def get(self):
app = self.app
if request.is_xhr:
return 'brave.core.template.form', dict(
kind = _("Application"),
form = manage_form('/application/manage/{0}'.format(app.id)),
data = dict(
name = app.name,
description = app.description,
site = app.site,
contact = app.contact,
development = app.development,
key = dict(
public = app.key.public,
private = app.key.private,
),
required = app.mask.required,
optional = app.mask.optional,
groups = app.groups
)
)
key = SigningKey.from_string(unhexlify(app.key.private), curve=NIST256p, hashfunc=sha256)
return 'brave.core.application.template.view_app', dict(
app = app,
key = hexlify(key.get_verifying_key().to_string()),
pem = key.get_verifying_key().to_pem()
)
def setUp(self):
self.patcher1 = patch("addressimo.util.get_id")
self.patcher2 = patch("addressimo.util.create_json_response")
self.patcher3 = patch("addressimo.util.request")
self.patcher4 = patch("addressimo.util.VerifyingKey", wraps=VerifyingKey)
self.mockGetId = self.patcher1.start()
self.mockCreateJsonResponse = self.patcher2.start()
self.mockRequest = self.patcher3.start()
self.mockVerifyingKey = self.patcher4.start()
self.mockRequest.url = "http://addressimo.com/address/0123456789abcdef/sf"
self.mockRequest.data = "this is some crazy random data, dude! you know you gotta love this!"
from ecdsa.keys import SigningKey
from ecdsa.curves import SECP256k1
self.sk = SigningKey.from_string(TEST_PRIVKEY.decode("hex"), curve=SECP256k1)
sig = self.sk.sign(self.mockRequest.url + self.mockRequest.data, hashfunc=sha256, sigencode=sigencode_der)
self.mockRequest.headers = {
"x-identity": VerifyingKey.from_string(TEST_PUBKEY.decode("hex"), curve=curves.SECP256k1)
.to_der()
.encode("hex"),
"x-signature": sig.encode("hex"),
}
self.mockIdObj = Mock()
self.mockIdObj.auth_public_key = TEST_PUBKEY
# Mock the decorator function -> We run self.decorated
self.mock_func = MagicMock(return_value="fake_response")
self.mock_func.__name__ = "mock_func"
self.decorated = requires_valid_signature(self.mock_func)
def _parse_ecdsa_private_key(private, curve):
ver = private.getChild(0)
if ver.value != b'\x01':
raise SyntaxError("Unexpected EC key version")
private_key = private.getChild(1)
public_key = private.getChild(2)
# first two bytes are the ASN.1 custom type and the length of payload
# while the latter two bytes are just specification of the public
# key encoding (uncompressed)
# TODO: update ecdsa lib to be able to parse PKCS#8 files
if curve is not NIST521p:
if list(public_key.value[:1]) != [3] or \
list(public_key.value[2:4]) != [0, 4]:
raise SyntaxError(
"Invalid or unsupported encoding of public key")
pub_key = VerifyingKey.from_string(
compatHMAC(public_key.value[4:]), curve)
else:
if list(public_key.value[:3]) != [3, 129, 134] or \
list(public_key.value[3:5]) != [0, 4]:
raise SyntaxError(
"Invalid or unsupported encoding of public key")
pub_key = VerifyingKey.from_string(
compatHMAC(public_key.value[5:]), curve)
pub_x = pub_key.pubkey.point.x()
pub_y = pub_key.pubkey.point.y()
priv_key = SigningKey.from_string(compatHMAC(private_key.value), curve)
mult = priv_key.privkey.secret_multiplier
return Python_ECDSAKey(pub_x, pub_y, curve.name, mult)
def setUp(self):
self.patcher1 = patch('addressimo.util.get_id')
self.patcher2 = patch('addressimo.util.create_json_response')
self.patcher3 = patch('addressimo.util.request')
self.patcher4 = patch('addressimo.util.VerifyingKey', wraps=VerifyingKey)
self.mockGetId = self.patcher1.start()
self.mockCreateJsonResponse = self.patcher2.start()
self.mockRequest = self.patcher3.start()
self.mockVerifyingKey = self.patcher4.start()
self.mockRequest.url = 'http://addressimo.com/address/0123456789abcdef/sf'
self.mockRequest.data = 'this is some crazy random data, dude! you know you gotta love this!'
