92 lines
2.4 KiB
Python
Executable File
92 lines
2.4 KiB
Python
Executable File
#!/usr/bin/python3
|
|
|
|
import ecdsa
|
|
import binascii
|
|
import requests
|
|
from hashlib import sha256
|
|
from flask import Flask
|
|
from flask import request
|
|
|
|
|
|
##Generate them keys
|
|
# Generate private key (signing key)
|
|
sk = ecdsa.SigningKey.generate(curve=ecdsa.SECP256k1)
|
|
private_key_hex = sk.to_string().hex()
|
|
|
|
public_key = sk.verifying_key
|
|
public_key_hex = binascii.hexlify(public_key.to_string()).decode('utf-8')
|
|
|
|
keys = {
|
|
"private_key": private_key_hex,
|
|
"public_key": public_key_hex
|
|
}
|
|
|
|
app = Flask(__name__)
|
|
line = '---------------------------------------'
|
|
|
|
@app.route('/send')
|
|
def send():
|
|
message = b"localhost:5000/get/123?sum=5f944f849124d36621d5f0708c7752a84fa9caa90bba629b8db93eea44cd0d1a"
|
|
|
|
print(line)
|
|
print('private_key: ', keys['private_key'])
|
|
print(line)
|
|
|
|
private_key_hex = keys['private_key']
|
|
private_key = ecdsa.SigningKey.from_string(bytes.fromhex(private_key_hex), curve=ecdsa.SECP256k1)
|
|
|
|
sig_hex = binascii.hexlify(private_key.sign(message)).decode('utf-8')
|
|
#print('sig:', sig_hex)
|
|
|
|
reply = requests.get('http://localhost:5000/get/123', headers={"auth": sig_hex})
|
|
|
|
output_status = str(reply.status_code)
|
|
output_content = str(reply.content)
|
|
|
|
return output_content, output_status
|
|
|
|
@app.route('/get/<c_id>')
|
|
def get(c_id):
|
|
#vk = sk.get_verifying_key()
|
|
# Get the public key from the signing key object
|
|
public_key = keys['public_key']
|
|
print("public_key:", public_key)
|
|
print(line)
|
|
print("got id: ", c_id)
|
|
|
|
# Get the sig from auth header
|
|
sig = request.headers.get('auth')
|
|
#print("vk2 - sig: ", sig)
|
|
|
|
# Get sig to bytes format, from str
|
|
sig_bytes = bytes.fromhex(sig)
|
|
|
|
## BUILD THE "message"
|
|
message = b"localhost:5000/get/123?sum=5f944f849124d36621d5f0708c7752a84fa9caa90bba629b8db93eea44cd0d1a"
|
|
|
|
vk = ecdsa.VerifyingKey.from_string(bytes.fromhex(public_key_hex), curve=ecdsa.SECP256k1)
|
|
|
|
reply = '{'
|
|
if vk.verify(sig_bytes, message):
|
|
# print('vk1 # True ')
|
|
reply = reply + 'vk1: OK'
|
|
else:
|
|
# print('vk1 # False ')
|
|
reply = reply + 'vk1: ERROR'
|
|
|
|
|
|
vk2 = ecdsa.VerifyingKey.from_string(bytes.fromhex(public_key_hex), curve=ecdsa.SECP256k1) # the default is sha1
|
|
if vk2.verify(sig_bytes, message):
|
|
# print('vk2 # True ')
|
|
reply = reply + ', vk2: OK'
|
|
else:
|
|
# print('vk2 # False ')
|
|
reply = reply + ', vk2: ERROR'
|
|
|
|
reply = reply + '}'
|
|
#print(reply)
|
|
return reply
|
|
|
|
if __name__ == "__main__":
|
|
app.run()
|