STI/Astroport.ONE
STI
/
Astroport.ONE
4
1
Fork 2
Code Issues 11 Pull Requests Projects Releases 1 Wiki Activity

introducing GPG passphrase

This commit is contained in:
fred 2023-03-25 19:49:45 +01:00
parent d5c2e07450
commit 8a9a3f9cd8
7 changed files with 91 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ASTROBOT/VOEUX.refresh.sh
View File

@ -219,8 +219,8 @@ do
ipfs name publish -k $VOEUKEY /ipfs/$WISHFLUX # PUBLISH $VOEUKEY
## MOVE INTO PLAYER AREA
echo ">>> $VOEUKEY : Ŋ1 FLUX $(myIpfsGw)${VOEUNS}"
echo "~/.zen/game/players/${PLAYER}/G1${WISHNAME}/${G1PUB}"
echo ">>> ${PLAYER} G1${WISHNAME} Ŋ1 FLUX $(myIpfsGw)${VOEUNS}"
echo "WALLET ${VOEUKEY} FOUNDED by ${G1PUB}"
cp -f ~/.zen/tmp/${IPFSNODEID}/${PLAYER}/g1voeu/${WISHNAME}/* ~/.zen/game/players/${PLAYER}/G1${WISHNAME}/${G1PUB}/ 2>/dev/null

19
install.sh
View File

@ -146,9 +146,9 @@ echo "#############################################"
echo "######### PATIENCE ######################"
echo "#############################################"
########### PRINTER ##############
if [[ "$USER" == "pi" ]]; then ## PROPOSE QR_CODE PRINTER SUR RPI
echo "ENTER TO INSTALL AMBASSADE PRINTER. Ajouter imprimante compatible 'brother_ql' pour imprimer vos QRCODE"
########### QRCODE : G1VISA / G1BILLET : PRINTER ##############
if [[ $USER != 'xbian' ]]; then
echo "INSTALL G1VISA QRCODE STICKERS PRINTING LAYER ? ENTER 'yes' or Hit enter to bypass."
read saisie
if [[ $saisie != "" ]]; then
sudo apt install ttf-mscorefonts-installer printer-driver-all cups -y
@ -161,6 +161,19 @@ if [[ "$USER" == "pi" ]]; then ## PROPOSE QR_CODE PRINTER SUR RPI
## brother_ql_print
echo "$USER ALL=(ALL) NOPASSWD:/usr/local/bin/brother_ql_print" | (sudo su -c 'EDITOR="tee" visudo -f /etc/sudoers.d/brother_ql_print')
fi
echo "INSTALL G1BILLET GENERATION LAYER. ENTER 'yes' or Hit enter to bypass."
read billet
if [[ $billet != "" ]]; then
## G1BILLET
echo "INSTALLING G1BILLET daemon ..."
if [[ ! -d ~/.zen/G1BILLET ]]; then
cd ~/.zen
git clone https://git.p2p.legal/qo-op/G1BILLET.git
cd G1BILLET && ./setup_systemd.sh
cd -
fi
fi
fi
echo "#############################################"

2
templates/register.html
View File

@ -3,7 +3,7 @@
<head>
<meta charset="utf-8">
<title>[Astroport] :: Station _HOSTNAME_ :: _IPFSNODEID_ </title>
<meta http-equiv="refresh" content="121; url='http://127.0.0.1:12345'" />
<meta http-equiv="refresh" content="9999; url='http://127.0.0.1:12345'" />
<link rel="icon" type="image/png" href="http://127.0.0.1:8080/ipfs/QmaCh8mywWfxkXF3JziFzqZS6yZFo3eNS5fSfnzJqdSQvX/logo.png" />
<link rel="stylesheet" href="http://127.0.0.1:8080/ipfs/QmaCh8mywWfxkXF3JziFzqZS6yZFo3eNS5fSfnzJqdSQvX/decoration.css" type="text/css" />
<link rel="stylesheet" href="http://127.0.0.1:8080/ipfs/QmaCh8mywWfxkXF3JziFzqZS6yZFo3eNS5fSfnzJqdSQvX/layout.css" type="text/css" />

66
tools/VISA.new.sh
View File

@ -170,11 +170,11 @@ WID="https://ipfs.$(myHostName)/api"
# WID="http://ipfs.$(myHostName):5001"
USALT=$(echo "$SALT" | jq -Rr @uri)
UPEPPER=$(echo "$PEPPER" | jq -Rr @uri)
DISCO="https://astroport.$(myHostName)/?salt=${USALT}&pepper=${UPEPPER}&logout=${PLAYER}"
DISCO="https://astroport.$(myHostName)/?salt=${USALT}&pepper=${UPEPPER}"
[[ $isLAN ]] && NID="http://ipfs.localhost:8080" \
&& WID="http://ipfs.localhost:5001" \
&& DISCO="http://ipfs.localhost:1234/?salt=${USALT}&pepper=${UPEPPER}"
&& DISCO="http://astroport.localhost:1234/?salt=${USALT}&pepper=${UPEPPER}"
####
@ -193,25 +193,29 @@ DISCO="https://astroport.$(myHostName)/?salt=${USALT}&pepper=${UPEPPER}&logout=$
qrencode -s 12 -o ~/.zen/game/players/${PLAYER}/QR.ASTRONAUTENS.png "$LIBRA/ipns/${ASTRONAUTENS}"
############################################################################
## SEC PASS PROTECTED QRCODE : base58 secret.june / openssl(pass)
#~ secFromDunikey=$(cat ~/.zen/game/players/${PLAYER}/secret.dunikey | grep "sec" | cut -d ' ' -f2)
#~ echo "$secFromDunikey" > ~/.zen/tmp/${MOATS}/${PSEUDO}.sec
openssl enc -aes-256-cbc -md sha512 -pbkdf2 -iter 100000 -salt -in ~/.zen/game/players/${PLAYER}/secret.june -out "$HOME/.zen/tmp/${MOATS}/enc.${PSEUDO}.sec" -k "$PASS"
PASsec=$(cat ~/.zen/tmp/${MOATS}/enc.${PSEUDO}.sec | base64 -w 0 | jq -sRr '@uri' )
HPass=$(echo "$PASS" | sha512sum | cut -d ' ' -f 1)
qrencode -s 12 -o $HOME/.zen/game/players/${PLAYER}/QRsec.png $PASsec
## PGP ENCODING SALT/PEPPER API ACCESS
echo "${DISCO}" \
| gpg --symmetric --armor --batch --passphrase "$PASS" -o ~/.zen/tmp/${MOATS}/gpg.${PSEUDO}.asc
#~ openssl enc -aes-256-cbc -md sha512 -pbkdf2 -iter 100000 -salt -in ~/.zen/game/players/${PLAYER}/secret.june -out "$HOME/.zen/tmp/${MOATS}/enc.${PSEUDO}.sec" -k "$PASS"
#~ PASsec=$(cat ~/.zen/tmp/${MOATS}/enc.${PSEUDO}.sec | base64 -w 0 | jq -sRr '@uri' )
#~ HPass=$(echo "$PASS" | sha512sum | cut -d ' ' -f 1)
#~ qrencode -s 12 -o $HOME/.zen/game/players/${PLAYER}/QRsec.png $PASsec
## Add logo to QRCode
cp ${MY_PATH}/../images/astrologo_nb.png ~/.zen/tmp/${MOATS}/fond.png
## MAKE amzqr WITH astro:// LINK
amzqr "$myASTRONEF/?qrcode=$G1PUB&junesec=$PASsec&askpass=$HPass&tw=$ASTRONAUTENS" \
amzqr "$(cat ~/.zen/tmp/${MOATS}/gpg.${PSEUDO}.asc | tr -d '\n')" \
-d ~/.zen/tmp/${MOATS} \
-l H \
-p ~/.zen/tmp/${MOATS}/fond.png
rm -f ~/.zen/tmp/${MOATS}/${PSEUDO}.sec
## ADD PLAYER EMAIL
convert -gravity northwest -pointsize 28 -fill black -draw "text 5,5 \"$PLAYER\"" ~/.zen/tmp/${MOATS}/result_qrcode.png ~/.zen/game/players/${PLAYER}/result_qrcode.png
@ -291,7 +295,7 @@ DISCO="https://astroport.$(myHostName)/?salt=${USALT}&pepper=${UPEPPER}&logout=$
cat ~/.zen/Astroport.ONE/templates/data/local.api.json | sed "s~_NID_~${WID}~g" > ~/.zen/tmp/${MOATS}/local.api.json
cat ~/.zen/Astroport.ONE/templates/data/local.gw.json | sed "s~_NID_~${NID}~g" > ~/.zen/tmp/${MOATS}/local.gw.json
# Create"${PLAYER}_feed" Key
# Create"${PLAYER}_feed" Key ! DERIVATED !
${MY_PATH}/keygen -t ipfs -o ~/.zen/tmp/${MOATS}/feed.ipfskey "$SALT" "$G1PUB"
ipfs key import "${PLAYER}_feed" -f pem-pkcs8-cleartext ~/.zen/tmp/${MOATS}/feed.ipfskey
FEEDNS=$(ipfs key list -l | grep -w "${PLAYER}_feed" | cut -d ' ' -f 1 )
@ -409,7 +413,7 @@ echo; echo "Création Clefs et QR codes pour accès au niveau Astroport Ŋ1"; sl
echo "--- PLAYER : ${PLAYER} - FILE SYSTEM LOADED";
# ls ~/.zen/game/players/${PLAYER}
[[ $XDG_SESSION_TYPE == 'x11' ]] && xdg-open "${myIPFS}/ipns/${ASTRONAUTENS}"
[[ $XDG_SESSION_TYPE == 'x11' ]] && xdg-open "${myIPFS}/ipns/${ASTRONAUTENS}" && espeak "YOUR PASS IS $PASS REPEAT $PASS REPEAT $PASS"
################# PREPARE DOCKERIZATION
rm ~/.zen/game/players/.current
@ -424,16 +428,38 @@ ln -s ~/.zen/game/players/${PLAYER} ~/.zen/game/players/.current
#################################################################
#################################################################
#################################################################
# PASS CRYPTING KEY - USE PGP
#~ create a code that decypher an url base64 encoded by pgp symetric from a form hidden field prompting for password in html and javascript, include js libraries
#~ <html>
#~ <head>
#~ <script src="./openpgp.min.js"></script>
#~ <script>
#~ function decryptPGP() {
#~ var pass = prompt("Please enter your password:");
#~ var encrypted = document.getElementById('pgp-url').value;
#~ const decrypted = openpgp.decrypt({
#~ message: openpgp.message.readArmored(encrypted),
#~ passwords: [pass]
#~ });
#~ //print the decrypted url
#~ console.log(decrypted.data);
#~ }
#~ </script>
#~ </head>
#~ <body>
#~ <form>
#~ <input type="hidden" id="pgp-url" name="pgp-url" value="encrypted pgp data here">
#~ <input type="submit" value="decrypt" onclick="decryptPGP()">
#~ </form>
#~ </body>
#~ </html>
# PASS CRYPTING KEY
#~ echo; echo "Sécurisation de vos clefs... "; sleep 1
openssl enc -aes-256-cbc -md sha512 -pbkdf2 -iter 100000 -salt -in "$HOME/.zen/game/players/${PLAYER}/secret.june" -out "$HOME/.zen/game/players/${PLAYER}/enc.secret.june" -k "$PASS" 2>/dev/null
#~ openssl enc -aes-256-cbc -md sha512 -pbkdf2 -iter 100000 -salt -in "$HOME/.zen/game/players/${PLAYER}/secret.dunikey" -out "$HOME/.zen/game/players/${PLAYER}/enc.secret.dunikey" -k $PASS 2>/dev/null
#~ openssl enc -aes-256-cbc -md sha512 -pbkdf2 -iter 100000 -salt -in "$HOME/.zen/game/players/${PLAYER}/$KEYFILE -out" "$HOME/.zen/game/players/${PLAYER}/enc.$KEYFILE" -k $PASS 2>/dev/null
## TODO MORE SECURE ?! USE opengpg, natools, etc ...
# ${MY_PATH}/natools.py encrypt -p $G1PUB -i ~/.zen/game/players/${PLAYER}/secret.dunikey -o "$HOME/.zen/game/players/${PLAYER}/enc.secret.dunikey"
echo
#~ this is how to create "encrypted pgp data here" from bash CLI
#~ echo "example url" | gpg --symmetric --armor --batch --passphrase "password" -o /tmp/test.asc
#~ then sed command to replace in html template
#~ sed -i -e 's/encrypted pgp data here/'"$(cat /tmp/test.asc | tr -d '\n')"'/g' html_file.html
#################################################
# !! TODO !! # DEMO MODE. REMOVE FOR PRODUCTION - RECALCULATE AND RENEW AFTER EACH NEW KEY DELEGATION

2
tools/my.sh
View File

@ -382,7 +382,7 @@ IPFSNODEID="$(myIpfsPeerId)"
[[ ! $MOATS ]] && MOATS="$(myDate)"
isLAN="$(isLan)"
myASTROPORT="http://$(myIp):1234"
myASTRONEF="https://astroport.copylaradio.com"
myASTRONEF="http://astroport.localhost:1234"
myAPI="http://$(myIp):5001"
myDATA="https://data.gchange.fr"
myGCHANGE="https://www.gchange.fr"

23
www/AESBox/index.htm Normal file
View File

@ -0,0 +1,23 @@
<html>
<head>
<script src="https://cdnjs.cloudflare.com/ajax/libs/openpgp/2.6.2/openpgp.min.js"></script>
<script>
function decryptPGP() {
var pass = prompt("Please enter your password:");
var encrypted = document.getElementById('pgp-url').value;
const decrypted = openpgp.decrypt({
message: openpgp.message.readArmored(encrypted),
passwords: [pass]
});
//print the decrypted url
console.log(decrypted.data);
}
</script>
</head>
<body>
<form>
<input type="hidden" id="pgp-url" name="pgp-url" value="encrypted pgp data here">
<input type="submit" value="decrypt" onclick="decryptPGP()">
</form>
</body>
</html>

2
www/AESBox/openpgp.min.js vendored Normal file
View File

File diff suppressed because one or more lines are too long