Archives
/
Comrad
mirror of https://github.com/ComradCollective/Comrad
2
0
Fork 0
Code Issues Releases Wiki Activity

finally! abolishing private key property

Browse Source
operator-time
quadrismegistus 4 years ago
parent 787b619370
commit 4f90c9ee61
6 changed files with 182 additions and 152 deletions
Show Stats Download Patch File Download Diff File

2
komrade/backend/callers.py
Unescape Escape View File

@ -45,7 +45,7 @@ class Caller(Operator):
'privkey_decr_encr', 'privkey_decr_decr',
'adminkey_decr_encr', 'adminkey_decr_decr']
phone_res = self.phone.req(json_coming_from_phone = req_json, caller=self)
phone_res = self.phone.ask_operator(json_phone = req_json, caller=self)
name = phone_res.get('name')
returned_keys = phone_res.get('_keychain')
self.log('got returnd keys from Op:',returned_keys)

110
komrade/backend/operators.py
Unescape Escape View File

@ -26,11 +26,107 @@ class Operator(Keymaker):
# load keychain into memory
self._keychain = self.keychain(force = True)
# ### BASE STORAGE
# @property
# def crypt_keys(self):
# if not hasattr(self,'_crypt_keys'):
# self._crypt_keys = Crypt(fn=self.path_crypt_keys)
# return self._crypt_keys
def encrypt_to_send(self,msg_json,from_privkey,to_pubkey):
if not msg_json or not from_privkey or not to_pubkey:
self.log('not enough info!')
return b''
msg_b = package_for_transmission(msg_json)
try:
msg_encr = SMessage(
from_privkey,
to_pubkey,
).wrap(msg_b)
return msg_encr
except ThemisError as e:
self.log('unable to encrypt to send!',e)
return b''
def decrypt_from_send(self,msg_encr,from_pubkey,to_privkey):
if not msg_b_encr or not from_privkey or not to_pubkey:
self.log('not enough info!')
return b''
try:
# decrypt
msg_b = SMessage(
to_privkey,
from_pubkey,
).unwrap(msg_b_encr)
# decode
msg_json = unpackage_from_transmission(msg_b)
# return
return msg_json
except ThemisError as e:
self.log('unable to decrypt from send!',e)
return b''
def encrypt_outgoing(self,
json_phone={},
json_caller={},
from_phone_privkey=None,
from_caller_privkey=None,
to_pubkey=None,
unencr_header=b'')
# 1) unencrypted header:
# 2) encrypt to phone
json_phone_encr = self.encrypt_to_send(json_phone,from_phone_privkey,to_pubkey)
# 3) to caller
json_caller_encr = self.encrypt_to_send(json_caller,from_caller_privkey,to_pubkey)
# return
req_data_encr = unencr_header + BSEP + json_phone_encr + BSEP + json_caller_encr
return req_data_encr
def reassemble_nec_keys_using_header(self,unencr_header):
assert unencr_header.count(BSEP2)==1
phone_pubkey_decr,op_pubkey_decr = unencr_header.split(BSEP2)
# get phone pubkey
new_phone_keychain = self.phone.keychain(extra_keys={'pubkey_decr':phone_pubkey_decr},force=True)
new_op_keychain = self.keychain(extra_keys={'pubkey_decr':op_pubkey_decr},force=True)
phone_pubkey = new_phone_keychain.get('pubkey')
op_pubkey = new_op_keychain.get('pubkey')
return (phone_pubkey,op_pubkey)
def reassemble_necessary_keys_using_decr_phone_data(self,decr_phone_data):
name=decr_phone_data.get('name')
if not name: return None
try:
caller = Caller(name)
self.log('got caller on phone',name,caller)
return caller.pubkey_
def decrypt_incoming(self,
json_phone={},
json_caller={}):
# step 1 split:
data_unencr,data_encr_by_phone,data_encr_by_caller = data.split(BSEP)
data_unencr_by_phone,data_unencr_by_caller = None,None
# set up
DATA = {}
# assuming the entire message is to me
to_pubkey = self.pubkey_
# get other keys from halfkeys
phone_pubkey,op_pubkey = self.reassemble_nec_keys_using_header(data_unencr)
# 2) decrypt from phone
json_phone_decr = self.decrypt_from_send(json_phone,phone_pubkey,self.privkey_)
# 3) decrypt from caller
caller_pubkey = self.reassemble_necessary_keys_using_decr_phone_data(json_phone_decr)
json_caller_encr = self.decrypt_from_send(json_caller,from_caller_privkey,to_pubkey)
# return
req_data_encr = unencr_header + BSEP + json_phone_encr + BSEP + json_caller_encr
return req_data_encr

49
komrade/backend/switchboard.py
Unescape Escape View File

@ -35,50 +35,25 @@ class TheSwitchboard(FlaskView, Logger):
def send(self,res):
return res
def route(self,msg):
# give to The Operator
try:
self.log('Success! your message was: '+str(msg))
res = self.op.recv(msg)
self.log('Your return result should be:',res)
return self.send(res)
except AssertionError as e:
self.log('got exception!!',e)
return OPERATOR_INTERCEPT_MESSAGE
def get(self,msg):
self.log('Incoming call!:',msg)
if not msg:
self.log('empty request!')
return OPERATOR_INTERCEPT_MESSAGE
# unenescape
msg = msg.replace('_','/')
if not isBase64(msg):
self.log('not valid input!')
return OPERATOR_INTERCEPT_MESSAGE
encr_b64_str = msg
# first try to get from string to bytes
self.log('incoming <--',encr_b64_str)
try:
encr_b64_b = encr_b64_str.encode('utf-8')
self.log('encr_b64_b',encr_b64_b)
except UnicodeEncodeError:
self.log('not valid unicode?')
return OPERATOR_INTERCEPT_MESSAGE
# then try to get from b64 bytes to raw bytes
try:
data = b64decode(encr_b64_b)
self.log('data',data)
self.log(f'successfully understood input')
except binascii.Error as e:
self.log('not valid b64?')
return OPERATOR_INTERCEPT_MESSAGE
# # step 3: give to The Operator
try:
self.log('Success! your message was: '+str(data))
res = self.op.recv(data)
self.log('Your return result should be:',res)
return self.send(res)
except AssertionError as e:
self.log('got exception!!',e)
return OPERATOR_INTERCEPT_MESSAGE
# return response to caller
return OPERATOR_INTERCEPT_MESSAGE
return self.route(msg)
def run_forever(port='8080'):
global OPERATOR,TELEPHONE

36
komrade/backend/the_operator.py
Unescape Escape View File

@ -98,40 +98,40 @@ class TheOperator(Operator):
return DATA
def encrypt_outgoing(self,json_going_to_phone={},json_going_to_caller={},caller=None):
def encrypt_outgoing(self,json_phone={},json_caller={},caller=None):
# 1)
unencr_header = self.privkey_encr_ + BSEP2 + self.phone.pubkey_encr_
self.log('unencr_header',unencr_header)
# 2) encrypt to phone
if json_going_to_phone:
json_going_to_phone_b = package_for_transmission(json_going_to_phone)
if json_phone:
json_phone_b = package_for_transmission(json_phone)
try:
json_going_to_phone_b_encr = SMessage(
json_phone_b_encr = SMessage(
self.privkey_,
self.phone.pubkey_
).wrap(json_going_to_phone_b)
).wrap(json_phone_b)
except ThemisError as e:
self.log('unable to send to phone!',e)
return OPERATOR_INTERCEPT_MESSAGE
else:
json_going_to_phone_b=b''
json_phone_b=b''
# 3) to caller
if json_going_to_caller and caller:
json_going_to_caller_b = package_for_transmission(json_going_to_caller)
if json_caller and caller:
json_caller_b = package_for_transmission(json_caller)
try:
json_going_to_caller_b_encr = SMessage(
json_caller_b_encr = SMessage(
caller.privkey_,
self.pubkey_
).wrap(json_going_to_caller_b)
).wrap(json_caller_b)
except ThemisError as e:
self.log('unable to send to caller!',e)
return OPERATOR_INTERCEPT_MESSAGE
else:
json_going_to_caller_b_encr = b''
json_caller_b_encr = b''
req_data_encr = unencr_header + BSEP + json_going_to_phone_b_encr + BSEP + json_going_to_caller_b_encr
req_data_encr = unencr_header + BSEP + json_phone_b_encr + BSEP + json_caller_b_encr
return req_data_encr
@ -159,7 +159,7 @@ class TheOperator(Operator):
if msg_tocaller and 'name' in msg_tophone:
caller = Operator(msg_tophone['name'])
self.log('send!',msg_tophone,msg_tocaller,caller)
data = self.encrypt_information(json_going_to_phone=msg_tophone,json_going_to_caller=caller)
data = self.encrypt_information(json_phone=msg_tophone,json_caller=caller)
self.log('got back encr:',data)
return data
@ -192,14 +192,16 @@ def init_operators():
op = TheOperator()
phone = TheTelephone()
# save what we normally save for a client on the server -- The Op is a client from our pov
op_decr_keys = op.forge_new_keys(
keys_to_save=['pubkey','privkey_encr','adminkey_encr','adminkey_decr_encr','adminkey_decr_decr'],
keys_to_return=['pubkey','privkey_decr']
keys_to_save=KEYMAKER_DEFAULT_KEYS_TO_RETURN, # on server only; flipped around
keys_to_return=KEYMAKER_DEFAULT_KEYS_TO_SAVE+['pubkey'] # on clients only
)
phone_decr_keys = phone.forge_new_keys(
keys_to_save=['pubkey_encr'],
keys_to_return=['pubkey_decr','privkey']
keys_to_save=KEYMAKER_DEFAULT_KEYS_TO_SAVE, # on server only
keys_to_return=KEYMAKER_DEFAULT_KEYS_TO_RETURN+['privkey'] # on clients only
)
print('\n'*5)

