def main(argv): """ Main procedure to generate C array with keys """ parser = argparse.ArgumentParser(description="Generates SQLite database with" " keys and serial number.") parser.add_argument('config_file', help="project specific configuration file" ) args = parser.parse_args() config = ConfigParser.ConfigParser() config.read(args.config_file) con = sqlite3.connect(config.get('database', 'filename')) while 1: serialno = uuid.uuid4().bytes oem_factory_token = '%s%s' %(serialno, '\xFF') customer_factory_token = '%s%s' %(serialno, '\x00\xFF') private_key = generate_private_key(config.get('tools', 'private_key_cmd')) public_key = generate_public_key(config.get('tools', 'public_key_cmd'), private_key) sk = SigningKey.from_der(private_key) pk = VerifyingKey.from_der(public_key) embedded_private_key = generate_private_key(config.get('tools', 'private_key_cmd')) embedded_public_key = generate_public_key(config.get('tools', 'public_key_cmd'), embedded_private_key) embedded_sk = SigningKey.from_der(embedded_private_key) embedded_pk = VerifyingKey.from_der(embedded_public_key) embedded_private_key_sig = embedded_sk.sign(oem_factory_token, hashfunc=sha256) assert embedded_pk.verify(embedded_private_key_sig, oem_factory_token, hashfunc=sha256) oem_factory_token_sig = sk.sign(oem_factory_token, hashfunc=sha256) assert pk.verify(oem_factory_token_sig, oem_factory_token, hashfunc=sha256) customer_factory_token_sig = sk.sign(customer_factory_token, hashfunc=sha256) assert pk.verify(customer_factory_token_sig, customer_factory_token, hashfunc=sha256) debug_token_sig = sk.sign(serialno, hashfunc=sha256) assert pk.verify(debug_token_sig, serialno, hashfunc=sha256) public_key_compressed = ecc_compress(pk.to_string()) with con: cur = con.cursor() cur.execute(config.get('database', 'create')) cur.execute(config.get('database', 'insert'), (sqlite3.Binary(private_key), sqlite3.Binary(public_key), sqlite3.Binary(public_key_compressed), sqlite3.Binary(embedded_private_key), sqlite3.Binary(embedded_public_key), sqlite3.Binary(embedded_sk.to_string()), sqlite3.Binary(serialno), sqlite3.Binary(oem_factory_token_sig), sqlite3.Binary(customer_factory_token_sig), sqlite3.Binary(debug_token_sig)))
def load_key(self, filename): """ Load signing key (from pem file) """ default_sk = SigningKey.from_pem(keys_default_pem) with open(filename, "r") as sk_file: sk_pem = sk_file.read() self.sk = SigningKey.from_pem(sk_pem) sk_hex = "".join(c.encode('hex') for c in self.sk.to_string()) return default_sk.to_string() == self.sk.to_string()
def __init__(self, key=None): self.secretKey = self.verifKey = None # Recuperation if key is not None: self.secretKey = SigningKey.from_string(key, curve=NIST384p) # Auto-generation else: self.secretKey = SigningKey.generate(curve=NIST384p) self.verifKey = self.secretKey.get_verifying_key()
def run(): key = SigningKey.from_string(get_key_from_wif(settings['wif']), SECP256k1, sha256) rs = compileASM(REDEEM_SCRIPT) txs = parsetxsfile(settings['file']) for tx in txs: tx.signatures = sign_detached(tx.tx, key, rs) print(",".join(tx.signatures))
def makeTransaction(self, tx, account): """Make Transaction""" if tx.outputs == None: raise ValueError, 'Not correct Address, wrong length.' if tx.attributes == None: tx.attributes = [] coins = self.findUnSpentCoins(account.scriptHash) tx.inputs, tx.outputs = self.selectInputs(tx.outputs, coins, account, tx.systemFee) # Make transaction stream = MemoryStream() writer = BinaryWriter(stream) tx.serializeUnsigned(writer) reg_tx = stream.toArray() tx.ensureHash() txid = tx.hash # RedeenScript contract = Contract() contract.createSignatureContract(account.publicKey) Redeem_script = contract.redeemScript # Add Signature sk = SigningKey.from_string(binascii.unhexlify(account.privateKey), curve=NIST256p, hashfunc=hashlib.sha256) signature = binascii.hexlify(sk.sign(binascii.unhexlify(reg_tx),hashfunc=hashlib.sha256)) regtx = reg_tx + '014140' + signature + '23' + Redeem_script # sendRawTransaction print regtx response = self.node.sendRawTransaction(regtx) import json print response return txid
def sign_subscription(signatory, subscription, private_key_string, public_key_string): """ sign a subscription (deep hash of criteria, signatory, signature timestamp, public key) param signatory: Name or identifier of the signing party (the caller) param subscription: all fields of subscription signed param private_key_string: private key used for generating signature param public_key_string: hashed and inserted into signature block for later validation """ ecdsa_signing_key = SigningKey.from_pem(private_key_string) signature_ts = int(time.time()) hashed_items = [] # append criteria for hashing hashed_items.append(deep_hash(subscription['criteria'])) # append sub create timestamp for hashing hashed_items.append(subscription['create_ts']) hashed_items.append(signatory) hashed_items.append(signature_ts) hashed_items.append(public_key_string) verification_hash = final_hash(hashed_items) signature = ecdsa_signing_key.sign(verification_hash) digest = signature.encode('base64') signature_block = assemble_sig_block(subscription, signatory, public_key_string, digest, verification_hash, signature_ts) return signature_block
def __init__(self, secret_exponent, network=BitcoinMainNet, *args, **kwargs): if not isinstance(secret_exponent, six.integer_types): raise ValueError("secret_exponent must be a long") super(PrivateKey, self).__init__(network=network, *args, **kwargs) self._private_key = SigningKey.from_secret_exponent( secret_exponent, curve=SECP256k1)
def recover_key(c1,sig1,c2,sig2,pubkey): #using the same variable names as in: #http://en.wikipedia.org/wiki/Elliptic_Curve_DSA curve_order = pubkey.curve.order n = curve_order s1 = int(sig1[96:],16) print("s1: " + str(s1)) s2 = int(sig2[96:],16) print("s2: " + str(s2)) r = int(sig1[:-96], 16) print("r: " + str(r)) print("R values match: " + str(int(sig2[:-96],16) == r)) z1 = string_to_number(sha256(c1)) z2 = string_to_number(sha256(c2)) #magical math stuff sdiff_inv = inverse_mod(((s1-s2)%n),n) k = ( ((z1-z2)%n) * sdiff_inv) % n r_inv = inverse_mod(r,n) da = (((((s1*k) %n) -z1) %n) * r_inv) % n print("Recovered Da: " + hex(da)) #turn the private key into a signing key recovered_private_key_ec = SigningKey.from_secret_exponent(da, curve=NIST384p) return recovered_private_key_ec
def load_private_key(self): if self.private_key is None: msg = 'Please, specify the private_key location.' raise ValueError(msg) with open(self.private_key, 'rb') as key_file: return SigningKey.from_pem(key_file.read())
def test(): priv = SigningKey.generate(curve=NIST384p) pub = priv.get_verifying_key() print "Private key generated:" generatedKey = priv.to_pem() print generatedKey txt1 = "Dedication" txt2 = "Do you have it?" #K chosen by a fair roll of a 1d10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 sig1 = priv.sign(txt1, k=4444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444) print "Signature 1: " + str(sig1.encode('hex')) sig2 = priv.sign(txt2, k=4444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444) print "Signature 2: " + str(sig2.encode('hex')) print "Signature 1 verification: " + str(pub.verify(sig1, txt1)) print "Signature 2 verification: " + str(pub.verify(sig2, txt2)) key = recover_key(txt1, sig1, txt2, sig2, pub) print "Private key recovered:" print key print "Equality of generated & recovered keys: " + str(generatedKey == key)
def create_material(self, bits, d=None, x=None, y=None): curve = self.curve_for_bits(bits) if d: return SigningKey.from_secret_exponent(d, curve) if x and y: point = ec.Point(curve.curve, x, y, curve.order) return VerifyingKey.from_public_point(point, curve)
def build_vectors(fips_vectors): vectors = defaultdict(list) for vector in fips_vectors: vectors[vector['digest_algorithm']].append(vector['message']) for digest_algorithm, messages in vectors.items(): if digest_algorithm not in HASHLIB_HASH_TYPES: continue yield "" yield "[K-256,{0}]".format(digest_algorithm) yield "" for message in messages: # Make a hash context hash_func = TruncatedHash(HASHLIB_HASH_TYPES[digest_algorithm]()) # Sign the message using warner/ecdsa secret_key = SigningKey.generate(curve=SECP256k1) public_key = secret_key.get_verifying_key() signature = secret_key.sign(message, hashfunc=hash_func, sigencode=sigencode_der) r, s = sigdecode_der(signature, None) yield "Msg = {0}".format(hexlify(message)) yield "d = {0:x}".format(secret_key.privkey.secret_multiplier) yield "Qx = {0:x}".format(public_key.pubkey.point.x()) yield "Qy = {0:x}".format(public_key.pubkey.point.y()) yield "R = {0:x}".format(r) yield "S = {0:x}".format(s) yield ""
def recover_key(c1,sig1,c2,sig2,pubkey): #using the same variable names as in: #http://en.wikipedia.org/wiki/Elliptic_Curve_DSA curve_order = pubkey.curve.order n = curve_order s1 = string_to_number(sig1[-48:]) print "s1: " + str(s1) s2 = string_to_number(sig2[-48:]) print "s2: " + str(s2) r = string_to_number(sig1[-96:--48]) print "r: " + str(r) print "R values match: " + str(string_to_number(sig2[-96:--48]) == r) z1 = string_to_number(sha1(c1)) z2 = string_to_number(sha1(c2)) sdiff_inv = inverse_mod(((s1-s2)%n),n) k = ( ((z1-z2)%n) * sdiff_inv) % n r_inv = inverse_mod(r,n) da = (((((s1*k) %n) -z1) %n) * r_inv) % n print "Recovered Da: " + hex(da) recovered_private_key_ec = SigningKey.from_secret_exponent(da, curve=NIST384p) return recovered_private_key_ec.to_pem()
def doAuthenticate(self, msg): if len(msg.args) == 1 and msg.args[0] == '+': log.info('%s: Authenticating using SASL.', self.network) if self.sasl == 'external': authstring = '+' elif self.sasl == 'ecdsa-nist256p-challenge': authstring = base64.b64encode( self.sasl_username.encode('utf-8')).decode('utf-8') elif self.sasl == 'plain': authstring = base64.b64encode('\0'.join([ self.sasl_username, self.sasl_username, self.sasl_password ]).encode('utf-8')).decode('utf-8') self.queueMsg(ircmsgs.IrcMsg(command='AUTHENTICATE', args=(authstring,))) elif (len(msg.args) == 1 and msg.args[0] != '+' and self.sasl == 'ecdsa-nist256p-challenge'): try: private_key = SigningKey.from_pem(open(self.sasl_ecdsa_key). read()) authstring = base64.b64encode( private_key.sign(base64.b64decode(msg.args[0].encode()))).decode('utf-8') except (BadDigestError, OSError, ValueError) as e: authstring = "*" self.queueMsg(ircmsgs.IrcMsg(command='AUTHENTICATE', args=(authstring,)))
def Make_RegisterTransaction(Prikey, Redeem_script, Name, Issuer, Admin, Inputs, Index, Count, Amount=-0.00000001): ''' Name:发行的资产名 Issuer:发行者 Admin:管理员 Inputs Count:inputs Amount:发行资产总量,默认无上限-0.00000001 ''' Name = '5b7b276c616e67273a277a682d434e272c276e616d65273a27{0}277d5d'.format(name_to_hex(Name)) Amount = float_2_hex(Amount) #不需要找零 #Antcoin:f252a09a24591e8da31deec970871cc7678cb55023db049551e91f7bac28e27b Outputs = big_or_little('f252a09a24591e8da31deec970871cc7678cb55023db049551e91f7bac28e27b') + float_2_hex(Count-100) + Admin if Count > 100 else '' #暂时支持1个inputs之后再改,'00'为索引 RegisterTransaction = '4060' + hex(len(Name)/2)[2:] + Name + Amount + Issuer + Admin + '0001' + big_or_little(str(Inputs)) + '00' if Count > 100: RegisterTransaction += '0001' + Outputs else: RegisterTransaction += '0000' GetHashForSigning = big_or_little(sha256(binascii.unhexlify(RegisterTransaction)))#txid #print GetHashForSigning sk = SigningKey.from_string(binascii.unhexlify(Prikey), curve=NIST256p, hashfunc=hashlib.sha256) signature = binascii.hexlify(sk.sign(binascii.unhexlify(RegisterTransaction),hashfunc=hashlib.sha256)) return RegisterTransaction + '014140' + signature + '23' + Redeem_script
def get_root_key(seed): """ Gets the root key from the seed. """ # :TODO: add support for more than key #0 # see https://github.com/ripple/ripple-lib/blob/develop/src/js/ripple/seed.js def generate_key(seed): i = 0 res = 0 while True: res = from_bytes(hashes.sha512half(seed + to_bytes(i, 4))) i += 1 if curves.SECP256k1.order >= res: break return res private_generator = generate_key(seed) public_generator = curves.SECP256k1.generator * private_generator # use public + private generators to generate a secret sequence = 0 # public_compressed = _get_compressed_point(public_generator) secret = generate_key(public_compressed + to_bytes(sequence, 4)) secret += private_generator secret %= curves.SECP256k1.order # use secret to generate a secp256k1 key return SigningKey.from_secret_exponent(secret, curves.SECP256k1)
def check_for_privkey(keydir, jid, stderr): # the "anonymous ID" case if jid.startswith("anonid0-"): return None # the "old-style ID" case # FIXME: once it is possible for addons to change from old-style IDs # to new, cryptographic IDs on AMO and in Firefox, warn users that # continuing to use old-style IDs is less secure, and provide them with # instructions for changing to new IDs. if not jid.startswith("jid0-"): return None keypath = os.path.join(keydir, jid) if not os.path.isfile(keypath): msg = """\ Your package.json says our ID is: %(jid)s But I don't have a corresponding private key in: %(keypath)s If you are the original developer of this package and have recently copied the source code from a different machine to this one, you should copy the private key into the file named above. Otherwise, if you are a new developer who has made a copy of an existing package to use as a starting point, you need to remove the 'id' property from package.json, so that we can generate a new id and keypair. This will disassociate our new package from the old one. If you're collaborating on the same addon with a team, make sure at least one person on the team has the private key. In the future, you may not be able to distribute your addon without it. """ print >> stderr, msg % {"jid": jid, "keypath": keypath} return None keylines = open(keypath, "r").readlines() keydata = {} for line in keylines: line = line.strip() if line: k, v = line.split(":", 1) keydata[k.strip()] = v.strip() if "private-key" not in keydata: raise ValueError("invalid keydata: can't find 'private-key' line") sk_s = remove_prefix(keydata["private-key"], "private-jid0-", errormsg="unable to parse private-key data") from ecdsa import SigningKey, VerifyingKey, NIST256p sk = SigningKey.from_string(my_b32decode(sk_s), curve=NIST256p) vk = sk.get_verifying_key() jid_2 = vk_to_jid(vk) if jid_2 != jid: raise ValueError("invalid keydata: private-key in %s does not match" " public key for %s" % (keypath, jid)) vk_s = remove_prefix(keydata["public-key"], "public-jid0-", errormsg="unable to parse public-key data") vk2 = VerifyingKey.from_string(my_b32decode(vk_s), curve=NIST256p) if vk.to_string() != vk2.to_string(): raise ValueError("invalid keydata: public-key mismatch") return sk
def test_sign(self): pem = '-----BEGIN EC PRIVATE KEY-----\nMHQCAQEEICg7E4NN53YkaWuAwpoqjfAofjzKI7Jq1f532dX+0O6QoAcGBSuBBAAK\noUQDQgAEjZcNa6Kdz6GQwXcUD9iJ+t1tJZCx7hpqBuJV2/IrQBfue8jh8H7Q/4vX\nfAArmNMaGotTpjdnymWlMfszzXJhlw==\n-----END EC PRIVATE KEY-----\n' signed = utils.sign("message", pem) sk = SigningKey.from_pem(pem) vk = sk.get_verifying_key() print(signed) signed = binascii.unhexlify(signed) vk.verify(signed, "message".encode(), hashfunc=hashlib.sha256, sigdecode=ecdsaUtil.sigdecode_der)
def gen_key(self, filename): """ Generate a new Signing key using NIST P-256 curve """ self.sk = SigningKey.generate(curve=NIST256p) with open(filename, "w") as sk_file: sk_file.write(self.sk.to_pem())
def new(cls, string=None): """Returns a new Address object. If a string is passed, the Address object will be created using that string and will be deterministic. If no string is passed, the Address object will be generated randomly. """ # Generates warner ECDSA objects if string: # deterministic private key ecdsaPrivkey = SigningKey.from_string( string=string, curve=SECP256k1) else: # random private key ecdsaPrivkey = SigningKey.generate( curve=SECP256k1, entropy=None) return cls.fromPrivkey(ecdsaPrivkey)
def load(privkeypem): """ Load a private key from disk :param privkeypem: :return: """ with open(privkeypem, "rb") as privfile: return SigningKey.from_pem(privfile.read())
def __init__(self, privkey, pubkey = None, compressed = True): self.private_key = SigningKey.from_string(privkey, SECP256k1, sha256) if (compressed): # use the compressed public key self.public_key = BlockIo.Helper.compress_pubkey(self.private_key.get_verifying_key().to_string()) else: # use the uncompressed public key self.public_key = unhexlify('04' + hexlify(self.private_key.get_verifying_key().to_string()))
def root_key_from_seed(secret): """This derives your master key the given seed. Implemented in ripple-lib as ``Seed.prototype.get_key``, and further is described here: https://ripple.com/wiki/Account_Family#Root_Key_.28GenerateRootDeterministicKey.29 """ key = SigningKey.from_secret_exponent(secret, curves.SECP256k1) return key
def generate_pri_key(): seed = get_seed() rng1 = PRNG(seed) sk = SigningKey.generate(entropy=rng1, curve=NIST256p) sk_string = sk.to_string() sk_string_hex = binascii.hexlify(sk_string) return sk_string_hex, sk
def generate(curve): if curve not in _policy_.keys(): return False sk = SigningKey.generate(curve=_policy_[curve][0]) vk = sk.get_verifying_key() pubKey = vk.to_der() prvKey = sk.to_der() return (pubKey, prvKey)
def setUpClass(cls): log.info('Generating ECDSA Keypairs for Testing') cls.sender_sk = SigningKey.generate(curve=curves.SECP256k1) cls.receiver_sk = SigningKey.generate(curve=curves.SECP256k1) log.info('Setup IdObj for testid') cls.test_id_obj = IdObject() cls.test_id_obj.auth_public_key = cls.receiver_sk.get_verifying_key().to_der().encode('hex') cls.test_id_obj.id = 'testid' cls.test_id_obj.paymentprotocol_only = True cls.resolver = PluginManager.get_plugin('RESOLVER', config.resolver_type) cls.resolver.save(cls.test_id_obj) log.info('Save testid IdObj') log.info('Setup Class Identifier') cls.identifier = None
def hex2key(hex_key): key_bytes = unhexlify(hex_key) if len(hex_key) == 64: return SigningKey.from_string(key_bytes, curve=NIST256p, hashfunc=sha256) elif len(hex_key) == 128: return VerifyingKey.from_string(key_bytes, curve=NIST256p, hashfunc=sha256) else: raise ValueError("Key in hex form is of the wrong length.")
def __sign_message(cls, key_path, message): key_data = open(key_path).read() signing_key = SigningKey.from_pem(key_data) signature = signing_key.sign( message, hashfunc=hashlib.sha256, sigencode=ecdsa.util.sigencode_der ) signature = base64.b64encode(signature) return signature
def _decode_key(self, data): s, padding = der.remove_sequence(data) if padding: if padding not in self.ALLOWED_PADDINGS: raise ValueError("weird padding: %s" % u(binascii.hexlify(data))) data = data[:-len(padding)] key = SigningKey.from_der(data) self.signing_key = key self.verifying_key = key.get_verifying_key() self.size = 256
def __init__(self, public_key=None, private_key=None): self.id = 0 if public_key is not None: public_key = "#" + public_key if private_key is not None: private_key = "#" + private_key self.public_key = auto_bytes(public_key) self.private_key = private_key self.addr_version = None self.use_compression = 1 if private_key == "": private_key = None #Generate key pairs. if self.public_key == None and private_key == None: self.sign_key = SigningKey.generate(curve=SECP256k1) self.verify_key = self.sign_key.get_verifying_key() self.private_key = self.sign_key.to_string() self.public_key = self.verify_key.to_string() return #Init public key. self.old_verify_str = None if self.public_key != None: self.public_key = self.parse_public_key(self.public_key) self.verify_key = VerifyingKey.from_string(self.public_key, SECP256k1) self.sign_key = None self.old_verify_str = self.verify_key.to_string() #Init private key. if self.private_key != None: #Construct keys from private key. self.private_key = self.parse_private_key(private_key) self.sign_key = SigningKey.from_string(self.private_key, SECP256k1) self.verify_key = self.sign_key.get_verifying_key() #Check private key corrosponds to public key. if self.old_verify_str != None: if self.old_verify_str != self.verify_key.to_string(): raise Exception("Private key doesn't corrospond to stored public key.")
if not (len(sys.argv) == 4): print("Usage:", sys.argv[0], "<nprocesses> <nthreads> [<priv_key>]") exit(1) # get the number of threads and processes nprocesses = int(sys.argv[1]) nthreads = int(sys.argv[2]) # treats the private key (if it was provided) if len(sys.argv) == 4: try: # try to retrieve the private key priv_key_file = sys.argv[3] print(priv_key_file) with open(priv_key_file, 'r') as file: priv_key = SigningKey.from_pem(file.read()) except: print("Invalid private key.", sys.argv[3]) exit else: print("The private key is invalid!") priv_key = None # randomize our entropy source... random.seed(123) # if necessary, use this line to stop the multiprocessing execution until the user confirms input('Ready to create the multiprocesses. Press ENTER to start...\n') # setup a list of processes that we want to run
from ecdsa import SigningKey, NIST384p sk = SigningKey.generate(curve=NIST384p) sk2 = SigningKey.generate(curve=NIST384p) vk = sk.verifying_key print(sk.to_string().encode('hex')) print(sk2.to_string().encode('hex')) msg = "vote to a" si = sk.sign(msg) nmsg = "vote to da" try: assert vk.verify(si, nmsg) except: print("Bad sign")
def from_exponent(cls, exponent): key = SigningKey.from_secret_exponent(exponent, curve=SECP256k1) return cls(key)
def privateKey2publicKey(private_key_string): sk = SigningKey.from_string(bytes.fromhex(private_key_string), curve=SECP256k1) vk = sk.get_verifying_key() return vk.to_string().hex()
def signTransaction(sk: str, txHash: str) -> str: sk = bytes.fromhex(sk) sk = SigningKey.from_string(sk, curve=SECP256k1) signature = sk.sign(bytes.fromhex(txHash)) return signature.hex()
from ecdsa import SigningKey, NIST224p import time import psutil import threading from threading import Timer # Se generan las llaves sk = SigningKey.generate() # uses NIST192p #sk = SigningKey.generate(curve = NIST224p) vk = sk.verifying_key def sign(): while(True): time.sleep(0.2) # Prevenir 100% de uso de cpu por ciclo infinito sk.sign(b"Mahc000148441") #Firma signature = sk.sign(b"Mahc000148441") #Firma def verify(): while(True): time.sleep(0.2) # Prevenir 100% de uso de cpu por ciclo infinito vk.verify(signature, b"Mahc000148441") class DisplayCPU(threading.Thread): cpuUsageMeasures = [] running = False def run(self): t = Timer(10.0, self.stop) self.running = True t.start()
import pickle from ecdsa import SigningKey, SECP256k1, BadSignatureError # the bank is the issuing source of truth, bad bank! bank_private_key = SigningKey.generate(curve=SECP256k1) bank_public_key = bank_private_key.get_verifying_key() def serialize(coin): return pickle.dumps(coin) def transfer_message(prev_sig, next_pub_key): return serialize({ "prev_sig": prev_sig, "next_owner_pub_key": next_pub_key }) class Transfer: def __init__(self, signature, public_key): self.signature = signature self.public_key = public_key class ECDSACoin: def __init__(self, transfers): self.transfers = transfers def validate(self): prev_transfer = self.transfers[0] # Check the first transfer
hashObj = new(hashAlg) hashObj.update(bytestring) return hashObj.digest() def pairEncode(hex_string): if len(hex_string) % 2: hex_string = '0' + hex_string return bytes.fromhex(hex_string) # Generate cryptographically strong 256 bit private key. private_key = randbits(256) # Generate ECDSA signing (private) and verifying (public) keys from private key. signing_key = SigningKey.from_secret_exponent(private_key, curve=SECP256k1) verifying_key = signing_key.get_verifying_key() # Concatenate (x, y) points to create public key. x = verifying_key.pubkey.point.x() x = pairEncode(f'{x:x}') y = verifying_key.pubkey.point.y() y = pairEncode(f'{y:x}') full_public_key = b'\x00' + x + y # Compress the public key. prefix = b'\x03' if y[-1] % 2 else b'\x02' public_key = prefix + x # Calculate the address.
def __init__(self): self.sk = {} # Loading signature keys to memory for keyid, private_key in settings.CUP_PEM_KEYS.iteritems(): self.sk[keyid] = SigningKey.from_pem(open(private_key).read())
def gen_private_ecdsa(): from ecdsa import SigningKey sk = SigningKey.generate() return sk.to_pem()
def sign_message(private_key: ecdsa.SigningKey, message: str) -> str: """returns a signature for a given message""" signature = private_key.sign(bytes(message, "utf-8")) return str(binascii.hexlify(signature))[2:-1]
from ecdsa import SigningKey sk = SigningKey.generate() vk = sk.get_verifying_key() open("private.pem", "wb").write(sk.to_pem()) open("public.pem", "wb").write(vk.to_pem()) print('---> private key: %s' % (sk.to_pem())) print('---> public key: %s' % (vk.to_pem()))
def __init__(self): self._private_key = SigningKey.generate(curve=SECP256k1) self._public_key = self._private_key.get_verifying_key()
def lookup_private_key(name): exponent = {"alice": 1, "bob": 2, "node0": 3, "node1": 4, "node2": 5}[name] return SigningKey.from_secret_exponent(exponent, curve=SECP256k1)
def find_curve(oid_curve): for c in curves: if c.oid == oid_curve: return c raise UnknownCurveError("I don't know about the curve with oid %s." "I only know about these: %s" % (oid_curve, [c.name for c in curves])) # SECP256k1 = Curve("SECP256k1", ecdsa.curve_secp256k1, ecdsa.generator_secp256k1, # (1, 3, 132, 0, 10), "secp256k1") # SECP256k1 is the Bitcoin elliptic curve from ecdsa import SigningKey sk = SigningKey.generate(curve=NIST256p) vk = sk.get_verifying_key() print(b2a_hex(sk.to_string())) print(b2a_hex(vk.to_string())) sig = sk.sign( a2b_hex( b'0021F5FC0B85CD22E60623BCD7D1CA48948909249B4776EB515154E57B66AE12010000002C' + # noqa b'7B89F12A9088B0F5EE0EF8F6718BCCC374249C31AEEBAEB79BD0450132CD536C')) vk.verify( sig, a2b_hex( b'0021F5FC0B85CD22E60623BCD7D1CA48948909249B4776EB515154E57B66AE12010000002C' + # noqa b'7B89F12A9088B0F5EE0EF8F6718BCCC374249C31AEEBAEB79BD0450132CD536C') ) # True
def generate(cls) -> 'PrivateKey': return cls(SigningKey.generate(curve=SECP256k1))
