From 494871290414f952120bdc5d566fb04140b85bd0 Mon Sep 17 00:00:00 2001
From: Kevin Froman <beardog@firemail.cc>
Date: Wed, 7 Feb 2018 03:04:58 -0600
Subject: [PATCH] work on peer encryption

---
 .gitignore             |  1 +
 onionr/api.py          |  7 +++++--
 onionr/core.py         | 10 ++++++----
 onionr/onionrcrypto.py | 10 ++++++++--
 onionr/onionrutils.py  | 11 +++++++++++
 readme.md              |  2 ++
 6 files changed, 33 insertions(+), 8 deletions(-)

diff --git a/.gitignore b/.gitignore
index 0d9c0eda..2a7d956a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,3 +6,4 @@ onionr/*.pyc
 onionr/*.log
 onionr/data/hs/hostname
 onionr/data/*
+onionr/gnupg/*
diff --git a/onionr/api.py b/onionr/api.py
index a5e75e28..efb420c6 100755
--- a/onionr/api.py
+++ b/onionr/api.py
@@ -23,7 +23,7 @@ from multiprocessing import Process
 import configparser, sys, random, threading, hmac, hashlib, base64, time, math, gnupg, os, logger
 
 from core import Core
-import onionrutils
+import onionrutils, onionrcrypto
 class API:
     '''
         Main HTTP API (Flask)
@@ -56,6 +56,7 @@ class API:
         self.debug = debug
         self._privateDelayTime = 3
         self._core = Core()
+        self._crypto = onionrcrypto.OnionrCrypto(self._core)
         self._utils = onionrutils.OnionrUtils(self._core)
         app = flask.Flask(__name__)
         bindPort = int(self.config['CLIENT']['PORT'])
@@ -131,7 +132,9 @@ class API:
                 pass
             elif action == 'ping':
                 resp = Response("pong!")
-            elif action == 'setHMAC':
+            elif action == 'getHMAC':
+                resp = Response(self._crypto.generateHMAC())
+            elif action == 'getSymmetric':
                 pass
             elif action == 'getDBHash':
                 resp = Response(self._utils.getBlockDBHash())
diff --git a/onionr/core.py b/onionr/core.py
index d7ac589c..93a1bc7c 100644
--- a/onionr/core.py
+++ b/onionr/core.py
@@ -18,11 +18,11 @@
     along with this program.  If not, see <https://www.gnu.org/licenses/>.
 '''
 import sqlite3, os, sys, time, math, gnupg, base64, tarfile, getpass, simplecrypt, hashlib, nacl, logger
-from Crypto.Cipher import AES
-from Crypto import Random
+#from Crypto.Cipher import AES
+#from Crypto import Random
 import netcontroller
 
-import onionrutils
+import onionrutils, onionrcrypto
 
 if sys.version_info < (3, 6):
     try:
@@ -41,7 +41,9 @@ class Core:
         self.ownPGPID = ''
         self.blockDB = 'data/blocks.db'
         self.blockDataLocation = 'data/blocks/'
+        self.gpgHome = './data/pgp/'
         self._utils = onionrutils.OnionrUtils(self)
+        self._crypto = onionrcrypto.OnionrCrypto(self)
 
         if not os.path.exists('data/'):
             os.mkdir('data/')
@@ -59,7 +61,7 @@ class Core:
 
             Uses own PGP home folder in the data/ directory
         '''
-        gpg = gnupg.GPG(homedir='./data/pgp/')
+        gpg = gnupg.GPG(homedir=self.gpgHome)
         input_data = gpg.gen_key_input(key_type="RSA", key_length=1024, name_real=myID, name_email='anon@onionr', testing=True)
         key = gpg.gen_key(input_data)
         logger.info("Generating PGP key, this will take some time..")
diff --git a/onionr/onionrcrypto.py b/onionr/onionrcrypto.py
index fed23889..ccfcee7b 100644
--- a/onionr/onionrcrypto.py
+++ b/onionr/onionrcrypto.py
@@ -17,10 +17,11 @@
     You should have received a copy of the GNU General Public License
     along with this program.  If not, see <https://www.gnu.org/licenses/>.
 '''
-import nacl
+import nacl, gnupg
 
 class OnionrCrypto:
-    def __init__(self):
+    def __init__(self, coreInstance):
+        self._core = coreInstance
         return
 
     def symmetricPeerEncrypt(self, data, key):
@@ -31,3 +32,8 @@ class OnionrCrypto:
 
     def rsaEncrypt(self, peer, data):
         return
+    
+    def verifyPGP(self, peer, signature):
+        '''Verify PGP signed data'''
+        gpg = gnupg.GPG(homedir=self._core.gpgHome)
+        
\ No newline at end of file
diff --git a/onionr/onionrutils.py b/onionr/onionrutils.py
index ca575073..14ca52f1 100644
--- a/onionr/onionrutils.py
+++ b/onionr/onionrutils.py
@@ -153,6 +153,17 @@ class OnionrUtils:
                 retVal = False
 
         return retVal
+    
+    def getPeerPGPFingerprint(self, peer):
+        '''
+            Get peer's PGP fingerprint
+        '''
+        retData = ''
+        gpg = gnupg.GPG(homedir=self._core.gpgHome)
+        for i in gpg.list_keys():
+            if peer in i['uids'][0]:
+                retData = i['fingerprint']
+        return retData
 
     def validateID(self, id):
         '''
diff --git a/readme.md b/readme.md
index 730d1270..fea71132 100644
--- a/readme.md
+++ b/readme.md
@@ -13,6 +13,8 @@ Major work in progress.
 
 This software is in heavy development. If for some reason you want to get involved, get in touch first.
 
+**Onionr API and functionality is subject to non-backwards compatible change during development**
+
 ## Disclaimer
 
 The Tor Project, I2P developers, and anyone else do not own, create, or endorse this project, and are not otherwise involved.