Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def test_publickey(self):
'''
'''
msg = b'You\'ve got two empty halves of coconut and you\'re bangin\' \'em together.'
bob = libnacl.dual.DualSecret()
alice = libnacl.dual.DualSecret()
alice_pk = libnacl.public.PublicKey(alice.pk)
bob_box = libnacl.public.Box(bob.sk, alice_pk)
alice_box = libnacl.public.Box(alice.sk, bob.pk)
bob_ctxt = bob_box.encrypt(msg)
self.assertNotEqual(msg, bob_ctxt)
bclear = alice_box.decrypt(bob_ctxt)
self.assertEqual(msg, bclear)
config.registry.db = db
# Document Service key
config.registry.docservice_url = settings.get('docservice_url')
config.registry.docservice_username = settings.get('docservice_username')
config.registry.docservice_password = settings.get('docservice_password')
config.registry.docservice_upload_url = settings.get('docservice_upload_url')
config.registry.docservice_key = dockey = Signer(settings.get('dockey', '').decode('hex'))
config.registry.keyring = keyring = {}
dockeys = settings.get('dockeys') if 'dockeys' in settings else dockey.hex_vk()
for key in dockeys.split('\0'):
keyring[key[:8]] = Verifier(key)
# Archive keys
arch_pubkey = settings.get('arch_pubkey', None)
config.registry.arch_pubkey = PublicKey(arch_pubkey.decode('hex') if arch_pubkey else SecretKey().pk)
# migrate data
if not os.environ.get('MIGRATION_SKIP'):
for entry_point in iter_entry_points('openprocurement.api.migrations'):
plugin = entry_point.load()
plugin(config.registry)
config.registry.server_id = settings.get('id', '')
# search subscribers
subscribers_keys = [k for k in settings if k.startswith('subscribers.')]
for k in subscribers_keys:
subscribers = settings[k].split(',')
for subscriber in subscribers:
for entry_point in iter_entry_points('openprocurement.{}'.format(k), subscriber):
if entry_point:
def encode(libnacl_key):
"""
Encode a key.
Arguments:
- `libnacl_key`: An instance of either a
:class:`libnacl.public.SecretKey` or a
:class:`libnacl.public.PublicKey`.
Return the encoded key.
"""
# Detect key type and hexlify
if isinstance(libnacl_key, libnacl.public.SecretKey):
type_ = Key.Type.private
key = libnacl_key.hex_sk()
elif isinstance(libnacl_key, libnacl.public.PublicKey):
type_ = Key.Type.public
key = libnacl.encode.hex_encode(libnacl_key.pk)
else:
raise GatewayKeyError('Unknown key type: {}'.format(libnacl_key))
# Encode key
return Key.separator.join((type_.value, key.decode('utf-8')))
def init_pubkey(hexpk, fname=None):
"""Create a pubkey object from a
hex formatted string.
Save to file fname if specified.
"""
try:
bin_pk = binascii.unhexlify(hexpk)
except (TypeError, binascii.Error):
raise NaclError("Invalid hex")
if not len(bin_pk) == 32:
raise NaclError("Public key must be 32 bytes")
pk = public.PublicKey(binascii.unhexlify(hexpk))
if fname:
pk.save(fname)
return pk
def derive_public(private_key):
"""
Derive a public key from a class:`libnacl.public.SecretKey`
instance.
Arguments:
- `private_key`: A class:`libnacl.public.SecretKey`
instance.
Return the :class:`libnacl.public.PublicKey` instance.
"""
return libnacl.public.PublicKey(private_key.pk)
import msgpack
key_data = msgpack.loads(packaged)
elif serial == 'json':
import json
key_data = json.loads(packaged.decode(encoding='UTF-8'))
if 'priv' in key_data and 'sign' in key_data:
return libnacl.dual.DualSecret(
libnacl.encode.hex_decode(key_data['priv']),
libnacl.encode.hex_decode(key_data['sign']))
elif 'priv' in key_data:
return libnacl.public.SecretKey(libnacl.encode.hex_decode(key_data[
'priv']))
elif 'sign' in key_data:
return libnacl.sign.Signer(libnacl.encode.hex_decode(key_data['sign']))
elif 'pub' in key_data:
return libnacl.public.PublicKey(libnacl.encode.hex_decode(key_data[
'pub']))
elif 'verify' in key_data:
return libnacl.sign.Verifier(key_data['verify'])
raise ValueError('Found no key data')
def __init__(self, pk, sk=None):
self.pk = pk
self.sk = sk
if isinstance(pk, (libnacl.public.SecretKey, libnacl.dual.DualSecret)):
self.pk = pk.pk
self.sk = pk.sk
if isinstance(pk, libnacl.public.PublicKey):
self.pk = pk.pk
type_ = Key.Type(type_)
# Check type
if type_ != expected_type:
raise GatewayKeyError('Invalid key type: {}, expected: {}'.format(
type_, expected_type
))
# De-hexlify
key = libnacl.encode.hex_decode(key)
# Convert to SecretKey or PublicKey
if type_ == Key.Type.private:
key = libnacl.public.SecretKey(key)
elif type_ == Key.Type.public:
key = libnacl.public.PublicKey(key)
return key
def init_pubkey(hexpk, fname=None):
"""Create a pubkey object from a
hex formatted string.
Save to file fname if specified.
"""
try:
bin_pk = binascii.unhexlify(hexpk)
except TypeError:
raise NaclError("Invalid hex")
if not len(bin_pk) == 32:
raise NaclError("Public key must be 32 bytes")
pk = public.PublicKey(binascii.unhexlify(hexpk))
if fname:
pk.save(fname)
return pk
def generate_pair():
"""
Generate a new key pair.
Return the key pair as a tuple of a
:class:`libnacl.public.SecretKey` instance and a
:class:`libnacl.public.PublicKey` instance.
"""
private_key = libnacl.public.SecretKey()
public_key = libnacl.public.PublicKey(private_key.pk)
return private_key, public_key