|
|
|
"""
|
|
|
|
There is only one operator!
|
|
|
|
Running on node prime.
|
|
|
|
"""
|
|
|
|
# internal imports
|
|
|
|
import os,sys; sys.path.append(os.path.abspath(os.path.join(os.path.abspath(os.path.join(os.path.dirname(__file__),'..')),'..')))
|
|
|
|
from komrade import *
|
|
|
|
from komrade.backend import *
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class TheOperator(Operator):
|
|
|
|
"""
|
|
|
|
The remote operator
|
|
|
|
"""
|
|
|
|
@property
|
|
|
|
def phone(self):
|
|
|
|
global TELEPHONE
|
|
|
|
from komrade.backend.the_telephone import TheTelephone
|
|
|
|
if not TELEPHONE: TELEPHONE=TheTelephone(allow_builtin=False)
|
|
|
|
return TELEPHONE
|
|
|
|
|
|
|
|
|
|
|
|
def __init__(self, name = OPERATOR_NAME, passphrase='acc', allow_builtin=True):
|
|
|
|
"""
|
|
|
|
Boot up the operator. Requires knowing or setting a password of memory.
|
|
|
|
"""
|
|
|
|
# init req paths
|
|
|
|
# if not os.path.exists(PATH_OPERATOR): os.makedirs(PATH_OPERATOR)
|
|
|
|
if not passphrase:
|
|
|
|
passphrase=getpass.getpass('Hello, this is the Operator speaking. What is the passphrase?\n> ')
|
|
|
|
self.allow_builtin=allow_builtin
|
|
|
|
super().__init__(name,passphrase,path_crypt_keys=PATH_CRYPT_OP_KEYS,path_crypt_data=PATH_CRYPT_OP_DATA)
|
|
|
|
|
|
|
|
def decrypt_incoming(self,data):
|
|
|
|
# step 1 split:
|
|
|
|
data_unencr,data_encr_by_phone,data_encr_by_caller = data.split(BSEP)
|
|
|
|
data_unencr_by_phone,data_unencr_by_caller = None,None
|
|
|
|
|
|
|
|
# my_kc = self.keychain(allow_builtin=False,force=True)
|
|
|
|
# ph_kc = self.phone.keychain(allow_builtin=False,force=True)
|
|
|
|
# self.log('my keychain:',my_kc)
|
|
|
|
# self.log('phone keychain:',ph_kc)
|
|
|
|
# weeee
|
|
|
|
|
|
|
|
self.log('data_unencr =',data_unencr)
|
|
|
|
self.log('data_encr_by_phone =',data_encr_by_phone)
|
|
|
|
self.log('data_encr_by_caller =',data_encr_by_caller)
|
|
|
|
|
|
|
|
DATA = {}
|
|
|
|
KEYCHAIN = self.keychain(allow_builtin=False,force=True)
|
|
|
|
self.log('as of now 1, I the operator have these keys:',KEYCHAIN.keys())
|
|
|
|
# stop1
|
|
|
|
PHONE_PUBKEY=None
|
|
|
|
MY_PRIVKEY=None
|
|
|
|
|
|
|
|
if data_unencr:
|
|
|
|
self.log('unencrypted data:',data_unencr)
|
|
|
|
|
|
|
|
if BSEP2 in data_unencr:
|
|
|
|
my_privkey_decr,phone_pubkey_decr = data_unencr.split(BSEP2)
|
|
|
|
self.log('my_privkey_decr',my_privkey_decr)
|
|
|
|
self.log('phone_pubkey_decr',phone_pubkey_decr)
|
|
|
|
|
|
|
|
# get phone pubkey
|
|
|
|
new_phone_keychain = self.phone.keychain(extra_keys={'pubkey_decr':phone_pubkey_decr},force=True)
|
|
|
|
new_op_keychain = self.keychain(extra_keys={'privkey_decr':my_privkey_decr},force=True)
|
|
|
|
|
|
|
|
PHONE_PUBKEY = new_phone_keychain.get('pubkey')
|
|
|
|
MY_PRIVKEY = new_op_keychain.get('privkey')
|
|
|
|
|
|
|
|
# print(new_phone_keychain,'new_phone_keychain')
|
|
|
|
# print(new_op_keychain,'new_op_keychain')
|
|
|
|
|
|
|
|
|
|
|
|
# self.log('PHONE_PUBKEY',PHONE_PUBKEY)
|
|
|
|
# self.log('MY_PRIVKEY',MY_PRIVKEY)
|
|
|
|
# stopppp
|
|
|
|
|
|
|
|
if data_encr_by_phone:
|
|
|
|
|
|
|
|
# then try to unwrap telephone encryption
|
|
|
|
if not MY_PRIVKEY or not PHONE_PUBKEY:
|
|
|
|
self.log('!! could not assemble my or phone\'s keys. failing.')
