Exemple #1
0
 def get(self):
     app = self.app
     
     if request.is_xhr:
         return 'brave.core.template.form', dict(
                 kind = _("Application"),
                 form = manage_form('/application/manage/{0}'.format(app.id)),
                 data = dict(
                         name = app.name,
                         description = app.description,
                         site = app.site,
                         contact = app.contact,
                         development = app.development,
                         key = dict(
                                 public = app.key.public,
                                 private = app.key.private,
                             ),
                         required = app.mask.required,
                         optional = app.mask.optional,
                         groups = app.groups
                     )
             )
     
     key = SigningKey.from_string(unhexlify(app.key.private), curve=NIST256p, hashfunc=sha256)
     return 'brave.core.application.template.view_app', dict(
             app = app,
             key = hexlify(key.get_verifying_key().to_string()),
             pem = key.get_verifying_key().to_pem()
         )
Exemple #2
0
    def setUp(self):

        self.patcher1 = patch("addressimo.util.get_id")
        self.patcher2 = patch("addressimo.util.create_json_response")
        self.patcher3 = patch("addressimo.util.request")
        self.patcher4 = patch("addressimo.util.VerifyingKey", wraps=VerifyingKey)

        self.mockGetId = self.patcher1.start()
        self.mockCreateJsonResponse = self.patcher2.start()
        self.mockRequest = self.patcher3.start()
        self.mockVerifyingKey = self.patcher4.start()

        self.mockRequest.url = "http://addressimo.com/address/0123456789abcdef/sf"
        self.mockRequest.data = "this is some crazy random data, dude! you know you gotta love this!"

        from ecdsa.keys import SigningKey
        from ecdsa.curves import SECP256k1

        self.sk = SigningKey.from_string(TEST_PRIVKEY.decode("hex"), curve=SECP256k1)
        sig = self.sk.sign(self.mockRequest.url + self.mockRequest.data, hashfunc=sha256, sigencode=sigencode_der)

        self.mockRequest.headers = {
            "x-identity": VerifyingKey.from_string(TEST_PUBKEY.decode("hex"), curve=curves.SECP256k1)
            .to_der()
            .encode("hex"),
            "x-signature": sig.encode("hex"),
        }

        self.mockIdObj = Mock()
        self.mockIdObj.auth_public_key = TEST_PUBKEY

        # Mock the decorator function -> We run self.decorated
        self.mock_func = MagicMock(return_value="fake_response")
        self.mock_func.__name__ = "mock_func"
        self.decorated = requires_valid_signature(self.mock_func)
Exemple #3
0
    def _parse_ecdsa_private_key(private, curve):
        ver = private.getChild(0)
        if ver.value != b'\x01':
            raise SyntaxError("Unexpected EC key version")
        private_key = private.getChild(1)
        public_key = private.getChild(2)
        # first two bytes are the ASN.1 custom type and the length of payload
        # while the latter two bytes are just specification of the public
        # key encoding (uncompressed)
        # TODO: update ecdsa lib to be able to parse PKCS#8 files
        if curve is not NIST521p:
            if list(public_key.value[:1]) != [3] or \
                    list(public_key.value[2:4]) != [0, 4]:
                raise SyntaxError(
                    "Invalid or unsupported encoding of public key")

            pub_key = VerifyingKey.from_string(
                compatHMAC(public_key.value[4:]), curve)
        else:
            if list(public_key.value[:3]) != [3, 129, 134] or \
                    list(public_key.value[3:5]) != [0, 4]:
                raise SyntaxError(
                    "Invalid or unsupported encoding of public key")

            pub_key = VerifyingKey.from_string(
                compatHMAC(public_key.value[5:]), curve)
        pub_x = pub_key.pubkey.point.x()
        pub_y = pub_key.pubkey.point.y()
        priv_key = SigningKey.from_string(compatHMAC(private_key.value), curve)
        mult = priv_key.privkey.secret_multiplier
        return Python_ECDSAKey(pub_x, pub_y, curve.name, mult)
Exemple #4
0
    def setUp(self):

        self.patcher1 = patch('addressimo.util.get_id')
        self.patcher2 = patch('addressimo.util.create_json_response')
        self.patcher3 = patch('addressimo.util.request')
        self.patcher4 = patch('addressimo.util.VerifyingKey', wraps=VerifyingKey)

        self.mockGetId = self.patcher1.start()
        self.mockCreateJsonResponse = self.patcher2.start()
        self.mockRequest = self.patcher3.start()
        self.mockVerifyingKey = self.patcher4.start()

        self.mockRequest.url = 'http://addressimo.com/address/0123456789abcdef/sf'
        self.mockRequest.data = 'this is some crazy random data, dude! you know you gotta love this!'

