def addUser(username: str, autoGenerateKeys: bool = True, keys: list = []):
"""
Create an user with the corresponding username to the users list and return the corresponding user id which can be used as index
username: name of the user
autoGenerateKeys: generate elGammal keys for the user
keys: base64 of tuple (public key, private key) if keys are not generated for the user
"""
from ressources.interactions import getIntKey
if autoGenerateKeys:
# generate keys
algModule = __import__("core.asymmetric." + c.BC_SIGNING_ALG,
fromlist=[""])
publicKey, privateKey = algModule.key_gen(c.BC_KEY_SIZE)
else:
# decode base64 tuple of key
publicKey = getIntKey(keys[0], [2, 3][c.BC_SIGNING_ALG == "elGamal"])
privateKey = getIntKey(keys[1], [2, 3][c.BC_SIGNING_ALG == "elGamal"])
userID = len(c.BC_USERS)
c.BC_USERS.append([userID, username, publicKey, privateKey])
return userID
def verifying(M: bytes, sign: int, pK: tuple = None):
"""
Verify given signature of message M with corresponding public key's.
"""
assert isinstance(M, (bytes, bytearray))
from ..hashbased import hashFunctions as hashF
if not pK:
pK = it.extractKeyFromFile("public_key")
size = it.getKeySize(pK)
hm = hashF.sponge(M, size)
# base64 to int
hm = bm.bytes_to_int(bm.mult_to_bytes(hm))
# If the signature is in base64
if not isinstance(sign, int):
sign = it.getIntKey(sign)
n, e = pK
# raises the signature to the power of e (modulo n)
# (as when encrypting a message)
if sign > n:
print("Signature > modulus")
test = ut.square_and_multiply(sign, e, n)
if test == (hm % n):
return True
return False
def verifying(M: bytes, sign: tuple, publicKey: tuple = None):
"""
Verify given signature of message M with corresponding public key's.
"""
assert isinstance(M, (bytes, bytearray))
from ..hashbased import hashFunctions as hashF
if not publicKey:
publicKey = it.extractKeyFromFile("public_key")
p, g, h = publicKey
size = it.getKeySize(publicKey)
hm = hashF.sponge(M, size)
hm = bm.bytes_to_int(bm.mult_to_bytes(hm))
if not isinstance(sign, tuple):
b64data = sign
sign = it.getIntKey(b64data[1:], b64data[0])
s1, s2 = sign
if (0 < s1 < p) and (0 < s2 < p - 1):
test1 = (ut.square_and_multiply(h, s1, p) *
ut.square_and_multiply(s1, s2, p)) % p
test2 = ut.square_and_multiply(g, hm, p)
if test1 == test2:
return True
return False
raise ValueError
def x509(subjectPublicKey, name: str = "X509", out: bool = True):
import base64
# Get key size's
n = it.getKeySize(it.getIntKey(subjectPublicKey, 3))
CA_public_key, CA_private_key = elG.key_gen(n, primeFount=True)
import os
# An X. 509 Serial Number is an integer whose value can be represented in 20 bytes
serialN = it.getB64Keys(os.urandom(20))
from datetime import date
today = date.today()
nextY = today.replace(year=today.year + 1)
# The certificate is signed by the private key of the certification authority.
# The one who manufactured and issued this certificate.
signature = it.getB64Keys(elG.signing(subjectPublicKey, CA_private_key))
CA = f"""
Certificate:
Data:
Version: 3 (0x2)
Serial Number: {serialN}
Signature Algorithm: El-Gamal
Issuer Name:
Country: FR
Organization: Bark Trust Services
Common Name = BARK CA 101
Validity
Not Before: {today.strftime("%b-%d-%Y")}
Not After: {nextY.strftime("%b-%d-%Y")}
Subject: CN = Katsumi User
Subject Public Key Info:
Public Key Algorithm: El-Gamal
Public-Key: ({str(n)} bit)
pub:
{base64.b64encode(subjectPublicKey).decode()}
Signature Algorithm: El-Gamal
{signature}
Key Usages
Purposes: Digital Signature
"""
if out:
print(CA)
else:
from ressources import config
# Write into file
it.writeVartoFile(CA, name, config.DIRECTORY_PROCESSING, ".ca")
return it.getB64Keys(CA_public_key)