def test_blockchain_monolithic():
genesis_payload = b"Genesis"
genesis_hash_pointer = SHA256(genesis_payload).digest()
genesis_block = Block(genesis_hash_pointer, genesis_payload)
payload_1 = b"My payload"
payload_2 = b"Another one of mine"
payload_3 = b"My last payload"
block_chain = BlockChain(genesis_block)
assert len(block_chain) == 1
assert block_chain.latest_block.payload == genesis_payload
block_chain.verify()
block_chain.append(payload_1)
assert len(block_chain) == 2
assert block_chain.latest_block.payload == payload_1
block_chain.verify()
block_chain.append(payload_2)
assert len(block_chain) == 3
assert block_chain.latest_block.payload == payload_2
block_chain.verify()
block_chain.append(payload_3)
assert len(block_chain) == 4
assert block_chain.latest_block.payload == payload_3
block_chain.verify()
# Replace block in chain
bad_block_payload = b"I am a malicious payload"
bad_block_hash_pointer = block_chain.blocks[2].hash_pointer
bad_block = Block(bad_block_hash_pointer, bad_block_payload)
block_chain.blocks[2] = bad_block
with pytest.raises(RuntimeError):
block_chain.verify()
def __init__(
self,
port=9001,
keys=None,
identity=None # TODO
):
# Initialize socket
self.socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
self.socket.bind(("", port))
# Initialize key dictionary and identity
# where is the key dictionary?
self.keys = keys
self.identity = identity
# Initialize block chain
genesis_payload = "".join(
("pay ", self.identity, " 0 ", self.identity, " 1000"))
genesis_block = Block(
SHA256(self.identity.encode()).digest(), genesis_payload)
self.blockchain = BlockChain(genesis_block)
def new(data=None):
if not data:
data = b('')
sha = _SHAd256(_SHAd256._internal, SHA256.new(data))
sha.new = globals()['new']
return sha
def digest(self):
retval = SHA256.new(self._h.digest()).digest()
return retval
def _get_identity_from_key_file(file_name):
return SHA256(RSA.key_from_file(file_name).exportKey()).hexdigest()
key_directory = os.path.join(root_directory, "keys")
# Construct absolute paths to key files
bank_public_key_file = os.path.join(key_directory, "bank_public.rsk")
hugo_public_key_file = os.path.join(key_directory, "hugo_public.rsk")
ivar_public_key_file = os.path.join(key_directory, "ivar_public.rsk")
ragnar_public_key_file = os.path.join(key_directory, "ragnar_public.rsk")
# Load keys
bank_public_key = RSA.key_from_file(bank_public_key_file)
hugo_public_key = RSA.key_from_file(hugo_public_key_file)
ivar_public_key = RSA.key_from_file(ivar_public_key_file)
ragnar_public_key = RSA.key_from_file(ragnar_public_key_file)
# Construct identities from keys
bank_identity = SHA256(bank_public_key.exportKey()).hexdigest()
hugo_identity = SHA256(hugo_public_key.exportKey()).hexdigest()
ivar_identity = SHA256(ivar_public_key.exportKey()).hexdigest()
ragnar_identity = SHA256(ragnar_public_key.exportKey()).hexdigest()
keys = {
bank_identity: bank_public_key,
hugo_identity: hugo_public_key,
ivar_identity: ivar_public_key,
ragnar_identity: ragnar_public_key
}
print(keys)
bank = Bank(keys=keys, identity=bank_identity)
bank.start()
def __init__(self, genesis_block=None):
if genesis_block is None:
payload = b"Am I Very Wrong?"
hash_pointer = SHA256(payload).digest()
genesis_block = Block(hash_pointer, payload)
self.blocks = [genesis_block]
def hash(self):
sha = SHA256()
sha.update(self.hash_pointer)
sha.update(self.payload)
return sha.digest()
def main():
parser = ArgumentParser(description=__doc__,
formatter_class=ArgumentDefaultsHelpFormatter)
parser.add_argument("-i",
"--iterations",
default=1000,
type=int,
help="iterations")
parser.add_argument("-c",
"--clients",
default=4,
type=int,
help="client count")
parser.add_argument("-k",
"--key",
choices=tuple(key_table),
default="rsa_2048",
help="key to test")
parser.add_argument("-p", "--pin", default="fnord", help="user PIN")
parser.add_argument("-q", "--quiet", action="store_true", help="bark less")
parser.add_argument("-d", "--debug", action="store_true", help="bark more")
parser.add_argument("-t",
"--text",
default="Hamsters'R'Us",
help="plaintext to sign")
parser.add_argument("-v",
"--verify",
action="store_true",
help="verify signatures")
parser.add_argument("--host",
help="domain or IP address to connect to",
default="127.0.0.1")
args = parser.parse_args()
if args.debug:
logging.getLogger().setLevel(logging.DEBUG)
k = key_table[args.key]
d = k.exportKey(format="DER", pkcs=8)
h = SHA256(args.text)
v = PKCS115_SigScheme(k)
q = range(args.iterations)
m = pkcs1_hash_and_pad(args.text)
r = Result(args, args.key)
# Copyright (c) 2018, 2019 Diamond Key Security, NFP All rights reserved.
hsms = []
for _ in xrange(args.clients):
rpc_tcp_client = yield TCPClient().connect(
args.host, 8080, ssl_options={'cert_reqs': ssl.CERT_NONE})
hsms.append(HSM(rpc_tcp_client))
for hsm in hsms:
yield hsm.login(HAL_USER_NORMAL, args.pin)
pkeys = yield [
hsm.pkey_load(d, HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE) for hsm in hsms
]
yield [client(args, k, pkey, q, r, m, v, h) for pkey in pkeys]
yield [pkey.delete() for pkey in pkeys]
r.report()
def pkcs1_hash_and_pad(text):
return DerSequence([
DerSequence([SHA256.oid, DerNull().encode()]).encode(),
DerOctetString(SHA256(text).digest()).encode()
]).encode()