kev/Onionr
1
0
Fork 0
Code Issues 24 Pull Requests Projects Releases 2 Wiki Activity

work on foward secrecy

Browse Source
This commit is contained in:
Kevin Froman 2018-10-07 00:06:44 -05:00
parent 8de7bd16c6
commit 5606a07757
3 changed files with 17 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
onionr/core.py
View File

@ -76,6 +76,8 @@ class Core:
os.mkdir(self.dataDir + 'blocks/') os.mkdir(self.dataDir + 'blocks/')
if not os.path.exists(self.blockDB): if not os.path.exists(self.blockDB):
self.createBlockDB() self.createBlockDB()
if not os.path.exists(self.forwardKeysFile):
self.dbCreate.createForwardKeyDB()
if os.path.exists(self.dataDir + '/hs/hostname'): if os.path.exists(self.dataDir + '/hs/hostname'):
with open(self.dataDir + '/hs/hostname', 'r') as hs: with open(self.dataDir + '/hs/hostname', 'r') as hs:

3
onionr/onionrexceptions.py
View File

@ -37,6 +37,9 @@ class InvalidPubkey(Exception):
class KeyNotKnown(Exception): class KeyNotKnown(Exception):
pass pass
class DecryptionError(Exception):
pass
# block exceptions # block exceptions
class InvalidMetadata(Exception): class InvalidMetadata(Exception):
pass pass

19
onionr/onionrusers.py
View File

@ -59,15 +59,20 @@ class OnionrUser:
retData = '' retData = ''
forwardKey = self._getLatestForwardKey() forwardKey = self._getLatestForwardKey()
if self._core._utils.validatePubKey(forwardKey): if self._core._utils.validatePubKey(forwardKey):
encrypted = self._core._crypto.pubKeyEncrypt(data, forwardKey, encodedData=True) retData = self._core._crypto.pubKeyEncrypt(data, forwardKey, encodedData=True)
else: else:
raise onionrexceptions.InvalidPubkey("No valid forward key available for this user") raise onionrexceptions.InvalidPubkey("No valid forward key available for this user")
return (data, forwardKey) return (retData, forwardKey)
def forwardDecrypt(self, encrypted): def forwardDecrypt(self, encrypted):
retData = '' retData = ""
for key in self for key in self.getGeneratedForwardKeys():
return retData = self._core._crypto.pubKeyDecrypt(encrypted, pubkey=key[1])
if retData != False:
break
else:
raise onionrexceptions.DecryptionError("Could not decrypt forward secrecy content")
return retData
def _getLatestForwardKey(self): def _getLatestForwardKey(self):
# Get the latest forward secrecy key for a peer # Get the latest forward secrecy key for a peer
@ -116,11 +121,11 @@ class OnionrUser:
conn.close() conn.close()
return newPub return newPub
def getGeneratedForwardKeys(self, peer): def getGeneratedForwardKeys(self):
# Fetch the keys we generated for the peer, that are still around # Fetch the keys we generated for the peer, that are still around
conn = sqlite3.connect(self._core.peerDB, timeout=10) conn = sqlite3.connect(self._core.peerDB, timeout=10)
c = conn.cursor() c = conn.cursor()
command = (peer,) command = (self.publicKey,)
keyList = [] # list of tuples containing pub, private for peer keyList = [] # list of tuples containing pub, private for peer
for result in c.execute("SELECT * FROM myForwardKeys where peer=?", command): for result in c.execute("SELECT * FROM myForwardKeys where peer=?", command):
keyList.append((result[1], result[2])) keyList.append((result[1], result[2]))