upgrade natools.py
This commit is contained in:
parent
eb5a7e40ac
commit
981c650229
|
@ -107,6 +107,7 @@ nodename=$(curl -s https://git.p2p.legal/axiom-team/astroport/raw/master/zen/too
|
||||||
echo $nodename
|
echo $nodename
|
||||||
|
|
||||||
if [[ ! $isLAN ]]; then
|
if [[ ! $isLAN ]]; then
|
||||||
|
### TODO install Feddless.social
|
||||||
oasis --allow-host $nodename 2>&1>/dev/null &
|
oasis --allow-host $nodename 2>&1>/dev/null &
|
||||||
echo "BE CAREFULL your SSB identity could be publicly controled..."
|
echo "BE CAREFULL your SSB identity could be publicly controled..."
|
||||||
else
|
else
|
||||||
|
@ -130,6 +131,10 @@ echo "$nodename" | figlet -f slant | lolcat
|
||||||
NODENAME=$nodename
|
NODENAME=$nodename
|
||||||
|
|
||||||
YOU=$(ps auxf --sort=+utime | grep -w ipfs | grep -v -E 'color=auto|grep' | tail -n 1 | cut -d " " -f 1);
|
YOU=$(ps auxf --sort=+utime | grep -w ipfs | grep -v -E 'color=auto|grep' | tail -n 1 | cut -d " " -f 1);
|
||||||
|
|
||||||
|
## Write nodename to IPFS
|
||||||
|
echo "$nodename" > /home/$YOU/.zen/ipfs/.$IPFSNODEID/G1SSB/_nodename
|
||||||
|
|
||||||
PHPVERSION=$(ps auxf | grep php-fpm | grep -v -E 'color=auto|grep' | head -n 1 | grep -oP '(?<=\().*(?=\))' | awk -F '/' '{print $4}')
|
PHPVERSION=$(ps auxf | grep php-fpm | grep -v -E 'color=auto|grep' | head -n 1 | grep -oP '(?<=\().*(?=\))' | awk -F '/' '{print $4}')
|
||||||
### ASTROPORT STATION PORTAL
|
### ASTROPORT STATION PORTAL
|
||||||
sudo sed "s/_PHPVERSION_/$PHPVERSION/g" /home/$YOU/.zen/astroport/www/loveland.conf > /tmp/loveland.conf
|
sudo sed "s/_PHPVERSION_/$PHPVERSION/g" /home/$YOU/.zen/astroport/www/loveland.conf > /tmp/loveland.conf
|
||||||
|
|
Binary file not shown.
After Width: | Height: | Size: 90 KiB |
|
@ -328,11 +328,11 @@ log "__SUB:sms_INIT_ACCOUNT: ($1=phone, $2=NOSMS)"
|
||||||
# GPG decypher PIN
|
# GPG decypher PIN
|
||||||
# TODO make decypher less stress on filesystem, use /tmp and ramdisk
|
# TODO make decypher less stress on filesystem, use /tmp and ramdisk
|
||||||
# /home/$YOU/.zen/astroport/zen/tools/natools.py encrypt -p $NODE_G1PUBKEY -i "$DUNIKEYFILE" -o "$DUNIKEYFILE.crypt"
|
# /home/$YOU/.zen/astroport/zen/tools/natools.py encrypt -p $NODE_G1PUBKEY -i "$DUNIKEYFILE" -o "$DUNIKEYFILE.crypt"
|
||||||
# /home/$YOU/.zen/astroport/zen/tools/natools.py decrypt --pubsec -k "$NODE_PUBSECFILE" -i "$DUNIKEYFILE.crypt" -o "$DUNIKEYFILE"
|
# /home/$YOU/.zen/astroport/zen/tools/natools.py decrypt -f pubsec -k "$NODE_PUBSECFILE" -i "$DUNIKEYFILE.crypt" -o "$DUNIKEYFILE"
|
||||||
|
|
||||||
# EMAIL
|
# EMAIL
|
||||||
[[ $SMSEMAIL == "" ]] && [[ -f "$GPGMAILFILE" ]] && echo "${IPFSPrivKey}" | gpg -d -q --output "$MAILFILE" --yes --pinentry-mode loopback --passphrase-fd 0 "$GPGMAILFILE" && SMSEMAIL=$(cat $MAILFILE)
|
[[ $SMSEMAIL == "" ]] && [[ -f "$GPGMAILFILE" ]] && echo "${IPFSPrivKey}" | gpg -d -q --output "$MAILFILE" --yes --pinentry-mode loopback --passphrase-fd 0 "$GPGMAILFILE" && SMSEMAIL=$(cat $MAILFILE)
|
||||||
[[ $SMSEMAIL == "" ]] && [[ -f "$MAILFILE.crypt" ]] && /home/$YOU/.zen/astroport/zen/tools/natools.py decrypt --pubsec -k "$NODE_PUBSECFILE" -i "$MAILFILE.crypt" -o "$MAILFILE" && SMSEMAIL=$(cat $MAILFILE)
|
[[ $SMSEMAIL == "" ]] && [[ -f "$MAILFILE.crypt" ]] && /home/$YOU/.zen/astroport/zen/tools/natools.py decrypt -f pubsec -k "$NODE_PUBSECFILE" -i "$MAILFILE.crypt" -o "$MAILFILE" && SMSEMAIL=$(cat $MAILFILE)
|
||||||
log "__SUB:sms_INIT_ACCOUNT: Déchiffrage EMAIL $SMSEMAIL"
|
log "__SUB:sms_INIT_ACCOUNT: Déchiffrage EMAIL $SMSEMAIL"
|
||||||
# EMPTY CLEAR EMAIL FILE
|
# EMPTY CLEAR EMAIL FILE
|
||||||
[[ $SMSEMAIL != "" ]] && echo "" > "$MAILFILE"
|
[[ $SMSEMAIL != "" ]] && echo "" > "$MAILFILE"
|
||||||
|
|
112
g1sms/natools.py
112
g1sms/natools.py
|
@ -1,112 +0,0 @@
|
||||||
#!/usr/bin/env python3
|
|
||||||
|
|
||||||
"""
|
|
||||||
CopyLeft 2020 Pascal Engélibert <tuxmain@zettascript.org>
|
|
||||||
|
|
||||||
This program is free software: you can redistribute it and/or modify
|
|
||||||
it under the terms of the GNU Affero General Public License as published by
|
|
||||||
the Free Software Foundation, either version 3 of the License, or
|
|
||||||
(at your option) any later version.
