In [1]:
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization, hashes
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives.serialization import Encoding, PrivateFormat
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
from cryptography.hazmat.primitives.asymmetric import padding
import os
import datetime
import hmac

In [None]:
# Generate a random secret key
def generate_secret_key():
    return os.urandom(32)  # 32 bytes for a 256-bit key

# Alice generates a secret key and shares it with Bob
def share_secret_key(secret_key):
    # In practice, Alice would encrypt the secret key with Bob's public key
    # But for simplicity, we'll just print it here
    print("Shared Secret Key:", secret_key.hex())

# Example usage
if __name__ == "__main__":
    # Alice generates the secret key
    secret_key = generate_secret_key()

    # Alice shares the secret key with Bob
    share_secret_key(secret_key)

In [None]:
# Generate a private key
def generate_private_key():
    return rsa.generate_private_key(
        public_exponent=65537,  # Commonly used value for the public exponent
        key_size=2048,          # You can adjust the key size as needed
        backend=default_backend()
    )

# Extract the public key from the private key
def extract_public_key(private_key):
    return private_key.public_key()

# Serialize the private key to PEM format
def serialize_private_key(private_key):
    return private_key.private_bytes(
        encoding=serialization.Encoding.PEM,
        format=serialization.PrivateFormat.PKCS8,
        encryption_algorithm=serialization.NoEncryption()
    )

# Serialize the public key to PEM format
def serialize_public_key(public_key):
    return public_key.public_bytes(
        encoding=serialization.Encoding.PEM,
        format=serialization.PublicFormat.SubjectPublicKeyInfo
    )

# Example usage
if __name__ == "__main__":
    # Alice generates a private key
    private_key = generate_private_key()

    # Alice extracts the public key from the private key
    public_key = extract_public_key(private_key)

    # Serialize the keys to PEM format
    private_key_pem = serialize_private_key(private_key)
    public_key_pem = serialize_public_key(public_key)

    # Print the keys
    print("Private Key:")
    print(private_key_pem.decode())
    print("\nPublic Key:")
    print(public_key_pem.decode())

In [None]:
plain_text_message = """The company website has not limited the number of transactions a single user or device 
can perform in a given period of time. The transactions/time should be above the actual business requirement, 
but low enough to deter automated attacks."""
print(plain_text_message)

In [None]:
# Function to add a timestamp to the plaintext message
def add_timestamp(plain_text_message):
    timestamp = datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S")
    message_with_timestamp = f"{timestamp}: {plain_text_message}"
    return message_with_timestamp

# Example usage
if __name__ == "__main__":
    plain_text_message = """The company website has not limited the number of transactions a single user or device can perform in a given period of time. The transactions/time should be above the actual business requirement, but low enough to deter automated attacks."""
    
    # Alice adds a timestamp to the plaintext message
    message_with_timestamp = add_timestamp(plain_text_message)
    print("Message with Timestamp:")
    print(message_with_timestamp)

In [None]:
# Function to create a hash code of the message with timestamp using the secret key
def create_hash(message_with_timestamp, secret_key):
    hmac_hash = hmac.new(secret_key, message_with_timestamp.encode(), 'sha256')
    return hmac_hash.digest()

# Example usage
if __name__ == "__main__":
    # Assuming Alice already has a secret key
    secret_key = b'MySecretKey123'  # Example secret key (should be securely generated)

    # Example message with timestamp (already created by Alice)
    message_with_timestamp = "2024-03-12 15:30:00: The company website has not limited the number of transactions a single user or device can perform in a given period of time. The transactions/time should be above the actual business requirement, but low enough to deter automated attacks."

    # Alice creates a hash code of the message with timestamp using the secret key
    hash_code = create_hash(message_with_timestamp, secret_key)
    print("Hash Code:")
    print(hash_code.hex())

In [None]:
# Function to create a signature using Alice's secret key
def create_signature(private_key, hash_code):
    signature = private_key.sign(
        hash_code,
        padding.PSS(
            mgf=padding.MGF1(hashes.SHA256()),
            salt_length=padding.PSS.MAX_LENGTH
        ),
        hashes.SHA256()
    )
    return signature

# Example usage
if __name__ == "__main__":
    # Assuming Alice already has her private key
    # private_key = # Alice's private key

    # Assuming Alice already has the hash_code generated in the previous step
    # hash_code = # Hash code generated previously

    # Alice creates a signature using her secret key
    signature = create_signature(private_key, hash_code)

    # Alice adds the signature to the hash_code
    signed_hash_code = hash_code + signature

    print("Signed Hash Code:")
    print(signed_hash_code.hex())