forked from La_Bureautique/zeg1jeux
ajout Jaklis local pour gestion messages
This commit is contained in:
parent
1bd4554893
commit
3289423d6d
|
@ -3,3 +3,10 @@
|
||||||
> Life is short.
|
> Life is short.
|
||||||
> Play more.
|
> Play more.
|
||||||
|
|
||||||
|
## Installation
|
||||||
|
|
||||||
|
```
|
||||||
|
sudo apt install python3-gpg python3-jwcrypto
|
||||||
|
python3 -m pip install -U pgpy pynentry SecureBytes
|
||||||
|
```
|
||||||
|
|
||||||
|
|
|
@ -401,7 +401,8 @@ class DAO {
|
||||||
'method' => 'POST',
|
'method' => 'POST',
|
||||||
'content' => json_encode($queryParams),
|
'content' => json_encode($queryParams),
|
||||||
// 'header' => $header,
|
// 'header' => $header,
|
||||||
'timeout' => $nodeTimeout
|
'timeout' => $nodeTimeout,
|
||||||
|
'ignore_errors' => '1'
|
||||||
]
|
]
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -410,7 +411,8 @@ class DAO {
|
||||||
$opts = [
|
$opts = [
|
||||||
'http' => [
|
'http' => [
|
||||||
'method' => 'GET',
|
'method' => 'GET',
|
||||||
'timeout' => $nodeTimeout
|
'timeout' => $nodeTimeout,
|
||||||
|
'ignore_errors' => '1'
|
||||||
]
|
]
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
@ -17,6 +17,12 @@ class GchangeUser {
|
||||||
|
|
||||||
$this->userGchangeId = $gchangeObject->_id;
|
$this->userGchangeId = $gchangeObject->_id;
|
||||||
|
|
||||||
|
if (!$gchangeObject->found) {
|
||||||
|
|
||||||
|
$this->userName = substr($gchangeObject->_id, 0, 8);
|
||||||
|
|
||||||
|
} else {
|
||||||
|
|
||||||
$this->userName = $gchangeObject->_source->title;
|
$this->userName = $gchangeObject->_source->title;
|
||||||
|
|
||||||
if (isset($gchangeObject->_source->geoPoint->lat, $gchangeObject->_source->geoPoint->lon)) {
|
if (isset($gchangeObject->_source->geoPoint->lat, $gchangeObject->_source->geoPoint->lon)) {
|
||||||
|
@ -32,6 +38,7 @@ class GchangeUser {
|
||||||
$this->avatarImgSrc = 'data:'. $gchangeObject->_source->avatar->_content_type .';base64,' . $gchangeObject->_source->avatar->_content;
|
$this->avatarImgSrc = 'data:'. $gchangeObject->_source->avatar->_content_type .';base64,' . $gchangeObject->_source->avatar->_content;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public function getUserGchangeId () {
|
public function getUserGchangeId () {
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,119 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
require_once('Fred.class.php');
|
||||||
|
|
||||||
|
class Jaklis {
|
||||||
|
|
||||||
|
private $mode = 'local';
|
||||||
|
|
||||||
|
private $jaklisPath = __DIR__ . '/../vendors/jaklis/jaklis';
|
||||||
|
|
||||||
|
private $nodes = [
|
||||||
|
|
||||||
|
'gchange' => 'data.gchange.fr'
|
||||||
|
];
|
||||||
|
|
||||||
|
private $msgLimit = 30;
|
||||||
|
|
||||||
|
private $userPubsecPath;
|
||||||
|
|
||||||
|
|
||||||
|
public function __construct ($userPubkey) {
|
||||||
|
|
||||||
|
$this->userPubsecPath = __DIR__ .'/../cache/pubsec/'. $userPubkey .'.dunikey';
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getMessages () {
|
||||||
|
|
||||||
|
if ($mode = 'local') {
|
||||||
|
|
||||||
|
return [
|
||||||
|
|
||||||
|
$this->getInboundMessages(),
|
||||||
|
$this->getOutboundMessages()
|
||||||
|
];
|
||||||
|
|
||||||
|
} else {
|
||||||
|
|
||||||
|
$fred->donneMoiSesPutainDeMessagesGchange($_SESSION['salt'], $_SESSION['pepper'], 'coucou');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getInboundMessages () {
|
||||||
|
|
||||||
|
$cmd = $this->jaklisPath;
|
||||||
|
$cmd .= ' --key '. $this->userPubsecPath;
|
||||||
|
$cmd .= ' --node https://'. $this->nodes['gchange'];
|
||||||
|
$cmd .= ' read';
|
||||||
|
$cmd .= ' --number ' . $this->msgLimit;
|
||||||
|
$cmd .= ' --json';
|
||||||
|
|
||||||
|
$output=null;
|
||||||
|
$result_code=null;
|
||||||
|
exec($cmd, $output, $result_code);
|
||||||
|
|
||||||
|
$json = implode("\n", $output);
|
||||||
|
|
||||||
|
// echo '<p>' . $cmd . '</p>';
|
||||||
|
// echo '<pre>'; var_dump($json); echo '</pre>';
|
||||||
|
|
||||||
|
$result = json_decode($json);
|
||||||
|
|
||||||
|
// echo '<pre>'; var_dump($result); echo '</pre>';
|
||||||
|
|
||||||
|
return $result;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getOutboundMessages () {
|
||||||
|
|
||||||
|
$cmd = $this->jaklisPath;
|
||||||
|
$cmd .= ' --key '. $this->userPubsecPath;
|
||||||
|
$cmd .= ' --node http://'. $this->nodes['gchange'];
|
||||||
|
$cmd .= ' read';
|
||||||
|
$cmd .= ' --number ' . $this->msgLimit;
|
||||||
|
$cmd .= ' --json';
|
||||||
|
$cmd .= ' --outbox';
|
||||||
|
|
||||||
|
$output=null;
|
||||||
|
$result_code=null;
|
||||||
|
exec($cmd, $output, $result_code);
|
||||||
|
|
||||||
|
$json = implode("\n", $output);
|
||||||
|
|
||||||
|
// echo '<p>' . $cmd . '</p>';
|
||||||
|
// echo '<pre>'; var_dump($json); echo '</pre>';
|
||||||
|
|
||||||
|
$result = json_decode($json);
|
||||||
|
|
||||||
|
// echo '<pre>'; var_dump($result); echo '</pre>';
|
||||||
|
|
||||||
|
return $result;
|
||||||
|
}
|
||||||
|
|
||||||
|
private function jescape ($str) {
|
||||||
|
|
||||||
|
return str_replace('"', '\"', $str);
|
||||||
|
}
|
||||||
|
public function sendMessage ($msg, $toPubkey, $title, $fromPubkey) {
|
||||||
|
|
||||||
|
$cmd = $this->jaklisPath;
|
||||||
|
$cmd .= ' --key '. $this->userPubsecPath;
|
||||||
|
$cmd .= ' --node http://'. $this->nodes['gchange'];
|
||||||
|
$cmd .= ' send';
|
||||||
|
$cmd .= ' --destinataire "' . $this->jescape($toPubkey) . '"';
|
||||||
|
$cmd .= ' --titre "' . $this->jescape($title) . '"';
|
||||||
|
$cmd .= ' --message "' . $this->jescape($msg) . '"';
|
||||||
|
|
||||||
|
// echo '<pre>'. $cmd . '</pre>';
|
||||||
|
|
||||||
|
$output=null;
|
||||||
|
$result_code=null;
|
||||||
|
exec($cmd, $output, $result_code);
|
||||||
|
|
||||||
|
// echo '<pre>'; var_dump($result_code); echo '</pre>';
|
||||||
|
// echo '<pre>'; var_dump($output); echo '</pre>';
|
||||||
|
// list($jaklisResult, $id) = $output;
|
||||||
|
// echo '<p>'. $jaklisResult .'</p>';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,10 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
class Keygen {
|
||||||
|
|
||||||
|
public function __construct {
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -4,15 +4,31 @@ require_once('config.php');
|
||||||
require_once('lib/Fred.class.php');
|
require_once('lib/Fred.class.php');
|
||||||
require_once('lib/Messenger.class.php');
|
require_once('lib/Messenger.class.php');
|
||||||
require_once('lib/Gchange.class.php');
|
require_once('lib/Gchange.class.php');
|
||||||
|
require_once('lib/Jaklis.class.php');
|
||||||
|
|
||||||
$gchange = new Gchange();
|
$gchange = new Gchange();
|
||||||
$messenger = new Messenger($gchange);
|
$messenger = new Messenger($gchange);
|
||||||
$fred = new Fred();
|
$fred = new Fred();
|
||||||
