valitydev/salt
14
0
Fork 0
mirror of https://github.com/valitydev/salt.git synced 2024-11-08 09:23:56 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

MOstly debugged endow transaction

Browse Source 
Need to fix sizes too big for 1 udp packet
This commit is contained in:
Samuel M Smith 2014-02-14 17:04:47 -07:00
parent bbb4f27994
commit dae79a14b0
5 changed files with 138 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
salt/transport/road/raet/nacling.py
View File

@ -65,7 +65,7 @@ class Verifier(object):
return False
try:
self.key.verify(signature + msg)
except nacl.signing.BadSignatureError:
except nacl.exceptions.BadSignatureError:
return False
return True
@ -113,7 +113,7 @@ class Privateer(object):
now)
return nonce
def encrypt(self, msg, pubkey):
def encrypt(self, msg, pubkey, enhex=False):
'''
Return duple of (cyphertext, nonce) resulting from encrypting the message
using shared key generated from the .key and the pubkey
@ -128,10 +128,11 @@ class Privateer(object):
pubkey = nacl.public.PublicKey(pubkey, nacl.encoding.HexEncoder)
box = nacl.public.Box(self.key, pubkey)
nonce = self.nonce()
encrypted = box.encrypt(msg, nonce)
encoder = nacl.encoding.HexEncoder if enhex else nacl.encoding.RawEncoder
encrypted = box.encrypt(msg, nonce, encoder)
return (encrypted.ciphertext, encrypted.nonce)
def decrypt(self, cipher, nonce, pubkey):
def decrypt(self, cipher, nonce, pubkey, dehex=False):
'''
Return decripted msg contained in cypher using nonce and shared key
generated from .key and pubkey.
@ -146,4 +147,5 @@ class Privateer(object):
if not isinstance(pubkey, nacl.public.PublicKey):
pubkey = nacl.public.PublicKey(pubkey, nacl.encoding.HexEncoder)
box = nacl.public.Box(self.key, pubkey)
return box.decrypt(cipher, nonce)
decoder = nacl.encoding.HexEncoder if dehex else nacl.encoding.RawEncoder
return box.decrypt(cipher, nonce, decoder)

88
salt/transport/road/raet/packeting.py
View File

@ -236,7 +236,7 @@ class TxCoat(Coat):
if self.kind == raeting.coatKinds.nacl:
msg = self.packet.body.packed
cipher, nonce = self.packet.transaction.encrypt(msg)
cipher, nonce = self.packet.encrypt(msg)
self.packed = "".join([cipher, nonce])
if self.kind == raeting.coatKinds.nada:
@ -262,7 +262,7 @@ class RxCoat(Coat):
cipher = self.packed[:-tl]
nonce = self.packed[-tl:]
msg = self.packet.transaction.decrypt(cipher, nonce)
msg = self.packet.decrypt(cipher, nonce)
self.packet.body.packed = msg
if self.kind == raeting.coatKinds.nada:
@ -298,9 +298,24 @@ class TxFoot(Foot):
raise raeting.PacketError(emsg)
if self.kind == raeting.footKinds.nacl:
blank = "".rjust(raeting.footSizes.nacl, '\x00')
msg = "".join([self.packet.head.packed, self.packet.coat.packed, blank])
self.packed = self.packet.transaction.signature(msg)
self.packed = "".rjust(raeting.footSizes.nacl, '\x00')
elif self.kind == raeting.footKinds.nada:
pass
def sign(self):
'''
Compute signature on packet.packed and update packet.packet with signature
'''
if self.kind not in raeting.FOOT_KIND_NAMES:
self.kind = raeting.footKinds.unknown
emsg = "Unrecognizible packet foot."
raise raeting.PacketError(emsg)
if self.kind == raeting.footKinds.nacl:
#blank = "".rjust(raeting.footSizes.nacl, '\x00')
#msg = "".join([self.packet.head.packed, self.packet.coat.packed, blank])
self.packed = self.packet.signature(self.packet.packed)
elif self.kind == raeting.footKinds.nada:
pass
@ -329,21 +344,20 @@ class RxFoot(Foot):
signature = self.packed
blank = "".rjust(raeting.footSizes.nacl, '\x00')
msg = "".join([self.packet.head.packed, self.packet.coat.packed, blank])
if not self.packet.transaction.verify(signature, msg):
if not self.packet.verify(signature, msg):
emsg = "Failed verification"
raise raeting.PacketError(emsg)
if self.kind == raeting.footKinds.nada:
pass
class Packet(object):
'''
RAET protocol packet object
'''
def __init__(self, transaction=None, kind=None):
def __init__(self, stack=None, kind=None):
''' Setup Packet instance. Meta data for a packet. '''
self.transaction = transaction
self.stack = stack
self.kind = kind or raeting.PACKET_DEFAULTS['pk']
self.packed = '' # packed string
self.segments = [] # subpackets when segmented
@ -365,7 +379,6 @@ class Packet(object):
self.data.update(data)
return self # so can method chain
class TxPacket(Packet):
'''
RAET Protocol Transmit Packet object
@ -390,6 +403,27 @@ class TxPacket(Packet):
data = self.data
return ((data['cf'], data['sd'], data['dd'], data['si'], data['ti'], data['bf']))
def signature(self, msg):
'''
Return signature resulting from signing msg
'''
return (self.stack.device.signer.signature(msg))
def sign(self):
'''
Sign packet with foot
'''
self.foot.sign()
self.packed = ''.join([self.head.packed, self.coat.packed, self.foot.packed])
def encrypt(self, msg):
'''
Return (cipher, nonce) duple resulting from encrypting message
with short term keys
'''
remote = self.stack.devices[self.data['dd']]
return (remote.privee.encrypt(msg, remote.publee.key))
def pack(self):
'''
Pack the parts of the packet and then the full packet into .packed
@ -401,12 +435,6 @@ class TxPacket(Packet):
self.packed = ''.join([self.head.packed, self.coat.packed, self.foot.packed])
self.sign()
def sign(self):
'''
Sign .packed using foot
'''
return True
class RxPacket(Packet):
'''
RAET Protocol Receive Packet object
@ -430,6 +458,20 @@ class RxPacket(Packet):
data = self.data
return ((not data['cf'], data['dd'], data['sd'], data['si'], data['ti'], data['bf']))
def verify(self, signature, msg):
'''
Return result of verifying msg with signature
'''
return (self.stack.devices[self.data['sd']].verfer.verify(signature, msg))
def decrypt(self, cipher, nonce):
'''
Return msg resulting from decrypting cipher and nonce
with short term keys
'''
remote = self.stack.devices[self.data['sd']]
return (self.stack.device.privee.decrypt(cipher, nonce, remote.publee, key))
def unpack(self, packed=None):
'''
Unpacks the foot, body, and coat parts of .packed
@ -490,7 +532,6 @@ class RxPacket(Packet):
self.unpack()
self.foot.parse()
self.verify()
def parseInner(self):
'''
@ -504,17 +545,4 @@ class RxPacket(Packet):
Raises PacketError exception If failure
'''
self.coat.parse()
self.decrypt()
self.body.parse()
def verify(self):
'''
Uses signature in foot to verify (authenticate) packet signature
'''
return True
def decrypt(self):
'''
Uses coat to decrypt body
'''
return True

12
salt/transport/road/raet/stacking.py
View File

@ -147,10 +147,10 @@ class StackUdp(object):
print "{0} received\n{1}".format(self.name, raw)
packet = packeting.RxPacket(packed=raw)
packet = packeting.RxPacket(stack=self, packed=raw)
try:
packet.parseOuter()
except packeting.PacketError as ex:
except raeting.PacketError as ex:
print ex
return None
@ -166,7 +166,7 @@ class StackUdp(object):
try:
packet.parseInner()
except packeting.PacketError as ex:
except raeting.PacketError as ex:
print ex
return None
@ -221,7 +221,7 @@ class StackUdp(object):
def replyJoin(self, packet):
'''
Correspond to join transaction
Correspond to new join transaction
'''
data = odict(hk=self.Hk, bk=self.Bk)
joinent = transacting.Joinent(stack=self,
@ -243,11 +243,11 @@ class StackUdp(object):
def replyEndow(self, packet):
'''
Correspond to endow transaction
Correspond to new endow transaction
'''
data = odict(hk=self.Hk, bk=self.Bk)
endowent = transacting.Endowent(stack=self,
rid=packet.data['sd'],
rdid=packet.data['sd'],
sid=packet.data['si'],
tid=packet.data['ti'],
txData=data,

32
salt/transport/road/raet/test/test_stacking.py
View File

@ -34,7 +34,7 @@ def test():
prikey=masterPriKeyHex,)
stack0 = stacking.StackUdp(device=device)
#minon stack
#minion stack
device = devicing.LocalDevice( did=0,
ha=("", raeting.RAET_TEST_PORT),
signkey=minionSignKeyHex,
@ -69,11 +69,37 @@ def test():
print "{0} transactions=\n{1}".format(stack1.name, stack1.transactions)
stack1.endow()
timer.restart()
while not timer.expired:
stack1.serviceUdp()
stack0.serviceUdp()
while stack0.udpRxes:
stack0.processUdpRx()
timer.restart()
stack1.serviceUdp()
stack0.serviceUdp()
while not timer.expired:
stack0.serviceUdp()
stack1.serviceUdp()
while stack1.udpRxes:
stack1.processUdpRx()
timer.restart()
while not timer.expired:
stack0.serviceUdp()
stack1.serviceUdp()
while stack0.udpRxes:
stack0.processUdpRx()
timer.restart()
while not timer.expired:
stack0.serviceUdp()
stack1.serviceUdp()
while stack1.udpRxes:
stack1.processUdpRx()
if __name__ == "__main__":

88
salt/transport/road/raet/transacting.py
View File

@ -6,6 +6,7 @@ stacking.py raet protocol stacking classes
# Import python libs
import socket
import binascii
try:
import simplejson as json
@ -103,34 +104,6 @@ class Transaction(object):
index = self.index
self.stack.removeTransaction(index, transaction=self)
def signature(self, msg):
'''
Return signature resulting from signing msg
'''
return (self.stack.device.signer.signature(msg))
def verify(self, signature, msg):
'''
Return result of verifying msg with signature
'''
return (self.stack.devices[self.rdid].verfer.verify(signature, msg))
def encrypt(self, msg):
'''
Return (cipher, nonce) duple resulting from encrypting message
with short term keys
'''
remote = self.stack.devices[self.rdid]
return (self.stack.device.privee.encrypt(msg, remote.publee.key))
def decrypt(self, cipher, nonce):
'''
Return msg resulting from decrypting cipher and nonce
with short term keys
'''
remote = self.stack.devices[self.rdid]
return (self.stack.device.privee.decrypt(cipher, nonce, remote.publee, key))
class Initiator(Transaction):
'''
RAET protocol initiator transaction class
@ -229,7 +202,7 @@ class Joiner(Initiator):
body = odict([('verhex', self.stack.device.signer.verhex),
('pubhex', self.stack.device.priver.pubhex)])
packet = packeting.TxPacket(transaction=self,
packet = packeting.TxPacket(stack=self.stack,
kind=raeting.pcktKinds.request,
embody=body,
data=self.txData)
@ -360,7 +333,7 @@ class Joinent(Correspondent):
ck=raeting.coatKinds.nada,
fk=raeting.footKinds.nada,)
body = odict()
packet = packeting.TxPacket(transaction=self,
packet = packeting.TxPacket(stack=self.stack,
kind=raeting.pcktKinds.ack,
embody=body,
data=self.txData)
@ -400,7 +373,7 @@ class Joinent(Correspondent):
('rdid', self.stack.device.did),
('verhex', self.stack.device.signer.verhex),
('pubhex', self.stack.device.priver.pubhex)])
packet = packeting.TxPacket(transaction=self,
packet = packeting.TxPacket(stack=self.stack,
kind=raeting.pcktKinds.response,
embody=body,
data=self.txData)
@ -446,7 +419,7 @@ class Endower(Initiator):
if packet.data['tk'] == raeting.trnsKinds.endow:
if packet.data['pk'] == raeting.pcktKinds.cookie:
self.initiate()
self.cookie()
elif packet.data['pk'] == raeting.pcktKinds.ack:
self.endow()
@ -478,14 +451,14 @@ class Endower(Initiator):
raise raeting.TransactionError(emsg)
remote = self.stack.devices[self.rdid]
msg = "".rjust(64, '\x00')
cipher, nonce = remote.privee.encrypt(msg, remote.pubber.key)
msg = binascii.hexlify("".rjust(32, '\x00'))
cipher, nonce = remote.privee.encrypt(msg, remote.pubber.key, enhex=True)
body = odict([('plain', msg),
('shorthex', remote.privee.pubhex),
('cipher', cipher),
('nonce', nonce)])
packet = packeting.TxPacket(transaction=self,
packet = packeting.TxPacket(stack=self.stack,
kind=raeting.pcktKinds.hello,
embody=body,
data=self.txData)
@ -516,6 +489,8 @@ class Endower(Initiator):
remote = self.stack.devices[self.rdid]
cipher = binascii.unhexlify(cipher)
nonce = binascii.unhexlify(nonce)
msg = remote.privee.decrypt(cipher, nonce, remote.pubber.key)
stuff = json.loads(msg, object_pairs_hook=odict)
@ -524,8 +499,7 @@ class Endower(Initiator):
emsg = "Missing short term key in cookie"
raise raeting.TransactionError(emsg)
if stuff.get('sdid') != remote.did or self.get('ddid') != self.stack.device.did:
if stuff.get('sdid') != remote.did or stuff.get('ddid') != self.stack.device.did:
emsg = "Invalid cookie sdid or ddid fields in cookie packet"
raeting.TransactionError(emsg)
@ -549,18 +523,25 @@ class Endower(Initiator):
remote = self.stack.devices[self.rdid]
vouch = json.dumps(odict(shorthex=remote.privee.pubhex), separators=(',', ':'))
vcipher, vnonce = self.stack.device.priver.encrypt(vouch, remote.pubber.key)
vcipher, vnonce = self.stack.device.priver.encrypt(vouch,
remote.pubber.key)
vcipher = binascii.hexlify(vcipher)
vnonce = binascii.hexlify(vcipher)
stuff = odict([('fqdn', remote.fqdn),
('longhex', self.stack.device.priver.keyhex),
('vcipher', vcipher),
('vnonce', vnonce),])
stuff = json.dumps(stuff, separators=(',', ':'))
cipher, nonce = remote.privee.encrypt(stuff, remote.publee.key)
cipher = binascii.hexlify(cipher)
nonce = binascii.hexlify(nonce)
body = odict([('shorthex', remote.privee.pubhex),
('oreo', self.oreo),
('cipher', cipher),
('nonce', nonce)])
packet = packeting.TxPacket(transaction=self,
packet = packeting.TxPacket(stack=self.stack,
kind=raeting.pcktKinds.initiate,
embody=body,
data=self.txData)
@ -577,7 +558,7 @@ class Endower(Initiator):
'''
Perform endowment in response to ack to initiate packet
'''
self.stack.devices[self.rid].endowed = True
self.stack.devices[self.rdid].endowed = True
self.remove()
class Endowent(Correspondent):
@ -590,8 +571,8 @@ class Endowent(Correspondent):
Setup instance
'''
kwa['kind'] = raeting.trnsKinds.endow
if 'rid' not in kwa:
emsg = "Missing required keyword argumens: '{0}'".format('rid')
if 'rdid' not in kwa:
emsg = "Missing required keyword argumens: '{0}'".format('rdid')
raise TypeError(emsg)
super(Endowent, self).__init__(**kwa)
remote = self.stack.devices[self.rdid]
@ -619,7 +600,7 @@ class Endowent(Correspondent):
'''
Prepare .txData
'''
remote = self.stack.devices[self.rid]
remote = self.stack.devices[self.rdid]
self.txData.update( sh=self.stack.device.host,
sp=self.stack.device.port,
dh=remote.host,
@ -646,6 +627,7 @@ class Endowent(Correspondent):
emsg = "Missing plain in hello packet"
raise raeting.TransactionError(emsg)
#plain = binascii.unhexlify(plain)
if len(plain) != 64:
emsg = "Invalid plain size = {0}".format(len(plain))
raise raeting.TransactionError(emsg)
@ -665,9 +647,11 @@ class Endowent(Correspondent):
emsg = "Missing nonce in hello packet"
raise raeting.TransactionError(emsg)
cipher = binascii.unhexlify(cipher)
nonce = binascii.unhexlify(nonce)
remote = self.stack.devices[self.rdid]
remote.publee = nacling.Publican(key=shorthex)
msg = remote.publee.decrypt(cipher, nonce, remote.pubber.key)
msg = self.stack.device.priver.decrypt(cipher, nonce, remote.publee.key)
if msg != plain :
emsg = "Invalid plain not match decrypted cipher"
raise raeting.TransactionError(emsg)
@ -683,17 +667,19 @@ class Endowent(Correspondent):
raise raeting.TransactionError(emsg)
remote = self.stack.devices[self.rdid]
self.oreo = remote.priver.nonce()
self.oreo = binascii.hexlify(self.stack.device.priver.nonce())
stuff = odict([('shorthex', remote.privee.pubhex),
('sdid', self.stack.devices.did),
('sdid', self.stack.device.did),
('ddid', remote.did),
('oreo', self.oreo)])
stuff = json.dumps(stuff, separators=(',', ':'))
cipher, nonce = self.priver.encrypt(stuff, remote.publee.key)
cipher, nonce = self.stack.device.priver.encrypt(stuff, remote.publee.key)
cipher = binascii.hexlify(cipher)
nonce = binascii.hexlify(nonce)
body = odict([('cipher', cipher), ('nonce', nonce)])
packet = packeting.TxPacket(transaction=self,
packet = packeting.TxPacket(stack=self.stack,
kind=raeting.pcktKinds.cookie,
embody=body,
data=self.txData)
@ -738,12 +724,14 @@ class Endowent(Correspondent):
remote = self.stack.devices[self.rdid]
remote.publee = nacling.Publican(key=shorthex)
cipher = binascii.unhexlify(cipher)
nonce = binascii.unhexlify(nonce)
msg = remote.publee.decrypt(cipher, nonce, remote.pubber.key)
if msg != plain :
emsg = "Invalid plain not match decrypted cipher"
raise raeting.TransactionError(emsg)
self.cookie()
self.ackInitiate()
def ackInitiate(self):
'''
@ -755,7 +743,7 @@ class Endowent(Correspondent):
raise raeting.TransactionError(msg)
body = odict()
packet = packeting.TxPacket(transaction=self,
packet = packeting.TxPacket(stack=self.stack,
kind=raeting.pcktKinds.ack,
embody=body,
data=self.txData)