def __init__(self, keyDer = None): # TODO: Implementation of managed properties? if keyDer == None: self._keyDer = Blob() self._keyType = None return self._keyDer = keyDer # Get the public key OID. oidString = "" try: parsedNode = DerNode.parse(keyDer.buf(), 0) rootChildren = parsedNode.getChildren() algorithmIdChildren = DerNode.getSequence( rootChildren, 0).getChildren() oidString = algorithmIdChildren[0].toVal() except DerDecodingException as ex: raise UnrecognizedKeyFormatException( "PublicKey.decodeKeyType: Error decoding the public key: " + str(ex)) # Verify that the we can decode. if oidString == self.RSA_ENCRYPTION_OID: self._keyType = KeyType.RSA serialization.load_der_public_key( keyDer.toBytes(), backend = default_backend()) elif oidString == self.EC_ENCRYPTION_OID: self._keyType = KeyType.ECDSA # TODO: Check EC decoding. else: raise UnrecognizedKeyFormatException( "PublicKey.decodeKeyType: Unrecognized OID " + oidString)
def encrypt(self, plainData, algorithmType): """ Encrypt the plainData using the keyBits according the encrypt algorithm type. :param plainData: The data to encrypt. :type plainData: Blob or an object which is the same as the bytes() operator :param int algorithmType: The algorithm type from EncryptAlgorithmType. This encrypts according to the algorithm type, e.g., RsaOaep. :return: The encrypted data. :rtype: Blob """ if isinstance(plainData, Blob): plainData = plainData.toBytes() publicKey = serialization.load_der_public_key( self._keyDer.toBytes(), backend = default_backend()) if algorithmType == EncryptAlgorithmType.RsaOaep: if self._keyType != KeyType.RSA: raise RuntimeError("The key type must be RSA") paddingObject = padding.OAEP( mgf = padding.MGF1(algorithm = hashes.SHA1()), algorithm = hashes.SHA1(), label = None) elif algorithmType == EncryptAlgorithmType.RsaPkcs: if self._keyType != KeyType.RSA: raise RuntimeError("The key type must be RSA") paddingObject = padding.PKCS1v15() else: raise RuntimeError("unsupported encryption mode") result = publicKey.encrypt(plainData, paddingObject) return Blob(result, False)
def travis_encrypt(self, token_to_encrypt): """ return encrypted version of token_to_encrypt """ # token_to_encrypt has to be string # if's not, assume it's unicode and enconde in utf-8 if isinstance(token_to_encrypt, unicode): token_string = token_to_encrypt.encode('utf-8') else: token_string = token_to_encrypt repo_public_key_text = self.public_key_for_travis_repo() pubkey = repo_public_key_text.encode('utf-8') if 'BEGIN PUBLIC KEY' in pubkey: repo_public_key = serialization.load_pem_public_key(pubkey, backend=default_backend()) elif 'BEGIN RSA PUBLIC KEY' in pubkey: # http://stackoverflow.com/a/32804289 b64data = '\n'.join(pubkey.splitlines()[1:-1]) derdata = base64.b64decode(b64data) repo_public_key = serialization.load_der_public_key(derdata, default_backend()) else: raise Exception ('cannot parse repo public key') ciphertext = repo_public_key.encrypt( token_string, padding.PKCS1v15() ) return base64.b64encode(ciphertext)
def test_ecdh(backend, wycheproof): curve = _CURVES[wycheproof.testcase["curve"]] if curve is None: pytest.skip( "Unsupported curve ({})".format(wycheproof.testcase["curve"]) ) _skip_exchange_algorithm_unsupported(backend, ec.ECDH(), curve) private_key = ec.derive_private_key( int(wycheproof.testcase["private"], 16), curve, backend ) try: public_key = serialization.load_der_public_key( binascii.unhexlify(wycheproof.testcase["public"]), backend ) except NotImplementedError: assert wycheproof.has_flag("UnnamedCurve") return except ValueError: assert wycheproof.invalid or wycheproof.acceptable return except UnsupportedAlgorithm: return if wycheproof.valid or wycheproof.acceptable: computed_shared = private_key.exchange(ec.ECDH(), public_key) expected_shared = binascii.unhexlify(wycheproof.testcase["shared"]) assert computed_shared == expected_shared else: with pytest.raises(ValueError): private_key.exchange(ec.ECDH(), public_key)
def encrypt(keyBits, plainData, params): """ Encrypt the plainData using the keyBits according the encrypt params. :param Blob keyBits: The key value (DER-encoded public key). :param Blob plainData: The data to encrypt. :param EncryptParams params: This encrypts according to params.getAlgorithmType(). :return: The encrypted data. :rtype: Blob """ publicKey = serialization.load_der_public_key( keyBits.toBytes(), backend = default_backend()) if params.getAlgorithmType() == EncryptAlgorithmType.RsaOaep: paddingObject = padding.OAEP( mgf = padding.MGF1(algorithm = hashes.SHA1()), algorithm = hashes.SHA1(), label = None) elif params.getAlgorithmType() == EncryptAlgorithmType.RsaPkcs: paddingObject = padding.PKCS1v15() else: raise RuntimeError("unsupported encryption mode") result = publicKey.encrypt(plainData.toBytes(), paddingObject) return Blob(result, False)
def test_ecdsa_signature(backend, wycheproof): try: key = serialization.load_der_public_key( binascii.unhexlify(wycheproof.testgroup["keyDer"]), backend ) except (UnsupportedAlgorithm, ValueError): # In OpenSSL 1.0.1, some keys fail to load with ValueError, instead of # Unsupported Algorithm. We can remove handling for that exception # when we drop support. pytest.skip( "unable to load key (curve {})".format( wycheproof.testgroup["key"]["curve"] ) ) digest = _DIGESTS[wycheproof.testgroup["sha"]] if ( wycheproof.valid or (wycheproof.acceptable and not wycheproof.has_flag("MissingZero")) ): key.verify( binascii.unhexlify(wycheproof.testcase["sig"]), binascii.unhexlify(wycheproof.testcase["msg"]), ec.ECDSA(digest), ) else: with pytest.raises(InvalidSignature): key.verify( binascii.unhexlify(wycheproof.testcase["sig"]), binascii.unhexlify(wycheproof.testcase["msg"]), ec.ECDSA(digest), )
def getPublicKey(registry=None): ''' Return the user's public key (generating and saving a new key pair if necessary) ''' registry = registry or Registry_Base_URL pubkey_pem = None if _isPublicRegistry(registry): pubkey_pem = settings.getProperty('keys', 'public') else: for s in _getSources(): if _sourceMatches(s, registry): if 'keys' in s and s['keys'] and 'public' in s['keys']: pubkey_pem = s['keys']['public'] break if not pubkey_pem: pubkey_pem, privatekey_pem = _generateAndSaveKeys() else: # settings are unicode, we should be able to safely decode to ascii for # the key though, as it will either be hex or PEM encoded: pubkey_pem = pubkey_pem.encode('ascii') # if the key doesn't look like PEM, it might be hex-encided-DER (which we # used historically), so try loading that: if b'-----BEGIN PUBLIC KEY-----' in pubkey_pem: pubkey = serialization.load_pem_public_key(pubkey_pem, default_backend()) else: pubkey_der = binascii.unhexlify(pubkey_pem) pubkey = serialization.load_der_public_key(pubkey_der, default_backend()) return _pubkeyWireFormat(pubkey)
def _verifySha256WithEcdsaSignature(signature, signedBlob, publicKeyDer): """ Verify the ECDSA signature on the SignedBlob using the given public key. :param Blob signature: The signature bits. :param SignedBlob signedBlob: the SignedBlob with the signed portion to verify. :param Blob publicKeyDer: The DER-encoded public key used to verify the signature. :return: True if the signature verifies, False if not. :rtype: bool """ # Get the public key. publicKeyDerBytes = publicKeyDer.toBytes() try: publicKey = load_der_public_key( publicKeyDerBytes, backend = default_backend()) except: raise SecurityException("Cannot decode the ECDSA public key") # Verify. verifier = publicKey.verifier( signature.toBytes(), ec.ECDSA(hashes.SHA256())) verifier.update(signedBlob.toSignedBytes()) try: verifier.verify() return True except InvalidSignature: return False
def load_verifying_key(verifying_key, crypto_backend=default_backend()): """ Optional: crypto backend object from the "cryptography" python library """ if isinstance(verifying_key, EllipticCurvePublicKey): return verifying_key elif isinstance(verifying_key, (str, unicode)): if is_hex(verifying_key): try: public_key_pem = ECPublicKey(verifying_key).to_pem() except: pass else: try: return load_pem_public_key( public_key_pem, backend=crypto_backend) except Exception as e: traceback.print_exc() raise InvalidPublicKeyError() try: return load_der_public_key( verifying_key, backend=crypto_backend) except: raise InvalidPublicKeyError() else: try: return load_pem_public_key( verifying_key, backend=crypto_backend) except Exception as e: raise InvalidPublicKeyError() else: raise ValueError('Verifying key must be in string or unicode format.')
def test_rsa_pss_signature(backend, wycheproof): key = serialization.load_der_public_key( binascii.unhexlify(wycheproof.testgroup["keyDer"]), backend ) digest = _DIGESTS[wycheproof.testgroup["sha"]] mgf_digest = _DIGESTS[wycheproof.testgroup["mgfSha"]] if wycheproof.valid or wycheproof.acceptable: key.verify( binascii.unhexlify(wycheproof.testcase["sig"]), binascii.unhexlify(wycheproof.testcase["msg"]), padding.PSS( mgf=padding.MGF1(mgf_digest), salt_length=wycheproof.testgroup["sLen"] ), digest ) else: with pytest.raises(InvalidSignature): key.verify( binascii.unhexlify(wycheproof.testcase["sig"]), binascii.unhexlify(wycheproof.testcase["msg"]), padding.PSS( mgf=padding.MGF1(mgf_digest), salt_length=wycheproof.testgroup["sLen"] ), digest )
def load_pubkey(bs: bytes) -> rsa.RSAPublicKey: """ Parse a DER-encoded RSA public key from a byte string. """ key = serialization.load_der_public_key(bs, default_backend()) if not isinstance(key, rsa.RSAPublicKey): raise Exception('Not an RSA public key') return key
def read_public_key(key_fn): try: key_file = open(key_fn, "rb") pub_key = serialization.load_der_public_key(key_file.read(), backend=default_backend()) # print("Pub key size: {}".format(pub_key.key_size)) return pub_key except IOError as err_msg: print("Open key file failed. Please check the key file name. " + str(err_msg)) raise IOError(err_msg)
def test_load_der_dsa_public_key(self, key_file, backend): key = load_vectors_from_file( key_file, lambda derfile: load_der_public_key( derfile.read(), backend ), mode="rb" ) assert key assert isinstance(key, dsa.DSAPublicKey)
def handle_encrypt_request(self, name, packet): pubkey_raw = packet.data['public_key'] if self.auth.online_mode: self.auth.send_session_auth(pubkey_raw, packet.data['server_id']) pubkey = serialization.load_der_public_key(pubkey_raw, backend) encrypt = lambda data: pubkey.encrypt(data, padding.PKCS1v15()) # flake8: noqa self.net.push_packet('LOGIN>Encryption Response', { 'shared_secret': encrypt(self.auth.shared_secret), 'verify_token': encrypt(packet.data['verify_token']), }) self.net.enable_crypto(self.auth.shared_secret)
