def makepuzzle(t): # Init PyCrypto RNG rnd = randpool.RandomPool() # Generate 512-bit primes p = number.getPrime(512, rnd.get_bytes) q = number.getPrime(512, rnd.get_bytes) n = p * q phi = (p - 1) * (q - 1) # AES key --- this is what we will encode into the puzzle solution key = number.getRandomNumber(128, rnd.get_bytes) # Need a random starting value for the puzzle, between 1 and n a = number.getRandomNumber(4096, rnd.get_bytes) a = a % n # *** puzzle shortcut *** # fast way to compute (a^2)^t (if you know phi) e = pow(2, t, phi) b = pow(a, e, n) # So b = (a^2)^t, and we encode the key into this solution ck = (key + b) % n return (key, (n, a, t, ck))
def __init__(self,issuerurl,issuerPubKey,value): self.issuerurl = issuerurl self.pubkey = issuerPubKey self.value = value self.serial = "%s %s %s" % (value,issuerurl, number.getRandomNumber(serialsize, pool.get_bytes)) self.signature = None self.blindingFactor = number.getRandomNumber(self.pubkey.size() - 1, pool.get_bytes) self.deleted = None
def __init__(self, issuerurl, issuerPubKey, value): self.issuerurl = issuerurl self.pubkey = issuerPubKey self.value = value self.serial = "%s %s %s" % (value, issuerurl, number.getRandomNumber( serialsize, pool.get_bytes)) self.signature = None self.blindingFactor = number.getRandomNumber(self.pubkey.size() - 1, pool.get_bytes) self.deleted = None
def broadcastVote(self, voter_id, party): ret = self.verifyVoterId(voter_id) if not ret[0] or ret[1] == 'ALREADY VOTED': return ret keys = self.getKeys() A = { 'voter id': voter_id, 'random nonce': hashlib.blake2s('{0}{1}{0}'.format(crypto_number.getRandomNumber(RND_SYMM_KEY_SIZE), voter_id).encode('utf-8')).hexdigest() } B = 'verify {}'.format(json.dumps(A, sort_keys = True)) tmp = response_from_blo = self._local.command(B, BLO_ID) try: tmp = response_from_blo = json.loads(response_from_blo) if rsa.verify(response_from_blo, A['random nonce'], BLO_PUBLIC_KEY): try: tmp = response_from_ext_officer = self._local.command(B, EXT_OFFICER_ID) response_from_ext_officer = json.loads(response_from_ext_officer) if rsa.verify(response_from_ext_officer, A['random nonce'], EXT_OFFICER_PUBLIC_KEY): symm_key = crypto_number.getRandomNumber(RND_SYMM_KEY_SIZE) voter_hash = aesHmac.symmEncryption(hashlib.blake2s('{}'.format(voter_id).encode('utf-8')).hexdigest(), symm_key) voter_hash = hashlib.sha256(voter_hash).hexdigest() p1, p2 = self.__nonceifyParty(voter_hash, party) pk, sk = self.getKeys() A = { 'voter': voter_hash, 'party (blo encrypted)': p1, 'party (ext-officer encrypted)': p2, 'timestamp': time.time(), 'public key': pk, 'random nonce': A['random nonce'], 'blo signature': response_from_blo, 'ext-officer signature': response_from_ext_officer } A['sig'] = rsa.sign(json.dumps(A, sort_keys = True), sk) self._chainMutex.acquire() ret = self._chain.addTransaction(voter_hash, A) node.mutexReleaser(self._chainMutex) if ret: A = dict(A) A['id'] = self.id() self.__broadcastUtil(A, 'broadcast_vote') DB_MANAGER = ssql.SSQLiteManager('public_details.db') DB_MANAGER.update('ELIGIBLE_VOTERS', 'status = 0', '"voter id" == "{}"'.format(voter_id)) DB_MANAGER.commit() DB_MANAGER.close() return True, 'BRAVO', symm_key except: return False, 'EXT-OFFICER REJECTED' if tmp == 'NOT OK' else 'EXT-OFFICER NOT AVAILABLE' except: return False, 'BLO REJECTED' if tmp == 'NOT OK' else 'BLO NOT AVAILABLE'
def makepuzzle(t): # Generate 512-bit primes p = number.getPrime(MOD_BITS, rnd.get_bytes) q = number.getPrime(MOD_BITS, rnd.get_bytes) n = p * q fi = (p - 1) * (q - 1) key = number.getRandomNumber(AES_BITS, rnd.get_bytes) a = number.getRandomNumber(MOD_BITS, rnd.get_bytes) % n e = pow(2, t, fi) b = pow(a, e, n) cipher_key = (key + b) % n return (key, {'N': n, 'a': a, 'steps': t, 'cipher_key': cipher_key})
def _GetRandomFromZNStar(self, n_length, n): while True: r = number.getRandomNumber(n_length, ccrypto.GetRandBytes) # check relative prime if r < n and number.GCD(r, n) == 1: break return r
def makepuzzle(t): # Generate 512-bit primes p = number.getPrime(MOD_BITS/2, rnd.get_bytes) q = number.getPrime(MOD_BITS/2, rnd.get_bytes) N = p*q totient = (p-1)*(q-1) key = number.getRandomNumber(AES_BITS, rnd.get_bytes) a = number.getRandomNumber(MOD_BITS, rnd.get_bytes) % N e = pow(2, t, totient) b = pow(a, e, N) cipher_key = (key + b) % N return (key, {'N': N, 'a': a, 'steps': t, 'cipher_key': cipher_key})
def get_random_bytes( nbytes ): nbits = nbytes * 8 random_pool = RandomPool( 1064 ) while random_pool.entropy < nbits: random_pool.add_event() random_pool.stir() return str( number.getRandomNumber( nbits, random_pool.get_bytes ) )
def sign_DSA(msg, key_tuple, k=None): """Create a DSA signature. :Parameters: - `msg`: string of data signature applies to - `key_tuple`: tuple of DSA integers (y, g, p, q, x) (see `DSA tuple`_) - `k`: random integer 2 < k < q (automatically generated by default) :Returns: tuple (integer, integer) DSA signature values (r, s) .. _DSA tuple: DSA tuple: - `y`: integer DSA public key - `g`: integer DSA group - `p`: integer DSA prime - `q`: integer DSA order - `x`: integer DSA secret value """ import Crypto.PublicKey.DSA as DSA if k is None: # generate our own k value (2 < k < q) import Crypto.Util.number as NUM import Crypto.Util.randpool as RND rnd = RND.RandomPool() q = key_tuple[3] while 1: k = NUM.getRandomNumber(8*len(STN.int2str(q)), rnd.get_bytes) if 2 < k < q: break dsa = DSA.construct(key_tuple) # note change in ordering return dsa.sign(msg, k)
def generate_random_big_number(self, random_bit, big_num): gene_num = big_num while True: gene_num = number.getRandomNumber(random_bit) if gene_num < big_num: break return gene_num
def makepuzzle(t): # Generate 512-bit primes p = number.getPrime(MOD_BITS / 2, rnd.get_bytes) q = number.getPrime(MOD_BITS / 2, rnd.get_bytes) N = p * q totient = (p - 1) * (q - 1) key = number.getRandomNumber(AES_BITS, rnd.get_bytes) a = number.getRandomNumber(MOD_BITS, rnd.get_bytes) % N e = pow(2, t, totient) b = pow(a, e, N) cipher_key = (key + b) % N return (key, {'N': N, 'a': a, 'steps': t, 'cipher_key': cipher_key})
def encrypt(plaintext, public_key): if len(plaintext) > MAX_PLAINTEXT_LENGTH: # TODO need to have arbitrary lengths raise ValueError('Trying to encrypt text longer than ' + MAX_PLAINTEXT_LENGTH + ' bytes!') K = CUN.getRandomNumber(128, os.urandom) # Not used, legacy compatibility ciphertext = public_key.encrypt(plaintext, K) return ciphertext[0]
def get_random_bytes(nbytes): nbits = nbytes * 8 random_pool = RandomPool(1064) while random_pool.entropy < nbits: random_pool.add_event() random_pool.stir() return str(number.getRandomNumber(nbits, random_pool.get_bytes))
def calibrate_speed(): p = number.getPrime(MOD_BITS, rnd.get_bytes) q = number.getPrime(MOD_BITS, rnd.get_bytes) N = p * q bignum = number.getRandomNumber(MOD_BITS, rnd.get_bytes) #big number start = time.time() trials = 1000 for i in range(0, trials): bignum = pow(bignum, 2, N) return int(trials / (time.time() - start))
def calibrate_speed(): p = number.getPrime(MOD_BITS/2, rnd.get_bytes) q = number.getPrime(MOD_BITS/2, rnd.get_bytes) N = p*q bignum = number.getRandomNumber(MOD_BITS, rnd.get_bytes) start = time.time() trials = 100 for i in range(trials): bignum = pow(bignum, 2, N) return int(trials/(time.time() - start))
def getRandomNumber(self, N): """Returns an N-bit length random number.""" if self.RandomPool.entropy < 2 * N: self.RandomPool.randomize(4 * N) self.RandomPool.add_event('') self.RandomPool.stir() random = number.getRandomNumber(N, self.RandomPool.get_bytes) self.RandomPool.stir() return random
def aes_encrypt(EntityName: str, data: bytes): key = database.getDistKey(EntityName) iv = getRandomNumber(128) if DEBUG: print("Encrypting data for " + EntityName) print("Using AES key: %s\nand iv : %s" % (hex(key), hex(iv))) # do aes encryption here iv = iv.to_bytes(16, 'big') key = key.to_bytes(16, 'big') cbc = AES.new(key, AES.MODE_CBC, iv) data = process_padding(data) data = cbc.encrypt(data) hash_code = getHash(data=data, key=key, iv=iv) return iv + hash_code + data
def key_split(key, n, k, p): a = [] for i in range(0, k - 1): cur_a = number.getRandomNumber(AES_BITS, rnd.get_bytes) a.append(cur_a % p) a.append(key % p) print(a) part = [] for i in range(1, n + 1): #arg = number.getRandomNumber(MOD_BITS, rnd.get_bytes) arg = i f = 0 for j in range(0, k): f = (f + a[j] * pow(arg, k - j - 1)) % p part.append(f % p) return part
def aes_encrypt(data: bytes, xEntityName: str): if xEntityName in to_access_table: key = to_access_table[xEntityName]["sessionKey"] elif xEntityName in from_access_table: key = from_access_table[xEntityName]["sessionKey"] iv = getRandomNumber(128) if DEBUG: print("Encrypting data for " + xEntityName) print("Using AES key: %s and iv : %s" % (hex(key), hex(iv))) # do aes encryption here iv = iv.to_bytes(16, 'big') key = key.to_bytes(16, 'big') cbc = AES.new(key, AES.MODE_CBC, iv) data = process_padding(data) data = cbc.encrypt(data) hash_code = getHash(data=data, key=key, iv=iv) return iv + hash_code + data
def sign(private_key, public_key, message, algorithm=DSA): key_str = PRIVATE_KEY_FORMAT.format(*(decode_all(public_key) + [decode(private_key)])) private_key = pickle.loads(key_str) hash_code = SHA256.new(message).digest() if algorithm == DSA: K = CUN.getRandomNumber(128, os.urandom) elif algorithm == ElGamal: K = CUN.getPrime(128, os.urandom) while CUN.GCD(K, private_key.p - 1) != 1: print('K not relatively prime with {n}'.format(n=private_key.p - 1)) K = CUN.getPrime(128, os.urandom) else: raise 'Error: only DSA/ElGamal are supported!' signature = private_key.sign(hash_code, K) return encode_all(signature)
def test_dsa(self): '''Test DSA algorithm''' # Based on # http://stackoverflow.com/questions/4232389/signing-and-verifying-data-using-pycrypto-rsa # Generates a fresh public/private key pair key = DSA.generate(1024, os.urandom) # Sign the hash K = getRandomNumber(128, os.urandom) signature = key.sign(self.hash, K) # Get public key pubkey = key.publickey() result = 'Could not verify signature' self.assertTrue(pubkey.verify(self.hash, signature), result) result = 'Succesfully verified bad hash!!' self.assertFalse(pubkey.verify(self.hash[:-1], signature), result)
def waitForResponse(): global clientSocket #ok = False #while ok == False: # try: # response = clientSocket.recv(maxBuffSize) # ok = True # except: # ok = False while True: clientSocket.send(str(my_raw_input ("Command: "))) response = clientSocket.recv(maxBuffSize) if len(response): if (response.strip() == "1"): print "response:1" #commBusy = True ID = clientSocket.recv(1) print "received id" print ID BankPubKey = clientSocket.recv(maxBuffSize) print "received bankPubKey" BankPubKey = pickle.loads(BankPubKey) print "pickled it: bankPubKey" print "Your ID is: "+str(ID) print "Bank public key: "+str(BankPubKey) clientSocket.send(pickle.dumps(MyKeys.publickey())) #commBusy = False elif (response.strip() == "2"): print "response:2" commBusy = True while True: coin = CUN.getRandomNumber(128,os.urandom) coinHash = MD5.new(coin).digest() clientSocket.send(pickle.dumps(coinHash)) signedCoin = MyKeys.sign(coinHash,'') clientSocket.send(pickle.dumps(signedCoin)) response = clientSocket.recv(maxBuffSize) if (response == "ok"): coins.insert(coinEnd, {}) coins[coinEnd][coin] = coinHash coinEnd += 1 elif (response == "nomoney"): break elif (response == "coinNotOk"): print "BAD coin" break if (response == "nomoney"): print "Withdraw complete" else: print "Bad coin somewhere" commBusy = False
def nonceHandler(EntityName: str, data: bytearray, ip_addr: tuple): data = data[1:] data = rsa_decrypt(data[0:128]) if not data: return nonceGen = data[0:16] nonceGot = data[16:32] print("Verifing Nonce got back from %s" % EntityName) if DEBUG: print("Got nonce1: %s" % hex(int.from_bytes(nonceGen, 'big'))) print("Got nonce2: %s" % hex(int.from_bytes(nonceGot, 'big'))) valid = False nonceGen = int.from_bytes(nonceGen, 'big') if nonceGen == req_list[EntityName]['nonce']: print("Nonce verified for %s as **valid**" % EntityName) valid = True else: print("Nonce verified for %s as **invalid**" % EntityName) print("Sent nonce: %s" % hex(req_list[EntityName]['nonce'])) req_list.pop(EntityName) if valid: if not database.isEntityReg(EntityName): ip, port = ip_addr groupName = req_list[EntityName]['groupname'] validUntil = time.time() + (3600 * database.getValidity(groupName)) print("Generating Distribution Key") distKey = getRandomNumber(AESKEYSIZE) pubkey = req_list[EntityName]['pubkey'] print("Adding %s to EntityTable" % EntityName) database.addElement(EntityName=EntityName, GroupName=groupName, PublicKey=pubkey, DistKey=distKey, ValidUntil=validUntil, ip=ip, port=port) req_list.pop(EntityName) else: print("%s is already registered" % EntityName) distKey = database.getDistKey(EntityName) pubkey = database.getPubKey(EntityName) print("Distkey: %s" % hex(distKey)) # send registration ack distKey = distKey.to_bytes(16, 'big') resp = rsa_encrypt(key=pubkey, resp=nonceGot + distKey) msg = struct.pack("!%dscB128s128s128s" % authNameLength, authName.encode(), sep, ACPTREG, rsa_keys.modulus.to_bytes(128, 'big'), rsa_keys.cert.to_bytes(128, 'big'), resp) print("Sending nonce back and distkey to %s" % EntityName) serverSocket.sendto(msg, ip_addr) print() return else: print("Sending reject message to %s" % EntityName) reject = rsa_encrypt(req_list[EntityName]['pubkey'], RJCTREG.to_bytes(1, 'big')) resp = struct.pack("!%dscB128s128s128s" % authNameLength, authName.encode(), sep, RJCTREG, rsa_keys.modulus.to_bytes(128, 'big'), rsa_keys.cert.to_bytes(128, 'big'), reject) serverSocket.sendto(resp, ip_addr) req_list.pop(EntityName) print() return
pool = RandomPool() pool.stir() KEYSIZE=2048 COUNT=5 fasttime=0 slowtime=0 for x in range(COUNT): begintime=time.time() rsa=RSA.generate(KEYSIZE, pool.get_bytes) endtime=time.time() print "Server: Generating %d bit RSA key: %f s" % (KEYSIZE, endtime-begintime) rsa_slow=RSA.construct((rsa.n,rsa.e,rsa.d)) code=number.getRandomNumber(256, pool.get_bytes) begintime=time.time() signature=rsa.sign(code,None)[0] endtime=time.time() fast=(endtime-begintime) fasttime=fasttime+fast print "Fast signing took %f s" % fast begintime=time.time() signature_slow=rsa_slow.sign(code,None)[0] endtime=time.time() slow=(endtime-begintime) slowtime=slowtime+slow print "Slow signing took %f s" % slow if rsa.verify(code,(signature,)) and signature==signature_slow:
def reqregHandler(EntityName: str, data: bytearray, ip_addr: tuple): groupNameLength = data[1] groupName = data[2:2 + groupNameLength].decode() publicKey_starts = 2 + groupNameLength publicKey = data[publicKey_starts:publicKey_starts + 128] publicKey = int.from_bytes(publicKey, 'big') entityCert_starts = publicKey_starts + 128 entityCert = data[entityCert_starts:entityCert_starts + 128] entityCert = int.from_bytes(entityCert, 'big') if DEBUG: print("Processing Registration request for %s" % EntityName) print("Group Name:", groupName) print("IP: %s Port: %d" % ip_addr) print("Present public module by " + EntityName) temp = hex(publicKey).split('x')[1].zfill(128) for i in range(0, 4): print("\t%s" % temp[32 * i:(32 * i) + 32]) print("Presented certificate by " + EntityName) temp = hex(entityCert).split('x')[1].zfill(128) for i in range(0, 4): print("\t%s" % temp[32 * i:(32 * i) + 32]) print("Validating certificate given by " + EntityName) valid = False # Validating certificate here if rsa_verify(key=publicKey, cert=entityCert): print("Certificate verified as **valid**") valid = True else: print("Certificate verified as **invalid**") print("Admin shall be informed") isGroup = database.getValidity(groupName) if not isGroup: valid = False print("GroupName is not in group table") if valid: if DEBUG: print("Generating 128bit Nonce") nonceGen = getRandomNumber(AESKEYSIZE) print("nonce = %s" % hex(nonceGen)) new_req = {} new_req.update({'nonce': nonceGen}) new_req.update({'pubkey': publicKey}) new_req.update({'groupname': groupName}) req_list.update({EntityName: new_req}) nonceGen = nonceGen.to_bytes(16, 'big') nonceGen = rsa_encrypt(publicKey, nonceGen) resp = struct.pack("!%dscB128s128s128s" % authNameLength, authName.encode(), sep, NONCE, rsa_keys.modulus.to_bytes(128, 'big'), rsa_keys.cert.to_bytes(128, 'big'), nonceGen) serverSocket.sendto(resp, ip_addr) if DEBUG: print("Nonce with credentials are send to %s" % EntityName) else: print("Sending reject message to %s" % EntityName) reject = rsa_encrypt(publicKey, int.to_bytes(RJCTREG, 1, 'big')) resp = struct.pack("!%dscB128s128s128s" % authNameLength, authName.encode(), sep, RJCTREG, rsa_keys.modulus.to_bytes(128, 'big'), rsa_keys.cert.to_bytes(128, 'big'), reject) serverSocket.sendto(resp, ip_addr) print() return
pool = RandomPool() pool.stir() KEYSIZE = 2048 COUNT = 5 fasttime = 0 slowtime = 0 for x in range(COUNT): begintime = time.time() rsa = RSA.generate(KEYSIZE, pool.get_bytes) endtime = time.time() print "Server: Generating %d bit RSA key: %f s" % (KEYSIZE, endtime - begintime) rsa_slow = RSA.construct((rsa.n, rsa.e, rsa.d)) code = number.getRandomNumber(256, pool.get_bytes) begintime = time.time() signature = rsa.sign(code, None)[0] endtime = time.time() fast = (endtime - begintime) fasttime = fasttime + fast print "Fast signing took %f s" % fast begintime = time.time() signature_slow = rsa_slow.sign(code, None)[0] endtime = time.time() slow = (endtime - begintime) slowtime = slowtime + slow print "Slow signing took %f s" % slow if rsa.verify(code, (signature, )) and signature == signature_slow:
def reqAccessHandler(EntityName: str, data: bytes, ip_addr: tuple): Entity2length = data[1] Entity2Name = data[2:2 + Entity2length].decode() reqTime = struct.unpack( "!I", bytes(data[2 + Entity2length:2 + Entity2length + 4]))[0] print("Processing Access request from %s to %s for %dm" % (EntityName, Entity2Name, reqTime)) grantedTime = database.getAccess(FromEntityName=EntityName, ToEntityName=Entity2Name, reqTime=reqTime) if grantedTime: print("%s is granted access to %s for %sm time" % (EntityName, Entity2Name, grantedTime)) allowedUntil = time.time() + (60 * grantedTime) sessionKey = database.getSessionKey(FromEntityName=Entity2Name, ToEntityName=EntityName) if not sessionKey: sessionKey = getRandomNumber(AESKEYSIZE) database.addSession(FromEntityName=EntityName, ToEntityName=Entity2Name, AllowedUntil=allowedUntil, key=sessionKey) if DEBUG: print("Generated Session key: %s" % hex(sessionKey)) sessionKey1 = ((sessionKey >> 64) & ((1 << 64) - 1)) sessionKey2 = (sessionKey & ((1 << 64) - 1)) ip, port = database.getIPaddr(EntityName) ip2, port2 = database.getIPaddr(Entity2Name) if not ip2 or not port2 or not ip or not port: print("Some problem with database") exit(10) print("Sendnig session key to %s" % EntityName) data = struct.pack(("!BB%dsI4sHQQ" % Entity2length), ACPTACC, Entity2length, Entity2Name.encode(), int(grantedTime), str2ip(ip2), port2, sessionKey1, sessionKey2) msg = aes_encrypt(EntityName=EntityName, data=data) msg = struct.pack( ("!%dscB" % authNameLength), authName.encode(), sep, ENCPTD) + msg serverSocket.sendto(msg, (ip, port)) print("Sendnig acknowledgement with session key to %s" % Entity2Name) EntityNameLength = len(EntityName) data = struct.pack(("!BB%dsI4sHQQ" % EntityNameLength), ACKACC, EntityNameLength, EntityName.encode(), int(grantedTime), str2ip(ip), port, sessionKey1, sessionKey2) msg = aes_encrypt(EntityName=Entity2Name, data=data) msg = struct.pack( ("!%dscB" % authNameLength), authName.encode(), sep, ENCPTD) + msg serverSocket.sendto(msg, (ip2, port2)) else: print("%s is rejected to access to %s" % (EntityName, Entity2Name)) print("Sending reject message to %s" % EntityName) data = struct.pack(("!BB%ds" % Entity2length), RJCTACC, Entity2length, Entity2Name.encode()) msg = aes_encrypt(EntityName=EntityName, data=data) msg = struct.pack( ("!%dscB" % authNameLength), authName.encode(), sep, ENCPTD) + msg serverSocket.sendto(msg, ip_addr) print() return
def _get_dh_secret(self, pool): return getRandomNumber(16, pool.get_bytes)
print "RSA key:" print "n = %s" % pprint.pformat(rsa.n) # Public key print "e = %s" % pprint.pformat(rsa.e) # Public key print "d = %s" % pprint.pformat(rsa.d) # Private key # Values below are not really needed, but cause a big speedup since the Chinese Remainders Theorem can be used print "p = %s" % pprint.pformat(rsa.p) # Private key print "q = %s" % pprint.pformat(rsa.q) # Private key print "u = %s" % pprint.pformat(rsa.u) # Private key print ### Client ### # Generate random tokenId of HASHSIZE bits tokenId = number.getRandomNumber(HASHSIZE, pool.get_bytes) # Generate random blindingFactor of KEYSIZE-1 (so it can still be signed) bits while 1: blindingFactor = number.getRandomNumber(KEYSIZE - 1, pool.get_bytes) # Verify that GCD(r, n) ==1 if number.GCD(blindingFactor, rsa.n) == 1: break # Calculate the hash of the tokenId tokenHash = number.bytes_to_long( digest(number.long_to_bytes(tokenId)).digest()) print "tokenId = %s" % pprint.pformat(tokenId) print "blindingFactor = %s" % pprint.pformat(blindingFactor) print "tokenHash = %s" % pprint.pformat(tokenHash)
print "RSA key:" print "n = %s" % pprint.pformat(rsa.n) # Public key print "e = %s" % pprint.pformat(rsa.e) # Public key print "d = %s" % pprint.pformat(rsa.d) # Private key # Values below are not really needed, but cause a big speedup since the Chinese Remainders Theorem can be used print "p = %s" % pprint.pformat(rsa.p) # Private key print "q = %s" % pprint.pformat(rsa.q) # Private key print "u = %s" % pprint.pformat(rsa.u) # Private key print ### Client ### # Generate random tokenId of HASHSIZE bits tokenId = number.getRandomNumber(HASHSIZE, pool.get_bytes) # Generate random blindingFactor of KEYSIZE-1 (so it can still be signed) bits while 1: blindingFactor = number.getRandomNumber(KEYSIZE-1, pool.get_bytes) # Verify that GCD(r, n) ==1 if number.GCD(blindingFactor, rsa.n)==1: break # Calculate the hash of the tokenId tokenHash = number.bytes_to_long(digest(number.long_to_bytes(tokenId)).digest()) print "tokenId = %s" % pprint.pformat(tokenId) print "blindingFactor = %s" % pprint.pformat(blindingFactor) print "tokenHash = %s" % pprint.pformat(tokenHash) print
plaintext = 'P' another_text = 'The rain in Spaim falls mdainly on the Plain' # Here is a hash of the message # hash = MD5.new(plaintext.encode()).digest() another_hash = hashlib.sha256(another_text.encode()).digest() hash = hashlib.sha256(plaintext.encode()).digest() print(repr(hash)) # '\xb1./J\xa883\x974\xa4\xac\x1e\x1b!\xc8\x11' # Generates a fresh public/private key pair key = RSA.generate(1024, os.urandom) if RSA == DSA: K = CUN.getRandomNumber(128, os.urandom) elif RSA == ElGamal: K = CUN.getPrime(128, os.urandom) while CUN.GCD(K, key.p - 1) != 1: print('K not relatively prime with {n}'.format(n=key.p - 1)) K = CUN.getPrime(128, os.urandom) # print('GCD({K},{n})=1'.format(K=K,n=key.p-1)) else: K = '' # You sign the hash signature = key.sign(hash, K) print(len(signature), RSA.__name__) import sys print(sys.getsizeof(signature))
def reqRegistration(): s.bind((my_ip, my_port)) msg = struct.pack( "!%dscBB%ds128s128s" % (entityNameLength, groupNameLength), entityName.encode(), sep, REQREG, groupNameLength, groupName.encode(), rsa_keys.modulus.to_bytes(128, 'big'), rsa_keys.cert.to_bytes(128, 'big')) s.sendto(msg, authIP) while True: data, fromaddr = s.recvfrom(BUFSIZE) if fromaddr == authIP: #print(data) splitedData = data.split(sep) authName = splitedData[0].decode() authNameLength = len(authName) authPubKey_starts = authNameLength + 2 authPubKey = data[authPubKey_starts:authPubKey_starts + 128] authPubKey = int.from_bytes(authPubKey, 'big') authCert_starts = authPubKey_starts + 128 authCert = data[authCert_starts:authCert_starts + 128] authCert = int.from_bytes(authCert, 'big') if DEBUG: print("Pubkey and Certificate of %s" % authName) print(hex(authPubKey)) print(hex(authCert)) print("Validating certificate given by " + authName) # Validating certificate here if rsa_verify(key=authPubKey, cert=authCert): print("Certificate verified as **valid**") valid = True else: print("Certificate verified as **invalid**") print("Admin shall be informed") valid = False if valid: flag = data[authNameLength + 1] if flag == RJCTREG: print("Registration request rejected") s.close() return False if flag == NONCE: nonce_starts = authCert_starts + 128 nonceGot = data[nonce_starts:nonce_starts + 128] nonceGot = rsa_decrypt(nonceGot)[0:16] nonceGen = getRandomNumber(AESKEYSIZE).to_bytes(16, 'big') resp = rsa_encrypt(key=authPubKey, resp=nonceGot + nonceGen) msg = struct.pack("!%dscB128s" % entityNameLength, entityName.encode(), sep, NONCE, resp) s.sendto(msg, authIP) if flag == ACPTREG: print("Checking nonce for %s" % authName) data_starts = authCert_starts + 128 data = data[data_starts:data_starts + 128] print(data) data = rsa_decrypt(data) print(data) nonceGot = data[0:16] if nonceGen == nonceGot: print("Nonce verified as **valid**") else: print("Nonce verified as **invalid**") print(nonceGot) print(nonceGen) s.close() return False distkey = int.from_bytes(data[16:32], 'big') if DEBUG: print("distkey:%s" % hex(distkey)) global AUTH AUTH = authName newEntry = {} newEntry.update({"sessionKey": distkey}) newEntry.update({"ip_addr": fromaddr}) to_access_table.update({authName: newEntry}) from_access_table.update({authName: newEntry}) signal.alarm(2 * 3600) return True