Nucypher
/
pyUmbral
mirror of https://github.com/nucypher/pyUmbral.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Back to comparing lists of components for Capsule.

pull/78/head
jMyles 2018-02-22 16:13:16 -08:00
parent e0a069bb9a
commit 0015ca5fcb
1 changed files with 19 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
umbral/pre.py
View File

@ -31,9 +31,15 @@ class Capsule(object):
v_prime=None, v_prime=None,
noninteractive_point=None): noninteractive_point=None):
if not isinstance(point_eph_e, Point) and not isinstance(e_prime, Point): if isinstance(point_eph_e, Point):
if not isinstance(point_eph_v, Point) and isinstance(bn_sig, BigNum):
raise TypeError("Need point_eph_e, point_eph_v, and bn_sig to make a Capsule.")
elif isinstance(e_prime, Point):
if not isinstance(v_prime, Point) and isinstance(noninteractive_point, Point):
raise TypeError("Need e_prime, v_prime, and noninteractive_point to make an activated Capsule.")
else:
raise ValueError( raise ValueError(
"Need Points to make a Capsule. Pass either Alice's data (ie, point_eph_e) or Bob's (e_prime). \ "Need proper Points and/or BigNums to make a Capsule. Pass either Alice's data or Bob's. \
Passing both is also fine.") Passing both is also fine.")
self._point_eph_e = point_eph_e self._point_eph_e = point_eph_e
@ -135,17 +141,22 @@ class Capsule(object):
""" """
If both Capsules are activated, we compare only the activated components. If both Capsules are activated, we compare only the activated components.
Otherwise, we compare only original components. Otherwise, we compare only original components.
Done in constant time. Each component is compared to its counterpart in constant time per the __eq__ of Point and BigNum.
""" """
if all(self.activated_components() + other.activated_components()): if all(self.activated_components() + other.activated_components()):
our_bytes = bytes().join(c.to_bytes() for c in self.activated_components()) activated_match = self.activated_components() == other.activated_components()
other_bytes = bytes().join(c.to_bytes() for c in other.activated_components()) return activated_match
elif all(self.original_components() + other.original_components()): elif all(self.original_components() + other.original_components()):
our_bytes = bytes().join(c.to_bytes() for c in self.original_components()) original_match = self.original_components() == other.original_components()
other_bytes = bytes().join(c.to_bytes() for c in other.original_components()) return original_match
else: else:
# This is not constant time obviously, but it's hard to imagine how this is valuable as
# an attacker already knows about her own Capsule. It's possible that a Bob, having
# activated a Capsule, will make it available for comparison via an API amidst other
# (dormat) Capsules. Then an attacker can, by alternating between activated and dormant
# Capsules, determine if a given Capsule is activated. Do we care about this?
# Again, it's hard to imagine why.
return False return False
return hmac.compare_digest(our_bytes, other_bytes)
def __hash__(self): def __hash__(self):
# We only ever want to store in a hash table based on original components; # We only ever want to store in a hash table based on original components;