Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def test_decryption_error(alices_keys, bobs_keys, ciphertext_and_capsule, message):
delegating_privkey, _signing_privkey = alices_keys
receiving_privkey, _receiving_pubkey = bobs_keys
ciphertext, capsule = ciphertext_and_capsule
cleartext = pre.decrypt(ciphertext, capsule, delegating_privkey)
assert message == cleartext
with pytest.raises(pre.UmbralDecryptionError) as e:
_cleartext = pre.decrypt(ciphertext, capsule, receiving_privkey)
def test_public_key_encryption(alices_keys):
delegating_privkey, _ = alices_keys
plain_data = b'peace at dawn'
ciphertext, capsule = pre.encrypt(delegating_privkey.get_pubkey(), plain_data)
cleartext = pre.decrypt(ciphertext, capsule, delegating_privkey)
assert cleartext == plain_data
def test_decryption_error(alices_keys, bobs_keys, ciphertext_and_capsule, message):
delegating_privkey, _signing_privkey = alices_keys
receiving_privkey, _receiving_pubkey = bobs_keys
ciphertext, capsule = ciphertext_and_capsule
cleartext = pre.decrypt(ciphertext, capsule, delegating_privkey)
assert message == cleartext
with pytest.raises(pre.UmbralDecryptionError) as e:
_cleartext = pre.decrypt(ciphertext, capsule, receiving_privkey)
delegating_pubkey = delegating_privkey.get_pubkey()
signing_privkey = UmbralPrivateKey.gen_key(params=params)
signing_pubkey = signing_privkey.get_pubkey()
signer = Signer(signing_privkey)
# Key Generation (Bob)
receiving_privkey = UmbralPrivateKey.gen_key(params=params)
receiving_pubkey = receiving_privkey.get_pubkey()
# Encryption by an unnamed data source
plain_data = b'peace at dawn'
ciphertext, capsule = pre.encrypt(delegating_pubkey, plain_data)
# Decryption by Alice
cleartext = pre.decrypt(ciphertext, capsule, delegating_privkey)
assert cleartext == plain_data
# Split Re-Encryption Key Generation (aka Delegation)
kfrags = pre.generate_kfrags(delegating_privkey, receiving_pubkey, M, N, signer)
# Capsule preparation (necessary before re-encryotion and activation)
capsule.set_correctness_keys(delegating=delegating_pubkey,
receiving=receiving_pubkey,
verifying=signing_pubkey)
# Bob requests re-encryption to some set of M ursulas
cfrags = list()
for kfrag in kfrags[:M]:
# Ursula checks that the received kfrag is valid
assert kfrag.verify(signing_pubkey, delegating_pubkey, receiving_pubkey, params)
priv_key_bob = keys.UmbralPrivateKey.gen_key(params=params)
pub_key_bob = priv_key_bob.get_pubkey()
plain_data = b'attack at dawn'
ciphertext, capsule = pre.encrypt(pub_key_alice, plain_data)
cleartext = pre.decrypt(capsule, priv_key_alice, ciphertext)
assert cleartext == plain_data
rekeys, _unused_vkeys = pre.split_rekey(priv_key_alice, pub_key_bob, M, N, params=params)
for rekey in rekeys:
c_frag = pre.reencrypt(rekey, capsule, params=params)
capsule.attach_cfrag(c_frag)
reenc_cleartext = pre.decrypt(capsule, priv_key_bob, ciphertext, pub_key_alice)
assert reenc_cleartext == plain_data
for kfrag in kfrags[:M]:
# Ursula checks that the received kfrag is valid
assert kfrag.verify(signing_pubkey, delegating_pubkey, receiving_pubkey, params)
# Re-encryption by an Ursula
cfrag = pre.reencrypt(kfrag, capsule)
# Bob collects the result
cfrags.append(cfrag)
# Capsule activation (by Bob)
for cfrag in cfrags:
capsule.attach_cfrag(cfrag)
# Decryption by Bob
reenc_cleartext = pre.decrypt(ciphertext, capsule, receiving_privkey)
assert reenc_cleartext == plain_data
def test_simple_api(N, M, curve=default_curve()):
"""Manually injects umbralparameters for multi-curve testing."""
params = UmbralParameters(curve=curve)
priv_key_alice = keys.UmbralPrivateKey.gen_key(params=params)
pub_key_alice = priv_key_alice.get_pubkey()
priv_key_bob = keys.UmbralPrivateKey.gen_key(params=params)
pub_key_bob = priv_key_bob.get_pubkey()
plain_data = b'attack at dawn'
ciphertext, capsule = pre.encrypt(pub_key_alice, plain_data)
cleartext = pre.decrypt(capsule, priv_key_alice, ciphertext)
assert cleartext == plain_data
rekeys, _unused_vkeys = pre.split_rekey(priv_key_alice, pub_key_bob, M, N, params=params)
for rekey in rekeys:
c_frag = pre.reencrypt(rekey, capsule, params=params)
capsule.attach_cfrag(c_frag)
reenc_cleartext = pre.decrypt(capsule, priv_key_bob, ciphertext, pub_key_alice)
assert reenc_cleartext == plain_data
# Now let's encrypt data with Alice's public key.
# Invocation of `pre.encrypt` returns both the `ciphertext`,
# and a `capsule`. Anyone with Alice's public key can perform
# this operation.
plaintext = b'Proxy Re-encryption is cool!'
ciphertext, capsule = pre.encrypt(alices_public_key, plaintext)
print(ciphertext)
#4
# Decrypt data for Alice
# ----------------------
# Since data was encrypted with Alice's public key,
# Alice can open the capsule and decrypt the ciphertext with her private key.
cleartext = pre.decrypt(ciphertext=ciphertext,
capsule=capsule,
decrypting_key=alices_private_key)
print(cleartext)
#5
# Bob Exists
# -----------
bobs_private_key = keys.UmbralPrivateKey.gen_key()
bobs_public_key = bobs_private_key.get_pubkey()
#6
# Bob receives a capsule through a side channel (s3, ipfs, Google cloud, etc)
bob_capsule = capsule
#7
#5
# Bob Exists
# -----------
bobs_private_key = keys.UmbralPrivateKey.gen_key()
bobs_public_key = bobs_private_key.get_pubkey()
#6
# Bob receives a capsule through a side channel (s3, ipfs, Google cloud, etc)
bob_capsule = capsule
#7
# Attempt Bob's decryption (fail)
try:
fail_decrypted_data = pre.decrypt(ciphertext=ciphertext,
capsule=bob_capsule,
decrypting_key=bobs_private_key)
except pre.UmbralDecryptionError:
print("Decryption failed! Bob doesn't has access granted yet.")
#8
# Alice grants access to Bob by generating kfrags
# -----------------------------------------------
# When Alice wants to grant Bob access to open her encrypted messages,
# she creates *threshold split re-encryption keys*, or *"kfrags"*,
# which are next sent to N proxies or *Ursulas*.
# She uses her private key, and Bob's public key, and she sets a minimum
# threshold of 10, for 20 total shares
kfrags = pre.generate_kfrags(delegating_privkey=alices_private_key,
signer=alices_signer,