Encode string representation of integer to base64 in Python 3

I'm writing a web app (Flask, Tornado) and would appreciate an expert's opinion on best practices. I don't know any other Python devs in real life :(

I don't know how/where to ask this, so if I chose the incorrect site and subreddit forward me along :)
But I've been working on a project for around a week and I don't know if I'm approaching it correctly. Right now I'm using:
I'm using Python 2.7.5, with Debian on my production server, Windows 7 with Debian VM on my dev box.
Basically, I just need help. This isn't the first web project I've done .. but it's by far the most complicated. I know I'm not doing some things right and want to fix them before it gets too far along.
I would love to talk with someone for 20 minutes about any of the following:
I'm studying CS in school but picked up all the python-web-stuff on my own over the last year or so, and I don't think I'm doing it right. As a broke college kid I can't pay for your time but might be able to exchange something instead.
Thank you in advance if you can help me with any of the above topics.
Note) I should note that everything WORKS, so this isn't a "how do I get this and this working for that to happen" -- I could finish the project without any answers. I just want to tighten security and make sure I learned things correctly while spending so much time on a "major" project for myself.
Also, I'm still waiting on the Flask text book from kickstarter if the author happens to see this post ;)
submitted by LightShadow to Python [link] [comments]

secret communication in plain sight

I've been having a bit of silly fun thinking about secret communication in plain sight - something like what 1940's spies may have done, but using the Internet. So, any thoughts on the following "protocol"?
Setup: You and your partner meeting in person at a safe/secure location. You use something like Diceware or maybe just a dictionary to create a secure (high enough entropy) passphrase known only to you two. You memorise the passphrase and destroy all evidence of its creation. Then you agree on the cryptographic protocols (see below) and finally you decide on a place and time for virtual communication. For example, you might to decide to use pastebin and have a communication window at 8pm every day. You both now go your separate ways.
The next evening you want to see whether your partner has communicated something. You take your chosen passphrase and feed it into a KDF that was chosen in the protocol selection step. Let's say you decided to use PBKDF2 with 100k iterations, 32 byte output and both the input password and the salt set to the passphrase you chose. The resulting 256 bit value is your shared symmetric key. As part of the protocol selection, you also decided on a method of synchronising identities. Let's say you chose to use the Bitcoin blockchain. You look at the most recent block in the blockchain as it was at 8pm that evening, and take the block nonce. You encrypt it using 256 bit AES in ECB mode. The resulting value is your shared ID.
You now go to pastebin and search for the ID you just generated. If your partner had uploaded something, then you'd find the ID, an IV and maybe a base64 encoded message that was encrypted using your shared key using 256 AES in CBC mode.
To send a communication, you'd basically reverse the process.
So the general idea is to use a publicly verifiable service to sync your anonymous one-time IDs. The rest of it just comes down to choosing cryptographic primitives, and you can use whatever tools you happen to have available at the time (openssl, python, ruby etc).
Just a bit of fun. Any thoughts?
submitted by zeroXten to crypto [link] [comments]

Validating Wright's 'Signature' Using Python

Presuming you have Python already installed ( if not 'apt-get install python' ) and you want to check Wright's signature you need to install Python Pip:
sudo apt-get install python-pip 
Then install the Bitcoin-themed Python library (the old python bitcointools made by vbuterin):
pip install bitcoin 
Now you should be able to check the bitcoin library with something like (if you see a hash it means everything is working fine):
python -c "from bitcoin import *; print sha256('')" 
To make everything simple, you can just download the python extractor made by Ryan Castellucci (don't forget to rename it after that):
wget https://gist.githubusercontent.com/ryancdotorg/a0c0e62e2938168c93e51270fe7d07f5/raw/13774e02d88ae0753c289ca2386f84c2bccf7212/python-bullshit.txt mv python-bullshit.txt python-bullshit.py 
Simply run the python script to get the sha256 hash used by Wright in his post, the 64 char string that looks like the hash from the famous Sartre quote it's just some data extracted from the blockchain itself (second output, the first output is a double-hash).
python python-bullshit.py 3ec9cbc0d1aa849c16a1b276b246e057e7232b21926e428cc09b692c14336f44 479f9dff0155c045da78402177855fdb4f0f396dc0d2c24f7376dd56e2e68b05 
Let's put the hash in a file to recreate the full scenario as described here:
nano python-bullshit-output.py 
Paste this (make sure you have the correct indentation and add a tab before the f.write then exit using Ctrl+X then Y):
from bitcoin import * modtx="0100000001ba91c1d5e55a9e2fab4e41f55b862a73b24719aad13a527d169c1fad3b63b5120100000043410411db93e1dcdb8a016b49840f8c53bc1eb68a382e97b1482ecad7b148a6909a5cb2e0eaddfb84ccf9744464f82e160bfa9b8b64f9d4c03f999b8643f656b412a3acffffffff0200ca9a3b00000000434104bed827d37474beffb37efe533701ac1f7c600957a4487be8b371346f016826ee6f57ba30d88a472a0e4ecd2f07599a795f1f01de78d791b382e65ee1c58b4508ac00d2496b0000000043410411db93e1dcdb8a016b49840f8c53bc1eb68a382e97b1482ecad7b148a6909a5cb2e0eaddfb84ccf9744464f82e160bfa9b8b64f9d4c03f999b8643f656b412a3ac0000000001000000" bin_modtx = changebase(modtx, 16, 256) print sha256(bin_modtx) with open('Sartre', 'w') as f: f.write(bin_modtx) 
Now you can pretend to hash Sartre quotes like Wright ( you can download the Sartre file here ): python python-bullshit-output.py sha256sum Sartre 479f9dff0155c045da78402177855fdb4f0f396dc0d2c24f7376dd56e2e68b05
You can recreate the sn7-message.txt file made by Wright like this (you can put this in python and run like above):
from bitcoin import * modtx="0100000001ba91c1d5e55a9e2fab4e41f55b862a73b24719aad13a527d169c1fad3b63b5120100000043410411db93e1dcdb8a016b49840f8c53bc1eb68a382e97b1482ecad7b148a6909a5cb2e0eaddfb84ccf9744464f82e160bfa9b8b64f9d4c03f999b8643f656b412a3acffffffff0200ca9a3b00000000434104bed827d37474beffb37efe533701ac1f7c600957a4487be8b371346f016826ee6f57ba30d88a472a0e4ecd2f07599a795f1f01de78d791b382e65ee1c58b4508ac00d2496b0000000043410411db93e1dcdb8a016b49840f8c53bc1eb68a382e97b1482ecad7b148a6909a5cb2e0eaddfb84ccf9744464f82e160bfa9b8b64f9d4c03f999b8643f656b412a3ac0000000001000000" bin_modtx = changebase(modtx, 16, 256) bin_modtx_sha = changebase( sha256(bin_modtx), 16, 256 ) with open('sn7-message.txt', 'w') as f: f.write(bin_modtx_sha) 
The same way you can recreate the sig.asn1 file because this is basically the script of input 0 in tx 828ef3b079f9c23829c56fe86e85b4a69d9e06e5b54ea597eef5fb3ffef509fe see here
xxd sig.asn1 
You can just download it from here along with other files here
wget https://s3.amazonaws.com/dmk/hell_is_this_crypto.zip unzip hell_is_this_crypto.zip . 
Before final step you can check if you have the public key:
openssl ec -in sn-pub.pem -pubin -text -noout 
Finally you can perform the 'message' verification:
base64 --decode signiture.der > sig.asn1 && openssl dgst -verify sn-pub.pem -signature sig.asn1 sn7-message.txt 
And you will get the verification 'Verified OK'

