k_flags( cls, sk: keys.UmbralPrivateKey, escrow_pk: keys.UmbralPublicKey) -> (List[pre.KFrag], str): proxy_signing_key = keys.UmbralPrivateKey.gen_key() proxy_public_key = proxy_signing_key.get_pubkey() signer = signing.Signer(private_key=proxy_signing_key) k_frags = pre.generate_kfrags(delegating_privkey=sk, signer=signer, receiving_pubkey=escrow_pk, threshold=10, N=20) k_frags = random.sample(k_frags, 10) return k_frags, proxy_public_key.to_bytes()
def share(self, keyName, path, publicKeyFileName): key = self.contract.call().keys(keyName) keyExist = key[4] if keyExist: try: with open(path + '/' + publicKeyFileName + '.k', 'rb') as publicKeyFile: publicKeyBytes = publicKeyFile.read() except Exception as e: print(e) else: try: publicKey = keys.UmbralPublicKey.from_bytes(publicKeyBytes) signingPrivateKey = keys.UmbralPrivateKey.gen_key() signer = signing.Signer(private_key = signingPrivateKey) kfrags = pre.generate_kfrags( delegating_privkey = self.privateKey, signer = signer, receiving_pubkey = publicKey, threshold = 1, N = 1 ) directory = path + '/' + publicKeyFileName + '/' if not os.path.exists(directory): os.makedirs(directory) curveVar = umbral.config.default_curve() paramsVar = params.UmbralParameters(curveVar) capsule = pre.Capsule.from_bytes(key[1], paramsVar) signingPublicKey = signingPrivateKey.get_pubkey() capsule.set_correctness_keys( delegating = self.publicKey, receiving = publicKey, verifying = signingPublicKey ) for kfrag in kfrags: cfrag = pre.reencrypt( kfrag = kfrag, capsule = capsule ) cfrag = cfrag.to_bytes() keyName = keyName.decode('utf-8') with open(directory + keyName + '.f', 'wb') as cfragFile: cfragFile.write(cfrag) signingPublicKeyBytes = signingPublicKey.to_bytes() with open(directory + keyName + '.s', 'wb') as signatureFile: signatureFile.write(signingPublicKeyBytes) except Exception as e: print(e) else: print('Done') else: print('Key is not exist')
def run_test(): alices_private_key_bytes = keys.UmbralPrivateKey.gen_key().to_bytes() alices_private_key = keys.UmbralPrivateKey.from_bytes( alices_private_key_bytes) alices_public_key = alices_private_key.get_pubkey() # print("Alices private key:", alices_private_key.to_bytes()) # print("Alices public key:", alices_public_key.to_bytes()) alices_signing_key = keys.UmbralPrivateKey.gen_key() alices_verifying_key = alices_signing_key.get_pubkey() alices_signer = signing.Signer(private_key=alices_signing_key) bobs_private_key = keys.UmbralPrivateKey.gen_key() bobs_public_key = bobs_private_key.get_pubkey() plaintext = b'Proxy Re-encryption is cool!' ciphertext, capsule = pre.encrypt(alices_public_key, plaintext) cleartext = pre.decrypt(ciphertext=ciphertext, capsule=capsule, decrypting_key=alices_private_key) # Requires: kfrags = pre.generate_kfrags(delegating_privkey=alices_private_key, signer=alices_signer, receiving_pubkey=bobs_public_key, threshold=10, N=20) capsule.set_correctness_keys(delegating=alices_public_key, receiving=bobs_public_key, verifying=alices_verifying_key) cfrags = list() for kfrag in kfrags[:10]: cfrag = pre.reencrypt(kfrag=kfrag, capsule=capsule) cfrags.append(cfrag) for cfrag in cfrags: capsule.attach_cfrag(cfrag) bob_cleartext = pre.decrypt(ciphertext=ciphertext, capsule=capsule, decrypting_key=bobs_private_key) print("Plain text: ", plaintext) print("bob_cleartext: ", bob_cleartext) assert bob_cleartext == plaintext
def _generate_re_enc_key_admin_to_voter(self) -> List[KFrag]: """generate re-encrypt key from admin to (admin)voter Returns: List[Dict[int, KFrag]] -- index to re-encrypt """ re_enc_keys = [] for i, voter in enumerate(self.voters): re_enc_key = generate_kfrags( delegating_privkey=self.private_key, signer=self.signer, receiving_pubkey=voter.short_public_key, threshold=1, N=1) re_enc_keys.append(re_enc_key) return re_enc_keys