def verify_with_pub_key(pubkey, data, signature, hash_algo): '''Verify the given digest using ECDSA. r and s are the ECDSA signature parameters. if verified, return 1. ''' pubkey = load_der_public_key(pubkey, backend=default_backend()) verifier = pubkey.verifier(signature, ec.ECDSA(getattr(hashes, hash_algo)())) verifier.update(data) try: verifier.verify() return 1 except Exception: return 0
def test_load_der_rsa_public_key(self, key_file, backend): key = load_vectors_from_file( key_file, lambda derfile: load_der_public_key( derfile.read(), backend ), mode="rb" ) assert key assert isinstance(key, rsa.RSAPublicKey) numbers = key.public_numbers() assert numbers.e == 65537
def verify(self, app_param, chal_param, der_pubkey): pubkey = load_der_public_key(PUB_KEY_DER_PREFIX + der_pubkey, default_backend()) verifier = pubkey.verifier(self.signature, ec.ECDSA(hashes.SHA256())) verifier.update(app_param + six.int2byte(self.user_presence) + struct.pack('>I', self.counter) + chal_param) try: verifier.verify() except InvalidSignature: raise ValueError('U2F signature is invalid')
def test_encryption_using_generated_key(self): """Tests functionality of a generated asymmetric key pair.""" test_model = order_models.OrderModel(**self.asymmetric_data) create_resp, order_ref = self.behaviors.create_order(test_model) self.assertEqual(create_resp.status_code, 202) order_resp = self.behaviors.get_order(order_ref) self.assertEqual(order_resp.status_code, 200) container_resp = self.container_behaviors.get_container( order_resp.model.container_ref) self.assertEqual(container_resp.status_code, 200) secret_dict = {} for secret in container_resp.model.secret_refs: self.assertIsNotNone(secret.secret_ref) secret_resp = self.secret_behaviors.get_secret( secret.secret_ref, "application/octet-stream") self.assertIsNotNone(secret_resp) secret_dict[secret.name] = secret_resp.content private_key = serialization.load_der_private_key( secret_dict['private_key'], password=None, backend=backends.default_backend() ) public_key = serialization.load_der_public_key( secret_dict['public_key'], backend=backends.default_backend() ) self.assertIsNotNone(private_key) self.assertIsNotNone(public_key) message = b'plaintext message' ciphertext = public_key.encrypt( message, padding.OAEP( mgf=padding.MGF1(algorithm=hashes.SHA1()), algorithm=hashes.SHA1(), label=None ) ) plaintext = private_key.decrypt( ciphertext, padding.OAEP( mgf=padding.MGF1(algorithm=hashes.SHA1()), algorithm=hashes.SHA1(), label=None ) ) self.assertEqual(message, plaintext)
def from_public_der(cls, public_key): """ Given a DER-format public key, convert it into a token to validate signatures :param public_key: der formatted key :return: :class:`~oneid.keychain.Keypair` instance """ pub = load_der_public_key(public_key, default_backend()) new_token = cls() new_token._public_key = pub return new_token
def load(byts): ''' Create a PubKey instance from DER/PKCS8 encoded bytes. Args: byts (bytes): Bytes to load Returns: PubKey: A new PubKey instance. ''' return PubKey(c_ser.load_der_public_key( byts, backend=default_backend()))
def _load_verifying_key(self, verifying_key): if isinstance(verifying_key, EllipticCurvePublicKey): return verifying_key elif isinstance(verifying_key, (str, unicode)): try: return load_der_public_key(verifying_key, backend=backend) except: try: return load_pem_public_key(verifying_key, backend=backend) except Exception as e: traceback.print_exc() raise ValueError("Invalid verifying key format") else: raise ValueError("Invalid verification key type")
def __call__(self, parser, namespace, values, option_string): if namespace.key_type == 'raw': setattr(namespace, self.dest, raw_loader(values)) elif namespace.key_type == 'pem': setattr(namespace, self.dest, serialization.load_pem_public_key(raw_loader(values), backend)) elif namespace.key_type == 'der': setattr(namespace, self.dest, serialization.load_der_public_key(raw_loader(values), backend))
def encrypt_token_and_secret(pubkey, verification_token, shared_secret): """Encrypts the verification token and shared secret with the server's public key. :param pubkey: The RSA public key provided by the server :param verification_token: The verification token provided by the server :param shared_secret: The generated shared secret :return: A tuple containing (encrypted token, encrypted secret) """ pubkey = load_der_public_key(pubkey, default_backend()) encrypted_token = pubkey.encrypt(verification_token, PKCS1v15()) encrypted_secret = pubkey.encrypt(shared_secret, PKCS1v15()) return encrypted_token, encrypted_secret
def rsa_encrypt(data, rsa_pub_key_bytes): """ `rsa_pub_key_bytes` is a byte sequence with the public key """ if isinstance(data, text_type): data = data.encode('utf-8') if isinstance(rsa_pub_key_bytes, text_type): rsa_pub_key_bytes = rsa_pub_key_bytes.encode('utf-8') if rsa_pub_key_bytes.startswith(b'-----'): key = serialization.load_pem_public_key(rsa_pub_key_bytes, backend=default_backend()) elif rsa_pub_key_bytes.startswith(b'ssh-rsa '): key = serialization.load_ssh_public_key(rsa_pub_key_bytes, backend=default_backend()) else: key = serialization.load_der_public_key(rsa_pub_key_bytes, backend=default_backend()) return key.encrypt(data, OAEP(MGF1(SHA1()), SHA1(), label=None))
def test_load_ec_public_key(self, backend): _skip_curve_unsupported(backend, ec.SECP256R1()) key = load_vectors_from_file( os.path.join( "asymmetric", "DER_Serialization", "ec_public_key.der"), lambda derfile: load_der_public_key( derfile.read(), backend ), mode="rb" ) assert key assert isinstance(key, ec.EllipticCurvePublicKey) assert key.curve.name == "secp256r1" assert key.curve.key_size == 256
def __init__(self, data: _STR_TYPE): """ Creates a new ``PublicKey`` representing the given public bytes. Changing the produced object will NOT change the underlying bytes. The new object must first be exported. :param data: The public key byte-data. :raises ValueError: If the given key data bytes cannot be loaded, and thus may not represent a valid private key. """ if isinstance(data, str): data = data.encode() if not isinstance(data, bytes): raise TypeError("Value of 'data' must be bytes") args = (data, default_backend()) # (1) Try loading public key as DER try: super().__init__(key=serialization.load_der_public_key(*args)) self.encoding = EncodingType.DER return except ValueError: pass # (2) Try loading public key as PEM try: super().__init__(key=serialization.load_pem_public_key(*args)) self.encoding = EncodingType.PEM return except ValueError: pass # (3) Try loading public key as OpenSSH try: super().__init__(key=serialization.load_ssh_public_key(*args)) self.encoding = EncodingType.OpenSSH return except (ValueError, serialization.UnsupportedAlgorithm): pass raise ValueError("Could not find a suitable encoding for 'data' " "bytes, the data may not be a valid public key")
def load_verifying_key(verifying_key, crypto_backend=default_backend()): """ Optional: crypto backend object from the "cryptography" python library """ if not isinstance(crypto_backend, (Backend, MultiBackend)): raise ValueError('backend must be a valid Backend object') if isinstance(verifying_key, EllipticCurvePublicKey): return verifying_key elif isinstance(verifying_key, (str, unicode)): try: return load_der_public_key( verifying_key, backend=crypto_backend) except: try: return load_pem_public_key( verifying_key, backend=crypto_backend) except Exception as e: raise ValueError('Invalid verifying key format') else: raise ValueError('Invalid verification key type')
def handle_encryption_request(self, name, packet): pubkey_raw = packet.data['public_key'] if self.authenticated: serverid = java_hex_digest(hashlib.sha1( packet.data['server_id'].encode('ascii') + self.auth.shared_secret + pubkey_raw )) logger.info( "AUTHPLUGIN: Attempting to authenticate session with " "sessionserver.mojang.com") url = "https://sessionserver.mojang.com/session/minecraft/join" data = json.dumps({ 'accessToken': self.auth.ygg.access_token, 'selectedProfile': self.auth.selected_profile, 'serverId': serverid, }).encode('utf-8') headers = {'Content-Type': 'application/json'} req = request.Request(url, data, headers) try: rep = request.urlopen(req).read().decode('ascii') except URLError: rep = 'Couldn\'t connect to sessionserver.mojang.com' if rep != "": logger.warning("AUTHPLUGIN: %s", rep) self.event.emit('SESS_ERR') else: logger.info("AUTHPLUGIN: Session authentication successful") pubkey = serialization.load_der_public_key(pubkey_raw, backend) def encrypt(data): return pubkey.encrypt(data, padding.PKCS1v15()) self.net.push_packet( 'LOGIN>Encryption Response', { 'shared_secret': encrypt(self.auth.shared_secret), 'verify_token': encrypt(packet.data['verify_token']), } ) self.net.enable_crypto(self.auth.shared_secret)
def test_rsa_signature(backend, wycheproof): key = serialization.load_der_public_key( binascii.unhexlify(wycheproof.testgroup["keyDer"]), backend ) digest = _DIGESTS[wycheproof.testgroup["sha"]] if should_verify(backend, wycheproof): key.verify( binascii.unhexlify(wycheproof.testcase["sig"]), binascii.unhexlify(wycheproof.testcase["msg"]), padding.PKCS1v15(), digest, ) else: with pytest.raises(InvalidSignature): key.verify( binascii.unhexlify(wycheproof.testcase["sig"]), binascii.unhexlify(wycheproof.testcase["msg"]), padding.PKCS1v15(), digest, )
def _parse_public_key(self, ipa_public_key): public_key = serialization.load_der_public_key(ipa_public_key, default_backend()) num = public_key.public_numbers() if isinstance(num, rsa.RSAPublicNumbers): return {'kty': 'RSA', 'e': self._encode_int(num.e), 'n': self._encode_int(num.n)} elif isinstance(num, ec.EllipticCurvePublicNumbers): if num.curve.name == 'secp256r1': curve = 'P-256' elif num.curve.name == 'secp384r1': curve = 'P-384' elif num.curve.name == 'secp521r1': curve = 'P-521' else: raise TypeError('Unsupported Elliptic Curve') return {'kty': 'EC', 'crv': curve, 'x': self._encode_int(num.x), 'y': self._encode_int(num.y)} else: raise TypeError('Unknown Public Key type')
