Esempio n. 1
0
def sign_requested_data(data, signature_request, private_key, tag, signature_size=32):   
    """ usage: sign(data, signature_request, private_key, tag,
                    signature_size=32) => signature, signing_key
                    
        Returns a signature and signing key.
        The two items should be returned to the requester of the signature for verification. """    
    validation_key = serialize_key(_retrieve_validation_key(deserialize_key(signature_request), private_key))      
    if hmac(data, validation_key) != tag:
        raise ValueError("Invalid data/tag")
    signing_key = bytearray(urandom(signature_size))       
    output = signing_key[:]
    #assert len(validation_key) == len(signing_key), (len(validation_key), len(signing_key))
    xor_subroutine(signing_key, validation_key)    
    return hmac(data, signing_key), output
Esempio n. 2
0
    def derive_keys(self, keying_material):
        key_material = hkdf(keying_material, 64)
        self.encryption_key = key_material[:32]
        self.mac_key = key_material[32:]

        confirmation_code = hmac(self.confirm_connection_string, self.mac_key)
        return confirmation_code
Esempio n. 3
0
def verify(encrypted_data, signature, validation_key):        
    data = bytearray(encrypted_data)
    xor_subroutine(data, validation_key)
    
    if hmac(data, validation_key) == signature:
        return True
    else:
        return False
Esempio n. 4
0
def sign(data, signing_key, signature_size=32, already_hashed=False, hash_function=hash_function):        
    if not already_hashed:        
        data = hash_function(data)
    signature = hmac(data, signing_key)
        
    data = bytearray(data)
    xor_subroutine(data, signing_key)
    
    return data, signature    
Esempio n. 5
0
 def __init__(self,
              public_key,
              private_key,
              hash_function=hash_function,
              secret_size=32):
     self.public_key = public_key
     self.private_key = private_key
     self.hash_function = hash_function
     self.secret_size = secret_size
     self.confirm_connection_string = "Good happy success :)"
     self.confirmation_code_size = len(hmac('', ''))
Esempio n. 6
0
def verify(data, signature, signing_key, validation_key):   
    """ usage: verify(data, signature, signing_key, validation_key) => True or False
    
        Returns True if the signature on data is valid.
        Returns False if the signature on data is invalid. """  
    #assert len(validation_key) == len(signing_key), (len(validation_key), len(signing_key))    
    xor_subroutine(signing_key, validation_key)    
    if hmac(data, signing_key) == signature:
        return True
    else:
        return False
Esempio n. 7
0
def generate_signature_request_on_data(signers_public_key, data, signature_key_size=32):
    """ usage: generate_signature_request(signers_public_key, data,
                                          signature_key_size=32) => signature_request, validation_key
                                       
        Returns a signing request, signature validation key, and an HMAC tag for the data.
        The signing request is bound to the owner of the supplied public key - only the owner will be able to produce a signature
        The validation key is bound to the party that generates the signature request - nobody else may use it to verify Bob's signature. 
        
        The signing party is committed to signing the data provided by the signature requester."""                
    validation_key = bytearray(urandom(signature_key_size))    
    signature_request = serialize_key(keyexchange.encapsulate_key(deserialize_key(validation_key), signers_public_key))    
    return signature_request, validation_key, hmac(data, validation_key)