2018-08-27 03:44:32 +00:00
|
|
|
'''
|
|
|
|
Onionr - P2P Anonymous Storage Network
|
|
|
|
|
|
|
|
Contains abstractions for interacting with users of Onionr
|
|
|
|
'''
|
|
|
|
'''
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
|
|
it under the terms of the GNU General Public License as published by
|
|
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
|
|
(at your option) any later version.
|
|
|
|
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
|
|
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
'''
|
2019-02-20 23:12:11 +00:00
|
|
|
import onionrblockapi, logger, onionrexceptions, json, sqlite3, time
|
2018-10-09 23:36:52 +00:00
|
|
|
import nacl.exceptions
|
2018-11-09 19:07:26 +00:00
|
|
|
|
|
|
|
def deleteExpiredKeys(coreInst):
|
|
|
|
# Fetch the keys we generated for the peer, that are still around
|
|
|
|
conn = sqlite3.connect(coreInst.forwardKeysFile, timeout=10)
|
|
|
|
c = conn.cursor()
|
|
|
|
|
|
|
|
curTime = coreInst._utils.getEpoch()
|
|
|
|
c.execute("DELETE from myForwardKeys where expire <= ?", (curTime,))
|
|
|
|
conn.commit()
|
|
|
|
conn.execute("VACUUM")
|
|
|
|
conn.close()
|
|
|
|
return
|
|
|
|
|
2019-03-14 04:51:29 +00:00
|
|
|
def deleteTheirExpiredKeys(coreInst, pubkey):
|
2019-03-15 00:18:35 +00:00
|
|
|
conn = sqlite3.connect(coreInst.peerDB, timeout=10)
|
2019-03-14 04:51:29 +00:00
|
|
|
c = conn.cursor()
|
|
|
|
|
|
|
|
# Prepare the insert
|
|
|
|
command = (pubkey, coreInst._utils.getEpoch())
|
|
|
|
|
|
|
|
c.execute("DELETE from forwardKeys where peerKey = ? and expire <= ?", command)
|
|
|
|
|
|
|
|
conn.commit()
|
|
|
|
conn.close()
|
|
|
|
|
2019-03-15 16:48:06 +00:00
|
|
|
DEFAULT_KEY_EXPIRE = 604800
|
|
|
|
#DEFAULT_KEY_EXPIRE = 600
|
2019-03-14 00:50:45 +00:00
|
|
|
|
2018-08-27 03:44:32 +00:00
|
|
|
class OnionrUser:
|
2018-12-09 17:29:39 +00:00
|
|
|
def __init__(self, coreInst, publicKey, saveUser=False):
|
|
|
|
'''
|
|
|
|
OnionrUser is an abstraction for "users" of the network.
|
|
|
|
|
|
|
|
Takes an instance of onionr core, a base32 encoded ed25519 public key, and a bool saveUser
|
|
|
|
saveUser determines if we should add a user to our peer database or not.
