def sign(self, inputb):
"""
Sign the input with ECDSA method and returns the signature
"""
try:
size = len(inputb)
buff = openssl.malloc(inputb, size)
digest = openssl.malloc(0, 64)
md_ctx = openssl.EVP_MD_CTX_create()
dgst_len = openssl.pointer(openssl.c_int(0))
siglen = openssl.pointer(openssl.c_int(0))
sig = openssl.malloc(0, 151)
key = openssl.EC_KEY_new_by_curve_name(self.curve)
if key == 0:
raise Exception("[OpenSSL] EC_KEY_new_by_curve_name FAIL ...")
priv_key = openssl.BN_bin2bn(self.privkey, len(self.privkey), 0)
pub_key_x = openssl.BN_bin2bn(self.pubkey_x, len(self.pubkey_x), 0)
pub_key_y = openssl.BN_bin2bn(self.pubkey_y, len(self.pubkey_y), 0)
if (openssl.EC_KEY_set_private_key(key, priv_key)) == 0:
raise Exception("[OpenSSL] EC_KEY_set_private_key FAIL ...")
group = openssl.EC_KEY_get0_group(key)
pub_key = openssl.EC_POINT_new(group)
if (openssl.EC_POINT_set_affine_coordinates_GFp(group, pub_key, pub_key_x, pub_key_y, 0)) == 0:
raise Exception("[OpenSSL] EC_POINT_set_affine_coordinates_GFp FAIL ...")
if (openssl.EC_KEY_set_public_key(key, pub_key)) == 0:
raise Exception("[OpenSSL] EC_KEY_set_public_key FAIL ...")
if (openssl.EC_KEY_check_key(key)) == 0:
raise Exception("[OpenSSL] EC_KEY_check_key FAIL ...")
openssl.EVP_MD_CTX_init(md_ctx)
openssl.EVP_DigestInit(md_ctx, openssl.EVP_ecdsa())
if (openssl.EVP_DigestUpdate(md_ctx, buff, size)) == 0:
raise Exception("[OpenSSL] EVP_DigestUpdate FAIL ...")
openssl.EVP_DigestFinal(md_ctx, digest, dgst_len)
openssl.ECDSA_sign(0, digest, dgst_len.contents, sig, siglen, key)
if (openssl.ECDSA_verify(0, digest, dgst_len.contents, sig, siglen.contents, key)) != 1:
raise Exception("[OpenSSL] ECDSA_verify FAIL ...")
return sig.raw
finally:
openssl.EC_KEY_free(key)
openssl.BN_free(pub_key_x)
openssl.BN_free(pub_key_y)
openssl.BN_free(priv_key)
openssl.EC_POINT_free(pub_key)
openssl.EVP_MD_CTX_destroy(md_ctx)
def final(self):
i = openssl.c_int(0)
buffer = openssl.malloc(self.ciphertext, len(self.ciphertext)+self.cipher.get_blocksize())
if (openssl.EVP_CipherFinal_ex(self.ctx, openssl.byref(buffer,self.size), openssl.byref(i))) == 0:
raise Exception("[OpenSSL] EVP_CipherFinal_ex FAIL ...")
self.size += i.value
return buffer.raw[0:self.size]
def update(self, input):
i = openssl.c_int(0)
buffer = openssl.malloc(b"", len(input)+self.cipher.get_blocksize())
inp = openssl.malloc(input,len(input))
if openssl.EVP_CipherUpdate(self.ctx, openssl.byref(buffer), openssl.byref(i), inp, len(input)) == 0:
raise Exception("[OpenSSL] EVP_CipherUpdate FAIL ...")
self.size += i.value
self.ciphertext += buffer.raw[0:i.value]
def hmac(k, m):
"""
Compute the key and the message with HMAC SHA512
"""
key = openssl.malloc(k, len(k))
d = openssl.malloc(m, len(m))
md = openssl.malloc(0, 64)
i = openssl.pointer(openssl.c_int(0))
openssl.HMAC(openssl.EVP_sha512(), key, len(k), d, len(m), md, i)
return md.raw
def verify(self, sig, inputb):
"""
Verify the signature with the input and the local public key. Returns a boolean
"""
try:
bsig = openssl.malloc(sig, len(sig))
binputb = openssl.malloc(inputb, len(inputb))
digest = openssl.malloc(0, 64)
dgst_len = openssl.pointer(openssl.c_int(0))
md_ctx = openssl.EVP_MD_CTX_create()
key = openssl.EC_KEY_new_by_curve_name(self.curve)
if key == 0:
raise Exception("[OpenSSL] EC_KEY_new_by_curve_name FAIL ...")
pub_key_x = openssl.BN_bin2bn(self.pubkey_x, len(self.pubkey_x), 0)
pub_key_y = openssl.BN_bin2bn(self.pubkey_y, len(self.pubkey_y), 0)
group = openssl.EC_KEY_get0_group(key)
pub_key = openssl.EC_POINT_new(group)
if (openssl.EC_POINT_set_affine_coordinates_GFp(group, pub_key, pub_key_x, pub_key_y, 0)) == 0:
raise Exception("[OpenSSL] EC_POINT_set_affine_coordinates_GFp FAIL ...")
if (openssl.EC_KEY_set_public_key(key, pub_key)) == 0:
raise Exception("[OpenSSL] EC_KEY_set_public_key FAIL ...")
if (openssl.EC_KEY_check_key(key)) == 0:
raise Exception("[OpenSSL] EC_KEY_check_key FAIL ...")
openssl.EVP_MD_CTX_init(md_ctx)
openssl.EVP_DigestInit(md_ctx, openssl.EVP_ecdsa())
if (openssl.EVP_DigestUpdate(md_ctx, binputb, len(inputb))) == 0:
raise Exception("[OpenSSL] EVP_DigestUpdate FAIL ...")
openssl.EVP_DigestFinal(md_ctx, digest, dgst_len)
ret = openssl.ECDSA_verify(0, digest, dgst_len.contents, bsig, len(sig), key)
if ret == -1:
return False # Fail to Check
else :
if ret == 0:
return False # Bad signature !
else:
return True # Good
return False
finally:
openssl.EC_KEY_free(key)
openssl.BN_free(pub_key_x)
openssl.BN_free(pub_key_y)
openssl.EC_POINT_free(pub_key)
openssl.EVP_MD_CTX_destroy(md_ctx)
