def test_pbkdf2(self): seed = get_random_hex_str(24) dk_len = 10 key_derivation = pbkdf2(seed, dk_len) self.assertEqual(dk_len, len(key_derivation)) dk_len = 24 key_derivation = pbkdf2(seed, dk_len) self.assertEqual(dk_len, len(key_derivation)) dk_len = 32 key_derivation = pbkdf2(seed, dk_len) self.assertEqual(dk_len, len(key_derivation)) dk_len = 64 key_derivation = pbkdf2(seed, dk_len) self.assertEqual(dk_len, len(key_derivation))
def test_bytes_kdf(self): dk_len = 64 seed = b'\x01' key_derivation = pbkdf2(seed, dk_len) target_key = 'a1cb20470d89874f33383802c72d3c27a0668ebffd81934705ab0cfcbf1a1e3a' \ '06dabc1c16aa6baa394cd5d356b6eac101811b0bf78ce32a1ee893cad4b0a83f' self.assertEqual(target_key, key_derivation.hex()) seed = b'\x02' key_derivation = pbkdf2(seed, dk_len) target_key = '67c60c6612920fc8c68c55d63eadb34b0812235d7b2bf4f13f5692ed8f0cd856' \ '5fb807ce100c90d2837ccfc94d8f8ba5d35cd3d6fafcd2f41f245b596e360057' self.assertEqual(target_key, key_derivation.hex()) seed = b'\x01\x02' key_derivation = pbkdf2(seed, dk_len) target_key = '27704664b7e8ba3c36199f581fa3023f49fd90af918444e2d9477e82565f868a' \ '5dbee0a29283512256238cd05870a61c81ccea8a245c8973abc0618df4d3471f' self.assertEqual(target_key, key_derivation.hex())
def decrypt_with_cbc_mode(cipher_text: bytes, private_key: bytes, iv: bytes, encode_g_tilde: bytes): if not isinstance(private_key, bytes): raise BotException(BotError.invalid_private_key) if len(private_key) != 32: raise BotException(BotError.invalid_private_key) str_g_tilde_x = encode_g_tilde[1:33] str_g_tilde_y = encode_g_tilde[33:65] g_tilde_x = string_to_number(str_g_tilde_x) g_tilde_y = string_to_number(str_g_tilde_y) g_tilde = Point(SECP256k1.curve, g_tilde_x, g_tilde_y, SECP256k1.order) h_tilde = g_tilde * SigningKey.from_string(string=private_key, curve=SECP256k1).privkey.secret_multiplier seed = b''.join([encode_g_tilde, number_to_string(h_tilde.x(), SECP256k1.order)]) aes_key = pbkdf2(seed, 32) plain_text = AESHandler.aes_cbc_decrypt(cipher_text, iv, aes_key) return plain_text
def encrypt_with_cbc_mode(plain_text: bytes, public_key: bytes) -> (bytes, bytes, bytes): if not isinstance(public_key, bytes): raise BotException(BotError.invalid_public_key) if len(public_key) != 64: raise BotException(BotError.invalid_public_key) r = randint(1, SECP256k1.order) g_tilde = r * SECP256k1.generator h_tilde = r * VerifyingKey.from_string(string=public_key, curve=SECP256k1).pubkey.point str_g_tilde_x = number_to_string(g_tilde.x(), SECP256k1.order) str_g_tilde_y = number_to_string(g_tilde.y(), SECP256k1.order) encode_g_tilde = b''.join([b'\x04', str_g_tilde_x, str_g_tilde_y]) str_h_tilde_x = number_to_string(h_tilde.x(), SECP256k1.order) seed = b''.join([encode_g_tilde, str_h_tilde_x]) aes_key = pbkdf2(seed, 32) aes_iv, cipher_text = AESHandler.aes_cbc_encrypt(plain_text, aes_key) return aes_iv, encode_g_tilde, cipher_text