def authenticated_query_to_server(self, token_context, token_ttl=9999): self.crypto = VirgilCrypto() self.app_key_base64 = "MC4CAQAwBQYDK2VwBCIEIEtNPMUG9uR8YxukWw1gX3bkXjbsbOZoN54d2ZKSz09a" # self.app_key_base64 = "MC4CAQAwBQYDK2VwBCIEIJvD17QhpJ1qFfIq3q8eqrZ0oBIf9GQ0T+6obQCmspnQ" #self.app_key_base64 = "MC4CAQAwBQYDK2VwBCIEIF+gQkN4StqMMFJGWE1tKXcitkLqHqmrBz+OaQZKGZFR" #self.app_id = "6af75f0dd9be50ebb77facad0f71eaf3" self.app_id = "def16346c7b43bbaed5b4b9ac8affa4" # self.api_key_id = "3def16346c7b43bbaed5b4b9acb9ac8affa4" self.api_key_id = "309d53349835f34d5a03966d9de51877" self.app_key = self.crypto.import_private_key( Utils.b64decode(self.app_key_base64)) self.builder = JwtGenerator(self.app_id, self.app_key, self.api_key_id, token_ttl, AccessTokenSigner()) #self.identity = token_context.identity #return self.builder.generate_token(self.identity).to_string() #PLEASE MAKE TOKEN_CONTEXT AN ACTUAL JWT TOKEN #return self.builder.generate_token(token_context) try: self.identity = token_context.identity return self.builder.generate_token(self.identity).to_string() except: return self.builder.generate_token(token_context)
def publish_card(self, user): self.client_crypto = VirgilCrypto() card_crypto = CardCrypto() validator = VirgilCardVerifier(card_crypto) token_provider = CallbackJwtProvider(self.get_token_from_server) print('token_provider') print(vars(token_provider)) card_manager = CardManager(card_crypto, access_token_provider=token_provider, card_verifier=validator) key_pair = self.client_crypto.generate_keys() username = user public_key_data = self.client_crypto.export_public_key( key_pair.public_key) public_key_str = Utils.b64encode(public_key_data) class DummyClass: def __init__(self, raw_key): self.raw_key = raw_key dummy = DummyClass(key_pair.public_key.raw_key) print(public_key_data) print(public_key_str) print(key_pair.public_key) card = card_manager.publish_card(identity=username, private_key=key_pair.private_key, public_key=key_pair.public_key) print(vars(card))
def __init__(self): self.crypto = VirgilCrypto() self.api_key_base64 = "MC4CAQAwBQYDK2VwBCIEIF+gQkN4StqMMFJGWE1tKXcitkLqHqmrBz+OaQZKGZFR" self.app_id = "6af75f0dd9be50ebb77facad0f71eaf3" self.app_key_id = "3def16346c7b43bbaed5b4b9acb9ac8affa4" self.api_key = self.crypto.import_private_key(Utils.b64_decode(self.api_key_base64)) self.ttl = datetime.timedelta(hours=1).seconds self.access_token_signer = AccessTokenSigner() self.key_pair = self.crypto.generate_keys() self.server_crypto = VirgilCrypto() self.server_key_pair = self.server_crypto.generate_keys() self.server_private_key_data = self.server_crypto.export_private_key(self.server_key_pair.private_key, "test password") self.server_public_key_data = self.server_crypto.export_public_key(self.server_key_pair.public_key) self.server_private_key_str = Utils.b64encode(self.server_private_key_data) self.server_for_client_public = Utils.b64encode(self.server_public_key_data) self.server_exporter = PrivateKeyExporter(self.server_crypto) self.server_private_key_storage = PrivateKeyStorage(self.server_exporter) self.server_public_key_str = self.server_key_pair.public_key self.server_card_crypto = CardCrypto() self.server_your_backend_white_list = WhiteList() self.server_your_backend_white_list = VerifierCredentials(signer="Jonathan",public_key_base64 = self.server_public_key_str) self.verifier = VirgilCardVerifier(self.server_card_crypto, white_lists = [self.server_your_backend_white_list]) self.access_token_provider = CallbackJwtProvider(self.get_token_from_server("Alice")) self.card_manager = CardManager( self.server_card_crypto, self.access_token_provider, self.verifier )
def getUserVirgilJWT(): try: if not g.user: print('ERROR: No user to get Virgil JWT for.') return "", constants.STATUS_BAD_REQUEST crypto = VirgilCrypto() api_id = os.environ['VIRGIL_API_ID'] api_key_id = os.environ['VIRGIL_API_KEY_ID'] api_private_key = os.environ['VIRGIL_API_PRIVATE_KEY_ID'] token_ttl = 20 # seconds imported_key = crypto.import_private_key( Utils.b64decode(api_private_key)).private_key # Instantiate token generator builder = JwtGenerator(api_id, imported_key, api_key_id, token_ttl, AccessTokenSigner()) token = builder.generate_token(str(g.user.id)).to_string() return jsonify({"token": token}), constants.STATUS_OK except Exception as err: print('Error getting the Virgil JWT: ' + str(err)) return "", constants.STATUS_SERVER_ERROR return "", constants.STATUS_SERVER_ERROR
def test_signature_hash(self): data = bytearray("test".encode()) crypto = VirgilCrypto() key_pair = crypto.generate_key_pair() signature = crypto.generate_signature(data, key_pair.private_key) self.assertEqual(signature[:17], bytearray(b64decode("MFEwDQYJYIZIAWUDBAIDBQA=")))
def __init__(self, ui, logger, api_url, app_token): self._ui = ui self._logger = logger self._crypto = VirgilCrypto() self._api_host = urlparse(api_url).netloc self._app_token = app_token self._keys_counter = { } # used for identities calculation: auth_1, auth_2
def test_signature_hash(self): # STC-30 crypto = VirgilCrypto() key_pair = crypto.generate_key_pair() test_data = bytearray("test".encode()) signature = crypto.generate_signature(test_data, key_pair.private_key) self.assertEqual(bytearray(signature[0:17]), b64decode("MFEwDQYJYIZIAWUDBAIDBQA="))
def test_generate_key_using_seed(self): crypto = VirgilCrypto() seed = crypto.generate_random_data(32) key_id = crypto.generate_key_pair(seed=seed).private_key.identifier retries = 5 while retries > 0: key_pair = crypto.generate_key_pair(seed=seed) self.assertTrue(key_id, key_pair.private_key.identifier) self.assertTrue(key_pair.private_key.identifier, key_pair.public_key.identifier) retries -= 1
def test_encrypts_and_decrypts_data(self): raw_data = bytearray("test", "utf-8") rng = CtrDrbg() rng.setup_defaults() key_pair1 = VirgilCrypto().generate_key_pair(KeyPairType.ED25519) key_pair2 = VirgilCrypto().generate_key_pair(KeyPairType.ED25519) cipher = RecipientCipher() aes_gcm = Aes256Gcm() cipher.set_encryption_cipher(aes_gcm) cipher.set_random(rng) cipher.add_key_recipient(bytearray("1", "utf-8"), key_pair1.public_key.public_key) cipher.add_key_recipient(bytearray("2", "utf-8"), key_pair2.public_key.public_key) cipher.start_encryption() encrypted_data = cipher.pack_message_info() encrypted_data += cipher.process_encryption(raw_data) encrypted_data += cipher.finish_encryption() cipher.start_decryption_with_key( bytearray("1", "utf-8"), key_pair1.private_key.private_key, bytearray() ) decrypted_data1 = bytearray() decrypted_data1 += cipher.process_decryption(encrypted_data) decrypted_data1 += cipher.finish_decryption() self.assertEqual( raw_data, bytearray(decrypted_data1) ) cipher.start_decryption_with_key( bytearray("2", "utf-8"), key_pair2.private_key.private_key, bytearray() ) decrypted_data2 = bytearray() decrypted_data2 += cipher.process_decryption(encrypted_data) decrypted_data2 += cipher.finish_decryption() self.assertEqual( raw_data, bytearray(decrypted_data2) )
def __check_generate_key_using_seed(self, key_pair_type): crypto = VirgilCrypto() seed = crypto.generate_random_data(32) key_id = crypto.generate_key_pair(key_pair_type, seed=seed).private_key.identifier retries = 5 while retries > 0: key_pair = crypto.generate_key_pair(key_pair_type, seed=seed) self.assertTrue(key_id, key_pair.private_key.identifier) self.assertTrue(key_pair.private_key.identifier, key_pair.public_key.identifier) self.assertEqual(key_pair.private_key.key_type, key_pair_type) retries -= 1
def test_signs_and_verifies_data(self): raw_data = bytearray("test", "utf-8") key_pair = VirgilCrypto().generate_key_pair(KeyPairType.ED25519) input_stream = io.BytesIO(raw_data) signer = Signer() signer.set_hash(Sha512()) signer.reset() VirgilCrypto()._VirgilCrypto__for_each_chunk_input(input_stream, signer.append_data) signature = signer.sign(key_pair.private_key.private_key) input_stream = io.BytesIO(raw_data) verifier = Verifier() verifier.reset(signature) VirgilCrypto()._VirgilCrypto__for_each_chunk_input(input_stream, verifier.append_data) is_valid = verifier.verify(key_pair.public_key.public_key) self.assertTrue(is_valid)
def __init__(self, key_type: str, private_key=None, public_key=None, ec_type=VirgilKeyPair.Type_EC_SECP256R1, hash_type=HashAlgorithm.SHA256): self._crypto = VirgilCrypto() self._crypto.signature_hash_algorithm = hash_type self.__hash_type = hash_type self.__key_type = key_type self.__ec_type = ec_type self.__public_key = None if not public_key else b64_to_bytes( public_key) self.__private_key = None if not private_key else b64_to_bytes( private_key) self.__key_id = None self.__signature = None self.device_serial = None
def test_key_identifier_is_correct(self): crypto_1 = VirgilCrypto() key_pair_1 = crypto_1.generate_key_pair() self.assertEqual(key_pair_1.private_key.identifier, key_pair_1.public_key.identifier) self.assertEqual( crypto_1.compute_hash( crypto_1.export_public_key(key_pair_1.public_key), HashAlgorithm.SHA512)[:8], key_pair_1.private_key.identifier) crypto_2 = VirgilCrypto(use_sha256_fingerprints=True) key_pair_2 = crypto_2.generate_key_pair() self.assertEqual( crypto_2.compute_hash( crypto_1.export_public_key(key_pair_2.public_key), HashAlgorithm.SHA256), key_pair_2.private_key.identifier)
def test_signs_and_verifies_data(self): raw_data = bytearray("test", "utf-8") key_pair = VirgilCrypto().generate_key_pair(KeyPairType.ED25519) signer = Signer() signer.set_hash(Sha512()) signer.reset() signer.append_data(raw_data) signature = signer.sign(key_pair.private_key.private_key) verifier = Verifier() verifier.reset(signature) verifier.append_data(raw_data) is_valid = verifier.verify(key_pair.public_key.public_key) self.assertTrue(is_valid)
def test_private_key_identifier_is_correct(self): # STC-33 crypto_1 = VirgilCrypto() key_pair_1 = crypto_1.generate_key_pair() self.assertEqual( hashlib.sha512( bytearray(crypto_1.export_public_key( key_pair_1.public_key))).digest()[0:8], bytes(key_pair_1.private_key.identifier)) crypto_2 = VirgilCrypto() crypto_2.use_sha256_fingerprints = True key_pair_2 = crypto_2.generate_key_pair() self.assertEqual( hashlib.sha256( bytearray(crypto_2.export_public_key( key_pair_2.public_key))).digest(), bytearray(key_pair_2.private_key.identifier))
def test_sign_then_encrypt(self): crypto = VirgilCrypto() key_pair_1 = crypto.generate_key_pair() key_pair_2 = crypto.generate_key_pair() key_pair_3 = crypto.generate_key_pair() data = [1, 2, 3] cipher_data = crypto.sign_and_encrypt(data, key_pair_1.private_key, key_pair_2.public_key) decrypted_data = crypto.decrypt_and_verify( cipher_data, key_pair_2.private_key, [key_pair_1.public_key, key_pair_2.public_key]) self.assertEqual(data, list(decrypted_data)) self.assertRaises(VirgilCryptoError, crypto.decrypt_and_verify, cipher_data, key_pair_2.private_key, key_pair_3.public_key)
class VirgilKeyGenerator(KeyGeneratorInterface): """ Represents key pair entity for virgil_crypto lib usage only """ def __init__(self, key_type: str, private_key=None, public_key=None, ec_type=VirgilKeyPair.Type_EC_SECP256R1, hash_type=HashAlgorithm.SHA256): self._crypto = VirgilCrypto() self._crypto.signature_hash_algorithm = hash_type self.__hash_type = hash_type self.__key_type = key_type self.__ec_type = ec_type self.__public_key = None if not public_key else b64_to_bytes( public_key) self.__private_key = None if not private_key else b64_to_bytes( private_key) self.__key_id = None self.__signature = None self.device_serial = None def generate(self, *, signature_limit=None, rec_pub_keys=None, signer_key: Optional[KeyGeneratorInterface] = None, private_key_base64: Optional[str] = None, start_date: Optional[int] = 0, expire_date: Optional[int] = 0, meta_data: Optional[bytes] = bytes()): def make_signature(): byte_buffer = io.BytesIO() # vs_pubkey_dated_t byte_buffer.write( start_date.to_bytes(4, byteorder='big', signed=False)) byte_buffer.write( expire_date.to_bytes(4, byteorder='big', signed=False)) byte_buffer.write( self.key_type_secmodule.to_bytes(1, byteorder='big', signed=False)) byte_buffer.write( self.ec_type_secmodule.to_bytes(1, byteorder='big', signed=False)) byte_buffer.write( len(meta_data).to_bytes(2, byteorder='big', signed=False)) byte_buffer.write(meta_data) byte_buffer.write(b64_to_bytes(self.public_key)) bytes_to_sign = byte_buffer.getvalue() return signer_key.sign(to_b64(bytes_to_sign), long_sign=False) if private_key_base64: self.__private_key = b64_to_bytes(private_key_base64) virgil_priv_key = self._crypto.import_private_key( self.__private_key) virgil_pubkey = self._crypto.extract_public_key(virgil_priv_key) self.__public_key = VirgilKeyPair.publicKeyToDER( virgil_pubkey.raw_key)[-65:] if self.__private_key is None: virgil_key_pair = VirgilKeyPair.generate(self.ec_type) self.__private_key = VirgilKeyPair.privateKeyToDER( virgil_key_pair.privateKey()) self.__public_key = VirgilKeyPair.publicKeyToDER( virgil_key_pair.publicKey())[-65:] if signer_key: self.__signature = make_signature() return self @property def ec_type(self): return self.__ec_type @property def hash_type(self): return self.__hash_type @property def private_key(self): return to_b64(self.__private_key) @property def public_key(self): return to_b64(self.__public_key) @property def public_key_full(self): virgil_private_key = self._crypto.import_private_key( b64_to_bytes(self.private_key)) return to_b64(self._crypto.extract_public_key(virgil_private_key)) @property def signature(self): return self.__signature @property def key_id(self): return CRCCCITT().calculate(b64_to_bytes(self.public_key)) @property def key_type(self): return self.__key_type def sign(self, data, long_sign=False): data = b64_to_bytes(data) private_key = b64_to_bytes(self.private_key) signature = self._crypto.sign( data, self._crypto.import_private_key(private_key)) if not long_sign: signature = VirgilSignExtractor.extract_sign(signature) return to_b64(signature) def verify(self, data, signature, long_sign=False): data = b64_to_bytes(data) public_key = b64_to_bytes( self.public_key_full) # verify signature with full public key return self._crypto.verify(data, signature, self._crypto.import_public_key(public_key)) def encrypt(self, data): data = b64_to_bytes(data) public_key = b64_to_bytes( self.public_key_full) # encrypt with full public key encrypted = self._crypto.encrypt( data, self._crypto.import_public_key(public_key)) return to_b64(encrypted) def decrypt(self, data): data = b64_to_bytes(data) private_key = b64_to_bytes(self.private_key) decrypted = self._crypto.decrypt( data, self._crypto.import_private_key(private_key)) return to_b64(decrypted)
class CardRequestsHandler: def __init__(self, ui, logger, api_url, app_token): self._ui = ui self._logger = logger self._crypto = VirgilCrypto() self._api_host = urlparse(api_url).netloc self._app_token = app_token self._keys_counter = { } # used for identities calculation: auth_1, auth_2 def _create_raw_card(self, key_pair: KeyGeneratorInterface, key_info: dict) -> str: # Prepare public key in virgil format public_key = key_pair.public_key public_key = tiny_key_to_virgil(public_key) public_key = self._crypto.import_public_key(public_key) # Calculate identity. identity = key_pair.key_type # For keys which amount is 2 there should be identities like auth_1, auth_2 if key_pair.key_type in (VSKeyTypeS.RECOVERY.value, VSKeyTypeS.AUTH.value, VSKeyTypeS.TRUSTLIST.value, VSKeyTypeS.FIRMWARE.value): if key_pair.key_type not in self._keys_counter or self._keys_counter[ key_pair.key_type] == 2: key_number = 1 else: key_number = 2 identity = "%s_%s" % (identity, key_number) self._keys_counter[key_pair.key_type] = key_number # Prepare card content snapshot created_at = int(datetime.utcnow().timestamp()) card_content = RawCardContent(identity=identity, public_key=public_key, created_at=created_at) card_content_snapshot = card_content.content_snapshot # Create raw card raw_card = RawSignedModel(card_content_snapshot) # Sign combined snapshot (with key_info) key_info_b = json.dumps(key_info).encode("utf-8") key_info_b64 = to_b64(key_info_b) combined_snapshot = to_b64( b64_to_bytes(card_content_snapshot) + b64_to_bytes(key_info_b64)) signature = key_pair.sign(combined_snapshot, long_sign=True) if not signature: err_msg = "[ERROR]: Virgil Card creation request: signing failed" self._ui.print_error(err_msg) self._logger.error(err_msg) sys.exit(1) raw_signature = RawSignature( signer="self", signature=b64_to_bytes(signature), signature_snapshot=b64_to_bytes(key_info_b64)) # Append signature to card raw_card.signatures.append(raw_signature) # Return card request as json string return raw_card.to_json() def _register_card(self, card_b64): """ Send card request to Things service """ conn = http.client.HTTPSConnection(host=self._api_host) conn.request(method="POST", url=CARD_REGISTRATION_ENDPOINT, body=card_b64, headers={"AppToken": self._app_token}) response = conn.getresponse() resp_body = response.read() if response.status != 200: err_msg = ( "[ERROR]: Failed to register Virgil card at {host}{endpoint}\n" "Card: {card_b64}\n" "Response status code: {status}\n" "Response body: {body}".format( card_b64=card_b64, host=self._api_host, endpoint=CARD_REGISTRATION_ENDPOINT, status=response.status, body=resp_body)) self._ui.print_error(err_msg) self._logger.error(err_msg) sys.exit(1) self._ui.print_message("Virgil Card for key successfully registered") self._logger.info("Card registered. Response: %s" % resp_body) def create_and_register_card(self, key: KeyGeneratorInterface, key_info: dict): card = self._create_raw_card(key, key_info) self._logger.info("Card request prepared: %s" % card) self._register_card(card)
def __init__(self, crypto=VirgilCrypto()): self.__crypto = crypto
from virgil_crypto import VirgilCrypto crypto = VirgilCrypto() key_pair = crypto.generate_keys() print(key_pair)
def _crypto(self): return VirgilCrypto()
def _crypto(self): if self.__crypto: return self.__crypto self.__crypto = VirgilCrypto() return self.__crypto
class VirgilServerClient: def __init__(self): print("generated") ####SERVER SIDE def authenticated_query_to_server(self, token_context, token_ttl=9999): self.crypto = VirgilCrypto() self.app_key_base64 = "MC4CAQAwBQYDK2VwBCIEIEtNPMUG9uR8YxukWw1gX3bkXjbsbOZoN54d2ZKSz09a" # self.app_key_base64 = "MC4CAQAwBQYDK2VwBCIEIJvD17QhpJ1qFfIq3q8eqrZ0oBIf9GQ0T+6obQCmspnQ" #self.app_key_base64 = "MC4CAQAwBQYDK2VwBCIEIF+gQkN4StqMMFJGWE1tKXcitkLqHqmrBz+OaQZKGZFR" #self.app_id = "6af75f0dd9be50ebb77facad0f71eaf3" self.app_id = "def16346c7b43bbaed5b4b9ac8affa4" # self.api_key_id = "3def16346c7b43bbaed5b4b9acb9ac8affa4" self.api_key_id = "309d53349835f34d5a03966d9de51877" self.app_key = self.crypto.import_private_key( Utils.b64decode(self.app_key_base64)) self.builder = JwtGenerator(self.app_id, self.app_key, self.api_key_id, token_ttl, AccessTokenSigner()) #self.identity = token_context.identity #return self.builder.generate_token(self.identity).to_string() #PLEASE MAKE TOKEN_CONTEXT AN ACTUAL JWT TOKEN #return self.builder.generate_token(token_context) try: self.identity = token_context.identity return self.builder.generate_token(self.identity).to_string() except: return self.builder.generate_token(token_context) ########CLIENT SIDE def get_token_from_server(self, token_context): print('get token from server') print(token_context) jwt_from_server = self.authenticated_query_to_server(token_context) return jwt_from_server def set_access_token_provider(self): self.access_token_provider = CallbackJwtProvider( self.get_token_from_server) def publish_card(self, user): self.client_crypto = VirgilCrypto() card_crypto = CardCrypto() validator = VirgilCardVerifier(card_crypto) token_provider = CallbackJwtProvider(self.get_token_from_server) print('token_provider') print(vars(token_provider)) card_manager = CardManager(card_crypto, access_token_provider=token_provider, card_verifier=validator) key_pair = self.client_crypto.generate_keys() username = user public_key_data = self.client_crypto.export_public_key( key_pair.public_key) public_key_str = Utils.b64encode(public_key_data) class DummyClass: def __init__(self, raw_key): self.raw_key = raw_key dummy = DummyClass(key_pair.public_key.raw_key) print(public_key_data) print(public_key_str) print(key_pair.public_key) card = card_manager.publish_card(identity=username, private_key=key_pair.private_key, public_key=key_pair.public_key) print(vars(card))
# Import virgil crypto library into python file from virgil_crypto import VirgilCrypto # First, create Virgil Crypto object crypto = VirgilCrypto() # Create public/private keys for the sender. Default algorithm is EC_X25519 sender_keys = crypto.generate_key_pair() sender_public_key = sender_keys.public_key sender_private_key = sender_keys.private_key # Middleman Keys middleman_keys = crypto.generate_key_pair() middleman_private_key = middleman_keys.private_key # Create data that we want to verify between the two clients. This data won't be sent yet, just for signature validation purposes. message = "Hey Deren! My location is lat=42.361145,long=-71.057083" message_data = message.encode() # Sign the message data with the senders private key. signature = crypto.generate_signature(message_data, sender_private_key) # Middleman signature middleman_signature = crypto.generate_signature(message_data, middleman_private_key) # Verify if the message can be decoded with the given public key : "sender_public_key" verification = crypto.verify_signature(message_data, signature, sender_public_key) # Middleman unverified signature
class VirgilFlaskLib: def __init__(self): self.crypto = VirgilCrypto() self.api_key_base64 = "MC4CAQAwBQYDK2VwBCIEIF+gQkN4StqMMFJGWE1tKXcitkLqHqmrBz+OaQZKGZFR" self.app_id = "6af75f0dd9be50ebb77facad0f71eaf3" self.app_key_id = "3def16346c7b43bbaed5b4b9acb9ac8affa4" self.api_key = self.crypto.import_private_key(Utils.b64_decode(self.api_key_base64)) self.ttl = datetime.timedelta(hours=1).seconds self.access_token_signer = AccessTokenSigner() self.key_pair = self.crypto.generate_keys() self.server_crypto = VirgilCrypto() self.server_key_pair = self.server_crypto.generate_keys() self.server_private_key_data = self.server_crypto.export_private_key(self.server_key_pair.private_key, "test password") self.server_public_key_data = self.server_crypto.export_public_key(self.server_key_pair.public_key) self.server_private_key_str = Utils.b64encode(self.server_private_key_data) self.server_for_client_public = Utils.b64encode(self.server_public_key_data) self.server_exporter = PrivateKeyExporter(self.server_crypto) self.server_private_key_storage = PrivateKeyStorage(self.server_exporter) self.server_public_key_str = self.server_key_pair.public_key self.server_card_crypto = CardCrypto() self.server_your_backend_white_list = WhiteList() self.server_your_backend_white_list = VerifierCredentials(signer="Jonathan",public_key_base64 = self.server_public_key_str) self.verifier = VirgilCardVerifier(self.server_card_crypto, white_lists = [self.server_your_backend_white_list]) self.access_token_provider = CallbackJwtProvider(self.get_token_from_server("Alice")) self.card_manager = CardManager( self.server_card_crypto, self.access_token_provider, self.verifier ) def get_private_key(self): return self.key_pair.private_key def get_public_key(self): return self.key_pair.public_key #jwt token generation def get_token_from_server(self, token_context): #jwt_from_server = authficated_query_to_server(token_context) #jwt_from_server = token_context jwt_from_server = self.generate_JWT_for_user("Alice") return jwt_from_server #JWT generator with necessary paramters def get_JWT_generator(self): return JwtGenerator(self.app_id, self.api_key, self.app_key_id, self.ttl, self.access_token_signer) def generate_JWT_for_user(self, identity): jwt_generator = self.get_JWT_generator() self.identity = identity return jwt_generator.generate_token(identity) #function is broken def publish_card(self): #self.card = self.card_manager.publish_card(identity = self.identity, private_key = self.server_key_pair.private_key, public_key = self.server_key_pair.public_key) self.card = self.card_manager.publish_card(identity = self.identity, private_key = self.server_key_pair.private_key, public_key = self.server_key_pair.public_key) def signAndEncrypt(self, message): message_to_encrypt = message data_to_encrypt = Utils.strtobytes(message) alice_private_key, alice_private_key_additional_data = self.server_private_key_storage.load("Alice")
from virgil_crypto import VirgilCrypto crypto = VirgilCrypto() # Generate private/public key with EC_X25519 sender_keys = crypto.generate_key_pair() sender_private_key = sender_keys.private_key sender_public_key = sender_keys.public_key # Generate keys for the receiving end of the location. receiver_keys = crypto.generate_key_pair() receiver_public_key = receiver_keys.public_key receiver_private_key = receiver_keys.private_key # Generate keys for the middle man! middleman_keys = crypto.generate_key_pair() middleman_public_key = middleman_keys.public_key middleman_private_key = middleman_keys.private_key # Create location to send to receiver. This will be intercepted by the middleman. location = "lat=42.361145,long=-71.057083" location_data = location.encode() # Ok encrypt a message for the receiver. It requires the receivers public key and the message being sent. receiver_list = [receiver_public_key] encrypted_data = crypto.encrypt(location_data, *receiver_list) # Time for the middleman to decrypt data. He is not on the receiver list, so it shouldn't work! middleman_decrypted_data = crypto.decrypt(encrypted_data, middleman_private_key) # Decrypt the message from the host. This is the receivers part now. This is why the private key is here
def __init__(self, crypto=VirgilCrypto()): self.__algorithm = "VEDS512" self.__crypto = crypto