|
|
|
|
return OPERATOR_INTERCEPT_MESSAGE
|
|
|
|
|
|
|
|
try:
|
|
|
|
data_unencr_by_phone = SMessage(MY_PRIVKEY, PHONE_PUBKEY).unwrap(data_encr_by_phone)
|
|
|
|
self.log('decrypted data !!!:',data_unencr_by_phone)
|
|
|
|
except ThemisError as e:
|
|
|
|
self.log('not really from the telephone?',e)
|
|
|
|
return OPERATOR_INTERCEPT_MESSAGE
|
|
|
|
|
|
|
|
data_unencr_by_phone_json = json.loads(data_unencr_by_phone.decode())
|
|
|
|
self.log('data_unencr_by_phone_json',data_unencr_by_phone_json)
|
|
|
|
if type(data_unencr_by_phone_json)== dict:
|
|
|
|
dict_merge(DATA, data_unencr_by_phone_json)
|
|
|
|
|
|
|
|
|
|
|
|
if data_encr_by_caller and 'name' in data_unencr_by_phone:
|
|
|
|
name=data_unencr_by_phone['name']
|
|
|
|
keychain=data_unencr_by_phone.get('_keychain',{})
|
|
|
|
|
|
|
|
# decrypt using this user's pubkey on record
|
|
|
|
caller = Caller(name)
|
|
|
|
data_unencr2 = SMessage(MY_PRIVKEY, caller.pubkey_).unwrap(data_encr_by_caller)
|
|
|
|
|
|
|
|
if type(data_unencr_by_phone)==dict and type(data_encr_by_caller)==dict:
|
|
|
|
data = data_unencr_by_phone
|
|
|
|
dict_merge(data_encr_by_caller, data)
|
|
|
|
else:
|
|
|
|
data=(data_unencr_by_phone,data_encr_by_caller)
|
|
|
|
else:
|
|
|
|
data = data_unencr_by_phone
|
|
|
|
return data
|
|
|
|
|
|
|
|
|
|
|
|
def encrypt_information(self,json_going_to_phone={},json_going_to_caller={},caller=None):
|
|
|
|
# 1)
|
|
|
|
unencr_header = self.privkey_encr_ + BSEP2 + self.phone.pubkey_encr_
|
|
|
|
|
|
|
|
# 2) encrypt to phone
|
|
|
|
if json_going_to_phone:
|
|
|
|
json_going_to_phone_s = json.dumps(json_going_to_phone)
|
|
|
|
json_going_to_phone_b = json_going_to_phone_s.encode()
|
|
|
|
json_going_to_phone_b_encr = SMessage(
|
|
|
|
self.privkey_,
|
|
|
|
self.phone.pubkey_
|
|
|
|
).wrap(json_going_to_phone_b)
|
|
|
|
else:
|
|
|
|
json_going_to_phone_b=b''
|
|
|
|
|
|
|
|
# 3) to caller
|
|
|
|
if json_going_to_caller and caller:
|
|
|
|
json_going_to_caller_s = json.dumps(json_going_to_caller)
|
|
|
|
json_going_to_caller_b = json_going_to_caller_s.encode()
|
|
|
|
json_going_to_caller_b_encr = SMessage(
|
|
|
|
caller.privkey_,
|
|
|
|
self.pubkey_
|
|
|
|
).wrap(json_going_to_caller_b)
|
|
|
|
else:
|
|
|
|
json_going_to_caller_b_encr = b''
|
|
|
|
|
|
|
|
req_data_encr = unencr_header + BSEP + json_coming_from_phone_b_encr + BSEP + json_coming_from_caller_b_encr
|
|
|
|
return req_data_encr
|
|
|
|
|
|
|
|
|
|
|
|
def recv(self,data):
|
|
|
|
# decrypt
|
|
|
|
data = self.decrypt_incoming(data)
|
|
|
|
|
|
|
|
# decode
|
|
|
|
data_s = data.decode()
|
|
|
|
data_json = json.loads(data_s)
|
|
|
|
|
|
|
|
|
|
|
|
self.log('DATA =',type(data),data)
|
|
|
|
self.log('DATA_s =',type(data_s),data_s)
|
|
|
|
self.log('DATA_json =',type(data_json),data_s)
|
|
|
|
|
|
|
|
res = self.route(data_json)
|
|
|
|
self.log('result from routing =',res)