from ecdsa.keys import SigningKey
from ecdsa.curves import SECP256k1
self.sk = SigningKey.from_string(TEST_PRIVKEY.decode('hex'), curve=SECP256k1)
sig = self.sk.sign('GETaddressimo.com/address/0123456789abcdef/sfthis is some crazy random data, dude! you know you gotta love this!', hashfunc=sha256, sigencode=sigencode_der)
self.mockRequest.headers = {
'x-identity': VerifyingKey.from_string(TEST_PUBKEY.decode('hex'), curve=curves.SECP256k1).to_der().encode('hex'),
'x-signature': sig.encode('hex')
}
self.mockRequest.method = 'GET'
self.mockRequest.path = '/address/0123456789abcdef/sf'
self.mockIdObj = Mock()
self.mockIdObj.auth_public_key = TEST_PUBKEY
# Mock the decorator function -> We run self.decorated
self.mock_func = MagicMock(return_value='fake_response')
self.mock_func.__name__ = 'mock_func'
self.decorated = requires_valid_signature(self.mock_func)
def __init__(self, public_key: str = None, private_key: str = None):
"""
:param public_key: base58 encoded
:param private_key: base58 encoded
"""
self.__public_key = None
self.__private_key = None
if private_key is not None:
self.__private_key = SigningKey.from_string(
b58decode(private_key),
curve=NIST256p
)
self.__public_key = self.__private_key.get_verifying_key()
if public_key is not None:
self.__public_key = VerifyingKey.from_string(
self.decompress(b58decode(public_key))[1:],
curve=NIST256p
)
if public_key is None and private_key is None:
self.__private_key = SigningKey.generate(curve=NIST256p)
self.__public_key = self.__private_key.get_verifying_key()
def __after__(self, result, *args, **kw):
"""Generate the JSON response and sign."""
key = SigningKey.from_string(unhexlify(request.service.key.private),
curve=NIST256p,
hashfunc=sha256)
response = Response(status=200, charset='utf-8')
response.date = datetime.utcnow()
response.last_modified = result.pop('updated', None)
ct, body = render('json:', result)
response.headers[b'Content-Type'] = str(
ct) # protect against lack of conversion in Flup
response.body = body
canon = "{req.service.id}\n{resp.headers[Date]}\n{req.url}\n{resp.body}".format(
req=request, resp=response)
response.headers[b'X-Signature'] = hexlify(key.sign(canon))
log.debug("Signing response: %s", response.headers[b'X-Signature'])
log.debug("Canonical data:\n%r", canon)
del response.date # TODO: This works around an odd bug of sending two Date header values.
return response
def __init__(self, private_key: str):
# byes.fromhex expect a hex string without 0x
private_key = self.remove_starting_0x(private_key)
pem = SigningKey.from_string(bytes.fromhex(private_key),
curve=SECP256k1).to_pem()
self.signing_key = jwk.JWK.from_pem(pem)
self.algorithm = 'ES256K'
def decrypt_with_gcm_mode(nonce: bytes, mac_tag: bytes, cipher_text: bytes,
private_key: bytes, hdr: bytes,
encode_g_tilde: bytes):
if not isinstance(private_key, bytes):
raise SDKException(
ErrorCode.other_error(
'the length of private key should be 32 bytes.'))
if len(private_key) != 32:
raise SDKException(
ErrorCode.other_error(
'the length of private key should be 32 bytes.'))