def gen_private_key(curve=curve.P256, hashfunc=sha256): priv_key = SigningKey.generate(curve=curve, hashfunc=hashfunc) return priv_key.to_string().hex()
def from_bytes(cls, b: bytes) -> 'PrivateKey': return cls(SigningKey.from_string(b, curve=SECP256k1))
def generate(): return ECDSA256P1(SigningKey.generate(curve=NIST256p))
def __init__(self): self._private_key = SigningKey.generate(curve=NIST256p) self._public_key = self._private_key.get_verifying_key() self._blockchain_address = self.generate_blockchain_address()
def main(sk_filename): global processed_txids, transaction_id sk = SigningKey.from_pem(open(sk_filename).read()) vk = sk.get_verifying_key() pk = str(base64.b64encode(vk.to_string()), encoding='utf8') timestamp = str(int(time.time()-300)) leaders = db.query("SELECT * FROM leaders WHERE pk = %s AND timestamp > %s", pk, timestamp) if not leaders: election(sk_filename) else: # leader = leaders[0] transactions = db.query("SELECT * FROM transactions WHERE id > %s ORDER BY id ASC LIMIT 20", transaction_id) random.shuffle(transactions) for transaction in transactions: if transaction.txid in processed_txids: continue data = json.loads(transaction.data) sender = data["transaction"]["sender"] receiver = data["transaction"]["receiver"] amount = data["transaction"]["amount"] signature = data["signature"] chain_txids = set() sender_blocks = lastest_block(sender) receiver_blocks = lastest_block(receiver) if len(set(sender_blocks+receiver_blocks)) >= 1: if len(set(sender_blocks+receiver_blocks)) == 1: txs = db.query("SELECT * FROM graph WHERE hash = %s", (sender_blocks+receiver_blocks)[0]) else: txs = db.query("SELECT * FROM graph WHERE hash IN %s", set(sender_blocks+receiver_blocks)) for tx in txs: tx_data = json.loads(tx.data) txid = tx_data["transaction"]["txid"] chain_txids.add(txid) processed_txids.add(txid) if transaction.txid in chain_txids: continue from_block = sender_blocks[-1] if sender_blocks else sender to_block = receiver_blocks[-1] if receiver_blocks else receiver # query from_block and to_block # get balance and calcuate # update transaction's from_block and to_block data["from_block"] = from_block data["to_block"] = to_block data["sender_balance"] = "" data["receiver_balance"] = "" data["leader_publickey"] = pk vk2 = VerifyingKey.from_string(base64.b64decode(sender), curve=NIST384p) assert vk2.verify(base64.b64decode(signature), json.dumps(data["transaction"]).encode('utf-8')) # signature = sk.sign(json.dumps(transaction).encode('utf-8')) # data = {"transaction": transaction, "signature": str(base64.b64encode(signature), encoding="utf-8")} for nonce in range(100000000): block_hash = hashlib.sha256((json.dumps(data) + pk + str(nonce)).encode('utf8')).hexdigest() if block_hash < certain_value: print("tx", nonce, block_hash) try: # query if any node taken from_block or to_block db.execute("INSERT INTO graph (hash, from_block, to_block, sender, receiver, nonce, data) VALUES (%s, %s, %s, %s, %s, %s, %s)", block_hash, from_block, to_block, sender, receiver, nonce, transaction.data) # db.execute("INSERT INTO graph (hash, from_block, to_block, sender, receiver, nonce, data, transaction_id, timestamp) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)", block_hash, from_block, to_block, sender, receiver, nonce, transaction.data, transaction.id, int(time.time())) processed_txids.add(transaction.txid) break except: pass time.sleep(1) transaction_id += 20 time.sleep(0.1)
def generate() -> 'ECDSAPrivateKey': """Generate a new key pair.""" return ECDSAPrivateKey(pk=SigningKey.generate(curve=SECP256k1))
def checksum_encode(addr_str): # Takes a hex (string) address as input keccak = sha3.keccak_256() out = '' addr = addr_str.lower().replace('0x', '') keccak.update(addr.encode('ascii')) hash_addr = keccak.hexdigest() for i, c in enumerate(addr): if int(hash_addr[i], 16) >= 8: out += c.upper() else: out += c return '0x' + out keccak = sha3.keccak_256() priv = SigningKey.generate(curve=SECP256k1) pub = priv.get_verifying_key().to_string() keccak.update(pub) address = keccak.hexdigest()[24:] def test(addrstr): assert(addrstr == checksum_encode(addrstr)) test('0x5aAeb6053F3E94C9b9A09f33669435E7Ef1BeAed') test('0xfB6916095ca1df60bB79Ce92cE3Ea74c37c5d359') test('0xdbF03B407c01E7cD3CBea99509d93f8DDDC8C6FB') test('0xD1220A0cf47c7B9Be7A2E6BA89F429762e7b9aDb') test('0x7aA3a964CC5B0a76550F549FC30923e5c14EDA84')
