MrKalzu/chatgpt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: MrKalzu:ab3327464ca9571884fceb1c43b3f3c521598444
Branches Tags
MrKalzu:master
MrKalzu:main
...
compare: MrKalzu:ae14376b13c7724e86db7e0687cd483b7ded3a2f
Branches Tags
MrKalzu:master
MrKalzu:main

2 Commits
ab3327464c ... ae14376b13

Author SHA1 Message Date
kalzu
ae14376b13 Now kraken-fetch.py has signatures both ways. Maybe adding ECDH to the messaging at some point. 2022-12-29 22:09:26 +02:00
kalzu
0454d945c1 Kraken-fetch.py now has functioning auth system and added RSA key stuff for servers public/private setup, to be used to encrypt the responses. Made the demo-client.py work with current state of kraken-fetch.py. 2022-12-29 17:59:25 +02:00
4 changed files with 121 additions and 50 deletions
Show Stats Expand all files Collapse all files

49
btc_tracker/kraken_fetch.py
View File

@ -4,17 +4,26 @@ import krakenex, math
import json, sqlite3, binascii import json, sqlite3, binascii
import requests, os, time import requests, os, time
import threading, ecdsa import threading, ecdsa
from Cryptodome.Cipher import AES
from hashlib import sha256 from hashlib import sha256
from flask import Flask, request from flask import Flask, jsonify, request
database = "btc_ohlc.db" database = "btc_ohlc.db"
app = Flask(__name__) app = Flask(__name__)
## Add your public key here ## Add your public key here
user_publickeys = { user_publickeys = {
"kalzu": 'f1debc13fb21fe0eee54525aa4f8aae5733b201c755edaa55f8893c90aa375b261a62eaa3110651ac5d7705d402581256a37508b0a1ca28bd919ea44710d9c88' "user1": 'f1debc13fb21fe0eee54525aa4f8aae5733b201c755edaa55f8893c90aa375b261a62eaa3110651ac5d7705d402581256a37508b0a1ca28bd919ea44710d9c88'
} }
## Generate the ECDSA keys for this instance
print("Generating ECDSA keys for this instance... just wait a bit...")
server_private_key = ecdsa.SigningKey.generate(curve=ecdsa.SECP256k1)
server_public_key = server_private_key.get_verifying_key()
# We need the hexadecimal form for sharing over http/json
server_public_key_hex = binascii.hexlify(server_public_key.to_string()).decode('utf-8')
database_lock = threading.Lock() database_lock = threading.Lock()
# Empty response json # Empty response json
@ -232,20 +241,20 @@ def get_the_data():
time.sleep(290) time.sleep(290)
def check_auth(text, signature): def check_auth(text, signature):
print(text) ## Make bytes-object from given signature
print(signature)
sig_bytes = bytes.fromhex(signature) sig_bytes = bytes.fromhex(signature)
access_granted = 0
## We will iterate over all user keys to determ who is we are talking to and should they have access ## We will iterate over all user keys to determ who is we are talking to and should they have access
for key, value in user_publickeys.items(): for key, value in user_publickeys.items():
## What f*ck even is this? ## Create bytes-object from the public in 'value' variable
vk = ecdsa.VerifyingKey.from_string(sig_bytes.fromhex(value), curve=ecdsa.SECP256k1) ## and use it to create VerifyingKey (vk)
if vk.verify(sig_bytes, text): public_key_bytes = bytes.fromhex(value)
vk = ecdsa.VerifyingKey.from_string(public_key_bytes, curve=ecdsa.SECP256k1)
try:
vk.verify(sig_bytes, bytes(text, 'utf-8'))
print('user is', key) print('user is', key)
access_granted = 1
if access_granted != 0:
return True return True
else: except ecdsa.BadSignatureError:
return False return False
@app.route('/') @app.route('/')
@ -259,7 +268,7 @@ def get_data():
signature = request.headers.get('auth') signature = request.headers.get('auth')
get_url = request.url get_url = request.url
if not check_auth(get_url, signature): if not check_auth(get_url, signature):
return 'Error with Authentication', 403 return 'Access denied! Check your keys, maybe.', 403
database_lock.acquire() database_lock.acquire()
db = sqlite3.connect(database) db = sqlite3.connect(database)
@ -281,13 +290,27 @@ def get_data():
updated_data.update(data) updated_data.update(data)
data = updated_data data = updated_data
# sign the response
signature = server_private_key.sign(json.dumps(data).encode('utf-8'))
signature_hex = binascii.hexlify(signature).decode('utf-8')
data['signature'] = signature_hex
if query_pretty: if query_pretty:
response = json.dumps(data, indent=2, separators=(';\n', ' :')) response = json.dumps(data, indent=2, separators=(';\n', ' :'))
else: else:
response = json.dumps(data) response = json.dumps(data)
return response, 200, {'Content-Type': 'application/json'} return response, 200, {'Content-Type': 'application/json'}
@app.route('/serverkey')
def give_serverkey():
## This endpoint also under Authentication?
signature = request.headers.get('auth')
get_url = request.url
if not check_auth(get_url, signature):
return 'Access denied! Check your keys, maybe.', 403
return jsonify({'public_key': server_public_key_hex})
if __name__ == '__main__': if __name__ == '__main__':
# Make sanity checks for the database # Make sanity checks for the database
Checkthedatabase() Checkthedatabase()

