From 302da5a2be8d4827cf7355f794d27446ee71c3f3 Mon Sep 17 00:00:00 2001 From: Boris Date: Thu, 17 Nov 2022 16:53:45 +0100 Subject: [PATCH] Docker, Makefile, etc. --- Makefile | 2 + docker/Dockerfile | 7 +- docker/docker-compose.app.yml | 3 + lib/Fred.class.php | 49 +- lib/Jaklis.class.php | 2 + lib/Keygen.class.php | 55 +- vendors/keygen/__pycache__/about.cpython-39.pyc | Bin 0 -> 144 bytes vendors/keygen/about.py | 1 + vendors/keygen/key/__init__.py | 581 +++++++++++++++ .../keygen/key/__pycache__/__init__.cpython-38.pyc | Bin 0 -> 19571 bytes .../keygen/key/__pycache__/__init__.cpython-39.pyc | Bin 0 -> 19912 bytes .../keygen/key/__pycache__/ed25519.cpython-38.pyc | Bin 0 -> 4774 bytes .../keygen/key/__pycache__/ed25519.cpython-39.pyc | Bin 0 -> 4785 bytes vendors/keygen/key/ed25519.py | 136 ++++ vendors/keygen/keygen | 819 +++------------------ 15 files changed, 909 insertions(+), 746 deletions(-) create mode 100644 vendors/keygen/__pycache__/about.cpython-39.pyc create mode 100644 vendors/keygen/about.py create mode 100644 vendors/keygen/key/__init__.py create mode 100644 vendors/keygen/key/__pycache__/__init__.cpython-38.pyc create mode 100644 vendors/keygen/key/__pycache__/__init__.cpython-39.pyc create mode 100644 vendors/keygen/key/__pycache__/ed25519.cpython-38.pyc create mode 100644 vendors/keygen/key/__pycache__/ed25519.cpython-39.pyc create mode 100644 vendors/keygen/key/ed25519.py diff --git a/Makefile b/Makefile index d3cbe1b..9aebf8c 100644 --- a/Makefile +++ b/Makefile @@ -3,3 +3,5 @@ MYOS_REPOSITORY ?= https://github.com/aynicos/myos -include $(MYOS)/make/include.mk $(MYOS): -@git clone $(MYOS_REPOSITORY) $(MYOS) + +ENV_VARS += DOCKER_INTERNAL_DOCKER_HOST diff --git a/docker/Dockerfile b/docker/Dockerfile index 638ca50..0ecb522 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -38,14 +38,14 @@ RUN apk add --no-cache --virtual .build-deps \ python3-dev \ swig \ && mkdir -p /usr/local/src/jaklis \ - && wget -qO - https://git.p2p.legal/axiom-team/jaklis/archive/master.tar.gz \ + && wget -qO - https://github.com/aynicos/jaklis/archive/master.tar.gz \ |tar --strip-components 1 -C /usr/local/src/jaklis -xzf - \ && pip3 install -r /usr/local/src/jaklis/requirements.txt \ && ln -s /usr/local/src/jaklis/jaklis.py /usr/local/bin/jaklis \ && chmod 0755 /usr/local/bin/jaklis \ && /usr/local/bin/jaklis --help >/dev/null \ && mkdir -p /usr/local/src/dpgpid \ - && wget -qO - https://git.p2p.legal/aya/dpgpid/archive/master.tar.gz \ + && wget -qO - https://github.com/aynicos/dpgpid/archive/wip.tar.gz \ |tar --strip-components 1 -C /usr/local/src/dpgpid -xzf - \ && pip3 install -r /usr/local/src/dpgpid/requirements.txt \ && ln -s /usr/local/src/dpgpid/keygen /usr/local/bin/keygen \ @@ -93,3 +93,6 @@ RUN [ "$UID" -eq "$UID" ] 2>/dev/null \ ENV SHELL=${SHELL} WORKDIR /var/www + +RUN rm /etc/php7/conf.d/00_opcache.ini +RUN sed -i 's/^;php_flag[display_errors] = off/php_flag[display_errors] = on/' /etc/php7/php-fpm.d/www.conf diff --git a/docker/docker-compose.app.yml b/docker/docker-compose.app.yml index 3cbd62e..dc6aee3 100644 --- a/docker/docker-compose.app.yml +++ b/docker/docker-compose.app.yml @@ -12,6 +12,9 @@ services: networks: - private - public + extra_hosts: + - astroport.localhost:${DOCKER_INTERNAL_DOCKER_HOST} + networks: private: diff --git a/lib/Fred.class.php b/lib/Fred.class.php index ccbf7d8..b5ef70a 100644 --- a/lib/Fred.class.php +++ b/lib/Fred.class.php @@ -5,15 +5,23 @@ class Fred { private $gatewayProtocol = 'http'; private $gatewayDomain = 'libra.copylaradio.com'; + // private $gatewayDomain = 'aries.copylaradio.com'; + // private $gatewayDomain = 'astroport.localhost'; private $gatewayPort = '1234'; private $gatewayDelay = 3; + private $gatewayMaxRounds = 1; + public function __construct () { } + public function donneMoiLAdresseIPDuServeurQuiHebergeMonTiddlyWiki ($salt, $pepper) { + + } + public function donneMoiLaPutainDeClefIPNS ($prenomNom, $nomDuChienSuivieDeLaDateDeNaissanceDeJohnnyHallyday) { $salt = $prenomNom; @@ -31,12 +39,37 @@ class Fred { preg_match("`url='([^']+)'`isU", $page1, $matches); $url = $matches[1]; + + $opts2 = array( + 'http'=>array( + 'method'=>"GET", + 'header'=>"Accept-language: fr\r\n", + 'follow_location' => 0 + ) + ); + + $context2 = stream_context_create($opts2); + + $page2 = false; + $rounds = 0; + + while (($page2 === false) and $rounds < $this->gatewayMaxRounds) { + + sleep($this->gatewayDelay); + // echo "\n\n\nround n°" . $rounds . "\n"; + + $page2 = @file_get_contents($url, false, $context2); + + // echo '
'. print_r(htmlspecialchars($page2), true) . '
'; + + $rounds++; + } - sleep($this->gatewayDelay); + if ($page2 === false) { - $page2 = file_get_contents($url); - - if (empty($page2)) { + throw new Exception("J'ai pas pû me connecter à ". $url ." pour récupérer la putain de deuxième page."); + + } else if (empty($page2)) { throw new Exception("J'ai pas pû récupérer la putain de deuxième page."); } @@ -78,10 +111,12 @@ class Fred { $page2 = ''; $rounds = 0; - while (empty($page2) and $rounds < 10) { + while (empty($page2) and $rounds < $this->gatewayMaxRounds) { sleep($this->gatewayDelay); $page2 = file_get_contents($url); + + $rounds++; } if (empty($page2)) { @@ -154,11 +189,13 @@ class Fred { $rounds = 0; - while (empty($page2) and $rounds < 10) { + while (empty($page2) and $rounds < $this->gatewayMaxRounds) { sleep($this->gatewayDelay); $page2 = file_get_contents($url, false, $context2); + + $rounds++; } if (empty($page2)) { diff --git a/lib/Jaklis.class.php b/lib/Jaklis.class.php index 3bbd6e1..1ca6bd9 100644 --- a/lib/Jaklis.class.php +++ b/lib/Jaklis.class.php @@ -7,6 +7,8 @@ class Jaklis { private $mode; private $jaklisPath = __DIR__ . '/../vendors/jaklis/jaklis'; + + // private $jaklisPath = 'jaklis'; // if you use Docker private $nodes = [ diff --git a/lib/Keygen.class.php b/lib/Keygen.class.php index 441381a..36d217f 100644 --- a/lib/Keygen.class.php +++ b/lib/Keygen.class.php @@ -3,6 +3,8 @@ class Keygen { private $keygenPath = __DIR__ . '/../vendors/keygen/keygen'; + + // private $keygenPath = 'keygen'; // if you use Docker private $pubsecDir = __DIR__ .'/../cache/pubsec/'; @@ -21,7 +23,7 @@ class Keygen { $cmd .= ' -f pubsec'; $cmd .= ' -t duniter'; $cmd .= ' "'. $salt .'"'; - $cmd .= ' "'. $pepper .'"'; + $cmd .= ' -p "'. $pepper .'"'; $output=null; $result_code=null; @@ -37,6 +39,30 @@ class Keygen { return $output[0]; } + public function getIPNSPub ($salt, $pepper) { + + $salt = str_replace('"', '\"', $salt); + $pepper = str_replace('"', '\"', $pepper); + + $cmd = $this->keygenPath; + $cmd .= ' -t b36mf'; + $cmd .= ' "'. $salt .'"'; + $cmd .= ' -p "'. $pepper .'"'; + + $output=null; + $result_code=null; + exec($cmd, $output, $result_code); + + // die($cmd . '
'. print_r($output, true) . '
'. print_r($result_code, true)); + + if (empty($output) or empty($output[0])) { + + throw new Exception('Keygen me calcule pas (la pub IPNS) :
' . $cmd . '
'); + } + + return $output[0]; + } + public function generatePubsec ($salt, $pepper) { $salt = str_replace('"', '\"', $salt); @@ -50,22 +76,25 @@ class Keygen { } - $cmd = $this->keygenPath; - $cmd .= ' -f pubsec'; - $cmd .= ' -t duniter'; - $cmd .= ' "'. $salt .'"'; - $cmd .= ' "'. $pepper .'"'; - $cmd .= ' -o '. $this->pubsecDir . $userPubkey . '.dunikey'; + if (!file_exists($this->pubsecDir . $userPubkey . '.dunikey')) { - $output=null; - $result_code=null; - exec($cmd, $output, $result_code); + $cmd = $this->keygenPath; + $cmd .= ' -f pubsec'; + $cmd .= ' -t duniter'; + $cmd .= ' "'. $salt .'"'; + $cmd .= ' -p "'. $pepper .'"'; + $cmd .= ' -o '. $this->pubsecDir . $userPubkey . '.dunikey'; - // die($cmd . '
'. print_r($result_code, true)); + $output=null; + $result_code=null; + exec($cmd, $output, $result_code); - if ($result_code != 0) { + // die($cmd . '
'. print_r($result_code, true)); - throw new Exception('Keygen me calcule pas (la dunikey)'); + if ($result_code != 0) { + + throw new Exception('Keygen me calcule pas (la dunikey)'); + } } } } diff --git a/vendors/keygen/__pycache__/about.cpython-39.pyc b/vendors/keygen/__pycache__/about.cpython-39.pyc new file mode 100644 index 0000000000000000000000000000000000000000..af2ae689f317aa0c5b636cade054f25b9eb91c37 GIT binary patch literal 144 zcmYe~<>g`kf+uce$s$1dF^Gc<7=auIATH(r5-AK(3@MDk44O<;tOk09dIo-)jJLSs z8W}8iAnjTC3*#w Uw>WHa^HWN5Qtd#td + +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. + +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +from cryptography.hazmat.primitives import serialization +from jwcrypto.jwk import JWK +from SecureBytes import clearmem +import base36 +import base58 +import base64 +import duniterpy.key +import gpg +import logging as log +import pgpy +import pynentry +import re +import warnings + +def from_args(args, config): + log.debug("key.from_args(%s, %s)" % (args, config)) + from key import ed25519 + if args.gpg: + _gpg = gpg.Context(armor=True, offline=True) + return from_gpg(_gpg, args.username[0], args.password) + else: + scrypt_params = duniterpy.key.scrypt_params.ScryptParams( + int(config.get('scrypt', 'n')) if config and config.has_option('scrypt', 'n') else 4096, + int(config.get('scrypt', 'r')) if config and config.has_option('scrypt', 'r') else 16, + int(config.get('scrypt', 'p')) if config and config.has_option('scrypt', 'p') else 1, + int(config.get('scrypt', 'sl')) if config and config.has_option('scrypt', 'sl') else 32, + ) + if args.input: + return from_file(args.input, args.password, scrypt_params) + else: + if args.mnemonic: + return from_mnemonic(' '.join(args.username), scrypt_params) + else: + return from_credentials(args.username[0], args.password, scrypt_params) + +def from_credentials(username, password=None, scrypt_params=None): + log.debug("key.from_credentials(%s, %s, %s)" % (username, password, scrypt_params)) + try: + if not password: + with pynentry.PynEntry() as p: + p.description = f"""Please enter the passord for username "{username}".""" + p.prompt = 'Passsord:' + try: + password = p.get_pin() + except pynentry.PinEntryCancelled: + log.warning('Cancelled! Goodbye.') + exit(1) + return from_duniterpy(duniterpy.key.SigningKey.from_credentials( + username, + password, + scrypt_params + )) + except Exception as e: + log.error(f'Unable to get key from credentials: {e}') + exit(2) + +def from_duniterpy(duniterpy): + log.debug("key.from_duniterpy(%s)" % duniterpy) + key = ed25519.from_duniterpy(duniterpy) + key.duniterpy = duniterpy + return key + +def from_file(input_file, password=None, scrypt_params=None): + log.debug("key.from_file(%s, %s, %s)" % (input_file, password, scrypt_params)) + try: + with open(input_file, 'r') as file: + lines = file.readlines() + if len(lines) > 0: + line = lines[0].strip() + regex_ewif = re.compile('^Type: EWIF$') + regex_jwk = re.compile('^\\s*{\\s*"crv":\\s*"Ed25519",\\s*"d":\\s*"(.)