2
0
mirror of https://github.com/ComradCollective/Comrad synced 2024-11-17 21:25:37 +00:00
Comrad/komrade/backend/operators.py

503 lines
18 KiB
Python
Raw Normal View History

2020-09-05 16:26:37 +00:00
# internal imports
2020-09-04 15:50:08 +00:00
import os,sys; sys.path.append(os.path.abspath(os.path.join(os.path.abspath(os.path.join(os.path.dirname(__file__),'..')),'..')))
2020-09-05 16:26:37 +00:00
from komrade import *
2020-09-05 21:11:42 +00:00
from komrade.backend.crypt import *
from komrade.backend.keymaker import *
from komrade.backend.mazes import *
2020-09-05 22:15:15 +00:00
from komrade.backend.switchboard import *
2020-09-04 15:50:08 +00:00
2020-09-06 06:50:23 +00:00
2020-09-04 15:50:08 +00:00
class Operator(Keymaker):
2020-09-07 17:11:52 +00:00
def __init__(self, name, passphrase=None, keychain = {}, path_crypt_keys=PATH_CRYPT_CA_KEYS, path_crypt_data=PATH_CRYPT_CA_DATA):
super().__init__(name=name,passphrase=passphrase, keychain=keychain,
path_crypt_keys=path_crypt_keys, path_crypt_data=path_crypt_data)
2020-09-06 19:39:44 +00:00
self.boot(create=False)
2020-09-04 15:50:08 +00:00
2020-09-05 14:09:31 +00:00
def boot(self,create=False):
# Do I have my keys?
have_keys = self.exists()
# If not, forge them -- only once!
if not have_keys and create:
self.get_new_keys()
2020-09-04 15:50:08 +00:00
2020-09-05 14:09:31 +00:00
# load keychain into memory
self._keychain = self.keychain(force = True)
2020-09-04 15:50:08 +00:00
2020-09-07 17:11:52 +00:00
@property
def phone(self):
2020-09-07 20:00:21 +00:00
from komrade.backend.the_telephone import TheTelephone
if type(self)==TheTelephone: return self
2020-09-07 17:50:58 +00:00
if hasattr(self,'_phone'): return self._phone
2020-09-07 20:00:21 +00:00
2020-09-07 17:11:52 +00:00
global TELEPHONE,TELEPHONE_KEYCHAIN
if TELEPHONE: return TELEPHONE
2020-09-07 20:00:21 +00:00
2020-09-07 17:50:58 +00:00
self._phone=TELEPHONE=TheTelephone()
2020-09-07 20:00:21 +00:00
2020-09-07 17:11:52 +00:00
return TELEPHONE
@property
def op(self):
2020-09-07 20:00:21 +00:00
from komrade.backend.the_operator import TheOperator
if type(self)==TheOperator: return self
if hasattr(self,'_op'): return self._op
2020-09-07 17:11:52 +00:00
global OPERATOR,OPERATOR_KEYCHAIN
if OPERATOR: return OPERATOR
2020-09-07 20:00:21 +00:00
self._op=OPERATOR=TheOperator()
2020-09-07 17:11:52 +00:00
return OPERATOR
def encrypt_to_send(self,msg_json,from_privkey,to_pubkey):
if not msg_json or not from_privkey or not to_pubkey:
self.log('not enough info!')
return b''
msg_b = package_for_transmission(msg_json)
try:
msg_encr = SMessage(
from_privkey,
to_pubkey,
).wrap(msg_b)
return msg_encr
except ThemisError as e:
self.log('unable to encrypt to send!',e)
return b''
2020-09-07 18:20:05 +00:00
def decrypt_from_send(self,msg_encr,from_pubkey,to_privkey):
2020-09-07 18:20:37 +00:00
if not msg_encr or not from_pubkey or not to_privkey:
self.log('not enough info!')
