Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Interfacing with Rust #263

Merged
merged 25 commits into from
May 27, 2021
+4,461 −6,575
Merged

Interfacing with Rust #263

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
bbf168e
Clean slate
fjarri Mar 16, 2021
439b675
Drop Py3.5 support
fjarri Mar 20, 2021
2050e3c
Remove unused dependencies
fjarri Mar 20, 2021
54ba9bb
Exclude abstract methods during coverage tests
fjarri Mar 20, 2021
f030fd3
Use a composable approach for serialization
fjarri Mar 16, 2021
f33431d
Working secret & public keys
fjarri Mar 16, 2021
2c28ae8
Add Capsule class and encrypt()/decrypt_original()
fjarri Mar 16, 2021
d6626ba
Add generate_kfrags()
fjarri Mar 17, 2021
b96888c
Add reencryption functionality
fjarri Mar 18, 2021
d532ef1
Move all OpenSSL stuff into one module, move around some low-level de…
fjarri Mar 19, 2021
c419705
Add SecretKeyFactory
fjarri Mar 20, 2021
6af41b0
Remove repeated casting to bytes from hashing calls
fjarri Mar 19, 2021
9e87006
Add back performance tests
fjarri Mar 19, 2021
d659697
Skip rust-umbral tests if the library is not available
fjarri Mar 20, 2021
f58a258
curve_scalar: don't check range in __init__, only in publicly used co…
fjarri Mar 20, 2021
c401c52
Add tests
fjarri Mar 20, 2021
bcb0071
Update docs
fjarri Mar 21, 2021
0f82580
Add some API docs
fjarri Mar 21, 2021
fe6e32b
Update vector generating script and regenerate vectors
fjarri Mar 21, 2021
ee7d31b
RFC for docs
fjarri Mar 26, 2021
a08a552
Replace `dem.ErrorInvalidTag` and `Capsule.NotValid` with `GenericErr…
fjarri Mar 27, 2021
7d0f2fe
Cache public key in the secret key to speed up `generate_kfrags()`
fjarri Mar 27, 2021
a7f4a7a
Fix logic in bn_from_bytes(..., apply_modulus=True)
fjarri Apr 13, 2021
fd9e1d4
Remove a TODO
fjarri Apr 13, 2021
503a1c6
Always set constant time operations for OpenSSL bignums
fjarri Apr 13, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
43 changes: 0 additions & 43 deletions .circleci/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,6 @@ workflows:
version: 2
build_test_deploy:
jobs:
- pipenv_install_35:
filters:
tags:
only: /.*/
- pipenv_install_36:
filters:
tags:
Expand All @@ -16,10 +12,6 @@ workflows:
filters:
tags:
only: /.*/
- pip_install_35:
filters:
tags:
only: /.*/
- pip_install_36:
filters:
tags:
Expand All @@ -28,13 +20,6 @@ workflows:
filters:
tags:
only: /.*/
- run_tests_35:
filters:
tags:
only: /.*/
requires:
- pipenv_install_35
- pip_install_35
- run_tests_36:
filters:
tags:
Expand All @@ -54,39 +39,34 @@ workflows:
tags:
only: /.*/
requires:
- run_tests_35
- run_tests_36
- run_tests_37
- doctests_36:
filters:
tags:
only: /.*/
requires:
- run_tests_35
- run_tests_36
- run_tests_37
- notebook_tests_36:
filters:
tags:
only: /.*/
requires:
- run_tests_35
- run_tests_36
- run_tests_37
- reencryption_memory_profile_36:
filters:
tags:
only: /.*/
requires:
- run_tests_35
- run_tests_36
- run_tests_37
- reencryption_benchmark_36:
filters:
tags:
only: /.*/
# requires: # Commented this section to speed up the build
# - run_tests_35
# - run_tests_36
# - run_tests_37
- test_deploy:
Expand Down Expand Up @@ -119,11 +99,6 @@ workflows:
branches:
ignore: /.*/

python_35_base: &python_35_base
working_directory: ~/pyUmbral-35
docker:
- image: circleci/python:3.5

python_36_base: &python_36_base
working_directory: ~/pyUmbral-36
docker:
Expand Down Expand Up @@ -190,12 +165,6 @@ commands:

jobs:

pipenv_install_35:
<<: *python_35_base
steps:
- pipenv_install:
python_version: "3.5"

pipenv_install_36:
<<: *python_36_base
steps:
Expand All @@ -208,11 +177,6 @@ jobs:
- pipenv_install:
python_version: "3.7"

pip_install_35:
<<: *python_35_base
steps:
- pip_install

pip_install_36:
<<: *python_36_base
steps:
Expand All @@ -223,13 +187,6 @@ jobs:
steps:
- pip_install

run_tests_35:
<<: *python_35_base
parallelism: 4
steps:
- run_tests:
python_version: "3.5"

run_tests_36:
<<: *python_36_base
parallelism: 4
Expand Down
8 changes: 8 additions & 0 deletions .coveragerc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,3 +3,11 @@ omit =
setup.py,
*__init__.py
parallel=True

[report]
exclude_lines =
# Have to re-enable the standard pragma
pragma: no cover

# Exclude abstract methods
@abstractmethod
5 changes: 0 additions & 5 deletions Pipfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,8 @@ name = "pypi"

[packages]
setuptools = "*"
# Third Party
cryptography = ">=2.3"
pynacl = "*"
pysha3 = "*"
# NuCypher
bytestring-splitter = "*"
constant-sorrow = ">=0.1.0a7"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yay!


