Docker, Makefile, etc.

This commit is contained in:
Boris 2022-11-17 16:53:45 +01:00
parent ca8cb2950f
commit 302da5a2be
15 changed files with 909 additions and 746 deletions

View File

@ -3,3 +3,5 @@ MYOS_REPOSITORY ?= https://github.com/aynicos/myos
-include $(MYOS)/make/include.mk
$(MYOS):
-@git clone $(MYOS_REPOSITORY) $(MYOS)
ENV_VARS += DOCKER_INTERNAL_DOCKER_HOST

View File

@ -38,14 +38,14 @@ RUN apk add --no-cache --virtual .build-deps \
python3-dev \
swig \
&& mkdir -p /usr/local/src/jaklis \
&& wget -qO - https://git.p2p.legal/axiom-team/jaklis/archive/master.tar.gz \
&& wget -qO - https://github.com/aynicos/jaklis/archive/master.tar.gz \
|tar --strip-components 1 -C /usr/local/src/jaklis -xzf - \
&& pip3 install -r /usr/local/src/jaklis/requirements.txt \
&& ln -s /usr/local/src/jaklis/jaklis.py /usr/local/bin/jaklis \
&& chmod 0755 /usr/local/bin/jaklis \
&& /usr/local/bin/jaklis --help >/dev/null \
&& mkdir -p /usr/local/src/dpgpid \
&& wget -qO - https://git.p2p.legal/aya/dpgpid/archive/master.tar.gz \
&& wget -qO - https://github.com/aynicos/dpgpid/archive/wip.tar.gz \
|tar --strip-components 1 -C /usr/local/src/dpgpid -xzf - \
&& pip3 install -r /usr/local/src/dpgpid/requirements.txt \
&& ln -s /usr/local/src/dpgpid/keygen /usr/local/bin/keygen \
@ -93,3 +93,6 @@ RUN [ "$UID" -eq "$UID" ] 2>/dev/null \
ENV SHELL=${SHELL}
WORKDIR /var/www
RUN rm /etc/php7/conf.d/00_opcache.ini
RUN sed -i 's/^;php_flag[display_errors] = off/php_flag[display_errors] = on/' /etc/php7/php-fpm.d/www.conf

View File

@ -12,6 +12,9 @@ services:
networks:
- private
- public
extra_hosts:
- astroport.localhost:${DOCKER_INTERNAL_DOCKER_HOST}
networks:
private:

View File

@ -5,15 +5,23 @@ class Fred {
private $gatewayProtocol = 'http';
private $gatewayDomain = 'libra.copylaradio.com';
// private $gatewayDomain = 'aries.copylaradio.com';
// private $gatewayDomain = 'astroport.localhost';
private $gatewayPort = '1234';
private $gatewayDelay = 3;
private $gatewayMaxRounds = 1;
public function __construct () {
}
public function donneMoiLAdresseIPDuServeurQuiHebergeMonTiddlyWiki ($salt, $pepper) {
}
public function donneMoiLaPutainDeClefIPNS ($prenomNom, $nomDuChienSuivieDeLaDateDeNaissanceDeJohnnyHallyday) {
$salt = $prenomNom;
@ -31,12 +39,37 @@ class Fred {
preg_match("`url='([^']+)'`isU", $page1, $matches);
$url = $matches[1];
$opts2 = array(
'http'=>array(
'method'=>"GET",
'header'=>"Accept-language: fr\r\n",
'follow_location' => 0
)
);
$context2 = stream_context_create($opts2);
$page2 = false;
$rounds = 0;
while (($page2 === false) and $rounds < $this->gatewayMaxRounds) {
sleep($this->gatewayDelay);
// echo "\n\n\nround n°" . $rounds . "\n";
$page2 = @file_get_contents($url, false, $context2);
// echo '<pre>'. print_r(htmlspecialchars($page2), true) . '</pre>';
$rounds++;
}
sleep($this->gatewayDelay);
if ($page2 === false) {
$page2 = file_get_contents($url);
if (empty($page2)) {
throw new Exception("J'ai pas pû me connecter à ". $url ." pour récupérer la putain de deuxième page.");
} else if (empty($page2)) {
throw new Exception("J'ai pas pû récupérer la putain de deuxième page.");
}
@ -78,10 +111,12 @@ class Fred {
$page2 = '';
$rounds = 0;
while (empty($page2) and $rounds < 10) {
while (empty($page2) and $rounds < $this->gatewayMaxRounds) {
sleep($this->gatewayDelay);
$page2 = file_get_contents($url);
$rounds++;
}
if (empty($page2)) {
@ -154,11 +189,13 @@ class Fred {
$rounds = 0;
while (empty($page2) and $rounds < 10) {
while (empty($page2) and $rounds < $this->gatewayMaxRounds) {
sleep($this->gatewayDelay);
$page2 = file_get_contents($url, false, $context2);
$rounds++;
}
if (empty($page2)) {

View File

@ -7,6 +7,8 @@ class Jaklis {
private $mode;
private $jaklisPath = __DIR__ . '/../vendors/jaklis/jaklis';
// private $jaklisPath = 'jaklis'; // if you use Docker
private $nodes = [

View File

@ -3,6 +3,8 @@
class Keygen {
private $keygenPath = __DIR__ . '/../vendors/keygen/keygen';
// private $keygenPath = 'keygen'; // if you use Docker
private $pubsecDir = __DIR__ .'/../cache/pubsec/';
@ -21,7 +23,7 @@ class Keygen {
$cmd .= ' -f pubsec';
$cmd .= ' -t duniter';
$cmd .= ' "'. $salt .'"';
$cmd .= ' "'. $pepper .'"';
$cmd .= ' -p "'. $pepper .'"';
$output=null;
$result_code=null;
@ -37,6 +39,30 @@ class Keygen {
return $output[0];
}
public function getIPNSPub ($salt, $pepper) {
$salt = str_replace('"', '\"', $salt);
$pepper = str_replace('"', '\"', $pepper);
$cmd = $this->keygenPath;
$cmd .= ' -t b36mf';
$cmd .= ' "'. $salt .'"';
$cmd .= ' -p "'. $pepper .'"';
$output=null;
$result_code=null;
exec($cmd, $output, $result_code);
// die($cmd . '<br />'. print_r($output, true) . '<br />'. print_r($result_code, true));
if (empty($output) or empty($output[0])) {
throw new Exception('Keygen me calcule pas (la pub IPNS) :<br />' . $cmd . '<br />');
}
return $output[0];
}
public function generatePubsec ($salt, $pepper) {
$salt = str_replace('"', '\"', $salt);
@ -50,22 +76,25 @@ class Keygen {
}
$cmd = $this->keygenPath;
$cmd .= ' -f pubsec';
$cmd .= ' -t duniter';
$cmd .= ' "'. $salt .'"';
$cmd .= ' "'. $pepper .'"';
$cmd .= ' -o '. $this->pubsecDir . $userPubkey . '.dunikey';
if (!file_exists($this->pubsecDir . $userPubkey . '.dunikey')) {
$output=null;
$result_code=null;
exec($cmd, $output, $result_code);
$cmd = $this->keygenPath;
$cmd .= ' -f pubsec';
$cmd .= ' -t duniter';
$cmd .= ' "'. $salt .'"';
$cmd .= ' -p "'. $pepper .'"';
$cmd .= ' -o '. $this->pubsecDir . $userPubkey . '.dunikey';
// die($cmd . '<br />'. print_r($result_code, true));
$output=null;
$result_code=null;
exec($cmd, $output, $result_code);
if ($result_code != 0) {
// die($cmd . '<br />'. print_r($result_code, true));
throw new Exception('Keygen me calcule pas (la dunikey)');
if ($result_code != 0) {
throw new Exception('Keygen me calcule pas (la dunikey)');
}
}
}
}

Binary file not shown.

1
vendors/keygen/about.py vendored Normal file
View File

@ -0,0 +1 @@
__version__='0.1.0'

581
vendors/keygen/key/__init__.py vendored Normal file
View File

@ -0,0 +1,581 @@
#!/usr/bin/env python3
# link: https://git.p2p.legal/aya/dpgpid/
# desc: dpgpid builds a decentralized gpg world of trust with did over ipfs
# Copyleft 2022 Yann Autissier <aya@asycn.io>
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
from cryptography.hazmat.primitives import serialization
from jwcrypto.jwk import JWK
from SecureBytes import clearmem
import base36
import base58
import base64
import duniterpy.key
import gpg
import logging as log
import pgpy
import pynentry
import re
import warnings
def from_args(args, config):
log.debug("key.from_args(%s, %s)" % (args, config))
from key import ed25519
if args.gpg:
_gpg = gpg.Context(armor=True, offline=True)
return from_gpg(_gpg, args.username[0], args.password)
else:
scrypt_params = duniterpy.key.scrypt_params.ScryptParams(
int(config.get('scrypt', 'n')) if config and config.has_option('scrypt', 'n') else 4096,
int(config.get('scrypt', 'r')) if config and config.has_option('scrypt', 'r') else 16,
int(config.get('scrypt', 'p')) if config and config.has_option('scrypt', 'p') else 1,
int(config.get('scrypt', 'sl')) if config and config.has_option('scrypt', 'sl') else 32,
)
if args.input:
return from_file(args.input, args.password, scrypt_params)
else:
if args.mnemonic:
return from_mnemonic(' '.join(args.username), scrypt_params)
else:
return from_credentials(args.username[0], args.password, scrypt_params)
def from_credentials(username, password=None, scrypt_params=None):
log.debug("key.from_credentials(%s, %s, %s)" % (username, password, scrypt_params))
try:
if not password:
with pynentry.PynEntry() as p:
p.description = f"""Please enter the passord for username "{username}"."""
p.prompt = 'Passsord:'
try:
password = p.get_pin()
except pynentry.PinEntryCancelled:
log.warning('Cancelled! Goodbye.')
exit(1)
return from_duniterpy(duniterpy.key.SigningKey.from_credentials(
username,
password,
scrypt_params
))
except Exception as e:
log.error(f'Unable to get key from credentials: {e}')
exit(2)
def from_duniterpy(duniterpy):
log.debug("key.from_duniterpy(%s)" % duniterpy)
key = ed25519.from_duniterpy(duniterpy)
key.duniterpy = duniterpy
return key
def from_file(input_file, password=None, scrypt_params=None):
log.debug("key.from_file(%s, %s, %s)" % (input_file, password, scrypt_params))
try:
with open(input_file, 'r') as file:
lines = file.readlines()
if len(lines) > 0:
line = lines[0].strip()
regex_ewif = re.compile('^Type: EWIF$')
regex_jwk = re.compile('^\\s*{\\s*"crv":\\s*"Ed25519",\\s*"d":\\s*"(.)+",\\s*"kty":\\s*"OKP",\\s*"x":\\s*"(.)+"\\s*}')
regex_nacl = re.compile('^\\s*{\\s*"priv":\\s*"[0-9a-fA-F]+",\\s*"verify":\\s*"[0-9a-fA-F]+",\\s*"sign":\\s*"[0-9a-fA-F]+"\\s*}')
regex_pem = re.compile('^-----BEGIN PRIVATE KEY-----$')
regex_pubsec = re.compile('^Type: PubSec$')
regex_seed = re.compile('^[0-9a-fA-F]{64}$')
regex_ssb = re.compile('\\s*{\\s*"curve":\\s*"ed25519",\\s*"public":\\s*"(.+)\\.ed25519",\\s*"private":\\s*"(.+)\\.ed25519",\\s*"id":\\s*"@(.+).ed25519"\\s*}')
regex_wif = re.compile('^Type: WIF$')
if re.search(regex_ewif, line):
log.info("input file format detected: ewif")
if not password:
with pynentry.PynEntry() as p:
p.description = f"""Data in EWIF file is encrypted.
Please enter a password to decrypt seed.
"""
p.prompt = 'Passphrase:'
try:
password = p.get_pin()
except pynentry.PinEntryCancelled:
log.warning('Cancelled! Goodbye.')
exit(1)
return from_duniterpy(duniterpy.key.SigningKey.from_ewif_file(input_file, password))
elif re.search(regex_jwk, line):
log.info("input file format detected: jwk")
return from_jwk(JWK.from_json(line))
elif re.search(regex_nacl, line):
log.info("input file format detected: nacl")
return from_duniterpy(duniterpy.key.SigningKey.from_private_key(input_file))
elif re.search(regex_pem, line):
log.info("input file format detected: pem")
return from_pem(''.join(lines).encode())
elif re.search(regex_pubsec, line):
log.info("input file format detected: pubsec")
return from_duniterpy(duniterpy.key.SigningKey.from_pubsec_file(input_file))
elif re.search(regex_seed, line):
log.info("input file format detected: seed")
return from_duniterpy(duniterpy.key.SigningKey.from_seedhex_file(input_file))
elif re.search(regex_ssb, line):
log.info("input file format detected: ssb")
return from_duniterpy(duniterpy.key.SigningKey.from_ssb_file(input_file))
elif re.search(regex_wif, line):
log.info("input file format detected: wif")
return from_duniterpy(duniterpy.key.SigningKey.from_wif_file(input_file))
elif len(line.split(' ')) == 12:
log.info("input file format detected: mnemonic")
return from_mnemonic(line, scrypt_params)
elif len(lines) > 1:
log.info("input file format detected: credentials")
return from_credentials(line, lines[1].strip(), scrypt_params)
else:
raise NotImplementedError('unknown input file format.')
else:
raise IOError('empty file.')
except UnicodeDecodeError as e:
try:
with open(input_file, 'rb') as file:
lines = file.readlines()
if len(lines) > 0:
line = lines[0].strip()
regex_dewif = re.compile(b'^\x00\x00\x00\x01\x00\x00\x00\x01')
regex_p2p = re.compile(b'^\x08\x01\x12@')
if re.search(regex_dewif, line):
log.info("input file format detected: dewif")
if not password:
with pynentry.PynEntry() as p:
p.description = f"""Data in DEWIF file is encrypted.
Please enter a password to decrypt seed.
"""
p.prompt = 'Passphrase:'
try:
password = p.get_pin()
except pynentry.PinEntryCancelled:
log.warning('Cancelled! Goodbye.')
exit(1)
return from_duniterpy(duniterpy.key.SigningKey.from_dewif_file(input_file, password))
if re.search(regex_p2p, line):
log.info("input file format detected: p2p")
return from_libp2p(line)
else:
raise NotImplementedError('unknown input file format.')
else:
raise IOError('empty file.')
except Exception as e:
log.error(f'Unable to get key from input file {input_file}: {e}')
exit(2)
except Exception as e:
log.error(f'Unable to get key from input file {input_file}: {e}')
exit(2)
def from_gpg(_gpg, username, password=None):
log.debug("key.from_gpg(%s, %s, %s)" % (_gpg, username, password))
try:
secret_keys = list(_gpg.keylist(pattern=username, secret=True))
log.debug("key.secret_keys=%s" % secret_keys)
if not secret_keys:
log.warning(f"""Unable to find any key matching "{username}".""")
exit(1)
else:
_gpg.secret_key = secret_keys[0]
log.info(f"""Found key id "{_gpg.secret_key.fpr}" matching "{username}".""")
log.debug("key._gpg.secret_key.expired=%s" % _gpg.secret_key.expired)
log.debug("key._gpg.secret_key.fpr=%s" % _gpg.secret_key.fpr)
log.debug("key._gpg.secret_key.revoked=%s" % _gpg.secret_key.revoked)