+",\\s*"kty":\\s*"OKP",\\s*"x":\\s*"(.)+"\\s*}') + regex_nacl = re.compile('^\\s*{\\s*"priv":\\s*"[0-9a-fA-F]+",\\s*"verify":\\s*"[0-9a-fA-F]+",\\s*"sign":\\s*"[0-9a-fA-F]+"\\s*}') + regex_pem = re.compile('^-----BEGIN PRIVATE KEY-----$') + regex_pubsec = re.compile('^Type: PubSec$') + regex_seed = re.compile('^[0-9a-fA-F]{64}$') + regex_ssb = re.compile('\\s*{\\s*"curve":\\s*"ed25519",\\s*"public":\\s*"(.+)\\.ed25519",\\s*"private":\\s*"(.+)\\.ed25519",\\s*"id":\\s*"@(.+).ed25519"\\s*}') + regex_wif = re.compile('^Type: WIF$') + if re.search(regex_ewif, line): + log.info("input file format detected: ewif") + if not password: + with pynentry.PynEntry() as p: + p.description = f"""Data in EWIF file is encrypted. + Please enter a password to decrypt seed. + """ + p.prompt = 'Passphrase:' + try: + password = p.get_pin() + except pynentry.PinEntryCancelled: + log.warning('Cancelled! Goodbye.') + exit(1) + return from_duniterpy(duniterpy.key.SigningKey.from_ewif_file(input_file, password)) + elif re.search(regex_jwk, line): + log.info("input file format detected: jwk") + return from_jwk(JWK.from_json(line)) + elif re.search(regex_nacl, line): + log.info("input file format detected: nacl") + return from_duniterpy(duniterpy.key.SigningKey.from_private_key(input_file)) + elif re.search(regex_pem, line): + log.info("input file format detected: pem") + return from_pem(''.join(lines).encode()) + elif re.search(regex_pubsec, line): + log.info("input file format detected: pubsec") + return from_duniterpy(duniterpy.key.SigningKey.from_pubsec_file(input_file)) + elif re.search(regex_seed, line): + log.info("input file format detected: seed") + return from_duniterpy(duniterpy.key.SigningKey.from_seedhex_file(input_file)) + elif re.search(regex_ssb, line): + log.info("input file format detected: ssb") + return from_duniterpy(duniterpy.key.SigningKey.from_ssb_file(input_file)) + elif re.search(regex_wif, line): + log.info("input file format detected: wif") + return from_duniterpy(duniterpy.key.SigningKey.from_wif_file(input_file)) + elif len(line.split(' ')) == 12: + log.info("input file format detected: mnemonic") + return from_mnemonic(line, scrypt_params) + elif len(lines) > 1: + log.info("input file format detected: credentials") + return from_credentials(line, lines[1].strip(), scrypt_params) + else: + raise NotImplementedError('unknown input file format.') + else: + raise IOError('empty file.') + except UnicodeDecodeError as e: + try: + with open(input_file, 'rb') as file: + lines = file.readlines() + if len(lines) > 0: + line = lines[0].strip() + regex_dewif = re.compile(b'^\x00\x00\x00\x01\x00\x00\x00\x01') + regex_p2p = re.compile(b'^\x08\x01\x12@') + if re.search(regex_dewif, line): + log.info("input file format detected: dewif") + if not password: + with pynentry.PynEntry() as p: + p.description = f"""Data in DEWIF file is encrypted. + Please enter a password to decrypt seed. + """ + p.prompt = 'Passphrase:' + try: + password = p.get_pin() + except pynentry.PinEntryCancelled: + log.warning('Cancelled! Goodbye.') + exit(1) + return from_duniterpy(duniterpy.key.SigningKey.from_dewif_file(input_file, password)) + if re.search(regex_p2p, line): + log.info("input file format detected: p2p") + return from_libp2p(line) + else: + raise NotImplementedError('unknown input file format.') + else: + raise IOError('empty file.') + except Exception as e: + log.error(f'Unable to get key from input file {input_file}: {e}') + exit(2) + except Exception as e: + log.error(f'Unable to get key from input file {input_file}: {e}') + exit(2) + +def from_gpg(_gpg, username, password=None): + log.debug("key.from_gpg(%s, %s, %s)" % (_gpg, username, password)) + try: + secret_keys = list(_gpg.keylist(pattern=username, secret=True)) + log.debug("key.secret_keys=%s" % secret_keys) + if not secret_keys: + log.warning(f"""Unable to find any key matching "{username}".""") + exit(1) + else: + _gpg.secret_key = secret_keys[0] + log.info(f"""Found key id "{_gpg.secret_key.fpr}" matching "{username}".""") + log.debug("key._gpg.secret_key.expired=%s" % _gpg.secret_key.expired) + log.debug("key._gpg.secret_key.fpr=%s" % _gpg.secret_key.fpr) + log.debug("key._gpg.secret_key.revoked=%s" % _gpg.secret_key.revoked) + log.debug("key._gpg.secret_key.uids=%s" % _gpg.secret_key.uids) + log.debug("key._gpg.secret_key.owner_trust=%s" % _gpg.secret_key.owner_trust) + log.debug("key._gpg.secret_key.last_update=%s" % _gpg.secret_key.last_update) + if password: + gpg_passphrase_cb = gpg_passphrase(password).cb + _gpg.set_passphrase_cb(gpg_passphrase_cb) + _gpg.set_pinentry_mode(gpg.constants.PINENTRY_MODE_LOOPBACK) + _gpg.public_armor = _gpg.key_export(_gpg.secret_key.fpr) + _gpg.secret_armor = _gpg.key_export_secret(_gpg.secret_key.fpr) + if not _gpg.secret_armor: + log.error(f"""Unable to export gpg secret key id "{_gpg.secret_key.fpr}" for username "{username}". Please check your password!""") + exit(2) + with warnings.catch_warnings(): + # remove CryptographyDeprecationWarning about deprecated + # SymmetricKeyAlgorithm IDEA, CAST5 and Blowfish (PGPy v0.5.4) + warnings.simplefilter('ignore') + _pgpy, _ = pgpy.PGPKey.from_blob(_gpg.secret_armor) + key = from_pgpy(_pgpy, password) + key.gpg = _gpg + return key + except Exception as e: + log.error(f'Unable to get key from gpg: {e}') + exit(2) + +def from_jwk(jwk): + log.debug("key.from_jwk(%s)" % jwk) + key = ed25519.from_jwk(jwk) + key.jwk = jwk + return key + +def from_libp2p(libp2p): + log.debug("key.from_libp2p(%s)" % libp2p) + return ed25519.from_libp2p(libp2p) + +def from_mnemonic(mnemonic, scrypt_params=None): + log.debug("key.from_mnemonic(%s, %s)" % (mnemonic, scrypt_params)) + try: + return from_duniterpy(duniterpy.key.SigningKey.from_dubp_mnemonic( + mnemonic, + scrypt_params + )) + except Exception as e: + log.error(f'Unable to get key from mnemonic: {e}') + exit(2) + +def from_pem(pem): + log.debug("key.from_pem(%s)" % pem) + return ed25519.from_pem(pem) + +def from_pgpy(_pgpy, password=None): + log.debug("key.from_pgpy(%s, %s)" % (_pgpy, password)) + try: + log.debug("key._pgpy.fingerprint.keyid=%s" % _pgpy.fingerprint.keyid) + log.debug("key._pgpy.is_protected=%s" % _pgpy.is_protected) + _pgpy.key_type = pgpy_key_type(_pgpy) + if _pgpy.is_protected: + if not password: + with pynentry.PynEntry() as p: + p.description = f"""The exported pgp key id "{_pgpy.fingerprint.keyid}" is password protected. + Please enter the passphrase again to unlock it. + """ + p.prompt = 'Passphrase:' + try: + password = p.get_pin() + except pynentry.PinEntryCancelled: + log.warning('Cancelled! Goodbye.') + exit(1) + try: + with warnings.catch_warnings(): + # remove CryptographyDeprecationWarning about deprecated + # SymmetricKeyAlgorithm IDEA, CAST5 and Blowfish (PGPy v0.5.4) + warnings.simplefilter('ignore') + with _pgpy.unlock(password): + assert _pgpy.is_unlocked + log.debug("key._pgpy.is_unlocked=%s" % _pgpy.is_unlocked) + key = ed25519.from_pgpy(_pgpy) + except Exception as e: + log.error(f"""Unable to unlock pgp secret key id "{pgpy.fingerprint.keyid}": {e}""") + exit(2) + else: + key = ed25519.from_pgpy(_pgpy) + key.pgpy = _pgpy + return key + except Exception as e: + log.error(f'Unable to get key from pgpy: {e}') + exit(2) + +def pgpy_key_type(_pgpy): + log.debug("key.pgpy_key_type(%s)" % _pgpy) + if isinstance(_pgpy._key.keymaterial, pgpy.packet.fields.RSAPriv): + key_type = 'RSA' + elif isinstance(_pgpy._key.keymaterial, pgpy.packet.fields.DSAPriv): + key_type = 'DSA' + elif isinstance(_pgpy._key.keymaterial, pgpy.packet.fields.ElGPriv): + key_type = 'ElGamal' + elif isinstance(_pgpy._key.keymaterial, pgpy.packet.fields.ECDSAPriv): + key_type = 'ECDSA' + elif isinstance(_pgpy._key.keymaterial, pgpy.packet.fields.EdDSAPriv): + key_type = 'EdDSA' + elif isinstance(_pgpy._key.keymaterial, pgpy.packet.fields.ECDHPriv): + key_type = 'ECDH' + else: + key_type = 'undefined' + log.debug("key.pgpy_key_type().key_type=%s" % key_type) + return key_type + +class gpg_passphrase(): + def __init__(self, password): + log.debug("gpg_passphrase().__init__(%s)" % password) + self.password = password + + def cb(self, uid_hint, passphrase_info, prev_was_bad): + log.debug("gpg_passphrase().cb(%s, %s, %s)" % (uid_hint, passphrase_info, prev_was_bad)) + return self.password + +class key(): + def __init__(self): + log.debug("key().__init__()") + self.algorithm = 'undefined' + self.cryptography = None + + def __del__(self): + log.debug("key().__del__()") + self._cleanup() + + def _cleanup(self): + log.debug("key()._cleanup()") + if hasattr(self, 'duniterpy'): + if hasattr(self.duniterpy, 'seed') and self.duniterpy.seed: + clearmem(self.duniterpy.seed) + log.debug("cleared: key().duniterpy.seed") + if hasattr(self.duniterpy, 'sk') and self.duniterpy.sk: + clearmem(self.duniterpy.sk) + log.debug("cleared: key().duniterpy.sk") + if hasattr(self, 'gpg'): + if hasattr(self.gpg, 'secret_armor') and self.gpg.secret_armor: + clearmem(self.gpg.secret_armor) + log.debug("cleared: key().gpg.secret_armor") + if hasattr(self, 'jwk'): + if hasattr(self, 'secret_jwk') and self.secret_jwk: + clearmem(self.secret_jwk) + log.debug("cleared: key().secret_jwk") + if hasattr(self.jwk, 'd') and self.jwk.d: + clearmem(self.jwk.d) + log.debug("cleared: key().jwk.d") + if hasattr(self, 'pgpy'): + if hasattr(self.pgpy._key.keymaterial, 'p') and self.pgpy._key.keymaterial.p and not isinstance(self.pgpy._key.keymaterial.p, pgpy.packet.fields.ECPoint): + clearmem(self.pgpy._key.keymaterial.p) + log.debug("cleared: key().pgpy._key.material.p") + if hasattr(self.pgpy._key.keymaterial, 'q') and self.pgpy._key.keymaterial.q: + clearmem(self.pgpy._key.keymaterial.q) + log.debug("cleared: key().pgpy._key.material.q") + if hasattr(self.pgpy._key.keymaterial, 's') and self.pgpy._key.keymaterial.s: + clearmem(self.pgpy._key.keymaterial.s) + log.debug("cleared: key().pgpy._key.material.s") + if hasattr(self, 'secret_b36mf') and self.secret_b36mf: + clearmem(self.secret_b36mf) + log.debug("cleared: key().secret_b36mf") + if hasattr(self, 'secret_b58mf') and self.secret_b58mf: + clearmem(self.secret_b58mf) + log.debug("cleared: key().secret_b58mf") + if hasattr(self, 'secret_b58mh') and self.secret_b58mh: + clearmem(self.secret_b58mh) + log.debug("cleared: key().secret_b58mh") + if hasattr(self, 'secret_b64mh') and self.secret_b64mh: + clearmem(self.secret_b64mh) + log.debug("cleared: key().secret_b64mh") + if hasattr(self, 'secret_base58') and self.secret_base58: + clearmem(self.secret_base58) + log.debug("cleared: key().secret_base58") + if hasattr(self, 'secret_base64') and self.secret_base64: + clearmem(self.secret_base64) + log.debug("cleared: key().secret_base64") + if hasattr(self, 'secret_cidv1') and self.secret_cidv1: + clearmem(self.secret_cidv1) + log.debug("cleared: key().secret_cidv1") + if hasattr(self, 'secret_libp2p') and self.secret_libp2p: + clearmem(self.secret_libp2p) + log.debug("cleared: key().secret_libp2p") + if hasattr(self, 'secret_pem_pkcs8') and self.secret_pem_pkcs8: + clearmem(self.secret_pem_pkcs8) + log.debug("cleared: key().secret_pem_pkcs8") + if hasattr(self, 'secret_proto2') and self.secret_proto2: + clearmem(self.secret_proto2) + log.debug("cleared: key().secret_proto2") + + def to_b36mf(self): + log.debug("key().to_b36mf()") + if not hasattr(self, 'public_cidv1') or not hasattr(self, 'secret_cidv1'): + self.to_cidv1() + try: + self.public_b36mf = 'k' + base36.dumps(int.from_bytes(self.public_cidv1, byteorder='big')) + self.secret_b36mf = 'k' + base36.dumps(int.from_bytes(self.secret_cidv1, byteorder='big')) + except Exception as e: + log.error(f'Unable to get b36mf from cidv1: {e}') + exit(2) + log.debug("key().public_b36mf=%s" % self.public_b36mf) + log.debug("key().secret_b36mf=%s" % self.secret_b36mf) + + def to_b58mf(self): + log.debug("key().to_b58mf()") + if not hasattr(self, 'public_cidv1') or not hasattr(self, 'secret_cidv1'): + self.to_cidv1() + try: + self.public_b58mf = 'z' + base58.b58encode(self.public_cidv1).decode('ascii') + self.secret_b58mf = 'z' + base58.b58encode(self.secret_cidv1).decode('ascii') + except Exception as e: + log.error(f'Unable to get b58mf from cidv1: {e}') + exit(2) + log.debug("key().public_b58mf=%s" % self.public_b58mf) + log.debug("key().secret_b58mf=%s" % self.secret_b58mf) + + def to_b58mh(self): + log.debug("key().to_b58mh()") + if not hasattr(self, 'public_libp2p') or not hasattr(self, 'secret_libp2p'): + self.to_libp2p() + try: + self.public_b58mh = base58.b58encode(self.public_libp2p).decode('ascii') + self.secret_b58mh = base58.b58encode(self.secret_libp2p).decode('ascii') + except Exception as e: + log.error(f'Unable to get b58mh from libp2p: {e}') + exit(2) + log.debug("key().public_b58mh=%s" % self.public_b58mh) + log.debug("key().secret_b58mh=%s" % self.secret_b58mh) + + def to_b64mh(self): + log.debug("key().to_b64mh()") + if not hasattr(self, 'public_libp2p') or not hasattr(self, 'secret_libp2p'): + self.to_libp2p() + try: + self.public_b64mh = base64.b64encode(self.public_libp2p).decode('ascii') + self.secret_b64mh = base64.b64encode(self.secret_libp2p).decode('ascii') + except Exception as e: + log.error(f'Unable to get b64mh from libp2p: {e}') + exit(2) + log.debug("key().public_b64mh=%s" % self.public_b64mh) + log.debug("key().secret_b64mh=%s" % self.secret_b64mh) + + def to_base58(self): + log.debug("key().to_base58()") + try: + self.public_base58 = base58.b58encode(self.public_bytes).decode('ascii') + self.secret_base58 = base58.b58encode(self.secret_bytes).decode('ascii') + except Exception as e: + log.error(f'Unable to get base58: {e}') + exit(2) + log.debug("key().public_base58=%s" % self.public_base58) + log.debug("key().secret_base58=%s" % self.secret_base58) + + def to_base64(self): + log.debug("key().to_base64()") + try: + self.public_base64 = base64.b64encode(self.public_bytes).decode('ascii') + self.secret_base64 = base64.b64encode(self.secret_bytes).decode('ascii') + except Exception as e: + log.error(f'Unable to get base64: {e}') + exit(2) + log.debug("key().public_base64=%s" % self.public_base64) + log.debug("key().secret_base64=%s" % self.secret_base64) + + def to_cidv1(self): + log.debug("key().to_cidv1()") + if not hasattr(self, 'public_libp2p') or not hasattr(self, 'secret_libp2p'): + self.to_libp2p() + try: + # \x01: multicodec cid prefix = CIDv1 + # \x72: multicodec content prefix = libp2p-key + self.public_cidv1 = b'\x01\x72' + self.public_libp2p + self.secret_cidv1 = b'\x01\x72' + self.secret_libp2p + except Exception as e: + log.error(f'Unable to get cidv1: {e}') + exit(2) + log.debug("key().public_cidv1=%s" % self.public_cidv1) + log.debug("key().secret_cidv1=%s" % self.secret_cidv1) + + def to_duniterpy(self): + log.debug("key().to_duniterpy()") + raise NotImplementedError(f"key().to_duniterpy() is not implemented for algorithm {self.algorithm}") + + def to_file(self, output_file, file_format=None, password=None): + log.debug("key().to_file(%s, %s, %s)" % (output_file, file_format, password)) + try: + if file_format == 'dewif': + if not hasattr(self, 'duniterpy'): + self.to_duniterpy() + if not password: + with pynentry.PynEntry() as p: + p.description = f"""Data in DEWIF file needs to be encrypted. + Please enter a password to encrypt seed. + """ + p.prompt = 'Passphrase:' + try: + password = p.get_pin() + except pynentry.PinEntryCancelled: + log.warning('Cancelled! Goodbye.') + exit(1) + self.duniterpy.save_dewif_v1_file(output_file, password) + elif file_format == 'ewif': + if not hasattr(self, 'duniterpy'): + self.to_duniterpy() + if not password: + with pynentry.PynEntry() as p: + p.description = f"""Data in EWIF file needs to be encrypted. + Please enter a password to encrypt seed. + """ + p.prompt = 'Passphrase:' + try: + password = p.get_pin() + except pynentry.PinEntryCancelled: + log.warning('Cancelled! Goodbye.') + exit(1) + self.duniterpy.save_ewif_file(output_file, password) + elif file_format == 'jwk': + if not hasattr(self, 'jwk'): + self.to_jwk() + with open(output_file, "w") as file: + file.write(self.jwk.export()) + elif file_format == 'nacl': + if not hasattr(self, 'duniterpy'): + self.to_duniterpy() + self.duniterpy.save_private_key(output_file) + elif file_format == 'p2p': + if not hasattr(self, 'secret_libp2p'): + self.to_libp2p() + with open(output_file, "wb") as file: + file.write(self.secret_libp2p) + elif file_format == 'pubsec': + if not hasattr(self, 'duniterpy'): + self.to_duniterpy() + self.duniterpy.save_pubsec_file(output_file) + elif file_format == 'seed': + if not hasattr(self, 'duniterpy'): + self.to_duniterpy() + self.duniterpy.save_seedhex_file(output_file) + elif file_format == 'wif': + if not hasattr(self, 'duniterpy'): + self.to_duniterpy() + self.duniterpy.save_wif_file(output_file) + else: + if not hasattr(self, 'secret_pem_pkcs8'): + self.to_pem_pkcs8() + with open(output_file, "w") as file: + file.write(self.secret_pem_pkcs8) + except Exception as e: + log.error(f'Unable to write key to output file {output_file}: {e}') + exit(2) + + def to_jwk(self): + log.debug("key().to_jwk()") + try: + if not hasattr(self, 'jwk'): + self.jwk = JWK.from_pyca(self.cryptography) + self.public_jwk = self.jwk.export_public() + self.secret_jwk = self.jwk.export_private() + except Exception as e: + log.error(f'Unable to get jwk: {e}') + exit(2) + + def to_libp2p(self): + log.debug("key().to_libp2p()") + try: + if not hasattr(self, 'public_proto2') or not hasattr(self, 'secret_proto2'): + self.to_proto2() + # \x00: multihash prefix = raw id + # \x24: multihash length = 36 bytes + self.public_libp2p = b'\x00$' + self.public_proto2 + self.secret_libp2p = self.secret_proto2 + except Exception as e: + log.error(f'Unable to get libp2p: {e}') + exit(2) + log.debug("key().public_libp2p=%s" % self.public_libp2p) + log.debug("key().secret_libp2p=%s" % self.secret_libp2p) + + def to_pem_pkcs8(self): + log.debug("key().to_pem_pkcs8()") + try: + self.secret_pem_pkcs8 = self.cryptography.private_bytes( + encoding=serialization.Encoding.PEM, + format=serialization.PrivateFormat.PKCS8, + encryption_algorithm=serialization.NoEncryption() + ).decode('ascii') + except Exception as e: + log.error(f'Unable to get pem pkcs8: {e}') + exit(2) + log.debug("key().secret_pem_pkcs8=%s" % self.secret_pem_pkcs8) + + def to_proto2(self): + log.debug("key().to_proto2()") + raise NotImplementedError(f"key().to_proto2() is not implemented for algorithm {self.algorithm}") + diff --git a/vendors/keygen/key/__pycache__/__init__.cpython-38.pyc b/vendors/keygen/key/__pycache__/__init__.cpython-38.pyc new file mode 100644 index 0000000000000000000000000000000000000000..14c4b890509ce094710935461d61696b74abd559 GIT binary patch literal 19571 zcmds9Z)_aLb-&%)`+q$C5k-*{C7mc**2y;gPf{JVNo`BAV>_W)Oa8ZUd^z4M$vYkI z&a+EN+#FrUGLoXOW3@<&wu#eI5)^O|q^;2pY0wWv(GNjB^h*OYSQJ6f1_d0TKnfK7 zU?f3*@6GPs-tkDuLC_B&d2_QfZ)V=ido%CPyydeaBiR^!J~(%!dY~SQ{Rcfnf8uy} z7$5t8k%*Yk8nF${)HKTL4SgeS#yKBv7#j&Q!Fi*RG?S<|8Ywfy-)S?=-x)K@-#IhK z-+6O{zYAu8zemkc{vI>O_H4^;eE_KR?@r?+mf|PqvlqeTC0hI_><2+g|BqAVO8XYwXsyy z3Do~d;G0(W96t8E7K=Htt|qijtfQ^!Q?Z-0in@r?DsJmqtP`sn@-fG#Cxn6D#9R7y z+(~xgC{GD}hU(MT;}>I2rmoks-CReL&5qX1i=;^1)Me8d!Bas!UDukrNCV=A50L@H zjSvD)43P!Idp<-C5buQ$cw&e=AinQIi~!>MAq1WnqHxpLHh|lx{HZfW--Kt!AWV@P zzoE&jGa*L1`|y;ysi8*4946^0n3aMSF|762lDq%1wY9h^TN~wyT(eKyVc%W6!!Ajz zAJHIXi3d)fzW*baO1hcAqPL`(YOSs|YE8>b+EuyLc08?Fi;cx%o+jVN7rxu?Q)^GR z8}Ap9`9Ld{_IvS0Yt2gtYh`oIi(^bl^z!0s?KLxXuGMs`YmS#@JW%ANH$nVnWyA8) z?TT$*ZAsx}#AdVRShBqZ*5IMb?TV~y*k=ABKQ8l=mtC*eVu6W;d zJDPpX(Yx`RvA37E<3jJmz8n+rcjBFR89M-J!p(Q$-Q>;Kw)T9idBTV}dOdYHD;rvj ze$i`MBxoNw8Iin>?-yfD{e{@`vD2~Ni9Hj0A?9SATs>bO=@w|$b@ZF@>*(oX3_Xpa zpYLk1Z9|K>bLeSIq&mizWAEsGe`)HEdJ=$n)p)`0o4GWz2Ms5CAM_>!YYz_43QAR)KB^zv5o0_SqV z0>{=APbR?=8`w7~^jdC%)5e!;3NA#&OI@wVX05sA8P>I$;}w_}L;jchX*Aw!*^9L` z0(=TP>Ie;=xp1v&seuxflr33G$bAGpNeS_(%n+PrF}JE@fr_d5Z{TAeM-tN}HC;2b zEch^qTwWVPei|R0et(`$jG=_vRB5*dKeQYMKI#-kCg4TIg~WdyoWn2c>aFX4W zFfhv`=dfqCQ=Cg8m*yPK=IspU(#T~wmq9Maxh!&d&gGCBK`z}%b`m#robUGm%Z$j= zzUgQ;G`rwHI$=*gxm^$=okBS;3P?w=mkZs3zn4#92WIQogJ=)g=kMk*G0MAdT#OCf z%@fYP`ec27cZzm1$)D$Ay1&=Ij=c)GLU^ToyaeMl&OIJ*rn@sJ*LG=>_S<}g+e~nq zV6<7{k6qej{C3~xcKf*9K{45#>lin+?xCBpUD{>2oi6j-Zhzl+hxZsS=eIl0?WX$L z9oeH@-f!38b_e>}758X2;{|6{xpjv_bC95=?RWXMMu?|H%- zJHfE0BRk>PEq8(;^B;OAoEW|nlGqI|#=iDde@Be__+4ZC7I@JhtFI^YTmf$CwYKVh?tI0m0F23{0BbfBD^{{C zv6wCH@zbY9oY-_`qj(so|9`< zsttF~F51?H7jx(L8U<9ct?J$b(FFG%$hKGZ1^^u-=_c>zk+=(cVHDUc?wxxS`|Tdu?0zhVO z?$jLTPKlY7dNQPTYP0C2+%aG&m)a@5EW1Nr)7wGtJ|jxJZ*ruABr^N@UPmvYrMcTxtxj z+!EAhj_WeMxk)8?1sy3F;gW2m1P%-In2VHZcZpO=1~1`7p6!Z#==Ybc49l(Q^%d6QvSD7P+L>wiB8IQ#vEls z@P|f+bM6h1&(EciFliUc1t=%Oa`hFtzd7`WAg*sIx0 zajUf{L$&KDiz_b)&9)^icdobUeJ(8wb+%ZVj|#O$&34QbCP$f`H1e`NLdr)$Av2Cu zG*kXkn<;D3i;+$N7$SXK^;AXdqbR^EV|kmEFJ z20mEZsWctioLYWj>B7>bXI?CS^6B#z%Aa`p>E%ZsIro&A1@dLJmS$cl*YI(Z3wyj* zQ&!XQ^8U0KfJKa#_I+@+SEv$Kmc!?~T_d3eQ3F2r47hf;%;fUp%THNbzUWYJi&0WZ--T2h1)+3Y$3uWq??TF*a&#wN$0bxZ*>f$h!<-!N zD>$Lyu49LJ8V-9sJfSlJuJzDiuD=R5ymH3#32j8p^1wXskLgnM=D7W%|=#a zm<~FjRJF~Ob~$L;Q_xs-Eyd*==B>QW!?>3;#ec`gCbpxC4;{P+_wp~&2D_K3{+Fk7 zj|ZXH4JYz>3_v%Fqzw;Hn5zB@pB{y&q>sXV7cbxJ(|>|1M>xKoW4eddm$r3iO57TnK>`;xdKnimNV9PA>g4)RQX0$sl;DTli2KvWM?QJ-RFz!D4-<-+U zHO4th&pyuV7=}|0F2djfD4J_N2DjA#)-;|0AJfIpar7}Qa?T8`1m=?GD{NCwWX&TP&-n9}O;=}voT{0TI{G@|6+#yOKprS=6 zCu_KJl(@u!