Compare commits

..

No commits in common. "ae14376b13c7724e86db7e0687cd483b7ded3a2f" and "ab3327464ca9571884fceb1c43b3f3c521598444" have entirely different histories.

4 changed files with 52 additions and 123 deletions

View File

@ -4,26 +4,17 @@ import krakenex, math
import json, sqlite3, binascii
import requests, os, time
import threading, ecdsa
from Cryptodome.Cipher import AES
from hashlib import sha256
from flask import Flask, jsonify, request
from flask import Flask, request
database = "btc_ohlc.db"
app = Flask(__name__)
## Add your public key here
user_publickeys = {
"user1": 'f1debc13fb21fe0eee54525aa4f8aae5733b201c755edaa55f8893c90aa375b261a62eaa3110651ac5d7705d402581256a37508b0a1ca28bd919ea44710d9c88'
"kalzu": 'f1debc13fb21fe0eee54525aa4f8aae5733b201c755edaa55f8893c90aa375b261a62eaa3110651ac5d7705d402581256a37508b0a1ca28bd919ea44710d9c88'
}
## Generate the ECDSA keys for this instance
print("Generating ECDSA keys for this instance... just wait a bit...")
server_private_key = ecdsa.SigningKey.generate(curve=ecdsa.SECP256k1)
server_public_key = server_private_key.get_verifying_key()
# We need the hexadecimal form for sharing over http/json
server_public_key_hex = binascii.hexlify(server_public_key.to_string()).decode('utf-8')
database_lock = threading.Lock()
# Empty response json
@ -241,20 +232,20 @@ def get_the_data():
time.sleep(290)
def check_auth(text, signature):
## Make bytes-object from given signature
print(text)
print(signature)
sig_bytes = bytes.fromhex(signature)
access_granted = 0
## We will iterate over all user keys to determ who is we are talking to and should they have access
for key, value in user_publickeys.items():
## Create bytes-object from the public in 'value' variable
## and use it to create VerifyingKey (vk)
public_key_bytes = bytes.fromhex(value)
vk = ecdsa.VerifyingKey.from_string(public_key_bytes, curve=ecdsa.SECP256k1)
try:
vk.verify(sig_bytes, bytes(text, 'utf-8'))
## What f*ck even is this?
vk = ecdsa.VerifyingKey.from_string(sig_bytes.fromhex(value), curve=ecdsa.SECP256k1)
if vk.verify(sig_bytes, text):
print('user is', key)
access_granted = 1
if access_granted != 0:
return True
except ecdsa.BadSignatureError:
else:
return False
@app.route('/')
@ -268,7 +259,7 @@ def get_data():
signature = request.headers.get('auth')
get_url = request.url
if not check_auth(get_url, signature):
return 'Access denied! Check your keys, maybe.', 403
return 'Error with Authentication', 403
database_lock.acquire()
db = sqlite3.connect(database)
@ -290,27 +281,13 @@ def get_data():
updated_data.update(data)
data = updated_data
# sign the response
signature = server_private_key.sign(json.dumps(data).encode('utf-8'))
signature_hex = binascii.hexlify(signature).decode('utf-8')
data['signature'] = signature_hex
if query_pretty:
response = json.dumps(data, indent=2, separators=(';\n', ' :'))
else:
response = json.dumps(data)
return response, 200, {'Content-Type': 'application/json'}
@app.route('/serverkey')
def give_serverkey():
## This endpoint also under Authentication?
signature = request.headers.get('auth')
get_url = request.url
if not check_auth(get_url, signature):
return 'Access denied! Check your keys, maybe.', 403
return jsonify({'public_key': server_public_key_hex})
if __name__ == '__main__':
# Make sanity checks for the database
Checkthedatabase()

View File

@ -4,56 +4,57 @@ import requests
from hashlib import sha256
import ecdsa
#private_key = '03486537091ceb021fb313e5cf3eb04d44ca2f19f72112a1'
private_key = '039e1c137aa296d7af0cd55b468018ad1020949c2731e5141d032b8371490f48'
private_key = '03486537091ceb021fb313e5cf3eb04d44ca2f19f72112a1'
# we need to send server:
# the question: domain.tld/get/<id>
# the checksum: ?sum=sha256
# the signed data: header 'auth'
id = 123
url = 'localhost:5000/get/'
url_id = url + str(id)
sum = sha256(url_id.encode('ascii')).hexdigest()
reg_url = 'http://' + url_id + '?sum=' + sum
unsigned_data = url_id + '?' + 'sum=' + sum
# Generate SK from the private key
private_key_int = int(private_key, 16)
sk = ecdsa.SigningKey.from_secret_exponent(private_key_int, curve=ecdsa.SECP256k1)
## Get the server public key
url = 'http://localhost:5000/serverkey'
# sign the message
signature = sk.sign(url.encode('utf-8'))
signature = sk.sign(unsigned_data.encode('utf-8'))
signature_hex = signature.hex()
response = requests.get(url, headers={"auth":signature_hex})
print('>>> ', response.status_code)
print('>>> ', response.content)
## Get some kline data from the server
url = 'http://localhost:5000/?t=1672259440'
# sign the message
signature = sk.sign(url.encode('utf-8'))
signature_hex = signature.hex()
print('we signed: ', url)
print('we signed: ', unsigned_data)
print('We will send:')
print('to: ', url)
print('to: ', reg_url)
print('sum: ', sum)
print('auth: ', signature_hex)
print('------------------------')
response = requests.get(url, headers={"auth":signature_hex})
response = requests.get(reg_url, headers={"auth":signature_hex})
print('>>> ', response.status_code)
print('>>> ', response.content)
##
##bytes_public_key = bytes.fromhex(ecdsa_public_key)
##
##bytes_signed_data = signature_hex.encode('utf-8')
##
##
##vk = ecdsa.VerifyingKey.from_string(bytes_public_key, curve=ecdsa.SECP256k1)
##
##if vk.verify(signature_hex, unsigned_data):
## response = "YES"
##else:
## response = "NO"
##
##
#ecdsa_public_key = '8716c78c09a4e4571a3112eca1c7ddce41289e20da446894b621f2a11ba91bc963f2e9fb9ddd5552c26faf814bc582b4'
ecdsa_public_key = '068716c78c09a4e4571a3112eca1c7ddce41289e20da446894b621f2a11ba91bc963f2e9fb9ddd5552c26faf814bc582b4'
bytes_public_key = bytes.fromhex(ecdsa_public_key)
bytes_signed_data = signature_hex.encode('utf-8')
vk = ecdsa.VerifyingKey.from_string(bytes_public_key, curve=ecdsa.SECP256k1)
if vk.verify(signature_hex, unsigned_data):
response = "YES"
else:
response = "NO"
exit(0)

View File

@ -1,41 +0,0 @@
#!/usr/bin/python3
import ecdsa
from cryptography.fernet import Fernet
# Generate a signing key pair for the server
server_signing_private_key = ecdsa.SigningKey.generate(curve=ecdsa.SECP256k1)
server_signing_public_key = server_signing_private_key.get_verifying_key()
# Generate an encryption key pair for the server
server_ecdh = ecdsa.ECDH(curve=ecdsa.SECP256k1)
server_encryption_private_key = server_ecdh.generate_private_key()
server_encryption_public_key = server_ecdh.public_key(server_encryption_private_key)
# Generate a signing key pair for the client
client_signing_private_key = ecdsa.SigningKey.generate(curve=ecdsa.SECP256k1)
client_signing_public_key = client_signing_private_key.get_verifying_key()
# Generate an encryption key pair for the client
client_ecdh = ecdsa.ECDH(curve=ecdsa.SECP256k1)
client_encryption_private_key = client_ecdh.generate_private_key()
client_encryption_public_key = client_encryption_private_key.public_key()
# Exchange public keys between the server and the client
server_shared_secret = server_encryption_private_key.exchange(client_encryption_public_key)
client_shared_secret = client_encryption_private_key.exchange(server_encryption_public_key)
# Use the shared secret to create a Fernet object for encrypting/decrypting messages
server_fernet = Fernet(server_shared_secret)
client_fernet = Fernet(client_shared_secret)
# Sign and encrypt a message from the server to the client
message = "Hello, client!"
signed_message = server_signing_private_key.sign(message.encode())
encrypted_message = server_fernet.encrypt(signed_message)
# Verify and decrypt the message on the client side
verified_message = client_signing_public_key.verify(encrypted_message, signed_message)
decrypted_message = client_fernet.decrypt(verified_message)
print(decrypted_message) # "Hello, client!"

View File

@ -1,8 +0,0 @@
#!/usr/bin/python3
import ecdsa
ecdh = ecdsa.ECDH(curve=ecdsa.SECP256k1)
private_key = ecdh.generate_private_key()
print(str(private_key))