def sign(self, inputb): """ Sign the input with ECDSA method and returns the signature """ try: size = len(inputb) buff = openssl.malloc(inputb, size) digest = openssl.malloc(0, 64) md_ctx = openssl.EVP_MD_CTX_create() dgst_len = openssl.pointer(openssl.c_int(0)) siglen = openssl.pointer(openssl.c_int(0)) sig = openssl.malloc(0, 151) key = openssl.EC_KEY_new_by_curve_name(self.curve) if key == 0: raise Exception("[OpenSSL] EC_KEY_new_by_curve_name FAIL ...") priv_key = openssl.BN_bin2bn(self.privkey, len(self.privkey), 0) pub_key_x = openssl.BN_bin2bn(self.pubkey_x, len(self.pubkey_x), 0) pub_key_y = openssl.BN_bin2bn(self.pubkey_y, len(self.pubkey_y), 0) if (openssl.EC_KEY_set_private_key(key, priv_key)) == 0: raise Exception("[OpenSSL] EC_KEY_set_private_key FAIL ...") group = openssl.EC_KEY_get0_group(key) pub_key = openssl.EC_POINT_new(group) if (openssl.EC_POINT_set_affine_coordinates_GFp(group, pub_key, pub_key_x, pub_key_y, 0)) == 0: raise Exception("[OpenSSL] EC_POINT_set_affine_coordinates_GFp FAIL ...") if (openssl.EC_KEY_set_public_key(key, pub_key)) == 0: raise Exception("[OpenSSL] EC_KEY_set_public_key FAIL ...") if (openssl.EC_KEY_check_key(key)) == 0: raise Exception("[OpenSSL] EC_KEY_check_key FAIL ...") openssl.EVP_MD_CTX_init(md_ctx) openssl.EVP_DigestInit(md_ctx, openssl.EVP_ecdsa()) if (openssl.EVP_DigestUpdate(md_ctx, buff, size)) == 0: raise Exception("[OpenSSL] EVP_DigestUpdate FAIL ...") openssl.EVP_DigestFinal(md_ctx, digest, dgst_len) openssl.ECDSA_sign(0, digest, dgst_len.contents, sig, siglen, key) if (openssl.ECDSA_verify(0, digest, dgst_len.contents, sig, siglen.contents, key)) != 1: raise Exception("[OpenSSL] ECDSA_verify FAIL ...") return sig.raw finally: openssl.EC_KEY_free(key) openssl.BN_free(pub_key_x) openssl.BN_free(pub_key_y) openssl.BN_free(priv_key) openssl.EC_POINT_free(pub_key) openssl.EVP_MD_CTX_destroy(md_ctx)
def hmac(k, m): """ Compute the key and the message with HMAC SHA512 """ key = openssl.malloc(k, len(k)) d = openssl.malloc(m, len(m)) md = openssl.malloc(0, 64) i = openssl.pointer(openssl.c_int(0)) openssl.HMAC(openssl.EVP_sha512(), key, len(k), d, len(m), md, i) return md.raw
def verify(self, sig, inputb): """ Verify the signature with the input and the local public key. Returns a boolean """ try: bsig = openssl.malloc(sig, len(sig)) binputb = openssl.malloc(inputb, len(inputb)) digest = openssl.malloc(0, 64) dgst_len = openssl.pointer(openssl.c_int(0)) md_ctx = openssl.EVP_MD_CTX_create() key = openssl.EC_KEY_new_by_curve_name(self.curve) if key == 0: raise Exception("[OpenSSL] EC_KEY_new_by_curve_name FAIL ...") pub_key_x = openssl.BN_bin2bn(self.pubkey_x, len(self.pubkey_x), 0) pub_key_y = openssl.BN_bin2bn(self.pubkey_y, len(self.pubkey_y), 0) group = openssl.EC_KEY_get0_group(key) pub_key = openssl.EC_POINT_new(group) if (openssl.EC_POINT_set_affine_coordinates_GFp(group, pub_key, pub_key_x, pub_key_y, 0)) == 0: raise Exception("[OpenSSL] EC_POINT_set_affine_coordinates_GFp FAIL ...") if (openssl.EC_KEY_set_public_key(key, pub_key)) == 0: raise Exception("[OpenSSL] EC_KEY_set_public_key FAIL ...") if (openssl.EC_KEY_check_key(key)) == 0: raise Exception("[OpenSSL] EC_KEY_check_key FAIL ...") openssl.EVP_MD_CTX_init(md_ctx) openssl.EVP_DigestInit(md_ctx, openssl.EVP_ecdsa()) if (openssl.EVP_DigestUpdate(md_ctx, binputb, len(inputb))) == 0: raise Exception("[OpenSSL] EVP_DigestUpdate FAIL ...") openssl.EVP_DigestFinal(md_ctx, digest, dgst_len) ret = openssl.ECDSA_verify(0, digest, dgst_len.contents, bsig, len(sig), key) if ret == -1: return False # Fail to Check else : if ret == 0: return False # Bad signature ! else: return True # Good return False finally: openssl.EC_KEY_free(key) openssl.BN_free(pub_key_x) openssl.BN_free(pub_key_y) openssl.EC_POINT_free(pub_key) openssl.EVP_MD_CTX_destroy(md_ctx)