        from ecdsa.keys import SigningKey
        from ecdsa.curves import SECP256k1

        self.sk = SigningKey.from_string(TEST_PRIVKEY.decode('hex'), curve=SECP256k1)
        sig = self.sk.sign('GETaddressimo.com/address/0123456789abcdef/sfthis is some crazy random data, dude! you know you gotta love this!', hashfunc=sha256, sigencode=sigencode_der)

        self.mockRequest.headers = {
            'x-identity': VerifyingKey.from_string(TEST_PUBKEY.decode('hex'), curve=curves.SECP256k1).to_der().encode('hex'),
            'x-signature': sig.encode('hex')
        }
        self.mockRequest.method = 'GET'
        self.mockRequest.path = '/address/0123456789abcdef/sf'

        self.mockIdObj = Mock()
        self.mockIdObj.auth_public_key = TEST_PUBKEY

        # Mock the decorator function -> We run self.decorated
        self.mock_func = MagicMock(return_value='fake_response')
        self.mock_func.__name__ = 'mock_func'
        self.decorated = requires_valid_signature(self.mock_func)
    def __init__(self, public_key: str = None, private_key: str = None):
        """

        :param public_key: base58 encoded
        :param private_key: base58 encoded
        """
        self.__public_key = None
        self.__private_key = None

        if private_key is not None:
            self.__private_key = SigningKey.from_string(
                b58decode(private_key),
                curve=NIST256p
            )
            self.__public_key = self.__private_key.get_verifying_key()

        if public_key is not None:
            self.__public_key = VerifyingKey.from_string(
                self.decompress(b58decode(public_key))[1:],
                curve=NIST256p
            )

        if public_key is None and private_key is None:
            self.__private_key = SigningKey.generate(curve=NIST256p)
            self.__public_key = self.__private_key.get_verifying_key()
Exemple #6
0
    def __after__(self, result, *args, **kw):
        """Generate the JSON response and sign."""

        key = SigningKey.from_string(unhexlify(request.service.key.private),
                                     curve=NIST256p,
                                     hashfunc=sha256)

        response = Response(status=200, charset='utf-8')
        response.date = datetime.utcnow()
        response.last_modified = result.pop('updated', None)

        ct, body = render('json:', result)
        response.headers[b'Content-Type'] = str(
            ct)  # protect against lack of conversion in Flup
        response.body = body

        canon = "{req.service.id}\n{resp.headers[Date]}\n{req.url}\n{resp.body}".format(
            req=request, resp=response)
        response.headers[b'X-Signature'] = hexlify(key.sign(canon))
        log.debug("Signing response: %s", response.headers[b'X-Signature'])
        log.debug("Canonical data:\n%r", canon)

        del response.date  # TODO: This works around an odd bug of sending two Date header values.

        return response
 def __init__(self, private_key: str):
     # byes.fromhex expect a hex string without 0x
     private_key = self.remove_starting_0x(private_key)
     pem = SigningKey.from_string(bytes.fromhex(private_key),
                                  curve=SECP256k1).to_pem()
     self.signing_key = jwk.JWK.from_pem(pem)
     self.algorithm = 'ES256K'
 def decrypt_with_gcm_mode(nonce: bytes, mac_tag: bytes, cipher_text: bytes,
                           private_key: bytes, hdr: bytes,
                           encode_g_tilde: bytes):
     if not isinstance(private_key, bytes):
         raise SDKException(
             ErrorCode.other_error(
                 'the length of private key should be 32 bytes.'))
     if len(private_key) != 32:
         raise SDKException(
             ErrorCode.other_error(
                 'the length of private key should be 32 bytes.'))
     str_g_tilde_x = encode_g_tilde[1:33]
     str_g_tilde_y = encode_g_tilde[33:65]
     g_tilde_x = string_to_number(str_g_tilde_x)
     g_tilde_y = string_to_number(str_g_tilde_y)
     g_tilde = Point(NIST256p.curve, g_tilde_x, g_tilde_y, NIST256p.order)
     h_tilde = g_tilde * SigningKey.from_string(
         string=private_key, curve=NIST256p).privkey.secret_multiplier
     seed = b''.join(
         [encode_g_tilde,
          number_to_string(h_tilde.x(), NIST256p.order)])
     aes_key = pbkdf2(seed, 32)
     plain_text = AESHandler.aes_gcm_decrypt(cipher_text, hdr, nonce,
                                             mac_tag, aes_key)
     return plain_text
Exemple #9
0
    def get(self):
        app = self.app

