summaryrefslogtreecommitdiff
path: root/notebooks/cryptography_experiments.ipynb
diff options
context:
space:
mode:
Diffstat (limited to 'notebooks/cryptography_experiments.ipynb')
-rw-r--r--notebooks/cryptography_experiments.ipynb130
1 files changed, 130 insertions, 0 deletions
diff --git a/notebooks/cryptography_experiments.ipynb b/notebooks/cryptography_experiments.ipynb
new file mode 100644
index 0000000..c7c046a
--- /dev/null
+++ b/notebooks/cryptography_experiments.ipynb
@@ -0,0 +1,130 @@
+{
+ "cells": [
+ {
+ "cell_type": "code",
+ "execution_count": 31,
+ "metadata": {},
+ "outputs": [],
+ "source": [
+ "import os\n",
+ "\n",
+ "import hashlib\n",
+ "import nacl.signing\n",
+ "from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes\n",
+ "from cryptography.hazmat.backends import default_backend"
+ ]
+ },
+ {
+ "cell_type": "code",
+ "execution_count": 7,
+ "metadata": {},
+ "outputs": [],
+ "source": [
+ "sign_key = nacl.signing.SigningKey.generate()"
+ ]
+ },
+ {
+ "cell_type": "code",
+ "execution_count": 44,
+ "metadata": {},
+ "outputs": [],
+ "source": [
+ "make_action_string = lambda group, index: f'reset idx={index:08x} g={group}'.encode()\n",
+ "def generate_presig(group, index):\n",
+ " action_string = make_action_string(group, index)\n",
+ " sig = sign_key.sign(action_string)[:64] # cut off original message\n",
+ " \n",
+ " key = os.urandom(16)\n",
+ " \n",
+ " cipher = Cipher(algorithms.AES(key), modes.CTR(b'\\0' * 16), backend=default_backend())\n",
+ " enc = cipher.encryptor()\n",
+ " ciphtertext = enc.update(sig)\n",
+ " assert len(enc.finalize()) == 0\n",
+ " \n",
+ " return key, ciphtertext\n",
+ "\n",
+ "presigs = { group: [ generate_presig(group, index) for index in range(64) ] for group in ['all', 'v=foo', 's=bar', 'l=somewhere'] }"
+ ]
+ },
+ {
+ "cell_type": "code",
+ "execution_count": 46,
+ "metadata": {},
+ "outputs": [
+ {
+ "data": {
+ "text/plain": [
+ "(b'\\x9f\\n\\x8e\\xc9\\x1d\\xaf*\\xac\\x9e\\x1as\\xe8\\xf8\\xe6\\xe9z',\n",
+ " b'{\\xd8\\xb4\\xaf\\xb4PK1%*`\\\\\\x8e\\x93;\\x82\\xeaF\\x99\\xe0\\xbfB\\xf1\\x9d\\xae\\x02|\\xae\\\\?\\x97\\xb3\\xa5j.Y\\x83\\xddg\\x7f\\x06\\xd2\\xa47^\\xf3\\xdd\\x08n3\\x90\\x84~\\x96,tO#\\x8e$\\xdc\\xa2\\x1a\\r')"
+ ]
+ },
+ "execution_count": 46,
+ "metadata": {},
+ "output_type": "execute_result"
+ }
+ ],
+ "source": [
+ "presigs['all'][0]"
+ ]
+ },
+ {
+ "cell_type": "code",
+ "execution_count": 69,
+ "metadata": {},
+ "outputs": [],
+ "source": [
+ "def validate_presig(group, index, key, presig, verify_key=sign_key.verify_key):\n",
+ " \"\"\" Will raise an error for invalid signature or group/index \"\"\"\n",
+ " action_string = make_action_string(group, index)\n",
+ " \n",
+ " cipher = Cipher(algorithms.AES(key), modes.CTR(b'\\0' * 16), backend=default_backend())\n",
+ " dec = cipher.decryptor()\n",
+ " plaintext = dec.update(presig)\n",
+ " assert len(dec.finalize()) == 0\n",
+ " \n",
+ " return verify_key.verify(plaintext + action_string) == action_string"
+ ]
+ },
+ {
+ "cell_type": "code",
+ "execution_count": 70,
+ "metadata": {},
+ "outputs": [
+ {
+ "data": {
+ "text/plain": [
+ "True"
+ ]
+ },
+ "execution_count": 70,
+ "metadata": {},
+ "output_type": "execute_result"
+ }
+ ],
+ "source": [
+ "validate_presig('all', 0, *presigs['all'][0])"
+ ]
+ }
+ ],
+ "metadata": {
+ "kernelspec": {
+ "display_name": "labenv",
+ "language": "python",
+ "name": "labenv"
+ },
+ "language_info": {
+ "codemirror_mode": {
+ "name": "ipython",
+ "version": 3
+ },
+ "file_extension": ".py",
+ "mimetype": "text/x-python",
+ "name": "python",
+ "nbconvert_exporter": "python",
+ "pygments_lexer": "ipython3",
+ "version": "3.8.2"
+ }
+ },
+ "nbformat": 4,
+ "nbformat_minor": 4
+}