Ace:IMSPython: Difference between revisions
From Adapt
No edit summary |
No edit summary |
||
| Line 146: | Line 146: | ||
=Complete Example= | =Complete Example= | ||
<pre> | |||
import hashlib | |||
import binascii | |||
from suds.client import Client | |||
filename='test2.py' | |||
digFile = open(filename,'rb') | |||
hashAlg = hashlib.sha256() | |||
hashAlg.update(digFile.read()) | |||
binarydigest = hashAlg.digest() | |||
filedigest = binascii.b2a_hex(binarydigest) | |||
url='http://ims.umiacs.umd.edu:8080/ace-ims/IMSWebService?wsdl' | |||
client = Client(url) | |||
print '---File to secure:' | |||
print filename, ' ', filedigest | |||
request = client.factory.create('tokenRequest') | |||
request.hashValue = filedigest | |||
request.name = filename | |||
token = client.service.requestTokensImmediate('SHA-256-0',request) | |||
print '\n---Token Generated' | |||
print 'Round:', token[0].roundId, ' Date:', token[0].timestamp | |||
print token[0].proofElements | |||
rounds = client.service.getRoundSummaries(token[0].roundId) | |||
print '\n---Requested Round Hash' | |||
print 'Round hash:', rounds[0].hashValue | |||
print '\n---Computing proof' | |||
level = 0 | |||
prevhash = binarydigest | |||
for element in token[0].proofElements: | |||
i = 0 | |||
hashAlg = hashlib.sha256() | |||
# create level by converting hashes to bytes and inserting | |||
# previous level where necessary | |||
for strhash in element.hashes: | |||
if i == element.index: | |||
hashAlg.update(prevhash) | |||
hashAlg.update(binascii.a2b_hex(strhash)) | |||
i = i + 1 | |||
# in case index is last item | |||
if i == element.index: | |||
hashAlg.update(prevhash) | |||
prevhash = hashAlg.digest() | |||
print 'Level:',level, '( index:',element.index,') ', binascii.b2a_hex(prevhash) | |||
level = level + 1 | |||
print '\n---Comparing Round to Proof' | |||
print rounds[0].hashValue | |||
print binascii.b2a_hex(prevhash) | |||
print 'Equal:',binascii.b2a_hex(prevhash) == rounds[0].hashValue | |||
</pre> | |||
And now the output: | |||
<pre> | |||
[python] [toaster@loach ace-cli]$ python test2.py | |||
---File to secure: | |||
test2.py 8637a62b365b82ea32d98859d9383dd6e0ecae196821df7b432988d5284ab84e | |||
---Token Generated | |||
Round: 2895470 Date: 2011-01-07 14:46:46.000473 | |||
[(proofElement){ | |||
hashes[] = | |||
"6e29363fd205cea2d07fd0e9319982f5b32322a9e9450b5520384df715282e1c", | |||
index = 0 | |||
}, (proofElement){ | |||
hashes[] = | |||
"9941e51555f20cf2bcaa478ca91932734131a697bfad613c8a9c1c95b4b55ec3", | |||
index = 0 | |||
}, (proofElement){ | |||
hashes[] = | |||
"b7f7469e851ca4501e5941f99be9e8b883291404a53bdaf1848da317228cd4c2", | |||
index = 0 | |||
}, (proofElement){ | |||
hashes[] = | |||
"aa0b940e1fb04caa3e54b89e78412424970066017ee1dc7eb31d733f43a98ebe", | |||
index = 1 | |||
}] | |||
---Requested Round Hash | |||
Round hash: 1a4a52a7ab22ce7298f39097743460fc995957c4222117c19a49f9812134daa6 | |||
---Computing proof | |||
Level: 0 ( index: 0 ) 2f109b4c0dd6f1210419755e6772c11a4bccd491bf2c36aa206d2ae98e8b5350 | |||
Level: 1 ( index: 0 ) 2be8b53ffe64f9ba9910f028cd2bd8b33e01e68d8904fa58998e0b7b5da72760 | |||
Level: 2 ( index: 0 ) 494189c93ad5b55beaaa9760311840149ee1ae7cfd411e2d616d3073bcf3c04a | |||
Level: 3 ( index: 1 ) 1a4a52a7ab22ce7298f39097743460fc995957c4222117c19a49f9812134daa6 | |||
---Comparing Round to Proof | |||
1a4a52a7ab22ce7298f39097743460fc995957c4222117c19a49f9812134daa6 | |||
1a4a52a7ab22ce7298f39097743460fc995957c4222117c19a49f9812134daa6 | |||
Equal: True | |||
</pre> | |||
Revision as of 19:49, 7 January 2011
Using the python suds library it's fairly trivial to request tokens from the ACE IMS service.