str_g_tilde_x = encode_g_tilde[1:33]
str_g_tilde_y = encode_g_tilde[33:65]
g_tilde_x = string_to_number(str_g_tilde_x)
g_tilde_y = string_to_number(str_g_tilde_y)
g_tilde = Point(NIST256p.curve, g_tilde_x, g_tilde_y, NIST256p.order)
h_tilde = g_tilde * SigningKey.from_string(
string=private_key, curve=NIST256p).privkey.secret_multiplier
seed = b''.join(
[encode_g_tilde,
number_to_string(h_tilde.x(), NIST256p.order)])
aes_key = pbkdf2(seed, 32)
plain_text = AESHandler.aes_gcm_decrypt(cipher_text, hdr, nonce,
mac_tag, aes_key)
return plain_text
def get(self):
app = self.app
if request.is_xhr:
return 'brave.core.template.form', dict(
kind=_("Application"),
form=manage_form('/application/manage/{0}'.format(app.id)),
data=dict(name=app.name,
description=app.description,
site=app.site,
contact=app.contact,
development=app.development,
key=dict(
public=app.key.public,
private=app.key.private,
),
required=app.mask.required,
optional=app.mask.optional,
groups=app.groups))
key = SigningKey.from_string(unhexlify(app.key.private),
curve=NIST256p,
hashfunc=sha256)
return 'brave.core.application.template.view_app', dict(
app=app,
key=hexlify(key.get_verifying_key().to_string()),
pem=key.get_verifying_key().to_pem())
def generate_signature(private_key: bytes, msg: bytes):
if not isinstance(private_key, bytes):
raise BotException(BotError.invalid_private_key)
if len(private_key) != 32:
raise BotException(BotError.invalid_private_key)
private_key = SigningKey.from_string(string=private_key, curve=SECP256k1)
signature = private_key.sign(msg)
return signature
def ec_get_public_key_by_private_key(private_key: bytes):
if not isinstance(private_key, bytes):
raise BotException(BotError.invalid_private_key)
if len(private_key) != 32:
raise BotException(BotError.invalid_private_key)
private_key = SigningKey.from_string(string=private_key, curve=SECP256k1)
public_key = private_key.get_verifying_key().to_string()
return public_key
def _get_brave_api():
config = app.config['BRAVE_AUTH']
return API(config['endpoint'],
config['identity'],
SigningKey.from_string(unhexlify(config['private']),
curve=NIST256p, hashfunc=sha256),
VerifyingKey.from_string(unhexlify(config['public']),
curve=NIST256p, hashfunc=sha256))
def __init__(self, app):
self.endpoint = app.config['CORE_ENDPOINT']
self.app_id = app.config['CORE_APP_ID']
self.private_key_string = app.config['CORE_PRIVATE_KEY']
self.core_public_key_string = app.config['CORE_CORE_PUBLIC_KEY']
self.private_key = SigningKey.from_string(unhexlify(self.private_key_string), curve=NIST256p, hashfunc=sha256)
self.core_public_key = VerifyingKey.from_string(unhexlify(self.core_public_key_string), curve=NIST256p, hashfunc=sha256)
self.view_perm = app.config['CORE_VIEW_PERMISSION']
self.edit_perm = app.config['CORE_EDIT_PERMISSION']
def authorized():
# Perform the initial API call and direct the user.
# Convert Key text into objects
config['api.private'] = SigningKey.from_string(unhexlify(config['api.private']), curve=NIST256p, hashfunc=sha256)
config['api.public'] = SigningKey.from_string(unhexlify(config['api.public']), curve=NIST256p, hashfunc=sha256)
# Build API Client for CORE Services
api = API(config['api.endpoint'], config['api.identity'], config['api.private'], config['api.public'])
# Build Success/Failure Redirect URLs
token = request.args.get('token', '')
if token == '':
abort(401)
# Make the authentication call to the CORE Service
result = api.core.info(token=token)
return jsonify(result)
def test_new_keys(self):
user = User.new_keys(curve=NIST256p)
self.assertIsInstance(user, User)
self.assertIsInstance(user._private_key, SigningKey)
self.assertIsInstance(user._public_key.verifying_key, VerifyingKey)
self.assertEqual(user._private_key.to_der(),
SigningKey.from_string(user._private_key.to_string(), NIST256p).to_der())
self.assertEqual(len(user._private_key.to_der()), len(SigningKey.generate(curve=NIST256p).to_der()))
self.assertNotEqual(len(user._private_key.to_der()), len(SigningKey.generate().to_der()))
def __init__(self):