def fragments(metadata): delegating_privkey = UmbralPrivateKey.gen_key() _symmetric_key, capsule = pre._encapsulate(delegating_privkey.get_pubkey()) signing_privkey = UmbralPrivateKey.gen_key() signer = Signer(signing_privkey) priv_key_bob = UmbralPrivateKey.gen_key() pub_key_bob = priv_key_bob.get_pubkey() kfrags = pre.generate_kfrags(delegating_privkey=delegating_privkey, signer=signer, receiving_pubkey=pub_key_bob, threshold=2, N=4, sign_delegating_key=False, sign_receiving_key=False) capsule.set_correctness_keys(delegating_privkey.get_pubkey(), pub_key_bob, signing_privkey.get_pubkey()) cfrag = pre.reencrypt(kfrags[0], capsule, metadata=metadata) return capsule, cfrag
def get_reencryption_key(alice_priv_key_hex, alice_priv_signing_key_hex, bob_pub_key_hex): alice_priv_key = keys.UmbralPrivateKey.from_bytes( bytes.fromhex(alice_priv_key_hex)) alice_priv_signing_key = keys.UmbralPrivateKey.from_bytes( bytes.fromhex(alice_priv_signing_key_hex)) bob_pub_key = keys.UmbralPublicKey.from_bytes( bytes.fromhex(bob_pub_key_hex)) alices_signer = signing.Signer(private_key=alice_priv_signing_key) kfrags = pre.generate_kfrags(delegating_privkey=alice_priv_key, signer=alices_signer, receiving_pubkey=bob_pub_key, threshold=1, N=1) kfrag = kfrags[0] return kfrag.to_bytes().hex()
def _mock_ursula_reencrypts(ursula, corrupt_cfrag: bool = False): delegating_privkey = UmbralPrivateKey.gen_key() _symmetric_key, capsule = pre._encapsulate(delegating_privkey.get_pubkey()) signing_privkey = UmbralPrivateKey.gen_key() signing_pubkey = signing_privkey.get_pubkey() signer = Signer(signing_privkey) priv_key_bob = UmbralPrivateKey.gen_key() pub_key_bob = priv_key_bob.get_pubkey() kfrags = pre.generate_kfrags(delegating_privkey=delegating_privkey, signer=signer, receiving_pubkey=pub_key_bob, threshold=2, N=4, sign_delegating_key=False, sign_receiving_key=False) capsule.set_correctness_keys(delegating_privkey.get_pubkey(), pub_key_bob, signing_pubkey) ursula_pubkey = ursula.stamp.as_umbral_pubkey() alice_address = canonical_address_from_umbral_key(signing_pubkey) blockhash = bytes(32) specification = b''.join((bytes(capsule), bytes(ursula_pubkey), bytes(ursula.decentralized_identity_evidence), alice_address, blockhash)) bobs_signer = Signer(priv_key_bob) task_signature = bytes(bobs_signer(specification)) metadata = bytes(ursula.stamp(task_signature)) cfrag = pre.reencrypt(kfrags[0], capsule, metadata=metadata) if corrupt_cfrag: cfrag.proof.bn_sig = CurveBN.gen_rand(capsule.params.curve) cfrag_signature = bytes(ursula.stamp(bytes(cfrag))) bob = Bob.from_public_keys(verifying_key=pub_key_bob) task = WorkOrder.Task(capsule, task_signature, cfrag, cfrag_signature) work_order = WorkOrder(bob, None, alice_address, [task], None, ursula, blockhash) evidence = IndisputableEvidence(task, work_order) return evidence
def generateKfrags(account: str, access_pub_key): with open(account + '_privacy', 'rb') as f: user_info_bytes = pickle.load(f) f.close() owner_pri_key = keys.UmbralPrivateKey.from_bytes(user_info_bytes['private_key']) owner_signing_key = keys.UmbralPrivateKey.from_bytes(user_info_bytes['signing_key']) signer = signing.Signer(private_key=owner_signing_key) kfrags = pre.generate_kfrags(delegating_privkey=owner_pri_key, signer=signer, receiving_pubkey=access_pub_key, threshold=1, N=2) res = {} bytes_kfrags = list() for v in kfrags: bytes_kfrags.append(v.to_bytes().decode('iso-8859-15')) res['kfrags'] = bytes_kfrags return res.__str__()
