def sign(tsm2): data = func.random_hex(len(n)) k1_str = func.random_hex(len(n)) print(tsm2.send_p1(data, k1_str)) backdoor = input('backdoor:').strip() result = tsm2.output_p1(k1_str, backdoor) print(result)
def sm2_key_pair_func(self): sm2_crypt = sm2.CryptSM2(private_key="", public_key="") #产生私钥 pvk_str = self.privkey.text().strip() if pvk_str != "": if True != self.is_hex_string(pvk_str): self.privkey.setText(pvk_str[0:len(pvk_str) - 1].upper()) self.Qmsgbox_show("Error", "Please input hex number") return if len(pvk_str) != 64: info = "Length of the private key hex number string is : %d, error !" % (len(pvk_str)) self.Qmsgbox_show("Error", info) return self.privkey.setText(pvk_str.upper()) prvk_hex = pvk_str else: prvk_hex = func.random_hex(sm2_crypt.para_len) self.privkey.setText(prvk_hex.upper()) self.result_textEdit.append("Gen Keypair - private key: " + prvk_hex.upper()) k = int(prvk_hex, 16) #计算公钥 Pubk = sm2_crypt._kg(k, sm2_crypt.ecc_table['g']) self.pubkx_LE.setText(Pubk[0:64].upper()) self.pubky_LE.setText(Pubk[64:len(Pubk)].upper()) self.result_textEdit.append("Gen Keypair - public key: " + Pubk.upper())
def generate_token(key, salt=func.random_hex(16)): """ @Args: key: str (用户给定的key,需要用户保存以便之后验证token,每次产生token时的key 都可以是同一个key) salt: gmssl func random_hex 生成的随机数 expire: int(最大有效时间,单位为s) visit_limit: int(最大访问次数) @Return: state: str """ r = RedisInstance() visit_limit = r.client.hget("appId:{}".format(key), "visit_limit") if visit_limit is not None: visit_limit = int(visit_limit) else: visit_limit = VISIT_LIMIT_DEFAULT uri_list = r.client.hget("appid:{}".format(key), "uri_list") if uri_list is None: uri_list = "*" data = "{timestamp}:{key}:{salt}:{expire}:{visit_limit}:{uri_list}".format( timestamp=int(time.time()), key=key, salt=salt, expire=EXPIRE_DEFAULT + int(time.time()), visit_limit=visit_limit, uri_list=uri_list) enc_data = sm2_crypt.encrypt(data=data.encode('utf-8')) b64_token = base64.urlsafe_b64encode(enc_data) b64_token_dec = b64_token.decode("utf-8") return b64_token_dec
def sm2_sign_func(self): private_key = self.privkey.text().strip() if len(private_key) != 64: self.Qmsgbox_show("Error", "Private key len is (%d) HEXs not 32 bytes" % len(private_key)) return self.result_textEdit.append("SM2 Sign Privatekey: " + private_key) sm2_crypt = sm2.CryptSM2(private_key=private_key, public_key="") sm2_msg = self.plaintext_hex.text().strip() if sm2_msg != "": self.result_textEdit.append("SM2 Sign msg: " + sm2_msg) e_hash = self.e_LE.text().strip() if len(e_hash) != 64: self.Qmsgbox_show("Error", "e Hash, len is (%d) HEXs not 32 bytes" % len(e_hash)) return self.result_textEdit.append("SM2 Sign e_hash: " + e_hash) random_hex_str = func.random_hex(sm2_crypt.para_len) self.result_textEdit.append("SM2 Sign Randnumber: " + random_hex_str.upper()) sign = sm2_crypt.sign(bytes().fromhex(e_hash), random_hex_str) self.result_textEdit.append("SM2 Sign Result Hex: " + sign.upper()) data_r = sign[0:64] self.result_textEdit.append("SM2 Sign Result: R Hex: " + data_r.upper()) data_s = sign[64:] self.result_textEdit.append("SM2 Sign Result: S Hex: " + data_s.upper()) self.R.setText(data_r.upper()) self.S.setText(data_s.upper()) self.signature_value.setText(sign.upper())
def _sign(self, data, sk): k_str = func.random_hex(len(self.ecc_table['n'])) k = int(k_str, 16) % int(self.ecc_table['n'], base=16) R = self._kg(k, self.ecc_table['g']) x1 = R[0:self.para_len] e_str = self.sm3_hash_str(x1 + data) e = int(e_str, 16) d = int(sk, 16) s = (k - d * e) % int(self.ecc_table['n'], base=16) return '%064x%064x' % (s, e)
def sm2_sign(pri_k, d): """ 签名 :param pri_k: <bytes>公钥 :param d: <bytes>数据 :return: <bytes> """ random = func.random_hex(64) sm2_crypt = sm2.CryptSM2(pri_k, 0) return sm2_crypt.sign(d, random).encode()
def sign(self, content, privateKey=None): if privateKey is None: privateKey = self.privateKey_ elif privateKey != self.privateKey_: raise Exception("illegal privateKey") from gmssl import func random_hex_str = func.random_hex(self.sm2_crypt_.para_len) if not isinstance(content, bytes): content = bytes(content, encoding="utf8") sign = self.sm2_crypt_.sign(content, random_hex_str) return sign
def sm2_key_pair_func(self): sm2_crypt = sm2.CryptSM2(private_key="", public_key="") #产生私钥 random_hex_str = func.random_hex(sm2_crypt.para_len) self.privkey.setText(random_hex_str.upper()) self.result_textEdit.append("Gen Keypair - private key: " + random_hex_str.upper()) k = int(random_hex_str, 16) #计算公钥 Pubk = sm2_crypt._kg(k, sm2_crypt.ecc_table['g']) self.pubkx_LE.setText(Pubk[0:64].upper()) self.pubky_LE.setText(Pubk[64:len(Pubk)].upper()) self.result_textEdit.append("Gen Keypair - public key: " + Pubk.upper())
def __init__(self, sk): ecc_table = sm2p256v1_ecc_table self.ecc_table = ecc_table self.n = int(ecc_table['n'], 16) self.para_len = len(ecc_table['n']) self.ecc_a3 = (int(ecc_table['a'], base=16) + 3) % int(ecc_table['p'], base=16) self.sk = int(sk, 16) self.pk = self._kg(self.sk, ecc_table['g']) self.sks = int(func.random_hex(self.para_len), 16) self.pks = pow((self.sk + 1) * self.sks, self.n - 2, self.n) % self.n
def generate(): private_key = '00' + func.random_hex(64) # private_key = '00B9AB0B828FF68872F21A837FC303668428DEA11DCD1B24429D0C99E24EED83D5' public_key = '' sm2_crypt = sm2.CryptSM2(public_key=public_key, private_key=private_key) # public_key(point) = private_key(int) * g(generator point) public_key = sm2_crypt._kg2(int(private_key, 16), sm2.default_ecc_table['g']) # ensure that works sm2_crypt = sm2.CryptSM2(public_key=public_key, private_key=private_key) data = b'zeox' enc_data = sm2_crypt.encrypt(data) dec_data =sm2_crypt.decrypt(enc_data) assert dec_data == data, 'generation failed, try again' random_hex_str = func.random_hex(sm2_crypt.para_len) sign = sm2_crypt.sign(data, random_hex_str) assert sm2_crypt.verify(sign, data) return { 'pubkey': public_key, 'pvtkey': private_key }
def test_sm2(): private_key = '00B9AB0B828FF68872F21A837FC303668428DEA11DCD1B24429D0C99E24EED83D5' public_key = 'B9C9A6E04E9C91F7BA880429273747D7EF5DDEB0BB2FF6317EB00BEF331A83081A6994B8993F3F5D6EADDDB81872266C87C018FB4162F5AF347B483E24620207' sm2_crypt = sm2.CryptSM2(public_key=public_key, private_key=private_key) data = b"111" enc_data = sm2_crypt.encrypt(data) #print("enc_data:%s" % enc_data) #print("enc_data_base64:%s" % base64.b64encode(bytes.fromhex(enc_data))) dec_data = sm2_crypt.decrypt(enc_data) print(b"dec_data:%s" % dec_data) assert data == dec_data print("-----------------test sign and verify---------------") random_hex_str = func.random_hex(sm2_crypt.para_len) sign = sm2_crypt.sign(data, random_hex_str) print('sign:%s' % sign) verify = sm2_crypt.verify(sign, data) print('verify:%s' % verify) assert verify
def sm2_sign_func(self): private_key = self.privkey.text().strip() if len(private_key) != 64: QMessageBox.about(self, "Error", "Private key len is not 32 bytes") return self.result_textEdit.append("SM2 Sign Privatekey: " + private_key) sm2_crypt = sm2.CryptSM2(private_key=private_key, public_key="") sm2_msg = self.plaintext_hex.text().strip() if sm2_msg != "": self.result_textEdit.append("SM2 Sign msg: " + sm2_msg) e_hash = self.e_LE.text().strip() if len(e_hash) != 64: QMessageBox.about(self, "Error", "e Hash, len is not 32 bytes") return self.result_textEdit.append("SM2 Sign e_hash: " + e_hash) random_hex_str = func.random_hex(sm2_crypt.para_len) self.result_textEdit.append("SM2 Sign Randnumber: " + random_hex_str.upper()) sign = sm2_crypt.sign(bytes().fromhex(e_hash), random_hex_str) self.result_textEdit.append("SM2 Sign Result: " + sign.upper()) self.signature_value.setText(sign.upper())
def decrypt(info_raw, file_enc): endianness = func.endianness data = func.destructure(file_enc)[0] # decrypt sm4 key private_key = info_raw['decrypt key'] public_key = '' sm2_crypt = sm2.CryptSM2(public_key=public_key, private_key=private_key) sm4_key = sm2_crypt.decrypt(data['sm4_key']) # verify digestn lf = len(file_enc) # if sm3.hash(file_enc[lf - 142:lf - 32]) != file_enc[lf - 32:]: # return 'block digest unmatch' visited = data['flags'][0] >= 8 * 16 prev_info = func.parse_info(file_enc[lf - 110:lf - 32]) if visited: prev_signature = prev_info['signature'] prev_id = prev_info['id'] prev_pubkey = None # verify the previous visitor's signature # this shall be done by the server # but here we use local csv file for demonstration # with open('database/keypairs.csv') as file: # kps = csv.reader(file) # for kp in kps: # if kp[0] == prev_id: # prev_pubkey = kp[2] # break # assert prev_pubkey != None, 'signer not found' # sm2_verify = sm2.CryptSM2(public_key=prev_pubkey, private_key='') # prev_sign_data = file_enc[lf - 110:lf - 106] + file_enc[lf - 42:lf - 32] # assert sm2_verify.verify(prev_signature, prev_sign_data) ip_addr = socket.gethostbyname(socket.gethostname()) my_info = { 'time_stamp': int(time.time()).to_bytes(4, endianness), 'signature': b'', 'ip_addr': b''.join([int(i).to_bytes(1, endianness) for i in ip_addr.split('.')]), 'id': info_raw['id'].encode('ascii') } sm2_sign = sm2.CryptSM2(public_key='', private_key=info_raw['private key']) random_hex_str = func.random_hex(sm2_crypt.para_len) sign_data = my_info['time_stamp'] + my_info['ip_addr'] + my_info['id'] my_info['signature'] = bytes.fromhex( sm2_sign.sign(sign_data, random_hex_str)) # decypt file crypt_sm4 = CryptSM4() crypt_sm4.set_key(sm4_key, SM4_DECRYPT) file_data = crypt_sm4.crypt_ecb(data['file_encrypted']) # update the visitor's chain # post the my_info dict to the server # with open('database/visitors.csv', 'w', newline='') as file: # writer = csv.writer(file) # writer.writerow([repr(my_info[key]) for key in my_info]) try: viewer.viewPdfBytes(file_data) except RuntimeError: return 'wrong decrypt key' return [repr(my_info[key]) for key in my_info] # class QtGui(QWidget): # def __init__(self): # super().__init__() # self.initUI() # def initUI(self): # self.structureLabel = QLabel('Enc-File Decrypter') # self.structureLabel.setStyleSheet(''' # color: #333; # font-size: 35px; # font-weight: 700; # margin-top: 10px; # margin-bottom: 35px; # ''') # self.idLabel = QLabel('user ID ') # # self.pubkeyLabel = QLabel('public key ') # self.pvtkeyLabel = QLabel('private key') # self.deckeyLabel = QLabel('decrypt key') # for item in [self.idLabel, self.pvtkeyLabel, self.deckeyLabel]: # item.setStyleSheet(''' # width: 200px; # color: #333; # font-size: 25px; # font-weight: 400; # ''') # self.idEdit = QLineEdit() # # self.pubkeyEdit = QLineEdit() # self.pvtkeyEdit = QLineEdit() # self.deckeyEdit = QLineEdit() # for item in [self.idEdit, self.pvtkeyEdit, self.deckeyEdit]: # item.setStyleSheet(''' # padding: 5px 8px; # width: 600px; # font-size: 22px; # color: #333; # margin-left: 10px; # ''') # self.fileBtn = QPushButton('Select File', self) # self.fileBtn.clicked.connect(self.openFile) # self.fileBtn.setStyleSheet(''' # background-color: #80aaff; # color: white; # margin: 25px; # width: 140px; # height: 30px; # padding: 10px 24px; # border: none; # font-weight: 1000; # font-size: 22px; # ''') # self.msgLabel = QLabel('') # self.msgLabel.setStyleSheet(''' # color: #ff6666; # font-size: 26px; # font-weight: 500; # ''') # labelHbox = QHBoxLayout() # labelHbox.addStretch(1) # labelHbox.addWidget(self.structureLabel) # labelHbox.addStretch(1) # idHbox = QHBoxLayout() # idHbox.addStretch(1) # idHbox.addWidget(self.idLabel) # idHbox.addWidget(self.idEdit) # idHbox.addStretch(1) # # pubkeyHbox = QHBoxLayout() # # pubkeyHbox.addStretch(1) # # pubkeyHbox.addWidget(self.pubkeyLabel) # # pubkeyHbox.addWidget(self.pubkeyEdit) # # pubkeyHbox.addStretch(1) # pvtkeyHbox = QHBoxLayout() # pvtkeyHbox.addStretch(1) # pvtkeyHbox.addWidget(self.pvtkeyLabel) # pvtkeyHbox.addWidget(self.pvtkeyEdit) # pvtkeyHbox.addStretch(1) # deckeyHbox = QHBoxLayout() # deckeyHbox.addStretch(1) # deckeyHbox.addWidget(self.deckeyLabel) # deckeyHbox.addWidget(self.deckeyEdit) # deckeyHbox.addStretch(1) # btnHbox = QHBoxLayout() # btnHbox.addStretch(1) # btnHbox.addWidget(self.fileBtn) # btnHbox.addStretch(1) # msgHbox = QHBoxLayout() # msgHbox.addStretch(1) # msgHbox.addWidget(self.msgLabel) # msgHbox.addStretch(1) # vbox = QVBoxLayout() # vbox.addStretch(1) # vbox.addLayout(labelHbox) # vbox.addLayout(idHbox) # # vbox.addLayout(pubkeyHbox) # vbox.addLayout(pvtkeyHbox) # vbox.addLayout(deckeyHbox) # vbox.addLayout(btnHbox) # vbox.addLayout(msgHbox) # vbox.addStretch(1) # self.setLayout(vbox) # self.step = 0 # self.setGeometry(500, 250, 900, 500) # self.setWindowTitle('D3CRYPT decrypter') # self.setWindowIcon(QIcon('img/key.png')) # self.setStyleSheet("background-color: white;") # self.show() # def showMsg(self, content): # self.msgLabel.setText(content) # def openFile(self): # info_raw = { # 'id': self.idEdit.text(), # # 'public key': self.pubkeyEdit.text(), # 'private key': self.pvtkeyEdit.text(), # 'decrypt key': self.deckeyEdit.text() # } # for key in info_raw: # if len(info_raw[key]) == 0: # self.showMsg(key + ' cannot be empty') # return # try: # int(info_raw[key], 16) # except ValueError: # self.showMsg(key + ' is invalid') # return # self.showMsg('') # fname = QFileDialog.getOpenFileName(self, 'Open file', r'D:\\projects\\cryptocontest\\project') # if fname[0]: # if '.enc' not in fname[0]: # self.showMsg('invalid document\nyou should select a .enc file') # return # self.showMsg('') # self.showMsg(main(info_raw, fname[0])) # if __name__ == '__main__': # app = QApplication(sys.argv) # gui = QtGui() # sys.exit(app.exec_())
z_inv = pow(z, int(self.ecc_table['p'], base=16) - 2, int(self.ecc_table['p'], base=16)) z_invSquar = (z_inv * z_inv) % int(self.ecc_table['p'], base=16) z_invQube = (z_invSquar * z_inv) % int(self.ecc_table['p'], base=16) x_new = (x * z_invSquar) % int(self.ecc_table['p'], base=16) y_new = (y * z_invQube) % int(self.ecc_table['p'], base=16) z_new = (z * z_inv) % int(self.ecc_table['p'], base=16) if z_new == 1: form = '%%0%dx' % self.para_len form = form * 2 return form % (x_new, y_new) else: return None if __name__ == '__main__': sk = func.random_hex(len(sm2p256v1_ecc_table['n'])) tsm2 = TSM2(sk) print('pk:%s' % tsm2.pk) print('pks:%064x' % tsm2.pks) for i in range(10): op = input('op: ').strip() if op == 'sign': sign(tsm2) elif op == 'verify': verify(tsm2) else: print("""sign: sign message verify: verify message""")
def get_private_key(): """ 生成私钥 :return: <bytes> 私钥 """ return func.random_hex(64).encode()
def handleLogin(self, e): if not self.connected: return global jwt self.clearStatuses() username, ok = qw.QInputDialog.getText(self, 'name', 'Enter your name:') if not ok: return global keys self.changeStatus(0, 'searching local keys', 'loading') # time.sleep(500) found = False for filename in os.listdir('.'): if filename == "%s_keys.json" % username: found = True with open(filename, 'r') as f: keys = json.loads(f.read()) if not found: self.changeStatus(1, 'keys.json not found', 'question') self.changeStatus(2, 'please select it yourself', 'question') # time.sleep(500) fname = qw.QFileDialog.getOpenFileName(self, 'select keys.json', '.') if not fname[0]: self.clearStatuses() return if filename == ("%s_keys.json" % username): with open(fname[0], 'r') as f: keys = json.loads(f.read()) else: self.changeStatus(0, 'that is not your key', 'wrong') return self.clearStatuses() self.changeStatus(0, 'posting signature', 'loader') timestring = str(int(time.time())) sm2_sign = sm2.CryptSM2(public_key='', private_key=keys['pvtkey']) random_hex_str = func.random_hex(sm2_sign.para_len) sign_data = (username + timestring).encode('ascii') req_data = json.dumps({ 'mode': 'LOGIN', 'username': username, 'timeval': timestring, 'signature': sm2_sign.sign(sign_data, random_hex_str) }) sock.send(req_data.encode('ascii')) res = recv_except() if res == None: return res_data = json.loads(res.decode('ascii')) if res_data['status'] == '200': self.changeStatus(0, 'signature verified', 'check') self.changeStatus(1, 'successfully logged in', 'check') jwt = res_data['jwt'] self.close() gui.show() else: self.changeStatus(1, res_data['msg'], 'wrong')
def sm2_sign(private_key, public_key, data): sm2_crypt = sm2.CryptSM2(public_key=public_key, private_key=private_key) random_hex_str = func.random_hex(sm2_crypt.para_len) sign = sm2_crypt.sign(data, random_hex_str) print('sign:%s' % sign)
data = file.read() print(hash_msg(data) + "\n") with open("sm3pdf-hash.txt", "w", encoding="utf-8") as hash_file: hash_file.write(hash_msg(data)) pk, sk = generate_keypair() print(pk.hex() + "\n") print(sk.hex() + "\n") sm2_crypt = sm2.CryptSM2(public_key=pk.hex(), private_key=sk.hex()) with open("sm2.pem", "w", encoding="utf-8") as sm2: sm2.write(sk.hex()) with open("sm2Pub.pem", "w", encoding="utf-8") as sm2Pub: sm2Pub.write(pk.hex()) data = bytes.fromhex(hash_msg(data)) random_hex_str = func.random_hex(sm2_crypt.para_len) sign = sm2_crypt.sign(data, random_hex_str) print(sign + "\n") with open("sm3pdf-sign.txt", "w", encoding="utf-8") as sm3PdfSign: sm3PdfSign.write(sign) if sm2_crypt.verify(sign, data): print("right") else: print("wrong")
def sign(pub_key, pri_key, msg: str): encrypter = sm2.CryptSM2(public_key=pub_key, private_key=pri_key) k = func.random_hex(encrypter.para_len) # 生成随机数 signature = encrypter.sign(msg.encode(), k) # 十六进制签名 return signature