From e1e66841963d7d740113770552b49c48fbf45f53 Mon Sep 17 00:00:00 2001 From: Eli Ribble Date: Fri, 10 Nov 2023 15:51:13 -0700 Subject: [PATCH] Add WIP. Likely going nowhere. I've thrashed around a bit, I think I'll move to rust. --- gongor/aegis.py | 10 ++++++++++ gongor/cipher.py | 27 +++++++++++++++++++++++++++ 2 files changed, 37 insertions(+) create mode 100644 gongor/cipher.py diff --git a/gongor/aegis.py b/gongor/aegis.py index 091f9bd..fd814f0 100644 --- a/gongor/aegis.py +++ b/gongor/aegis.py @@ -25,6 +25,7 @@ def box(): with open(args.message, "rb") as f: data = f.read() + shared_ecc_key, ciphered_public_key = _generate_encryption_key(certificate.public_key()) aad = b"authenticated but unencrypted data" key = aead.ChaCha20Poly1305.generate_key() with open("encryption.key", "wb") as f: @@ -41,6 +42,15 @@ def box(): print(f"Wrote encrypted message to '{args.output}'") +def ecc_calc_encryption_keys(pubKey): + ciphertextPrivKey = secrets.randbelow(curve.field.n) + ciphertextPubKey = ciphertextPrivKey * curve.g + sharedECCKey = pubKey * ciphertextPrivKey + return (sharedECCKey, ciphertextPubKey) + +def ecc_calc_decryption_key(privKey, ciphertextPubKey): + sharedECCKey = ciphertextPubKey * privKey + return sharedECCKey def generate(): print("Please name this aegis. You can call it anything. Frequently people use their legal name.") diff --git a/gongor/cipher.py b/gongor/cipher.py new file mode 100644 index 0000000..3353ab7 --- /dev/null +++ b/gongor/cipher.py @@ -0,0 +1,27 @@ +import argparse +from pathlib import Path + +from cryptography import x509 +from cryptography.hazmat.primitives import serialization + +def box_message(): + parser = argparse.ArgumentParser() + parser.add_argument("recipient_certificate", type=Path, help="Path to the certificate of the recipient") + parser.add_argument("sender_key", type=Path, help="Path to the private key of the sender") + parser.add_argument("--sender-key-password", type="str", default=None, help="The password to the sender private key") + parser.add_argument("message", type=Path, help="Path to the message to box") + args = parser.parse_args() + + recipient_cert = _load_certificate(args.recipient_certificate) + sender_key = _load_key(args.sender_key) + + + + +def _load_certificate(path: Path) -> x509.Certificate: + with open(path, "rb") as f: + return x509.load_pem_x509_certificate(f.read()) + +def _load_key(path: Path, password: str) -> EllipticCurvePrivateKey: + with open(path, "rb") as f: + return serialization.load_pem_private_key(f.read(), password)