synapse.lib.crypto package

Submodules

synapse.lib.crypto.coin module

synapse.lib.crypto.coin.bch_check(match: _regex.Match)[source]
synapse.lib.crypto.coin.btc_base58_check(match: _regex.Match)[source]
synapse.lib.crypto.coin.btc_bech32_check(match: _regex.Match)[source]
synapse.lib.crypto.coin.cardano_byron_check(match: _regex.Match)[source]
synapse.lib.crypto.coin.cardano_shelly_check(match: _regex.Match)[source]
synapse.lib.crypto.coin.eth_check(match: _regex.Match)[source]
synapse.lib.crypto.coin.ether_eip55(body: str)[source]
synapse.lib.crypto.coin.logger = <Logger synapse.lib.crypto.coin (WARNING)>

synapse.lib.crypto.coin contains functions for verifying whether or not a given regex match containing a valu is valid for a given type of coin.

these functions are intended to be used with synapse.lib.scrape.

synapse.lib.crypto.coin.substrate_check(match: _regex.Match)[source]
synapse.lib.crypto.coin.xrp_check(match: _regex.Match)[source]

synapse.lib.crypto.ecc module

class synapse.lib.crypto.ecc.PriKey(priv)[source]

Bases: object

A helper class for using ECC private keys.

dump()[source]

Get the private key bytes in DER/PKCS8 format.

Returns:The DER/PKCS8 encoded private key.
Return type:bytes
exchange(pubkey)[source]

Perform a ECDH key exchange with a public key.

Parameters:pubkey (PubKey) – A PubKey to perform the ECDH with.
Returns:The ECDH bytes. This is deterministic for a given pubkey and private key.
Return type:bytes
static generate()[source]

Generate a new ECC PriKey instance.

Returns:A new PriKey instance.
Return type:PriKey
iden()[source]

Return a SHA256 hash for the public key (to be used as a GUID).

Returns:The SHA256 hash of the public key bytes.
Return type:str
static load(byts)[source]

Create a PriKey instance from DER/PKCS8 encoded bytes.

Parameters:byts (bytes) – Bytes to load
Returns:A new PubKey instance.
Return type:PriKey
public()[source]

Get the PubKey which corresponds to the ECC PriKey.

Returns:A new PubKey object whose key corresponds to the private key.
Return type:PubKey
sign(byts)[source]

Compute the ECC signature for the given bytestream.

Parameters:byts (bytes) – The bytes to sign.
Returns:The RSA Signature bytes.
Return type:bytes
class synapse.lib.crypto.ecc.PubKey(publ)[source]

Bases: object

A helper class for using ECC public keys.

dump()[source]

Get the public key bytes in DER/SubjectPublicKeyInfo format.

Returns:The DER/SubjectPublicKeyInfo encoded public key.
Return type:bytes
iden()[source]

Return a SHA256 hash for the public key (to be used as a GUID).

Returns:The SHA256 hash of the public key bytes.
Return type:str
static load(byts)[source]

Create a PubKey instance from DER/PKCS8 encoded bytes.

Parameters:byts (bytes) – Bytes to load
Returns:A new PubKey instance.
Return type:PubKey
verify(byts, sign)[source]

Verify the signature for the given bytes using the ECC public key.

Parameters:
  • byts (bytes) – The data bytes.
  • sign (bytes) – The signature bytes.
Returns:

True if the data was verified, False otherwise.

Return type:

bool

synapse.lib.crypto.ecc.doECDHE(statprv_u, statpub_v, ephmprv_u, ephmpub_v, length=64, salt=None, info=None)[source]

Perform one side of an Ecliptic Curve Diffie Hellman Ephemeral key exchange.

Parameters:
  • statprv_u (PriKey) – Static Private Key for U
  • (PubKey (statpub_v) – Static Public Key for V
  • ephmprv_u (PriKey) – Ephemeral Private Key for U
  • ephmpub_v (PubKey) – Ephemeral Public Key for V
  • length (int) – Number of bytes to return
  • salt (bytes) – Salt to use when computing the key.
  • info (bytes) – Additional information to use when computing the key.

Notes

This makes no assumption about the reuse of the Ephemeral keys passed to the function. It is the caller’s responsibility to destroy the keys after they are used for doing key generation. This implementation is the dhHybrid1 scheme described in NIST 800-56A Revision 2.

Returns:The derived key.
Return type:bytes

synapse.lib.crypto.tinfoil module

class synapse.lib.crypto.tinfoil.CryptSeq(rx_key, tx_key, initial_rx_seq=0, initial_tx_seq=0)[source]

Bases: object

Applies and verifies sequence numbers of encrypted messages coming and going

Parameters:
  • rx_key (bytes) – TX key (used with TinFoilHat).
  • tx_key (bytes) – RX key (used with TinFoilHat).
  • initial_rx_seq (int) – Starting rx sequence number.
  • initial_tx_seq (int) – Starting tx sequence number.
decrypt(ciphertext)[source]

Decrypt a message, validating its sequence number is as we expect.

Parameters:ciphertext (bytes) – The message to decrypt and verify.
Returns:A mesg.
Return type:mesg
Raises:s_exc.CryptoErr – If the message decryption fails or the sequence number was unexpected.
encrypt(mesg)[source]

Wrap a message with a sequence number and encrypt it.

Parameters:mesg – The mesg to encrypt.
Returns:The encrypted message.
Return type:bytes
class synapse.lib.crypto.tinfoil.TinFoilHat(ekey)[source]

Bases: object

The TinFoilHat class implements a GCM-AES encryption/decryption class.

Parameters:
  • ekey (bytes) – A 32 byte key used for doing encryption & decryption. It
  • assumed the caller has generated the key in a safe manner. (is) –
dec(byts)[source]

Decode an envelope dict and decrypt the given bytes.

Parameters:byts (bytes) – Bytes to decrypt.
Returns:Decrypted message.
Return type:bytes
enc(byts, asscd=None)[source]

Encrypt the given bytes and return an envelope dict in msgpack form.

Parameters:
  • byts (bytes) – The message to be encrypted.
  • asscd (bytes) – Extra data that needs to be authenticated (but not encrypted).
Returns:

The encrypted message. This is a msgpacked dictionary containing the IV, ciphertext, and associated data.

Return type:

bytes

synapse.lib.crypto.tinfoil.newkey()[source]

Generate a new, random 32 byte key.

Returns:32 random bytes
Return type:bytes