dkelly/pynkode
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor set_key -> position_key

Browse Source
This commit is contained in:
Donovan
2025-03-19 09:34:02 -05:00
parent cfef58613c
commit 7b92a6b40b
10 changed files with 511 additions and 407 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
docs/render_readme.py
View File

@@ -64,8 +64,8 @@ if __name__ == "__main__":
customer_id = api.create_new_customer(keypad_size, policy) customer_id = api.create_new_customer(keypad_size, policy)
customer = api.customers[customer_id] customer = api.customers[customer_id]
set_vals = customer.cipher.set_key set_vals = customer.cipher.position_key
prop_vals = customer.cipher.prop_key prop_vals = customer.cipher.property_key
customer_prop_view = prop_vals.reshape(-1, keypad_size.props_per_key) customer_prop_view = prop_vals.reshape(-1, keypad_size.props_per_key)
prop_keypad_view = prop_vals.reshape(-1, keypad_size.props_per_key) prop_keypad_view = prop_vals.reshape(-1, keypad_size.props_per_key)
@@ -79,7 +79,7 @@ if __name__ == "__main__":
passcode_len = 4 passcode_len = 4
user_passcode = signup_interface[:passcode_len].tolist() user_passcode = signup_interface[:passcode_len].tolist()
selected_keys_set = select_keys_with_passcode_values(user_passcode, signup_interface, keypad_size.numb_of_keys) selected_keys_set = select_keys_with_passcode_values(user_passcode, signup_interface, keypad_size.numb_of_keys)
server_side_prop = [customer.cipher.prop_key[idx] for idx in user_passcode] server_side_prop = [customer.cipher.property_key[idx] for idx in user_passcode]
confirm_interface = api.set_nkode(username, customer_id, selected_keys_set, session_id) confirm_interface = api.set_nkode(username, customer_id, selected_keys_set, session_id)
@@ -89,25 +89,24 @@ if __name__ == "__main__":
success = api.confirm_nkode(username, customer_id, selected_keys_confirm, session_id) success = api.confirm_nkode(username, customer_id, selected_keys_confirm, session_id)
assert success assert success
passcode_server_prop = [customer.cipher.prop_key[idx] for idx in user_passcode] passcode_server_prop = [customer.cipher.property_key[idx] for idx in user_passcode]
passcode_server_set = [customer.cipher.get_prop_set_val(prop) for prop in passcode_server_prop] passcode_server_set = customer.cipher.get_props_position_vals(user_passcode)
user_keys = customer.users[username].cipher user_keys = customer.users[username].cipher
padded_passcode_server_set = user_keys.pad_user_mask(np.array(passcode_server_set), customer.cipher.set_key) padded_passcode_server_set = user_keys.pad_user_mask(np.array(passcode_server_set), customer.cipher.position_key)
set_idx = [customer.cipher.get_set_index(set_val) for set_val in padded_passcode_server_set] set_idx = [customer.cipher.get_position_index(set_val) for set_val in padded_passcode_server_set]
mask_set_keys = [user_keys.combined_set_key[idx] for idx in set_idx] mask_set_keys = [user_keys.combined_set_key[idx] for idx in set_idx]
ciphered_mask = mask_set_keys ^ padded_passcode_server_set ^ user_keys.mask_key ciphered_mask = mask_set_keys ^ padded_passcode_server_set ^ user_keys.mask_key
mask = user_keys.encode_base64_str(ciphered_mask) mask = user_keys.encode_base64_str(ciphered_mask)
ciphered_customer_props = customer.cipher.prop_key ^ user_keys.prop_key ciphered_customer_props = customer.cipher.property_key ^ user_keys.prop_key
passcode_ciphered_props = [ciphered_customer_props[idx] for idx in user_passcode] passcode_ciphered_props = [ciphered_customer_props[idx] for idx in user_passcode]
pad_len = customer.nkode_policy.max_nkode_len - passcode_len pad_len = customer.nkode_policy.max_nkode_len - passcode_len
passcode_ciphered_props.extend([0 for _ in range(pad_len)]) passcode_ciphered_props.extend([0 for _ in range(pad_len)])
ciphered_code = np.bitwise_xor(passcode_ciphered_props, user_keys.pass_key) ciphered_code = np.bitwise_xor(passcode_ciphered_props, user_keys.pass_key)
passcode_bytes = ciphered_code.tobytes() passcode_bytes = ciphered_code.tobytes()
passcode_digest = base64.b64encode(hashlib.sha256(passcode_bytes).digest()) passcode_digest = base64.b64encode(hashlib.sha256(passcode_bytes).digest())
hashed_data = bcrypt.hashpw(passcode_digest, user_keys.salt) hashed_data = bcrypt.hashpw(passcode_digest, bcrypt.gensalt(rounds=12))
code = hashed_data.decode("utf-8") code = hashed_data.decode("utf-8")
enciphered_nkode = EncipheredNKode( enciphered_nkode = EncipheredNKode(
@@ -129,7 +128,7 @@ if __name__ == "__main__":
""" """
user = customer.users[username] user = customer.users[username]
set_vals = customer.cipher.set_key set_vals = customer.cipher.position_key
user_keys = user.cipher user_keys = user.cipher
user_mask = user.enciphered_passcode.mask user_mask = user.enciphered_passcode.mask
decoded_mask = user_keys.decode_base64_str(user_mask) decoded_mask = user_keys.decode_base64_str(user_mask)
@@ -144,17 +143,17 @@ if __name__ == "__main__":
GET PRESUMED properties GET PRESUMED properties
""" """
set_vals_idx = [customer.cipher.get_set_index(set_val) for set_val in login_passcode_sets] set_vals_idx = [customer.cipher.get_position_index(set_val) for set_val in login_passcode_sets]
presumed_selected_properties_idx = customer.users[username].user_keypad.get_prop_idxs_by_keynumb_setidx(selected_keys_login, set_vals_idx) presumed_selected_properties_idx = customer.users[username].user_keypad.get_prop_idxs_by_keynumb_setidx(selected_keys_login, set_vals_idx)
""" """
RENEW KEYS RENEW KEYS
""" """
old_props = customer.cipher.prop_key.copy() old_props = customer.cipher.property_key.copy()
old_sets = customer.cipher.set_key.copy() old_sets = customer.cipher.position_key.copy()
customer.cipher.renew() customer.cipher.renew()
new_props = customer.cipher.prop_key new_props = customer.cipher.property_key
new_sets = customer.cipher.set_key new_sets = customer.cipher.position_key
customer_new_prop_view = new_props.reshape(-1, keypad_size.props_per_key) customer_new_prop_view = new_props.reshape(-1, keypad_size.props_per_key)
""" """
RENEW USER RENEW USER
@@ -171,7 +170,7 @@ if __name__ == "__main__":
""" """
user.cipher = UserCipher.create( user.cipher = UserCipher.create(
customer.cipher.keypad_size, customer.cipher.keypad_size,
customer.cipher.set_key, customer.cipher.position_key,
user.cipher.max_nkode_len user.cipher.max_nkode_len
) )
user.enciphered_passcode = user.cipher.encipher_nkode(presumed_selected_properties_idx, customer.cipher) user.enciphered_passcode = user.cipher.encipher_nkode(presumed_selected_properties_idx, customer.cipher)
@@ -183,9 +182,9 @@ if __name__ == "__main__":
'customer_set_vals': set_vals, 'customer_set_vals': set_vals,
'customer_prop_view': customer_prop_view, 'customer_prop_view': customer_prop_view,
'set_property_dict': set_property_dict, 'set_property_dict': set_property_dict,
'signup_keypad': signup_keypad, 'set_signup_keypad': signup_keypad,
'username': 'test_user', 'username': 'test_user',
'user_passcode': user_passcode, 'user_passcode_indices': user_passcode,
'selected_keys_set': selected_keys_set, 'selected_keys_set': selected_keys_set,
'server_side_prop': server_side_prop, 'server_side_prop': server_side_prop,
'confirm_keypad': confirm_keypad, 'confirm_keypad': confirm_keypad,

