From ddcb1e39e3502c48b35851ed8710869fd993f12d Mon Sep 17 00:00:00 2001 From: Kevin Froman Date: Fri, 6 Sep 2019 15:09:39 -0500 Subject: [PATCH] switched to bip39 from pgp word list --- onionr/etc/README.md | 2 - onionr/etc/onionrvalues.py | 1 + onionr/etc/pgpwords.py | 305 ---------------------- onionr/httpapi/miscclientapi/endpoints.py | 11 + onionr/onionrcommands/onionrstatistics.py | 3 + onionr/onionrutils/mnemonickeys.py | 20 +- onionr/static-data/www/shared/misc.js | 2 +- requirements.in | 1 + requirements.txt | 7 +- 9 files changed, 39 insertions(+), 313 deletions(-) delete mode 100755 onionr/etc/pgpwords.py diff --git a/onionr/etc/README.md b/onionr/etc/README.md index 9b310d28..46698239 100755 --- a/onionr/etc/README.md +++ b/onionr/etc/README.md @@ -6,6 +6,4 @@ Files that don't really fit anywhere else, but aren't used very frequently. humanreadabletime.py: take integer seconds and return a human readable time string -pgpwords.py: represent data using the pgp word list: https://en.wikipedia.org/wiki/PGP_word_list - onionrvalues.py: spec values for onionr blocks and other things \ No newline at end of file diff --git a/onionr/etc/onionrvalues.py b/onionr/etc/onionrvalues.py index 3217a2da..f2bcbc17 100755 --- a/onionr/etc/onionrvalues.py +++ b/onionr/etc/onionrvalues.py @@ -28,6 +28,7 @@ MIN_PY_VERSION = 6 DEVELOPMENT_MODE = True MAX_BLOCK_TYPE_LENGTH = 15 MAX_BLOCK_CLOCK_SKEW = 120 +MAIN_PUBLIC_KEY_SIZE = 32 # Begin OnionrValues migrated values ANNOUNCE_POW = 5 diff --git a/onionr/etc/pgpwords.py b/onionr/etc/pgpwords.py deleted file mode 100755 index d045b65a..00000000 --- a/onionr/etc/pgpwords.py +++ /dev/null @@ -1,305 +0,0 @@ -#!/usr/bin/env python -# -*- coding: utf-8 -*- (because 0xFF, even : "Yucatán") - -'''This file is adapted from https://github.com/thblt/pgp-words by github user 'thblt' ('Thibault Polge), GPL v3 license''' - -''' -Changes made for Onionr by Kevin Froman in 2018-2019: -Minor changes such as slight word adjustment, line breaks - -CLI commands/usage function removed -hexify function added -''' - -import os, re, sys, binascii - -_words = [ - ["aardvark", "adroitness"], - ["absurd", "adviser"], - ["accrue", "aftermath"], - ["acme", "aggregate"], - ["adrift", "alkali"], - ["adult", "almighty"], - ["afflict", "amulet"], - ["ahead", "amusement"], - ["aimless", "antenna"], - ["Algol", "applicant"], - ["allow", "Apollo"], - ["alone", "armistice"], - ["ammo", "article"], - ["ancient", "asteroid"], - ["apple", "Atlantic"], - ["artist", "atmosphere"], - ["assume", "autopsy"], - ["Athens", "Babylon"], - ["atlas", "backwater"], - ["Aztec", "barbecue"], - ["baboon", "belowground"], - ["backfield", "bifocals"], - ["backward", "bodyguard"], - ["banjo", "bookseller"], - ["beaming", "borderline"], - ["bedlamp", "bottomless"], - ["beehive", "Bradbury"], - ["beeswax", "bravado"], - ["befriend", "Brazilian"], - ["Belfast", "breakaway"], - ["berserk", "Burlington"], - ["billiard", "businessman"], - ["bison", "butterfat"], - ["blackjack", "Camelot"], - ["blockade", "candidate"], - ["blowtorch", "cannonball"], - ["bluebird", "Capricorn"], - ["bombast", "caravan"], - ["bookshelf", "caretaker"], - ["brackish", "celebrate"], - ["breadline", "cellulose"], - ["breakup", "certify"], - ["brickyard", "chambermaid"], - ["briefcase", "Cherokee"], - ["Burbank", "Chicago"], - ["button", "clergyman"], - ["buzzard", "coherence"], - ["cement", "combustion"], - ["chairlift", "commando"], - ["chatter", "company"], - ["checkup", "component"], - ["chisel", "concurrent"], - ["choking", "confidence"], - ["chopper", "conformist"], - ["Christmas", "congregate"], - ["clamshell", "consensus"], - ["classic", "consulting"], - ["classroom", "corporate"], - ["cleanup", "corrosion"], - ["clockwork", "councilman"], - ["cobra", "crossover"], - ["commence", "crucifix"], - ["concert", "cumbersome"], - ["cowbell", "customer"], - ["crackdown", "Dakota"], - ["cranky", "decadence"], - ["crowfoot", "December"], - ["crucial", "decimal"], - ["crumpled", "designing"], - ["crusade", "detector"], - ["cubic", "detergent"], - ["dashboard", "determine"], - ["deadbolt", "dictator"], - ["deckhand", "dinosaur"], - ["dogsled", "direction"], - ["dragnet", "disable"], - ["drainage", "disbelief"], - ["dreadful", "disruptive"], - ["drifter", "distortion"], - ["dropper", "document"], - ["drumbeat", "embezzle"], - ["drunken", "enchanting"], - ["Dupont", "enrollment"], - ["dwelling", "enterprise"], - ["eating", "equation"], - ["edict", "equipment"], - ["egghead", "escapade"], - ["eightball", "Eskimo"], - ["endorse", "everyday"], - ["endow", "examine"], - ["enlist", "existence"], - ["erase", "exodus"], - ["escape", "fascinate"], - ["exceed", "filament"], - ["eyeglass", "finicky"], - ["eyetooth", "forever"], - ["facial", "fortitude"], - ["fallout", "frequency"], - ["flagpole", "gadgetry"], - ["flatfoot", "Galveston"], - ["flytrap", "getaway"], - ["fracture", "glossary"], - ["framework", "gossamer"], - ["freedom", "graduate"], - ["frighten", "gravity"], - ["gazelle", "guitarist"], - ["Geiger", "hamburger"], - ["glitter", "Hamilton"], - ["glucose", "handiwork"], - ["goggles", "hazardous"], - ["goldfish", "headwaters"], - ["gremlin", "hemisphere"], - ["guidance", "hesitate"], - ["hamlet", "hideaway"], - ["highchair", "holiness"], - ["hockey", "hurricane"], - ["indoors", "hydraulic"], - ["indulge", "impartial"], - ["inverse", "impetus"], - ["involve", "inception"], - ["island", "indigo"], - ["jawbone", "inertia"], - ["keyboard", "infancy"], - ["kickoff", "inferno"], - ["kiwi", "informant"], - ["klaxon", "insincere"], - ["locale", "insurgent"], - ["lockup", "integrate"], - ["merit", "intention"], - ["minnow", "inventive"], - ["miser", "Istanbul"], - ["Mohawk", "Jamaica"], - ["mural", "Jupiter"], - ["music", "leprosy"], - ["necklace", "letterhead"], - ["Neptune", "liberty"], - ["newborn", "maritime"], - ["nightbird", "matchmaker"], - ["Oakland", "maverick"], - ["obtuse", "Medusa"], - ["offload", "megaton"], - ["optic", "microscope"], - ["orca", "microwave"], - ["payday", "midsummer"], - ["peachy", "millionaire"], - ["pheasant", "miracle"], - ["physique", "misnomer"], - ["playhouse", "molasses"], - ["Pluto", "molecule"], - ["preclude", "Montana"], - ["prefer", "monument"], - ["preshrunk", "mosquito"], - ["printer", "narrative"], - ["prowler", "nebula"], - ["pupil", "newsletter"], - ["puppy", "Norwegian"], - ["python", "October"], - ["quadrant", "Ohio"], - ["quiver", "onlooker"], - ["quota", "opulent"], - ["ragtime", "Orlando"], - ["ratchet", "outfielder"], - ["rebirth", "Pacific"], - ["reform", "pandemic"], - ["regain", "Pandora"], - ["reindeer", "paperweight"], - ["rematch", "paragon"], - ["repay", "paragraph"], - ["retouch", "paramount"], - ["revenge", "passenger"], - ["reward", "pedigree"], - ["rhythm", "Pegasus"], - ["ribcage", "penetrate"], - ["ringbolt", "perceptive"], - ["robust", "performance"], - ["rocker", "pharmacy"], - ["ruffled", "phonetic"], - ["sailboat", "photograph"], - ["sawdust", "pioneer"], - ["scallion", "pocketful"], - ["scenic", "politeness"], - ["scorecard", "positive"], - ["Scotland", "potato"], - ["seabird", "processor"], - ["select", "provincial"], - ["sentence", "proximate"], - ["shadow", "puberty"], - ["shamrock", "publisher"], - ["showgirl", "pyramid"], - ["skullcap", "quantity"], - ["skydive", "racketeer"], - ["slingshot", "rebellion"], - ["slowdown", "recipe"], - ["snapline", "recover"], - ["snapshot", "repellent"], - ["snowcap", "replica"], - ["snowslide", "reproduce"], - ["solo", "resistor"], - ["southward", "responsive"], - ["soybean", "retraction"], - ["spaniel", "retrieval"], - ["spearhead", "retrospect"], - ["spellbind", "revenue"], - ["spheroid", "revival"], - ["spigot", "revolver"], - ["spindle", "sandalwood"], - ["spyglass", "sardonic"], - ["stagehand", "Saturday"], - ["stagnate", "savagery"], - ["stairway", "scavenger"], - ["standard", "sensation"], - ["stapler", "sociable"], - ["steamship", "souvenir"], - ["sterling", "specialist"], - ["stockman", "speculate"], - ["stopwatch", "stethoscope"], - ["stormy", "stupendous"], - ["sugar", "supportive"], - ["surmount", "surrender"], - ["suspense", "suspicious"], - ["sweatband", "sympathy"], - ["swelter", "tambourine"], - ["tactics", "telephone"], - ["talon", "therapist"], - ["tapeworm", "tobacco"], - ["tempest", "tolerance"], - ["tiger", "tomorrow"], - ["tissue", "torpedo"], - ["tonic", "tradition"], - ["topmost", "travesty"], - ["tracker", "trombonist"], - ["transit", "truncated"], - ["trauma", "typewriter"], - ["treadmill", "ultimate"], - ["Trojan", "undaunted"], - ["trouble", "underfoot"], - ["tumor", "unicorn"], - ["tunnel", "unify"], - ["tycoon", "universe"], - ["uncut", "unravel"], - ["unearth", "upcoming"], - ["unwind", "vacancy"], - ["uproot", "vagabond"], - ["upset", "vertigo"], - ["upshot", "Virginia"], - ["vapor", "visitor"], - ["village", "vocalist"], - ["virus", "voyager"], - ["Vulcan", "warranty"], - ["waffle", "Waterloo"], - ["wallet", "whimsical"], - ["watchword", "Wichita"], - ["wayside", "Wilmington"], - ["willow", "Wyoming"], - ["woodlark", "yesteryear"], - ["Zulu", "Yucatan"]] - -hexre = re.compile("[a-fA-F0-9]+") - -def wordify(seq): - seq = filter(lambda x: x not in (' ', '\n', '\t'), seq) - seq = "".join(seq) # Python3 compatibility - - if not hexre.match(seq): - raise Exception("Input is not a valid hexadecimal value.") - - if len(seq) % 2: - raise Exception("Input contains an odd number of bytes.") - - ret = [] - for i in range(0, len(seq), 2): - ret.append(_words[int(seq[i:i+2], 16)][(i//2)%2].lower()) - return ret - -def hexify(seq, delim=' '): - ret = b'' - sentence = seq - try: - sentence = seq.split(delim) - except AttributeError: - pass - count = 0 - for word in sentence: - count = 0 - for wordPair in _words: - if word in wordPair: - ret += bytes([(count)]) - count += 1 - return binascii.hexlify(ret) \ No newline at end of file diff --git a/onionr/httpapi/miscclientapi/endpoints.py b/onionr/httpapi/miscclientapi/endpoints.py index 9924258f..c843b309 100644 --- a/onionr/httpapi/miscclientapi/endpoints.py +++ b/onionr/httpapi/miscclientapi/endpoints.py @@ -22,6 +22,9 @@ from httpapi import apiutils import onionrcrypto, config from netcontroller import NetController from serializeddata import SerializedData +from onionrutils import mnemonickeys +from onionrutils import bytesconverter + pub_key = onionrcrypto.pub_key class PrivateEndpoints: def __init__(self, client_api): @@ -100,10 +103,18 @@ class PrivateEndpoints: def getActivePubkey(): return Response(pub_key) + @private_endpoints_bp.route('/getHumanReadable') + def getHumanReadableDefault(): + return Response(mnemonickeys.get_human_readable_ID()) + @private_endpoints_bp.route('/getHumanReadable/') def getHumanReadable(name): return Response(mnemonickeys.get_human_readable_ID(name)) + @private_endpoints_bp.route('/getBase32FromHumanReadable/') + def get_base32_from_human_readable(words): + return Response(bytesconverter.bytes_to_str(mnemonickeys.get_base32(words))) + @private_endpoints_bp.route('/gettorsocks') def get_tor_socks(): return Response(str(client_api._too_many.get(NetController).socksPort)) diff --git a/onionr/onionrcommands/onionrstatistics.py b/onionr/onionrcommands/onionrstatistics.py index f165be2f..0c601b25 100755 --- a/onionr/onionrcommands/onionrstatistics.py +++ b/onionr/onionrcommands/onionrstatistics.py @@ -95,3 +95,6 @@ def show_details(): for detail in details: logger.info('%s%s: \n%s%s\n' % (logger.colors.fg.lightgreen, detail, logger.colors.fg.green, details[detail]), terminal = True) + +show_details.onionr_help = "Shows relevant information for your Onionr install: note address, web password and active public key." +show_stats.onionr_help = "Shows statistics for your Onionr node. Slow if Onionr is not running" diff --git a/onionr/onionrutils/mnemonickeys.py b/onionr/onionrutils/mnemonickeys.py index 527b455f..55484761 100644 --- a/onionr/onionrutils/mnemonickeys.py +++ b/onionr/onionrutils/mnemonickeys.py @@ -18,11 +18,25 @@ along with this program. If not, see . ''' import base64 -from etc import pgpwords + +import mnemonic +import unpaddedbase32 + import onionrcrypto +from etc import onionrvalues + +m = mnemonic.Mnemonic('english') + def get_human_readable_ID(pub=''): '''gets a human readable ID from a public key''' if pub == '': pub = onionrcrypto.pub_key - pub = base64.b16encode(base64.b32decode(pub)).decode() - return ' '.join(pgpwords.wordify(pub)) + + if not len(pub) == onionrvalues.MAIN_PUBLIC_KEY_SIZE: + pub = base64.b32decode(pub) + + return m.to_mnemonic(pub) + +def get_base32(words): + '''converts mnemonic to base32''' + return unpaddedbase32.b32encode(m.to_entropy(words)) diff --git a/onionr/static-data/www/shared/misc.js b/onionr/static-data/www/shared/misc.js index b50b794a..b08c29a8 100755 --- a/onionr/static-data/www/shared/misc.js +++ b/onionr/static-data/www/shared/misc.js @@ -20,7 +20,7 @@ webpass = document.location.hash.replace('#', '') nowebpass = false -myPub = httpGet('/getActivePubkey') +myPub = httpGet('/getHumanReadable') function post_to_url(path, params) { diff --git a/requirements.in b/requirements.in index 28aae67c..7ce9c985 100644 --- a/requirements.in +++ b/requirements.in @@ -10,3 +10,4 @@ unpaddedbase32==0.1.0 streamedrequests==1.0.0 jinja2==2.10.1 toomanyobjs==1.1.0 +mnemonic==0.18 \ No newline at end of file diff --git a/requirements.txt b/requirements.txt index 45b6238c..22b4e281 100644 --- a/requirements.txt +++ b/requirements.txt @@ -137,6 +137,11 @@ markupsafe==1.1.1 \ --hash=sha256:cd5df75523866410809ca100dc9681e301e3c27567cf498077e8551b6d20e42f \ --hash=sha256:e249096428b3ae81b08327a63a485ad0878de3fb939049038579ac0ef61e17e7 \ # via jinja2 +mnemonic==0.18 \ + --hash=sha256:02a7306a792370f4a0c106c2cf1ce5a0c84b9dbd7e71c6792fdb9ad88a727f1d +pbkdf2==1.3 \ + --hash=sha256:ac6397369f128212c43064a2b4878038dab78dab41875364554aaf2a684e6979 \ + # via mnemonic pycparser==2.19 \ --hash=sha256:a988718abfad80b6b157acce7bf130a30876d27603738ac39f140993246b25b3 \ # via cffi @@ -165,8 +170,6 @@ pysocks==1.6.8 \ requests==2.21.0 \ --hash=sha256:502a824f31acdacb3a35b6690b5fbf0bc41d63a24a45c4004352b0242707598e \ --hash=sha256:7bf2a778576d825600030a110f3c0e3e8edc51dfaafe1c146e39a2027784957b -simplenotifications==0.2.18 \ - --hash=sha256:b7efd3d834b1922a3279287913d87fe4ef6fad181ca7edf54bfb8f1d973941e0 six==1.12.0 \ --hash=sha256:3350809f0555b11f552448330d0b52d5f24c91a322ea4a15ef22629740f3761c \ --hash=sha256:d16a0141ec1a18405cd4ce8b4613101da75da0e9a7aec5bdd4fa804d0e0eba73 \