|
|
|
|
'''
|
2019-02-10 22:26:47 +00:00
|
|
|
if ' ' in coreInst._utils.bytesToStr(publicKey).strip():
|
|
|
|
publicKey = coreInst._utils.convertHumanReadableID(publicKey)
|
|
|
|
|
2018-08-27 03:44:32 +00:00
|
|
|
self.trust = 0
|
|
|
|
self._core = coreInst
|
|
|
|
self.publicKey = publicKey
|
|
|
|
|
2018-12-09 17:29:39 +00:00
|
|
|
if saveUser:
|
2019-02-13 04:57:05 +00:00
|
|
|
try:
|
|
|
|
self._core.addPeer(publicKey)
|
|
|
|
except AssertionError:
|
|
|
|
pass
|
2018-12-09 17:29:39 +00:00
|
|
|
|
2018-08-27 03:44:32 +00:00
|
|
|
self.trust = self._core.getPeerInfo(self.publicKey, 'trust')
|
|
|
|
return
|
2018-11-10 06:29:32 +00:00
|
|
|
|
2018-08-27 03:44:32 +00:00
|
|
|
def setTrust(self, newTrust):
|
|
|
|
'''Set the peers trust. 0 = not trusted, 1 = friend, 2 = ultimate'''
|
|
|
|
self._core.setPeerInfo(self.publicKey, 'trust', newTrust)
|
|
|
|
|
|
|
|
def isFriend(self):
|
2018-08-28 04:45:31 +00:00
|
|
|
if self._core.getPeerInfo(self.publicKey, 'trust') == 1:
|
2018-08-27 03:44:32 +00:00
|
|
|
return True
|
|
|
|
return False
|
2018-11-10 06:29:32 +00:00
|
|
|
|
2018-08-28 04:45:31 +00:00
|
|
|
def getName(self):
|
|
|
|
retData = 'anonymous'
|
|
|
|
name = self._core.getPeerInfo(self.publicKey, 'name')
|
|
|
|
try:
|
|
|
|
if len(name) > 0:
|
|
|
|
retData = name
|
|
|
|
except ValueError:
|
|
|
|
pass
|
|
|
|
return retData
|
2018-08-27 03:44:32 +00:00
|
|
|
|
|
|
|
def encrypt(self, data):
|
2019-02-20 23:12:11 +00:00
|
|
|
encrypted = self._core._crypto.pubKeyEncrypt(data, self.publicKey, encodedData=True)
|
2018-08-27 03:44:32 +00:00
|
|
|
return encrypted
|
2018-11-10 06:29:32 +00:00
|
|
|
|
2019-02-17 20:21:03 +00:00
|
|
|
def decrypt(self, data):
|
2019-02-20 23:12:11 +00:00
|
|
|
decrypted = self._core._crypto.pubKeyDecrypt(data, self.publicKey, encodedData=True)
|
2018-08-27 03:44:32 +00:00
|
|
|
return decrypted
|
2018-11-10 06:29:32 +00:00
|
|
|
|
2018-08-27 03:44:32 +00:00
|
|
|
def forwardEncrypt(self, data):
|
2019-03-15 00:18:35 +00:00
|
|
|
deleteTheirExpiredKeys(self._core, self.publicKey)
|
2019-03-14 00:50:45 +00:00
|
|
|
deleteExpiredKeys(self._core)
|
2018-09-13 01:23:50 +00:00
|
|
|
retData = ''
|
|
|
|
forwardKey = self._getLatestForwardKey()
|
2019-03-14 00:50:45 +00:00
|
|
|
if self._core._utils.validatePubKey(forwardKey[0]):
|
|
|
|
retData = self._core._crypto.pubKeyEncrypt(data, forwardKey[0], encodedData=True)
|
2018-09-13 01:23:50 +00:00
|
|
|
else:
|
2019-01-20 18:09:53 +00:00
|
|
|
raise onionrexceptions.InvalidPubkey("No valid forward secrecy key available for this user")
|
2018-10-09 23:36:52 +00:00
|
|
|
#self.generateForwardKey()
|
2019-03-14 00:50:45 +00:00
|
|
|
return (retData, forwardKey[0], forwardKey[1])
|
2018-11-10 06:29:32 +00:00
|
|
|
|
2018-08-27 03:44:32 +00:00
|
|
|
def forwardDecrypt(self, encrypted):
|
2018-10-07 05:06:44 +00:00
|
|
|
retData = ""
|
2018-11-09 19:07:26 +00:00
|
|
|
