Replaces KDF

Uses H(txid) for locator and H(txid|txid) for master_key now

pisa-btc/apps/blob.py

@@ -1,9 +1,7 @@
 from binascii import hexlify, unhexlify
+from hashlib import sha256
 from cryptography.hazmat.primitives.ciphers.aead import AESGCM
-from cryptography.hazmat.primitives.kdf.hkdf import HKDF
+from conf import SUPPORTED_HASH_FUNCTIONS, SUPPORTED_CIPHERS
-from cryptography.hazmat.primitives import hashes
-from cryptography.hazmat.backends import default_backend
-from conf import SALT, SUPPORTED_HASH_FUNCTIONS, SUPPORTED_CIPHERS
 
 
 class Blob:
@@ -31,19 +29,12 @@ class Blob:
         # Extend the key using HKDF
         tx_id = unhexlify(tx_id)
 
-        hkdf = HKDF(
+        # master_key = H(tx_id | tx_id)
-            algorithm=hashes.SHA256(),
+        master_key = sha256(tx_id + tx_id).digest()
-            length=32,
-            salt=SALT.encode(),
-            info=None,
-            backend=default_backend()
-        )
 
-        extended_key = hkdf.derive(tx_id[16:])
+        # The 16 MSB of the master key will serve as the AES GCM 128 secret key. The 16 LSB will serve as the IV.
-
+        sk = master_key[:16]
-        # The 16 MSB of the extended key will serve as the AES GCM 128 secret key. The 16 LSB will serve as the IV.
+        nonce = master_key[16:]
-        sk = extended_key[:16]
-        nonce = extended_key[16:]
 
         # Encrypt the data
         aesgcm = AESGCM(sk)
@@ -52,7 +43,7 @@ class Blob:
 
         if debug:
             logging.info("[Client] creating new blob")
-            logging.info("[Client] master key: {}".format(hexlify(tx_id[16:]).decode()))
+            logging.info("[Client] master key: {}".format(hexlify(master_key).decode()))
             logging.info("[Client] sk: {}".format(hexlify(sk).decode()))
             logging.info("[Client] nonce: {}".format(hexlify(nonce).decode()))
             logging.info("[Client] encrypted_blob: {}".format(encrypted_blob))

pisa-btc/pisa/encrypted_blob.py

@@ -1,9 +1,6 @@
 from binascii import unhexlify, hexlify
+from hashlib import sha256
 from cryptography.hazmat.primitives.ciphers.aead import AESGCM
-from cryptography.hazmat.primitives.kdf.hkdf import HKDF
-from cryptography.hazmat.primitives import hashes
-from cryptography.hazmat.backends import default_backend
-from conf import SALT
 
 
 class EncryptedBlob:
@@ -11,24 +8,16 @@ class EncryptedBlob:
         self.data = data
 
     def decrypt(self, key, debug, logging):
-        # Extend the key using HKDF
+        # master_key = H(tx_id | tx_id)
-        hkdf = HKDF(
+        master_key = sha256(key + key).digest()
-            algorithm=hashes.SHA256(),
-            length=32,
-            salt=SALT.encode(),
-            info=None,
-            backend=default_backend()
-        )
 
-        extended_key = hkdf.derive(key)
+        # The 16 MSB of the master key will serve as the AES GCM 128 secret key. The 16 LSB will serve as the IV.
-
+        sk = master_key[:16]
-        # The 16 MSB of the extended key will serve as the AES GCM 128 secret key. The 16 LSB will serve as the IV.
+        nonce = master_key[16:]
-        sk = extended_key[:16]
-        nonce = extended_key[16:]
 
         if debug:
             logging.info("[Watcher] creating new blob")
-            logging.info("[Watcher] master key: {}".format(hexlify(key).decode()))
+            logging.info("[Watcher] master key: {}".format(hexlify(master_key).decode()))
             logging.info("[Watcher] sk: {}".format(hexlify(sk).decode()))
             logging.info("[Watcher] nonce: {}".format(hexlify(nonce).decode()))
             logging.info("[Watcher] encrypted_blob: {}".format(self.data))