log.debug("key._gpg.secret_key.uids=%s" % _gpg.secret_key.uids)
log.debug("key._gpg.secret_key.owner_trust=%s" % _gpg.secret_key.owner_trust)
log.debug("key._gpg.secret_key.last_update=%s" % _gpg.secret_key.last_update)
if password:
gpg_passphrase_cb = gpg_passphrase(password).cb
_gpg.set_passphrase_cb(gpg_passphrase_cb)
_gpg.set_pinentry_mode(gpg.constants.PINENTRY_MODE_LOOPBACK)
_gpg.public_armor = _gpg.key_export(_gpg.secret_key.fpr)
_gpg.secret_armor = _gpg.key_export_secret(_gpg.secret_key.fpr)
if not _gpg.secret_armor:
log.error(f"""Unable to export gpg secret key id "{_gpg.secret_key.fpr}" for username "{username}". Please check your password!""")
exit(2)
with warnings.catch_warnings():
# remove CryptographyDeprecationWarning about deprecated
# SymmetricKeyAlgorithm IDEA, CAST5 and Blowfish (PGPy v0.5.4)
warnings.simplefilter('ignore')
_pgpy, _ = pgpy.PGPKey.from_blob(_gpg.secret_armor)
key = from_pgpy(_pgpy, password)
key.gpg = _gpg
return key
except Exception as e:
log.error(f'Unable to get key from gpg: {e}')
exit(2)
def from_jwk(jwk):
log.debug("key.from_jwk(%s)" % jwk)
key = ed25519.from_jwk(jwk)
key.jwk = jwk
return key
def from_libp2p(libp2p):
log.debug("key.from_libp2p(%s)" % libp2p)
return ed25519.from_libp2p(libp2p)
def from_mnemonic(mnemonic, scrypt_params=None):
log.debug("key.from_mnemonic(%s, %s)" % (mnemonic, scrypt_params))
try:
return from_duniterpy(duniterpy.key.SigningKey.from_dubp_mnemonic(
mnemonic,
scrypt_params
))
except Exception as e:
log.error(f'Unable to get key from mnemonic: {e}')
exit(2)
def from_pem(pem):
log.debug("key.from_pem(%s)" % pem)
return ed25519.from_pem(pem)
def from_pgpy(_pgpy, password=None):
log.debug("key.from_pgpy(%s, %s)" % (_pgpy, password))
try:
log.debug("key._pgpy.fingerprint.keyid=%s" % _pgpy.fingerprint.keyid)
log.debug("key._pgpy.is_protected=%s" % _pgpy.is_protected)
_pgpy.key_type = pgpy_key_type(_pgpy)
if _pgpy.is_protected:
if not password:
with pynentry.PynEntry() as p:
p.description = f"""The exported pgp key id "{_pgpy.fingerprint.keyid}" is password protected.
Please enter the passphrase again to unlock it.
"""
p.prompt = 'Passphrase:'
try:
password = p.get_pin()
except pynentry.PinEntryCancelled:
log.warning('Cancelled! Goodbye.')
exit(1)
try:
with warnings.catch_warnings():
# remove CryptographyDeprecationWarning about deprecated
# SymmetricKeyAlgorithm IDEA, CAST5 and Blowfish (PGPy v0.5.4)
warnings.simplefilter('ignore')
with _pgpy.unlock(password):
assert _pgpy.is_unlocked
log.debug("key._pgpy.is_unlocked=%s" % _pgpy.is_unlocked)
key = ed25519.from_pgpy(_pgpy)
except Exception as e:
log.error(f"""Unable to unlock pgp secret key id "{pgpy.fingerprint.keyid}": {e}""")
exit(2)
else:
key = ed25519.from_pgpy(_pgpy)
key.pgpy = _pgpy
return key
except Exception as e:
log.error(f'Unable to get key from pgpy: {e}')
exit(2)
def pgpy_key_type(_pgpy):
log.debug("key.pgpy_key_type(%s)" % _pgpy)
if isinstance(_pgpy._key.keymaterial, pgpy.packet.fields.RSAPriv):
key_type = 'RSA'
elif isinstance(_pgpy._key.keymaterial, pgpy.packet.fields.DSAPriv):
key_type = 'DSA'
elif isinstance(_pgpy._key.keymaterial, pgpy.packet.fields.ElGPriv):
key_type = 'ElGamal'
elif isinstance(_pgpy._key.keymaterial, pgpy.packet.fields.ECDSAPriv):
key_type = 'ECDSA'
elif isinstance(_pgpy._key.keymaterial, pgpy.packet.fields.EdDSAPriv):
key_type = 'EdDSA'
elif isinstance(_pgpy._key.keymaterial, pgpy.packet.fields.ECDHPriv):
key_type = 'ECDH'
else:
key_type = 'undefined'
log.debug("key.pgpy_key_type().key_type=%s" % key_type)
return key_type
class gpg_passphrase():
def __init__(self, password):
log.debug("gpg_passphrase().__init__(%s)" % password)
self.password = password
def cb(self, uid_hint, passphrase_info, prev_was_bad):
log.debug("gpg_passphrase().cb(%s, %s, %s)" % (uid_hint, passphrase_info, prev_was_bad))
return self.password
class key():
def __init__(self):
log.debug("key().__init__()")
self.algorithm = 'undefined'
self.cryptography = None
def __del__(self):
log.debug("key().__del__()")
self._cleanup()
def _cleanup(self):
log.debug("key()._cleanup()")
if hasattr(self, 'duniterpy'):
if hasattr(self.duniterpy, 'seed') and self.duniterpy.seed:
clearmem(self.duniterpy.seed)
log.debug("cleared: key().duniterpy.seed")
if hasattr(self.duniterpy, 'sk') and self.duniterpy.sk:
clearmem(self.duniterpy.sk)
log.debug("cleared: key().duniterpy.sk")
if hasattr(self, 'gpg'):
if hasattr(self.gpg, 'secret_armor') and self.gpg.secret_armor:
clearmem(self.gpg.secret_armor)
log.debug("cleared: key().gpg.secret_armor")
if hasattr(self, 'jwk'):
if hasattr(self, 'secret_jwk') and self.secret_jwk:
clearmem(self.secret_jwk)
log.debug("cleared: key().secret_jwk")
if hasattr(self.jwk, 'd') and self.jwk.d:
clearmem(self.jwk.d)
log.debug("cleared: key().jwk.d")
if hasattr(self, 'pgpy'):
if hasattr(self.pgpy._key.keymaterial, 'p') and self.pgpy._key.keymaterial.p and not isinstance(self.pgpy._key.keymaterial.p, pgpy.packet.fields.ECPoint):
clearmem(self.pgpy._key.keymaterial.p)
log.debug("cleared: key().pgpy._key.material.p")
if hasattr(self.pgpy._key.keymaterial, 'q') and self.pgpy._key.keymaterial.q:
clearmem(self.pgpy._key.keymaterial.q)
log.debug("cleared: key().pgpy._key.material.q")
if hasattr(self.pgpy._key.keymaterial, 's') and self.pgpy._key.keymaterial.s:
clearmem(self.pgpy._key.keymaterial.s)
log.debug("cleared: key().pgpy._key.material.s")
if hasattr(self, 'secret_b36mf') and self.secret_b36mf:
clearmem(self.secret_b36mf)
log.debug("cleared: key().secret_b36mf")
if hasattr(self, 'secret_b58mf') and self.secret_b58mf:
clearmem(self.secret_b58mf)
log.debug("cleared: key().secret_b58mf")
if hasattr(self, 'secret_b58mh') and self.secret_b58mh:
clearmem(self.secret_b58mh)
log.debug("cleared: key().secret_b58mh")
if hasattr(self, 'secret_b64mh') and self.secret_b64mh:
clearmem(self.secret_b64mh)
log.debug("cleared: key().secret_b64mh")
if hasattr(self, 'secret_base58') and self.secret_base58:
clearmem(self.secret_base58)
log.debug("cleared: key().secret_base58")
if hasattr(self, 'secret_base64') and self.secret_base64:
clearmem(self.secret_base64)
log.debug("cleared: key().secret_base64")
if hasattr(self, 'secret_cidv1') and self.secret_cidv1:
clearmem(self.secret_cidv1)
log.debug("cleared: key().secret_cidv1")
if hasattr(self, 'secret_libp2p') and self.secret_libp2p:
clearmem(self.secret_libp2p)
log.debug("cleared: key().secret_libp2p")
if hasattr(self, 'secret_pem_pkcs8') and self.secret_pem_pkcs8:
clearmem(self.secret_pem_pkcs8)
log.debug("cleared: key().secret_pem_pkcs8")
if hasattr(self, 'secret_proto2') and self.secret_proto2:
clearmem(self.secret_proto2)
log.debug("cleared: key().secret_proto2")
def to_b36mf(self):
log.debug("key().to_b36mf()")
