fixed padding issue (hopefully), can now decrypt PMs, other improvements
This commit is contained in:
parent
d3554008fd
commit
0cf4c97597
@ -32,11 +32,13 @@ class API:
|
|||||||
'''
|
'''
|
||||||
Validate that the client token (hmac) matches the given token
|
Validate that the client token (hmac) matches the given token
|
||||||
'''
|
'''
|
||||||
|
try:
|
||||||
if not hmac.compare_digest(self.clientToken.strip(), token.strip()):
|
if not hmac.compare_digest(self.clientToken, token):
|
||||||
|
return False
|
||||||
|
else:
|
||||||
|
return True
|
||||||
|
except TypeError:
|
||||||
return False
|
return False
|
||||||
else:
|
|
||||||
return True
|
|
||||||
|
|
||||||
def __init__(self, debug):
|
def __init__(self, debug):
|
||||||
'''
|
'''
|
||||||
@ -70,7 +72,7 @@ class API:
|
|||||||
bypass.write(self.timeBypassToken)
|
bypass.write(self.timeBypassToken)
|
||||||
|
|
||||||
if not os.environ.get("WERKZEUG_RUN_MAIN") == "true":
|
if not os.environ.get("WERKZEUG_RUN_MAIN") == "true":
|
||||||
logger.debug('Your HMAC token: ' + logger.colors.underline + self.clientToken)
|
logger.debug('Your web password (KEEP SECRET): ' + logger.colors.underline + self.clientToken)
|
||||||
|
|
||||||
if not debug and not self._developmentMode:
|
if not debug and not self._developmentMode:
|
||||||
hostNums = [random.randint(1, 255), random.randint(1, 255), random.randint(1, 255)]
|
hostNums = [random.randint(1, 255), random.randint(1, 255), random.randint(1, 255)]
|
||||||
|
@ -87,6 +87,20 @@ class Core:
|
|||||||
if self._utils.validateID(address):
|
if self._utils.validateID(address):
|
||||||
conn = sqlite3.connect(self.addressDB)
|
conn = sqlite3.connect(self.addressDB)
|
||||||
c = conn.cursor()
|
c = conn.cursor()
|
||||||
|
# check if address is in database
|
||||||
|
# this is safe to do because the address is validated above, but we strip some chars here too just in case
|
||||||
|
address = address.replace('\'', '').replace(';', '').replace('"', '').replace('\\', '')
|
||||||
|
for i in c.execute("SELECT * FROM adders where address = '" + address + "';"):
|
||||||
|
try:
|
||||||
|
if i[0] == address:
|
||||||
|
logger.warn('Not adding existing address')
|
||||||
|
conn.close()
|
||||||
|
return False
|
||||||
|
except ValueError:
|
||||||
|
pass
|
||||||
|
except IndexError:
|
||||||
|
pass
|
||||||
|
|
||||||
t = (address, 1)
|
t = (address, 1)
|
||||||
c.execute('INSERT INTO adders (address, type) VALUES(?, ?);', t)
|
c.execute('INSERT INTO adders (address, type) VALUES(?, ?);', t)
|
||||||
conn.commit()
|
conn.commit()
|
||||||
|
@ -135,8 +135,8 @@ class Onionr:
|
|||||||
'reload-plugins': self.reloadPlugin,
|
'reload-plugins': self.reloadPlugin,
|
||||||
'reloadplugins': self.reloadPlugin,
|
'reloadplugins': self.reloadPlugin,
|
||||||
|
|
||||||
'listpeers': self.listPeers,
|
'listkeys': self.listKeys,
|
||||||
'list-peers': self.listPeers,
|
'list-keys': self.listKeys,
|
||||||
|
|
||||||
'addmsg': self.addMessage,
|
'addmsg': self.addMessage,
|
||||||
'addmessage': self.addMessage,
|
'addmessage': self.addMessage,
|
||||||
@ -144,6 +144,9 @@ class Onionr:
|
|||||||
'add-message': self.addMessage,
|
'add-message': self.addMessage,
|
||||||
'pm': self.sendEncrypt,
|
'pm': self.sendEncrypt,
|
||||||
|
|
||||||
|
'getpms': self.getPMs,
|
||||||
|
'get-pms': self.getPMs,
|
||||||
|
|
||||||
'gui': self.openGUI,
|
'gui': self.openGUI,
|
||||||
|
|
||||||
'addpeer': self.addPeer,
|
'addpeer': self.addPeer,
|
||||||
@ -168,7 +171,8 @@ class Onionr:
|
|||||||
'add-peer': 'Adds a peer (?)',
|
'add-peer': 'Adds a peer (?)',
|
||||||
'add-msg': 'Broadcasts a message to the Onionr network',
|
'add-msg': 'Broadcasts a message to the Onionr network',
|
||||||
'pm': 'Adds a private message to block',
|
'pm': 'Adds a private message to block',
|
||||||
'gui': 'Opens a graphical interface for Onionr'
|
'gui': 'Opens a graphical interface for Onionr',
|
||||||
|
'getpms': 'Shows private messages sent to you'
|
||||||
}
|
}
|
||||||
|
|
||||||
command = ''
|
command = ''
|
||||||
@ -277,12 +281,12 @@ class Onionr:
|
|||||||
|
|
||||||
gui.OnionrGUI(self.onionrCore)
|
gui.OnionrGUI(self.onionrCore)
|
||||||
|
|
||||||
def listPeers(self):
|
def listKeys(self):
|
||||||
'''
|
'''
|
||||||
Displays a list of peers (?)
