def test_compressed_curve(self):
# Compressed P-521 curve (Y-point is even)
# openssl ecparam -name secp521r1 -genkey -noout -conv_form compressed -out /tmp/a.pem
# openssl ec -in /tmp/a.pem -text -noout
pem1 = """-----BEGIN EC PRIVATE KEY-----
MIHcAgEBBEIAnm1CEjVjvNfXEN730p+D6su5l+mOztdc5XmTEoti+s2R4GQ4mAv3
0zYLvyklvOHw0+yy8d0cyGEJGb8T3ZVKmg2gBwYFK4EEACOhgYkDgYYABAHzjTI1
ckxQ3Togi0LAxiG0PucdBBBs5oIy3df95xv6SInp70z+4qQ2EltEmdNMssH8eOrl
M5CYdZ6nbcHMVaJUvQEzTrYxvFjOgJiOd+E9eBWbLkbMNqsh1UKVO6HbMbW0ohCI
uGxO8tM6r3w89/qzpG2SvFM/fvv3mIR30wSZDD84qA==
-----END EC PRIVATE KEY-----"""
# Compressed P-521 curve (Y-point is odd)
pem2 = """-----BEGIN EC PRIVATE KEY-----
MIHcAgEBBEIB84OfhJluLBRLn3+cC/RQ37C2SfQVP/t0gQK2tCsTf5avRcWYRrOJ
PmX9lNnkC0Hobd75QFRmdxrB0Wd1/M4jZOWgBwYFK4EEACOhgYkDgYYABAAMZcdJ
1YLCGHt3bHCEzdidVy6+brlJIbv1aQ9fPQLF7WKNv4c8w3H8d5a2+SDZilBOsk5c
6cNJDMz2ExWQvxl4CwDJtJGt1+LHVKFGy73NANqVxMbRu+2F8lOxkNp/ziFTbVyV
vv6oYkMIIi7r5oQWAiQDrR2mlrrFDL9V7GH/r8SWQw==
-----END EC PRIVATE KEY-----"""
key1 = ECC.import_key(pem1)
low16 = int(key1.pointQ.y % 65536)
self.assertEqual(low16, 0x38a8)
key2 = ECC.import_key(pem2)
low16 = int(key2.pointQ.y % 65536)
self.assertEqual(low16, 0x9643)
def test_export_openssh_compressed(self):
key_file = load_file("ecc_p384_public_openssh.txt", "rt")
pub_key = ECC.import_key(key_file)
key_file_compressed = pub_key.export_key(format="OpenSSH", compress=True)
assert len(key_file) > len(key_file_compressed)
self.assertEquals(pub_key, ECC.import_key(key_file_compressed))
def test_compressed_curve(self):
# Compressed P-384 curve (Y-point is even)
# openssl ecparam -name secp384p1 -genkey -noout -conv_form compressed -out /tmp/a.pem
# openssl ec -in /tmp/a.pem -text -noout
pem1 = """-----BEGIN EC PRIVATE KEY-----
MIGkAgEBBDAM0lEIhvXuekK2SWtdbgOcZtBaxa9TxfpO/GcDFZLCJ3JVXaTgwken
QT+C+XLtD6WgBwYFK4EEACKhZANiAATs0kZMhFDu8DoBC21jrSDPyAUn4aXZ/DM4
ylhDfWmb4LEbeszXceIzfhIUaaGs5y1xXaqf5KXTiAAYx2pKUzAAM9lcGUHCGKJG
k4AgUmVJON29XoUilcFrzjDmuye3B6Q=
-----END EC PRIVATE KEY-----"""
# Compressed P-384 curve (Y-point is odd)
pem2 = """-----BEGIN EC PRIVATE KEY-----
MIGkAgEBBDDHPFTslYLltE16fHdSDTtE/2HTmd3M8mqy5MttAm4wZ833KXiGS9oe
kFdx9sNV0KygBwYFK4EEACKhZANiAASLIE5RqVMtNhtBH/u/p/ifqOAlKnK/+RrQ
YC46ZRsnKNayw3wATdPjgja7L/DSII3nZK0G6KOOVwJBznT/e+zudUJYhZKaBLRx
/bgXyxUtYClOXxb1Y/5N7txLstYRyP0=
-----END EC PRIVATE KEY-----"""
key1 = ECC.import_key(pem1)
low16 = int(key1.pointQ.y % 65536)
self.assertEqual(low16, 0x07a4)
key2 = ECC.import_key(pem2)
low16 = int(key2.pointQ.y % 65536)
self.assertEqual(low16, 0xc8fd)
def test_import_private_pkcs8_clear(self):
key_file = load_file("ecc_p521_private_p8_clear.der")
key = ECC._import_der(key_file, None)
self.assertEqual(self.ref_private, key)
key = ECC.import_key(key_file)
self.assertEqual(self.ref_private, key)
def test_import_private_pkcs8_encrypted_1(self):
key_file = load_file("ecc_p521_private_p8.der")
key = ECC._import_der(key_file, "secret")
self.assertEqual(self.ref_private, key)
key = ECC.import_key(key_file, "secret")
self.assertEqual(self.ref_private, key)
def test_import_x509_der(self):
key_file = load_file("ecc_p521_x509.der")
key = ECC._import_der(key_file, None)
self.assertEqual(self.ref_public, key)
key = ECC.import_key(key_file)
self.assertEqual(self.ref_public, key)
def test_import_openssh(self):
key_file = load_file("ecc_p521_public_openssh.txt")
key = ECC._import_openssh(key_file)
self.assertEqual(self.ref_public, key)
key = ECC.import_key(key_file)
self.assertEqual(self.ref_public, key)
def test_generate(self):
key = ECC.generate(curve="P-256")
self.assertTrue(key.has_private())
self.assertEqual(key.pointQ, EccPoint(_curve.Gx, _curve.Gy) * key.d)
# Other names
ECC.generate(curve="secp256r1")
ECC.generate(curve="prime256v1")
def test_import_private_pem_encrypted(self):
for algo in "des3", "aes128", "aes192", "aes256", "aes256_gcm":
key_file = load_file("ecc_p521_private_enc_%s.pem" % algo)
key = ECC.import_key(key_file, "secret")
self.assertEqual(self.ref_private, key)
key = ECC.import_key(tostr(key_file), b"secret")
self.assertEqual(self.ref_private, key)
def test_generate(self):
curve = _curves['p521']
key = ECC.generate(curve="P-521")
self.failUnless(key.has_private())
self.assertEqual(key.pointQ, EccPoint(curve.Gx, curve.Gy, "p521") * key.d)
# Other names
ECC.generate(curve="secp521r1")
ECC.generate(curve="prime521v1")
def create_ref_keys():
key_lines = load_file("ecc_p256.txt").splitlines()
private_key_d = bytes_to_long(compact(key_lines[2:5]))
public_key_xy = compact(key_lines[6:11])
assert bord(public_key_xy[0]) == 4 # Uncompressed
public_key_x = bytes_to_long(public_key_xy[1:33])
public_key_y = bytes_to_long(public_key_xy[33:])
return (ECC.construct(curve="P-256", d=private_key_d),
ECC.construct(curve="P-256", point_x=public_key_x, point_y=public_key_y))
def test_generate(self):
key = ECC.generate(curve="P-256")
self.failUnless(key.has_private())
self.assertEqual(key.pointQ, EccPoint(_curves['p256'].Gx,
_curves['p256'].Gy) * key.d,
"p256")
# Other names
ECC.generate(curve="secp256r1")
ECC.generate(curve="prime256v1")
def test_import_private_der(self):
key_file = load_file("ecc_p384_private.der")
key = ECC._import_private_der(key_file, None)
self.assertEqual(self.ref_private, key)
key = ECC._import_der(key_file, None)
self.assertEqual(self.ref_private, key)
key = ECC.import_key(key_file)
self.assertEqual(self.ref_private, key)
def test_import_public_der(self):
key_file = load_file("ecc_p521_public.der")
key = ECC._import_subjectPublicKeyInfo(key_file)
self.assertEqual(self.ref_public, key)
key = ECC._import_der(key_file, None)
self.assertEqual(self.ref_public, key)
key = ECC.import_key(key_file)
self.assertEqual(self.ref_public, key)
def create_ref_keys_p521():
key_len = 66
key_lines = load_file("ecc_p521.txt").splitlines()
private_key_d = bytes_to_long(compact(key_lines[2:7]))
public_key_xy = compact(key_lines[8:17])
assert bord(public_key_xy[0]) == 4 # Uncompressed
public_key_x = bytes_to_long(public_key_xy[1:key_len+1])
public_key_y = bytes_to_long(public_key_xy[key_len+1:])
return (ECC.construct(curve="P-521", d=private_key_d),
ECC.construct(curve="P-521", point_x=public_key_x, point_y=public_key_y))
def test_mix(self):
p1 = ECC.generate(curve='P-256').pointQ
p2 = ECC.generate(curve='P-384').pointQ
try:
p1 + p2
assert(False)
except ValueError as e:
assert "not on the same curve" in str(e)
try:
p1 += p2
assert(False)
except ValueError as e:
assert "not on the same curve" in str(e)
def import_public_key(public_key):
"""
Import a plain text public key and make it into an ECC object
:param public_key: the public key as a string
:return: an ECC key object
"""
return ECC.import_key(public_key)
def test_unsupported_curve(self):
# openssl ecparam -name secp224r1 -genkey -noout -out strange-curve.pem -conv_form uncompressed
curve = """-----BEGIN EC PRIVATE KEY-----
MGgCAQEEHEi7xTHW+5oT8wgpjoEKV7uwMuY8rt2YUZe4j1SgBwYFK4EEACGhPAM6
AATJgfOG+Bnki8robpNM8MtArji43GU9up4B0x9sVhqB+fZP+hXgV9ITN7YX4E/k
gVnJp9EBND/tHQ==
-----END EC PRIVATE KEY-----"""
from Crypto.PublicKey.ECC import UnsupportedEccFeature
try:
ECC.import_key(curve)
except UnsupportedEccFeature as uef:
assert("1.3.132.0.33" in str(uef))
else:
assert(False)
def get_private_key():
"""
Set the private key from a file or by creating a new one
:return: ECC private key object
"""
ensure_data_dir() # ensure directory exists
try: # get existing private key
key = ECC.import_key(open(_PRIVATE_KEY_PATH, 'rt').read())
except FileNotFoundError: # create public key
key = ECC.generate(curve='P-256')
# write private key to file
file = open(_PRIVATE_KEY_PATH, 'wt')
file.write(key.export_key(format='PEM'))
file.close()
return key
def test_export_public_der_compressed(self):
key_file = load_file("ecc_p521_public.der")
pub_key = ECC.import_key(key_file)
key_file_compressed = pub_key.export_key(format="DER", compress=True)
key_file_compressed_ref = load_file("ecc_p521_public_compressed.der")
self.assertEqual(key_file_compressed, key_file_compressed_ref)
def decrypt_with_ecc(private_ecc_key, random_pubkey_str, nonce, ctx, tag):
"""Takes elliptic curve isntance (private_ecc_key) and a byte string
(message), and decrypts the ciphertext (ctx) after verifying the
tag.
"""
assert isinstance(private_ecc_key, ECC.EccKey), \
"private_ecc_key should be ECC key. Got {}" \
.format(type(private_ecc_key))
# parse the ciphertext
random_ecc_key = ECC.import_key(random_pubkey_str)
new_point = random_ecc_key.pointQ * private_ecc_key.d
h = SHA256.new(str(new_point.x))
h.update(str(new_point.y))
key = h.digest()
if not nonce:
nonce = os.urandom(16)
aes_engine = AES.new(key=key, mode=AES.MODE_EAX, nonce=nonce)
msg = ''
try:
msg = aes_engine.decrypt_and_verify(ctx, tag)
except ValueError:
print "The tag verification failed. Means: ciphertext has been "\
"tampered or key is incorrect"
return msg
def test_export_public_pem_compressed(self):
key_file = load_file("ecc_p384_public.pem", "rt").strip()
pub_key = ECC.import_key(key_file)
key_file_compressed = pub_key.export_key(format="PEM", compress=True)
key_file_compressed_ref = load_file("ecc_p384_public_compressed.pem", "rt").strip()
self.assertEqual(key_file_compressed, key_file_compressed_ref)
def test_equality(self):
private_key = ECC.construct(d=3, curve="P-256")
private_key2 = ECC.construct(d=3, curve="P-256")
private_key3 = ECC.construct(d=4, curve="P-256")
public_key = private_key.public_key()
public_key2 = private_key2.public_key()
public_key3 = private_key3.public_key()
self.assertEqual(private_key, private_key2)
self.assertNotEqual(private_key, private_key3)
self.assertEqual(public_key, public_key2)
self.assertNotEqual(public_key, public_key3)
self.assertNotEqual(public_key, private_key)
def test_export_private_pkcs8_encrypted(self):
encoded = self.ref_private._export_pkcs8(passphrase="secret",
protection="PBKDF2WithHMAC-SHA1AndAES128-CBC")
# This should prove that the output is password-protected
self.assertRaises(ValueError, ECC._import_pkcs8, encoded, None)
decoded = ECC._import_pkcs8(encoded, "secret")
self.assertEqual(self.ref_private, decoded)
# ---
encoded = self.ref_private.export_key(format="DER",
passphrase="secret",
protection="PBKDF2WithHMAC-SHA1AndAES128-CBC")
decoded = ECC.import_key(encoded, "secret")
self.assertEqual(self.ref_private, decoded)
def run_test_curvepoint_random():
#rand = Integer.random_range(min_inclusive=1, max_exclusive=P256_CURVE_ORDER)
randkey = ECC.generate(curve='P-256')
randx = int(randkey.public_key().pointQ.x.to_bytes(32).hex(), 16)
randy = int(randkey.public_key().pointQ.y.to_bytes(32).hex(), 16)
res = run_isoncurve(randx, randy)
if not res:
raise Exception('Test point (random) should be on curve')
def sign(self, message):
message = bytes(message.encode())
key = ECC.generate(curve='P-521')
h = SHA512.new(message)
signer = DSS.new(key, 'fips-186-3')
start_time = timer()
signature = signer.sign(h)
self.executionTime = timer() - start_time
return signature
def test_export_private_pkcs8_encrypted(self):
encoded = self.ref_private._export_pkcs8(
passphrase="secret", protection="PBKDF2WithHMAC-SHA1AndAES128-CBC")
# This should prove that the output is password-protected
self.assertRaises(ValueError, ECC._import_pkcs8, encoded, None)
decoded = ECC._import_pkcs8(encoded, "secret")
self.assertEqual(self.ref_private, decoded)
# ---
encoded = self.ref_private.export_key(
format="DER",
passphrase="secret",
protection="PBKDF2WithHMAC-SHA1AndAES128-CBC")
decoded = ECC.import_key(encoded, "secret")
self.assertEqual(self.ref_private, decoded)
def test_export_private_pem_encrypted(self):
encoded = self.ref_private._export_private_pem(passphrase=b"secret")
# This should prove that the output is password-protected
self.assertRaises(ValueError, ECC.import_key, encoded)
assert "EC PRIVATE KEY" in encoded
decoded = ECC.import_key(encoded, "secret")
self.assertEqual(self.ref_private, decoded)
# ---
encoded = self.ref_private.export_key(format="PEM",
passphrase="secret",
use_pkcs8=False)
decoded = ECC.import_key(encoded, "secret")
self.assertEqual(self.ref_private, decoded)
def load_from_params(curve=None, x=None, y=None):
"""
Construct public key from the components
"""
if curve == ECDSALowPublicKey.SECP160R1:
return ECDSAPublicKey(
key=ECC.construct(curve='SECP160R1', point_x=x, point_y=y))
else:
raise Exception("Unsupported curve")
def verify_ecc_sig(self, public_key, data, signature):
key = ECC.import_key(public_key)
hashed_message = SHA256.new(data)
verifier = DSS.new(key, 'fips-186-3')
try:
verifier.verify(hashed_message, signature)
return True
except ValueError:
return False
def construct_public_key(xy):
"""Constructs an ECC-public key starting from the bytes sequences representing the public key.
:param xy: the bytes sequences representing the public key,
as of the concatenation of the bytes sequences representing :param x and :param y
:returns an EccKey object containing the public key corresponding to the couple of coordinates x and y"""
coordinate_size = len(xy) // 2
x = int.from_bytes(xy[:coordinate_size], 'big')
y = int.from_bytes(xy[coordinate_size:], 'big')
return ECC.construct(curve=STANDARD_CURVE, point_x=x, point_y=y)
def generate_from_pw(pw, salt, curve='P-256'):
"""Generates a ECC key pair using the randomness derived from pw, salt.
"""
rand_seed = PBKDF2(pw, salt, dkLen=16, count=HASH_CNT)
rand_num_generator = RandomWSeed(rand_seed, 1024)
return ECC.generate(
curve=curve,
randfunc=rand_num_generator.get_random_bytes
)
def test_export_public_pem_compressed(self):
key_file = load_file("ecc_p256_public.pem", "rt").strip()
pub_key = ECC.import_key(key_file)
key_file_compressed = pub_key.export_key(format="PEM", compress=True)
key_file_compressed_ref = load_file("ecc_p256_public_compressed.pem",
"rt").strip()
self.assertEqual(key_file_compressed, key_file_compressed_ref)
def generate_new_identity():
key_obj = ECC.generate(curve='P-256')
x, y = key_obj.pointQ.xy
xb = int.to_bytes(int(x), 32, byteorder='big')
yb = int.to_bytes(int(y), 32, byteorder='big')
public_key = b'\x04' + xb + yb
return key_obj, public_key, SHA256.new(public_key).digest()[:20].hex().upper()
def verify(message, ac):
key = ECC.import_key(open('DQV_certs/lab_pk.pem').read())
h = SHA256.new(message.encode('utf-8'))
verifier = DSS.new(key, 'fips-186-3')
try:
verifier.verify(h, ac)
return True
except ValueError:
return False
def verify_vote(private_key, public_key, ballot):
try:
signer = DSS.new(ECC.import_key(private_key), 'fips-186-3')
verifier = DSS.new(ECC.import_key(public_key), 'fips-186-3')
ballot_hash = SHA3_256.new(ballot.encode())
ballot_signature = signer.sign(ballot_hash)
verifier.verify(ballot_hash, ballot_signature)
return [
True, 'Your vote verfied and Ballot is signed successfully.',
ballot_hash.hexdigest(),
ballot_signature.hex()
]
except Exception as e:
return [False, str(e), 'N/A', 'N/A']
def generate_keypair(self,private_key_str):
# If this is a 'new' wallet, i.e. no private_key_str has been given to the constructor
# --> Create a private key
if private_key_str is None:
# Generate the private key (in here the randomness takes place)
private_key = ECC.generate(curve='P-256')
else:
# In case this is a wallet for a specific private_key
# read the private key in string format.
# binascii.unhexlify(x) converts x which is in hexadecimal format into a binary format
private_key = ECC.import_key(binascii.unhexlify(private_key_str))
# Returns a dictionary with private and public key
keypair = {
'private_key': binascii.hexlify(private_key.export_key(format='DER')).decode('utf8'),
'public_key': binascii.hexlify(private_key.public_key().export_key(format='DER')).decode('utf8')
}
return keypair
def create_secrets_before():
# Generate private keys
privkeys = [ecc.generate(curve='secp256r1') for _ in range(DEPL_COUNT)]
# Calculate public key points
pubkeys = [ecc.construct(curve='secp256r1',d=privkey.d).public_key()._point for privkey in privkeys]
# Generate broadcast keys
brdcst_privkey = ecc.generate(curve='secp256r1')
brdcst_public = ecc.construct(curve='secp256r1',d=brdcst_privkey.d).public_key()._point
brdcst_keys = [brdcst_privkey,brdcst_public]
# Uniquely identify this deployment
depl_nonce = get_random_bytes(16)
# Generate secrets for each depl_id
for depl_id in range(DEPL_COUNT):
make_a_secret(depl_id, depl_nonce, privkeys[depl_id], pubkeys, brdcst_keys)
def test_export_private_pem_encrypted(self):
encoded = self.ref_private._export_private_pem(passphrase=b"secret")
# This should prove that the output is password-protected
self.assertRaises(ValueError, ECC.import_key, encoded)
assert "EC PRIVATE KEY" in encoded
decoded = ECC.import_key(encoded, "secret")
self.assertEqual(self.ref_private, decoded)
# ---
encoded = self.ref_private.export_key(format="PEM",
passphrase="secret",
use_pkcs8=False)
decoded = ECC.import_key(encoded, "secret")
self.assertEqual(self.ref_private, decoded)
def test_functionality():
# generate a set of pk,sk pairs
list_keys = {i: ECC.generate(curve='P-256') for i in xrange(10)}
pk_dict = {k: v.public_key() for k, v in list_keys.items()}
msg = 'HI Multiuser! in (test_functionality)'
ctx = encrypt(pk_dict, msg)
while list_keys:
sk_dict = dict([list_keys.popitem()])
_msg = decrypt(sk_dict, ctx)
assert msg == _msg, "\n_msg={}\n msg={}\n".format(_msg, msg)
def load_ECC_key(keyfile):
f = open(keyfile, 'rb')
keystr = f.read()
f.close()
try:
return ECC.import_key(keystr)
except ValueError:
print('ValueError: Cannot import ECC key from file ' + keyfile)
sys.exit(1)
def test_compute_id_w_saltctx():
pwtypo = 'asdfadsfadf'
list_keys = {i: ECC.generate(curve='P-256') for i in xrange(10)}
pk_dict = {k: v.public_key() for k, v in list_keys.items()}
salt = os.urandom(32)
saltctx = encrypt(pk_dict, salt)
id1 = compute_id_w_saltctx(pwtypo, dict([list_keys.popitem()]), saltctx)
id2 = compute_id_w_saltctx(pwtypo, dict([list_keys.popitem()]), saltctx)
assert isinstance(id1, int)
assert id1 == id2
def ecVerifySignatureFromBase64(publicKeyPem, message, signatureBase64):
ecPublicKey = ECC.import_key(publicKeyPem)
signatureBytes = base64Decoding(signatureBase64)
hashMessage = SHA256.new(message.encode("ascii"))
verifier = DSS.new(ecPublicKey, 'fips-186-3', 'der')
try:
verifier.verify(hashMessage, signatureBytes)
return True
except ValueError:
return False
def create(request):
if request.method == 'POST':
voter_id = request.POST.get('voter-id-input')
vote = request.POST.get('vote-input')
private_key = request.POST.get('private-key-input')
# Create ballot as string vector
timestamp = datetime.datetime.now().timestamp()
ballot = "{}|{}|{}".format(voter_id, vote, timestamp)
print('\ncasted ballot: {}\n'.format(ballot))
signature = ''
try:
# Create signature
priv_key = ECC.import_key(private_key)
print(priv_key)
h = SHA3_256.new(ballot.encode('utf-8'))
signature = DSS.new(priv_key, 'fips-186-3').sign(h)
print('\nsignature: {}\n'.format(signature.hex()))
# Verify the signature using registered public key
pub_key = ECC.import_key(settings.PUBLIC_KEY)
print(pub_key)
verifier = DSS.new(pub_key, 'fips-186-3')
verifier.verify(h, signature)
status = 'The ballot is signed successfully.'
error = False
except (ValueError, TypeError):
status = 'The key is not registered.'
error = True
context = {
'ballot': ballot,
'signature': signature,
'status': status,
'error': error,
}
return render(request, 'ballot/status.html', context)
context = {
'voter_id': uuid.uuid4(),
}
return render(request, 'ballot/create.html', context)
def _load_private_key(self):
"""Load the private key used to sign HTTP requests.
The private key is used to sign HTTP requests as defined in
https://datatracker.ietf.org/doc/draft-cavage-http-signatures/.
"""
if self.private_key is not None:
return
with open(self.private_key_path, 'r') as f:
pem_data = f.read()
# Verify PEM Pre-Encapsulation Boundary
r = re.compile(r"\s*-----BEGIN (.*)-----\s+")
m = r.match(pem_data)
if not m:
raise ValueError("Not a valid PEM pre boundary")
pem_header = m.group(1)
if pem_header == 'RSA PRIVATE KEY':
self.private_key = RSA.importKey(pem_data, self.private_key_passphrase)
elif pem_header == 'EC PRIVATE KEY':
self.private_key = ECC.import_key(pem_data, self.private_key_passphrase)
elif pem_header in {'PRIVATE KEY', 'ENCRYPTED PRIVATE KEY'}:
# Key is in PKCS8 format, which is capable of holding many different
# types of private keys, not just EC keys.
(key_binary, pem_header, is_encrypted) = \
PEM.decode(pem_data, self.private_key_passphrase)
(oid, privkey, params) = \
PKCS8.unwrap(key_binary, passphrase=self.private_key_passphrase)
if oid == '1.2.840.10045.2.1':
self.private_key = ECC.import_key(pem_data, self.private_key_passphrase)
else:
raise Exception("Unsupported key: {0}. OID: {1}".format(pem_header, oid))
else:
raise Exception("Unsupported key: {0}".format(pem_header))
# Validate the specified signature algorithm is compatible with the private key.
if self.signing_algorithm is not None:
supported_algs = None
if isinstance(self.private_key, RSA.RsaKey):
supported_algs = {ALGORITHM_RSASSA_PSS, ALGORITHM_RSASSA_PKCS1v15}
elif isinstance(self.private_key, ECC.EccKey):
supported_algs = ALGORITHM_ECDSA_KEY_SIGNING_ALGORITHMS
if supported_algs is not None and self.signing_algorithm not in supported_algs:
raise Exception(
"Signing algorithm {0} is not compatible with private key".format(
self.signing_algorithm))
def verify_message(message):
eccpubkey = ECC.import_key(message["eccpubkey"])
h = SHA256.new(message["aeskey"] + message["nonce"] + message["message"])
verifier = DSS.new(eccpubkey, 'fips-186-3')
try:
verifier.verify(h, message["signature"])
return True
except ValueError:
return False
def createPEM_ECDSA():
key = ECC.generate(
curve='P-256'
) # private key is generated by using the Elliptic curve cipher
with open('privkey_ecdsa.pem', 'w') as h:
h.write(key.export_key(format='PEM'))
key = key.public_key()
with open('pubkey_ecdsa.pem', 'w') as h:
h.write(key.export_key(format='PEM'))
def sign_transaction(self, private_key):
# Sign a transaction using the private_key
private_key = ECC.import_key(binascii.unhexlify(private_key))
signer = DSS.new(private_key, 'fips-186-3')
#h = hashlib.sha256.new(str(self.odict_transaction()).encode('utf8'))
h = SHA256.new(str(self.odict_transaction()).encode('utf8'))
self.signature = binascii.hexlify(signer.sign(h)).decode('utf8')
# When the signature is created the id can be set
self.id = self.hash_transaction()
def verify_transaction_signature(self, sender_address, signature,
transaction):
public_key = ECC.import_key(binascii.unhexlify(sender_address))
verifier = DSS.new(public_key, 'fips-186-3')
h = SHA512.new(str(transaction).encode('utf-8'))
try:
verifier.verify(h, binascii.unhexlify(signature))
return True
except ValueError:
return False
def new_keys(self):
private_key = ECC.generate(curve="P-256")
public_key = private_key.public_key()
response = {
'private_key': private_key.export_key(format='DER').hex(),
'public_key': public_key.export_key(format='DER').hex()
}
return response
def test_pubkey_only_decryption(self):
curve = 'NIST P-384'
ecc_transform = self._get_transform_args(
ECC.generate(curve=curve).public_key())
data = b'THIS IS A TEST'
enc_data, materials = ecc_transform.encapsulate(data=data)
self.assertRaises(ValueError,
ecc_transform.decapsulate,
data=enc_data,
materials=materials)
def generate_master_boot_image(image_conf: click.File) -> None:
"""Generate MasterBootImage from json configuration file."""
