Refactor using of crypto functions #1796

Closed
g1itch wants to merge 14 commits from crypto into v0.6
2 changed files with 15 additions and 18 deletions
Showing only changes of commit 32e7e863f8 - Show all commits

View File

@ -50,6 +50,8 @@ class singleWorker(StoppableThread):
def __init__(self): def __init__(self):
super(singleWorker, self).__init__(name="singleWorker") super(singleWorker, self).__init__(name="singleWorker")
self.digestAlg = BMConfigParser().safeGet(
'bitmessagesettings', 'digestalg', 'sha256')
proofofwork.init() proofofwork.init()
def stopThread(self): def stopThread(self):
@ -368,7 +370,8 @@ class singleWorker(StoppableThread):
payload += encodeVarint(BMConfigParser().getint( payload += encodeVarint(BMConfigParser().getint(
myAddress, 'payloadlengthextrabytes')) myAddress, 'payloadlengthextrabytes'))
signature = highlevelcrypto.sign(payload, privSigningKeyHex) signature = highlevelcrypto.sign(
payload, privSigningKeyHex, self.digestAlg)
payload += encodeVarint(len(signature)) payload += encodeVarint(len(signature))
payload += signature payload += signature
@ -455,8 +458,7 @@ class singleWorker(StoppableThread):
).digest()).digest() ).digest()).digest()
payload += doubleHashOfAddressData[32:] # the tag payload += doubleHashOfAddressData[32:] # the tag
signature = highlevelcrypto.sign( signature = highlevelcrypto.sign(
payload + dataToEncrypt, privSigningKeyHex payload + dataToEncrypt, privSigningKeyHex, self.digestAlg)
)
dataToEncrypt += encodeVarint(len(signature)) dataToEncrypt += encodeVarint(len(signature))
dataToEncrypt += signature dataToEncrypt += signature
@ -641,7 +643,7 @@ class singleWorker(StoppableThread):
dataToSign = payload + dataToEncrypt dataToSign = payload + dataToEncrypt
signature = highlevelcrypto.sign( signature = highlevelcrypto.sign(
dataToSign, privSigningKeyHex) dataToSign, privSigningKeyHex, self.digestAlg)
dataToEncrypt += encodeVarint(len(signature)) dataToEncrypt += encodeVarint(len(signature))
dataToEncrypt += signature dataToEncrypt += signature
@ -1223,7 +1225,8 @@ class singleWorker(StoppableThread):
payload += fullAckPayload payload += fullAckPayload
dataToSign = pack('>Q', embeddedTime) + '\x00\x00\x00\x02' + \ dataToSign = pack('>Q', embeddedTime) + '\x00\x00\x00\x02' + \
encodeVarint(1) + encodeVarint(toStreamNumber) + payload encodeVarint(1) + encodeVarint(toStreamNumber) + payload
signature = highlevelcrypto.sign(dataToSign, privSigningKeyHex) signature = highlevelcrypto.sign(
dataToSign, privSigningKeyHex, self.digestAlg)
payload += encodeVarint(len(signature)) payload += encodeVarint(len(signature))
payload += signature payload += signature

View File

@ -13,7 +13,6 @@ import pyelliptic
from pyelliptic import OpenSSL from pyelliptic import OpenSSL
from pyelliptic import arithmetic as a from pyelliptic import arithmetic as a
from bmconfigparser import BMConfigParser
__all__ = ['encrypt', 'makeCryptor', 'pointMult', 'privToPub', 'sign', 'verify'] __all__ = ['encrypt', 'makeCryptor', 'pointMult', 'privToPub', 'sign', 'verify']
@ -67,22 +66,17 @@ def decryptFast(msg, cryptor):
return cryptor.decrypt(msg) return cryptor.decrypt(msg)
def sign(msg, hexPrivkey): def sign(msg, hexPrivkey, digestAlg="sha256"):
""" """
Signs with hex private key using SHA1 or SHA256 depending on Signs with hex private key using SHA1 or SHA256 depending on
"digestalg" setting *digestAlg* keyword.
""" """
digestAlg = BMConfigParser().safeGet( if digestAlg not in ("sha1", "sha256"):
'bitmessagesettings', 'digestalg', 'sha256')
if digestAlg == "sha1":
# SHA1, this will eventually be deprecated
return makeCryptor(hexPrivkey).sign(
msg, digest_alg=OpenSSL.digest_ecdsa_sha1)
elif digestAlg == "sha256":
# SHA256. Eventually this will become the default
return makeCryptor(hexPrivkey).sign(msg, digest_alg=OpenSSL.EVP_sha256)
else:
raise ValueError("Unknown digest algorithm %s" % digestAlg) raise ValueError("Unknown digest algorithm %s" % digestAlg)
# SHA1, this will eventually be deprecated
return makeCryptor(hexPrivkey).sign(
msg, digest_alg=OpenSSL.digest_ecdsa_sha1
if digestAlg == "sha1" else OpenSSL.EVP_sha256)
def verify(msg, sig, hexPubkey): def verify(msg, sig, hexPubkey):