finally! abolishing private key property

4 years ago · 4b01b412ff
parent 70c1846838
commit 4b01b412ff
4 changed files with 31 additions and 20 deletions
--- a/komrade/backend/callers.py
+++ b/komrade/backend/callers.py
@ -39,12 +39,6 @@ class Caller(Operator):
            'passphrase':hashish(passphrase.encode())
        }

-        req_json['key_types'] = {**KEYMAKER_DEFAULT_KEY_TYPES}
-        req_json['keys_to_save']=['pubkey_encr','privkey_encr','adminkey_encr']
-        req_json['keys_to_return']=['pubkey_decr',
-                                    'privkey_decr_encr', 'privkey_decr_decr',
-                                    'adminkey_decr_encr', 'adminkey_decr_decr']
-
        phone_res = self.phone.ask_operator(json_phone = req_json, caller=self)
        name = phone_res.get('name')
        returned_keys = phone_res.get('_keychain')
--- a/komrade/backend/the_operator.py
+++ b/komrade/backend/the_operator.py
@ -189,19 +189,32 @@ class TheOperator(Operator):


 def init_operators():
-    op = Operator(name=OPERATOR_NAME)
-    phone = Operator(name=OPERATOR_NAME)

+    ## CREATE OPERATOR
+    op = Operator(name=OPERATOR_NAME)
+    
    # save what we normally save for a client on the server -- The Op is a client from our pov
+    op_keys_to_keep_on_client = ['pubkey_decr']  # we only store one half of one key about Op on clients
+
+    # rest we keep on server, except for one we kept on client
+    op_keys_to_keep_on_server = [x for x in KEYMAKER_DEFAULT_KEYS_TO_RETURN if x not in op_keys_to_keep_on_client]
+    op_keys_to_keep_on_server.append('pubkey_encr')

    op_decr_keys = op.forge_new_keys(
-        keys_to_save=KEYMAKER_DEFAULT_KEYS_TO_RETURN,  # on server only; flipped around
-        keys_to_return=KEYMAKER_DEFAULT_KEYS_TO_SAVE+['pubkey'] # on clients only
+        keys_to_save=op_keys_to_keep_on_server,  # on server only; flipped around
+        keys_to_return=op_keys_to_keep_on_client # on clients only
    )

+
+    ## CREATE TELEPHONE
+    phone = Operator(name=OPERATOR_NAME)
+
+    phone_keys_to_keep_on_server = KEYMAKER_DEFAULT_KEYS_TO_SAVE
+    phone_keys_to_keep_on_client = ['privkey','adminkey','pubkey_decr']
+
    phone_decr_keys = phone.forge_new_keys(
-        keys_to_save=KEYMAKER_DEFAULT_KEYS_TO_SAVE,  # on server only
-        keys_to_return=KEYMAKER_DEFAULT_KEYS_TO_RETURN+['privkey']   # on clients only
+        keys_to_save=phone_keys_to_keep_on_server,  # on server only
+        keys_to_return=phone_keys_to_keep_on_client   # on clients only
    )

    print('\n'*5)
--- a/komrade/backend/the_telephone.py
+++ b/komrade/backend/the_telephone.py
@ -49,14 +49,15 @@ class TheTelephone(Operator):
        json_caller = {json_caller}""")

        op_keychain = unpackage_from_transmission(OPERATOR_KEYCHAIN)
+        phone_keychain = unpackage_from_transmission(TELEPHONE_KEYCHAIN)
+
        self.log('op_keychain',op_keychain)


        # 1) unencr header
        # telephone_pubkey_decr | op_pubkey_decr | op_privkey_decr
-        unencr_header = TELEPHONE_KEYCHAIN['pubkey_decr']
-        unencr_header += BSEP2 + op_keychain['pubkey_decr']
-        unencr_header += BSEP2 + op_keychain['privkey_decr']
+        unencr_header = phone_keychain['pubkey_decr']
+        unencr_header += BSEP2 + op_keychain['pubkey_encr']