%l>3Cl_{=5TJSm}Li6Xk_$?jL?i*Tcmcw>i1 z*lf5zrO)yWuCtU!q*z(2z&itv%4W0Cg2=Bq!~2kDz_C5|iCo5`(%nMjRS!zfiKrlc z$ArI@6u#6~-*Km- zfCLQ5JNqAy@Ft9iHEc(S4<`Y`B!zedU7is7w$}W-GPuH;3~C+~anv*hYO<(#Nf@Yk zW}qgAnkyoKnui8z@~F8XlBhX6P&0y>zZ5Cd7$Uu`j*Lu4^GznY>&yC^u8-PuHk&?rxFG1uz|+UQ42%G1UQP0_fkzhmJ1Ws8We&n-EERej z=w)kmjWx!qR~ewjnGB=m zX9+#drU^yLL8V~^`V43`$T4M<9e}W~i^!1bFbNJA^3lmLAPKrkfYBe~i-+;CNxWJy zQxh>$7cj38VG|c|Vc;9aG}b#QF9M`bYV|QyL{|#Q1UaPh35ko@L;YImiPB;azCc8K zH{M%e-YhWx4BKj~s-4p>QN47~^e&n`@ioofJG z6A$icNk}Rc??`{2K)br)AMYx@h4itKA#3=`Kjc6p^D z1_^lyjqmMEWm0noba)K9gs2hBn?hO2WiMMM6K1nP`Fy$j%4VgZYGfUKN$M~%2ru6P zl@SdgjMbv0wX~tAiqgKHIG!HH$NnOc-PwXeyx?0wfEUh5Kfo)+;ayk^4(@`1hyx(XF;?&U zPB%;_Mko)^l+*!=P9Y{l8fR9FFS(@7MftBJSI`(l3_}FGOr^1gup4K6!^`tsLu*Y| z+Ur~IYE0?K+VZl}qMxE=CC-ZBR8DGco(`3OQFlj|0x1*=`Wlmd6CUzl*Ng_J3ae2r zpC~~Q?je~jQvh3Yvn|``WB?~GRW5U*j|Ai9=KNw7-nF`@l zTmivN15TIZOguo}40j-eLu>%3Kyb4R_b}k50rxP&O^0wQVu0Wfn~8ejfEoH`xS0^{ zP}m=$Hc@{AaI^HyaI+!Ykr1xPaNh>pLBM^R;SPpyxY_sdn`gKm0d5X(KVrDK5bjtA zw*a`fOatx^eKQ=Q5`12}BZNE7aQ6Z3FyQWEIK(XYaCe4qCm8Mpz#ReH3k-K8gewso zZ|#%4Q^?=LCrTWKL{bkL$srC+rHfQ`0EEFz@Jd<&5s{bOgS&%VX4jT{7N>%HWB?5E zEbwe97ZrI-LT4PDDDKQa3*WbdDo+#clC>YLV2W#Xv<`YSe{$+JnWk;Wz+O2}c$TrD>#$G*NRlp|A1 z3Q8bnVx5gI66*GG+$td?5gwM`5(rD|A^@?DJD)njbw%j8c z{59k~`U?ChIPlo(2>%h?MEUnZz8A^A7t&tU0Jud|aLhA*Gx0p_vKe2gt-&pqS=n+d1dmwKE%y5wxVayWOWP)JNl-L9bVT3V&rsx* z@r#2^O2-Y^hoe0Xme;Y!UK*IGotC71{@@uztZ#0#ZAoU5mt}`1;bhATZv^V&2I_;M!x~sA%)!*!+I$zcM2g8VZA7B@%^HCI`I&ndi>WJ^}r}{b$ zh7o@c``0h8(aODzWbpce)^A;rUV-j%6cE^O+Eeik+Itz$#vl6zjr|9d{1GL8h@_9| z>q_3RH2M%!U&k&Q-1C!&?-)w;^6Vz?cn!tw8+ArQgYx&1S zQQqfJ$1*EtPWk(M2)U^bMQ+wRZkOED?B?x~n}ByGHzC{Gmlir zei`n5!m_k~d}nZcw<8-lD-f3xO8A^$hrliynGcM}MyA^;|2XI4JGJD})j9+)9c-*9 zgQiT$sR8-TmBCh}w?86Mo9l>vet96agYr^7BDcfM+1rvVpm~=Dhls)@)U=fdXPxmj z2uLS^>fl>M!3nHC327Z-Ieq`R7!@y8VYB)|pd(cbmjIb82^DeGNnR_8PlT$e}h&^Pb~7T7y+6yi!V{ zmGg+XV$C{@ebp*>@yBQ|g)bU7rAD{WW@&+GI><(%s*`1sN_N zVZYwYRXY#RptzKa>_5_*`2baCH!EweQ5hRzx26~?S^u=-XpGYfXFDVzW6(z~H0=41 z591+9F7hJNMe{od(t90uBydB+k31P3QK5V0M9DoftduTnn=Plv;XW#cmE*5MH*@jb zi2GSSPV;V3GQ{Ha@;DvB5&wl|YygzqyBw(ytzPQ8{73;Tv<80+a;izvYihmAj~lxC z`Hn91%ewq3b1GSe4+NGWA}rq|^$vIaAK#|eJ&ke_9B7nNh#@d2&VcUm`K3>zPBP-P zFopoUNe(b4r&RmF7y>MDzKfTkJMo){Rly5DKLZwNyojX9lOZ18>EQua>$H!_lfWdi z3nui+8e@WfdN1nS4lacVE^XkFWn3iV0_QWv|2VK2C3_jpU_^{w*YR3kqLb)S{N+S< z-_01!mt>%Ntrc@RfqwGbPq?<|2aZo=ck>!dQp^ORRcZbs4ErM!LPW!McfSq7i z5%#Ow&-KC1_^@Xff?VUeeGL$^A?~zZJ>1!8+`}C_L@yW3A?`z$6k(c#CxKp9IwY_@ zi22yxNn%4nTVal3XST0xBwtMi{si8th%==?3#Cm^Sa124gdu`|(3 z`ca-^+@Rfi*Fg!U*JuF0F8X={L-)Vlz(s@u4@f6==si{b#89A>QtI+Jr`AMaj4&76 z?W(t`BEch10fAw`BVGyvP?LWpX+T~B6~T$POh0@ii2PUKBNYEnH5A7g)Tnm?D9xiL zuO0St6xpvz=%sDS1tsCPuIgtIh%)70G5YxQiC9t}Lg_<#SWm>dr}&hBPGm1Q@h)jS za3hfgf*f9gzDa&Z(pHk)4CkZngliFPDBov=jO=EG@VSs!atqoG0G zHKNAXZgv`calreLy6vrMMYiy)SZPGDQdxN)ysYnqKxbwls8al;oY^5isCRXSczGnf z=W!5=7_l5E2sco0T#8dB%K>BTzV2T|C&Shq|LVY(5cY}S9FJ$9F z?OA`ybrSL8s7nL($Fo8jTW|+#!hZKnzfGv>b{Z97`3{|w9XS4=e?#PDWBzr@y++Ax z5RNSE<3zYAWCD{f4b4=Mj{UNM*{2ZMoqnVjN9YInTt^Hf{rj1E5-G0Ap%Y<`2>q>i z7dAQXqNrEC8QCq^9}%0qfa`i+U%@}m81%~1PK`))OnRbKhwY4&{L5wnF5Q#7u|zbOdw&O+nsivIT9S%$}pz`$4p<18qPP>b$AjT<78Kpu@Q_~z+QaM&`5r1B zrJ051MZl!0cl^JNrP4lmnc6of*`TCOiKK*X#^hU+e2J1jq2w!+bSe27CFB^FEad-+ za&*EeQA?}J2t-`n?DSrsiZLV)lBg>pgD|E<+DLyiJ>vi7(z*0#+Q^>g?-7P(TnS$- z_&Z`Ajz;z@u2)>#P%namHfm1o3a)0Dee(6I3TzR_s(L9hchRbDO6yT}57FAl-=l;b zNaTjVf5!^`!4O3es;kU#RCp=;@1ixZqEd5Sq*kol{5IvDqvQ@sj!<$xB?l>)pyV7S zPf~J-lJk_9l$0sCNC~aVu;ud7zoml3J~jym`vD|$^pMcr@vEozXZNR*+0SH;r;}L2 M96ra>`wE%=1N;=8*8l(j literal 0 HcmV?d00001 diff --git a/vendors/keygen/key/__pycache__/__init__.cpython-39.pyc b/vendors/keygen/key/__pycache__/__init__.cpython-39.pyc new file mode 100644 index 0000000000000000000000000000000000000000..5c2bc24876c615b6ffb8e6c784ffeda19a6c9cdf GIT binary patch literal 19912 zcmdsfUu+!5ndfv*&;Q}@k0}0;C~8E}GRKx_*`{@lkQlZl+3}yygrr1HpU#uvRFj<1 zaAsWHl+4ahmsr`{A-9f+y&$_t;$Ud(!#TLy3xYgkfqgg}@~{Z@;c&OuJv4&DV((@B zut5$u?1PbA?C<-kyQha7((>-!JuHV)U0wB6)mK$t)%T~qn##~nHio~CFW;$7)?=~% zO)t^EI9{H^*Zvy>A||v(Y*RBejpBMk-;A4aj>j9uX2MKx+-M}tB=U_$%1rSyZKnB| zF|+*4nK^#u%^`jk%mP1$&0&6ym?QigHAh84B)<_e$HZxo66tSf<}r~GS)`1MqR5Fn zQjUu=Vn`Gan-Ifd1bLHURE*&{CFaC2F^-&Raa>Fw<%BpZCdCv|PKs%90x2^u#l%T5 z^NpC8xv!h2@ODbf;%ydhv%qBG!u^U3*jUlpt_=yjZ1H?~42)r>w9uR-(Lkt1pPeTa2F+^d{*fD_Hu>7?%LQlf8 zV-Ti@jqYkP>x_xv?lHWj_B7<^=)*X@1-(+xB8IUZS$2=#wze17WNWirk?Z!tL-zUN zLv~4G{AdnRmU!~%r=R%DjgoFAFz795rdn%jjat((lXg{Zw;fMw)?y>En5W5)@W8YE z5tTM|yYW#Gk&m@v>9`kfwAQ_ZuvWL$y*S#GG+$nPy}fRxF1MPF^|s@s84o0R=`Bot zv$AP<>2}4o@3y4yGGeP)b1d2325E59<#t6@Hf=M1onKe@&C707>~gD3MB~M4O$Uuw zj+dx4+gpy8;U?B<4b;5Zv^HDKTGbok#PHRqw`xsqgcGaM5?0dz9onUYXV4gV$!e>) zR$Es+Fv`GJ9!FUALO_c)VP$p%dluB6^{4 zp(?4IT|^Mm#z1Vwi?8JrMiG4pN;_t^h@iNFCVZzOK;@#w4Y)88pYo0S=j$Th~*R>dZ zP-j{sXbCwPk-U%Rmt#%+LhL3sCIg@Q*p`|jPsHr6U0`_12W-~K)${eCZh;nIN8gLz zN8Q%}?+kDMQj6^vTFjkC-6JB^F}@#rU-w%`QwujyhXBkyqls;do)=;lkOH#JEW5>! zY$G$|Q!i7n`|t|33EL`S_AFU+Hmo915(ufd){@15zKU}n>vM~4W(9eadFkV0mn+Sx z)o57aO!1{wORR2Ni;^}Lcm9jb%4)+ZI;|ooiZCb=jT9poTq=GQKp=CjvNyPGaX0`M9>h$^BbfTb*Xk4aB%Rl&|;V|%3+cF{neJaW% zn(Sb6-rC3nB1_eNoVPYCEWeC;%X7-OE) zxM<&6qG6%x8Q1@Sl@;Jh)Elg&-MCwKuzrMoU*CxL5Ur~n!!fY6Y9fBy*p15@ z9Ye&YW8DOD5>B$45(avi~$&#@e0Lx`n2 z$xdQV$A*6eSY||?)=o#;)$F1Jc7=7mvQrR4okBS;3J8a=z6;$#WPNAr!`pusuI~{s z%&Tuyj2yDQ$DW9x_KCg~KIR;&kJpcPCuoHei@F)pBYOg^cE&a3pzK59)P3z8t(kVtLD)mA zk9QDl#cixeMUTWiZpL=?<{Ws%!@G&?uYg+&YoI^(=lHgH{hh}8)81Pixc&_J%LD7L zh?O(KYv>GOqfD10Jbs4!F85}RdV@7&*lYe8x`s7$_K-ES0Nk*Kc8%>TpK=u$_N{17 zoq(nn4qHVxV@bsghwlyhD{9oo{J%5i^E?lwPU0Y4?<@Ps^I+H?N3nx6a0NYm1hepp zng#a}wE3ubh-HX#ondfpgWDe!4@WpRaAnSoCvk3{pHu2<;OCs`*ZaXgre2l^7M9)V zkYkW^7Zn9$3VS+Bv~K>*8{2K`Qt|4|mtUNBuf2K8e&nn8&Q;}|xl0tes^s0d^YkKA z+QMS#QI&Ap*;Yxfzq+DQ-j0Bv$d3DFSZ7<-{7V1jg~vWqd2H?Z$6owbenoen+N}9? z9n7`C!d1O}d0hXgHy@+F7p}ha@^W$I+RI;h{>Ihft5?6wsq=2Z@8HVT>UFC+?~cA1 zsp6{_mv-jeZPcSWy(RBhsvTdmfK6X6%MV82mG+QK+ZC0G3upF!ESmILAx?5Xwzka3SQ~<`)r2uO-1Ui=XEwPv_ z9`V;F{#97`BQ=7gH(_xNMcewMNvwOvM|Q4RsW#jr zt7u!BUd)|4suj$VZB>tMh&p(5L$6E&NYQ zNknA-B-BI|9X;CZC)@7aA!9`=k@+iH3lX;lO%=r(k2yeDi2 ziUvl|@={gk8Kn9qZCFsM8=g^XV&yHMB3Yu~5egoq;5-G7QLsqC;}nFVHftL438a}y z5urgYE2Wwh6RZG9N~)<;+`8Rrno6IhO%a<%8Jo4Q?t|3jDZqM3EbNxB0zf8juGAdm zN{N^^thZH?QrSVh(bo`*gxzk`963W+vl4V{x#hgP*=|^yqz;O!qz8GamtR+ru`j|3 zfTpil6mpt5tTe1%&vKm5sI6j-L4` znwTYuW1vhwnKp$W8DnDR6@*&m0T7Kr0EEs5QCg(5JmeArGp9;2=?4&mG+7xU>fH&v zUc=Y^j|fP;GoToy@y$c2>;I6dm!xmJr}`~w^Q=hCaya)1;W$d4V3>J5t1rUL(cjws z7DfQSs9gw4oQHBbp*_i=B+UC1H|l$6`}++x2nZ;??JuIZY3>IkIM(AGjVyuhLS2E) zk04q{%i|P68?=GN>(CPXiLRJ%(3C z5~?%Dc^O~LrIfsaj-(86N;Z-LQweI!MN-JZm#pU_DP;Fc)`wI|hg85ZrvR~As}GZH zuscFZ4p}(6qs~|z3Y!0RoXbJI1pZLix|5OjDa5Cs-o1%_O^Z>LgC31>zmC1H`jrsl zG!D**?nx+^=Q%bbl#+C+KHG(wQ->0AOW#TCBo7Gqn*F_~VCfW#=d#T$H5mT)A!OWWa1f`hbEWZsZbb%buKCk!jS2u+7$;j zp(bsE;6{!+M$jrw8#xHAS(~+-8dp#FXj=>?_4N`4Fg%#Q`N-7G7*^ z0T2}wYoa*k=I4q%V0V_{d;1 zN9G1)g6CSY?8q(Kp#}!RG%B`J-f9bM*8~%>egW;4bc*Nh0ooYfFaW*coPHUJ?>-OIq$sZ`AutY-s9Iu{0NDc8!|tm??CQB0VnUWqT7T zpT`WDag3sw@`u_?`Qv69G(cu9G7@Gk(q*rJHep~6q(4uuu9~AZS?I#Fa+m~mOLo2T zCisUWE4Z0~k=S-BO~*DTR$gAdx_sl>m&;#x{mRwyYp=h)^1}0%Up2EpzO2U5%qyWA zMtHKZkM?rPsyklZ?-m0v>+#aQP0;oVRiesr_@1|G#O%O=K7Mv?XteC-zy zC@wRGUEKf&$m&^b2G8DycnldBNAO7_FRf+cS?v16eP9B|M^b(N6b8l-46!=*01qB) zS|p6UII>|{yoI>xripe$yhQ_F+jvYiI_Y!VB{q?8N@Q?wdiC@$*=Sn-Vt| zJ)=kb%JTU#YAI=E(ichg;YGRs3tyXBC6lM5l)e))lF&k~S;tF&Q}4vgop5v~UdJg} zH`y~zun9l4EwD%9B#lk@X&fo&;U1k4F!hHfeEpuzdo-Tm9&JPw_CRs)H|kP!^X=OP z0>D7}%|^y#kaRkxgt)EMb~z~86Wv&-Eyd+Y^jz7&2hlIdkbjAAXLL{_4Bmg2 zHrU`z`Ty{l?olB`zQNN>#%MbHBsqEC98=a`rC@u||A%SBhy^Mn* zgjtxKbuveX$4aSsej5fK`k;*=oTidQQ4oCSbI7sM&!TdJ`){4$?g(1N;S^${0%mfS zb|9#DvOt=I>3)t8P)$+e*JV* zHVI>X@2Ct0{=;i!!`N{2gqJq!aE&RUf|3>?;H=|ZRpPL85nE4<1roNW@&3M8v&%T5 zQl=Ra1*UJ{G)*xsOB7K>kN>|lSA>a%SR@-;!eWDMHGNuja73r9Eyc=u1(qLJYqpw= z7Q}{{Gq?`nvt*LRmp!L@~Q?UD@DW@zhc5)@wr|%;&c8M;p zPiRFj_K;yyU40v*j)agE{ujLPB8{*@ELX4`CjliV1t$!g#Rz>zYkpHHZ(&XbIWLGf zavJ+`vdFn54CGwfmy<)z9g#rJGy8J#$k`Q1IXDLXV?qLXlz+gP4HIn6v$?hzxU+U@vwN5fV4XK>-84I;s7VpsNHJ z{Uf?~4quyCsueRe0Ur_pwgk7KxQGh_PblUX@1(p2kUl=wM^q8{Dx4;8E}eHo94?>g zmt+@8i-B7PP1=X?-U#zzfy!vuR%1=AoH;bzv!ZzEpy;F2`#{)oC;OWS8>lh_s-QoL zC-Eh&ZIe;MUkNyE?!<%hW@4*KEIi#`C(y30`rEm3+F3&tB}1;`VWy$pl%c3P=5Rz| zA$uQm4d_5n7VPqBMeLu*>nQwquPfu4yHD;%qswrGLBGjAr(E{3Wm0>#8Whi$%WrK} z8Y)L_pe{)jMjGMaJ4nxF1Ftpgi@w)d zihb5F80@hIrOfwO%laN`IrdkJnR(w|Z3rH0Q(_waY6WpZoJ38-Vn&?8b41LF(|C@; z5AF<}V`37Ma+bHyzTFKSiV@2D=9Gj060nE}5yqJml3~?k9SgCdvJQ*Y6IRBSp#9@8`xQzS-!)HQh_R!#Zvk=<= z52$QChjLUeVj*N9#ATSyxaA*nDR@%V3-HdMlp83)?>K+P8@mGf?@qoxT8G(>;OrY* zx1ST%ulz4)R8*Z~T<5og_xd>M{C1?IGWt=El_y27lOY_u7cdJ1cY@)b1Kbqgo@2PF5Kj3t z5F8v%kxvvbO;3iK4&hFP^}!Vt`MZESK~IJ|5yG7g;ff6RGr*k$+|L;9WC#Zz10TOR zhWiV^%>eE%7;YwnI~&5y11>JpfICG`hJ(+9Piqf_aOW8A0^nu=cY)#HQQ^Zq9KtOy z+#7&94Y)TL?sN!OA~;^!kMwpSe+@5`*p-U79wd@e>~BklvT6ee9kO7_w1lVIx80M6 zgWP6wn7n~q!9BeX4E!vxhAOibSy@5@9tv@?o#kJ1=|$36nvF} z4h1_D+@s)MQ}8tk2Jl(gLdNHa$5NfdW3!OKNi$Pn?@78`@Rrvuv2It4gmhd-`JX=Y zWeuVvNCSOrT?bB~E$ZiZ8Nk+A`68xnpTh|i+$v#L`K*9zWfxAAb(|E{;fO4f@4{7h zk_4$tUtYE^F9+A9&%#EN-~J&iDA?}UQVEL_ooV@}Nxt35KTXo^X>6&)lPr~r$)nBa zDIQsq{PQ{9K6Byr>9oqct`|yPV9sX>=jrpb+h%;VwhmKXW_8=K;EG~Nx7cr8;Nreh zF)f_H2tiKzkP`hf0)`?xjGr7VQ`&GyLmckWu>3lP*-Ha6wbqif(x18rNBphLwk;KEC< zKMQhG#1f3#;l%PssNeyKWl0ePCMgL|&lGvBGohrzbVzNH^sG-Lx$W;phy>R>B18g` zA-;J8kr3BT`zA(~4Ds$C>oSqRLf}jK)LGim!DDH#ecEunM8&SwY6l2{KtGuv2x{v_O^aE#R>1FA-m0dG+KWFWsqy_gFF(m~Yx zQ?Y+@aQ>%20c1JvpML^AeExrmN*{3k&(l^B&c4Bi-Dy8f&AdwM&HK0e=A94z{mo%W z-E}x(-g!fc%sbIRbl!1Op?}^tusIC*>)1cI;eGvG^l<;N2hqufntTO%$aX+rgJ++T z56r%o0S)?XlTIz)qu}3Du#2E?-ZvE2VV?9U=6&Nk2j_iUn;Jat8~^O*on$SncOK%y zXPclNV73Wtz-;@;2WDG-hvt;mI>fTf>cu60tq+)RszXgU%O4Lq;Z$tzK_{Gm51;Vg z1G2q^?w(iIL+V(v-Gl(o2ggtPX*f3u)6)JXp4o;gM#$;20-io0r_TvC3mmbSdE1CA zW;*HeH+9~`Q_C(L%!3irCe9)=W|ddCXGnZa_UyDSmz&3QC~etN*ZgY;59!oR}> z+FO>)sClIZ8;Qatl(`ivXX)_)rjT|6Rly(79FAcIh*|4k*O3J~L|Rh_`OjqnFD@N1 zfftt!pTLVtgC~&F`zG*rF`SafT7I8`1M_xqNxn}REa!iU>AJY|hYvVi7ncs7uHQ$~ zz4gZC6f&+2lEP>Bgx6qU3U_9S#c~{8TP$U#x9>&PUPgJ)`HVFCK#VjIS$o7tQ|g`9 zULPZ6SvI<%+N4@&(mme43>hw%#C{o?vkq>fL2@YjV`qsLFYV~~(K%Ha^b8;+;HYU^C_@X-U~|y@GFG)Y0aMkzbxbT z2aF#K*1)L=42Ma_h5;EKtM~QyiaUu;qD%gtW8GtW@RT66=YXd~H`>;&*8CD`&vWg+ z40?~+d;O=;8Yk}zy29050Q3-`b-BdQ1;*uL;Bq{~1%~hUWk*r!2lQyr)vKA^IA6U=!h%6puTBY!CHzZ{cam86kd2sj*@W&(H_3ZR zwqxKKdR)OPmRvfN^g_<*(W65XH}lDfd>qTry+7c#L=&c7+$?PsSLsIeCtkqmbL{B9 zeB+n?gv&SkygG308R)t11eo=%ar}Qr>=uT|)9!i(IqbtN3y$@~3_ShrD$d&Z)`BEk zp%p^d6&=i_ucIA$R zlQp1FzVn2-BT?WqPU5=>N$ke3n9EBj;3XI_He;Ge-zRm13$%MTHWU-2-kN@1^pXZc z_g~WBB*K9kB<>K}ZIvZ6WS*szI=0TKF;N)9p$4bQ>TX!XZRHgjjwK5AnH^GSfQtM% zaUN1(l)ovwNPWkZ=>3KBaA_g)W*P^iy_*f{-T~$0k(1Y!{1~OHltn*AHx?)*eCjIy z0=W8wf4J%6)5p$9R0%oV*YMI~=dRihA%WTRPP|Jp7R*iDkDC?hK#^NLEDT?y(-(k{2d&d|B$Ck_m<#T=r>iS81amppXYSLBE z#^EF1MJ0nq9zPX9hlM0rECf4zRPv?K$1L=u-ss5xKahHR8mBVZMC?cE$bwG;SOAXA zyZiLeezQ@(9;)&Vsxe{u0U4MLM}DLKnI@P`2w$TZi^C5vbtFZfqp1sQ!lY)VAqmsZ zN%%IwK-E-;96p2JL|u^?d;~KCzf1Z>pL!A@4(cIsVVwy5-FO$a0A5MGGl6zw#bAv@ zECmI)3b5S6KR`0*On}y7^b7!&fu6`6ZgJ!y;icK!LciRRR2!K&?sGu=K2154vXvQO zx_`x?rXnA51v-q+!1o_}nE71n)w_2Da%ZjwDs(|ZCDWkn!AKz#l-Y3RSn@^6I9 zYHSmw6&emz-z@(F6rSEHQS=FI=c#Z@3z9xr)scHZdyr-$e~gS5sAr)<6OgH@9lu$! zTskIeRK8BZZ3@@{s!cIEnUnvHg5ROwyA*tnf*(@QrGSj`@&gL~69u%(DTYg<$_PaG z-5jNnt(`rPo+5@<#2ehG5@{p-x%80#$)$7Y;k1#x!p|XwW?TthE%-le&PF|p7B?y` zPRJKQL7O$Fb_WMT=sMh_>UR~`BDPj_!83Q=s%}Z^1vX02*hpHIlFe3R`oK?)1;5%v zUX1D}bp#n+3O@+74pLOY&Kp#UMVx0T#(u8z6q}{s0tG}hji80LKdoF#f GkokLaQoYUq literal 0 HcmV?d00001 diff --git a/vendors/keygen/key/__pycache__/ed25519.cpython-38.pyc b/vendors/keygen/key/__pycache__/ed25519.cpython-38.pyc new file mode 100644 index 0000000000000000000000000000000000000000..eddc8e3d8626e2c52c43f529476fb11a4b7e1b26 GIT binary patch literal 4774 zcmai2&2QVt73Yv5MM;z`D~j{cY|2G8K?E#hY|yl*(JnU4I-6n(H;uc^R@jy+YZ#d_ zB{4%fSqt(W>a=?b(ED})`~P#j^oiCtuxtIV`X%j_c;OKDN7`-J>wtaDKG*)J4fW6Qgk6}Mz1z*552jBOLXl$^GrU zo-Ag{Qjd3KY2&M|ACV2D=?gIuvfzIeBu!nGrqf8~ztlt>GyTw9+Zhe~we67z;H^|;c#{#sC5K9ki>aeH0v^d>yd^mb3&~-gksQ|MIFI%;Il^E& zx)qUk-0N=o@E<}Xo7F!OMKs3O&TvIKAooV`v^T6UPDBvBYD+5}_*!#TlsQv{H7p75v7j;7=BUf8N3le~X0| zgFo^IWL^Tvs1wJ}MuLm;WZ1J}9D{PJo{sS}lpEow!#$``u&X!+fQZYOR}fZ+Ds;T}#rLYmAmHy8 z`es@R)H`@cy|c1+#l+6F4%xJA9kL536$fm>l;_L~8n-TM2RaqMuso<77)+ZOM-Hy) zF$&E=VNy6+ny~)zM5n^|LX{D`s~u|x=J1|cS!LG}|5U4RvTv@WtH_`F%P691G{)4E zI$xr3-)emMJHX~&SaNQHxX21vW4HWwCVqk#va%9(p4TSUw1lnlmANdnzP1)hSbcMR zegQyHB2@K~#>1^U<7;`JNAFu6Jm10vG*wl(75(yh{8ptWP&y%}oe+`=0|Fsx?R4TD zKbFRJ(8FViz!L%Mi>4vXjk_Oj-NB91t$?TdZ~aP)ucR?J$$s)GMfPjsT4{nk!r44bx)V1pnDo}!Ap4=c&Seb`7^TleqW zy8TmW?L{1hmv%BrOAYElFeGl|OBTy>o1^5{v;AxkNl>NgbV?SbsodEvin!xpb!h_& zOTTLIpy$VlERg+Po4F+goMaP4w{Bpqc_C`BhT#G{9k7Q6E9+&*RlUy2tWG>)1Dah@ zpZ`%6pkMqUgs-(xh}ybuaP|-OjrN!kJALl73#wh<=5xDka*G$iE-h~J67I!sz~$OD zI9XY3xyi)Gn5#>yD*sWNzC`gC{~02K4VFQGeyI2gG2Mygfwdf26Lt&+=@pTF#UmSB zrj(TXmA(U6?K|9fL7Jrrbo!+W8rn#G$YsS23!CHBEPZY^TOJGz?|TH$=@NATj;@Id z5Y5_LNSX0o%$%X(`4dD0=B`EZiuXm2|Vx+)@_tUV(qGuW2S1ErYL zlGyJGKgoitOzuzH;3No!@Ub%LOC+o3bwgAb&zq4G@d?)UCtOn`CsyLX@n9zZvkMLz z*QRKaZEXS8iOrL5lz+ZNBlVBs;jlB;4|UNZh!m|v!8gI0(lMqw1?W74jwv209aTP+ zj+yd#__%ni!N}>7wlJNVQ;-E@c`N7* zQ5QZ1eIehS!o@VW_0;;WW8cpFYGX_=^@R>kqz9$TY#LIndG$B@<8PQ~7U|HTYh&>_`g!8Q-U4*vnKyX z1+h7mBC?48JoJzqsT=5QDO?ioksuDPYIjN~X2;SgKuP--sfj+Mp)r*<2k1|KHnVlx JwjFg{`aeq$WqSYs literal 0 HcmV?d00001 diff --git a/vendors/keygen/key/__pycache__/ed25519.cpython-39.pyc b/vendors/keygen/key/__pycache__/ed25519.cpython-39.pyc new file mode 100644 index 0000000000000000000000000000000000000000..2462ddbb116c73e1f3d551ab9f647f33829bf151 GIT binary patch literal 4785 zcma)ATW=f372Z3S%cX9n!u6P2$6sAT>Pi?BI!ZfBwT2F84vTa00&up5qZAMnF)GW!i z71_-)bgjr~R#=JIFO;Us%FMyN$|}soeSuZk0`7}!kuBlA^tr;8*~$xrtpw_!-dtwZ zmQp`=qGAbkRp`%x(FvN=Ufy80Zr}dsr;m8J*Ghsff)QR;*zvaL~sKyB!5B z-V1u0ZJHzhX=u>y@8gOYM4}w2Or0pJ$}x60t|i(;>FU_E_80Ava;QF0wiH82jM0~> zazGl_F~Vf}MEzFzPNOl2#f(GTpD4eFwGPy;)xMM7KU6-%8|=f}9A6I7RX3jULCpLL@REVo2@)?;_ek9<)bDsFw1av{=+U4fOcreKc0?&t z7FzsFlsCR=2Sc)gFayp9To}PuVN%ybxtK<%!7GKYV5aZa*7sU`eSd#{eJ|*<0gu;V z>Q2z7+j_p{;YcjZulq+B8@mvSx}a)m4RT54H9WuF+UoA3kNu(;fw<+a}IEShy!Z*X5>b?`_IVquXJGt{q}%`{f@An4tTGXh#KDT zku;&-iaG-xCOf^ccZPp3+Z~VF*k8TM%eZlhFBqTi*`X3}(qIZo6A*}XN>za6?1khyy=rRHHxdhmoOMqD$yX*(pcs>D!L5~bf zNI7i9@&14_ex6KwR-9u{Zr9Uso`!QR8nl=XH41nc>wpn{8S`>N41R^gdnB%scs-&q z^oO_^kGcPF2x~v>%Q~@KWS2@sCWuhOsxT?pfHV4MU zI9iyf-NlJU)$ygQCV01WtQ?sA2XbYVJ%#^MuENc}xty*df9fuxlFHE-vy!Z^1seCQ z!WO>+c>Y;U&P@;-Srx1OO&xuVD6+CTcAhOwtfG#svgMgfwZ67w9mBn-V=J5E^K&pd z?4%`3=#RJVjj!c>KD}@F@O=XpFjW@k#_(r1;&&=NhtdhT?S$}@>ktT1Yo`_O1hLS! z!ww$H1fdAofY)_lZruND>mF{5ZU&wnzVjkkqy>Wo>eHmcAmfP2jCF)M6zX%Khy6t8 zfGFW?hlw8r{Z6tYuF4`X=PY#+Io2J*6ojl zwL4@mys(o&T5wPm!ah-?K&Y`ew>e0DG2PDwF$Gz$PA6qan9`li5|3LxR+l!gu=J}I z3p+ua2!rhR#@sDS@Fbf^*0qMU=H;lS)^rcd!3BucR7Z0lSG5(@!8`DY4QRGWefCF{ zfPV2O5P{M}IcjQw&eXrF-zZO2BB?LjrXkw~Ghf(ElUb|;l4&uUm2oe914`GlLChSv z<+{p0!(45mR{4+G^d*YF_)CZkIMfUTv_r{Ti11DnAMEAGnyAMhl70yZSUR%7Y08Py zt#n<;YS(4@OVTV)pwlg1P|!y5LoP~+Xl#yGv-G)HZ}>1Yyzdi4r%Tj0sJg;0K-8CJ zLduMHhXDu6$VP~AL0LGhU#z6opQRqcoed}940pGquq`9f&Dv9nG6inoK9Y(#If;Wd z50Wgn9CCl!1~Wl0L{FtrUm;n2za62*`2Lil@XxWfKjJE|oVbY#$Ah2z&o*3jyi}k` zwzWB6CsI$ok^cD;8mWIIA%~rrcBt_Nfh2Dv62J-Cq>f(b7|?kP9g{znI1>*F8G^G3k#`o(Ep z0LzL)3@lH(8(*3S;-WtT;PI8|@S+c{Ay*;0DpQm5Elelp+_|w%Sp6IYPPExXM zX8y27+cW+sv02(^pG6zxH!Si;hIn*PCTz>7k@Su|B?O3fY+%R-$>7$_dQ8{@zV7k& z(HO7J`zY1Q9h4u9F++wvX+N=rnZ7KWioSYz#&y5MS8%{efh<*#i9`PwkSLYCn`fN- zcNlj1@Ki3gae&^Kl8Q1&(_EA!IyYU#HD1oqsnD*M35ENuUf}z}@%`R_?MBpgegFAx zE6RGz6j}-YWSa6P)M`SAY6g_;Ac}IZlsPT4TP8LgDgS^gCUOM(x~^kqMQlYVGH#n6 z&7%A3WTDZDN4;KvLr}YsZ9-NGeg{*gG`_MGw0C*%b9qiB=)wPO^8Z*6qmxM@O86H< z2lzVHQ&KTKpcWt{?7OLnKB1v8l{Xg^fc|XN)@<8$<#p-*3(IH< literal 0 HcmV?d00001 diff --git a/vendors/keygen/key/ed25519.py b/vendors/keygen/key/ed25519.py new file mode 100644 index 0000000..01adb21 --- /dev/null +++ b/vendors/keygen/key/ed25519.py @@ -0,0 +1,136 @@ +#!/usr/bin/env python3 +# link: https://git.p2p.legal/aya/dpgpid/ +# desc: dpgpid builds a decentralized gpg world of trust with did over ipfs + +# Copyleft 2022 Yann Autissier + +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. + +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +from . import key +from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey +from cryptography.hazmat.primitives import serialization +from SecureBytes import clearmem +import duniterpy.key +import logging as log + +def from_duniterpy(duniterpy): + log.debug("ed25519.from_duniterpy(%s)" % duniterpy) + try: + return ed25519(duniterpy.sk[:32]) + except Exception as e: + log.error(f'Unable to get ed25519 from duniterpy: {e}') + exit(2) + +def from_jwk(jwk): + log.debug("ed25519.from_jwk(%s)" % jwk) + try: + return ed25519(jwk._okp_pri().private_bytes( + encoding=serialization.Encoding.Raw, + format=serialization.PrivateFormat.Raw, + encryption_algorithm=serialization.NoEncryption() + )) + except Exception as e: + log.error(f'Unable to get ed25519 from jwk: {e}') + exit(2) + +def from_libp2p(libp2p): + log.debug("ed25519.from_libp2p(%s) % libp2p") + try: + return ed25519(libp2p.lstrip(b'\x08\x01\x12@')[:32]) + except Exception as e: + log.error(f'Unable to get ed25519 from libp2p: {e}') + exit(2) + +def from_pem(pem): + log.debug("ed25519.from_pem(%s)" % pem) + try: + return ed25519(serialization.load_pem_private_key(pem, password=None).private_bytes( + encoding=serialization.Encoding.Raw, + format=serialization.PrivateFormat.Raw, + encryption_algorithm=serialization.NoEncryption() + )) + except Exception as e: + log.error(f'Unable to get ed25519 from pem: {e}') + exit(2) + +def from_pgpy(_pgpy): + log.debug("ed25519.from_pgpy(%s)" % _pgpy) + try: + if _pgpy.key_type == 'RSA': + log.debug("ed25519._pgpy._key.keymaterial.p=%s" % _pgpy._key.keymaterial.p) + log.debug("ed25519._pgpy._key.keymaterial.q=%s" % _pgpy._key.keymaterial.q) + # rsa custom seed: sha256 hash of (p + q), where + is a string concatenation + # self.ed25519_seed_bytes = nacl.bindings.crypto_hash_sha256((rsa_int).to_bytes(rsa_len,byteorder='big')) + rsa_int = int(str(_pgpy._key.keymaterial.p) + str(_pgpy._key.keymaterial.q)) + rsa_len = (rsa_int.bit_length() + 7) // 8 + from cryptography.hazmat.primitives import hashes + digest = hashes.Hash(hashes.SHA256()) + digest.update((rsa_int).to_bytes(rsa_len,byteorder='big')) + seed = digest.finalize() + # seed_bytes = nacl.bindings.crypto_hash_sha256((rsa_int).to_bytes(rsa_len,byteorder='big')) + elif _pgpy.key_type in ('ECDSA', 'EdDSA', 'ECDH'): + log.debug("ed25519._pgpy._key.keymaterial.s=%s" % _pgpy._key.keymaterial.s) + seed = _pgpy._key.keymaterial.s.to_bytes(32, byteorder='big') + else: + raise NotImplementedError(f"getting seed from pgpy key type {_pgpy.key_type} is not implemented.") + return ed25519(seed) + except Exception as e: + log.error(f'Unable to get ed25519 from pgpy: {e}') + exit(2) + +class ed25519(key): + def __init__(self, seed: bytes): + log.debug("ed25519().__init__(%s)" % seed) + super().__init__() + self.algorithm = 'ed25519' + self.cryptography = Ed25519PrivateKey.from_private_bytes(seed) + self.public_bytes = self.cryptography.public_key().public_bytes( + encoding=serialization.Encoding.Raw, + format=serialization.PublicFormat.Raw, + ) + self.secret_bytes = seed + self.public_bytes + self.seed_bytes = seed + + def _cleanup(self): + log.debug("ed25519()._cleanup()") + if hasattr(self, 'secret_bytes') and self.secret_bytes: + clearmem(self.secret_bytes) + log.debug("cleared: ed25519().secret_bytes") + if hasattr(self, 'seed_bytes') and self.seed_bytes: + clearmem(self.seed_bytes) + log.debug("cleared: ed25519().seed_bytes") + super()._cleanup() + + def to_duniterpy(self): + log.debug("ed25519().to_duniterpy()") + try: + if not hasattr(self, 'duniterpy'): + self.duniterpy = duniterpy.key.SigningKey(self.seed_bytes) + except Exception as e: + log.error(f'Unable to get duniterpy: {e}') + exit(2) + log.debug("ed25519().duniterpy.seed: %s" % self.duniterpy.seed) + + def to_proto2(self): + log.debug("ed25519().to_proto2()") + try: + ## libp2p Protocol Buffer serialization + self.public_proto2 = b'\x08\x01\x12 ' + self.public_bytes + self.secret_proto2 = b'\x08\x01\x12@' + self.secret_bytes + except Exception as e: + log.error(f'Unable to get proto2: {e}') + exit(2) + log.debug("ed25519().public_proto2=%s" % self.public_proto2) + log.debug("ed25519().secret_proto2=%s" % self.secret_proto2) + diff --git a/vendors/keygen/keygen b/vendors/keygen/keygen index d33e573..a4fea2c 100755 --- a/vendors/keygen/keygen +++ b/vendors/keygen/keygen @@ -1,14 +1,8 @@ #!/usr/bin/env python3 # link: https://git.p2p.legal/aya/dpgpid/ -# desc: generate ed25519 keys for duniter and ipfs from gpg +# desc: dpgpid builds a decentralized gpg world of trust with did over ipfs # Copyleft 2022 Yann Autissier -# all crypto science belongs to Pascal Engélibert -# coming from files available at https://git.p2p.legal/qo-op/Astroport.ONE/tools -# gpgme stuff has been provided by Ben McGinnes -# and comes from http://files.au.adversary.org/crypto/gpgme-python-howto.html -# gpg key extraction is taken from work of Simon Vareille available at -# https://gist.github.com/SimonVareille/fda49baf5f3e15b5c88e25560aeb2822 # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as published by @@ -24,28 +18,13 @@ # along with this program. If not, see . import argparse -import base58 -import base64 import configparser -from cryptography.hazmat.primitives.asymmetric import ed25519 -from cryptography.hazmat.primitives import serialization -import duniterpy.key -import gpg -from jwcrypto import jwk import logging as log -import nacl.bindings -import nacl.encoding -import pgpy -import pynentry -from SecureBytes import clearmem import os -import re -import struct import sys -import time -import warnings -__version__='0.0.5' +from about import __version__ +import key class keygen: def __init__(self): @@ -62,7 +41,7 @@ class keygen: self.parser.add_argument( "-f", "--format", - choices=['ewif', 'jwk', 'nacl','pb2','pem','pubsec','seed','wif'], + choices=['ewif', 'jwk', 'nacl','p2p','pem','pubsec','seed','wif'], default=None, dest="format", help="output file format, default: pem (pkcs8)", @@ -77,7 +56,7 @@ class keygen: "-i", "--input", dest="input", - help="read ed25519 key from file FILE, autodetect format: {credentials,ewif,jwk,nacl,mnemonic,pb2,pubsec,seed,wif}", + help="read ed25519 key from file FILE, autodetect format: {credentials,ewif,jwk,nacl,mnemonic,p2p,pem,pubsec,seed,wif}", metavar='FILE', ) self.parser.add_argument( @@ -102,9 +81,9 @@ class keygen: ) self.parser.add_argument( "-p", - "--prefix", - action="store_true", - help="prefix output text with key type", + "--password", + dest="password", + help="user password for duniter, gpg key and file encryption", ) self.parser.add_argument( "-q", @@ -121,7 +100,7 @@ class keygen: self.parser.add_argument( "-t", "--type", - choices=['b58mh','b64mh','base58','base64','duniter','ipfs','jwk'], + choices=['b36mf', 'b58mf', 'b58mh','b64mh','base58','base64','duniter','ipfs','jwk'], default="base58", dest="type", help="output text format, default: base58", @@ -139,171 +118,16 @@ class keygen: ) self.parser.add_argument( 'username', - nargs="?", - ) - self.parser.add_argument( - 'password', - nargs="?", + help="username, mnemonic or gpg key", + nargs="*", ) def _check_args(self, args): - log.debug("keygen._check_args(%s)" % args) - if self.input is None and self.username is None: + log.debug("keygen()._check_args(%s)" % args) + if self.input is None and not len(self.username): self.parser.error('keygen requires an input file or a username') - def _cleanup(self): - log.debug("keygen._cleanup()") - if hasattr(self, 'duniterpy'): - if hasattr(self.duniterpy, 'seed') and self.duniterpy.seed: - clearmem(self.duniterpy.seed) - log.debug("cleared: keygen.duniterpy.seed") - if hasattr(self.duniterpy, 'sk') and self.duniterpy.sk: - clearmem(self.duniterpy.sk) - log.debug("cleared: keygen.duniterpy.sk") - if hasattr(self, 'ed25519_secret_base58') and self.ed25519_secret_base58: - clearmem(self.ed25519_secret_base58) - log.debug("cleared: keygen.ed25519_secret_base58") - if hasattr(self, 'ed25519_secret_base64') and self.ed25519_secret_base64: - clearmem(self.ed25519_secret_base64) - log.debug("cleared: keygen.ed25519_secret_base64") - if hasattr(self, 'ed25519_secret_bytes') and self.ed25519_secret_bytes: - clearmem(self.ed25519_secret_bytes) - log.debug("cleared: keygen.ed25519_secret_bytes") - if hasattr(self, 'ed25519_secret_pem_pkcs8') and self.ed25519_secret_pem_pkcs8: - clearmem(self.ed25519_secret_pem_pkcs8) - log.debug("cleared: keygen.ed25515_secret_pem_pkcs8") - if hasattr(self, 'ed25519_secret_protobuf') and self.ed25519_secret_protobuf: - clearmem(self.ed25519_secret_protobuf) - log.debug("cleared: keygen.ed25515_secret_protobuf") - if hasattr(self, 'ed25519_seed_bytes') and self.ed25519_seed_bytes: - clearmem(self.ed25519_seed_bytes) - log.debug("cleared: keygen.ed25519_seed_bytes") - if hasattr(self, 'ipfs_privkey') and self.ipfs_privkey: - clearmem(self.ipfs_privkey) - log.debug("cleared: keygen.ipfs_privkey") - if hasattr(self, 'jwk'): - if hasattr(self.jwk, 'd') and self.jwk.d: - clearmem(self.jwk.d) - log.debug("cleared: keygen.jwk.d") - if hasattr(self, 'password') and self.password: - clearmem(self.password) - log.debug("cleared: keygen.password") - if hasattr(self, 'pgp_secret_armor') and self.pgp_secret_armor: - clearmem(self.pgp_secret_armor) - log.debug("cleared: keygen.pgp_secret_armor") - if hasattr(self, 'pgpy'): - if hasattr(self.pgpy._key.keymaterial, 'p') and self.pgpy._key.keymaterial.p and not isinstance(self.pgpy._key.keymaterial.p, pgpy.packet.fields.ECPoint): - clearmem(self.pgpy._key.keymaterial.p) - log.debug("cleared: keygen.pgpy._key.material.p") - if hasattr(self.pgpy._key.keymaterial, 'q') and self.pgpy._key.keymaterial.q: - clearmem(self.pgpy._key.keymaterial.q) - log.debug("cleared: keygen.pgpy._key.material.q") - if hasattr(self.pgpy._key.keymaterial, 's') and self.pgpy._key.keymaterial.s: - clearmem(self.pgpy._key.keymaterial.s) - log.debug("cleared: keygen.pgpy._key.material.s") - if hasattr(self, 'username') and self.username: - clearmem(self.username) - log.debug("cleared: keygen.username") - - def _invalid_type(self): - log.debug("keygen._invalid_type()") - self.parser.error(f"type {self.type} is not valid.") - - def _load_config(self): - log.debug("keygen._load_config()") - self.config = configparser.RawConfigParser() - config_dir = os.path.join(os.environ.get('XDG_CONFIG_HOME', os.path.expanduser('~/.config')), 'dpgpid') - log.debug("config_dir=%s" % config_dir) - self.config.read( [config_dir + '/keygen.conf'] ) - - def _output(self, public_key, secret_key, public_key_prefix, secret_key_prefix): - log.debug("keygen._output()") - if self.output is None: - self._output_text(public_key, secret_key, public_key_prefix, secret_key_prefix) - else: - self._output_file() - os.chmod(self.output, 0o600) - self._cleanup() - - def _output_file(self): - log.debug("keygen._output_file()") - try: - if self.format == 'dewif': - if not hasattr(self, 'duniterpy'): - self.duniterpy_from_ed25519_seed_bytes() - if not self.password: - with pynentry.PynEntry() as p: - p.description = f"""Data in DEWIF file needs to be encrypted. - Please enter a password to encrypt seed. - """ - p.prompt = 'Passphrase:' - try: - self.password = p.get_pin() - except pynentry.PinEntryCancelled: - log.warning('Cancelled! Goodbye.') - self._cleanup() - exit(1) - self.duniterpy.save_dewif_v1_file(self.output, self.password) - elif self.format == 'ewif': - if not hasattr(self, 'duniterpy'): - self.duniterpy_from_ed25519_seed_bytes() - if not self.password: - with pynentry.PynEntry() as p: - p.description = f"""Data in EWIF file needs to be encrypted. - Please enter a password to encrypt seed. - """ - p.prompt = 'Passphrase:' - try: - self.password = p.get_pin() - except pynentry.PinEntryCancelled: - log.warning('Cancelled! Goodbye.') - self._cleanup() - exit(1) - self.duniterpy.save_ewif_file(self.output, self.password) - elif self.format == 'jwk': - if not hasattr(self, 'jwk'): - self.jwk_from_ed25519() - with open(self.output, "w") as file: - file.write(self.jwk.export()) - elif self.format == 'nacl': - if not hasattr(self, 'duniterpy'): - self.duniterpy_from_ed25519_seed_bytes() - self.duniterpy.save_private_key(self.output) - elif self.format == 'pb2': - if not hasattr(self, 'ed25519_secret_protobuf'): - self.protobuf_from_ed25519() - with open(self.output, "wb") as file: - file.write(self.ed25519_secret_protobuf) - elif self.format == 'pubsec': - if not hasattr(self, 'duniterpy'): - self.duniterpy_from_ed25519_seed_bytes() - self.duniterpy.save_pubsec_file(self.output) - elif self.format == 'seed': - if not hasattr(self, 'duniterpy'): - self.duniterpy_from_ed25519_seed_bytes() - self.duniterpy.save_seedhex_file(self.output) - elif self.format == 'wif': - if not hasattr(self, 'duniterpy'): - self.duniterpy_from_ed25519_seed_bytes() - self.duniterpy.save_wif_file(self.output) - else: - if not hasattr(self, 'ed25519_secret_pem_pkcs8'): - self.pem_pkcs8_from_ed25519() - with open(self.output, "w") as file: - file.write(self.ed25519_secret_pem_pkcs8) - except Exception as e: - log.error(f'Unable to output file {self.output}: {e}') - self._cleanup() - exit(2) - - def _output_text(self, public_key, secret_key, public_key_prefix, secret_key_prefix): - log.debug("keygen._output_text()") - if self.keys or not self.secret: - print("%s" % ''.join([self.prefix * public_key_prefix, public_key])) - if self.keys or self.secret: - print("%s" % ''.join([self.prefix * secret_key_prefix, secret_key])) - - def _run(self, argv): + def _cli(self, argv): args = self.parser.parse_args(argv) vars(self).update(vars(args)) @@ -324,573 +148,118 @@ class keygen: else: log_level='WARNING' log.basicConfig(format=log_format, datefmt=log_datefmt, level=log_level) - log.debug("keygen.run(%s)" % argv) + log.debug("keygen()._cli(%s)" % argv) self._check_args(args) self._load_config() - self.gpg = gpg.Context(armor=True, offline=True) - self.gpg.set_passphrase_cb(self.gpg_passphrase_cb) - self.ed25519(args) + self.key = key.from_args(args, self.config) method = getattr(self, f'do_{self.type}', self._invalid_type) return method() - def b58mh_from_protobuf(self): - log.debug("keygen.b58mh_from_protobuf()") - try: - self.ed25519_public_b58mh = base58.b58encode(self.ed25519_public_protobuf).decode('ascii') - self.ed25519_secret_b58mh = base58.b58encode(self.ed25519_secret_protobuf).decode('ascii') - except Exception as e: - log.error(f'Unable to get b58mh from protobuf: {e}') - self._cleanup() - exit(2) - log.debug("keygen.ed25519_public_b58mh=%s" % self.ed25519_public_b58mh) - log.debug("keygen.ed25519_secret_b58mh=%s" % self.ed25519_secret_b58mh) + def _invalid_type(self): + log.debug("keygen()._invalid_type()") + self.parser.error(f"type {self.type} is not valid.") - def b64mh_from_protobuf(self): - log.debug("keygen.b64mh_from_protobuf()") - try: - self.ed25519_public_b64mh = base64.b64encode(self.ed25519_public_protobuf).decode('ascii') - self.ed25519_secret_b64mh = base64.b64encode(self.ed25519_secret_protobuf).decode('ascii') - except Exception as e: - log.error(f'Unable to get b64mh from protobuf: {e}') - self._cleanup() - exit(2) - log.debug("keygen.ed25519_public_b64mh=%s" % self.ed25519_public_b64mh) - log.debug("keygen.ed25519_secret_b64mh=%s" % self.ed25519_secret_b64mh) + def _load_config(self): + log.debug("keygen()._load_config()") + self.config = configparser.RawConfigParser() + config_dir = os.path.join(os.environ.get('XDG_CONFIG_HOME', os.path.expanduser('~/.config')), 'dpgpid') + log.debug("config_dir=%s" % config_dir) + self.config.read( [config_dir + '/keygen.conf'] ) - def base58_from_ed25519(self): - log.debug("keygen.base58_from_ed25519()") - try: - self.ed25519_public_base58 = base58.b58encode(self.ed25519_public_bytes).decode('ascii') - self.ed25519_secret_base58 = base58.b58encode(self.ed25519_secret_bytes).decode('ascii') - except Exception as e: - log.error(f'Unable to get base58 from ed25519: {e}') - self._cleanup() - exit(2) - log.debug("keygen.ed25519_public_base58=%s" % self.ed25519_public_base58) - log.debug("keygen.ed25519_secret_base58=%s" % self.ed25519_secret_base58) + def _output(self): + log.debug("keygen()._output()") + if self.output is None: + self._output_text() + else: + self._output_file() + os.chmod(self.output, 0o600) - def base64_from_ed25519(self): - log.debug("keygen.base64_from_ed25519()") - try: - self.ed25519_public_base64 = base64.b64encode(self.ed25519_public_bytes).decode('ascii') - self.ed25519_secret_base64 = base64.b64encode(self.ed25519_secret_bytes).decode('ascii') - except Exception as e: - log.error(f'Unable to get base64 from ed25519: {e}') - self._cleanup() - exit(2) - log.debug("keygen.ed25519_public_base64=%s" % self.ed25519_public_base64) - log.debug("keygen.ed25519_secret_base64=%s" % self.ed25519_secret_base64) + def _output_file(self): + log.debug("keygen()._output_file()") + self.key.to_file(self.output, self.format, self.password) + + def _output_text(self): + log.debug("keygen()._output_text()") + if self.keys or not self.secret: + print("%s" % self.public_key) + if self.keys or self.secret: + print("%s" % self.secret_key) + + def do_b36mf(self): + log.debug("keygen().do_b36mf()") + self.key.to_b36mf() + self.public_key = self.key.public_b36mf + self.secret_key = self.key.secret_b36mf + self._output() + + def do_b58mf(self): + log.debug("keygen().do_b58mf()") + self.key.to_b58mf() + self.public_key = self.key.public_b58mf + self.secret_key = self.key.secret_b58mf + self._output() def do_b58mh(self): - log.debug("keygen.do_b58mh()") - self.protobuf_from_ed25519() - self.b58mh_from_protobuf() - self._output(self.ed25519_public_b58mh, self.ed25519_secret_b58mh, 'pub: ', 'sec: ') + log.debug("keygen().do_b58mh()") + self.key.to_b58mh() + self.public_key = self.key.public_b58mh + self.secret_key = self.key.secret_b58mh + self._output() def do_b64mh(self): - log.debug("keygen.do_b64mh()") - self.protobuf_from_ed25519() - self.b64mh_from_protobuf() - self._output(self.ed25519_public_b64mh, self.ed25519_secret_b64mh, 'pub: ', 'sec: ') + log.debug("keygen().do_b64mh()") + self.key.to_b64mh() + self.public_key = self.key.public_b64mh + self.secret_key = self.key.secret_b64mh + self._output() def do_base58(self): - log.debug("keygen.do_base58()") - self.base58_from_ed25519() - self._output(self.ed25519_public_base58, self.ed25519_secret_base58, 'pub: ', 'sec: ') + log.debug("keygen().do_base58()") + self.key.to_base58() + self.public_key = self.key.public_base58 + self.secret_key = self.key.secret_base58 + self._output() def do_base64(self): - log.debug("keygen.do_base64()") - self.base64_from_ed25519() - self._output(self.ed25519_public_base64, self.ed25519_secret_base64, 'pub: ', 'sec: ') + log.debug("keygen().do_base64()") + self.key.to_base64() + self.public_key = self.key.public_base64 + self.secret_key = self.key.secret_base64 + self._output() def do_duniter(self): - log.debug("keygen.do_duniter()") + log.debug("keygen().do_duniter()") if not self.format: self.format = 'pubsec' - self.base58_from_ed25519() - self._output(self.ed25519_public_base58, self.ed25519_secret_base58, 'pub: ', 'sec: ') + self.key.to_base58() + self.public_key = self.key.public_base58 + self.secret_key = self.key.secret_base58 + self._output() def do_ipfs(self): - log.debug("keygen.do_ipfs()") - self.protobuf_from_ed25519() - self.b58mh_from_protobuf() - self.b64mh_from_protobuf() - self._output(self.ed25519_public_b58mh, self.ed25519_secret_b64mh, 'PeerID: ', 'PrivKEY: ') + log.debug("keygen().do_ipfs()") + self.key.to_b58mh() + self.key.to_b64mh() + self.public_key = self.key.public_b58mh + self.secret_key = self.key.secret_b64mh + self._output() def do_jwk(self): - log.debug("keygen.do_jwk()") - self.jwk_from_ed25519() - self._output(self.jwk.export_public(), self.jwk.export_private(), 'pub: ', 'sec: ') - - def duniterpy_from_credentials(self): - log.debug("keygen.duniterpy_from_credentials()") - try: - scrypt_params = duniterpy.key.scrypt_params.ScryptParams( - int(self.config.get('scrypt', 'n')) if self.config.has_option('scrypt', 'n') else 4096, - int(self.config.get('scrypt', 'r')) if self.config.has_option('scrypt', 'r') else 16, - int(self.config.get('scrypt', 'p')) if self.config.has_option('scrypt', 'p') else 1, - int(self.config.get('scrypt', 'sl')) if self.config.has_option('scrypt', 'sl') else 32, - ) - if not self.password: - with pynentry.PynEntry() as p: - p.description = f"""Please enter the passord for username "{self.username}".""" - p.prompt = 'Passsord:' - try: - self.password = p.get_pin() - except pynentry.PinEntryCancelled: - log.warning('Cancelled! Goodbye.') - self._cleanup() - exit(1) - self.duniterpy = duniterpy.key.SigningKey.from_credentials( - self.username, - self.password, - scrypt_params - ) - except Exception as e: - log.error(f'Unable to get duniter from credentials: {e}') - self._cleanup() - exit(2) - log.debug("keygen.duniterpy.seed: %s" % self.duniterpy.seed) - - def duniterpy_from_ed25519_seed_bytes(self): - log.debug("keygen.duniterpy_from_ed25519_seed_bytes()") - try: - self.duniterpy = duniterpy.key.SigningKey(self.ed25519_seed_bytes) - except Exception as e: - log.error(f'Unable to get duniterpy from ed25519 seed bytes: {e}') - self._cleanup() - exit(2) - log.debug("keygen.duniterpy.seed: %s" % self.duniterpy.seed) - - def duniterpy_from_file(self): - log.debug("keygen.duniterpy_from_file()") - try: - with open(self.input, 'r') as file: - lines = file.readlines() - if len(lines) > 0: - line = lines[0].strip() - regex_ewif = re.compile('^Type: EWIF$') - regex_jwk = re.compile('^\\s*{\\s*"crv":\\s*"Ed25519",\\s*"d":\\s*"(.)+",\\s*"kty":\\s*"OKP",\\s*"x":\\s*"(.)+"\\s*}') - regex_nacl = re.compile('^\\s*{\\s*"priv":\\s*"[0-9a-fA-F]+",\\s*"verify":\\s*"[0-9a-fA-F]+",\\s*"sign":\\s*"[0-9a-fA-F]+"\\s*}') - regex_pem = re.compile('^-----BEGIN PRIVATE KEY-----$') - regex_pubsec = re.compile('^Type: PubSec$') - regex_seed = re.compile('^[0-9a-fA-F]{64}$') - regex_ssb = re.compile('\\s*{\\s*"curve":\\s*"ed25519",\\s*"public":\\s*"(.+)\\.ed25519",\\s*"private":\\s*"(.+)\\.ed25519",\\s*"id":\\s*"@(.+).ed25519"\\s*}') - regex_wif = re.compile('^Type: WIF$') - if re.search(regex_ewif, line): - log.info("input file format detected: ewif") - if not self.password: - with pynentry.PynEntry() as p: - p.description = f"""Data in EWIF file is encrypted. - Please enter a password to decrypt seed. - """ - p.prompt = 'Passphrase:' - try: - self.password = p.get_pin() - except pynentry.PinEntryCancelled: - log.warning('Cancelled! Goodbye.') - self._cleanup() - exit(1) - self.duniterpy = duniterpy.key.SigningKey.from_ewif_file(self.input, self.password) - elif re.search(regex_jwk, line): - log.info("input file format detected: jwk") - self.jwk_from_json(line) - self.ed25519_seed_bytes_from_jwk() - self.duniterpy_from_ed25519_seed_bytes() - elif re.search(regex_nacl, line): - log.info("input file format detected: nacl") - self.duniterpy = duniterpy.key.SigningKey.from_private_key(self.input) - elif re.search(regex_pem, line): - log.info("input file format detected: pem") - self.ed25519_seed_bytes_from_pem(''.join(lines).encode()) - self.duniterpy_from_ed25519_seed_bytes() - elif re.search(regex_pubsec, line): - log.info("input file format detected: pubsec") - self.duniterpy = duniterpy.key.SigningKey.from_pubsec_file(self.input) - elif re.search(regex_seed, line): - log.info("input file format detected: seed") - self.duniterpy = duniterpy.key.SigningKey.from_seedhex_file(self.input) - elif re.search(regex_ssb, line): - log.info("input file format detected: ssb") - self.duniterpy = duniterpy.key.SigningKey.from_ssb_file(self.input) - elif re.search(regex_wif, line): - log.info("input file format detected: wif") - self.duniterpy = duniterpy.key.SigningKey.from_wif_file(self.input) - elif len(line.split(' ')) == 12: - log.info("input file format detected: mnemonic") - self.username = line - self.duniterpy_from_mnemonic() - elif len(lines) > 1: - log.info("input file format detected: credentials") - self.username = line - self.password = lines[1].strip() - self.duniterpy_from_credentials() - else: - raise NotImplementedError('unknown input file format.') - else: - raise NotImplementedError('empty file.') - except UnicodeDecodeError as e: - try: - with open(self.input, 'rb') as file: - lines = file.readlines() - if len(lines) > 0: - line = lines[0].strip() - regex_dewif = re.compile(b'^\x00\x00\x00\x01\x00\x00\x00\x01') - regex_pb2 = re.compile(b'^\x08\x01\x12@') - if re.search(regex_dewif, line): - log.info("input file format detected: dewif") - if not self.password: - with pynentry.PynEntry() as p: - p.description = f"""Data in DEWIF file is encrypted. - Please enter a password to decrypt seed. - """ - p.prompt = 'Passphrase:' - try: - self.password = p.get_pin() - except pynentry.PinEntryCancelled: - log.warning('Cancelled! Goodbye.') - self._cleanup() - exit(1) - self.duniterpy = duniterpy.key.SigningKey.from_dewif_file(self.input, self.password) - if re.search(regex_pb2, line): - log.info("input file format detected: pb2") - self.ed25519_secret_protobuf = line - self.ed25519_seed_bytes_from_protobuf() - self.duniterpy_from_ed25519_seed_bytes() - else: - raise NotImplementedError('unknown input file format.') - else: - raise NotImplementedError('empty file.') - except Exception as e: - log.error(f'Unable to get duniterpy from file {self.input}: {e}') - self._cleanup() - exit(2) - except Exception as e: - log.error(f'Unable to get duniterpy from file {self.input}: {e}') - self._cleanup() - exit(2) - log.debug("keygen.duniterpy.seed: %s" % self.duniterpy.seed) - - def duniterpy_from_mnemonic(self): - log.debug("keygen.duniterpy_from_mnemonic()") - try: - scrypt_params = duniterpy.key.scrypt_params.ScryptParams( - int(self.config.get('scrypt', 'n')) if self.config.has_option('scrypt', 'n') else 4096, - int(self.config.get('scrypt', 'r')) if self.config.has_option('scrypt', 'r') else 16, - int(self.config.get('scrypt', 'p')) if self.config.has_option('scrypt', 'p') else 1, - int(self.config.get('scrypt', 'sl')) if self.config.has_option('scrypt', 'sl') else 32, - ) - self.duniterpy = duniterpy.key.SigningKey.from_dubp_mnemonic( - self.username, - scrypt_params - ) - except Exception as e: - log.error(f'Unable to get duniterpy from mnemonic: {e}') - self._cleanup() - exit(2) - log.debug("keygen.duniterpy.seed: %s" % self.duniterpy.seed) - - def ed25519(self, args): - log.debug("keygen.ed25519(%s)" % args) - if args.gpg: - self.ed25519_from_gpg() - else: - if self.input: - self.duniterpy_from_file() - else: - if self.mnemonic: - self.duniterpy_from_mnemonic() - else: - self.duniterpy_from_credentials() - self.ed25519_from_duniterpy() - - def ed25519_from_duniterpy(self): - log.debug("keygen.ed25519_from_duniterpy()") - try: - self.ed25519_seed_bytes_from_duniterpy() - self.ed25519_from_seed_bytes() - except: - log.error(f'Unable to get ed25519 from duniterpy: {e}') - self._cleanup() - exit(2) - - def ed25519_from_gpg(self): - log.debug("keygen.ed25519_from_gpg()") - try: - self.pgpy_from_gpg() - self.ed25519_from_pgpy() - except