Ace:StorePython: Difference between revisions
From Adapt
No edit summary |
No edit summary |
||
| (3 intermediate revisions by the same user not shown) | |||
| Line 3: | Line 3: | ||
=Read Token Store= | =Read Token Store= | ||
The simpliest way (with | The simpliest way (with no error checking) to read a well-formed token store. | ||
<pre> | <pre> | ||
import string | |||
import hashlib | |||
def readHeader(file): | def readHeader(file): | ||
currLine = file.readline() | currLine = file.readline() | ||
| Line 42: | Line 45: | ||
infile.close() | infile.close() | ||
</pre> | </pre> | ||
You will end up with three arrays, header which contains the six header components, identifiers containing the identifiers for the entry, and a proof array containing proof levels for the entry. | |||
=Calculate a file's proof= | =Calculate a file's proof= | ||
The round proof is calculated by digesting the encoded byte arrays in each layer in order, while substituting the previous layer or file's digest where an X appears. | |||
For each layer: | |||
# split by : | |||
# on each item from the split, convert the hex-encoded to a byte array if not an X | |||
# if the split item is an X, substitute the byte array from the previous layer or file's digest | |||
# create a digest by concatenating each byte array for that layer (in order left to right) | |||
# feed result into next layer | |||
<pre> | <pre> | ||
import binascii | |||
... | |||
... | |||
def calculateLevel(lowerHash,rowString): | def calculateLevel(lowerHash,rowString): | ||
hashAlg = hashlib.sha256() | hashAlg = hashlib.sha256() | ||
| Line 54: | Line 71: | ||
hashAlg.update(binascii.a2b_hex(hash)) | hashAlg.update(binascii.a2b_hex(hash)) | ||
return hashAlg.digest() | return hashAlg.digest() | ||
def calculateProof(file,prooflines): | |||
digFile = open(file,'rb') | |||
# Note, sha256 hardcoded in this example, store algorithm should be checked | |||
hashAlg = hashlib.sha256() | |||
hashAlg.update(digFile.read()) | |||
prevhash = hashAlg.digest() | |||
for proofLine in proof: | |||
prevhash = calculateLevel(prevhash,proofLine) | |||
return binascii.b2a_hex(prevhash) | |||
... | ... | ||
... | ... | ||
myfile = "FILE_TO_CHECK" | |||
... | |||
while 1: | |||
... | |||
proof = readProof(infile) | |||
# using proof lines from above, compute a files's proof | # using proof lines from above, compute a files's proof | ||
if myfile in identifiers: | |||
print calculateProof(myfile,proof) | |||
</pre> | </pre> | ||
This example will read the FILE_TO_VALIDATE, calculate a digest, then feed that digest into each level of the digest. The final level's digest should be compared to the address of that round stored on the IMS. | This example will read the FILE_TO_VALIDATE, calculate a digest, then feed that digest into each level of the digest. The final level's digest should be compared to the address of that round stored on the IMS. | ||
Latest revision as of 17:35, 17 December 2010
The following is some sample code for reading and parsing ACE Token Stores in Python. All samples were tested on RHEL5 against python 2.4.3 with a backport of the hashlib library installed.
Read Token Store
The simpliest way (with no error checking) to read a well-formed token store.
import string
import hashlib
def readHeader(file):
currLine = file.readline()
if not currLine:
return False
headerParts = string.split(currLine)
if (len(headerParts) != 6):
return False
return headerParts
def readIdentifiers(infile):
line = infile.readline().rstrip("\n")
ids = []
while line != "":
ids.append(line)
line = infile.readline().rstrip("\n")
return ids
def readProof(infile):
line = infile.readline().rstrip("\n")
proof = []
while line != "":
proof.append(line)
line = infile.readline().rstrip("\n")
return proof
infile = open("/YOUR_TOKEN_STORE_FILE",'rb')
while 1:
header = readHeader(infile)
if not header:
break
identifiers = readIdentifiers(infile)
proof = readProof(infile)
infile.close()
You will end up with three arrays, header which contains the six header components, identifiers containing the identifiers for the entry, and a proof array containing proof levels for the entry.
Calculate a file's proof
The round proof is calculated by digesting the encoded byte arrays in each layer in order, while substituting the previous layer or file's digest where an X appears.
For each layer:
- split by :
- on each item from the split, convert the hex-encoded to a byte array if not an X
- if the split item is an X, substitute the byte array from the previous layer or file's digest
- create a digest by concatenating each byte array for that layer (in order left to right)
- feed result into next layer
import binascii
...
...
def calculateLevel(lowerHash,rowString):
hashAlg = hashlib.sha256()
for hash in string.split(rowString,":"):
if (hash == "X"):
hashAlg.update(lowerHash)
else:
hashAlg.update(binascii.a2b_hex(hash))
return hashAlg.digest()
def calculateProof(file,prooflines):
digFile = open(file,'rb')
# Note, sha256 hardcoded in this example, store algorithm should be checked
hashAlg = hashlib.sha256()
hashAlg.update(digFile.read())
prevhash = hashAlg.digest()
for proofLine in proof:
prevhash = calculateLevel(prevhash,proofLine)
return binascii.b2a_hex(prevhash)
...
...
myfile = "FILE_TO_CHECK"
...
while 1:
...
proof = readProof(infile)
# using proof lines from above, compute a files's proof
if myfile in identifiers:
print calculateProof(myfile,proof)
This example will read the FILE_TO_VALIDATE, calculate a digest, then feed that digest into each level of the digest. The final level's digest should be compared to the address of that round stored on the IMS.