        # 2) caller privkey?
        from_caller_privkey=caller.privkey_ if caller and json_caller else None
--- a/komrade/constants.py
+++ b/komrade/constants.py
@ -54,12 +54,14 @@ OPERATOR_INTERCEPT_MESSAGE = "If you'd like to make a call, please hang up and t
 # KEYMAKER_DEFAULT_KEYS_TO_RETURN =  ['pubkey_decr_encr', 'privkey_decr_encr', 'adminkey_decr_encr']


+# defaults oriented to Callers
 KEYMAKER_DEFAULT_KEYS_TO_SAVE = ['pubkey_encr']

-KEYMAKER_DEFAULT_KEYS_TO_RETURN = ['privkey_encr', 'adminkey_encr',
+KEYMAKER_DEFAULT_KEYS_TO_RETURN = ['privkey_encr',
+                                   'adminkey_encr',
                                   'pubkey_decr',
-                                   'privkey_decr_encr', 'adminkey_decr_encr',
-                                   'privkey_decr_decr', 'adminkey_decr_decr']
+                                   'privkey_decr_encr', 'privkey_decr_decr'
+                                   'adminkey_decr_encr', 'adminkey_decr_decr']

 KEYMAKER_DEFAULT_KEYS_TO_GEN =  ['pubkey','privkey','adminkey',
                                 'pubkey_decr','privkey_decr', 'adminkey_decr']
@ -112,6 +114,7 @@ WHY_MSG = 'Forge the password of memory: '



-OPERATOR_KEYCHAIN = b'eyJwdWJrZXlfZW5jciI6IkFBRUJRQXdBQUFBUUFBQUFMUUFBQU9tQkdQUEdLN25peUNFZkQ1b1N3TzdLMHo1YzNOblZ3TDZocTBWYVwvUzJqdzg1cTVtbEU0SHQ1czIxRUVGcmxzUThZNDExZGhJaHBYTkcyTm1uZXhSNGVuWlwvNjNyeElGMVE9IiwicHVia2V5IjoiVlVWRE1nQUFBQzJLZmhsaUFsK3JrZzhyUkN6RG1SR2x5Y3ppUGJoS3RFZmpEOFV0NHNkNE55MWV2TEhaIn0='