for key in self.getGeneratedForwardKeys(False):
|
2018-10-09 23:36:52 +00:00
|
|
|
try:
|
2019-02-17 20:21:03 +00:00
|
|
|
retData = self._core._crypto.pubKeyDecrypt(encrypted, privkey=key[1], encodedData=True)
|
2018-10-09 23:36:52 +00:00
|
|
|
except nacl.exceptions.CryptoError:
|
|
|
|
retData = False
|
|
|
|
else:
|
2018-10-07 05:06:44 +00:00
|
|
|
break
|
|
|
|
else:
|
|
|
|
raise onionrexceptions.DecryptionError("Could not decrypt forward secrecy content")
|
|
|
|
return retData
|
2018-09-12 02:58:51 +00:00
|
|
|
|
|
|
|
def _getLatestForwardKey(self):
|
|
|
|
# Get the latest forward secrecy key for a peer
|
2018-10-06 18:06:46 +00:00
|
|
|
key = ""
|
2018-09-28 17:29:07 +00:00
|
|
|
conn = sqlite3.connect(self._core.peerDB, timeout=10)
|
2018-09-12 02:58:51 +00:00
|
|
|
c = conn.cursor()
|
|
|
|
|
2019-02-20 06:09:18 +00:00
|
|
|
# TODO: account for keys created at the same time (same epoch)
|
2019-03-15 00:18:35 +00:00
|
|
|
for row in c.execute("SELECT forwardKey, max(EXPIRE) FROM forwardKeys WHERE peerKey = ? ORDER BY expire DESC", (self.publicKey,)):
|
2019-03-14 00:50:45 +00:00
|
|
|
key = (row[0], row[1])
|
2018-09-12 02:58:51 +00:00
|
|
|
break
|
|
|
|
|
|
|
|
conn.commit()
|
|
|
|
conn.close()
|
2018-11-17 07:23:10 +00:00
|
|
|
|
2018-09-12 02:58:51 +00:00
|
|
|
return key
|
2018-11-10 06:29:32 +00:00
|
|
|
|
2018-09-13 01:23:50 +00:00
|
|
|
def _getForwardKeys(self):
|
2018-09-28 17:29:07 +00:00
|
|
|
conn = sqlite3.connect(self._core.peerDB, timeout=10)
|
2018-09-13 01:23:50 +00:00
|
|
|
c = conn.cursor()
|
|
|
|
keyList = []
|
2018-11-17 07:23:10 +00:00
|
|
|
|
2019-03-15 00:18:35 +00:00
|
|
|
for row in c.execute("SELECT forwardKey, date FROM forwardKeys WHERE peerKey = ? ORDER BY expire DESC", (self.publicKey,)):
|
2019-02-20 23:12:11 +00:00
|
|
|
keyList.append((row[0], row[1]))
|
2018-09-13 01:23:50 +00:00
|
|
|
|
|
|
|
conn.commit()
|
|
|
|
conn.close()
|
|
|
|
|
|
|
|
return list(keyList)
|
2018-09-12 02:58:51 +00:00
|
|
|
|
2019-03-14 00:50:45 +00:00
|
|
|
def generateForwardKey(self, expire=DEFAULT_KEY_EXPIRE):
|
2018-09-13 17:26:22 +00:00
|
|
|
|
|
|
|
# Generate a forward secrecy key for the peer
|
2018-09-28 17:29:07 +00:00
|
|
|
conn = sqlite3.connect(self._core.forwardKeysFile, timeout=10)
|
2018-09-13 17:26:22 +00:00
|
|
|
c = conn.cursor()
|
|
|
|
# Prepare the insert
|
|
|
|
time = self._core._utils.getEpoch()
|
|
|
|
newKeys = self._core._crypto.generatePubKey()
|
2018-10-09 23:36:52 +00:00
|
|
|
newPub = self._core._utils.bytesToStr(newKeys[0])
|
|
|
|
newPriv = self._core._utils.bytesToStr(newKeys[1])
|
2018-09-13 17:26:22 +00:00
|
|
|
|
2018-11-09 19:07:26 +00:00
|
|
|
command = (self.publicKey, newPub, newPriv, time, expire + time)
|
2018-09-13 17:26:22 +00:00
|
|
|
|
2018-10-07 20:39:22 +00:00
|
|
|
c.execute("INSERT INTO myForwardKeys VALUES(?, ?, ?, ?, ?);", command)
|
2018-09-13 17:26:22 +00:00
|
|
|
|
|
|
|
conn.commit()
|
|
|
