def main(argv):
"""
Main procedure to generate C array with keys
"""
parser = argparse.ArgumentParser(description="Generates SQLite database with"
" keys and serial number.")
parser.add_argument('config_file', help="project specific configuration file"
)
args = parser.parse_args()
config = ConfigParser.ConfigParser()
config.read(args.config_file)
con = sqlite3.connect(config.get('database', 'filename'))
while 1:
serialno = uuid.uuid4().bytes
oem_factory_token = '%s%s' %(serialno, '\xFF')
customer_factory_token = '%s%s' %(serialno, '\x00\xFF')
private_key = generate_private_key(config.get('tools', 'private_key_cmd'))
public_key = generate_public_key(config.get('tools', 'public_key_cmd'), private_key)
sk = SigningKey.from_der(private_key)
pk = VerifyingKey.from_der(public_key)
embedded_private_key = generate_private_key(config.get('tools', 'private_key_cmd'))
embedded_public_key = generate_public_key(config.get('tools', 'public_key_cmd'), embedded_private_key)
embedded_sk = SigningKey.from_der(embedded_private_key)
embedded_pk = VerifyingKey.from_der(embedded_public_key)
embedded_private_key_sig = embedded_sk.sign(oem_factory_token, hashfunc=sha256)
assert embedded_pk.verify(embedded_private_key_sig, oem_factory_token, hashfunc=sha256)
oem_factory_token_sig = sk.sign(oem_factory_token, hashfunc=sha256)
assert pk.verify(oem_factory_token_sig, oem_factory_token, hashfunc=sha256)
customer_factory_token_sig = sk.sign(customer_factory_token, hashfunc=sha256)
assert pk.verify(customer_factory_token_sig, customer_factory_token, hashfunc=sha256)
debug_token_sig = sk.sign(serialno, hashfunc=sha256)
assert pk.verify(debug_token_sig, serialno, hashfunc=sha256)
public_key_compressed = ecc_compress(pk.to_string())
with con:
cur = con.cursor()
cur.execute(config.get('database', 'create'))
cur.execute(config.get('database', 'insert'),
(sqlite3.Binary(private_key),
sqlite3.Binary(public_key),
sqlite3.Binary(public_key_compressed),
sqlite3.Binary(embedded_private_key),
sqlite3.Binary(embedded_public_key),
sqlite3.Binary(embedded_sk.to_string()),
sqlite3.Binary(serialno),
sqlite3.Binary(oem_factory_token_sig),
sqlite3.Binary(customer_factory_token_sig),
sqlite3.Binary(debug_token_sig)))
def load_key(self, filename):
"""
Load signing key (from pem file)
"""
default_sk = SigningKey.from_pem(keys_default_pem)
with open(filename, "r") as sk_file:
sk_pem = sk_file.read()
self.sk = SigningKey.from_pem(sk_pem)
sk_hex = "".join(c.encode('hex') for c in self.sk.to_string())
return default_sk.to_string() == self.sk.to_string()
def __init__(self, key=None): self.secretKey = self.verifKey = None # Recuperation if key is not None: self.secretKey = SigningKey.from_string(key, curve=NIST384p) # Auto-generation else: self.secretKey = SigningKey.generate(curve=NIST384p) self.verifKey = self.secretKey.get_verifying_key()
def run():
key = SigningKey.from_string(get_key_from_wif(settings['wif']), SECP256k1, sha256)
rs = compileASM(REDEEM_SCRIPT)
txs = parsetxsfile(settings['file'])
for tx in txs:
tx.signatures = sign_detached(tx.tx, key, rs)
print(",".join(tx.signatures))
def makeTransaction(self, tx, account):
"""Make Transaction"""
if tx.outputs == None:
raise ValueError, 'Not correct Address, wrong length.'
