Пример #1
0
 def update(self, input):
     i = openssl.c_int(0)
     buffer = openssl.malloc(b"", len(input)+self.cipher.get_blocksize())
     inp = openssl.malloc(input,len(input))
     if openssl.EVP_CipherUpdate(self.ctx, openssl.byref(buffer), openssl.byref(i), inp, len(input)) == 0:
         raise Exception("[OpenSSL] EVP_CipherUpdate FAIL ...")
     self.size += i.value
     self.ciphertext += buffer.raw[0:i.value]
Пример #2
0
def hmac(k, m):
    """
    Compute the key and the message with HMAC SHA512
    """
    key = openssl.malloc(k, len(k))
    d = openssl.malloc(m, len(m))
    md = openssl.malloc(0, 64)
    i = openssl.pointer(openssl.c_int(0))
    openssl.HMAC(openssl.EVP_sha512(), key, len(k), d, len(m), md, i)
    return md.raw
Пример #3
0
    def sign(self, inputb):
        """
        Sign the input with ECDSA method and returns the signature
        """
        try:
            size = len(inputb)
            buff = openssl.malloc(inputb, size)
            digest = openssl.malloc(0, 64)
            md_ctx = openssl.EVP_MD_CTX_create()
            dgst_len = openssl.pointer(openssl.c_int(0))
            siglen = openssl.pointer(openssl.c_int(0))
            sig = openssl.malloc(0, 151)

            key = openssl.EC_KEY_new_by_curve_name(self.curve)
            if key == 0:
                raise Exception("[OpenSSL] EC_KEY_new_by_curve_name FAIL ...")

            priv_key = openssl.BN_bin2bn(self.privkey, len(self.privkey), 0)
            pub_key_x = openssl.BN_bin2bn(self.pubkey_x, len(self.pubkey_x), 0)
            pub_key_y = openssl.BN_bin2bn(self.pubkey_y, len(self.pubkey_y), 0)

            if (openssl.EC_KEY_set_private_key(key, priv_key)) == 0:
                raise Exception("[OpenSSL] EC_KEY_set_private_key FAIL ...")

            group = openssl.EC_KEY_get0_group(key)
            pub_key = openssl.EC_POINT_new(group)

            if (openssl.EC_POINT_set_affine_coordinates_GFp(group, pub_key, pub_key_x, pub_key_y, 0)) == 0:
                raise Exception("[OpenSSL] EC_POINT_set_affine_coordinates_GFp FAIL ...")
            if (openssl.EC_KEY_set_public_key(key, pub_key)) == 0:
                raise Exception("[OpenSSL] EC_KEY_set_public_key FAIL ...")
            if (openssl.EC_KEY_check_key(key)) == 0:
                raise Exception("[OpenSSL] EC_KEY_check_key FAIL ...")

            openssl.EVP_MD_CTX_init(md_ctx)
            openssl.EVP_DigestInit(md_ctx, openssl.EVP_ecdsa())

            if (openssl.EVP_DigestUpdate(md_ctx, buff, size)) == 0:
                raise Exception("[OpenSSL] EVP_DigestUpdate FAIL ...")
            openssl.EVP_DigestFinal(md_ctx, digest, dgst_len)
            openssl.ECDSA_sign(0, digest, dgst_len.contents, sig, siglen, key)
            if (openssl.ECDSA_verify(0, digest, dgst_len.contents, sig, siglen.contents, key)) != 1:
                raise Exception("[OpenSSL] ECDSA_verify FAIL ...")

            return sig.raw

        finally:
            openssl.EC_KEY_free(key)
            openssl.BN_free(pub_key_x)
            openssl.BN_free(pub_key_y)
            openssl.BN_free(priv_key)
            openssl.EC_POINT_free(pub_key)
            openssl.EVP_MD_CTX_destroy(md_ctx)
Пример #4
0
    def verify(self, sig, inputb):
        """
        Verify the signature with the input and the local public key. Returns a boolean
        """
        try:
            bsig = openssl.malloc(sig, len(sig))
            binputb = openssl.malloc(inputb, len(inputb))
            digest = openssl.malloc(0, 64)
            dgst_len = openssl.pointer(openssl.c_int(0))
            md_ctx = openssl.EVP_MD_CTX_create()

            key = openssl.EC_KEY_new_by_curve_name(self.curve)

            if key == 0:
                raise Exception("[OpenSSL] EC_KEY_new_by_curve_name FAIL ...")

            pub_key_x = openssl.BN_bin2bn(self.pubkey_x, len(self.pubkey_x), 0)
            pub_key_y = openssl.BN_bin2bn(self.pubkey_y, len(self.pubkey_y), 0)
            group = openssl.EC_KEY_get0_group(key)
            pub_key = openssl.EC_POINT_new(group)

            if (openssl.EC_POINT_set_affine_coordinates_GFp(group, pub_key, pub_key_x, pub_key_y, 0)) == 0:
                raise Exception("[OpenSSL] EC_POINT_set_affine_coordinates_GFp FAIL ...")
            if (openssl.EC_KEY_set_public_key(key, pub_key)) == 0:
                raise Exception("[OpenSSL] EC_KEY_set_public_key FAIL ...")
            if (openssl.EC_KEY_check_key(key)) == 0:
                raise Exception("[OpenSSL] EC_KEY_check_key FAIL ...")

            openssl.EVP_MD_CTX_init(md_ctx)
            openssl.EVP_DigestInit(md_ctx, openssl.EVP_ecdsa())
            if (openssl.EVP_DigestUpdate(md_ctx, binputb, len(inputb))) == 0:
                raise Exception("[OpenSSL] EVP_DigestUpdate FAIL ...")

            openssl.EVP_DigestFinal(md_ctx, digest, dgst_len)
            ret = openssl.ECDSA_verify(0, digest, dgst_len.contents, bsig, len(sig), key)

            if ret == -1:
                return False # Fail to Check
            else :
                if ret == 0:
                    return False # Bad signature !
                else:
                    return True # Good
            return False

        finally:
            openssl.EC_KEY_free(key)
            openssl.BN_free(pub_key_x)
            openssl.BN_free(pub_key_y)
            openssl.EC_POINT_free(pub_key)
            openssl.EVP_MD_CTX_destroy(md_ctx)
Пример #5
0
 def __init__(self, key, iv, do, ciphername='aes-256-cbc'):
     """
     do == 1 => Encrypt; do == 0 => Decrypt
     """
     self.cipher = openssl.get_cipher(ciphername)
     self.ctx = openssl.EVP_CIPHER_CTX_new()
     self.ciphertext = b""
     self.size = 0
     if do == 1 or do == 0:
         k = openssl.malloc(key, len(key))
         IV = openssl.malloc(iv, len(iv))
         openssl.EVP_CipherInit_ex(self.ctx, self.cipher.get_pointer(), 0, k, IV, do)
     else:
         raise Exception("RTFM ...")
Пример #6
0
 def final(self):
     i = openssl.c_int(0)
     buffer = openssl.malloc(self.ciphertext, len(self.ciphertext)+self.cipher.get_blocksize())
     if (openssl.EVP_CipherFinal_ex(self.ctx, openssl.byref(buffer,self.size), openssl.byref(i))) == 0:
         raise Exception("[OpenSSL] EVP_CipherFinal_ex FAIL ...")
     self.size += i.value
     return buffer.raw[0:self.size]
Пример #7
0
    def _generate(self):
        try:
            pub_key_x = openssl.BN_new()
            pub_key_y = openssl.BN_new()

            key = openssl.EC_KEY_new_by_curve_name(self.curve)
            if key == 0:
                raise Exception("[OpenSSL] EC_KEY_new_by_curve_name FAIL ...")
            if (openssl.EC_KEY_generate_key(key)) == 0:
                raise Exception("[OpenSSL] EC_KEY_generate_key FAIL ...")
            if (openssl.EC_KEY_check_key(key)) == 0:
                raise Exception("[OpenSSL] EC_KEY_check_key FAIL ...")
            priv_key = openssl.EC_KEY_get0_private_key(key)

            group = openssl.EC_KEY_get0_group(key)
            pub_key = openssl.EC_KEY_get0_public_key(key)

            if (openssl.EC_POINT_get_affine_coordinates_GFp(group, pub_key, pub_key_x, pub_key_y, 0)) == 0:
                raise Exception("[OpenSSL] EC_POINT_get_affine_coordinates_GFp FAIL ...")