list($msgIn, $msgOut) = $fred->donneMoiSesPutainDeMessagesGchange($_SESSION['salt'], $_SESSION['pepper'], 'coucou');
|
$jaklis = new Jaklis($_SESSION['player_pubkey']);
|
||||||
|
|
||||||
|
if (isset($_POST['message'], $_POST['to'])) {
|
||||||
|
|
||||||
|
$jaklis->sendMessage(
|
||||||
|
$_POST['message'],
|
||||||
|
htmlspecialchars_decode($_POST['to']),
|
||||||
|
htmlspecialchars_decode($_POST['title']),
|
||||||
|
$_SESSION['player_pubkey']
|
||||||
|
);
|
||||||
|
|
||||||
|
header('Location: messenger.php?penpal=' . $_POST['to']);
|
||||||
|
}
|
||||||
|
|
||||||
|
// $msgIn = $jaklis->getInboundMessages('QP1VkfaFUMdHZmHgPMi7q5wJJHaQhZcEqs5A86NigKr');
|
||||||
|
list($msgIn, $msgOut) = $jaklis->getMessages();
|
||||||
|
|
||||||
// echo '<pre>'; var_dump($msgIn); echo '</pre>';
|
// echo '<pre>'; var_dump($msgIn); echo '</pre>';
|
||||||
// echo '<pre>'; var_dump($msgOut); echo '</pre>';
|
// echo '<pre>'; var_dump($msgOut); echo '</pre>';
|
||||||
|
// die();
|
||||||
|
|
||||||
$messenger->addMessages($msgIn, $msgOut);
|
$messenger->addMessages($msgIn, $msgOut);
|
||||||
|
|
||||||
|
@ -48,12 +64,15 @@ foreach ($messenger->getConversations() as $conv) {
|
||||||
|
|
||||||
$penpal = $messenger->getUser($conv->getPenpalPubkey());
|
$penpal = $messenger->getUser($conv->getPenpalPubkey());
|
||||||
|
|
||||||
|
$avatarSrc = $penpal->getAvatarImgSrc();
|
||||||
|
$src = !empty($avatarSrc) ? $avatarSrc : $games[$_SESSION['gameId']]['default_avatar'];
|
||||||
|
|
||||||
echo '
|
echo '
|
||||||
<blockquote>
|
<blockquote>
|
||||||
<img class="avatar"
|
<img class="avatar"
|
||||||
height="64"
|
height="64"
|
||||||
width="64"
|
width="64"
|
||||||
src="'. $penpal->getAvatarImgSrc() .'" />
|
src="'. $src .'" />
|
||||||
|
|
||||||
<cite>
|
<cite>
|
||||||
'. $penpal->getUserName() . '
|
'. $penpal->getUserName() . '
|
||||||
|
@ -114,6 +133,19 @@ if (isset($_GET['penpal'])) {
|
||||||
}
|
}
|
||||||
echo '
|
echo '
|
||||||
</ul>';
|
</ul>';
|
||||||
|
|
||||||
|
echo '
|
||||||
|
<form method="post" action="">
|
||||||
|
<label for="message">'. _('Message') .'</label>
|
||||||
|
<textarea name="message" rows="1" cols="30"></textarea>
|
||||||
|
|
||||||
|
<input type="hidden" name="to" value="'. htmlspecialchars($_GET['penpal']) .'" />
|
||||||
|
|
||||||
|
<input type="hidden" name="title" value="'. htmlspecialchars($displayedConv->getConvTitle()) .'" />
|
||||||
|
|
||||||
|
<input type="submit" value="'. _('Envoyer') .'" />
|
||||||
|
</form>
|
||||||
|
';
|
||||||
}
|
}
|
||||||
|
|
||||||
echo '
|
echo '
|
||||||
|
|
|
@ -230,8 +230,66 @@ main {
|
||||||
#messenger-page #conversations-list {
|
#messenger-page #conversations-list {
|
||||||
|
|
||||||
width: 33.333vw;
|
width: 33.333vw;
|
||||||
|
height: 100vh;
|
||||||
|
overflow-y: auto;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#messenger-page ul#conversations-list {
|
||||||
|
|
||||||
|
list-style: none;
|
||||||
|
margin: 0;
|
||||||
|
padding: 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
#messenger-page ul#conversations-list li {
|
||||||
|
|
||||||
|
margin: 0;
|
||||||
|
padding: 0.5rem 1rem;
|
||||||
|
overflow: hidden;
|
||||||
|
}
|
||||||
|
|
||||||
|
#messenger-page #conversations-list .conversation {
|
||||||
|
|
||||||
|
position: relative;
|
||||||
|
}
|
||||||
|
|
||||||
|
#messenger-page #conversations-list .conversation .conv-link,
|
||||||
|
#messenger-page #conversations-list .conversation .conv-link a {
|
||||||
|
|
||||||
|
position: absolute;
|
||||||
|
top: 0;
|
||||||
|
left: 0;
|
||||||
|
width: 100%;
|
||||||
|
height: 100%;
|
||||||
|
}
|
||||||
|
|
||||||
|
#messenger-page #conversations-list .conversation .avatar {
|
||||||
|
|
||||||
|
float: left;
|
||||||
|
}
|
||||||
|
|
||||||
|
#messenger-page #conversations-list .conversation .conv-link a span {
|
||||||
|
|
||||||
|
display: none;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#messenger-page #conversations-list .conversation blockquote {
|
||||||
|
|
||||||
|
margin: 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#messenger-page #conversations-list .conversation blockquote time {
|
||||||
|
|
||||||
|
position: absolute;
|
||||||
|
top: 0;
|
||||||
|
right: 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#messenger-page #conversation {
|
#messenger-page #conversation {
|
||||||
|
|
||||||
width: 66.666vw;
|
width: 66.666vw;
|
||||||
|
@ -287,60 +345,6 @@ main {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
#messenger-page ul#conversations-list {
|
|
||||||
|
|
||||||
list-style: none;
|
|
||||||
margin: 0;
|
|
||||||
padding: 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
#messenger-page ul#conversations-list li {
|
|
||||||
|
|
||||||
margin: 0;
|
|
||||||
padding: 0.5rem 1rem;
|
|
||||||
}
|
|
||||||
|
|
||||||
#messenger-page #conversations-list .conversation {
|
|
||||||
|
|
||||||
position: relative;
|
|
||||||
}
|
|
||||||
|
|
||||||
#messenger-page #conversations-list .conversation .conv-link,
|
|
||||||
#messenger-page #conversations-list .conversation .conv-link a {
|
|
||||||
|
|
||||||
position: absolute;
|
|
||||||
top: 0;
|
|
||||||
left: 0;
|
|
||||||
width: 100%;
|
|
||||||
height: 100%;
|
|
||||||
}
|
|
||||||
|
|
||||||
#messenger-page #conversations-list .conversation .avatar {
|
|
||||||
|
|
||||||
float: left;
|
|
||||||
}
|
|
||||||
|
|
||||||
#messenger-page #conversations-list .conversation .conv-link a span {
|
|
||||||
|
|
||||||
display: none;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
#messenger-page #conversations-list .conversation blockquote {
|
|
||||||
|
|
||||||
margin: 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
#messenger-page #conversations-list .conversation blockquote time {
|
|
||||||
|
|
||||||
position: absolute;
|
|
||||||
top: 0;
|
|
||||||
right: 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
Subproject commit efed7354df7e5077f5721e8e92e429b60e0e6fb7
|
|
@ -0,0 +1,896 @@
|
||||||
|
#!/usr/bin/env python3
|
||||||
|
# link: https://git.p2p.legal/aya/dpgpid/
|
||||||
|
# desc: generate ed25519 keys for duniter and ipfs from gpg
|
||||||
|
|
||||||
|
# Copyleft 2022 Yann Autissier <aya@asycn.io>
|
||||||
|
# all crypto science belongs to Pascal Engélibert <tuxmain@zettascript.org>
|
||||||
|
# coming from files available at https://git.p2p.legal/qo-op/Astroport.ONE/tools
|
||||||
|
# gpgme stuff has been provided by Ben McGinnes
|
||||||
|
# and comes from http://files.au.adversary.org/crypto/gpgme-python-howto.html
|
||||||
|
# gpg key extraction is taken from work of Simon Vareille available at
|
||||||
|
# https://gist.github.com/SimonVareille/fda49baf5f3e15b5c88e25560aeb2822
|
||||||
|
|
||||||
|
# This program is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU Affero General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
