update readme, update hashing method to blake2

2023-08-17 18:35:54 +08:00 · 2023-08-17 18:35:54 +08:00 · 217f1d8ca1
commit 217f1d8ca1
parent 51d8f04fc4
3 changed files with 40 additions and 22 deletions
--- a/README.md
+++ b/README.md
@ -50,4 +50,8 @@ Redlight is a community-driven project aimed at protecting the Matrix network's

 ## Roadmap

-1) Get a basic prototype working.
+1) Get a basic prototype working. [DONE]
+2) Use Synapses SimpleHttpClient instead of using twisted directly -
+3) Fix the hashing scheme and make it smarter -
+4) Get a database on the redlight server -
+5)
--- a/notes/hashing.md
+++ b/notes/hashing.md
@ -26,13 +26,6 @@ real	0m0.003s
 user	0m0.004s
 sys	0m0.002s

-$ time echo -n '!zWTEwEwdqIvmcJpytH:perthchat.org' | sha256sum -b | cut -d ' ' -f1 | xxd -r -p | sha256sum
-962c56a12d861d1921073916db9a1fb47ccc7887d3199690f1de156e57cac709  -
-
-real	0m0.002s
-user	0m0.005s
-sys	0m0.001s
-
 $ sudo apt install rhash
 $ time echo -n '!OEedGOAXDBahPyWMSQ:example.com' | rhash --sha3-512 - 
 1eb131ffdd0384fee5465cb3ef10ac95d9cd20e1de0e1b56475c44df095c20b61602de183f0fc0cec49d7e291d06b5169f0134e45923ab5814c42f57353dbb8b  (stdin)
@ -41,15 +34,37 @@ real	0m0.002s
 user	0m0.003s
 sys	0m0.000s

-$ time echo -n '!OEedGOAXDBahPyWMSQ:example.com' | b2sum | cut -d ' ' -f1 | xargs echo -n | b2sum
-070034bf542d1cb43026b9f51aabbb28243a67cc0a26a23aa2221ff3f185f0a643bb693d39a3525b68d142b4698f3ba755e0eb90c992580376d867aa1ed5d23e  -
+ time echo -n '!kfGzEsVtwINSAPopXA:perthchat.org' | b2sum
+39d97ad8ce613c2afb900d02318552596a619829847ce6abf1b8cda945c358a8e0d3306d8329481cd008e7f97aac275544b715a7a755c1df76a08a1b4ff665a2  -

-real	0m0.003s
-user	0m0.007s
+real	0m0.002s
+user	0m0.003s
 sys	0m0.000s
+
+$ time echo -n '!kfGzEsVtwINSAPopXA:perthchat.org' | b2sum --length=256
+db3ea6a5e44165d3f0d5edaf3ed1c99bee738afcd2a50ddf8a29908719851c65  -
+
+real	0m0.002s
+user	0m0.003s
+sys	0m0.000s
+
+$ time echo -n '!zWTEwEwdqIvmcJpytH:perthchat.org' | sha256sum -b | cut -d ' ' -f1 | xxd -r -p | sha256sum
+962c56a12d861d1921073916db9a1fb47ccc7887d3199690f1de156e57cac709  -
+
+real	0m0.002s
+user	0m0.005s
+sys	0m0.001s
+
+$ time echo -n '!OEedGOAXDBahPyWMSQ:example.com' | argon2 '!OEedGOAXDBahPyWMSQ:example.com' -e
+$argon2i$v=19$m=4096,t=3,p=1$IU9FZWRHT0FYREJhaFB5V01TUTpleGFtcGxlLmNvbQ$eKyknS5nxj85Xcf3HbxGSwIndauticKczRzx03VEL8A
+
+real	0m0.020s
+user	0m0.013s
+sys	0m0.008s
+
 ```


 ## Final Choice

-As sha256sum has shorter output and it supported by Python's built in libraries it seems ideal?
+BLAKE2 since it  has shorter output and it supported by Python's built in libraries it seems ideal?
--- a/redlight_client_module.py
+++ b/redlight_client_module.py
@ -73,11 +73,10 @@ class RedlightClientModule:
        )

    @staticmethod
-    def double_hash_sha256(data: str) -> str:
-        """Double-hash the data with SHA256 for added security."""
-        first_hash = hashlib.sha256(data.encode()).digest()
-        double_hashed = hashlib.sha256(first_hash).hexdigest()
-        return double_hashed
+    def hash_blake2(data: str) -> str:
+        """Hash the data with BLAKE2 for added security."""
+        room_id_hash = hashlib.blake2b(data.encode()).hexdigest()  # Use hexdigest() instead of digest()
+        return room_id_hash

    async def user_may_join_room(
        self, user: str, room: str, is_invited: bool
@ -86,8 +85,8 @@ class RedlightClientModule:
        logger.info(f"User {user} is attempting to join room {room}. Invitation status: {is_invited}.")

        # Double-hash the room and user IDs.
-        hashed_room_id = self.double_hash_sha256(room)
-        hashed_user_id = self.double_hash_sha256(user)
+        hashed_room_id = self.hash_blake2(room)
+        hashed_user_id = self.hash_blake2(user)

        # Prepare the HTTP body.
        body = _JsonProducer({
@ -119,9 +118,9 @@ class RedlightClientModule:

        # Handle the response based on its HTTP status code.
        if response.code == 200:
-            logger.warn(f"User {user} not allowed to join room {room}.")
+            logger.warn(f"User {user} not allowed to join restricted room. report_id: {response_json['report_id']} room_id: {room}.")
            # Create the alert message
-            alert_message = f"WARNING: Incident detected! User {user} was attempting to access this restricted room: {room}"
+            alert_message = f"WARNING: Incident detected! User {user} was attempting to access a restricted room. report_id: {response_json['report_id']}, For the room id please check your redlight logs."
            # Start the synchronous send_alert_message method in a thread but don't await it
            loop = asyncio.get_event_loop()
            loop.run_in_executor(None, self.bot.send_alert_message, self._redlight_alert_room, alert_message)