1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
|
###############################################################################
#
# The MIT License (MIT)
#
# Copyright (c) Crossbar.io Technologies GmbH
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
#
###############################################################################
import os
import binascii
from binascii import a2b_hex, b2a_hex
import struct
from typing import Callable, Optional, Union, Dict, Any
import txaio
from autobahn import util
from autobahn.wamp.interfaces import ISecurityModule, ICryptosignKey
from autobahn.wamp.types import Challenge
from autobahn.wamp.message import _URI_PAT_REALM_NAME_ETH
from autobahn.util import parse_keyfile
__all__ = [
'HAS_CRYPTOSIGN',
]
try:
# try to import everything we need for WAMP-cryptosign
from nacl import encoding, signing, bindings
from nacl.signing import SignedMessage
except ImportError:
HAS_CRYPTOSIGN = False
else:
HAS_CRYPTOSIGN = True
__all__.append('CryptosignKey')
def _unpack(keydata):
"""
Unpack a SSH agent key blob into parts.
See: http://blog.oddbit.com/2011/05/08/converting-openssh-public-keys/
"""
parts = []
while keydata:
# read the length of the data
dlen = struct.unpack('>I', keydata[:4])[0]
# read in <length> bytes
data, keydata = keydata[4:dlen + 4], keydata[4 + dlen:]
parts.append(data)
return parts
def _pack(keyparts):
"""
Pack parts into a SSH key blob.
"""
parts = []
for part in keyparts:
parts.append(struct.pack('>I', len(part)))
parts.append(part)
return b''.join(parts)
def _read_ssh_ed25519_pubkey(keydata):
"""
Parse an OpenSSH Ed25519 public key from a string into a raw public key.
Example input:
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJukDU5fqXv/yVhSirsDWsUFyOodZyCSLxyitPPzWJW9 oberstet@office-corei7
:param keydata: The OpenSSH Ed25519 public key data to parse.
:type keydata: str
:returns: pair of raw public key (32 bytes) and comment
:rtype: tuple
"""
if type(keydata) != str:
raise Exception("invalid type {} for keydata".format(type(keydata)))
parts = keydata.strip().split()
if len(parts) != 3:
raise Exception('invalid SSH Ed25519 public key')
algo, keydata, comment = parts
if algo != 'ssh-ed25519':
raise Exception('not a Ed25519 SSH public key (but {})'.format(algo))
blob = binascii.a2b_base64(keydata)
try:
key = _unpack(blob)[1]
except Exception as e:
raise Exception('could not parse key ({})'.format(e))
if len(key) != 32:
raise Exception('invalid length {} for embedded raw key (must be 32 bytes)'.format(len(key)))
return key, comment
class _SSHPacketReader:
"""
Read OpenSSH packet format which is used for key material.
"""
def __init__(self, packet):
self._packet = packet
self._idx = 0
self._len = len(packet)
def get_remaining_payload(self):
return self._packet[self._idx:]
def get_bytes(self, size):
if self._idx + size > self._len:
raise Exception('incomplete packet')
value = self._packet[self._idx:self._idx + size]
self._idx += size
return value
def get_uint32(self):
return struct.unpack('>I', self.get_bytes(4))[0]
def get_string(self):
return self.get_bytes(self.get_uint32())
def _makepad(size: int) -> bytes:
assert 0 <= size < 255
return b''.join(x.to_bytes(1, byteorder='big') for x in range(1, size + 1))
def _read_ssh_ed25519_privkey(keydata):
"""
Parse an OpenSSH Ed25519 private key from a string into a raw private key.
Example input:
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
QyNTUxOQAAACCbpA1OX6l7/8lYUoq7A1rFBcjqHWcgki8corTz81iVvQAAAKDWjZ0Y1o2d
GAAAAAtzc2gtZWQyNTUxOQAAACCbpA1OX6l7/8lYUoq7A1rFBcjqHWcgki8corTz81iVvQ
AAAEArodzIMjH9MOBz0X+HDvL06rEJOMYFhzGQ5zXPM7b7fZukDU5fqXv/yVhSirsDWsUF
yOodZyCSLxyitPPzWJW9AAAAFm9iZXJzdGV0QG9mZmljZS1jb3JlaTcBAgMEBQYH
-----END OPENSSH PRIVATE KEY-----
:param keydata: The OpenSSH Ed25519 private key data to parse.
:type keydata: str
:returns: pair of raw private key (32 bytes) and comment
:rtype: tuple
"""
# Some pointers:
# https://github.com/ronf/asyncssh/blob/master/asyncssh/public_key.py
# https://github.com/ronf/asyncssh/blob/master/asyncssh/ed25519.py
# crypto_sign_ed25519_sk_to_seed
# https://github.com/jedisct1/libsodium/blob/master/src/libsodium/crypto_sign/ed25519/sign_ed25519_api.c#L27
# https://tools.ietf.org/html/draft-bjh21-ssh-ed25519-02
# http://blog.oddbit.com/2011/05/08/converting-openssh-public-keys/
SSH_BEGIN = '-----BEGIN OPENSSH PRIVATE KEY-----'
SSH_END = '-----END OPENSSH PRIVATE KEY-----'
OPENSSH_KEY_V1 = b'openssh-key-v1\0'
if not (keydata.startswith(SSH_BEGIN) and keydata.endswith(SSH_END)):
raise Exception('invalid OpenSSH private key (does not start/end with OPENSSH preamble)')
ssh_end = keydata.find(SSH_END)
keydata = keydata[len(SSH_BEGIN):ssh_end]
keydata = ''.join(x.strip() for x in keydata.split())
blob = binascii.a2b_base64(keydata)
blob = blob[len(OPENSSH_KEY_V1):]
packet = _SSHPacketReader(blob)
cipher_name = packet.get_string()
kdf = packet.get_string()
packet.get_string() # kdf_data
nkeys = packet.get_uint32()
packet.get_string() # public_key
key_data = packet.get_string()
mac = packet.get_remaining_payload()
block_size = 8
if cipher_name != b'none':
raise Exception('encrypted private keys not supported (please remove the passphrase from your private key or use SSH agent)')
if kdf != b'none':
raise Exception('passphrase encrypted private keys not supported')
if nkeys != 1:
raise Exception('multiple private keys in a key file not supported (found {} keys)'.format(nkeys))
if mac:
raise Exception('invalid OpenSSH private key (found remaining payload for mac)')
packet = _SSHPacketReader(key_data)
packet.get_uint32() # check1
packet.get_uint32() # check2
alg = packet.get_string()
if alg != b'ssh-ed25519':
raise Exception('invalid key type: we only support Ed25519 (found "{}")'.format(alg.decode('ascii')))
vk = packet.get_string()
sk = packet.get_string()
if len(vk) != bindings.crypto_sign_PUBLICKEYBYTES:
raise Exception('invalid public key length')
if len(sk) != bindings.crypto_sign_SECRETKEYBYTES:
raise Exception('invalid public key length')
comment = packet.get_string() # comment
pad = packet.get_remaining_payload()
if len(pad) and (len(pad) >= block_size or pad != _makepad(len(pad))):
raise Exception('invalid OpenSSH private key (padlen={}, actual_pad={}, expected_pad={})'.format(len(pad), pad, _makepad(len(pad))))
# secret key (64 octets) = 32 octets seed || 32 octets secret key derived of seed
seed = sk[:bindings.crypto_sign_SEEDBYTES]
comment = comment.decode('ascii')
return seed, comment
def _read_signify_ed25519_signature(signature_file):
"""
Read a Ed25519 signature file created with OpenBSD signify.
http://man.openbsd.org/OpenBSD-current/man1/signify.1
"""
with open(signature_file) as f:
# signature file format: 2nd line is base64 of 'Ed' || 8 random octets || 64 octets Ed25519 signature
sig = binascii.a2b_base64(f.read().splitlines()[1])[10:]
if len(sig) != 64:
raise Exception('bogus Ed25519 signature: raw signature length was {}, but expected 64'.format(len(sig)))
return sig
def _read_signify_ed25519_pubkey(pubkey_file):
"""
Read a public key from a Ed25519 key pair created with OpenBSD signify.
