Personal tools

Ace:IMSPython: Difference between revisions

From Adapt

Jump to: navigation, search
No edit summary
No edit summary
Line 146: Line 146:


=Complete Example=
=Complete Example=
This example will read a file, compute its digest and request a token. It will then recompute the round hash using the


<pre>
<pre>
Line 166: Line 168:
print filename, ' ', filedigest
print filename, ' ', filedigest


print '\n---Token Response from IMS'
request = client.factory.create('tokenRequest')
request = client.factory.create('tokenRequest')
request.hashValue = filedigest
request.hashValue = filedigest
request.name = filename
request.name = filename
token = client.service.requestTokensImmediate('SHA-256-0',request)
token = client.service.requestTokensImmediate('SHA-256-0',request)
print '\n---Token Generated'
print 'Round:',  token[0].roundId, ' Date:', token[0].timestamp
print 'Round:',  token[0].roundId, ' Date:', token[0].timestamp
print token[0].proofElements
print token[0].proofElements


rounds = client.service.getRoundSummaries(token[0].roundId)
print '\n---Requested Round Hash'
print 'Round hash:', rounds[0].hashValue


print '\n---Computing proof'
print '\n---Computing proof'
Line 187: Line 186:
     hashAlg = hashlib.sha256()
     hashAlg = hashlib.sha256()
     # create level by converting hashes to bytes and inserting  
     # create level by converting hashes to bytes and inserting  
     # previous level where necessary
     # previous level where necessary, first level uses file hash
     for strhash in element.hashes:
     for strhash in element.hashes:
         if i == element.index:
         if i == element.index:
Line 194: Line 193:
         i = i + 1
         i = i + 1


     # in case index is last item
     # in case previous level is to be inserted at end
     if i == element.index:
     if i == element.index:
         hashAlg.update(prevhash)
         hashAlg.update(prevhash)
Line 201: Line 200:
     level = level + 1
     level = level + 1


print '\n---Comparing Round to Proof'
print '\n---Requesting Round Hash for',token[0].roundId
rounds = client.service.getRoundSummaries(token[0].roundId)
print 'Round hash:', rounds[0].hashValue
 
print '\n---Comparing Round Hash to computed proof hash'
print rounds[0].hashValue
print rounds[0].hashValue
print binascii.b2a_hex(prevhash)
print binascii.b2a_hex(prevhash)
Line 211: Line 214:
[python] [toaster@loach ace-cli]$ python test2.py
[python] [toaster@loach ace-cli]$ python test2.py
---File to secure:
---File to secure:
test2.py  8637a62b365b82ea32d98859d9383dd6e0ecae196821df7b432988d5284ab84e
test2.py  1f9bf12fc4e402d6cad8b36f9f6e0482af14add1b00f0f5aff2197309483a199


---Token Generated
---Token Response from IMS
Round: 2895470 Date: 2011-01-07 14:46:46.000473
Round: 2895642 Date: 2011-01-07 14:54:21.000883
[(proofElement){
[(proofElement){
   hashes[] =  
   hashes[] =  
       "6e29363fd205cea2d07fd0e9319982f5b32322a9e9450b5520384df715282e1c",
       "31ed6c99ea3932bd2cbc8db0e42fc7bd028a773ac7e2359785f55fe076a6492b",
   index = 0
   index = 0
  }, (proofElement){
  }, (proofElement){
   hashes[] =  
   hashes[] =  
       "9941e51555f20cf2bcaa478ca91932734131a697bfad613c8a9c1c95b4b55ec3",
       "be071a2271d0be7633e986c4463cbc3fc39e244d75948000c41583e78d0398e3",
   index = 0
   index = 0
  }, (proofElement){
  }, (proofElement){
   hashes[] =  
   hashes[] =  
       "b7f7469e851ca4501e5941f99be9e8b883291404a53bdaf1848da317228cd4c2",
       "2cb53579297ff25fa6492e6f9b4cc130acf379f1061e31d2e5fd65da734c0f91",
   index = 0
   index = 0
  }, (proofElement){
  }, (proofElement){
   hashes[] =  
   hashes[] =  
       "aa0b940e1fb04caa3e54b89e78412424970066017ee1dc7eb31d733f43a98ebe",
       "439e40fbeae4635d014091ed93324cd467c61a3848516ee99d2c0bb20e02e7cf",
   index = 1
   index = 1
  }]
  }]


---Requested Round Hash
---Computing proof
Round hash: 1a4a52a7ab22ce7298f39097743460fc995957c4222117c19a49f9812134daa6
Level: 0 ( index: 0 )  f91649510d117b361d6023b8846f12f273de0e25fab257d94be774a77bd222c6
Level: 1 ( index: 0 )  1d56960d990765a1581559786df5e77dbdcf25e6c53b79f215375001ac761f88
Level: 2 ( index: 0 )  31473c279b3d0d4714b096fe59c0aaa2b36286cbf3e82dbc9afb73a988a33f3e
Level: 3 ( index: 1 )  1ccba7f2302c71615f20e5b5768a118fbf44781e40bd2d7e5479ddd11a46d44c


---Computing proof
---Requesting Round Hash for 2895642
Level: 0 ( index: 0 )  2f109b4c0dd6f1210419755e6772c11a4bccd491bf2c36aa206d2ae98e8b5350
Round hash: 1ccba7f2302c71615f20e5b5768a118fbf44781e40bd2d7e5479ddd11a46d44c
Level: 1 ( index: 0 )  2be8b53ffe64f9ba9910f028cd2bd8b33e01e68d8904fa58998e0b7b5da72760
Level: 2 ( index: 0 )  494189c93ad5b55beaaa9760311840149ee1ae7cfd411e2d616d3073bcf3c04a
Level: 3 ( index: 1 )  1a4a52a7ab22ce7298f39097743460fc995957c4222117c19a49f9812134daa6


---Comparing Round to Proof
---Comparing Round Hash to computed proof hash
1a4a52a7ab22ce7298f39097743460fc995957c4222117c19a49f9812134daa6
1ccba7f2302c71615f20e5b5768a118fbf44781e40bd2d7e5479ddd11a46d44c
1a4a52a7ab22ce7298f39097743460fc995957c4222117c19a49f9812134daa6
1ccba7f2302c71615f20e5b5768a118fbf44781e40bd2d7e5479ddd11a46d44c
Equal: True
Equal: True
</pre>
</pre>

Revision as of 19:54, 7 January 2011

Using the python suds library it's fairly trivial to request tokens from the ACE IMS service.

Validating ace tokens is described in on the ims overview page and token store example page

Request One Token

from suds.client import Client

url='http://ims.umiacs.umd.edu:8080/ace-ims/IMSWebService?wsdl'
client = Client(url)
request = client.factory.create('tokenRequest')
request.hashValue = '4ed9ba3d9c7e3e092d0b0e3441f04574'
request.name = 'MyFile'

result = client.service.requestTokensImmediate('SHA-256-0',reqlist)
print result

Here's the result of running it: 

[python] [toaster@loach ace-cli]$ python test2.py 
[(tokenResponse){
   digestService = "SHA-256"
   name = "somename"
   proofElements[] = 
      (proofElement){
         hashes[] = 
            "9129f93bc8ac2d93e35aa6206298fb8616690211a8563db51cf2ea1159682692",
         index = 0
      },
      (proofElement){
         hashes[] = 
            "34bd07cc18a7ab1a47467081dcb21a6ca1857b1d3bdc12106ba2fd538b3bafbd",
         index = 0
      },
      (proofElement){
         hashes[] = 
            "8a2042da9a114a41cf3738a841d65336af5b864ed6be8484c6bae4a4ac9e65a1",
         index = 0
      },
      (proofElement){
         hashes[] = 
            "e95826668c3f301bef729e60157bbd3dbc346859ceee71655a9a065106276d72",
         index = 1
      },
   roundId = 2892850
   statusCode = 100
   timestamp = 2011-01-07 12:59:36.000013
   tokenClassName = "SHA-256-0"
 }]

Secure One File

Using hashlib, and binascii we can use python to both generate a digest and grab an ace token for that digest. 

import hashlib
import binascii
from suds.client import Client

filename='test2.py'

digFile = open(filename,'rb')
hashAlg = hashlib.sha256()
hashAlg.update(digFile.read())
filedigest = binascii.b2a_hex(hashAlg.digest())

url='http://ims.umiacs.umd.edu:8080/ace-ims/IMSWebService?wsdl'
client = Client(url)

print  filename, ' ', filedigest

request = client.factory.create('tokenRequest')
request.hashValue = filedigest
request.name = filename

result = client.service.requestTokensImmediate('SHA-256-0',request)
print result

And the output: 

[python] [toaster@loach ace-cli]$ python test2.py
test2.py   164182eef9792e2e1c5005cd9240ff508aef042b8fa344597431eae39370c784
[(tokenResponse){
   digestService = "SHA-256"
   name = "test2.py"
   proofElements[] = 
      (proofElement){
         hashes[] = 
            "c5e82872eeee3dfa539202a9757f8a5364b6fded4dfcb40b66084158f2b5c627",
         index = 0
      },
      (proofElement){
         hashes[] = 
            "6e16a71847403f4e586625463160993bfab189c0bba771d81354c03d9c3591fd",
         index = 0
      },
      (proofElement){
         hashes[] = 
            "0879b385c366d07142446a18dfb6d19c468a733991e9685fc75ce6f4b929b659",
         index = 0
      },
      (proofElement){
         hashes[] = 
            "e19dd18bd9eabf79a074d72231a7117bd2319a859d31a429575b4657e85d0c95",
         index = 1
      },
   roundId = 2893078
   statusCode = 100
   timestamp = 2011-01-07 13:08:27.000253
   tokenClassName = "SHA-256-0"
 }]

Bulk sending

Rather than sending one token per request, you should create batches to send. Just send a 'list' of tokenRequest objects to requestTokensImmediate. The IMS currently supports up to 10,000 tokens per request.

