Skip to content
Snippets Groups Projects
Normal view Permalink
privacypass.py 2.53 KiB
Newer Older
  • Learn to ignore specific revisions
    • Jean-Paul Calderone's avatar
    docs  
    Jean-Paul Calderone committed
    1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 
    # Copyright 2019 PrivateStorage.io, LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

"""
Ristretto-flavored PrivacyPass helpers for the test suite.
"""
    Jean-Paul Calderone's avatar
    Use ``passes`` to authorized ``allocate_buckets``.
    Jean-Paul Calderone committed
    19 20 21 22 23 24 25 26 27 28 
    from __future__ import (
    absolute_import,
)

from privacypass import (
    BatchDLEQProof,
    PublicKey,
)

def make_passes(signing_key, for_message, random_tokens):
    Jean-Paul Calderone's avatar
    docs  
    Jean-Paul Calderone committed
    29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 
        """
    Create a number of cryptographically correct privacy passes.

    :param privacypass.SigningKey signing_key: The key to use to sign the
        passes.

    :param unicode for_message: The request-binding message with which to
        associate the passes.

    :param list[privacypass.RandomToken] random_tokens: The random tokens to
        feed in to the pass generation process.

    :return list[unicode]: The privacy passes.  The returned list has one
        element for each element of ``random_tokens``.
    """
    Jean-Paul Calderone's avatar
    Use ``passes`` to authorized ``allocate_buckets``.
    Jean-Paul Calderone committed
    44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 
        blinded_tokens = list(
        token.blind()
        for token
        in random_tokens
    )
    signatures = list(
        signing_key.sign(blinded_token)
        for blinded_token
        in blinded_tokens
    )
    proof = BatchDLEQProof.create(
        signing_key,
        blinded_tokens,
        signatures,
    )
    unblinded_signatures = proof.invalid_or_unblind(
        random_tokens,
        blinded_tokens,
        signatures,
        PublicKey.from_signing_key(signing_key),
    )
    preimages = list(
        unblinded_signature.preimage()
        for unblinded_signature
        in unblinded_signatures
    )
    verification_keys = list(
        unblinded_signature.derive_verification_key_sha512()
        for unblinded_signature
        in unblinded_signatures
    )
    message_signatures = list(
        verification_key.sign_sha512(for_message.encode("utf-8"))
        for verification_key
        in verification_keys
    )
    passes = list(
        u"{} {}".format(
            preimage.encode_base64().decode("ascii"),
            signature.encode_base64().decode("ascii"),
        ).encode("ascii")
        for (preimage, signature)
        in zip(preimages, message_signatures)
    )
    return passes