Esempio n. 1
def onboardPerson():
    print("called onboardPerson", file=sys.stderr)
    validation_result = validateDocumentData(

    if validation_result == NO_DATA:
        return getJsonResponse(400, "Error", "No document data provided")
    elif validation_result == INVALID_FIELD:
        return getJsonResponse(400, "Error", "Not all fields are valid")

    data = request.json["data"]
    user_id = data["userId"]
    signedUserId = request.json["signedUserId"]
    signedUserId = base64.decodestring(signedUserId.encode("ascii"))

    issuerPrivateKeyFile = getKeys("Munich")["private"]
    with open(issuerPrivateKeyFile, 'r') as f:
        file_data =

    issuerPrivateKey = rsa.PrivateKey.load_pkcs1(file_data, "PEM")
    docHash = rsa.compute_hash(json.dumps(data).encode("utf-8"), HASH_METHOD)
    signedDocHash = rsa.sign_hash(docHash, issuerPrivateKey, HASH_METHOD)
    signedDocHash = base64.encodestring(signedDocHash).decode("ascii")

    userPublicKeyFile = getKeys(user_id)["public"]
    with open(userPublicKeyFile, 'r', encoding="ascii") as f:
        file_data =

    userPublicKey = rsa.PublicKey.load_pkcs1(file_data)

        verify = rsa.verify(user_id.encode("utf-8"),
                            signedUserId, userPublicKey)
        verifyUserResult = "Success"
    except rsa.pkcs1.VerificationError as e:
        verifyUserResult = "Failed"

    # post to blockchain
    result = runRawTransaction(
        'onboard', [b"Munich", user_id.encode("utf-8"), signedDocHash.encode("utf-8")])


    res = {
        "docHash": base64.encodestring(docHash).decode("ascii"),
        "signedDocHash": signedDocHash,
        "verifyUserResult": verifyUserResult,
        "smartContractResult": result,
        # "raw_tx": raw_tx.decode("ascii"),
        # "payload": payload,

    return json.dumps(res)
Esempio n. 2
def signData():
    user_id = request.json["userId"]
    privateKeyFile = request.json["privateKeyFile"]

    with open(privateKeyFile, 'r') as f:
        file_data =

    privateKey = rsa.PrivateKey.load_pkcs1(file_data, "PEM")

    user_id_hash = rsa.compute_hash(user_id.encode("utf-8"), HASH_METHOD)

    signedUserId = rsa.sign_hash(user_id_hash, privateKey, HASH_METHOD)

    res = {
        "userId": user_id,
        # "userIdHash": base64.encodestring(user_id_hash).decode("ascii"),
        "privateKeyFile": privateKeyFile,
        "signedUserId": base64.encodestring(signedUserId).decode("ascii")

    return json.dumps(res)
Esempio n. 3
def get_signed_text(st):
    return st + '\n' + str(
        (rsa.sign_hash(rsa.compute_hash(st.encode("utf-8"), "SHA-256"),
                       get_private_key(), "SHA-256")))
def sign(message, privkey):
    hash = rsa.compute_hash(message, 'SHA-1')
    signature = rsa.sign_hash(hash, privkey, 'SHA-1')
    return signature
Esempio n. 5
    ## 1. Bob generates a keypair, and gives the public key to Alice.
    ## This is done such that Alice knows for sure that the key is really Bob’s
    ## (for example by handing over a USB stick that contains the key).
    (pk, sk) = rsa.newkeys(512)
    print('PUBLIC KEY -> ' + str(pk) + '\n')
    print('SECRET KEY -> ' + str(sk) + '\n')

    ## 2. Alice writes a message, and encodes it in UTF-8. The RSA module only
    ## operates on bytes, and not on strings, so this step is necessary.
    message = input('Enter the message you want to encrypt: ')
    message = message.encode('utf8')

    ##  we add the signature to the message
    hash = rsa.compute_hash(message, 'SHA-1')
    signature = rsa.sign_hash(hash, sk, 'SHA-1')
    print('\nSignature -> ' + str(signature))

    ## 3. Alice encrypts the message using Bob’s public key, and sends the encrypted message.
    crypto = rsa.encrypt(message, pk)
    print('\nEncypted message --> ' + str(crypto))

    wants_to_modify = input('\nWant to modify the message? (yes or no)  ')
    wants_to_modify = wants_to_modify.lower()

    if wants_to_modify == 'yes':
        ## let's an attacker got the message and he decides to change it
        message = input('\nModify the message: ')
        message = message.encode('utf8')

        crypto = rsa.encrypt(message, pk)
Esempio n. 6
# Note: These are using PKCS#1 v1.5


message = b"message"
other_message = b"other message"

hash = rsa.compute_hash(
    message, "SHA-256"
)  # $ CryptographicOperation CryptographicOperationAlgorithm=SHA256 CryptographicOperationInput=message
hash = rsa.compute_hash(
    message=message, method_name="SHA-256"
)  # $ CryptographicOperation CryptographicOperationAlgorithm=SHA256 CryptographicOperationInput=message
signature_from_hash = rsa.sign_hash(
    hash, private_key, "SHA-256"
)  # $ CryptographicOperation CryptographicOperationAlgorithm=RSA CryptographicOperationInput=hash
signature_from_hash = rsa.sign_hash(
    hash_value=hash, priv_key=private_key, hash_method="SHA-256"
)  # $ CryptographicOperation CryptographicOperationAlgorithm=RSA CryptographicOperationInput=hash

signature = rsa.sign(
    message, private_key, "SHA-256"
)  # $ CryptographicOperation CryptographicOperationAlgorithm=RSA CryptographicOperationAlgorithm=SHA256 CryptographicOperationInput=message
signature = rsa.sign(
    message=message, priv_key=private_key, hash_method="SHA-256"
)  # $ CryptographicOperation CryptographicOperationAlgorithm=RSA CryptographicOperationAlgorithm=SHA256 CryptographicOperationInput=message

assert signature == signature_from_hash

Esempio n. 7
# 修改加密结果crypto后尝试解密,会报:rsa.pkcs1.DecryptionError: Decryption failed
    err_result = rsa.decrypt(crypto[:-1] + b'X', privkey)
except rsa.pkcs1.DecryptionError as e:

# 签名和验证
# 用于确认加密信息是持有privkey的用户发出来的
# 签名方式一:
signature = rsa.sign(message, privkey, 'SHA-1')
# print(signature)
# 签名方式二:
hash = rsa.compute_hash(message, 'SHA-1')
signature1 = rsa.sign_hash(hash, privkey, 'SHA-1')
    # 校验正常时返回哈希加密类型;校验失败时报VerificationError
    verified = rsa.verify(message, signature, pubkey)
    verified1 = rsa.verify(message, signature1, pubkey)
except rsa.pkcs1.VerificationError as e:

# 另一种哈希算法
# 签名方式一:
signature = rsa.sign(message, privkey, 'SHA-256')
# print(signature)
# 签名方式二:
hash = rsa.compute_hash(message, 'SHA-256')