            privkey = openssl.malloc(0, openssl.BN_num_bytes(priv_key))
            pubkeyx = openssl.malloc(0, openssl.BN_num_bytes(pub_key_x))
            pubkeyy = openssl.malloc(0, openssl.BN_num_bytes(pub_key_y))
            openssl.BN_bn2bin(priv_key,privkey)
            privkey = privkey.raw
            openssl.BN_bn2bin(pub_key_x,pubkeyx)
            pubkeyx = pubkeyx.raw
            openssl.BN_bn2bin(pub_key_y,pubkeyy)
            pubkeyy = pubkeyy.raw
            self.raw_check_key(privkey, pubkeyx, pubkeyy)

            return privkey, pubkeyx, pubkeyy

        finally:
            openssl.EC_KEY_free(key)
            openssl.BN_free(pub_key_x)
            openssl.BN_free(pub_key_y)
Пример #8
0
    def raw_get_ecdh_key(self, pubkey_x, pubkey_y):
        try:
            ecdh_keybuffer = openssl.malloc(0, 32)

            other_key = openssl.EC_KEY_new_by_curve_name(self.curve)
            if other_key == 0:
                raise Exception("[OpenSSL] EC_KEY_new_by_curve_name FAIL ...")

            other_pub_key_x = openssl.BN_bin2bn(pubkey_x, len(pubkey_x), 0)
            other_pub_key_y = openssl.BN_bin2bn(pubkey_y, len(pubkey_y), 0)

            other_group = openssl.EC_KEY_get0_group(other_key)
            other_pub_key = openssl.EC_POINT_new(other_group)

            if (openssl.EC_POINT_set_affine_coordinates_GFp(other_group, other_pub_key, other_pub_key_x, other_pub_key_y, 0)) == 0:
                raise Exception("[OpenSSL] EC_POINT_set_affine_coordinates_GFp FAIL ...")
            if (openssl.EC_KEY_set_public_key(other_key, other_pub_key)) == 0:
                raise Exception("[OpenSSL] EC_KEY_set_public_key FAIL ...")
            if (openssl.EC_KEY_check_key(other_key)) == 0:
                raise Exception("[OpenSSL] EC_KEY_check_key FAIL ...")

            own_key = openssl.EC_KEY_new_by_curve_name(self.curve)
            if own_key == 0:
                raise Exception("[OpenSSL] EC_KEY_new_by_curve_name FAIL ...")
            own_priv_key = openssl.BN_bin2bn(self.privkey, len(self.privkey), 0)

            if (openssl.EC_KEY_set_private_key(own_key, own_priv_key)) == 0:
                raise Exception("[OpenSSL] EC_KEY_set_private_key FAIL ...")

            openssl.ECDH_set_method(own_key, openssl.ECDH_OpenSSL())
            ecdh_keylen = openssl.ECDH_compute_key(ecdh_keybuffer, 32, other_pub_key, own_key, 0)

            if ecdh_keylen != 32:
                raise Exception("[OpenSSL] ECDH keylen FAIL ...")

            return ecdh_keybuffer.raw

        finally:
            openssl.EC_KEY_free(other_key)
            openssl.BN_free(other_pub_key_x)
            openssl.BN_free(other_pub_key_y)
            openssl.EC_POINT_free(other_pub_key)
            openssl.EC_KEY_free(own_key)
            openssl.BN_free(own_priv_key)