|
|
||||||
|
|
||||||
This program is distributed in the hope that it will be useful,
|
|
||||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
GNU Affero General Public License for more details.
|
|
||||||
|
|
||||||
You should have received a copy of the GNU Affero General Public License
|
|
||||||
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
||||||
"""
|
|
||||||
|
|
||||||
import os, sys, duniterpy.key, libnacl.sign
|
|
||||||
|
|
||||||
def getargv(arg:str, default:str="", n:int=1, args:list=sys.argv) -> str:
|
|
||||||
if arg in args and len(args) > args.index(arg)+n:
|
|
||||||
return args[args.index(arg)+n]
|
|
||||||
else:
|
|
||||||
return default
|
|
||||||
|
|
||||||
def read_data(data_path, b=True):
|
|
||||||
if data_path == "-":
|
|
||||||
if b:
|
|
||||||
return sys.stdin.read().encode()
|
|
||||||
else:
|
|
||||||
return sys.stdin.read()
|
|
||||||
else:
|
|
||||||
return open(os.path.expanduser(data_path), "rb" if b else "r").read()
|
|
||||||
|
|
||||||
def write_data(data, result_path):
|
|
||||||
if result_path == "-":
|
|
||||||
sys.stdout.write(data.decode())
|
|
||||||
else:
|
|
||||||
open(os.path.expanduser(result_path), "wb").write(data)
|
|
||||||
|
|
||||||
def encrypt(data, pubkey):
|
|
||||||
return duniterpy.key.PublicKey(pubkey).encrypt_seal(data)
|
|
||||||
|
|
||||||
def decrypt(data, privkey):
|
|
||||||
return privkey.decrypt_seal(data)
|
|
||||||
|
|
||||||
def sign(data, privkey):
|
|
||||||
return privkey.sign(data)
|
|
||||||
|
|
||||||
def verify(data, pubkey):
|
|
||||||
try:
|
|
||||||
sys.stderr.write("Signature OK!\n")
|
|
||||||
return libnacl.sign.Verifier(duniterpy.key.PublicKey(pubkey).hex_pk()).verify(data)
|
|
||||||
except ValueError:
|
|
||||||
sys.stderr.write("Bad signature!\n")
|
|
||||||
exit(1)
|
|
||||||
|
|
||||||
def get_privkey(privkey_path, pubsec):
|
|
||||||
if pubsec:
|
|
||||||
return duniterpy.key.SigningKey.from_pubsec_file(privkey_path)
|
|
||||||
else:
|
|
||||||
return duniterpy.key.SigningKey.from_seedhex(read_data(privkey_path, False))
|
|
||||||
|
|
||||||
def show_help():
|
|
||||||
print("""Usage:
|
|
||||||
python3 natools.py <command> [options]
|
|
||||||
|
|
||||||
Commands:
|
|
||||||
encrypt Encrypt data
|
|
||||||
decrypt Decrypt data
|
|
||||||
sign Sign data
|
|
||||||
verify Verify data
|
|
||||||
|
|
||||||
Options:
|
|
||||||
-i <path> Input file path (default: -)
|
|
||||||
-k <path> Privkey file path (default: authfile.key)
|
|
||||||
--pubsec Use pub/sec format for -p
|
|
||||||
-p <str> Pubkey (base58)
|
|
||||||
-o <path> Output file path (default: -)
|
|
||||||
|
|
||||||
Note: "-" means stdin or stdout.
