You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@milagro.apache.org by km...@apache.org on 2020/03/31 16:23:37 UTC
[incubator-milagro-MPC] 01/01: update python code for aes and core
utils
This is an automated email from the ASF dual-hosted git repository.
kmccusker pushed a commit to branch issue35
in repository https://gitbox.apache.org/repos/asf/incubator-milagro-MPC.git
commit fe81bc1dfd1a68638d836a23144debe0dd3029aa
Author: Kealan McCusker <ke...@gmail.com>
AuthorDate: Tue Mar 31 17:23:10 2020 +0100
update python code for aes and core utils
---
python/amcl/aes.py | 8 ++--
python/amcl/core_utils.py | 28 +++++++++++++
python/examples/example_aes.py | 94 +++++++++++++++++++++++++++++++++---------
3 files changed, 107 insertions(+), 23 deletions(-)
diff --git a/python/amcl/aes.py b/python/amcl/aes.py
index ab28514..16fc952 100644
--- a/python/amcl/aes.py
+++ b/python/amcl/aes.py
@@ -41,7 +41,9 @@ else:
# Constants
-AES_KEY = 32 # Length in bytes of an AES key
+KEYL = 16 # Length in bytes of an AES key
+TAGL = 16 # Length in bytes of tag
+IVL = 12 # Length in bytes of IV
def gcm_encrypt(aes_key, iv, header, plaintext):
@@ -69,7 +71,7 @@ def gcm_encrypt(aes_key, iv, header, plaintext):
iv1, iv1_val = core_utils.make_octet(None, iv)
header1, header1_val = core_utils.make_octet(None, header)
plaintext1, plaintext1_val = core_utils.make_octet(None, plaintext)
- tag1, tag1_val = core_utils.make_octet(AES_KEY)
+ tag1, tag1_val = core_utils.make_octet(TAGL)
ciphertext1, ciphertext1_val = core_utils.make_octet(len(plaintext))
_ = aes_key1_val, iv1_val, header1_val, plaintext1_val, tag1_val, ciphertext1_val # Suppress warnings
@@ -118,7 +120,7 @@ def gcm_decrypt(aes_key, iv, header, ciphertext):
iv1, iv1_val = core_utils.make_octet(None, iv)
header1, header1_val = core_utils.make_octet(None, header)
ciphertext1, ciphertext1_val = core_utils.make_octet(None, ciphertext)
- tag1, tag1_val = core_utils.make_octet(AES_KEY)
+ tag1, tag1_val = core_utils.make_octet(TAGL)
plaintext1, plaintext1_val = core_utils.make_octet(len(ciphertext))
_ = aes_key1_val, iv1_val, header1_val, plaintext1_val, tag1_val, ciphertext1_val # Suppress warnings
diff --git a/python/amcl/core_utils.py b/python/amcl/core_utils.py
index a7125e9..4b09d65 100644
--- a/python/amcl/core_utils.py
+++ b/python/amcl/core_utils.py
@@ -49,6 +49,7 @@ typedef struct
extern void RAND_seed(csprng *R,int n,char *b);
extern void RAND_clean(csprng *R);
extern void OCT_clear(octet *O);
+extern void generateRandom(csprng* RNG, octet* randomValue);
""")
if (platform.system() == 'Windows'):
@@ -177,3 +178,30 @@ def kill_csprng(rng):
_libamcl_core.RAND_clean(rng)
return 0
+
+def generate_random(rng, length):
+ """Generate a random string
+
+ Generate a random string
+
+ Args::
+
+ rng: Pointer to cryptographically secure pseudo-random number generator instance
+ length: length of random byte array
+
+ Returns::
+
+ random_value: Random value
+
+ Raises:
+
+ """
+ random_value1, random_value1_val = make_octet(length)
+ _libamcl_core.generateRandom(rng, random_value1)
+
+ random_value = to_str(random_value1)
+
+ # clear memory
+ _libamcl_core.OCT_clear(random_value1)
+
+ return random_value
diff --git a/python/examples/example_aes.py b/python/examples/example_aes.py
index 7f02fdf..1935628 100755
--- a/python/examples/example_aes.py
+++ b/python/examples/example_aes.py
@@ -24,29 +24,83 @@ import sys
sys.path.insert(0, os.path.abspath(os.path.join(os.path.dirname(__file__), '..')))