def create_keyfrag(): if (not request.json or not 't' in request.json or not 'delegating_secret' in request.json or not 'receiving' in request.json or not 'signer_secret' in request.json): abort(400) threshold = request.json['t'] show_debug(request.json['delegating_secret']) sk_a = UmbralPrivateKey.from_bytes(binascii.unhexlify( request.json['delegating_secret'].encode()), params=params) pk_b = UmbralPublicKey.from_bytes( binascii.unhexlify(request.json['receiving'].encode()), params) sign_a = UmbralPrivateKey.from_bytes(binascii.unhexlify( request.json['signer_secret'].encode()), params=params) signer_a = signing.Signer(private_key=sign_a) show_debug("Generating kfrags") now = time.time() * 1000 kfrags = pre.generate_kfrags(delegating_privkey=sk_a, signer=signer_a, receiving_pubkey=pk_b, threshold=threshold, N=nodes_num) end = time.time() * 1000 gen_tot = end - now show_debug("Generated key fragment in: " + str(gen_tot)) show_debug("Distributing kfrags") k_id = request.json['id'] payload = { 'capsule': request.json['capsule'], 'delegating': request.json['pk'], 'receiving': request.json['receiving'], 'verifying': binascii.hexlify(sign_a.get_pubkey().to_bytes()).decode() } ree_tot = distribute_key_fragments(k_id, kfrags, payload, threshold) show_debug("Distributed key fragments") return jsonify({'gen_time': gen_tot, 'ree_time': ree_tot}), 201
def _client(self, client, custom_user_id): # for offer in self._get_offers_by_user(custom_user_id): # TODO (offer_cid, kfrags) # prepare data # self._send_message_to_client(client, data) # M, N = 10, 20 kfrags = pre.generate_kfrags( delegating_privkey=self.alices_private_key, receiving_pubkey=client.pub_key, signer=self.alices_signer, threshold=M, N=N) #while True: b_kfrags = [] for kf in kfrags: b_kfrags.append(kf.to_bytes()) self._send_message_to_client(client, b_kfrags)
def simple(): # SETUP (pk_a, sk_a, signer_a, verify_a, pk_b, sk_b) = setup() threshold = threshold_init plaintext = b'Proxy Re-Encryption' # Alice ##################################################### # ENCRYPTION show_debug('Encrypting...') ciphertext, capsule = pre.encrypt(pk_a, plaintext) # KEY FRAGMENTS GENERATION kfrags = pre.generate_kfrags(delegating_privkey=sk_a, signer=signer_a, receiving_pubkey=pk_b, threshold=threshold, N=nodes_num) # DISTRIBUTION k_id = int(time.time() * 1000) payload = { 'capsule': binascii.hexlify(capsule.to_bytes()).decode(), 'delegating': binascii.hexlify(pk_a.to_bytes()).decode(), 'receiving': binascii.hexlify(pk_b.to_bytes()).decode(), 'verifying': binascii.hexlify(verify_a.to_bytes()).decode() } distribute_key_fragments(k_id, kfrags, payload, threshold) # Bob ####################################################### # CAPSULE FRAGMENTS GATHERING capsule.set_correctness_keys(delegating=pk_a, receiving=pk_b, verifying=verify_a) cfrags = gather_capsule_fragments(k_id, capsule, threshold) # DECRYPT plaintext_b = decrypt(cfrags, capsule, ciphertext, sk_b, threshold) # FINISH assert (plaintext_b == plaintext) show_debug(plaintext_b)
def createPolicy(): json_data = json.loads(request.data.decode('utf-8')) alices_private_key = json_data['alices_private_key'] alices_signing_key = json_data['alices_signing_key'] bobs_public_key = json_data['bobs_public_key'] alices_private_key = keys.UmbralPrivateKey.from_bytes( string_to_bytes(alices_private_key)) bobs_public_key = keys.UmbralPublicKey.from_bytes( string_to_bytes(bobs_public_key)) alices_signing_key = keys.UmbralPrivateKey.from_bytes( string_to_bytes(alices_signing_key)) alices_signer = signing.Signer(private_key=alices_signing_key) kfrags = pre.generate_kfrags(delegating_privkey=alices_private_key, signer=alices_signer, receiving_pubkey=bobs_public_key, threshold=3, N=5) kfrags_array.append(kfrags) print(kfrags_array) return jsonify(len(kfrags_array) - 1)
def grant_access_policy(delegating_privkey, signer, recipient_pubkey, m, n): kfrags_file = KFRAGS_FILE_FORMAT.format(recipient_pubkey.to_bytes().hex()) if os.path.exists(kfrags_file): os.remove(kfrags_file) kfrags = pre.generate_kfrags(delegating_privkey=delegating_privkey, signer=signer, receiving_pubkey=recipient_pubkey, threshold=m, N=n) kfrags = random.sample(kfrags, m) kfrag_hex_list = list() for kfrag in kfrags: kfrag_hex_list.append(kfrag.to_bytes().hex()) with open(kfrags_file, 'w') as f: json.dump(kfrag_hex_list, f) print("Access Granted!")
