def main():
message = 'This is my benchmarking message; it should really be longer'
e1 = time.time()
#Time key generation: EC
eck1 = ec.generate_private_key(ec.SECP384R1(), default_backend())
eck2 = ec.generate_private_key(ec.SECP384R1(), default_backend())
e2 = time.time()
#Time key generation: RSA
rsak = rsa.generate_private_key(public_exponent=65537, key_size=4096, backend=default_backend())
e3 = time.time()
#Time Encryption: EC
ecct = transport_security.construct_message(message, srcprivkey=eck1, destpubkey=eck2.public_key())
e4 = time.time()
#Time Encryption: RSA
rsact = transport_security.get_raw_encrypted(message, pubkey=rsak.public_key())
e5 = time.time()
#Time Decryption: EC
ecpt = transport_security.deconstruct_message(message_dict=ecct, destprivkey=eck2, srcpubkey=eck1.public_key())
e6 = time.time()
if ecpt == message:
print("EC Decryption successful")
else:
print("EC Decryption failed")
#Time Decryption: RSA
rsapt = transport_security.get_raw_decrypted(ciphertext=rsact, privkey=rsak)
e7 = time.time()
if ecpt == message:
print("RSA Decryption successful")
else:
print("RSA Decryption failed")
with open('timing.out', 'a') as f:
record = "{}\t{}\t{}\t{}\t{}\t{}\n".format(e2-e1, e3-e2, e4-e3, e5-e4, e6-e5, e7-e6)
f.write(record)
def main(): #priv1 = ec.generate_private_key(ec.SECP384R1(), default_backend()) priv2 = ec.generate_private_key(ec.SECP384R1(), default_backend()) priv1 = rsa.generate_private_key(public_exponent=65537, key_size=2048, backend=default_backend()) #priv2 = rsa.generate_private_key(public_exponent=65537, key_size=2048, backend=default_backend()) print(isinstance(priv1, rsa.RSAPrivateKey)) print(isinstance(priv2, ec.EllipticCurvePrivateKey)) #priv1 parts message = "Hello cryptography!" tosend = transport_security.get_raw_encrypted(message, pubkey=priv1.public_key()) print(tosend) #priv2 parts message_recvd = transport_security.get_raw_decrypted(tosend, privkey=priv1) print(message_recvd)
def new_user_finalize(userid):
"""
/auth/signup/<userid> New user who has a userid
"""
logger.info("New signup confirmation from %s", userid)
# Check if unconfirmed ID is in redis
if not red.exists("unconfirmed:" + userid):
logger.warning("Registration ID not found/expired")
flask.abort(random_http_error())
# Get payload
enc_payload = flask.request.get_json()
if not "rsaencryptedpayload" in enc_payload:
logger.warning("Malformed request")
flask.abort(random_http_error())
# Get encrypted part of payload
rsa_ciphertext = enc_payload["rsaencryptedpayload"]
#decrypt
rsa_plaintext = transport_security.get_raw_decrypted(rsa_ciphertext, privkey=app_rsakey)
# Decrypt was successful?
if not rsa_plaintext:
logger.warning("Could not decrypt RSA encrypted message")
flask.abort(random_http_error())
logger.info("Successfully decrypted RSA payload")
user_info = json.loads(rsa_plaintext)
# Decrypted message is valid?
if not all(k in user_info for k in ['password', 'publickey']):
logger.warning("Incomplete user info")
flask.abort(random_http_error())
# Provided public key is valid?
if not test_pubkey(user_info['publickey']):
logger.warning("Public key is not valid")
flask.abort(random_http_error())
# Store the info in database
if not store_userinfo_auth(userid, password=user_info['password'], pubkey=user_info['publickey']):
logger.warning("Could not store users auth data")
flask.abort(random_http_error())
logger.info("User auth info stored")
extra = False
# If the user supplied extra info then store it too
if 'extra' in user_info:
extra = store_userinfo_details(userid, detail_text=user_info['extra'])
#give the user the Public keys to use from now on
retval = {"added":True, "extras":extra, "authpublickey":as_pubkeystr, "agspublickey":ags_pubkeystr}
return flask.jsonify(**retval)
