def decrypt( sender_pubkey: str, receiver_privkey: Union[str, bytes], msg: bytes, nonce: bytes, ) -> bytes: """ Decrypt with receiver's secp256k1 private key Parameters ---------- sender_pubkey: bytes The sender's public key receiver_privkey: Union[str, bytes] Receiver's private key (hex str or bytes) msg: bytes Data to decrypt nonce: bytes The nonce(16 bytes) used in the aes encryption Returns ------- bytes Plain text """ sender_pubkey = hex2pub(sender_pubkey) if isinstance(receiver_privkey, str): private_key = hex2prv(receiver_privkey) elif isinstance(receiver_privkey, bytes): private_key = PrivateKey(receiver_privkey) else: raise TypeError("Invalid secret key type") shared_key = decapsulate(sender_pubkey, private_key) return aes_decrypt(shared_key, msg, nonce)
def generate_keys(data_dir): """ Generates a key pair for the client. Args: data_dir (:obj:`str`): path to data directory where the keys will be stored. Returns: :obj:`tuple`: a tuple containing a ``PrivateKey`` and a ``str`` representing the client sk and compressed pk respectively. Raises: :obj:`FileExistsError`: if the key pair already exists in the given directory. """ # Create the output folder it it does not exist (and all the parents if they don't either) Path(data_dir).mkdir(parents=True, exist_ok=True) sk_file_name = os.path.join(data_dir, "sk.der") if os.path.exists(sk_file_name): raise FileExistsError("The client key pair already exists") sk = PrivateKey() pk = sk.public_key save_key(sk, sk_file_name) return sk, Cryptographer.get_compressed_pk(pk)
def parse_fromwallet(cls, kds, vds): """Class method to parse entry from wallet entry :param kds: BCDatastream object for keys :type kds: BCDataStream :param vds: BCDataStream object for values :type vds: BCDataStream :return: KeyPair :rtype: KeyPair """ pubkeyraw = kds.read_bytes(kds.read_compact_size()) privkeyraw = vds.read_bytes(vds.read_compact_size()) if len(privkeyraw) == 279: sec = privkeyraw[9:41] else: sec = privkeyraw[8:40] privkey = PrivateKey(sec) pubkey = PublicKey(pubkeyraw) if len(pubkeyraw) == 33: compress = True else: compress = False if pubkey == privkey.public_key: pubkey = privkey.public_key.format(compressed=compress) return cls( rawkey=pubkeyraw, rawvalue=privkeyraw, pubkey=pubkey, privkey=privkey, sec=sec, compressed=compress, ) else: raise KeypairError(message="Pubkey {} error".format( pubkey.format(compressed=compress).hex()))
def test_receive_mediatedtransfer_outoforder(raiden_network, private_keys): alice_app = raiden_network[0] messages = setup_messages_cb() graph = alice_app.raiden.channelgraphs.values()[0] token_address = graph.token_address mt_helper = MediatedTransferTestHelper(raiden_network, graph) initiator_address = alice_app.raiden.address path = mt_helper.get_paths_of_length(initiator_address, 2) # make sure we have no messages before the transfer assert len(messages) == 0 alice_address, bob_address, charlie_address = path amount = 10 result = alice_app.raiden.transfer_async( token_address, amount, charlie_address, ) # check for invitation ping assert len(messages) == 2 # Ping, Ack ping_message = decode(messages[0]) assert isinstance(ping_message, Ping) decoded = decode(messages[1]) assert isinstance(decoded, Ack) assert decoded.echo == sha3(ping_message.encode() + charlie_address) assert result.wait(timeout=10) gevent.sleep(1.) # check that transfer messages were added assert len(messages) == 22 # Ping, Ack + tranfer messages # make sure that the mediated transfer is sent after the invitation ping assert isinstance(decode(messages[2]), MediatedTransfer) # and now send one more mediated transfer with the same nonce, simulating # an out-of-order/resent message that arrives late locksroot = HASH lock = Lock(amount, 1, locksroot) identifier = create_default_identifier( alice_app.raiden.address, graph.token_address, charlie_address, ) mediated_transfer = MediatedTransfer(identifier=identifier, nonce=1, token=token_address, transferred_amount=amount, recipient=bob_address, locksroot=locksroot, lock=lock, target=charlie_address, initiator=initiator_address, fee=0) alice_key = PrivateKey(private_keys[0]) bob_app = mt_helper.get_app_from_address(bob_address) sign_and_send(mediated_transfer, alice_key, alice_address, bob_app)