if tx.attributes == None:
tx.attributes = []
coins = self.findUnSpentCoins(account.scriptHash)
tx.inputs, tx.outputs = self.selectInputs(tx.outputs, coins, account, tx.systemFee)
# Make transaction
stream = MemoryStream()
writer = BinaryWriter(stream)
tx.serializeUnsigned(writer)
reg_tx = stream.toArray()
tx.ensureHash()
txid = tx.hash
# RedeenScript
contract = Contract()
contract.createSignatureContract(account.publicKey)
Redeem_script = contract.redeemScript
# Add Signature
sk = SigningKey.from_string(binascii.unhexlify(account.privateKey), curve=NIST256p, hashfunc=hashlib.sha256)
signature = binascii.hexlify(sk.sign(binascii.unhexlify(reg_tx),hashfunc=hashlib.sha256))
regtx = reg_tx + '014140' + signature + '23' + Redeem_script
# sendRawTransaction
print regtx
response = self.node.sendRawTransaction(regtx)
import json
print response
return txid
def sign_subscription(signatory, subscription, private_key_string, public_key_string):
"""
sign a subscription (deep hash of criteria, signatory, signature timestamp, public key)
param signatory: Name or identifier of the signing party (the caller)
param subscription: all fields of subscription signed
param private_key_string: private key used for generating signature
param public_key_string: hashed and inserted into signature block for later validation
"""
ecdsa_signing_key = SigningKey.from_pem(private_key_string)
signature_ts = int(time.time())
hashed_items = []
# append criteria for hashing
hashed_items.append(deep_hash(subscription['criteria']))
# append sub create timestamp for hashing
hashed_items.append(subscription['create_ts'])
hashed_items.append(signatory)
hashed_items.append(signature_ts)
hashed_items.append(public_key_string)
verification_hash = final_hash(hashed_items)
signature = ecdsa_signing_key.sign(verification_hash)
digest = signature.encode('base64')
signature_block = assemble_sig_block(subscription, signatory, public_key_string, digest, verification_hash, signature_ts)
return signature_block
def __init__(self, secret_exponent, network=BitcoinMainNet,
*args, **kwargs):
if not isinstance(secret_exponent, six.integer_types):
raise ValueError("secret_exponent must be a long")
super(PrivateKey, self).__init__(network=network, *args, **kwargs)
self._private_key = SigningKey.from_secret_exponent(
secret_exponent, curve=SECP256k1)
def recover_key(c1,sig1,c2,sig2,pubkey):
#using the same variable names as in:
#http://en.wikipedia.org/wiki/Elliptic_Curve_DSA
curve_order = pubkey.curve.order
n = curve_order
s1 = int(sig1[96:],16)
print("s1: " + str(s1))
s2 = int(sig2[96:],16)
print("s2: " + str(s2))
r = int(sig1[:-96], 16)
print("r: " + str(r))
print("R values match: " + str(int(sig2[:-96],16) == r))
z1 = string_to_number(sha256(c1))
z2 = string_to_number(sha256(c2))
#magical math stuff
sdiff_inv = inverse_mod(((s1-s2)%n),n)
k = ( ((z1-z2)%n) * sdiff_inv) % n
r_inv = inverse_mod(r,n)
da = (((((s1*k) %n) -z1) %n) * r_inv) % n
print("Recovered Da: " + hex(da))
#turn the private key into a signing key
recovered_private_key_ec = SigningKey.from_secret_exponent(da, curve=NIST384p)
return recovered_private_key_ec
def load_private_key(self):
if self.private_key is None:
msg = 'Please, specify the private_key location.'
raise ValueError(msg)
with open(self.private_key, 'rb') as key_file:
return SigningKey.from_pem(key_file.read())
def test():
priv = SigningKey.generate(curve=NIST384p)
pub = priv.get_verifying_key()
print "Private key generated:"
generatedKey = priv.to_pem()
print generatedKey
txt1 = "Dedication"
txt2 = "Do you have it?"
#K chosen by a fair roll of a 1d10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
sig1 = priv.sign(txt1, k=4444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444)
print "Signature 1: " + str(sig1.encode('hex'))
sig2 = priv.sign(txt2, k=4444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444)
print "Signature 2: " + str(sig2.encode('hex'))
print "Signature 1 verification: " + str(pub.verify(sig1, txt1))
print "Signature 2 verification: " + str(pub.verify(sig2, txt2))
key = recover_key(txt1, sig1, txt2, sig2, pub)
print "Private key recovered:"
print key
print "Equality of generated & recovered keys: " + str(generatedKey == key)
def create_material(self, bits, d=None, x=None, y=None):
curve = self.curve_for_bits(bits)
if d:
return SigningKey.from_secret_exponent(d, curve)
if x and y:
point = ec.Point(curve.curve, x, y, curve.order)
return VerifyingKey.from_public_point(point, curve)
def build_vectors(fips_vectors):
vectors = defaultdict(list)
for vector in fips_vectors:
vectors[vector['digest_algorithm']].append(vector['message'])
for digest_algorithm, messages in vectors.items():
if digest_algorithm not in HASHLIB_HASH_TYPES:
continue
yield ""
yield "[K-256,{0}]".format(digest_algorithm)
yield ""
for message in messages:
# Make a hash context
hash_func = TruncatedHash(HASHLIB_HASH_TYPES[digest_algorithm]())
# Sign the message using warner/ecdsa
secret_key = SigningKey.generate(curve=SECP256k1)