2020-09-07 18:36:05 +00:00
return {}
try:
# decrypt
msg_b = SMessage(
to_privkey,
from_pubkey,
).unwrap(msg_encr)
# decode
2020-09-07 18:22:56 +00:00
self.log('msg_b??',msg_b)
msg_json = unpackage_from_transmission(msg_b)
2020-09-07 18:22:56 +00:00
self.log('msg_json??',msg_json)
# return
return msg_json
except ThemisError as e:
self.log('unable to decrypt from send!',e)
2020-09-07 18:36:05 +00:00
return {}
2020-09-07 20:00:21 +00:00
# async def req(self,json_phone={},json_caller={},caller=None):
2020-09-07 20:01:16 +00:00
def ring_ring(self,
2020-09-07 20:00:21 +00:00
from_phone=None,
to_phone=None,
from_caller=None,
to_caller=None,
json_phone2phone={},
json_caller2phone={}, # (person) -> operator or operator -> (person)
json_caller2caller={}):
self.log(f"""
RING RING!
from_phone={from_phone}, to_phone={to_phone},
from_caller={from_caller}, to_caller={to_caller},
json_phone2phone={json_phone2phone},
json_caller2phone={json_caller2phone},
json_caller2caller={json_caller2caller},
""")
## defaults
unencr_header=b''
encrypted_message_from_telephone_to_op = b''
encrypted_message_from_caller_to_op = b''
encrypted_message_from_caller_to_caller = b''
if not from_phone: from_phone=self.phone
if not to_phone: to_phone=self.op
### LAYERS OF ENCRYPTION:
# 1) unencr header
# Telephone sends half its and the operator's public keys
unencr_header = from_phone.pubkey_encr_ + BSEP2 + to_phone.pubkey_decr_
self.log('Layer 1: Unencrypted header:',unencr_header)
## Encrypt level 1: from Phone to Op
if json_phone2phone:
encrypted_message_from_telephone_to_op = self.encrypt_to_send(
msg_json = json_phone2phone,
from_privkey = self.phone.privkey_,
to_pubkey = self.op.pubkey_
)
self.log('Layer 2: Phone 2 op:',encrypted_message_from_telephone_to_op)
## Level 2: from Caller to Op
if json_caller2phone and from_caller:
encrypted_message_from_caller_to_op = self.encrypt_to_send(
msg_json = json_caller2phone,
from_privkey = from_caller.privkey_,
to_pubkey = self.op.pubkey_
)
self.log('Layer 3: Caller 2 op:',encrypted_message_from_telephone_to_op)
# 2) Level 3: from Caller to Caller
if json_caller2caller and from_caller and to_caller:
encrypted_message_from_caller_to_caller = self.encrypt_to_send(
msg_json = json_caller2caller,
from_privkey = from_caller.privkey_,
to_pubkey = to_caller.pubkey_
)
self.log('Layer 3: Caller 2 Caller:',encrypted_message_from_telephone_to_op)
MSG_PIECES = [
unencr_header,
encrypted_message_from_telephone_to_op,
encrypted_message_from_caller_to_op,
encrypted_message_from_caller_to_caller
]
2020-09-07 20:08:39 +00:00
2020-09-07 20:09:08 +00:00
self.log(b'\n ~~~ \n'.join(MSG_PIECES))
2020-09-07 20:00:21 +00:00
MSG = BSEP.join(MSG_PIECES)
2020-09-07 20:11:35 +00:00
self.log('MSG',MSG)
2020-09-07 20:00:21 +00:00
MSG_b64 = b64encode(MSG)
2020-09-07 20:09:08 +00:00
self.log(b' ~~~ ring ring ~~~ rriing ~~~',MSG_b64)
2020-09-07 20:00:21 +00:00
2020-09-07 20:13:51 +00:00
msg_b64_str = MSG_b64.decode()
self.log(b' ~~~ rirrrrng ring ~~~~ ring ~~ rrrrriing ~~~',msg_b64_str)
return msg_b64_str
2020-09-07 20:00:21 +00:00
2020-09-07 20:58:09 +00:00
def answer_phone(self,data_b64_s, from_phone=None,to_phone=None):
2020-09-07 20:00:21 +00:00
assert type(data_b64_s) == str
self.log('Pronto!\n ... '+data_b64_s+' ...?')
