<a href="https://colab.research.google.com/github/ProfDoeg/Colegio_Invisible/blob/master/02_cuaderno.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

In [1]:
from IPython.core.display import display, HTML
display(HTML("<style>.container { width:95% !important; }</style>"))

In [3]:
! git clone https://github.com/ProfDoeg/Colegio_Invisible.git

Cloning into 'Colegio_Invisible'...
remote: Enumerating objects: 129, done.[K
remote: Counting objects: 100% (129/129), done.[K
remote: Compressing objects: 100% (127/127), done.[K
remote: Total 129 (delta 72), reused 0 (delta 0), pack-reused 0[K
Receiving objects: 100% (129/129), 8.66 MiB | 8.77 MiB/s, done.
Resolving deltas: 100% (72/72), done.


# Basic Cryptography and Script Writing

## Outline

In this introduction we cover:

- cryptographic hash functions
- symmetric cryptography
- asymmetric cryptography
- scripts

By the end of the exposition you will:

- understand the structure of python script
- be able to run a Python script from terminal
- be able direct the script with user input
- understand the features of a cryptographic **hash function**
- be able to hash a string or file using **SHA256**
- understand the features of **symmetric cryptography**
- be able to generate an **AES** cryptographic **key**
- be able to **AES encrypt** a string or file using a symmetric key
- be able to **AES decrypt** a string or file using AES
- understand the features of **asymmetric cryptography**
- be able to generate a new **private key** object
- be able to access the byte or hex value of the private key
- be able to import a previously generated **private key** from bytes
- be able to extract a **public key** from the private key
- be able to access the byte or hex value of the public key
- understand ECDSA digital signature
- be able to **sign** a message with a private key
- be able to **verify** a message signature with a public key
- understand ECIES
- be able to **ECIES encrypt** with a public key
- be able to **ECIES decrypt** with a private key

----

# Cryptographic Hash Functions

A cryptographic hash function is an algorithm that takes an arbitrary amount of data input and produces a fixed-size output  of gibberish called a digest, checksum, fingerprint, hash code, hash value, or just “hash.” 

$$ F(\text{input})\longrightarrow \text{hash}$$

Cryptographic hash function should have the following features. They should be:

- **[ONE-WAY FUNCTION]** the input to the function cannot be derived from the output 
- **[INPUT HYPERSENSITIVITE]** a tiny change in input should drastically change output
- **[DETERMINISTIC]** the output of the function should always be the same for a given input
-  **[NON-PREDICTABLE]** there are no computational short cuts in producing the hash from the input
- **[COLLISION RESISTANT]** two different inputs should never produce the same hash ouput for the remainder of all human history

**SHA256** is a cryptographic hash function with a 256 bit output prescribed by the U.S. National Institute of Standards and Technology.

We implement SHA256 in Python using the **`hashlib`**

## Apply SHA256 using Terminal

UNIX like systems can hash from the terminal

It can be done on:

- a string
- a file

In [44]:
! echo 🐶| shasum -a 256 

8890ce374cabbc70638ffa32507e16ca240fd1631907897c65b3e439dc2fa131  -


In [33]:
! ls Colegio_Invisible/img

colegio_invisible.jpeg	hg_drop.jpeg  hg_house.jpeg   hg_rough.png
hg_cry.jpeg		hg_hide.jpeg  hg_invite.jpeg  hg_xmas.jpeg


In [45]:
! shasum -a 256 Colegio_Invisible/img/colegio_invisible.jpeg

1d5879bb04266dc0c215414dcc2045ea09082c45f532657fc8bc0bbaab588fce  Colegio_Invisible/img/colegio_invisible.jpeg


## Hashing Using Python

### Python Hashing Module `hashlib`

We will be using the **`hashlib`** module to do our hashing work. A module is a toybox filled with delights.


In [10]:
import hashlib
type(hashlib)

module

In [11]:
hashlib.algorithms_available

{'blake2b',
 'blake2s',
 'md5',
 'sha1',
 'sha224',
 'sha256',
 'sha384',
 'sha3_224',
 'sha3_256',
 'sha3_384',
 'sha3_512',
 'sha512',
 'shake_128',
 'shake_256'}

### Prepare the Bytestring Input

The input must be a bytestring, a string of `type` **`bytes`**.