771
notebooks/nkode_tutorial.ipynb
View File

File diff suppressed because it is too large Load Diff

24
src/customer.py
View File

@@ -1,5 +1,8 @@
from dataclasses import dataclass from dataclasses import dataclass
from uuid import UUID, uuid4 from uuid import UUID, uuid4
import numpy as np
from src.customer_cipher import CustomerCipher from src.customer_cipher import CustomerCipher
from src.models import NKodePolicy from src.models import NKodePolicy
from src.user import User from src.user import User
@@ -38,8 +41,8 @@ class Customer:
passcode_len = len(selected_keys) passcode_len = len(selected_keys)
user = self.users[username] user = self.users[username]
passcode_set_vals = user.cipher.decipher_mask( passcode_set_vals = user.cipher.decipher_mask(
user.enciphered_passcode.mask, self.cipher.set_key, passcode_len) user.enciphered_passcode.mask, self.cipher.position_key, passcode_len)
set_vals_idx = [self.cipher.get_set_index(set_val) for set_val in passcode_set_vals] set_vals_idx = [self.cipher.get_position_index(set_val) for set_val in passcode_set_vals]
presumed_property_idxs = user.user_keypad.get_prop_idxs_by_keynumb_setidx(selected_keys, set_vals_idx) presumed_property_idxs = user.user_keypad.get_prop_idxs_by_keynumb_setidx(selected_keys, set_vals_idx)
if not user.cipher.compare_nkode(presumed_property_idxs, self.cipher,user.enciphered_passcode.code): if not user.cipher.compare_nkode(presumed_property_idxs, self.cipher,user.enciphered_passcode.code):
return False return False
@@ -50,11 +53,11 @@ class Customer:
return True return True
def renew_keys(self) -> bool: def renew_keys(self) -> bool:
old_props = self.cipher.prop_key.copy() old_props = self.cipher.property_key.copy()
old_sets = self.cipher.set_key.copy() old_sets = self.cipher.position_key.copy()
self.cipher.renew() self.cipher.renew()
new_props = self.cipher.prop_key new_props = self.cipher.property_key
new_sets = self.cipher.set_key new_sets = self.cipher.position_key
props_xor = new_props ^ old_props props_xor = new_props ^ old_props
set_xor = new_sets ^ old_sets set_xor = new_sets ^ old_sets
@@ -65,9 +68,10 @@ class Customer:
def valid_new_nkode(self, passcode_prop_idx: list[int]) -> bool: def valid_new_nkode(self, passcode_prop_idx: list[int]) -> bool:
nkode_len = len(passcode_prop_idx) nkode_len = len(passcode_prop_idx)
passcode_set_values = [ #passcode_set_values = [
self.cipher.get_prop_set_val(int(self.cipher.prop_key[prop_idx])) for prop_idx in passcode_prop_idx # self.cipher.get_prop_set_val(int(self.cipher.property_key[prop_idx])) for prop_idx in passcode_prop_idx
] #]
passcode_set_values = self.cipher.get_props_position_vals(passcode_prop_idx)
distinct_sets = len(set(passcode_set_values)) distinct_sets = len(set(passcode_set_values))
distinct_properties = len(set(passcode_prop_idx)) distinct_properties = len(set(passcode_prop_idx))
if ( if (
@@ -77,3 +81,5 @@ class Customer:
): ):
return True return True
return False return False