69
demo-client.py
View File

@ -4,57 +4,56 @@ import requests
from hashlib import sha256 from hashlib import sha256
import ecdsa import ecdsa
private_key = '03486537091ceb021fb313e5cf3eb04d44ca2f19f72112a1' #private_key = '03486537091ceb021fb313e5cf3eb04d44ca2f19f72112a1'
# we need to send server: private_key = '039e1c137aa296d7af0cd55b468018ad1020949c2731e5141d032b8371490f48'
# the question: domain.tld/get/<id>
# the checksum: ?sum=sha256
# the signed data: header 'auth'
id = 123
url = 'localhost:5000/get/'
url_id = url + str(id)
sum = sha256(url_id.encode('ascii')).hexdigest()
reg_url = 'http://' + url_id + '?sum=' + sum
unsigned_data = url_id + '?' + 'sum=' + sum
# Generate SK from the private key # Generate SK from the private key
private_key_int = int(private_key, 16) private_key_int = int(private_key, 16)
sk = ecdsa.SigningKey.from_secret_exponent(private_key_int, curve=ecdsa.SECP256k1) sk = ecdsa.SigningKey.from_secret_exponent(private_key_int, curve=ecdsa.SECP256k1)
## Get the server public key
url = 'http://localhost:5000/serverkey'
# sign the message # sign the message
signature = sk.sign(unsigned_data.encode('utf-8')) signature = sk.sign(url.encode('utf-8'))
signature_hex = signature.hex() signature_hex = signature.hex()
print('we signed: ', unsigned_data) response = requests.get(url, headers={"auth":signature_hex})
print('We will send:')
print('to: ', reg_url)
print('sum: ', sum)
print('auth: ', signature_hex)
print('------------------------')
response = requests.get(reg_url, headers={"auth":signature_hex})
print('>>> ', response.status_code) print('>>> ', response.status_code)
print('>>> ', response.content) print('>>> ', response.content)
#ecdsa_public_key = '8716c78c09a4e4571a3112eca1c7ddce41289e20da446894b621f2a11ba91bc963f2e9fb9ddd5552c26faf814bc582b4'
ecdsa_public_key = '068716c78c09a4e4571a3112eca1c7ddce41289e20da446894b621f2a11ba91bc963f2e9fb9ddd5552c26faf814bc582b4'
bytes_public_key = bytes.fromhex(ecdsa_public_key)
bytes_signed_data = signature_hex.encode('utf-8')
vk = ecdsa.VerifyingKey.from_string(bytes_public_key, curve=ecdsa.SECP256k1) ## Get some kline data from the server
url = 'http://localhost:5000/?t=1672259440'
if vk.verify(signature_hex, unsigned_data):
response = "YES"
else:
response = "NO"
# sign the message
signature = sk.sign(url.encode('utf-8'))
signature_hex = signature.hex()
print('we signed: ', url)
print('We will send:')
print('to: ', url)
print('auth: ', signature_hex)
print('------------------------')
response = requests.get(url, headers={"auth":signature_hex})
print('>>> ', response.status_code)
print('>>> ', response.content)
##
##bytes_public_key = bytes.fromhex(ecdsa_public_key)
##
##bytes_signed_data = signature_hex.encode('utf-8')
##
##
##vk = ecdsa.VerifyingKey.from_string(bytes_public_key, curve=ecdsa.SECP256k1)
##
##if vk.verify(signature_hex, unsigned_data):
## response = "YES"
##else:
## response = "NO"
##
##
exit(0) exit(0)

41
letters/two-key-pairs.py Executable file
View File

@ -0,0 +1,41 @@
#!/usr/bin/python3
import ecdsa
from cryptography.fernet import Fernet
# Generate a signing key pair for the server
server_signing_private_key = ecdsa.SigningKey.generate(curve=ecdsa.SECP256k1)
server_signing_public_key = server_signing_private_key.get_verifying_key()
# Generate an encryption key pair for the server
server_ecdh = ecdsa.ECDH(curve=ecdsa.SECP256k1)
server_encryption_private_key = server_ecdh.generate_private_key()
server_encryption_public_key = server_ecdh.public_key(server_encryption_private_key)
# Generate a signing key pair for the client
client_signing_private_key = ecdsa.SigningKey.generate(curve=ecdsa.SECP256k1)
client_signing_public_key = client_signing_private_key.get_verifying_key()
# Generate an encryption key pair for the client
client_ecdh = ecdsa.ECDH(curve=ecdsa.SECP256k1)
client_encryption_private_key = client_ecdh.generate_private_key()
client_encryption_public_key = client_encryption_private_key.public_key()
# Exchange public keys between the server and the client
server_shared_secret = server_encryption_private_key.exchange(client_encryption_public_key)
client_shared_secret = client_encryption_private_key.exchange(server_encryption_public_key)
# Use the shared secret to create a Fernet object for encrypting/decrypting messages
server_fernet = Fernet(server_shared_secret)
client_fernet = Fernet(client_shared_secret)
# Sign and encrypt a message from the server to the client
message = "Hello, client!"
signed_message = server_signing_private_key.sign(message.encode())
encrypted_message = server_fernet.encrypt(signed_message)
# Verify and decrypt the message on the client side
verified_message = client_signing_public_key.verify(encrypted_message, signed_message)
decrypted_message = client_fernet.decrypt(verified_message)
print(decrypted_message) # "Hello, client!"

8
python3-ecdsa-ecdh-tests.py Executable file
View File

@ -0,0 +1,8 @@
#!/usr/bin/python3
import ecdsa
ecdh = ecdsa.ECDH(curve=ecdsa.SECP256k1)
private_key = ecdh.generate_private_key()
print(str(private_key))