def test_shared_2(self):
for _ in range(1024):
pri1 = curve25519.genkey()
pri2 = curve25519.genkey()
pub1 = curve25519.public(pri1)
pub2 = curve25519.public(pri2)
shared1 = curve25519.shared(pri1, pub2)
shared2 = curve25519.shared(pri2, pub1)
self.assertEqual(shared1, shared2)
def test_shared_2(self):
for _ in range(1024):
pri1 = curve25519.genkey()
pri2 = curve25519.genkey()
pub1 = curve25519.public(pri1)
pub2 = curve25519.public(pri2)
shared1 = curve25519.shared(pri1, pub2)
shared2 = curve25519.shared(pri2, pub1)
self.assertEqual(shared1, shared2)
def test_public(self):
pri1 = "a8abababababababababababababababababababababababababababababab6b".decode("hex")
pri2 = "c8cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd4d".decode("hex")
pub1 = binascii.hexlify(bytearray(curve25519.public(pri1)))
pub2 = binascii.hexlify(bytearray(curve25519.public(pri2)))
self.assertEqual(pub1, "e3712d851a0e5d79b831c5e34ab22b41a198171de209b8b8faca23a11c624859")
self.assertEqual(pub2, "b5bea823d9c9ff576091c54b7c596c0ae296884f0e150290e88455d7fba6126f")
def generate_new_seed():
# deserialize master ECDH public key embedded in program
master_pub = curve25519.public(unhexlify(MASTER_PUB_HEX))
# generate a random (yes, actually random) ECDH private key
ephem = curve25519.genkey()
# derive the corresponding public key for later embedding
ephem_pub = curve25519.public(ephem)
# combine the ECDH keys to generate the seed
seed = curve25519.shared(ephem, master_pub)
return seed, ephem_pub
def test_public(self):
pri1 = binascii.unhexlify(
"a8abababababababababababababababababababababababababababababab6b")
pri2 = binascii.unhexlify(
"c8cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd4d")
pub1 = binascii.hexlify(bytearray(curve25519.public(pri1)))
pub2 = binascii.hexlify(bytearray(curve25519.public(pri2)))
self.assertEqual(
pub1,
b"e3712d851a0e5d79b831c5e34ab22b41a198171de209b8b8faca23a11c624859"
)
self.assertEqual(
pub2,
b"b5bea823d9c9ff576091c54b7c596c0ae296884f0e150290e88455d7fba6126f"
)
def hunt_keypairs(self, distance):
f = False
for i in xrange(len(self.data)-(distance + 32)):
a = self.data[i:i+32]
b = self.data[i+32+distance:i+32+distance+32]
# Rule out nullkeys
if ((a == "\x00"*32) or (b == "\x00"*32)):
continue
if (b == curve25519.public(a)):
print "[+]Found candidate ephemeral keypair!\nSecret: [%s]\nPublic: [%s]" % (a.encode('hex'), b.encode('hex'))
f = True
if (a == curve25519.public(b)):
print "[+]Found candidate ephemeral keypair!\nSecret: [%s]\nPublic: [%s]" % (b.encode('hex'), a.encode('hex'))
f = True
if not(f):
print "[-]Found no remnant ephemeral keypairs..."
return
def _is_auth_hash_valid(public_key, auth_hash, auth_nonce, asset_id):
if (len(auth_nonce) != 32 or len(auth_hash) != 32
or len(public_key) > base58_max_length
or len(asset_id) > base58_max_length):
return False
public_key = b58decode(public_key)
shared_key = curve25519.shared(gateway_private_key, public_key)
out = ""
for letter in curve25519.public(gateway_private_key):
out += str(letter) + ','
b = blake2b(digest_size=32)
b.update(shared_key + auth_nonce + b58decode(asset_id) + public_key)
return auth_hash == b.digest()
def _write_operation_start(algorithm, operation):
"""Writes a fresh Operation Start message to tmp/operation_start.bin.
Generates an ECDHE key specified by <algorithm> and writes an Operation
Start message for executing <operation> on the device.