http://man.openbsd.org/OpenBSD-current/man1/signify.1
"""
with open(pubkey_file) as f:
# signature file format: 2nd line is base64 of 'Ed' || 8 random octets || 32 octets Ed25519 public key
pubkey = binascii.a2b_base64(f.read().splitlines()[1])[10:]
if len(pubkey) != 32:
raise Exception('bogus Ed25519 public key: raw key length was {}, but expected 32'.format(len(pubkey)))
return pubkey
def _qrcode_from_signify_ed25519_pubkey(pubkey_file, mode='text'):
"""
Usage:
1. Get the OpenBSD 5.7 release public key from here
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc/signify/Attic/openbsd-57-base.pub?rev=1.1
2. Generate QR Code and print to terminal
print(cryptosign._qrcode_from_signify_ed25519_pubkey('openbsd-57-base.pub'))
3. Compare to (scroll down) QR code here
https://www.openbsd.org/papers/bsdcan-signify.html
"""
assert(mode in ['text', 'svg'])
import qrcode
with open(pubkey_file) as f:
pubkey = f.read().splitlines()[1]
qr = qrcode.QRCode(box_size=3,
error_correction=qrcode.ERROR_CORRECT_L)
qr.add_data(pubkey)
if mode == 'text':
import io
with io.StringIO() as data_buffer:
qr.print_ascii(out=data_buffer, invert=True)
return data_buffer.getvalue()
elif mode == 'svg':
import qrcode.image.svg
image = qr.make_image(image_factory=qrcode.image.svg.SvgImage)
return image.to_string()
else:
raise Exception('logic error')
def _verify_signify_ed25519_signature(pubkey_file, signature_file, message):
"""
Verify a Ed25519 signature created with OpenBSD signify.
This will raise a `nacl.exceptions.BadSignatureError` if the signature is bad
and return silently when the signature is good.
Usage:
1. Create a signature:
signify-openbsd -S -s ~/.signify/crossbario-trustroot.sec -m .profile
2. Verify the signature
from autobahn.wamp import cryptosign
with open('.profile', 'rb') as f:
message = f.read()
cryptosign._verify_signify_ed25519_signature('.signify/crossbario-trustroot.pub', '.profile.sig', message)
http://man.openbsd.org/OpenBSD-current/man1/signify.1
"""
pubkey = _read_signify_ed25519_pubkey(pubkey_file)
verify_key = signing.VerifyKey(pubkey)
sig = _read_signify_ed25519_signature(signature_file)
verify_key.verify(message, sig)
# CryptosignKey from
# - raw byte string or file with raw bytes
# - SSH private key string or key file
# - SSH agent proxy
#
# VerifyKey from
# - raw byte string or file with raw bytes
# - SSH public key string or key file
if HAS_CRYPTOSIGN:
def _format_challenge(challenge: Challenge, channel_id_raw: Optional[bytes], channel_id_type: Optional[str]) -> bytes:
"""
Format the challenge based on provided parameters
:param challenge: The WAMP-cryptosign challenge object for which a signature should be computed.
:param channel_id_raw: The channel ID when channel_id_type is 'tls-unique'.
:param channel_id_type: The type of the channel id, currently handles 'tls-unique' and
ignores otherwise.
"""
if not isinstance(challenge, Challenge):
raise Exception(
"challenge must be instance of autobahn.wamp.types.Challenge, not {}".format(type(challenge)))
if 'challenge' not in challenge.extra:
raise Exception("missing challenge value in challenge.extra")
# the challenge sent by the router (a 32 bytes random value)
challenge_hex = challenge.extra['challenge']
if type(challenge_hex) != str:
raise Exception("invalid type {} for challenge (expected a hex string)".format(type(challenge_hex)))
if len(challenge_hex) != 64:
raise Exception("unexpected challenge (hex) length: was {}, but expected 64".format(len(challenge_hex)))
# the challenge for WAMP-cryptosign is a 32 bytes random value in Hex encoding (that is, a unicode string)
challenge_raw = binascii.a2b_hex(challenge_hex)
if channel_id_type == 'tls-unique':
assert len(
channel_id_raw) == 32, 'unexpected TLS transport channel ID length (was {}, but expected 32)'.format(
len(channel_id_raw))
# with TLS channel binding of type "tls-unique", the message to be signed by the client actually
# is the XOR of the challenge and the TLS channel ID
data = util.xor(challenge_raw, channel_id_raw)
elif channel_id_type is None:
# when no channel binding was requested, the message to be signed by the client is the challenge only
data = challenge_raw
else:
assert False, 'invalid channel_id_type "{}"'.format(channel_id_type)
return data
def _sign_challenge(data: bytes, signer_func: Callable) -> bytes:
"""
Sign the provided data using the provided signer.
:param data: challenge to sign
:param signer_func: The callable function to use for signing
:returns: A Deferred/Future that resolves to the computed signature.
:rtype: str
"""
# a raw byte string is signed, and the signature is also a raw byte string
d1 = signer_func(data)
# asyncio lacks callback chaining (and we cannot use co-routines, since we want
# to support older Pythons), hence we need d2
d2 = txaio.create_future()
def process(signature_raw):
# convert the raw signature into a hex encode value (unicode string)
signature_hex = binascii.b2a_hex(signature_raw).decode('ascii')
# we return the concatenation of the signature and the message signed (96 bytes)
data_hex = binascii.b2a_hex(data).decode('ascii')
sig = signature_hex + data_hex
txaio.resolve(d2, sig)
txaio.add_callbacks(d1, process, None)
return d2
class CryptosignKey(object):
"""
A cryptosign private key for signing, and hence usable for authentication or a
public key usable for verification (but can't be used for signing).
"""
def __init__(self, key, can_sign: bool, security_module: Optional[ISecurityModule] = None,
key_no: Optional[int] = None, comment: Optional[str] = None) -> None:
if not (isinstance(key, signing.VerifyKey) or isinstance(key, signing.SigningKey)):
raise Exception("invalid type {} for key".format(type(key)))
assert (can_sign and isinstance(key, signing.SigningKey)) or (not can_sign and isinstance(key, signing.VerifyKey))
self._key = key
self._can_sign = can_sign
self._security_module = security_module
self._key_no = key_no
self._comment = comment
@property
def security_module(self) -> Optional['ISecurityModule']:
"""
Implements :meth:`autobahn.wamp.interfaces.IKey.security_module`.
"""
return self._security_module
@property
def key_no(self) -> Optional[int]:
"""
Implements :meth:`autobahn.wamp.interfaces.IKey.key_no`.
"""
return self._key_no
@property
def comment(self) -> Optional[str]:
"""
Implements :meth:`autobahn.wamp.interfaces.IKey.comment`.
"""
return self._comment
@property
def key_type(self) -> str:
"""
Implements :meth:`autobahn.wamp.interfaces.IKey.key_type`.
"""
return 'cryptosign'
@property
def can_sign(self) -> bool:
"""
Implements :meth:`autobahn.wamp.interfaces.IKey.can_sign`.
"""
return self._can_sign
def sign(self, data: bytes) -> bytes:
"""
Implements :meth:`autobahn.wamp.interfaces.IKey.sign`.
"""
if not self._can_sign:
raise Exception("a signing key required to sign")
if type(data) != bytes:
raise Exception("data to be signed must be binary")
sig: SignedMessage = self._key.sign(data)
# we only return the actual signature! if we return "sig",
# it gets coerced into the concatenation of message + signature
# not sure which order, but we don't want that. we only want
# the signature
return txaio.create_future_success(sig.signature)
def sign_challenge(self, challenge: Challenge, channel_id: Optional[bytes] = None,
channel_id_type: Optional[str] = None) -> bytes:
"""
Implements :meth:`autobahn.wamp.interfaces.ICryptosignKey.sign_challenge`.
"""
assert challenge.method in ['cryptosign', 'cryptosign-proxy'], \
'unexpected cryptosign challenge with method "{}"'.format(challenge.method)
data = _format_challenge(challenge, channel_id, channel_id_type)
return _sign_challenge(data, self.sign)
def public_key(self, binary: bool = False) -> Union[str, bytes]:
"""
Returns the public key part of a signing key or the (public) verification key.
:returns: The public key in Hex encoding.