public_key = secret_key.get_verifying_key()
signature = secret_key.sign(message, hashfunc=hash_func,
sigencode=sigencode_der)
r, s = sigdecode_der(signature, None)
yield "Msg = {0}".format(hexlify(message))
yield "d = {0:x}".format(secret_key.privkey.secret_multiplier)
yield "Qx = {0:x}".format(public_key.pubkey.point.x())
yield "Qy = {0:x}".format(public_key.pubkey.point.y())
yield "R = {0:x}".format(r)
yield "S = {0:x}".format(s)
yield ""
def recover_key(c1,sig1,c2,sig2,pubkey): #using the same variable names as in: #http://en.wikipedia.org/wiki/Elliptic_Curve_DSA curve_order = pubkey.curve.order n = curve_order s1 = string_to_number(sig1[-48:]) print "s1: " + str(s1) s2 = string_to_number(sig2[-48:]) print "s2: " + str(s2) r = string_to_number(sig1[-96:--48]) print "r: " + str(r) print "R values match: " + str(string_to_number(sig2[-96:--48]) == r) z1 = string_to_number(sha1(c1)) z2 = string_to_number(sha1(c2)) sdiff_inv = inverse_mod(((s1-s2)%n),n) k = ( ((z1-z2)%n) * sdiff_inv) % n r_inv = inverse_mod(r,n) da = (((((s1*k) %n) -z1) %n) * r_inv) % n print "Recovered Da: " + hex(da) recovered_private_key_ec = SigningKey.from_secret_exponent(da, curve=NIST384p) return recovered_private_key_ec.to_pem()
def doAuthenticate(self, msg):
if len(msg.args) == 1 and msg.args[0] == '+':
log.info('%s: Authenticating using SASL.', self.network)
if self.sasl == 'external':
authstring = '+'
elif self.sasl == 'ecdsa-nist256p-challenge':
authstring = base64.b64encode(
self.sasl_username.encode('utf-8')).decode('utf-8')
elif self.sasl == 'plain':
authstring = base64.b64encode('\0'.join([
self.sasl_username,
self.sasl_username,
self.sasl_password
]).encode('utf-8')).decode('utf-8')
self.queueMsg(ircmsgs.IrcMsg(command='AUTHENTICATE', args=(authstring,)))
elif (len(msg.args) == 1 and msg.args[0] != '+' and
self.sasl == 'ecdsa-nist256p-challenge'):
try:
private_key = SigningKey.from_pem(open(self.sasl_ecdsa_key).
read())
authstring = base64.b64encode(
private_key.sign(base64.b64decode(msg.args[0].encode()))).decode('utf-8')
except (BadDigestError, OSError, ValueError) as e:
authstring = "*"
self.queueMsg(ircmsgs.IrcMsg(command='AUTHENTICATE', args=(authstring,)))
def Make_RegisterTransaction(Prikey, Redeem_script, Name, Issuer, Admin, Inputs, Index, Count, Amount=-0.00000001):
'''
Name:发行的资产名
Issuer:发行者
Admin:管理员
Inputs
Count:inputs
Amount:发行资产总量,默认无上限-0.00000001
'''
Name = '5b7b276c616e67273a277a682d434e272c276e616d65273a27{0}277d5d'.format(name_to_hex(Name))
Amount = float_2_hex(Amount)
#不需要找零
#Antcoin:f252a09a24591e8da31deec970871cc7678cb55023db049551e91f7bac28e27b
Outputs = big_or_little('f252a09a24591e8da31deec970871cc7678cb55023db049551e91f7bac28e27b') + float_2_hex(Count-100) + Admin if Count > 100 else ''
#暂时支持1个inputs之后再改,'00'为索引
RegisterTransaction = '4060' + hex(len(Name)/2)[2:] + Name + Amount + Issuer + Admin + '0001' + big_or_little(str(Inputs)) + '00'
if Count > 100:
RegisterTransaction += '0001' + Outputs
else:
RegisterTransaction += '0000'
GetHashForSigning = big_or_little(sha256(binascii.unhexlify(RegisterTransaction)))#txid
#print GetHashForSigning
sk = SigningKey.from_string(binascii.unhexlify(Prikey), curve=NIST256p, hashfunc=hashlib.sha256)
signature = binascii.hexlify(sk.sign(binascii.unhexlify(RegisterTransaction),hashfunc=hashlib.sha256))
return RegisterTransaction + '014140' + signature + '23' + Redeem_script
def get_root_key(seed): """ Gets the root key from the seed. """ # :TODO: add support for more than key #0 # see https://github.com/ripple/ripple-lib/blob/develop/src/js/ripple/seed.js def generate_key(seed): i = 0 res = 0 while True: res = from_bytes(hashes.sha512half(seed + to_bytes(i, 4))) i += 1 if curves.SECP256k1.order >= res: break return res private_generator = generate_key(seed) public_generator = curves.SECP256k1.generator * private_generator # use public + private generators to generate a secret sequence = 0 # public_compressed = _get_compressed_point(public_generator) secret = generate_key(public_compressed + to_bytes(sequence, 4)) secret += private_generator secret %= curves.SECP256k1.order # use secret to generate a secp256k1 key return SigningKey.from_secret_exponent(secret, curves.SECP256k1)
def check_for_privkey(keydir, jid, stderr):
# the "anonymous ID" case
if jid.startswith("anonid0-"):
return None
# the "old-style ID" case
# FIXME: once it is possible for addons to change from old-style IDs
# to new, cryptographic IDs on AMO and in Firefox, warn users that
# continuing to use old-style IDs is less secure, and provide them with
# instructions for changing to new IDs.
if not jid.startswith("jid0-"):
return None
keypath = os.path.join(keydir, jid)
if not os.path.isfile(keypath):
msg = """\
Your package.json says our ID is:
%(jid)s
But I don't have a corresponding private key in:
%(keypath)s
If you are the original developer of this package and have recently copied
the source code from a different machine to this one, you should copy the
private key into the file named above.
