def _random_checksum(self, count):
chars = string.ascii_uppercase + string.digits
return "".join(SystemRandom().choice(chars) for _ in range(count))
def generate_random_pw(self, pwlen):
rng = SystemRandom()
return "".join([rng.choice(string.ascii_letters + string.digits) for _ in xrange(pwlen)])
import hashlib
import sys
import os
from random import SystemRandom
import base64
import hmac
if len(sys.argv) < 2:
sys.stderr.write('Please include username as an argument.\n')
sys.exit(0)
username = sys.argv[1]
#This uses os.urandom() underneath
cryptogen = SystemRandom()
#Create 16 byte hex salt
salt_sequence = [cryptogen.randrange(256) for i in range(16)]
hexseq = list(map(hex, salt_sequence))
salt = "".join([x[2:] for x in hexseq])
#Create 32 byte b64 password
password = base64.urlsafe_b64encode(os.urandom(32))
digestmod = hashlib.sha256
if sys.version_info.major >= 3:
password = password.decode('utf-8')
digestmod = 'SHA256'
def get_cookie_secret():
"""Generate random 32-character string for cookie-secret"""
return "".join(SystemRandom().choice(string.ascii_uppercase +
string.digits) for _ in range(32))
import string
import requests
from urllib.parse import urlencode
from urllib.parse import parse_qs, urlsplit, urlunsplit
import sys
from cdislogging import get_logger
import flask
from userdatamodel.driver import SQLAlchemyDriver
from werkzeug.datastructures import ImmutableMultiDict
from fence.models import Client, User, query_for_user
from fence.errors import NotFound, UserError
from fence.config import config
rng = SystemRandom()
alphanumeric = string.ascii_uppercase + string.ascii_lowercase + string.digits
logger = get_logger(__name__)
def random_str(length):
return "".join(rng.choice(alphanumeric) for _ in range(length))
def json_res(data):
return flask.Response(json.dumps(data), mimetype="application/json")
def create_client(
username,
urls,
ATTR_MEDIA_PLAYER = "media_player"
ATTR_FORMAT = "format"
STATE_RECORDING = "recording"
STATE_STREAMING = "streaming"
STATE_IDLE = "idle"
# Bitfield of features supported by the camera entity
SUPPORT_ON_OFF = 1
SUPPORT_STREAM = 2
DEFAULT_CONTENT_TYPE = "image/jpeg"
ENTITY_IMAGE_URL = "/api/camera_proxy/{0}?token={1}"
TOKEN_CHANGE_INTERVAL = timedelta(minutes=5)
_RND = SystemRandom()
MIN_STREAM_INTERVAL = 0.5 # seconds
CAMERA_SERVICE_SCHEMA = vol.Schema(
{vol.Optional(ATTR_ENTITY_ID): cv.comp_entity_ids})
CAMERA_SERVICE_SNAPSHOT = CAMERA_SERVICE_SCHEMA.extend(
{vol.Required(ATTR_FILENAME): cv.template})
CAMERA_SERVICE_PLAY_STREAM = CAMERA_SERVICE_SCHEMA.extend({
vol.Required(ATTR_MEDIA_PLAYER):
cv.entities_domain(DOMAIN_MP),
vol.Optional(ATTR_FORMAT, default="hls"):
vol.In(OUTPUT_FORMATS),
})
def pickFrac():
if SystemRandom().random() < 0.5:
P = bayes.model(200, 100, 0.05)
else:
P = bayes.model(32, 32, 0.05)
return bayes.pickNextF(P)
def mksalt():
"""Generate SHA512 salt."""
sr = SystemRandom()
return '$6$' + ''.join(
sr.choice(ascii_letters + digits + './') for char in range(16))
def random_id():
return '[' + str(SystemRandom().random())[-8:] + ']'
def __init__(self, key = None):
if (key == None):
self.key = ''.join(SystemRandom().choice(ascii_lowercase) for _ in range(100))
else:
self.key = key
import sha3
from constant_sorrow import constants
from cryptography.exceptions import InvalidSignature
from cryptography.hazmat.primitives.asymmetric import ec
from nkms.crypto.constants import BLAKE2B
from nkms.crypto.kits import UmbralMessageKit
from umbral.keys import UmbralPrivateKey, UmbralPublicKey
from umbral import pre
from cryptography import x509
from cryptography.x509.oid import NameOID
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
import datetime
SYSTEM_RAND = SystemRandom()
def secure_random(num_bytes: int) -> bytes:
"""
Returns an amount `num_bytes` of data from the OS's random device.