-from amcl import core_utils, aes
+import amcl.core_utils
+import amcl.aes
-key_hex = "2768a4f5a75344fee0ed46faaf7b020111fe5f0e80a88c0fd27abfcc15bc9d68"
-header_hex = "1554a69ecbf04e507eb6985a234613246206c85f8af73e61ab6e2382a26f457d"
-iv_hex = "2b213af6b0edf6972bf996fb"
+seed_hex = "78d0fb6705ce77dee47d03eb5b9c5d30"
if __name__ == "__main__":
- key = bytes.fromhex(key_hex)
- header = bytes.fromhex(header_hex)
- iv = bytes.fromhex(iv_hex)
+
+ # CSPRNG
+ seed = bytes.fromhex(seed_hex)
+ # seed = os.urandom(16)
+ rng = amcl.core_utils.create_csprng(seed)
+ iv = amcl.core_utils.generate_random(rng, amcl.aes.IVL)
+ key = amcl.core_utils.generate_random(rng, amcl.aes.KEYL)
+ aad = b"hello world"
+ plaintext1 = b'test message'
+
+ print("Encrypt message")
+ print(f"\tplaintext: {plaintext1.decode('utf-8')}")
+ print(f"\tiv: {iv.hex()}")
+ print(f"\tkey: {key.hex()}")
+ print(f"\taad: {aad.hex()}")
+
+ ciphertext, tag1 = amcl.aes.gcm_encrypt(key, iv, aad, plaintext1)
+
+ print("\nEncrypted message")
+ print(f"\tciphertext: {ciphertext.hex()}")
+ print(f"\ttag: {tag1.hex()}")
+
+ plaintext2, tag2 = amcl.aes.gcm_decrypt(key, iv, aad, ciphertext)
+ assert tag1 == tag2, 'tags are not equal!'
+ assert plaintext1 == plaintext2, 'Plaintext are not equal!'
+
+ print("\nDecrypted message")
+ print(f"\tplaintext: {plaintext2.decode('utf-8')}")
+ print(f"\ttag: {tag2.hex()}")
+
+ # Create ciphertext error
+ ciphertext_hex = ciphertext.hex()
+ new = list(ciphertext_hex)
+ new[0] = "a" if (new[0] != "a") else "b"
+ ciphertext_bad_hex = ''.join(new)
+ ciphertext_bad = bytes.fromhex(ciphertext_bad_hex)
+
+ plaintext3, tag3 = amcl.aes.gcm_decrypt(key, iv, aad, ciphertext_bad)
+ assert tag1 != tag3, 'tags are equal!'
+ assert plaintext1 != plaintext3, 'Plaintext not equal!'
+
+ # Create aad error
+ aad_hex = aad.hex()
+ new = list(aad_hex)
+ new[0] = "a" if (new[0] != "a") else "b"
+ aad_bad_hex = ''.join(new)
+ aad_bad = bytes.fromhex(aad_bad_hex)
- plaintext = b'test message'
- print(f"Encrypt message '{plaintext.decode('utf-8')}'")
- print(f'\th = {header.hex()}')
- print(f'\tiv = {iv.hex()}')
+ plaintext4, tag4 = amcl.aes.gcm_decrypt(key, iv, aad_bad, ciphertext)
+ assert tag1 != tag4, 'tags are equal!'
+ assert plaintext1 == plaintext4, 'Plaintext are not equal!'
+
+ # Create iv error
+ iv_hex = iv.hex()
+ new = list(iv_hex)
+ new[0] = "a" if (new[0] != "a") else "b"
+ iv_bad_hex = ''.join(new)
+ iv_bad = bytes.fromhex(iv_bad_hex)
+
+ plaintext5, tag5 = amcl.aes.gcm_decrypt(key, iv_bad, aad, ciphertext)
+ assert tag1 != tag5, 'tags are equal!'
+ assert plaintext1 != plaintext5, 'Plaintext are equal!'
+
+ # Create key error
+ key_hex = key.hex()
+ new = list(key_hex)
+ new[0] = "a" if (new[0] != "a") else "b"
+ key_bad_hex = ''.join(new)
+ key_bad = bytes.fromhex(key_bad_hex)
- ciphertext, tag = aes.gcm_encrypt(key, iv, header, plaintext)
- print("\nEncrypted message")
- print(f'ct = {ciphertext.hex()}')
- print(f'tag = {tag.hex()}')
-
- print("\nDecrypt message")
- dec_plaintext, dec_tag = aes.gcm_decrypt(key, iv, header, ciphertext)
- assert tag == dec_tag, '\tInconsistent decryption tag'
+ plaintext6, tag6 = amcl.aes.gcm_decrypt(key_bad, iv, aad, ciphertext)
+ assert tag1 != tag6, 'tags are equal!'
+ assert plaintext1 != plaintext6, 'Plaintext are equal!'
- print(f"\tgot '{dec_plaintext.decode('utf-8')}'")