first (working) implementation of kioubit-auth
- verify(<x509-key>, signature=base64decode(<sig>), <params(base64)>)
This commit is contained in:
parent
e8c9c25a01
commit
b305139033
1 changed files with 23 additions and 23 deletions
|
@ -1,14 +1,9 @@
|
||||||
#! /usr/bin/env python3
|
#! /usr/bin/env python3
|
||||||
|
|
||||||
#import OpenSSL
|
|
||||||
#from OpenSSL.crypto import load_publickey, FILETYPE_PEM, X509
|
|
||||||
#from OpenSSL.crypto import verify as OpenSSL_verify
|
|
||||||
import base64, os
|
import base64, os
|
||||||
#from hashlib import sha512
|
from OpenSSL.crypto import load_publickey, FILETYPE_PEM, verify, X509
|
||||||
from Crypto.PublicKey import ECC
|
import OpenSSL
|
||||||
from Crypto.Signature import DSS
|
|
||||||
import Crypto.Hash.SHA512 as SHA512
|
|
||||||
#from hashlib import sha512 as SHA512
|
|
||||||
|
|
||||||
PUBKEY_FILE = os.path.dirname(__file__)+"/kioubit-auth-pubkey.pem"
|
PUBKEY_FILE = os.path.dirname(__file__)+"/kioubit-auth-pubkey.pem"
|
||||||
|
|
||||||
|
@ -21,30 +16,35 @@ class AuthVerifyer ():
|
||||||
for line in pk.readlines():
|
for line in pk.readlines():
|
||||||
pk_content += line
|
pk_content += line
|
||||||
print(pk_content)
|
print(pk_content)
|
||||||
self.pubkey = ECC.import_key(pk_content)
|
pkey = load_publickey(FILETYPE_PEM, pk_content)
|
||||||
#self.pubkey.set_pubkey(
|
self.x509 = X509()
|
||||||
# load_publickey(OpenSSL.crypto.FILETYPE_PEM, pk_content)
|
self.x509.set_pubkey(pkey)
|
||||||
#)
|
|
||||||
|
|
||||||
print(self.pubkey)
|
print(self.x509)
|
||||||
|
|
||||||
def verify(self, params, signature):
|
def verify(self, params, signature):
|
||||||
# sig = base64.b64decode(signature)
|
|
||||||
# print(type(sig))
|
# print(type(sig))
|
||||||
#OpenSSL_verify(self.pubkey, sig
|
#OpenSSL_verify(self.pubkey, sig
|
||||||
#, base64.b64decode(params), "sha512")
|
#, base64.b64decode(params), "sha512")
|
||||||
h = SHA512.new()
|
sig = base64.b64decode(signature)
|
||||||
h.update(base64.b64decode(params))
|
print(f"sig: {sig}")
|
||||||
|
print(f"params: {params}")
|
||||||
|
try:
|
||||||
|
verify(self.x509, sig, params, 'sha512')
|
||||||
|
except OpenSSL.crypto.Error:
|
||||||
|
return False, "Signature Failed"
|
||||||
|
#h = SHA512.new()
|
||||||
|
#h.update(base64.b64decode(params))
|
||||||
#print(h.hexdigest())
|
#print(h.hexdigest())
|
||||||
verifier = DSS.new(self.pubkey, 'fips-186-3')
|
#verifier = DSS.new(self.pubkey, 'deterministic-rfc6979')