51
src/customer_cipher.py
View File

@@ -6,16 +6,13 @@ from src.models import KeypadSize
@dataclass @dataclass
class CustomerCipher: class CustomerCipher:
prop_key: np.ndarray property_key: np.ndarray
set_key: np.ndarray position_key: np.ndarray
keypad_size: KeypadSize keypad_size: KeypadSize
MAX_KEYS: ClassVar[int] = 256 MAX_KEYS: ClassVar[int] = 256
MAX_PROP_PER_KEY: ClassVar[int] = 256 MAX_PROP_PER_KEY: ClassVar[int] = 256
def __post_init__(self): def __post_init__(self):
self.check_keys_vs_props()
def check_keys_vs_props(self) -> None:
if self.keypad_size.is_dispersable: if self.keypad_size.is_dispersable:
raise ValueError("number of keys must be less than the number of " raise ValueError("number of keys must be less than the number of "
"properties per key to be dispersion resistant") "properties per key to be dispersion resistant")
@@ -24,28 +21,40 @@ class CustomerCipher:
def create(cls, keypad_size: KeypadSize) -> 'CustomerCipher': def create(cls, keypad_size: KeypadSize) -> 'CustomerCipher':
if keypad_size.numb_of_keys > cls.MAX_KEYS or keypad_size.props_per_key > cls.MAX_PROP_PER_KEY: if keypad_size.numb_of_keys > cls.MAX_KEYS or keypad_size.props_per_key > cls.MAX_PROP_PER_KEY:
raise ValueError(f"Keys and properties per key must not exceed {cls.MAX_KEYS}") raise ValueError(f"Keys and properties per key must not exceed {cls.MAX_KEYS}")
# Using numpy to generate non-repeating random integers # Using numpy to generate non-repeating random integers
prop_key = np.random.choice(2 ** 16, size=keypad_size.total_props, replace=False) prop_key = np.random.choice(2 ** 16, size=keypad_size.total_props, replace=False)
set_key = np.random.choice(2 ** 16, size=keypad_size.props_per_key, replace=False) pos_key = np.random.choice(2 ** 16, size=keypad_size.props_per_key, replace=False)
return cls( return cls(
prop_key=prop_key, property_key=prop_key,
set_key=set_key, position_key=pos_key,
keypad_size=keypad_size, keypad_size=keypad_size,
) )
def renew(self): def renew(self):
self.prop_key = np.random.choice(2 ** 16, size=self.keypad_size.total_props, replace=False) self.property_key = np.random.choice(2 ** 16, size=self.keypad_size.total_props, replace=False)
self.set_key = np.random.choice(2 ** 16, size=self.keypad_size.props_per_key, replace=False) self.position_key = np.random.choice(2 ** 16, size=self.keypad_size.props_per_key, replace=False)
def get_prop_set_val(self, prop: int) -> int: def get_props_position_vals(self, props: np.ndarray | list[int]) -> np.ndarray:
assert np.isin(prop, self.prop_key) if not all([prop in self.property_key for prop in props]):
prop_idx = np.where(self.prop_key == prop)[0][0] raise ValueError("Property values must be within valid range")
set_idx = prop_idx % self.keypad_size.props_per_key pos_vals = [self._get_prop_position_val(prop) for prop in props]
return int(self.set_key[set_idx]) return np.array(pos_vals)
def get_set_index(self, set_val: int) -> int: def _get_prop_position_val(self, prop: int) -> int:
if not np.isin(set_val, self.set_key): assert prop in self.property_key
raise ValueError(f"Set value {set_val} not found in set values") prop_idx = np.where(self.property_key == prop)[0][0]
return int(np.where(self.set_key == set_val)[0][0]) pos_idx = prop_idx % self.keypad_size.props_per_key
return int(self.position_key[pos_idx])
def get_position_index(self, pos_val: int) -> int:
if not np.isin(pos_val, self.position_key):
raise ValueError(f"Position value {pos_val} not found in customer cipher position_key")
return int(np.where(self.position_key == pos_val)[0][0])
def get_passcode_position_indices_padded(self, passcode_indices: list[int], max_nkode_len: int) -> list[int]:
if not all(0 <= idx < self.keypad_size.total_props for idx in passcode_indices):
raise ValueError("invalid passcode index")
pos_indices = [idx % self.keypad_size.props_per_key for idx in passcode_indices]
pad_len = max_nkode_len - len(passcode_indices)
pad = np.random.choice(self.keypad_size.props_per_key, pad_len, replace=True)
return pos_indices + pad.tolist()

2
src/nkode_api.py
View File

@@ -74,7 +74,7 @@ class NKodeAPI:
passcode = self.signup_sessions[session_id].deduce_passcode(confirm_key_entry) passcode = self.signup_sessions[session_id].deduce_passcode(confirm_key_entry)
new_user_keys = UserCipher.create( new_user_keys = UserCipher.create(
customer.cipher.keypad_size, customer.cipher.keypad_size,
customer.cipher.set_key, customer.cipher.position_key,
customer.nkode_policy.max_nkode_len customer.nkode_policy.max_nkode_len
) )
enciphered_passcode = new_user_keys.encipher_nkode(passcode, customer.cipher) enciphered_passcode = new_user_keys.encipher_nkode(passcode, customer.cipher)

