redshiftzero redshiftzero

## migration.py
import re
import sys

GENERATORS = {
    0x01ae3a4617c510eac63b05c06ca1493b1a22d9f300f5138f1ef3622fba094800170b5d44300000008508c00000000001: 15,
    0x12ab655e9a2ca55660b44d1e5c37b00159aa76fed00000010a11800000000001: 22,
    0x4aad957a68b2955982d1347970dec005293a3afc43c8afeb95aee9ac33fd9ff: 5
}


## pyo3tricks.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                redshiftzero
                / pyo3tricks.md
            
            
              Created
              December 7, 2020 21:01
            
              
                alternative constructor for child class in pyo3
              
          
    impl PreKeySignalMessage {
    #[staticmethod]
    pub fn try_from(data: &[u8]) -> PyResult<Py<PreKeySignalMessage>> {
        let upstream_data = match libsignal_protocol_rust::PreKeySignalMessage::try_from(data) {
            Ok(data) => data,
            Err(err) => return Err(SignalProtocolError::new_err(err)),
        };
        let ciphertext =
 libsignal_protocol_rust::CiphertextMessage::PreKeySignalMessage(upstream_data.clone());

  
## test.jwk
{"kty": "RSA", "n": "2BJmU8JIP2ZomBx4-fpjE4fSx4_RanotivLQ49F61oZ27ZxmRHQKiqZJXPYGZM7RuYPoq4rm30RvqHJ341PMRisEb7U8TBSTziJwkxK1QInp_uFDLHuerQb3RbJrWtngBfljmH1j7I-pX2u1o4kZz8Kgr9z8XBHq0OLicUALTNZiyRV2ZbkpUpjm5YRfB7L34EkEohxTnoEMhIZlKyR6hTyZHN5loPXD0Cx19r24B7_Hsy3R3L-tGWh4E-tB5kKFRwBeuyZZ-IaydUbYyETKLUUkr128UWbUzBmgcgoqU5WOfMdlytI4iC20zCL7PAxNb55yXzVmv0diF6R9onJW2AV1sFdDefQmprpyBwm85X2x896Y1PP2xME6FEHht28tSsQeL8o9DxfkM_QiBriIfWsBg1witNVrOlDcF0SFvgs6Pgr5WvZR5IQJdOdfWryACxj3NsBY2sDLs3q4WnBQm7m_7AI6ypbzO7FKRR-z9pZhlpQ2xzLV3Zux722ILz7EgRCzYnzZu6S7YNNhnutGze-QiajiGeBsIf1KZ9a1iVTNwfm-RmttJO-4C_i8ABiCXztFryN2JwYewhAVQ9XVFzK4u1Nzw7gB3fiCFGi-DJGTrltp_Zv-ILcjWeJBaaiMCBVcjA47yyn2a6QG6boytvVHrg2d4Ibkk1nudY_ID9U", "e": "AQAB"}

## README.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                redshiftzero
                / README.md
            
            
              Created
              November 12, 2020 18:45
            
              
                links to securedrop bot related things
              
          
    Backport bot


once upon a time I starting writing a bot for backporting PRs: https://github.com/redshiftzero/backportbot
I never got around to deploying this so would just run it locally
ideal behavior of the backport bot can be seen here in a test repo: securedrop-bot/securedrop-test#9

The "Annoy contributors" bot


even longer ago i wrote a bot (while learning golang with a friend) for automating pinging contributors which the code for is here: https://github.com/securedrop-bot/securedrop-bot
this one was deployed using a GKE k8s cluster unnecessarily, also as a learning exercise


## pgp_to_jwk.py
from authlib.common.encoding import int_to_base64
import json
import pgpy


# Input is PGP armored pubkey
key, _ = pgpy.PGPKey.from_file('key.asc')
n = int(key._key.keymaterial.n)
e = int(key._key.keymaterial.e)

## sdlog.dot
digraph g {
  "sd-proxy-buster-template" -> "sd-log" [label="securedrop.Log" color=red];
  "sd-devices" -> "sd-log" [label="securedrop.Log" color=red];
  "sd-devices-dvm" -> "sd-log" [label="securedrop.Log" color=red];
  "sd-whonix" -> "sd-log" [label="securedrop.Log" color=red];
  "sd-gpg" -> "sd-log" [label="securedrop.Log" color=red];
  "sd-proxy" -> "sd-log" [label="securedrop.Log" color=red];
  "sd-devices-buster-template" -> "sd-log" [label="securedrop.Log" color=red];
  "sd-app-buster-template" -> "sd-log" [label="securedrop.Log" color=red];
  "securedrop-workstation-buster" -> "sd-log" [label="securedrop.Log" color=red];