def process(self, msg=b""): if (self.msg_cnt == 0): new_msg = bytes("Hello".encode('utf-8')) self.msg_cnt += 1 elif (self.msg_cnt == 1): msg = msg.decode() msg_dict = ast.literal_eval(msg) pub_key = msg_dict['pubKey'] server_public_key = load_der_public_key(pub_key, backend=default_backend()) self.client_private_key = ec.generate_private_key( ec.SECP256K1(), default_backend()) self.client_public_key = self.client_private_key.public_key() self.shared_key = self.client_private_key.exchange( ec.ECDH(), server_public_key) key = os.urandom(32) nounce = os.urandom(12) cip = ChaCha20Poly1305(key) print('Input message to send (empty to finish)') data = input() message = data.encode('utf-8') ciphertext = cip.encrypt(nounce, message, None) signature = self.client_private_key.sign(ciphertext, ec.ECDSA(hashes.SHA256())) new_msg = { "nounce": nounce, "key": key, "ct": ciphertext, "sign": signature, "pub_key": self.client_public_key.public_bytes( Encoding.DER, PublicFormat.SubjectPublicKeyInfo) } self.msg_cnt += 1 else: key = os.urandom(32) nounce = os.urandom(12) cip = ChaCha20Poly1305(key) print('Input message to send (empty to finish)') data = input() message = data.encode('utf-8') ciphertext = cip.encrypt(nounce, message, None) signature = self.client_private_key.sign(ciphertext, ec.ECDSA(hashes.SHA256())) new_msg = { "nounce": nounce, "key": key, "ct": ciphertext, "sign": signature } self.msg_cnt += 1 print("Mensagem enviada!\n") return new_msg if len(new_msg) > 0 else None
def load_public_key(der_public_key): return serialization.load_der_public_key(b64decode(der_public_key), default_backend())
def verify_with_pub_key(pubkey, data, signature, hash_algo): '''Verify the given digest using ECDSA. raise Exception if NOT verified. ''' pubkey = load_der_public_key(pubkey, backend=default_backend()) pubkey.verify(signature, data, ec.ECDSA(getattr(hashes, hash_algo)()))
def generate_shared_secret(self, private_key, ephemeral_public_key): ephemeral_public_key = base64.b64decode(ephemeral_public_key) ephemeral_public_key = load_der_public_key(ephemeral_public_key, self.backend) shared_secret = private_key.exchange(ec.ECDH(), ephemeral_public_key) return shared_secret
def unpack_public_key(data): return serialization.load_der_public_key(data=data, backend=default_backend())
# Check for correct number of arguments if len(sys.argv) != 4: sys.exit( '\n---ERROR---\nInvalid number of arguments. Please use the following format:\n\n python dsaverify.py <PUBLIC KEY FILEPATH> <INITIAL FILE FILEPATH> <SIGNATURE FILEPATH>\n\n' ) # Parse command line arguments keyfile = sys.argv[1] messagefile = sys.argv[2] sigfile = sys.argv[3] # Read in binary data from keyfile with open(keyfile, "rb") as f: raw = f.read() # Parse keyfile data key = load_der_public_key(raw, backend=default_backend()) key_parts = key.public_numbers() # Break out components of DSA Public Key beta = key_parts.y p = key_parts.parameter_numbers.p q = key_parts.parameter_numbers.q g = key_parts.parameter_numbers.g # Instantiate sha256 hash object M = hashlib.sha256() # Read in 1024 byte chunks from signed file with open(messagefile, "rb") as f: chunk = f.read(1024) # Update hash object state while chunk: M.update(chunk)
slots = pkcs11.getSlotList() for s in slots: if 'CARTAO DE CIDADAO' in pkcs11.getTokenInfo(s).label: data = bytes('data to be signed', 'utf-8') session = pkcs11.openSession(s) privKey = session.findObjects([(CKA_CLASS, CKO_PRIVATE_KEY), (CKA_LABEL, 'CITIZEN AUTHENTICATION KEY')])[0] signature = bytes( session.sign(privKey, data, Mechanism(CKM_SHA1_RSA_PKCS))) pubKeyHandle = session.findObjects([(CKA_CLASS, CKO_PUBLIC_KEY), (CKA_LABEL, 'CITIZEN AUTHENTICATION KEY')])[0] pubKeyDer = session.getAttributeValue(pubKeyHandle, [CKA_VALUE], TRUE)[0] session.closeSession() pubKey = load_der_public_key(bytes(pubKeyDer), default_backend()) try: pubKey.verify(signature, data, padding.PKCS1v15(), hashes.SHA1()) print('Verification succeeded') except: print('Verification failed')
def import_from_der(self, pubkey): # No lib support for explicit curves nor compressed points. self.pubkey = serialization.load_der_public_key( pubkey, backend=default_backend())
from base64 import b64decode from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives import serialization public_key_string = 'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3CPXhKOGh6UXbcMD4tJceGVAeNZkdCvwn8ZhVol9+S5zkaEFXxu1nMQQqoHisKhdGowFMqwBbTU7a1yibSEeaiRpSAtLrf9ggedAZHq7UbohaRXaLaqF2xub4WogJMDjts+y+NbgyE31JbNlF0AXjuBc2cQzjeEI8PvbpfE3SGH68jZcKNl9xr0LgIEp0XExtTqBA/NUL1IFfTH7RWr/SZJfMwaB+YL4rDHG0RMQBg6mDwY0Z6NSkdyfxwwEmINJv6oeesAFeomhgsk0iUzbIrqtYwT3zskU+S6hCX65jp/JoxaNXfgn3r7C7wOsExqxq/Bm2nrldDfQ/E9U+mm6OQIDAQAB' # The data between -----BEGIN RSA PUBLIC KEY----- and -----END RSA PUBLIC KEY----- is actually just base-64 encoded DER data. der_data = b64decode(public_key_string) # Return RSAPublicKey object from public key string # Deserialize a public key from DER encoded data to one of the supported asymmetric public key types. # https://cryptography.io/en/latest/hazmat/primitives/asymmetric/serialization/#cryptography.hazmat.primitives.serialization.load_der_public_key public_key_obj = serialization.load_der_public_key(der_data, backend=default_backend()) print( public_key_obj ) # <cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x000001D107C3A160> print(type(public_key_obj) ) # <class 'cryptography.hazmat.backends.openssl.rsa._RSAPublicKey'>
def Bytes_ToPublicKey(bytes): return serialization.load_der_public_key(bytes, default_backend())
def _get_pubkey_from_der_public_key(filedata, backend): """ Load the filedata as a DER public key """ try: return serialization.load_der_public_key(filedata, backend=backend) except Exception: return None
def get_cryptography_public_key(public_key): crypto_public_key = serialization.load_der_public_key( bytes(public_key.get_encoded()), backend=backends.default_backend()) return crypto_public_key
