aljaz/python-teos
1
0
Fork 0
mirror of https://github.com/aljazceru/python-teos.git synced 2025-12-18 22:54:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
fb2bf05057a1ab1b1b28ad912bccd5f5b0d0c23a
python-teos/pisa-btc/apps/blob.py
Sergi Delgado Segura fb2bf05057 Adds blob encryption on both sides
2019-08-09 15:00:02 +01:00

44 lines
1.7 KiB
Python
Raw Blame History

import hashlib
from binascii import hexlify
from cryptography.hazmat.primitives.ciphers.aead import AESGCM
SUPPORTED_HASH_FUNCTIONS = ['SHA256']
SUPPORTED_CYPHERS = ['AES-GCM-128']
class Blob:
def __init__(self, data, cypher, hash_function):
self.data = data
self.cypher = cypher
self.hash_function = hash_function
# FIXME: We only support SHA256 for now
if self.hash_function.upper() not in SUPPORTED_HASH_FUNCTIONS:
raise Exception('Hash function not supported ({}). Supported Hash functions: {}'
.format(self.hash_function, SUPPORTED_HASH_FUNCTIONS))
# FIXME: We only support SHA256 for now
if self.cypher.upper() not in SUPPORTED_CYPHERS:
raise Exception('Cypher not supported ({}). Supported cyphers: {}'.format(self.hash_function,
SUPPORTED_CYPHERS))
def encrypt(self, tx_id):
# Transaction to be encrypted
# FIXME: The blob data should contain more things that just the transaction. Leaving like this for now.
tx = self.data.encode()
# FIXME: tx_id should not be necessary (can be derived from tx SegWit-like). Passing it for now
# Extend the key using SHA256 as a KDF
tx_id = tx_id.encode()
extended_key = hashlib.sha256(tx_id[:16]).digest()
# The 16 MSB of the extended key will serve as the AES GCM 128 secret key. The 16 LSB will serve as the IV.
sk = extended_key[:16]
nonce = extended_key[16:]
# Encrypt the data
aesgcm = AESGCM(sk)
encrypted_blob = hexlify(aesgcm.encrypt(nonce=nonce, data=tx, associated_data=None)).decode()
return encrypted_blob
Reference in New Issue View Git Blame Copy Permalink