If a randomness source isn't found, returns a `NotImplementedError`.
In this case, a secure random source most likely doesn't exist and
randomness will have to found elsewhere.
:param num_bytes: Number of bytes to return.
:return: bytes
"""
# TODO: Should we just use os.urandom or avoid the import w/ this?
return SYSTEM_RAND.getrandbits(num_bytes * 8).to_bytes(num_bytes,
from random import SystemRandom
from urllib.parse import parse_qsl, quote, urlencode, urljoin, urlsplit
import aiohttp
import async_timeout
import yarl
from aiohttp import BasicAuth, web
__version__ = "0.12.0"
__project__ = "aioauth-client"
__author__ = "Kirill Klenov <*****@*****.**>"
__license__ = "MIT"
RANDOM = SystemRandom().random
class User:
"""Store user's information."""
__slots__ = 'id', 'email', 'first_name', 'last_name', 'username', 'picture', \
'link', 'locale', 'city', 'country', 'gender'
def __init__(self, **info):
"""Initialize self data."""
for attr in self.__slots__:
setattr(self, attr, info.get(attr))
class Signature(object):
def process_cert_request(self, name, app_param):
logging.info("[CERT REQ]: interest received")
logging.info(name)
if not app_param:
logging.error("[CERT REQ]: interest has no parameter")
return
request = CertRequest.parse(app_param)
if not request.identifier or not request.ecdh_n2 or not request.anchor_digest or not request.ecdh_n1:
raise KeyError(
"[CERT REQ]: lacking parameters in application parameters")
logging.info(bytes(request.identifier))
logging.info(bytes(request.ecdh_n2))
logging.info(bytes(request.anchor_digest))
logging.info(bytes(request.ecdh_n1))
if bytes(request.identifier) != self.boot_state['DeviceIdentifier'] or \
bytes(request.ecdh_n2) != self.boot_state['N2PublicKey'] or \
bytes(request.anchor_digest) != self.boot_state['TrustAnchorDigest'] or \
bytes(request.ecdh_n1) != self.boot_state['N1PublicKey']:
logging.error("[CERT REQ]: unauthenticated request")
return
# anchor signed certificate
# create identity and key for the device
# TODO Remove hardcoded livingroom and ask user for which room the device belongs to
m_measure_tp1 = time.time()
device_name = '/' + self.system_prefix + '/livingroom' + '/' + bytes(
request.identifier).decode()
device_key = self.app.keychain.touch_identity(
device_name).default_key()
private_key = get_prv_key_from_safe_bag(device_name)
default_cert = device_key.default_cert().data
m_measure_tp2 = time.time()
logging.debug(
F'BOOTSTRAPPING-DATA2-ECDSA-KENGEN: {m_measure_tp2 - m_measure_tp1}'
)
# re-sign certificate using anchor's key
cert = parse_certificate(default_cert)
new_cert_name = cert.name[:-2]
logging.debug(new_cert_name)
new_cert_name.append('home')
new_cert_name.append(
Name.Component.from_version(SystemRandom().randint(
10000000, 99999999)))
logging.debug(new_cert_name)
m_measure_tp1 = time.time()
cert = self.app.prepare_data(new_cert_name,
cert.content,
identity=self.system_prefix)
m_measure_tp2 = time.time()
logging.debug(
F'BOOTSTRAPPING-DATA2-ECDSA-RESIGN: {m_measure_tp2 - m_measure_tp1}'
)
m_measure_tp1 = time.time()
# AES
iv = urandom(16)
cipher = AES.new(self.boot_state['SharedAESKey'], AES.MODE_CBC, iv)
ct_bytes = cipher.encrypt(private_key)
m_measure_tp2 = time.time()
logging.debug(
F'BOOTSTRAPPING-DATA2-AES-ENC: {m_measure_tp2 - m_measure_tp1}')
logging.info('raw private key')
logging.info(private_key)
logging.info('Symmetric Key')
logging.info(self.boot_state['SharedAESKey'])
# AES IV
logging.info("IV:")
logging.info(iv)
logging.info("Cipher:")
logging.info(ct_bytes)
logging.info('Cipher length: ' + str(len(ct_bytes)))
# encrypted device private key with temporary symmetric key
# ct = b64encode(ct_bytes)
response = CertResponse()
response.cipher = ct_bytes
response.iv = iv
cert_bytes = parse_and_check_tl(cert, TypeNumber.DATA)
response.id_cert = cert_bytes
m_measure_tp1 = time.time()
signer = HmacSha256Signer('pre-shared',
self.boot_state['SharedSymmetricKey'])
self.app.put_data(name,
response.encode(),
freshness_period=3000,
signer=signer)
m_measure_tp2 = time.time()
logging.debug(
F'BOOTSTRAPPING-DATA2-ECDSA+ENCODING: {m_measure_tp2 - m_measure_tp1}'
)
self.boot_state["DeviceIdentityName"] = device_name
self.boot_state['Success'] = True
self.boot_event.set()
def __setstate__(self, state):
"""Called when this object is unpickled: restore all data and self.random."""
self.__dict__ = state
self.random = SystemRandom()
def rand():
return SystemRandom().randint(0, 255)
def _scram_sha1_conversation(credentials, sock_info, cmd_func, sasl_start,
sasl_continue):
"""Authenticate or copydb using SCRAM-SHA-1.
sasl_start and sasl_continue are SONs, the base command documents for
beginning and continuing the SASL conversation. They may be modified
by the callee.
:Parameters:
- `credentials`: A credentials tuple from _build_credentials_tuple.
- `sock_info`: A SocketInfo instance.
- `cmd_func`: A callback taking args sock_info, database, command doc.
- `sasl_start`: A SON.
- `sasl_continue`: A SON.
"""
source, username, password = credentials
# Make local
_hmac = hmac.HMAC
_sha1 = _SHA1
_sha1mod = _SHA1MOD
user = username.encode("utf-8").replace(_EQUAL, b("=3D")).replace(
_COMMA, b("=2C"))
nonce = standard_b64encode(
(("%s" % (SystemRandom().random(), ))[2:]).encode("utf-8"))
first_bare = b("n=") + user + b(",r=") + nonce
sasl_start['payload'] = Binary(b("n,,") + first_bare)
res, _ = cmd_func(sock_info, source, sasl_start)
server_first = res['payload']
parsed = _parse_scram_response(server_first)
iterations = int(parsed[b('i')])
salt = parsed[b('s')]
rnonce = parsed[b('r')]
if not rnonce.startswith(nonce):
raise OperationFailure("Server returned an invalid nonce.")
without_proof = b("c=biws,r=") + rnonce
salted_pass = _hi(
_password_digest(username, password).encode("utf-8"),
standard_b64decode(salt), iterations)
client_key = _hmac(salted_pass, b("Client Key"), _sha1mod).digest()
stored_key = _sha1(client_key).digest()
auth_msg = _COMMA.join((first_bare, server_first, without_proof))
client_sig = _hmac(stored_key, auth_msg, _sha1mod).digest()
client_proof = b("p=") + standard_b64encode(_xor(client_key, client_sig))
client_final = _COMMA.join((without_proof, client_proof))
server_key = _hmac(salted_pass, b("Server Key"), _sha1mod).digest()
server_sig = standard_b64encode(
_hmac(server_key, auth_msg, _SHA1MOD).digest())
cmd = sasl_continue.copy()
cmd['conversationId'] = res['conversationId']
cmd['payload'] = Binary(client_final)
res, _ = cmd_func(sock_info, source, cmd)
parsed = _parse_scram_response(res['payload'])
if not compare_digest(parsed[b('v')], server_sig):
raise OperationFailure("Server returned an invalid signature.")
# Depending on how it's configured, Cyrus SASL (which the server uses)
# requires a third empty challenge.
if not res['done']:
cmd = sasl_continue.copy()
cmd['conversationId'] = res['conversationId']
cmd['payload'] = Binary(_EMPTY)
res, _ = cmd_func(sock_info, source, cmd)
if not res['done']:
raise OperationFailure('SASL conversation failed to complete.')
#!/usr/bin/env python
from hashlib import sha1
from random import SystemRandom
sr = SystemRandom()
charset = [chr(b) for b in xrange(ord('a'), ord('z')+1)]
charset += [chr(b) for b in xrange(ord('A'), ord('Z')+1)]
charset += [chr(b) for b in xrange(ord('0'), ord('9')+1)]
charset += [' ', '!']
k = 250
def xor(s1, s2):
l = map(lambda tup: ord(tup[0])^ord(tup[1]), zip(s1, s2))
return ''.join(map(lambda b: chr(b), l))
def H(p):
return sha1(p).digest()
_R_xor_cache = {}
def R(h, n):
assert type(h) is str
assert len(h) == 20
global _R_xor_cache
if not _R_xor_cache.has_key(n):
_R_xor_cache[n] = H(str(n)+'blah')
xorval = _R_xor_cache[n]
xored_h = xor(h, xorval)
# tests/settings.py
import sys
import pathlib
from datetime import datetime
from random import SystemRandom
from typing import Any, Dict, List
# black magic to use imports from library code
path = pathlib.Path(__file__).absolute()
project = path.parent.parent.parent
sys.path.insert(0, str(project))
# secret key
SECRET_KEY: str = "".join([
SystemRandom().choice("abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)")
for i in range(50)
])
# configure databases
DATABASES: Dict[str, Dict[str, str]] = {
"default": {
"ENGINE": "django.db.backends.sqlite3",
"NAME": ":memory:"
}
}
# configure templates
TEMPLATES: List[Dict[str, Any]] = [{
"BACKEND": "django.template.backends.django.DjangoTemplates",
"DIRS": [],
def generate_password(length=8):
rnd = SystemRandom()
if length > 255:
length = 255
return "".join([rnd.choice(string.hexdigits) for _ in range(length)])
ATTR_MEDIA_PLAYER: Final = "media_player"
ATTR_FORMAT: Final = "format"
STATE_RECORDING: Final = "recording"
STATE_STREAMING: Final = "streaming"
STATE_IDLE: Final = "idle"
# Bitfield of features supported by the camera entity
SUPPORT_ON_OFF: Final = 1
SUPPORT_STREAM: Final = 2
DEFAULT_CONTENT_TYPE: Final = "image/jpeg"
ENTITY_IMAGE_URL: Final = "/api/camera_proxy/{0}?token={1}"
TOKEN_CHANGE_INTERVAL: Final = timedelta(minutes=5)
_RND: Final = SystemRandom()
MIN_STREAM_INTERVAL: Final = 0.5 # seconds
CAMERA_SERVICE_SNAPSHOT: Final = {vol.Required(ATTR_FILENAME): cv.template}
CAMERA_SERVICE_PLAY_STREAM: Final = {
vol.Required(ATTR_MEDIA_PLAYER): cv.entities_domain(DOMAIN_MP),
vol.Optional(ATTR_FORMAT, default="hls"): vol.In(OUTPUT_FORMATS),
}
CAMERA_SERVICE_RECORD: Final = {
vol.Required(CONF_FILENAME): cv.template,
vol.Optional(CONF_DURATION, default=30): vol.Coerce(int),
vol.Optional(CONF_LOOKBACK, default=0): vol.Coerce(int),
}
def random_cookie():
return to_raw(SystemRandom().random())[-6:]
def newmem(update, context):
message = update.message
chat = message.chat
if message.from_user.id in get_chat_admins(
context.bot,
chat.id,
extra_user=context.bot_data.get("config").get("SUPER_ADMIN"),
):
return
for user in message.new_chat_members:
if user.is_bot:
continue
num = SystemRandom().randint(
0,
len(context.bot_data.get("config").get("CHALLENGE")) - 1)
flag = context.bot_data.get("config").get("CHALLENGE")[num]
if context.bot.restrict_chat_member(
chat_id=chat.id,
user_id=user.id,
permissions=ChatPermissions(can_send_messages=False),
):
logger.info(
f"New member: Successfully restricted user {user.id} at group {chat.id}"
)
else:
logger.warning(
f"New member: No enough permissions to restrict user {user.id} at group {chat.id}"
)
buttons = [[
InlineKeyboardButton(
flag.get("WRONG")[t],
callback_data=
f"challenge|{user.id}|{num}|{flag.get('wrong')[t]}",
)
] for t in range(len(flag.get("WRONG")))]
buttons.append([
InlineKeyboardButton(
flag.get("ANSWER"),
callback_data=f"challenge|{user.id}|{num}|{flag.get('answer')}",
)
])
SystemRandom().shuffle(buttons)
buttons.append([
InlineKeyboardButton(
context.bot_data.get("config").get("PASS_BTN"),
callback_data=f"admin|pass|{user.id}",
),
InlineKeyboardButton(
context.bot_data.get("config").get("KICK_BTN"),
callback_data=f"admin|kick|{user.id}",
),
])
question_message = message.reply_text(
escape_markdown(
context.bot_data.get("config").get("GREET")).format(
question=escape_markdown(flag.get("QUESTION")),
time=context.bot_data.get("config").get("TIME"),
),
reply_markup=InlineKeyboardMarkup(buttons),
parse_mode=ParseMode.MARKDOWN_V2,
)
context.job_queue.run_once(
kick_queue,
context.bot_data.get("config").get("TIME"),
context={
"chat_id": chat.id,
"user_id": user.id,
},
name=f"{chat.id}|{user.id}|kick",
)
context.job_queue.run_once(
clean_queue,
context.bot_data.get("config").get("TIME"),
context={
"chat_id": chat.id,
"user_id": user.id,
"message_id": message.message_id,
},
name=f"{chat.id}|{user.id}|clean_join",
)
context.job_queue.run_once(
clean_queue,
context.bot_data.get("config").get("TIME"),
context={
"chat_id": chat.id,
"user_id": user.id,
"message_id": question_message.message_id,
},
name=f"{chat.id}|{user.id}|clean_question",
)
def __init__(self, config):
self.config = config
self.app = BloodyHellApp(config)
self.bot = telepot.Bot(config.BOT_TOKEN)
self.rnd = SystemRandom()
def identifer(self, size: int = None) -> str:
if size is None:
size = SIZE
prefix = SystemRandom().choice(LETTERS)
body = ''.join(SystemRandom().choice(SYMBOLS) for _ in range(size - 1))
return f'{prefix}{body}'
class FullPSync2017(PSyncProducerBase):
DEFAULT_SYNC_INTEREST_LIFETIME = 1000.0
DEFAULT_SYNC_REPLY_FRESHNESS_PERIOD = 1000.0
"""
Create a FullPSync2017.
:param int expectedNEntries: The expected number of entries in the IBLT.
:param Face face: The application's Face.
:param Name syncPrefix: The prefix Name of the sync group, which is copied.
:param onNamesUpdate: When there are new names, this calls
onNamesUpdate(names) where names is a list of Names. However, see the
canAddReceivedName callback which can control which names are added.
NOTE: The library will log any exceptions thrown by this callback, but for
better error handling the callback should catch and properly handle any
exceptions.
:type onNamesUpdate: function object
:param KeyChain keyChain: The KeyChain for signing Data packets.
:param float syncInterestLifetime: (optional) The Interest lifetime for the
sync Interests, in milliseconds. If omitted or None, use
DEFAULT_SYNC_INTEREST_LIFETIME.
:param float syncReplyFreshnessPeriod: (optional) The freshness period of
the sync Data packet, in milliseconds. If omitted or None, use
DEFAULT_SYNC_REPLY_FRESHNESS_PERIOD.
:param SigningInfo signingInfo: (optional) The SigningInfo for signing Data
packets, which is copied. If omitted or None, use the default SigningInfo().
:param canAddToSyncData: (optional) When a new IBLT is received in a sync
Interest, this calls canAddToSyncData(name, negative) where Name is the
candidate Name to add to the response Data packet of Names, and negative
is the set of names that the other's user's Name set, but not in our own
Name set. If the callback returns False, then this does not report the
Name to the other user. However, if canAddToSyncData is omitted or None,
then each name is reported.
:type canAddToSyncData: function object
:param canAddReceivedName: (optional) When new names are received, this
calls canAddReceivedName(name) for each name. If the callback returns
False, then this does not add to the IBLT or report to the application
with onNamesUpdate. However, if canAddReceivedName is omitted or None,
then each name is added.
:type canAddReceivedName: function object
"""
def __init__(self, expectedNEntries, face, syncPrefix, onNamesUpdate,
keyChain, syncInterestLifetime = DEFAULT_SYNC_INTEREST_LIFETIME,
syncReplyFreshnessPeriod = DEFAULT_SYNC_REPLY_FRESHNESS_PERIOD,
signingInfo = SigningInfo(), canAddToSyncData = None,
canAddReceivedName = None):
super(FullPSync2017, self).__init__(
expectedNEntries, syncPrefix, syncReplyFreshnessPeriod)
self._face = face
self._keyChain = keyChain
self._syncInterestLifetime = syncInterestLifetime
self._signingInfo = SigningInfo(signingInfo)
self._onNamesUpdate = onNamesUpdate
self._canAddToSyncData = canAddToSyncData
self._canAddReceivedName = canAddReceivedName
self._segmentPublisher = PSyncSegmentPublisher(self._face, self._keyChain)
# The key is the Name. The values is a _PendingEntryInfoFull.
self._pendingEntries = {}
self._outstandingInterestName = Name()
self._registeredPrefix = self._face.registerPrefix(
self._syncPrefix, self._onSyncInterest,
PSyncProducerBase.onRegisterFailed)
# TODO: Should we do this after the registerPrefix onSuccess callback?
self._sendSyncInterest()
def publishName(self, name):
"""
Publish the Name to inform the others. However, if the Name has already
been published, do nothing.
:param Name name: The Name to publish.
"""
if name in self._nameToHash:
logging.getLogger(__name__).debug("Already published, ignoring: " +
name.toUri())
return
logging.getLogger(__name__).info("Publish: " + name.toUri())
self.insertIntoIblt(name)
self._satisfyPendingInterests()
def removeName(self, name):
"""
Remove the Name from the IBLT so that it won't be announced to other
users.
:param Name name: The Name to remove.
"""
self.removeFromIblt(name)
class _PendingEntryInfoFull(object):
def __init__(self, iblt):
self._iblt = iblt
self._isRemoved = False
def _sendSyncInterest(self):
"""
Send the sync interest for full synchronization. This forms the interest
name: /<sync-prefix>/<own-IBLT>. This cancels any pending sync interest
we sent earlier on the face.
"""
# Debug: Implement stopping an ongoing fetch.
## If we send two sync interest one after the other
## since there is no new data in the network yet,
## when data is available it may satisfy both of them
#if self._fetcher != None:
# self._fetcher.stop()
# Sync Interest format for full sync: /<sync-prefix>/<ourLatestIBF>
syncInterestName = Name(self._syncPrefix)
# Append our latest IBLT.
syncInterestName.append(self._iblt.encode())
self._outstandingInterestName = syncInterestName
# random1 is from 0.0 to 1.0.
random1 = self._systemRandom.random()
# Get a jitter of +/- syncInterestLifetime_ * 0.2 .
jitter = (random1 - 0.5) * (self._syncInterestLifetime * 0.2)
self._face.callLater(
self._syncInterestLifetime / 2 + jitter, self._sendSyncInterest)
syncInterest = Interest(syncInterestName)
syncInterest.setInterestLifetimeMilliseconds(self._syncInterestLifetime)
syncInterest.setNonce(Blob([0, 0, 0, 0]))
syncInterest.refreshNonce()
SegmentFetcher.fetch(
self._face, syncInterest, None,
lambda content: self._onSyncData(content, syncInterest),
FullPSync2017._onError)
logging.getLogger(__name__).debug("sendFullSyncInterest, nonce: " +
syncInterest.getNonce().toHex() + ", hash: " +
str(abs(hash(syncInterestName))))
@staticmethod
def _onError(errorCode, message):
logging.getLogger(__name__).info("Cannot fetch sync data, error: " +
str(errorCode) + " message: " + message)
def _onSyncInterest(self, prefixName, interest, face, interestFilterId, filter):
"""
Process a sync interest received from another party.
This gets the difference between our IBLT and the IBLT in the other sync
interest. If we cannot get the difference successfully, then send an
application Nack. If we have some things in our IBLT that the other side
does not have, then reply with the content. Or, if the number of
different items is greater than threshold or equals zero, then send a
Nack. Otherwise add the sync interest into the pendingEntries_ map with
the interest name as the key and a PendingEntryInfoFull as the value.
:param Name prefixName: The prefix Name for the sync group which we
registered.
:param Interest interest: The the received Interest.
"""
if self._segmentPublisher.replyFromStore(interest.getName()):
return
nameWithoutSyncPrefix = interest.getName().getSubName(prefixName.size())
if nameWithoutSyncPrefix.size() == 1:
# Get /<prefix>/IBLT from /<prefix>/IBLT
interestName = interest.getName()
elif nameWithoutSyncPrefix.size() == 3:
# Get /<prefix>/IBLT from /<prefix>/IBLT/<version>/<segment-no>
interestName = interest.getName().getPrefix(-2)
else:
return
ibltName = interestName.get(-1)
logging.getLogger(__name__).debug("Full Sync Interest received, nonce: " +
interest.getNonce().toHex() + ", hash:" + str(abs(hash(interestName))))
iblt = InvertibleBloomLookupTable(self._expectedNEntries)
try:
iblt.initialize(ibltName.getValue())
except Exception as ex:
logging.getLogger(__name__).error(
"Error in iblt.initialize: %s", str(ex))
return
difference = self._iblt.difference(iblt)
positive = set()
negative = set()
if not difference.listEntries(positive, negative):
logging.getLogger(__name__).info("Cannot decode differences, positive: " +
str(len(positive)) + " negative: " + str(len(negative)) +
" _threshold: " + str(self._threshold))
# Send all data if greater than the threshold, or if there are
# neither positive nor negative differences. Otherwise, continue
# below and send the positive as usual.
if (len(positive) + len(negative) >= self._threshold or
(len(positive) == 0 and len(negative) == 0)):
state1 = PSyncState()
for name in self._nameToHash.keys():
state1.addContent(name)
if len(state1.getContent()) > 0:
self._segmentPublisher.publish(
interest.getName(), interest.getName(), state1.wireEncode(),
self._syncReplyFreshnessPeriod, self._signingInfo)
return
state = PSyncState()
for hashValue in positive:
name = self._hashToName[hashValue]
if name in self._nameToHash:
if (self._canAddToSyncData == None or
self._canAddToSyncData(name, negative)):
state.addContent(name)
if len(state.getContent()) > 0:
logging.getLogger(__name__).debug("Sending sync content: " +
state.toString())
self._sendSyncData(interestName, state.wireEncode())
return
entry = FullPSync2017._PendingEntryInfoFull(iblt)
self._pendingEntries[interestName] = entry
self._face.callLater(
interest.getInterestLifetimeMilliseconds(),
lambda: self._delayedRemovePendingEntry
(interest.getName(), entry, interest.getNonce()))
def _sendSyncData(self, name, content):
"""
Send the sync Data. Check if the data will satisfy our own pending
Interest. If it does, then remove it and then renew the sync interest.
Otherwise, just send the Data.
:param Name name: The basis to use for the Data name.
:param Blob content: The content of the Data.
"""
logging.getLogger(__name__).debug(
"Checking if the Data will satisfy our own pending interest")
nameWithIblt = Name()
nameWithIblt.append(self._iblt.encode())
# Append the hash of our IBLT so that the Data name should be different
# for each node. Use abs() since hash() can return negative.
dataName = Name(name).appendNumber(abs(hash(nameWithIblt)))
# Check if our own Interest got satisfied.
if self._outstandingInterestName.equals(name):
logging.getLogger(__name__).debug("Satisfies our own pending Interest")
# Remove the outstanding interest.
# Debug: Implement stopping an ongoing fetch.
#if self._fetcher != None:
# logging.getLogger(__name__).debug(
# "Removing our pending interest from the Face (stopping fetcher)")
# self._fetcher.stop()
# self._outstandingInterestName = Name()
self._outstandingInterestName = Name()
logging.getLogger(__name__).debug("Sending sync Data")
# Send Data after removing the pending sync interest on the Face.
self._segmentPublisher.publish(
name, dataName, content, self._syncReplyFreshnessPeriod,
self._signingInfo)
logging.getLogger(__name__).info("sendSyncData: Renewing sync interest")
self._sendSyncInterest()
else:
logging.getLogger(__name__).debug(
"Sending Sync Data for not our own Interest")
self._segmentPublisher.publish(
name, dataName, content, self._syncReplyFreshnessPeriod,
self._signingInfo)
def _onSyncData(self, encodedContent, interest):
"""
Process the sync data after the content is assembled by the
SegmentFetcher. Call _deletePendingInterests to delete any pending sync
Interest with the Interest name, which would have been satisfied by the
forwarder once it got the data. For each name in the data content, check
that we don't already have the name, and call _canAddReceivedName (which
may process the name as a prefix/sequenceNo). Call _onUpdate to notify
the application about the updates. Call _sendSyncInterest because the
last one was satisfied by the incoming data.
:param Blob encodedContent: The encoded sync data content that was
assembled by the SegmentFetcher.
:param Interest interest: The Interest for which we got the data.
"""
self._deletePendingInterests(interest.getName())
state = PSyncState(encodedContent)
names = []
logging.getLogger(__name__).debug("Sync Data Received: " + state.toString())
for contentName in state.getContent():
if not (contentName in self._nameToHash):
logging.getLogger(__name__).debug("Checking whether to add " +
contentName.toUri())
if (self._canAddReceivedName == None or
self._canAddReceivedName(contentName)):
logging.getLogger(__name__).debug("Adding name " +
contentName.toUri())
# The Name is freshly created by PSyncState decode, so don't copy.
names.append(contentName)
self.insertIntoIblt(contentName)
# We should not call _satisfyPendingSyncInterests here because we
# just got data and deleted pending interests by calling
# _deletePendingInterests. But we might have interests which don't
# match this interest that might not have been deleted from the
# pending sync interests.
# We just got the data, so send a new sync Interest.
if len(names) > 0:
try:
self._onNamesUpdate(names)
except:
logging.exception("Error in onUpdate")
logging.getLogger(__name__).info("onSyncData: Renewing sync interest")
self._sendSyncInterest()
else:
logging.getLogger(__name__).info("No new update, interest nonce: " +
interest.getNonce().toHex() + " , hash: " +
str(abs(hash(interest.getName()))))
def _satisfyPendingInterests(self):
"""
Satisfy pending sync Interests. For a pending sync interests, if the
IBLT of the sync Interest has any difference from our own IBLT, then
send a Data back. If we can't decode the difference from the stored IBLT,
then delete it.
"""
logging.getLogger(__name__).debug("Satisfying full sync Interest: " +
str(len(self._pendingEntries)))
# Copy the keys before iterating se we can erase entries.
for keyName in list(self._pendingEntries.keys()):
pendingEntry = self._pendingEntries[keyName]
entryIblt = pendingEntry._iblt
difference = self._iblt.difference(entryIblt)
positive = set()
negative = set()
if not difference.listEntries(positive, negative):
logging.getLogger(__name__).info(
"Decode failed for pending interest")
if (len(positive) + len(negative) >= self._threshold or
(len(positive) == 0 and len(negative) == 0)):
logging.getLogger(__name__).info(
"positive + negative > threshold or no difference can be found. Erase pending interest.")
# Prevent delayedRemovePendingEntry from removing a new entry
# with the same Name.
pendingEntry._isRemoved = True
del self._pendingEntries[keyName]
continue
state = PSyncState()
for hashValue in positive:
name = self._hashToName[hashValue]
if name in self._nameToHash:
state.addContent(name)
if len(state.getContent()) > 0:
logging.getLogger(__name__).debug("Satisfying sync content: " +
state.toString())
self._sendSyncData(keyName, state.wireEncode())
# Prevent _delayedRemovePendingEntry from removing a new entry
# with the same Name.
pendingEntry._isRemoved = True
del self._pendingEntries[keyName]
def _deletePendingInterests(self, interestName):
"""
Delete pending sync Interests that match the given name.
:param Name interestName:
"""
if not (interestName in self._pendingEntries):
return
logging.getLogger(__name__).info("Delete pending interest: " +
interestName.toUri())
# Prevent _delayedRemovePendingEntry from removing a new entry with the
# same Name.
self._pendingEntries[interestName]._isRemoved = True
del self._pendingEntries[interestName]
def _delayedRemovePendingEntry(self, name, entry, nonce):
"""
Remove the entry from _pendingEntries which has the name. However, if
entry._isRemoved is True, do nothing. Therefore, if an entry is
directly removed from _pendingEntries, it should set _isRemoved.
:param Name name: The key in the _pendingEntries map for the entry to
remove.
:param _PendingEntryInfoFull entry: A (possibly earlier and removed)
entry from when it was inserted into the _pendingEntries map.
:param Blob nonce: This is only used for the log message.
"""
if entry._isRemoved:
# A previous operation already removed this entry, so don't try
# again to remove the entry with the Name in case it is a new entry.
return
logging.getLogger(__name__).info("Remove Pending Interest " + nonce.toHex())
entry._isRemoved = True
try:
del self._pendingEntries[name]
except KeyError:
pass
_systemRandom = SystemRandom()
def random_ascii_string(length):
random = SystemRandom()
return "".join(
[random.choice(UNICODE_ASCII_CHARACTERS) for _ in range(length)])
Annealer, )
from .claim import (
Claim,
Proof,
)
from .constraints import (
Constraint, )
from .pretenders import (
Pretender, )
from .words import (
Word,
tokenize,
)
random = SystemRandom()
class IronThroneSolver(Annealer):
MAX_ATTENUATION = 0.9
def __init__(self, words: List[Word], constraints: List[Constraint]):
super().__init__([None] * len(words))
self.words = words
self.constraints = constraints
self.penalty = 0
self.bounds = []
def configure(self):
#!/usr/bin/python2
import curve25519
import hkdf
import libnacl
from libnacl import crypto_onetimeauth as poly1305
from os import urandom
from random import SystemRandom
import struct
rand = SystemRandom()
class ChatsError(Exception):
pass
class Chats(object):
def __init__(self, long_term, bob_long_term, max_length=480, chaff_block_size=16,
debug=False):
self.debug = debug
self.proto_id = 'cryptchats-protocol-v1'
self.long_term = long_term
self.long_term_public = self.long_term.get_public()
self.bob_long_term = bob_long_term
self.send_pending = None
self.receive_pending = None
self.i_am_alice = False
def generate_code():
return ''.join(map(str, [SystemRandom().randrange(10) for i in range(5)]))
def random_sequence(self, count=10):
from random import SystemRandom
import string
return ''.join(SystemRandom().choice(string.ascii_lowercase +
string.digits)
for _ in range(count))
