def __init__(self, seed=None): if seed is None: seed = nacl.utils.random(nacl.secret.SecretBox.KEY_SIZE) else: seed = HexEncoder.decode(seed) public_key, secret_key = nacl.bindings.crypto_sign_seed_keypair(seed) self._public_key = HexEncoder.encode(public_key).decode() self._private_key = HexEncoder.encode(secret_key).decode() self._seed = HexEncoder.encode(seed).decode() self._signature_redeem = Protocol.public_key_to_signature_redeem( self._public_key) self._program_hash = Protocol.hex_string_to_program_hash( self._signature_redeem)
def verify_signature(msg, signature, verify_key): # Encode the message to hex msg_hex = HexEncoder.encode(msg) # Decode signature to byte signature_bytes = HexEncoder.decode(signature) result = True try: verify_key.verify(msg_hex, signature_bytes, encoder=HexEncoder) except BadSignatureError: result = False pass return result
def test_hex_smessage_with_detached_sig_matches_with_attached_sig(self): sk = SigningKey.generate() vk = sk.verify_key smsg = sk.sign(b"Hello World in hex", encoder=HexEncoder) msg = smsg.message hexsig = smsg.signature sig = HexEncoder.decode(hexsig) assert vk.verify(msg, sig, encoder=HexEncoder) == \ vk.verify(smsg, encoder=HexEncoder) assert HexEncoder.decode(msg) == b"Hello World in hex"
def create_transaction( private_key: str, public_key: str, receiver: str, amount: int ) -> dict: """ Creates a transaction from a sender's public key to a receiver's public key :param private_key: The Sender's private key :param public_key: The Sender's public key :param receiver: The Receiver's public key :param amount: The amount in cents :return: <dict> The transaction dict """ tx = { "sender": public_key, "receiver": receiver, "amount": amount, "timestamp": int(time()), } tx_bytes = json.dumps(tx, sort_keys=True).encode("ascii") # Generate a signing key from the private key signing_key = SigningKey(private_key, encoder=HexEncoder) # Now add the signature to the original transaction signature = signing_key.sign(tx_bytes).signature tx["signature"] = HexEncoder.encode(signature).decode("ascii") return tx
def make_bitcoin_keys_branched(password, salt, key_amount = 1, branches = [410]): ''' Make multiple bitcoin private keys at once from any string Brances implements additional layer of security. Branch is better be an integer, but, for real, it may be any string Returns a list ''' # password = sha000(password, 50) # salt = SHA256.new(password.encode()).digest() #print('salt',benc.encode(salt)) count = int(str(int(benc.encode(salt),16))[0:5]) master_key = PBKDF2(password, salt = str(salt), count=count) def my_rand(n): my_rand.counter += 1 return PBKDF2(master_key, "my_rand:%d" % my_rand.counter, dkLen=n, count=1) my_rand.counter = 0 keys = [] with progressbar.ProgressBar(max_value=key_amount) as bar_small: for tymes in range(key_amount): bar_small.update(tymes) key = PBKDF2(password,dkLen=64, salt = (str(salt) + str(branches[tymes%len(branches)])), count = count) #keys.append(ECC.generate(curve = 'P-256', randfunc=my_rand)) keys.append(key.hex()) password = key return list(enumerate(keys, start=1))
def validate_transaction(tx: dict) -> bool: """ Verifies that a given transaction was sent from the sender :param tx: The transaction dict :return: <bool> """ public_key = tx["sender"] # We need to strip the "signature" key from the tx signature = tx.pop("signature") signature_bytes = HexEncoder.decode(signature) tx_bytes = json.dumps(tx, sort_keys=True).encode("ascii") # Generate a verifying key from the public key verify_key = VerifyKey(public_key, encoder=HexEncoder) # Attempt to verify the signature try: verify_key.verify(tx_bytes, signature_bytes) except BadSignatureError: return False else: return True
def send_next_data(self, data): # type: (str) -> int # The length of the encrypted message is going to be longer than the # actual payload length. HOWEVER, callers expect the length of the # data that we sent as a result. The length of the data that we sent # is the length of the data before encryption. len_data = len(data) encrypted_msg = self._box.encrypt(data, None) encoded_msg = HexEncoder.encode(encrypted_msg) self._conn.send_next_data(encoded_msg) return len_data
def __init__(self, name, private_key, data=None): self.name = name self.data = data or {} if isinstance(private_key, PrivateKey): self.private_key_obj = private_key self.private_key = private_key.encode().hex() else: self.private_key = private_key self.private_key_obj = PrivateKey(self.private_key, HexEncoder()) self.secret_box = SecretBox(bytes.fromhex(self.private_key)) self.boxes = {}
