Example #1
0
def test_ed25519_unsupported(backend):
    with raises_unsupported_algorithm(
        _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
    ):
        Ed25519PublicKey.from_public_bytes(b"0" * 32)

    with raises_unsupported_algorithm(
        _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
    ):
        Ed25519PrivateKey.from_private_bytes(b"0" * 32)

    with raises_unsupported_algorithm(
        _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
    ):
        Ed25519PrivateKey.generate()
Example #2
0
    def __init__(self):
        self.private_handshake_key = X25519PrivateKey.generate()
        self.public_handshake_key = self.private_handshake_key.public_key()

        self.private_key = Ed25519PrivateKey.generate()
        self.public_key = self.private_key.public_key()

        self.data = "data".encode('utf8')
Example #3
0
def private_key_bytes(private_key: Ed25519PrivateKey) -> bytes:
    """convert cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PrivateKey into raw bytes"""

    return private_key.private_bytes(
        encoding=serialization.Encoding.Raw,
        format=serialization.PrivateFormat.Raw,
        encryption_algorithm=serialization.NoEncryption(),
    )
Example #4
0
def create_signing_keypair():
    """
    Creates a new ed25519 keypair.

    :returns: 2-tuple of (private_key, public_key)
    """
    private_key = Ed25519PrivateKey.generate()
    return private_key, private_key.public_key()
Example #5
0
def generate_test_keys():
    private_key = Ed25519PrivateKey.generate()
    public_key = private_key.public_key()
    public_key_bytes = public_key.public_bytes(
        encoding=serialization.Encoding.Raw,
        format=serialization.PublicFormat.Raw)
    public_address = remove_0x_prefix(to_hex(public_key_bytes))
    return private_key, public_address
Example #6
0
 def test_buffer_protocol(self, backend):
     private_bytes = os.urandom(32)
     key = Ed25519PrivateKey.from_private_bytes(bytearray(private_bytes))
     assert key.private_bytes(
         serialization.Encoding.Raw,
         serialization.PrivateFormat.Raw,
         serialization.NoEncryption()
     ) == private_bytes
Example #7
0
    def test_invalid_signature(self, backend):
        key = Ed25519PrivateKey.generate()
        signature = key.sign(b"test data")
        with pytest.raises(InvalidSignature):
            key.public_key().verify(signature, b"wrong data")

        with pytest.raises(InvalidSignature):
            key.public_key().verify(b"0" * 64, b"test data")
Example #8
0
def _get_key_pair_from_sk(
        sk: ed25519.Ed25519PrivateKey) -> typing.Tuple[bytes, bytes]:
    """Returns key pair from a signing key.
    
    """
    pk = sk.public_key()

    return \
        sk.private_bytes(
            encoding=serialization.Encoding.Raw,
            format=serialization.PrivateFormat.Raw,
            encryption_algorithm=serialization.NoEncryption()
        ), \
        pk.public_bytes(
            encoding=serialization.Encoding.Raw,
            format=serialization.PublicFormat.Raw
        )
Example #9
0
    def test_invalid_signature(self, backend):
        key = Ed25519PrivateKey.generate()
        signature = key.sign(b"test data")
        with pytest.raises(InvalidSignature):
            key.public_key().verify(signature, b"wrong data")

        with pytest.raises(InvalidSignature):
            key.public_key().verify(b"0" * 64, b"test data")
Example #10
0
 def test_buffer_protocol(self, backend):
     private_bytes = os.urandom(32)
     key = Ed25519PrivateKey.from_private_bytes(bytearray(private_bytes))
     assert (key.private_bytes(
         serialization.Encoding.Raw,
         serialization.PrivateFormat.Raw,
         serialization.NoEncryption(),
     ) == private_bytes)
Example #11
0
    def sign(cls, key: 'OKP', data: bytes) -> bytes:
        if key.crv.fullname == 'ED25519':
            sk = Ed25519PrivateKey.from_private_bytes(key.d)
        elif key.crv.fullname == 'ED448':
            sk = Ed448PrivateKey.from_private_bytes(key.d)
        else:
            raise CoseException(f"Illegal curve for OKP singing: {key.crv}")