- https://fedorahosted.org/suds/ - suds library, examples use .4
Validating ace tokens is described in on the ims overview page and token store example page
Request One Token
from suds.client import Client
url='http://ims.umiacs.umd.edu:8080/ace-ims/IMSWebService?wsdl'
client = Client(url)
request = client.factory.create('tokenRequest')
request.hashValue = '4ed9ba3d9c7e3e092d0b0e3441f04574'
request.name = 'MyFile'
result = client.service.requestTokensImmediate('SHA-256-0',reqlist)
print result
Here's the result of running it:
[python] [toaster@loach ace-cli]$ python test2.py
[(tokenResponse){
digestService = "SHA-256"
name = "somename"
proofElements[] =
(proofElement){
hashes[] =
"9129f93bc8ac2d93e35aa6206298fb8616690211a8563db51cf2ea1159682692",
index = 0
},
(proofElement){
hashes[] =
"34bd07cc18a7ab1a47467081dcb21a6ca1857b1d3bdc12106ba2fd538b3bafbd",
index = 0
},
(proofElement){
hashes[] =
"8a2042da9a114a41cf3738a841d65336af5b864ed6be8484c6bae4a4ac9e65a1",
index = 0
},
(proofElement){
hashes[] =
"e95826668c3f301bef729e60157bbd3dbc346859ceee71655a9a065106276d72",
index = 1
},
roundId = 2892850
statusCode = 100
timestamp = 2011-01-07 12:59:36.000013
tokenClassName = "SHA-256-0"
}]
Secure One File
Using hashlib, and binascii we can use python to both generate a digest and grab an ace token for that digest.
import hashlib
import binascii
from suds.client import Client
filename='test2.py'
digFile = open(filename,'rb')
hashAlg = hashlib.sha256()
hashAlg.update(digFile.read())
filedigest = binascii.b2a_hex(hashAlg.digest())
url='http://ims.umiacs.umd.edu:8080/ace-ims/IMSWebService?wsdl'
client = Client(url)
print filename, ' ', filedigest
request = client.factory.create('tokenRequest')
request.hashValue = filedigest
request.name = filename
result = client.service.requestTokensImmediate('SHA-256-0',request)
print result
And the output:
[python] [toaster@loach ace-cli]$ python test2.py
test2.py 164182eef9792e2e1c5005cd9240ff508aef042b8fa344597431eae39370c784
[(tokenResponse){
digestService = "SHA-256"
name = "test2.py"
proofElements[] =
(proofElement){
hashes[] =
"c5e82872eeee3dfa539202a9757f8a5364b6fded4dfcb40b66084158f2b5c627",
index = 0
},
(proofElement){
hashes[] =
"6e16a71847403f4e586625463160993bfab189c0bba771d81354c03d9c3591fd",
index = 0
},
(proofElement){
hashes[] =
"0879b385c366d07142446a18dfb6d19c468a733991e9685fc75ce6f4b929b659",
index = 0
},
(proofElement){
hashes[] =
"e19dd18bd9eabf79a074d72231a7117bd2319a859d31a429575b4657e85d0c95",
index = 1
},
roundId = 2893078
statusCode = 100
timestamp = 2011-01-07 13:08:27.000253
tokenClassName = "SHA-256-0"
}]
Bulk sending
Rather than sending one token per request, you should create batches to send. Just send a 'list' of tokenRequest objects to requestTokensImmediate. The IMS currently supports up to 10,000 tokens per request.
Round Requests
You can request the round hashes for one or more rounds using getRoundSummaries.
from suds.client import Client url='http://ims.umiacs.umd.edu:8080/ace-ims/IMSWebService?wsdl' client = Client(url) result = client.service.getRoundSummaries(2893078) print result[0].id print result[0].hashValue
output
[python] [toaster@loach ace-cli]$ python test2.py 2893078 1324d496da42e04347c74001f8bd948b31fa296419ee49246ba5494970b16752
Complete Example
import hashlib
import binascii
from suds.client import Client
filename='test2.py'
digFile = open(filename,'rb')
hashAlg = hashlib.sha256()
hashAlg.update(digFile.read())
binarydigest = hashAlg.digest()
filedigest = binascii.b2a_hex(binarydigest)
url='http://ims.umiacs.umd.edu:8080/ace-ims/IMSWebService?wsdl'
client = Client(url)
print '---File to secure:'
print filename, ' ', filedigest
request = client.factory.create('tokenRequest')
request.hashValue = filedigest
request.name = filename
token = client.service.requestTokensImmediate('SHA-256-0',request)
print '\n---Token Generated'
print 'Round:', token[0].roundId, ' Date:', token[0].timestamp
print token[0].proofElements
rounds = client.service.getRoundSummaries(token[0].roundId)
print '\n---Requested Round Hash'
print 'Round hash:', rounds[0].hashValue
print '\n---Computing proof'
level = 0
prevhash = binarydigest
for element in token[0].proofElements:
i = 0
hashAlg = hashlib.sha256()
# create level by converting hashes to bytes and inserting
# previous level where necessary
for strhash in element.hashes:
if i == element.index:
hashAlg.update(prevhash)
hashAlg.update(binascii.a2b_hex(strhash))
i = i + 1
# in case index is last item
if i == element.index:
hashAlg.update(prevhash)
prevhash = hashAlg.digest()
print 'Level:',level, '( index:',element.index,') ', binascii.b2a_hex(prevhash)
level = level + 1
print '\n---Comparing Round to Proof'
print rounds[0].hashValue
print binascii.b2a_hex(prevhash)
print 'Equal:',binascii.b2a_hex(prevhash) == rounds[0].hashValue
And now the output:
[python] [toaster@loach ace-cli]$ python test2.py
---File to secure:
test2.py 8637a62b365b82ea32d98859d9383dd6e0ecae196821df7b432988d5284ab84e
---Token Generated
Round: 2895470 Date: 2011-01-07 14:46:46.000473
[(proofElement){
hashes[] =
"6e29363fd205cea2d07fd0e9319982f5b32322a9e9450b5520384df715282e1c",
index = 0
}, (proofElement){
hashes[] =
"9941e51555f20cf2bcaa478ca91932734131a697bfad613c8a9c1c95b4b55ec3",
index = 0
}, (proofElement){
hashes[] =
"b7f7469e851ca4501e5941f99be9e8b883291404a53bdaf1848da317228cd4c2",
index = 0
}, (proofElement){
hashes[] =
"aa0b940e1fb04caa3e54b89e78412424970066017ee1dc7eb31d733f43a98ebe",
index = 1
}]
---Requested Round Hash
Round hash: 1a4a52a7ab22ce7298f39097743460fc995957c4222117c19a49f9812134daa6
---Computing proof
Level: 0 ( index: 0 ) 2f109b4c0dd6f1210419755e6772c11a4bccd491bf2c36aa206d2ae98e8b5350
Level: 1 ( index: 0 ) 2be8b53ffe64f9ba9910f028cd2bd8b33e01e68d8904fa58998e0b7b5da72760
Level: 2 ( index: 0 ) 494189c93ad5b55beaaa9760311840149ee1ae7cfd411e2d616d3073bcf3c04a
Level: 3 ( index: 1 ) 1a4a52a7ab22ce7298f39097743460fc995957c4222117c19a49f9812134daa6
---Comparing Round to Proof
1a4a52a7ab22ce7298f39097743460fc995957c4222117c19a49f9812134daa6
1a4a52a7ab22ce7298f39097743460fc995957c4222117c19a49f9812134daa6
Equal: True
