Changeset 259 for trunk

Timestamp:

04/04/09 21:59:26 (3 years ago)

Author:

ocjhb

Message:

first crypto cleanup

Location:

trunk/sandbox/jhb/oc2

Files:

• container.py (modified) (4 diffs)
• containerbase.py (modified) (5 diffs)
• documentation.py (modified) (7 diffs)
• issuer.py (modified) (1 diff)
• messages.py (modified) (1 diff)
• occrypto_rsa.py (modified) (5 diffs)
• protocols.py (modified) (3 diffs)
• rsa.py (modified) (5 diffs)
• testserver.py (modified) (1 diff)
• wallet.py (modified) (1 diff)

trunk/sandbox/jhb/oc2/container.py

@@ -1 +1 @@
 from containerbase import *
 import occrypto
+
 
 class CDD (Container):
@@ -19 +20 @@
     ]
 
-class PublicKey(Container):
-    "A public key"
-    fields = [
-        BinaryField('a'),
-        BinaryField('b'),
-        BinaryField('c')
-    ]        
-
 
 class MKC(Container):
@@ -38 +31 @@
         DateField('keyNotAfter'),
         DateField('coinNotAfter'),
-        OneItemField('publicKey',klass=PublicKey),
+        OneItemField('publicKey',klass=occrypto.PubKey),
         Field('issuer'),
         Field('signature',signing=False)
@@ -44 +37 @@
 
 
-class Token(Container):
+class Coin(Container):
     fields = [
-        Field('currency'),
-        Field('amount'),
+        Field('standardId'),
+        Field('currencyId'),
+        Field('denomination'),
+        Field('keyId'),
+        Field('serial'),
         Field('signature',signing=False)
     ]
 
-class Message(Container):
-    fields = [
-        Field('subject'),
-        SubitemsField('tokens',klass=Token),
-    ]        
-    
+    def setNewSerial(self):
+        self.serial = occrypto.createSerial()
+
 
 

trunk/sandbox/jhb/oc2/containerbase.py

@@ -58 +58 @@
         
     def setdecoded(self,object,data):
+        #import pdb; pdb.set_trace()
         setattr(object,self.name,self.klass(data))
 
@@ -73 +74 @@
         out = []
         for item in getattr(object,self.name):
-            out.append(item.getData(allData=allData))
+            if item == None:
+                out.append('')
+            else:                
+                out.append(item.getData(allData=allData))
         return out       
         
@@ -79 +83 @@
         value = []
         for item in data:
-            value.append(self.klass(item))
+            if item == '':
+                value.append(None)
+            else:
+                value.append(self.klass(item))
         setattr(object,self.name,value)     
 
@@ -100 +107 @@
 
     def fromData(self,data):
+
+        if data == None:
+            return
+
         if type(data) == type(''):
             data = simplejson.loads(data)
+
         if type(data) != type({}):
             data = dict(data)
@@ -122 +134 @@
         return simplejson.dumps(self.getData(allData=allData))
 
+

trunk/sandbox/jhb/oc2/documentation.py

@@ -1 +1 @@
 """
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
+
+      This is just a todo for jhb, and not the real spec
+
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
+
 OpenCoin Project                                            N. Toedtmann
 http://opencoin.org/                                         J. H. Baach
@@ -218 +224 @@
 ###############################################################################
 >>> port = 9090
+>>> denominations = [0,1,2,5,10,20]
 >>> cdd = issuer.makeCDD('OpenCentA',
 ...                      'oca',
-...                      [str(d) for d in [0,1,2,5,10,20]],
+...                      [str(d) for d in denominations],
 ...                      'http://localhost:%s/' % port,
 ...                      '')
@@ -275 +282 @@
 >>> #faked request
 >>> from wallet import Wallet
->>> wallet = Wallet(Item())
+>>> wallet = Wallet({})
 >>> import protocols
 >>> serverside = protocols.GiveLatestCDD(issuer)
->>> clientside = protocols.AskLatestCDD(wallet,serverside.run)
+>>> clientside = protocols.AskLatestCDD(serverside.run)
 >>> cdd == clientside.run()
 True
@@ -286 +293 @@
 >>> import testserver
 >>> transport = transports.HTTPTransport('http://localhost:%s/' % port)
->>> clientside = protocols.AskLatestCDD(wallet,transport)
+>>> clientside = protocols.AskLatestCDD(transport)
 >>> testserver.run_once(port,issuer)
 >>> cdd2 =  clientside.run()
@@ -303 +310 @@
 IS:
     MINTING_KEY_PASS(keycertificate) or MINTING_KEY_FAILURE(reason)
+
+###############################################################################
+
+>>> clientside = protocols.FetchMintKeys(transport,denominations=['1','5'])
+>>> testserver.run_once(port,issuer)
+>>> mkcs =  clientside.run()
+>>> mkcs[0].toString() == issuer.getCurrentMKCs()['1'].toString()
+True
+
+###############################################################################
 
 * Wallet: creates blank according to CDD:
@@ -314 +331 @@
   }
 
+#XXX: ist key id wirklich vom secret key, oder vom public key?
+
 
 * Wallet: create random r, calculate 
@@ -323 +342 @@
   Keep (r, blank, blind) in mind. 
   
+###############################################################################
+
+>>> mkc = mkcs[1]
+>>> cdd.masterPubKey.verifyContainerSignature(mkc)
+True
+>>> blank = wallet._makeBlank(cdd,mkc)
+>>> blank.denomination == '5'
+True
+>>> key = mkc.publicKey
+>>> secret, blind = key.blindBlank(blank)
+>>> tid = wallet.makeSerial()
+
+###############################################################################
+
 
 3.3.5 "TRANSFER_TOKEN": A generic wallet-issuer request

trunk/sandbox/jhb/oc2/issuer.py

@@ -72 +72 @@
 
     def addMKC(self,cdd,mkc):
-        mkclist = self.storage.setdefault('mkclist',[])            
+        mkclist = self.storage.setdefault('mkclist',[])
         if len(mkclist) <= cdd.version:
             mkclist.append({})
         mkclist[cdd.version][mkc.denomination]=mkc    
+        keyidlist = self.storage.setdefault('keyidlist',{})
+        keyidlist[mkc.keyId] = mkc
         
     def getCurrentMKCs(self,version=-1):
         return self.storage['mkclist'][version]
 
+    def getMKCById(self,keyid,default=None):
+        return self.storage.setdefault('keyidlist',{}).get(keyid,default)

trunk/sandbox/jhb/oc2/messages.py

@@ -19 +19 @@
         OneItemField('cdd',klass=container.CDD)
     ]
+
+class FetchMintKeys(Message):
+    fields = Message.fields + [
+        Field('denominations'),
+        Field('keyids')
+    ]
+
+class GiveMintKeys(Message):
+    fields = Message.fields + [
+        SubitemsField('keys',klass=container.MKC)
+    ]
+
+
+

trunk/sandbox/jhb/oc2/occrypto_rsa.py

@@ -24 +24 @@
 class PubKey(Container):
 
-    fields = [KeyField('key'),
-              Field('signature',signing=False)]
+    fields = [KeyField('key')]
 
     def encrypt(self,data):
@@ -48 +47 @@
         return secret, blinded
 
+    def blindBlank(self,blank):
+        return self.blind(blank.hash())
+
     def unblind(self,secret,data):
-        #number =  cryptomath.stringToNumber(data)
         number = data
         return (number * secret) % self.key['n']
@@ -55 +56 @@
 class PrivKey(Container):
     
-    fields = [KeyField('key'),
-              Field('signature',signing=False)]
+    fields = [KeyField('key')]
 
     def decrypt(self,data):
@@ -65 +65 @@
 
     def signblind(self,number):
-        return rsa.encrypt_int(number,self.key['d'],self.key['p']*self.key['q'])
+        return rsa.encrypt_int(number,self.key['d'],self.key['n'])
 
     def signContainer(self,container):
@@ -73 +73 @@
 
 def hash(data):
-    return hashlib.sha256(data).hexdigest()
+    return rsa.bytes2int(hashlib.sha256(data).hexdigest())
 
 def hashContainer(container,allData=False):
     return hash(container.toString(allData=allData))
 
+def createSerial():
+    return rsa.bytesToNumber(rsa.getRandomBytes(16))
+#!!!
 Container.hash = hashContainer
+
 def KeyFactory(bitlen):
     pub,priv = rsa.gen_pubpriv_keys(bitlen)

trunk/sandbox/jhb/oc2/protocols.py

@@ -11 +11 @@
 class AskLatestCDD(Protocol):
 
-    def __init__(self,wallet,transport):
+    def __init__(self,transport):
         self.transport = transport
-        self.wallet = wallet
     
     def run(self,message=None):
@@ -32 +31 @@
         else:
             pass
+
+class FetchMintKeys(Protocol):
+
+    def __init__(self,transport,denominations=None,keyids=None):
+        if denominations and keyids:
+            raise "you can't ask for denominations and keyids at the same time"
+        if not (denominations or keyids):
+            raise "you need to ask at least for one"
+        self.transport = transport
+        self.denominations = denominations
+        self.keyids = keyids
+
+    def run(self,message=None):
+        message = messages.FetchMintKeys()
+        message.denominations = self.denominations
+        message.keyids = self.keyids
+
+        response = self.transport(message)
+        if response.header == 'MINTING_KEY_FAILURE':
+            raise message
+        else:
+            return  response.keys
+
+class GiveMintKeys(Protocol):
+
+    def __init__(self,issuer):
+        self.issuer = issuer
+ 
+    def run(self,message):
+        keys = []
+        if message.denominations:
+            keyslist = self.issuer.getCurrentMKCs()
+            for d in message.denominations:
+                keys.append(keyslist.get(d))
+        elif message.keyids:
+            for id in message.keyids:
+                keys.append(self.issuer.getKeyById(id))
+        
+        answer = messages.GiveMintKeys()
+        answer.keys = keys
+        return answer
 
 class CoinsSpendSender(Protocol):
@@ -74 +114 @@
 
 
-class FetchMintKeys(Protocol):
 
-    def __init__(self,denomination,keyids,time):
-        self.denominations = denominations
-        self.keyids = keyids
-        self.time = time
-
-    def getKeys(self,message):
-        return ''
-
-class GiveMintKeys(Protocol):
-
-    def giveKeys(self,message):
-        pass    
-
-

trunk/sandbox/jhb/oc2/rsa.py

@@ -100 +100 @@
 
     if type(message) is types.IntType:
-        return encrypt_int(long(message), ekey, n)
-
+        message = long(message)
+    elif type(message) is types.LongType:
+        pass
+    elif type(message) is types.StringType:
+        message = long(bytes2int(message))
+    
     if not type(message) is types.LongType:
-        raise TypeError("You must pass a long or an int")
-
-    #if math.floor(log(message, 2)) > math.floor(log(n, 2)):
-    #    raise OverflowError("The message is too long")
-
-    return fast_exponentiation(message, ekey, n)
+        raise TypeError("You must pass a long or an int, not %s" % type(message))
+    
+    return pow(message, ekey, n)
 
 def decrypt_int(cyphertext, dkey, n):
@@ -129 +130 @@
     return (m * secret) % n
 
-def chopstring(message, key, n, funcref):
-    """Splits 'message' into chops that are at most as long as n,
-    converts these into integers, and calls funcref(integer, key, n)
-    for each chop.
-
-    Used by 'encrypt' and 'sign'.
-    """
-
-    msglen = len(message)
-    mbits  = msglen * 8
-    #nbits  = int(math.floor(log(n, 2)))
-    nbits = 1024
-    nbytes = nbits / 8
-    blocks = msglen / nbytes
-
-    if msglen % nbytes > 0:
-        blocks += 1
-
-    cypher = []
-    
-    for bindex in range(blocks):
-        offset = bindex * nbytes
-        block  = message[offset:offset+nbytes]
-        value  = bytes2int(block)
-        cypher.append(funcref(value, key, n))
-
-    return cypher[0]
-
-def gluechops(chops, key, n, funcref):
-    """Glues chops back together into a string.  calls
-    funcref(integer, key, n) for each chop.
-
-    Used by 'decrypt' and 'verify'.
-    """
-    message = ""
-    chops = [chops]
-    
-    for cpart in chops:
-        mpart = funcref(cpart, key, n)
-        message += int2bytes(mpart)
-    
-    return message
 
 def encrypt(message, key):
     """Encrypts a string 'message' with the public key 'key'"""
     
-    return chopstring(message, key['e'], key['n'], encrypt_int)
-
+    #return chopstring(message, key['e'], key['n'], encrypt_int)
+    return encrypt_int(message,key['e'],key['n'])
 def sign(message, key):
     """Signs a string 'message' with the private key 'key'"""
-    
-    return chopstring(message, key['d'], key['p']*key['q'], decrypt_int)
+      
+    #return chopstring(message, key['d'], key['p']*key['q'], decrypt_int)
+    return decrypt_int(message,key['d'],key['n'])
 
 def decrypt(cypher, key):
     """Decrypts a cypher with the private key 'key'"""
 
-    return gluechops(cypher, key['d'], key['p']*key['q'], decrypt_int)
+    #return gluechops(cypher, key['d'], key['p']*key['q'], decrypt_int)
+    return decrypt_int(cypher,key['d'],key['n'])
 
 def verify(cypher, key):
     """Verifies a cypher with the public key 'key'"""
 
-    return gluechops(cypher, key['e'], key['n'], encrypt_int)
+    #return gluechops(cypher, key['e'], key['n'], encrypt_int)
+    return encrypt_int(cypher,key['e'],key['n'])
 
 def blind(message,secret,key):
-    return chopstring(message,secret,key['n'],blinding_int)
+    #return chopstring(message,secret,key['n'],blinding_int)
+    return blinding_int(message,secret,key['n'])
 
 def unblind(message,secret,key):
-    return gluechops(message,secret,key['n'],blinding_int)
+    #return gluechops(message,secret,key['n'],blinding_int)
+    return blinding_int(message,secret,key['n'])
 
 
@@ -280 +244 @@
 
 def generate(bits):  #needed
+    #return (dummypub,dummypriv)
     p = getRandomPrime(bits/2, False)
     q = getRandomPrime(bits/2, False)
-    t = lcm(p-1, q-1)
+    t = (p-1)*(q-1)
     n = p * q
-    e = 3L  #Needed to be long, for Java
+    
+    while 1:
+        e = getRandomNumber(17,t-1)  #getRandomNumber, ungerade < (p-1)*(q-1), coprime(e,(p-1)*(q-1)), e.g. gcd == 1
+        e = e % 2 == 0 and e-1 or e    
+        if  gcd(e,t) == 1:
+            break            
     d = invMod(e, t)
-    p = p
-    q = q
-    #dP = key.d % (p-1)
-    #dQ = key.d % (q-1)
-    #qInv = invMod(q, p)
-    keys =  ( {'e': e, 'n': n}, {'d': d, 'p': p, 'q': q} )
+    keys =  ( {'e': e, 'n': n}, {'d': d, 'n': n} )
     return keys
 
@@ -449 +414 @@
     import time
     t = time.time()
-    #(pub,priv) =  gen_pubpriv_keys(1024)
-    (pub,priv) = (dummypub,dummypriv)          
+    (pub,priv) =  gen_pubpriv_keys(1024)
     print '=' * 40
     times = []
@@ -478 +442 @@
     print sum(times) - times[2]
 
-    if 0:
+    if 1:
         #full
         t = time.time()
         message = 'serial '*5
-        #print 'cleartext ', message
+        print 'cleartext ', message
         cypher = encrypt(message,pub)
-        #print 'cyphertext: ',cypher
-        #print 'decrypted', decrypt(cypher,priv)
+        print 'cyphertext: ',cypher
+        print 'decrypted', decrypt(cypher,priv)
         decrypt(cypher,priv)
         signed = sign(message,priv)
-        #print 'signed', signed
-        #print 'verified', message == verify(signed,pub)
+        print 'signed', signed
+        print 'verified', message == verify(signed,pub)
         unblinder = getUnblinder(pub['n'])
         blinder = pow(invMod(unblinder, pub['n']), pub['e'],pub['n'])
         blinded = blind(message,blinder,pub)
-        #print 'blinded', blinded
-        #signedblind = sign(blinded,priv)
+        print 'blinded', blinded
+        signedblind = sign(blinded,priv)
         signedblind = encrypt_int(blinded, priv['d'], priv['p']*priv['q'])
-        #print 'signedblind', signedblind
-        #unblinded = unblind(signedblind,unblinder,pub)
+        print 'signedblind', signedblind
+        unblinded = unblind(signedblind,unblinder,pub)
         unblinded = (signedblind * unblinder) % pub['n']
-        #print 'unblinded', unblinded
-        #print 'verified', message == verify(unblinded,pub)
+        print 'unblinded', unblinded
+        print 'verified', message == verify(unblinded,pub)
         print time.time() - t
         

trunk/sandbox/jhb/oc2/testserver.py

@@ -15 +15 @@
         if message.header == 'AskLatestCDD':
             protocol = protocols.GiveLatestCDD(self.issuer)
+        elif message.header == 'FetchMintKeys':
+            protocol = protocols.GiveMintKeys(self.issuer)
         answer = protocol.run(message)
         self.send_response(200)

trunk/sandbox/jhb/oc2/wallet.py

@@ -1 +1 @@
 from entity import *
 from protocols import *
+from container import *
+import occrypto
 
 class Wallet(Entity):
 
-    pass 
+    def _makeBlank(self,cdd,mkc):
+        blank = container.Coin()
+        blank.standardId = cdd.standardId
+        blank.currencyId = cdd.currencyId
+        blank.denomination = mkc.denomination
+        blank.keyId = mkc.keyId
+        blank.setNewSerial()
+        return blank
+
+    def makeSerial(self):
+        return occrypto.createSerial()