Skip to content

Instantly share code, notes, and snippets.

@hfossli

hfossli/port.py

Last active February 28, 2019 10:25
Show Gist options
  • Save hfossli/6763c2ceeba0f03ce45cc630bbbec7b0 to your computer and use it in GitHub Desktop.
Save hfossli/6763c2ceeba0f03ce45cc630bbbec7b0 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
port.py
import binascii, base64
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import ec
from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat, load_pem_public_key, PrivateFormat, load_pem_private_key, NoEncryption
from cryptography.hazmat.primitives.kdf.x963kdf import X963KDF
from cryptography.hazmat.primitives.ciphers.aead import AESGCM
from cryptography.hazmat.primitives.hmac import HMAC
from subprocess import check_call
import sys
def bash(command, log=False):
if log: print("$ %s" % command)
value = check_call(command, shell=True, executable='/bin/bash')
return value
backend = default_backend()
message = 'The Magic Words are still Squeamish Ossifrage'
bob_public_pem = '''
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEIMwX6CavmAXzVgeBA41g1f9d7WLJ
/gPnGAW8tuhGo22mpLNo2ONGpJmCiAr8aRpZG+BZtY27UyArJwBd27IguQ==
-----END PUBLIC KEY-----'''
alice_private_pem = '''
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIDgz1eEzYMe7X9tGdGd992H+X0XBZ1Z9uPlqe8rnsDT+oAoGCCqGSM49
AwEHoUQDQgAEE6+Lqpe88Wft7CUF4YIYXC/uvyeCOPscukel30jfw910qWWOU6UF
Mawji3huvrE+9MNs5v8/CWtwnwmLhh9hPA==
-----END EC PRIVATE KEY-----'''
bob_public = load_pem_public_key(bob_public_pem, backend)
bob_pub_bytes_full = bob_public.public_bytes(Encoding.DER, PublicFormat.SubjectPublicKeyInfo)
bob_pub_bytes = bob_pub_bytes_full[-65:]
print "Bob's public key (PEM format):"
print bob_public_pem
print ""
print "Bob's public key bytes:"
print binascii.b2a_hex(bob_pub_bytes)
bash("openssl ec -pubin -in <(echo \"%s\") -outform DER 2> /dev/null | xxd -p -c 200 | tail -c 131" % bob_public_pem)
print ""
alice_priv = load_pem_private_key(alice_private_pem, password=None, backend=default_backend())
alice_priv_bytes_full = alice_priv.private_bytes(encoding=Encoding.DER, format=PrivateFormat.PKCS8, encryption_algorithm=NoEncryption())
print "Alice's private key bytes:"
print binascii.b2a_hex(alice_priv_bytes_full)
print ""
alice_pub_bytes = alice_priv.public_key().public_bytes(Encoding.DER, PublicFormat.SubjectPublicKeyInfo)[-65:]
print "Alice's public key bytes: "
print binascii.b2a_hex(alice_pub_bytes)
bash("openssl ec -in <(echo \"%s\") -pubout -outform DER 2> /dev/null | xxd -p -c 200 | tail -c 131" % alice_private_pem)
print ""
shared_key = alice_priv.exchange(ec.ECDH(), bob_public)
print "ECDH Shared Key:"
print binascii.b2a_hex(shared_key)
bash("openssl pkeyutl -derive -inkey <(echo \"%s\" | xxd -r -p) -keyform DER -peerkey <(echo \"%s\" | xxd -r -p) -peerform DER 2> /dev/null | xxd -p -c 200 | tail -c 131" % (binascii.b2a_hex(alice_priv_bytes_full), binascii.b2a_hex(bob_pub_bytes_full)))
print ""
xkdf = X963KDF(
algorithm=hashes.SHA256(),
length=16,
sharedinfo=alice_pub_bytes,
backend=backend
)
key_enc = xkdf.derive(shared_key)
print "Final AES Encryption Key:"
print binascii.b2a_hex(key_enc)
bash("echo ???????????????????????????????? how to do this in openssl?")
print ""
iv = binascii.a2b_hex('00000000000000000000000000000000')
print "Initialization Vector:"
print binascii.b2a_hex(iv)
print ""
C = AESGCM(key_enc)
ct = C.encrypt(iv, message, "")
print "Ciphertext: "
print binascii.b2a_hex(ct)
bash("echo ???????????????????????????????? how to do this in openssl?")
bash("/usr/bin/openssl enc -aes-256-gcm -K %s -e -in <(echo \"%s\") -iv 0 | xxd -p -c 200" % (binascii.b2a_hex(key_enc), message), log=True)
Raw
result
Bob's public key (PEM format):
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEIMwX6CavmAXzVgeBA41g1f9d7WLJ
/gPnGAW8tuhGo22mpLNo2ONGpJmCiAr8aRpZG+BZtY27UyArJwBd27IguQ==
-----END PUBLIC KEY-----
Bob's public key bytes:
0420cc17e826af9805f3560781038d60d5ff5ded62c9fe03e71805bcb6e846a36da6a4b368d8e346a49982880afc691a591be059b58dbb53202b27005ddbb220b9
0420cc17e826af9805f3560781038d60d5ff5ded62c9fe03e71805bcb6e846a36da6a4b368d8e346a49982880afc691a591be059b58dbb53202b27005ddbb220b9
Alice's private key bytes:
308187020100301306072a8648ce3d020106082a8648ce3d030107046d306b02010104203833d5e13360c7bb5fdb4674677df761fe5f45c167567db8f96a7bcae7b034fea1440342000413af8baa97bcf167edec2505e182185c2feebf278238fb1cba47a5df48dfc3dd74a9658e53a50531ac238b786ebeb13ef4c36ce6ff3f096b709f098b861f613c
Alice's public key bytes:
0413af8baa97bcf167edec2505e182185c2feebf278238fb1cba47a5df48dfc3dd74a9658e53a50531ac238b786ebeb13ef4c36ce6ff3f096b709f098b861f613c
0413af8baa97bcf167edec2505e182185c2feebf278238fb1cba47a5df48dfc3dd74a9658e53a50531ac238b786ebeb13ef4c36ce6ff3f096b709f098b861f613c
ECDH Shared Key:
bc3e119513a70d348edcba6684493d462eb19240c8eeec2422820b7245829d9e
bc3e119513a70d348edcba6684493d462eb19240c8eeec2422820b7245829d9e
Final AES Encryption Key:
41006753ead5ec6e4c9a65675cbcaa95
???????????????????????????????? how to do this in openssl?
Initialization Vector:
00000000000000000000000000000000
Ciphertext:
cbda02ae5fa22199faa5eeafe612e7c442f28527117dcbcc9f63b2b4a8a010d35b72633f286b02450d66c7f1c2517ee7c7fe56fa7d22ac3458098b0989
???????????????????????????????? how to do this in openssl?
$ /usr/bin/openssl enc -aes-256-gcm -K 41006753ead5ec6e4c9a65675cbcaa95 -e -in <(echo "The Magic Words are still Squeamish Ossifrage") -iv 0 | xxd -p -c 200
f0c08ca72fd75e94152aa5c7fd9d5f08c6c83dc957253abc6a95b8038d5a4ce5579b56d54d75276a6f420c2812c9
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment