Skip to content

Ecdh import export #42

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

Ecdh import export #42

wants to merge 7 commits into from

Conversation

@Dringho
Copy link
Contributor

@Dringho Dringho commented Jul 22, 2025

Issue #, if available:

Description of changes:
Script that imports/exports plaintext keys to/from APC using ECDH to generate a AES-256 KEK to wrap a TR-31 block. The script can import/export: AES-256 keys, 3DES_3KEY, 3DES_2KEY.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@amitkhanal
Copy link
Contributor

amitkhanal commented Aug 27, 2025

@Dringho I'm getting this error as we discussed. Can you please look into it.

`ecdh-tr31-import-export => python3 main.py
Starting AWS Payment Cryptography and Local CA Integration
[?] Select operation mode:

Import a key from a raw plaintext key into AWS Payment Cryptography
Create a random key in AWS Payment Cryptography and export it to plaintext

Selected operation: IMPORT
[?] Select key type:

AES-256 (32 bytes / 256 bits)
Triple DES 2-Key (16 bytes / 128 bits)
Triple DES 3-Key (24 bytes / 192 bits)

Selected key type: AES_256
[?] Select key import method:

Generate a random key
Enter a custom hexadecimal key

Selected import method: random
Will generate a random AES-256 key during execution

=== Starting Execution ===

--- Step 1: Create Local CA and import public CA key ---
Creating local CA
Traceback (most recent call last):
File "/Users/akhnal/Documents/workspace/samples-for-payment-cryptography-service/key-import-export/ecdh-tr31-import-export/main.py", line 460, in
main()
File "/Users/akhnal/Documents/workspace/samples-for-payment-cryptography-service/key-import-export/ecdh-tr31-import-export/main.py", line 254, in main
ca_id = find_or_create_local_ca()
File "/Users/akhnal/Documents/workspace/samples-for-payment-cryptography-service/key-import-export/ecdh-tr31-import-export/crypto_utils.py", line 367, in find_or_create_local_ca
return create_local_ca()
File "/Users/akhnal/Documents/workspace/samples-for-payment-cryptography-service/key-import-export/ecdh-tr31-import-export/crypto_utils.py", line 293, in create_local_ca
now = datetime.datetime.now(datetime.UTC)
AttributeError: module 'datetime' has no attribute 'UTC'`

@Dringho
Copy link
Contributor Author

Dringho commented Aug 28, 2025
edited
Loading

@amitkhanal fixed 3.8 retrocompatibility, there was a change in datetime in 3.11 that was breaking previous versions. I tested it with 3.8, 3.11 and 3.13 and it works now, thanks 4 the feedback!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Dringho @amitkhanal