mirror of
https://github.com/varun-r-mallya/py-libp2p.git
synced 2025-12-31 20:36:24 +00:00
bdadec7519
* fix pyproject.toml , add ruff * rm lock * make progress * add poetry lock ignore * fix type issues * fix tcp type errors * fix text example - type error - wrong args * add setuptools to dev * test ci * fix docs build * fix type issues for new_swarm & new_host * fix types in gossipsub * fix type issues in noise * wip: factories * revert factories * fix more type issues * more type fixes * fix: add null checks for noise protocol initialization and key handling * corrected argument-errors in peerId and Multiaddr in peer tests * fix: Noice - remove redundant type casts in BaseNoiseMsgReadWriter * fix: update test_notify.py to use SwarmFactory.create_batch_and_listen, fix type hints, and comment out ClosedStream assertions * Fix type checks for pubsub module Signed-off-by: sukhman <sukhmansinghsaluja@gmail.com> * Fix type checks for pubsub module-tests Signed-off-by: sukhman <sukhmansinghsaluja@gmail.com> * noise: add checks for uninitialized protocol and key states in PatternXX Signed-off-by: varun-r-mallya <varunrmallya@gmail.com> * pubsub: add None checks for optional fields in FloodSub and Pubsub Signed-off-by: varun-r-mallya <varunrmallya@gmail.com> * Fix type hints and improve testing Signed-off-by: varun-r-mallya <varunrmallya@gmail.com> * remove redundant checks Signed-off-by: varun-r-mallya <varunrmallya@gmail.com> * fix build issues * add optional to trio service * fix types * fix type errors * Fix type errors Signed-off-by: varun-r-mallya <varunrmallya@gmail.com> * fixed more-type checks in crypto and peer_data files * wip: factories * replaced union with optional * fix: type-error in interp-utils and peerinfo * replace pyright with pyrefly * add pyrefly.toml * wip: fix multiselect issues * try typecheck * base check * mcache test fixes , typecheck ci update * fix ci * will this work * minor fix * use poetry * fix wokflow * use cache,fix err * fix pyrefly.toml * fix pyrefly.toml * fix cache in ci * deploy commit * add main baseline * update to v5 * improve typecheck ci (#14) * fix typo * remove holepunching code (#16) * fix gossipsub typeerrors (#17) * fix: ensure initiator user includes remote peer id in handshake (#15) * fix ci (#19) * typefix: custom_types | core/peerinfo/test_peer_info | io/abc | pubsub/floodsub | protocol_muxer/multiselect (#18) * fix: Typefixes in PeerInfo (#21) * fix minor type issue (#22) * fix type errors in pubsub (#24) * fix: Minor typefixes in tests (#23) * Fix failing tests for type-fixed test/pubsub (#8) * move pyrefly & ruff to pyproject.toml & rm .project-template (#28) * move the async_context file to tests/core * move crypto test to crypto folder * fix: some typefixes (#25) * fix type errors * fix type issues * fix: update gRPC API usage in autonat_pb2_grpc.py (#31) * md: typecheck ci * rm comments * clean up : from review suggestions * use | None over Optional as per new python standards * drop supporto for py3.9 * newsfragments --------- Signed-off-by: sukhman <sukhmansinghsaluja@gmail.com> Signed-off-by: varun-r-mallya <varunrmallya@gmail.com> Co-authored-by: acul71 <luca.pisani@birdo.net> Co-authored-by: kaneki003 <sakshamchauhan707@gmail.com> Co-authored-by: sukhman <sukhmansinghsaluja@gmail.com> Co-authored-by: varun-r-mallya <varunrmallya@gmail.com> Co-authored-by: varunrmallya <100590632+varun-r-mallya@users.noreply.github.com> Co-authored-by: lla-dane <abhinavagarwalla6@gmail.com> Co-authored-by: Collins <ArtemisfowlX@protonmail.com> Co-authored-by: Abhinav Agarwalla <120122716+lla-dane@users.noreply.github.com> Co-authored-by: guha-rahul <52607971+guha-rahul@users.noreply.github.com> Co-authored-by: Sukhman Singh <63765293+sukhman-sukh@users.noreply.github.com> Co-authored-by: acul71 <34693171+acul71@users.noreply.github.com> Co-authored-by: pacrob <5199899+pacrob@users.noreply.github.com>
131 lines
3.6 KiB
Python
131 lines
3.6 KiB
Python
from dataclasses import (
|
|
dataclass,
|
|
)
|
|
import hmac
|
|
|
|
from Crypto.Cipher import (
|
|
AES,
|
|
)
|
|
import Crypto.Util.Counter as Counter
|
|
|
|
|
|
class InvalidMACException(Exception):
|
|
pass
|
|
|
|
|
|
@dataclass(frozen=True)
|
|
class EncryptionParameters:
|
|
cipher_type: str
|
|
hash_type: str
|
|
iv: bytes
|
|
mac_key: bytes
|
|
cipher_key: bytes
|
|
|
|
|
|
class MacAndCipher:
|
|
def __init__(self, parameters: EncryptionParameters) -> None:
|
|
self.authenticator = hmac.new(
|
|
parameters.mac_key, digestmod=parameters.hash_type
|
|
)
|
|
iv_bit_size = 8 * len(parameters.iv)
|
|
cipher = AES.new(
|
|
parameters.cipher_key,
|
|
AES.MODE_CTR,
|
|
counter=Counter.new(
|
|
iv_bit_size,
|
|
initial_value=int.from_bytes(parameters.iv, byteorder="big"),
|
|
),
|
|
)
|
|
self.cipher = cipher
|
|
|
|
def encrypt(self, data: bytes) -> bytes:
|
|
return self.cipher.encrypt(data)
|
|
|
|
def authenticate(self, data: bytes) -> bytes:
|
|
authenticator = self.authenticator.copy()
|
|
authenticator.update(data)
|
|
return authenticator.digest()
|
|
|
|
def decrypt_if_valid(self, data_with_tag: bytes) -> bytes:
|
|
tag_position = len(data_with_tag) - self.authenticator.digest_size
|
|
data = data_with_tag[:tag_position]
|
|
tag = data_with_tag[tag_position:]
|
|
|
|
authenticator = self.authenticator.copy()
|
|
authenticator.update(data)
|
|
expected_tag = authenticator.digest()
|
|
|
|
if not hmac.compare_digest(tag, expected_tag):
|
|
raise InvalidMACException(expected_tag, tag)
|
|
|
|
return self.cipher.decrypt(data)
|
|
|
|
|
|
def initialize_pair(
|
|
cipher_type: str, hash_type: str, secret: bytes
|
|
) -> tuple[EncryptionParameters, EncryptionParameters]:
|
|
"""
|
|
Return a pair of ``Keys`` for use in securing a communications channel
|
|
with authenticated encryption derived from the ``secret`` and using the
|
|
requested ``cipher_type`` and ``hash_type``.
|
|
"""
|
|
if cipher_type != "AES-128":
|
|
raise NotImplementedError()
|
|
if hash_type != "SHA256":
|
|
raise NotImplementedError()
|
|
|
|
iv_size = 16
|
|
cipher_key_size = 16
|
|
hmac_key_size = 20
|
|
seed = b"key expansion"
|
|
|
|
params_size = iv_size + cipher_key_size + hmac_key_size
|
|
result = bytearray(2 * params_size)
|
|
|
|
authenticator = hmac.new(secret, digestmod=hash_type)
|
|
authenticator.update(seed)
|
|
tag = authenticator.digest()
|
|
|
|
i = 0
|
|
len_result = 2 * params_size
|
|
while i < len_result:
|
|
authenticator = hmac.new(secret, digestmod=hash_type)
|
|
|
|
authenticator.update(tag)
|
|
authenticator.update(seed)
|
|
|
|
another_tag = authenticator.digest()
|
|
|
|
remaining_bytes = len(another_tag)
|
|
|
|
if i + remaining_bytes > len_result:
|
|
remaining_bytes = len_result - i
|
|
|
|
result[i : i + remaining_bytes] = another_tag[0:remaining_bytes]
|
|
|
|
i += remaining_bytes
|
|
|
|
authenticator = hmac.new(secret, digestmod=hash_type)
|
|
authenticator.update(tag)
|
|
tag = authenticator.digest()
|
|
|
|
first_half = result[:params_size]
|
|
second_half = result[params_size:]
|
|
|
|
return (
|
|
EncryptionParameters(
|
|
cipher_type,
|
|
hash_type,
|
|
bytes(first_half[0:iv_size]),
|
|
bytes(first_half[iv_size + cipher_key_size :]),
|
|
bytes(first_half[iv_size : iv_size + cipher_key_size]),
|
|
),
|
|
EncryptionParameters(
|
|
cipher_type,
|
|
hash_type,
|
|
bytes(second_half[0:iv_size]),
|
|
bytes(second_half[iv_size + cipher_key_size :]),
|
|
bytes(second_half[iv_size : iv_size + cipher_key_size]),
|
|
),
|
|
)
|