:rtype: str or None
"""
if isinstance(self._key, signing.SigningKey):
key = self._key.verify_key
else:
key = self._key
if binary:
return key.encode()
else:
return key.encode(encoder=encoding.HexEncoder).decode('ascii')
@classmethod
def from_pubkey(cls, pubkey: bytes, comment: Optional[str] = None) -> 'CryptosignKey':
if not (comment is None or type(comment) == str):
raise ValueError("invalid type {} for comment".format(type(comment)))
if type(pubkey) != bytes:
raise ValueError("invalid key type {} (expected binary)".format(type(pubkey)))
if len(pubkey) != 32:
raise ValueError("invalid key length {} (expected 32)".format(len(pubkey)))
return cls(key=signing.VerifyKey(pubkey), can_sign=False, comment=comment)
@classmethod
def from_bytes(cls, key: bytes, comment: Optional[str] = None) -> 'CryptosignKey':
if not (comment is None or type(comment) == str):
raise ValueError("invalid type {} for comment".format(type(comment)))
if type(key) != bytes:
raise ValueError("invalid key type {} (expected binary)".format(type(key)))
if len(key) != 32:
raise ValueError("invalid key length {} (expected 32)".format(len(key)))
return cls(key=signing.SigningKey(key), can_sign=True, comment=comment)
@classmethod
def from_file(cls, filename: str, comment: Optional[str] = None) -> 'CryptosignKey':
"""
Load an Ed25519 (private) signing key (actually, the seed for the key) from a raw file of 32 bytes length.
This can be any random byte sequence, such as generated from Python code like
os.urandom(32)
or from the shell
dd if=/dev/urandom of=client02.key bs=1 count=32
:param filename: Filename of the key.
:param comment: Comment for key (optional).
"""
if not (comment is None or type(comment) == str):
raise Exception("invalid type {} for comment".format(type(comment)))
if type(filename) != str:
raise Exception("invalid type {} for filename".format(filename))
with open(filename, 'rb') as f:
key_data = f.read()
return cls.from_bytes(key_data, comment=comment)
@classmethod
def from_ssh_file(cls, filename: str) -> 'CryptosignKey':
"""
Load an Ed25519 key from a SSH key file. The key file can be a (private) signing
key (from a SSH private key file) or a (public) verification key (from a SSH
public key file). A private key file must be passphrase-less.
"""
with open(filename, 'rb') as f:
key_data = f.read().decode('utf-8').strip()
return cls.from_ssh_bytes(key_data)
@classmethod
def from_ssh_bytes(cls, key_data: str) -> 'CryptosignKey':
"""
Load an Ed25519 key from SSH key file. The key file can be a (private) signing
key (from a SSH private key file) or a (public) verification key (from a SSH
public key file). A private key file must be passphrase-less.
"""
SSH_BEGIN = '-----BEGIN OPENSSH PRIVATE KEY-----'
if key_data.startswith(SSH_BEGIN):
# OpenSSH private key
key_data, comment = _read_ssh_ed25519_privkey(key_data)
key = signing.SigningKey(key_data, encoder=encoding.RawEncoder)
can_sign = True
else:
# OpenSSH public key
key_data, comment = _read_ssh_ed25519_pubkey(key_data)
key = signing.VerifyKey(key_data)
can_sign = False
return cls(key=key, can_sign=can_sign, comment=comment)
@classmethod
def from_seedphrase(cls, seedphrase: str, index: int = 0) -> 'CryptosignKey':
"""
Create a private key from the given BIP-39 mnemonic seed phrase and index,
which can be used to sign and create signatures.
:param seedphrase: The BIP-39 seedphrase ("Mnemonic") from which to derive the account.
:param index: The account index in account hierarchy defined by the seedphrase.
:return: New instance of :class:`EthereumKey`
"""
try:
from autobahn.xbr._mnemonic import mnemonic_to_private_key
except ImportError as e:
raise RuntimeError('package autobahn[xbr] not installed ("{}")'.format(e))
# BIP44 path for WAMP
# https://github.com/wamp-proto/wamp-proto/issues/401
# https://github.com/satoshilabs/slips/pull/1322
derivation_path = "m/44'/655'/0'/0/{}".format(index)
key_raw = mnemonic_to_private_key(seedphrase, derivation_path)
assert type(key_raw) == bytes
assert len(key_raw) == 32
# create WAMP-Cryptosign key object from raw bytes
key = cls.from_bytes(key_raw)
return key
@classmethod
def from_keyfile(cls, keyfile: str) -> 'CryptosignKey':
"""
Create a public or private key from reading the given public or private key file.
Here is an example key file that includes an CryptosignKey private key ``private-key-ed25519``, which
is loaded in this function, and other fields, which are ignored by this function:
.. code-block::
This is a comment (all lines until the first empty line are comments indeed).
creator: oberstet@intel-nuci7
created-at: 2022-07-05T12:29:48.832Z
user-id: oberstet@intel-nuci7
public-key-ed25519: 7326d9dc0307681cc6940fde0e60eb31a6e4d642a81e55c434462ce31f95deed
public-adr-eth: 0x10848feBdf7f200Ba989CDf7E3eEB3EC03ae7768
private-key-ed25519: f750f42b0430e28a2e272c3cedcae4dcc4a1cf33bc345c35099d3322626ab666
private-key-eth: 4d787714dcb0ae52e1c5d2144648c255d660b9a55eac9deeb80d9f506f501025
:param keyfile: Path (relative or absolute) to a public or private keys file.
:return: New instance of :class:`CryptosignKey`
"""
if not os.path.exists(keyfile) or not os.path.isfile(keyfile):
raise RuntimeError('keyfile "{}" is not a file'.format(keyfile))
# now load the private or public key file - this returns a dict which should
# include (for a private key):
#
# private-key-ed25519: 20e8c05d0ede9506462bb049c4843032b18e8e75b314583d0c8d8a4942f9be40
#
# or (for a public key only):
#
# public-key-ed25519: 7326d9dc0307681cc6940fde0e60eb31a6e4d642a81e55c434462ce31f95deed
#
data = parse_keyfile(keyfile)
privkey_ed25519_hex = data.get('private-key-ed25519', None)
if privkey_ed25519_hex is None:
pubkey_ed25519_hex = data.get('public-key-ed25519', None)
if pubkey_ed25519_hex is None:
raise RuntimeError('neither "private-key-ed25519" nor "public-key-ed25519" found in keyfile {}'.format(keyfile))
else:
return CryptosignKey.from_pubkey(binascii.a2b_hex(pubkey_ed25519_hex))
else:
return CryptosignKey.from_bytes(binascii.a2b_hex(privkey_ed25519_hex))
ICryptosignKey.register(CryptosignKey)
class CryptosignAuthextra(object):
"""
WAMP-Cryptosign authextra object.
"""
__slots__ = [
'_pubkey',
'_trustroot',
'_challenge',
'_channel_binding',
'_channel_id',
'_realm',
'_chain_id',
'_block_no',
'_delegate',
'_seeder',
'_bandwidth',
'_signature',
]
def __init__(self,
pubkey: Optional[bytes] = None,
challenge: Optional[bytes] = None,
channel_binding: Optional[str] = None,
channel_id: Optional[bytes] = None,
# domain address, certificates are verified against owner of the domain
trustroot: Optional[bytes] = None,
# FIXME: add delegate address
# FIXME: add certificates
# FIXME: remove reservation
realm: Optional[bytes] = None,
chain_id: Optional[int] = None,
block_no: Optional[int] = None,
delegate: Optional[bytes] = None,
seeder: Optional[bytes] = None,
bandwidth: Optional[int] = None,
signature: Optional[bytes] = None,
):
if pubkey:
assert len(pubkey) == 32
if trustroot:
assert len(trustroot) == 20
if challenge:
assert len(challenge) == 32
if channel_binding:
assert channel_binding in ['tls-unique']
if channel_id:
assert len(channel_id) == 32
if realm:
assert len(realm) == 20
if delegate:
assert len(delegate) == 20
if seeder:
assert len(seeder) == 20
if signature:
assert len(signature) == 65
self._pubkey = pubkey
self._trustroot = trustroot
self._challenge = challenge
self._channel_binding = channel_binding
self._channel_id = channel_id
self._realm = realm
self._chain_id = chain_id
self._block_no = block_no
self._delegate = delegate
self._seeder = seeder
self._bandwidth = bandwidth
self._signature = signature
@property
def pubkey(self) -> Optional[bytes]:
return self._pubkey
@pubkey.setter
def pubkey(self, value: Optional[bytes]):
assert value is None or len(value) == 20
self._pubkey = value
@property
def trustroot(self) -> Optional[bytes]:
return self._trustroot
@trustroot.setter
def trustroot(self, value: Optional[bytes]):
assert value is None or len(value) == 20