def from_file(filename: str, passphrase: str) -> 'ECDSAPrivateKey': """Read from file (as written by write_key_pair).""" data = EncryptedData.read_from_file(filename) key = binascii.unhexlify(data.decrypt_with_passphrase(passphrase)) return ECDSAPrivateKey(SigningKey.from_string(key, curve=SECP256k1))
parser.add_argument('key', help='hex encoded wallet private key') parser.add_argument('rpc', help='ethereum rpc node url') parser.add_argument('--publish', dest='publish', help='publish contract to rpc node', action='store_true', required=False) parser.set_defaults(publish=False) args = parser.parse_args() if not args.publish: print('Doing demo run. No code will be published.') web3 = Web3(HTTPProvider(args.rpc)) private_key = SigningKey.from_string(string=decode_hex(args.key), curve=SECP256k1) public_key = private_key.get_verifying_key().to_string() wallet_address = web3.toChecksumAddress(keccak(public_key).hex()[24:]) web3.eth.defaultAccount = wallet_address print('Deploying from wallet: {}'.format(wallet_address)) with open(args.binary) as f: deployments = json.load(f) base_nonce = web3.eth.getTransactionCount(wallet_address) deployed_contracts = {} for target in deployments:
def genKeys(self): #print "11" self.priKey = SigningKey.generate(curve=NIST192p) #print "22" self.pubKey = self.priKey.get_verifying_key()
app.config['SQLALCHEMY_DATABASE_URI'] = db_connect_URL app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False app.secret_key = SECRET_KEY app.config['DEBUG'] = True db = SQLAlchemy(app) db.init_app(app) Migrate(app, db) # Load signature key signature_key = None if os.getenv("COCOAMOCK_SIGNATURE_KEY_FILENAME", None) is None: raise SignatureKeyError( "'COCOAMOCK_SIGNATURE_KEY_FILENAME' env is not setted.") try: with open(os.getenv("COCOAMOCK_SIGNATURE_KEY_FILENAME", None)) as f: signature_key = SigningKey.from_pem(f.read()) except Exception as e: raise e # TEK DB Model class TEKs(db.Model): __tablename__ = "teks" id = db.Column(db.Integer, primary_key=True) epoch = db.Column(Integer) key_data = db.Column(String(100)) rolling_start_number = db.Column(Integer) rolling_period = db.Column(Integer) transmission_risk = db.Column(Integer) region = db.Column(String(10)) created = db.Column(db.DateTime, index=True, default=datetime.now())
g = 2255412 keyLength = 32 ret = 0 ths = round((p - 1) / 2) for i in range(keyLength * 8): seed = pow(g, seed, p) if seed > ths: ret += 2**i return ret # Set up the keys seed = random.getrandbits(128) rand = secure_rng(seed) + 1 sk = SigningKey.from_secret_exponent(rand, curve=NIST384p) vk = sk.get_verifying_key() def verify(msg, sig): try: return vk.verify(binascii.unhexlify(sig), msg) except: return False def sign(msg): return binascii.hexlify(sk.sign(msg)) @route('/', method='GET')
# mod2 const.SW_COMPONENT_TYPE: 'M2', const.SIGNER_ID: SIGNER_ID, const.SW_COMPONENT_VERSION: '3.4.2', const.MEASUREMENT_VALUE: MEASUREMENT, }, { # mod3 const.SW_COMPONENT_TYPE: 'M3', const.SIGNER_ID: SIGNER_ID, const.SW_COMPONENT_VERSION: '3.4.2', const.MEASUREMENT_VALUE: MEASUREMENT, }, ], } if __name__ == '__main__': import sys if len(sys.argv) != 3: print('Usage: {} KEYFILE OUTFILE'.format(sys.argv[0])) sys.exit(1) keyfile = sys.argv[1] outfile = sys.argv[2] sk = SigningKey.from_pem(open(keyfile, 'rb').read()) token = cbor2.dumps(token_map) signed_token = sign_eat(token, sk) with open(outfile, 'wb') as wfh: wfh.write(signed_token)
def _get_key_pair_from_sk(sk: ecdsa.SigningKey) -> typing.Tuple[bytes, bytes]: """Returns key pair from a signing key. """ return sk.to_string(), \ sk.verifying_key.to_string("compressed")