chatgpt/encryption-on-apis/stackoverflow-example.py

92 lines
2.4 KiB
Python
Executable File

#!/usr/bin/python3
import ecdsa
import binascii
import requests
from hashlib import sha256
from flask import Flask
from flask import request
##Generate them keys
# Generate private key (signing key)
sk = ecdsa.SigningKey.generate(curve=ecdsa.SECP256k1)
private_key_hex = sk.to_string().hex()
public_key = sk.verifying_key
public_key_hex = binascii.hexlify(public_key.to_string()).decode('utf-8')
keys = {
"private_key": private_key_hex,
"public_key": public_key_hex
}
app = Flask(__name__)
line = '---------------------------------------'
@app.route('/send')
def send():
message = b"localhost:5000/get/123?sum=5f944f849124d36621d5f0708c7752a84fa9caa90bba629b8db93eea44cd0d1a"
print(line)
print('private_key: ', keys['private_key'])
print(line)
private_key_hex = keys['private_key']
private_key = ecdsa.SigningKey.from_string(bytes.fromhex(private_key_hex), curve=ecdsa.SECP256k1)
sig_hex = binascii.hexlify(private_key.sign(message)).decode('utf-8')
#print('sig:', sig_hex)
reply = requests.get('http://localhost:5000/get/123', headers={"auth": sig_hex})
output_status = str(reply.status_code)
output_content = str(reply.content)
return output_content, output_status
@app.route('/get/<c_id>')
def get(c_id):
#vk = sk.get_verifying_key()
# Get the public key from the signing key object
public_key = keys['public_key']
print("public_key:", public_key)
print(line)
print("got id: ", c_id)
# Get the sig from auth header
sig = request.headers.get('auth')
#print("vk2 - sig: ", sig)
# Get sig to bytes format, from str
sig_bytes = bytes.fromhex(sig)
## BUILD THE "message"
message = b"localhost:5000/get/123?sum=5f944f849124d36621d5f0708c7752a84fa9caa90bba629b8db93eea44cd0d1a"
vk = ecdsa.VerifyingKey.from_string(bytes.fromhex(public_key_hex), curve=ecdsa.SECP256k1)
reply = '{'
if vk.verify(sig_bytes, message):
# print('vk1 # True ')
reply = reply + 'vk1: OK'
else:
# print('vk1 # False ')
reply = reply + 'vk1: ERROR'
vk2 = ecdsa.VerifyingKey.from_string(bytes.fromhex(public_key_hex), curve=ecdsa.SECP256k1) # the default is sha1
if vk2.verify(sig_bytes, message):
# print('vk2 # True ')
reply = reply + ', vk2: OK'
else:
# print('vk2 # False ')
reply = reply + ', vk2: ERROR'
reply = reply + '}'
#print(reply)
return reply
if __name__ == "__main__":
app.run()