jmg
/
medashare
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

switch to edgold from cryptography. 

We were only using the ed448 code, and cryptography requires rust
to compile, and contains a LOT of other code, while edgold is much
smaller, and doesn't require a rust compiler, and will work on more
systems..  Keep around an old identity generated from cryptography
to make sure the two libraries are compatible.
main
John-Mark Gurney 2 years ago
parent
39a0ef6d50
commit
0a036e092c
3 changed files with 27 additions and 20 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. BIN
      ui/fixtures/cryptography.persona.pasn1
  2. +26
    -19
      ui/medashare/cli.py
  3. +1
    -1
      ui/setup.py

BIN
ui/fixtures/cryptography.persona.pasn1 View File


+ 26
- 19
ui/medashare/cli.py View File

@@ -28,11 +28,7 @@ def _debprint(*args): # pragma: no cover


#import pdb, sys; mypdb = pdb.Pdb(stdout=sys.stderr); mypdb.set_trace() #import pdb, sys; mypdb = pdb.Pdb(stdout=sys.stderr); mypdb.set_trace()


from cryptography.hazmat.primitives.asymmetric.ed448 import Ed448PrivateKey, \
Ed448PublicKey
from cryptography.hazmat.primitives.serialization import Encoding, \
PrivateFormat, PublicFormat, NoEncryption

from edgold.ed448 import EDDSA448
from unittest import mock from unittest import mock


from .hostid import hostuuid from .hostid import hostuuid
@@ -128,8 +124,7 @@ class Persona(object):


if 'pubkey' in self._identity: if 'pubkey' in self._identity:
pubkeybytes = self._identity.pubkey pubkeybytes = self._identity.pubkey
self._pubkey = Ed448PublicKey.from_public_bytes(
pubkeybytes)
self._pubkey = EDDSA448(pub=pubkeybytes)


self._created_by_ref = self._identity.uuid self._created_by_ref = self._identity.uuid


@@ -188,7 +183,7 @@ class Persona(object):
idobj = self._identity idobj = self._identity
pubstr = _asn1coder.dumps([ idobj.uuid, idobj.pubkey ]) pubstr = _asn1coder.dumps([ idobj.uuid, idobj.pubkey ])


return base58.b58encode_check(pubstr)
return base58.b58encode_check(pubstr).decode('ascii')


def new_version(self, *args): def new_version(self, *args):
'''Update the Persona's Identity object.''' '''Update the Persona's Identity object.'''
@@ -207,8 +202,7 @@ class Persona(object):
} }
if self._key is not None: if self._key is not None:
obj['key'] = \ obj['key'] = \
self._key.private_bytes(Encoding.Raw,
PrivateFormat.Raw, NoEncryption())
self._key.export_key('raw')


fp.write(_asn1coder.dumps(obj)) fp.write(_asn1coder.dumps(obj))


@@ -221,8 +215,7 @@ class Persona(object):


kwargs = {} kwargs = {}
if 'key' in objs: if 'key' in objs:
kwargs['key'] = Ed448PrivateKey.from_private_bytes(
objs['key'])
kwargs['key'] = EDDSA448(objs['key'])


return cls(Identity(objs['identity']), **kwargs) return cls(Identity(objs['identity']), **kwargs)


@@ -234,10 +227,9 @@ class Persona(object):
if self._key: if self._key:
raise RuntimeError('a key already exists') raise RuntimeError('a key already exists')


self._key = Ed448PrivateKey.generate()
self._key = EDDSA448.generate()
self._pubkey = self._key.public_key() self._pubkey = self._key.public_key()
pubkey = self._pubkey.public_bytes(Encoding.Raw,
PublicFormat.Raw)
pubkey = self._pubkey.export_key('raw')
self._identity = self.sign(self._identity.new_version(('pubkey', self._identity = self.sign(self._identity.new_version(('pubkey',
pubkey))) pubkey)))


@@ -264,8 +256,7 @@ class Persona(object):
def verify(self, obj): def verify(self, obj):
sigbytes = self._makesigbytes(obj) sigbytes = self._makesigbytes(obj)


pubkey = self._pubkey.public_bytes(Encoding.Raw,
PublicFormat.Raw)
pubkey = self._pubkey.export_key('raw')
self._pubkey.verify(obj['sig'], sigbytes) self._pubkey.verify(obj['sig'], sigbytes)


return True return True
@@ -872,7 +863,7 @@ def cmd_pubkey(options):


persona = Persona.load(identfname) persona = Persona.load(identfname)


print(persona.get_pubkey().decode('ascii'))
print(persona.get_pubkey())


@init_datastructs @init_datastructs
def cmd_modify(options, persona, objstr, cache): def cmd_modify(options, persona, objstr, cache):
@@ -1721,6 +1712,22 @@ class _TestCases(unittest.TestCase):
# that it does have a common property # that it does have a common property
self.assertIn('type', odict) self.assertIn('type', odict)


def test_cryptography_persona(self):
# Verify that a persona generated by cryptography still works
persona = Persona.load(self.fixtures / 'cryptography.persona.pasn1')

realpubkey = 'nFyLw6kB15DrM46ni9eEBRb6QD4rsPuco3ymj3mvz5YM8j3hY6chcjewU7FvqDpWALTSZ3E212SxCNErdYzPjgbxTnrYNyzeYTM2k58krEcKvWW6h'
pubkey = persona.get_pubkey()

self.assertEqual(realpubkey, pubkey)

vpersona = Persona.from_pubkey(realpubkey)

ident = persona.get_identity()
vpersona.verify(ident)

self.assertEqual(ident.uuid, uuid.UUID('52f1a92b-0c92-41e3-b647-356db89fb49c'))

def test_persona(self): def test_persona(self):
# that a newly created persona # that a newly created persona
persona = Persona() persona = Persona()
@@ -1741,7 +1748,7 @@ class _TestCases(unittest.TestCase):
# that get_pubkey returns the correct thing # that get_pubkey returns the correct thing
pubstr = _asn1coder.dumps([ idobj.uuid, idobj['pubkey'] ]) pubstr = _asn1coder.dumps([ idobj.uuid, idobj['pubkey'] ])
self.assertEqual(persona.get_pubkey(), self.assertEqual(persona.get_pubkey(),
base58.b58encode_check(pubstr))
base58.b58encode_check(pubstr).decode('ascii'))


# and that there is a signature # and that there is a signature
self.assertIsInstance(idobj['sig'], bytes) self.assertIsInstance(idobj['sig'], bytes)


+ 1
- 1
ui/setup.py View File

@@ -21,7 +21,7 @@ setup(
install_requires=[ install_requires=[
'alembic', 'alembic',
'base58', 'base58',
'cryptography',
'edgold @ git+https://www.funkthat.com/gitea/jmg/ed448goldilocks.git@pyupdate#egg=edgold&subdirectory=python',
'databases[sqlite]', 'databases[sqlite]',
'fastapi', 'fastapi',
'fastapi_restful', 'fastapi_restful',


Write Preview
Loading…
Cancel
Save