work on foward secrecy

2018-10-07 00:06:44 -05:00 · 2018-10-07 00:06:44 -05:00 · 5606a07757
parent 8de7bd16c6
commit 5606a07757
3 changed files with 17 additions and 7 deletions
--- a/onionr/core.py
+++ b/onionr/core.py
@ -76,6 +76,8 @@ class Core:
                os.mkdir(self.dataDir + 'blocks/')
            if not os.path.exists(self.blockDB):
                self.createBlockDB()
+            if not os.path.exists(self.forwardKeysFile):
+                self.dbCreate.createForwardKeyDB()

            if os.path.exists(self.dataDir + '/hs/hostname'):
                with open(self.dataDir + '/hs/hostname', 'r') as hs:
--- a/onionr/onionrexceptions.py
+++ b/onionr/onionrexceptions.py
@ -37,6 +37,9 @@ class InvalidPubkey(Exception):
 class KeyNotKnown(Exception):
    pass

+class DecryptionError(Exception):
+    pass
+
 # block exceptions
 class InvalidMetadata(Exception):
    pass
--- a/onionr/onionrusers.py
+++ b/onionr/onionrusers.py
@ -59,15 +59,20 @@ class OnionrUser:
        retData = ''
        forwardKey = self._getLatestForwardKey()
        if self._core._utils.validatePubKey(forwardKey):
-            encrypted = self._core._crypto.pubKeyEncrypt(data, forwardKey, encodedData=True)
+            retData = self._core._crypto.pubKeyEncrypt(data, forwardKey, encodedData=True)
        else:
            raise onionrexceptions.InvalidPubkey("No valid forward key available for this user")
-        return (data, forwardKey)
+        return (retData, forwardKey)
    
    def forwardDecrypt(self, encrypted):
-        retData = ''
-        for key in self
-        return
+        retData = ""
+        for key in self.getGeneratedForwardKeys():
+            retData = self._core._crypto.pubKeyDecrypt(encrypted, pubkey=key[1])
+            if retData != False:
+                break
+        else:
+            raise onionrexceptions.DecryptionError("Could not decrypt forward secrecy content")
+        return retData

    def _getLatestForwardKey(self):
        # Get the latest forward secrecy key for a peer
@ -116,11 +121,11 @@ class OnionrUser:
        conn.close()
        return newPub

-    def getGeneratedForwardKeys(self, peer):
+    def getGeneratedForwardKeys(self):
        # Fetch the keys we generated for the peer, that are still around
        conn = sqlite3.connect(self._core.peerDB, timeout=10)
        c = conn.cursor()
-        command = (peer,)
+        command = (self.publicKey,)
        keyList = [] # list of tuples containing pub, private for peer
        for result in c.execute("SELECT * FROM myForwardKeys where peer=?", command):
            keyList.append((result[1], result[2]))