Improved Cryptography section and included samples in Java, C, PHP And Python

2024-09-09 19:18:39 -04:00 · 2024-09-09 19:18:39 -04:00 · 144044a551
commit 144044a551
parent 6c5ae90b1f
5 changed files with 407 additions and 22 deletions
--- a/examples/cryptography.c
+++ b/examples/cryptography.c
@ -0,0 +1,69 @@
+import java.security.*;
+import java.util.Base64;
+import javax.crypto.Cipher;
+import java.time.Instant;
+
+public class Cryptography {
+
+    // Generate a new RSA key pair
+    public static KeyPair generateKeyPair() throws NoSuchAlgorithmException {
+        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
+        keyGen.initialize(2048);
+        return keyGen.generateKeyPair();
+    }
+
+    // Sign the content using the private key
+    public static String signContent(String content, PrivateKey privateKey) throws Exception {
+        Signature privateSignature = Signature.getInstance("SHA256withRSA");
+        privateSignature.initSign(privateKey);
+        privateSignature.update(content.getBytes("UTF-8"));
+        byte[] signature = privateSignature.sign();
+        return Base64.getEncoder().encodeToString(signature);
+    }
+
+    // Verify the signature of the content using the public key
+    public static boolean verifyContent(String content, String signature, PublicKey publicKey) throws Exception {
+        Signature publicSignature = Signature.getInstance("SHA256withRSA");
+        publicSignature.initVerify(publicKey);
+        publicSignature.update(content.getBytes("UTF-8"));
+        byte[] signatureBytes = Base64.getDecoder().decode(signature);
+        return publicSignature.verify(signatureBytes);
+    }
+
+    // Sign the content with a temporary signature based on time blocks
+    public static String temporarySignContent(String content, PrivateKey privateKey, int frames) throws Exception {
+        long timeBlock = Instant.now().getEpochSecond() / 60;
+        String contentWithTime = content + "|" + timeBlock;
+        return signContent(contentWithTime, privateKey);
+    }
+
+    // Verify a temporary signature with time blocks
+    public static boolean verifyTemporarySignature(String content, String signature, PublicKey publicKey, int frames) throws Exception {
+        long timeBlock = Instant.now().getEpochSecond() / 60;
+
+        for (int i = 0; i < frames; i++) {
+            String contentWithTime = content + "|" + (timeBlock - i);
+            if (verifyContent(contentWithTime, signature, publicKey)) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    // Encrypt the content using the public key
+    public static String encryptContent(String content, PublicKey publicKey) throws Exception {
+        Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
+        cipher.init(Cipher.ENCRYPT_MODE, publicKey);
+        byte[] ciphertext = cipher.doFinal(content.getBytes("UTF-8"));
+        return Base64.getEncoder().encodeToString(ciphertext);
+    }
+
+    // Decrypt the content using the private key
+    public static String decryptContent(String ciphertext, PrivateKey privateKey) throws Exception {
+        Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
+        cipher.init(Cipher.DECRYPT_MODE, privateKey);
+        byte[] decryptedBytes = cipher.doFinal(Base64.getDecoder().decode(ciphertext));
+        return new String(decryptedBytes, "UTF-8");
+    }
+}
--- a/examples/cryptography.java
+++ b/examples/cryptography.java
@ -0,0 +1,69 @@
+import java.security.*;
+import java.util.Base64;
+import javax.crypto.Cipher;
+import java.time.Instant;
+
+public class Cryptography {
+
+    // Generate a new RSA key pair
+    public static KeyPair generateKeyPair() throws NoSuchAlgorithmException {
+        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
+        keyGen.initialize(2048);
+        return keyGen.generateKeyPair();
+    }
+
+    // Sign the content using the private key
+    public static String signContent(String content, PrivateKey privateKey) throws Exception {
+        Signature privateSignature = Signature.getInstance("SHA256withRSA");
+        privateSignature.initSign(privateKey);
+        privateSignature.update(content.getBytes("UTF-8"));
+        byte[] signature = privateSignature.sign();
+        return Base64.getEncoder().encodeToString(signature);
+    }
+
+    // Verify the signature of the content using the public key
+    public static boolean verifyContent(String content, String signature, PublicKey publicKey) throws Exception {
+        Signature publicSignature = Signature.getInstance("SHA256withRSA");
+        publicSignature.initVerify(publicKey);
+        publicSignature.update(content.getBytes("UTF-8"));
+        byte[] signatureBytes = Base64.getDecoder().decode(signature);
+        return publicSignature.verify(signatureBytes);
+    }
+
+    // Sign the content with a temporary signature based on time blocks