|
conn.close()
|
2018-10-06 18:06:46 +00:00
|
|
|
return newPub
|
2018-09-13 17:26:22 +00:00
|
|
|
|
2018-11-09 19:07:26 +00:00
|
|
|
def getGeneratedForwardKeys(self, genNew=True):
|
2018-10-06 18:06:46 +00:00
|
|
|
# Fetch the keys we generated for the peer, that are still around
|
2018-10-07 20:39:22 +00:00
|
|
|
conn = sqlite3.connect(self._core.forwardKeysFile, timeout=10)
|
2018-10-06 18:06:46 +00:00
|
|
|
c = conn.cursor()
|
2018-10-09 23:36:52 +00:00
|
|
|
pubkey = self.publicKey
|
|
|
|
pubkey = self._core._utils.bytesToStr(pubkey)
|
|
|
|
command = (pubkey,)
|
2018-10-06 18:06:46 +00:00
|
|
|
keyList = [] # list of tuples containing pub, private for peer
|
2018-11-17 07:23:10 +00:00
|
|
|
|
2018-11-10 07:17:19 +00:00
|
|
|
for result in c.execute("SELECT * FROM myForwardKeys WHERE peer = ?", command):
|
2018-10-06 18:06:46 +00:00
|
|
|
keyList.append((result[1], result[2]))
|
2018-11-17 07:23:10 +00:00
|
|
|
|
2018-10-09 23:36:52 +00:00
|
|
|
if len(keyList) == 0:
|
2018-11-09 19:07:26 +00:00
|
|
|
if genNew:
|
|
|
|
self.generateForwardKey()
|
|
|
|
keyList = self.getGeneratedForwardKeys()
|
2018-10-09 23:36:52 +00:00
|
|
|
return list(keyList)
|
2018-09-13 17:26:22 +00:00
|
|
|
|
2019-03-14 00:50:45 +00:00
|
|
|
def addForwardKey(self, newKey, expire=DEFAULT_KEY_EXPIRE):
|
2018-09-12 02:58:51 +00:00
|
|
|
if not self._core._utils.validatePubKey(newKey):
|
2019-02-20 23:12:11 +00:00
|
|
|
# Do not add if something went wrong with the key
|
2019-01-07 22:30:47 +00:00
|
|
|
raise onionrexceptions.InvalidPubkey(newKey)
|
2019-02-20 23:12:11 +00:00
|
|
|
|
2018-09-28 17:29:07 +00:00
|
|
|
conn = sqlite3.connect(self._core.peerDB, timeout=10)
|
2018-09-11 19:45:06 +00:00
|
|
|
c = conn.cursor()
|
2019-02-20 23:12:11 +00:00
|
|
|
|
|
|
|
# Get the time we're inserting the key at
|
|
|
|
timeInsert = self._core._utils.getEpoch()
|
|
|
|
|
|
|
|
# Look at our current keys for duplicate key data or time
|
|
|
|
for entry in self._getForwardKeys():
|
|
|
|
if entry[0] == newKey:
|
|
|
|
return False
|
|
|
|
if entry[1] == timeInsert:
|
|
|
|
timeInsert += 1
|
|
|
|
time.sleep(1) # Sleep if our time is the same in order to prevent duplicate time records
|
|
|
|
|
|
|
|
# Add a forward secrecy key for the peer
|
2018-09-11 19:45:06 +00:00
|
|
|
# Prepare the insert
|
2019-02-20 23:12:11 +00:00
|
|
|
command = (self.publicKey, newKey, timeInsert, timeInsert + expire)
|
2018-09-11 19:45:06 +00:00
|
|
|
|
2018-10-07 20:39:22 +00:00
|
|
|
c.execute("INSERT INTO forwardKeys VALUES(?, ?, ?, ?);", command)
|
2018-09-11 19:45:06 +00:00
|
|
|
|
|
|
|
conn.commit()
|
|
|
|
conn.close()
|
2019-02-20 06:09:18 +00:00
|
|
|
return True
|
2019-02-22 01:55:13 +00:00
|
|
|
|
|
|
|
@classmethod
|
|
|
|
def list_friends(cls, coreInst):
|
|
|
|
friendList = []
|
|
|
|
for x in coreInst.listPeers(trust=1):
|
|
|
|
friendList.append(cls(coreInst, x))
|
|
|
|
return list(friendList)
|