From 4757bb09636291c214e0161a120d3ba5b17f2dd5 Mon Sep 17 00:00:00 2001 From: Kevin Froman Date: Wed, 13 Mar 2019 23:51:29 -0500 Subject: [PATCH] further fixed forward secrecy --- onionr/core.py | 1 - onionr/onionrusers/onionrusers.py | 14 +++++++++++++- onionr/static-data/default-plugins/flow/main.py | 3 --- 3 files changed, 13 insertions(+), 5 deletions(-) diff --git a/onionr/core.py b/onionr/core.py index d7960ebd..f178fefd 100755 --- a/onionr/core.py +++ b/onionr/core.py @@ -738,7 +738,6 @@ class Core: data = forwardEncrypted[0] meta['forwardEnc'] = True expire = forwardEncrypted[2] # Expire time of key. no sense keeping block after that - print(expire, self._utils.getEpoch()) except onionrexceptions.InvalidPubkey: pass #onionrusers.OnionrUser(self, asymPeer).generateForwardKey() diff --git a/onionr/onionrusers/onionrusers.py b/onionr/onionrusers/onionrusers.py index 9aa9d8d8..ebbac73d 100755 --- a/onionr/onionrusers/onionrusers.py +++ b/onionr/onionrusers/onionrusers.py @@ -32,7 +32,20 @@ def deleteExpiredKeys(coreInst): conn.close() return +def deleteTheirExpiredKeys(coreInst, pubkey): + conn = sqlite3.connect(self._core.peerDB, timeout=10) + c = conn.cursor() + + # Prepare the insert + command = (pubkey, coreInst._utils.getEpoch()) + + c.execute("DELETE from forwardKeys where peerKey = ? and expire <= ?", command) + + conn.commit() + conn.close() + DEFAULT_KEY_EXPIRE = 604800 +#DEFAULT_KEY_EXPIRE = 600 class OnionrUser: def __init__(self, coreInst, publicKey, saveUser=False): @@ -149,7 +162,6 @@ class OnionrUser: newPub = self._core._utils.bytesToStr(newKeys[0]) newPriv = self._core._utils.bytesToStr(newKeys[1]) - time = self._core._utils.getEpoch() command = (self.publicKey, newPub, newPriv, time, expire + time) c.execute("INSERT INTO myForwardKeys VALUES(?, ?, ?, ?, ?);", command) diff --git a/onionr/static-data/default-plugins/flow/main.py b/onionr/static-data/default-plugins/flow/main.py index 09826b79..2587df93 100755 --- a/onionr/static-data/default-plugins/flow/main.py +++ b/onionr/static-data/default-plugins/flow/main.py @@ -55,9 +55,6 @@ class OnionrFlow: expireTime = self.myCore._utils.getEpoch() + 43200 if len(message) > 0: self.myCore.insertBlock(message, header='txt', expire=expireTime, meta={'ch': self.channel}) - #insertBL = Block(content = message, type = 'txt', expire=expireTime, core = self.myCore) - #insertBL.setMetadata('ch', self.channel) - #insertBL.save() logger.info("Flow is exiting, goodbye") return