def authenticated_query_to_server(self, token_context, token_ttl=9999):
self.crypto = VirgilCrypto()
self.app_key_base64 = "MC4CAQAwBQYDK2VwBCIEIEtNPMUG9uR8YxukWw1gX3bkXjbsbOZoN54d2ZKSz09a"
# self.app_key_base64 = "MC4CAQAwBQYDK2VwBCIEIJvD17QhpJ1qFfIq3q8eqrZ0oBIf9GQ0T+6obQCmspnQ"
#self.app_key_base64 = "MC4CAQAwBQYDK2VwBCIEIF+gQkN4StqMMFJGWE1tKXcitkLqHqmrBz+OaQZKGZFR"
#self.app_id = "6af75f0dd9be50ebb77facad0f71eaf3"
self.app_id = "def16346c7b43bbaed5b4b9ac8affa4"
# self.api_key_id = "3def16346c7b43bbaed5b4b9acb9ac8affa4"
self.api_key_id = "309d53349835f34d5a03966d9de51877"
self.app_key = self.crypto.import_private_key(
Utils.b64decode(self.app_key_base64))
self.builder = JwtGenerator(self.app_id, self.app_key, self.api_key_id,
token_ttl, AccessTokenSigner())
#self.identity = token_context.identity
#return self.builder.generate_token(self.identity).to_string()
#PLEASE MAKE TOKEN_CONTEXT AN ACTUAL JWT TOKEN
#return self.builder.generate_token(token_context)
try:
self.identity = token_context.identity
return self.builder.generate_token(self.identity).to_string()
except:
return self.builder.generate_token(token_context)
def publish_card(self, user):
self.client_crypto = VirgilCrypto()
card_crypto = CardCrypto()
validator = VirgilCardVerifier(card_crypto)
token_provider = CallbackJwtProvider(self.get_token_from_server)
print('token_provider')
print(vars(token_provider))
card_manager = CardManager(card_crypto,
access_token_provider=token_provider,
card_verifier=validator)
key_pair = self.client_crypto.generate_keys()
username = user
public_key_data = self.client_crypto.export_public_key(
key_pair.public_key)
public_key_str = Utils.b64encode(public_key_data)
class DummyClass:
def __init__(self, raw_key):
self.raw_key = raw_key
dummy = DummyClass(key_pair.public_key.raw_key)
print(public_key_data)
print(public_key_str)
print(key_pair.public_key)
card = card_manager.publish_card(identity=username,
private_key=key_pair.private_key,
public_key=key_pair.public_key)
print(vars(card))
def __init__(self):
self.crypto = VirgilCrypto()
self.api_key_base64 = "MC4CAQAwBQYDK2VwBCIEIF+gQkN4StqMMFJGWE1tKXcitkLqHqmrBz+OaQZKGZFR"
self.app_id = "6af75f0dd9be50ebb77facad0f71eaf3"
self.app_key_id = "3def16346c7b43bbaed5b4b9acb9ac8affa4"
self.api_key = self.crypto.import_private_key(Utils.b64_decode(self.api_key_base64))
self.ttl = datetime.timedelta(hours=1).seconds
self.access_token_signer = AccessTokenSigner()
self.key_pair = self.crypto.generate_keys()
self.server_crypto = VirgilCrypto()
self.server_key_pair = self.server_crypto.generate_keys()
self.server_private_key_data = self.server_crypto.export_private_key(self.server_key_pair.private_key, "test password")
self.server_public_key_data = self.server_crypto.export_public_key(self.server_key_pair.public_key)
self.server_private_key_str = Utils.b64encode(self.server_private_key_data)
self.server_for_client_public = Utils.b64encode(self.server_public_key_data)
self.server_exporter = PrivateKeyExporter(self.server_crypto)
self.server_private_key_storage = PrivateKeyStorage(self.server_exporter)
self.server_public_key_str = self.server_key_pair.public_key
self.server_card_crypto = CardCrypto()
self.server_your_backend_white_list = WhiteList()
self.server_your_backend_white_list = VerifierCredentials(signer="Jonathan",public_key_base64 = self.server_public_key_str)
self.verifier = VirgilCardVerifier(self.server_card_crypto, white_lists = [self.server_your_backend_white_list])
self.access_token_provider = CallbackJwtProvider(self.get_token_from_server("Alice"))
self.card_manager = CardManager(
self.server_card_crypto,
self.access_token_provider,
self.verifier
)
def getUserVirgilJWT():
try:
if not g.user:
print('ERROR: No user to get Virgil JWT for.')
return "", constants.STATUS_BAD_REQUEST
crypto = VirgilCrypto()
api_id = os.environ['VIRGIL_API_ID']
api_key_id = os.environ['VIRGIL_API_KEY_ID']
api_private_key = os.environ['VIRGIL_API_PRIVATE_KEY_ID']
token_ttl = 20 # seconds
imported_key = crypto.import_private_key(
Utils.b64decode(api_private_key)).private_key
# Instantiate token generator
builder = JwtGenerator(api_id, imported_key, api_key_id, token_ttl,
AccessTokenSigner())
token = builder.generate_token(str(g.user.id)).to_string()
return jsonify({"token": token}), constants.STATUS_OK
except Exception as err:
print('Error getting the Virgil JWT: ' + str(err))
return "", constants.STATUS_SERVER_ERROR
return "", constants.STATUS_SERVER_ERROR
def test_signature_hash(self):
data = bytearray("test".encode())
crypto = VirgilCrypto()
key_pair = crypto.generate_key_pair()
signature = crypto.generate_signature(data, key_pair.private_key)
self.assertEqual(signature[:17],
bytearray(b64decode("MFEwDQYJYIZIAWUDBAIDBQA=")))
def __init__(self, ui, logger, api_url, app_token):
self._ui = ui
self._logger = logger
self._crypto = VirgilCrypto()
self._api_host = urlparse(api_url).netloc
self._app_token = app_token
self._keys_counter = {
} # used for identities calculation: auth_1, auth_2
def test_signature_hash(self):
# STC-30
crypto = VirgilCrypto()
key_pair = crypto.generate_key_pair()
test_data = bytearray("test".encode())
signature = crypto.generate_signature(test_data, key_pair.private_key)
self.assertEqual(bytearray(signature[0:17]),
b64decode("MFEwDQYJYIZIAWUDBAIDBQA="))
def test_generate_key_using_seed(self):
crypto = VirgilCrypto()
seed = crypto.generate_random_data(32)
key_id = crypto.generate_key_pair(seed=seed).private_key.identifier
retries = 5
while retries > 0:
key_pair = crypto.generate_key_pair(seed=seed)
self.assertTrue(key_id, key_pair.private_key.identifier)
self.assertTrue(key_pair.private_key.identifier,
key_pair.public_key.identifier)
retries -= 1
def test_encrypts_and_decrypts_data(self):
raw_data = bytearray("test", "utf-8")
rng = CtrDrbg()
rng.setup_defaults()
key_pair1 = VirgilCrypto().generate_key_pair(KeyPairType.ED25519)
key_pair2 = VirgilCrypto().generate_key_pair(KeyPairType.ED25519)
cipher = RecipientCipher()
aes_gcm = Aes256Gcm()
cipher.set_encryption_cipher(aes_gcm)
cipher.set_random(rng)
cipher.add_key_recipient(bytearray("1", "utf-8"), key_pair1.public_key.public_key)
cipher.add_key_recipient(bytearray("2", "utf-8"), key_pair2.public_key.public_key)
cipher.start_encryption()
encrypted_data = cipher.pack_message_info()
encrypted_data += cipher.process_encryption(raw_data)
encrypted_data += cipher.finish_encryption()
cipher.start_decryption_with_key(
bytearray("1", "utf-8"),
key_pair1.private_key.private_key,
bytearray()
)
decrypted_data1 = bytearray()
decrypted_data1 += cipher.process_decryption(encrypted_data)
decrypted_data1 += cipher.finish_decryption()
self.assertEqual(
raw_data,
bytearray(decrypted_data1)
)
cipher.start_decryption_with_key(
bytearray("2", "utf-8"),
key_pair2.private_key.private_key,
bytearray()
)
decrypted_data2 = bytearray()
decrypted_data2 += cipher.process_decryption(encrypted_data)
decrypted_data2 += cipher.finish_decryption()
self.assertEqual(
raw_data,
bytearray(decrypted_data2)
)
def __check_generate_key_using_seed(self, key_pair_type):
crypto = VirgilCrypto()
seed = crypto.generate_random_data(32)
key_id = crypto.generate_key_pair(key_pair_type,
seed=seed).private_key.identifier
retries = 5
while retries > 0:
key_pair = crypto.generate_key_pair(key_pair_type, seed=seed)
self.assertTrue(key_id, key_pair.private_key.identifier)
self.assertTrue(key_pair.private_key.identifier,
key_pair.public_key.identifier)
self.assertEqual(key_pair.private_key.key_type, key_pair_type)
retries -= 1
def test_signs_and_verifies_data(self):
raw_data = bytearray("test", "utf-8")
key_pair = VirgilCrypto().generate_key_pair(KeyPairType.ED25519)
input_stream = io.BytesIO(raw_data)
signer = Signer()
signer.set_hash(Sha512())
signer.reset()
VirgilCrypto()._VirgilCrypto__for_each_chunk_input(input_stream, signer.append_data)
signature = signer.sign(key_pair.private_key.private_key)
input_stream = io.BytesIO(raw_data)
verifier = Verifier()
verifier.reset(signature)
VirgilCrypto()._VirgilCrypto__for_each_chunk_input(input_stream, verifier.append_data)
is_valid = verifier.verify(key_pair.public_key.public_key)
self.assertTrue(is_valid)
def __init__(self,
key_type: str,
private_key=None,
public_key=None,
ec_type=VirgilKeyPair.Type_EC_SECP256R1,
hash_type=HashAlgorithm.SHA256):
self._crypto = VirgilCrypto()
self._crypto.signature_hash_algorithm = hash_type
self.__hash_type = hash_type
self.__key_type = key_type
self.__ec_type = ec_type
self.__public_key = None if not public_key else b64_to_bytes(
public_key)
self.__private_key = None if not private_key else b64_to_bytes(
private_key)
self.__key_id = None
self.__signature = None
self.device_serial = None
def test_key_identifier_is_correct(self):
crypto_1 = VirgilCrypto()
key_pair_1 = crypto_1.generate_key_pair()
self.assertEqual(key_pair_1.private_key.identifier,
key_pair_1.public_key.identifier)
self.assertEqual(
crypto_1.compute_hash(
crypto_1.export_public_key(key_pair_1.public_key),
HashAlgorithm.SHA512)[:8], key_pair_1.private_key.identifier)
crypto_2 = VirgilCrypto(use_sha256_fingerprints=True)
key_pair_2 = crypto_2.generate_key_pair()
self.assertEqual(
crypto_2.compute_hash(
crypto_1.export_public_key(key_pair_2.public_key),
HashAlgorithm.SHA256), key_pair_2.private_key.identifier)
def test_signs_and_verifies_data(self):
raw_data = bytearray("test", "utf-8")
key_pair = VirgilCrypto().generate_key_pair(KeyPairType.ED25519)
signer = Signer()
signer.set_hash(Sha512())
signer.reset()
signer.append_data(raw_data)
signature = signer.sign(key_pair.private_key.private_key)
verifier = Verifier()
verifier.reset(signature)
verifier.append_data(raw_data)
is_valid = verifier.verify(key_pair.public_key.public_key)
self.assertTrue(is_valid)
def test_private_key_identifier_is_correct(self):
# STC-33
crypto_1 = VirgilCrypto()
key_pair_1 = crypto_1.generate_key_pair()
self.assertEqual(
hashlib.sha512(
bytearray(crypto_1.export_public_key(
key_pair_1.public_key))).digest()[0:8],
bytes(key_pair_1.private_key.identifier))
crypto_2 = VirgilCrypto()
crypto_2.use_sha256_fingerprints = True
key_pair_2 = crypto_2.generate_key_pair()
self.assertEqual(
hashlib.sha256(
bytearray(crypto_2.export_public_key(
key_pair_2.public_key))).digest(),
bytearray(key_pair_2.private_key.identifier))
def test_sign_then_encrypt(self):
crypto = VirgilCrypto()
key_pair_1 = crypto.generate_key_pair()
key_pair_2 = crypto.generate_key_pair()
key_pair_3 = crypto.generate_key_pair()
data = [1, 2, 3]
cipher_data = crypto.sign_and_encrypt(data, key_pair_1.private_key,
key_pair_2.public_key)
decrypted_data = crypto.decrypt_and_verify(
cipher_data, key_pair_2.private_key,
[key_pair_1.public_key, key_pair_2.public_key])
self.assertEqual(data, list(decrypted_data))
self.assertRaises(VirgilCryptoError, crypto.decrypt_and_verify,
cipher_data, key_pair_2.private_key,
key_pair_3.public_key)
class VirgilKeyGenerator(KeyGeneratorInterface):
"""
Represents key pair entity for virgil_crypto lib usage only
"""
def __init__(self,
key_type: str,
private_key=None,
public_key=None,
ec_type=VirgilKeyPair.Type_EC_SECP256R1,
hash_type=HashAlgorithm.SHA256):
self._crypto = VirgilCrypto()
self._crypto.signature_hash_algorithm = hash_type
self.__hash_type = hash_type
self.__key_type = key_type
self.__ec_type = ec_type
self.__public_key = None if not public_key else b64_to_bytes(
public_key)
self.__private_key = None if not private_key else b64_to_bytes(
private_key)
self.__key_id = None
self.__signature = None
self.device_serial = None
def generate(self,
*,
signature_limit=None,
rec_pub_keys=None,
signer_key: Optional[KeyGeneratorInterface] = None,
private_key_base64: Optional[str] = None,
start_date: Optional[int] = 0,
expire_date: Optional[int] = 0,
meta_data: Optional[bytes] = bytes()):
def make_signature():
byte_buffer = io.BytesIO()
# vs_pubkey_dated_t
byte_buffer.write(
start_date.to_bytes(4, byteorder='big', signed=False))
byte_buffer.write(
expire_date.to_bytes(4, byteorder='big', signed=False))
byte_buffer.write(
self.key_type_secmodule.to_bytes(1,
byteorder='big',
signed=False))
byte_buffer.write(
self.ec_type_secmodule.to_bytes(1,
byteorder='big',
signed=False))
byte_buffer.write(
len(meta_data).to_bytes(2, byteorder='big', signed=False))
byte_buffer.write(meta_data)
byte_buffer.write(b64_to_bytes(self.public_key))
bytes_to_sign = byte_buffer.getvalue()
return signer_key.sign(to_b64(bytes_to_sign), long_sign=False)
if private_key_base64:
self.__private_key = b64_to_bytes(private_key_base64)
virgil_priv_key = self._crypto.import_private_key(
self.__private_key)
virgil_pubkey = self._crypto.extract_public_key(virgil_priv_key)
self.__public_key = VirgilKeyPair.publicKeyToDER(
virgil_pubkey.raw_key)[-65:]
if self.__private_key is None:
virgil_key_pair = VirgilKeyPair.generate(self.ec_type)
self.__private_key = VirgilKeyPair.privateKeyToDER(
virgil_key_pair.privateKey())
self.__public_key = VirgilKeyPair.publicKeyToDER(
virgil_key_pair.publicKey())[-65:]
if signer_key:
self.__signature = make_signature()
return self
@property
def ec_type(self):
return self.__ec_type
@property
def hash_type(self):
return self.__hash_type
@property
def private_key(self):
return to_b64(self.__private_key)
@property
def public_key(self):
return to_b64(self.__public_key)
@property
def public_key_full(self):
virgil_private_key = self._crypto.import_private_key(
b64_to_bytes(self.private_key))
return to_b64(self._crypto.extract_public_key(virgil_private_key))
@property
def signature(self):
return self.__signature
@property
def key_id(self):
return CRCCCITT().calculate(b64_to_bytes(self.public_key))
@property
def key_type(self):
return self.__key_type
def sign(self, data, long_sign=False):
data = b64_to_bytes(data)
private_key = b64_to_bytes(self.private_key)
signature = self._crypto.sign(
data, self._crypto.import_private_key(private_key))
if not long_sign:
signature = VirgilSignExtractor.extract_sign(signature)
return to_b64(signature)
def verify(self, data, signature, long_sign=False):
data = b64_to_bytes(data)
public_key = b64_to_bytes(
self.public_key_full) # verify signature with full public key
return self._crypto.verify(data, signature,
self._crypto.import_public_key(public_key))
def encrypt(self, data):
data = b64_to_bytes(data)
public_key = b64_to_bytes(
self.public_key_full) # encrypt with full public key
encrypted = self._crypto.encrypt(
data, self._crypto.import_public_key(public_key))
return to_b64(encrypted)
def decrypt(self, data):
data = b64_to_bytes(data)
private_key = b64_to_bytes(self.private_key)
decrypted = self._crypto.decrypt(
data, self._crypto.import_private_key(private_key))
return to_b64(decrypted)
class CardRequestsHandler:
def __init__(self, ui, logger, api_url, app_token):
self._ui = ui
self._logger = logger
self._crypto = VirgilCrypto()
self._api_host = urlparse(api_url).netloc
self._app_token = app_token
self._keys_counter = {
} # used for identities calculation: auth_1, auth_2
def _create_raw_card(self, key_pair: KeyGeneratorInterface,
key_info: dict) -> str:
# Prepare public key in virgil format
public_key = key_pair.public_key
public_key = tiny_key_to_virgil(public_key)
public_key = self._crypto.import_public_key(public_key)
# Calculate identity.
identity = key_pair.key_type
# For keys which amount is 2 there should be identities like auth_1, auth_2
if key_pair.key_type in (VSKeyTypeS.RECOVERY.value,
VSKeyTypeS.AUTH.value,
VSKeyTypeS.TRUSTLIST.value,
VSKeyTypeS.FIRMWARE.value):
if key_pair.key_type not in self._keys_counter or self._keys_counter[
key_pair.key_type] == 2:
key_number = 1
else:
key_number = 2
identity = "%s_%s" % (identity, key_number)
self._keys_counter[key_pair.key_type] = key_number
# Prepare card content snapshot
created_at = int(datetime.utcnow().timestamp())
card_content = RawCardContent(identity=identity,
public_key=public_key,
created_at=created_at)
card_content_snapshot = card_content.content_snapshot
# Create raw card
raw_card = RawSignedModel(card_content_snapshot)
# Sign combined snapshot (with key_info)
key_info_b = json.dumps(key_info).encode("utf-8")
key_info_b64 = to_b64(key_info_b)
combined_snapshot = to_b64(
b64_to_bytes(card_content_snapshot) + b64_to_bytes(key_info_b64))
signature = key_pair.sign(combined_snapshot, long_sign=True)
if not signature:
err_msg = "[ERROR]: Virgil Card creation request: signing failed"
self._ui.print_error(err_msg)
self._logger.error(err_msg)
sys.exit(1)
raw_signature = RawSignature(
signer="self",
signature=b64_to_bytes(signature),
signature_snapshot=b64_to_bytes(key_info_b64))
# Append signature to card
raw_card.signatures.append(raw_signature)
# Return card request as json string
return raw_card.to_json()
def _register_card(self, card_b64):
"""
Send card request to Things service
"""
conn = http.client.HTTPSConnection(host=self._api_host)
conn.request(method="POST",
url=CARD_REGISTRATION_ENDPOINT,
body=card_b64,
headers={"AppToken": self._app_token})
response = conn.getresponse()
resp_body = response.read()
if response.status != 200:
err_msg = (
"[ERROR]: Failed to register Virgil card at {host}{endpoint}\n"
"Card: {card_b64}\n"
"Response status code: {status}\n"
"Response body: {body}".format(
card_b64=card_b64,
host=self._api_host,
endpoint=CARD_REGISTRATION_ENDPOINT,
status=response.status,
body=resp_body))
self._ui.print_error(err_msg)
self._logger.error(err_msg)
sys.exit(1)
self._ui.print_message("Virgil Card for key successfully registered")
self._logger.info("Card registered. Response: %s" % resp_body)
def create_and_register_card(self, key: KeyGeneratorInterface,
key_info: dict):
card = self._create_raw_card(key, key_info)
self._logger.info("Card request prepared: %s" % card)
self._register_card(card)
def __init__(self, crypto=VirgilCrypto()):
self.__crypto = crypto
from virgil_crypto import VirgilCrypto crypto = VirgilCrypto() key_pair = crypto.generate_keys() print(key_pair)
def _crypto(self):
return VirgilCrypto()
def _crypto(self):
if self.__crypto:
return self.__crypto
self.__crypto = VirgilCrypto()
return self.__crypto
class VirgilServerClient:
def __init__(self):
print("generated")
####SERVER SIDE
def authenticated_query_to_server(self, token_context, token_ttl=9999):
