diff --git a/umbral/bignum.py b/umbral/bignum.py index 76c99e2..d0a0648 100644 --- a/umbral/bignum.py +++ b/umbral/bignum.py @@ -4,7 +4,7 @@ from cryptography.hazmat.backends.openssl import backend from cryptography.hazmat.primitives.asymmetric import ec from cryptography.hazmat.primitives import hashes -from umbral.config import default_curve +from umbral.config import default_curve, default_params from umbral.utils import get_curve_keysize_bytes @@ -82,14 +82,20 @@ class BigNum(object): return cls(bignum, curve_nid, group, order) @classmethod - def hash_to_bn(cls, crypto_items, params): + def hash_to_bn(cls, *crypto_items, params=None): + params = params if params is not None else default_params() + blake2b = hashes.Hash(hashes.BLAKE2b(64), backend=backend) for item in crypto_items: try: data_bytes = item.to_bytes() except AttributeError: - data_bytes = item - blake2b.update(data_bytes) + if isinstance(item, bytes): + data_bytes = item + else: + raise TypeError("{} is not bytes, got {} instead.".format(item, type(item))) + else: + blake2b.update(data_bytes) i = 0 h = 0 @@ -99,9 +105,10 @@ class BigNum(object): hash_digest = blake2b_i.finalize() h = int.from_bytes(hash_digest, byteorder='big', signed=False) i += 1 - hash_bn = h % int(params.order) + hash_bn = h % int(params.order) res = cls.from_int(hash_bn, params.curve) + return res @classmethod diff --git a/umbral/fragments.py b/umbral/fragments.py index c505cba..8519078 100644 --- a/umbral/fragments.py +++ b/umbral/fragments.py @@ -1,6 +1,6 @@ from cryptography.hazmat.primitives.asymmetric import ec -from umbral.bignum import BigNum, hash_to_bn +from umbral.bignum import BigNum from umbral.config import default_curve, default_params from umbral.point import Point from umbral.utils import get_curve_keysize_bytes @@ -66,7 +66,7 @@ class KFrag(object): # We check the Schnorr signature over the kfrag components g_y = (z2 * params.g) + (z1 * pub_a) - check_kfrag_2 = z1 == hash_to_bn([g_y, self.bn_id, pub_a, pub_b, u1, x], params) + check_kfrag_2 = z1 == BigNum.hash_to_bn(g_y, self.bn_id, pub_a, pub_b, u1, x, params=params) return check_kfrag_1 & check_kfrag_2 diff --git a/umbral/keys.py b/umbral/keys.py index e2d7e6b..60020de 100644 --- a/umbral/keys.py +++ b/umbral/keys.py @@ -15,7 +15,7 @@ from cryptography.hazmat.primitives.kdf.hkdf import HKDF from umbral.config import default_params from umbral.point import Point -from umbral.bignum import BigNum, hash_to_bn +from umbral.bignum import BigNum from umbral.params import UmbralParameters @@ -285,17 +285,17 @@ class UmbralKeyingMaterial(object): Derives an UmbralPrivateKey using a KDF from this instance of UmbralKeyingMaterial, a label, and an optional salt. """ - if params is None: - params = default_params() + params = params if params is not None else default_params() - hkdf = HKDF(algorithm=hashes.BLAKE2b(64), - length=64, - salt=salt, - info=b"NuCypherKMS/KeyDerivation/"+label, - backend=default_backend() - ) + key_material = HKDF( + algorithm=hashes.BLAKE2b(64), + length=64, + salt=salt, + info=b"NuCypherKMS/KeyDerivation/"+label, + backend=default_backend() + ).derive(self.keying_material) - bn_key = hash_to_bn([hkdf.derive(self.keying_material)], params) + bn_key = BigNum.hash_to_bn(key_material, params=params) return UmbralPrivateKey(bn_key, params) @classmethod diff --git a/umbral/pre.py b/umbral/pre.py index 2cb75ca..0cecec9 100644 --- a/umbral/pre.py +++ b/umbral/pre.py @@ -6,7 +6,7 @@ from cryptography.hazmat.backends.openssl import backend from cryptography.hazmat.primitives.asymmetric import ec from cryptography.hazmat.primitives import hashes -from umbral.bignum import BigNum, hash_to_bn +from umbral.bignum import BigNum from umbral.config import default_params, default_curve from umbral.dem import UmbralDEM from