|
||||||
|
# This program is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU Affero General Public License for more details.
|
||||||
|
|
||||||
|
# You should have received a copy of the GNU Affero General Public License
|
||||||
|
# along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
import argparse
|
||||||
|
import base58
|
||||||
|
import base64
|
||||||
|
import configparser
|
||||||
|
from cryptography.hazmat.primitives.asymmetric import ed25519
|
||||||
|
from cryptography.hazmat.primitives import serialization
|
||||||
|
import duniterpy.key
|
||||||
|
import gpg
|
||||||
|
from jwcrypto import jwk
|
||||||
|
import logging as log
|
||||||
|
import nacl.bindings
|
||||||
|
import nacl.encoding
|
||||||
|
import pgpy
|
||||||
|
import pynentry
|
||||||
|
from SecureBytes import clearmem
|
||||||
|
import os
|
||||||
|
import re
|
||||||
|
import struct
|
||||||
|
import sys
|
||||||
|
import time
|
||||||
|
import warnings
|
||||||
|
|
||||||
|
__version__='0.0.5'
|
||||||
|
|
||||||
|
class keygen:
|
||||||
|
def __init__(self):
|
||||||
|
self.parser = argparse.ArgumentParser(description="""
|
||||||
|
Generate ed25519 keys for duniter and ipfs from gpg.
|
||||||
|
It converts a gpg key, a duniter username/password, or any ed25519 key to
|
||||||
|
a duniter wallet or an IPFS key.""")
|
||||||
|
self.parser.add_argument(
|
||||||
|
"-d",
|
||||||
|
"--debug",
|
||||||
|
action="store_true",
|
||||||
|
help="show debug informations (WARNING: including SECRET KEY)",
|
||||||
|
)
|
||||||
|
self.parser.add_argument(
|
||||||
|
"-f",
|
||||||
|
"--format",
|
||||||
|
choices=['ewif', 'jwk', 'nacl','pb2','pem','pubsec','seed','wif'],
|
||||||
|
default=None,
|
||||||
|
dest="format",
|
||||||
|
help="output file format, default: pem (pkcs8)",
|
||||||
|
)
|
||||||
|
self.parser.add_argument(
|
||||||
|
"-g",
|
||||||
|
"--gpg",
|
||||||
|
action="store_true",
|
||||||
|
help="use gpg key with uid matched by username",
|
||||||
|
)
|
||||||
|
self.parser.add_argument(
|
||||||
|
"-i",
|
||||||
|
"--input",
|
||||||
|
dest="input",
|
||||||
|
help="read ed25519 key from file FILE, autodetect format: {credentials,ewif,jwk,nacl,mnemonic,pb2,pubsec,seed,wif}",
|
||||||
|
metavar='FILE',
|
||||||
|
)
|
||||||
|
self.parser.add_argument(
|
||||||
|
"-k",
|
||||||
|
"--keys",
|
||||||
|
action="store_true",
|
||||||
|
help="show public and secret keys",
|
||||||
|
)
|
||||||
|
self.parser.add_argument(
|
||||||
|
"-m",
|
||||||
|
"--mnemonic",
|
||||||
|
action="store_true",
|
||||||
|
help="use username as a DUBP mnemonic passphrase",
|
||||||
|
)
|
||||||
|
self.parser.add_argument(
|
||||||
|
"-o",
|
||||||
|
"--output",
|
||||||
|
dest="output",
|
||||||
|
default=None,
|
||||||
|
help="write ed25519 key to file FILE",
|
||||||
|
metavar='FILE',
|
||||||
|
)
|
||||||
|
self.parser.add_argument(
|
||||||
|
"-p",
|
||||||
|
"--prefix",
|
||||||
|
action="store_true",
|
||||||
|
help="prefix output text with key type",
|
||||||
|
)
|
||||||
|
self.parser.add_argument(
|
||||||
|
"-q",
|
||||||
|
"--quiet",
|
||||||
|
action="store_true",
|
||||||
|
help="show only errors",
|
||||||
|
)
|
||||||
|
self.parser.add_argument(
|
||||||
|
"-s",
|
||||||
|
"--secret",
|
||||||
|
action="store_true",
|
||||||
|
help="show only secret key",
|
||||||
|
)
|
||||||
|
self.parser.add_argument(
|
||||||
|
"-t",
|
||||||
|
"--type",
|
||||||
|
choices=['b58mh','b64mh','base58','base64','duniter','ipfs','jwk'],
|
||||||
|
default="base58",
|
||||||
|
dest="type",
|
||||||
|
help="output text format, default: base58",
|
||||||
|
)
|
||||||
|
self.parser.add_argument(
|
||||||
|
"-v",
|
||||||
|
"--verbose",
|
||||||
|
action="store_true",
|
||||||
|
help="show more informations",
|
||||||
|
)
|
||||||
|
self.parser.add_argument(
|
||||||
|
"--version",
|
||||||
|
action="store_true",
|
||||||
|
help="show version and exit",
|
||||||
|
)
|
||||||
|
self.parser.add_argument(
|
||||||
|
'username',
|
||||||
|
nargs="?",
|
||||||
|
)
|
||||||
|
self.parser.add_argument(
|
||||||
|
'password',
|
||||||
|
nargs="?",
|
||||||
|
)
|
||||||
|
|
||||||
|
def _check_args(self, args):
|
||||||
|
log.debug("keygen._check_args(%s)" % args)
|
||||||
|
if self.input is None and self.username is None:
|
||||||
|
self.parser.error('keygen requires an input file or a username')
|
||||||
|
|
||||||
|
def _cleanup(self):
|
||||||
|
log.debug("keygen._cleanup()")
|
||||||
|
if hasattr(self, 'duniterpy'):
|
||||||
|
if hasattr(self.duniterpy, 'seed') and self.duniterpy.seed:
|
||||||
|
clearmem(self.duniterpy.seed)
|
||||||
|
log.debug("cleared: keygen.duniterpy.seed")
|
||||||
|
if hasattr(self.duniterpy, 'sk') and self.duniterpy.sk:
|
||||||
|
clearmem(self.duniterpy.sk)
|
||||||
|
log.debug("cleared: keygen.duniterpy.sk")
|
||||||
|
if hasattr(self, 'ed25519_secret_base58') and self.ed25519_secret_base58:
|
||||||
|
clearmem(self.ed25519_secret_base58)
|
||||||
|
log.debug("cleared: keygen.ed25519_secret_base58")
|
||||||
|
if hasattr(self, 'ed25519_secret_base64') and self.ed25519_secret_base64:
|
||||||
|
clearmem(self.ed25519_secret_base64)
|
||||||
|
log.debug("cleared: keygen.ed25519_secret_base64")
|
||||||
|
if hasattr(self, 'ed25519_secret_bytes') and self.ed25519_secret_bytes:
|
||||||
|
clearmem(self.ed25519_secret_bytes)
|
||||||
|
log.debug("cleared: keygen.ed25519_secret_bytes")
|
||||||
|
if hasattr(self, 'ed25519_secret_pem_pkcs8') and self.ed25519_secret_pem_pkcs8:
|
||||||
|
clearmem(self.ed25519_secret_pem_pkcs8)
|
||||||
|
log.debug("cleared: keygen.ed25515_secret_pem_pkcs8")
|
||||||
|
if hasattr(self, 'ed25519_secret_protobuf') and self.ed25519_secret_protobuf:
|
||||||
|
clearmem(self.ed25519_secret_protobuf)
|
||||||
|
log.debug("cleared: keygen.ed25515_secret_protobuf")
|
||||||
|
if hasattr(self, 'ed25519_seed_bytes') and self.ed25519_seed_bytes:
|
||||||
|
clearmem(self.ed25519_seed_bytes)
|
||||||
|
log.debug("cleared: keygen.ed25519_seed_bytes")
|
||||||
|
if hasattr(self, 'ipfs_privkey') and self.ipfs_privkey:
|
||||||
|
clearmem(self.ipfs_privkey)
|
||||||
|
log.debug("cleared: keygen.ipfs_privkey")
|
||||||
|
if hasattr(self, 'jwk'):
|
||||||
|
if hasattr(self.jwk, 'd') and self.jwk.d:
|
||||||
|
clearmem(self.jwk.d)
|
||||||
|
log.debug("cleared: keygen.jwk.d")
|
||||||
|
if hasattr(self, 'password') and self.password:
|
||||||
|
clearmem(self.password)
|
||||||
|
log.debug("cleared: keygen.password")
|
||||||
|
if hasattr(self, 'pgp_secret_armor') and self.pgp_secret_armor:
|
||||||
|
clearmem(self.pgp_secret_armor)
|
||||||
|
log.debug("cleared: keygen.pgp_secret_armor")
|
||||||
|
if hasattr(self, 'pgpy'):
|
||||||
|
if hasattr(self.pgpy._key.keymaterial, 'p') and self.pgpy._key.keymaterial.p and not isinstance(self.pgpy._key.keymaterial.p, pgpy.packet.fields.ECPoint):
|
||||||
|
clearmem(self.pgpy._key.keymaterial.p)
|
||||||
|
log.debug("cleared: keygen.pgpy._key.material.p")
|
||||||
|
if hasattr(self.pgpy._key.keymaterial, 'q') and self.pgpy._key.keymaterial.q:
|
||||||
|
clearmem(self.pgpy._key.keymaterial.q)
|
||||||
|
log.debug("cleared: keygen.pgpy._key.material.q")
|
||||||
|
if hasattr(self.pgpy._key.keymaterial, 's') and self.pgpy._key.keymaterial.s:
|
||||||
|
clearmem(self.pgpy._key.keymaterial.s)
|
||||||
|
log.debug("cleared: keygen.pgpy._key.material.s")
|
||||||
|
if hasattr(self, 'username') and self.username:
|
||||||
|
clearmem(self.username)
|
||||||
|
log.debug("cleared: keygen.username")
|
||||||
|
|
||||||
|
def _invalid_type(self):
|
||||||
|
log.debug("keygen._invalid_type()")
|
||||||
|
self.parser.error(f"type {self.type} is not valid.")
|
||||||
|
|
||||||
|
def _load_config(self):
|
||||||
|
log.debug("keygen._load_config()")
|
||||||
|
self.config = configparser.RawConfigParser()
|
||||||
|
config_dir = os.path.join(os.environ.get('XDG_CONFIG_HOME', os.path.expanduser('~/.config')), 'dpgpid')
|
||||||
|
log.debug("config_dir=%s" % config_dir)
|
||||||
|
self.config.read( [config_dir + '/keygen.conf'] )
|
||||||
|
|
||||||
|
def _output(self, public_key, secret_key, public_key_prefix, secret_key_prefix):
|
||||||
|
log.debug("keygen._output()")
|
||||||
|
if self.output is None:
|
||||||
|
self._output_text(public_key, secret_key, public_key_prefix, secret_key_prefix)
|
||||||
|
else:
|
||||||
|
self._output_file()
|
||||||
|
os.chmod(self.output, 0o600)
|
||||||
|
self._cleanup()
|
||||||
|
|
||||||
|
def _output_file(self):
|
||||||
|
log.debug("keygen._output_file()")
|
||||||
|
try:
|
||||||
|
if self.format == 'dewif':
|
||||||
|
if not hasattr(self, 'duniterpy'):
|
||||||
|
self.duniterpy_from_ed25519_seed_bytes()
|
||||||
|
if not self.password:
|
||||||
|
with pynentry.PynEntry() as p:
|
||||||
|
p.description = f"""Data in DEWIF file needs to be encrypted.
|
||||||
|
Please enter a password to encrypt seed.
|
||||||
|
"""
|
||||||
|
p.prompt = 'Passphrase:'
|
||||||
|
try:
|
||||||
|
self.password = p.get_pin()
|
||||||
|
except pynentry.PinEntryCancelled:
|
||||||
|
log.warning('Cancelled! Goodbye.')
|
||||||
|
self._cleanup()
|
||||||
|
exit(1)
|
||||||
|
self.duniterpy.save_dewif_v1_file(self.output, self.password)
|
||||||
|
elif self.format == 'ewif':
|
||||||
|
if not hasattr(self, 'duniterpy'):
|
||||||
|
self.duniterpy_from_ed25519_seed_bytes()
|
||||||
|
if not self.password:
|
||||||
|
with pynentry.PynEntry() as p:
|
||||||
|
p.description = f"""Data in EWIF file needs to be encrypted.
|
||||||
|
Please enter a password to encrypt seed.
|
||||||
|
"""
|
||||||
|
p.prompt = 'Passphrase:'
|
||||||
|
try:
|
||||||
|
self.password = p.get_pin()
|
||||||
|
except pynentry.PinEntryCancelled:
|
||||||
|
log.warning('Cancelled! Goodbye.')
|
||||||
|
self._cleanup()
|
||||||
|
exit(1)
|
||||||
|
self.duniterpy.save_ewif_file(self.output, self.password)
|
||||||
|
elif self.format == 'jwk':
|
||||||
|
if not hasattr(self, 'jwk'):
|
||||||
|
self.jwk_from_ed25519()
|
||||||
|
with open(self.output, "w") as file:
|
||||||
|
file.write(self.jwk.export())
|
||||||
|
elif self.format == 'nacl':
|
||||||
|
if not hasattr(self, 'duniterpy'):
|
||||||
|
self.duniterpy_from_ed25519_seed_bytes()
|
||||||
|
self.duniterpy.save_private_key(self.output)
|
||||||
|
elif self.format == 'pb2':
|
||||||
|
if not hasattr(self, 'ed25519_secret_protobuf'):
|
||||||
|
self.protobuf_from_ed25519()
|
||||||
|
with open(self.output, "wb") as file:
|
||||||
|
file.write(self.ed25519_secret_protobuf)
|
||||||
|
elif self.format == 'pubsec':
|
||||||
|
if not hasattr(self, 'duniterpy'):
|
||||||
|
self.duniterpy_from_ed25519_seed_bytes()
|
||||||
|
self.duniterpy.save_pubsec_file(self.output)
|
||||||
|
elif self.format == 'seed':
|
||||||
|
if not hasattr(self, 'duniterpy'):
|
||||||
|
self.duniterpy_from_ed25519_seed_bytes()
|
||||||
|
self.duniterpy.save_seedhex_file(self.output)
|
||||||
|
elif self.format == 'wif':
|
||||||
|
if not hasattr(self, 'duniterpy'):
|
||||||
|
self.duniterpy_from_ed25519_seed_bytes()
|
||||||
|
self.duniterpy.save_wif_file(self.output)
|
||||||
|
else:
|
||||||
|
if not hasattr(self, 'ed25519_secret_pem_pkcs8'):
|
||||||
|
self.pem_pkcs8_from_ed25519()
|
||||||
|
with open(self.output, "w") as file:
|
||||||
|
file.write(self.ed25519_secret_pem_pkcs8)
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to output file {self.output}: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
|
||||||
|
def _output_text(self, public_key, secret_key, public_key_prefix, secret_key_prefix):
|
||||||
|
log.debug("keygen._output_text()")
|
||||||
|
if self.keys or not self.secret:
|
||||||
|
print("%s" % ''.join([self.prefix * public_key_prefix, public_key]))
|
||||||
|
if self.keys or self.secret:
|
||||||
|
print("%s" % ''.join([self.prefix * secret_key_prefix, secret_key]))
|
||||||
|
|
||||||
|
def _run(self, argv):
|
||||||
|
args = self.parser.parse_args(argv)
|
||||||
|
vars(self).update(vars(args))
|
||||||
|
|
||||||
|
# display version
|
||||||
|
if args.version:
|
||||||
|
version()
|
||||||
|
sys.exit()
|
||||||
|
|
||||||
|
# define log format
|
||||||
|
log_format='%(asctime)s %(levelname)s: %(message)s'
|
||||||
|
log_datefmt='%Y/%m/%d %H:%M:%S'
|
||||||
|
if args.debug:
|
||||||
|
log_level='DEBUG'
|
||||||
|
elif args.quiet:
|
||||||
|
log_level='ERROR'
|
||||||
|
elif args.verbose:
|
||||||
|
log_level='INFO'
|
||||||
|
else:
|
||||||
|
log_level='WARNING'
|
||||||
|
log.basicConfig(format=log_format, datefmt=log_datefmt, level=log_level)
|
||||||
|
log.debug("keygen.run(%s)" % argv)
|
||||||
|
|
||||||
|
self._check_args(args)
|
||||||
|
self._load_config()
|
||||||
|
self.gpg = gpg.Context(armor=True, offline=True)
|
||||||
|
self.gpg.set_passphrase_cb(self.gpg_passphrase_cb)
|
||||||
|
self.ed25519(args)
|
||||||
|
method = getattr(self, f'do_{self.type}', self._invalid_type)
|
||||||
|
return method()
|
||||||
|
|
||||||
|
def b58mh_from_protobuf(self):
|
||||||
|
log.debug("keygen.b58mh_from_protobuf()")
|
||||||
|
try:
|
||||||
|
self.ed25519_public_b58mh = base58.b58encode(self.ed25519_public_protobuf).decode('ascii')
|
||||||
|
self.ed25519_secret_b58mh = base58.b58encode(self.ed25519_secret_protobuf).decode('ascii')
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get b58mh from protobuf: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
log.debug("keygen.ed25519_public_b58mh=%s" % self.ed25519_public_b58mh)
|
||||||
|
log.debug("keygen.ed25519_secret_b58mh=%s" % self.ed25519_secret_b58mh)
|
||||||
|
|
||||||
|
def b64mh_from_protobuf(self):
|
||||||
|
log.debug("keygen.b64mh_from_protobuf()")
|
||||||
|
try:
|
||||||
|
self.ed25519_public_b64mh = base64.b64encode(self.ed25519_public_protobuf).decode('ascii')
|
||||||
|
self.ed25519_secret_b64mh = base64.b64encode(self.ed25519_secret_protobuf).decode('ascii')
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get b64mh from protobuf: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
log.debug("keygen.ed25519_public_b64mh=%s" % self.ed25519_public_b64mh)
|
||||||
|
log.debug("keygen.ed25519_secret_b64mh=%s" % self.ed25519_secret_b64mh)
|
||||||
|
|
||||||
|
def base58_from_ed25519(self):
|
||||||
|
log.debug("keygen.base58_from_ed25519()")
|
||||||
|
try:
|
||||||
|
self.ed25519_public_base58 = base58.b58encode(self.ed25519_public_bytes).decode('ascii')
|
||||||
|
self.ed25519_secret_base58 = base58.b58encode(self.ed25519_secret_bytes).decode('ascii')
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get base58 from ed25519: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
log.debug("keygen.ed25519_public_base58=%s" % self.ed25519_public_base58)
|
||||||
|
log.debug("keygen.ed25519_secret_base58=%s" % self.ed25519_secret_base58)
|
||||||
|
|
||||||
|
def base64_from_ed25519(self):
|
||||||
|
log.debug("keygen.base64_from_ed25519()")
|
||||||
|
try:
|
||||||
|
self.ed25519_public_base64 = base64.b64encode(self.ed25519_public_bytes).decode('ascii')
|
||||||
|
self.ed25519_secret_base64 = base64.b64encode(self.ed25519_secret_bytes).decode('ascii')
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get base64 from ed25519: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
log.debug("keygen.ed25519_public_base64=%s" % self.ed25519_public_base64)
|
||||||
|
log.debug("keygen.ed25519_secret_base64=%s" % self.ed25519_secret_base64)
|
||||||
|
|
||||||
|
def do_b58mh(self):
|
||||||
|
log.debug("keygen.do_b58mh()")
|
||||||
|
self.protobuf_from_ed25519()
|
||||||
|
self.b58mh_from_protobuf()
|
||||||
|
self._output(self.ed25519_public_b58mh, self.ed25519_secret_b58mh, 'pub: ', 'sec: ')
|
||||||
|
|
||||||
|
def do_b64mh(self):
|
||||||
|
log.debug("keygen.do_b64mh()")
|
||||||
|
self.protobuf_from_ed25519()
|
||||||
|
self.b64mh_from_protobuf()
|
||||||
|
self._output(self.ed25519_public_b64mh, self.ed25519_secret_b64mh, 'pub: ', 'sec: ')
|
||||||
|
|
||||||
|
def do_base58(self):
|
||||||
|
log.debug("keygen.do_base58()")
|
||||||
|
self.base58_from_ed25519()
|
||||||
|
self._output(self.ed25519_public_base58, self.ed25519_secret_base58, 'pub: ', 'sec: ')
|
||||||
|
|
||||||
|
def do_base64(self):
|
||||||
|
log.debug("keygen.do_base64()")
|
||||||
|
self.base64_from_ed25519()
|
||||||
|
self._output(self.ed25519_public_base64, self.ed25519_secret_base64, 'pub: ', 'sec: ')
|
||||||
|
|
||||||
|
def do_duniter(self):
|
||||||
|
log.debug("keygen.do_duniter()")
|
||||||
|
if not self.format:
|
||||||
|
self.format = 'pubsec'
|
||||||
|
self.base58_from_ed25519()
|
||||||
|
self._output(self.ed25519_public_base58, self.ed25519_secret_base58, 'pub: ', 'sec: ')
|
||||||
|
|
||||||
|
def do_ipfs(self):
|
||||||
|
log.debug("keygen.do_ipfs()")
|
||||||
|
self.protobuf_from_ed25519()
|
||||||
|
self.b58mh_from_protobuf()
|
||||||
|
self.b64mh_from_protobuf()
|
||||||
|
self._output(self.ed25519_public_b58mh, self.ed25519_secret_b64mh, 'PeerID: ', 'PrivKEY: ')
|
||||||
|
|
||||||
|
def do_jwk(self):
|
||||||
|
log.debug("keygen.do_jwk()")
|
||||||
|
self.jwk_from_ed25519()
|
||||||
|
self._output(self.jwk.export_public(), self.jwk.export_private(), 'pub: ', 'sec: ')
|
||||||
|
|
||||||
|
def duniterpy_from_credentials(self):
|
||||||
|
log.debug("keygen.duniterpy_from_credentials()")
|
||||||
|
try:
|
||||||
|
scrypt_params = duniterpy.key.scrypt_params.ScryptParams(
|
||||||
|
int(self.config.get('scrypt', 'n')) if self.config.has_option('scrypt', 'n') else 4096,
|
||||||
|
int(self.config.get('scrypt', 'r')) if self.config.has_option('scrypt', 'r') else 16,
|
||||||
|
int(self.config.get('scrypt', 'p')) if self.config.has_option('scrypt', 'p') else 1,
|
||||||
|
int(self.config.get('scrypt', 'sl')) if self.config.has_option('scrypt', 'sl') else 32,
|
||||||
|
)
|
||||||
|
if not self.password:
|
||||||
|
with pynentry.PynEntry() as p:
|
||||||
|
p.description = f"""Please enter the passord for username "{self.username}"."""
|
||||||
|
p.prompt = 'Passsord:'
|
||||||
|
try:
|
||||||
|
self.password = p.get_pin()
|
||||||
|
except pynentry.PinEntryCancelled:
|
||||||
|
log.warning('Cancelled! Goodbye.')
|
||||||
|
self._cleanup()
|
||||||
|
exit(1)
|
||||||
|
self.duniterpy = duniterpy.key.SigningKey.from_credentials(
|
||||||
|
self.username,
|
||||||
|
self.password,
|
||||||
|
scrypt_params
|
||||||
|
)
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get duniter from credentials: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
log.debug("keygen.duniterpy.seed: %s" % self.duniterpy.seed)
|
||||||
|
|
||||||
|
def duniterpy_from_ed25519_seed_bytes(self):
|
||||||
|
log.debug("keygen.duniterpy_from_ed25519_seed_bytes()")
|
||||||
|
try:
|
||||||
|
self.duniterpy = duniterpy.key.SigningKey(self.ed25519_seed_bytes)
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get duniterpy from ed25519 seed bytes: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
log.debug("keygen.duniterpy.seed: %s" % self.duniterpy.seed)
|
||||||
|
|
||||||
|
def duniterpy_from_file(self):
|
||||||
|
log.debug("keygen.duniterpy_from_file()")
|
||||||
|
try:
|
||||||
|
with open(self.input, 'r') as file:
|
||||||
|
lines = file.readlines()
|
||||||
|
if len(lines) > 0:
|
||||||
|
line = lines[0].strip()
|
||||||
|
regex_ewif = re.compile('^Type: EWIF$')
|
||||||
|
regex_jwk = re.compile('^\\s*{\\s*"crv":\\s*"Ed25519",\\s*"d":\\s*"(.)+",\\s*"kty":\\s*"OKP",\\s*"x":\\s*"(.)+"\\s*}')
|
||||||
|
regex_nacl = re.compile('^\\s*{\\s*"priv":\\s*"[0-9a-fA-F]+",\\s*"verify":\\s*"[0-9a-fA-F]+",\\s*"sign":\\s*"[0-9a-fA-F]+"\\s*}')
|
||||||
|
regex_pem = re.compile('^-----BEGIN PRIVATE KEY-----$')
|
||||||
|
regex_pubsec = re.compile('^Type: PubSec$')
|
||||||
|
regex_seed = re.compile('^[0-9a-fA-F]{64}$')
|
||||||
|
regex_ssb = re.compile('\\s*{\\s*"curve":\\s*"ed25519",\\s*"public":\\s*"(.+)\\.ed25519",\\s*"private":\\s*"(.+)\\.ed25519",\\s*"id":\\s*"@(.+).ed25519"\\s*}')
|
||||||
|
regex_wif = re.compile('^Type: WIF$')
|
||||||
|
if re.search(regex_ewif, line):
|
||||||
|
log.info("input file format detected: ewif")
|
||||||
|
if not self.password:
|
||||||
|
with pynentry.PynEntry() as p:
|
||||||
|
p.description = f"""Data in EWIF file is encrypted.
|
||||||
|
Please enter a password to decrypt seed.
|
||||||
|
"""
|
||||||
|
p.prompt = 'Passphrase:'
|
||||||
|
try:
|
||||||
|
self.password = p.get_pin()
|
||||||
|
except pynentry.PinEntryCancelled:
|
||||||
|
log.warning('Cancelled! Goodbye.')
|
||||||
|
self._cleanup()
|
||||||
|
exit(1)
|
||||||
|
self.duniterpy = duniterpy.key.SigningKey.from_ewif_file(self.input, self.password)
|
||||||
|
elif re.search(regex_jwk, line):
|
||||||
|
log.info("input file format detected: jwk")
|
||||||
|
self.jwk_from_json(line)
|
||||||
|
self.ed25519_seed_bytes_from_jwk()
|
||||||
|
self.duniterpy_from_ed25519_seed_bytes()
|
||||||
|
elif re.search(regex_nacl, line):
|
||||||
|
log.info("input file format detected: nacl")
|
||||||
|
self.duniterpy = duniterpy.key.SigningKey.from_private_key(self.input)
|
||||||
|
elif re.search(regex_pem, line):
|
||||||
|
log.info("input file format detected: pem")
|
||||||
|
self.ed25519_seed_bytes_from_pem(''.join(lines).encode())
|
||||||
|
self.duniterpy_from_ed25519_seed_bytes()
|
||||||
|
elif re.search(regex_pubsec, line):
|
||||||
|
log.info("input file format detected: pubsec")
|
||||||
|
self.duniterpy = duniterpy.key.SigningKey.from_pubsec_file(self.input)
|
||||||
|
elif re.search(regex_seed, line):
|
||||||
|
log.info("input file format detected: seed")
|
||||||
|
self.duniterpy = duniterpy.key.SigningKey.from_seedhex_file(self.input)
|
||||||
|
elif re.search(regex_ssb, line):
|
||||||
|
log.info("input file format detected: ssb")
|
||||||
|
self.duniterpy = duniterpy.key.SigningKey.from_ssb_file(self.input)
|
||||||
|
elif re.search(regex_wif, line):
|
||||||
|
log.info("input file format detected: wif")
|
||||||
|
self.duniterpy = duniterpy.key.SigningKey.from_wif_file(self.input)
|
||||||
|
elif len(line.split(' ')) == 12:
|
||||||
|
log.info("input file format detected: mnemonic")
|
||||||
|
self.username = line
|
||||||
|
self.duniterpy_from_mnemonic()
|
||||||
|
elif len(lines) > 1:
|
||||||
|
log.info("input file format detected: credentials")
|
||||||
|
self.username = line
|
||||||
|
self.password = lines[1].strip()
|
||||||
|
self.duniterpy_from_credentials()
|
||||||
|
else:
|
||||||
|
raise NotImplementedError('unknown input file format.')
|
||||||
|
else:
|
||||||
|
raise NotImplementedError('empty file.')
|
||||||
|
except UnicodeDecodeError as e:
|
||||||
|
try:
|
||||||
|
with open(self.input, 'rb') as file:
|
||||||
|
lines = file.readlines()
|
||||||
|
if len(lines) > 0:
|
||||||
|
line = lines[0].strip()
|
||||||
|
regex_dewif = re.compile(b'^\x00\x00\x00\x01\x00\x00\x00\x01')
|
||||||
|
regex_pb2 = re.compile(b'^\x08\x01\x12@')
|
||||||
|
if re.search(regex_dewif, line):
|
||||||
|
log.info("input file format detected: dewif")
|
||||||
|
if not self.password:
|
||||||
|
with pynentry.PynEntry() as p:
|
||||||
|
p.description = f"""Data in DEWIF file is encrypted.
|
||||||
|
Please enter a password to decrypt seed.
|
||||||
|
"""
|
||||||
|
p.prompt = 'Passphrase:'
|
||||||
|
try:
|
||||||
|
self.password = p.get_pin()
|
||||||
|
except pynentry.PinEntryCancelled:
|
||||||
|
log.warning('Cancelled! Goodbye.')
|
||||||
|
self._cleanup()
|
||||||
|
exit(1)
|
||||||
|
self.duniterpy = duniterpy.key.SigningKey.from_dewif_file(self.input, self.password)
|
||||||
|
if re.search(regex_pb2, line):
|
||||||
|
log.info("input file format detected: pb2")
|
||||||
|
self.ed25519_secret_protobuf = line
|
||||||
|
self.ed25519_seed_bytes_from_protobuf()
|
||||||
|
self.duniterpy_from_ed25519_seed_bytes()
|
||||||
|
else:
|
||||||
|
raise NotImplementedError('unknown input file format.')
|
||||||
|
else:
|
||||||
|
raise NotImplementedError('empty file.')
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get duniterpy from file {self.input}: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get duniterpy from file {self.input}: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
log.debug("keygen.duniterpy.seed: %s" % self.duniterpy.seed)
|
||||||
|
|
||||||
|
def duniterpy_from_mnemonic(self):
|
||||||
|
log.debug("keygen.duniterpy_from_mnemonic()")
|
||||||
|
try:
|
||||||
|
scrypt_params = duniterpy.key.scrypt_params.ScryptParams(
|
||||||
|
int(self.config.get('scrypt', 'n')) if self.config.has_option('scrypt', 'n') else 4096,
|
||||||
|
int(self.config.get('scrypt', 'r')) if self.config.has_option('scrypt', 'r') else 16,
|
||||||
|
int(self.config.get('scrypt', 'p')) if self.config.has_option('scrypt', 'p') else 1,
|
||||||
|
int(self.config.get('scrypt', 'sl')) if self.config.has_option('scrypt', 'sl') else 32,
|
||||||
|
)
|
||||||
|
self.duniterpy = duniterpy.key.SigningKey.from_dubp_mnemonic(
|
||||||
|
self.username,
|
||||||
|
scrypt_params
|
||||||
|
)
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get duniterpy from mnemonic: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
log.debug("keygen.duniterpy.seed: %s" % self.duniterpy.seed)
|
||||||
|
|
||||||
|
def ed25519(self, args):
|
||||||
|
log.debug("keygen.ed25519(%s)" % args)
|
||||||
|
if args.gpg:
|
||||||
|
self.ed25519_from_gpg()
|
||||||
|
else:
|
||||||
|
if self.input:
|
||||||
|
self.duniterpy_from_file()
|
||||||
|
else:
|
||||||
|
if self.mnemonic:
|
||||||
|
self.duniterpy_from_mnemonic()
|
||||||
|
else:
|
||||||
|
self.duniterpy_from_credentials()
|
||||||
|
self.ed25519_from_duniterpy()
|
||||||
|
|
||||||
|
def ed25519_from_duniterpy(self):
|
||||||
|
log.debug("keygen.ed25519_from_duniterpy()")
|
||||||
|
try:
|
||||||
|
self.ed25519_seed_bytes_from_duniterpy()
|
||||||
|
self.ed25519_from_seed_bytes()
|
||||||
|
except:
|
||||||
|
log.error(f'Unable to get ed25519 from duniterpy: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
|
||||||
|
def ed25519_from_gpg(self):
|
||||||
|
log.debug("keygen.ed25519_from_gpg()")
|
||||||
|
try:
|
||||||
|
self.pgpy_from_gpg()
|
||||||
|
self.ed25519_from_pgpy()
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get ed25519 from pgp: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
|
||||||
|
def ed25519_from_pgpy(self):
|
||||||
|
log.debug("keygen.ed25519_from_pgpy()")
|
||||||
|
try:
|
||||||
|
log.debug("keygen.pgpy.fingerprint.keyid=%s" % self.pgpy.fingerprint.keyid)
|
||||||
|
log.debug("keygen.pgpy.is_protected=%s" % self.pgpy.is_protected)
|
||||||
|
if self.pgpy.is_protected:
|
||||||
|
if not self.password:
|
||||||
|
with pynentry.PynEntry() as p:
|
||||||
|
p.description = f"""The exported pgp key id "{self.pgpy.fingerprint.keyid}" of user "{self.username}" is password protected.