if not hasattr(self, 'public_cidv1') or not hasattr(self, 'secret_cidv1'):
self.to_cidv1()
try:
self.public_b36mf = 'k' + base36.dumps(int.from_bytes(self.public_cidv1, byteorder='big'))
self.secret_b36mf = 'k' + base36.dumps(int.from_bytes(self.secret_cidv1, byteorder='big'))
except Exception as e:
log.error(f'Unable to get b36mf from cidv1: {e}')
exit(2)
log.debug("key().public_b36mf=%s" % self.public_b36mf)
log.debug("key().secret_b36mf=%s" % self.secret_b36mf)
def to_b58mf(self):
log.debug("key().to_b58mf()")
if not hasattr(self, 'public_cidv1') or not hasattr(self, 'secret_cidv1'):
self.to_cidv1()
try:
self.public_b58mf = 'z' + base58.b58encode(self.public_cidv1).decode('ascii')
self.secret_b58mf = 'z' + base58.b58encode(self.secret_cidv1).decode('ascii')
except Exception as e:
log.error(f'Unable to get b58mf from cidv1: {e}')
exit(2)
log.debug("key().public_b58mf=%s" % self.public_b58mf)
log.debug("key().secret_b58mf=%s" % self.secret_b58mf)
def to_b58mh(self):
log.debug("key().to_b58mh()")
if not hasattr(self, 'public_libp2p') or not hasattr(self, 'secret_libp2p'):
self.to_libp2p()
try:
self.public_b58mh = base58.b58encode(self.public_libp2p).decode('ascii')
self.secret_b58mh = base58.b58encode(self.secret_libp2p).decode('ascii')
except Exception as e:
log.error(f'Unable to get b58mh from libp2p: {e}')
exit(2)
log.debug("key().public_b58mh=%s" % self.public_b58mh)
log.debug("key().secret_b58mh=%s" % self.secret_b58mh)
def to_b64mh(self):
log.debug("key().to_b64mh()")
if not hasattr(self, 'public_libp2p') or not hasattr(self, 'secret_libp2p'):
self.to_libp2p()
try:
self.public_b64mh = base64.b64encode(self.public_libp2p).decode('ascii')
self.secret_b64mh = base64.b64encode(self.secret_libp2p).decode('ascii')
except Exception as e:
log.error(f'Unable to get b64mh from libp2p: {e}')
exit(2)
log.debug("key().public_b64mh=%s" % self.public_b64mh)
log.debug("key().secret_b64mh=%s" % self.secret_b64mh)
def to_base58(self):
log.debug("key().to_base58()")
try:
self.public_base58 = base58.b58encode(self.public_bytes).decode('ascii')
self.secret_base58 = base58.b58encode(self.secret_bytes).decode('ascii')
except Exception as e:
log.error(f'Unable to get base58: {e}')
exit(2)
log.debug("key().public_base58=%s" % self.public_base58)
log.debug("key().secret_base58=%s" % self.secret_base58)
def to_base64(self):
log.debug("key().to_base64()")
try:
self.public_base64 = base64.b64encode(self.public_bytes).decode('ascii')
self.secret_base64 = base64.b64encode(self.secret_bytes).decode('ascii')
except Exception as e:
log.error(f'Unable to get base64: {e}')
exit(2)
log.debug("key().public_base64=%s" % self.public_base64)
log.debug("key().secret_base64=%s" % self.secret_base64)
def to_cidv1(self):
log.debug("key().to_cidv1()")
if not hasattr(self, 'public_libp2p') or not hasattr(self, 'secret_libp2p'):
self.to_libp2p()
try:
# \x01: multicodec cid prefix = CIDv1
# \x72: multicodec content prefix = libp2p-key
self.public_cidv1 = b'\x01\x72' + self.public_libp2p
self.secret_cidv1 = b'\x01\x72' + self.secret_libp2p
except Exception as e:
log.error(f'Unable to get cidv1: {e}')
exit(2)
log.debug("key().public_cidv1=%s" % self.public_cidv1)
log.debug("key().secret_cidv1=%s" % self.secret_cidv1)
def to_duniterpy(self):
log.debug("key().to_duniterpy()")
raise NotImplementedError(f"key().to_duniterpy() is not implemented for algorithm {self.algorithm}")
def to_file(self, output_file, file_format=None, password=None):
log.debug("key().to_file(%s, %s, %s)" % (output_file, file_format, password))
try:
if file_format == 'dewif':
if not hasattr(self, 'duniterpy'):
self.to_duniterpy()
if not password:
with pynentry.PynEntry() as p:
p.description = f"""Data in DEWIF file needs to be encrypted.
Please enter a password to encrypt seed.
"""
p.prompt = 'Passphrase:'
try:
password = p.get_pin()
except pynentry.PinEntryCancelled:
log.warning('Cancelled! Goodbye.')
exit(1)
self.duniterpy.save_dewif_v1_file(output_file, password)
elif file_format == 'ewif':
if not hasattr(self, 'duniterpy'):
self.to_duniterpy()
if not password:
with pynentry.PynEntry() as p:
p.description = f"""Data in EWIF file needs to be encrypted.
Please enter a password to encrypt seed.
"""
p.prompt = 'Passphrase:'
try:
password = p.get_pin()
except pynentry.PinEntryCancelled:
log.warning('Cancelled! Goodbye.')
exit(1)
self.duniterpy.save_ewif_file(output_file, password)
elif file_format == 'jwk':
if not hasattr(self, 'jwk'):
self.to_jwk()
with open(output_file, "w") as file:
file.write(self.jwk.export())
elif file_format == 'nacl':
if not hasattr(self, 'duniterpy'):
self.to_duniterpy()
self.duniterpy.save_private_key(output_file)
elif file_format == 'p2p':
if not hasattr(self, 'secret_libp2p'):
self.to_libp2p()
with open(output_file, "wb") as file:
file.write(self.secret_libp2p)
elif file_format == 'pubsec':
if not hasattr(self, 'duniterpy'):
self.to_duniterpy()
self.duniterpy.save_pubsec_file(output_file)
elif file_format == 'seed':
if not hasattr(self, 'duniterpy'):
self.to_duniterpy()
self.duniterpy.save_seedhex_file(output_file)
elif file_format == 'wif':
if not hasattr(self, 'duniterpy'):
self.to_duniterpy()
self.duniterpy.save_wif_file(output_file)
else:
if not hasattr(self, 'secret_pem_pkcs8'):
self.to_pem_pkcs8()
with open(output_file, "w") as file:
file.write(self.secret_pem_pkcs8)
except Exception as e:
log.error(f'Unable to write key to output file {output_file}: {e}')
exit(2)
def to_jwk(self):
log.debug("key().to_jwk()")
try:
if not hasattr(self, 'jwk'):
self.jwk = JWK.from_pyca(self.cryptography)
self.public_jwk = self.jwk.export_public()
self.secret_jwk = self.jwk.export_private()
except Exception as e:
log.error(f'Unable to get jwk: {e}')
exit(2)
def to_libp2p(self):
log.debug("key().to_libp2p()")
try:
if not hasattr(self, 'public_proto2') or not hasattr(self, 'secret_proto2'):
self.to_proto2()
# \x00: multihash prefix = raw id
# \x24: multihash length = 36 bytes
self.public_libp2p = b'\x00$' + self.public_proto2
self.secret_libp2p = self.secret_proto2
except Exception as e:
log.error(f'Unable to get libp2p: {e}')
exit(2)
log.debug("key().public_libp2p=%s" % self.public_libp2p)
log.debug("key().secret_libp2p=%s" % self.secret_libp2p)
def to_pem_pkcs8(self):
log.debug("key().to_pem_pkcs8()")
try:
self.secret_pem_pkcs8 = self.cryptography.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.PKCS8,
encryption_algorithm=serialization.NoEncryption()
).decode('ascii')
except Exception as e:
log.error(f'Unable to get pem pkcs8: {e}')
exit(2)
log.debug("key().secret_pem_pkcs8=%s" % self.secret_pem_pkcs8)
def to_proto2(self):
log.debug("key().to_proto2()")
raise NotImplementedError(f"key().to_proto2() is not implemented for algorithm {self.algorithm}")

