def processTLSpacket(self,pkt): mtls=TLS(pkt) if scapy_ssl_tls.ssl_tls.TLSServerHello in mtls: self.serverrandom= str(mtls[scapy_ssl_tls.ssl_tls.TLSServerHello])[2:34] print 'Server Random Found' if scapy_ssl_tls.ssl_tls.TLSClientHello in mtls: self.clientrandom= str(mtls[scapy_ssl_tls.ssl_tls.TLSClientHello])[2:34] #mtls[scapy_ssl_tls.ssl_tls.TLSClientHello].show2() #print [ord(i) for i in str(mtls[scapy_ssl_tls.ssl_tls.TLSClientHello])[:40]] print [ord(i) for i in self.clientrandom] print 'Client Random Found' if scapy_ssl_tls.ssl_tls.TLSServerKeyExchange in mtls: server_kex = mtls[scapy_ssl_tls.ssl_tls.TLSServerKeyExchange] a = server_kex[scapy_ssl_tls.ssl_tls.TLSServerECDHParams] point = scapy_ssl_tls.ssl_tls_keystore.ansi_str_to_point(a.p) self.serverpub=a.p curve = ec_reg.get_curve('secp256r1') scapy_ssl_tls.ssl_tls_keystore.ECDHKeyStore(curve, ec.Point(curve, *point)) # PREMASTER KEY ec_curve = ec_reg.get_curve('secp256r1') server_keypair = ec.Keypair(ec_curve, pub= str_to_ec_point(self.serverpub,ec_curve)) client_keypair=pickle.load(open('/home/gabriel/waterfall/decoy/scapy_ssl_tls/clientpriv')) secret_point = ec.ECDH(client_keypair).get_secret(server_keypair) mk = int_to_str(secret_point.x) # masalan premaster key sec_params = scapy_ssl_tls.ssl_tls_crypto.TLSSecurityParameters.from_pre_master_secret(self.prf, scapy_ssl_tls.ssl_tls.TLSCipherSuite.ECDHE_RSA_WITH_AES_128_GCM_SHA256, mk, self.clientrandom, self.serverrandom) sym_keystore = sec_params.server_keystore # print("SYYYYYN JEEEEEET", sym_keystore.key) self.server_write_key = sym_keystore.key self.server_write_iv = sym_keystore.iv self.candecrypt = True # ecdh=scapy_ssl_tls.ssl_tls.TLSServerECDHParams(str(mtls[scapy_ssl_tls.ssl_tls.TLSServerKeyExchange])) # self.serverpub=ecdh.p # print 'server public Found' # self.driveKeys() if self.candecrypt: # print 'decrypting ' # mtls.show2() if scapy_ssl_tls.ssl_tls.TLSCiphertext in mtls: # print 'decryptable' plain=self.decrypt(mtls[scapy_ssl_tls.ssl_tls.TLSCiphertext].data) if mtls.records[0].content_type==23: self.startreplace=True #print plain[:60] self.addHTTPpacket(plain)
def test_scrypt(): A_curve = getCurve(5) A_pri = getPri(A_curve) A_pub = getPub(A_pri, A_curve) B_curve = getCurve(5) B_pri = getPri(B_curve) B_pub = getPub(B_pri, B_curve) A_sym = getShairKey(A_pri, B_pub) B_sym = getShairKey(B_pri, A_pub) A_Parts = ( A_pub.curve.name, A_pub.x, A_pub.y ) print(A_Parts) p1 = ec.Point( registry.get_curve(A_Parts[0]), A_Parts[1], A_Parts[2] ) P_sym = getShairKey(B_pri, p1) #print(f'P is {p1}') #print(f'A_sym:', compress(A_sym)) #print(f'B_sym:', compress(B_sym)) #print(f'P_sym:', compress(P_sym)) print("Are eq:", A_sym == B_sym) print(f'p1 is a sutable replacement:{A_sym == P_sym}')
def __init__(self, curve='brainpoolP160r1', hash=hashlib.sha1, private_key=None, public_key=None): self._curve = registry.get_curve(curve) self._bytes = (int(math.log(self._curve.field.p, 2)) + 7) / 8 self._bits = self._bytes * 8 self._hash = hash if not self._hash().block_size >= self._bytes: raise ValueError('Incompatible hash function') if private_key: self._private_key = self._from_bytes(base64.decodestring(private_key)) else: self._private_key = None if private_key and not public_key: self._public_key = self._curve.g * self._private_key elif public_key: self._public_key = self._osp2ec(base64.decodestring(public_key)) else: self._public_key = None self._kex_shared_key = None self._kex_public_key = None self._kex_private_key = None if self._public_key: self._public_key_digest = self._mgf2(self._ec2osp(self._public_key), AES.block_size) else: self._public_key_digest = None self._cached_kex_request = None self._cached_kex_response = None
def decrypt_key(pkey): privKey = int(pkey) curve = registry.get_curve('brainpoolP256r1') g = curve.g (ciphertextPubKey) = compute_public_ciphertext(g) decryptKey = ecc_calc_decryption_key(privKey, ciphertextPubKey) return compress_point(decryptKey)
def getSharedKey(sock, destinationIP, destinationPort, debug=False): curve = registry.get_curve('brainpoolP256r1') privKey = secrets.randbelow(curve.field.n) pubKey = privKey * curve.g print("My private key {} {}:".format(privKey, type(privKey))) # Now exchange the public keys (e.g. through Internet) if not debug: sock.sendto(("[Key]" + pubKey).encode(), (destinationIP, destinationPort)) data = sock.recvfrom(4096) decodedMessage = data.decode() pairPubKey = decodedMessage else: pairPrivKey = secrets.randbelow(curve.field.n) pairPubKey = pairPrivKey * curve.g mySharedKey = privKey * pairPubKey print( "My shared key to {} {}:".format(compress(mySharedKey), destinationPort), compress(mySharedKey)) if debug: pairSharedKey = pairPrivKey * pubKey print( "Pair shared key to {} {}:".format(destinationIP, destinationPort), compress(mySharedKey)) assert mySharedKey == pairSharedKey return compress(mySharedKey)
def __init__(self, curve='brainpoolP160r1', hash=None, private_key=None, public_key=None): if not hash: if '160' in curve: hash = SHA1 elif '224' in curve: hash = SHA3_256 elif '256' in curve: hash = SHA3_256 elif '384' in curve: hash = SHA3_512 elif '521' in curve: hash = SHA3_512 else: raise ValueError('Appropriate hash should be specified') self._curve = registry.get_curve(curve) self._bytes = (int(math.log(self._curve.field.p, 2)) + 7) / 8 self._bits = self._bytes * 8 self._hash = hash # Check that hash is properly initialized self._hash.new() try: self._mgf_size = self._hash.new().block_size except AttributeError: self._mgf_size = self._hash.digest_size if not self._mgf_size >= self._bytes: raise ValueError('Incompatible hash function') if private_key: self._private_key = self._from_bytes( base64.decodestring(private_key)) else: self._private_key = None if private_key and not public_key: self._public_key = self._curve.g * self._private_key elif public_key: self._public_key = self._osp2ec(base64.decodestring(public_key)) else: self._public_key = None self._kex_shared_key = None self._kex_public_key = None self._kex_private_key = None if self._public_key: self._public_key_digest = self._mgf2( self._ec2osp(self._public_key), AES.block_size) else: self._public_key_digest = None self._cached_kex_request = None self._cached_kex_response = None
def test_when_valid_curve_name_is_provided_then_curve_object_is_built( self): curve_name = "brainpoolP160r1" curve = reg.get_curve(curve_name) self.assertIsInstance(curve, ec.Curve) self.assertEqual(curve_name, curve.name) self.assertEqual(reg.EC_CURVE_REGISTRY[curve_name]["n"], curve.field.n)
def main(): """ Crypt&Decrypt message using ECC & AES """ curve = registry.get_curve('brainpoolP256r1') msg = input("Podaj wiadomość: ") msg = msg.encode('utf-8') print("Oryginalna wiadomość:", msg.decode("ISO-8859-1").rstrip('\0')) privKey = secrets.randbelow(curve.field.n) pubKey = privKey * curve.g starttime = timeit.default_timer() encryptedMsg = encrypt_ECC(msg, pubKey, curve) encryptedMsgObj = { 'ciphertext': binascii.hexlify(encryptedMsg[0]), 'nonce': binascii.hexlify(encryptedMsg[1]), 'authTag': binascii.hexlify(encryptedMsg[2]), 'ciphertextPubKey': hex(encryptedMsg[3].x) + hex(encryptedMsg[3].y % 2)[2:] } print("Czas szyfrowania używając ECC: ", timeit.default_timer() - starttime, "s") starttime = timeit.default_timer() decryptedMsg = decrypt_ECC(encryptedMsg, privKey) print("Czas odszyfrowania ECC: ", timeit.default_timer() - starttime, "s") print("Zaszyfrowana wiadomość:", encryptedMsgObj) print("Odszyfrowana wiadomość:", decryptedMsg.decode("ISO-8859-1").rstrip('\0'))
def readPublicKey(init_file): FileCredibility.fullStop(init_file) with open(init_file, 'r') as out: content = out.readline().replace('[', '').replace(']', '').split(',') return ec.Point(registry.get_curve(content[0]), int(content[1]), int(content[2]))
def get_encrypted_key(): curve = registry.get_curve('brainpoolP256r1') privKey = secrets.randbelow(curve.field.n) g = curve.g pubKey = privKey * g (encryptKey, ciphertextPubKey) = ecc_calc_encryption_keys(pubKey, curve) return (privKey, compress_point(encryptKey))
def generatePrivateKey(curve_name='secp192r1'): """ Generates an ECC private key in the specified curve. :param curve_name: Name of the elliptic curve employed. :return: Private EC key. """ curve = reg.get_curve(curve_name) privKey = secrets.randbelow(curve.field.n) return toHex(privKey)
def hashToPoint(input, curve_name='secp192r1'): """ A hash function that returns a point of the curve :param input: A point of an elliptic curve. :param curve_name: Name of the elliptic curve employed. :return: A point on the curve. """ curve = reg.get_curve(curve_name) scalar = hashToScalar(str(input), curve_name) return scalar * curve.g
def generateKeyPair(curve_name='secp192r1') -> object: """ Generates an ECC private and public key in the specified curve. :param curve_name: Name of the elliptic curve employed. :return: A tuple of private and public EC keys """ curve = reg.get_curve(curve_name) privKey = secrets.randbelow(curve.field.n) pubKey = privKey * curve.g return privKey, pubKey
def generatePublicKey(curve_name='secp192r1'): """ Generates an ECC public key in the specified curve. :param curve_name: Name of the elliptic curve employed. :return: A public EC key (EC Point) """ curve = reg.get_curve(curve_name) privKey = secrets.randbelow(curve.field.n) pubKey = privKey * curve.g return toStandardFormat(pubKey)
def Elliptic_crypto(): curve = registry.get_curve('secp256r1') #standard elliptic curves privkey = secrets.randbelow(curve.field.n) f = curve.g m = f.y + f.x pubkey = privkey * m privkey = str(privkey) pubkeycomp = str(pubkey) #public key compression return (privkey, pubkeycomp)
def ECDHE(self, server_pubkey, curve_type_byte): curve_type_str = analyze_dict( curve_type_byte, Define().define_named_curve) curve = registry.get_curve(curve_type_str) self.privkey = secrets.randbelow(curve.field.n) self.pubkey = self.privkey * curve.g self.sharekey = self.privkey * server_pubkey
def hashToScalar(input, curve_name='secp192r1'): """ Given an input, returns an element in the field defined by the curve. :param input: Any hashable input. :param curve_name: Name of the elliptic curve employed. :return: A number in the finite field defined by the curve. """ curve = reg.get_curve(curve_name) p = curve.field.p if isinstance(input, str): input = input.encode('utf-8') return fromHexToInt(hashlib.sha3_256(input).hexdigest()) % p
def decompressPoint(point, curve_name='secp192r1'): """ Takes a compressed point of the form (x, even/odd) :param point: Compressed point in the form (x, even/odd) :param curve_name: Name of the elliptic curve employed. :return: EC Point """ curve = reg.get_curve(curve_name) p = curve.field.p y = sqrtmod(pow(point.x, 3, p) + curve.a * point.x + curve.b, p) if point.y: return ec.Point(curve, point.x, y) else: return ec.Point(curve, point.x, p - y)
def ECDHE_Key_Point(self, rfc5480_pubkey, curve_type_byte): curve_type_str = analyze_dict( curve_type_byte, Define().define_named_curve) curve_type = registry.get_curve(curve_type_str) x_byte = rfc5480_pubkey[1:33] x = int.from_bytes(x_byte, 'big') y_byte = rfc5480_pubkey[33:65] y = int.from_bytes(y_byte, 'big') pubkey = ec.Point(curve_type, x, y) return pubkey
def generateKeys(): global curve global server_private_key global server_public_key print("generateKeys --> Init") curve = reg.get_curve('secp256r1') #Generating Server private server_private_key = secrets.randbelow(curve.field.n) #server_private_key = 1 # Prueba con key harcodeada #print("Z(p): ", curve.field.n) print("generateKeys --> Server private key: ", server_private_key) # Generate Server publickey from the private key and Generator point server_public_key = server_private_key * curve.g print("generateKeys --> Server public key: ", server_public_key, "type: ", type(server_public_key))
def test_client_ecdh_parameters_generation_matches_fixed_data(self): tls_ctx = tlsc.TLSSessionCtx() secp256r1 = reg.get_curve("secp256r1") public = ec.Point(secp256r1, 71312736565121892539464098105317518227531978702333415386264829982789952731614, 108064706642599821618918248475955325719985341096102200103424860263181813987462) tls_ctx.server_ctx.kex_keystore = tlsk.ECDHKeyStore(secp256r1, public) client_privkey = 15320484772785058360598040144348894600917526501829289880527760633524785596585 client_keys = ec.Keypair(secp256r1, client_privkey) client_pubkey = tls_ctx.get_client_ecdh_pubkey(client_privkey) self.assertTrue(client_pubkey.startswith("\x04")) self.assertEqual("\x04%s%s" % (tlsc.int_to_str(client_keys.pub.x), tlsc.int_to_str(client_keys.pub.y)), client_pubkey) self.assertEqual(client_keys.pub, tls_ctx.client_ctx.kex_keystore.public) self.assertEqual("'(\x17\x94l\xd7AO\x03\xd4Fi\x05}mP\x1aX5C7\xf0_\xa9\xb0\xac\xba{r\x1f\x12\x8f", tls_ctx.premaster_secret)
def __init__(self, curve="brainpoolP256r1"): if curve is "" or curve is None: self.curve = "brainpoolP256r1" curve_options = [ "brainpoolP160r1", "brainpoolP192r1", "brainpoolP224r1", "brainpoolP256r1", "brainpoolP320r1", "brainpoolP384r1", "brainpoolP512r1", "secp192r1", "secp224r1", "secp256r1", "secp384r1", "secp521r1" ] if curve in curve_options: self.curve = registry.get_curve(curve) else: raise Exception("the specified curve is unknown", curve)
def driveKeys(self): #pk= ec.generate_private_key(ec.SECP256R1, backend) ec_curve = ec_reg.get_curve('secp256r1') server_keypair = ec.Keypair(ec_curve, pub= str_to_ec_point(self.serverpub,ec_curve)) client_keypair=pickle.load(open('clientpriv')) secret_point = ec.ECDH(client_keypair).get_secret(server_keypair) mk = int_to_str(secret_point.x) pshare=self.prf.get_bytes(mk,'master secret',self.clientrandom+self.serverrandom,num_bytes=48) target_len=128 blockkey=self.prf.get_bytes(pshare,'key expansion',self.serverrandom+self.clientrandom,num_bytes=target_len) print [ord(i) for i in blockkey] i = 0 self.client_write_MAC_key = blockkey[i:i+self.mac_key_length] i += self.mac_key_length self.server_write_MAC_key = blockkey[i:i+self.mac_key_length] i += self.mac_key_length self.client_write_key = blockkey[i:i+self.cipher_key_length] i += self.cipher_key_length self.server_write_key = blockkey[i:i+self.cipher_key_length] i += self.cipher_key_length self.client_write_IV = blockkey[i:i+self.iv_length] i += self.iv_length self.server_write_IV = blockkey[i:i+self.iv_length] i += self.iv_length self.httpcarry='' self.initDecryptor() #print [ord(i) for i in self.clientrandom] #print [ord(i) for i in self.serverrandom] #print [ord(i) for i in self.ivkey] print 'Keys are in place'
def main(): err = 0 if len(sys.argv) > 2: server = (sys.argv[1], int(sys.argv[2])) else: server = ("127.0.0.1", 8443) # TODO: encapsulate this into a nicer interface nist256 = ec_reg.get_curve(TLS_SUPPORTED_GROUPS[TLSSupportedGroup.SECP256R1]) keypair = ec.make_keypair(nist256) ec_pub = tlsk.point_to_ansi_str(keypair.pub) draft_version = 18 ciphers = [TLSCipherSuite.TLS_AES_256_GCM_SHA384, TLSCipherSuite.TLS_AES_128_GCM_SHA256] key_share = TLSExtension() / TLSExtKeyShare() / TLSClientHelloKeyShare(client_shares=[TLSKeyShareEntry(named_group=TLSSupportedGroup.SECP256R1, key_exchange=ec_pub)]) named_groups = TLSExtension() / TLSExtSupportedGroups(named_group_list=[TLSSupportedGroup.SECP256R1, TLSSupportedGroup.SECP384R1, TLSSupportedGroup.SECP521R1]) extensions = [TLSExtension() / TLSExtServerNameIndication(server_names=TLSServerName(data=server[0])), TLSExtension() / TLSExtRenegotiationInfo(), named_groups, TLSExtension() / TLSExtECPointsFormat(), TLSExtension(type=TLSExtensionType.SESSIONTICKET_TLS), TLSExtension() / TLSExtALPN(), TLSExtension(type=TLSExtensionType.SIGNED_CERTIFICATE_TIMESTAMP), key_share, TLSExtension() / TLSExtSupportedVersions(versions=[tls_draft_version(draft_version)]), TLSExtension() / TLSExtSignatureAlgorithms()] with TLSSocket(client=True) as tls_socket: tls_socket.tls_ctx.client_ctx.shares.append(tlsk.ECDHKeyStore.from_keypair(nist256, keypair)) tls_socket.connect(server) try: pkt = TLSRecord() / TLSHandshakes(handshakes=[TLSHandshake() / TLSClientHello(cipher_suites=ciphers, extensions=extensions)]) r = tls_socket.do_round_trip(pkt) r.show() r = tls_socket.do_round_trip(TLSHandshakes(handshakes=[TLSHandshake() / TLSFinished(data=tls_socket.tls_ctx.get_verify_data())]), recv=False) r = tls_socket.do_round_trip(TLSPlaintext("GET / HTTP/1.1\r\nHOST: localhost\r\n\r\n")) r.show() except TLSProtocolError as tpe: print(tpe) tpe.response.show() err +=1 finally: print(tls_socket.tls_ctx) return err
def init_curve(self): self.curve = registry.get_curve('brainpoolP256r1') if os.path.exists(KEY_FILE): key_file = open(KEY_FILE, 'rb') keys = pickle.load(key_file) self.pubKey = keys[0] self.privKey = keys[1] else: self.privKey = secrets.randbelow(self.curve.field.n) self.pubKey = self.privKey * self.curve.g keys = [self.pubKey, self.privKey] key_file = open(KEY_FILE, 'wb') pickle.dump(keys, key_file)
def test_client_ecdh_parameters_generation_matches_fixed_data(self): tls_ctx = tlsc.TLSSessionCtx() tls_ctx.crypto.server.ecdh.curve_name = "secp256r1" secp256r1 = reg.get_curve(tls_ctx.crypto.server.ecdh.curve_name) tls_ctx.crypto.server.ecdh.pub = ec.Point( secp256r1, 71312736565121892539464098105317518227531978702333415386264829982789952731614L, 108064706642599821618918248475955325719985341096102200103424860263181813987462L) client_privkey = 15320484772785058360598040144348894600917526501829289880527760633524785596585L client_keys = ec.Keypair(secp256r1, client_privkey) client_pubkey = tls_ctx.get_client_ecdh_pubkey(client_privkey) self.assertTrue(client_pubkey.startswith("\x04")) self.assertEqual("\x04%s%s" % (tlsc.int_to_str(client_keys.pub.x), tlsc.int_to_str(client_keys.pub.y)), client_pubkey) self.assertEqual(client_keys.pub, tls_ctx.crypto.client.ecdh.pub) self.assertEqual("'(\x17\x94l\xd7AO\x03\xd4Fi\x05}mP\x1aX5C7\xf0_\xa9\xb0\xac\xba{r\x1f\x12\x8f", tls_ctx.crypto.session.premaster_secret)
def tls_group_to_keystore(named_group_id, point_str): import scapy_ssl_tls.ssl_tls as tls try: point = ansi_str_to_point(point_str) named_group_name = tls.TLS_SUPPORTED_GROUPS[named_group_id] # Unknown curve case. Just record raw values, but do nothing with them except KeyError: keystore = ECDHKeyStore(None, point) warnings.warn("Unknown TLS defined group id: %d" % named_group_id) # We are on a known group else: try: group = ec_reg.get_curve(named_group_name) keystore = ECDHKeyStore(group, ec.Point(group, *point)) except ValueError: keystore = ECDHKeyStore(None, point) warnings.warn("Unsupported TinyEC group: %s" % named_group_name) return keystore
def test(): curve = registry.get_curve("secp521r1") # get rand curve alicePrivKey = secrets.randbelow(curve.field.n) alicePubKey = alicePrivKey * curve.g print("Alice public key:", compress(alicePubKey)) bobPrivKey = secrets.randbelow(curve.field.n) bobPubKey = bobPrivKey * curve.g print("Bob public key:", compress(bobPubKey)) print("Now exchange the public keys (e.g. through Internet)") aliceSharedKey = alicePrivKey * bobPubKey print("Alice shared key:", compress(aliceSharedKey)) bobSharedKey = bobPrivKey * alicePubKey print("Bob shared key:", compress(bobSharedKey)) print("Equal shared keys:", aliceSharedKey == bobSharedKey)
def verify(keys, key_image, seed, random_numbers, used_keys=None, message='I voted for Kodos', curve_name='secp192r1'): """ :param keys: List of public keys used in the signature. :param key_image: Key Image of the signer's private key. :param seed: Initial seed of the ring. :param random_numbers: List of random numbers employed in the signature. :param used_keys: Keys used in previous signatures. :param message: Message to sign. :param curve_name: Name of the elliptic curve employed. :return: """ # If the key_image was already used the signature is not valid if key_image in used_keys: return False # Curve parameters curve = reg.get_curve(curve_name) # Ring signature parameters n_keys = len(keys) L = [0] * n_keys R = [0] * n_keys c = [0] * n_keys c[0] = seed # Introduce seed # Compute first element of the signature L[0] = random_numbers[0] * curve.g + c[0] * keys[0] R[0] = random_numbers[0] * utils.hashToPoint(keys[0]) + c[0] * key_image c[1] = utils.hashToScalar(str((message, L[0], R[0])), curve_name) # Compute the rest of the ring elements i = 1 while i < n_keys: L[i] = random_numbers[i] * curve.g + c[i] * keys[i] R[i] = random_numbers[i] * utils.hashToPoint(keys[i]) + c[i] * key_image c[((i + 1) % n_keys)] = utils.hashToScalar(str((message, L[i], R[i])), curve_name) i = i + 1 # Compute final element return seed == c[0]
def sign(keys, signer_index, signer_private, message='I voted for Kodos', curve_name='secp192r1'): """ :param keys: List of public keys used in the signature. :param signer_index: Index of the real signer in the public keys :param signer_private: Signer's private key. :param message: Message to sign. :param curve_name: Name of the elliptic curve employed. :return: """ # Curve parameters curve = reg.get_curve(curve_name) prime_field = curve.field.p # Ring signature parameters n_keys = len(keys) random_numbers = [secrets.randbelow(prime_field) for i in range(n_keys)] alpha = secrets.randbelow(prime_field) L = [0] * n_keys R = [0] * n_keys c = [0] * n_keys # Compute first element of the ring key_image = signer_private * utils.hashToPoint(keys[signer_index]) L[signer_index] = alpha * curve.g R[signer_index] = alpha * utils.hashToPoint(keys[signer_index]) c[(signer_index + 1) % n_keys] = utils.hashToScalar(str((message, L[signer_index], R[signer_index])), curve_name) # Iterate for the rest of elements i = (signer_index + 1) % n_keys while i != signer_index: L[i] = random_numbers[i] * curve.g + c[i] * keys[i] R[i] = random_numbers[i] * utils.hashToPoint(keys[i]) + c[i] * key_image c[(i + 1) % n_keys] = utils.hashToScalar(str((message, L[i], R[i])), curve_name) i = (i + 1) % n_keys # Close the ring random_numbers[signer_index] = alpha - c[signer_index] * signer_private return keys, key_image, c[0], random_numbers
def ecdh(curve_name): # generate keys begin = time.time() curve = reg.get_curve(curve_name) alice_sk = secrets.randbelow(curve.field.n) alice_pk = alice_sk * curve.g bob_sk = secrets.randbelow(curve.field.n) bob_pk = bob_sk * curve.g # key exchange alice_ss = alice_sk * bob_pk bob_ss = bob_sk * alice_pk end = time.time() - begin # check if shared secrets are equal if (alice_ss != bob_ss): print("Something went wrong!") return 0 return end
def __init__(self, curve='brainpoolP160r1', hash=hashlib.sha1, private_key=None, public_key=None): self._curve = registry.get_curve(curve) self._bytes = (int(math.log(self._curve.field.p, 2)) + 7) / 8 self._bits = self._bytes * 8 self._hash = hash if not self._hash().block_size >= self._bytes: raise ValueError('Incompatible hash function') if private_key: self._private_key = self._from_bytes( base64.decodestring(private_key)) else: self._private_key = None if private_key and not public_key: self._public_key = self._curve.g * self._private_key elif public_key: self._public_key = self._osp2ec(base64.decodestring(public_key)) else: self._public_key = None self._kex_shared_key = None self._kex_public_key = None self._kex_private_key = None if self._public_key: self._public_key_digest = self._mgf2( self._ec2osp(self._public_key), AES.block_size) else: self._public_key_digest = None self._cached_kex_request = None self._cached_kex_response = None
def encrypt_AES_GCM(msg, secretKey): aesCipher = AES.new(secretKey, AES.MODE_GCM) ciphertext, authTag = aesCipher.encrypt_and_digest(msg) return (ciphertext, aesCipher.nonce, authTag) def decrypt_AES_GCM(ciphertext, nonce, authTag, secretKey): aesCipher = AES.new(secretKey, AES.MODE_GCM, nonce) plaintext = aesCipher.decrypt_and_verify(ciphertext, authTag) return plaintext def ecc_point_to_256_bit_key(point): sha = hashlib.sha256(int.to_bytes(point.x, 32, 'big')) sha.update(int.to_bytes(point.y, 32, 'big')) return sha.digest() curve = registry.get_curve('brainpoolP256r1') def encrypt_ECC(msg, pubKey): ciphertextPrivKey = secrets.randbelow(curve.field.n) sharedECCKey = ciphertextPrivKey * pubKey secretKey = ecc_point_to_256_bit_key(sharedECCKey) ciphertext, nonce, authTag = encrypt_AES_GCM(msg, secretKey) ciphertextPubKey = ciphertextPrivKey * curve.g return (ciphertext, nonce, authTag, ciphertextPubKey) def decrypt_ECC(encryptedMsg, privKey): (ciphertext, nonce, authTag, ciphertextPubKey) = encryptedMsg sharedECCKey = privKey * ciphertextPubKey secretKey = ecc_point_to_256_bit_key(sharedECCKey) plaintext = decrypt_AES_GCM(ciphertext, nonce, authTag, secretKey) return plaintext
def test_when_invalid_curve_name_is_provided_then_exception_is_raised(self): with self.assertRaises(ValueError): reg.get_curve("abcd")
def setUp(self): self.field = ec.SubGroup(23, (1, 2), 5, 1) self.curve = reg.get_curve("brainpoolP384r1") super(TestCurve, self).setUp()
def setUp(self): self.curve = reg.get_curve("secp384r1") super(TestECDH, self).setUp()
def setUp(self): self.curve = reg.get_curve("brainpoolP160r1") super(TestKeyPair, self).setUp()
def test_when_valid_curve_name_is_provided_then_curve_object_is_built(self): curve_name = "brainpoolP160r1" curve = reg.get_curve(curve_name) self.assertIsInstance(curve, ec.Curve) self.assertEqual(curve_name, curve.name) self.assertEqual(reg.EC_CURVE_REGISTRY[curve_name]["n"], curve.field.n)