Exception as e: - log.error(f'Unable to get ed25519 from pgp: {e}') - self._cleanup() - exit(2) - - def ed25519_from_pgpy(self): - log.debug("keygen.ed25519_from_pgpy()") - try: - log.debug("keygen.pgpy.fingerprint.keyid=%s" % self.pgpy.fingerprint.keyid) - log.debug("keygen.pgpy.is_protected=%s" % self.pgpy.is_protected) - if self.pgpy.is_protected: - if not self.password: - with pynentry.PynEntry() as p: - p.description = f"""The exported pgp key id "{self.pgpy.fingerprint.keyid}" of user "{self.username}" is password protected. - Please enter the passphrase again to unlock it. - """ - p.prompt = 'Passphrase:' - try: - self.password = p.get_pin() - except pynentry.PinEntryCancelled: - log.warning('Cancelled! Goodbye.') - self._cleanup() - exit(1) - try: - with warnings.catch_warnings(): - # remove CryptographyDeprecationWarning about deprecated - # SymmetricKeyAlgorithm IDEA, CAST5 and Blowfish (PGPy v0.5.4) - warnings.simplefilter('ignore') - with self.pgpy.unlock(self.password): - assert self.pgpy.is_unlocked - log.debug("keygen.pgpy.is_unlocked=%s" % self.pgpy.is_unlocked) - self.ed25519_seed_bytes_from_pgpy() - except Exception as e: - log.error(f"""Unable to unlock pgp secret key id "{self.pgpy.fingerprint.keyid}" of user "{self.username}": {e}""") - self._cleanup() - exit(2) - else: - self.ed25519_seed_bytes_from_pgpy() - self.ed25519_from_seed_bytes() - except Exception as e: - log.error(f'Unable to get ed25519 seed bytes from pgpy: {e}') - self._cleanup() - exit(2) - - def ed25519_from_seed_bytes(self): - log.debug("keygen.ed25519_from_seed_bytes()") - try: - self.ed25519_public_bytes, self.ed25519_secret_bytes = nacl.bindings.crypto_sign_seed_keypair(self.ed25519_seed_bytes) - self.ed25519 = ed25519.Ed25519PrivateKey.from_private_bytes(self.ed25519_seed_bytes) - except Exception as e: - log.error(f'Unable to get ed25519 from seed bytes: {e}') - self._cleanup() - exit(2) - log.debug("keygen.ed25519_public_bytes=%s" % self.ed25519_public_bytes) - log.debug("keygen.ed25519_secret_bytes=%s" % self.ed25519_secret_bytes) - - def ed25519_seed_bytes_from_duniterpy(self): - log.debug("keygen.ed25519_seed_bytes_from_duniterpy()") - try: - self.ed25519_seed_bytes = self.duniterpy.sk[:32] - except Exception as e: - log.error(f'Unable to get ed25519 seed bytes from duniterpy: {e}') - self._cleanup() - exit(2) - log.debug("keygen.ed25519_seed_bytes=%s" % self.ed25519_seed_bytes) - - def ed25519_seed_bytes_from_jwk(self): - log.debug("keygen.ed25519_seed_bytes_from_jwk()") - try: - self.ed25519_seed_bytes = self.jwk._okp_pri().private_bytes(encoding=serialization.Encoding.Raw, format=serialization.PrivateFormat.Raw, encryption_algorithm=serialization.NoEncryption()) - except Exception as e: - log.error(f'Unable to get ed25519 seed bytes from jwk: {e}') - self._cleanup() - exit(2) - - def ed25519_seed_bytes_from_pem(self, pem): - log.debug("keygen.ed25519_seed_bytes_from_pem()") - try: - self.ed25519_seed_bytes = serialization.load_pem_private_key(pem, password=None).private_bytes(encoding=serialization.Encoding.Raw, format=serialization.PrivateFormat.Raw, encryption_algorithm=serialization.NoEncryption()) - except Exception as e: - log.error(f'Unable to get ed25519 seed bytes from pem: {e}') - self._cleanup() - exit(2) - - def ed25519_seed_bytes_from_pgpy(self): - log.debug("keygen.ed25519_seed_bytes_from_pgpy()") - try: - self.pgpy_key_type() - if self.pgpy_key_type == 'RSA': - log.debug("keygen.pgpy._key.keymaterial.p=%s" % self.pgpy._key.keymaterial.p) - log.debug("keygen.pgpy._key.keymaterial.q=%s" % self.pgpy._key.keymaterial.q) - # custom seed: use sha256 hash of (p + q) - self.ed25519_seed_bytes = nacl.bindings.crypto_hash_sha256(long_to_bytes(self.pgpy._key.keymaterial.p + self.pgpy._key.keymaterial.q)) - elif self.pgpy_key_type in ('ECDSA', 'EdDSA', 'ECDH'): - log.debug("keygen.pgpy._key.keymaterial.s=%s" % self.pgpy._key.keymaterial.s) - self.ed25519_seed_bytes = long_to_bytes(self.pgpy._key.keymaterial.s) - else: - raise NotImplementedError(f"getting seed from {self.pgpy_key_type} key is not implemented") - except Exception as e: - log.error(f'Unable to get ed25519 seed bytes from pgpy: {e}') - self._cleanup() - exit(2) - log.debug("keygen.ed25519_seed_bytes=%s" % self.ed25519_seed_bytes) - - def ed25519_seed_bytes_from_protobuf(self): - log.debug("keygen.ed25519_seed_bytes_from_protobuf()") - try: - self.ed25519_seed_bytes = self.ed25519_secret_protobuf.lstrip(b'\x08\x01\x12@')[:32] - except Exception as e: - log.error(f'Unable to get ed25519 seed bytes from protobuf: {e}') - self._cleanup() - exit(2) - log.debug("keygen.ed25519_seed_bytes=%s" % self.ed25519_seed_bytes) - - def gpg_passphrase_cb(self, uid_hint, passphrase_info, prev_was_bad): - log.debug("keygen.gpg_passphrase_cb(%s, %s, %s)" % (uid_hint, passphrase_info, prev_was_bad)) - return self.password - - def jwk_from_ed25519(self): - log.debug("keygen.jwk_from_ed25519()") - try: - self.jwk = jwk.JWK.from_pyca(self.ed25519) - except Exception as e: - log.error(f'Unable to get jwk from ed25519: {e}') - self._cleanup() - exit(2) - - def jwk_from_json(self, json): - log.debug("keygen.jwk_from_json()") - try: - self.jwk = jwk.JWK.from_json(json) - except Exception as e: - log.error(f'Unable to get jwk from json: {e}') - self._cleanup() - exit(2) - - def pem_pkcs8_from_ed25519(self): - log.debug("keygen.pem_pkcs8_from_ed25519()") - try: - self.ed25519_secret_pem_pkcs8 = self.ed25519.private_bytes(encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.PKCS8, encryption_algorithm=serialization.NoEncryption()).decode('ascii') - except Exception as e: - log.error(f'Unable to get pem pkcs8 from ed25519: {e}') - self._cleanup() - exit(2) - log.debug("keygen.ed25519_secret_pem_pkcs8=%s" % self.ed25519_secret_pem_pkcs8) - - def pgpy_from_gpg(self): - log.debug("keygen.pgpy_from_gpg()") - try: - self.gpg_seckeys = list(self.gpg.keylist(pattern=self.username, secret=True)) - log.debug("keygen.gpg_seckeys=%s" % self.gpg_seckeys) - if not self.gpg_seckeys: - log.warning(f"""Unable to find any key matching username "{self.username}".""") - self._cleanup() - exit(1) - else: - self.gpg_seckey = self.gpg_seckeys[0] - log.info(f"""Found key id "{self.gpg_seckey.fpr}" matching username "{self.username}".""") - log.debug("keygen.gpg_seckey.expired=%s" % self.gpg_seckey.expired) - log.debug("keygen.gpg_seckey.fpr=%s" % self.gpg_seckey.fpr) - log.debug("keygen.gpg_seckey.revoked=%s" % self.gpg_seckey.revoked) - log.debug("keygen.gpg_seckey.uids=%s" % self.gpg_seckey.uids) - log.debug("keygen.gpg_seckey.owner_trust=%s" % self.gpg_seckey.owner_trust) - log.debug("keygen.gpg_seckey.last_update=%s" % self.gpg_seckey.last_update) - if self.password: - self.gpg.set_pinentry_mode(gpg.constants.PINENTRY_MODE_LOOPBACK) - self.pgp_public_armor = self.gpg.key_export(self.gpg_seckey.fpr) - self.pgp_secret_armor = self.gpg.key_export_secret(self.gpg_seckey.fpr) - log.debug("keygen.pgp_secret_armor=%s" % self.pgp_secret_armor) - if not self.pgp_secret_armor: - log.error(f"""Unable to export gpg secret key id "{self.gpg_seckey.fpr}" of user "{self.username}". Please check your password!""") - self._cleanup() - exit(2) - with warnings.catch_warnings(): - # remove CryptographyDeprecationWarning about deprecated - # SymmetricKeyAlgorithm IDEA, CAST5 and Blowfish (PGPy v0.5.4) - warnings.simplefilter('ignore') - self.pgpy, _ = pgpy.PGPKey.from_blob(self.pgp_secret_armor) - except Exception as e: - log.error(f'Unable to get pgpy from gpg: {e}') - self._cleanup() - exit(2) - - def pgpy_key_type(self): - log.debug("keygen.pgpy_key_type()") - if isinstance(self.pgpy._key.keymaterial, pgpy.packet.fields.RSAPriv): - self.pgpy_key_type = 'RSA' - elif isinstance(self.pgpy._key.keymaterial, pgpy.packet.fields.DSAPriv): - self.pgpy_key_type = 'DSA' - elif isinstance(self.pgpy._key.keymaterial, pgpy.packet.fields.ElGPriv): - self.pgpy_key_type = 'ElGamal' - elif isinstance(self.pgpy._key.keymaterial, pgpy.packet.fields.ECDSAPriv): - self.pgpy_key_type = 'ECDSA' - elif isinstance(self.pgpy._key.keymaterial, pgpy.packet.fields.EdDSAPriv): - self.pgpy_key_type = 'EdDSA' - elif isinstance(self.pgpy._key.keymaterial, pgpy.packet.fields.ECDHPriv): - self.pgpy_key_type = 'ECDH' - else: - self.pgpy_key_type = 'undefined' - log.debug("keygen.pgpy_key_type=%s" % self.pgpy_key_type) - - def protobuf_from_ed25519(self): - # libp2p protobuf version 2 - log.debug("keygen.protobuf_from_ed25519()") - try: - self.ed25519_public_protobuf = b'\x00$\x08\x01\x12 ' + self.ed25519_public_bytes - self.ed25519_secret_protobuf = b'\x08\x01\x12@' + self.ed25519_secret_bytes - except Exception as e: - log.error(f'Unable to get protobuf from ed25519: {e}') - self._cleanup() - exit(2) - log.debug("keygen.ed25519_public_protobuf=%s" % self.ed25519_public_protobuf) - log.debug("keygen.ed25519_secret_protobuf=%s" % self.ed25519_secret_protobuf) - -## -# long_to_bytes comes from PyCrypto, which is released into Public Domain -# https://github.com/dlitz/pycrypto/blob/master/lib/Crypto/Util/number.py -def bytes_to_long(s): - """bytes_to_long(string) : long - Convert a byte string to a long integer. - This is (essentially) the inverse of long_to_bytes(). - """ - acc = 0 - unpack = struct.unpack - length = len(s) - if length % 4: - extra = (4 - length % 4) - s = b'\000' * extra + s - length = length + extra - for i in range(0, length, 4): - acc = (acc << 32) + unpack('>I', s[i:i+4])[0] - return acc - -def long_to_bytes(n, blocksize=0): - """long_to_bytes(n:long, blocksize:int) : string - Convert a long integer to a byte string. - If optional blocksize is given and greater than zero, pad the front of the - byte string with binary zeros so that the length is a multiple of - blocksize. - """ - # after much testing, this algorithm was deemed to be the fastest - s = b'' - n = int(n) - pack = struct.pack - while n > 0: - s = pack('>I', n & 0xffffffff) + s - n = n >> 32 - # strip off leading zeros - for i in range(len(s)): - if s[i] != b'\000'[0]: - break - else: - # only happens when n == 0 - s = b'\000' - i = 0 - s = s[i:] - # add back some pad bytes. this could be done more efficiently w.r.t. the - # de-padding being done above, but sigh... - if blocksize > 0 and len(s) % blocksize: - s = (blocksize - len(s) % blocksize) * b'\000' + s - return s + log.debug("keygen().do_jwk()") + self.key.to_jwk() + self.public_key = self.key.public_jwk + self.secret_key = self.key.secret_jwk + self._output() def main(argv=None): if argv is None: argv = sys.argv[1:] - - cli = keygen() - return cli._run(argv) + return keygen()._cli(argv) def version(version=__version__): print("%s v%s" % (sys.argv[0],version)) if __name__ == "__main__": sys.exit(main()) +