Round Requests

You can request the round hashes for one or more rounds using getRoundSummaries. 

from suds.client import Client

url='http://ims.umiacs.umd.edu:8080/ace-ims/IMSWebService?wsdl'
client = Client(url)

result = client.service.getRoundSummaries(2893078)
print result[0].id
print result[0].hashValue

output 

[python] [toaster@loach ace-cli]$ python test2.py
2893078
1324d496da42e04347c74001f8bd948b31fa296419ee49246ba5494970b16752

Complete Example

This example will read a file, compute its digest and request a token. It will then recompute the round hash using the 

import hashlib
import binascii
from suds.client import Client

filename='test2.py'

digFile = open(filename,'rb')
hashAlg = hashlib.sha256()
hashAlg.update(digFile.read())
binarydigest = hashAlg.digest()
filedigest = binascii.b2a_hex(binarydigest)

url='http://ims.umiacs.umd.edu:8080/ace-ims/IMSWebService?wsdl'
client = Client(url)

print '---File to secure:'
print filename, ' ', filedigest


print '\n---Token Response from IMS'
request = client.factory.create('tokenRequest')
request.hashValue = filedigest
request.name = filename
token = client.service.requestTokensImmediate('SHA-256-0',request)
print 'Round:',  token[0].roundId, ' Date:', token[0].timestamp
print token[0].proofElements


print '\n---Computing proof'

level = 0
prevhash = binarydigest
for element in token[0].proofElements:
    i = 0
    hashAlg = hashlib.sha256()
    # create level by converting hashes to bytes and inserting 
    # previous level where necessary, first level uses file hash
    for strhash in element.hashes:
        if i == element.index:
            hashAlg.update(prevhash)
        hashAlg.update(binascii.a2b_hex(strhash))
        i = i + 1

    # in case previous level is to be inserted at end
    if i == element.index:
        hashAlg.update(prevhash)
    prevhash = hashAlg.digest()
    print 'Level:',level, '( index:',element.index,') ', binascii.b2a_hex(prevhash)
    level = level + 1

print '\n---Requesting Round Hash for',token[0].roundId
rounds = client.service.getRoundSummaries(token[0].roundId)
print 'Round hash:', rounds[0].hashValue

print '\n---Comparing Round Hash to computed proof hash'
print rounds[0].hashValue
print binascii.b2a_hex(prevhash)
print 'Equal:',binascii.b2a_hex(prevhash) == rounds[0].hashValue

And now the output: 

[python] [toaster@loach ace-cli]$ python test2.py
---File to secure:
test2.py   1f9bf12fc4e402d6cad8b36f9f6e0482af14add1b00f0f5aff2197309483a199

---Token Response from IMS
Round: 2895642  Date: 2011-01-07 14:54:21.000883
[(proofElement){
   hashes[] = 
      "31ed6c99ea3932bd2cbc8db0e42fc7bd028a773ac7e2359785f55fe076a6492b",
   index = 0
 }, (proofElement){
   hashes[] = 
      "be071a2271d0be7633e986c4463cbc3fc39e244d75948000c41583e78d0398e3",
   index = 0
 }, (proofElement){
   hashes[] = 
      "2cb53579297ff25fa6492e6f9b4cc130acf379f1061e31d2e5fd65da734c0f91",
   index = 0
 }, (proofElement){
   hashes[] = 
      "439e40fbeae4635d014091ed93324cd467c61a3848516ee99d2c0bb20e02e7cf",
   index = 1
 }]

---Computing proof
Level: 0 ( index: 0 )  f91649510d117b361d6023b8846f12f273de0e25fab257d94be774a77bd222c6
Level: 1 ( index: 0 )  1d56960d990765a1581559786df5e77dbdcf25e6c53b79f215375001ac761f88
Level: 2 ( index: 0 )  31473c279b3d0d4714b096fe59c0aaa2b36286cbf3e82dbc9afb73a988a33f3e
Level: 3 ( index: 1 )  1ccba7f2302c71615f20e5b5768a118fbf44781e40bd2d7e5479ddd11a46d44c

---Requesting Round Hash for 2895642
Round hash: 1ccba7f2302c71615f20e5b5768a118fbf44781e40bd2d7e5479ddd11a46d44c

---Comparing Round Hash to computed proof hash
1ccba7f2302c71615f20e5b5768a118fbf44781e40bd2d7e5479ddd11a46d44c
1ccba7f2302c71615f20e5b5768a118fbf44781e40bd2d7e5479ddd11a46d44c
Equal: True
Retrieved from "https://wiki.umiacs.umd.edu/adapt/index.php?title=Ace:IMSPython&oldid=2828"