|
|
||||||
""")
|
|
||||||
|
|
||||||
if __name__ == "__main__":
|
|
||||||
|
|
||||||
if "--help" in sys.argv:
|
|
||||||
show_help()
|
|
||||||
exit()
|
|
||||||
|
|
||||||
data_path = getargv("-i", "-")
|
|
||||||
privkey_path = getargv("-k", "authfile.key")
|
|
||||||
pubsec = "--pubsec" in sys.argv
|
|
||||||
pubkey = getargv("-p")
|
|
||||||
result_path = getargv("-o", "-")
|
|
||||||
|
|
||||||
try:
|
|
||||||
if sys.argv[1] == "encrypt":
|
|
||||||
write_data(encrypt(read_data(data_path), pubkey), result_path)
|
|
||||||
elif sys.argv[1] == "decrypt":
|
|
||||||
write_data(decrypt(read_data(data_path), get_privkey(privkey_path, pubsec)), result_path)
|
|
||||||
elif sys.argv[1] == "sign":
|
|
||||||
write_data(sign(read_data(data_path), get_privkey(privkey_path, pubsec)), result_path)
|
|
||||||
elif sys.argv[1] == "verify":
|
|
||||||
write_data(verify(read_data(data_path), pubkey), result_path)
|
|
||||||
else:
|
|
||||||
show_help()
|
|
||||||
except Exception as e:
|
|
||||||
sys.stderr.write("Error: {}\n".format(e))
|
|
||||||
show_help()
|
|
||||||
exit(1)
|
|
|
@ -37,7 +37,7 @@ UNIT=${countvalues[2]}
|
||||||
# ONLY USED BY sms_NEW.sh !!! To send back PIN
|
# ONLY USED BY sms_NEW.sh !!! To send back PIN
|
||||||
echo "${IPFSPrivKey}" | gpg -d -q --output "$PINFILE" --yes --pinentry-mode loopback --passphrase-fd 0 "$GPGPINFILE"
|
echo "${IPFSPrivKey}" | gpg -d -q --output "$PINFILE" --yes --pinentry-mode loopback --passphrase-fd 0 "$GPGPINFILE"
|
||||||
PIN=$(cat "$PINFILE" | xargs)
|
PIN=$(cat "$PINFILE" | xargs)
|
||||||
[[ "$PIN" == "" ]] && [[ -f "${PINFILE}.crypt" ]] && /home/$YOU/.zen/astroport/zen/tools/natools.py decrypt --pubsec -k "$NODE_PUBSECFILE" -i "${PINFILE}.crypt" -o "$PINFILE" && PIN=$(cat "$PINFILE");
|
[[ "$PIN" == "" ]] && [[ -f "${PINFILE}.crypt" ]] && /home/$YOU/.zen/astroport/zen/tools/natools.py decrypt -f pubsec -k "$NODE_PUBSECFILE" -i "${PINFILE}.crypt" -o "$PINFILE" && PIN=$(cat "$PINFILE");
|
||||||
[[ "$PIN" != "" ]] && echo "" > "$PINFILE" || PIN="PIN EMPTY !!! Contacter $ADMINPHONE SVP"
|
[[ "$PIN" != "" ]] && echo "" > "$PINFILE" || PIN="PIN EMPTY !!! Contacter $ADMINPHONE SVP"
|
||||||
|
|
||||||
mess="[G1sms+]
|
mess="[G1sms+]
|
||||||
|
|
|
@ -71,7 +71,7 @@ if [[ $FINALSOURCE -lt 0 ]]; then echo "__SUB:tag_OP.sh: KO. La valeur de ce G1T
|
||||||
#############################################
|
#############################################
|
||||||
############## EXTRACT $JSOURCERR PUBLISH KEY
|
############## EXTRACT $JSOURCERR PUBLISH KEY
|
||||||
if [[ -f $KEYFILE && ! -f "~/.ipfs/keystore/$JSOURCERR" ]]; then
|
if [[ -f $KEYFILE && ! -f "~/.ipfs/keystore/$JSOURCERR" ]]; then
|
||||||
/home/$YOU/.zen/astroport/zen/tools/natools.py decrypt --pubsec -k "$KEYFILE" -i "$JSOURCEPUBLISHKEY" -o "~/.ipfs/keystore/$JSOURCERR"
|
/home/$YOU/.zen/astroport/zen/tools/natools.py decrypt -f pubsec -k "$KEYFILE" -i "$JSOURCEPUBLISHKEY" -o "~/.ipfs/keystore/$JSOURCERR"
|
||||||
else
|
else
|
||||||
if [[ ! -f $KEYFILE ]]; then
|
if [[ ! -f $KEYFILE ]]; then
|
||||||
echo "__SUB:tag_OP.sh: KO. La clef de dévérouillage pour $JSOURCERR est inexistante. Contact: https://g1sms.fr"
|
echo "__SUB:tag_OP.sh: KO. La clef de dévérouillage pour $JSOURCERR est inexistante. Contact: https://g1sms.fr"
|
||||||
|
@ -92,7 +92,7 @@ FINALDEST=$(echo "${JDESTVALUE} + ${VALUE}" | bc -l)
|
||||||
# EXTRACT $JSOURCERR PUBLISH KEY to "~/.ipfs/keystore/JSOURCE"
|
# EXTRACT $JSOURCERR PUBLISH KEY to "~/.ipfs/keystore/JSOURCE"
|
||||||
# EXTRACT PUBLISH KEY
|
# EXTRACT PUBLISH KEY
|
||||||
if [[ -f $KEYFILE && ! -f "~/.ipfs/keystore/$JDESTRR" ]]; then
|
if [[ -f $KEYFILE && ! -f "~/.ipfs/keystore/$JDESTRR" ]]; then
|
||||||
/home/$YOU/.zen/astroport/zen/tools/natools.py decrypt --pubsec -k "$KEYFILE" -i "$JDESTPUBLISHKEY" -o "~/.ipfs/keystore/$JDESTRR"
|
/home/$YOU/.zen/astroport/zen/tools/natools.py decrypt -f pubsec -k "$KEYFILE" -i "$JDESTPUBLISHKEY" -o "~/.ipfs/keystore/$JDESTRR"
|
||||||
else
|
else