def encrypt(self, public_key, clear_text): public_key = serialization.load_der_public_key( self.key_pair.public_key, backend=default_backend()) return public_key.encrypt(clear_text, self._padding)
def get_dh_key(self, otherKey): peer_public_key = load_der_public_key(otherKey, backend=default_backend()) return self.ec_private.exchange(ec.ECDH(), peer_public_key)
def prepare(self): my_key_dir = os.path.join(base_dir, 'private') my_private_key_file_path = os.path.join(my_key_dir, 'my_pri_key') my_public_key_file_path = os.path.join(my_key_dir, 'my_pub_key') friend_keys_dir_path = os.path.join(base_dir, 'friends') if not os.path.exists(my_key_dir): os.makedirs(my_key_dir) if not os.path.exists(friend_keys_dir_path): os.makedirs(friend_keys_dir_path) if not os.path.exists(my_private_key_file_path) or not os.path.exists( my_public_key_file_path): print('private or public key does not exist!') choice = get_choice(hint='1. generate key pair\n2. exit\nchoice: ', options=['1', '2']) if choice == '1': my_private_key = rsa.generate_private_key( public_exponent=65537, key_size=2048, backend=self.backend) private_key_password = getpass.getpass( 'input a password for private_key, default is empty: ') if private_key_password: my_private_key_bytes = my_private_key.private_bytes( serialization.Encoding.DER, format=serialization.PrivateFormat.PKCS8, encryption_algorithm=serialization. BestAvailableEncryption( private_key_password.encode('utf8'))) else: my_private_key_bytes = my_private_key.private_bytes( serialization.Encoding.DER, format=serialization.PrivateFormat.PKCS8, encryption_algorithm=serialization.NoEncryption()) open(my_private_key_file_path, 'wb').write(my_private_key_bytes) my_public_key = my_private_key.public_key() my_public_key_bytes = my_public_key.public_bytes( serialization.Encoding.DER, serialization.PublicFormat.SubjectPublicKeyInfo) open(my_public_key_file_path, 'wb').write(my_public_key_bytes) if choice == '2': exit(0) choice = get_choice( hint= '1. generate secret_key for talk\n2. decrypt encrypted secret_key from your friend\nchoice: ', options=['1', '2']) if choice == '1': secret_key = os.urandom(32) friend_key_names = os.listdir(friend_keys_dir_path) if not friend_key_names: print('there is no one friend\'s public key, exit') exit(0) hint = 'friend_key_names:\n {}\ninput a key name you want: '.format( ' \n'.join(friend_key_names)) selected_friend_key_name = get_choice(hint=hint, options=friend_key_names) my_friend_public_key_file_path = os.path.join( friend_keys_dir_path, selected_friend_key_name) my_friend_public_key_content = open(my_friend_public_key_file_path, 'rb').read() my_friend_public_key = serialization.load_der_public_key( my_friend_public_key_content, self.backend) encrypted_secret_key = my_friend_public_key.encrypt( secret_key, padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None)) msg = 'encrypted_secret_key:{}'.format( binascii.hexlify(encrypted_secret_key).decode('utf8')) print( 'Please send the following encrypted_secret_key msg to your friend' ) print(msg) if choice == '2': my_private_key_content = open(my_private_key_file_path, 'rb').read() private_key_password = getpass.getpass( 'input the password of private_key, default is empty: ') if private_key_password: my_private_key = serialization.load_der_private_key( my_private_key_content, private_key_password.encode('utf8'), self.backend) else: my_private_key = serialization.load_der_private_key( my_private_key_content, None, self.backend) while True: encrypted_secret_key_msg = input( 'Please input encrypted_secret_key msg from your friend: ' ).strip() if encrypted_secret_key_msg.startswith( 'encrypted_secret_key:') and is_hex_str( encrypted_secret_key_msg[21:]): break else: print( '[!] encrypted_secret_key msg must start with "encrypted_secret_key:" and have correct hex_str' ) continue encrypted_secret_key_bytes = bytes.fromhex( encrypted_secret_key_msg[21:]) secret_key = my_private_key.decrypt( encrypted_secret_key_bytes, padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None)) self.fernet = Fernet(base64.urlsafe_b64encode(secret_key))
def decode_rsa_key(pem_key): decoded = base64.b64decode(''.join(pem_key.splitlines()[1:-1])) return serialization.load_der_public_key(decoded, default_backend())
# print "Usage - python client.py -sip server-ip -sp <PORT> -sk <SERVER_PUBLIC_KEY_PATH>" # sys.exit() if not args.sk: print "Usage - python client.py -sip server-ip -sp <PORT> -sk <SERVER_PUBLIC_KEY_PATH>" sys.exit() PORT = args.sp HOST = args.sip # CLIENT_PORT = args.cp # Read the public key file for the Server and load it into a public key variable public_key_file_path = args.sk try: with open(public_key_file_path, 'rb') as f: s_public_key = serialization.load_der_public_key( f.read(), backend=default_backend()) except: print "Error while Reading the key File" sys.exit() # INPUT : Asymmetric Key,Message in Byte Format # OUTPUT : Cipher # Method used for asymmetric encryption def encrypt_with_asymmetric_key(key, message): try: cipher = key.encrypt( message, padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA1()), algorithm=hashes.SHA1(), label=None))
def load(cls, der_encoded_key: bytes): key = cls() key._pub_key = serialization.load_der_public_key( der_encoded_key, default_backend()) return key