|
|
|
|
|
|
|
|
# send back!
|
|
|
|
return self.send(res)
|
|
|
|
|
|
|
|
|
|
|
|
def send(self,res):
|
|
|
|
if not len(res)==2:
|
|
|
|
self.log('!! error. argument to send() must be: (json_tophone,json_tosender)')
|
|
|
|
return
|
|
|
|
|
|
|
|
msg_tophone,msg_tocaller = res
|
|
|
|
caller=None
|
|
|
|
if msg_tocaller and 'name' in msg_tophone:
|
|
|
|
caller = Operator(msg_tophone['name'])
|
|
|
|
self.log('send!',msg_tophone,msg_tocaller,caller)
|
|
|
|
data = self.encrypt_information(json_going_to_phone=msg_tophone,json_going_to_caller=caller)
|
|
|
|
self.log('got back encr:',data)
|
|
|
|
return data
|
|
|
|
|
|
|
|
|
|
|
|
def route(self, data):
|
|
|
|
res=None
|
|
|
|
route = data.get('_route')
|
|
|
|
if not route: return OPERATOR_INTERCEPT_MESSAGE
|
|
|
|
del data['_route']
|
|
|
|
|
|
|
|
if route == 'forge_new_keys':
|
|
|
|
res = self.forge_new_keys(**data)
|
|
|
|
else:
|
|
|
|
res = OPERATOR_INTERCEPT_MESSAGE
|
|
|
|
return res# 'success!'
|
|
|
|
|
|
|
|
def forge_new_keys(self,**data):
|
|
|
|
# get keys
|
|
|
|
res = super().forge_new_keys(**data)
|
|
|
|
pkg={}
|
|
|
|
pkg['name']=data.get('name')
|
|
|
|
pkg['_keychain']=res
|
|
|
|
self.log('returned keys from keymaker.forge_new_keys:','\n'.join(res.keys()))
|
|
|
|
|
|
|
|
# return to_phone,to_caller
|
|
|
|
return (pkg,{})
|
|
|
|
|
|
|
|
|
|
|
|
def init_operators():
|
|
|
|
op = TheOperator()
|
|
|
|
phone = TheTelephone()
|
|
|
|
|
|
|
|
op_decr_keys = op.forge_new_keys(
|
|
|
|
keys_to_save=['pubkey','privkey_encr','adminkey_encr','adminkey_decr_encr','adminkey_decr_decr'],
|
|
|
|
keys_to_return=['pubkey','privkey_decr']
|
|
|
|
)
|
|
|
|
|
|
|
|
phone_decr_keys = phone.forge_new_keys(
|
|
|
|
keys_to_save=['pubkey_encr'],
|
|
|
|
keys_to_return=['pubkey_decr','privkey']
|
|
|
|
)
|
|
|
|
|
|
|
|
print('\n'*5)
|
|
|
|
print('OPERATOR_KEYCHAIN =',op_decr_keys)
|
|
|
|
print()
|
|
|
|
print('TELEPHONE_KEYCHAIN =',phone_decr_keys)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_op():
|
|
|
|
from komrade.backend.the_telephone import TheTelephone
|
|
|
|
|
|
|
|
|
|
|
|
op = TheOperator()
|
|
|
|
# op.boot()
|
|
|
|
|
|
|
|
keychain_op = op.keychain(force=True)
|
|
|
|
|
|
|
|
|
|
|
|
phone = TheTelephone()
|
|
|
|
# phone.boot()
|
|
|
|
keychain_ph = phone.keychain(force=True)
|
|
|
|
|
|
|
|
|
|
|
|
from pprint import pprint
|
|
|
|
print('REASSEMBLED OPERATOR KEYCHAIN')
|
|
|
|
pprint(keychain_op)
|
|
|
|
# stop
|
|
|
|
|
|
|
|
print('REASSEMBLED TELEPHONE KEYCHAIN')
|
|
|
|
pprint(keychain_ph)
|
|
|
|
|
|
|
|
# print(op.pubkey(keychain=keychain))
|
|
|
|
# print(op.crypt_keys.get(op.pubkey(), prefix='/privkey_encr/'))
|
|
|
|
# print(op.crypt_keys.get(op.name, prefix='/pubkey_encr/'))
|
|
|
|
# print(op.pubkey_)
|
|
|
|
|
|
|
|
|
|
|
|
# stop
|
|
|
|
|
|
|
|
# pubkey = op.keychain()['pubkey']
|
|
|
|
# pubkey_b64 = b64encode(pubkey)
|
|
|
|
# print(pubkey)
|
|
|
|
|
|
|
|
if __name__ == '__main__': test_op()
|