from brave.mumble import util
# Configure mail delivery services.
util.mail = Mailer(config, 'mail')
util.mail.start()
# Load our keys into a usable form.
config['api.private'] = SigningKey.from_string(unhexlify(config['api.private']), curve=NIST256p, hashfunc=sha256)
config['api.public'] = VerifyingKey.from_string(unhexlify(config['api.public']), curve=NIST256p, hashfunc=sha256)
super(StartupMixIn, self).__init__()
def get_brave_api():
import braveapi.client
from binascii import unhexlify
from hashlib import sha256
from ecdsa.keys import SigningKey, VerifyingKey
from ecdsa.curves import NIST256p
endpoint = config.braveapi_endpoint
my_id = config.braveapi_my_id
my_privkey = SigningKey.from_string(unhexlify(config.braveapi_my_privkey), curve=NIST256p, hashfunc=sha256)
server_pubkey = VerifyingKey.from_string(unhexlify(config.braveapi_server_pubkey), curve=NIST256p, hashfunc=sha256)
return braveapi.client.API(endpoint, my_id, my_privkey, server_pubkey)
def generate_decrypt_aes_key(private_key: bytes, encode_g_tilde: bytes):
if not isinstance(private_key, bytes):
raise SDKException(ErrorCode.other_error('the length of private key should be 32 bytes.'))
if len(private_key) != 32:
raise SDKException(ErrorCode.other_error('the length of private key should be 32 bytes.'))
str_g_tilde_x = encode_g_tilde[1:33]
str_g_tilde_y = encode_g_tilde[33:65]
g_tilde_x = string_to_number(str_g_tilde_x)
g_tilde_y = string_to_number(str_g_tilde_y)
g_tilde = Point(NIST256p.curve, g_tilde_x, g_tilde_y, NIST256p.order)
h_tilde = g_tilde * SigningKey.from_string(string=private_key, curve=NIST256p).privkey.secret_multiplier
seed = b''.join([encode_g_tilde, number_to_string(h_tilde.x(), NIST256p.order)])
aes_key = pbkdf2(seed, 32)
return aes_key
def decrypt_with_cbc_mode(cipher_text: bytes, private_key: bytes, iv: bytes, encode_g_tilde: bytes):
if not isinstance(private_key, bytes):
raise BotException(BotError.invalid_private_key)
if len(private_key) != 32:
raise BotException(BotError.invalid_private_key)
str_g_tilde_x = encode_g_tilde[1:33]
str_g_tilde_y = encode_g_tilde[33:65]
g_tilde_x = string_to_number(str_g_tilde_x)
g_tilde_y = string_to_number(str_g_tilde_y)
g_tilde = Point(SECP256k1.curve, g_tilde_x, g_tilde_y, SECP256k1.order)
h_tilde = g_tilde * SigningKey.from_string(string=private_key, curve=SECP256k1).privkey.secret_multiplier
seed = b''.join([encode_g_tilde, number_to_string(h_tilde.x(), SECP256k1.order)])
aes_key = pbkdf2(seed, 32)
plain_text = AESHandler.aes_cbc_decrypt(cipher_text, iv, aes_key)
return plain_text
def getSignature(hexa, key):
"""
Generate signature using private key.
