def test_public_key_identifier_is_correct(self):
# STC-33
crypto_1 = VirgilCrypto()
key_pair_1 = crypto_1.generate_key_pair()
public_key_1 = crypto_1.extract_public_key(key_pair_1.private_key)
self.assertEqual(public_key_1.identifier,
key_pair_1.public_key.identifier)
self.assertEqual(crypto_1.export_public_key(public_key_1),
crypto_1.export_public_key(key_pair_1.public_key))
self.assertEqual(
hashlib.sha512(
bytearray(crypto_1.export_public_key(
key_pair_1.public_key))).digest()[0:8],
bytearray(key_pair_1.public_key.identifier))
crypto_2 = VirgilCrypto()
crypto_2.use_sha256_fingerprints = True
key_pair_2 = crypto_2.generate_key_pair()
public_key_2 = crypto_2.extract_public_key(key_pair_2.private_key)
self.assertEqual(public_key_2.identifier,
key_pair_2.public_key.identifier)
self.assertEqual(crypto_1.export_public_key(public_key_2),
crypto_1.export_public_key(key_pair_2.public_key))
self.assertEqual(
hashlib.sha256(
bytearray(crypto_1.export_public_key(
key_pair_2.public_key))).digest(),
bytearray(key_pair_2.public_key.identifier))
def test_generate_key_using_seed(self):
crypto = VirgilCrypto()
seed = crypto.generate_random_data(32)
key_id = crypto.generate_key_pair(seed=seed).private_key.identifier
retries = 5
while retries > 0:
key_pair = crypto.generate_key_pair(seed=seed)
self.assertTrue(key_id, key_pair.private_key.identifier)
self.assertTrue(key_pair.private_key.identifier,
key_pair.public_key.identifier)
retries -= 1
def __check_generate_key_using_seed(self, key_pair_type):
crypto = VirgilCrypto()
seed = crypto.generate_random_data(32)
key_id = crypto.generate_key_pair(key_pair_type,
seed=seed).private_key.identifier
retries = 5
while retries > 0:
key_pair = crypto.generate_key_pair(key_pair_type, seed=seed)
self.assertTrue(key_id, key_pair.private_key.identifier)
self.assertTrue(key_pair.private_key.identifier,
key_pair.public_key.identifier)
self.assertEqual(key_pair.private_key.key_type, key_pair_type)
retries -= 1
def test_signature_hash(self):
data = bytearray("test".encode())
crypto = VirgilCrypto()
key_pair = crypto.generate_key_pair()
signature = crypto.generate_signature(data, key_pair.private_key)
self.assertEqual(signature[:17],
bytearray(b64decode("MFEwDQYJYIZIAWUDBAIDBQA=")))
def test_key_identifier_is_correct(self):
crypto_1 = VirgilCrypto()
key_pair_1 = crypto_1.generate_key_pair()
self.assertEqual(key_pair_1.private_key.identifier,
key_pair_1.public_key.identifier)
self.assertEqual(
crypto_1.compute_hash(
crypto_1.export_public_key(key_pair_1.public_key),
HashAlgorithm.SHA512)[:8], key_pair_1.private_key.identifier)
crypto_2 = VirgilCrypto(use_sha256_fingerprints=True)
key_pair_2 = crypto_2.generate_key_pair()
self.assertEqual(
crypto_2.compute_hash(
crypto_1.export_public_key(key_pair_2.public_key),
HashAlgorithm.SHA256), key_pair_2.private_key.identifier)
def test_signature_hash(self):
# STC-30
crypto = VirgilCrypto()
key_pair = crypto.generate_key_pair()
test_data = bytearray("test".encode())
signature = crypto.generate_signature(test_data, key_pair.private_key)
self.assertEqual(bytearray(signature[0:17]),
b64decode("MFEwDQYJYIZIAWUDBAIDBQA="))
def test_sign_then_encrypt(self):
crypto = VirgilCrypto()
key_pair_1 = crypto.generate_key_pair()
key_pair_2 = crypto.generate_key_pair()
key_pair_3 = crypto.generate_key_pair()
data = [1, 2, 3]
cipher_data = crypto.sign_and_encrypt(data, key_pair_1.private_key,
key_pair_2.public_key)
decrypted_data = crypto.decrypt_and_verify(
cipher_data, key_pair_2.private_key,
[key_pair_1.public_key, key_pair_2.public_key])
self.assertEqual(data, list(decrypted_data))
self.assertRaises(VirgilCryptoError, crypto.decrypt_and_verify,
cipher_data, key_pair_2.private_key,
key_pair_3.public_key)
from virgil_crypto import VirgilCrypto crypto = VirgilCrypto() # Generate private/public key with EC_X25519 sender_keys = crypto.generate_key_pair() sender_private_key = sender_keys.private_key sender_public_key = sender_keys.public_key # Generate keys for the receiving end of the location. receiver_keys = crypto.generate_key_pair() receiver_public_key = receiver_keys.public_key receiver_private_key = receiver_keys.private_key # Generate keys for the middle man! middleman_keys = crypto.generate_key_pair() middleman_public_key = middleman_keys.public_key middleman_private_key = middleman_keys.private_key # Create location to send to receiver. This will be intercepted by the middleman. location = "lat=42.361145,long=-71.057083" location_data = location.encode() # Ok encrypt a message for the receiver. It requires the receivers public key and the message being sent. receiver_list = [receiver_public_key] encrypted_data = crypto.encrypt(location_data, *receiver_list) # Time for the middleman to decrypt data. He is not on the receiver list, so it shouldn't work! middleman_decrypted_data = crypto.decrypt(encrypted_data, middleman_private_key) # Decrypt the message from the host. This is the receivers part now. This is why the private key is here
# Import virgil crypto library into python file from virgil_crypto import VirgilCrypto # First, create Virgil Crypto object crypto = VirgilCrypto() # Create public/private keys for the sender. Default algorithm is EC_X25519 sender_keys = crypto.generate_key_pair() sender_public_key = sender_keys.public_key sender_private_key = sender_keys.private_key # Create public/private keys for the receiver. receiver_keys = crypto.generate_key_pair() receiver_public_key = receiver_keys.public_key receiver_private_key = receiver_keys.private_key # Create data that we want to verify between the two clients. This data won't be sent yet, just for signature validation purposes. location = "lat=42.361145,long=-71.057083" location_data = location.encode() # List of public keys that will receive the location data receiver_list = [receiver_public_key] # Encrypt the data using AES-256 encrypted_data = crypto.encrypt(location_data, *receiver_list) # Now, this is the receivers side (The person receiving the location from the sender). This would be a separate individual client. # If we were to use sockets, this would be another file for a different host interacting with the server. The receivers private # key is available because they are receiving the encrypted message on their device. decrypted_data = crypto.decrypt(encrypted_data, receiver_private_key) decrypted_message = bytes(decrypted_data).decode()