123456789101112131415161718192021222324252627282930313233343536 |
- def test_depseudonymize(self):
- ip = os.urandom(16)
- # manually compute investigator-local pseudonym
- pseudonym_secrets = {}
- for peer_secrets in self.secrets.peers.values():
- for shard, shard_secrets in peer_secrets.by_shard.items():
- pseudonym_secrets[shard] \
- = shard_secrets.pseudonym_component_secret
- s = 1
- e = ed25519.scalar_unpack(common.sha256(b"PEP3 investigator"))
- for secret in pseudonym_secrets.values():
- s *= pow(ed25519.scalar_unpack(secret), e, ed25519.l)
- s %= ed25519.l
- investigator_local_ip = (ed25519.Point.lizard(ip) * s).pack()
- # manually create warrant
- warrant = pep3_pb2.DepseudonymizationRequest.Warrant()
- warrant.act.actor = b"PEP3 investigator"
- warrant.act.name.state = pep3_pb2.Pseudonymizable.UNENCRYPTED_PSEUDONYM
- warrant.act.name.data = investigator_local_ip
- self.investigator.encrypt([warrant.act.name],
- self.investigator.public_keys['pseudonym'])
- warrant.signature = crypto.sign(
- crypto.load_privatekey(crypto.FILETYPE_PEM,
- self.secrets.root_certificate_keys.warrants),
- warrant.act.SerializeToString(), 'sha256')
- result = self.investigator.connect_to("investigator") \
- .Depseudonymize(warrant)
- self.assertEqual(result.data, ip)
|