Onionr/onionr/onionrcrypto/__init__.py

'''
    Onionr - Private P2P Communication

    This file handles Onionr's cryptography.
'''
'''
    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <https://www.gnu.org/licenses/>.
'''
import os, binascii, base64, hashlib, time, sys, hmac, secrets
import nacl.signing, nacl.encoding, nacl.public, nacl.hash, nacl.pwhash, nacl.utils, nacl.secret
import unpaddedbase32
import logger, onionrproofs
from onionrutils import stringvalidators, epoch, bytesconverter
import filepaths
import onionrexceptions, keymanager, onionrutils
import config
from . import generate, hashers
config.reload()

class OnionrCrypto:
    def __init__(self):
        self._keyFile = filepaths.keys_file
        self.pubKey = None
        self.privKey = None
        self.secrets = secrets
        self.deterministicRequirement = 25 # Min deterministic password/phrase length
        self.HASH_ID_ROUNDS = 2000
        self.keyManager = keymanager.KeyManager()

        # Load our own pub/priv Ed25519 keys, gen & save them if they don't exist
        if os.path.exists(self._keyFile):
            if len(config.get('general.public_key', '')) > 0:
                self.pubKey = config.get('general.public_key')
            else:
                self.pubKey = self.keyManager.getPubkeyList()[0]
            self.privKey = self.keyManager.getPrivkey(self.pubKey)
        else:
            keys = self.generatePubKey()
            self.pubKey = keys[0]
            self.privKey = keys[1]
            self.keyManager.addKey(self.pubKey, self.privKey)
        return


    def pubKeyEncrypt(self, data, pubkey, encodedData=False):
        '''Encrypt to a public key (Curve25519, taken from base32 Ed25519 pubkey)'''
        pubkey = unpaddedbase32.repad(bytesconverter.str_to_bytes(pubkey))
        retVal = ''
        box = None
        data = bytesconverter.str_to_bytes(data)
        
        pubkey = nacl.signing.VerifyKey(pubkey, encoder=nacl.encoding.Base32Encoder()).to_curve25519_public_key()

        if encodedData:
            encoding = nacl.encoding.Base64Encoder
        else:
            encoding = nacl.encoding.RawEncoder
        
        box = nacl.public.SealedBox(pubkey)
        retVal = box.encrypt(data, encoder=encoding)

        return retVal

    def symmetricEncrypt(self, data, key, encodedKey=False, returnEncoded=True):
        '''Encrypt data with a 32-byte key (Salsa20-Poly1305 MAC)'''
        if encodedKey:
            encoding = nacl.encoding.Base64Encoder
        else:
            encoding = nacl.encoding.RawEncoder

        # Make sure data is bytes
        if type(data) != bytes:
            data = data.encode()

        box = nacl.secret.SecretBox(key, encoder=encoding)

        if returnEncoded:
            encoding = nacl.encoding.Base64Encoder
        else:
            encoding = nacl.encoding.RawEncoder

        encrypted = box.encrypt(data, encoder=encoding)
        return encrypted

    def symmetricDecrypt(self, data, key, encodedKey=False, encodedMessage=False, returnEncoded=False):
        '''Decrypt data to a 32-byte key (Salsa20-Poly1305 MAC)'''
        if encodedKey:
            encoding = nacl.encoding.Base64Encoder
        else:
            encoding = nacl.encoding.RawEncoder
        box = nacl.secret.SecretBox(key, encoder=encoding)

        if encodedMessage:
            encoding = nacl.encoding.Base64Encoder
        else:
            encoding = nacl.encoding.RawEncoder
        decrypted = box.decrypt(data, encoder=encoding)
        if returnEncoded:
            decrypted = base64.b64encode(decrypted)
        return decrypted

    def generateSymmetric(self):
        '''Generate a symmetric key (bytes) and return it'''
        return binascii.hexlify(nacl.utils.random(nacl.secret.SecretBox.KEY_SIZE))

    def generatePubKey(self):
        '''Generate a Ed25519 public key pair, return tuple of base32encoded pubkey, privkey'''
        return generate.generate_pub_key()

    def generateDeterministic(self, passphrase, bypassCheck=False):
        '''Generate a Ed25519 public key pair from a password'''
        passStrength = self.deterministicRequirement
        passphrase = bytesconverter.str_to_bytes(passphrase) # Convert to bytes if not already
        # Validate passphrase length
        if not bypassCheck:
            if len(passphrase) < passStrength:
                raise onionrexceptions.PasswordStrengthError("Passphase must be at least %s characters" % (passStrength,))
        # KDF values
        kdf = nacl.pwhash.argon2id.kdf
        salt = b"U81Q7llrQcdTP0Ux" # Does not need to be unique or secret, but must be 16 bytes
        ops = nacl.pwhash.argon2id.OPSLIMIT_SENSITIVE
        mem = nacl.pwhash.argon2id.MEMLIMIT_SENSITIVE

        key = kdf(32, passphrase, salt, opslimit=ops, memlimit=mem) # Generate seed for ed25519 key
        key = nacl.signing.SigningKey(key)
        return (key.verify_key.encode(nacl.encoding.Base32Encoder).decode(), key.encode(nacl.encoding.Base32Encoder).decode())

    def pubKeyHashID(self, pubkey=''):
        '''Accept a ed25519 public key, return a truncated result of X many sha3_256 hash rounds'''
        if pubkey == '':
            pubkey = self.pubKey
        prev = ''
        pubkey = bytesconverter.str_to_bytes(pubkey)
        for i in range(self.HASH_ID_ROUNDS):
            try:
                prev = prev.encode()
            except AttributeError:
                pass
            hasher = hashlib.sha3_256()
            hasher.update(pubkey + prev)
            prev = hasher.hexdigest()
        result = prev
        return result

    def sha3Hash(self, data):
        return hashers.sha3_hash(data)

    def blake2bHash(self, data):
        return hashers.blake2b_hash(data)

    def verifyPow(self, blockContent):
        '''
            Verifies the proof of work associated with a block
        '''
        retData = False

        dataLen = len(blockContent)

        try:
            blockContent = blockContent.encode()
        except AttributeError:
            pass

        blockHash = self.sha3Hash(blockContent)
        try:
            blockHash = blockHash.decode() # bytes on some versions for some reason
        except AttributeError:
            pass
        
        difficulty = onionrproofs.getDifficultyForNewBlock(blockContent, ourBlock=False)
        
        if difficulty < int(config.get('general.minimum_block_pow')):
            difficulty = int(config.get('general.minimum_block_pow'))
        mainHash = '0000000000000000000000000000000000000000000000000000000000000000'#nacl.hash.blake2b(nacl.utils.random()).decode()
        puzzle = mainHash[:difficulty]

        if blockHash[:difficulty] == puzzle:
            # logger.debug('Validated block pow')
            retData = True
        else:
            logger.debug("Invalid token, bad proof")

        return retData
started work on data encryption 2018-02-01 22:45:15 +00:00			`'''`
* Progress in adjust tagline in files, license boilerplate fixes * Import adjustments 2019-06-12 00:05:15 +00:00			`Onionr - Private P2P Communication`
started work on data encryption 2018-02-01 22:45:15 +00:00
			`This file handles Onionr's cryptography.`
			`'''`
			`'''`
			`This program is free software: you can redistribute it and/or modify`
			`it under the terms of the GNU General Public License as published by`
			`the Free Software Foundation, either version 3 of the License, or`
			`(at your option) any later version.`

			`This program is distributed in the hope that it will be useful,`
			`but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`GNU General Public License for more details.`