|
||||||
if [[ ! -f $KEYFILE ]]; then
|
if [[ ! -f $KEYFILE ]]; then
|
||||||
echo "__SUB:tag_OP.sh: KO. La clef de dévérouillage pour $JDESTRR est inexistante. Contact: https://g1sms.fr"
|
echo "__SUB:tag_OP.sh: KO. La clef de dévérouillage pour $JDESTRR est inexistante. Contact: https://g1sms.fr"
|
||||||
|
|
|
@ -1,85 +0,0 @@
|
||||||
#!/usr/bin/env python3
|
|
||||||
|
|
||||||
import os, sys, duniterpy.key, libnacl.sign
|
|
||||||
|
|
||||||
def getargv(arg:str, default:str="", n:int=1, args:list=sys.argv) -> str:
|
|
||||||
if arg in args and len(args) > args.index(arg)+n:
|
|
||||||
return args[args.index(arg)+n]
|
|
||||||
else:
|
|
||||||
return default
|
|
||||||
|
|
||||||
def read_data(data_path, b=True):
|
|
||||||
if data_path == "-":
|
|
||||||
if b:
|
|
||||||
return sys.stdin.read().encode()
|
|
||||||
else:
|
|
||||||
return sys.stdin.read()
|
|
||||||
else:
|
|
||||||
if b:
|
|
||||||
return open(os.path.expanduser(data_path), "rb").read()
|
|
||||||
else:
|
|
||||||
return open(os.path.expanduser(data_path), "r").read()
|
|
||||||
|
|
||||||
def write_data(data, result_path):
|
|
||||||
(sys.stdout if result_path == "-" else open(os.path.expanduser(result_path), "wb")).write(data)
|
|
||||||
|
|
||||||
def encrypt(data, pubkey):
|
|
||||||
return duniterpy.key.PublicKey(pubkey).encrypt_seal(data)
|
|
||||||
|
|
||||||
def decrypt(data, privkey):
|
|
||||||
return duniterpy.key.SigningKey.from_seedhex(privkey).decrypt_seal(data)
|
|
||||||
|
|
||||||
def sign(data, privkey):
|
|
||||||
return duniterpy.key.SigningKey.from_seedhex(privkey).sign(data)
|
|
||||||
|
|
||||||
def verify(data, pubkey):
|
|
||||||
try:
|
|
||||||
return libnacl.sign.Verifier(duniterpy.key.PublicKey(pubkey).hex_pk()).verify(data)
|
|
||||||
except ValueError:
|
|
||||||
exit(1)
|
|
||||||
|
|
||||||
def show_help():
|
|
||||||
print("""Usage:
|
|
||||||
python3 natools.py <command> [options]
|
|
||||||
|
|
||||||
Commands:
|
|
||||||
encrypt Encrypt data
|
|
||||||
decrypt Decrypt data
|
|
||||||
sign Sign data
|
|
||||||
verify Verify data
|
|
||||||
|
|
||||||
Options:
|
|
||||||
-i <path> Input file path (default: -)
|
|
||||||
-k <path> Privkey file path (default: authfile.key)
|
|
||||||
-p <str> Pubkey (base58)
|
|
||||||
-o <path> Output file path (default: -)
|
|
||||||
|
|
||||||
Note: "-" means stdin or stdout.
|
|
||||||
""")
|
|
||||||
|
|
||||||
if __name__ == "__main__":
|
|
||||||
|
|
||||||
if "--help" in sys.argv:
|
|
||||||
show_help()
|
|
||||||
exit()
|
|
||||||
|
|
||||||
data_path = getargv("-i", "-")
|
|
||||||
privkey_path = getargv("-k", "authfile.key")
|
|
||||||
pubkey = getargv("-p")
|
|
||||||
result_path = getargv("-o", "-")
|
|
||||||
|
|
||||||
try:
|
|
||||||
if sys.argv[1] == "encrypt":
|
|
||||||
write_data(encrypt(read_data(data_path), pubkey), result_path)
|
|
||||||
elif sys.argv[1] == "decrypt":
|
|
||||||
write_data(decrypt(read_data(data_path), read_data(privkey_path, False)), result_path)
|
|
||||||
elif sys.argv[1] == "sign":
|
|
||||||
write_data(sign(read_data(data_path), read_data(privkey_path, False)), result_path)
|
|
||||||
elif sys.argv[1] == "verify":
|
|
||||||
write_data(verify(read_data(data_path), pubkey), result_path)
|
|
||||||
else:
|
|
||||||
show_help()
|
|
||||||
except Exception as e:
|
|
||||||
sys.stderr.write("Error: ", e, "\n")
|
|
||||||
show_help()
|
|
||||||
exit(1)
|
|
|
@ -17,7 +17,9 @@
|
||||||
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
import os, sys, duniterpy.key, libnacl.sign
|
__version__ = "1.0"
|
||||||
|
|
||||||
|
import os, sys, duniterpy.key, libnacl.sign, base58, base64, getpass
|
||||||
|
|
||||||
def getargv(arg:str, default:str="", n:int=1, args:list=sys.argv) -> str:
|
def getargv(arg:str, default:str="", n:int=1, args:list=sys.argv) -> str:
|
||||||
if arg in args and len(args) > args.index(arg)+n:
|
if arg in args and len(args) > args.index(arg)+n:
|
||||||
|
@ -36,7 +38,7 @@ def read_data(data_path, b=True):
|
||||||
|
|
||||||
def write_data(data, result_path):
|
def write_data(data, result_path):
|
||||||
if result_path == "-":
|
if result_path == "-":
|
||||||
sys.stdout.write(data.decode())
|
os.fdopen(sys.stdout.fileno(), 'wb').write(data)
|
||||||
else:
|
else:
|
||||||
open(os.path.expanduser(result_path), "wb").write(data)
|
open(os.path.expanduser(result_path), "wb").write(data)
|
||||||
|
|
||||||
|
@ -57,12 +59,55 @@ def verify(data, pubkey):
|
||||||
sys.stderr.write("Bad signature!\n")
|
sys.stderr.write("Bad signature!\n")
|
||||||
exit(1)
|
exit(1)
|
||||||
|
|
||||||
def get_privkey(privkey_path, pubsec):
|
def get_privkey(privkey_path, privkey_format):
|
||||||
if pubsec:
|
if privkey_format == "pubsec":
|
||||||
|
if privkey_path == "*":
|
||||||
|
privkey_path = "privkey.pubsec"
|
||||||
return duniterpy.key.SigningKey.from_pubsec_file(privkey_path)
|
return duniterpy.key.SigningKey.from_pubsec_file(privkey_path)
|
||||||
|
|
||||||
|
elif privkey_format == "cred":
|
||||||
|
if privkey_path == "*":
|
||||||
|
privkey_path = "-"
|
||||||
|
if privkey_path == "-":
|
||||||
|
return duniterpy.key.SigningKey.from_credentials(getpass.getpass("Password: "), getpass.getpass("Salt: "))
|
||||||
else:
|
else:
|
||||||
|
return duniterpy.key.SigningKey.from_credentials_file(privkey_path)
|
||||||
|
|
||||||
|
elif privkey_format == "seedh":
|
||||||
|
if privkey_path == "*":
|
||||||
|
privkey_path = "authfile.seedhex"
|
||||||
return duniterpy.key.SigningKey.from_seedhex(read_data(privkey_path, False))
|
return duniterpy.key.SigningKey.from_seedhex(read_data(privkey_path, False))
|
||||||
|
|
||||||
|
elif privkey_format == "wif":
|
||||||
|
if privkey_path == "*":
|
||||||
|
privkey_path = "authfile.wif"
|
||||||
|
return duniterpy.key.SigningKey.from_wif_or_ewif_file(privkey_path)
|
||||||
|
|
||||||
|
elif privkey_format == "wifh":
|
||||||
|
if privkey_path == "*":
|
||||||
|
privkey_path = "authfile.wif"
|
||||||
|
return duniterpy.key.SigningKey.from_wif_or_ewif_hex(privkey_path)
|
||||||
|
|
||||||
|
elif privkey_format == "ssb":
|
||||||
|
if privkey_path == "*":
|
||||||
|
privkey_path = "secret"
|
||||||
|
return duniterpy.key.SigningKey.from_ssb_file(privkey_path)
|
||||||
|
|
||||||
|
elif privkey_format == "key":
|
||||||
|
if privkey_path == "*":
|
||||||
|
privkey_path = "authfile.key"
|
||||||
|
return duniterpy.key.SigningKey.from_private_key(privkey_path)
|
||||||
|
|
||||||
|
fmt = {
|
||||||
|
"raw": lambda data: data,
|
||||||
|
"16": lambda data: data.hex().encode(),
|
||||||
|
"32": lambda data: base64.b32encode(data),
|
||||||
|
"58": lambda data: base58.b58encode(data),
|
||||||
|
"64": lambda data: base64.b64encode(data),
|
||||||
|
"64u": lambda data: base64.urlsafe_b64encode(data),
|
||||||
|
"85": lambda data: base64.b85encode(data),
|
||||||
|
}
|
||||||
|
|
||||||
def show_help():
|
def show_help():
|
||||||
print("""Usage:
|
print("""Usage:
|
||||||
python3 natools.py <command> [options]
|
python3 natools.py <command> [options]
|
||||||
|
@ -74,11 +119,18 @@ Commands:
|
||||||
verify Verify data
|
verify Verify data
|
||||||
|
|
||||||
Options:
|
Options:
|
||||||
|
-f <fmt> Private key format (default: cred)
|
||||||
|
key cred pubsec seedh ssb wif wifh
|
||||||
-i <path> Input file path (default: -)
|
-i <path> Input file path (default: -)
|
||||||
-k <path> Privkey file path (default: authfile.key)
|
-k <path> Privkey file path (* for auto) (default: *)
|
||||||
--pubsec Use pub/sec format for -p
|
|
||||||
-p <str> Pubkey (base58)
|
-p <str> Pubkey (base58)
|
||||||
-o <path> Output file path (default: -)
|
-o <path> Output file path (default: -)
|
||||||
|
--noinc Do not include msg after signature
|
||||||
|
-O <fmt> Output format: raw 16 32 58 64 64u 85 (default: raw)
|
||||||
|
|
||||||
|
--help Show help
|
||||||
|
--version Show version
|
||||||
|
--debug Debug mode (display full errors)
|
||||||
|
|
||||||
Note: "-" means stdin or stdout.
|
Note: "-" means stdin or stdout.
|
||||||
""")
|
""")
|
||||||
|
@ -89,24 +141,42 @@ if __name__ == "__main__":
|
||||||
show_help()
|
show_help()
|
||||||
exit()
|
exit()
|
||||||
|
|
||||||
|
if "--version" in sys.argv:
|
||||||
|
print(__version__)
|
||||||
|
exit()
|
||||||
|
|
||||||
|
privkey_format = getargv("-f", "auto")
|
||||||
data_path = getargv("-i", "-")
|
data_path = getargv("-i", "-")
|
||||||
privkey_path = getargv("-k", "authfile.key")
|
privkey_path = getargv("-k", "*")
|
||||||
pubsec = "--pubsec" in sys.argv
|
|
||||||
pubkey = getargv("-p")
|
pubkey = getargv("-p")
|
||||||
result_path = getargv("-o", "-")
|
result_path = getargv("-o", "-")
|
||||||
|
output_format = getargv("-O", "raw")
|
||||||
|
|
||||||
try:
|
try:
|
||||||
if sys.argv[1] == "encrypt":
|
if sys.argv[1] == "encrypt":
|
||||||
write_data(encrypt(read_data(data_path), pubkey), result_path)
|
write_data(fmt[output_format](encrypt(read_data(data_path), pubkey)), result_path)
|
||||||
|
|
||||||
elif sys.argv[1] == "decrypt":
|
elif sys.argv[1] == "decrypt":
|
||||||
write_data(decrypt(read_data(data_path), get_privkey(privkey_path, pubsec)), result_path)
|
write_data(fmt[output_format](decrypt(read_data(data_path), get_privkey(privkey_path, privkey_format))), result_path)
|
||||||
|
|
||||||
elif sys.argv[1] == "sign":
|
elif sys.argv[1] == "sign":
|
||||||
write_data(sign(read_data(data_path), get_privkey(privkey_path, pubsec)), result_path)
|
data = read_data(data_path)
|
||||||
|
signed = sign(data, get_privkey(privkey_path, privkey_format))
|
||||||
|
|
||||||
|
if "--noinc" in sys.argv:
|
||||||
|
signed = signed[:len(signed)-len(data)]
|
||||||
|
|
||||||
|
write_data(fmt[output_format](signed), result_path)
|
||||||
|
|
||||||
elif sys.argv[1] == "verify":
|
elif sys.argv[1] == "verify":
|
||||||
write_data(verify(read_data(data_path), pubkey), result_path)
|
write_data(fmt[output_format](verify(read_data(data_path), pubkey)), result_path)
|
||||||
|
|
||||||
else:
|
else:
|
||||||
show_help()
|
show_help()
|
||||||
|
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
|
if "--debug" in sys.argv:
|
||||||
|
0/0 # DEBUG MODE
|
||||||
sys.stderr.write("Error: {}\n".format(e))
|
sys.stderr.write("Error: {}\n".format(e))
|
||||||
show_help()
|
show_help()
|
||||||
exit(1)
|
exit(1)
|
||||||
|
|
|
@ -125,5 +125,5 @@ IPFS SWARM :
|
||||||
```
|
```
|
||||||
g1pub=$(cat ~/.ssb/secret.dunikey | grep 'pub:' | cut -d ' ' -f 2)
|
g1pub=$(cat ~/.ssb/secret.dunikey | grep 'pub:' | cut -d ' ' -f 2)
|
||||||
~/.zen/astroport/zen/tools/natools.py encrypt -p $g1pub -i file -o file.crypt
|
~/.zen/astroport/zen/tools/natools.py encrypt -p $g1pub -i file -o file.crypt
|
||||||
~/.zen/astroport/zen/tools/natools.py decrypt --pubsec -k ~/.ssb/secret.dunikey -i file.crypt -o file
|
~/.zen/astroport/zen/tools/natools.py decrypt -f pubsec -k ~/.ssb/secret.dunikey -i file.crypt -o file
|
||||||
```
|
```
|
||||||
|
|
|
@ -128,12 +128,16 @@ $imagefile
|
||||||
$id : $type : $size bits
|
$id : $type : $size bits
|
||||||
|
|
||||||
"
|
"
|
||||||
|
# NOT WORKING, sudo inside !!!
|
||||||
|
#nodename=$(~/.zen/astroport/zen/tools/nodename)
|
||||||
|
nodename=$(cat /home/$YOU/.zen/ipfs/.$IPFSNODEID/G1SSB/_nodename)
|
||||||
|
if [[ $nodename == "" ]]; then
|
||||||
nodename=$(cat /etc/hostname)
|
nodename=$(cat /etc/hostname)
|
||||||
extension=$(echo$ nodename | cut -d '.' -f 2)
|
extension=$(echo$ nodename | cut -d '.' -f 2)
|
||||||
if [[ $extension == $nodename ]]; then
|
if [[ $extension == $nodename ]]; then
|
||||||
nodename=$nodename.home
|
nodename=$nodename.home
|
||||||
fi
|
fi
|
||||||
|
fi
|
||||||
########################################################################
|
########################################################################
|
||||||
# DUNITER G1 Wallet balance
|
# DUNITER G1 Wallet balance
|
||||||
export LC_ALL=C.UTF-8 #attipix
|
export LC_ALL=C.UTF-8 #attipix
|
||||||
|
|
|
@ -99,7 +99,7 @@ to ~/.ipfs/ipfs_swarm.key
|
||||||
echo "http://localhost:8989/blobs/get/$mylink"
|
echo "http://localhost:8989/blobs/get/$mylink"
|
||||||
continue
|
continue
|
||||||
curl -s "http://localhost:8989/blobs/get/$mylink" > $mytmp/ipfs_swarm.key.crypt
|
curl -s "http://localhost:8989/blobs/get/$mylink" > $mytmp/ipfs_swarm.key.crypt
|
||||||
$MY_PATH/tools/natools.py decrypt --pubsec -k ~/.ssb/secret.dunikey -i $mytmp/ipfs_swarm.key.crypt -o ~/.ipfs/ipfs_swarm.key && \
|
$MY_PATH/tools/natools.py decrypt -f pubsec -k ~/.ssb/secret.dunikey -i $mytmp/ipfs_swarm.key.crypt -o ~/.ipfs/ipfs_swarm.key && \
|
||||||
echo "IPFS SWARM KEY ~/.ipfs/ipfs_swarm.key received from SSB $author ... OK !"
|
echo "IPFS SWARM KEY ~/.ipfs/ipfs_swarm.key received from SSB $author ... OK !"
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -91,14 +91,9 @@ echo '
|
||||||
\____/_/ |_/____/___//____/
|
\____/_/ |_/____/___//____/
|
||||||
|
|
||||||
' | lolcat
|
' | lolcat
|
||||||
|
|
||||||
nodename=$(curl -s https://git.p2p.legal/axiom-team/astroport/raw/master/zen/tools/nodename | bash)
|
nodename=$(curl -s https://git.p2p.legal/axiom-team/astroport/raw/master/zen/tools/nodename | bash)
|
||||||
extension=$(echo $nodename | cut -d '.' -f 2)
|
|
||||||
if [[ $extension == $nodename ]]; then
|
|
||||||
PUB="false"
|
|
||||||
nodename=$nodename.local
|
|
||||||
else
|
|
||||||
PUB="true"
|
|
||||||
fi
|
|
||||||
if [[ ! $(which oasis) ]]; then
|
if [[ ! $(which oasis) ]]; then
|
||||||
echo "INSTALL.... http://$nodename"
|
echo "INSTALL.... http://$nodename"
|
||||||
echo "ENTER Station accessible Network name !!! Suggestion : $nodename"
|
echo "ENTER Station accessible Network name !!! Suggestion : $nodename"
|
||||||
|
|
|
@ -17,7 +17,9 @@
|
||||||
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
import os, sys, duniterpy.key, libnacl.sign
|
__version__ = "1.0"
|
||||||
|
|
||||||
|
import os, sys, duniterpy.key, libnacl.sign, base58, base64, getpass
|
||||||
|
|
||||||
def getargv(arg:str, default:str="", n:int=1, args:list=sys.argv) -> str:
|
def getargv(arg:str, default:str="", n:int=1, args:list=sys.argv) -> str:
|
||||||
if arg in args and len(args) > args.index(arg)+n:
|
if arg in args and len(args) > args.index(arg)+n:
|
||||||
|
@ -36,7 +38,7 @@ def read_data(data_path, b=True):
|
||||||
|
|
||||||
def write_data(data, result_path):
|
def write_data(data, result_path):
|
||||||
if result_path == "-":
|
if result_path == "-":
|
||||||
sys.stdout.write(data.decode())
|
os.fdopen(sys.stdout.fileno(), 'wb').write(data)
|
||||||
else:
|
else:
|
||||||
open(os.path.expanduser(result_path), "wb").write(data)
|
open(os.path.expanduser(result_path), "wb").write(data)
|
||||||
|
|
||||||
|
@ -57,12 +59,55 @@ def verify(data, pubkey):
|
||||||
sys.stderr.write("Bad signature!\n")
|
sys.stderr.write("Bad signature!\n")
|
||||||
exit(1)
|
exit(1)
|
||||||
|
|
||||||
def get_privkey(privkey_path, pubsec):
|
def get_privkey(privkey_path, privkey_format):
|
||||||
if pubsec:
|
if privkey_format == "pubsec":
|
||||||
|
if privkey_path == "*":
|
||||||
|
privkey_path = "privkey.pubsec"
|
||||||
return duniterpy.key.SigningKey.from_pubsec_file(privkey_path)
|
return duniterpy.key.SigningKey.from_pubsec_file(privkey_path)
|
||||||
|
|
||||||
|
elif privkey_format == "cred":
|
||||||
|
if privkey_path == "*":
|
||||||
|
privkey_path = "-"
|
||||||
|
if privkey_path == "-":
|
||||||
|
return duniterpy.key.SigningKey.from_credentials(getpass.getpass("Password: "), getpass.getpass("Salt: "))
|
||||||
else:
|
else:
|
||||||
|
return duniterpy.key.SigningKey.from_credentials_file(privkey_path)
|
||||||
|
|
||||||
|
elif privkey_format == "seedh":
|
||||||
|
if privkey_path == "*":
|
||||||
|
privkey_path = "authfile.seedhex"
|
||||||
return duniterpy.key.SigningKey.from_seedhex(read_data(privkey_path, False))
|
return duniterpy.key.SigningKey.from_seedhex(read_data(privkey_path, False))
|
||||||
|
|
||||||
|
elif privkey_format == "wif":
|
||||||
|
if privkey_path == "*":
|
||||||
|
privkey_path = "authfile.wif"
|
||||||
|
return duniterpy.key.SigningKey.from_wif_or_ewif_file(privkey_path)
|
||||||
|
|
||||||
|
elif privkey_format == "wifh":
|
||||||
|
if privkey_path == "*":
|
||||||
|
privkey_path = "authfile.wif"
|
||||||
|
return duniterpy.key.SigningKey.from_wif_or_ewif_hex(privkey_path)
|
||||||
|
|
||||||
|
elif privkey_format == "ssb":
|
||||||
|
if privkey_path == "*":
|
||||||
|
privkey_path = "secret"
|
||||||
|
return duniterpy.key.SigningKey.from_ssb_file(privkey_path)
|
||||||
|
|
||||||
|
elif privkey_format == "key":
|
||||||
|
if privkey_path == "*":
|
||||||
|
privkey_path = "authfile.key"
|
||||||
|
return duniterpy.key.SigningKey.from_private_key(privkey_path)
|
||||||
|
|
||||||
|
fmt = {
|
||||||
|
"raw": lambda data: data,
|
||||||
|
"16": lambda data: data.hex().encode(),
|
||||||
|
"32": lambda data: base64.b32encode(data),
|
||||||
|
"58": lambda data: base58.b58encode(data),
|
||||||
|
"64": lambda data: base64.b64encode(data),
|
||||||
|
"64u": lambda data: base64.urlsafe_b64encode(data),
|
||||||
|
"85": lambda data: base64.b85encode(data),
|
||||||
|
}
|
||||||
|
|
||||||
def show_help():
|
def show_help():
|
||||||
print("""Usage:
|
print("""Usage:
|
||||||
python3 natools.py <command> [options]
|
python3 natools.py <command> [options]
|
||||||
|
@ -74,11 +119,18 @@ Commands:
|
||||||
verify Verify data
|
verify Verify data
|
||||||
|
|
||||||
Options:
|
Options:
|
||||||
|
-f <fmt> Private key format (default: cred)
|
||||||
|
key cred pubsec seedh ssb wif wifh
|
||||||
-i <path> Input file path (default: -)
|
-i <path> Input file path (default: -)
|
||||||
-k <path> Privkey file path (default: authfile.key)
|
-k <path> Privkey file path (* for auto) (default: *)
|
||||||
--pubsec Use pub/sec format for -p
|
|
||||||
-p <str> Pubkey (base58)
|
-p <str> Pubkey (base58)
|
||||||
-o <path> Output file path (default: -)
|
-o <path> Output file path (default: -)
|
||||||
|
--noinc Do not include msg after signature
|
||||||
|
-O <fmt> Output format: raw 16 32 58 64 64u 85 (default: raw)
|
||||||
|
|
||||||
|
--help Show help
|
||||||
|
--version Show version
|
||||||
|
--debug Debug mode (display full errors)
|
||||||
|
|
||||||
Note: "-" means stdin or stdout.
|
Note: "-" means stdin or stdout.
|
||||||
""")
|
""")
|
||||||
|
@ -89,24 +141,42 @@ if __name__ == "__main__":
|
||||||
show_help()
|
show_help()
|
||||||
exit()
|
exit()
|
||||||
|
|
||||||
|
if "--version" in sys.argv:
|
||||||
|
print(__version__)
|
||||||
|
exit()
|
||||||
|
|
||||||
|
privkey_format = getargv("-f", "auto")
|
||||||
data_path = getargv("-i", "-")
|
data_path = getargv("-i", "-")
|
||||||
privkey_path = getargv("-k", "authfile.key")
|
privkey_path = getargv("-k", "*")
|
||||||
pubsec = "--pubsec" in sys.argv
|
|
||||||
pubkey = getargv("-p")
|
pubkey = getargv("-p")
|
||||||
result_path = getargv("-o", "-")
|
result_path = getargv("-o", "-")
|
||||||
|
output_format = getargv("-O", "raw")
|
||||||
|
|
||||||
try:
|
try:
|
||||||
if sys.argv[1] == "encrypt":
|
if sys.argv[1] == "encrypt":
|
||||||
write_data(encrypt(read_data(data_path), pubkey), result_path)
|
write_data(fmt[output_format](encrypt(read_data(data_path), pubkey)), result_path)
|
||||||
|
|
||||||
elif sys.argv[1] == "decrypt":
|
elif sys.argv[1] == "decrypt":
|
||||||
write_data(decrypt(read_data(data_path), get_privkey(privkey_path, pubsec)), result_path)
|
write_data(fmt[output_format](decrypt(read_data(data_path), get_privkey(privkey_path, privkey_format))), result_path)
|
||||||
|
|
||||||
elif sys.argv[1] == "sign":
|
elif sys.argv[1] == "sign":
|
||||||
write_data(sign(read_data(data_path), get_privkey(privkey_path, pubsec)), result_path)
|
data = read_data(data_path)
|
||||||
|
signed = sign(data, get_privkey(privkey_path, privkey_format))
|
||||||
|
|
||||||
|
if "--noinc" in sys.argv:
|
||||||
|
signed = signed[:len(signed)-len(data)]
|
||||||
|
|
||||||
|
write_data(fmt[output_format](signed), result_path)
|
||||||
|
|
||||||
elif sys.argv[1] == "verify":
|
elif sys.argv[1] == "verify":
|
||||||
write_data(verify(read_data(data_path), pubkey), result_path)
|
write_data(fmt[output_format](verify(read_data(data_path), pubkey)), result_path)
|
||||||
|
|
||||||
else:
|
else:
|
||||||
show_help()
|
show_help()
|
||||||
|
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
|
if "--debug" in sys.argv:
|
||||||
|
0/0 # DEBUG MODE
|
||||||
sys.stderr.write("Error: {}\n".format(e))
|
sys.stderr.write("Error: {}\n".format(e))
|
||||||
show_help()
|
show_help()
|
||||||
exit(1)
|
exit(1)
|
||||||
|
|
Loading…
Reference in New Issue