def test_decode_tampered_refund_transfer(tester_state, tester_nettingchannel_library_address): privatekey0 = tester.DEFAULT_KEY address0 = privatekey_to_address(privatekey0) decoder = deploy_decoder_tester(tester_state, tester_nettingchannel_library_address) refund_transfer = make_refund_transfer() refund_transfer.sign(PrivateKey(privatekey0), address0) message_encoded = refund_transfer.encode() transfer_raw, _ = decoder.getTransferRawAddress(message_encoded) names_slices = compute_slices(messages.RefundTransfer.fields_spec) for name, slice_ in names_slices.iteritems(): if name == 'signature': continue tampered_transfer = bytearray(transfer_raw) tampered_transfer.pop(slice_.start) tampered_transfer = str(tampered_transfer) with pytest.raises(TransactionFailed): decoder.decodeTransfer(tampered_transfer) tampered_transfer = bytearray(transfer_raw) tampered_transfer.pop(slice_.stop - 1) tampered_transfer = str(tampered_transfer) with pytest.raises(TransactionFailed): decoder.decodeTransfer(tampered_transfer)
def test_decode_mediated_transfer( amount, identifier, nonce, transferred_amount, locksroot, fee, tester_state, tester_nettingchannel_library_address): privatekey0 = tester.DEFAULT_KEY address0 = privatekey_to_address(privatekey0) decoder = deploy_decoder_tester(tester_state, tester_nettingchannel_library_address) mediated_transfer = make_mediated_transfer( amount=amount, identifier=identifier, nonce=nonce, fee=fee, transferred_amount=transferred_amount, locksroot=locksroot, ) mediated_transfer.sign(PrivateKey(privatekey0), address0) assert_decoder_results(mediated_transfer, decoder)
def make_direct_transfer_from_channel(block_number, from_channel, partner_channel, amount, pkey): """ Helper to create and register a direct transfer from `from_channel` to `partner_channel`. """ identifier = from_channel.get_next_nonce() direct_transfer_msg = from_channel.create_directtransfer( amount, identifier=identifier, ) address = privatekey_to_address(pkey) sign_key = PrivateKey(pkey) direct_transfer_msg.sign(sign_key, address) # if this fails it's not the right key for the current `from_channel` assert direct_transfer_msg.sender == from_channel.our_state.address from_channel.register_transfer( block_number, direct_transfer_msg, ) partner_channel.register_transfer( block_number, direct_transfer_msg, ) return direct_transfer_msg
def make_privkey_address(): private_key_bin = sha3(''.join( random.choice(string.printable) for _ in range(20))) privkey = PrivateKey(private_key_bin) pubkey = privkey.public_key.format(compressed=False) address = publickey_to_address(pubkey) return privkey, address
def signRecoverableMessage(pri_key, message): message = prepareMessage(message) privkey = PrivateKey( pri_key ) # we expect to have a private key as bytes. unhexlify it before passing. sig_check = privkey.sign_recoverable(message) return electrumSig(sig_check)
def test_close_wrong_channel(tester_channels): """ Close must not accept a transfer aimed at a different channel. """ pkey0, pkey1, nettingchannel, channel0, _ = tester_channels[0] opened_block = nettingchannel.opened(sender=pkey0) wrong_address = make_address() # make a transfer where the recipient is totally wrong transfer_wrong_channel = DirectTransfer( identifier=1, nonce=1 + (opened_block * (2**32)), token=channel0.token_address, channel=wrong_address, transferred_amount=10, recipient=channel0.our_state.address, locksroot=EMPTY_MERKLE_ROOT, ) transfer_wrong_channel.sign(PrivateKey(pkey1), privatekey_to_address(pkey1)) transfer_wrong_channel_hash = sha3( transfer_wrong_channel.packed().data[:-65]) with pytest.raises(TransactionFailed): nettingchannel.close( transfer_wrong_channel.nonce, transfer_wrong_channel.transferred_amount, transfer_wrong_channel.locksroot, transfer_wrong_channel_hash, transfer_wrong_channel.signature, sender=pkey0, )