def process(self, msg): if (self.msg_cnt == 0): self.server_private_key = ec.generate_private_key( ec.SECP256K1(), default_backend()) self.server_public_key = self.server_private_key.public_key() new_msg = { "pubKey": self.server_public_key.public_bytes( Encoding.DER, PublicFormat.SubjectPublicKeyInfo) } msg = new_msg self.msg_cnt += 1 elif (self.msg_cnt == 1): msg = msg.decode() msg_dict = ast.literal_eval(msg) nounce = msg_dict['nounce'] key = msg_dict['key'] ciphertext = msg_dict['ct'] signature = msg_dict['sign'] pub_key = msg_dict['pub_key'] self.client_public_key = load_der_public_key( pub_key, backend=default_backend()) self.shared_key = self.server_private_key.exchange( ec.ECDH(), self.client_public_key) cip = ChaCha20Poly1305(key) try: self.client_public_key.verify(signature, ciphertext, ec.ECDSA(hashes.SHA256())) message = cip.decrypt(nounce, ciphertext, None) print('%d : %r' % (self.id, message.decode('utf-8'))) except: print("Error while decrypt") self.msg_cnt += 1 else: msg = msg.decode() msg_dict = ast.literal_eval(msg) nounce = msg_dict['nounce'] key = msg_dict['key'] ciphertext = msg_dict['ct'] signature = msg_dict['sign'] cip = ChaCha20Poly1305(key) try: self.client_public_key.verify(signature, ciphertext, ec.ECDSA(hashes.SHA256())) message = cip.decrypt(nounce, ciphertext, None) print('%d : %r' % (self.id, message.decode('utf-8'))) except: print("Error while decrypt") self.msg_cnt += 1 print('NEXT!') return msg if len(msg) > 0 else None
def get_public_key_from_der(data): return serialization.load_der_public_key( data, backend=backends.default_backend())
def checkAsymPubKey(self, rsa_key): public_key = serialization.load_der_public_key( rsa_key, backend=default_backend()) pass
def pub_key_der_to_addr(pub_key): pub_key_loaded = serialization.load_der_public_key(pub_key, backend=default_backend()) return get_addr_from_public_key(pub_key_loaded)
def public_key(self): return serialization.load_der_public_key(bytes(self.pubkey), backend=default_backend())
def import_from_der(self, pubkey): # XXX does the cryptography lib support explicit curves? # check also for compressed points self.pubkey = serialization.load_der_public_key(pubkey, backend=default_backend())
def save_pub_key(pubkey, path): '''save public key to path''' pubk = load_der_public_key(pubkey, backend=default_backend()) data = pubk.public_bytes(Encoding.PEM, PublicFormat.SubjectPublicKeyInfo) with open(path, 'wb') as write_to: write_to.write(data)
def login(address, protocol_version, debug, access_token, uuid, user_name): connection = TCPConnection(address, debug) # Handshake with Next state set to 2 (login) packet_out = Packet() packet_out.write_varint(0x00) packet_out.write_varint(protocol_version) packet_out.write_utf(address[0]) packet_out.write_ushort(address[1]) packet_out.write_varint(2) connection.send_packet(packet_out) # Login start packet_out = Packet() packet_out.write_varint(0x00) packet_out.write_utf(user_name) connection.send_packet(packet_out) # Begin login phase loop. while True: receive_ready, send_ready, exception_ready = select.select( [connection.socket], [connection.socket], [], 0.01) if len(receive_ready) > 0: packet_in = connection.receive_packet() packet_id = packet_in.read_varint() if debug: print('L Packet ' + hex(packet_id)) # Disconnect (login) if packet_id == 0x00: print(packet_in.read_utf()) # Encryption request if packet_id == 0x01: server_id = packet_in.read_utf() pub_key = packet_in.read_bytearray_as_str() ver_tok = packet_in.read_bytearray_as_str() # Client auth shared_secret = os.urandom(16) verify_hash = sha1() verify_hash.update(server_id.encode('utf-8')) verify_hash.update(shared_secret) verify_hash.update(pub_key) server_id = format( int.from_bytes(verify_hash.digest(), byteorder='big', signed=True), 'x') res = requests.post( 'https://sessionserver.mojang.com/session/minecraft/join', data=json.dumps({ 'accessToken': access_token, 'selectedProfile': uuid, 'serverId': server_id }), headers={'content-type': 'application/json'}) print('Client session auth', res.status_code) # Send Encryption Response packet_out = Packet() packet_out.write_varint(0x01) pub_key = load_der_public_key(pub_key, default_backend()) encrypt_token = pub_key.encrypt(ver_tok, PKCS1v15()) encrypt_secret = pub_key.encrypt(shared_secret, PKCS1v15()) packet_out.write_varint(len(encrypt_secret)) packet_out.write(encrypt_secret) packet_out.write_varint(len(encrypt_token)) packet_out.write(encrypt_token) connection.send_packet(packet_out) connection.configure_encryption(shared_secret) # Login Success if packet_id == 0x02: u = packet_in.read_utf() n = packet_in.read_utf() print('Name: ' + n + ' | UUID: ' + u) print('Switching to PLAY') break # Set Compression if packet_id == 0x03: connection.compression_threshold = packet_in.read_varint() print('Compression enabled, threshold:', connection.compression_threshold) return connection