def test_valid_signed_message(self, _seed, public_key, message, signature, signed): key = VerifyKey( public_key, encoder=HexEncoder, ) assert (binascii.hexlify(key.verify(signed, encoder=HexEncoder), ) == message) assert (binascii.hexlify( key.verify(message, HexEncoder.decode(signature), encoder=HexEncoder), ) == message)
def get_credentials(): if not current_user.is_authenticated: abort(403) user = "******".format(current_user) jid = user + "@chatproto.muikkuverkko.fi" timestamp = int(round(time() * 1000)) payload = "{},{}".format(timestamp, user) signing_key = SigningKey(signing_key_hex, HexEncoder) signed = signing_key.sign(payload) password = signed.message + "," + HexEncoder.encode(signed.signature) sys.stderr.write("Outgoing password: {} \n".format(password)) return jsonify({"jid": jid, "password": password})
def test_valid_signed_message( self, _seed, public_key, message, signature, signed): key = VerifyKey( public_key, encoder=HexEncoder, ) assert binascii.hexlify( key.verify(signed, encoder=HexEncoder), ) == message assert binascii.hexlify( key.verify(message, HexEncoder.decode(signature), encoder=HexEncoder), ) == message
def generate_serval_keys(name): node_hash = HexEncoder.decode(nacl.hash.sha256(name.encode("utf-8"))) sign_pk, sign_sk = crypto_sign_seed_keypair(node_hash) box_sk = crypto_sign_ed25519_sk_to_curve25519(sign_sk) box_pk = crypto_scalarmult_base(box_sk) rhiz_pk = HexEncoder.decode(nacl.hash.sha256(("rhizome"+name).encode("utf-8"))) keys = { "sign_pk": HexEncoder.encode(sign_pk).decode("ascii").upper(), "box_sk": HexEncoder.encode( box_sk).decode("ascii").upper(), "sign_sk": HexEncoder.encode(sign_sk).decode("ascii").upper(), "box_pk": HexEncoder.encode( box_pk).decode("ascii").upper(), "sid": HexEncoder.encode( box_pk).decode("ascii").upper(), "rhiz_pk": HexEncoder.encode(rhiz_pk).decode("ascii").upper(), } return keys
def make_curve25519_keys_pbkdf2_branched(password, salt, key_amount = 1, branches = [410]): ''' Make multiple key pairs at once, eather P-256 or curve25519 from any string. Brances implements additional layer of security. Branch is better be an integer, but, for real, it may be any string Returns a list ''' # password = sha000(password, 50) # salt = SHA256.new(password.encode()).digest() #print('salt',benc.encode(salt)) count = int(str(int(benc.encode(salt),16))[0:5]) dkLen = 32 keys = [] with progressbar.ProgressBar(max_value=key_amount) as bar_small: for tymes in range(key_amount): bar_small.update(tymes) #sha256 = SHA256.new(password) #count = int(str(int(benc.encode(sha256.digest()),16))[0:5]) #print(branches[tymes%len(branches)]) key = PBKDF2(password, salt = (str(salt) + str(branches[tymes%len(branches)])), dkLen = dkLen, count = count) keys.append(PrivateKey(benc.encode(key), encoder=benc)) password = key return list(enumerate(keys, start=1))
def read_config() -> Config: config = Config() try: with open(CONFIG_FILENAME) as f: obj = toml.load(f) def read(key: str, t: Type[T]) -> Optional[T]: ret = obj.get(key) return ret if isinstance(ret, t) else None temp = read("server_public_key", str) if temp: config.server_verify_key = VerifyKey(HexEncoder.decode(temp)) temp = read("secret_key", str) if temp: config.signing_key = SigningKey(HexEncoder.decode(temp)) config.initial_setup_nickname = read("initial_setup_nickname", str) config.server_address = read("server_address", str) except FileNotFoundError: pass except Exception: print(f"Malformed configuration file {CONFIG_FILENAME}.\n") raise return config
def run_vouch(magic: str) -> None: try: vouch_data = base64.b64decode(magic.encode("utf-8")) verify_key = VerifyKey(vouch_data[:32]) signed_nickname = vouch_data[32:] msg = verify_with_magic(b"NAME", verify_key, signed_nickname) nickname = msg.decode("utf-8") except Exception: print("Could not parse data!") sys.exit(1) try: config = read_config() port = connect(config) port.send_json( { "method": "vouch", "who": verify_key.encode(HexEncoder).decode("utf-8"), "signed_name": HexEncoder.encode(signed_nickname).decode("utf-8"), } ) port.receive_json() except Exception as e: print(f"Error: {e}") sys.exit(1) if not ask(f"Grant permuter server access to {nickname}", default=True): return try: port.send_json({}) port.receive_json() except Exception as e: print(f"Failed to grant access: {e}") sys.exit(1) assert config.server_address, "checked by connect" assert config.server_verify_key, "checked by connect" data = config.server_verify_key.encode() + config.server_address.encode("utf-8") token = SealedBox(verify_key.to_curve25519_public_key()).encrypt(data) print("Granted!") print() print("Send them the following token:") print(base64.b64encode(token).decode("utf-8"))