			`You should have received a copy of the GNU General Public License`
			`along with this program. If not, see <https://www.gnu.org/licenses/>.`
			`'''`
- removed onionrdaemontools (split into many files, mostly into communicatorutils) - removed included secrets.py since 3.6 is required now anyways 2019-06-13 06:58:17 +00:00			`import os, binascii, base64, hashlib, time, sys, hmac, secrets`
* send introduce command instead of using duplicated logic * remove unnecessary imports * improve if self-address peer comparison to avoid some config reads 2019-06-11 06:08:44 +00:00			`import nacl.signing, nacl.encoding, nacl.public, nacl.hash, nacl.pwhash, nacl.utils, nacl.secret`
* bumped nacl and unpaddedbase32 verison * added/improved support for unpaddedbase32 keys * greatly improved home UI and mail * deniable blocks shouldnt use forward secrecy anymore * dont add yourself as a contact 2019-06-19 06:57:13 +00:00			`import unpaddedbase32`
* send introduce command instead of using duplicated logic * remove unnecessary imports * improve if self-address peer comparison to avoid some config reads 2019-06-11 06:08:44 +00:00			`import logger, onionrproofs`
OnionrUtils fully removed (but not fully bug free) flow now uses daemon thread for displaying output 2019-06-25 23:07:35 +00:00			`from onionrutils import stringvalidators, epoch, bytesconverter`
progress in removing core 2019-07-19 04:59:44 +00:00			`import filepaths`
			`import onionrexceptions, keymanager, onionrutils`
Merge Tempblocks 2018-11-11 02:10:58 +00:00			`import config`
progress in removing core 2019-07-19 19:49:56 +00:00			`from . import generate, hashers`
reduced config reloads by a lot 2019-06-16 06:06:32 +00:00			`config.reload()`
started work on data encryption 2018-02-01 22:45:15 +00:00
			`class OnionrCrypto:`
progress in removing core 2019-07-19 04:59:44 +00:00			`def __init__(self):`
			`self._keyFile = filepaths.keys_file`
fixed message spam, rewrote draft, work on crypto 2018-02-21 02:44:56 +00:00			`self.pubKey = None`
			`self.privKey = None`
work on getting new blocks in communicator2 2018-06-15 05:45:07 +00:00			`self.secrets = secrets`
Merge wot 2018-12-09 17:29:39 +00:00			`self.deterministicRequirement = 25 # Min deterministic password/phrase length`
work on new block metadata format and some small bug fixes 2018-04-25 04:04:12 +00:00			`self.HASH_ID_ROUNDS = 2000`
progress in removing core 2019-07-20 00:01:16 +00:00			`self.keyManager = keymanager.KeyManager()`
fixed message spam, rewrote draft, work on crypto 2018-02-21 02:44:56 +00:00
			`# Load our own pub/priv Ed25519 keys, gen & save them if they don't exist`
			`if os.path.exists(self._keyFile):`
progress in removing core 2019-07-19 04:59:44 +00:00			`if len(config.get('general.public_key', '')) > 0:`
			`self.pubKey = config.get('general.public_key')`
Merge wot 2018-12-09 17:29:39 +00:00			`else:`
			`self.pubKey = self.keyManager.getPubkeyList()[0]`
			`self.privKey = self.keyManager.getPrivkey(self.pubKey)`
fixed message spam, rewrote draft, work on crypto 2018-02-21 02:44:56 +00:00			`else:`
			`keys = self.generatePubKey()`
			`self.pubKey = keys[0]`
			`self.privKey = keys[1]`
Merge wot 2018-12-09 17:29:39 +00:00			`self.keyManager.addKey(self.pubKey, self.privKey)`
fixed message spam, rewrote draft, work on crypto 2018-02-21 02:44:56 +00:00			`return`