        if request.is_xhr:
            return 'brave.core.template.form', dict(
                kind=_("Application"),
                form=manage_form('/application/manage/{0}'.format(app.id)),
                data=dict(name=app.name,
                          description=app.description,
                          site=app.site,
                          contact=app.contact,
                          development=app.development,
                          key=dict(
                              public=app.key.public,
                              private=app.key.private,
                          ),
                          required=app.mask.required,
                          optional=app.mask.optional,
                          groups=app.groups))

        key = SigningKey.from_string(unhexlify(app.key.private),
                                     curve=NIST256p,
                                     hashfunc=sha256)
        return 'brave.core.application.template.view_app', dict(
            app=app,
            key=hexlify(key.get_verifying_key().to_string()),
            pem=key.get_verifying_key().to_pem())
Exemple #10
0
 def generate_signature(private_key: bytes, msg: bytes):
     if not isinstance(private_key, bytes):
         raise BotException(BotError.invalid_private_key)
     if len(private_key) != 32:
         raise BotException(BotError.invalid_private_key)
     private_key = SigningKey.from_string(string=private_key, curve=SECP256k1)
     signature = private_key.sign(msg)
     return signature
Exemple #11
0
 def ec_get_public_key_by_private_key(private_key: bytes):
     if not isinstance(private_key, bytes):
         raise BotException(BotError.invalid_private_key)
     if len(private_key) != 32:
         raise BotException(BotError.invalid_private_key)
     private_key = SigningKey.from_string(string=private_key, curve=SECP256k1)
     public_key = private_key.get_verifying_key().to_string()
     return public_key
Exemple #12
0
def _get_brave_api():
    config = app.config['BRAVE_AUTH']
    return API(config['endpoint'],
               config['identity'],
               SigningKey.from_string(unhexlify(config['private']),
                                      curve=NIST256p, hashfunc=sha256),
               VerifyingKey.from_string(unhexlify(config['public']),
                                        curve=NIST256p, hashfunc=sha256))
Exemple #13
0
 def __init__(self, app):
     self.endpoint = app.config['CORE_ENDPOINT']
     self.app_id = app.config['CORE_APP_ID']
     self.private_key_string = app.config['CORE_PRIVATE_KEY']
     self.core_public_key_string = app.config['CORE_CORE_PUBLIC_KEY']
     
     self.private_key = SigningKey.from_string(unhexlify(self.private_key_string), curve=NIST256p, hashfunc=sha256)
     self.core_public_key = VerifyingKey.from_string(unhexlify(self.core_public_key_string), curve=NIST256p, hashfunc=sha256)
     
     self.view_perm = app.config['CORE_VIEW_PERMISSION']
     self.edit_perm = app.config['CORE_EDIT_PERMISSION']
Exemple #14
0
def authorized():
    # Perform the initial API call and direct the user.

    # Convert Key text into objects
    config['api.private'] = SigningKey.from_string(unhexlify(config['api.private']), curve=NIST256p, hashfunc=sha256)
    config['api.public'] = SigningKey.from_string(unhexlify(config['api.public']), curve=NIST256p, hashfunc=sha256)

    # Build API Client for CORE Services
    api = API(config['api.endpoint'], config['api.identity'], config['api.private'], config['api.public'])

    # Build Success/Failure Redirect URLs
    token = request.args.get('token', '')

    if token == '':
        abort(401)

    # Make the authentication call to the CORE Service
    result = api.core.info(token=token)

    return jsonify(result)
Exemple #15
0
    def test_new_keys(self):
        user = User.new_keys(curve=NIST256p)

        self.assertIsInstance(user, User)
        self.assertIsInstance(user._private_key, SigningKey)
        self.assertIsInstance(user._public_key.verifying_key, VerifyingKey)

        self.assertEqual(user._private_key.to_der(),
                         SigningKey.from_string(user._private_key.to_string(), NIST256p).to_der())

        self.assertEqual(len(user._private_key.to_der()), len(SigningKey.generate(curve=NIST256p).to_der()))
        self.assertNotEqual(len(user._private_key.to_der()), len(SigningKey.generate().to_der()))
Exemple #16
0
 def __init__(self):
     from brave.mumble import util
     
     # Configure mail delivery services.
     util.mail = Mailer(config, 'mail')
     util.mail.start()
     
     # Load our keys into a usable form.
     config['api.private'] = SigningKey.from_string(unhexlify(config['api.private']), curve=NIST256p, hashfunc=sha256)
     config['api.public'] = VerifyingKey.from_string(unhexlify(config['api.public']), curve=NIST256p, hashfunc=sha256)
     
     super(StartupMixIn, self).__init__()
Exemple #17
0
def get_brave_api():
    import braveapi.client
    from binascii import unhexlify
    from hashlib import sha256
    from ecdsa.keys import SigningKey, VerifyingKey
    from ecdsa.curves import NIST256p

    endpoint = config.braveapi_endpoint
    my_id = config.braveapi_my_id
    my_privkey = SigningKey.from_string(unhexlify(config.braveapi_my_privkey), curve=NIST256p, hashfunc=sha256)
    server_pubkey = VerifyingKey.from_string(unhexlify(config.braveapi_server_pubkey), curve=NIST256p, hashfunc=sha256)

    return braveapi.client.API(endpoint, my_id, my_privkey, server_pubkey)
 def generate_decrypt_aes_key(private_key: bytes, encode_g_tilde: bytes):
     if not isinstance(private_key, bytes):
         raise SDKException(ErrorCode.other_error('the length of private key should be 32 bytes.'))
     if len(private_key) != 32:
         raise SDKException(ErrorCode.other_error('the length of private key should be 32 bytes.'))
     str_g_tilde_x = encode_g_tilde[1:33]
     str_g_tilde_y = encode_g_tilde[33:65]
     g_tilde_x = string_to_number(str_g_tilde_x)
     g_tilde_y = string_to_number(str_g_tilde_y)
     g_tilde = Point(NIST256p.curve, g_tilde_x, g_tilde_y, NIST256p.order)
     h_tilde = g_tilde * SigningKey.from_string(string=private_key, curve=NIST256p).privkey.secret_multiplier
     seed = b''.join([encode_g_tilde, number_to_string(h_tilde.x(), NIST256p.order)])
     aes_key = pbkdf2(seed, 32)
     return aes_key
Exemple #19
0
 def decrypt_with_cbc_mode(cipher_text: bytes, private_key: bytes, iv: bytes, encode_g_tilde: bytes):
     if not isinstance(private_key, bytes):
         raise BotException(BotError.invalid_private_key)
     if len(private_key) != 32:
         raise BotException(BotError.invalid_private_key)
     str_g_tilde_x = encode_g_tilde[1:33]
     str_g_tilde_y = encode_g_tilde[33:65]
     g_tilde_x = string_to_number(str_g_tilde_x)
     g_tilde_y = string_to_number(str_g_tilde_y)
     g_tilde = Point(SECP256k1.curve, g_tilde_x, g_tilde_y, SECP256k1.order)
     h_tilde = g_tilde * SigningKey.from_string(string=private_key, curve=SECP256k1).privkey.secret_multiplier
     seed = b''.join([encode_g_tilde, number_to_string(h_tilde.x(), SECP256k1.order)])
     aes_key = pbkdf2(seed, 32)
     plain_text = AESHandler.aes_cbc_decrypt(cipher_text, iv, aes_key)
     return plain_text
Exemple #20
0
def getSignature(hexa, key):
    """
	Generate signature using private key.

	Arguments:
	hexa (str) -- data as hex string
	key (str) -- a private key as hex string

	Return hex
	"""
    signingKey = SigningKey.from_string(unhexlify(key), SECP256k1,
                                        hashlib.sha256)
    return hexlify(
        signingKey.sign_deterministic(unhexlify(hexa),
                                      hashlib.sha256,
                                      sigencode=sigencode_der_canonize))
Exemple #21
0
 def get_public_key_by_bytes_private_key(private_key: bytes):
     if not isinstance(private_key, bytes):
         raise SDKException(ErrorCode.other_error('The type of private key should be bytes.'))
     if len(private_key) != 32:
         raise SDKException(ErrorCode.other_error('The length of private key should be 32 bytes.'))
     private_key = SigningKey.from_string(string=private_key, curve=NIST256p)
     public_key = private_key.get_verifying_key()
     order = public_key.pubkey.order
     x_int = public_key.pubkey.point.x()
     y_int = public_key.pubkey.point.y()
     x_str = number_to_string(x_int, order)
     if y_int % 2 == 0:
         point_str = b''.join([b'\x02', x_str])
     else:
         point_str = b''.join([b'\x03', x_str])
     return point_str
Exemple #22
0
 def __after__(self, result, *args, **kw):
     """Generate the JSON response and sign."""
     
     key = SigningKey.from_string(unhexlify(request.service.key.private), curve=NIST256p, hashfunc=sha256)
     
     response = Response(status=200, charset='utf-8')
     response.date = datetime.utcnow()
     response.last_modified = result.pop('updated', None)
     
     ct, body = render('json:', result)
     response.headers[b'Content-Type'] = str(ct)  # protect against lack of conversion in Flup
     response.body = body
     
     canon = "{req.service.id}\n{resp.headers[Date]}\n{req.url}\n{resp.body}".format(
                 req = request,
                 resp = response
Exemple #23
0
def getSignatureFromBytes(data, privateKey):
    """
	Generate data signature using private key.

	Arguments:
	data (bytes) -- data in bytes
	privateKey (str) -- a private key as hex string

	Return str
	"""
    signingKey = SigningKey.from_string(unhexlify(privateKey), SECP256k1,
                                        hashlib.sha256)
    return hexlify(
        signingKey.sign_deterministic(data,
                                      hashlib.sha256,
                                      sigencode=sigencode_der_canonize))
Exemple #24
0
def getSignature(tx, privateKey):
    """
	Generate transaction signature using private key.

	Arguments:
	tx (dict) -- a transaction description
	privateKey (str) -- a private key as hex string

	Return str
	"""
    signingKey = SigningKey.from_string(unhexlify(privateKey), SECP256k1,
                                        hashlib.sha256)
    return hexlify(
        signingKey.sign_deterministic(getBytes(tx),
                                      hashlib.sha256,
                                      sigencode=sigencode_der_canonize))
Exemple #25
0
    def GET(self):

        try:
            private = SigningKey.from_string(unhexlify(settings['api']['private']), curve=NIST256p, hashfunc=sha256)
            public = VerifyingKey.from_string(unhexlify(settings['api']['public']), curve=NIST256p, hashfunc=sha256)
        except:
            return "Invalid keys"
        # Perform the initial API call and direct the user.
        api = API(settings['api']['endpoint'], settings['api']['identity'], private, public)

        success = str(settings['domain'] + settings['path'] + '/account/authorized')
        failure = str(settings['domain'] + settings['path'] + '/account/nolove')

        result = api.core.authorize(success=success, failure=failure)

        raise web.seeother(result.location, absolute=True)
Exemple #26
0
 def __init__(self):
     # Load our keys into a usable form.
     try:
         config['api.private'] = SigningKey.from_string(unhexlify(config['api.private']), curve=NIST256p, hashfunc=sha256)
         config['api.public'] = VerifyingKey.from_string(unhexlify(config['api.public']), curve=NIST256p, hashfunc=sha256)
     except:
         log.critical("Core Service API identity, public, or private key missing.")
         
         private = SigningKey.generate(NIST256p, hashfunc=sha256)
         
         log.critical("Here's a new private key; update the api.private setting to reflect this.\n%s", private.to_string().encode('hex'))
         log.critical("Here's that key's public key; this is what you register with Core.\n%s",  private.get_verifying_key().to_string().encode('hex'))
         log.critical("After registering, save the server's public key to api.public and your service's ID to api.identity.")
         
         exit(-1)
     
     super(StartupMixIn, self).__init__()
Exemple #27
0
    def __init__(self):
        from brave.mumble import util

        # Configure mail delivery services.
        util.mail = Mailer(config, 'mail')
        util.mail.start()

        # Load our keys into a usable form.
        config['api.private'] = SigningKey.from_string(unhexlify(
            config['api.private']),
                                                       curve=NIST256p,
                                                       hashfunc=sha256)
        config['api.public'] = VerifyingKey.from_string(unhexlify(
            config['api.public']),
                                                        curve=NIST256p,
                                                        hashfunc=sha256)

        super(StartupMixIn, self).__init__()
Exemple #28
0
def get_brave_api():
    import braveapi.client
    from binascii import unhexlify
    from hashlib import sha256
    from ecdsa.keys import SigningKey, VerifyingKey
    from ecdsa.curves import NIST256p

    endpoint = config.braveapi_endpoint
    my_id = config.braveapi_my_id
    my_privkey = SigningKey.from_string(unhexlify(config.braveapi_my_privkey),
                                        curve=NIST256p,
                                        hashfunc=sha256)
    server_pubkey = VerifyingKey.from_string(unhexlify(
        config.braveapi_server_pubkey),
                                             curve=NIST256p,
                                             hashfunc=sha256)

    return braveapi.client.API(endpoint, my_id, my_privkey, server_pubkey)
Exemple #29
0
def authorize():

    # Convert Key text into objects
    config['api.private'] = SigningKey.from_string(unhexlify(config['api.private']), curve=NIST256p, hashfunc=sha256)
    config['api.public'] = VerifyingKey.from_string(unhexlify(config['api.public']), curve=NIST256p, hashfunc=sha256)

    # Build API Client for CORE Services
    api = API(config['api.endpoint'], config['api.identity'], config['api.private'], config['api.public'])

    # Build Success/Failure Redirect URLs
    success = str("http://"+app.config['SERVER_NAME']+url_for('authorized'))
    failure = str("http://"+app.config['SERVER_NAME']+url_for('fail'))

    # Make the authentication call to the CORE Service
    result = api.core.authorize(success=success, failure=failure)

    # Redirect based on the authentication request validity
    return redirect(result.location)
Exemple #30
0
    def __init__(self,
                 *,
                 private_key: Optional[Union[str, bytes]] = None,
                 public_key: Optional[bytes] = None):
        assert not (private_key and public_key), 'Pass only one key'
        if public_key:
            self._sk = None
            self._vk = VerifyingKey.from_string(public_key, curve=SECP256k1)
            return

        if private_key:
            if isinstance(private_key, str):
                self._sk = signing_key_from_seed(private_key)
            else:
                self._sk = SigningKey.from_string(private_key, curve=SECP256k1)
        else:
            entropy = PRNG(secrets.randbits(512))
            self._sk = SigningKey.generate(entropy=entropy, curve=SECP256k1)

        self._vk = self._sk.get_verifying_key()
Exemple #31
0
    def authenticate(self, identifier, password=None):
        """Validate the given identifier; password is ignored."""
        from brave.notes.config import settings
        try:
            private = SigningKey.from_string(unhexlify(settings['api']['private']), curve=NIST256p, hashfunc=sha256)
            public = VerifyingKey.from_string(unhexlify(settings['api']['public']), curve=NIST256p, hashfunc=sha256)
        except:
            return "Invalid keys"

        api = API(settings['api']['endpoint'], settings['api']['identity'], private, public)
        result = api.core.info(identifier)
        
        user = self.objects(character__id=result.character.id).first()
        
        if not user:
            user = self(token=identifier, expires=result.expires, seen=datetime.utcnow())
            user.character.id = result.character.id
            user.character.name = result.character.name
            user.corporation.id = result.corporation.id
            user.corporation.name = result.corporation.name
            
            if result.alliance:
                user.alliance.id = result.alliance.id
                user.alliance.name = result.alliance.name
            
            user.save()
        
        else:
            # TODO: Also update the corporate details, if appropriate.
            user.update(set__token=identifier, set__seen=datetime.utcnow())
        
        from brave.notes.core.session import session
        session.user = user
        session.signedin = 1
        
        return user.id, user
Exemple #32
0
def config():
    # Load and validate the format of our auth config data
    try:
        config['api.identity']
        config['api.private'] = SigningKey.from_string(unhexlify(config['api.private']), curve=NIST256p, hashfunc=sha256)
        config['api.public'] = VerifyingKey.from_string(unhexlify(config['api.public']), curve=NIST256p, hashfunc=sha256)
    except:
        private = SigningKey.generate(NIST256p, hashfunc=sha256)