+    public static String temporarySignContent(String content, PrivateKey privateKey, int frames) throws Exception {
+        long timeBlock = Instant.now().getEpochSecond() / 60;
+        String contentWithTime = content + "|" + timeBlock;
+        return signContent(contentWithTime, privateKey);
+    }
+
+    // Verify a temporary signature with time blocks
+    public static boolean verifyTemporarySignature(String content, String signature, PublicKey publicKey, int frames) throws Exception {
+        long timeBlock = Instant.now().getEpochSecond() / 60;
+
+        for (int i = 0; i < frames; i++) {
+            String contentWithTime = content + "|" + (timeBlock - i);
+            if (verifyContent(contentWithTime, signature, publicKey)) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    // Encrypt the content using the public key
+    public static String encryptContent(String content, PublicKey publicKey) throws Exception {
+        Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
+        cipher.init(Cipher.ENCRYPT_MODE, publicKey);
+        byte[] ciphertext = cipher.doFinal(content.getBytes("UTF-8"));
+        return Base64.getEncoder().encodeToString(ciphertext);
+    }
+
+    // Decrypt the content using the private key
+    public static String decryptContent(String ciphertext, PrivateKey privateKey) throws Exception {
+        Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
+        cipher.init(Cipher.DECRYPT_MODE, privateKey);
+        byte[] decryptedBytes = cipher.doFinal(Base64.getDecoder().decode(ciphertext));
+        return new String(decryptedBytes, "UTF-8");
+    }
+}
--- a/examples/cryptography.php
+++ b/examples/cryptography.php
@ -0,0 +1,120 @@
+<?php
+
+    class Cryptography
+    {
+        // Generate a new RSA key pair
+        public static function generateKeyPair()
+        {
+            // Generate private key
+            $config = [
+                "private_key_type" => OPENSSL_KEYTYPE_RSA,
+                "private_key_bits" => 2048,
+            ];
+            $res = openssl_pkey_new($config);
+
+            // Extract the private key to a variable
+            openssl_pkey_export($res, $privateKey);
+
+            // Extract the public key from the private key
+            $publicKeyDetails = openssl_pkey_get_details($res);
+            $publicKey = $publicKeyDetails['key'];
+
+            // Return both keys in Base64 encoding (without PEM headers)
+            return [
+                'privateKey' => base64_encode($privateKey),
+                'publicKey' => base64_encode($publicKey),
+            ];
+        }
+
+        // Sign the content using the private key
+        public static function signContent($content, $privateKey)
+        {
+            // Decode the Base64 private key
+            $privateKeyDecoded = openssl_pkey_get_private(base64_decode($privateKey));
+
+            // Sign the content
+            openssl_sign($content, $signature, $privateKeyDecoded, OPENSSL_ALGO_SHA256);
+
+            // Return the signature in Base64 encoding
+            return base64_encode($signature);
+        }
+
+        // Verify the signature of the content using the public key
+        public static function verifyContent($content, $signature, $publicKey)
+        {
+            // Decode the Base64 public key
+            $publicKeyDecoded = openssl_pkey_get_public(base64_decode($publicKey));
+
+            // Decode the Base64 signature
+            $signatureDecoded = base64_decode($signature);
+
+            // Verify the signature
+            $result = openssl_verify($content, $signatureDecoded, $publicKeyDecoded, OPENSSL_ALGO_SHA256);
+
+            // Return true if the signature is valid, false otherwise
+            return $result === 1;
+        }
+
+        // Sign the content with a temporary signature based on time blocks
+        public static function temporarySignContent($content, $privateKey, $frames = 1)
+        {
+            // Calculate the current time block
+            $timeBlock = intdiv(time(), 60);
+
+            // Append the time block to the content
+            $contentWithTime = $content . '|' . $timeBlock;
+
+            // Sign the content with the time block
+            return self::signContent($contentWithTime, $privateKey);
+        }
+
+        // Verify a temporary signature with time blocks
+        public static function verifyTemporarySignature($content, $signature, $publicKey, $frames = 1)
+        {
+            // Calculate the current time block
+            $timeBlock = intdiv(time(), 60);
+
+            // Check for each time block within the frame range
+            for ($i = 0; $i < $frames; $i++) {
+                // Append the time block to the content
+                $contentWithTime = $content . '|' . ($timeBlock - $i);
+
+                // Verify the signature
+                if (self::verifyContent($contentWithTime, $signature, $publicKey)) {
+                    return true;
+                }
+            }
+
+            // Return false if none of the frames matched
+            return false;
+        }
+
+        // Encrypt the content using the public key
+        public static function encryptContent($content, $publicKey)
+        {
+            // Decode the Base64 public key
+            $publicKeyDecoded = openssl_pkey_get_public(base64_decode($publicKey));
+
+            // Encrypt the content
+            openssl_public_encrypt($content, $ciphertext, $publicKeyDecoded, OPENSSL_PKCS1_OAEP_PADDING);
+
+            // Return the ciphertext in Base64 encoding
+            return base64_encode($ciphertext);
+        }
+
+        // Decrypt the content using the private key
+        public static function decryptContent($ciphertext, $privateKey)
+        {
+            // Decode the Base64 private key
+            $privateKeyDecoded = openssl_pkey_get_private(base64_decode($privateKey));
+
+            // Decode the Base64 ciphertext
+            $ciphertextDecoded = base64_decode($ciphertext);
+
+            // Decrypt the content
+            openssl_private_decrypt($ciphertextDecoded, $plaintext, $privateKeyDecoded, OPENSSL_PKCS1_OAEP_PADDING);
+
+            // Return the decrypted plaintext
+            return $plaintext;
+        }
+    }
--- a/examples/cryptography.py
+++ b/examples/cryptography.py
@ -0,0 +1,101 @@
+import base64
+import time
+from Crypto.PublicKey import RSA
+from Crypto.Signature import pkcs1_15
+from Crypto.Hash import SHA256
+from Crypto.Cipher import PKCS1_OAEP
+
+class Cryptography:
+
+    @staticmethod
+    def generate_key_pair():
+        # Generate RSA key pair
+        key = RSA.generate(2048)
+        private_key = key.export_key(format='DER')
+        public_key = key.publickey().export_key(format='DER')
+
+        # Return keys in Base64 encoding
+        return {
+            'privateKey': base64.b64encode(private_key).decode('utf-8'),
+            'publicKey': base64.b64encode(public_key).decode('utf-8')
+        }
+
+    @staticmethod
+    def sign_content(content, private_key_base64):
+        # Decode the Base64 private key
+        private_key = RSA.import_key(base64.b64decode(private_key_base64))
+
+        # Hash the content using SHA256
+        h = SHA256.new(content.encode('utf-8'))
+
+        # Sign the hash
+        signature = pkcs1_15.new(private_key).sign(h)
+
+        # Return the signature in Base64 encoding
+        return base64.b64encode(signature).decode('utf-8')
+
+    @staticmethod
+    def verify_content(content, signature_base64, public_key_base64):
+        # Decode the Base64 public key and signature
+        public_key = RSA.import_key(base64.b64decode(public_key_base64))
+        signature = base64.b64decode(signature_base64)
+
+        # Hash the content
+        h = SHA256.new(content.encode('utf-8'))
+
+        try:
+            # Verify the signature
+            pkcs1_15.new(public_key).verify(h, signature)
+            return True
+        except (ValueError, TypeError):
+            return False
+
+    @staticmethod
+    def temporary_sign_content(content, private_key_base64, frames=1):
+        # Calculate the current time block
+        time_block = int(time.time() // 60)
+
+        # Append the time block to the content
+        content_with_time = f"{content}|{time_block}"
+
+        # Sign the content with the time block
+        return Cryptography.sign_content(content_with_time, private_key_base64)
+
+    @staticmethod
+    def verify_temporary_signature(content, signature_base64, public_key_base64, frames=1):
+        # Calculate the current time block
+        time_block = int(time.time() // 60)
+
+        # Check for each time block within the frame range
+        for i in range(frames):
+            content_with_time = f"{content}|{time_block - i}"
+            if Cryptography.verify_content(content_with_time, signature_base64, public_key_base64):
+                return True
+
+        return False
+
+    @staticmethod
+    def encrypt_content(content, public_key_base64):
+        # Decode the Base64 public key
+        public_key = RSA.import_key(base64.b64decode(public_key_base64))
+
+        # Encrypt the content using RSA-OAEP
+        cipher = PKCS1_OAEP.new(public_key)
+        ciphertext = cipher.encrypt(content.encode('utf-8'))
+
+        # Return the ciphertext in Base64 encoding
+        return base64.b64encode(ciphertext).decode('utf-8')
+
+    @staticmethod
+    def decrypt_content(ciphertext_base64, private_key_base64):
+        # Decode the Base64 private key and ciphertext
+        private_key = RSA.import_key(base64.b64decode(private_key_base64))
+        ciphertext = base64.b64decode(ciphertext_base64)
+
+        # Decrypt the content using RSA-OAEP
+        cipher = PKCS1_OAEP.new(private_key)
+        plaintext = cipher.decrypt(ciphertext)
+
+        # Return the decrypted content
+        return plaintext.decode('utf-8')
+