-TELEPHONE_KEYCHAIN = b'eyJwcml2a2V5X2VuY3IiOiJBQUVCUUF3QUFBQVFBQUFBTFFBQUFBUTBmdEFLMkdhZVo5QzNIc2NFZUpPU2w3b25BeVlZV2FZbW9TMDFCUnFcL3NBTTBkd1NDeGZGenRjNm03NVNYU2hONVM4QVFDOFhIamZ1aTBOWXRNUmpBNzZsMHdvM09jSEk9IiwiYWRtaW5rZXlfZW5jciI6IkFBRUJRQXdBQUFBUUFBQUFJQUFBQUhyY2lQM2FMZWI0dVFBZVdlTEJOcDNOOHdDNmJZWVFlNlpjSllCTDlrUW9jczZUODdnTkljNWxcL0p2bWFNbnFPSjBcL3Zka3dJT3FPT2NKT01BPT0iLCJwdWJrZXlfZGVjciI6ImNZWmZ4aDZ5TVZqUFBZcWxMSWZ2SjBpTTU2TGVMRjFUNFV0T1wvTk5YRlJJPSIsInByaXZrZXlfZGVjcl9lbmNyIjoiQUFFQlFRd0FBQUFRQUFBQUlBQUFBQllBQUFESGZrYUlTYWM1K2lPaUlLVFpucW5velZoQnhOclF4MUU2NnFJSlFBMERBQkFBWGRRbFFFcWk2ZTN5OGUyeFNzVTdmbU1URTQ0bnRXNlRsYmZhK1pibG1GNExiTEZOY1RKT0UzUVpkZDljNkNqSCIsImFkbWlua2V5X2RlY3JfZW5jciI6IkFBRUJRUXdBQUFBUUFBQUFJQUFBQUJZQUFBRDFWZEdramVMMzR4ZllDeHNQYjIxZm9Ebkw2eVFESFBJejJrN2tRQTBEQUJBQVcwMHhDdkozR0Ruemx0VFBxdnVlVWs4bW50cDRiWE95eGcyOW02dDllSEVxNjNBXC9IdWV0MkJxM1hXV2xqU2tPIiwicHJpdmtleV9kZWNyX2RlY3IiOiJjM2x0YldWMGNtbGpYMnRsZVY5M2FYUm9YM0JoYzNOd2FISmhjMlU9IiwiYWRtaW5rZXlfZGVjcl9kZWNyIjoiYzNsdGJXVjBjbWxqWDJ0bGVWOTNhWFJvWDNCaGMzTndhSEpoYzJVPSIsInByaXZrZXkiOiJVa1ZETWdBQUFDMFFhekhXQUExeFJxVWxTbSs5cjk4bFdqek1SamFTTW5QWnl6UjBWV3JXeEZGcGRwU2MifQ=='
+OPERATOR_KEYCHAIN = b'eyJwdWJrZXlfZW5jciI6IkFBRUJRQXdBQUFBUUFBQUFMUUFBQUJQN2RSYk5Lak0rSVdPZlh1aDVXQ1wvZmxxcnBGSkJGbUlYWWU1UlVuV3A5ekVRUVRldE44dkNjMlFjWHNiMG1qZnJGRWJIWUVWN3ZoXC81TUdWOUc4SktxbERxTVMzcm81TGc9IiwicHVia2V5IjoiVlVWRE1nQUFBQzJFS1pHSUF2bzZmSnQyY1pLMEVyamtcLzBqMCt5blpLRVFcL1VHejdpUE9PT1J4RzAyUE0ifQ=='
+
+TELEPHONE_KEYCHAIN = b'eyJwcml2a2V5X2VuY3IiOiJBQUVCUUF3QUFBQVFBQUFBTFFBQUFJVHJDWVFyZ3V3OStDZGNQZ1ZkbDFsUnNuYWtkNXRENGtLWVhlS1RvcFMzV3JxR0lCNytvNVc4TnQ0dUkwWXpEeFQ5RHZYbW1ZTmk1RTU4eFB0QlZmVjc0d3BUcFkwbVR3RT0iLCJhZG1pbmtleV9lbmNyIjoiQUFFQlFBd0FBQUFRQUFBQUlBQUFBSGo1d2ZjZ1R3QjZ1bmIrMUlPUTQwRGpyOHZSa2d3TVd3UGdoa3h0cENxdUhrQ1pcLzJvZ3pxcEU0SjN2RHRvMHllME41T3FVWXBSQmRkXC9mdGc9PSIsInB1YmtleV9kZWNyIjoiWmZRN3M2R3RIVjNEZjBtd2hNZ1VNNjFydWxHbDl0Z2U2TmRtcnV3R25LZz0iLCJwcml2a2V5X2RlY3JfZW5jciI6IkFBRUJRUXdBQUFBUUFBQUFJQUFBQUJZQUFBQW1HM2d3SDExME91eTdHOHVVdkdWcGhqK0JzMWFaUlpnWWNSSWtRQTBEQUJBQWtCZFNxR2gxc0x4Zm1nVlNNcldHKzZYMndzYnhpYjVSUkFvU1VJQkpGbHkxY21xR1hZYStjcmJ4VGdxWElUUm0iLCJhZG1pbmtleV9kZWNyX2VuY3IiOiJBQUVCUVF3QUFBQVFBQUFBSUFBQUFCWUFBQUNvaGFBdmZEc3phdFlCTWV5anRUdStobnhrUEVsVEFJS1dVTk43UUEwREFCQUFQd1RqNnZaTUdhS2JWUlFGRXBUVFZDQVZCTUE0WlYyZ3BDM2Y2MERubW9vUkJUK3NcL0FLTjZOcDlnUHhqZjF4NCIsInByaXZrZXlfZGVjcl9kZWNyIjoiYzNsdGJXVjBjbWxqWDJ0bGVWOTNhWFJvWDNCaGMzTndhSEpoYzJVPSIsImFkbWlua2V5X2RlY3JfZGVjciI6ImMzbHRiV1YwY21salgydGxlVjkzYVhSb1gzQmhjM053YUhKaGMyVT0iLCJwcml2a2V5IjoiVWtWRE1nQUFBQzIyK2pVa0FJQlN0eHRMNlBWb21wR095S0Q3SDVBWENjcWZibGxpUFNKdmRiY1l6SmkyIn0='