Update host_identity_.py code following the draft-ietf-drip-auth-17 DRIP...

Update host_identity_.py code following the draft-ietf-drip-auth-17 DRIP Authentication Formats structure.

Update host_identity_.py code following the draft-ietf-drip-auth-17 DRIP...
95026b45 · Abdullah Bin Zubair · 4802fd24 · 95026b45
Commit 95026b45 authored 2 years ago by Abdullah Bin Zubair
--- a/iroha-drip-general-master/bluetooth/host_identity_1.py
+++ b/iroha-drip-general-master/bluetooth/host_identity_1.py
@@ -69,46 +69,68 @@ class HostIdentity:
    if expiration <= astm_time():
      print("expiration timestamp has already expired.")
      return None
-
+    
    message = self._hhit + self._pub_key + "{:>08x}".format(convert_be_to_le(expiration))
    sign_key = SigningKey(unhexlify(self._priv_key))
    return hexlify(sign_key.sign(unhexlify(message)))

-  ## Function for DRIP_Wrapper 
+##############################
+  ## Function for DRIP_Wrapper
+##############################
  def generate_self_attestation_Wrapper(self,payload, expiration):
    if expiration <= astm_time():
      print("expiration timestamp has already expired.")
      return None
    #hash of SAM Type for Wrapper, which is 0x02
-    hash_SAM = cSHAKE128( '0x02', 1,"","")
+    DET = self._hhit
+    hash_SAM = cSHAKE128( '0x02'.encode('utf-8'), 1,"","") #  1 byte at the start as SAM type
+    DET_hash = cSHAKE128( DET.encode('utf-8'), 16,"","") # Draft auth17 requirement of 16 bytes of DET 
+    NBT_hash =  cSHAKE128( "{:>08x}".format(convert_be_to_le(int(astm_time()))).encode('utf-8'), 4,"","") #Not before timestamp 4bytes 
+    NAT_hash = cSHAKE128( "{:>08x}".format(convert_be_to_le(expiration)).encode('utf-8'), 4,"","") #Not after timestamp 4bytes 
+    message = hash_SAM + DET_hash + payload + NBT_hash  + NAT_hash

-    message = hash_SAM + self._hhit + payload + "{:>08x}".format(convert_be_to_le(astm_time()))  + "{:>08x}".format(convert_be_to_le(expiration))
    sign_key = SigningKey(unhexlify(self._priv_key))
    return hexlify(sign_key.sign(unhexlify(message)))

-  ## Function for DRIP_Manifests
+
+  #######################################################
+  ## Function for DRIP_Manifests according to auth17 draft
+  #######################################################
  def generate_self_attestation_Manifests(self, prev_hashed_loc, hashed_loc, expiration): #hashed_loc is hashes of location for now its single, but it can be upto 11(Each 8 byte) 
    if expiration <= astm_time():
      print("expiration timestamp has already expired.")
      return None
+    DET = self._hhit
    #hash of SAM Type for Manifests, which is 0x03
-    hash_SAM = cSHAKE128( '0x03', 1,"","")
-
-    message = hash_SAM + self._hhit + prev_hashed_loc + hashed_loc + "{:>08x}".format(convert_be_to_le(astm_time()))  + "{:>08x}".format(convert_be_to_le(expiration))
+    hash_SAM = cSHAKE128( '0x03'.encode('utf-8'), 1,"","")
+    DET_hash = cSHAKE128( DET.encode('utf-8'), 16,"","") # Draft auth17 requirement of 16 bytes of DET 
+    NBT_hash =  cSHAKE128( "{:>08x}".format(convert_be_to_le(int(astm_time()))).encode('utf-8'), 4,"","") #Not before timestamp 4bytes 
+    NAT_hash = cSHAKE128( "{:>08x}".format(convert_be_to_le(expiration)).encode('utf-8'), 4,"","") #Not after timestamp 4bytes 
+    message = hash_SAM + DET_hash + prev_hashed_loc + hashed_loc + NBT_hash  + NAT_hash
    sign_key = SigningKey(unhexlify(self._priv_key))
    return hexlify(sign_key.sign(unhexlify(message)))


-  def generate_attestation_Endorsement_Broadcast(self, Drone_hhit, Drone_hid, expiration):
+###################################################################
+## Function for DRIP_Endorsement_Broadcast according to auth17 draft
+###################################################################
+
+  def generate_attestation_Endorsement_Broadcast(self, Drone_DET, Drone_hid, expiration):
    if expiration <= astm_time():
      print("expiration timestamp has already expired.")
      return None
-
-    message = self._hhit + Drone_hhit + Drone_hid +"{:>08x}".format(convert_be_to_le(astm_time()))  + "{:>08x}".format(convert_be_to_le(expiration))
+    DET_DIME = self._hhit
+    DET_DIME_hash = cSHAKE128( DET_DIME.encode('utf-8'), 16,"","") # Draft auth17 requirement of 16 bytes of DET 
+    DET_DRONE_hash = cSHAKE128( Drone_DET.encode('utf-8'), 16,"","") # Draft auth17 requirement of 16 bytes of DET 
+    HID_DRONE_hash = cSHAKE128( Drone_hid.encode('utf-8'), 32,"","") # Draft auth17 requirement of 32 bytes of DET
+    NBT_hash =  cSHAKE128( "{:>08x}".format(convert_be_to_le(int(astm_time()))).encode('utf-8'), 4,"","") #Not before timestamp 4bytes 
+    NAT_hash = cSHAKE128( "{:>08x}".format(convert_be_to_le(expiration)).encode('utf-8'), 4,"","") #Not after timestamp 4bytes
+
+    message = DET_DIME_hash + DET_DRONE_hash + HID_DRONE_hash + NBT_hash + NAT_hash
    sign_key = SigningKey(unhexlify(self._priv_key))
    return sign_key.sign(unhexlify(message))

-
+  #This function was being used for draft auth01 version but no more being used
  def generate_certificate(self, other, expiration):
    signing_ts = astm_time()
    if expiration <= signing_ts: