def sign_encrypt_sign(message, signing_key, encryption_key): signed_message = signing_Curve25519_PyNaCl.sign(signing_key, message) encrypted_signed_message = salsa20_256_PyNaCl.encrypt(signed_message, encryption_key) signed_encrypted_signed_message = signing_Curve25519_PyNaCl.sign( signing_key, encrypted_signed_message) return signed_encrypted_signed_message
def test_quantum_vulnerable_signing(self): from PQencryption.pub_key.pk_signature.quantum_vulnerable import signing_Curve25519_PyNaCl from PQencryption import utilities signing_key, verify_key = signing_Curve25519_PyNaCl.key_gen() message = 'This is my message.' # signing signed = signing_Curve25519_PyNaCl.sign(signing_key, message) # verify positive out = verify_key.verify(signed) self.assertEqual(message, out) # verify negative with self.assertRaises(Exception) as bad_signature: spoof = "0" * len(signed) out = verify_key.verify(spoof) self.assertTrue( "Signature was forged or corrupt" in bad_signature.exception) # test derived key derived_verify_key = signing_key.verify_key self.assertEqual(verify_key, derived_verify_key)
def example_quantum_vulnerable_signing(): from PQencryption.pub_key.pk_signature.quantum_vulnerable import signing_Curve25519_PyNaCl from PQencryption import utilities # This in an example. In production, you would want to read the key from an # external file or the command line. The key must be 32 bytes long. # DON'T DO THIS IN PRODUCTION! signing_key, verify_key = utilities.generate_signing_verify_keys() message = 'This is my message.' print() print("message : " + message) print() # signing signed, verify_key = signing_Curve25519_PyNaCl.sign(signing_key, message) verify_key_hex = utilities.to_hex(str(verify_key)) print() print("signed (will look garbled): " + signed) print() print("verify_key_hex: " + verify_key_hex) print() # verification try: print() print("verification positive: " + verify_key.verify(signed)) print() print("verification negative:") print("="*79) print("THIS WILL FAIL WITH AN ERROR, AS EXPECTED.") print("="*79) print(verify_key.verify("0"*len(signed))) except: raise finally: print("="*79) print("Yes, clean-up is still executed, even after raising errors:") print("begin cleanup ...") # make sure all memory is flushed after operations del signing_key del signed del message del verify_key del verify_key_hex gc.collect() print("... end cleanup.") print("="*79)
def sign_models(models, signing_key): signed_models = signing_Curve25519_PyNaCl.sign(signing_key, models) return signed_models