if not isBase64(data_b64_s):
self.log('incoming data not b64')
return OPERATOR_INTERCEPT_MESSAGE
# string -> b64 bytes
data_b64_b = data_b64_s.encode()
self.log('data_b64_b',data_b64_b)
# b64 -> raw bytes
data = b64decode(data_b64_b)
self.log('data',data)
2020-09-07 20:05:09 +00:00
data = b64decode(data_b64_b)
self.log('data2',data)
2020-09-07 20:00:21 +00:00
# split
assert data.count(BSEP) == 3
(
unencr_header, # Tele.pubkey_encr|Op.pubkey_decr
2020-09-07 20:34:29 +00:00
data_encr_phone2phone,
data_encr_caller2phone,
2020-09-07 20:00:21 +00:00
data_encr_caller2caller
) = data.split(BSEP)
# set up
DATA = {}
2020-09-07 20:34:29 +00:00
# layer 1: unencr
2020-09-07 20:00:21 +00:00
# get other keys from halfkeys
2020-09-07 20:35:28 +00:00
# from_phone_pubkey,to_phone_pubkey = self.reassemble_nec_keys_using_header(unencr_header)
2020-09-07 20:58:09 +00:00
if not from_phone or not to_phone:
from_phone,to_phone = self.discover_which_phones_from_header(unencr_header)
2020-09-07 21:04:19 +00:00
self.log(f'I am {to_phone} and I am answering the phone! from {from_phone}')
2020-09-07 20:00:21 +00:00
2020-09-07 20:34:29 +00:00
# layer 2: I know I (either Telephone or Operator) am the recipient of this msg
2020-09-07 20:58:09 +00:00
from_phone_keychain = from_phone.keychain()
2020-09-07 21:00:36 +00:00
from_phone_pubkey=from_phone_keychain.get('pubkey')
2020-09-07 20:58:09 +00:00
to_phone_keychain = to_phone.keychain()
2020-09-07 21:00:36 +00:00
to_phone_privkey=to_phone_keychain.get('privkey')
2020-09-07 20:00:21 +00:00
2020-09-07 21:05:41 +00:00
self.log('data_encr_phone2phone',from_phone_pubkey,from_phone)
2020-09-07 21:04:19 +00:00
self.log('from_phone_pubkey',from_phone_pubkey,from_phone)
self.log('to_phone_privkey',to_phone_privkey,to_phone)
2020-09-07 20:00:21 +00:00
# 2) decrypt from phone
2020-09-07 20:34:29 +00:00
data_phone2phone = self.decrypt_from_send(
2020-09-07 21:01:50 +00:00
msg_encr=data_encr_phone2phone,
2020-09-07 21:00:36 +00:00
from_pubkey=from_phone_pubkey,
to_privkey=to_phone_privkey
2020-09-07 20:34:29 +00:00
)
2020-09-07 21:00:36 +00:00
self.log('data_phone2phone',data_phone2phone)
2020-09-07 20:00:21 +00:00
# 3) decrypt from caller
2020-09-07 20:58:09 +00:00
from_caller_pubkey = self.reassemble_necessary_keys_using_decr_phone_data(data_phone2phone)
data_caller2phone = self.decrypt_from_send(
2020-09-07 21:01:50 +00:00
msg_encr=data_encr_caller2phone,
2020-09-07 21:00:36 +00:00
from_pubkey=from_caller_pubkey,
to_privkey=to_phone_privkey
2020-09-07 20:58:09 +00:00
)
2020-09-07 21:00:36 +00:00
self.log('data_caller2phone',data_caller2phone)
2020-09-07 20:00:21 +00:00
2020-09-07 21:00:36 +00:00
# @TODO: 4) Caller 2 Caller
2020-09-07 20:58:09 +00:00
#to_caller_pubkey = self.reassemble_necessary_keys_using_decr_caller_data(data_caller2phone)
