search

Fraunhofer-AISEC / rabe

rabe is an Attribute Based Encryption library, written in Rust
MIT License
76 stars 20 forks source link

Error in encrypt files #11

Closed lindrix closed 5 months ago

lindrix commented 1 year ago

Hi. My name is Humberto. I am studying about ABE, and I get rabe-console to test it. But i don't take success in file encrypt e decryption. For example:

Start with:

$ rabe --s AC17CP setup $ rabe --s AC17CP keygen --a 'A B'

In the encryption example 1:

rabe --s AC17CP encrypt pk.key 'B' teste.doc

It finish at error:

error: The following required arguments were not provided:

USAGE: rabe encrypt [ARGS] And other example, 2: rabe encrypt pk.key "B" ./teste.doc error: The following required arguments were not provided: USAGE: rabe \-\-s encrypt [ARGS] How to encrypt the teste.doc, and after decrypt it? Would you add a full use scenario in the Rabe Console README file? Thank you for attention.
PekeDevil commented 1 year ago

Hi, we need more information, which are the arguments not provided? It's not clear in your message.

lindrix commented 1 year ago

Hi, PekeDevil. In your rabe-console Readme has this:

"Setup a AC17 KP-ABE scheme $ rabe --s AC17CP setup This generates msk.key and pk.key Generate a new key with attributes "A" and "B" $ rabe --s AC17CP keygen --a 'A B'"

Ok. But i want to encrypt a file. I try to make this with this command:

rabe --s AC17CP encrypt pk.key 'B' teste.doc

But it doesn't work. It finishes in a error.

What is the correct command to encrypt a file with rabe-console?

And what's correct command for decrypt this files later?

lindrix commented 1 year ago

The rabe-console help doesn't help me in this question.

PekeDevil commented 1 year ago

What I'm saying is that you should paste the error message. That being said, I'm not the author of Rabe, but I'm pretty sure that to encrypt something using CP-ABE you need to provide the global parameters (created during setup, I guess that that's the pk.key) and the access policy. "B" may not be recognized as an access policy, and instead, the library may be confusing it with an attribute.

lindrix commented 1 year ago

I understand. The error is this:

**``` error: The following required arguments were not provided:

USAGE: rabe encrypt [ARGS]

And other example, 2:

rabe encrypt pk.key "B" ./teste.doc

error: The following required arguments were not provided:

USAGE: rabe --s encrypt [ARGS]



I am trying to run the command how to you explain me. Thanks!
lindrix commented 1 year ago

New errors:

$ rabe --s AC17CP encrypt pk.key 1 of 'A B' teste.doc

error: The following required arguments were not provided:
    <f>

USAGE:
    rabe encrypt <f> [ARGS]

$ rabe --s AC17CP encrypt teste.doc pk.key 'A>2'

error: The following required arguments were not provided:
    <f>

USAGE:
    rabe encrypt <f> [ARGS]
PekeDevil commented 1 year ago

There is so much to say here, but let's start with A>2 or A B not being access policies. I understand you must be quite frustrated by now, but revise twice your commands because you're starting to have some typing mistakes.

rabe encrypt pk.key "B" ./teste.doc you did not provide the --s flag rabe --s AC17CP encrypt pk.key 1 of 'A B' teste.doc: you have a 1 there that should not exist. rabe --s AC17CP encrypt teste.doc pk.key A>2 you have not provided the public key. Also, A>2 may not be considered a valid access policy in many schemes and libraries.

Again, no idea how the rabe-console works, but using access policies accepted by the scheme you have chosen can be a good starting point e.g., r#""A" and "B""# as shown in the documentation or something along the lines of A and B at the very least.

According to the command line code for encryption, you need GP_FILE, PK_FILE, ATTRIBUTES, POLICY, FILE. The parameters depend on KP-ABE or CP-ABE.

You have chosen a CP-ABE scheme, so for encryption you need the public parameters, a policy, and a file.

Try this: rabe --s AC17CP setup creates msk.key and pk.key rabe --s AC17CP keygen --a 'A B' this creates a private key that contains A and B as attributes rabe --s AC17CP encrypt pk.key 'A and B' ./teste.doc this should encrypt test.doc according to the defined access policy.

Check if this works, and what file encrypt returns, and then decryption should be straightforward.

lindrix commented 1 year ago

I understood. But still no work the encryption file with rabe:

error_rabe

PekeDevil commented 1 year ago

Hello, after rechecking the code, the error asks you to input the file after "encrypt". However, it has not worked when I tried this on my machine. It may be a problem with the extension, but I cannot say. Using the flag --help does not provide much more information.

I have used this library by running a .rs file, which seems to be the best option. Sorry for not being of help!

lindrix commented 1 year ago

You got where i got, PekeDevil. But i am grateful for your help. Thank you!

georgbramm commented 5 months ago

1) Start with compiling the console app (in the main folder): $ cargo build --color=always -p rabe-console --release 2) create a new scheme with pk/msk (in the main folder): $ ./target/release/rabe --s AC17CP setup 3) create a keypair with attributes A and B $ ./target/release/rabe --s AC17CP keygen --a "A B" 4) encrypt a file 'msk.key' with a policy A or B ./target/release/rabe --s AC17CP encrypt msk.key '"A" or "B"'

I know its kind of confusing that sometimes --, other times - and in some cases there is no - at all. Thats all based on clap. Maybe an updated implementation with latest clap would help. This will be done in one of the next updates.