-
Notifications
You must be signed in to change notification settings - Fork 14
/
Copy pathecdsa.py
128 lines (104 loc) · 4.52 KB
/
ecdsa.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
from ecdsa import SigningKey, VerifyingKey, SECP256k1
import hashlib
import random
from ecdsa import SigningKey, VerifyingKey, SECP256k1
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import padding
import os
# Generate private and public keys
private_key = SigningKey.generate(curve=SECP256k1)
public_key = private_key.verifying_key
# Message to be encrypted and signed
message = "Secure this message.".encode()
branch6
# AES encryption
def encrypt_message(message, key):
# Generate a random IV (Initialization Vector)
iv = os.urandom(16)
# Create cipher configuration
cipher = Cipher(algorithms.AES(key), modes.CBC(iv), backend=default_backend())
encryptor = cipher.encryptor()
# Pad the message to be AES block size compliant
padder = padding.PKCS7(algorithms.AES.block_size).padder()
padded_data = padder.update(message) + padder.finalize()
=======
k = random.randint(1, SECP256k1.order - 1) # <-- Changed k to be randomly generated
main
# Encrypt the padded message
ciphertext = encryptor.update(padded_data) + encryptor.finalize()
return iv + ciphertext # Prepend IV for use in decryption
# AES decryption
def decrypt_message(ciphertext, key):
iv = ciphertext[:16] # Extract the IV from the beginning
actual_ciphertext = ciphertext[16:] # Get the actual ciphertext
cipher = Cipher(algorithms.AES(key), modes.CBC(iv), backend=default_backend())
decryptor = cipher.decryptor()
# Decrypt the ciphertext
padded_data = decryptor.update(actual_ciphertext) + decryptor.finalize()
# Unpad the decrypted message
unpadder = padding.PKCS7(algorithms.AES.block_size).unpadder()
plaintext = unpadder.update(padded_data) + unpadder.finalize()
return plaintext
branch6
# Generate a random AES key (16 bytes for AES-128)
aes_key = os.urandom(16)
# Encrypt the message
encrypted_message = encrypt_message(message, aes_key)
# Hash the original message for signing
hashed_message = hashlib.sha256(message).digest()
# Sign the hashed message using the private key
signature = private_key.sign(hashed_message)
# Convert the signature to hexadecimal format
signature_hex = signature.hex()
=======
# Removed the hex length check and random.seed because it was unnecessary.
# if len(signature_hex) != 128:
# random.seed(1)
is_valid = public_key.verify(signature, hashed_message) # <-- Changed to verify signature, not signature_hex
main
# Verify the signature using the public key and hashed message
try:
is_valid = public_key.verify(bytes.fromhex(signature_hex), hashed_message)
except ValueError as e:
print("Caught an exception during verification:", e)
is_valid = False
# Check if the message length exceeds a predefined limit (512 bytes in this case)
if len(message) > 512:
print("Message length exceeds the limit!")
print("Verification result:", is_valid)
# Function to send a message (simulating transmission)
def send_message(msg):
if isinstance(msg, bytes): # Ensure the message is in bytes format
print("Sending message:", msg)
return msg
else:
raise TypeError("Message should be in bytes format!")
# Function to receive and verify message
def receive_message(sig, msg):
print("Received message:", msg)
branch6
try:
# Verify signature using the hashed message
is_valid = public_key.verify(bytes.fromhex(sig), hashlib.sha256(msg).digest())
return is_valid
except ValueError as e:
print("Error during verification:", e)
return False
# Send and verify the encrypted message
signed_message = send_message(encrypted_message)
verification_result = receive_message(signature_hex, signed_message)
=======
return public_key.verify(sig, hashed_message) # <-- Changed to verify using signature, not signature_hex
signed_message = send_message(message)
verification_result = receive_message(signature, signed_message) # <-- Changed to pass signature, not signature_hex
main
# Decrypt the message after verification
if verification_result:
decrypted_message = decrypt_message(signed_message, aes_key)
print("Decrypted message:", decrypted_message.decode())
else:
print("Message verification failed!")
# Length Checking of the Hash should be fixed to be specific to the hash algorithm.
if len(hashed_message) != 32: # <-- Highlighted change for hash length checking (SHA-256 produces a 32-byte hash)
print("Hash length is not correct!") # <-- Added message for clarity