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

136
vendors/keygen/key/ed25519.py vendored Normal file
View File

@ -0,0 +1,136 @@
#!/usr/bin/env python3
# link: https://git.p2p.legal/aya/dpgpid/
# desc: dpgpid builds a decentralized gpg world of trust with did over ipfs
# Copyleft 2022 Yann Autissier <aya@asycn.io>
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
from . import key
from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey
from cryptography.hazmat.primitives import serialization
from SecureBytes import clearmem
import duniterpy.key
import logging as log
def from_duniterpy(duniterpy):
log.debug("ed25519.from_duniterpy(%s)" % duniterpy)
try:
return ed25519(duniterpy.sk[:32])
except Exception as e:
log.error(f'Unable to get ed25519 from duniterpy: {e}')
exit(2)
def from_jwk(jwk):
log.debug("ed25519.from_jwk(%s)" % jwk)
try:
return ed25519(jwk._okp_pri().private_bytes(
encoding=serialization.Encoding.Raw,
format=serialization.PrivateFormat.Raw,
encryption_algorithm=serialization.NoEncryption()
))
except Exception as e:
log.error(f'Unable to get ed25519 from jwk: {e}')
exit(2)
def from_libp2p(libp2p):
log.debug("ed25519.from_libp2p(%s) % libp2p")
try:
return ed25519(libp2p.lstrip(b'\x08\x01\x12@')[:32])
except Exception as e:
log.error(f'Unable to get ed25519 from libp2p: {e}')
exit(2)
def from_pem(pem):
log.debug("ed25519.from_pem(%s)" % pem)
try:
return ed25519(serialization.load_pem_private_key(pem, password=None).private_bytes(
encoding=serialization.Encoding.Raw,
format=serialization.PrivateFormat.Raw,
encryption_algorithm=serialization.NoEncryption()
))
except Exception as e:
log.error(f'Unable to get ed25519 from pem: {e}')
exit(2)
def from_pgpy(_pgpy):
log.debug("ed25519.from_pgpy(%s)" % _pgpy)
try:
if _pgpy.key_type == 'RSA':
log.debug("ed25519._pgpy._key.keymaterial.p=%s" % _pgpy._key.keymaterial.p)
log.debug("ed25519._pgpy._key.keymaterial.q=%s" % _pgpy._key.keymaterial.q)
# rsa custom seed: sha256 hash of (p + q), where + is a string concatenation
# self.ed25519_seed_bytes = nacl.bindings.crypto_hash_sha256((rsa_int).to_bytes(rsa_len,byteorder='big'))
rsa_int = int(str(_pgpy._key.keymaterial.p) + str(_pgpy._key.keymaterial.q))
rsa_len = (rsa_int.bit_length() + 7) // 8
from cryptography.hazmat.primitives import hashes
digest = hashes.Hash(hashes.SHA256())
digest.update((rsa_int).to_bytes(rsa_len,byteorder='big'))
seed = digest.finalize()
# seed_bytes = nacl.bindings.crypto_hash_sha256((rsa_int).to_bytes(rsa_len,byteorder='big'))
elif _pgpy.key_type in ('ECDSA', 'EdDSA', 'ECDH'):
log.debug("ed25519._pgpy._key.keymaterial.s=%s" % _pgpy._key.keymaterial.s)
seed = _pgpy._key.keymaterial.s.to_bytes(32, byteorder='big')
else:
raise NotImplementedError(f"getting seed from pgpy key type {_pgpy.key_type} is not implemented.")
return ed25519(seed)
except Exception as e:
log.error(f'Unable to get ed25519 from pgpy: {e}')
exit(2)
class ed25519(key):
def __init__(self, seed: bytes):
log.debug("ed25519().__init__(%s)" % seed)
super().__init__()
self.algorithm = 'ed25519'
self.cryptography = Ed25519PrivateKey.from_private_bytes(seed)
self.public_bytes = self.cryptography.public_key().public_bytes(
encoding=serialization.Encoding.Raw,
format=serialization.PublicFormat.Raw,
)
self.secret_bytes = seed + self.public_bytes
self.seed_bytes = seed
def _cleanup(self):
log.debug("ed25519()._cleanup()")
if hasattr(self, 'secret_bytes') and self.secret_bytes:
clearmem(self.secret_bytes)
log.debug("cleared: ed25519().secret_bytes")
if hasattr(self, 'seed_bytes') and self.seed_bytes:
clearmem(self.seed_bytes)
log.debug("cleared: ed25519().seed_bytes")
super()._cleanup()
def to_duniterpy(self):
log.debug("ed25519().to_duniterpy()")
try:
if not hasattr(self, 'duniterpy'):
self.duniterpy = duniterpy.key.SigningKey(self.seed_bytes)
except Exception as e:
log.error(f'Unable to get duniterpy: {e}')
exit(2)
log.debug("ed25519().duniterpy.seed: %s" % self.duniterpy.seed)
def to_proto2(self):
log.debug("ed25519().to_proto2()")
try:
## libp2p Protocol Buffer serialization
self.public_proto2 = b'\x08\x01\x12 ' + self.public_bytes
self.secret_proto2 = b'\x08\x01\x12@' + self.secret_bytes
except Exception as e:
log.error(f'Unable to get proto2: {e}')
exit(2)
log.debug("ed25519().public_proto2=%s" % self.public_proto2)
log.debug("ed25519().secret_proto2=%s" % self.secret_proto2)

819
vendors/keygen/keygen vendored
View File

@ -1,14 +1,8 @@
#!/usr/bin/env python3
# link: https://git.p2p.legal/aya/dpgpid/
# desc: generate ed25519 keys for duniter and ipfs from gpg
# desc: dpgpid builds a decentralized gpg world of trust with did over ipfs
# Copyleft 2022 Yann Autissier <aya@asycn.io>
# all crypto science belongs to Pascal Engélibert <tuxmain@zettascript.org>
# coming from files available at https://git.p2p.legal/qo-op/Astroport.ONE/tools
# gpgme stuff has been provided by Ben McGinnes
# and comes from http://files.au.adversary.org/crypto/gpgme-python-howto.html
# gpg key extraction is taken from work of Simon Vareille available at
# https://gist.github.com/SimonVareille/fda49baf5f3e15b5c88e25560aeb2822
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
@ -24,28 +18,13 @@
# along with this program. If not, see <https://www.gnu.org/licenses/>.
import argparse
import base58
import base64
import configparser
from cryptography.hazmat.primitives.asymmetric import ed25519
from cryptography.hazmat.primitives import serialization
import duniterpy.key
import gpg
from jwcrypto import jwk
import logging as log
import nacl.bindings
import nacl.encoding
import pgpy
import pynentry
from SecureBytes import clearmem
import os
import re
import struct
import sys
import time
import warnings
__version__='0.0.5'
from about import __version__
import key
class keygen:
def __init__(self):
@ -62,7 +41,7 @@ class keygen:
self.parser.add_argument(
"-f",
"--format",
choices=['ewif', 'jwk', 'nacl','pb2','pem','pubsec','seed','wif'],
choices=['ewif', 'jwk', 'nacl','p2p','pem','pubsec','seed','wif'],
default=None,
dest="format",
help="output file format, default: pem (pkcs8)",
@ -77,7 +56,7 @@ class keygen:
"-i",
"--input",
dest="input",
help="read ed25519 key from file FILE, autodetect format: {credentials,ewif,jwk,nacl,mnemonic,pb2,pubsec,seed,wif}",
help="read ed25519 key from file FILE, autodetect format: {credentials,ewif,jwk,nacl,mnemonic,p2p,pem,pubsec,seed,wif}",
metavar='FILE',
)
self.parser.add_argument(
@ -102,9 +81,9 @@ class keygen:
)
self.parser.add_argument(
"-p",
"--prefix",
action="store_true",
help="prefix output text with key type",
"--password",
dest="password",
help="user password for duniter, gpg key and file encryption",
)
self.parser.add_argument(
"-q",
@ -121,7 +100,7 @@ class keygen:
self.parser.add_argument(
"-t",
"--type",
choices=['b58mh','b64mh','base58','base64','duniter','ipfs','jwk'],
choices=['b36mf', 'b58mf', 'b58mh','b64mh','base58','base64','duniter','ipfs','jwk'],
default="base58",
dest="type",
help="output text format, default: base58",
@ -139,171 +118,16 @@ class keygen:
)
self.parser.add_argument(
'username',
nargs="?",
)
self.parser.add_argument(
'password',
nargs="?",
help="username, mnemonic or gpg key",
nargs="*",
)
def _check_args(self, args):
log.debug("keygen._check_args(%s)" % args)
if self.input is None and self.username is None:
log.debug("keygen()._check_args(%s)" % args)
if self.input is None and not len(self.username):
self.parser.error('keygen requires an input file or a username')
def _cleanup(self):
log.debug("keygen._cleanup()")
if hasattr(self, 'duniterpy'):
if hasattr(self.duniterpy, 'seed') and self.duniterpy.seed:
clearmem(self.duniterpy.seed)
log.debug("cleared: keygen.duniterpy.seed")
if hasattr(self.duniterpy, 'sk') and self.duniterpy.sk:
clearmem(self.duniterpy.sk)
log.debug("cleared: keygen.duniterpy.sk")
if hasattr(self, 'ed25519_secret_base58') and self.ed25519_secret_base58:
clearmem(self.ed25519_secret_base58)
log.debug("cleared: keygen.ed25519_secret_base58")
if hasattr(self, 'ed25519_secret_base64') and self.ed25519_secret_base64:
clearmem(self.ed25519_secret_base64)
log.debug("cleared: keygen.ed25519_secret_base64")
if hasattr(self, 'ed25519_secret_bytes') and self.ed25519_secret_bytes:
clearmem(self.ed25519_secret_bytes)
log.debug("cleared: keygen.ed25519_secret_bytes")
if hasattr(self, 'ed25519_secret_pem_pkcs8') and self.ed25519_secret_pem_pkcs8:
clearmem(self.ed25519_secret_pem_pkcs8)
log.debug("cleared: keygen.ed25515_secret_pem_pkcs8")
if hasattr(self, 'ed25519_secret_protobuf') and self.ed25519_secret_protobuf:
clearmem(self.ed25519_secret_protobuf)
log.debug("cleared: keygen.ed25515_secret_protobuf")
if hasattr(self, 'ed25519_seed_bytes') and self.ed25519_seed_bytes:
clearmem(self.ed25519_seed_bytes)
log.debug("cleared: keygen.ed25519_seed_bytes")
if hasattr(self, 'ipfs_privkey') and self.ipfs_privkey:
clearmem(self.ipfs_privkey)
log.debug("cleared: keygen.ipfs_privkey")
if hasattr(self, 'jwk'):
if hasattr(self.jwk, 'd') and self.jwk.d:
clearmem(self.jwk.d)
log.debug("cleared: keygen.jwk.d")
if hasattr(self, 'password') and self.password:
clearmem(self.password)
log.debug("cleared: keygen.password")
if hasattr(self, 'pgp_secret_armor') and self.pgp_secret_armor:
clearmem(self.pgp_secret_armor)
log.debug("cleared: keygen.pgp_secret_armor")
if hasattr(self, 'pgpy'):
if hasattr(self.pgpy._key.keymaterial, 'p') and self.pgpy._key.keymaterial.p and not isinstance(self.pgpy._key.keymaterial.p, pgpy.packet.fields.ECPoint):
clearmem(self.pgpy._key.keymaterial.p)
log.debug("cleared: keygen.pgpy._key.material.p")
if hasattr(self.pgpy._key.keymaterial, 'q') and self.pgpy._key.keymaterial.q:
clearmem(self.pgpy._key.keymaterial.q)
log.debug("cleared: keygen.pgpy._key.material.q")
if hasattr(self.pgpy._key.keymaterial, 's') and self.pgpy._key.keymaterial.s:
clearmem(self.pgpy._key.keymaterial.s)
log.debug("cleared: keygen.pgpy._key.material.s")
if hasattr(self, 'username') and self.username:
clearmem(self.username)
log.debug("cleared: keygen.username")
def _invalid_type(self):
log.debug("keygen._invalid_type()")
self.parser.error(f"type {self.type} is not valid.")
def _load_config(self):
log.debug("keygen._load_config()")
self.config = configparser.RawConfigParser()
config_dir = os.path.join(os.environ.get('XDG_CONFIG_HOME', os.path.expanduser('~/.config')), 'dpgpid')
log.debug("config_dir=%s" % config_dir)
self.config.read( [config_dir + '/keygen.conf'] )
def _output(self, public_key, secret_key, public_key_prefix, secret_key_prefix):
log.debug("keygen._output()")
if self.output is None:
self._output_text(public_key, secret_key, public_key_prefix, secret_key_prefix)
else:
self._output_file()
os.chmod(self.output, 0o600)
self._cleanup()
def _output_file(self):
log.debug("keygen._output_file()")
try:
if self.format == 'dewif':
if not hasattr(self, 'duniterpy'):
self.duniterpy_from_ed25519_seed_bytes()
if not self.password:
with pynentry.PynEntry() as p:
p.description = f"""Data in DEWIF file needs to be encrypted.
Please enter a password to encrypt seed.
"""
p.prompt = 'Passphrase:'
try:
self.password = p.get_pin()
except pynentry.PinEntryCancelled:
log.warning('Cancelled! Goodbye.')
self._cleanup()
exit(1)
self.duniterpy.save_dewif_v1_file(self.output, self.password)
elif self.format == 'ewif':
if not hasattr(self, 'duniterpy'):
self.duniterpy_from_ed25519_seed_bytes()
if not self.password:
with pynentry.PynEntry() as p:
p.description = f"""Data in EWIF file needs to be encrypted.
Please enter a password to encrypt seed.
"""
p.prompt = 'Passphrase:'
try:
self.password = p.get_pin()
except pynentry.PinEntryCancelled:
log.warning('Cancelled! Goodbye.')
self._cleanup()
exit(1)
self.duniterpy.save_ewif_file(self.output, self.password)
elif self.format == 'jwk':
if not hasattr(self, 'jwk'):
self.jwk_from_ed25519()
with open(self.output, "w") as file:
file.write(self.jwk.export())
elif self.format == 'nacl':
if not hasattr(self, 'duniterpy'):
self.duniterpy_from_ed25519_seed_bytes()
self.duniterpy.save_private_key(self.output)
elif self.format == 'pb2':
if not hasattr(self, 'ed25519_secret_protobuf'):
self.protobuf_from_ed25519()
with open(self.output, "wb") as file:
file.write(self.ed25519_secret_protobuf)
elif self.format == 'pubsec':
if not hasattr(self, 'duniterpy'):
self.duniterpy_from_ed25519_seed_bytes()
self.duniterpy.save_pubsec_file(self.output)
elif self.format == 'seed':
if not hasattr(self, 'duniterpy'):
self.duniterpy_from_ed25519_seed_bytes()
self.duniterpy.save_seedhex_file(self.output)
elif self.format == 'wif':
if not hasattr(self, 'duniterpy'):
self.duniterpy_from_ed25519_seed_bytes()
self.duniterpy.save_wif_file(self.output)
else:
if not hasattr(self, 'ed25519_secret_pem_pkcs8'):
self.pem_pkcs8_from_ed25519()
with open(self.output, "w") as file:
file.write(self.ed25519_secret_pem_pkcs8)
except Exception as e:
log.error(f'Unable to output file {self.output}: {e}')
self._cleanup()
exit(2)
def _output_text(self, public_key, secret_key, public_key_prefix, secret_key_prefix):
log.debug("keygen._output_text()")
if self.keys or not self.secret:
print("%s" % ''.join([self.prefix * public_key_prefix, public_key]))
if self.keys or self.secret:
print("%s" % ''.join([self.prefix * secret_key_prefix, secret_key]))
def _run(self, argv):
def _cli(self, argv):
args = self.parser.parse_args(argv)
vars(self).update(vars(args))
@ -324,573 +148,118 @@ class keygen:
else:
log_level='WARNING'
log.basicConfig(format=log_format, datefmt=log_datefmt, level=log_level)
log.debug("keygen.run(%s)" % argv)
log.debug("keygen()._cli(%s)" % argv)
self._check_args(args)
self._load_config()
self.gpg = gpg.Context(armor=True, offline=True)
self.gpg.set_passphrase_cb(self.gpg_passphrase_cb)
self.ed25519(args)
self.key = key.from_args(args, self.config)
method = getattr(self, f'do_{self.type}', self._invalid_type)
return method()
def b58mh_from_protobuf(self):
log.debug("keygen.b58mh_from_protobuf()")
try:
self.ed25519_public_b58mh = base58.b58encode(self.ed25519_public_protobuf).decode('ascii')
self.ed25519_secret_b58mh = base58.b58encode(self.ed25519_secret_protobuf).decode('ascii')
except Exception as e:
log.error(f'Unable to get b58mh from protobuf: {e}')
self._cleanup()
exit(2)
log.debug("keygen.ed25519_public_b58mh=%s" % self.ed25519_public_b58mh)
log.debug("keygen.ed25519_secret_b58mh=%s" % self.ed25519_secret_b58mh)
def _invalid_type(self):
log.debug("keygen()._invalid_type()")
self.parser.error(f"type {self.type} is not valid.")
def b64mh_from_protobuf(self):
log.debug("keygen.b64mh_from_protobuf()")
try:
self.ed25519_public_b64mh = base64.b64encode(self.ed25519_public_protobuf).decode('ascii')
self.ed25519_secret_b64mh = base64.b64encode(self.ed25519_secret_protobuf).decode('ascii')
except Exception as e:
log.error(f'Unable to get b64mh from protobuf: {e}')
self._cleanup()
exit(2)
log.debug("keygen.ed25519_public_b64mh=%s" % self.ed25519_public_b64mh)
