New test for kfrags signed without correctness keys. Test fails

tests/functional/test_correctness.py

@@ -21,15 +21,16 @@ import pytest
 
 from umbral import pre
 from umbral.point import Point
+from umbral.signing import Signer
 
-def test_cheating_ursula_replays_old_reencryption(alices_keys, bobs_keys, 
+
+def test_cheating_ursula_replays_old_reencryption(alices_keys, bobs_keys,
                                                   kfrags, prepared_capsule):
-
     delegating_privkey, signing_privkey = alices_keys
     delegating_pubkey = delegating_privkey.get_pubkey()
 
     receiving_privkey, receiving_pubkey = bobs_keys
-    
+
     capsule_alice1 = prepared_capsule
 
     _unused_key2, capsule_alice2 = pre._encapsulate(delegating_pubkey)
@@ -53,8 +54,7 @@ def test_cheating_ursula_replays_old_reencryption(alices_keys, bobs_keys,
 
         cfrags.append(cfrag)
 
-
-    # CFrag 0 is not valid ...
+    #  CFrag 0 is not valid ...
     assert not cfrags[0].verify_correctness(capsule_alice1)
 
     # ... and trying to attach it raises an error.
@@ -71,11 +71,11 @@ def test_cheating_ursula_replays_old_reencryption(alices_keys, bobs_keys,
         assert cfrag_i.verify_correctness(capsule_alice1)
         capsule_alice1.attach_cfrag(cfrag_i)
         correct_cases += 1
-        
+
     assert correct_cases == len(cfrags[1:])
 
+
 def test_cheating_ursula_sends_garbage(kfrags, prepared_capsule):
-    
     capsule_alice = prepared_capsule
 
     cfrags = []
@@ -91,7 +91,7 @@ def test_cheating_ursula_sends_garbage(kfrags, prepared_capsule):
     cfrags[0]._point_e1 = Point.gen_rand()
     cfrags[0]._point_v1 = Point.gen_rand()
 
-    # Of course, this CFrag is not valid ...
+    #  Of course, this CFrag is not valid ...
     assert not cfrags[0].verify_correctness(capsule_alice)
 
     # ... and trying to attach it raises an error.
@@ -103,14 +103,13 @@ def test_cheating_ursula_sends_garbage(kfrags, prepared_capsule):
     assert len(correctness_error.offending_cfrags) == 1
 
     # The response of cheating Ursula is in cfrags[0],
-    # so the rest of CFrags chould be correct: 
+    # so the rest of CFrags should be correct:
     for cfrag_i in cfrags[1:]:
         assert cfrag_i.verify_correctness(capsule_alice)
         capsule_alice.attach_cfrag(cfrag_i)
 
 
 def test_cfrag_with_missing_proof_cannot_be_attached(kfrags, prepared_capsule):
-
     capsule = prepared_capsule
 
     cfrags = []
@@ -119,7 +118,7 @@ def test_cfrag_with_missing_proof_cannot_be_attached(kfrags, prepared_capsule):
         cfrags.append(cfrag)
 
     # If the proof is lost (e.g., it is chopped off a serialized CFrag or similar), 
-    # then the CFrag cannot be attached.
+    #  then the CFrag cannot be attached.
     cfrags[0].proof = None
     with pytest.raises(cfrag.NoProofProvided):
         capsule.attach_cfrag(cfrags[0])
@@ -130,7 +129,6 @@ def test_cfrag_with_missing_proof_cannot_be_attached(kfrags, prepared_capsule):
 
 
 def test_inconsistent_cfrags(bobs_keys, kfrags, prepared_capsule):
-
     receiving_privkey, receiving_pubkey = bobs_keys
 
     capsule = prepared_capsule
@@ -139,20 +137,47 @@ def test_inconsistent_cfrags(bobs_keys, kfrags, prepared_capsule):
     for kfrag in kfrags:
         cfrag = pre.reencrypt(kfrag, capsule)
         cfrags.append(cfrag)
-    
-    # For all cfrags that belong to the same policy, the values 
+
+    # For all cfrags that belong to the same policy, the values
     # cfrag._point_noninteractive and cfrag._point_noninteractive
-    # must be the same. If we swap them, it shouldn't be possible 
-    # to attach the cfrag to the capsule. Let's mangle the first CFrag
+    # must be the same. If we swap them, it shouldn't be possible
+    # to attach the cfrag to the capsule. Let's mangle the first CFrag
     cfrags[0]._point_noninteractive, cfrags[0]._point_xcoord = cfrags[0]._point_xcoord, cfrags[0]._point_noninteractive
     with pytest.raises(pre.UmbralCorrectnessError):
         capsule.attach_cfrag(cfrags[0])
 
-    # The remaining M cfrags should be fine. 
-    for cfrag in cfrags[1:]:   
+    #  The remaining M cfrags should be fine.
+    for cfrag in cfrags[1:]:
         capsule.attach_cfrag(cfrag)
 
     # Just for fun, let's try to reconstruct the capsule with them:
     capsule._reconstruct_shamirs_secret(receiving_privkey)
 
-    
+
+def test_kfrags_signed_without_correctness_keys(alices_keys, bobs_keys, capsule):
+    delegating_privkey, signing_privkey = alices_keys
+    delegating_pubkey = delegating_privkey.get_pubkey()
+    verifying_key = signing_privkey.get_pubkey()
+
+    receiving_privkey, receiving_pubkey = bobs_keys
+
+    kfrags = pre.split_rekey(delegating_privkey=delegating_privkey,
+                             signer=Signer(signing_privkey),
+                             receiving_pubkey=receiving_pubkey,
+                             threshold=6,
+                             N=10,
+                             sign_delegating_key=False,
+                             sign_receiving_key=False)
+
+    for kfrag in kfrags:
+        # You can verify the KFrag specifying only the verifying key
+        assert kfrag.verify(signing_pubkey=verifying_key)
+
+        # ... or if it is set in the capsule, using the capsule
+        capsule.set_correctness_keys(verifying=verifying_key)
+        assert kfrag.verify_for_capsule(capsule)
+
+        # It should even work when other keys are set in the capsule
+        assert kfrag.verify(signing_pubkey=verifying_key,
+                            delegating_pubkey=delegating_pubkey,
+                            receiving_pubkey=receiving_pubkey)

tests/unit/test_kfrags.py

@@ -20,7 +20,6 @@ along with pyUmbral. If not, see <https://www.gnu.org/licenses/>.
 from umbral.fragments import KFrag
 
 
-
 def test_kfrag_serialization(alices_keys, bobs_keys, kfrags):
     
     delegating_privkey, signing_privkey = alices_keys
@@ -43,6 +42,7 @@ def test_kfrag_serialization(alices_keys, bobs_keys, kfrags):
 
         assert new_kfrag == kfrag
 
+
 def test_kfrag_verify_for_capsule(prepared_capsule, kfrags):
     for kfrag in kfrags:
         assert kfrag.verify_for_capsule(prepared_capsule)
@@ -51,14 +51,14 @@ def test_kfrag_verify_for_capsule(prepared_capsule, kfrags):
         previous_id, kfrag._id = kfrag._id, bytes(32)
         assert not kfrag.verify_for_capsule(prepared_capsule)    
 
-        # Let's restore the KFrag, and alter the re-encryption key instead
+        # Let's restore the KFrag, and alter the re-encryption key instead
         kfrag._id = previous_id
         kfrag._bn_key += kfrag._bn_key
         assert not kfrag.verify_for_capsule(prepared_capsule)    
         
 
 def test_kfrag_as_dict_key(kfrags):
-    dict_with_kfrags_as_keys = {}
+    dict_with_kfrags_as_keys = dict()
     dict_with_kfrags_as_keys[kfrags[0]] = "Some llamas.  Definitely some llamas."
     dict_with_kfrags_as_keys[kfrags[1]] = "No llamas here.  Definitely not."
 

umbral/fragments.py

@@ -97,8 +97,8 @@ class KFrag(object):
 
     def verify(self,
                signing_pubkey: UmbralPublicKey,
-               delegating_pubkey: UmbralPublicKey,
-               receiving_pubkey: UmbralPublicKey,
+               delegating_pubkey: UmbralPublicKey = None,
+               receiving_pubkey: UmbralPublicKey = None,
                params: Optional[UmbralParameters] = None,
               ) -> bool: