initial save of my chatGPT coding

encryption-on-apis/ecdsa-example-test.py

@@ -0,0 +1,49 @@
+#!/usr/bin/python3
+
+import ecdsa, binascii, sys
+from hashlib import sha256
+
+message = 'Hello public/private key world!'
+hashed_message = sha256(message.encode('utf-8')).hexdigest()
+
+m = message + hashed_message
+print('')
+print('to be signed: ', m)
+to_be_signed = binascii.hexlify(m.encode('utf-8'))
+
+# Get the keys in their raw format
+signing_key = ecdsa.SigningKey.generate()
+public_key = signing_key.verifying_key
+
+signature = signing_key.sign(to_be_signed)
+signature_hex = signature.hex()
+
+# deform_signature if deform argument is given
+if len(sys.argv) > 1:
+  if sys.argv[1] == 'deform':
+    max_id = len(signature)
+    for i in range(max_id):
+      if i + 2 <= max_id:
+        mess_id = i + 2
+        mess = signature[mess_id].to_bytes(4, 'big')
+        replace_me = signature[i].to_bytes(4, 'big')
+        #print('>>> replacing ', replace_me, ' with ', mess )
+        print('>>> ', i, 'to', mess_id, ', max is: ', max_id)
+        signature = signature.replace(replace_me, mess )
+
+print('signed: ', signature_hex)
+print('')
+
+try:
+  is_valid =  public_key.verify(signature, to_be_signed)
+except ecdsa.keys.BadSignatureError:
+  is_valid = False
+  print('Something bad is on foot')
+
+if is_valid:
+  print('This is COOL')
+else:
+  print('Something bad is on foot')
+
+exit(0)
+

encryption-on-apis/flask-encrypted-api.py

@@ -0,0 +1,60 @@
+#!/usr/bin/python3
+
+from flask import Flask
+from flask import request
+import ecdsa
+import codecs
+
+ecdsa_public_key = '8716c78c09a4e4571a3112eca1c7ddce41289e20da446894b621f2a11ba91bc963f2e9fb9ddd5552c26faf814bc582b4'
+#ecdsa_public_key =  '048716c78c09a4e4571a3112eca1c7ddce41289e20da446894b621f2a11ba91bc963f2e9fb9ddd5552c26faf814bc582b4'
+app = Flask(__name__)
+
+@app.route("/get/<id>", methods=['get'])
+def get(id):
+    
+  r_id = id
+  r_sum = request.args.get('sum')
+  r_auth = request.headers.get('auth')
+ 
+ 
+  print('---------------------------')
+  print('host: ', request.host)
+  print('full_path: ', request.full_path)
+  print('---------------------------')
+  print('id: ', r_id)
+  print('sum: ', r_sum)
+  print('header, auth:', r_auth)
+
+  signed_data = request.host + request.full_path
+
+  print('might have been signed: ', signed_data)
+  r_auth_bytes = bytes.fromhex(str(r_auth))
+ 
+  #x_coord = ecdsa_public_key[:64]
+  #y_coord = ecdsa_public_key[64:]
+  #
+  #if int(y_coord, 16) % 2 == 0:
+  #    prefix = b'\x02'
+  #else:
+  #    prefix = b'\x03'
+  #
+  #bytes_public_key = prefix + codecs.decode(x_coord, 'hex')
+  
+  bytes_public_key = bytes.fromhex(ecdsa_public_key)
+  
+  
+  bytes_signed_data = signed_data.encode('utf-8')
+
+
+  vk = ecdsa.VerifyingKey.from_string(bytes_public_key, curve=ecdsa.SECP256k1)
+
+  if vk.verify(r_auth_bytes, bytes_signed_data):
+      response = "YES"
+  else:
+      response = "NO"
+
+  return response
+
+if __name__== "__main__":
+  app.run()
+

encryption-on-apis/gen-ecdsa-private-key-v2.py

@@ -0,0 +1,13 @@
+#!/usr/bin/python3
+
+import ecdsa
+
+sk = ecdsa.SigningKey.generate(curve=ecdsa.SECP256k1) 
+
+# Get the private key as a byte string
+private_key_bytes = sk.to_string()
+
+# Convert the private key byte string to a hexadecimal string
+private_key_hex = private_key_bytes.hex()
+
+print('private_key: ', private_key_hex)

