示例#1
0
    def test_create_combine(self):
        values = ["N17FigASkL6p1EOgJhRaIquQLGvYV0", "0y10VAfmyH7GLQY6QccCSLKJi8iFgpcSBTLyYOGbiYPqOpStAf1OYuzEBzZR", "KjRHO1nHmIDidf6fKvsiXWcTqNYo2U9U8juO94EHXVqgearRISTQe0zAjkeUYYBvtcB8VWzZHYm6ktMlhOXXCfRFhbJzBUsXaHb5UDQAvs2GKy6yq0mnp8gCj98ksDlUultqygybYyHvjqR7D7EAWIKPKUVz4of8OzSjZlYg7YtCUMYhwQDryESiYabFID1PKBfKn5WSGgJBIsDw5g2HB2AqC1r3K8GboDN616Swo6qjvSFbseeETCYDB3ikS7uiK67ErIULNqVjf7IKoOaooEhQACmZ5HdWpr34tstg18rO"]
        minimum = [4, 6, 20]
        shares = [5, 100, 100]

        sss = sssa()

        for index,value in enumerate(values):
            self.assertEqual(sss.combine(sss.create(minimum[index], shares[index], value)), value)
示例#2
0
    def test_library_combine(self):
        sss = sssa()
        shares = [
            "U1k9koNN67-og3ZY3Mmikeyj4gEFwK4HXDSglM8i_xc=yA3eU4_XYcJP0ijD63Tvqu1gklhBV32tu8cHPZXP-bk=",
            "O7c_iMBaGmQQE_uU0XRCPQwhfLBdlc6jseTzK_qN-1s=ICDGdloemG50X5GxteWWVZD3EGuxXST4UfZcek_teng=",
            "8qzYpjk7lmB7cRkOl6-7srVTKNYHuqUO2WO31Y0j1Tw=-g6srNoWkZTBqrKA2cMCA-6jxZiZv25rvbrCUWVHb5g=",
            "wGXxa_7FPFSVqdo26VKdgFxqVVWXNfwSDQyFmCh2e5w=8bTrIEs0e5FeiaXcIBaGwtGFxeyNtCG4R883tS3MsZ0=",
            "j8-Y4_7CJvL8aHxc8WMMhP_K2TEsOkxIHb7hBcwIBOo=T5-EOvAlzGMogdPawv3oK88rrygYFza3KSki2q8WEgs="
        ]

        self.assertEqual(sss.combine(shares), "test-pass")
示例#3
0
def recover_mnemonic(password, secrets):
    shares = []
    # type(secrets)
    key = binascii.unhexlify(password)
    for secret in secrets:
        data = binascii.unhexlify(secret)
        nonce, tag = data[:12], data[-16:]
        cipher = AES.new(key, AES.MODE_GCM, nonce)
        shares.append(cipher.decrypt_and_verify(data[12:-16], tag))
    sss = sssa()
    mnemonic = sss.combine(shares)
    return mnemonic
示例#4
0
    def test_create_combine(self):
        values = [
            "N17FigASkL6p1EOgJhRaIquQLGvYV0",
            "0y10VAfmyH7GLQY6QccCSLKJi8iFgpcSBTLyYOGbiYPqOpStAf1OYuzEBzZR",
            "KjRHO1nHmIDidf6fKvsiXWcTqNYo2U9U8juO94EHXVqgearRISTQe0zAjkeUYYBvtcB8VWzZHYm6ktMlhOXXCfRFhbJzBUsXaHb5UDQAvs2GKy6yq0mnp8gCj98ksDlUultqygybYyHvjqR7D7EAWIKPKUVz4of8OzSjZlYg7YtCUMYhwQDryESiYabFID1PKBfKn5WSGgJBIsDw5g2HB2AqC1r3K8GboDN616Swo6qjvSFbseeETCYDB3ikS7uiK67ErIULNqVjf7IKoOaooEhQACmZ5HdWpr34tstg18rO"
        ]
        minimum = [4, 6, 20]
        shares = [5, 100, 100]

        sss = sssa()

        for index, value in enumerate(values):
            self.assertEqual(
                sss.combine(sss.create(minimum[index], shares[index], value)),
                value)
def split_mnemonic(key_salt_array, mnemonic, minimum_required, total_shares):
    """
    Derive an Scrypt key with the user's email with salt, this should be secure
    as email's are unique

    Now the key which is being generated, must be used to encrypt the mnemonic,
    this encrypted ciphertext must be appended with the tag and nonce,
    ciphertext must be hex encoded and then must be split into different shares

    Output:
        salt: bytes
        shares: list of str

    """

    #ciphertext, tag, nonce = aes_encrypt(key2, mnemonic)

    ##ciphertest must be appended with tag and nonce so that MAC can be checked
    ##while decryption
    #ciphertext = b"".join([tag, ciphertext, nonce])

    ##hex encoding of ciphertext, the shamor secret will fail if its avoided
    #hexlified_ciphertext = binascii.hexlify(ciphertext)

    sss = sssa()

    ##breaking hexlified_ciphertext with shamir secrets
    shares = sss.create(minimum_required, total_shares, mnemonic)

    ##this salt will be kep in admin database, against this user mnemonic
    new_list = []
    for ((key, salt), secret) in zip(key_salt_array, shares):
        _key, _salt = binascii.unhexlify(key), binascii.unhexlify(salt)
        ciphertext, tag, nonce = aes_encrypt(_key, secret)

        ##ciphertest must be appended with tag and nonce so that MAC can be checked
        ##while decryption
        ciphertext = b"".join([tag, ciphertext, nonce])

        ##hex encoding of ciphertext, the shamor secret will fail if its avoided
        hexlified_ciphertext = binascii.hexlify(ciphertext)
        new_list.append({
            "key": key,
            "salt": salt,
            "secret": binascii.hexlify(ciphertext)
        })

    return new_list
def combine_mnemonic(secret_salt_array):
    ##ARGs:
    ##      shares:str must be a list of shamir secrets,
    ##              must be minimum required when secrets were created
    ##generating scrypt key on the basis of email and salt

    new_list = []
    for (key, salt, secret) in secret_salt_array:
        _key, _salt, _secret = binascii.unhexlify(key), binascii.unhexlify(salt),\
                    binascii.unhexlify(secret)
        decrypted_share = aes_decrypt(_key, _secret)

        ##ciphertest must be appended with tag and nonce so that MAC can be checked
        ##while decryption
        new_list.append(decrypted_share)
        ##hex encoding of ciphertext, the shamor secret will fail if its avoided
        #hexlified_ciphertext = binascii.hexlify(ciphertext)
        #new_list.append({"key": key, "salt": salt, "secret": ciphertext})

    sss = sssa()
    ##Combining all the shamir secrets, this will fail if the minimum secrets
    ##requirement will not be fulfilled
    mnemonic = sss.combine(new_list)
    return mnemonic
示例#7
0
def mnemonic(email, phone_number, password):

    r = requests.post("http://%s/getkeys" % ip,
                      data=json.dumps({
                          "email": email,
                          "phone_number": phone_number
                      }))
    shares = []

    try:
        key = binascii.unhexlify(password)
        for secret in r.json()["data"].keys():
            data = binascii.unhexlify(r.json()["data"][secret])
            nonce, tag = data[:12], data[-16:]
            cipher = AES.new(key, AES.MODE_GCM, nonce)
            shares.append(cipher.decrypt_and_verify(data[12:-16], tag))

    except Exception as e:
        return json.dumps({"success": False, "error": str(e)})

    sss = sssa()
    mnemonic = sss.combine(shares)

    return mnemonic
示例#8
0
    def test_library_combine(self):
        sss = sssa()
        shares = ["U1k9koNN67-og3ZY3Mmikeyj4gEFwK4HXDSglM8i_xc=yA3eU4_XYcJP0ijD63Tvqu1gklhBV32tu8cHPZXP-bk=", "O7c_iMBaGmQQE_uU0XRCPQwhfLBdlc6jseTzK_qN-1s=ICDGdloemG50X5GxteWWVZD3EGuxXST4UfZcek_teng=", "8qzYpjk7lmB7cRkOl6-7srVTKNYHuqUO2WO31Y0j1Tw=-g6srNoWkZTBqrKA2cMCA-6jxZiZv25rvbrCUWVHb5g=", "wGXxa_7FPFSVqdo26VKdgFxqVVWXNfwSDQyFmCh2e5w=8bTrIEs0e5FeiaXcIBaGwtGFxeyNtCG4R883tS3MsZ0=", "j8-Y4_7CJvL8aHxc8WMMhP_K2TEsOkxIHb7hBcwIBOo=T5-EOvAlzGMogdPawv3oK88rrygYFza3KSki2q8WEgs="]

        self.assertEqual(sss.combine(shares), "test-pass")
def aes_decrypt(key, ciphertext, nonce):
    cipher = AES.new(key, AES.MODE_EAX, nonce)
    data = cipher.decrypt(ciphertext)
    return data.decode("utf-8")


def generate_key_pair():
    key = RSA.generate(2048)
    pubkey = key.publickey().export_key()
    privkey = key.export_key()
    return pubkey, privkey


# Shamir's Secret Sharing
sss = sssa()


def divide_secret(secret, k, n):
    return sss.create(k, n, secret)


def combine_secret(secret_pieces):
    return sss.combine(secret_pieces)


# Digital Signature


def sign(key, msg):
    signer = pkcs1_15.new(RSA.import_key(key))