def test_pbkdf2(self):
seed = get_random_hex_str(24)
dk_len = 10
key_derivation = pbkdf2(seed, dk_len)
self.assertEqual(dk_len, len(key_derivation))
dk_len = 24
key_derivation = pbkdf2(seed, dk_len)
self.assertEqual(dk_len, len(key_derivation))
dk_len = 32
key_derivation = pbkdf2(seed, dk_len)
self.assertEqual(dk_len, len(key_derivation))
dk_len = 64
key_derivation = pbkdf2(seed, dk_len)
self.assertEqual(dk_len, len(key_derivation))
def test_bytes_kdf(self):
dk_len = 64
seed = b'\x01'
key_derivation = pbkdf2(seed, dk_len)
target_key = 'a1cb20470d89874f33383802c72d3c27a0668ebffd81934705ab0cfcbf1a1e3a' \
'06dabc1c16aa6baa394cd5d356b6eac101811b0bf78ce32a1ee893cad4b0a83f'
self.assertEqual(target_key, key_derivation.hex())
seed = b'\x02'
key_derivation = pbkdf2(seed, dk_len)
target_key = '67c60c6612920fc8c68c55d63eadb34b0812235d7b2bf4f13f5692ed8f0cd856' \
'5fb807ce100c90d2837ccfc94d8f8ba5d35cd3d6fafcd2f41f245b596e360057'
self.assertEqual(target_key, key_derivation.hex())
seed = b'\x01\x02'
key_derivation = pbkdf2(seed, dk_len)
target_key = '27704664b7e8ba3c36199f581fa3023f49fd90af918444e2d9477e82565f868a' \
'5dbee0a29283512256238cd05870a61c81ccea8a245c8973abc0618df4d3471f'
self.assertEqual(target_key, key_derivation.hex())
def decrypt_with_cbc_mode(cipher_text: bytes, private_key: bytes, iv: bytes, encode_g_tilde: bytes):
if not isinstance(private_key, bytes):
raise BotException(BotError.invalid_private_key)
if len(private_key) != 32:
raise BotException(BotError.invalid_private_key)
str_g_tilde_x = encode_g_tilde[1:33]
str_g_tilde_y = encode_g_tilde[33:65]
g_tilde_x = string_to_number(str_g_tilde_x)
g_tilde_y = string_to_number(str_g_tilde_y)
g_tilde = Point(SECP256k1.curve, g_tilde_x, g_tilde_y, SECP256k1.order)
h_tilde = g_tilde * SigningKey.from_string(string=private_key, curve=SECP256k1).privkey.secret_multiplier
seed = b''.join([encode_g_tilde, number_to_string(h_tilde.x(), SECP256k1.order)])
aes_key = pbkdf2(seed, 32)
plain_text = AESHandler.aes_cbc_decrypt(cipher_text, iv, aes_key)
return plain_text
def encrypt_with_cbc_mode(plain_text: bytes, public_key: bytes) -> (bytes, bytes, bytes):
if not isinstance(public_key, bytes):
raise BotException(BotError.invalid_public_key)
if len(public_key) != 64:
raise BotException(BotError.invalid_public_key)
r = randint(1, SECP256k1.order)
g_tilde = r * SECP256k1.generator
h_tilde = r * VerifyingKey.from_string(string=public_key, curve=SECP256k1).pubkey.point
str_g_tilde_x = number_to_string(g_tilde.x(), SECP256k1.order)
str_g_tilde_y = number_to_string(g_tilde.y(), SECP256k1.order)
encode_g_tilde = b''.join([b'\x04', str_g_tilde_x, str_g_tilde_y])
str_h_tilde_x = number_to_string(h_tilde.x(), SECP256k1.order)
seed = b''.join([encode_g_tilde, str_h_tilde_x])
aes_key = pbkdf2(seed, 32)
aes_iv, cipher_text = AESHandler.aes_cbc_encrypt(plain_text, aes_key)
return aes_iv, encode_g_tilde, cipher_text