        return sk.sign(data)
Example #12
0
 def _generate_keys(self):
     privkey = Ed25519PrivateKey.generate()
     pubkey = privkey.public_key()
     self.event.settings.ticket_secrets_pretix_sig1_privkey = base64.b64encode(
         privkey.private_bytes(Encoding.PEM, PrivateFormat.PKCS8,
                               NoEncryption())).decode()
     self.event.settings.ticket_secrets_pretix_sig1_pubkey = base64.b64encode(
         pubkey.public_bytes(Encoding.PEM,
                             PublicFormat.SubjectPublicKeyInfo)).decode()
Example #13
0
 def test_load_public_bytes(self, backend):
     public_key = Ed25519PrivateKey.generate().public_key()
     public_bytes = public_key.public_bytes(
         serialization.Encoding.Raw, serialization.PublicFormat.Raw
     )
     public_key2 = Ed25519PublicKey.from_public_bytes(public_bytes)
     assert public_bytes == public_key2.public_bytes(
         serialization.Encoding.Raw, serialization.PublicFormat.Raw
     )
Example #14
0
 def loadKey(self, data):
     self.private_key = Ed25519PrivateKey.from_private_bytes(
         bytes.fromhex(data['private_key']))
     self.public_key_bytes = bytes.fromhex(data['public_key'])
     self.public_key = Ed25519PublicKey.from_public_bytes(
         self.public_key_bytes)
     self.nid = bytes.fromhex(data['myNID'])
     self.rsa_private_key = rsa.generate_private_key(public_exponent=65537,
                                                     key_size=2048)
Example #15
0
 def init_compliance_keys(self) -> jsonrpc.Transaction:
     self.compliance_key = Ed25519PrivateKey.generate()
     txn = self.create_transaction(
         self._parent_vasp,
         stdlib.encode_rotate_dual_attestation_info_script(
             new_url=b"http://helloworld.org", new_key=utils.public_key_bytes(self.compliance_key.public_key())
         ),
         testnet.TEST_CURRENCY_CODE,
     )
     return self.submit_and_wait(self._parent_vasp.sign(txn))
Example #16
0
def create_private_key(private_key_filename='key.pem', passphrase=None):
    """
    Create a new private key and store it in private_key_filename (defaults to 'key.pem', may be None for no file).
    Return public key
    """
    private_key = PrivateKey.generate()
    if private_key_filename:
        write_private_key(private_key, private_key_filename, passphrase)

    return private_key
Example #17
0
    def sign_bytes(private_key: Ed25519PrivateKey, digest: bytes) -> bytes:
        """ Signs bytest with passed Ed25519PrivateKey.

        Args:
            private_key (Ed25519PrivateKey): Signing Key.
            digest (bytes): Bytes to sign.

        Returns:
            bytes: Signature.
        """
        return private_key.sign(digest)
Example #18
0
    def public_key_from_private(
            private_key: Ed25519PrivateKey) -> Ed25519PublicKey:
        """ Returns the corresponding Ed25519PublicKey for a Ed25519PrivateKey

        Args:
            private_key (Ed25519PrivateKey): Private key.

        Returns:
            Ed25519PublicKey: Public key.
        """
        return private_key.public_key()
Example #19
0
def get_test_account():
    private_key = Ed25519PrivateKey.from_private_bytes(
        to_bytes(PRIVATE_TEST_KEY))

    public_key = private_key.public_key()
    public_key_bytes = public_key.public_bytes(
        encoding=serialization.Encoding.Raw,
        format=serialization.PublicFormat.Raw)
    public_address = remove_0x_prefix(to_hex(public_key_bytes))
    assert (public_address == PUBLIC_ADDRESS)
    return private_key, public_address
Example #20
0
    def __init__(self,
                 private_key: Ed25519PrivateKey,
                 domain: str = CORD_DOMAIN):
        self.private_key: Ed25519PrivateKey = private_key
        self.public_key: Ed25519PublicKey = private_key.public_key()
        self._public_key_hex: str = self.public_key.public_bytes(
            Encoding.Raw, PublicFormat.Raw).hex()

        self.domain = domain

        endpoint = domain + CORD_PUBLIC_USER_PATH
        super().__init__(endpoint)
Example #21
0
 def test_sign_verify_input(self, vector, backend):
     sk = binascii.unhexlify(vector["secret_key"])
     pk = binascii.unhexlify(vector["public_key"])
     message = binascii.unhexlify(vector["message"])
     signature = binascii.unhexlify(vector["signature"])
     private_key = Ed25519PrivateKey.from_private_bytes(sk)
     computed_sig = private_key.sign(message)
     assert computed_sig == signature
     public_key = private_key.public_key()
     assert (public_key.public_bytes(serialization.Encoding.Raw,
                                     serialization.PublicFormat.Raw) == pk)
     public_key.verify(signature, message)
Example #22
0
def main():
    if len(sys.argv) != 2:
        print("usage: gen_key.py <secret filename>")
        sys.exit(1)

    pk = Ed25519PrivateKey.generate()
    pem = pk.private_bytes(encoding=Encoding.PEM,
                           format=PrivateFormat.PKCS8,
                           encryption_algorithm=NoEncryption())

    with open(sys.argv[1], "wb") as f:
        f.write(pem)
Example #23
0
    def __init__(self, shop_id=None, priv_key=None):
        self._priv_key = priv_key if priv_key else Ed25519PrivateKey.generate()
        self._cup_signature = None

        self._signing_shop = Shop(shop_id)

        cup_id_digest = hashes.Hash(hashes.SHAKE128(16),
                                    backend=default_backend())
        cup_id_digest.update(
            self.pub_key.public_bytes(Encoding.PEM,
                                      PublicFormat.SubjectPublicKeyInfo))
        self._cup_id: bytes = cup_id_digest.finalize()
Example #24
0
def loadKey(data):
    private_bytes = data['private']
    private_key = Ed25519PrivateKey.from_private_bytes(
        bytes.fromhex(data['private']))
    public_bytes = data['public']
    public_key = Ed25519PublicKey.from_public_bytes(
        bytes.fromhex(data['public']))
    nid = data['nid']
    print('私钥', private_bytes)
    print('公钥', public_bytes)
    print('nid ', nid)
    return private_key, public_key, nid
Example #25
0
 def test_sign_verify_input(self, vector, backend):
     sk = binascii.unhexlify(vector["secret_key"])
     pk = binascii.unhexlify(vector["public_key"])
     message = binascii.unhexlify(vector["message"])
     signature = binascii.unhexlify(vector["signature"])
     private_key = Ed25519PrivateKey.from_private_bytes(sk)
     computed_sig = private_key.sign(message)
     assert computed_sig == signature
     public_key = private_key.public_key()
     assert public_key.public_bytes(
         serialization.Encoding.Raw, serialization.PublicFormat.Raw
     ) == pk
     public_key.verify(signature, message)
Example #26
0
    def test_invalid_public_bytes(self, backend):
        key = Ed25519PrivateKey.generate().public_key()
        with pytest.raises(ValueError):
            key.public_bytes(serialization.Encoding.Raw,
                             serialization.PublicFormat.SubjectPublicKeyInfo)

        with pytest.raises(ValueError):
            key.public_bytes(serialization.Encoding.PEM,
                             serialization.PublicFormat.PKCS1)

        with pytest.raises(ValueError):
            key.public_bytes(serialization.Encoding.PEM,
                             serialization.PublicFormat.Raw)
Example #27
0
    def load_v3_master_key(self, master_key_path):
        if master_key_path: # load key from file
            return self._load_v3_master_key_from_file(master_key_path)
        else: # generate new v3 key
            master_private_key = Ed25519PrivateKey.generate()
            master_public_key = master_private_key.public_key()
            master_pub_key_bytes = master_public_key.public_bytes(encoding=serialization.Encoding.Raw,
                                                                  format=serialization.PublicFormat.Raw)
            master_onion_address = HiddenServiceDescriptorV3.address_from_identity_key(master_pub_key_bytes)
            # cut out the onion since that's what the rest of the code expects
            master_onion_address = master_onion_address.replace(".onion", "")

            return master_private_key, master_onion_address
Example #28
0
def main():
    # generate private key
    private_key = Ed25519PrivateKey.generate()
    # generate auth key
    auth_key = AuthKey.from_public_key(private_key.public_key())

    print(
        f"Generated address: {utils.account_address_hex(auth_key.account_address())}"
    )
    print(f"Auth Key (HEX): {auth_key.hex()}")
    print(
        f"Public key (HEX): {utils.public_key_bytes(private_key.public_key()).hex()}"
    )
Example #29
0
def signing_keypair_from_string(private_key_bytes):
    """
    Load a signing keypair from a string of bytes (which includes the
    PRIVATE_KEY_PREFIX)