2
src/user.py
View File

@@ -24,7 +24,7 @@ class User:
def refresh_passcode(self, passcode_prop_idxs: list[int], customer_cipher: CustomerCipher): def refresh_passcode(self, passcode_prop_idxs: list[int], customer_cipher: CustomerCipher):
self.cipher = UserCipher.create( self.cipher = UserCipher.create(
customer_cipher.keypad_size, customer_cipher.keypad_size,
customer_cipher.set_key, customer_cipher.position_key,
self.cipher.max_nkode_len self.cipher.max_nkode_len
) )
self.enciphered_passcode = self.cipher.encipher_nkode(passcode_prop_idxs, customer_cipher) self.enciphered_passcode = self.cipher.encipher_nkode(passcode_prop_idxs, customer_cipher)

14
src/user_cipher.py
View File

@@ -19,9 +19,7 @@ class UserCipher:
def create(cls, keypad_size: KeypadSize, customer_set_key: np.ndarray, max_nkode_len: int) -> 'UserCipher': def create(cls, keypad_size: KeypadSize, customer_set_key: np.ndarray, max_nkode_len: int) -> 'UserCipher':
if len(customer_set_key) != keypad_size.props_per_key: if len(customer_set_key) != keypad_size.props_per_key:
raise ValueError("Invalid set values") raise ValueError("Invalid set values")
user_set_key = np.random.choice(2**16,size=keypad_size.props_per_key, replace=False) user_set_key = np.random.choice(2**16,size=keypad_size.props_per_key, replace=False)
return UserCipher( return UserCipher(
prop_key=np.random.choice(2 ** 16, size=keypad_size.total_props, replace=False), prop_key=np.random.choice(2 ** 16, size=keypad_size.total_props, replace=False),
pass_key=np.random.choice(2 ** 16, size=max_nkode_len, replace=False), pass_key=np.random.choice(2 ** 16, size=max_nkode_len, replace=False),
@@ -93,7 +91,7 @@ class UserCipher:
passcode_cipher[:passcode_len] = ( passcode_cipher[:passcode_len] = (
passcode_cipher[:passcode_len] ^ passcode_cipher[:passcode_len] ^
self.prop_key[passcode_prop_idx] ^ self.prop_key[passcode_prop_idx] ^
customer_prop.prop_key[passcode_prop_idx] customer_prop.property_key[passcode_prop_idx]
) )
return passcode_cipher.astype(np.uint16).tobytes() return passcode_cipher.astype(np.uint16).tobytes()
@@ -102,12 +100,10 @@ class UserCipher:
passcode_prop_idx: list[int], passcode_prop_idx: list[int],
customer_cipher: CustomerCipher customer_cipher: CustomerCipher
) -> str: ) -> str:
customer_props = customer_cipher.prop_key[passcode_prop_idx] set_idxs = customer_cipher.get_passcode_position_indices_padded(passcode_prop_idx, len(self.mask_key))
customer_sets = [customer_cipher.get_prop_set_val(prop) for prop in customer_props] ordered_set_key = self.combined_set_key[set_idxs]
padded_customer_sets = self.pad_user_mask(np.array(customer_sets), customer_cipher.set_key) ordered_customer_key = customer_cipher.position_key[set_idxs]
set_idx = [customer_cipher.get_set_index(set_val) for set_val in padded_customer_sets] mask = ordered_set_key ^ ordered_customer_key ^ self.mask_key
ordered_set_key = self.combined_set_key[set_idx]
mask = ordered_set_key ^ padded_customer_sets ^ self.mask_key
encoded_mask = self.encode_base64_str(mask) encoded_mask = self.encode_base64_str(mask)
return encoded_mask return encoded_mask

6
src/user_keypad.py
View File

@@ -83,16 +83,16 @@ class UserKeypad:
if not (0 <= key_numb < self.keypad_size.numb_of_keys): if not (0 <= key_numb < self.keypad_size.numb_of_keys):
raise ValueError(f"key_numb must be between 0 and {self.keypad_size.numb_of_keys - 1}") raise ValueError(f"key_numb must be between 0 and {self.keypad_size.numb_of_keys - 1}")
if not (0 <= set_idx < self.keypad_size.props_per_key): if not (0 <= set_idx < self.keypad_size.props_per_key):
raise ValueError(f"set_idx must be between 0 and {self.keypad_size.props_per_key - 1}") raise ValueError(f"set_indices must be between 0 and {self.keypad_size.props_per_key - 1}")
keypad_prop_idx = self.keypad_matrix() keypad_prop_idx = self.keypad_matrix()
return int(keypad_prop_idx[key_numb][set_idx]) return int(keypad_prop_idx[key_numb][set_idx])
def get_prop_idxs_by_keynumb_setidx(self, key_numb: list[int], set_idx: list[int]) -> list[int]: def get_prop_idxs_by_keynumb_setidx(self, key_numb: list[int], set_idx: list[int]) -> list[int]:
if len(key_numb) != len(set_idx): if len(key_numb) != len(set_idx):
raise ValueError("key_numb and set_idx must be the same length") raise ValueError("key_numb and set_indices must be the same length")
if not all(0 <= kn < self.keypad_size.numb_of_keys for kn in key_numb): if not all(0 <= kn < self.keypad_size.numb_of_keys for kn in key_numb):
raise ValueError(f"All key_numb must be between 0 and {self.keypad_size.numb_of_keys - 1}") raise ValueError(f"All key_numb must be between 0 and {self.keypad_size.numb_of_keys - 1}")
if not all(0 <= si < self.keypad_size.props_per_key for si in set_idx): if not all(0 <= si < self.keypad_size.props_per_key for si in set_idx):
raise ValueError(f"All set_idx must be between 0 and {self.keypad_size.props_per_key - 1}") raise ValueError(f"All set_indices must be between 0 and {self.keypad_size.props_per_key - 1}")
keypad_matrix = self.keypad_matrix() keypad_matrix = self.keypad_matrix()
return keypad_matrix[key_numb, set_idx].reshape(-1).tolist() return keypad_matrix[key_numb, set_idx].reshape(-1).tolist()

9
test/test_user_cipher_keys.py
View File

@@ -11,7 +11,6 @@ from src.user_cipher import UserCipher, CustomerCipher
] ]
) )
def test_encode_decode_base64(passcode_len): def test_encode_decode_base64(passcode_len):
#data = generate_random_nonrepeating_list(passcode_len)
data = np.random.choice(2**16, passcode_len, replace=False) data = np.random.choice(2**16, passcode_len, replace=False)
encoded = UserCipher.encode_base64_str(data) encoded = UserCipher.encode_base64_str(data)
decoded = UserCipher.decode_base64_str(encoded) decoded = UserCipher.decode_base64_str(encoded)
@@ -28,14 +27,12 @@ def test_encode_decode_base64(passcode_len):
]) ])
def test_decode_mask(keypad_size, max_nkode_len): def test_decode_mask(keypad_size, max_nkode_len):
customer = CustomerCipher.create(keypad_size) customer = CustomerCipher.create(keypad_size)
#passcode_entry = generate_random_nonrepeating_list(keypad_size.numb_of_props,max_val=keypad_size.numb_of_props)[:4]
passcode_entry = np.random.choice(keypad_size.total_props, 4, replace=False) passcode_entry = np.random.choice(keypad_size.total_props, 4, replace=False)
passcode_values = [customer.prop_key[idx] for idx in passcode_entry] passcode_values = [customer.property_key[idx] for idx in passcode_entry]
set_vals = customer.set_key set_vals = customer.position_key
user_keys = UserCipher.create(keypad_size, set_vals, max_nkode_len) user_keys = UserCipher.create(keypad_size, set_vals, max_nkode_len)
passcode = user_keys.encipher_nkode(passcode_entry, customer) passcode = user_keys.encipher_nkode(passcode_entry, customer)
orig_passcode_set_vals = customer.get_props_position_vals(passcode_values)
orig_passcode_set_vals = [customer.get_prop_set_val(prop) for prop in passcode_values]
passcode_set_vals = user_keys.decipher_mask(passcode.mask, set_vals, len(passcode_entry)) passcode_set_vals = user_keys.decipher_mask(passcode.mask, set_vals, len(passcode_entry))
assert (len(passcode_set_vals) == len(orig_passcode_set_vals)) assert (len(passcode_set_vals) == len(orig_passcode_set_vals))
assert (all(orig_passcode_set_vals[idx] == passcode_set_vals[idx] for idx in range(len(passcode_set_vals)))) assert (all(orig_passcode_set_vals[idx] == passcode_set_vals[idx] for idx in range(len(passcode_set_vals))))