Skip to content

Commit 876b0ce

Browse files
committed
server decides final cipher to be used
1 parent 1a03937 commit 876b0ce

File tree

5 files changed

+28
-12
lines changed

5 files changed

+28
-12
lines changed

hivemind_bus_client/client.py

Lines changed: 4 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
import json
22
import ssl
33
from threading import Event
4-
from typing import Union, Optional, Callable, Literal
4+
from typing import Union, Optional, Callable
55

66
import pybase64
77
from Cryptodome.PublicKey import RSA
@@ -102,13 +102,10 @@ def __init__(self, key: Optional[str] = None,
102102
binarize: bool = True,
103103
identity: NodeIdentity = None,
104104
internal_bus: Optional[OVOSBusClient] = None,
105-
bin_callbacks: BinaryDataCallbacks = BinaryDataCallbacks(),
106-
json_cipher: Literal[JsonCiphers] = JsonCiphers.JSON_HEX_AES_GCM_128, # TODO - default to b64 at some point
107-
bin_cipher: Literal[BinaryCiphers] = BinaryCiphers.BINARY_AES_GCM_128, # TODO - ChaCha20 if certain hardware detected
108-
):
105+
bin_callbacks: BinaryDataCallbacks = BinaryDataCallbacks()):
109106
self.bin_callbacks = bin_callbacks
110-
self.json_cipher = json_cipher
111-
self.bin_cipher = bin_cipher
107+
self.json_cipher = JsonCiphers.JSON_HEX_AES_GCM_128 # server defaults before it was made configurable
108+
self.bin_cipher = BinaryCiphers.BINARY_AES_GCM_128 # server defaults before it was made configurable
112109

113110
self.identity = identity or None
114111
self._password = password

hivemind_bus_client/encryption.py

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,9 +6,14 @@
66
import pybase64
77
from Cryptodome.Cipher import AES, ChaCha20_Poly1305
88

9+
from cpuinfo import get_cpu_info
910
from hivemind_bus_client.exceptions import EncryptionKeyError, DecryptionKeyError, InvalidCipher
1011

1112

13+
def cpu_supports_AES() -> bool:
14+
return "aes" in get_cpu_info()["flags"]
15+
16+
1217
class JsonCiphers(str, enum.Enum):
1318
"""
1419
Enum representing JSON-based encryption ciphers.

hivemind_bus_client/protocol.py

Lines changed: 15 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
import pybase64
22
from dataclasses import dataclass
3-
from typing import Optional
3+
from typing import Optional, Tuple
44

55
from ovos_bus_client import Message as MycroftMessage
66
from ovos_bus_client import MessageBusClient
@@ -9,7 +9,7 @@
99
from ovos_utils.log import LOG
1010

1111
from hivemind_bus_client.client import HiveMessageBusClient
12-
from hivemind_bus_client.encryption import JsonCiphers, BinaryCiphers
12+
from hivemind_bus_client.encryption import JsonCiphers, BinaryCiphers, cpu_supports_AES
1313
from hivemind_bus_client.identity import NodeIdentity
1414
from hivemind_bus_client.message import HiveMessage, HiveMessageType
1515
from poorman_handshake import HandShake, PasswordHandShake
@@ -119,6 +119,16 @@ def node_id(self):
119119
# this is how ovos-core bus refers to this slave's master
120120
return self.internal_protocol.node_id
121121

122+
@property
123+
def optimal_ciphers(self) -> Tuple[JsonCiphers, BinaryCiphers]:
124+
if not cpu_supports_AES():
125+
j = JsonCiphers.JSON_B64_CHACHA20_POLY1305
126+
b = BinaryCiphers.BINARY_CHACHA20_POLY1305
127+
else:
128+
j = JsonCiphers.JSON_B64_AES_GCM_128
129+
b = BinaryCiphers.BINARY_AES_GCM_128
130+
return j, b
131+
122132
# TODO - handshake handlers
123133
# hivemind events
124134
def handle_illegal_msg(self, message: HiveMessage):
@@ -184,6 +194,9 @@ def handle_handshake(self, message: HiveMessage):
184194
# master is performing the handshake
185195
if "envelope" in message.payload:
186196
envelope = message.payload["envelope"]
197+
self.hm.json_cipher = message.payload.get("json_cipher") or JsonCiphers.JSON_HEX_AES_GCM_128
198+
self.hm.bin_cipher = message.payload.get("binary_cipher") or BinaryCiphers.BINARY_AES_GCM_128
199+
LOG.debug(f"Cipher to use: {self.hm.json_cipher} + {self.hm.bin_cipher}")
187200
self.receive_handshake(envelope)
188201

189202
# master is requesting handshake start

hivemind_bus_client/scripts.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -198,8 +198,8 @@ def test_identity():
198198
node.close()
199199

200200

201-
@hmclient_cmds.command(help="recreate the PGP key for inter-node communication", name="reset-pgp")
202-
def reset_pgp_key():
201+
@hmclient_cmds.command(help="recreate the private RSA key for inter-node communication", name="reset-pgp")
202+
def reset_keys():
203203
identity = NodeIdentity()
204204
identity.create_keys()
205205
print("PUBKEY:", identity.public_key)

requirements.txt

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,4 +4,5 @@ ovos_utils>=0.0.38
44
bitstring>=4.1.1
55
cryptography>=41.0.1
66
pycryptodomex>=3.18.0
7-
pybase64
7+
pybase64
8+
py-cpuinfo

0 commit comments

Comments
 (0)