def do_authenticate(self) -> None: """ Send server an authentication request May need to obtain user credentials User may choose authenticate by password or CC """ logger.info("Begining authn process") # Gen key d = self.read() b_server_pub_key = base64.b64decode(d['server_public_key']) server_pub_key = serialization.load_der_public_key( b_server_pub_key, backend=default_backend()) shared_key = self.private_key.exchange(server_pub_key) # Derivation self.key = HKDF(algorithm=hashes.SHA256(), length=16, salt=None, info=b'derivation', backend=default_backend()).derive(shared_key) # Send authentication request self.server_nonce = os.urandom(16) text = str.encode( json.dumps({ "type": 'AUTHN_REQ', "nonce": base64.b64encode(self.server_nonce).decode('utf-8') })) payload, mac = self.encrypt(text) msg = { "type": 'SECURE', "payload": base64.b64encode(payload).decode('utf-8'), "h_mac": base64.b64encode(mac).decode('utf-8') } self.send(msg) # Authenticate server data = self.read() logger.debug("KEY_GEN got -> {}".format(data)) mtype = data.get('type', 'UNKNOWN') if mtype != 'KEY_GEN_OK': raise Exception("Something went wrong in key gen") sv_nonce = base64.b64decode(data["nonce"]) b_sv_crt = base64.b64decode(data["sv_cert"]) self.sv_crt = x509.load_der_x509_certificate(b_sv_crt, backend=default_backend()) with open("./certs/rootCA.crt", "rb") as f: data = f.read() self.rootCA_crt = x509.load_pem_x509_certificate( data, backend=default_backend()) self.sv_crt_pub_key = self.sv_crt.public_key() self.rootCA_crt_pub_key = self.rootCA_crt.public_key() hs = hashes.Hash(hashes.SHA256(), backend=default_backend()) hs.update(self.server_nonce) digest = hs.finalize() # Verify the signature validation try: self.sv_crt_pub_key.verify( sv_nonce, digest, padder.PSS(mgf=padder.MGF1(hashes.SHA256()), salt_length=padder.PSS.MAX_LENGTH), utils.Prehashed(hashes.SHA256())) logger.info("Server authenticated") except Exception as e: #TODO fix this ... DONE! logger.exception("Invalid signature {}".format(e)) exit(1) #TODO VALIDATE SERVER CHAIN ??? if self.auth_mode == "pass": self.password_validation_request() else: self.send({"type": "ERROR"}) raise Exception("Authentication mode not suported") # Check if authentication went ok p_reply = self.read() logger.info(p_reply) logger.debug("AUTHN got -> {}".format(p_reply)) mtype = p_reply.get('type', 'UNKNOWN') if mtype != 'AUTHN_OK': raise Exception("Authentication fail!!") logger.info("Advancing state") self.state = STATE_AUTHZ
from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.kdf.hkdf import HKDF from pwn import * p = process("challenge.py") client_sk = ec.generate_private_key(ec.SECP384R1(), default_backend()) client_pk = client_sk.public_key() client_der = client_pk.public_bytes( encoding=serialization.Encoding.DER, format=serialization.PublicFormat.SubjectPublicKeyInfo) res = p.recvuntil("Send your public key (hex):") server_der = res.split("\n")[1].decode("hex") server_pk = serialization.load_der_public_key(server_der, default_backend()) shared_key = client_sk.exchange(ec.ECDH(), server_pk) derived_key = HKDF(algorithm=hashes.SHA256(), length=16, salt=None, info=b"handshake data", backend=default_backend()).derive(shared_key) p.sendline(client_der.encode('hex')) res = p.recvuntil("Please, prove you know stuffs: ") msg = process(["collide.py", derived_key.encode("hex")]).recvall().split("\n")[1] p.sendline(msg) flag = p.recvall() print(flag)
def verifySignature(buffer, signature, publicKey, digestAlgorithm=DigestAlgorithm.SHA256): """ Verify the buffer against the signature using the public key. :param buffer: The input buffer to verify. :type buffer: Blob or an object which is the same as the bytes() operator :param signature: The signature bytes. :type signature: Blob or an object which is the same as the bytes() operator :param publicKey: The object containing the public key, or the public key DER which is used to make the PublicKey object. :type publicKey: PublicKey or Blob or an object which is the same as the bytes() operator :param digestAlgorithm: (optional) The digest algorithm. If omitted, use DigestAlgorithm.SHA256. :type digestAlgorithm: int from DigestAlgorithm :return: True if verification succeeds, False if verification fails. :rtype: bool :raises: ValueError for an invalid public key type or digestAlgorithm. """ if digestAlgorithm == None: digestAlgorithm = DigestAlgorithm.SHA256 if isinstance(buffer, Blob): buffer = buffer.toBytes() if isinstance(signature, Blob): signature = signature.toBytes() if not isinstance(publicKey, PublicKey): # Turn publicKey into a PublicKey object. if not isinstance(publicKey, Blob): publicKey = Blob(publicKey) publicKey = PublicKey(publicKey) if digestAlgorithm == DigestAlgorithm.SHA256: if publicKey.getKeyType() == KeyType.RSA: # Get the public key. try: cryptoPublicKey = load_der_public_key( publicKey.getKeyDer().toBytes(), backend=default_backend()) except: return False try: cryptoPublicKey.verify(signature, buffer, padding.PKCS1v15(), hashes.SHA256()) return True except: return False elif publicKey.getKeyType() == KeyType.EC: # Get the public key. try: cryptoPublicKey = load_der_public_key( publicKey.getKeyDer().toBytes(), backend=default_backend()) except: return False try: cryptoPublicKey.verify(signature, buffer, ec.ECDSA(hashes.SHA256())) return True except: return False else: raise ValueError("verifySignature: Invalid key type") else: raise ValueError("verifySignature: Invalid digest algorithm")
def save_pub_key(pubkey, dest): pubk = load_der_public_key(pubkey) data = pubk.public_bytes(Encoding.PEM, PublicFormat.SubjectPublicKeyInfo) with open(dest, 'wb') as f: f.write(data)