self._trustroot = value
@property
def challenge(self) -> Optional[bytes]:
return self._challenge
@challenge.setter
def challenge(self, value: Optional[bytes]):
assert value is None or len(value) == 32
self._challenge = value
@property
def channel_binding(self) -> Optional[str]:
return self._channel_binding
@channel_binding.setter
def channel_binding(self, value: Optional[str]):
assert value is None or value in ['tls-unique']
self._channel_binding = value
@property
def channel_id(self) -> Optional[bytes]:
return self._channel_id
@channel_id.setter
def channel_id(self, value: Optional[bytes]):
assert value is None or len(value) == 32
self._channel_id = value
@property
def realm(self) -> Optional[bytes]:
return self._realm
@realm.setter
def realm(self, value: Optional[bytes]):
assert value is None or len(value) == 20
self._realm = value
@property
def chain_id(self) -> Optional[int]:
return self._chain_id
@chain_id.setter
def chain_id(self, value: Optional[int]):
assert value is None or value > 0
self._chain_id = value
@property
def block_no(self) -> Optional[int]:
return self._block_no
@block_no.setter
def block_no(self, value: Optional[int]):
assert value is None or value > 0
self._block_no = value
@property
def delegate(self) -> Optional[bytes]:
return self._delegate
@delegate.setter
def delegate(self, value: Optional[bytes]):
assert value is None or len(value) == 20
self._delegate = value
@property
def seeder(self) -> Optional[bytes]:
return self._seeder
@seeder.setter
def seeder(self, value: Optional[bytes]):
assert value is None or len(value) == 20
self._seeder = value
@property
def bandwidth(self) -> Optional[int]:
return self._bandwidth
@bandwidth.setter
def bandwidth(self, value: Optional[int]):
assert value is None or value > 0
self._bandwidth = value
@property
def signature(self) -> Optional[bytes]:
return self._signature
@signature.setter
def signature(self, value: Optional[bytes]):
assert value is None or len(value) == 65
self._signature = value
@staticmethod
def parse(data: Dict[str, Any]) -> 'CryptosignAuthextra':
obj = CryptosignAuthextra()
pubkey = data.get('pubkey', None)
if pubkey is not None:
if type(pubkey) != str:
raise ValueError('invalid type {} for pubkey'.format(type(pubkey)))
if len(pubkey) != 32 * 2:
raise ValueError('invalid length {} of pubkey'.format(len(pubkey)))
obj._pubkey = a2b_hex(pubkey)
challenge = data.get('challenge', None)
if challenge is not None:
if type(challenge) != str:
raise ValueError('invalid type {} for challenge'.format(type(challenge)))
if len(challenge) != 32 * 2:
raise ValueError('invalid length {} of challenge'.format(len(challenge)))
obj._challenge = a2b_hex(challenge)
channel_binding = data.get('channel_binding', None)
if channel_binding is not None:
if type(channel_binding) != str:
raise ValueError('invalid type {} for channel_binding'.format(type(channel_binding)))
if channel_binding not in ['tls-unique']:
raise ValueError('invalid value "{}" for channel_binding'.format(channel_binding))
obj._channel_binding = channel_binding
channel_id = data.get('channel_id', None)
if channel_id is not None:
if type(channel_id) != str:
raise ValueError('invalid type {} for channel_id'.format(type(channel_id)))
if len(channel_id) != 32 * 2:
raise ValueError('invalid length {} of channel_id'.format(len(channel_id)))
obj._channel_id = a2b_hex(channel_id)
trustroot = data.get('trustroot', None)
if trustroot is not None:
if type(trustroot) != str:
raise ValueError('invalid type {} for trustroot - expected a string'.format(type(trustroot)))
if not _URI_PAT_REALM_NAME_ETH.match(trustroot):
raise ValueError('invalid value "{}" for trustroot - expected an Ethereum address'.format(type(trustroot)))
obj._trustroot = a2b_hex(trustroot[2:])
reservation = data.get('reservation', None)
if reservation is not None:
if type(reservation) != dict:
raise ValueError('invalid type {} for reservation'.format(type(reservation)))
chain_id = reservation.get('chain_id', None)
if chain_id is not None:
if type(chain_id) != int:
raise ValueError('invalid type {} for reservation.chain_id - expected an integer'.format(type(chain_id)))
obj._chain_id = chain_id
block_no = reservation.get('block_no', None)
if block_no is not None:
if type(block_no) != int:
raise ValueError('invalid type {} for reservation.block_no - expected an integer'.format(type(block_no)))
obj._block_no = block_no
realm = reservation.get('realm', None)
if realm is not None:
if type(realm) != str:
raise ValueError('invalid type {} for reservation.realm - expected a string'.format(type(realm)))
if not _URI_PAT_REALM_NAME_ETH.match(realm):
raise ValueError('invalid value "{}" for reservation.realm - expected an Ethereum address'.format(type(realm)))
obj._realm = a2b_hex(realm[2:])
delegate = reservation.get('delegate', None)
if delegate is not None:
if type(delegate) != str:
raise ValueError('invalid type {} for reservation.delegate - expected a string'.format(type(delegate)))
if not _URI_PAT_REALM_NAME_ETH.match(delegate):
raise ValueError('invalid value "{}" for reservation.delegate - expected an Ethereum address'.format(type(delegate)))
obj._delegate = a2b_hex(delegate[2:])
seeder = reservation.get('seeder', None)
if seeder is not None:
if type(seeder) != str:
raise ValueError('invalid type {} for reservation.seeder - expected a string'.format(type(seeder)))
if not _URI_PAT_REALM_NAME_ETH.match(seeder):
raise ValueError('invalid value "{}" for reservation.seeder - expected an Ethereum address'.format(type(seeder)))
obj._seeder = a2b_hex(seeder[2:])
bandwidth = reservation.get('bandwidth', None)
if bandwidth is not None:
if type(bandwidth) != int:
raise ValueError('invalid type {} for reservation.bandwidth - expected an integer'.format(type(bandwidth)))
obj._bandwidth = bandwidth
signature = data.get('signature', None)
if signature is not None:
if type(signature) != str:
raise ValueError('invalid type {} for signature'.format(type(signature)))
if len(signature) != 65 * 2:
raise ValueError('invalid length {} of signature'.format(len(signature)))
obj._signature = a2b_hex(signature)
return obj
def marshal(self) -> Dict[str, Any]:
res = {}
# FIXME: marshal check-summed eth addresses
if self._pubkey is not None:
res['pubkey'] = b2a_hex(self._pubkey).decode()
if self._challenge is not None:
res['challenge'] = b2a_hex(self._challenge).decode()
if self._channel_binding is not None:
res['channel_binding'] = self._channel_binding
if self._channel_id is not None:
res['channel_id'] = b2a_hex(self._channel_id).decode()
if self._trustroot is not None:
res['trustroot'] = '0x' + b2a_hex(self._trustroot).decode()
reservation = {}
if self._chain_id is not None:
reservation['chain_id'] = self._chain_id
if self._block_no is not None:
reservation['block_no'] = self._block_no
if self._realm is not None:
reservation['realm'] = '0x' + b2a_hex(self._realm).decode()
if self._delegate is not None:
reservation['delegate'] = '0x' + b2a_hex(self._delegate).decode()
if self._seeder is not None:
reservation['seeder'] = '0x' + b2a_hex(self._seeder).decode()
if self._bandwidth is not None:
reservation['bandwidth'] = self._bandwidth
if reservation:
res['reservation'] = reservation
if self._signature is not None:
res['signature'] = b2a_hex(self._signature).decode()
return res
__all__.extend(['CryptosignKey', 'format_challenge', 'sign_challenge', 'CryptosignAuthextra'])
|