Args:
algorithm: Integer specifying the curve to use for the session key.
1: P256, 2: X25519
operation: Specifies the operation. 1: Certify, 2: Issue, 3: Issue Encrypted
Raises:
ValueError: algorithm or operation is is invalid.
"""
global _session_params
if algorithm > 2 or algorithm < 1:
raise ValueError('Invalid algorithm value.')
if operation > 3 or operation < 1:
raise ValueError('Invalid operation value.')
# Generate new key for each provisioning session
if algorithm == _ALGORITHMS['x25519']:
private_key = curve25519.genkey()
# Make 33 bytes to match P256
public_key = curve25519.public(private_key) + '\0'
elif algorithm == _ALGORITHMS['p256']:
[private_key, public_key] = ec_helper.generate_p256_key()
_session_params = _ATAPSessionParameters(algorithm, operation, private_key,
public_key)
# "Operation Start" Header
# +2 for algo and operation bytes
header = (_MESSAGE_VERSION, 0, 0, 0, _ECDH_KEY_LEN + 2)
operation_start = bytearray(struct.pack('<4B I', *header))
# "Operation Start" Message
op_start = (algorithm, operation, public_key)
operation_start.extend(struct.pack('<2B 33s', *op_start))
with open('tmp/operation_start.bin', 'wb') as f:
f.write(operation_start)
def __generate_key(self):
self.client_private_key = curve25519.genkey()
self.client_public_key = curve25519.public(self.client_private_key)
ephem_pub = modulus[pos:pos+32]
# compute seed with master private and ephemeral public
return (curve25519.shared(master,ephem_pub), ephem_pub)
if __name__ == "__main__":
# passphrase and filename as arguments
if len(sys.argv) == 3:
# Load an x.509 certificate from a file
x509 = X509.load_cert(sys.argv[2])
# Pull the modulus out of the certificate
orig_modulus = unhexlify(x509.get_pubkey().get_modulus())
(seed, ephem_pub) = recover_seed(key=sys.argv[1], modulus=orig_modulus, pos=80)
# no arguments, just generate a private key
else:
# deserialize master ECDH public key embedded in program
master_pub = curve25519.public(unhexlify(MASTER_PUB_HEX))
# generate a random (yes, actually random) ECDH private key
ephem = curve25519.genkey()
# derive the corresponding public key for later embedding
ephem_pub = curve25519.public(ephem)
# combine the ECDH keys to generate the seed
seed = curve25519.shared(ephem,master_pub)
prng = AESPRNG(seed)
ephem_pub = bytes(ephem_pub)
# deterministic key generation from seed
rsa = build_key(embed=ephem_pub, pos=80, randfunc=prng.randbytes)
if 'orig_modulus' in locals():
if long(hexlify(orig_modulus), 16) != long(rsa.n):
# Front end settings
bind_address = "127.0.0.1"
bind_port = 6771
db_url = "sqlite:///gateway.db"
waves_api_url = "http://127.0.0.1:6869"
waves_api_key = "evik904i5v9mgoupgsnio"
testnet = True
gateway_address = "3N3qmHa1MBo3ZjDYJZbHNezY4RfhtTFxjXG"
gateway_private_key = b'\x88rz\x037{\xfb\xa1\xb3e\\^\xcb\x97\x8d\xa1q\xe0$\xaa\xd7"\xeeI\xff\xf9!Jt~pa'
import curve25519, base58
gateway_public_key = curve25519.public(gateway_private_key)
print("Gateway's public key:", gateway_public_key, base58.b58encode(gateway_public_key))
default_fee = 100000
#currencies = {"3k2qVm2BSGvjCXNBGdFwq5mYSrd4LJmVgfBGro4qRQ1W": "mock_bank_usd"}
currencies = {"CcvuevJVhadmRipPQgWkGDreUcdnRGWjBJ2ey7mzop9g": "dogecoin"}
required_confirmations = 0
start_from_block = 3961
rescan_blockchain = False
import logging
logging.getLogger("requests").setLevel(logging.WARNING)
logging.getLogger("urllib3").setLevel(logging.WARNING)