|
||||||
|
Please enter the passphrase again to unlock it.
|
||||||
|
"""
|
||||||
|
p.prompt = 'Passphrase:'
|
||||||
|
try:
|
||||||
|
self.password = p.get_pin()
|
||||||
|
except pynentry.PinEntryCancelled:
|
||||||
|
log.warning('Cancelled! Goodbye.')
|
||||||
|
self._cleanup()
|
||||||
|
exit(1)
|
||||||
|
try:
|
||||||
|
with warnings.catch_warnings():
|
||||||
|
# remove CryptographyDeprecationWarning about deprecated
|
||||||
|
# SymmetricKeyAlgorithm IDEA, CAST5 and Blowfish (PGPy v0.5.4)
|
||||||
|
warnings.simplefilter('ignore')
|
||||||
|
with self.pgpy.unlock(self.password):
|
||||||
|
assert self.pgpy.is_unlocked
|
||||||
|
log.debug("keygen.pgpy.is_unlocked=%s" % self.pgpy.is_unlocked)
|
||||||
|
self.ed25519_seed_bytes_from_pgpy()
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f"""Unable to unlock pgp secret key id "{self.pgpy.fingerprint.keyid}" of user "{self.username}": {e}""")
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
else:
|
||||||
|
self.ed25519_seed_bytes_from_pgpy()
|
||||||
|
self.ed25519_from_seed_bytes()
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get ed25519 seed bytes from pgpy: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
|
||||||
|
def ed25519_from_seed_bytes(self):
|
||||||
|
log.debug("keygen.ed25519_from_seed_bytes()")
|
||||||
|
try:
|
||||||
|
self.ed25519_public_bytes, self.ed25519_secret_bytes = nacl.bindings.crypto_sign_seed_keypair(self.ed25519_seed_bytes)
|
||||||
|
self.ed25519 = ed25519.Ed25519PrivateKey.from_private_bytes(self.ed25519_seed_bytes)
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get ed25519 from seed bytes: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
log.debug("keygen.ed25519_public_bytes=%s" % self.ed25519_public_bytes)
|
||||||
|
log.debug("keygen.ed25519_secret_bytes=%s" % self.ed25519_secret_bytes)
|
||||||
|
|
||||||
|
def ed25519_seed_bytes_from_duniterpy(self):
|
||||||
|
log.debug("keygen.ed25519_seed_bytes_from_duniterpy()")
|
||||||
|
try:
|
||||||
|
self.ed25519_seed_bytes = self.duniterpy.sk[:32]
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get ed25519 seed bytes from duniterpy: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
log.debug("keygen.ed25519_seed_bytes=%s" % self.ed25519_seed_bytes)
|
||||||
|
|
||||||
|
def ed25519_seed_bytes_from_jwk(self):
|
||||||
|
log.debug("keygen.ed25519_seed_bytes_from_jwk()")
|
||||||
|
try:
|
||||||
|
self.ed25519_seed_bytes = self.jwk._okp_pri().private_bytes(encoding=serialization.Encoding.Raw, format=serialization.PrivateFormat.Raw, encryption_algorithm=serialization.NoEncryption())
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get ed25519 seed bytes from jwk: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
|
||||||
|
def ed25519_seed_bytes_from_pem(self, pem):
|
||||||
|
log.debug("keygen.ed25519_seed_bytes_from_pem()")
|
||||||
|
try:
|
||||||
|
self.ed25519_seed_bytes = serialization.load_pem_private_key(pem, password=None).private_bytes(encoding=serialization.Encoding.Raw, format=serialization.PrivateFormat.Raw, encryption_algorithm=serialization.NoEncryption())
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get ed25519 seed bytes from pem: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
|
||||||
|
def ed25519_seed_bytes_from_pgpy(self):
|
||||||
|
log.debug("keygen.ed25519_seed_bytes_from_pgpy()")
|
||||||
|
try:
|
||||||
|
self.pgpy_key_type()
|
||||||
|
if self.pgpy_key_type == 'RSA':
|
||||||
|
log.debug("keygen.pgpy._key.keymaterial.p=%s" % self.pgpy._key.keymaterial.p)
|
||||||
|
log.debug("keygen.pgpy._key.keymaterial.q=%s" % self.pgpy._key.keymaterial.q)
|
||||||
|
# custom seed: use sha256 hash of (p + q)
|
||||||
|
self.ed25519_seed_bytes = nacl.bindings.crypto_hash_sha256(long_to_bytes(self.pgpy._key.keymaterial.p + self.pgpy._key.keymaterial.q))
|
||||||
|
elif self.pgpy_key_type in ('ECDSA', 'EdDSA', 'ECDH'):
|
||||||
|
log.debug("keygen.pgpy._key.keymaterial.s=%s" % self.pgpy._key.keymaterial.s)
|
||||||
|
self.ed25519_seed_bytes = long_to_bytes(self.pgpy._key.keymaterial.s)
|
||||||
|
else:
|
||||||
|
raise NotImplementedError(f"getting seed from {self.pgpy_key_type} key is not implemented")
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get ed25519 seed bytes from pgpy: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
log.debug("keygen.ed25519_seed_bytes=%s" % self.ed25519_seed_bytes)
|
||||||
|
|
||||||
|
def ed25519_seed_bytes_from_protobuf(self):
|
||||||
|
log.debug("keygen.ed25519_seed_bytes_from_protobuf()")
|
||||||
|
try:
|
||||||
|
self.ed25519_seed_bytes = self.ed25519_secret_protobuf.lstrip(b'\x08\x01\x12@')[:32]
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get ed25519 seed bytes from protobuf: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
log.debug("keygen.ed25519_seed_bytes=%s" % self.ed25519_seed_bytes)
|
||||||
|
|
||||||
|
def gpg_passphrase_cb(self, uid_hint, passphrase_info, prev_was_bad):
|
||||||
|
log.debug("keygen.gpg_passphrase_cb(%s, %s, %s)" % (uid_hint, passphrase_info, prev_was_bad))
|
||||||
|
return self.password
|
||||||
|
|
||||||
|
def jwk_from_ed25519(self):
|
||||||
|
log.debug("keygen.jwk_from_ed25519()")
|
||||||
|
try:
|
||||||
|
self.jwk = jwk.JWK.from_pyca(self.ed25519)
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get jwk from ed25519: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
|
||||||
|
def jwk_from_json(self, json):
|
||||||
|
log.debug("keygen.jwk_from_json()")
|
||||||
|
try:
|
||||||
|
self.jwk = jwk.JWK.from_json(json)
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get jwk from json: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
|
||||||
|
def pem_pkcs8_from_ed25519(self):
|
||||||
|
log.debug("keygen.pem_pkcs8_from_ed25519()")
|
||||||
|
try:
|
||||||
|
self.ed25519_secret_pem_pkcs8 = self.ed25519.private_bytes(encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.PKCS8, encryption_algorithm=serialization.NoEncryption()).decode('ascii')
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get pem pkcs8 from ed25519: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
log.debug("keygen.ed25519_secret_pem_pkcs8=%s" % self.ed25519_secret_pem_pkcs8)
|
||||||
|
|
||||||
|
def pgpy_from_gpg(self):
|
||||||
|
log.debug("keygen.pgpy_from_gpg()")
|
||||||
|
try:
|
||||||
|
self.gpg_seckeys = list(self.gpg.keylist(pattern=self.username, secret=True))
|
||||||
|
log.debug("keygen.gpg_seckeys=%s" % self.gpg_seckeys)
|
||||||
|
if not self.gpg_seckeys:
|
||||||
|
log.warning(f"""Unable to find any key matching username "{self.username}".""")
|
||||||
|
self._cleanup()
|
||||||
|
exit(1)
|
||||||
|
else:
|
||||||
|
self.gpg_seckey = self.gpg_seckeys[0]
|
||||||
|
log.info(f"""Found key id "{self.gpg_seckey.fpr}" matching username "{self.username}".""")
|
||||||
|
log.debug("keygen.gpg_seckey.expired=%s" % self.gpg_seckey.expired)
|
||||||
|
log.debug("keygen.gpg_seckey.fpr=%s" % self.gpg_seckey.fpr)
|
||||||
|
log.debug("keygen.gpg_seckey.revoked=%s" % self.gpg_seckey.revoked)
|
||||||
|
log.debug("keygen.gpg_seckey.uids=%s" % self.gpg_seckey.uids)
|
||||||
|
log.debug("keygen.gpg_seckey.owner_trust=%s" % self.gpg_seckey.owner_trust)
|
||||||
|
log.debug("keygen.gpg_seckey.last_update=%s" % self.gpg_seckey.last_update)
|
||||||
|
if self.password:
|
||||||
|
self.gpg.set_pinentry_mode(gpg.constants.PINENTRY_MODE_LOOPBACK)
|
||||||
|
self.pgp_public_armor = self.gpg.key_export(self.gpg_seckey.fpr)
|
||||||
|
self.pgp_secret_armor = self.gpg.key_export_secret(self.gpg_seckey.fpr)
|
||||||
|
log.debug("keygen.pgp_secret_armor=%s" % self.pgp_secret_armor)
|
||||||
|
if not self.pgp_secret_armor:
|
||||||
|
log.error(f"""Unable to export gpg secret key id "{self.gpg_seckey.fpr}" of user "{self.username}". Please check your password!""")
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
with warnings.catch_warnings():
|
||||||
|
# remove CryptographyDeprecationWarning about deprecated
|
||||||
|
# SymmetricKeyAlgorithm IDEA, CAST5 and Blowfish (PGPy v0.5.4)
|
||||||
|
warnings.simplefilter('ignore')
|
||||||
|
self.pgpy, _ = pgpy.PGPKey.from_blob(self.pgp_secret_armor)
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get pgpy from gpg: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
|
||||||
|
def pgpy_key_type(self):
|
||||||
|
log.debug("keygen.pgpy_key_type()")
|
||||||
|
if isinstance(self.pgpy._key.keymaterial, pgpy.packet.fields.RSAPriv):
|
||||||
|
self.pgpy_key_type = 'RSA'
|
||||||
|
elif isinstance(self.pgpy._key.keymaterial, pgpy.packet.fields.DSAPriv):
|
||||||
|
self.pgpy_key_type = 'DSA'
|
||||||
|
elif isinstance(self.pgpy._key.keymaterial, pgpy.packet.fields.ElGPriv):
|
||||||
|
self.pgpy_key_type = 'ElGamal'
|
||||||
|
elif isinstance(self.pgpy._key.keymaterial, pgpy.packet.fields.ECDSAPriv):
|
||||||
|
self.pgpy_key_type = 'ECDSA'
|
||||||
|
elif isinstance(self.pgpy._key.keymaterial, pgpy.packet.fields.EdDSAPriv):
|
||||||
|
self.pgpy_key_type = 'EdDSA'
|
||||||
|
elif isinstance(self.pgpy._key.keymaterial, pgpy.packet.fields.ECDHPriv):
|
||||||
|
self.pgpy_key_type = 'ECDH'
|
||||||
|
else:
|
||||||
|
self.pgpy_key_type = 'undefined'
|
||||||
|
log.debug("keygen.pgpy_key_type=%s" % self.pgpy_key_type)
|
||||||
|
|
||||||
|
def protobuf_from_ed25519(self):
|
||||||
|
# libp2p protobuf version 2
|
||||||
|
log.debug("keygen.protobuf_from_ed25519()")
|
||||||
|
try:
|
||||||
|
self.ed25519_public_protobuf = b'\x00$\x08\x01\x12 ' + self.ed25519_public_bytes
|
||||||
|
self.ed25519_secret_protobuf = b'\x08\x01\x12@' + self.ed25519_secret_bytes
|
||||||
|
except Exception as e:
|
||||||
|
log.error(f'Unable to get protobuf from ed25519: {e}')
|
||||||
|
self._cleanup()
|
||||||
|
exit(2)
|
||||||
|
log.debug("keygen.ed25519_public_protobuf=%s" % self.ed25519_public_protobuf)
|
||||||
|
log.debug("keygen.ed25519_secret_protobuf=%s" % self.ed25519_secret_protobuf)
|
||||||
|
|
||||||
|
##
|
||||||
|
# long_to_bytes comes from PyCrypto, which is released into Public Domain
|
||||||
|
# https://github.com/dlitz/pycrypto/blob/master/lib/Crypto/Util/number.py
|
||||||
|
def bytes_to_long(s):
|
||||||
|
"""bytes_to_long(string) : long
|
||||||
|
Convert a byte string to a long integer.
|
||||||
|
This is (essentially) the inverse of long_to_bytes().
|
||||||
|
"""
|
||||||
|
acc = 0
|
||||||
|
unpack = struct.unpack
|
||||||
|
length = len(s)
|
||||||
|
if length % 4:
|
||||||
|
extra = (4 - length % 4)
|
||||||
|
s = b'\000' * extra + s
|
||||||
|
length = length + extra
|
||||||
|
for i in range(0, length, 4):
|
||||||
|
acc = (acc << 32) + unpack('>I', s[i:i+4])[0]
|
||||||
|
return acc
|
||||||
|
|
||||||
|
def long_to_bytes(n, blocksize=0):
|
||||||
|
"""long_to_bytes(n:long, blocksize:int) : string
|
||||||
|
Convert a long integer to a byte string.
|
||||||
|
If optional blocksize is given and greater than zero, pad the front of the
|
||||||
|
byte string with binary zeros so that the length is a multiple of
|
||||||
|
blocksize.
|
||||||
|
"""
|
||||||
|
# after much testing, this algorithm was deemed to be the fastest
|
||||||
|
s = b''
|
||||||
|
n = int(n)
|
||||||
|
pack = struct.pack
|
||||||
|
while n > 0:
|
||||||
|
s = pack('>I', n & 0xffffffff) + s
|
||||||
|
n = n >> 32
|
||||||
|
# strip off leading zeros
|
||||||
|
for i in range(len(s)):
|
||||||
|
if s[i] != b'\000'[0]:
|
||||||
|
break
|
||||||
|
else:
|
||||||
|
# only happens when n == 0
|
||||||
|
s = b'\000'
|
||||||
|
i = 0
|
||||||
|
s = s[i:]
|
||||||
|
# add back some pad bytes. this could be done more efficiently w.r.t. the
|
||||||
|
# de-padding being done above, but sigh...
|
||||||
|
if blocksize > 0 and len(s) % blocksize:
|
||||||
|
s = (blocksize - len(s) % blocksize) * b'\000' + s
|
||||||
|
return s
|
||||||
|
|
||||||
|
def main(argv=None):
|
||||||
|
if argv is None:
|
||||||
|
argv = sys.argv[1:]
|
||||||
|
|
||||||
|
cli = keygen()
|
||||||
|
return cli._run(argv)
|
||||||
|
|
||||||
|
def version(version=__version__):
|
||||||
|
print("%s v%s" % (sys.argv[0],version))
|
||||||
|
|
||||||
|
if __name__ == "__main__":
|
||||||
|
sys.exit(main())
|
Loading…
Reference in New Issue