Otherwise, if you are a new developer who has made a copy of an existing
package to use as a starting point, you need to remove the 'id' property
from package.json, so that we can generate a new id and keypair. This will
disassociate our new package from the old one.
If you're collaborating on the same addon with a team, make sure at least
one person on the team has the private key. In the future, you may not
be able to distribute your addon without it.
"""
print >> stderr, msg % {"jid": jid, "keypath": keypath}
return None
keylines = open(keypath, "r").readlines()
keydata = {}
for line in keylines:
line = line.strip()
if line:
k, v = line.split(":", 1)
keydata[k.strip()] = v.strip()
if "private-key" not in keydata:
raise ValueError("invalid keydata: can't find 'private-key' line")
sk_s = remove_prefix(keydata["private-key"], "private-jid0-", errormsg="unable to parse private-key data")
from ecdsa import SigningKey, VerifyingKey, NIST256p
sk = SigningKey.from_string(my_b32decode(sk_s), curve=NIST256p)
vk = sk.get_verifying_key()
jid_2 = vk_to_jid(vk)
if jid_2 != jid:
raise ValueError("invalid keydata: private-key in %s does not match" " public key for %s" % (keypath, jid))
vk_s = remove_prefix(keydata["public-key"], "public-jid0-", errormsg="unable to parse public-key data")
vk2 = VerifyingKey.from_string(my_b32decode(vk_s), curve=NIST256p)
if vk.to_string() != vk2.to_string():
raise ValueError("invalid keydata: public-key mismatch")
return sk
def test_sign(self):
pem = '-----BEGIN EC PRIVATE KEY-----\nMHQCAQEEICg7E4NN53YkaWuAwpoqjfAofjzKI7Jq1f532dX+0O6QoAcGBSuBBAAK\noUQDQgAEjZcNa6Kdz6GQwXcUD9iJ+t1tJZCx7hpqBuJV2/IrQBfue8jh8H7Q/4vX\nfAArmNMaGotTpjdnymWlMfszzXJhlw==\n-----END EC PRIVATE KEY-----\n'
signed = utils.sign("message", pem)
sk = SigningKey.from_pem(pem)
vk = sk.get_verifying_key()
print(signed)
signed = binascii.unhexlify(signed)
vk.verify(signed, "message".encode(), hashfunc=hashlib.sha256, sigdecode=ecdsaUtil.sigdecode_der)
def gen_key(self, filename):
"""
Generate a new Signing key using NIST P-256 curve
"""
self.sk = SigningKey.generate(curve=NIST256p)
with open(filename, "w") as sk_file:
sk_file.write(self.sk.to_pem())
def new(cls, string=None):
"""Returns a new Address object.
If a string is passed, the Address object will be
created using that string and will be deterministic.
If no string is passed, the Address object will
be generated randomly.
"""
# Generates warner ECDSA objects
if string:
# deterministic private key
ecdsaPrivkey = SigningKey.from_string(
string=string, curve=SECP256k1)
else:
# random private key
ecdsaPrivkey = SigningKey.generate(
curve=SECP256k1, entropy=None)
return cls.fromPrivkey(ecdsaPrivkey)
def load(privkeypem):
"""
Load a private key from disk
:param privkeypem:
:return:
"""
with open(privkeypem, "rb") as privfile:
return SigningKey.from_pem(privfile.read())
def __init__(self, privkey, pubkey = None, compressed = True):
self.private_key = SigningKey.from_string(privkey, SECP256k1, sha256)
if (compressed):
# use the compressed public key
self.public_key = BlockIo.Helper.compress_pubkey(self.private_key.get_verifying_key().to_string())
else:
# use the uncompressed public key
self.public_key = unhexlify('04' + hexlify(self.private_key.get_verifying_key().to_string()))
def root_key_from_seed(secret):
"""This derives your master key the given seed.
