def test_demo_user_keys(self):
sk_base58 = b"29oiwbqkhLGBuX5teL5d2vsiJ3EXk3dpyBiPwA7W9DJG"
sk_decoded = base58.b58decode(sk_base58)
hash = pyscrypt.hash(password=b"demouser",
salt=b"demouser",
N=1024,
r=1,
p=1,
dkLen=32)
sk = base58.b58encode(hash)
hex_sk = binascii.b2a_hex(hash)
print('Secret Key:', sk, 'length: ', len(sk))
self.assertEqual(sk_base58, sk)
self.assertEqual(sk_decoded, hash)
#print(sk)
keypair = libnacl.public.SecretKey(hash)
# 2ipFYsqXnrw4Mt2RUWzEQntAH1FEFB8R52rAT3eExn9S
pk_base58 = base58.b58encode(keypair.pk)
pk_decoded = base58.b58decode(pk_base58)
self.assertEqual(pk_decoded, keypair.pk)
print('Public Key:', pk_base58, 'length: ', len(pk_base58))
print("XID: ", crypto.key_to_xid(keypair.pk))
def get_security_keys(self):
keyfile = os.path.join(environ.conf_dir(), KEYFILE)
keys = config.load_conf(keyfile)
self.__secret = keys.get('secret')
self.user_xid = keys.get('user')
self.__secret = os.environ.get(AVA_AGENT_SECRET, self.__secret)
self.user_xid = os.environ.get(AVA_USER_XID, self.user_xid)
if self.user_xid is None and not settings['debug']:
logger.error('No User XID is specified!')
raise SystemExit(2)
if self.__secret:
self.__secret = crypto.string_to_secret(self.__secret)
pk, sk = crypto.generate_keypair(sk=self.__secret)
self.key = pk
else:
logger.debug("No secret key is given, generating one...")
pk, sk = crypto.generate_keypair()
self.__secret = sk
self.key = pk
self.xid = crypto.key_to_xid(self.key)
logger.debug("The agent's XID: %s", self.xid)
if not self.user_xid and settings['debug']:
logger.debug("User XID not given via environment variable. " +
"Generating one...")
self.user_xid = \
b'AYPwK3c3VK7ZdBvKfcbV5EmmCZ8zSb9viZ288gKFBFuE92jE'
logger.debug("The agent's user XID: %s", self.user_xid)
def test_convert_key_to_xid_back_and_forth(self):
keypair = libnacl.public.SecretKey()
xid = crypto.key_to_xid(keypair.pk)
print(xid)
self.assertTrue(crypto.validate_xid(xid))
pk = crypto.xid_to_key(xid)
self.assertEqual(keypair.pk, pk)
def test_demo_user_keys(self):
sk_base58 = b"29oiwbqkhLGBuX5teL5d2vsiJ3EXk3dpyBiPwA7W9DJG"
sk_decoded = base58.b58decode(sk_base58)
hash = pyscrypt.hash(password=b"demouser",
salt=b"demouser",
N=1024,
r=1,
p=1,
dkLen=32)
sk = base58.b58encode(hash)
hex_sk = binascii.b2a_hex(hash)
print('Secret Key:', sk, 'length: ', len(sk))
self.assertEqual(sk_base58, sk)
self.assertEqual(sk_decoded, hash)
#print(sk)
keypair = libnacl.public.SecretKey(hash)
# 2ipFYsqXnrw4Mt2RUWzEQntAH1FEFB8R52rAT3eExn9S
pk_base58 = base58.b58encode(keypair.pk)
pk_decoded = base58.b58decode(pk_base58)
self.assertEqual(pk_decoded, keypair.pk)
print('Public Key:', pk_base58, 'length: ', len(pk_base58))
print("XID: ", crypto.key_to_xid(keypair.pk))
def test_convert_key_to_xid_back_and_forth(self):
keypair = libnacl.public.SecretKey()
xid = crypto.key_to_xid(keypair.pk)
print(xid)
self.assertTrue(crypto.validate_xid(xid))
pk = crypto.xid_to_key(xid)
self.assertEqual(keypair.pk, pk)
def get_security_keys(self):
keyfile = os.path.join(environ.conf_dir(), KEYFILE)
keys = config.load_conf(keyfile)
self.__secret = keys.get('secret')
self.user_xid = keys.get('user')
self.__secret = os.environ.get(AVA_AGENT_SECRET, self.__secret)
self.user_xid = os.environ.get(AVA_USER_XID, self.user_xid)
if self.user_xid is None and not settings['debug']:
logger.error('No User XID is specified!')
raise SystemExit(2)
if self.__secret:
self.__secret = crypto.string_to_secret(self.__secret)
pk, sk = crypto.generate_keypair(sk=self.__secret)
self.key = pk
else:
logger.debug("No secret key is given, generating one...")
pk, sk = crypto.generate_keypair()
self.__secret = sk
self.key = pk
self.xid = crypto.key_to_xid(self.key)
logger.debug("The agent's XID: %s", self.xid)
if not self.user_xid and settings['debug']:
logger.debug("User XID not given via environment variable. " +
"Generating one...")
self.user_xid = \
b'AYPwK3c3VK7ZdBvKfcbV5EmmCZ8zSb9viZ288gKFBFuE92jE'
logger.debug("The agent's user XID: %s", self.user_xid)
def gen_random_key(ctx):
if ctx.obj['verbosity']:
click.echo("Generating random key...")
(pk, sk) = crypto.generate_keypair()
xid = crypto.key_to_xid(pk)
secret_str = crypto.secret_to_string(sk)
key_str = crypto.key_to_string(pk)
res = dict(xid=xid, key=key_str, secret=secret_str)
click.echo(json.dumps(res, sort_keys=True, indent=4, separators=(',', ': ')))
return 0
def test_generate_keypair(self):
bob = libnacl.public.SecretKey()
assert bob is not None
self.assertEqual(len(bob.sk), 32)
sk = base58.b58encode(bob.sk)
pk = base58.b58encode(bob.pk)
xid = crypto.key_to_xid(bob.pk)
print("Public key: ", pk, ", len: ", len(pk))
print("Secret key: ", sk, ", len: ", len(sk))
print("XID: ", xid, ", len: ", len(xid))
def test_generate_keypair(self):
bob = libnacl.public.SecretKey()
assert bob is not None
self.assertEqual(len(bob.sk), 32)
sk = base58.b58encode(bob.sk)
pk = base58.b58encode(bob.pk)
xid = crypto.key_to_xid(bob.pk)
print("Public key: ", pk, ", len: ", len(pk))
print("Secret key: ", sk, ", len: ", len(sk))
print("XID: ", xid, ", len: ", len(xid))
def test_can_encode_and_decode_token(self):
alice_keys = crypto.generate_keypair()
bob_keys = crypto.generate_keypair()
#
payload = {'iss': crypto.key_to_xid(alice_keys[0])}
# Alice signed the payload to Bob
encoded_token = token.encode(payload, alice_keys[1], bob_keys[0])
print("ecnoded_token", encoded_token)
decoded_payload = token.decode(encoded_token, bob_keys[1])
assert 'iss' in decoded_payload
def test_can_encode_and_decode_token(self):
alice_keys = crypto.generate_keypair()
bob_keys = crypto.generate_keypair()
#
payload = {"iss": crypto.key_to_xid(alice_keys[0])}
# Alice signed the payload to Bob
encoded_token = token.encode(payload, alice_keys[1], bob_keys[0])
print("ecnoded_token", encoded_token)
decoded_payload = token.decode(encoded_token, bob_keys[1])
assert "iss" in decoded_payload
def generate(ctx, salt=None, password=None):
""" Generate random key or derive from salt and password.
"""
if not salt and not password:
return gen_random_key(ctx)
if not (salt and password):
if not salt:
click.echo("Missing option: salt")
if not password:
click.echo("Missing option: password")
return 1
sk = crypto.derive_secret_key(password, salt)
(pk, sk) = crypto.generate_keypair(sk=sk)
xid = crypto.key_to_xid(pk)
secret_str = crypto.secret_to_string(sk)
key_str = crypto.key_to_string(pk)
res = dict(xid=xid, key=key_str, secret=secret_str)
click.echo(json.dumps(res, sort_keys=True, indent=4, separators=(',', ': ')))
return 0
