Пример #1
0
def generate_elgamal_keypair():
    """Return an ElGamal object with newly generated keypair"""
    if 'SFLVAULT_IN_TEST' in os.environ:
        print "WARNING: IN TEST MODE, EVERY KEYPAIR GENERATION IS BYPASSED AND USES A PRE-GENERATED AND WORLD-KNOWN KEYPAIR. REMOVE 'SFLVAULT_IN_TEST' FROM YOUR ENVIRONMENT IF YOU ARE DOING THIS ON PRODUCTION"
        eg = ElGamal.ElGamalobj()
        keys = [
            (177089723724552644256797243527295142469255734138493329314329932362154457094059269514887621456192343485606008571733849784882603220703971587460034382850082611103881050702039214183956206957248098956098183898169452181835193285526486693996807247957663965314452283162788463761928354944430848933147875443419511844733534867714246125293090881680286010834371853006350372947758409794906981881841508329191534306452090259107460058479336274992461969572007575859837L,
             2368830913657867259423174096782984007672147302922056255072161233714845396747550413964785336340342087070536608406864241095864284199288769810784864221075742905057068477336098276284927890562488210509136821440679916802167852789973929164278286140181738520594891315446533462206307248550944558426698389577513200698569512147125339722576147002382255876258436727504192479647579172625910816774587488928783787624267035610900290120258307919121453927670441700811482181614216947L,
             5861471316007038922650757021308043193803646029154275389954930654765928019938681282006482343772842302607960473277926921384673235972813815577111985557701858831111694263179407993690846841997398288866685890418702914928188654979371728552059661796422031090374692580710906447170464105162673344042938184790777466702148445760745296149876416417949678454708511011740073066144877868339403040477747772225977519821312965207L,
             1169412825199936698700035513185825593893938895474876750007859746409857305379860678064015124546593449912724002752383066585681624318254362438491372548721947497497739043831382430104856590871057670575051579668363576657397472353061812950884556034822611307705562237354213497368218843244103113882159981178841442771150519161251285978446459307942619668439466357674240712609844734284943761543870187004331653216116937988266963743961096619840352159665738163357566198583064435L
             ),
            (363126185715790250119395282425017818083421673278440118808474954552806007436370887232958142538070938460903011757636551318850215594111019699633958587914824512339681573953775134121488999147928038505883131989323638021781157246124428000084118138446325126739005521403114471077697023469488488105229388102971903306007555362613775010306064798678761753948810755236011346132218974049446116094394433461746597812371697367173395113014824646850943586174124632464143L,
             1989666736598081965365973787349938627625613245335951894925228395719349924579514682166704542464221001327015131231101009506582078440087637470784673000661958376397578391397303146171320274531265903747455382524598808613766406694744319576824028880703970997080651320662468590292703565426391011134523391035995750230341849776175803186815053305823053143914398318121693692044542134832809759905437953710838534372887584358442203447387293183908262967797038874535690090799742911L,
             133850088107174975861015682594827971956767368440585898108600141692889215241539178575381178799995195531301157505453120993980045956642227472649664668888717884598815932243844750408878011387532720932159839454554017574665882963054750224693505390054364096154711586190837517112644639757613967217614109546151313073865262488626822109764294618345504453742784825659007630866924661811701179640013729327586347L,
             742665583685283032188129474839034185107068199926583417281240975739235100098517297493350864258177674271267050862217567671938790648634008735784684115797768392310253433978502694449565453913758801583487678024491118014887051643096970952295790434950566748516670079663712282848262006606082748685002561868381598918739708181310245226480020229450553192469536632519293406262550081671717685585065331112633947328611250435010734072352883491446355872734313855711051794348490960L
             )
        ]
        eg.g, eg.p, eg.x, eg.y = keys[random.randint(0, 1)]
        return eg
    # Otherwise, generate, really :)
    return ElGamal.generate(1536, randfunc)
Пример #2
0
    def __ElGamal_generate(self, bits, randfunc):
        """Randomly generate a new ElGamal key but with pre-computed group.

        Based on public domain code from PyCrypto
        - ElGamal.py : ElGamal encryption/decryption and signatures
        - Part of the Python Cryptography Toolkit
        - Originally written by: A.M. Kuchling

        The key will be safe for use for both encryption and signature
        (although it should be used for **only one** purpose).

        :Parameters:
            bits : int
                Key length, or size (in bits) of the modulus *p*.
                Recommended value is 2048.
            randfunc : callable
                Random number generation function; it should accept
                a single integer N and return a string of random data
                N bytes long.

        :attention: You should always use a cryptographically secure random
            number generator, such as the one defined in the
            ``Crypto.Random`` module; **don't** just use the current time
            and the ``random`` module.

        :Return: An ElGamal key object (`ElGamalobj`).
        """

        # Creating ElGamal keys is slow, especially with PyCrypto. The
        # key-generation is done over a cyclic group created based on a safe
        # prime.

        # A safe prime is a prime `p` of the form `p = 2*q + 1` where `q` is
        # *also* a prime; computing this can be as slow as taking ~3-5 minutes
        # for a 2048-bit number and upwards of an hour for a 4096-bit number.

        # However, we can pre-compute the prime `p` for common key-lengths
        # and use that instead, without impacting security of the scheme.

        obj = ElGamal.ElGamalobj()

        # Generate a safe prime p
        # See Algorithm 4.86 in Handbook of Applied Cryptography

        ## if using some commonly used key-lengths, use a pre-computed p
        if bits in self.__safe_primes:
            obj.p = int(self.__safe_primes[bits], 16)
            q = (obj.p - 1) // 2
        else:
            # no-precomputed value available. Default to creating new prime
            # XXX This is very slow for large key-sizes.
            while 1:
                q = bignum(getPrime(bits - 1, randfunc))
                obj.p = 2 * q + 1
                if number.isPrime(obj.p, randfunc=randfunc):
                    break
        # Generate generator g
        # See Algorithm 4.80 in Handbook of Applied Cryptography
        # Note that the order of the group is n=p-1=2q, where q is prime
        while 1:
            # We must avoid g=2 because of Bleichenbacher's attack described
            # in "Generating ElGamal signatures without knowning the secret key",
            # 1996
            #
            obj.g = number.getRandomRange(3, obj.p, randfunc)
            safe = 1
            if pow(obj.g, 2, obj.p) == 1:
                safe = 0
            if safe and pow(obj.g, q, obj.p) == 1:
                safe = 0
            # Discard g if it divides p-1 because of the attack described
            # in Note 11.67 (iii) in HAC
            if safe and divmod(obj.p - 1, obj.g)[1] == 0:
                safe = 0
            # g^{-1} must not divide p-1 because of Khadir's attack
            # described in "Conditions of the generator for forging ElGamal
            # signature", 2011
            ginv = number.inverse(obj.g, obj.p)
            if safe and divmod(obj.p - 1, ginv)[1] == 0:
                safe = 0
            if safe:
                break
        # Generate private key x
        obj.x = number.getRandomRange(2, obj.p - 1, randfunc)
        # Generate public key y
        obj.y = pow(obj.g, obj.x, obj.p)
        return obj
Пример #3
0
 def elgamal(self):
     """Return the ElGamal object, ready to encrypt stuff."""
     e = ElGamal.ElGamalobj()
     (e.p, e.g, e.y) = unserial_elgamal_pubkey(self.pubkey)
     return e