From c7a3bfacfa2219f25c2fa50fea8103442f5c07d4 Mon Sep 17 00:00:00 2001 From: Dmitri Bogomolov <4glitch@gmail.com> Date: Thu, 9 Dec 2021 18:44:24 +0200 Subject: [PATCH 1/2] Move randomBytes to highlevelcrypto --- src/helper_ackPayload.py | 12 ++++++------ src/helper_random.py | 13 ------------- src/highlevelcrypto.py | 14 +++++++++++++- src/network/tcp.py | 2 +- 4 files changed, 20 insertions(+), 21 deletions(-) diff --git a/src/helper_ackPayload.py b/src/helper_ackPayload.py index d30f4c0d..1c5ddf98 100644 --- a/src/helper_ackPayload.py +++ b/src/helper_ackPayload.py @@ -22,26 +22,26 @@ def genAckPayload(streamNumber=1, stealthLevel=0): - level 1: a getpubkey request for a (random) dummy key hash - level 2: a standard message, encrypted to a random pubkey """ - if stealthLevel == 2: # Generate privacy-enhanced payload + if stealthLevel == 2: # Generate privacy-enhanced payload # Generate a dummy privkey and derive the pubkey dummyPubKeyHex = highlevelcrypto.privToPub( - hexlify(helper_random.randomBytes(32))) + hexlify(highlevelcrypto.randomBytes(32))) # Generate a dummy message of random length # (the smallest possible standard-formatted message is 234 bytes) - dummyMessage = helper_random.randomBytes( + dummyMessage = highlevelcrypto.randomBytes( helper_random.randomrandrange(234, 801)) # Encrypt the message using standard BM encryption (ECIES) ackdata = highlevelcrypto.encrypt(dummyMessage, dummyPubKeyHex) acktype = 2 # message version = 1 - elif stealthLevel == 1: # Basic privacy payload (random getpubkey) - ackdata = helper_random.randomBytes(32) + elif stealthLevel == 1: # Basic privacy payload (random getpubkey) + ackdata = highlevelcrypto.randomBytes(32) acktype = 0 # getpubkey version = 4 else: # Minimum viable payload (non stealth) - ackdata = helper_random.randomBytes(32) + ackdata = highlevelcrypto.randomBytes(32) acktype = 2 # message version = 1 diff --git a/src/helper_random.py b/src/helper_random.py index 2e6a151b..e6da707e 100644 --- a/src/helper_random.py +++ b/src/helper_random.py @@ -1,12 +1,7 @@ """Convenience functions for random operations. Not suitable for security / cryptography operations.""" -import os import random -try: - from pyelliptic.openssl import OpenSSL -except ImportError: - from .pyelliptic.openssl import OpenSSL NoneType = type(None) @@ -16,14 +11,6 @@ def seed(): random.seed() -def randomBytes(n): - """Method randomBytes.""" - try: - return os.urandom(n) - except NotImplementedError: - return OpenSSL.rand(n) - - def randomshuffle(population): """Method randomShuffle. diff --git a/src/highlevelcrypto.py b/src/highlevelcrypto.py index a52ac77f..2604594e 100644 --- a/src/highlevelcrypto.py +++ b/src/highlevelcrypto.py @@ -8,6 +8,7 @@ High level cryptographic functions based on `.pyelliptic` OpenSSL bindings. """ import hashlib +import os from binascii import hexlify import pyelliptic @@ -17,7 +18,8 @@ from pyelliptic import arithmetic as a __all__ = [ 'decodeWalletImportFormat', 'encodeWalletImportFormat', - 'encrypt', 'makeCryptor', 'pointMult', 'privToPub', 'sign', 'verify'] + 'encrypt', 'makeCryptor', 'pointMult', 'privToPub', 'randomBytes', + 'sign', 'verify'] # WIF (uses arithmetic ): @@ -49,6 +51,16 @@ def encodeWalletImportFormat(privKey): return a.changebase(privKey + checksum, 256, 58) +# Random + +def randomBytes(n): + """Get n random bytes""" + try: + return os.urandom(n) + except NotImplementedError: + return OpenSSL.rand(n) + + def makeCryptor(privkey, curve='secp256k1'): """Return a private `.pyelliptic.ECC` instance""" private_key = a.changebase(privkey, 16, 256, minlen=32) diff --git a/src/network/tcp.py b/src/network/tcp.py index 0bfde3bb..2d0b26fa 100644 --- a/src/network/tcp.py +++ b/src/network/tcp.py @@ -16,7 +16,7 @@ import l10n import protocol import state from bmconfigparser import config -from helper_random import randomBytes +from highlevelcrypto import randomBytes from inventory import Inventory from queues import invQueue, receiveDataQueue, UISignalQueue from tr import _translate -- 2.45.1 From 1b9773f2cf89b8af65af8d2678858f074e42ed66 Mon Sep 17 00:00:00 2001 From: Dmitri Bogomolov <4glitch@gmail.com> Date: Thu, 9 Dec 2021 18:44:57 +0200 Subject: [PATCH 2/2] A dummy test for randomBytes --- src/tests/test_crypto.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/tests/test_crypto.py b/src/tests/test_crypto.py index b3f2484e..0065b318 100644 --- a/src/tests/test_crypto.py +++ b/src/tests/test_crypto.py @@ -66,6 +66,14 @@ class TestCrypto(RIPEMD160TestCase, unittest.TestCase): class TestHighlevelcrypto(unittest.TestCase): """Test highlevelcrypto public functions""" + def test_randomBytes(self): + """Dummy checks for random bytes""" + for n in (8, 32, 64): + data = highlevelcrypto.randomBytes(n) + self.assertEqual(len(data), n) + self.assertNotEqual(len(set(data)), 1) + self.assertNotEqual(data, highlevelcrypto.randomBytes(n)) + def test_signatures(self): """Verify sample signatures and newly generated ones""" pubkey_hex = hexlify(sample_pubsigningkey) -- 2.45.1