Images here: https://imgur.com/a/afRs8
submitted by backtrackhacker to Bitcoin [link] [comments]

Problems Connecting to MtGox API 2 with Python

Hey guys, I am writing a trading program that I need to connect to MtGox (a bitcoin exchange) through the API v2. But I keep getting the following error:
URL: https://data.mtgox.com/api/2/BTCUSD/money/bitcoin/address HTTP Error 403: Forbidden.
Most of my script is a direct copy from here (that is a pastebin link). I just had to change it to work with Python 3.3.
I suspect that it has to do with the part of script where I use base64.b64encode. In my code, I have to encode my strings to utf-8 to use base64.b64encode (lines 112 and 113). However, with the other guy's script, he doesn't have too (see lines 112 and 113 of the first link). I'm wondering if that extra encoding is causing my header credentials to be incorrect.
I'm guessing this is another Python 2 v. Python 3 problem. I don't know how the other guy got away without changing to utf-8, because the script won't run if you try to pass a string to b64encode or hmac. Do you guys see any problems with what I am doing? Is out code equivalent?
submitted by chops228 to learnpython [link] [comments]

Hack bitcoin (private script) 2019 Blockchain tutorial 13: Base-64 and base-58 encoding How To Get Random Bitcoin Keys Using Python  Coding With ... Getting base64 from bitcoin 310 image - Bitcoin 310 challenge Bypass Anti-Virus with python

The Bitcoin Wiki has a page with a detailed description of some ways to make a JSON-RPC call in various programming languages. For brevity, only two are listed. In Python: import httplib, json, base64 def mkrequest(url,user,pass,method,params,hasresponse=True): Introduction¶. Flaskwallet a multi-node bitcoin client, a web app written with flask.If you know how to use python and how to run a bitcoind you can probably use it. Alternatively you can also run bitcoin-qt with the -server option. Flaskwallet is not a thin client, you need to run bitcoin nodes to manage them through the RPC API. I have a string in base64 format, which represents PNG image. Is there a way to save this image to the filesystem, as a PNG file? I encoded the image using flex. Actually this is what I get on ser... 编码集不同,Base58 的编码集在 Base64 的字符集的基础上去掉了比较容易混淆的字符。 Base64 采用直接切割 bit 的方法(8->6),而 Base58 采用大数进制转换,效率更低,使用场景更少。 【注】Base58 解码时需要将长度传入, 这点与 Base64 有区别, 在代码实现时应注意。 For others who want to encode integers but don't have expected output: This works, but the encoded string can be much longer than needed. That's because by converting numbers to strings, you're only using a tiny fraction of the input space, but b64encode doesn't know about that (e.g.it doesn't know there'll never be a letter).

[index] [7205] [47033] [13947] [33225] [7368] [10307] [10389] [50529] [14762] [289]

Hack bitcoin (private script) 2019

This is part 13 of the Blockchain tutorial explaining what base-64 and base-58 encoding is. In this video series different topics will be explained which will help you to understand blockchain ... base64 encode it. This video is unavailable. Watch Queue Queue csgo bitcoin key bot bitcoin private key base64 bitcoin public key balance b.a.d key bitcoin bitcoin key collision bitcoin key checker bitcoin key converter bitcoin key card bitcoin key collection ... In this video, we will continue a new series - coding bitcoin wallet in python. Using python3 I am going through the algorithm to encode any string of data to base58 characters. It is the encoding ... This video is unavailable. Watch Queue Queue. Watch Queue Queue

#