From 50998fcfb916ae251309bd4b464f2c122e8cb30d Mon Sep 17 00:00:00 2001 From: jaseg Date: Fri, 9 Apr 2021 18:38:02 +0200 Subject: Repo re-org --- notebooks/cryptography_experiments.ipynb | 130 +++++++++++++++++++++++++++++++ 1 file changed, 130 insertions(+) create mode 100644 notebooks/cryptography_experiments.ipynb (limited to 'notebooks/cryptography_experiments.ipynb') diff --git a/notebooks/cryptography_experiments.ipynb b/notebooks/cryptography_experiments.ipynb new file mode 100644 index 0000000..c7c046a --- /dev/null +++ b/notebooks/cryptography_experiments.ipynb @@ -0,0 +1,130 @@ +{ + "cells": [ + { + "cell_type": "code", + "execution_count": 31, + "metadata": {}, + "outputs": [], + "source": [ + "import os\n", + "\n", + "import hashlib\n", + "import nacl.signing\n", + "from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes\n", + "from cryptography.hazmat.backends import default_backend" + ] + }, + { + "cell_type": "code", + "execution_count": 7, + "metadata": {}, + "outputs": [], + "source": [ + "sign_key = nacl.signing.SigningKey.generate()" + ] + }, + { + "cell_type": "code", + "execution_count": 44, + "metadata": {}, + "outputs": [], + "source": [ + "make_action_string = lambda group, index: f'reset idx={index:08x} g={group}'.encode()\n", + "def generate_presig(group, index):\n", + " action_string = make_action_string(group, index)\n", + " sig = sign_key.sign(action_string)[:64] # cut off original message\n", + " \n", + " key = os.urandom(16)\n", + " \n", + " cipher = Cipher(algorithms.AES(key), modes.CTR(b'\\0' * 16), backend=default_backend())\n", + " enc = cipher.encryptor()\n", + " ciphtertext = enc.update(sig)\n", + " assert len(enc.finalize()) == 0\n", + " \n", + " return key, ciphtertext\n", + "\n", + "presigs = { group: [ generate_presig(group, index) for index in range(64) ] for group in ['all', 'v=foo', 's=bar', 'l=somewhere'] }" + ] + }, + { + "cell_type": "code", + "execution_count": 46, + "metadata": {}, + "outputs": [ + { + "data": { + "text/plain": [ + "(b'\\x9f\\n\\x8e\\xc9\\x1d\\xaf*\\xac\\x9e\\x1as\\xe8\\xf8\\xe6\\xe9z',\n", + " b'{\\xd8\\xb4\\xaf\\xb4PK1%*`\\\\\\x8e\\x93;\\x82\\xeaF\\x99\\xe0\\xbfB\\xf1\\x9d\\xae\\x02|\\xae\\\\?\\x97\\xb3\\xa5j.Y\\x83\\xddg\\x7f\\x06\\xd2\\xa47^\\xf3\\xdd\\x08n3\\x90\\x84~\\x96,tO#\\x8e$\\xdc\\xa2\\x1a\\r')" + ] + }, + "execution_count": 46, + "metadata": {}, + "output_type": "execute_result" + } + ], + "source": [ + "presigs['all'][0]" + ] + }, + { + "cell_type": "code", + "execution_count": 69, + "metadata": {}, + "outputs": [], + "source": [ + "def validate_presig(group, index, key, presig, verify_key=sign_key.verify_key):\n", + " \"\"\" Will raise an error for invalid signature or group/index \"\"\"\n", + " action_string = make_action_string(group, index)\n", + " \n", + " cipher = Cipher(algorithms.AES(key), modes.CTR(b'\\0' * 16), backend=default_backend())\n", + " dec = cipher.decryptor()\n", + " plaintext = dec.update(presig)\n", + " assert len(dec.finalize()) == 0\n", + " \n", + " return verify_key.verify(plaintext + action_string) == action_string" + ] + }, + { + "cell_type": "code", + "execution_count": 70, + "metadata": {}, + "outputs": [ + { + "data": { + "text/plain": [ + "True" + ] + }, + "execution_count": 70, + "metadata": {}, + "output_type": "execute_result" + } + ], + "source": [ + "validate_presig('all', 0, *presigs['all'][0])" + ] + } + ], + "metadata": { + "kernelspec": { + "display_name": "labenv", + "language": "python", + "name": "labenv" + }, + "language_info": { + "codemirror_mode": { + "name": "ipython", + "version": 3 + }, + "file_extension": ".py", + "mimetype": "text/x-python", + "name": "python", + "nbconvert_exporter": "python", + "pygments_lexer": "ipython3", + "version": "3.8.2" + } + }, + "nbformat": 4, + "nbformat_minor": 4 +} -- cgit