def __produce_kfrags_and_capsule(m: int, n: int) -> Tuple[List[KFrag], Capsule]: delegating_privkey = keys.UmbralPrivateKey.gen_key(params=PARAMS) delegating_pubkey = delegating_privkey.get_pubkey() signing_privkey = keys.UmbralPrivateKey.gen_key(params=PARAMS) signer = Signer(signing_privkey) receiving_privkey = keys.UmbralPrivateKey.gen_key(params=PARAMS) receiving_pubkey = receiving_privkey.get_pubkey() plain_data = os.urandom(32) ciphertext, capsule = pre.encrypt(delegating_pubkey, plain_data) kfrags = pre.generate_kfrags(delegating_privkey, receiving_pubkey, m, n, signer) capsule.set_correctness_keys(delegating=delegating_pubkey, receiving=receiving_pubkey, verifying=signing_privkey.get_pubkey()) return kfrags, capsule
def getData(owner, reader, ciphertext, capsule_bytes) -> str: with open(owner + '_privacy', 'rb') as f: owner_info_bytes = pickle.load(f) f.close() owner_pri_key = keys.UmbralPrivateKey.from_bytes(owner_info_bytes['private_key']) owner_pub_key = owner_pri_key.get_pubkey() owner_signing_key = keys.UmbralPrivateKey.from_bytes(owner_info_bytes['signing_key']) owner_ver_key = owner_signing_key.get_pubkey() with open(reader + '_privacy', 'rb') as f: reader_info_bytes = pickle.load(f) f.close() reader_pri_key = keys.UmbralPrivateKey.from_bytes(reader_info_bytes['private_key']) reader_pub_key = reader_pri_key.get_pubkey() reader_ver_key = keys.UmbralPrivateKey.from_bytes(reader_info_bytes['signing_key']).get_pubkey() signer = signing.Signer(private_key=owner_signing_key) kfrags = pre.generate_kfrags(delegating_privkey=owner_pri_key, signer=signer, receiving_pubkey=reader_pub_key, threshold=1, N=2) capsule = pre.Capsule.from_bytes(capsule_bytes, owner_pub_key.params) capsule.set_correctness_keys(delegating=owner_pub_key, receiving=reader_pub_key, verifying=owner_ver_key) cfrags = list() for kfrag in kfrags: cfrag = pre.reencrypt(kfrag=kfrag, capsule=capsule) cfrags.append(cfrag) for cfrag in cfrags: capsule.attach_cfrag(cfrag) img_bytes = pre.decrypt(ciphertext=ciphertext, capsule=capsule, decrypting_key=reader_pri_key) img = base64.b64decode(img_bytes) with open('return_example.jpeg', 'wb') as f: f.write(img) f.close() path = os.path.abspath(__file__) + '/return_example.jpeg' return path
def fragments(): delegating_privkey = keys.UmbralPrivateKey.gen_key() delegating_pubkey = delegating_privkey.get_pubkey() signing_privkey = keys.UmbralPrivateKey.gen_key() signer = Signer(signing_privkey) priv_key_bob = keys.UmbralPrivateKey.gen_key() pub_key_bob = priv_key_bob.get_pubkey() kfrags = pre.generate_kfrags(delegating_privkey=delegating_privkey, signer=signer, receiving_pubkey=pub_key_bob, threshold=2, N=4, sign_delegating_key=False, sign_receiving_key=False) # TODO: Use nucypher re-encryption metadata metadata = b"This is an example of metadata for re-encryption request" _symmetric_key, capsule = pre._encapsulate(delegating_pubkey) capsule.set_correctness_keys(delegating=delegating_pubkey, receiving=pub_key_bob, verifying=signing_privkey.get_pubkey()) cfrag = pre.reencrypt(kfrags[0], capsule, metadata=metadata) return capsule, cfrag