Arguments:
hexa (str) -- data as hex string
key (str) -- a private key as hex string
Return hex
"""
signingKey = SigningKey.from_string(unhexlify(key), SECP256k1,
hashlib.sha256)
return hexlify(
signingKey.sign_deterministic(unhexlify(hexa),
hashlib.sha256,
sigencode=sigencode_der_canonize))
def get_public_key_by_bytes_private_key(private_key: bytes):
if not isinstance(private_key, bytes):
raise SDKException(ErrorCode.other_error('The type of private key should be bytes.'))
if len(private_key) != 32:
raise SDKException(ErrorCode.other_error('The length of private key should be 32 bytes.'))
private_key = SigningKey.from_string(string=private_key, curve=NIST256p)
public_key = private_key.get_verifying_key()
order = public_key.pubkey.order
x_int = public_key.pubkey.point.x()
y_int = public_key.pubkey.point.y()
x_str = number_to_string(x_int, order)
if y_int % 2 == 0:
point_str = b''.join([b'\x02', x_str])
else:
point_str = b''.join([b'\x03', x_str])
return point_str
def __after__(self, result, *args, **kw):
"""Generate the JSON response and sign."""
key = SigningKey.from_string(unhexlify(request.service.key.private), curve=NIST256p, hashfunc=sha256)
response = Response(status=200, charset='utf-8')
response.date = datetime.utcnow()
response.last_modified = result.pop('updated', None)
ct, body = render('json:', result)
response.headers[b'Content-Type'] = str(ct) # protect against lack of conversion in Flup
response.body = body
canon = "{req.service.id}\n{resp.headers[Date]}\n{req.url}\n{resp.body}".format(
req = request,
resp = response
def getSignatureFromBytes(data, privateKey):
"""
Generate data signature using private key.
Arguments:
data (bytes) -- data in bytes
privateKey (str) -- a private key as hex string
Return str
"""
signingKey = SigningKey.from_string(unhexlify(privateKey), SECP256k1,
hashlib.sha256)
return hexlify(
signingKey.sign_deterministic(data,
hashlib.sha256,
sigencode=sigencode_der_canonize))
def getSignature(tx, privateKey):
"""
Generate transaction signature using private key.
Arguments:
tx (dict) -- a transaction description
privateKey (str) -- a private key as hex string
Return str
"""
signingKey = SigningKey.from_string(unhexlify(privateKey), SECP256k1,
hashlib.sha256)
return hexlify(
signingKey.sign_deterministic(getBytes(tx),
hashlib.sha256,
sigencode=sigencode_der_canonize))
def GET(self):
try:
private = SigningKey.from_string(unhexlify(settings['api']['private']), curve=NIST256p, hashfunc=sha256)
public = VerifyingKey.from_string(unhexlify(settings['api']['public']), curve=NIST256p, hashfunc=sha256)
except:
return "Invalid keys"
# Perform the initial API call and direct the user.
api = API(settings['api']['endpoint'], settings['api']['identity'], private, public)
success = str(settings['domain'] + settings['path'] + '/account/authorized')
failure = str(settings['domain'] + settings['path'] + '/account/nolove')
result = api.core.authorize(success=success, failure=failure)
raise web.seeother(result.location, absolute=True)
def __init__(self):
# Load our keys into a usable form.
try:
config['api.private'] = SigningKey.from_string(unhexlify(config['api.private']), curve=NIST256p, hashfunc=sha256)
config['api.public'] = VerifyingKey.from_string(unhexlify(config['api.public']), curve=NIST256p, hashfunc=sha256)
except:
log.critical("Core Service API identity, public, or private key missing.")
private = SigningKey.generate(NIST256p, hashfunc=sha256)
log.critical("Here's a new private key; update the api.private setting to reflect this.\n%s", private.to_string().encode('hex'))
log.critical("Here's that key's public key; this is what you register with Core.\n%s", private.get_verifying_key().to_string().encode('hex'))
log.critical("After registering, save the server's public key to api.public and your service's ID to api.identity.")