Implemented in ripple-lib as ``Seed.prototype.get_key``, and further
is described here:
https://ripple.com/wiki/Account_Family#Root_Key_.28GenerateRootDeterministicKey.29
"""
key = SigningKey.from_secret_exponent(secret, curves.SECP256k1)
return key
def generate_pri_key():
seed = get_seed()
rng1 = PRNG(seed)
sk = SigningKey.generate(entropy=rng1, curve=NIST256p)
sk_string = sk.to_string()
sk_string_hex = binascii.hexlify(sk_string)
return sk_string_hex, sk
def generate(curve):
if curve not in _policy_.keys():
return False
sk = SigningKey.generate(curve=_policy_[curve][0])
vk = sk.get_verifying_key()
pubKey = vk.to_der()
prvKey = sk.to_der()
return (pubKey, prvKey)
def setUpClass(cls):
log.info('Generating ECDSA Keypairs for Testing')
cls.sender_sk = SigningKey.generate(curve=curves.SECP256k1)
cls.receiver_sk = SigningKey.generate(curve=curves.SECP256k1)
log.info('Setup IdObj for testid')
cls.test_id_obj = IdObject()
cls.test_id_obj.auth_public_key = cls.receiver_sk.get_verifying_key().to_der().encode('hex')
cls.test_id_obj.id = 'testid'
cls.test_id_obj.paymentprotocol_only = True
cls.resolver = PluginManager.get_plugin('RESOLVER', config.resolver_type)
cls.resolver.save(cls.test_id_obj)
log.info('Save testid IdObj')
log.info('Setup Class Identifier')
cls.identifier = None
def hex2key(hex_key):
key_bytes = unhexlify(hex_key)
if len(hex_key) == 64:
return SigningKey.from_string(key_bytes, curve=NIST256p,
hashfunc=sha256)
elif len(hex_key) == 128:
return VerifyingKey.from_string(key_bytes, curve=NIST256p,
hashfunc=sha256)
else:
raise ValueError("Key in hex form is of the wrong length.")
def __sign_message(cls, key_path, message):
key_data = open(key_path).read()
signing_key = SigningKey.from_pem(key_data)
signature = signing_key.sign(
message,
hashfunc=hashlib.sha256,
sigencode=ecdsa.util.sigencode_der
)
signature = base64.b64encode(signature)
return signature
def _decode_key(self, data):
s, padding = der.remove_sequence(data)
if padding:
if padding not in self.ALLOWED_PADDINGS:
raise ValueError("weird padding: %s" % u(binascii.hexlify(data)))
data = data[:-len(padding)]
key = SigningKey.from_der(data)
self.signing_key = key
self.verifying_key = key.get_verifying_key()
self.size = 256
def __init__(self, public_key=None, private_key=None):
self.id = 0
if public_key is not None:
public_key = "#" + public_key
if private_key is not None:
private_key = "#" + private_key
self.public_key = auto_bytes(public_key)
self.private_key = private_key
self.addr_version = None
self.use_compression = 1
if private_key == "":
private_key = None
#Generate key pairs.
if self.public_key == None and private_key == None:
self.sign_key = SigningKey.generate(curve=SECP256k1)
self.verify_key = self.sign_key.get_verifying_key()
self.private_key = self.sign_key.to_string()
self.public_key = self.verify_key.to_string()
return
#Init public key.
self.old_verify_str = None
if self.public_key != None:
self.public_key = self.parse_public_key(self.public_key)
self.verify_key = VerifyingKey.from_string(self.public_key, SECP256k1)
self.sign_key = None
self.old_verify_str = self.verify_key.to_string()
#Init private key.
if self.private_key != None:
#Construct keys from private key.
self.private_key = self.parse_private_key(private_key)
self.sign_key = SigningKey.from_string(self.private_key, SECP256k1)
self.verify_key = self.sign_key.get_verifying_key()
#Check private key corrosponds to public key.
if self.old_verify_str != None:
if self.old_verify_str != self.verify_key.to_string():
raise Exception("Private key doesn't corrospond to stored public key.")
if not (len(sys.argv) == 4):
print("Usage:", sys.argv[0], "<nprocesses> <nthreads> [<priv_key>]")
exit(1)
# get the number of threads and processes
nprocesses = int(sys.argv[1])
nthreads = int(sys.argv[2])
# treats the private key (if it was provided)
if len(sys.argv) == 4:
try:
# try to retrieve the private key
priv_key_file = sys.argv[3]
print(priv_key_file)
with open(priv_key_file, 'r') as file:
priv_key = SigningKey.from_pem(file.read())
except:
print("Invalid private key.", sys.argv[3])
exit
else:
print("The private key is invalid!")
priv_key = None
# randomize our entropy source...
random.seed(123)
# if necessary, use this line to stop the multiprocessing execution until the user confirms
input('Ready to create the multiprocesses. Press ENTER to start...\n')
# setup a list of processes that we want to run
from ecdsa import SigningKey, NIST384p
sk = SigningKey.generate(curve=NIST384p)
sk2 = SigningKey.generate(curve=NIST384p)
vk = sk.verifying_key
print(sk.to_string().encode('hex'))
print(sk2.to_string().encode('hex'))
msg = "vote to a"
si = sk.sign(msg)
nmsg = "vote to da"
try:
assert vk.verify(si, nmsg)
except:
print("Bad sign")
def from_exponent(cls, exponent):
key = SigningKey.from_secret_exponent(exponent, curve=SECP256k1)
return cls(key)
def privateKey2publicKey(private_key_string):
sk = SigningKey.from_string(bytes.fromhex(private_key_string),
curve=SECP256k1)
vk = sk.get_verifying_key()
return vk.to_string().hex()
def signTransaction(sk: str, txHash: str) -> str:
sk = bytes.fromhex(sk)
sk = SigningKey.from_string(sk, curve=SECP256k1)
signature = sk.sign(bytes.fromhex(txHash))
return signature.hex()
from ecdsa import SigningKey, NIST224p
import time
import psutil
import threading
from threading import Timer
# Se generan las llaves
sk = SigningKey.generate() # uses NIST192p
#sk = SigningKey.generate(curve = NIST224p)
vk = sk.verifying_key
def sign():
while(True):
time.sleep(0.2) # Prevenir 100% de uso de cpu por ciclo infinito
sk.sign(b"Mahc000148441") #Firma
signature = sk.sign(b"Mahc000148441") #Firma
def verify():
while(True):
time.sleep(0.2) # Prevenir 100% de uso de cpu por ciclo infinito
vk.verify(signature, b"Mahc000148441")
class DisplayCPU(threading.Thread):
cpuUsageMeasures = []
running = False
def run(self):
t = Timer(10.0, self.stop)
self.running = True
t.start()