# send this to caller...
2020-09-07 20:00:21 +00:00
DATA = {}
2020-09-07 20:58:09 +00:00
dict_merge(DATA,data_phone2phone)
dict_merge(DATA,data_caller2phone)
# dict_merge(DATA,data_caller2caller)
# dict_merge(DATA,data_by_caller)
2020-09-07 20:00:21 +00:00
self.log('DATA!!!!!',DATA)
return DATA
2020-09-07 19:26:58 +00:00
# def encrypt_outgoing(self,
# data_from_sender1={},
# data_from_sender2={},
# privkey_from_sender1=None,
# privkey_from_sender2=None,
# to_pubkey=None,
# unencr_header=b''):
2020-09-07 19:26:58 +00:00
# # 2) encrypt to phone
# json_phone_encr = self.encrypt_to_send(data_from_sender1,from_phone_privkey,to_pubkey)
# self.log('json_phone_encr',json_phone_encr)
2020-09-07 19:26:58 +00:00
# # 3) to caller
# json_caller_encr = self.encrypt_to_send(json_caller,from_caller_privkey,to_pubkey)
# self.log()
2020-09-07 19:26:58 +00:00
# # return
# req_data_encr = unencr_header + BSEP + json_phone_encr + BSEP + json_caller_encr
# return req_data_encr
def reassemble_nec_keys_using_header(self,unencr_header):
assert unencr_header.count(BSEP2)==1
2020-09-07 18:20:05 +00:00
phone_pubkey_encr,op_pubkey_decr = unencr_header.split(BSEP2)
# get phone pubkey
2020-09-07 18:20:05 +00:00
new_phone_keychain = self.phone.keychain(extra_keys={'pubkey_encr':phone_pubkey_encr},force=True)
new_op_keychain = self.keychain(extra_keys={'pubkey_decr':op_pubkey_decr},force=True)
phone_pubkey = new_phone_keychain.get('pubkey')
op_pubkey = new_op_keychain.get('pubkey')
2020-09-07 18:20:05 +00:00
self.log('reassembled phone/op pubkeys:',phone_pubkey,op_pubkey)
return (phone_pubkey,op_pubkey)
2020-09-07 20:34:29 +00:00
def discover_which_phones_from_header(self,unencr_header):
assert unencr_header.count(BSEP2)==1
from_phone_pubkey_encr,to_phone_pubkey_decr = unencr_header.split(BSEP2)
phone_keychain = self.phone.keychain()
2020-09-07 20:47:13 +00:00
op_keychain = self.op.keychain()
2020-09-07 20:38:11 +00:00
op_pubkey_encr = op_keychain.get('pubkey_encr')
op_pubkey_decr = op_keychain.get('pubkey_decr')
phone_pubkey_encr = phone_keychain.get('pubkey_encr')
phone_pubkey_decr = phone_keychain.get('pubkey_encr')
self.log('phone_keychain',phone_keychain)
self.log('op_keychain',op_keychain)
self.log('op_pubkey_encr',op_pubkey_encr)
self.log('op_pubkey_decr',op_pubkey_decr)
self.log('phone_pubkey_encr',phone_pubkey_encr)
self.log('phone_pubkey_decr',phone_pubkey_decr)
2020-09-07 20:34:29 +00:00
# was this sent from Phone -> Op?
to_phone=None
from_phone=None
op_fits_as_to_phone=False
tele_fits_as_to_phone=False
op_fits_as_from_phone=False
tele_fits_as_from_phone=False
2020-09-07 20:41:45 +00:00
if op_pubkey_encr:
op_fits_as_to_phone = self.assemble_key(op_pubkey_encr,to_phone_pubkey_decr)
2020-09-07 20:47:13 +00:00
self.log('op_fits_as_to_phone',op_fits_as_to_phone)
2020-09-07 20:58:09 +00:00
return (self.phone,self.op)
2020-09-07 20:41:45 +00:00
if phone_pubkey_encr:
tele_fits_as_to_phone = self.assemble_key(phone_pubkey_encr,to_phone_pubkey_decr)
2020-09-07 20:47:13 +00:00
self.log('tele_fits_as_to_phone',tele_fits_as_to_phone)
2020-09-07 20:58:09 +00:00
return (self.op,self.phone)
2020-09-07 20:41:45 +00:00
if op_pubkey_decr:
2020-09-07 20:44:05 +00:00
op_fits_as_from_phone = self.assemble_key(from_phone_pubkey_encr, op_pubkey_decr)