log.debug("keygen.ed25519_secret_b64mh=%s" % self.ed25519_secret_b64mh)
def _load_config(self):
log.debug("keygen()._load_config()")
self.config = configparser.RawConfigParser()
config_dir = os.path.join(os.environ.get('XDG_CONFIG_HOME', os.path.expanduser('~/.config')), 'dpgpid')
log.debug("config_dir=%s" % config_dir)
self.config.read( [config_dir + '/keygen.conf'] )
def base58_from_ed25519(self):
log.debug("keygen.base58_from_ed25519()")
try:
self.ed25519_public_base58 = base58.b58encode(self.ed25519_public_bytes).decode('ascii')
self.ed25519_secret_base58 = base58.b58encode(self.ed25519_secret_bytes).decode('ascii')
except Exception as e:
log.error(f'Unable to get base58 from ed25519: {e}')
self._cleanup()
exit(2)
log.debug("keygen.ed25519_public_base58=%s" % self.ed25519_public_base58)
log.debug("keygen.ed25519_secret_base58=%s" % self.ed25519_secret_base58)
def _output(self):
log.debug("keygen()._output()")
if self.output is None:
self._output_text()
else:
self._output_file()
os.chmod(self.output, 0o600)
def base64_from_ed25519(self):
log.debug("keygen.base64_from_ed25519()")
try:
self.ed25519_public_base64 = base64.b64encode(self.ed25519_public_bytes).decode('ascii')
self.ed25519_secret_base64 = base64.b64encode(self.ed25519_secret_bytes).decode('ascii')
except Exception as e:
log.error(f'Unable to get base64 from ed25519: {e}')
self._cleanup()
exit(2)
log.debug("keygen.ed25519_public_base64=%s" % self.ed25519_public_base64)
log.debug("keygen.ed25519_secret_base64=%s" % self.ed25519_secret_base64)
def _output_file(self):
log.debug("keygen()._output_file()")
self.key.to_file(self.output, self.format, self.password)
def _output_text(self):
log.debug("keygen()._output_text()")
if self.keys or not self.secret:
print("%s" % self.public_key)
if self.keys or self.secret:
print("%s" % self.secret_key)
def do_b36mf(self):
log.debug("keygen().do_b36mf()")
self.key.to_b36mf()
self.public_key = self.key.public_b36mf
self.secret_key = self.key.secret_b36mf
self._output()
def do_b58mf(self):
log.debug("keygen().do_b58mf()")
self.key.to_b58mf()
self.public_key = self.key.public_b58mf
self.secret_key = self.key.secret_b58mf
self._output()
def do_b58mh(self):
log.debug("keygen.do_b58mh()")
self.protobuf_from_ed25519()
self.b58mh_from_protobuf()
self._output(self.ed25519_public_b58mh, self.ed25519_secret_b58mh, 'pub: ', 'sec: ')
log.debug("keygen().do_b58mh()")
self.key.to_b58mh()
self.public_key = self.key.public_b58mh
self.secret_key = self.key.secret_b58mh
self._output()
def do_b64mh(self):
log.debug("keygen.do_b64mh()")
self.protobuf_from_ed25519()
self.b64mh_from_protobuf()
self._output(self.ed25519_public_b64mh, self.ed25519_secret_b64mh, 'pub: ', 'sec: ')
log.debug("keygen().do_b64mh()")
self.key.to_b64mh()
self.public_key = self.key.public_b64mh
self.secret_key = self.key.secret_b64mh
self._output()
def do_base58(self):
log.debug("keygen.do_base58()")
self.base58_from_ed25519()
self._output(self.ed25519_public_base58, self.ed25519_secret_base58, 'pub: ', 'sec: ')
log.debug("keygen().do_base58()")
self.key.to_base58()
self.public_key = self.key.public_base58
self.secret_key = self.key.secret_base58
self._output()
def do_base64(self):
log.debug("keygen.do_base64()")
self.base64_from_ed25519()
self._output(self.ed25519_public_base64, self.ed25519_secret_base64, 'pub: ', 'sec: ')
log.debug("keygen().do_base64()")
self.key.to_base64()
self.public_key = self.key.public_base64
self.secret_key = self.key.secret_base64
self._output()
def do_duniter(self):
log.debug("keygen.do_duniter()")
log.debug("keygen().do_duniter()")
if not self.format:
self.format = 'pubsec'
self.base58_from_ed25519()
self._output(self.ed25519_public_base58, self.ed25519_secret_base58, 'pub: ', 'sec: ')
self.key.to_base58()
self.public_key = self.key.public_base58
self.secret_key = self.key.secret_base58
self._output()
def do_ipfs(self):
log.debug("keygen.do_ipfs()")
self.protobuf_from_ed25519()
self.b58mh_from_protobuf()
self.b64mh_from_protobuf()
self._output(self.ed25519_public_b58mh, self.ed25519_secret_b64mh, 'PeerID: ', 'PrivKEY: ')
log.debug("keygen().do_ipfs()")
self.key.to_b58mh()
self.key.to_b64mh()
self.public_key = self.key.public_b58mh
self.secret_key = self.key.secret_b64mh
self._output()
def do_jwk(self):
log.debug("keygen.do_jwk()")
self.jwk_from_ed25519()
self._output(self.jwk.export_public(), self.jwk.export_private(), 'pub: ', 'sec: ')
def duniterpy_from_credentials(self):
log.debug("keygen.duniterpy_from_credentials()")
try:
scrypt_params = duniterpy.key.scrypt_params.ScryptParams(
int(self.config.get('scrypt', 'n')) if self.config.has_option('scrypt', 'n') else 4096,
int(self.config.get('scrypt', 'r')) if self.config.has_option('scrypt', 'r') else 16,
int(self.config.get('scrypt', 'p')) if self.config.has_option('scrypt', 'p') else 1,
int(self.config.get('scrypt', 'sl')) if self.config.has_option('scrypt', 'sl') else 32,
)
if not self.password:
with pynentry.PynEntry() as p:
p.description = f"""Please enter the passord for username "{self.username}"."""
p.prompt = 'Passsord:'
try:
self.password = p.get_pin()
except pynentry.PinEntryCancelled:
log.warning('Cancelled! Goodbye.')
self._cleanup()
exit(1)
self.duniterpy = duniterpy.key.Sig