added functions to verify and sign with ed25519 2018-03-01 19:59:07 +00:00
removed non-anonymous pubkey encryption, fixes, more tests 2019-02-16 04:08:03 +00:00			`def pubKeyEncrypt(self, data, pubkey, encodedData=False):`
finished pub encrypt function 2018-03-16 20:38:33 +00:00			`'''Encrypt to a public key (Curve25519, taken from base32 Ed25519 pubkey)'''`
OnionrUtils fully removed (but not fully bug free) flow now uses daemon thread for displaying output 2019-06-25 23:07:35 +00:00			`pubkey = unpaddedbase32.repad(bytesconverter.str_to_bytes(pubkey))`
finished pub encrypt function 2018-03-16 20:38:33 +00:00			`retVal = ''`
removed non-anonymous pubkey encryption, fixes, more tests 2019-02-16 04:08:03 +00:00			`box = None`
OnionrUtils fully removed (but not fully bug free) flow now uses daemon thread for displaying output 2019-06-25 23:07:35 +00:00			`data = bytesconverter.str_to_bytes(data)`
removed non-anonymous pubkey encryption, fixes, more tests 2019-02-16 04:08:03 +00:00
			`pubkey = nacl.signing.VerifyKey(pubkey, encoder=nacl.encoding.Base32Encoder()).to_curve25519_public_key()`
reworking PM system before migration to plugin and updating blockapi to encryption format 2018-07-13 21:02:41 +00:00
lot of work on OnionrCrypto updated logo fixed broken peerinfo functions in core removed gnupg from travis installation 2018-04-02 00:33:09 +00:00			`if encodedData:`
			`encoding = nacl.encoding.Base64Encoder`
			`else:`
			`encoding = nacl.encoding.RawEncoder`
removed non-anonymous pubkey encryption, fixes, more tests 2019-02-16 04:08:03 +00:00
			`box = nacl.public.SealedBox(pubkey)`
			`retVal = box.encrypt(data, encoder=encoding)`
lot of work on OnionrCrypto updated logo fixed broken peerinfo functions in core removed gnupg from travis installation 2018-04-02 00:33:09 +00:00
finished pub encrypt function 2018-03-16 20:38:33 +00:00			`return retVal`
fixed message spam, rewrote draft, work on crypto 2018-02-21 02:44:56 +00:00
lot of work on OnionrCrypto updated logo fixed broken peerinfo functions in core removed gnupg from travis installation 2018-04-02 00:33:09 +00:00			`def symmetricEncrypt(self, data, key, encodedKey=False, returnEncoded=True):`
* bumped nacl and unpaddedbase32 verison * added/improved support for unpaddedbase32 keys * greatly improved home UI and mail * deniable blocks shouldnt use forward secrecy anymore * dont add yourself as a contact 2019-06-19 06:57:13 +00:00			`'''Encrypt data with a 32-byte key (Salsa20-Poly1305 MAC)'''`
lot of work on OnionrCrypto updated logo fixed broken peerinfo functions in core removed gnupg from travis installation 2018-04-02 00:33:09 +00:00			`if encodedKey:`
			`encoding = nacl.encoding.Base64Encoder`
			`else:`
			`encoding = nacl.encoding.RawEncoder`

			`# Make sure data is bytes`
			`if type(data) != bytes:`
			`data = data.encode()`

			`box = nacl.secret.SecretBox(key, encoder=encoding)`

			`if returnEncoded:`
			`encoding = nacl.encoding.Base64Encoder`
			`else:`
			`encoding = nacl.encoding.RawEncoder`

			`encrypted = box.encrypt(data, encoder=encoding)`
			`return encrypted`

			`def symmetricDecrypt(self, data, key, encodedKey=False, encodedMessage=False, returnEncoded=False):`
			`'''Decrypt data to a 32-byte key (Salsa20-Poly1305 MAC)'''`
			`if encodedKey:`
			`encoding = nacl.encoding.Base64Encoder`
			`else:`
			`encoding = nacl.encoding.RawEncoder`
			`box = nacl.secret.SecretBox(key, encoder=encoding)`

			`if encodedMessage:`
			`encoding = nacl.encoding.Base64Encoder`
			`else:`
			`encoding = nacl.encoding.RawEncoder`
			`decrypted = box.decrypt(data, encoder=encoding)`
			`if returnEncoded:`
			`decrypted = base64.b64encode(decrypted)`
			`return decrypted`
Various improvements - Adds a lot more to the pluginmanager - Refactors code - Relocates functions 2018-05-13 03:45:32 +00:00
lot of work on OnionrCrypto updated logo fixed broken peerinfo functions in core removed gnupg from travis installation 2018-04-02 00:33:09 +00:00			`def generateSymmetric(self):`
			`'''Generate a symmetric key (bytes) and return it'''`
			`return binascii.hexlify(nacl.utils.random(nacl.secret.SecretBox.KEY_SIZE))`

fixed message spam, rewrote draft, work on crypto 2018-02-21 02:44:56 +00:00			`def generatePubKey(self):`
hopefully working again, hopefully less block validation issues 2018-04-23 02:58:24 +00:00			`'''Generate a Ed25519 public key pair, return tuple of base32encoded pubkey, privkey'''`
progress in removing core 2019-07-19 19:49:56 +00:00			`return generate.generate_pub_key()`
Block time handling improvements 2018-12-16 05:36:47 +00:00
Merge wot 2018-12-09 17:29:39 +00:00			`def generateDeterministic(self, passphrase, bypassCheck=False):`
			`'''Generate a Ed25519 public key pair from a password'''`
			`passStrength = self.deterministicRequirement`
OnionrUtils fully removed (but not fully bug free) flow now uses daemon thread for displaying output 2019-06-25 23:07:35 +00:00			`passphrase = bytesconverter.str_to_bytes(passphrase) # Convert to bytes if not already`
Merge wot 2018-12-09 17:29:39 +00:00			`# Validate passphrase length`
			`if not bypassCheck:`
			`if len(passphrase) < passStrength:`
			`raise onionrexceptions.PasswordStrengthError("Passphase must be at least %s characters" % (passStrength,))`
			`# KDF values`
			`kdf = nacl.pwhash.argon2id.kdf`
			`salt = b"U81Q7llrQcdTP0Ux" # Does not need to be unique or secret, but must be 16 bytes`
			`ops = nacl.pwhash.argon2id.OPSLIMIT_SENSITIVE`
			`mem = nacl.pwhash.argon2id.MEMLIMIT_SENSITIVE`
Block time handling improvements 2018-12-16 05:36:47 +00:00
fixed broken deterministic addresses made it so we do not use forward secrecy when sending to self 2019-01-20 05:39:25 +00:00			`key = kdf(32, passphrase, salt, opslimit=ops, memlimit=mem) # Generate seed for ed25519 key`
			`key = nacl.signing.SigningKey(key)`
			`return (key.verify_key.encode(nacl.encoding.Base32Encoder).decode(), key.encode(nacl.encoding.Base32Encoder).decode())`
Various improvements - Adds a lot more to the pluginmanager - Refactors code - Relocates functions 2018-05-13 03:45:32 +00:00
fixed self issue 2018-04-25 06:56:40 +00:00			`def pubKeyHashID(self, pubkey=''):`
work on new block metadata format and some small bug fixes 2018-04-25 04:04:12 +00:00			`'''Accept a ed25519 public key, return a truncated result of X many sha3_256 hash rounds'''`
fixed self issue 2018-04-25 06:56:40 +00:00			`if pubkey == '':`
			`pubkey = self.pubKey`
work on new block metadata format and some small bug fixes 2018-04-25 04:04:12 +00:00			`prev = ''`
OnionrUtils fully removed (but not fully bug free) flow now uses daemon thread for displaying output 2019-06-25 23:07:35 +00:00			`pubkey = bytesconverter.str_to_bytes(pubkey)`
work on new block metadata format and some small bug fixes 2018-04-25 04:04:12 +00:00			`for i in range(self.HASH_ID_ROUNDS):`
do not encode prev if its already bytes 2018-04-26 20:39:02 +00:00			`try:`
			`prev = prev.encode()`
			`except AttributeError:`
			`pass`
work on new block metadata format and some small bug fixes 2018-04-25 04:04:12 +00:00			`hasher = hashlib.sha3_256()`
do not encode prev if its already bytes 2018-04-26 20:39:02 +00:00			`hasher.update(pubkey + prev)`
work on new block metadata format and some small bug fixes 2018-04-25 04:04:12 +00:00			`prev = hasher.hexdigest()`
			`result = prev`
work on proof of work 2018-05-05 21:50:15 +00:00			`return result`

			`def sha3Hash(self, data):`
progress in removing core 2019-07-19 19:49:56 +00:00			`return hashers.sha3_hash(data)`
Various improvements - Adds a lot more to the pluginmanager - Refactors code - Relocates functions 2018-05-13 03:45:32 +00:00
work on proof of work 2018-05-05 21:50:15 +00:00			`def blake2bHash(self, data):`
progress in removing core 2019-07-19 19:49:56 +00:00			`return hashers.blake2b_hash(data)`
Various improvements - Adds a lot more to the pluginmanager - Refactors code - Relocates functions 2018-05-13 03:45:32 +00:00
* Pretty much done with new POW format 2018-07-08 07:51:23 +00:00			`def verifyPow(self, blockContent):`
Various improvements - Adds a lot more to the pluginmanager - Refactors code - Relocates functions 2018-05-13 03:45:32 +00:00			`'''`
			`Verifies the proof of work associated with a block`
			`'''`
			`retData = False`

			`dataLen = len(blockContent)`

			`try:`
* Pretty much done with new POW format 2018-07-08 07:51:23 +00:00			`blockContent = blockContent.encode()`
Various improvements - Adds a lot more to the pluginmanager - Refactors code - Relocates functions 2018-05-13 03:45:32 +00:00			`except AttributeError:`
			`pass`

* Pretty much done with new POW format 2018-07-08 07:51:23 +00:00			`blockHash = self.sha3Hash(blockContent)`
more bytes issues 2018-07-10 07:20:32 +00:00			`try:`
			`blockHash = blockHash.decode() # bytes on some versions for some reason`
			`except AttributeError:`
			`pass`
started a simple board plugin 2018-12-26 06:14:05 +00:00
progress in removing core 2019-07-19 04:59:44 +00:00			`difficulty = onionrproofs.getDifficultyForNewBlock(blockContent, ourBlock=False)`
added dynamic proof of work 2018-12-24 06:12:46 +00:00
progress in removing core 2019-07-19 04:59:44 +00:00			`if difficulty < int(config.get('general.minimum_block_pow')):`
			`difficulty = int(config.get('general.minimum_block_pow'))`
+ added secrets.py * work on communicator2, syncing blocks * modify insertblock to use new pow metadata (may need more work for new spec) 2018-06-16 20:54:56 +00:00			`mainHash = '0000000000000000000000000000000000000000000000000000000000000000'#nacl.hash.blake2b(nacl.utils.random()).decode()`
			`puzzle = mainHash[:difficulty]`

* Pretty much done with new POW format 2018-07-08 07:51:23 +00:00			`if blockHash[:difficulty] == puzzle:`
+ added secrets.py * work on communicator2, syncing blocks * modify insertblock to use new pow metadata (may need more work for new spec) 2018-06-16 20:54:56 +00:00			`# logger.debug('Validated block pow')`
			`retData = True`
Various improvements - Adds a lot more to the pluginmanager - Refactors code - Relocates functions 2018-05-13 03:45:32 +00:00			`else:`
+ added secrets.py * work on communicator2, syncing blocks * modify insertblock to use new pow metadata (may need more work for new spec) 2018-06-16 20:54:56 +00:00			`logger.debug("Invalid token, bad proof")`
Various improvements - Adds a lot more to the pluginmanager - Refactors code - Relocates functions 2018-05-13 03:45:32 +00:00
progress in removing core 2019-07-20 00:01:16 +00:00			`return retData`