    :returns: a 2-tuple of (private_key, public_key)
    """

    if not isinstance(private_key_bytes, six.binary_type):
        raise ValueError('private_key_bytes must be bytes')

    private_key = Ed25519PrivateKey.from_private_bytes(
        a2b(remove_prefix(private_key_bytes, PRIVATE_KEY_PREFIX)))
    return private_key, private_key.public_key()
Example #30
0
    def test_invalid_private_bytes(self, backend):
        key = Ed25519PrivateKey.generate()
        with pytest.raises(ValueError):
            key.private_bytes(serialization.Encoding.Raw,
                              serialization.PrivateFormat.Raw, None)

        with pytest.raises(ValueError):
            key.private_bytes(serialization.Encoding.Raw,
                              serialization.PrivateFormat.PKCS8, None)

        with pytest.raises(ValueError):
            key.private_bytes(serialization.Encoding.PEM,
                              serialization.PrivateFormat.Raw,
                              serialization.NoEncryption())
Example #31
0
    def new_child_vasp(
            self, initial_balance: int, currency: str
    ) -> Tuple["LocalAccount", diem_types.TransactionPayload]:
        """Creates a new ChildVASP local account and script function"""

        child_vasp = replace(self, private_key=Ed25519PrivateKey.generate())
        payload = stdlib.encode_create_child_vasp_account_script_function(
            coin_type=utils.currency_code(currency),
            child_address=child_vasp.account_address,
            auth_key_prefix=child_vasp.auth_key.prefix(),
            add_all_currencies=False,
            child_initial_balance=initial_balance,
        )
        return (child_vasp, payload)
Example #32
0
def ed25519_private_key_from_string(string):
    """Create an ed25519 private key from ``string``, which is a seed.

    Args:
        string (str): the string to use as a seed.

    Returns:
        Ed25519PrivateKey: the private key

    """
    try:
        return Ed25519PrivateKey.from_private_bytes(base64.b64decode(string))
    except (UnsupportedAlgorithm, Base64Error) as exc:
        raise ScriptWorkerEd25519Error("Can't create Ed25519PrivateKey: {}!".format(str(exc)))
Example #33
0
    def from_dict(dic: Dict[str, str]) -> "LocalAccount":
        """from a dict that is created by LocalAccount#to_dict

        The private_key and compliance_key values are hex-encoded bytes; they will
        be loaded by `Ed25519PrivateKey.from_private_bytes`.
        """

        dic = copy(dic)
        for name in ["private_key", "compliance_key"]:
            if name not in dic:
                continue
            key = dic[name]
            dic[name] = Ed25519PrivateKey.from_private_bytes(bytes.fromhex(key))
        return LocalAccount(**dic)  # pyre-ignore
Example #34
0
def _get_key_pair(pvk: ed25519.Ed25519PrivateKey, encoding: KeyEncoding) -> typing.Tuple[str, str]:
    """Maps private key to an encoded key pair.
    
    """
    pbk = pvk.public_key()

    # PEM.
    if encoding == KeyEncoding.PEM:
        return \
            pvk.private_bytes(
                encoding=serialization.Encoding.PEM,
                format=serialization.PrivateFormat.PKCS8,
                encryption_algorithm=serialization.NoEncryption()
            ), \
            pbk.public_bytes(
                encoding=serialization.Encoding.PEM,
                format=serialization.PublicFormat.SubjectPublicKeyInfo
            )  

    # Encode -> bytes.
    pvk = pvk.private_bytes(
        encoding=serialization.Encoding.Raw,
        format=serialization.PrivateFormat.Raw,
        encryption_algorithm=serialization.NoEncryption()
    )
    pbk = pbk.public_bytes(
        encoding=serialization.Encoding.Raw,
        format=serialization.PublicFormat.Raw
    )

    # HEX.
    if encoding == KeyEncoding.HEX:
        return pvk.hex(), pbk.hex()

    # BYTES.
    return pvk, pbk
Example #35
0
def ed25519_private_key_from_string(string):
    """Create an ed25519 private key from ``string``, which is a seed.

