Below is the file 'addrhash.py' from this revision. You can also download the file.

#!/usr/bin/env python2.4

from Crypto.Hash import SHA256, HMAC
from Crypto.Cipher import DES3
import sys
import config
import socket
import base64

class GaisdeException(Exception):
    pass

def get_cipher():
    sha = SHA256.new()
    sha.update(config.cipher_key)
    return DES3.new(sha.digest()[:16])

def our_pton(ip_string):
    try:
        return verification_value() + socket.inet_pton(socket.AF_INET, ip_string)
    except socket.error:
        pass

def our_ntop(encoded):
    return socket.inet_ntop(socket.AF_INET, encoded)

def mac_value(val):
    m = HMAC.new(config.mac_key)
    m.update(val)
    return m.digest()[:4]

def wrap_with_hmac(val):
    return mac_value(val) + val

def strip_hmac_and_verify(val):
    their_mac, val = val[:4], val[4:]
    if their_mac != mac_value(val):
        raise GaisdeException("hmac")
    return val

def encode(ip_string):
    enc = wrap_with_hmac(socket.inet_pton(socket.AF_INET, ip_string))
    enc = get_cipher().encrypt(enc)
    print base64.b32encode(enc)
    return base64.b32encode(enc).lower().rstrip('\n').rstrip('=')

def decode(email_address):
    try:
        bytes = base64.b32decode(email_address.upper() + '===')
    except:
        raise GaisdeException("base64")
    if len(bytes) != 8:
        raise GaisdeException("length")
    decoded = get_cipher().decrypt(bytes)
    decoded = strip_hmac_and_verify(decoded)
    return our_ntop(decoded)

if __name__ == '__main__':
    ops = {'dec' : decode, 'enc' : encode}
    if len(sys.argv) != 3 or not ops.has_key(sys.argv[1]):
        print >>sys.stderr, """\
Usage: %s <enc> <ip_address>
       %s <dec> <email_address>""" % (sys.argv[0], sys.argv[0])
        sys.exit(1)
    print ops[sys.argv[1]](sys.argv[2])