## entropy.py
#!/opt/venvs/securedrop-app-code/bin/python
import pretty_bad_protocol as gnupg
import scrypt
import threading
import time
from base64 import b32encode

KEY_LEN = 4096
SCRYPT_PARAMS = dict(N=2**14, r=8, p=1)

## sd.py
#!/usr/bin/env python3
from pytm.pytm import Actor, Boundary, Dataflow, Datastore, Element, ExternalEntity, Process, TM, Server

tm = TM("SecureDrop")
tm.description = "SecureDrop core threat model"

# Trust boundaries
source_area = Boundary("Source Area")
securedrop_area = Boundary("SecureDrop Area")
external_services = Boundary("External Services")

## prod-specific.txt
redshiftzero  nimloth  ../securedrop-prod-specific-test $  git init
Initialized empty Git repository in /Users/redshiftzero/Documents/Github/securedrop-prod-specific-test/.git/

 redshiftzero  nimloth  ../securedrop-prod-specific-test $  ls

 redshiftzero  nimloth  ../securedrop-prod-specific-test $  vi prod-specific.yml  # Add prod-specific.yml from 0.3.12

 redshiftzero  nimloth  ../securedrop-prod-specific-test $  git add prod-specific.yml

 redshiftzero  nimloth  ../securedrop-prod-specific-test $  git commit

## TEST_SD_API.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                redshiftzero
                / TEST_SD_API.md
            
            
              Last active
              December 6, 2018 00:12
            
              
                example of testing SD API
              
          
    For 0.11 release changes
Get an API token

$ curl -X POST -H "Content-Type: application/json" --data '{"username":"myusername","passphrase":"mypassword","one_time_code":"123456"}' --proxy socks5h://127.0.0.1:9150 myonionaddress.onion/api/v1/token

The response body will contain a token.
	import re
	import sys

	GENERATORS = {
	0x01ae3a4617c510eac63b05c06ca1493b1a22d9f300f5138f1ef3622fba094800170b5d44300000008508c00000000001: 15,
	0x12ab655e9a2ca55660b44d1e5c37b00159aa76fed00000010a11800000000001: 22,
	0x4aad957a68b2955982d1347970dec005293a3afc43c8afeb95aee9ac33fd9ff: 5
	}
	from authlib.common.encoding import int_to_base64
	import json
	import pgpy


	# Input is PGP armored pubkey
	key, _ = pgpy.PGPKey.from_file('key.asc')
	n = int(key._key.keymaterial.n)
	e = int(key._key.keymaterial.e)
	digraph g {
	"sd-proxy-buster-template" -> "sd-log" [label="securedrop.Log" color=red];
	"sd-devices" -> "sd-log" [label="securedrop.Log" color=red];
	"sd-devices-dvm" -> "sd-log" [label="securedrop.Log" color=red];
	"sd-whonix" -> "sd-log" [label="securedrop.Log" color=red];
	"sd-gpg" -> "sd-log" [label="securedrop.Log" color=red];
	"sd-proxy" -> "sd-log" [label="securedrop.Log" color=red];
	"sd-devices-buster-template" -> "sd-log" [label="securedrop.Log" color=red];
	"sd-app-buster-template" -> "sd-log" [label="securedrop.Log" color=red];
	"securedrop-workstation-buster" -> "sd-log" [label="securedrop.Log" color=red];
	#!/opt/venvs/securedrop-app-code/bin/python
	import pretty_bad_protocol as gnupg
	import scrypt
	import threading
	import time
	from base64 import b32encode

	KEY_LEN = 4096
	SCRYPT_PARAMS = dict(N=2**14, r=8, p=1)
	#!/usr/bin/env python3
	from pytm.pytm import Actor, Boundary, Dataflow, Datastore, Element, ExternalEntity, Process, TM, Server

	tm = TM("SecureDrop")
	tm.description = "SecureDrop core threat model"

	# Trust boundaries
	source_area = Boundary("Source Area")
	securedrop_area = Boundary("SecureDrop Area")
	external_services = Boundary("External Services")
	redshiftzero nimloth ../securedrop-prod-specific-test $ git init
	Initialized empty Git repository in /Users/redshiftzero/Documents/Github/securedrop-prod-specific-test/.git/

	redshiftzero nimloth ../securedrop-prod-specific-test $ ls

	redshiftzero nimloth ../securedrop-prod-specific-test $ vi prod-specific.yml # Add prod-specific.yml from 0.3.12

	redshiftzero nimloth ../securedrop-prod-specific-test $ git add prod-specific.yml

	redshiftzero nimloth ../securedrop-prod-specific-test $ git commit