PC-Admin/redlight
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update readme, update hashing method to blake2

Browse Source
This commit is contained in:
PC-Admin 2023-08-17 18:35:54 +08:00
parent 51d8f04fc4
commit 217f1d8ca1
3 changed files with 40 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -50,4 +50,8 @@ Redlight is a community-driven project aimed at protecting the Matrix network's
## Roadmap ## Roadmap
1) Get a basic prototype working. 1) Get a basic prototype working. [DONE]
2) Use Synapses SimpleHttpClient instead of using twisted directly -
3) Fix the hashing scheme and make it smarter -
4) Get a database on the redlight server -
5)

39
notes/hashing.md
View File

@ -26,13 +26,6 @@ real 0m0.003s
user 0m0.004s user 0m0.004s
sys 0m0.002s sys 0m0.002s
$ time echo -n '!zWTEwEwdqIvmcJpytH:perthchat.org' | sha256sum -b | cut -d ' ' -f1 | xxd -r -p | sha256sum
962c56a12d861d1921073916db9a1fb47ccc7887d3199690f1de156e57cac709 -
real 0m0.002s
user 0m0.005s
sys 0m0.001s
$ sudo apt install rhash $ sudo apt install rhash
$ time echo -n '!OEedGOAXDBahPyWMSQ:example.com' | rhash --sha3-512 - $ time echo -n '!OEedGOAXDBahPyWMSQ:example.com' | rhash --sha3-512 -
1eb131ffdd0384fee5465cb3ef10ac95d9cd20e1de0e1b56475c44df095c20b61602de183f0fc0cec49d7e291d06b5169f0134e45923ab5814c42f57353dbb8b (stdin) 1eb131ffdd0384fee5465cb3ef10ac95d9cd20e1de0e1b56475c44df095c20b61602de183f0fc0cec49d7e291d06b5169f0134e45923ab5814c42f57353dbb8b (stdin)
@ -41,15 +34,37 @@ real 0m0.002s
user 0m0.003s user 0m0.003s
sys 0m0.000s sys 0m0.000s
$ time echo -n '!OEedGOAXDBahPyWMSQ:example.com' | b2sum | cut -d ' ' -f1 | xargs echo -n | b2sum time echo -n '!kfGzEsVtwINSAPopXA:perthchat.org' | b2sum
070034bf542d1cb43026b9f51aabbb28243a67cc0a26a23aa2221ff3f185f0a643bb693d39a3525b68d142b4698f3ba755e0eb90c992580376d867aa1ed5d23e - 39d97ad8ce613c2afb900d02318552596a619829847ce6abf1b8cda945c358a8e0d3306d8329481cd008e7f97aac275544b715a7a755c1df76a08a1b4ff665a2 -
real 0m0.003s real 0m0.002s
user 0m0.007s user 0m0.003s
sys 0m0.000s sys 0m0.000s
$ time echo -n '!kfGzEsVtwINSAPopXA:perthchat.org' | b2sum --length=256
db3ea6a5e44165d3f0d5edaf3ed1c99bee738afcd2a50ddf8a29908719851c65 -
real 0m0.002s
user 0m0.003s
sys 0m0.000s
$ time echo -n '!zWTEwEwdqIvmcJpytH:perthchat.org' | sha256sum -b | cut -d ' ' -f1 | xxd -r -p | sha256sum
962c56a12d861d1921073916db9a1fb47ccc7887d3199690f1de156e57cac709 -
real 0m0.002s
user 0m0.005s
sys 0m0.001s
$ time echo -n '!OEedGOAXDBahPyWMSQ:example.com' | argon2 '!OEedGOAXDBahPyWMSQ:example.com' -e
$argon2i$v=19$m=4096,t=3,p=1$IU9FZWRHT0FYREJhaFB5V01TUTpleGFtcGxlLmNvbQ$eKyknS5nxj85Xcf3HbxGSwIndauticKczRzx03VEL8A
real 0m0.020s
user 0m0.013s
sys 0m0.008s
``` ```
## Final Choice ## Final Choice
As sha256sum has shorter output and it supported by Python's built in libraries it seems ideal? BLAKE2 since it has shorter output and it supported by Python's built in libraries it seems ideal?

17
redlight_client_module.py
View File

@ -73,11 +73,10 @@ class RedlightClientModule:
) )
@staticmethod @staticmethod
def double_hash_sha256(data: str) -> str: def hash_blake2(data: str) -> str:
"""Double-hash the data with SHA256 for added security.""" """Hash the data with BLAKE2 for added security."""
first_hash = hashlib.sha256(data.encode()).digest() room_id_hash = hashlib.blake2b(data.encode()).hexdigest() # Use hexdigest() instead of digest()
double_hashed = hashlib.sha256(first_hash).hexdigest() return room_id_hash
return double_hashed
async def user_may_join_room( async def user_may_join_room(
self, user: str, room: str, is_invited: bool self, user: str, room: str, is_invited: bool
@ -86,8 +85,8 @@ class RedlightClientModule:
logger.info(f"User {user} is attempting to join room {room}. Invitation status: {is_invited}.") logger.info(f"User {user} is attempting to join room {room}. Invitation status: {is_invited}.")
# Double-hash the room and user IDs. # Double-hash the room and user IDs.
hashed_room_id = self.double_hash_sha256(room) hashed_room_id = self.hash_blake2(room)
hashed_user_id = self.double_hash_sha256(user) hashed_user_id = self.hash_blake2(user)
# Prepare the HTTP body. # Prepare the HTTP body.
body = _JsonProducer({ body = _JsonProducer({
@ -119,9 +118,9 @@ class RedlightClientModule:
# Handle the response based on its HTTP status code. # Handle the response based on its HTTP status code.
if response.code == 200: if response.code == 200:
logger.warn(f"User {user} not allowed to join room {room}.") logger.warn(f"User {user} not allowed to join restricted room. report_id: {response_json['report_id']} room_id: {room}.")
# Create the alert message # Create the alert message
alert_message = f"WARNING: Incident detected! User {user} was attempting to access this restricted room: {room}" alert_message = f"WARNING: Incident detected! User {user} was attempting to access a restricted room. report_id: {response_json['report_id']}, For the room id please check your redlight logs."
# Start the synchronous send_alert_message method in a thread but don't await it # Start the synchronous send_alert_message method in a thread but don't await it
loop = asyncio.get_event_loop() loop = asyncio.get_event_loop()
loop.run_in_executor(None, self.bot.send_alert_message, self._redlight_alert_room, alert_message) loop.run_in_executor(None, self.bot.send_alert_message, self._redlight_alert_room, alert_message)