119
komrade/backend/the_telephone.py
Unescape Escape View File

@ -17,107 +17,58 @@ class TheTelephone(Operator):
self.caller=caller
self.allow_builtin=allow_builtin
# @property
# def op(self):
# global OPERATOR
# from komrade.backend.the_operator import TheOperator
# if not OPERATOR: OPERATOR=TheOperator()
# return OPERATOR
# async def dial_operator(self,msg):
def dial_operator(self,msg):
msg=msg.replace('/','_')
URL = OPERATOR_API_URL + msg + '/'
self.log("DIALING THE OPERATOR:",URL)
# cmd='/home/ryan/etc/tor-browser_en-US/Browser/start-tor-browser --new-window "'+URL+'"'
# self.log(cmd)
# os.system(cmd)
# exit()
# r=await tor_request_async(URL)
r=tor_request(URL)
self.log('result!?!?!',r)
if r.status_code==200:
return r.text
else:
self.log('!! error in request',r.status_code,r.text)
return None
# async def req(self,json_coming_from_phone={},json_coming_from_caller={},caller=None):
def req(self,json_coming_from_phone={},json_coming_from_caller={},caller=None):
def recv(self,data):
# decrypt
data_in = self.decrypt_incoming(data)
# route
result = self.route(data_json)
# encrypt
data_out = self.encrypt_outgoing(result)
# send
return self.send(res)
# async def req(self,json_phone={},json_caller={},caller=None):
def ask_operator(self,json_phone={},json_caller={},caller=None):
if not caller: caller=self.caller
self.log(f"""
RING RING!
caller = {caller}
json_coming_from_phone = {json_coming_from_phone}
json_coming_from_caller = {json_coming_from_caller}""")
# keychain = self.keychain(allow_builtin=self.allow_builtin, force=True)
# self.log('about to make a call. my keychain?',keychain)
# stop
# stop
# Three parts of every request:
# 0) Unencrypted. do not use except for very specific minimal reasons!
# exchange half-complete pieces of info, both of which necessary for other
unencr_header = OPERATOR_KEYCHAIN['privkey_decr'] + BSEP2 + TELEPHONE_KEYCHAIN['pubkey_decr']
self.log('unencr_header',unencr_header)
# ewrwerewrwerw
# 1) only overall encryption layer E2EE Telephone -> Operator:
if json_coming_from_phone:
json_coming_from_phone_s = json.dumps(json_coming_from_phone)
json_coming_from_phone_b = json_coming_from_phone_s.encode()
json_coming_from_phone_b_encr = SMessage(
TELEPHONE_KEYCHAIN['privkey'],
OPERATOR_KEYCHAIN['pubkey']
).wrap(json_coming_from_phone_b)
else:
json_coming_from_phone_b=b''
# 2) (optional) extra E2EE encrypted layer Caller -> Operator
if json_coming_from_caller and caller:
json_coming_from_caller_s = json.dumps(json_coming_from_caller)
json_coming_from_caller_b = json_coming_from_caller_s.encode()
json_coming_from_caller_b_encr = SMessage(
caller.privkey_,
OPERATOR_KEYCHAIN['pubkey']
).wrap(json_coming_from_caller_b)
else:
json_coming_from_caller_b_encr = b''
req_data_encr = unencr_header + BSEP + json_coming_from_phone_b_encr + BSEP + json_coming_from_caller_b_encr
self.log('req_data_encr',req_data_encr)
# sewerwe
# req_data_encr = SMessage(self.privkey_,self.op.pubkey_).wrap(req_data)
req_data_encr_b64 = b64encode(req_data_encr)
self.log('req_data_encr_b64 <--',req_data_encr_b64)
json_phone = {json_phone}
json_caller = {json_caller}""")
# 1) unencr header
# telephone_pubkey_decr | op_pubkey_decr | op_privkey_decr
unencr_header = TELEPHONE_KEYCHAIN['pubkey_decr']
unencr_header += BSEP2 + OPERATOR_KEYCHAIN['pubkey_decr']
unencr_header += BSEP2 + OPERATOR_KEYCHAIN['privkey_decr']
# 2) caller privkey?
from_caller_privkey=caller.privkey_ if caller and json_caller else None
# encrypt data
encrypted_message_to_operator = self.encrypt_outgoing(
json_phone=json_phone,
json_caller=json_caller,
from_caller_privkey=from_caller_privkey
)
# send!
req_data_encr_b64_str = req_data_encr_b64.decode('utf-8')
# send
answer = self.dial_operator(encrypted_message_to_operator)
#try:
res_s = self.dial_operator(req_data_encr_b64_str)
# try decoding
# res = await self.dial_operator(req_data_encr_b64_str)
#except TypeError:
# res = None
self.log('result from operator?',res)
return res
self.log('result from operator?',answer)
return answer

18
komrade/constants.py
Unescape Escape View File

@ -50,13 +50,19 @@ OPERATOR_INTERCEPT_MESSAGE = "If you'd like to make a call, please hang up and t
KEYMAKER_DEFAULT_KEYS_TO_SAVE = ['pubkey_encr', 'privkey_encr', 'adminkey_encr']
# KEYMAKER_DEFAULT_KEYS_TO_SAVE = ['pubkey_encr', 'privkey_encr', 'adminkey_encr']
# KEYMAKER_DEFAULT_KEYS_TO_RETURN = ['pubkey_decr_encr', 'privkey_decr_encr', 'adminkey_decr_encr']
KEYMAKER_DEFAULT_KEYS_TO_RETURN = ['pubkey_decr', 'privkey_decr_encr', 'adminkey_decr_encr']
# KEYMAKER_DEFAULT_KEYS_TO_RETURN += ['pubkey_decr_decr', 'privkey_decr_decr', 'adminkey_decr_decr']
KEYMAKER_DEFAULT_KEYS_TO_RETURN += ['privkey_decr_decr', 'adminkey_decr_decr']
KEYMAKER_DEFAULT_KEYS_TO_GEN = ['pubkey','privkey','adminkey']
KEYMAKER_DEFAULT_KEYS_TO_GEN += ['pubkey_decr','privkey_decr', 'adminkey_decr']
KEYMAKER_DEFAULT_KEYS_TO_SAVE = ['pubkey_encr']
KEYMAKER_DEFAULT_KEYS_TO_RETURN = ['privkey_encr', 'adminkey_encr',
'pubkey_decr',
'privkey_decr_encr', 'adminkey_decr_encr',
'privkey_decr_decr', 'adminkey_decr_decr']
KEYMAKER_DEFAULT_KEYS_TO_GEN = ['pubkey','privkey','adminkey',
'pubkey_decr','privkey_decr', 'adminkey_decr']
KEYMAKER_DEFAULT_KEYS_TO_GEN += KEYMAKER_DEFAULT_KEYS_TO_SAVE
KEYMAKER_DEFAULT_KEYS_TO_GEN += KEYMAKER_DEFAULT_KEYS_TO_RETURN
KEYMAKER_DEFAULT_KEYS_TO_GEN = list(set(KEYMAKER_DEFAULT_KEYS_TO_GEN))

Write Preview
Loading…
Cancel
Save