        error_message = "Core Service API identity, public, or private key missing.<br /><br />\n\n"

        error_message += "Here's a new private key; update the api.private setting to reflect this.<br />\n" + \
                         "%s <br /><br />\n\n" % private.to_string().encode('hex')

        error_message += "Here's that key's public key; this is what you register with Core.<br />\n" + \
                         "%s <br /><br /><br />\n\n" % private.get_verifying_key().to_string().encode('hex')

        error_message += "After registering, save the server's public key to api.public " + \
                         "and your service's ID to api.identity.<br /><br />"

        return error_message

    # config data looks good, allow auth attempt
    return '<a href="'+url_for('authorize')+'">Click here to auth</a>'
Exemple #33
0
 def _get_pubkey(cls, private_key):
     sk = SigningKey.from_string(private_key, curve=SECP256k1, hashfunc=hashlib.sha256)
     vk = sk.get_verifying_key().to_string()  # Uncompressed key
     vk = chr((ord(vk[63]) & 1) + 2) + vk[0:32]  # To compressed key
     return vk
Exemple #34
0
def private_key_bytes_to_bitcoin_address(private_key_bytes,
                                         compressed_public_key):
    signing_key = SigningKey.from_string(private_key_bytes, SECP256k1)
    return get_bitcoin_address_from_signing_key(signing_key,
                                                compressed_public_key)
 def __init__(self, private_key: str):
     private_key = self.remove_starting_hex_prefix(private_key)
     pem = SigningKey.from_string(bytes.fromhex(private_key),
                                  curve=SECP256k1).to_pem()
     self.signing_key = jwk.JWK.from_pem(pem)
     self.algorithm = 'ES256K'
Exemple #36
0
def get_api(config):
    my_priv_key = SigningKey.from_string(config.get('core', 'app.priv_key').decode('hex'), curve=NIST256p, hashfunc=sha256)
    server_pub_key = VerifyingKey.from_string(config.get('core', 'server.pub_key').decode('hex'), curve=NIST256p, hashfunc=sha256)
    return API(config.get('core', 'server.endpoint'), config.get('core', 'app.id'), my_priv_key, server_pub_key)
Exemple #37
0
 def __init__(self, sk=None):
     if sk is None:
         self.sk = SigningKey.generate(SECP256k1)
     else:
         self.sk = SigningKey.from_string(sk, SECP256k1)
Exemple #38
0
        sk)

    # Same thing with ecdsa package ASN.1 utilities.
    car, cdr = ECDSA_DER.remove_sequence(der_test_keys["ec_pkcs8"])
    assert cdr == ""
    version, cdr = ECDSA_DER.remove_integer(car)
    assert version == 0
    car, ec = ECDSA_DER.remove_sequence(cdr)
    oid, cdr = ECDSA_DER.remove_object(car)
    assert oid == oid_ecPublicKey
    oid, cdr = ECDSA_DER.remove_object(cdr)
    curve = find_curve(oid)
    assert cdr == ""
    car, cdr = ECDSA_DER.remove_octet_string(ec)
    assert cdr == ""
    car, cdr = ECDSA_DER.remove_sequence(car)
    assert cdr == ""
    version, cdr = ECDSA_DER.remove_integer(car)
    assert version == 1
    privkey, cdr = ECDSA_DER.remove_octet_string(cdr)
    tag, car, cdr = ECDSA_DER.remove_constructed(cdr)
    assert tag == 1
    assert cdr == ""
    pubkey, cdr = ECDSA_DER.remove_bitstring(car)
    assert cdr == ""
    assert pubkey[:2] == "\x00\x04"
    sk = SigningKey.from_string(privkey, curve)
    print
    print "ECDSA-library PKCS #8 decoding {} pyasn1 PKCS #8 decoding".format(
        "matches" if der == sk.to_der() else "doesn't match")
Exemple #39
0
 def get_signer(self, n):
     return SigningKey.from_string(self.get_private_node(n).private_key, curve=SECP256k1, hashfunc=hashlib.sha256)
def private_key_bytes_to_bitcoin_address(
    private_key_bytes, compressed_public_key):
    signing_key = SigningKey.from_string(private_key_bytes, SECP256k1)
    return get_bitcoin_address_from_signing_key(
        signing_key, compressed_public_key)