|
||||||
valid = verifier.verify(h, signature)
|
#valid = verifier.verify(h, base64.b64decode(signature))
|
||||||
return valid
|
return True, ""
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
example_com_verifier = AuthVerifyer("example.com")
|
example_com_verifier = AuthVerifyer("example.com")
|
||||||
example_com_verifier.verify(
|
print (example_com_verifier.verify(
|
||||||
params="eyJhc24iOiI0MjQyNDIzMDM1IiwidGltZSI6MTY2ODI2NjkyNiwiYWxsb3dlZDQiOiIxNzIuMjIuMTI1LjEyOFwvMjYsMTcyLjIwLjAuODFcLzMyIiwiYWxsb3dlZDYiOiJmZDYzOjVkNDA6NDdlNTo6XC80OCxmZDQyOmQ0MjpkNDI6ODE6OlwvNjQiLCJtbnQiOiJMQVJFLU1OVCIsImF1dGh0eXBlIjoibG9naW5jb2RlIiwiZG9tYWluIjoic3ZjLmJ1cmJsZS5kbjQyIn0=",
|
params=b"eyJhc24iOiI0MjQyNDIzMDM1IiwidGltZSI6MTY2ODI2NjkyNiwiYWxsb3dlZDQiOiIxNzIuMjIuMTI1LjEyOFwvMjYsMTcyLjIwLjAuODFcLzMyIiwiYWxsb3dlZDYiOiJmZDYzOjVkNDA6NDdlNTo6XC80OCxmZDQyOmQ0MjpkNDI6ODE6OlwvNjQiLCJtbnQiOiJMQVJFLU1OVCIsImF1dGh0eXBlIjoibG9naW5jb2RlIiwiZG9tYWluIjoic3ZjLmJ1cmJsZS5kbjQyIn0=",
|
||||||
signature="MIGIAkIBAmwz3sQ1vOkH8+8e0NJ8GsUqKSaazIWmYDp60sshlTo7gCAopZOZ6/+tD6s+oEGM1i5mKGbHgK9ROATQLHxUZecCQgCa2N828uNn76z1Yg63/c7veMVIiK4l1X9TCUepJnJ3mCto+7ogCP+2vQm6GHipSNRF4wnt6tZbir0HZvrqEnRAmA=="
|
signature=b"MIGIAkIBAmwz3sQ1vOkH8+8e0NJ8GsUqKSaazIWmYDp60sshlTo7gCAopZOZ6/+tD6s+oEGM1i5mKGbHgK9ROATQLHxUZecCQgCa2N828uNn76z1Yg63/c7veMVIiK4l1X9TCUepJnJ3mCto+7ogCP+2vQm6GHipSNRF4wnt6tZbir0HZvrqEnRAmA=="
|
||||||
)
|
) )
|
||||||
#params = "eyJhc24iOiI0MjQyNDIzMDM1IiwidGltZSI6MTY2ODI1NjI5NSwiYWxsb3dlZDQiOiIxNzIuMjIuMTI1LjEyOFwvMjYsMTcyLjIwLjAuODFcLzMyIiwiYWxsb3dlZDYiOiJmZDYzOjVkNDA6NDdlNTo6XC80OCxmZDQyOmQ0MjpkNDI6ODE6OlwvNjQiLCJtbnQiOiJMQVJFLU1OVCIsImF1dGh0eXBlIjoibG9naW5jb2RlIiwiZG9tYWluIjoic3ZjLmJ1cmJsZS5kbjQyIn0=",
|
#params = "eyJhc24iOiI0MjQyNDIzMDM1IiwidGltZSI6MTY2ODI1NjI5NSwiYWxsb3dlZDQiOiIxNzIuMjIuMTI1LjEyOFwvMjYsMTcyLjIwLjAuODFcLzMyIiwiYWxsb3dlZDYiOiJmZDYzOjVkNDA6NDdlNTo6XC80OCxmZDQyOmQ0MjpkNDI6ODE6OlwvNjQiLCJtbnQiOiJMQVJFLU1OVCIsImF1dGh0eXBlIjoibG9naW5jb2RlIiwiZG9tYWluIjoic3ZjLmJ1cmJsZS5kbjQyIn0=",
|
||||||
#signature = 'MIGHAkFy1m+9ahjIc5cJk/p+RiXJbhbWT5rPSJNg9Q3c8UTAM4F7lz2OqdWHw6GZN5NQgvqm6OB3Y751djYwCd54y2Kn4wJCAcBaOrtSclxkGIleVx183PhTnSr97r2F089PsDzNXIBvH5pYUwvJX7hG0op0f5tPm7fl12HOOrr8Q6kWW+XTrgGX'
|
#signature = 'MIGHAkFy1m+9ahjIc5cJk/p+RiXJbhbWT5rPSJNg9Q3c8UTAM4F7lz2OqdWHw6GZN5NQgvqm6OB3Y751djYwCd54y2Kn4wJCAcBaOrtSclxkGIleVx183PhTnSr97r2F089PsDzNXIBvH5pYUwvJX7hG0op0f5tPm7fl12HOOrr8Q6kWW+XTrgGX'
|
||||||
|
|
Loading…
Add table
Reference in a new issue