self.crypto = VirgilCrypto()
self.app_key_base64 = "MC4CAQAwBQYDK2VwBCIEIEtNPMUG9uR8YxukWw1gX3bkXjbsbOZoN54d2ZKSz09a"
# self.app_key_base64 = "MC4CAQAwBQYDK2VwBCIEIJvD17QhpJ1qFfIq3q8eqrZ0oBIf9GQ0T+6obQCmspnQ"
#self.app_key_base64 = "MC4CAQAwBQYDK2VwBCIEIF+gQkN4StqMMFJGWE1tKXcitkLqHqmrBz+OaQZKGZFR"
#self.app_id = "6af75f0dd9be50ebb77facad0f71eaf3"
self.app_id = "def16346c7b43bbaed5b4b9ac8affa4"
# self.api_key_id = "3def16346c7b43bbaed5b4b9acb9ac8affa4"
self.api_key_id = "309d53349835f34d5a03966d9de51877"
self.app_key = self.crypto.import_private_key(
Utils.b64decode(self.app_key_base64))
self.builder = JwtGenerator(self.app_id, self.app_key, self.api_key_id,
token_ttl, AccessTokenSigner())
#self.identity = token_context.identity
#return self.builder.generate_token(self.identity).to_string()
#PLEASE MAKE TOKEN_CONTEXT AN ACTUAL JWT TOKEN
#return self.builder.generate_token(token_context)
try:
self.identity = token_context.identity
return self.builder.generate_token(self.identity).to_string()
except:
return self.builder.generate_token(token_context)
########CLIENT SIDE
def get_token_from_server(self, token_context):
print('get token from server')
print(token_context)
jwt_from_server = self.authenticated_query_to_server(token_context)
return jwt_from_server
def set_access_token_provider(self):
self.access_token_provider = CallbackJwtProvider(
self.get_token_from_server)
def publish_card(self, user):
self.client_crypto = VirgilCrypto()
card_crypto = CardCrypto()
validator = VirgilCardVerifier(card_crypto)
token_provider = CallbackJwtProvider(self.get_token_from_server)
print('token_provider')
print(vars(token_provider))
card_manager = CardManager(card_crypto,
access_token_provider=token_provider,
card_verifier=validator)
key_pair = self.client_crypto.generate_keys()
username = user
public_key_data = self.client_crypto.export_public_key(
key_pair.public_key)
public_key_str = Utils.b64encode(public_key_data)
class DummyClass:
def __init__(self, raw_key):
self.raw_key = raw_key
dummy = DummyClass(key_pair.public_key.raw_key)
print(public_key_data)
print(public_key_str)
print(key_pair.public_key)
card = card_manager.publish_card(identity=username,
private_key=key_pair.private_key,
public_key=key_pair.public_key)
print(vars(card))
# Import virgil crypto library into python file
from virgil_crypto import VirgilCrypto
# First, create Virgil Crypto object
crypto = VirgilCrypto()
# Create public/private keys for the sender. Default algorithm is EC_X25519
sender_keys = crypto.generate_key_pair()
sender_public_key = sender_keys.public_key
sender_private_key = sender_keys.private_key
# Middleman Keys
middleman_keys = crypto.generate_key_pair()
middleman_private_key = middleman_keys.private_key
# Create data that we want to verify between the two clients. This data won't be sent yet, just for signature validation purposes.
message = "Hey Deren! My location is lat=42.361145,long=-71.057083"
message_data = message.encode()
