I've been working with pybitcointools for a while and I'm not sure exactly how to properly manage with private key loading in order to sign transactions.
def sign(tx, i, priv, hashcode=SIGHASH_ALL): ...
The sign function requires a key as a str that is used to perform the signature, but if you want to import that keys from a key file there's no way to export the private key as a str (or at least I've not been able to find it).
Some time ago I created a small OpenSSL wrapper in Python in order to load the key and extract the private part, but I don't think it is the most correct way and definitely not the most elegant one.
Does anyone know if there's any proper way to do it?
Maybe the question is quite odd, but I would like to be sure I was not being using it wrong all this time.
Related
I'm trying to create a model in SQLAlchemy, but I'm having a hard time finding out what is the best way. I currently have a class called returns, which I want to give an additional variable. A state of which the return is in. So for example, a return can be expected, received or processed. However, in the Flask application I want to show the user a nice string. For example; processed should become "Waiting for reimboursment".
The problem however is, I don't want to send these strings to the database, since I might change them in the future or add statusses. Therefore I want some kind of translation to be made between the value saved in the DB and the 'string' value. I have tried solving this by using Enums, but it is not possible to create the 'string' values. I would like something like this to return either the 'key' or the 'value', where only the key is saved in the database.
return.status.key
return.status.value
I have tried looking for a solution but was not able to find anything that seems to be fit.
What is the best practice for these kinds of requirements?
I'd like to copy a bunch of stripe product objects created with my test keys over to my live keys, with as few changes as possible.
My rough plan would be to access the stripe api in python with my test key, run product = stripe.Product.retrieve("prod_id") then convert product into a dictionary by prod_dict = json.loads(str(product)) then access the api with my live key and run stripe.Product.create(prod_dict) ... but this doesn't work.
My specific error is "stripe.error.AuthenticationError: Invalid API Key Provided: {'active*****..."
But I think that's a red herring. I'm pretty sure the issue is not the API Key, but rather that it's not actually acceptable to try to pass a dictionary as the argument for 'stripe.Product.create'. But I'm stumped as to how else to do what I want.
Has anyone else had the same issue and found a quick and easy solution?
My list of products is not large and I could, in theory, just do this by hand, but I'm worried about making some error in the copying process and, really, it doesn't seem like this should be very hard to do. Although, I'm often wrong about what should and shouldn't be easy to do. In any case, any help would be appreciated.
I am working on a project (the tech is Django Framework), and I have been assigned a task to create a functionality to store translations and create new translations of a given json file. The json file includes key, value pairs where the key is a unique key that the front-end of the app uses to tell where the text goes, which is the value. For example, { 'restaurant.wait':'Please wait while we process your order'}. So, I have a default json file with keys and values in English, and say we need a translation, I need to be able to get the values (easy part), show them to the translator, then he will input translations in a form with the translation for the given text. Now here comes the hard part, I need to then take this translation and map it back to the same keys in the json file. Another feature that this needs to have is to be able to export/import csv files of translations and then dynamically add them. I can't seem to figure out how to start solving this problem. I tried thinking of a model that I could have to hold the keys and to have another model that would be the translations, but I get confused how I should input the default values. I've just come to a stalemate on this problem and I am having a hard time thinking up of a clean way to do this. I also tried to go about it without a model for a database and just use a view to do this, but there is a problem with keeping order of the keys, and mapping the translations back to the correct keys. Please, I would really appreciate any help I can get with how I should go about to implement this. Thank you, in advance I hope there is enough detail that you can understand the issue I am having.
I'm looking to send a file to multiple people, but I also want them to know that:
The file has not been changed since I sent it to them.
They know that it was me who sent the file.
I'm coding in Python, so I was thinking of pulling in the file, taking a hash of it, and then encrypting the hash with my private key. I would send the original file along with this new file (probably just a .txt) to whoever I want. My friends could then decrypt the hash using my public key and compare it to a hash they take of the original file. I'd like to use something at least on the level of SHA-256. I do not want to use MD5 or SHA-1.
Note- The original file I am sending does not have to be encrypted, just looking for some integrity and non-repudiation.
Would this fulfill the two requirements above? And is there an easy way to implement this in Python?
I was thinking of pulling in the file, taking a hash of it, and then encrypting the hash with my private key
That's exactly what we commonly call signing or digital-signature, which fulfills your two requirements.
Would this fulfill the two requirements above?
Yes. Signing a message doesn't prevent it from being manipulated. It's only getting infeasible of generating a signature for a manipulated message without the private key.
And is there an easy way to implement this in Python?
Sure, pyCrypto supports RSA and DSA. You should try ed25519, though, because its signatures are smaller.
I'm trying to reduce the size of a string like this:
'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0NDU0OTk3NDUsImQiOnsiYXV0aF9kYXRhIjoiZm9vIiwib3RoZXJfYXV0aF9kYXRhIjoiYmFyIiwidWlkIjoidW5pcXVlSWQxIn0sInYiOjB9.h6LV3boj0ka2PsyOjZJb8Q48ugiHlEkNksusRGtcUBk'
to something that someone could type in less then 30 seconds like this:
'aF9kYX'
and be able to turn it back to the original string too. How could I achieve that?
EDIT: I guess I'm not being clear, first I don't know if what I want is possible.
So, I have my app which asks for a token to log in, which is that JWT. But it is way too long for someone to manually type. So I supposed there was an algorithm to make this string smaller (compress it) so that it could be easier and faster to type. An example that comes to my mind of how I would use such algorithm is:
short_to_big(small_string) //Returns the original JWT
big_to_short(JWT_string) //Returns the smaller string
Stupid simple answer: use a dict to store the short string as key and the long one as value. Then you just have to generate the short string the way you like and make sure it's not already in the dict. If you need to persist the key/value, you can use almost any kind of database (sql, key:value, document, or even a csv file FWIW).
Oh and if that doesn't solve your problem then you may want to consider giving more context ;)
You need more constraints. A 200 character string contains a lot more information than a 6 character string, so either need to a lot more about the original strings (e.g. that they come from some known set of strings, or have a limited character set) or you need to store the original strings somewhere and use the string the user type as a key to a map or similar.
There are lossless compression algorithms, but these depend on knowing some probabilistic information about the string (e.g. that repeated characters are likely) and will typically expand the strings if the probabilities are wrong.
UPDATE (After question clarification and comments suggestion)
You could implement an algorithm that uniquely maps this big string into a short representation of the string and store this mapping in a dictionary. The following algorithm does not guarantee the uniqueness but should give you some path to follow.
import random
import string
def long_string_to_short(original_string, length=10):
random.seed(original_string)
filling_values = string.digits + string.ascii_letters
short_string = ''.join(random.choice(filling_values) for char_ in xrange(length))
return short_string
When calling the function you can specify an appropriate length for the short string.
Then you could:
my_mapping_dict = {}
my_long_string = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0NDU0OTk3NDUsImQiOnsiYXV0aF9kYXRhIjoiZm9vIiwib3RoZXJfYXV0aF9kYXRhIjoiYmFyIiwidWlkIjoidW5pcXVlSWQxIn0sInYiOjB9.h6LV3boj0ka2PsyOjZJb8Q48ugiHlEkNksusRGtcUBk'
short_string = long_string_to_short(my_long_string)
my_mapping_dict[short_string] = my_long_string
Ok, so, because I couldn't find a solution for shrinking the string, I tried to give it a different approach, and found a solution.
Now to clarify why I wanted to log in with the token, I'm going to write what I want to do with my app:
In Firebase anyone can create an account, but I don't want that, so for that I made a group of users that were the only ones that could write or read the data.
So in order to create an account, the user would have to request a register code, (Which in reality is a JWT generated from Firebase, so that you have permission to add a user to that group I was talking about).
This app is for local use, meaning that only people that lives here are going to use it. So, back to the original question, the token is too big for someone to type (as I have said many times), and I wanted to know if I could shrink it and how. But without success I tried a different approach, which is to generate the token (from a different program), encrypt it with a random code, and upload it to a firebase, that way I give the random code to people so that users can type it in the app so that it can retrieve and decrypt the token and authenticate with it, so that finally the user has an account that has the privilege to read or write data.
Thanks for your responses and sorry if I wasted your time.