config_data = json.load(image_conf)
config = elftosb_helper.MasterBootImageConfig(config_data)
app = load_binary(config.input_image_file)
load_addr = config.output_image_exec_address
trustzone = _get_trustzone(config)
image_type = _get_master_boot_image_type(config)
dual_boot_version = config.dual_boot_version
firmware_version = config.firmware_version
cert_block = None
signature_provider = None
if MasterBootImageType.is_signed(image_type):
cert_config = elftosb_helper.CertificateBlockConfig(config_data)
root_certs = [
load_binary(cert_file) for cert_file in cert_config.root_certs # type: ignore
]
user_data = None
if cert_config.isk_sign_data_path:
user_data = load_binary(cert_config.isk_sign_data_path)
isk_private_key = None
if cert_config.isk_private_key_file:
isk_private_key = load_private_key(cert_config.isk_private_key_file)
assert isinstance(isk_private_key, EllipticCurvePrivateKeyWithSerialization)
isk_cert = None
if cert_config.isk_certificate:
cert_data = load_binary(cert_config.isk_certificate)
isk_cert = ECC.import_key(cert_data)
ca_flag = not cert_config.use_isk
cert_block = CertBlockV3(
root_certs=root_certs, ca_flag=ca_flag,
used_root_cert=cert_config.main_root_cert_id, constraints=cert_config.isk_constraint,
isk_private_key=isk_private_key, isk_cert=isk_cert, # type: ignore
user_data=user_data
)
if cert_config.use_isk:
signing_private_key_path = cert_config.isk_private_key_file
else:
signing_private_key_path = cert_config.main_root_private_key_file
signature_provider = SignatureProvider.create(f'type=file;file_path={signing_private_key_path}')
assert config.master_boot_output_file
mbi = MasterBootImageN4Analog(
app=app, load_addr=load_addr, image_type=image_type,
trust_zone=trustzone, dual_boot_version=dual_boot_version,
firmware_version=firmware_version,
cert_block=cert_block,
signature_provider=signature_provider
)
mbi_data = mbi.export()
write_file(mbi_data, config.master_boot_output_file, mode='wb')
def verify(self, cert_chain: List[Cert], pub_key: bytes, nonce: bytes,
sign: bytes):
"""
TODO:
cert_chain을 검증하고 pub_key의 서명을 확인함
root issuer는 저장된 root ca에 대한 정보를 이용하여 확인
cert chain 검증 결과 root ca로부터 연결된 신뢰 관계를 갖고 있을 경우 True 반환
:param cert_chain:
:param pub_key:
:param nonce:
:param sign:
:return:
"""
# public key 체인 확인
pub = {self.root: True}
for cert in cert_chain:
if not pub.get(cert.issuer):
return False
public_key = ECC.import_key(cert.issuer)
hash_value = SHA256.new(cert.public)
verifier = DSS.new(public_key, 'fips-186-3')
try:
verifier.verify(hash_value, cert.sign)
pub[cert.public] = True
except:
pass
if not pub.get(pub_key):
return False
# sign 확인
public_key = ECC.import_key(pub_key)
hash_value = SHA256.new(nonce)
verifier = DSS.new(public_key, 'fips-186-3')
try:
verifier.verify(hash_value, sign)
return True
except:
return False
def test_verify():
key = ECC.generate(curve='P-256')
admin = Address(bytes(key.export_key(format='DER')))
block_header = BlockHeader(0,
SHA256.new(b'0').digest(),
SHA256.new(b'').digest(),
SHA256.new(b'').digest(), 1, 0)
chain = BlockChain(
Block(block_header, MerkleTree([]), {admin: 10000000}, {admin: -1}))
chain.mining(new_transaction_list(chain, admin, key))
assert chain.verify()
def generate_keys():
"""Function that generate private and public keys using ECDSA algorithm
"""
key = ECC.generate(curve='P-256')
f = open('privatekey.pem', 'wt')
f.write(key.export_key(format='PEM'))
f.close()
f = open('publickey.pem', 'wt')
f.write(key.public_key().export_key(format='PEM'))
f.close()
def test_export_private_pkcs8_and_pem_2(self):
# PKCS8 inside PEM with PKCS8 encryption
encoded = self.ref_private._export_private_encrypted_pkcs8_in_clear_pem("secret",
protection="PBKDF2WithHMAC-SHA1AndAES128-CBC")
# This should prove that the output is password-protected
self.assertRaises(ValueError, ECC.import_key, encoded)
assert "ENCRYPTED PRIVATE KEY" in encoded
decoded = ECC.import_key(encoded, "secret")
self.assertEqual(self.ref_private, decoded)
# ---
encoded = self.ref_private.export_key(format="PEM",
passphrase="secret",
protection="PBKDF2WithHMAC-SHA1AndAES128-CBC")
decoded = ECC.import_key(encoded, "secret")
self.assertEqual(self.ref_private, decoded)
def test_export_private_pkcs8_and_pem_2(self):
# PKCS8 inside PEM with PKCS8 encryption
encoded = ref_private._export_private_encrypted_pkcs8_in_clear_pem("secret",
protection="PBKDF2WithHMAC-SHA1AndAES128-CBC")
# This should prove that the output is password-protected
self.assertRaises(ValueError, ECC.import_key, encoded)
assert "ENCRYPTED PRIVATE KEY" in encoded
decoded = ECC.import_key(encoded, "secret")
self.assertEqual(ref_private, decoded)
# ---
encoded = ref_private.export_key(format="PEM",
passphrase="secret",
protection="PBKDF2WithHMAC-SHA1AndAES128-CBC")
decoded = ECC.import_key(encoded, "secret")
self.assertEqual(ref_private, decoded)
def test_compressed_curve(self):
# Compressed P-256 curve (Y-point is even)
pem1 = """-----BEGIN EC PRIVATE KEY-----
MFcCAQEEIHTuc09jC51xXomV6MVCDN+DpAAvSmaJWZPTEHM6D5H1oAoGCCqGSM49
AwEHoSQDIgACWFuGbHe8yJ43rir7PMTE9w8vHz0BSpXHq90Xi7/s+a0=
-----END EC PRIVATE KEY-----"""
# Compressed P-256 curve (Y-point is odd)
pem2 = """-----BEGIN EC PRIVATE KEY-----
MFcCAQEEIFggiPN9SQP+FAPTCPp08fRUz7rHp2qNBRcBJ1DXhb3ZoAoGCCqGSM49
AwEHoSQDIgADLpph1trTIlVfa8NJvlMUPyWvL+wP+pW3BJITUL/wj9A=
-----END EC PRIVATE KEY-----"""
key1 = ECC.import_key(pem1)
low16 = int(key1.pointQ.y % 65536)
self.assertEqual(low16, 0xA6FC)
key2 = ECC.import_key(pem2)
low16 = int(key2.pointQ.y % 65536)
self.assertEqual(low16, 0x6E57)
def test_functionality():
# generate a set of pk,sk pairs
list_keys = {
i: ECC.generate(curve='P-256')
for i in xrange(10)
}
pk_dict = {k: v.public_key() for k,v in list_keys.items()}
msg = 'HI Multiuser! in (test_functionality)'
ctx = encrypt(pk_dict, msg)
while list_keys:
sk_dict = dict([list_keys.popitem()])
_msg = decrypt(sk_dict, ctx)
assert msg == _msg, "\n_msg={}\n msg={}\n".format(_msg, msg)
def test_compute_id_w_saltctx():
pwtypo = 'asdfadsfadf'
list_keys = {
i: ECC.generate(curve='P-256')
for i in xrange(10)
}
pk_dict = {k: v.public_key() for k,v in list_keys.items()}
salt = os.urandom(32)
saltctx = encrypt(pk_dict, salt)
id1 = compute_id_w_saltctx(pwtypo, dict([list_keys.popitem()]), saltctx)
id2 = compute_id_w_saltctx(pwtypo, dict([list_keys.popitem()]), saltctx)
assert isinstance(id1, int)
assert id1 == id2