umbral.fragments import KFrag, CapsuleFrag @@ -107,7 +107,7 @@ class Capsule(object): e = self._point_eph_e v = self._point_eph_v s = self._bn_sig - h = hash_to_bn([e, v], params) + h = BigNum.hash_to_bn(e, v, params=params) return s * params.g == v + (h * e) @@ -145,16 +145,16 @@ class Capsule(object): id_cfrag_pairs = list(self._attached_cfrags.items()) id_0, cfrag_0 = id_cfrag_pairs[0] - x_0 = hash_to_bn([id_0, hashed_dh_tuple], params) + x_0 = BigNum.hash_to_bn(id_0, hashed_dh_tuple, params=params) if len(id_cfrag_pairs) > 1: - xs = [hash_to_bn([_id, hashed_dh_tuple], params) + xs = [BigNum.hash_to_bn(_id, hashed_dh_tuple, params=params) for _id in self._attached_cfrags.keys()] lambda_0 = lambda_coeff(x_0, xs) e = lambda_0 * cfrag_0.point_eph_e1 v = lambda_0 * cfrag_0.point_eph_v1 for id_i, cfrag in id_cfrag_pairs[1:]: - x_i = hash_to_bn([id_i, hashed_dh_tuple], params) + x_i = BigNum.hash_to_bn(id_i, hashed_dh_tuple, params=params) lambda_i = lambda_coeff(x_i, xs) e = e + (lambda_i * cfrag.point_eph_e1) v = v + (lambda_i * cfrag.point_eph_v1) @@ -280,7 +280,7 @@ def split_rekey(priv_a: Union[UmbralPrivateKey, BigNum], x = BigNum.gen_rand(params.curve) xcomp = x * g - d = hash_to_bn([xcomp, pub_b, pub_b * x], params) + d = BigNum.hash_to_bn(xcomp, pub_b, pub_b * x, params=params) coeffs = [priv_a * (~d)] coeffs += [BigNum.gen_rand(params.curve) for _ in range(threshold - 1)] @@ -299,14 +299,14 @@ def split_rekey(priv_a: Union[UmbralPrivateKey, BigNum], for _ in range(N): id_kfrag = BigNum.gen_rand(params.curve) - share_x = hash_to_bn([id_kfrag, hashed_dh_tuple], params) + share_x = BigNum.hash_to_bn(id_kfrag, hashed_dh_tuple, params=params) rk = poly_eval(coeffs, share_x) u1 = rk * u y = BigNum.gen_rand(params.curve) - z1 = hash_to_bn([y * g, id_kfrag, pub_a, pub_b, u1, xcomp], params) + z1 = BigNum.hash_to_bn(y * g, id_kfrag, pub_a, pub_b, u1, xcomp, params=params) z2 = y - priv_a * z1 kfrag = KFrag(id_=id_kfrag, key=rk, x=xcomp, u1=u1, z1=z1, z2=z2) @@ -351,8 +351,8 @@ def _challenge(kfrag: KFrag, capsule: Capsule, hash_input = [e, e1, e2, v, v1, v2, u, u1, u2] if challenge_metadata is not None: hash_input.append(challenge_metadata) - - h = hash_to_bn(hash_input, params) + + h = BigNum.hash_to_bn(*hash_input, params=params) z3 = t + h * kfrag.bn_key @@ -400,9 +400,9 @@ def _check_challenge(capsule: Capsule, cfrag: CapsuleFrag, if challenge_metadata is not None: hash_input.append(challenge_metadata) - h = hash_to_bn(hash_input, params) + h = BigNum.hash_to_bn(hash_input, params=params) - check31 = z1 == hash_to_bn([g_y, kfrag_id, pub_a, pub_b, u1, xcomp], params) + check31 = z1 == BigNum.hash_to_bn(g_y, kfrag_id, pub_a, pub_b, u1, xcomp, params=params) check32 = z3 * e == e2 + (h * e1) check33 = z3 * u == u2 + (h * u1) check34 = z3 * v == v2 + (h * v1) @@ -423,7 +423,7 @@ def _encapsulate(alice_pub_key: Point, key_length=32, priv_u = BigNum.gen_rand(params.curve) pub_u = priv_u * g - h = hash_to_bn([pub_r, pub_u], params) + h = BigNum.hash_to_bn(pub_r, pub_u, params=params) s = priv_u + (priv_r * h) shared_key = (priv_r + priv_u) * alice_pub_key @@ -457,7 +457,7 @@ def _decapsulate_reencrypted(pub_key: Point, priv_key: BigNum, params = params if params is not None else default_params() xcomp = capsule._point_noninteractive - d = hash_to_bn([xcomp, pub_key, priv_key * xcomp], params) + d = BigNum.hash_to_bn(xcomp, pub_key, priv_key * xcomp, params=params) e_prime = capsule._point_eph_e_prime v_prime = capsule._point_eph_v_prime @@ -469,7 +469,7 @@ def _decapsulate_reencrypted(pub_key: Point, priv_key: BigNum, e = capsule._point_eph_e v = capsule._point_eph_v s = capsule._bn_sig - h = hash_to_bn([e, v], params) + h = BigNum.hash_to_bn(e, v, params=params) inv_d = ~d if not (s*inv_d) * orig_pub_key == (h*e_prime) + v_prime: