def getList(user, password, name):
records = baseGetList(user, password, 1, name)
keys = KeyDeriver(user, servername(), password)
for record in records:
value = keys.decrypt(record['value'])
print "%d at %f: %s" % (record['version'], record['creationTime'],
value)
def makeAuthParams(user, password):
# FIXME: include server name, user name in t
t = "%d:%d" % (int(time.time()), random.SystemRandom().getrandbits(20))
keys = KeyDeriver(user, servername(), password)
schnorr = keys.schnorr()
(e, s) = schnorr.sign(t)
params = {"user": user, "t": t, "e": b64enc(e), "s": b64enc(s)}
return params
def baseGetList(user, password, type, name, use_des=0):
params = makeAuthParams(user, password)
keys = KeyDeriver(user, servername(), password, use_des)
params['name'] = keys.permute(concat([int2bin(type), name]))
conn = connect()
conn.request("GET", "/list-resource?" + urllib.urlencode(params))
response = conn.getresponse()
if response.status != 200:
# FIXME: define a ProtocolError, perhaps?
raise LookupError("HTTP error: %d %s" %
(response.status, response.reason))
res = response.read()
return json.loads(res)
def register(user, password):
keys = KeyDeriver(user, servername(), password)
schnorr = keys.schnorr()
public = b64enc(schnorr.public())
params = urllib.urlencode({"user": user, "publicKey": public})
headers = {
"Content-Type": "application/x-www-form-urlencoded",
"Accept": "text/plain"
}
conn = connect()
conn.request("POST", "/register", params, headers)
response = conn.getresponse()
print response.status, response.reason
print response.read()
def add(user, password, type, name, value, use_des=0):
params = makeAuthParams(user, password)
keys = KeyDeriver(user, servername(), password, use_des)
params['name'] = keys.permute(concat([int2bin(type), name]))
params['value'] = b64enc(keys.encrypt(value))
params = urllib.urlencode(params)
headers = {
"Content-Type": "application/x-www-form-urlencoded",
"Accept": "text/plain"
}
conn = connect()
conn.request("POST", "/add-resource", params, headers)
response = conn.getresponse()
print response.status, response.reason
print response.read()
def splitGet(user, password, name):
splits = getSplits(user, password)
k = int(splits[0])
n = (len(splits) - 1) / 2
assert int(n) == n
assert k <= n
keys = KeyDeriver(password)
shares = {}
# FIXME: obviously we should try all n until we get k splits
for s in range(k):
global host, port
host = splits[2 * s + 1]
port = splits[2 * s + 2]
print "Getting split", s, "from", host + ":" + port
records = baseGetList(user, password, 1, name)
record = records[-1]
share = unconcat(keys.decrypt(record['value']))
assert len(share) == 2
shares[bin2int(share[0])] = bin2int(share[1])
splitter = ShamirSplit()
secret = splitter.recover(shares)
print "value =", secret
def getSplits(user, password):
records = baseGetList(user, password, 2, "split servers")
record = records[-1]
keys = KeyDeriver(password)
splits = unconcat(keys.decrypt(record['value']))
return splits
def getRSA(user, password, name):
rsas = baseGetList(user, password, 3, name, use_des=1)
keys = KeyDeriver(password, 1)
for rsa in rsas:
key = json.loads(keys.decrypt(rsa['value']))
print key