[dev-packages]
bumpversion = "*"
Expand Down
1,119 changes: 628 additions & 491 deletions Pipfile.lock
View file
Open in desktop

Large diffs are not rendered by default.

67 changes: 32 additions & 35 deletions README.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,19 +62,18 @@ Additionally, users that delegate access to their data (like Alice, in this exam

.. code-block:: python

from umbral import pre, keys, signing
from umbral import SecretKey, PublicKey

# Generate Umbral keys for Alice.
alices_private_key = keys.UmbralPrivateKey.gen_key()
alices_public_key = alices_private_key.get_pubkey()
alices_secret_key = SecretKey.random()
alices_public_key = PublicKey.from_secret_key(alices_secret_key)

alices_signing_key = keys.UmbralPrivateKey.gen_key()
alices_verifying_key = alices_signing_key.get_pubkey()
alices_signer = signing.Signer(private_key=alices_signing_key)
alices_signing_key = SecretKey.random()
alices_verifying_key = PublicKey.from_secret_key(alices_signing_key)

# Generate Umbral keys for Bob.
bobs_private_key = keys.UmbralPrivateKey.gen_key()
bobs_public_key = bobs_private_key.get_pubkey()
bobs_secret_key = SecretKey.random()
bobs_public_key = PublicKey.from_secret_key(bobs_secret_key)


**Encryption**
Expand All @@ -89,14 +88,14 @@ Alice can open the capsule and decrypt the ciphertext with her private key.

.. code-block:: python

from umbral import encrypt, decrypt_original

# Encrypt data with Alice's public key.
plaintext = b'Proxy Re-Encryption is cool!'
ciphertext, capsule = pre.encrypt(alices_public_key, plaintext)
capsule, ciphertext = encrypt(alices_public_key, plaintext)

# Decrypt data with Alice's private key.
cleartext = pre.decrypt(ciphertext=ciphertext,
capsule=capsule,
decrypting_key=alices_private_key)
cleartext = decrypt_original(alices_secret_key, capsule, ciphertext)


**Re-Encryption Key Fragments**
Expand All @@ -107,13 +106,15 @@ which are next sent to N proxies or *Ursulas*.

.. code-block:: python

from umbral import generate_kfrags

# Alice generates "M of N" re-encryption key fragments (or "KFrags") for Bob.
# In this example, 10 out of 20.
kfrags = pre.generate_kfrags(delegating_privkey=alices_private_key,
signer=alices_signer,
receiving_pubkey=bobs_public_key,
threshold=10,
N=20)
kfrags = generate_kfrags(delegating_sk=alices_secret_key,
receiving_pk=bobs_public_key,
signing_sk=alices_signing_key,
threshold=10,
num_kfrags=20)


**Re-Encryption**
Expand All @@ -127,17 +128,13 @@ Bob must gather at least ``threshold`` cfrags in order to activate the capsule.

.. code-block:: python

# Several Ursulas perform re-encryption, and Bob collects the resulting `cfrags`.
# He must gather at least `threshold` `cfrags` in order to activate the capsule.

capsule.set_correctness_keys(delegating=alices_public_key,
receiving=bobs_public_key,
verifying=alices_verifying_key)
from umbral import reencrypt

cfrags = list() # Bob's cfrag collection
for kfrag in kfrags[:10]:
cfrag = pre.reencrypt(kfrag=kfrag, capsule=capsule)
cfrags.append(cfrag) # Bob collects a cfrag
# Several Ursulas perform re-encryption, and Bob collects the resulting `cfrags`.
cfrags = list() # Bob's cfrag collection
for kfrag in kfrags[:10]:
cfrag = pre.reencrypt(capsule=capsule, kfrag=kfrag)
cfrags.append(cfrag) # Bob collects a cfrag


**Decryption by Bob**
Expand All @@ -147,14 +144,14 @@ and then decrypts the re-encrypted ciphertext.

.. code-block:: python

# Bob activates and opens the capsule
for cfrag in cfrags:
capsule.attach_cfrag(cfrag)
from umbral import decrypt_reencrypted

bob_cleartext = pre.decrypt(ciphertext=ciphertext,
capsule=capsule,
decrypting_key=bobs_private_key)
assert bob_cleartext == plaintext
bob_cleartext = pre.decrypt_reencrypted(decrypting_sk=bobs_secret_key,
delegating_pk=alices_public_key,
capsule=capsule,
cfrags=cfrags,
ciphertext=ciphertext)
assert bob_cleartext == plaintext

See more detailed usage examples in the docs_ directory.

Expand All @@ -171,7 +168,7 @@ To install pyUmbral, simply use ``pip``:
$ pip3 install umbral


Alternatively, you can checkout the repo and install it from there.
Alternatively, you can checkout the repo and install it from there.
The NuCypher team uses ``pipenv`` for managing pyUmbral's dependencies.
The recommended installation procedure is as follows:

Expand Down
Loading