# Sign the message data with the senders private key.
signature = crypto.generate_signature(message_data, sender_private_key)
# Middleman signature
middleman_signature = crypto.generate_signature(message_data,
middleman_private_key)
# Verify if the message can be decoded with the given public key : "sender_public_key"
verification = crypto.verify_signature(message_data, signature,
sender_public_key)
# Middleman unverified signature
class VirgilFlaskLib:
def __init__(self):
self.crypto = VirgilCrypto()
self.api_key_base64 = "MC4CAQAwBQYDK2VwBCIEIF+gQkN4StqMMFJGWE1tKXcitkLqHqmrBz+OaQZKGZFR"
self.app_id = "6af75f0dd9be50ebb77facad0f71eaf3"
self.app_key_id = "3def16346c7b43bbaed5b4b9acb9ac8affa4"
self.api_key = self.crypto.import_private_key(Utils.b64_decode(self.api_key_base64))
self.ttl = datetime.timedelta(hours=1).seconds
self.access_token_signer = AccessTokenSigner()
self.key_pair = self.crypto.generate_keys()
self.server_crypto = VirgilCrypto()
self.server_key_pair = self.server_crypto.generate_keys()
self.server_private_key_data = self.server_crypto.export_private_key(self.server_key_pair.private_key, "test password")
self.server_public_key_data = self.server_crypto.export_public_key(self.server_key_pair.public_key)
self.server_private_key_str = Utils.b64encode(self.server_private_key_data)
self.server_for_client_public = Utils.b64encode(self.server_public_key_data)
self.server_exporter = PrivateKeyExporter(self.server_crypto)
self.server_private_key_storage = PrivateKeyStorage(self.server_exporter)
self.server_public_key_str = self.server_key_pair.public_key
self.server_card_crypto = CardCrypto()
self.server_your_backend_white_list = WhiteList()
self.server_your_backend_white_list = VerifierCredentials(signer="Jonathan",public_key_base64 = self.server_public_key_str)
self.verifier = VirgilCardVerifier(self.server_card_crypto, white_lists = [self.server_your_backend_white_list])
self.access_token_provider = CallbackJwtProvider(self.get_token_from_server("Alice"))
self.card_manager = CardManager(
self.server_card_crypto,
self.access_token_provider,
self.verifier
)
def get_private_key(self):
return self.key_pair.private_key
def get_public_key(self):
return self.key_pair.public_key
#jwt token generation
def get_token_from_server(self, token_context):
#jwt_from_server = authficated_query_to_server(token_context)
#jwt_from_server = token_context
jwt_from_server = self.generate_JWT_for_user("Alice")
return jwt_from_server
#JWT generator with necessary paramters
def get_JWT_generator(self):
return JwtGenerator(self.app_id, self.api_key, self.app_key_id, self.ttl, self.access_token_signer)
def generate_JWT_for_user(self, identity):
jwt_generator = self.get_JWT_generator()
self.identity = identity
return jwt_generator.generate_token(identity)
#function is broken
def publish_card(self):
#self.card = self.card_manager.publish_card(identity = self.identity, private_key = self.server_key_pair.private_key, public_key = self.server_key_pair.public_key)
self.card = self.card_manager.publish_card(identity = self.identity, private_key = self.server_key_pair.private_key, public_key = self.server_key_pair.public_key)
def signAndEncrypt(self, message):
message_to_encrypt = message
data_to_encrypt = Utils.strtobytes(message)
alice_private_key, alice_private_key_additional_data = self.server_private_key_storage.load("Alice")
from virgil_crypto import VirgilCrypto crypto = VirgilCrypto() # Generate private/public key with EC_X25519 sender_keys = crypto.generate_key_pair() sender_private_key = sender_keys.private_key sender_public_key = sender_keys.public_key # Generate keys for the receiving end of the location. receiver_keys = crypto.generate_key_pair() receiver_public_key = receiver_keys.public_key receiver_private_key = receiver_keys.private_key # Generate keys for the middle man! middleman_keys = crypto.generate_key_pair() middleman_public_key = middleman_keys.public_key middleman_private_key = middleman_keys.private_key # Create location to send to receiver. This will be intercepted by the middleman. location = "lat=42.361145,long=-71.057083" location_data = location.encode() # Ok encrypt a message for the receiver. It requires the receivers public key and the message being sent. receiver_list = [receiver_public_key] encrypted_data = crypto.encrypt(location_data, *receiver_list) # Time for the middleman to decrypt data. He is not on the receiver list, so it shouldn't work! middleman_decrypted_data = crypto.decrypt(encrypted_data, middleman_private_key) # Decrypt the message from the host. This is the receivers part now. This is why the private key is here
def __init__(self, crypto=VirgilCrypto()):
self.__algorithm = "VEDS512"
self.__crypto = crypto