|
Displays a list of keys (used to be called peers) (?)
|
||||||
'''
|
'''
|
||||||
|
|
||||||
logger.info('Peer list:\n')
|
logger.info('Public keys in database:\n')
|
||||||
for i in self.onionrCore.listPeers():
|
for i in self.onionrCore.listPeers():
|
||||||
logger.info(i)
|
logger.info(i)
|
||||||
|
|
||||||
@ -333,6 +337,12 @@ class Onionr:
|
|||||||
|
|
||||||
return
|
return
|
||||||
|
|
||||||
|
def getPMs(self):
|
||||||
|
'''
|
||||||
|
display PMs sent to us
|
||||||
|
'''
|
||||||
|
self.onionrUtils.loadPMs()
|
||||||
|
|
||||||
def enablePlugin(self):
|
def enablePlugin(self):
|
||||||
'''
|
'''
|
||||||
Enables and starts the given plugin
|
Enables and starts the given plugin
|
||||||
|
@ -80,20 +80,20 @@ class OnionrCrypto:
|
|||||||
retVal = anonBox.encrypt(data.encode(), encoder=encoding)
|
retVal = anonBox.encrypt(data.encode(), encoder=encoding)
|
||||||
return retVal
|
return retVal
|
||||||
|
|
||||||
def pubKeyDecrypt(self, data, pubkey, anonymous=False, encodedData=False):
|
def pubKeyDecrypt(self, data, pubkey='', anonymous=False, encodedData=False):
|
||||||
'''pubkey decrypt (Curve25519, taken from Ed25519 pubkey)'''
|
'''pubkey decrypt (Curve25519, taken from Ed25519 pubkey)'''
|
||||||
retVal = ''
|
retVal = False
|
||||||
if encodedData:
|
if encodedData:
|
||||||
encoding = nacl.encoding.Base64Encoder
|
encoding = nacl.encoding.Base64Encoder
|
||||||
else:
|
else:
|
||||||
encoding = nacl.encoding.RawEncoder
|
encoding = nacl.encoding.RawEncoder
|
||||||
ownKey = nacl.signing.SigningKey(seed=self.privKey, encoder=nacl.encoding.Base32Encoder())
|
ownKey = nacl.signing.SigningKey(seed=self.privKey, encoder=nacl.encoding.Base32Encoder()).to_curve25519_private_key()
|
||||||
if self.privKey != None and not anoymous:
|
if self.privKey != None and not anonymous:
|
||||||
ourBox = nacl.public.Box(ownKey, pubkey)
|
ourBox = nacl.public.Box(ownKey, pubkey)
|
||||||
decrypted = ourBox.decrypt(data, encoder=encoding)
|
decrypted = ourBox.decrypt(data, encoder=encoding)
|
||||||
elif anonymous:
|
elif anonymous:
|
||||||
anonBox = nacl.public.SealedBox(ownKey)
|
anonBox = nacl.public.SealedBox(ownKey)
|
||||||
decrypted = anonBox.decrypt(data.encode(), encoder=encoding)
|
decrypted = anonBox.decrypt(data, encoder=encoding)
|
||||||
return decrypted
|
return decrypted
|
||||||
|
|
||||||
def symmetricPeerEncrypt(self, data, peer):
|
def symmetricPeerEncrypt(self, data, peer):
|
||||||
|
@ -224,7 +224,7 @@ class OnionrUtils:
|
|||||||
nacl.signing.SigningKey(seed=key, encoder=nacl.encoding.Base32Encoder)
|
nacl.signing.SigningKey(seed=key, encoder=nacl.encoding.Base32Encoder)
|
||||||
except nacl.exceptions.ValueError:
|
except nacl.exceptions.ValueError:
|
||||||
pass
|
pass
|
||||||
except binascii.Error:
|
except base64.binascii.Error as err:
|
||||||
pass
|
pass
|
||||||
else:
|
else:
|
||||||
retVal = True
|
retVal = True
|
||||||
@ -274,3 +274,26 @@ class OnionrUtils:
|
|||||||
retVal = False
|
retVal = False
|
||||||
|
|
||||||
return retVal
|
return retVal
|
||||||
|
|
||||||
|
def loadPMs(self):
|
||||||
|
'''
|
||||||
|
Find, decrypt, and return array of PMs (array of dictionary, {from, text})
|
||||||
|
'''
|
||||||
|
blocks = self._core.getBlockList().split('\n')
|
||||||
|
message = ''
|
||||||
|
sender = ''
|
||||||
|
for i in blocks:
|
||||||
|
if len (i) == 0:
|
||||||
|
continue
|
||||||
|
with open('data/blocks/' + i + '.dat', 'r') as potentialMessage:
|
||||||
|
message = potentialMessage.read()
|
||||||
|
if message.startswith('-pm-'):
|
||||||
|
try:
|
||||||
|
message = self._core._crypto.pubKeyDecrypt(message.replace('-pm-', ''), encodedData=True, anonymous=True)
|
||||||
|
except nacl.exceptions.CryptoError as e:
|
||||||
|
#logger.debug('Unable to decrypt ' + i)
|
||||||
|
#logger.debug(str(e))
|
||||||
|
pass
|
||||||
|
else:
|
||||||
|
logger.info('Recieved message: ' + message.decode())
|
||||||
|
return
|
Loading…
Reference in New Issue
Block a user