2020-09-07 20:47:13 +00:00
self.log('op_fits_as_from_phone',op_fits_as_from_phone)
2020-09-07 20:58:09 +00:00
return (self.op,self.phone)
2020-09-07 20:41:45 +00:00
if phone_pubkey_decr:
2020-09-07 20:44:05 +00:00
tele_fits_as_from_phone = self.assemble_key(from_phone_pubkey_encr,phone_pubkey_decr)
2020-09-07 20:47:13 +00:00
self.log('tele_fits_as_from_phone',tele_fits_as_from_phone)
2020-09-07 20:58:09 +00:00
return (self.phone,self.op)
2020-09-07 20:34:29 +00:00
2020-09-07 20:47:13 +00:00
# # get phone pubkey
# new_phone_keychain = self.phone.keychain(extra_keys={'pubkey_encr':phone_pubkey_encr},force=True)
# new_op_keychain = self.keychain(extra_keys={'pubkey_decr':op_pubkey_decr},force=True)
# phone_pubkey = new_phone_keychain.get('pubkey')
# op_pubkey = new_op_keychain.get('pubkey')
# self.log('reassembled phone/op pubkeys:',phone_pubkey,op_pubkey)
# return (phone_pubkey,op_pubkey)
2020-09-07 20:34:29 +00:00
def reassemble_necessary_keys_using_decr_phone_data(self,decr_phone_data):
name=decr_phone_data.get('name')
if not name: return None
try:
caller = Caller(name)
self.log('got caller on phone',name,caller)
return caller.pubkey_
except:
return
2020-09-07 20:00:21 +00:00
2020-09-07 17:11:52 +00:00
### CREATE PRIME ENTITIES
def create_phonelines():
## CREATE OPERATOR
op = Operator(name=OPERATOR_NAME)
2020-09-07 17:50:58 +00:00
op_keys_to_keep_on_client = ['pubkey_decr'] # sent TO operator
2020-09-07 18:30:21 +00:00
op_keys_to_keep_on_3rdparty = ['pubkey_encr','privkey_encr'] # dl by op
op_keys_to_keep_on_server = ['privkey_decr','adminkey_encr','adminkey_decr_encr','adminkey_decr_decr']
2020-09-07 17:11:52 +00:00
## create phone
phone = Operator(name=TELEPHONE_NAME)
2020-09-07 17:57:52 +00:00
phone_keys_to_keep_on_client = ['privkey_decr']
phone_keys_to_keep_on_3rdparty = ['pubkey_encr','privkey_encr'] # dl by phone
2020-09-07 17:50:58 +00:00
phone_keys_to_keep_on_server = ['pubkey_decr'] # sent to phone
2020-09-07 17:11:52 +00:00
# create keys for Op
op_decr_keys = op.forge_new_keys(
keys_to_save=op_keys_to_keep_on_server, # on server only; flipped around
keys_to_return=op_keys_to_keep_on_client + op_keys_to_keep_on_3rdparty # on clients only
)
# create keys for phone
phone_decr_keys = phone.forge_new_keys(
name=TELEPHONE_NAME,
keys_to_save=phone_keys_to_keep_on_server, # on server only
keys_to_return=phone_keys_to_keep_on_client + phone_keys_to_keep_on_3rdparty # on clients only
)
## store remote keys
THIRD_PARTY_DICT = {OPERATOR_NAME:{}, TELEPHONE_NAME:{}}
for key in op_keys_to_keep_on_3rdparty:
if key in op_decr_keys:
THIRD_PARTY_DICT[OPERATOR_NAME][key]=op_decr_keys[key]
for key in phone_keys_to_keep_on_3rdparty:
if key in phone_decr_keys:
THIRD_PARTY_DICT[TELEPHONE_NAME][key]=phone_decr_keys[key]
# store local keys
STORE_IN_APP = {OPERATOR_NAME:{}, TELEPHONE_NAME:{}}
for key in op_keys_to_keep_on_client:
if key in op_decr_keys:
STORE_IN_APP[OPERATOR_NAME][key]=op_decr_keys[key]
for key in phone_keys_to_keep_on_client:
if key in phone_decr_keys:
STORE_IN_APP[TELEPHONE_NAME][key]=phone_decr_keys[key]
# package
STORE_IN_APP_pkg = package_for_transmission(STORE_IN_APP[TELEPHONE_NAME]) + BSEP + package_for_transmission(STORE_IN_APP[OPERATOR_NAME])
THIRD_PARTY_DICT_pkg = package_for_transmission(THIRD_PARTY_DICT[TELEPHONE_NAME]) + BSEP + package_for_transmission(THIRD_PARTY_DICT[OPERATOR_NAME])