We can prepare a bytestring by:
- using `b'  '` to write the literal
- convert a string to `bytes` using `.encode()`  


In [19]:
b'a byte string'

b'a byte string'

In [14]:
type(b'a byte string')

bytes

In [20]:
type('🐶')

str

In [21]:
str.encode('🐶')

b'\xf0\x9f\x90\xb6'

In [18]:
'🐶'.encode()

b'\xf0\x9f\x90\xb6'

### Apply SHA256 to Bytestring using Python

We will be using `sha256`. The following code creates a `sha256 HASH object`

- `.digest()` returns the sha256 digest as a bytestring
- `.hexdigest()` returns the sha256 digest as a hexstring

In [15]:
H=hashlib.sha256(b'a byte string')
H

<sha256 HASH object @ 0x7f37b14e4420>

In [16]:
H.hexdigest()

'c4305ca4e36e8476a629d8e9ff44b4edcdc0e1d8843baa06d5e2c070a79f4986'

In [17]:
H.digest()

b'\xc40\\\xa4\xe3n\x84v\xa6)\xd8\xe9\xffD\xb4\xed\xcd\xc0\xe1\xd8\x84;\xaa\x06\xd5\xe2\xc0p\xa7\x9fI\x86'

In [42]:
hashlib.sha256( '🐶'.encode() ).digest()

b'\x88\x90\xce7L\xab\xbcpc\x8f\xfa2P~\x16\xca$\x0f\xd1c\x19\x07\x89|e\xb3\xe49\xdc/\xa11'

In [29]:
hashlib.sha256( '🐶'.encode() ).hexdigest()

'895eb9a2e6d497e22a456a55f403293d8070312c952640b498b7b680da47a3ac'

In [43]:
hashlib.sha256( '🐶\n'.encode() ).hexdigest()

'8890ce374cabbc70638ffa32507e16ca240fd1631907897c65b3e439dc2fa131'

### Apply SHA256 to File using Python

File is opened as **binary** using `open()` in mode `'rb'` read binary.

In [35]:
img_file=open('Colegio_Invisible/img/colegio_invisible.jpeg','rb')
img_bytes=img_file.read()
img_file.close()

In [36]:
hashlib.sha256( img_bytes ).hexdigest()

'1d5879bb04266dc0c215414dcc2045ea09082c45f532657fc8bc0bbaab588fce'

In [37]:
def sha256_file(path):
  bytestring = open(path,'rb').read()
  return hashlib.sha256( bytestring ).hexdigest()

In [38]:
sha256_file('Colegio_Invisible/img/colegio_invisible.jpeg')

'1d5879bb04266dc0c215414dcc2045ea09082c45f532657fc8bc0bbaab588fce'

### Apply SHA256 to Using a Python Script



In [2]:
! pip install cryptos

Collecting cryptos
  Downloading cryptos-1.36-py3-none-any.whl (69 kB)
[?25l[K     |████▊                           | 10 kB 22.9 MB/s eta 0:00:01[K     |█████████▌                      | 20 kB 25.8 MB/s eta 0:00:01[K     |██████████████▎                 | 30 kB 21.5 MB/s eta 0:00:01[K     |███████████████████             | 40 kB 12.0 MB/s eta 0:00:01[K     |███████████████████████▊        | 51 kB 5.6 MB/s eta 0:00:01[K     |████████████████████████████▌   | 61 kB 5.5 MB/s eta 0:00:01[K     |████████████████████████████████| 69 kB 3.4 MB/s 
[?25hInstalling collected packages: cryptos
Successfully installed cryptos-1.36


In [1]:
! pip install eciespy

Collecting eciespy
  Downloading eciespy-0.3.11-py3-none-any.whl (11 kB)
Collecting pycryptodome<4.0.0,>=3.9.9
  Downloading pycryptodome-3.12.0-cp35-abi3-manylinux2010_x86_64.whl (2.0 MB)
[K     |████████████████████████████████| 2.0 MB 4.4 MB/s 
[?25hCollecting coincurve<16,>=13
  Downloading coincurve-15.0.1-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (555 kB)
[K     |████████████████████████████████| 555 kB 20.5 MB/s 
[?25hCollecting eth-keys<0.4.0,>=0.3.3
  Downloading eth_keys-0.3.3-py3-none-any.whl (20 kB)
Collecting asn1crypto
  Downloading asn1crypto-1.4.0-py2.py3-none-any.whl (104 kB)
[K     |████████████████████████████████| 104 kB 55.1 MB/s 
Collecting eth-typing<3.0.0,>=2.2.1
  Downloading eth_typing-2.2.2-py3-none-any.whl (6.2 kB)
Collecting eth-utils<2.0.0,>=1.3.0
  Downloading eth_utils-1.10.0-py3-none-any.whl (24 kB)
Collecting eth-hash<0.4.0,>=0.3.1
  Downloading eth_hash-0.3.2-py3-none-any.whl (8.8 kB)
Collecting cytoolz<1.0.0,>=0.10.1
  Downloadin

