some ed25519 crypto tools

2022-04-20 15:43:02 +02:00 · 2022-04-20 15:43:02 +02:00 · 1b665b1243
parent b84e3e59f2
commit 1b665b1243
10 changed files with 11580 additions and 0 deletions
--- a/templates/ipfstiddlywiki.html
+++ b/templates/ipfstiddlywiki.html
--- a/tools/crypto.proto
+++ b/tools/crypto.proto
@ -0,0 +1,22 @@
+syntax = "proto2";
+
+package crypto.pb;
+
+option go_package = "github.com/libp2p/go-libp2p-core/crypto/pb";
+
+enum KeyType {
+	RSA = 0;
+	Ed25519 = 1;
+	Secp256k1 = 2;
+	ECDSA = 3;
+}
+
+message PublicKey {
+	required KeyType Type = 1;
+	required bytes Data = 2;
+}
+
+message PrivateKey {
+	required KeyType Type = 1;
+	required bytes Data = 2;
+}
--- a/tools/crypto_pb2.py
+++ b/tools/crypto_pb2.py
@ -0,0 +1,163 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: crypto.proto
+
+import sys
+_b=sys.version_info[0]<3 and (lambda x:x) or (lambda x:x.encode('latin1'))
+from google.protobuf.internal import enum_type_wrapper
+from google.protobuf import descriptor as _descriptor
+from google.protobuf import message as _message
+from google.protobuf import reflection as _reflection
+from google.protobuf import symbol_database as _symbol_database
+from google.protobuf import descriptor_pb2
+# @@protoc_insertion_point(imports)
+
+_sym_db = _symbol_database.Default()
+
+
+
+
+DESCRIPTOR = _descriptor.FileDescriptor(
+  name='crypto.proto',
+  package='crypto.pb',
+  syntax='proto2',
+  serialized_pb=_b('\n\x0c\x63rypto.proto\x12\tcrypto.pb\";\n\tPublicKey\x12 \n\x04Type\x18\x01 \x02(\x0e\x32\x12.crypto.pb.KeyType\x12\x0c\n\x04\x44\x61ta\x18\x02 \x02(\x0c\"<\n\nPrivateKey\x12 \n\x04Type\x18\x01 \x02(\x0e\x32\x12.crypto.pb.KeyType\x12\x0c\n\x04\x44\x61ta\x18\x02 \x02(\x0c*9\n\x07KeyType\x12\x07\n\x03RSA\x10\x00\x12\x0b\n\x07\x45\x64\x32\x35\x35\x31\x39\x10\x01\x12\r\n\tSecp256k1\x10\x02\x12\t\n\x05\x45\x43\x44SA\x10\x03\x42,Z*github.com/libp2p/go-libp2p-core/crypto/pb')
+)
+_sym_db.RegisterFileDescriptor(DESCRIPTOR)
+
+_KEYTYPE = _descriptor.EnumDescriptor(
+  name='KeyType',
+  full_name='crypto.pb.KeyType',
+  filename=None,
+  file=DESCRIPTOR,
+  values=[
+    _descriptor.EnumValueDescriptor(
+      name='RSA', index=0, number=0,
+      options=None,
+      type=None),
+    _descriptor.EnumValueDescriptor(
+      name='Ed25519', index=1, number=1,
+      options=None,
+      type=None),
+    _descriptor.EnumValueDescriptor(
+      name='Secp256k1', index=2, number=2,
+      options=None,
+      type=None),
+    _descriptor.EnumValueDescriptor(
+      name='ECDSA', index=3, number=3,
+      options=None,
+      type=None),
+  ],
+  containing_type=None,
+  options=None,
+  serialized_start=150,
+  serialized_end=207,
+)
+_sym_db.RegisterEnumDescriptor(_KEYTYPE)
+
+KeyType = enum_type_wrapper.EnumTypeWrapper(_KEYTYPE)
+RSA = 0
+Ed25519 = 1
+Secp256k1 = 2
+ECDSA = 3
+
+
+
+_PUBLICKEY = _descriptor.Descriptor(
+  name='PublicKey',
+  full_name='crypto.pb.PublicKey',
+  filename=None,
+  file=DESCRIPTOR,
+  containing_type=None,
+  fields=[
+    _descriptor.FieldDescriptor(
+      name='Type', full_name='crypto.pb.PublicKey.Type', index=0,
+      number=1, type=14, cpp_type=8, label=2,
+      has_default_value=False, default_value=0,
+      message_type=None, enum_type=None, containing_type=None,
+      is_extension=False, extension_scope=None,