# encrypt
omega_key = KomradeSymmetricKeyWithoutPassphrase()
STORE_IN_APP_encr = b64encode(omega_key.encrypt(STORE_IN_APP_pkg))
THIRD_PARTY_totalpkg = b64encode(omega_key.data + BSEP + omega_key.encrypt(THIRD_PARTY_DICT_pkg))
# save
with open(PATH_BUILTIN_KEYCHAIN,'wb') as of:
of.write(STORE_IN_APP_encr)
print('STORE_IN_APP_encr',STORE_IN_APP_encr)
with open(PATH_OPERATOR_WEB_KEYS_FILE,'wb') as of:
of.write(THIRD_PARTY_totalpkg)
print('THIRD_PARTY_DICT_encr',THIRD_PARTY_totalpkg)
def connect_phonelines():
# globals
global OMEGA_KEY,OPERATOR_KEYCHAIN,TELEPHONE_KEYCHAIN
if OMEGA_KEY and OPERATOR_KEYCHAIN and TELEPHONE_KEYCHAIN:
2020-09-07 17:27:46 +00:00
return (OPERATOR_KEYCHAIN,TELEPHONE_KEYCHAIN)
2020-09-07 17:11:52 +00:00
2020-09-07 17:50:58 +00:00
print('\n\n\n\nCONNECTING PHONELINES!\n\n\n\n')
2020-09-07 17:11:52 +00:00
# import
from komrade.backend.mazes import tor_request
from komrade.backend import PATH_OPERATOR_WEB_KEYS_URL
# load local keys
if not os.path.exists(PATH_BUILTIN_KEYCHAIN):
print('builtin keys not present??')
return
with open(PATH_BUILTIN_KEYCHAIN,'rb') as f:
local_builtin_keychain_encr = b64decode(f.read())
# load remote keys
print('??',PATH_OPERATOR_WEB_KEYS_URL)
2020-09-07 17:13:39 +00:00
r = komrade_request(PATH_OPERATOR_WEB_KEYS_URL)
2020-09-07 17:11:52 +00:00
if r.status_code!=200:
print('cannot authenticate the keymakers')
return
# unpack remote pkg
pkg = b64decode(r.text)
OMEGA_KEY_b,remote_builtin_keychain_encr = pkg.split(BSEP)
OMEGA_KEY = KomradeSymmetricKeyWithoutPassphrase(key=OMEGA_KEY_b)
remote_builtin_keychain = OMEGA_KEY.decrypt(remote_builtin_keychain_encr)
remote_builtin_keychain_phone,remote_builtin_keychain_op = remote_builtin_keychain.split(BSEP)
remote_builtin_keychain_phone_json = unpackage_from_transmission(remote_builtin_keychain_phone)
remote_builtin_keychain_op_json = unpackage_from_transmission(remote_builtin_keychain_op)
print('remote_builtin_keychain_phone_json',remote_builtin_keychain_phone_json)
print('remote_builtin_keychain_op_json',remote_builtin_keychain_op_json)
# unpack local pkg
local_builtin_keychain = OMEGA_KEY.decrypt(local_builtin_keychain_encr)
local_builtin_keychain_phone,local_builtin_keychain_op = local_builtin_keychain.split(BSEP)
local_builtin_keychain_phone_json = unpackage_from_transmission(local_builtin_keychain_phone)
local_builtin_keychain_op_json = unpackage_from_transmission(local_builtin_keychain_op)
print('local_builtin_keychain_phone_json',local_builtin_keychain_phone_json)
print('local_builtin_keychain_op_json',local_builtin_keychain_op_json)
# set builtin keychains
TELEPHONE_KEYCHAIN={}
OPERATOR_KEYCHAIN={}
dict_merge(TELEPHONE_KEYCHAIN,local_builtin_keychain_phone_json)
dict_merge(OPERATOR_KEYCHAIN,local_builtin_keychain_op_json)
dict_merge(TELEPHONE_KEYCHAIN,remote_builtin_keychain_phone_json)
dict_merge(OPERATOR_KEYCHAIN,remote_builtin_keychain_op_json)
return (OPERATOR_KEYCHAIN,TELEPHONE_KEYCHAIN)
# # load prime objects?
# from komrade.backend.the_operator import TheOperator
# from komrade.backend.the_telephone import TheTelephone
# OPERATOR = TheOperator(keychain=OPERATOR_KEYCHAIN)
# TELEPHONE = TheTelephone(keychain=TELEPHONE_KEYCHAIN)
# return (OPERATOR,TELEPHONE)