dxs/onionr
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

progress in removing core

Browse source
This commit is contained in:
Kevin Froman 2019-07-25 11:14:13 -05:00
parent 3d50dbcaac
commit 19fa128710
14 changed files with 114 additions and 449 deletions
Download patch file Download diff file Expand all files Collapse all files

3
onionr/onionrcrypto/__init__.py
View file

@ -18,7 +18,8 @@
along with this program. If not, see <https://www.gnu.org/licenses/>.
'''
from . import generate, hashers, getourkeypair, signing, encryption
from . import generate, hashers, getourkeypair, signing, encryption, cryptoutils
generate_deterministic = generate.generate_deterministic
generate = generate.generate_pub_key
keypair = getourkeypair.get_keypair()

24
onionr/onionrcrypto/generate.py
View file

@ -1,6 +1,26 @@
import nacl.signing, nacl.encoding
import nacl.signing, nacl.encoding, nacl.pwhash
import onionrexceptions
from onionrutils import bytesconverter
def generate_pub_key():
'''Generate a Ed25519 public key pair, return tuple of base32encoded pubkey, privkey'''
private_key = nacl.signing.SigningKey.generate()
public_key = private_key.verify_key.encode(encoder=nacl.encoding.Base32Encoder())
return (public_key.decode(), private_key.encode(encoder=nacl.encoding.Base32Encoder()).decode())
return (public_key.decode(), private_key.encode(encoder=nacl.encoding.Base32Encoder()).decode())
def generate_deterministic(passphrase, bypassCheck=False):
'''Generate a Ed25519 public key pair from a password'''
passStrength = 25
passphrase = bytesconverter.str_to_bytes(passphrase) # Convert to bytes if not already
# Validate passphrase length
if not bypassCheck:
if len(passphrase) < passStrength:
raise onionrexceptions.PasswordStrengthError("Passphase must be at least %s characters" % (passStrength,))
# KDF values
kdf = nacl.pwhash.argon2id.kdf
salt = b"U81Q7llrQcdTP0Ux" # Does not need to be unique or secret, but must be 16 bytes
ops = nacl.pwhash.argon2id.OPSLIMIT_SENSITIVE
mem = nacl.pwhash.argon2id.MEMLIMIT_SENSITIVE
key = kdf(32, passphrase, salt, opslimit=ops, memlimit=mem) # Generate seed for ed25519 key
key = nacl.signing.SigningKey(key)
return (key.verify_key.encode(nacl.encoding.Base32Encoder).decode(), key.encode(nacl.encoding.Base32Encoder).decode())