In [5]:
! ls Colegio_Invisible/scripts
! cat Colegio_Invisible/scripts/ecc_generate.py

ecc_generate.py  ecc_keydump.py  ecc_pubkey_extract.py
##################################################################################
# this script will generate an ECC private key from a computer generate 256 bit random number
# the key is saved to an AEC encrypted (password protected) file
#
# run at the terminal using the following
# > python ecc_generate.py <PRIVKEY_PATH> <PRIVKEY_PASSWORD>
# <PRIVKEY_PATH>: path to generated private key
# <PRIVKEY_PASSWORD>: password for private key file
#
#EXAMPLE:
#>python ecc_generate.py keys\privkey.bin password123
#
# IF <PRIVKEY_PASSWORD> IS NOT INCLUDED USER WILL BE PROMPTED TO ENTER IT SECURELY
##################################################################################

from sys import argv
import getpass
import ecies
import eth_keys
import hashlib
from Crypto.PublicKey import ECC
from Crypto.Random import get_random_bytes


if len(argv)==3:
    _, privkey_path, privkey_password = argv
elif len(argv)==2:
    _, privkey_path = ar

In [5]:
! mkdir teclas

In [6]:
! python Colegio_Invisible/scripts/ecc_generate.py teclas/my_privkey.enc

Input password for encrypting keyfile: 
Repeat password for encrypting keyfile: 

Passwords match...
Private key generation complete
Private key encrypted and written to binary file: teclas/my_privkey.enc
f49ec9fa37a8b64912d1a1b2e5d45929d1bcb83549800841d8ed7e9b5cae4ae68a9a21d8a691fe95dafdc229a9c692b35ae7c3358bef51314d6b5d0bbf10b8e3


In [7]:
#! rm -r Colegio_Invisible

In [7]:
! python Colegio_Invisible/scripts/ecc_pubkey_extract.py teclas/my_privkey.enc teclas/my_pubkey.enc

Input password for private key file: 
Input password for public key file: 
Repeat password for public key file: 

Passwords match...
Completed public key extraction from: teclas/my_privkey.enc
Public key encrypted and written to binary file: teclas/my_pubkey.enc
a86b28c0426c6dccf325d6c5d19e7aa798e5501e534c5c18f5be1422919996dbacd3a66a7a6c18337c9473ab5ec23d2aaf8fd9ee03576488a70af573a8c31382546dbae54e2d72936744f7f20cc9703e77864e6dd550fe957d66e1fa7f38badd


In [8]:
! python Colegio_Invisible/scripts/ecc_keydump.py teclas/my_pubkey.enc

Input password for key file: 
0a8540f0d683628cb7e52b60c2e94c5b533c0c2febb1d18aa05df6d2413d9d4c19645c058a3675c7c8d3f6233ae239bb55c74d7ef573ec44644c9ac54356f59d


In [9]:
pubkey=!{'python Colegio_Invisible/scripts/ecc_keydump.py teclas/my_pubkey.enc'}
pubkey

['Input password for key file: ',
 '0a8540f0d683628cb7e52b60c2e94c5b533c0c2febb1d18aa05df6d2413d9d4c19645c058a3675c7c8d3f6233ae239bb55c74d7ef573ec44644c9ac54356f59d']

In [25]:
pbytes.fromhex(pubkey[-1])

b'@\x9d%\xe0V[\x1d\x9e,\x86\x9cJs{o;JT\xfd\xf2:\x82^_[\xdb\x03"\xec\x10j\xdcP!n\xc5|_htv\xba\xe40I\xf0\xa4\x83\xcf4\xb2\x8b\xc5PH\xbf\xe5Ib\xf0@\x07\xc2\x9b'