encryption-on-apis/gen-ecdsa-private-key.py

@@ -0,0 +1,15 @@
+#!/usr/bin/python3
+
+import ecdsa
+
+# Generate a new random private key
+signing_key = ecdsa.SigningKey.generate()
+
+# Get the private key as a byte string
+private_key_bytes = signing_key.to_string()
+
+# Convert the private key byte string to a hexadecimal string
+private_key_hex = private_key_bytes.hex()
+
+# Print the private key
+print(private_key_hex)

encryption-on-apis/gen-private-key.py

@@ -0,0 +1,20 @@
+#!/usr/bin/python3
+
+from cryptography.hazmat.backends import default_backend
+from cryptography.hazmat.primitives.asymmetric import ec
+from cryptography.hazmat.primitives import serialization
+
+
+def gen_key():
+    private_key = ec.generate_private_key(
+        ec.SECP256K1(), default_backend()
+    )
+    return private_key
+
+
+if __name__ == '__main__':
+    
+    key = gen_key()
+    hexkey = key.private_numbers().private_value.to_bytes(32, 'big').hex()
+
+    print(hexkey)

encryption-on-apis/gen-public-key.py

@@ -0,0 +1,21 @@
+#!/usr/bin/python3
+
+import sys
+import ecdsa
+
+# read in the first argument that should be ecdsa key in hex form
+private_key_hex = sys.argv[1]
+
+# Convert the private key from hexadecimal to an integer
+private_key_int = int(private_key_hex, 16)
+
+#print(private_key_int)
+## Create a signing key object from the private key
+signing_key = ecdsa.SigningKey.from_secret_exponent(private_key_int)
+
+# Get the public key from the signing key object
+public_key = signing_key.verifying_key
+
+# Print the public key in hexadecimal format
+##print(public_key.to_string("uncompressed").hex())
+print(public_key.to_string("hybrid").hex())

encryption-on-apis/get-random-signed-string.py

@@ -0,0 +1,33 @@
+#!/usr/bin/python3
+import ecdsa
+import os, sys
+import hashlib
+
+
+# check if the private key was provided as a command-line argument
+if len(sys.argv) < 2:
+    print("Error: Private key not provided")
+    sys.exit(1)
+
+# generate a random byte string
+random_bytes = os.urandom(32)
+
+# compute the SHA-512 hash of the random bytes
+#sha512 = hashlib.sha512(random_bytes).hexdigest()
+sha512 = 'http://localhost:5000/get/1'
+
+# read in the first argument that should be ecdsa key in hex form
+private_key_hex = sys.argv[1]
+
+# Convert the private key from hexadecimal to an integer
+private_key_int = int(private_key_hex, 16)
+
+# Generate SK from the private key
+sk = ecdsa.SigningKey.from_secret_exponent(private_key_int, curve=ecdsa.SECP256k1)
+
+# sign the message
+signature = sk.sign(sha512.encode())
+
+# print the signature
+print(signature)
+

encryption-on-apis/singe-endpoint-api.py

@@ -0,0 +1,39 @@
+#!/usr/bin/python3
+
+## Single endpoint encrypted api
+
+from flask import Flask
+from flask import request
+from hashlib import sha256
+
+
+keys = {
+        'key1': 'user1',
+        'key2': 'user2'
+        }
+
+app = Flask(__name__)
+
+@app.route("/<hex_hash>", methods=['post'])
+def endpoint(hex_hash):
+  content_type = request.headers.get('content_type')
+  if content_type == 'application/json':
+    body = request.json
+    enc_data = body['foo']
+   
+    ## decrypt the enc_data 
+    dec_data = enc_data
+
+    ## Get checksum to compare against 
+    dec_data_hash = sha256(dec_data.encode('utf-8')).hexdigest()
+    r_hash = hex_hash.encode('utf-8')
+    print('if', r_hash, '==', dec_data_hash)
+
+    response = "message: ", enc_data, "checksum: ", dec_data_hash
+    print(response)
+    return "YES"
+  else:
+    return 'Content-Type not supported'
+
+if __name__ == "__main__":
+  app.run()