def test_update_must_fail_with_a_nonparticipant_transfer( tester_channels, private_keys): """ updateTransfer must not accept a transfer from a non participant. """ pkey0, pkey1, nettingchannel, channel0, channel1 = tester_channels[0] nonparticipant_key = private_keys[2] # make a transfer where pkey1 is the target transfer_nonparticipant = DirectTransfer( identifier=1, nonce=1, token=channel0.token_address, transferred_amount=10, recipient=channel1.our_address, locksroot='', ) nonparticipant_address = privatekey_to_address(nonparticipant_key) nonparticipant_sign_key = PrivateKey(nonparticipant_key) transfer_nonparticipant.sign(nonparticipant_sign_key, nonparticipant_address) transfer_nonparticipant_data = str(transfer_nonparticipant.packed().data) nettingchannel.close('', sender=pkey0) with pytest.raises(TransactionFailed): nettingchannel.updateTransfer(transfer_nonparticipant_data, sender=pkey1)
def test_update_must_fail_with_a_channel_address(tester_channels): """ updateTransfer must not accept a transfer signed with the wrong channel address. """ pkey0, pkey1, nettingchannel, channel0, channel1 = tester_channels[0] opened_block = nettingchannel.opened(sender=pkey0) wrong_channel = factories.make_address() # make a transfer where pkey1 is the target transfer_wrong_recipient = DirectTransfer( identifier=1, nonce=1 + (opened_block * (2**32)), token=channel0.token_address, channel=wrong_channel, transferred_amount=10, recipient=channel1.our_state.address, locksroot=EMPTY_MERKLE_ROOT, ) our_address = privatekey_to_address(pkey0) our_sign_key = PrivateKey(pkey0) transfer_wrong_recipient.sign(our_sign_key, our_address) nettingchannel.close(sender=pkey0) transfer_wrong_recipient_hash = sha3( transfer_wrong_recipient.packed().data[:-65]) with pytest.raises(TransactionFailed): nettingchannel.updateTransfer( transfer_wrong_recipient.nonce, transfer_wrong_recipient.transferred_amount, transfer_wrong_recipient.locksroot, transfer_wrong_recipient_hash, transfer_wrong_recipient.signature, sender=pkey1, )
def test_close_valid_tranfer_different_token(tester_state, tester_nettingcontracts, token_amount, tester_events): """ Valid messages from a different channel must be rejected. """ pkey0, pkey1, nettingchannel = tester_nettingcontracts[0] from raiden.tests.fixtures.tester import ( tester_token, tester_token_address, ) private_keys = [pkey0, pkey1] other_token = tester_token( token_amount, private_keys, tester_state, tester_token_address(private_keys, token_amount, tester_state), tester_events, ) opened_block = nettingchannel.opened(sender=pkey0) nonce = 1 + (opened_block * (2**32)) direct_transfer_other_token = make_direct_transfer( nonce=nonce, token=other_token.address, ) address = privatekey_to_address(pkey0) sign_key = PrivateKey(pkey0) direct_transfer_other_token.sign(sign_key, address) direct_transfer_data = direct_transfer_other_token.encode() with pytest.raises(TransactionFailed): nettingchannel.close(direct_transfer_data, sender=pkey1)
def convert(self, value, param, ctx) -> PrivateKey: val = value[2:] if value.startswith(('0x', '0X')) else value try: num = bytes.fromhex(val) return PrivateKey(num) except (ValueError, TypeError): self.fail('%s is not a valid private key of 64 hexadecimal digits')
def __init__(self, private_key, env: Optional[BinanceEnvironment] = None): super().__init__(env) self._private_key = private_key self._pk = PrivateKey(bytes.fromhex(self._private_key)) self._public_key = self._pk.public_key.format(compressed=True) self._address = address_from_public_key(self._public_key, self._env.hrp)
def __init__(self, generate_keys=0): self.tester = EthereumTester(PyEVMBackend()) self.web3 = Web3(EthereumTesterProvider(self.tester)) if generate_keys > 0: generated_keys = [urandom(32) for _ in range(generate_keys)] self.private_keys = [PrivateKey(key) for key in generated_keys] self.accounts = [ self.tester.add_account(f'{encode_hex(key)}') for key in generated_keys ] for account in self.accounts: self.tester.send_transaction({ 'from': self.tester.get_accounts()[0], 'to': account, 'value': 10**21, 'gas': 21000, }) else: self.accounts = self.tester.get_accounts() self.contract_manager = ContractManager(CONTRACTS_SOURCE_DIRS) self.name_to_creation_hash = dict() self.name_to_contract = dict()
def load(file_path: str, password: str) -> 'KeyWallet': """Loads a wallet from a keystore file with your password and generates an instance of Wallet. :param file_path: File path of the keystore file. type(str) :param password: Password for the keystore file. It must include alphabet character, number, and special character. :return: An instance of Wallet class. """ try: with open(file_path, 'rb') as file: private_key: bytes = extract_key_from_keyfile( file, bytes(password, 'utf-8')) private_key_object = PrivateKey(private_key) wallet = KeyWallet(private_key_object) logger.info( f"Loaded Wallet by the keystore file. Address: {wallet.get_address()}, File path: {file_path}" ) return wallet except FileNotFoundError: logger.exception( f"Raised KeyStoreException while loading the wallet by the keystore file because the file is not found." ) raise KeyStoreException("File is not found.") except ValueError: logger.exception( f"Raised KeyStoreException while loading the wallet by the keystore file because the password is wrong." ) raise KeyStoreException("Password is wrong.") except Exception as e: logger.exception( f"Raised KeyStoreException while loading the wallet by the keystore file. Error message: {e}" ) raise KeyStoreException(f'keystore file error.{e}')
def test_close_accepts_only_transfer_from_participants(tester_channels, private_keys): """ Close must not accept a transfer signed by a non participant. """ pkey0, _, nettingchannel, channel0, _ = tester_channels[0] nonparticipant_key = private_keys[2] opened_block = nettingchannel.opened(sender=pkey0) # make a transfer where pkey0 is the target transfer_nonparticipant = DirectTransfer( identifier=1, nonce=1 + (opened_block * (2**32)), token=channel0.token_address, channel=channel0.identifier, transferred_amount=10, recipient=channel0.our_state.address, locksroot=EMPTY_MERKLE_ROOT, ) nonparticipant_address = privatekey_to_address(nonparticipant_key) nonparticipant_sign_key = PrivateKey(nonparticipant_key) transfer_nonparticipant.sign(nonparticipant_sign_key, nonparticipant_address) transfer_nonparticipant_hash = sha3( transfer_nonparticipant.packed().data[:-65]) with pytest.raises(TransactionFailed): nettingchannel.close( transfer_nonparticipant.nonce, transfer_nonparticipant.transferred_amount, transfer_nonparticipant.locksroot, transfer_nonparticipant_hash, transfer_nonparticipant.signature, sender=pkey0, )
def test_receive_hashlocktransfer_unknown(raiden_network): app0 = raiden_network[0] # pylint: disable=unbalanced-tuple-unpacking graph0 = app0.raiden.channelgraphs.values()[0] other_key = PrivateKey(HASH2) other_address = privatekey_to_address(HASH2) amount = 10 refund_transfer = make_refund_transfer( identifier=1, nonce=1, token=graph0.token_address, transferred_amount=amount, recipient=app0.raiden.address, locksroot=HASH, amount=amount, hashlock=HASH, ) sign_and_send(refund_transfer, other_key, other_address, app0) secret = Secret(1, HASH, graph0.token_address) sign_and_send(secret, other_key, other_address, app0) secret_request = SecretRequest(1, HASH, 1) sign_and_send(secret_request, other_key, other_address, app0) reveal_secret = RevealSecret(HASH) sign_and_send(reveal_secret, other_key, other_address, app0)
def test_close_accepts_only_transfer_from_participants(tester_channels, private_keys): """ Close must not accept a transfer from a non participant. """ pkey0, _, nettingchannel, channel0, _ = tester_channels[0] nonparticipant_key = private_keys[2] opened_block = nettingchannel.opened(sender=pkey0) # make a transfer where pkey0 is the target transfer_nonparticipant = DirectTransfer( identifier=1, nonce=1 + (opened_block * (2**32)), token=channel0.token_address, transferred_amount=10, recipient=channel0.our_address, locksroot='', ) nonparticipant_address = privatekey_to_address(nonparticipant_key) nonparticipant_sign_key = PrivateKey(nonparticipant_key) transfer_nonparticipant.sign(nonparticipant_sign_key, nonparticipant_address) transfer_nonparticipant_data = str(transfer_nonparticipant.packed().data) with pytest.raises(TransactionFailed): nettingchannel.close(transfer_nonparticipant_data, sender=pkey0)
def test_withdraw_tampered_lock_amount(tree, tester_channels, tester_state, tester_token, settle_timeout): """ withdraw must fail if the lock amonut is tampered. """ pkey0, pkey1, nettingchannel, channel0, _ = tester_channels[0] current_block = tester_state.block.number expiration = current_block + settle_timeout - 1 locks = [ make_lock( hashlock=hashlock, expiration=expiration, ) for hashlock in tree ] merkle_tree = Merkletree(sha3(lock.as_bytes) for lock in locks) opened_block = nettingchannel.opened(sender=pkey0) nonce = 1 + (opened_block * (2**32)) direct_transfer = make_direct_transfer( nonce=nonce, channel=channel0.channel_address, locksroot=merkle_tree.merkleroot, token=tester_token.address, recipient=privatekey_to_address(pkey1)) address = privatekey_to_address(pkey0) sign_key = PrivateKey(pkey0) direct_transfer.sign(sign_key, address) direct_transfer_hash = sha3(direct_transfer.packed().data[:-65]) nettingchannel.close( direct_transfer.nonce, direct_transfer.transferred_amount, direct_transfer.locksroot, direct_transfer_hash, direct_transfer.signature, sender=pkey1, ) for lock in locks: secret = HASHLOCKS_SECRESTS[lock.hashlock] lock_encoded = lock.as_bytes merkle_proof = merkle_tree.make_proof(sha3(lock_encoded)) tampered_lock = make_lock( amount=lock.amount * 100, hashlock=lock.hashlock, expiration=lock.expiration, ) tampered_lock_encoded = sha3(tampered_lock.as_bytes) with pytest.raises(TransactionFailed): nettingchannel.withdraw( tampered_lock_encoded, ''.join(merkle_proof), secret, sender=pkey1, )
def private_key_to_address(private_key: Union[str, bytes]) -> Address: """ Converts a private key to an Ethereum address. """ if isinstance(private_key, str): private_key = decode_hex(private_key) assert isinstance(private_key, bytes) privkey = PrivateKey(private_key) return public_key_to_address(privkey.public_key)
def test_encode_public(self): secretkey = PrivateKey(secret=b16decode(self.secret_2)) publickey = PublicKey.from_secret(secretkey.secret) self.assertEqual(self.public_address, integrity.compute_public_address(publickey)) self.assertEqual(self.public_digest, b16encode(integrity.public_digest(publickey)))
def gen_keys(mnemonic): w = Wallet(mnemonic) sk, opk = w.derive_account("eth", account=0) sk = PrivateKey(sk) pk = PublicKey(opk) return sk, pk, opk
def setUp(self): private_key_string = 'b344570eb80043d7c5ae9800c813b8842660898bf03cbd41e583b4e54af4e7fa' self._private_key = PrivateKey( bytes(bytearray.fromhex(private_key_string))) self._public_key = self._private_key.public_key.format( compressed=False) self.chain = AElf(self._url) self.toolkit = AElfToolkit(self._url, self._private_key)
def sign_data(cls, pri_key: bytes, digest_bytes: bytes): privkey = PrivateKey(pri_key) # we expect to have a private key as bytes. unhexlify it before passing. item = cls() item.pub_key = privkey.public_key.format() item.digest_bytes = digest_bytes item.sig_ser = privkey.sign(digest_bytes, hasher=None) return item
def private_key_to_address(private_key: Union[str, bytes]) -> ChecksumAddress: """ Converts a private key to an Ethereum address. """ if isinstance(private_key, str): private_key_bytes = to_bytes(hexstr=private_key) else: private_key_bytes = private_key pk = PrivateKey(private_key_bytes) return public_key_to_address(pk.public_key)
def get_public_from_private(priv: Union[bytearray, bytes, str]): """Gets public key from private key.""" if isinstance(priv, str): priv = bytes.fromhex(priv) privkey = PrivateKey(priv) return privkey.public_key.format(compressed=False)[1:]
def private_key_to_address(private_key: Union[str, bytes]) -> Address: """ Converts a private key to an Ethereum address. """ if isinstance(private_key, str): private_key = to_bytes(hexstr=private_key) assert isinstance(private_key, bytes) pk = PrivateKey(private_key) return public_key_to_address(pk.public_key)
def test_hdkf(self): derived = HKDF(b'secret', 32, b'', SHA256).hex() self.assertEqual( derived, "2f34e5ff91ec85d53ca9b543683174d0cf550b60d5f52b24c97b386cfcf6cbbf") k1 = PrivateKey(secret=bytes([2])) self.assertEqual(k1.to_int(), 2) k2 = PrivateKey(secret=bytes([3])) self.assertEqual(k2.to_int(), 3) self.assertEqual(encapsulate(k1, k2.public_key), decapsulate(k1.public_key, k2)) self.assertEqual( encapsulate(k1, k2.public_key).hex(), "6f982d63e8590c9d9b5b4c1959ff80315d772edd8f60287c9361d548d5200f82")