def prepare_for_publication(self,
bob_encrypting_key,
bob_verifying_key,
alice_stamp,
label):
plaintext = self._m.to_bytes(1, "big") + self.nodes_as_bytes()
self.message_kit, _signature_for_bob = encrypt_and_sign(bob_encrypting_key,
plaintext=plaintext,
signer=alice_stamp,
)
"""
Here's our "hashed resource access code".
A hash of:
* Alice's public key
* Bob's public key
* the label
Alice and Bob have all the information they need to construct this.
Ursula does not, so we share it with her.
This way, Bob can generate it and use it to find the TreasureMap.
"""
self._hrac = keccak_digest(bytes(alice_stamp) + bytes(bob_verifying_key) + label)
self._public_signature = alice_stamp(bytes(alice_stamp) + self._hrac)
self._set_payload()
def encrypt_for(self,
recipient: 'Character',
plaintext: bytes,
sign: bool = True,
sign_plaintext=True,
) -> tuple:
"""
Encrypts plaintext for recipient actor. Optionally signs the message as well.
:param recipient: The character whose public key will be used to encrypt
cleartext.
:param plaintext: The secret to be encrypted.
:param sign: Whether or not to sign the message.
:param sign_plaintext: When signing, the cleartext is signed if this is
True, Otherwise, the resulting ciphertext is signed.
:return: A tuple, (ciphertext, signature). If sign==False,
then signature will be NOT_SIGNED.
"""
signer = self.stamp if sign else DO_NOT_SIGN
message_kit, signature = encrypt_and_sign(recipient_pubkey_enc=recipient.public_keys(DecryptingPower),
plaintext=plaintext,
signer=signer,
sign_plaintext=sign_plaintext
)
return message_kit, signature
def encrypt_message(self,
message: bytes
) -> Tuple[UmbralMessageKit, Signature]:
message_kit, signature = encrypt_and_sign(self.policy_pubkey,
plaintext=message,
signer=self.stamp)
message_kit.policy_pubkey = self.policy_pubkey # TODO: We can probably do better here.
return message_kit, signature
def use_ursula_as_an_involuntary_and_unbeknownst_cdn(self, policy, bob, sucker_ursula):
"""
Ursula is a sucker.
After I distract her, by paying for one Policy, maybe she'll store my copy of the Nicholas Cage remake of
The Wicker Man (I have neither the respect nor the inclination to trick her into storing the original 1973
version, which after all is a very decent film).
I'll make this work by fudging the HRAC a bit to create a new map ID which still appears to be connected
to the Policy for which I paid.
"""
# Here's the proper map associated with the policy for which I paid.
the_map = policy.treasure_map
# I'll make a copy of it to modify for use in this attack.
like_a_map_but_awful = SignedTreasureMap.from_bytes(bytes(the_map))
# I'll split the film up into segments, because I know Ursula checks that the file size is under 50k.
for i in range(50):
# I'll include a small portion of this awful film in a new message kit. We don't care about the signature for bob.
not_the_bees = b"Not the bees!" + int(i).to_bytes(length=4, byteorder="big")
like_a_map_but_awful.message_kit, _signature_for_bob_which_is_never_Used = encrypt_and_sign(
bob.public_keys(DecryptingPower),
plaintext=not_the_bees,
signer=self.stamp,
)
#############################################################################################
# Now I'll mess with the hrac just a bit. I can't touch the last 16 bytes, because these #
# are checked against the blockchain. But the first half is up for grabs. #
bad_hrac = the_map._hrac[:15] + int(i).to_bytes(length=1, byteorder="big") #
# Note: if the hrac is reduced in length to 16 bytes, I'll be unable to perform this attack.#
#############################################################################################
# Also note that we only touch the last byte to demonstrate that this attack isn't possible
# I know Ursula checks the public signature because she thinks I'm Alice. So I'll sign my bad hrac.
like_a_map_but_awful._public_signature = self.stamp(bytes(self.stamp) + bad_hrac)
like_a_map_but_awful._hrac = bad_hrac
# With the bad hrac and the segment of the film, I'm ready to make a phony payload and map ID.
like_a_map_but_awful._set_payload()
like_a_map_but_awful._set_id()
# I'll sign it again, so that it appears to match the policy for which I already paid.
transacting_power = self._crypto_power.power_ups(TransactingPower)
like_a_map_but_awful.include_blockchain_signature(blockchain_signer=transacting_power.sign_message)
# Sucker.
self.network_middleware.put_treasure_map_on_node(sucker_ursula, map_payload=bytes(like_a_map_but_awful))
def encapsulate_single_message(self, message):
message_kit, signature = encrypt_and_sign(self.policy_pubkey,
plaintext=message,
signer=self.stamp)
message_kit.policy_pubkey = self.policy_pubkey # TODO: We can probably do better here.
return message_kit, signature