import pickle
from ecdsa import SigningKey, SECP256k1, BadSignatureError
# the bank is the issuing source of truth, bad bank!
bank_private_key = SigningKey.generate(curve=SECP256k1)
bank_public_key = bank_private_key.get_verifying_key()
def serialize(coin):
return pickle.dumps(coin)
def transfer_message(prev_sig, next_pub_key):
return serialize({
"prev_sig": prev_sig,
"next_owner_pub_key": next_pub_key
})
class Transfer:
def __init__(self, signature, public_key):
self.signature = signature
self.public_key = public_key
class ECDSACoin:
def __init__(self, transfers):
self.transfers = transfers
def validate(self):
prev_transfer = self.transfers[0] # Check the first transfer
hashObj = new(hashAlg)
hashObj.update(bytestring)
return hashObj.digest()
def pairEncode(hex_string):
if len(hex_string) % 2:
hex_string = '0' + hex_string
return bytes.fromhex(hex_string)
# Generate cryptographically strong 256 bit private key.
private_key = randbits(256)
# Generate ECDSA signing (private) and verifying (public) keys from private key.
signing_key = SigningKey.from_secret_exponent(private_key, curve=SECP256k1)
verifying_key = signing_key.get_verifying_key()
# Concatenate (x, y) points to create public key.
x = verifying_key.pubkey.point.x()
x = pairEncode(f'{x:x}')
y = verifying_key.pubkey.point.y()
y = pairEncode(f'{y:x}')
full_public_key = b'\x00' + x + y
# Compress the public key.
prefix = b'\x03' if y[-1] % 2 else b'\x02'
public_key = prefix + x
# Calculate the address.
def __init__(self):
self.sk = {}
# Loading signature keys to memory
for keyid, private_key in settings.CUP_PEM_KEYS.iteritems():
self.sk[keyid] = SigningKey.from_pem(open(private_key).read())
def gen_private_ecdsa():
from ecdsa import SigningKey
sk = SigningKey.generate()
return sk.to_pem()
def sign_message(private_key: ecdsa.SigningKey, message: str) -> str:
"""returns a signature for a given message"""
signature = private_key.sign(bytes(message, "utf-8"))
return str(binascii.hexlify(signature))[2:-1]
from ecdsa import SigningKey
sk = SigningKey.generate()
vk = sk.get_verifying_key()
open("private.pem", "wb").write(sk.to_pem())
open("public.pem", "wb").write(vk.to_pem())
print('---> private key: %s' % (sk.to_pem()))
print('---> public key: %s' % (vk.to_pem()))
def __init__(self):
self._private_key = SigningKey.generate(curve=SECP256k1)
self._public_key = self._private_key.get_verifying_key()
def lookup_private_key(name):
exponent = {"alice": 1, "bob": 2, "node0": 3, "node1": 4, "node2": 5}[name]
return SigningKey.from_secret_exponent(exponent, curve=SECP256k1)
def find_curve(oid_curve):
for c in curves:
if c.oid == oid_curve:
return c
raise UnknownCurveError("I don't know about the curve with oid %s."