encryption-on-apis/stackoverflow-example.py

@@ -0,0 +1,90 @@
+#!/usr/bin/python3
+
+import ecdsa
+import binascii
+import requests
+from hashlib import sha256
+from flask import Flask
+from flask import request
+
+
+##Generate them keys
+# Generate private key (signing key)
+sk = ecdsa.SigningKey.generate(curve=ecdsa.SECP256k1) 
+private_key_hex = sk.to_string().hex()
+
+public_key = sk.verifying_key
+public_key_hex = binascii.hexlify(public_key.to_string()).decode('utf-8')
+
+keys = {
+        "private_key": private_key_hex,
+        "public_key": public_key_hex
+        }
+
+app = Flask(__name__)
+line = '---------------------------------------'
+
+@app.route('/send')
+def send():
+  message = b"localhost:5000/get/123?sum=5f944f849124d36621d5f0708c7752a84fa9caa90bba629b8db93eea44cd0d1a"
+
+  print(line)
+  print('private_key: ', keys['private_key'])
+  print(line)
+
+  private_key_hex = keys['private_key']
+  private_key = ecdsa.SigningKey.from_string(bytes.fromhex(private_key_hex), curve=ecdsa.SECP256k1) 
+
+  sig_hex = binascii.hexlify(private_key.sign(message)).decode('utf-8')
+  #print('sig:', sig_hex)
+ 
+  reply = requests.get('http://localhost:5000/get', headers={"auth": sig_hex})
+  
+  output_status = str(reply.status_code)
+  output_content = str(reply.content)
+
+  return output_content, output_status
+
+@app.route('/get')
+def get():
+  #vk = sk.get_verifying_key()
+  # Get the public key from the signing key object
+  public_key = keys['public_key']
+  print("public_key:", public_key)
+  print(line)
+  
+  # Get the sig from auth header
+  sig = request.headers.get('auth')
+  #print("vk2 - sig: ", sig)
+
+  # Get sig to bytes format, from str
+  sig_bytes = bytes.fromhex(sig)
+
+  ## BUILD THE "message"
+  message = b"localhost:5000/get/123?sum=5f944f849124d36621d5f0708c7752a84fa9caa90bba629b8db93eea44cd0d1a"
+
+  vk = ecdsa.VerifyingKey.from_string(bytes.fromhex(public_key_hex), curve=ecdsa.SECP256k1)
+
+  reply = '{'
+  if vk.verify(sig_bytes, message):
+  #  print('vk1 # True ')
+    reply = reply + 'vk1: OK'
+  else:
+  #  print('vk1 # False ')
+    reply = reply + 'vk1: ERROR'
+    
+  
+  vk2 = ecdsa.VerifyingKey.from_string(bytes.fromhex(public_key_hex), curve=ecdsa.SECP256k1) # the default is sha1
+  if vk2.verify(sig_bytes, message):
+  #  print('vk2 # True ')
+    reply = reply + ', vk2: OK'
+  else:
+  #  print('vk2 # False ')
+    reply = reply + ', vk2: ERROR'
+
+  reply = reply + '}'
+  #print(reply)
+  return reply
+
+if __name__ == "__main__":
+    app.run()

encryption-on-apis/verify.py

@@ -0,0 +1,25 @@
+#!/usr/bin/python3
+
+import ecdsa
+import sys
+
+# read the original message from the first command-line argument
+message = sys.argv[1]
+
+# read the signature from standard input
+signature = sys.stdin.read()
+
+# read the public key from the second command-line argument
+public_key = sys.argv[2]
+
+print('message: ', message)
+print('signature: ', signature)
+print('public key: ', public_key)
+
+
+# generate a verifying key from the public key
+vk = ecdsa.VerifyingKey.from_string(public_key, curve=ecdsa.SECP256k1)
+
+# verify the signature
+#assert vk.verify(signature, message.encode())
+