    Args:
        string (str): the string to use as a seed.

    Returns:
        Ed25519PrivateKey: the private key

    """
    try:
        return Ed25519PrivateKey.from_private_bytes(
            base64.b64decode(string)
        )
    except (UnsupportedAlgorithm, Base64Error) as exc:
        raise ScriptWorkerEd25519Error("Can't create Ed25519PrivateKey: {}!".format(str(exc)))
Example #36
0
    def test_invalid_public_bytes(self, backend):
        key = Ed25519PrivateKey.generate().public_key()
        with pytest.raises(ValueError):
            key.public_bytes(
                serialization.Encoding.Raw,
                serialization.PublicFormat.SubjectPublicKeyInfo
            )

        with pytest.raises(ValueError):
            key.public_bytes(
                serialization.Encoding.PEM,
                serialization.PublicFormat.PKCS1
            )

        with pytest.raises(ValueError):
            key.public_bytes(
                serialization.Encoding.PEM,
                serialization.PublicFormat.Raw
            )
Example #37
0
    def test_invalid_private_bytes(self, backend):
        key = Ed25519PrivateKey.generate()
        with pytest.raises(ValueError):
            key.private_bytes(
                serialization.Encoding.Raw,
                serialization.PrivateFormat.Raw,
                None
            )

        with pytest.raises(ValueError):
            key.private_bytes(
                serialization.Encoding.Raw,
                serialization.PrivateFormat.PKCS8,
                None
            )

        with pytest.raises(ValueError):
            key.private_bytes(
                serialization.Encoding.PEM,
                serialization.PrivateFormat.Raw,
                serialization.NoEncryption()
            )
Example #38
0
def private_key_from_string(key_str):
    """Create an Ed25519PrivateKey from a base64-encoded string."""
    return Ed25519PrivateKey.from_private_bytes(
        base64.b64decode(key_str)
    )
Example #39
0
    )).decode('utf-8')


def b64_from_public_key(key):
    """Get the base64 string from an Ed25519PublicKey."""
    return base64.b64encode(key.public_bytes(
        encoding=serialization.Encoding.Raw,
        format=serialization.PublicFormat.Raw,
    )).decode('utf-8')


prefix = ""
if len(sys.argv) > 1:
    prefix = "{}_".format(sys.argv[1])

privkey = Ed25519PrivateKey.generate()
pubkey = privkey.public_key()
privkey_str = b64_from_private_key(privkey)
pubkey_str = b64_from_public_key(pubkey)

# test
privkey2 = private_key_from_string(privkey_str)
pubkey2 = public_key_from_string(pubkey_str)
assert b64_from_private_key(privkey2) == privkey_str
assert b64_from_public_key(pubkey2) == pubkey_str

with open("{}private_key".format(prefix), "w") as fh:
    fh.write(privkey_str)
with open("{}public_key".format(prefix), "w") as fh:
    fh.write(pubkey_str)
Example #40
0
 def test_generate(self, backend):
     key = Ed25519PrivateKey.generate()
     assert key
     assert key.public_key()
Example #41
0
 def test_invalid_type_private_bytes(self, backend):
     with pytest.raises(TypeError):
         Ed25519PrivateKey.from_private_bytes(object())
Example #42
0
 def test_invalid_length_from_private_bytes(self, backend):
     with pytest.raises(ValueError):
         Ed25519PrivateKey.from_private_bytes(b"a" * 31)
     with pytest.raises(ValueError):
         Ed25519PrivateKey.from_private_bytes(b"a" * 33)
Example #43
0
 def test_round_trip_private_serialization(self, encoding, fmt, encryption,
                                           passwd, load_func, backend):
     key = Ed25519PrivateKey.generate()
     serialized = key.private_bytes(encoding, fmt, encryption)
     loaded_key = load_func(serialized, passwd, backend)
     assert isinstance(loaded_key, Ed25519PrivateKey)