+      options=None),
+    _descriptor.FieldDescriptor(
+      name='Data', full_name='crypto.pb.PublicKey.Data', index=1,
+      number=2, type=12, cpp_type=9, label=2,
+      has_default_value=False, default_value=_b(""),
+      message_type=None, enum_type=None, containing_type=None,
+      is_extension=False, extension_scope=None,
+      options=None),
+  ],
+  extensions=[
+  ],
+  nested_types=[],
+  enum_types=[
+  ],
+  options=None,
+  is_extendable=False,
+  syntax='proto2',
+  extension_ranges=[],
+  oneofs=[
+  ],
+  serialized_start=27,
+  serialized_end=86,
+)
+
+
+_PRIVATEKEY = _descriptor.Descriptor(
+  name='PrivateKey',
+  full_name='crypto.pb.PrivateKey',
+  filename=None,
+  file=DESCRIPTOR,
+  containing_type=None,
+  fields=[
+    _descriptor.FieldDescriptor(
+      name='Type', full_name='crypto.pb.PrivateKey.Type', index=0,
+      number=1, type=14, cpp_type=8, label=2,
+      has_default_value=False, default_value=0,
+      message_type=None, enum_type=None, containing_type=None,
+      is_extension=False, extension_scope=None,
+      options=None),
+    _descriptor.FieldDescriptor(
+      name='Data', full_name='crypto.pb.PrivateKey.Data', index=1,
+      number=2, type=12, cpp_type=9, label=2,
+      has_default_value=False, default_value=_b(""),
+      message_type=None, enum_type=None, containing_type=None,
+      is_extension=False, extension_scope=None,
+      options=None),
+  ],
+  extensions=[
+  ],
+  nested_types=[],
+  enum_types=[
+  ],
+  options=None,
+  is_extendable=False,
+  syntax='proto2',
+  extension_ranges=[],
+  oneofs=[
+  ],
+  serialized_start=88,
+  serialized_end=148,
+)
+
+_PUBLICKEY.fields_by_name['Type'].enum_type = _KEYTYPE
+_PRIVATEKEY.fields_by_name['Type'].enum_type = _KEYTYPE
+DESCRIPTOR.message_types_by_name['PublicKey'] = _PUBLICKEY
+DESCRIPTOR.message_types_by_name['PrivateKey'] = _PRIVATEKEY
+DESCRIPTOR.enum_types_by_name['KeyType'] = _KEYTYPE
+
+PublicKey = _reflection.GeneratedProtocolMessageType('PublicKey', (_message.Message,), dict(
+  DESCRIPTOR = _PUBLICKEY,
+  __module__ = 'crypto_pb2'
+  # @@protoc_insertion_point(class_scope:crypto.pb.PublicKey)
+  ))
+_sym_db.RegisterMessage(PublicKey)
+
+PrivateKey = _reflection.GeneratedProtocolMessageType('PrivateKey', (_message.Message,), dict(
+  DESCRIPTOR = _PRIVATEKEY,
+  __module__ = 'crypto_pb2'
+  # @@protoc_insertion_point(class_scope:crypto.pb.PrivateKey)
+  ))
+_sym_db.RegisterMessage(PrivateKey)
+
+
+DESCRIPTOR.has_options = True
+DESCRIPTOR._options = _descriptor._ParseOptions(descriptor_pb2.FileOptions(), _b('Z*github.com/libp2p/go-libp2p-core/crypto/pb'))
+# @@protoc_insertion_point(module_scope)
--- a/tools/diceware-wordlist.txt
+++ b/tools/diceware-wordlist.txt
--- a/tools/diceware.sh
+++ b/tools/diceware.sh
@ -0,0 +1,33 @@
+#!/bin/bash
+########################################################################
+# Author: Fred (support@qo-op.com)
+# Version: 2020.03.18
+# License: AGPL-3.0 (https://choosealicense.com/licenses/agpl-3.0/)
+########################################################################
+MY_PATH="`dirname \"$0\"`"              # relative
+MY_PATH="`( cd \"$MY_PATH\" && pwd )`"  # absolutized and normalized
+########################################################################
+# \\///
