def addUser(username: str, autoGenerateKeys: bool = True, keys: list = []): """ Create an user with the corresponding username to the users list and return the corresponding user id which can be used as index username: name of the user autoGenerateKeys: generate elGammal keys for the user keys: base64 of tuple (public key, private key) if keys are not generated for the user """ from ressources.interactions import getIntKey if autoGenerateKeys: # generate keys algModule = __import__("core.asymmetric." + c.BC_SIGNING_ALG, fromlist=[""]) publicKey, privateKey = algModule.key_gen(c.BC_KEY_SIZE) else: # decode base64 tuple of key publicKey = getIntKey(keys[0], [2, 3][c.BC_SIGNING_ALG == "elGamal"]) privateKey = getIntKey(keys[1], [2, 3][c.BC_SIGNING_ALG == "elGamal"]) userID = len(c.BC_USERS) c.BC_USERS.append([userID, username, publicKey, privateKey]) return userID
def verifying(M: bytes, sign: int, pK: tuple = None): """ Verify given signature of message M with corresponding public key's. """ assert isinstance(M, (bytes, bytearray)) from ..hashbased import hashFunctions as hashF if not pK: pK = it.extractKeyFromFile("public_key") size = it.getKeySize(pK) hm = hashF.sponge(M, size) # base64 to int hm = bm.bytes_to_int(bm.mult_to_bytes(hm)) # If the signature is in base64 if not isinstance(sign, int): sign = it.getIntKey(sign) n, e = pK # raises the signature to the power of e (modulo n) # (as when encrypting a message) if sign > n: print("Signature > modulus") test = ut.square_and_multiply(sign, e, n) if test == (hm % n): return True return False
def verifying(M: bytes, sign: tuple, publicKey: tuple = None): """ Verify given signature of message M with corresponding public key's. """ assert isinstance(M, (bytes, bytearray)) from ..hashbased import hashFunctions as hashF if not publicKey: publicKey = it.extractKeyFromFile("public_key") p, g, h = publicKey size = it.getKeySize(publicKey) hm = hashF.sponge(M, size) hm = bm.bytes_to_int(bm.mult_to_bytes(hm)) if not isinstance(sign, tuple): b64data = sign sign = it.getIntKey(b64data[1:], b64data[0]) s1, s2 = sign if (0 < s1 < p) and (0 < s2 < p - 1): test1 = (ut.square_and_multiply(h, s1, p) * ut.square_and_multiply(s1, s2, p)) % p test2 = ut.square_and_multiply(g, hm, p) if test1 == test2: return True return False raise ValueError
def x509(subjectPublicKey, name: str = "X509", out: bool = True): import base64 # Get key size's n = it.getKeySize(it.getIntKey(subjectPublicKey, 3)) CA_public_key, CA_private_key = elG.key_gen(n, primeFount=True) import os # An X. 509 Serial Number is an integer whose value can be represented in 20 bytes serialN = it.getB64Keys(os.urandom(20)) from datetime import date today = date.today() nextY = today.replace(year=today.year + 1) # The certificate is signed by the private key of the certification authority. # The one who manufactured and issued this certificate. signature = it.getB64Keys(elG.signing(subjectPublicKey, CA_private_key)) CA = f""" Certificate: Data: Version: 3 (0x2) Serial Number: {serialN} Signature Algorithm: El-Gamal Issuer Name: Country: FR Organization: Bark Trust Services Common Name = BARK CA 101 Validity Not Before: {today.strftime("%b-%d-%Y")} Not After: {nextY.strftime("%b-%d-%Y")} Subject: CN = Katsumi User Subject Public Key Info: Public Key Algorithm: El-Gamal Public-Key: ({str(n)} bit) pub: {base64.b64encode(subjectPublicKey).decode()} Signature Algorithm: El-Gamal {signature} Key Usages Purposes: Digital Signature """ if out: print(CA) else: from ressources import config # Write into file it.writeVartoFile(CA, name, config.DIRECTORY_PROCESSING, ".ca") return it.getB64Keys(CA_public_key)