
110 lines
3.7 KiB
Raw Normal View History

2023-05-09 15:36:33 -04:00
from collections import namedtuple
2023-09-23 14:22:05 -04:00
import base64
2023-05-09 15:36:33 -04:00
USER_AGENT = " [macOS,13.2.1,22D68,MacBookPro18,3]"
# KeyPair is a named tuple that holds a key and a certificate in PEM form
KeyPair = namedtuple("KeyPair", ["key", "cert"])
2023-05-09 17:03:27 -04:00
2023-05-09 15:36:33 -04:00
def dearmour(armoured: str) -> str:
import re
2023-05-09 17:03:27 -04:00
2023-05-09 15:36:33 -04:00
# Use a regex to remove the header and footer (generic so it work on more than just certificates)
2023-05-09 17:03:27 -04:00
return re.sub(r"-----BEGIN .*-----|-----END .*-----", "", armoured).replace(
"\n", ""
2023-07-27 11:04:57 -04:00
from cryptography.hazmat.primitives import serialization
2023-07-27 20:13:54 -04:00
from cryptography.hazmat.primitives.asymmetric import ec, rsa
2023-07-27 11:04:57 -04:00
def parse_key(key: str):
# Check if it is a public or private key
if "PUBLIC" in key:
return serialization.load_pem_public_key(key.encode())
return serialization.load_pem_private_key(key.encode(), None)
2023-08-19 15:25:21 -04:00
def serialize_key(key) -> str:
2023-07-27 20:13:54 -04:00
if isinstance(key, ec.EllipticCurvePrivateKey) or isinstance(key, rsa.RSAPrivateKey):
2023-07-27 11:04:57 -04:00
return key.private_bytes(
return key.public_bytes(
2023-09-23 14:22:05 -04:00
def parse_encoded_compact_key(key: str):
# Add = padding
key = key + "=" * (4 - len(key) % 4)
# Urlsafe base64 decode
key = base64.urlsafe_b64decode(key)
return parse_compact_key(key)
def parse_compact_key(key: bytes):
# Parse as a P256 key
from cryptography.hazmat.primitives.asymmetric import ec
from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat
# Parse compressed key... need to add 0x02 prefix
k = ec.EllipticCurvePublicKey.from_encoded_point(ec.SECP256R1(), b"\x02" + key)
# Serialize as PEM
return serialize_key(k)
def create_compact_key():
Create a P256 keypair and return the public key as a URL-safe base64 string
and the private key as a PEM string.
# Generate a P256 keypair
from cryptography.hazmat.primitives.asymmetric import ec
from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat
# Generate keys until we get one that is even
key = None
pub = None
while True:
key = ec.generate_private_key(ec.SECP256R1())
pub = key.public_key().public_bytes(Encoding.X962, PublicFormat.CompressedPoint)
if pub[0] == 0x02:
pub = pub[1:]
return pub, serialize_key(key)
2023-09-23 16:13:41 -04:00
def compact_key(key: ec.EllipticCurvePrivateKey):
from cryptography.hazmat.primitives.asymmetric import ec
from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat
return key.public_key().public_bytes(Encoding.X962, PublicFormat.CompressedPoint)[1:]
def create_compactable_key():
# Generate a P256 keypair
from cryptography.hazmat.primitives.asymmetric import ec
from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat
# Generate keys until we get one that is even
key = None
while True:
key = ec.generate_private_key(ec.SECP256R1())
pub = key.public_key().public_bytes(Encoding.X962, PublicFormat.CompressedPoint)
if pub[0] == 0x02:
return serialize_key(key)
2023-09-23 14:22:05 -04:00
def create_encoded_compact_key() -> tuple[str, str]:
pub, key = create_compact_key()
# URL-safe base64 encode
pub = base64.urlsafe_b64encode(pub).decode()
# Remove padding
pub = pub.replace("=", "")
return pub, key