exit(-1)
super(StartupMixIn, self).__init__()
def __init__(self):
from brave.mumble import util
# Configure mail delivery services.
util.mail = Mailer(config, 'mail')
util.mail.start()
# Load our keys into a usable form.
config['api.private'] = SigningKey.from_string(unhexlify(
config['api.private']),
curve=NIST256p,
hashfunc=sha256)
config['api.public'] = VerifyingKey.from_string(unhexlify(
config['api.public']),
curve=NIST256p,
hashfunc=sha256)
super(StartupMixIn, self).__init__()
def get_brave_api():
import braveapi.client
from binascii import unhexlify
from hashlib import sha256
from ecdsa.keys import SigningKey, VerifyingKey
from ecdsa.curves import NIST256p
endpoint = config.braveapi_endpoint
my_id = config.braveapi_my_id
my_privkey = SigningKey.from_string(unhexlify(config.braveapi_my_privkey),
curve=NIST256p,
hashfunc=sha256)
server_pubkey = VerifyingKey.from_string(unhexlify(
config.braveapi_server_pubkey),
curve=NIST256p,
hashfunc=sha256)
return braveapi.client.API(endpoint, my_id, my_privkey, server_pubkey)
def authorize():
# Convert Key text into objects
config['api.private'] = SigningKey.from_string(unhexlify(config['api.private']), curve=NIST256p, hashfunc=sha256)
config['api.public'] = VerifyingKey.from_string(unhexlify(config['api.public']), curve=NIST256p, hashfunc=sha256)
# Build API Client for CORE Services
api = API(config['api.endpoint'], config['api.identity'], config['api.private'], config['api.public'])
# Build Success/Failure Redirect URLs
success = str("http://"+app.config['SERVER_NAME']+url_for('authorized'))
failure = str("http://"+app.config['SERVER_NAME']+url_for('fail'))
# Make the authentication call to the CORE Service
result = api.core.authorize(success=success, failure=failure)
# Redirect based on the authentication request validity
return redirect(result.location)
def __init__(self,
*,
private_key: Optional[Union[str, bytes]] = None,
public_key: Optional[bytes] = None):
assert not (private_key and public_key), 'Pass only one key'
if public_key:
self._sk = None
self._vk = VerifyingKey.from_string(public_key, curve=SECP256k1)
return
if private_key:
if isinstance(private_key, str):
self._sk = signing_key_from_seed(private_key)
else:
self._sk = SigningKey.from_string(private_key, curve=SECP256k1)
else:
entropy = PRNG(secrets.randbits(512))
self._sk = SigningKey.generate(entropy=entropy, curve=SECP256k1)
self._vk = self._sk.get_verifying_key()
def authenticate(self, identifier, password=None):
"""Validate the given identifier; password is ignored."""
from brave.notes.config import settings
try:
private = SigningKey.from_string(unhexlify(settings['api']['private']), curve=NIST256p, hashfunc=sha256)
public = VerifyingKey.from_string(unhexlify(settings['api']['public']), curve=NIST256p, hashfunc=sha256)
except:
return "Invalid keys"
api = API(settings['api']['endpoint'], settings['api']['identity'], private, public)
result = api.core.info(identifier)
user = self.objects(character__id=result.character.id).first()
if not user:
user = self(token=identifier, expires=result.expires, seen=datetime.utcnow())
user.character.id = result.character.id
user.character.name = result.character.name
user.corporation.id = result.corporation.id
user.corporation.name = result.corporation.name
if result.alliance:
user.alliance.id = result.alliance.id
user.alliance.name = result.alliance.name
user.save()
else:
# TODO: Also update the corporate details, if appropriate.
user.update(set__token=identifier, set__seen=datetime.utcnow())
from brave.notes.core.session import session
session.user = user
session.signedin = 1
return user.id, user
def config():
# Load and validate the format of our auth config data
try:
config['api.identity']
config['api.private'] = SigningKey.from_string(unhexlify(config['api.private']), curve=NIST256p, hashfunc=sha256)
config['api.public'] = VerifyingKey.from_string(unhexlify(config['api.public']), curve=NIST256p, hashfunc=sha256)
except:
private = SigningKey.generate(NIST256p, hashfunc=sha256)
error_message = "Core Service API identity, public, or private key missing.<br /><br />\n\n"
error_message += "Here's a new private key; update the api.private setting to reflect this.<br />\n" + \
"%s <br /><br />\n\n" % private.to_string().encode('hex')
error_message += "Here's that key's public key; this is what you register with Core.<br />\n" + \
"%s <br /><br /><br />\n\n" % private.get_verifying_key().to_string().encode('hex')
error_message += "After registering, save the server's public key to api.public " + \
"and your service's ID to api.identity.<br /><br />"
return error_message
# config data looks good, allow auth attempt
return '<a href="'+url_for('authorize')+'">Click here to auth</a>'
def _get_pubkey(cls, private_key):
sk = SigningKey.from_string(private_key, curve=SECP256k1, hashfunc=hashlib.sha256)
vk = sk.get_verifying_key().to_string() # Uncompressed key
vk = chr((ord(vk[63]) & 1) + 2) + vk[0:32] # To compressed key
return vk
def private_key_bytes_to_bitcoin_address(private_key_bytes,
compressed_public_key):
signing_key = SigningKey.from_string(private_key_bytes, SECP256k1)
return get_bitcoin_address_from_signing_key(signing_key,
compressed_public_key)
def __init__(self, private_key: str):
private_key = self.remove_starting_hex_prefix(private_key)
pem = SigningKey.from_string(bytes.fromhex(private_key),
curve=SECP256k1).to_pem()
self.signing_key = jwk.JWK.from_pem(pem)
self.algorithm = 'ES256K'
def get_api(config):
my_priv_key = SigningKey.from_string(config.get('core', 'app.priv_key').decode('hex'), curve=NIST256p, hashfunc=sha256)
server_pub_key = VerifyingKey.from_string(config.get('core', 'server.pub_key').decode('hex'), curve=NIST256p, hashfunc=sha256)
return API(config.get('core', 'server.endpoint'), config.get('core', 'app.id'), my_priv_key, server_pub_key)
def __init__(self, sk=None):
if sk is None:
self.sk = SigningKey.generate(SECP256k1)
else:
self.sk = SigningKey.from_string(sk, SECP256k1)
sk)
# Same thing with ecdsa package ASN.1 utilities.
car, cdr = ECDSA_DER.remove_sequence(der_test_keys["ec_pkcs8"])
assert cdr == ""
version, cdr = ECDSA_DER.remove_integer(car)
assert version == 0
car, ec = ECDSA_DER.remove_sequence(cdr)
oid, cdr = ECDSA_DER.remove_object(car)
assert oid == oid_ecPublicKey
oid, cdr = ECDSA_DER.remove_object(cdr)
curve = find_curve(oid)
assert cdr == ""
car, cdr = ECDSA_DER.remove_octet_string(ec)
assert cdr == ""
car, cdr = ECDSA_DER.remove_sequence(car)
assert cdr == ""
version, cdr = ECDSA_DER.remove_integer(car)
assert version == 1
privkey, cdr = ECDSA_DER.remove_octet_string(cdr)
tag, car, cdr = ECDSA_DER.remove_constructed(cdr)
assert tag == 1
assert cdr == ""
pubkey, cdr = ECDSA_DER.remove_bitstring(car)
assert cdr == ""
assert pubkey[:2] == "\x00\x04"
sk = SigningKey.from_string(privkey, curve)
print
print "ECDSA-library PKCS #8 decoding {} pyasn1 PKCS #8 decoding".format(
"matches" if der == sk.to_der() else "doesn't match")
def get_signer(self, n):
return SigningKey.from_string(self.get_private_node(n).private_key, curve=SECP256k1, hashfunc=hashlib.sha256)
def private_key_bytes_to_bitcoin_address(
private_key_bytes, compressed_public_key):
signing_key = SigningKey.from_string(private_key_bytes, SECP256k1)
return get_bitcoin_address_from_signing_key(
signing_key, compressed_public_key)