+# qo-op
+#############
+##########################
+#######################################
+####################################################
+########################################################################
+
+MOTS=$(echo "$1" | grep -E "^\-?[0-9]+$")
+# Default is 6 words passphrase
+if [[ "$MOTS" == "" ]]; then MOTS=6; fi
+WORDCOUNT=${1-$MOTS}
+# Download the wordlist
+# wget -nc -O ~/.diceware-wordlist http://world.std.com/%7Ereinhold/diceware.wordlist.asc 2> /dev/null
+# print a list of the diceware words
+cat $MY_PATH/diceware-wordlist.txt | \
+awk '/[1-6][1-6][1-6][1-6][1-6]/{ print $2 }' | \
+# randomize the list order
+shuf --random-source=/dev/urandom | \
+# pick the first n words
+head -n ${WORDCOUNT} | \
+# pretty print
+tr '\n' ' '
+echo
--- a/tools/g1_to_ipfs.py
+++ b/tools/g1_to_ipfs.py
@ -0,0 +1,13 @@
+#!/usr/bin/env python3
+import sys, re, base58, base64, crypto_pb2
+import cryptography.hazmat.primitives.asymmetric.ed25519 as ed25519
+from cryptography.hazmat.primitives import serialization
+
+shared_key = sys.argv[1]
+decoded_shared = base58.b58decode(shared_key)
+ipfs_shared = ed25519.Ed25519PublicKey.from_public_bytes(decoded_shared)
+
+ipfs_shared_bytes = ipfs_shared.public_bytes(encoding=serialization.Encoding.Raw,
+                                             format=serialization.PublicFormat.Raw)
+ipfs_pid = base58.b58encode(b'\x00$\x08\x01\x12 ' + ipfs_shared_bytes)
+print(format(ipfs_pid.decode('ascii')))
--- a/tools/give_me_keystore_filename.py
+++ b/tools/give_me_keystore_filename.py
@ -0,0 +1,3 @@
+#!/usr/bin/env python3
+import sys, base64
+print("key_"+base64.b32encode(sys.argv[1].encode()).decode().lower().replace("=",""))
--- a/tools/ipfs_to_g1.py
+++ b/tools/ipfs_to_g1.py
@ -0,0 +1,10 @@
+#!/usr/bin/env python3
+
+import sys, base58
+
+ID = sys.argv[1]
+hexFmt = base58.b58decode(ID)
+noTag = hexFmt[6:]
+b58Key = base58.b58encode(noTag).decode()
+
+print(b58Key)
--- a/tools/key_create_dunikey.py
+++ b/tools/key_create_dunikey.py
@ -0,0 +1,27 @@
+#!/usr/bin/env python3
+# This Python script gets Duniter creddentials as arguments, and writes a PubSec file that should be compatible with Cesium and Silkaj(DuniterPy) clients.
+# launch with :
+# python3 key_create_dnuikey.py <id> <mdp>
+
+# depends on duniterpy 0.56
+
+### Licence - WTFPL
+# This script was written my Matograine, in the hope that it will be helpful.
+# Do What The Fuck you like with it. There is :
+#  * no guarantee that this will work
+#  * no support of any kind
+#
+# If this is helpful, please consider making a donation to the developper's pubkey : 78ZwwgpgdH5uLZLbThUQH7LKwPgjMunYfLiCfUCySkM8
+# Have fun
+
+from sys import argv
+from duniterpy.key import SigningKey
+
+# path to save to
+path = "/tmp/secret.dunikey"
+
+key = SigningKey.from_credentials(argv[1], argv[2], None)
+key.save_pubsec_file(path)
+print(
+    key.pubkey,
+)
--- a/tools/natools.py
+++ b/tools/natools.py
@ -0,0 +1,322 @@
+#!/usr/bin/env python3
+
+"""
+	CopyLeft 2020 Pascal Engélibert <tuxmain@zettascript.org>
+
+	This program is free software: you can redistribute it and/or modify
+	it under the terms of the GNU Affero General Public License as published by
+	the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU Affero General Public License for more details.
+
+	You should have received a copy of the GNU Affero General Public License
+	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+"""
+
+__version__ = "1.3.1"
+
+import os, sys, duniterpy.key, libnacl, base58, base64, getpass
+
+def getargv(arg:str, default:str="", n:int=1, args:list=sys.argv) -> str:
+	if arg in args and len(args) > args.index(arg)+n:
+		return args[args.index(arg)+n]
+	else:
+		return default
+
+def read_data(data_path, b=True):
+	if data_path == "-":
+		if b:
+			return sys.stdin.buffer.read()
+		else:
+			return sys.stdin.read()
+	else:
+		return open(os.path.expanduser(data_path), "rb" if b else "r").read()
+
+def write_data(data, result_path):
+	if result_path == "-":
+		os.fdopen(sys.stdout.fileno(), 'wb').write(data)
+	else:
+		open(os.path.expanduser(result_path), "wb").write(data)
+
+def encrypt(data, pubkey):
+	return duniterpy.key.PublicKey(pubkey).encrypt_seal(data)
+
+def decrypt(data, privkey):
+	return privkey.decrypt_seal(data)
+
+def box_encrypt(data, privkey, pubkey, nonce=None, attach_nonce=False):
+	signer = libnacl.sign.Signer(privkey.seed)
+	sk = libnacl.public.SecretKey(libnacl.crypto_sign_ed25519_sk_to_curve25519(signer.sk))
+	verifier = libnacl.sign.Verifier(base58.b58decode(pubkey).hex())
+	pk = libnacl.public.PublicKey(libnacl.crypto_sign_ed25519_pk_to_curve25519(verifier.vk))
+	box = libnacl.public.Box(sk.sk, pk.pk)
+	data = box.encrypt(data, nonce) if nonce else box.encrypt(data)
+	return data if attach_nonce else data[24:]
+
+def box_decrypt(data, privkey, pubkey, nonce=None):
+	signer = libnacl.sign.Signer(privkey.seed)
+	sk = libnacl.public.SecretKey(libnacl.crypto_sign_ed25519_sk_to_curve25519(signer.sk))
+	verifier = libnacl.sign.Verifier(base58.b58decode(pubkey).hex())
+	pk = libnacl.public.PublicKey(libnacl.crypto_sign_ed25519_pk_to_curve25519(verifier.vk))
+	box = libnacl.public.Box(sk.sk, pk.pk)
+	return box.decrypt(data, nonce) if nonce else box.decrypt(data)
+
+def sign(data, privkey):
+	return privkey.sign(data)
+
+def verify(data, pubkey):
+	try:
+		ret = libnacl.sign.Verifier(duniterpy.key.PublicKey(pubkey).hex_pk()).verify(data)
+		sys.stderr.write("Signature OK!\n")
+		return ret
+	except ValueError:
+		sys.stderr.write("Bad signature!\n")
+		exit(1)
+
+def get_privkey(privkey_path, privkey_format):
+	if privkey_format == "pubsec":
+		if privkey_path == "*":
+			privkey_path = "privkey.pubsec"
+		return duniterpy.key.SigningKey.from_pubsec_file(privkey_path)
+	
+	elif privkey_format == "cred":
+		if privkey_path == "*":
+			privkey_path = "-"
+		if privkey_path == "-":
+			return duniterpy.key.SigningKey.from_credentials(getpass.getpass("Salt: "), getpass.getpass("Password: "))
+		else:
+			return duniterpy.key.SigningKey.from_credentials_file(privkey_path)
+	
+	elif privkey_format == "seedh":
+		if privkey_path == "*":
+			privkey_path = "authfile.seedhex"
+		return duniterpy.key.SigningKey.from_seedhex(read_data(privkey_path, False))
+	
+	elif privkey_format == "wif":
+		if privkey_path == "*":
+			privkey_path = "authfile.wif"
+		return duniterpy.key.SigningKey.from_wif_or_ewif_file(privkey_path)
+	
+	elif privkey_format == "wifh":
+		if privkey_path == "*":
+			privkey_path = "authfile.wif"
+		return duniterpy.key.SigningKey.from_wif_or_ewif_hex(privkey_path)
+	
+	elif privkey_format == "ssb":
+		if privkey_path == "*":
+			privkey_path = "secret"
+		return duniterpy.key.SigningKey.from_ssb_file(privkey_path)
+	
+	elif privkey_format == "key":
+		if privkey_path == "*":
+			privkey_path = "authfile.key"
+		return duniterpy.key.SigningKey.from_private_key(privkey_path)
+	
+	elif privkey_format == "ipfs-keystore":
+		if privkey_path == "*":
+			privkey_path = "key_self"
+		return duniterpy.key.SigningKey(read_data(privkey_path)[4:36])
+	
+	print("Error: unknown privkey format")
+
+def format_privkey(privkey, output_privkey_format):
+	if output_privkey_format == "pubsec":
+		return "Type: PubSec\nVersion: 1\npub: {}\nsec: {}".format(privkey.pubkey, base58.b58encode(privkey.sk).decode()).encode()
+	
+	elif output_privkey_format == "seedh":
+		return privkey.hex_seed()
+	
+	elif output_privkey_format == "ipfs-keystore":
+		return b"\x08\x01\x12@"+privkey.sk
+	
+	print("Error: unknown output privkey format")
+
+def fill_pubkey(pubkey, length=32):
+	while pubkey[0] == 0:
+		pubkey = pubkey[1:]
+	return b"\x00"*(length-len(pubkey)) + pubkey
+
+def pubkey_checksum(pubkey, length=32, clength=3):
+	return base58.b58encode(libnacl.crypto_hash_sha256(libnacl.crypto_hash_sha256(fill_pubkey(base58.b58decode(pubkey), length)))).decode()[:clength]
+
+# returns (pubkey:bytes|None, deprecated_length:bool)
+def check_pubkey(pubkey):
+	if ":" in pubkey:
+		parts = pubkey.split(":")
+		if len(parts[1]) < 3 or len(parts[1]) > 32:
+			return (None, False)
+		for i in range(32, 0, -1):
+			if pubkey_checksum(parts[0], i, len(parts[1])) == parts[1]:
+				return (parts[0], i < 32)
+		return (None, False)
+	return (pubkey, False)
+
+fmt = {
+	"raw": lambda data: data,
+	"16": lambda data: data.hex().encode(),
+	"32": lambda data: base64.b32encode(data),
+	"58": lambda data: base58.b58encode(data),
+	"64": lambda data: base64.b64encode(data),
+	"64u": lambda data: base64.urlsafe_b64encode(data),
+	"85": lambda data: base64.b85encode(data),
+}
+
+defmt = {
+	"raw": lambda data: data,
+	"16": lambda data: bytes.fromhex(data),
+	"32": lambda data: base64.b32decode(data),
+	"58": lambda data: base58.b58decode(data),
+	"64": lambda data: base64.b64decode(data),
+	"85": lambda data: base64.b85decode(data),
+}
+
+def show_help():
+	print("""Usage:
+python3 natools.py <command> [options]
+
+Commands:
+  encrypt      Encrypt data
+  decrypt      Decrypt data
+  box-encrypt  Encrypt data (NaCl box)
+  box-decrypt  Decrypt data (NaCl box)
+  sign         Sign data
+  verify       Verify data
+  pubkey       Display pubkey
+  privkey      Display private key
+  pk           Display b58 pubkey shorthand
+
+Options:
+  -c         Display pubkey checksum
+  -f <fmt>   Private key format (default: cred)
+   key cred pubsec seedh ssb wif wifh ipfs-keystore
+  -F <fmt>   Output private key format (default: pubsec)
+   pubsec seedh ipfs-keystore
+  -i <path>  Input file path (default: -)
+  -I <fmt>   Input format: raw 16 32 58 64 85 (default: raw)
+  -k <path>  Privkey file path (* for auto) (default: *)
+  -n <nonce> Nonce (b64, 24 bytes) (for NaCl box)
+  -N         Attach nonce to output (for NaCl box encryption)
+  --noinc    Do not include msg after signature
+  -o <path>  Output file path (default: -)
+  -O <fmt>   Output format: raw 16 32 58 64 64u 85 (default: raw)
+  -p <str>   Pubkey (base58)
+  
+  --help     Show help
+  --version  Show version
+  --debug    Debug mode (display full errors)
+
+Note: "-" means stdin or stdout.