def validate_signature(chain: str, web3, user_id: int, associated_wallet: str, signature: str): if chain == "eth": signed_wallet = recover_user_id_hash(web3, user_id, signature) return signed_wallet == associated_wallet if chain == "sol": try: message = f"AudiusUserID:{user_id}" verify_key = VerifyKey( base58.b58decode(bytes(associated_wallet, "utf-8"))) # Verify raises an error if the message is tampered w/ else returns the original msg verify_key.verify(str.encode(message), HexEncoder.decode(signature)) return True except Exception as e: logger.error( f"index.py | users.py | Verifying SPL validation signature for user_id {user_id} {e}", exc_info=True, ) return False return False
password = sha000(password + paper, 50) salt = SHA256.new(password.encode()).digest() keys = make_me_keys(password = password, salt = salt,\ type = key_type, key_amount = key_number, \ size_rsa = rsa_size, branches = branches) #print('keys', keys) key = dict(keys)[key_number] all_the_keys.append(key) decoded_keys_temp_list = [] for the_key in all_the_keys: if key_type == 'curve25519': sec = benc.encode(the_key.__bytes__()).decode() pub = benc.encode(the_key.public_key.__bytes__()).decode() decoded_keys_temp_list.append({'secret': sec, 'public': pub}) elif key_type == 'P-256': sec = the_key.export_key(format='PEM') pub = the_key._export_public_pem(compress=0) #PEM decoded_keys_temp_list.append({'secret': sec, 'public': pub}) elif key_type == 'RSA': sec = the_key.export_key().decode() pub = the_key.publickey().export_key().decode() decoded_keys_temp_list.append({'secret': sec, 'public': pub}) elif key_type == 'bitcoin': from bitcoin import encode_privkey, privkey_to_address
intf = 'wlan0' intf_ip = subprocess.getoutput("ip address show dev " + intf).split() intf_ip = intf_ip[intf_ip.index('inet') + 1].split('/')[0] from firebase import firebase firebase = firebase.FirebaseApplication('https://pysnac.firebaseio.com', None) littleboyIP = firebase.put(url='https://pysnac.firebaseio.com', name='/littleboy/ip', data=intf_ip) fatmanIP = firebase.get('/fatman/ip', None) skbob = PrivateKey.generate() pkbob = skbob.public_key pkalice = HexEncoder.encode(bytes(pkbob)) frozen = jsonpickle.encode(pkalice) firebase.put(url='https://pysnac.firebaseio.com', name='/littleboy/pk', data=frozen) nonce = nacl.utils.random(nacl.secret.SecretBox.NONCE_SIZE) nonce2 = nacl.utils.random(Box.NONCE_SIZE) nonceInt = int.from_bytes(nonce, byteorder='little') if (not (nonceInt % 2) == 1): nonceInt = nonceInt + 1 nonce = nonceInt.to_bytes(24, byteorder='little') RECORD_SECONDS = 80000 FORMAT = pyaudio.paInt16 #opus constants
def sign(self, message): sig = nacl.bindings.crypto_sign(message, HexEncoder.decode(self._private_key)) return sig[:64] # length > 64, so cut 64
def check(sign, msg): try: verify.verify(msg, HexEncoder.decode(sign)) return True except BadSignatureError: return False
with open(fileName) as jsonFile: txList = json.load(jsonFile) # Get the first firstTX = txList[0] firstTX['input'] = fixPKInput(firstTX['input']) firstTX['output'] = fixPKOutput(firstTX['output']) firstTX = Transaction(firstTX['number'], firstTX['input'], firstTX['output'], firstTX['sig']) # Hash of arbitrary data for prev and nonce prev = H(b'Hello ').hexdigest() pow = H(b'World!').hexdigest() nonce = HexEncoder.encode(b'Hello World!') # create the genesis block genesis = Block(firstTX, prev, nonce, pow) threadID = 0 threads = [] # Create all of the broadcast queues while threadID < numNodes: broadcastQueue.append(queue.Queue()) threadID += 1 threadID = 0 while threadID < numNodes: #place holder for actual node constructor node = Node(genesis)
def get_box(self, other_public_key): if other_public_key not in self.boxes: opk = PublicKey(other_public_key, HexEncoder()) self.boxes[other_public_key] = Box(self.private_key_obj, opk) return self.boxes[other_public_key]
def fixPKInput(input): for ele in input: out = ele['output'] out['pubkey'] = HexEncoder.decode(out['pubkey']) return input
def send_obj(self, message_obj): msg_json = message_obj.serialize() encrypted_msg = self._box.encrypt(msg_json, None) encoded_msg = HexEncoder.encode(encrypted_msg) self._conn.send_next_data(encoded_msg)
def fixPKOutput(output): for ele in output: ele['pubkey'] = HexEncoder.decode(ele['pubkey']) return output