"I only know about these: %s" %
(oid_curve, [c.name for c in curves]))
# SECP256k1 = Curve("SECP256k1", ecdsa.curve_secp256k1, ecdsa.generator_secp256k1,
# (1, 3, 132, 0, 10), "secp256k1")
# SECP256k1 is the Bitcoin elliptic curve
from ecdsa import SigningKey
sk = SigningKey.generate(curve=NIST256p)
vk = sk.get_verifying_key()
print(b2a_hex(sk.to_string()))
print(b2a_hex(vk.to_string()))
sig = sk.sign(
a2b_hex(
b'0021F5FC0B85CD22E60623BCD7D1CA48948909249B4776EB515154E57B66AE12010000002C'
+ # noqa
b'7B89F12A9088B0F5EE0EF8F6718BCCC374249C31AEEBAEB79BD0450132CD536C'))
vk.verify(
sig,
a2b_hex(
b'0021F5FC0B85CD22E60623BCD7D1CA48948909249B4776EB515154E57B66AE12010000002C'
+ # noqa
b'7B89F12A9088B0F5EE0EF8F6718BCCC374249C31AEEBAEB79BD0450132CD536C')
) # True
def generate(cls) -> 'PrivateKey':
return cls(SigningKey.generate(curve=SECP256k1))
def gen_private_key(curve=curve.P256, hashfunc=sha256):
priv_key = SigningKey.generate(curve=curve, hashfunc=hashfunc)
return priv_key.to_string().hex()
def from_bytes(cls, b: bytes) -> 'PrivateKey':
return cls(SigningKey.from_string(b, curve=SECP256k1))
def generate():
return ECDSA256P1(SigningKey.generate(curve=NIST256p))
def __init__(self):
self._private_key = SigningKey.generate(curve=NIST256p)
self._public_key = self._private_key.get_verifying_key()
self._blockchain_address = self.generate_blockchain_address()
def main(sk_filename):
global processed_txids, transaction_id
sk = SigningKey.from_pem(open(sk_filename).read())
vk = sk.get_verifying_key()
pk = str(base64.b64encode(vk.to_string()), encoding='utf8')
timestamp = str(int(time.time()-300))
leaders = db.query("SELECT * FROM leaders WHERE pk = %s AND timestamp > %s", pk, timestamp)
if not leaders:
election(sk_filename)
else:
# leader = leaders[0]
transactions = db.query("SELECT * FROM transactions WHERE id > %s ORDER BY id ASC LIMIT 20", transaction_id)
random.shuffle(transactions)
for transaction in transactions:
if transaction.txid in processed_txids:
continue
data = json.loads(transaction.data)
sender = data["transaction"]["sender"]
receiver = data["transaction"]["receiver"]
amount = data["transaction"]["amount"]
signature = data["signature"]
chain_txids = set()
sender_blocks = lastest_block(sender)
receiver_blocks = lastest_block(receiver)
if len(set(sender_blocks+receiver_blocks)) >= 1:
if len(set(sender_blocks+receiver_blocks)) == 1:
txs = db.query("SELECT * FROM graph WHERE hash = %s", (sender_blocks+receiver_blocks)[0])
else:
txs = db.query("SELECT * FROM graph WHERE hash IN %s", set(sender_blocks+receiver_blocks))
for tx in txs:
tx_data = json.loads(tx.data)
txid = tx_data["transaction"]["txid"]
chain_txids.add(txid)
processed_txids.add(txid)
if transaction.txid in chain_txids:
continue
from_block = sender_blocks[-1] if sender_blocks else sender
to_block = receiver_blocks[-1] if receiver_blocks else receiver
# query from_block and to_block
# get balance and calcuate
# update transaction's from_block and to_block
data["from_block"] = from_block
data["to_block"] = to_block
data["sender_balance"] = ""
data["receiver_balance"] = ""
data["leader_publickey"] = pk
vk2 = VerifyingKey.from_string(base64.b64decode(sender), curve=NIST384p)
assert vk2.verify(base64.b64decode(signature), json.dumps(data["transaction"]).encode('utf-8'))
# signature = sk.sign(json.dumps(transaction).encode('utf-8'))
# data = {"transaction": transaction, "signature": str(base64.b64encode(signature), encoding="utf-8")}
for nonce in range(100000000):
block_hash = hashlib.sha256((json.dumps(data) + pk + str(nonce)).encode('utf8')).hexdigest()
if block_hash < certain_value:
print("tx", nonce, block_hash)
try:
# query if any node taken from_block or to_block
db.execute("INSERT INTO graph (hash, from_block, to_block, sender, receiver, nonce, data) VALUES (%s, %s, %s, %s, %s, %s, %s)", block_hash, from_block, to_block, sender, receiver, nonce, transaction.data)
# db.execute("INSERT INTO graph (hash, from_block, to_block, sender, receiver, nonce, data, transaction_id, timestamp) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)", block_hash, from_block, to_block, sender, receiver, nonce, transaction.data, transaction.id, int(time.time()))
processed_txids.add(transaction.txid)
break
except:
pass
time.sleep(1)
transaction_id += 20
time.sleep(0.1)
def generate() -> 'ECDSAPrivateKey':
"""Generate a new key pair."""
return ECDSAPrivateKey(pk=SigningKey.generate(curve=SECP256k1))
def checksum_encode(addr_str): # Takes a hex (string) address as input
keccak = sha3.keccak_256()
out = ''
addr = addr_str.lower().replace('0x', '')
keccak.update(addr.encode('ascii'))
hash_addr = keccak.hexdigest()
for i, c in enumerate(addr):
if int(hash_addr[i], 16) >= 8:
out += c.upper()
else:
out += c
return '0x' + out
keccak = sha3.keccak_256()
priv = SigningKey.generate(curve=SECP256k1)
pub = priv.get_verifying_key().to_string()
keccak.update(pub)
address = keccak.hexdigest()[24:]
def test(addrstr):
assert(addrstr == checksum_encode(addrstr))
test('0x5aAeb6053F3E94C9b9A09f33669435E7Ef1BeAed')
test('0xfB6916095ca1df60bB79Ce92cE3Ea74c37c5d359')
test('0xdbF03B407c01E7cD3CBea99509d93f8DDDC8C6FB')
test('0xD1220A0cf47c7B9Be7A2E6BA89F429762e7b9aDb')
test('0x7aA3a964CC5B0a76550F549FC30923e5c14EDA84')
def from_file(filename: str, passphrase: str) -> 'ECDSAPrivateKey':
"""Read from file (as written by write_key_pair)."""
data = EncryptedData.read_from_file(filename)
key = binascii.unhexlify(data.decrypt_with_passphrase(passphrase))
return ECDSAPrivateKey(SigningKey.from_string(key, curve=SECP256k1))
parser.add_argument('key', help='hex encoded wallet private key')
parser.add_argument('rpc', help='ethereum rpc node url')
parser.add_argument('--publish',
dest='publish',
help='publish contract to rpc node',
action='store_true',
required=False)
parser.set_defaults(publish=False)
args = parser.parse_args()
if not args.publish:
print('Doing demo run. No code will be published.')
web3 = Web3(HTTPProvider(args.rpc))
private_key = SigningKey.from_string(string=decode_hex(args.key),
curve=SECP256k1)
public_key = private_key.get_verifying_key().to_string()
wallet_address = web3.toChecksumAddress(keccak(public_key).hex()[24:])
web3.eth.defaultAccount = wallet_address
print('Deploying from wallet: {}'.format(wallet_address))
with open(args.binary) as f:
deployments = json.load(f)
base_nonce = web3.eth.getTransactionCount(wallet_address)
deployed_contracts = {}
for target in deployments:
def genKeys(self):
#print "11"
self.priKey = SigningKey.generate(curve=NIST192p)
#print "22"
self.pubKey = self.priKey.get_verifying_key()
app.config['SQLALCHEMY_DATABASE_URI'] = db_connect_URL
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.secret_key = SECRET_KEY
app.config['DEBUG'] = True
db = SQLAlchemy(app)
db.init_app(app)
Migrate(app, db)
# Load signature key
signature_key = None
if os.getenv("COCOAMOCK_SIGNATURE_KEY_FILENAME", None) is None:
raise SignatureKeyError(
"'COCOAMOCK_SIGNATURE_KEY_FILENAME' env is not setted.")
try:
with open(os.getenv("COCOAMOCK_SIGNATURE_KEY_FILENAME", None)) as f:
signature_key = SigningKey.from_pem(f.read())
except Exception as e:
raise e
# TEK DB Model
class TEKs(db.Model):
__tablename__ = "teks"
id = db.Column(db.Integer, primary_key=True)
epoch = db.Column(Integer)
key_data = db.Column(String(100))
rolling_start_number = db.Column(Integer)
rolling_period = db.Column(Integer)
transmission_risk = db.Column(Integer)
region = db.Column(String(10))
created = db.Column(db.DateTime, index=True, default=datetime.now())
g = 2255412
keyLength = 32
ret = 0
ths = round((p - 1) / 2)
for i in range(keyLength * 8):
seed = pow(g, seed, p)
if seed > ths:
ret += 2**i
return ret
# Set up the keys
seed = random.getrandbits(128)
rand = secure_rng(seed) + 1
sk = SigningKey.from_secret_exponent(rand, curve=NIST384p)
vk = sk.get_verifying_key()
def verify(msg, sig):
try:
return vk.verify(binascii.unhexlify(sig), msg)
except:
return False
def sign(msg):
return binascii.hexlify(sk.sign(msg))
@route('/', method='GET')
# mod2
const.SW_COMPONENT_TYPE: 'M2',
const.SIGNER_ID: SIGNER_ID,
const.SW_COMPONENT_VERSION: '3.4.2',
const.MEASUREMENT_VALUE: MEASUREMENT,
},
{
# mod3
const.SW_COMPONENT_TYPE: 'M3',
const.SIGNER_ID: SIGNER_ID,
const.SW_COMPONENT_VERSION: '3.4.2',
const.MEASUREMENT_VALUE: MEASUREMENT,
},
],
}
if __name__ == '__main__':
import sys
if len(sys.argv) != 3:
print('Usage: {} KEYFILE OUTFILE'.format(sys.argv[0]))
sys.exit(1)
keyfile = sys.argv[1]
outfile = sys.argv[2]
sk = SigningKey.from_pem(open(keyfile, 'rb').read())
token = cbor2.dumps(token_map)
signed_token = sign_eat(token, sk)
with open(outfile, 'wb') as wfh:
wfh.write(signed_token)
def _get_key_pair_from_sk(sk: ecdsa.SigningKey) -> typing.Tuple[bytes, bytes]:
"""Returns key pair from a signing key.
"""
return sk.to_string(), \
sk.verifying_key.to_string("compressed")