+""")
+
+if __name__ == "__main__":
+	
+	if "--help" in sys.argv:
+		show_help()
+		exit()
+	
+	if "--version" in sys.argv:
+		print(__version__)
+		exit()
+	
+	privkey_format = getargv("-f", "cred")
+	output_privkey_format = getargv("-F", "pubsec")
+	data_path = getargv("-i", "-")
+	privkey_path = getargv("-k", "*")
+	pubkey = getargv("-p")
+	result_path = getargv("-o", "-")
+	output_format = getargv("-O", "raw")
+	input_format = getargv("-I", "raw")
+	
+	if pubkey:
+		pubkey, len_deprecated = check_pubkey(pubkey)
+		if not pubkey:
+			print("Invalid pubkey checksum! Please check spelling.")
+			exit(1)
+		if len(base58.b58decode(pubkey)) > 32:
+			print("Invalid pubkey: too long!")
+			exit(1)
+		if len_deprecated:
+			print("Warning: valid pubkey checksum, but deprecated format (truncating zeros)")
+	
+	try:
+		if sys.argv[1] == "encrypt":
+			if not pubkey:
+				print("Please provide pubkey!")
+				exit(1)
+			write_data(fmt[output_format](encrypt(defmt[input_format](read_data(data_path)), pubkey)), result_path)
+		
+		elif sys.argv[1] == "decrypt":
+			write_data(fmt[output_format](decrypt(defmt[input_format](read_data(data_path)), get_privkey(privkey_path, privkey_format))), result_path)
+		
+		elif sys.argv[1] == "box-encrypt":
+			if not pubkey:
+				print("Please provide pubkey!")
+				exit(1)
+			nonce = getargv("-n", None)
+			if nonce:
+				nonce = base64.b64decode(nonce)
+			attach_nonce = "-N" in sys.argv
+			write_data(fmt[output_format](box_encrypt(defmt[input_format](read_data(data_path)), get_privkey(privkey_path, privkey_format), pubkey, nonce, attach_nonce)), result_path)
+		
+		elif sys.argv[1] == "box-decrypt":
+			if not pubkey:
+				print("Please provide pubkey!")
+				exit(1)
+			nonce = getargv("-n", None)
+			if nonce:
+				nonce = base64.b64decode(nonce)
+			write_data(fmt[output_format](box_decrypt(defmt[input_format](read_data(data_path)), get_privkey(privkey_path, privkey_format), pubkey, nonce)), result_path)
+		
+		elif sys.argv[1] == "sign":
+			data = defmt[input_format](read_data(data_path))
+			signed = sign(data, get_privkey(privkey_path, privkey_format))
+			
+			if "--noinc" in sys.argv:
+				signed = signed[:len(signed)-len(data)]
+			
+			write_data(fmt[output_format](signed), result_path)
+		
+		elif sys.argv[1] == "verify":
+			if not pubkey:
+				print("Please provide pubkey!")
+				exit(1)
+			write_data(fmt[output_format](verify(defmt[input_format](read_data(data_path)), pubkey)), result_path)
+		
+		elif sys.argv[1] == "pubkey":
+			if pubkey:
+				if "-c" in sys.argv and output_format == "58":
+					write_data("{}:{}".format(pubkey, pubkey_checksum(pubkey)).encode(), result_path)
+				else:
+					write_data(fmt[output_format](base58.b58decode(pubkey)), result_path)
+			else:
+				pubkey = get_privkey(privkey_path, privkey_format).pubkey
+				if "-c" in sys.argv and output_format == "58":
+					write_data("{}:{}".format(pubkey, pubkey_checksum(pubkey)).encode(), result_path)
+				else:
+					write_data(fmt[output_format](base58.b58decode(pubkey)), result_path)
+		
+		elif sys.argv[1] == "privkey":
+			privkey = get_privkey(privkey_path, privkey_format)
+			write_data(fmt[output_format](format_privkey(privkey, output_privkey_format)), result_path)
+		
+		elif sys.argv[1] == "pk":
+			if not pubkey:
+				pubkey = get_privkey(privkey_path, privkey_format).pubkey
+			if "-c" in sys.argv:
+				print("{}:{}".format(pubkey, pubkey_checksum(pubkey)))
+			else:
+				print(pubkey)
+		
+		else:
+			show_help()
+		
+	except Exception as e:
+		if "--debug" in sys.argv:
+			0/0 # DEBUG MODE (raise error when handling error to display backtrace)
+		sys.stderr.write("Error: {}\n".format(e))
+		show_help()
+		exit(1)