Start moving hashes into highlevelcrypto #2210
|
@ -2,11 +2,16 @@
|
||||||
Operations with addresses
|
Operations with addresses
|
||||||
"""
|
"""
|
||||||
# pylint: disable=inconsistent-return-statements
|
# pylint: disable=inconsistent-return-statements
|
||||||
import hashlib
|
|
||||||
import logging
|
import logging
|
||||||
from binascii import hexlify, unhexlify
|
from binascii import hexlify, unhexlify
|
||||||
from struct import pack, unpack
|
from struct import pack, unpack
|
||||||
|
|
||||||
|
try:
|
||||||
|
from highlevelcrypto import double_sha512
|
||||||
|
except ImportError:
|
||||||
|
from .highlevelcrypto import double_sha512
|
||||||
|
|
||||||
|
|
||||||
logger = logging.getLogger('default')
|
logger = logging.getLogger('default')
|
||||||
|
|
||||||
|
@ -134,15 +139,6 @@ def decodeVarint(data):
|
||||||
return (encodedValue, 9)
|
return (encodedValue, 9)
|
||||||
|
|
||||||
|
|
||||||
def calculateInventoryHash(data):
|
|
||||||
"""Calculate inventory hash from object data"""
|
|
||||||
sha = hashlib.new('sha512')
|
|
||||||
sha2 = hashlib.new('sha512')
|
|
||||||
sha.update(data)
|
|
||||||
sha2.update(sha.digest())
|
|
||||||
return sha2.digest()[0:32]
|
|
||||||
|
|
||||||
|
|
||||||
def encodeAddress(version, stream, ripe):
|
def encodeAddress(version, stream, ripe):
|
||||||
"""Convert ripe to address"""
|
"""Convert ripe to address"""
|
||||||
if version >= 2 and version < 4:
|
if version >= 2 and version < 4:
|
||||||
|
@ -166,12 +162,7 @@ def encodeAddress(version, stream, ripe):
|
||||||
storedBinaryData = encodeVarint(version) + encodeVarint(stream) + ripe
|
storedBinaryData = encodeVarint(version) + encodeVarint(stream) + ripe
|
||||||
|
|
||||||
# Generate the checksum
|
# Generate the checksum
|
||||||
sha = hashlib.new('sha512')
|
checksum = double_sha512(storedBinaryData)[0:4]
|
||||||
sha.update(storedBinaryData)
|
|
||||||
currentHash = sha.digest()
|
|
||||||
sha = hashlib.new('sha512')
|
|
||||||
sha.update(currentHash)
|
|
||||||
checksum = sha.digest()[0:4]
|
|
||||||
|
|
||||||
# FIXME: encodeBase58 should take binary data, to reduce conversions
|
# FIXME: encodeBase58 should take binary data, to reduce conversions
|
||||||
# encodeBase58(storedBinaryData + checksum)
|
# encodeBase58(storedBinaryData + checksum)
|
||||||
|
@ -207,13 +198,7 @@ def decodeAddress(address):
|
||||||
data = unhexlify(hexdata)
|
data = unhexlify(hexdata)
|
||||||
checksum = data[-4:]
|
checksum = data[-4:]
|
||||||
|
|
||||||
sha = hashlib.new('sha512')
|
if checksum != double_sha512(data[:-4])[0:4]:
|
||||||
sha.update(data[:-4])
|
|
||||||
currentHash = sha.digest()
|
|
||||||
sha = hashlib.new('sha512')
|
|
||||||
sha.update(currentHash)
|
|
||||||
|
|
||||||
if checksum != sha.digest()[0:4]:
|
|
||||||
status = 'checksumfailed'
|
status = 'checksumfailed'
|
||||||
return status, 0, 0, ''
|
return status, 0, 0, ''
|
||||||
|
|
||||||
|
|
|
@ -83,7 +83,6 @@ import shutdown
|
||||||
import state
|
import state
|
||||||
from addresses import (
|
from addresses import (
|
||||||
addBMIfNotPresent,
|
addBMIfNotPresent,
|
||||||
calculateInventoryHash,
|
|
||||||
decodeAddress,
|
decodeAddress,
|
||||||
decodeVarint,
|
decodeVarint,
|
||||||
varintDecodeError
|
varintDecodeError
|
||||||
|
@ -92,6 +91,7 @@ from bmconfigparser import config
|
||||||
from debug import logger
|
from debug import logger
|
||||||
from helper_sql import (
|
from helper_sql import (
|
||||||
SqlBulkExecute, sqlExecute, sqlQuery, sqlStoredProcedure, sql_ready)
|
SqlBulkExecute, sqlExecute, sqlQuery, sqlStoredProcedure, sql_ready)
|
||||||
|
from highlevelcrypto import calculateInventoryHash
|
||||||
from inventory import Inventory
|
from inventory import Inventory
|
||||||
|
|
||||||
try:
|
try:
|
||||||
|
|
|
@ -349,10 +349,10 @@ class addressGenerator(StoppableThread):
|
||||||
highlevelcrypto.makeCryptor(
|
highlevelcrypto.makeCryptor(
|
||||||
hexlify(potentialPrivEncryptionKey))
|
hexlify(potentialPrivEncryptionKey))
|
||||||
shared.myAddressesByHash[ripe] = address
|
shared.myAddressesByHash[ripe] = address
|
||||||
tag = hashlib.sha512(hashlib.sha512(
|
tag = highlevelcrypto.double_sha512(
|
||||||
encodeVarint(addressVersionNumber)
|
encodeVarint(addressVersionNumber)
|
||||||
+ encodeVarint(streamNumber) + ripe
|
+ encodeVarint(streamNumber) + ripe
|
||||||
).digest()).digest()[32:]
|
)[32:]
|
||||||
shared.myAddressesByTag[tag] = address
|
shared.myAddressesByTag[tag] = address
|
||||||
if addressVersionNumber == 3:
|
if addressVersionNumber == 3:
|
||||||
# If this is a chan address,
|
# If this is a chan address,
|
||||||
|
|
|
@ -24,7 +24,7 @@ import queues
|
||||||
import shared
|
import shared
|
||||||
import state
|
import state
|
||||||
from addresses import (
|
from addresses import (
|
||||||
calculateInventoryHash, decodeAddress, decodeVarint,
|
decodeAddress, decodeVarint,
|
||||||
encodeAddress, encodeVarint, varintDecodeError
|
encodeAddress, encodeVarint, varintDecodeError
|
||||||
)
|
)
|
||||||
from bmconfigparser import config
|
from bmconfigparser import config
|
||||||
|
@ -456,7 +456,7 @@ class objectProcessor(threading.Thread):
|
||||||
streamNumberAsClaimedByMsg, streamNumberAsClaimedByMsgLength = \
|
streamNumberAsClaimedByMsg, streamNumberAsClaimedByMsgLength = \
|
||||||
decodeVarint(data[readPosition:readPosition + 9])
|
decodeVarint(data[readPosition:readPosition + 9])
|
||||||
readPosition += streamNumberAsClaimedByMsgLength
|
readPosition += streamNumberAsClaimedByMsgLength
|
||||||
inventoryHash = calculateInventoryHash(data)
|
inventoryHash = highlevelcrypto.calculateInventoryHash(data)
|
||||||
initialDecryptionSuccessful = False
|
initialDecryptionSuccessful = False
|
||||||
|
|
||||||
# This is not an acknowledgement bound for me. See if it is a message
|
# This is not an acknowledgement bound for me. See if it is a message
|
||||||
|
@ -586,8 +586,7 @@ class objectProcessor(threading.Thread):
|
||||||
helper_bitcoin.calculateTestnetAddressFromPubkey(pubSigningKey)
|
helper_bitcoin.calculateTestnetAddressFromPubkey(pubSigningKey)
|
||||||
)
|
)
|
||||||
# Used to detect and ignore duplicate messages in our inbox
|
# Used to detect and ignore duplicate messages in our inbox
|
||||||
sigHash = hashlib.sha512(
|
sigHash = highlevelcrypto.double_sha512(signature)[32:]
|
||||||
hashlib.sha512(signature).digest()).digest()[32:]
|
|
||||||
|
|
||||||
# calculate the fromRipe.
|
# calculate the fromRipe.
|
||||||
sha = hashlib.new('sha512')
|
sha = hashlib.new('sha512')
|
||||||
|
@ -736,7 +735,7 @@ class objectProcessor(threading.Thread):
|
||||||
ackPayload = ackData[24:]
|
ackPayload = ackData[24:]
|
||||||
objectType, toStreamNumber, expiresTime = \
|
objectType, toStreamNumber, expiresTime = \
|
||||||
protocol.decodeObjectParameters(ackPayload)
|
protocol.decodeObjectParameters(ackPayload)
|
||||||
inventoryHash = calculateInventoryHash(ackPayload)
|
inventoryHash = highlevelcrypto.calculateInventoryHash(ackPayload)
|
||||||
Inventory()[inventoryHash] = (
|
Inventory()[inventoryHash] = (
|
||||||
objectType, toStreamNumber, ackPayload, expiresTime, b'')
|
objectType, toStreamNumber, ackPayload, expiresTime, b'')
|
||||||
queues.invQueue.put((toStreamNumber, inventoryHash))
|
queues.invQueue.put((toStreamNumber, inventoryHash))
|
||||||
|
@ -763,7 +762,7 @@ class objectProcessor(threading.Thread):
|
||||||
state.numberOfBroadcastsProcessed += 1
|
state.numberOfBroadcastsProcessed += 1
|
||||||
queues.UISignalQueue.put((
|
queues.UISignalQueue.put((
|
||||||
'updateNumberOfBroadcastsProcessed', 'no data'))
|
'updateNumberOfBroadcastsProcessed', 'no data'))
|
||||||
inventoryHash = calculateInventoryHash(data)
|
inventoryHash = highlevelcrypto.calculateInventoryHash(data)
|
||||||
readPosition = 20 # bypass the nonce, time, and object type
|
readPosition = 20 # bypass the nonce, time, and object type
|
||||||
broadcastVersion, broadcastVersionLength = decodeVarint(
|
broadcastVersion, broadcastVersionLength = decodeVarint(
|
||||||
data[readPosition:readPosition + 9])
|
data[readPosition:readPosition + 9])
|
||||||
|
@ -897,10 +896,10 @@ class objectProcessor(threading.Thread):
|
||||||
' itself. Ignoring message.'
|
' itself. Ignoring message.'
|
||||||
)
|
)
|
||||||
elif broadcastVersion == 5:
|
elif broadcastVersion == 5:
|
||||||
calculatedTag = hashlib.sha512(hashlib.sha512(
|
calculatedTag = highlevelcrypto.double_sha512(
|
||||||
encodeVarint(sendersAddressVersion)
|
encodeVarint(sendersAddressVersion)
|
||||||
+ encodeVarint(sendersStream) + calculatedRipe
|
+ encodeVarint(sendersStream) + calculatedRipe
|
||||||
).digest()).digest()[32:]
|
)[32:]
|
||||||
if calculatedTag != embeddedTag:
|
if calculatedTag != embeddedTag:
|
||||||
return logger.debug(
|
return logger.debug(
|
||||||
'The tag and encryption key used to encrypt this'
|
'The tag and encryption key used to encrypt this'
|
||||||
|
@ -930,8 +929,7 @@ class objectProcessor(threading.Thread):
|
||||||
return
|
return
|
||||||
logger.debug('ECDSA verify passed')
|
logger.debug('ECDSA verify passed')
|
||||||
# Used to detect and ignore duplicate messages in our inbox
|
# Used to detect and ignore duplicate messages in our inbox
|
||||||
sigHash = hashlib.sha512(
|
sigHash = highlevelcrypto.double_sha512(signature)[32:]
|
||||||
hashlib.sha512(signature).digest()).digest()[32:]
|
|
||||||
|
|
||||||
fromAddress = encodeAddress(
|
fromAddress = encodeAddress(
|
||||||
sendersAddressVersion, sendersStream, calculatedRipe)
|
sendersAddressVersion, sendersStream, calculatedRipe)
|
||||||
|
@ -1005,10 +1003,10 @@ class objectProcessor(threading.Thread):
|
||||||
# Let us create the tag from the address and see if we were waiting
|
# Let us create the tag from the address and see if we were waiting
|
||||||
# for it.
|
# for it.
|
||||||
elif addressVersion >= 4:
|
elif addressVersion >= 4:
|
||||||
tag = hashlib.sha512(hashlib.sha512(
|
tag = highlevelcrypto.double_sha512(
|
||||||
encodeVarint(addressVersion) + encodeVarint(streamNumber)
|
encodeVarint(addressVersion) + encodeVarint(streamNumber)
|
||||||
+ ripe
|
+ ripe
|
||||||
).digest()).digest()[32:]
|
)[32:]
|
||||||
if tag in state.neededPubkeys:
|
if tag in state.neededPubkeys:
|
||||||
del state.neededPubkeys[tag]
|
del state.neededPubkeys[tag]
|
||||||
self.sendMessages(address)
|
self.sendMessages(address)
|
||||||
|
|
|
@ -25,9 +25,7 @@ import queues
|
||||||
import shared
|
import shared
|
||||||
import state
|
import state
|
||||||
import tr
|
import tr
|
||||||
from addresses import (
|
from addresses import decodeAddress, decodeVarint, encodeVarint
|
||||||
calculateInventoryHash, decodeAddress, decodeVarint, encodeVarint
|
|
||||||
)
|
|
||||||
from bmconfigparser import config
|
from bmconfigparser import config
|
||||||
from helper_sql import sqlExecute, sqlQuery
|
from helper_sql import sqlExecute, sqlQuery
|
||||||
from inventory import Inventory
|
from inventory import Inventory
|
||||||
|
@ -75,18 +73,16 @@ class singleWorker(StoppableThread):
|
||||||
queryreturn = sqlQuery(
|
queryreturn = sqlQuery(
|
||||||
'''SELECT DISTINCT toaddress FROM sent'''
|
'''SELECT DISTINCT toaddress FROM sent'''
|
||||||
''' WHERE (status='awaitingpubkey' AND folder='sent')''')
|
''' WHERE (status='awaitingpubkey' AND folder='sent')''')
|
||||||
for row in queryreturn:
|
for toAddress, in queryreturn:
|
||||||
toAddress, = row
|
toAddressVersionNumber, toStreamNumber, toRipe = \
|
||||||
# toStatus
|
decodeAddress(toAddress)[1:]
|
||||||
_, toAddressVersionNumber, toStreamNumber, toRipe = \
|
|
||||||
decodeAddress(toAddress)
|
|
||||||
if toAddressVersionNumber <= 3:
|
if toAddressVersionNumber <= 3:
|
||||||
state.neededPubkeys[toAddress] = 0
|
state.neededPubkeys[toAddress] = 0
|
||||||
elif toAddressVersionNumber >= 4:
|
elif toAddressVersionNumber >= 4:
|
||||||
doubleHashOfAddressData = hashlib.sha512(hashlib.sha512(
|
doubleHashOfAddressData = highlevelcrypto.double_sha512(
|
||||||
encodeVarint(toAddressVersionNumber)
|
encodeVarint(toAddressVersionNumber)
|
||||||
+ encodeVarint(toStreamNumber) + toRipe
|
+ encodeVarint(toStreamNumber) + toRipe
|
||||||
).digest()).digest()
|
)
|
||||||
# Note that this is the first half of the sha512 hash.
|
# Note that this is the first half of the sha512 hash.
|
||||||
privEncryptionKey = doubleHashOfAddressData[:32]
|
privEncryptionKey = doubleHashOfAddressData[:32]
|
||||||
tag = doubleHashOfAddressData[32:]
|
tag = doubleHashOfAddressData[32:]
|
||||||
|
@ -289,7 +285,7 @@ class singleWorker(StoppableThread):
|
||||||
payload = self._doPOWDefaults(
|
payload = self._doPOWDefaults(
|
||||||
payload, TTL, log_prefix='(For pubkey message)')
|
payload, TTL, log_prefix='(For pubkey message)')
|
||||||
|
|
||||||
inventoryHash = calculateInventoryHash(payload)
|
inventoryHash = highlevelcrypto.calculateInventoryHash(payload)
|
||||||
objectType = 1
|
objectType = 1
|
||||||
Inventory()[inventoryHash] = (
|
Inventory()[inventoryHash] = (
|
||||||
objectType, streamNumber, payload, embeddedTime, '')
|
objectType, streamNumber, payload, embeddedTime, '')
|
||||||
|
@ -377,7 +373,7 @@ class singleWorker(StoppableThread):
|
||||||
payload = self._doPOWDefaults(
|
payload = self._doPOWDefaults(
|
||||||
payload, TTL, log_prefix='(For pubkey message)')
|
payload, TTL, log_prefix='(For pubkey message)')
|
||||||
|
|
||||||
inventoryHash = calculateInventoryHash(payload)
|
inventoryHash = highlevelcrypto.calculateInventoryHash(payload)
|
||||||
objectType = 1
|
objectType = 1
|
||||||
Inventory()[inventoryHash] = (
|
Inventory()[inventoryHash] = (
|
||||||
objectType, streamNumber, payload, embeddedTime, '')
|
objectType, streamNumber, payload, embeddedTime, '')
|
||||||
|
@ -449,10 +445,10 @@ class singleWorker(StoppableThread):
|
||||||
# unencrypted, the pubkey with part of the hash so that nodes
|
# unencrypted, the pubkey with part of the hash so that nodes
|
||||||
# know which pubkey object to try to decrypt
|
# know which pubkey object to try to decrypt
|
||||||
# when they want to send a message.
|
# when they want to send a message.
|
||||||
doubleHashOfAddressData = hashlib.sha512(hashlib.sha512(
|
doubleHashOfAddressData = highlevelcrypto.double_sha512(
|
||||||
encodeVarint(addressVersionNumber)
|
encodeVarint(addressVersionNumber)
|
||||||
+ encodeVarint(streamNumber) + addressHash
|
+ encodeVarint(streamNumber) + addressHash
|
||||||
).digest()).digest()
|
)
|
||||||
payload += doubleHashOfAddressData[32:] # the tag
|
payload += doubleHashOfAddressData[32:] # the tag
|
||||||
signature = highlevelcrypto.sign(
|
signature = highlevelcrypto.sign(
|
||||||
payload + dataToEncrypt, privSigningKeyHex, self.digestAlg)
|
payload + dataToEncrypt, privSigningKeyHex, self.digestAlg)
|
||||||
|
@ -468,7 +464,7 @@ class singleWorker(StoppableThread):
|
||||||
payload = self._doPOWDefaults(
|
payload = self._doPOWDefaults(
|
||||||
payload, TTL, log_prefix='(For pubkey message)')
|
payload, TTL, log_prefix='(For pubkey message)')
|
||||||
|
|
||||||
inventoryHash = calculateInventoryHash(payload)
|
inventoryHash = highlevelcrypto.calculateInventoryHash(payload)
|
||||||
objectType = 1
|
objectType = 1
|
||||||
Inventory()[inventoryHash] = (
|
Inventory()[inventoryHash] = (
|
||||||
objectType, streamNumber, payload, embeddedTime,
|
objectType, streamNumber, payload, embeddedTime,
|
||||||
|
@ -504,7 +500,7 @@ class singleWorker(StoppableThread):
|
||||||
objectType = protocol.OBJECT_ONIONPEER
|
objectType = protocol.OBJECT_ONIONPEER
|
||||||
# FIXME: ideally the objectPayload should be signed
|
# FIXME: ideally the objectPayload should be signed
|
||||||
objectPayload = encodeVarint(peer.port) + protocol.encodeHost(peer.host)
|
objectPayload = encodeVarint(peer.port) + protocol.encodeHost(peer.host)
|
||||||
tag = calculateInventoryHash(objectPayload)
|
tag = highlevelcrypto.calculateInventoryHash(objectPayload)
|
||||||
|
|
||||||
if Inventory().by_type_and_tag(objectType, tag):
|
if Inventory().by_type_and_tag(objectType, tag):
|
||||||
return # not expired
|
return # not expired
|
||||||
|
@ -518,7 +514,7 @@ class singleWorker(StoppableThread):
|
||||||
payload = self._doPOWDefaults(
|
payload = self._doPOWDefaults(
|
||||||
payload, TTL, log_prefix='(For onionpeer object)')
|
payload, TTL, log_prefix='(For onionpeer object)')
|
||||||
|
|
||||||
inventoryHash = calculateInventoryHash(payload)
|
inventoryHash = highlevelcrypto.calculateInventoryHash(payload)
|
||||||
Inventory()[inventoryHash] = (
|
Inventory()[inventoryHash] = (
|
||||||
objectType, streamNumber, buffer(payload), # noqa: F821
|
objectType, streamNumber, buffer(payload), # noqa: F821
|
||||||
embeddedTime, buffer(tag) # noqa: F821
|
embeddedTime, buffer(tag) # noqa: F821
|
||||||
|
@ -612,10 +608,10 @@ class singleWorker(StoppableThread):
|
||||||
|
|
||||||
payload += encodeVarint(streamNumber)
|
payload += encodeVarint(streamNumber)
|
||||||
if addressVersionNumber >= 4:
|
if addressVersionNumber >= 4:
|
||||||
doubleHashOfAddressData = hashlib.sha512(hashlib.sha512(
|
doubleHashOfAddressData = highlevelcrypto.double_sha512(
|
||||||
encodeVarint(addressVersionNumber)
|
encodeVarint(addressVersionNumber)
|
||||||
+ encodeVarint(streamNumber) + ripe
|
+ encodeVarint(streamNumber) + ripe
|
||||||
).digest()).digest()
|
)
|
||||||
tag = doubleHashOfAddressData[32:]
|
tag = doubleHashOfAddressData[32:]
|
||||||
payload += tag
|
payload += tag
|
||||||
else:
|
else:
|
||||||
|
@ -685,7 +681,7 @@ class singleWorker(StoppableThread):
|
||||||
)
|
)
|
||||||
continue
|
continue
|
||||||
|
|
||||||
inventoryHash = calculateInventoryHash(payload)
|
inventoryHash = highlevelcrypto.calculateInventoryHash(payload)
|
||||||
objectType = 3
|
objectType = 3
|
||||||
Inventory()[inventoryHash] = (
|
Inventory()[inventoryHash] = (
|
||||||
objectType, streamNumber, payload, embeddedTime, tag)
|
objectType, streamNumber, payload, embeddedTime, tag)
|
||||||
|
@ -794,10 +790,10 @@ class singleWorker(StoppableThread):
|
||||||
if toAddressVersionNumber <= 3:
|
if toAddressVersionNumber <= 3:
|
||||||
toTag = ''
|
toTag = ''
|
||||||
else:
|
else:
|
||||||
toTag = hashlib.sha512(hashlib.sha512(
|
toTag = highlevelcrypto.double_sha512(
|
||||||
encodeVarint(toAddressVersionNumber)
|
encodeVarint(toAddressVersionNumber)
|
||||||
+ encodeVarint(toStreamNumber) + toRipe
|
+ encodeVarint(toStreamNumber) + toRipe
|
||||||
).digest()).digest()[32:]
|
)[32:]
|
||||||
if toaddress in state.neededPubkeys or \
|
if toaddress in state.neededPubkeys or \
|
||||||
toTag in state.neededPubkeys:
|
toTag in state.neededPubkeys:
|
||||||
# We already sent a request for the pubkey
|
# We already sent a request for the pubkey
|
||||||
|
@ -831,11 +827,11 @@ class singleWorker(StoppableThread):
|
||||||
# already contains the toAddress and cryptor
|
# already contains the toAddress and cryptor
|
||||||
# object associated with the tag for this toAddress.
|
# object associated with the tag for this toAddress.
|
||||||
if toAddressVersionNumber >= 4:
|
if toAddressVersionNumber >= 4:
|
||||||
doubleHashOfToAddressData = hashlib.sha512(
|
doubleHashOfToAddressData = \
|
||||||
hashlib.sha512(
|
highlevelcrypto.double_sha512(
|
||||||
encodeVarint(toAddressVersionNumber) + encodeVarint(toStreamNumber) + toRipe
|
encodeVarint(toAddressVersionNumber)
|
||||||
).digest()
|
+ encodeVarint(toStreamNumber) + toRipe
|
||||||
).digest()
|
)
|
||||||
# The first half of the sha512 hash.
|
# The first half of the sha512 hash.
|
||||||
privEncryptionKey = doubleHashOfToAddressData[:32]
|
privEncryptionKey = doubleHashOfToAddressData[:32]
|
||||||
# The second half of the sha512 hash.
|
# The second half of the sha512 hash.
|
||||||
|
@ -1302,7 +1298,7 @@ class singleWorker(StoppableThread):
|
||||||
)
|
)
|
||||||
continue
|
continue
|
||||||
|
|
||||||
inventoryHash = calculateInventoryHash(encryptedPayload)
|
inventoryHash = highlevelcrypto.calculateInventoryHash(encryptedPayload)
|
||||||
objectType = 2
|
objectType = 2
|
||||||
Inventory()[inventoryHash] = (
|
Inventory()[inventoryHash] = (
|
||||||
objectType, toStreamNumber, encryptedPayload, embeddedTime, '')
|
objectType, toStreamNumber, encryptedPayload, embeddedTime, '')
|
||||||
|
@ -1352,8 +1348,7 @@ class singleWorker(StoppableThread):
|
||||||
# the message in our own inbox.
|
# the message in our own inbox.
|
||||||
if config.has_section(toaddress):
|
if config.has_section(toaddress):
|
||||||
# Used to detect and ignore duplicate messages in our inbox
|
# Used to detect and ignore duplicate messages in our inbox
|
||||||
sigHash = hashlib.sha512(hashlib.sha512(
|
sigHash = highlevelcrypto.double_sha512(signature)[32:]
|
||||||
signature).digest()).digest()[32:]
|
|
||||||
t = (inventoryHash, toaddress, fromaddress, subject, int(
|
t = (inventoryHash, toaddress, fromaddress, subject, int(
|
||||||
time.time()), message, 'inbox', encoding, 0, sigHash)
|
time.time()), message, 'inbox', encoding, 0, sigHash)
|
||||||
helper_inbox.insert(t)
|
helper_inbox.insert(t)
|
||||||
|
@ -1410,16 +1405,13 @@ class singleWorker(StoppableThread):
|
||||||
# neededPubkeys dictionary. But if we are recovering
|
# neededPubkeys dictionary. But if we are recovering
|
||||||
# from a restart of the client then we have to put it in now.
|
# from a restart of the client then we have to put it in now.
|
||||||
|
|
||||||
# Note that this is the first half of the sha512 hash.
|
doubleHashOfAddressData = highlevelcrypto.double_sha512(
|
||||||
privEncryptionKey = hashlib.sha512(hashlib.sha512(
|
|
||||||
encodeVarint(addressVersionNumber)
|
encodeVarint(addressVersionNumber)
|
||||||
+ encodeVarint(streamNumber) + ripe
|
+ encodeVarint(streamNumber) + ripe
|
||||||
).digest()).digest()[:32]
|
)
|
||||||
|
privEncryptionKey = doubleHashOfAddressData[:32]
|
||||||
# Note that this is the second half of the sha512 hash.
|
# Note that this is the second half of the sha512 hash.
|
||||||
tag = hashlib.sha512(hashlib.sha512(
|
tag = doubleHashOfAddressData[32:]
|
||||||
encodeVarint(addressVersionNumber)
|
|
||||||
+ encodeVarint(streamNumber) + ripe
|
|
||||||
).digest()).digest()[32:]
|
|
||||||
if tag not in state.neededPubkeys:
|
if tag not in state.neededPubkeys:
|
||||||
# We'll need this for when we receive a pubkey reply:
|
# We'll need this for when we receive a pubkey reply:
|
||||||
# it will be encrypted and we'll need to decrypt it.
|
# it will be encrypted and we'll need to decrypt it.
|
||||||
|
@ -1462,7 +1454,7 @@ class singleWorker(StoppableThread):
|
||||||
|
|
||||||
payload = self._doPOWDefaults(payload, TTL)
|
payload = self._doPOWDefaults(payload, TTL)
|
||||||
|
|
||||||
inventoryHash = calculateInventoryHash(payload)
|
inventoryHash = highlevelcrypto.calculateInventoryHash(payload)
|
||||||
objectType = 1
|
objectType = 1
|
||||||
Inventory()[inventoryHash] = (
|
Inventory()[inventoryHash] = (
|
||||||
objectType, streamNumber, payload, embeddedTime, '')
|
objectType, streamNumber, payload, embeddedTime, '')
|
||||||
|
|
|
@ -18,6 +18,7 @@ from pyelliptic import arithmetic as a
|
||||||
|
|
||||||
__all__ = [
|
__all__ = [
|
||||||
'decodeWalletImportFormat', 'encodeWalletImportFormat',
|
'decodeWalletImportFormat', 'encodeWalletImportFormat',
|
||||||
|
'double_sha512', 'calculateInventoryHash',
|
||||||
'encrypt', 'makeCryptor', 'pointMult', 'privToPub', 'randomBytes',
|
'encrypt', 'makeCryptor', 'pointMult', 'privToPub', 'randomBytes',
|
||||||
'sign', 'verify']
|
'sign', 'verify']
|
||||||
|
|
||||||
|
@ -61,6 +62,18 @@ def randomBytes(n):
|
||||||
return OpenSSL.rand(n)
|
return OpenSSL.rand(n)
|
||||||
|
|
||||||
|
|
||||||
|
# Hashes
|
||||||
|
|
||||||
|
def double_sha512(data):
|
||||||
|
"""Binary double SHA512 digest"""
|
||||||
|
return hashlib.sha512(hashlib.sha512(data).digest()).digest()
|
||||||
|
|
||||||
|
|
||||||
|
def calculateInventoryHash(data):
|
||||||
|
"""Calculate inventory hash from object data"""
|
||||||
|
return double_sha512(data)[:32]
|
||||||
|
|
||||||
|
|
||||||
def makeCryptor(privkey, curve='secp256k1'):
|
def makeCryptor(privkey, curve='secp256k1'):
|
||||||
"""Return a private `.pyelliptic.ECC` instance"""
|
"""Return a private `.pyelliptic.ECC` instance"""
|
||||||
private_key = a.changebase(privkey, 16, 256, minlen=32)
|
private_key = a.changebase(privkey, 16, 256, minlen=32)
|
||||||
|
|
|
@ -6,7 +6,7 @@ import time
|
||||||
|
|
||||||
import protocol
|
import protocol
|
||||||
import state
|
import state
|
||||||
from addresses import calculateInventoryHash
|
from highlevelcrypto import calculateInventoryHash
|
||||||
from inventory import Inventory
|
from inventory import Inventory
|
||||||
from network.dandelion import Dandelion
|
from network.dandelion import Dandelion
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,6 @@ Proof of work calculation
|
||||||
"""
|
"""
|
||||||
|
|
||||||
import ctypes
|
import ctypes
|
||||||
import hashlib
|
|
||||||
import os
|
import os
|
||||||
import sys
|
import sys
|
||||||
import tempfile
|
import tempfile
|
||||||
|
@ -12,6 +11,7 @@ import time
|
||||||
from struct import pack, unpack
|
from struct import pack, unpack
|
||||||
from subprocess import call # nosec B404
|
from subprocess import call # nosec B404
|
||||||
|
|
||||||
|
import highlevelcrypto
|
||||||
import openclpow
|
import openclpow
|
||||||
import paths
|
import paths
|
||||||
import queues
|
import queues
|
||||||
|
@ -87,13 +87,20 @@ def _set_idle():
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
|
def trial_value(nonce, initialHash):
|
||||||
|
"""Calculate PoW trial value"""
|
||||||
|
trialValue, = unpack(
|
||||||
|
'>Q', highlevelcrypto.double_sha512(
|
||||||
|
pack('>Q', nonce) + initialHash)[0:8])
|
||||||
|
return trialValue
|
||||||
|
|
||||||
|
|
||||||
def _pool_worker(nonce, initialHash, target, pool_size):
|
def _pool_worker(nonce, initialHash, target, pool_size):
|
||||||
_set_idle()
|
_set_idle()
|
||||||
trialValue = float('inf')
|
trialValue = float('inf')
|
||||||
while trialValue > target:
|
while trialValue > target:
|
||||||
nonce += pool_size
|
nonce += pool_size
|
||||||
trialValue, = unpack('>Q', hashlib.sha512(hashlib.sha512(
|
trialValue = trial_value(nonce, initialHash)
|
||||||
pack('>Q', nonce) + initialHash).digest()).digest()[0:8])
|
|
||||||
return [trialValue, nonce]
|
return [trialValue, nonce]
|
||||||
|
|
||||||
|
|
||||||
|
@ -103,10 +110,9 @@ def _doSafePoW(target, initialHash):
|
||||||
trialValue = float('inf')
|
trialValue = float('inf')
|
||||||
while trialValue > target and state.shutdown == 0:
|
while trialValue > target and state.shutdown == 0:
|
||||||
nonce += 1
|
nonce += 1
|
||||||
trialValue, = unpack('>Q', hashlib.sha512(hashlib.sha512(
|
trialValue = trial_value(nonce, initialHash)
|
||||||
pack('>Q', nonce) + initialHash).digest()).digest()[0:8])
|
|
||||||
if state.shutdown != 0:
|
if state.shutdown != 0:
|
||||||
raise StopIteration("Interrupted") # pylint: misplaced-bare-raise
|
raise StopIteration("Interrupted")
|
||||||
logger.debug("Safe PoW done")
|
logger.debug("Safe PoW done")
|
||||||
return [trialValue, nonce]
|
return [trialValue, nonce]
|
||||||
|
|
||||||
|
@ -163,7 +169,7 @@ def _doCPoW(target, initialHash):
|
||||||
logger.debug("C PoW start")
|
logger.debug("C PoW start")
|
||||||
nonce = bmpow(out_h, out_m)
|
nonce = bmpow(out_h, out_m)
|
||||||
|
|
||||||
trialValue, = unpack('>Q', hashlib.sha512(hashlib.sha512(pack('>Q', nonce) + initialHash).digest()).digest()[0:8])
|
trialValue = trial_value(nonce, initialHash)
|
||||||
if state.shutdown != 0:
|
if state.shutdown != 0:
|
||||||
raise StopIteration("Interrupted")
|
raise StopIteration("Interrupted")
|
||||||
logger.debug("C PoW done")
|
logger.debug("C PoW done")
|
||||||
|
@ -173,7 +179,7 @@ def _doCPoW(target, initialHash):
|
||||||
def _doGPUPoW(target, initialHash):
|
def _doGPUPoW(target, initialHash):
|
||||||
logger.debug("GPU PoW start")
|
logger.debug("GPU PoW start")
|
||||||
nonce = openclpow.do_opencl_pow(initialHash.encode("hex"), target)
|
nonce = openclpow.do_opencl_pow(initialHash.encode("hex"), target)
|
||||||
trialValue, = unpack('>Q', hashlib.sha512(hashlib.sha512(pack('>Q', nonce) + initialHash).digest()).digest()[0:8])
|
trialValue = trial_value(nonce, initialHash)
|
||||||
if trialValue > target:
|
if trialValue > target:
|
||||||
deviceNames = ", ".join(gpu.name for gpu in openclpow.enabledGpus)
|
deviceNames = ", ".join(gpu.name for gpu in openclpow.enabledGpus)
|
||||||
queues.UISignalQueue.put((
|
queues.UISignalQueue.put((
|
||||||
|
|
|
@ -290,12 +290,11 @@ def isProofOfWorkSufficient(
|
||||||
if payloadLengthExtraBytes < defaults.networkDefaultPayloadLengthExtraBytes:
|
if payloadLengthExtraBytes < defaults.networkDefaultPayloadLengthExtraBytes:
|
||||||
payloadLengthExtraBytes = defaults.networkDefaultPayloadLengthExtraBytes
|
payloadLengthExtraBytes = defaults.networkDefaultPayloadLengthExtraBytes
|
||||||
endOfLifeTime, = unpack('>Q', data[8:16])
|
endOfLifeTime, = unpack('>Q', data[8:16])
|
||||||
TTL = endOfLifeTime - (int(recvTime) if recvTime else int(time.time()))
|
TTL = endOfLifeTime - int(recvTime if recvTime else time.time())
|
||||||
if TTL < 300:
|
if TTL < 300:
|
||||||
TTL = 300
|
TTL = 300
|
||||||
POW, = unpack('>Q', hashlib.sha512(hashlib.sha512(
|
POW, = unpack('>Q', highlevelcrypto.double_sha512(
|
||||||
data[:8] + hashlib.sha512(data[8:]).digest()
|
data[:8] + hashlib.sha512(data[8:]).digest())[0:8])
|
||||||
).digest()).digest()[0:8])
|
|
||||||
return POW <= 2 ** 64 / (
|
return POW <= 2 ** 64 / (
|
||||||
nonceTrialsPerByte * (
|
nonceTrialsPerByte * (
|
||||||
len(data) + payloadLengthExtraBytes
|
len(data) + payloadLengthExtraBytes
|
||||||
|
|
|
@ -86,8 +86,7 @@ def reloadMyAddressHashes():
|
||||||
state.appdata, 'keys.dat'))
|
state.appdata, 'keys.dat'))
|
||||||
hasEnabledKeys = False
|
hasEnabledKeys = False
|
||||||
for addressInKeysFile in config.addresses():
|
for addressInKeysFile in config.addresses():
|
||||||
isEnabled = config.getboolean(addressInKeysFile, 'enabled')
|
if not config.getboolean(addressInKeysFile, 'enabled'):
|
||||||
if not isEnabled:
|
|
||||||
continue
|
continue
|
||||||
|
|
||||||
hasEnabledKeys = True
|
hasEnabledKeys = True
|
||||||
|
@ -116,9 +115,9 @@ def reloadMyAddressHashes():
|
||||||
myECCryptorObjects[hashobj] = \
|
myECCryptorObjects[hashobj] = \
|
||||||
highlevelcrypto.makeCryptor(privEncryptionKey)
|
highlevelcrypto.makeCryptor(privEncryptionKey)
|
||||||
myAddressesByHash[hashobj] = addressInKeysFile
|
myAddressesByHash[hashobj] = addressInKeysFile
|
||||||
tag = hashlib.sha512(hashlib.sha512(
|
tag = highlevelcrypto.double_sha512(
|
||||||
encodeVarint(addressVersionNumber)
|
encodeVarint(addressVersionNumber)
|
||||||
+ encodeVarint(streamNumber) + hashobj).digest()).digest()[32:]
|
+ encodeVarint(streamNumber) + hashobj)[32:]
|
||||||
myAddressesByTag[tag] = addressInKeysFile
|
myAddressesByTag[tag] = addressInKeysFile
|
||||||
|
|
||||||
if not keyfileSecure:
|
if not keyfileSecure:
|
||||||
|
@ -153,10 +152,10 @@ def reloadBroadcastSendersForWhichImWatching():
|
||||||
MyECSubscriptionCryptorObjects[hashobj] = \
|
MyECSubscriptionCryptorObjects[hashobj] = \
|
||||||
highlevelcrypto.makeCryptor(hexlify(privEncryptionKey))
|
highlevelcrypto.makeCryptor(hexlify(privEncryptionKey))
|
||||||
else:
|
else:
|
||||||
doubleHashOfAddressData = hashlib.sha512(hashlib.sha512(
|
doubleHashOfAddressData = highlevelcrypto.double_sha512(
|
||||||
encodeVarint(addressVersionNumber)
|
encodeVarint(addressVersionNumber)
|
||||||
+ encodeVarint(streamNumber) + hashobj
|
+ encodeVarint(streamNumber) + hashobj
|
||||||
).digest()).digest()
|
)
|
||||||
tag = doubleHashOfAddressData[32:]
|
tag = doubleHashOfAddressData[32:]
|
||||||
privEncryptionKey = doubleHashOfAddressData[:32]
|
privEncryptionKey = doubleHashOfAddressData[:32]
|
||||||
MyECSubscriptionCryptorObjects[tag] = \
|
MyECSubscriptionCryptorObjects[tag] = \
|
||||||
|
|
|
@ -2,6 +2,12 @@
|
||||||
|
|
||||||
from binascii import unhexlify
|
from binascii import unhexlify
|
||||||
|
|
||||||
|
# hello, page 1 of the Specification
|
||||||
|
sample_hash_data = b'hello'
|
||||||
|
sample_double_sha512 = unhexlify(
|
||||||
|
'0592a10584ffabf96539f3d780d776828c67da1ab5b169e9e8aed838aaecc9ed36d49ff14'
|
||||||
|
'23c55f019e050c66c6324f53588be88894fef4dcffdb74b98e2b200')
|
||||||
|
|
||||||
|
|
||||||
# 500 identical peers:
|
# 500 identical peers:
|
||||||
# 1626611891, 1, 1, 127.0.0.1, 8444
|
# 1626611891, 1, 1, 127.0.0.1, 8444
|
||||||
|
|
|
@ -17,6 +17,7 @@ except ImportError:
|
||||||
RIPEMD160 = None
|
RIPEMD160 = None
|
||||||
|
|
||||||
from .samples import (
|
from .samples import (
|
||||||
|
sample_double_sha512, sample_hash_data,
|
||||||
sample_msg, sample_pubsigningkey, sample_pubencryptionkey,
|
sample_msg, sample_pubsigningkey, sample_pubencryptionkey,
|
||||||
sample_privsigningkey, sample_privencryptionkey, sample_ripe,
|
sample_privsigningkey, sample_privencryptionkey, sample_ripe,
|
||||||
sample_sig, sample_sig_sha1
|
sample_sig, sample_sig_sha1
|
||||||
|
@ -66,6 +67,12 @@ class TestCrypto(RIPEMD160TestCase, unittest.TestCase):
|
||||||
class TestHighlevelcrypto(unittest.TestCase):
|
class TestHighlevelcrypto(unittest.TestCase):
|
||||||
"""Test highlevelcrypto public functions"""
|
"""Test highlevelcrypto public functions"""
|
||||||
|
|
||||||
|
def test_double_sha512(self):
|
||||||
|
"""Reproduce the example on page 1 of the Specification"""
|
||||||
|
self.assertEqual(
|
||||||
|
highlevelcrypto.double_sha512(sample_hash_data),
|
||||||
|
sample_double_sha512)
|
||||||
|
|
||||||
def test_randomBytes(self):
|
def test_randomBytes(self):
|
||||||
"""Dummy checks for random bytes"""
|
"""Dummy checks for random bytes"""
|
||||||
for n in (8, 32, 64):
|
for n in (8, 32, 64):
|
||||||
|
|
|
@ -7,8 +7,8 @@ import tempfile
|
||||||
import time
|
import time
|
||||||
import unittest
|
import unittest
|
||||||
|
|
||||||
|
from pybitmessage import highlevelcrypto
|
||||||
from pybitmessage.storage import storage
|
from pybitmessage.storage import storage
|
||||||
from pybitmessage.addresses import calculateInventoryHash
|
|
||||||
|
|
||||||
from .partial import TestPartialRun
|
from .partial import TestPartialRun
|
||||||
|
|
||||||
|
@ -35,7 +35,7 @@ class TestFilesystemInventory(TestPartialRun):
|
||||||
TTL = 24 * 60 * 60
|
TTL = 24 * 60 * 60
|
||||||
embedded_time = int(time.time() + TTL)
|
embedded_time = int(time.time() + TTL)
|
||||||
msg = struct.pack('>Q', embedded_time) + os.urandom(166)
|
msg = struct.pack('>Q', embedded_time) + os.urandom(166)
|
||||||
invhash = calculateInventoryHash(msg)
|
invhash = highlevelcrypto.calculateInventoryHash(msg)
|
||||||
self.inventory[invhash] = (2, 1, msg, embedded_time, b'')
|
self.inventory[invhash] = (2, 1, msg, embedded_time, b'')
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
|
|
|
@ -1,10 +1,10 @@
|
||||||
"""
|
"""
|
||||||
Tests for openclpow module
|
Tests for openclpow module
|
||||||
"""
|
"""
|
||||||
import hashlib
|
|
||||||
import unittest
|
import unittest
|
||||||
from struct import pack, unpack
|
|
||||||
from pybitmessage import openclpow
|
from pybitmessage import openclpow, proofofwork
|
||||||
|
|
||||||
|
|
||||||
class TestOpenClPow(unittest.TestCase):
|
class TestOpenClPow(unittest.TestCase):
|
||||||
|
@ -25,7 +25,5 @@ class TestOpenClPow(unittest.TestCase):
|
||||||
"b93f3ffeba0ef2fd08a8dc2f87b68ae5a0dc819ab57f22ad2c4c9c8618a43b3"
|
"b93f3ffeba0ef2fd08a8dc2f87b68ae5a0dc819ab57f22ad2c4c9c8618a43b3"
|
||||||
).decode("hex")
|
).decode("hex")
|
||||||
nonce = openclpow.do_opencl_pow(initialHash.encode("hex"), target_)
|
nonce = openclpow.do_opencl_pow(initialHash.encode("hex"), target_)
|
||||||
trialValue, = unpack(
|
self.assertLess(
|
||||||
'>Q', hashlib.sha512(hashlib.sha512(
|
nonce - proofofwork.trial_value(nonce, initialHash), target_)
|
||||||
pack('>Q', nonce) + initialHash).digest()).digest()[0:8])
|
|
||||||
self.assertLess((nonce - trialValue), target_)
|
|
||||||
|
|
Reference in New Issue
Block a user