From 651e2b173b5f7ab9d7c0542ec1bb9fee95f126db Mon Sep 17 00:00:00 2001
From: Kevin Froman <beardog@firemail.cc>
Date: Wed, 20 Feb 2019 00:09:18 -0600
Subject: [PATCH] fixing up forward secrecy more, added test for it

---
 onionr/onionrusers/onionrusers.py    |  5 ++--
 onionr/tests/test_forward_secrecy.py | 41 ++++++++++++++++++++++++++++
 2 files changed, 44 insertions(+), 2 deletions(-)
 create mode 100644 onionr/tests/test_forward_secrecy.py

diff --git a/onionr/onionrusers/onionrusers.py b/onionr/onionrusers/onionrusers.py
index e57c45c0..2df81319 100755
--- a/onionr/onionrusers/onionrusers.py
+++ b/onionr/onionrusers/onionrusers.py
@@ -112,7 +112,8 @@ class OnionrUser:
         conn = sqlite3.connect(self._core.peerDB, timeout=10)
         c = conn.cursor()
 
-        for row in c.execute("SELECT forwardKey FROM forwardKeys WHERE peerKey = ? ORDER BY date DESC", (self.publicKey,)):
+        # TODO: account for keys created at the same time (same epoch)
+        for row in c.execute("SELECT forwardKey, max(DATE) FROM forwardKeys WHERE peerKey = ?", (self.publicKey,)):
             key = row[0]
             break
 
@@ -189,4 +190,4 @@ class OnionrUser:
 
         conn.commit()
         conn.close()
-        return
+        return True
diff --git a/onionr/tests/test_forward_secrecy.py b/onionr/tests/test_forward_secrecy.py
new file mode 100644
index 00000000..9c802b7e
--- /dev/null
+++ b/onionr/tests/test_forward_secrecy.py
@@ -0,0 +1,41 @@
+#!/usr/bin/env python3
+import sys, os, random
+sys.path.append(".")
+import unittest, uuid
+TEST_DIR_1 = 'testdata/%s-%s' % (uuid.uuid4(), os.path.basename(__file__)) + '/'
+TEST_DIR_2 = 'testdata/%s-%s' % (uuid.uuid4(), os.path.basename(__file__)) + '/'
+import core, onionr, time
+
+import onionrexceptions
+from onionrusers import onionrusers
+from onionrusers import contactmanager
+
+class OnionrForwardSecrecyTests(unittest.TestCase):
+    '''
+        Tests both the onionrusers class and the contactmanager (which inherits it)
+    '''
+
+    def test_forward_decrypt(self):
+        os.environ["ONIONR_HOME"] = TEST_DIR_1
+        o = onionr.Onionr()
+        
+        friend = o.onionrCore._crypto.generatePubKey()
+
+        friendUser = onionrusers.OnionrUser(o.onionrCore, friend[0], saveUser=True)
+
+        for x in range(3):
+            message = 'hello world %s' % (random.randint(1, 1000))
+            forwardKey = friendUser.generateForwardKey()
+
+            fakeForwardPair = o.onionrCore._crypto.generatePubKey()
+
+            self.assertTrue(friendUser.addForwardKey(fakeForwardPair[0]))
+
+            encrypted = friendUser.forwardEncrypt(message)
+
+            decrypted = o.onionrCore._crypto.pubKeyDecrypt(encrypted[0], privkey=fakeForwardPair[1], encodedData=True)
+            self.assertTrue(decrypted == message.encode())
+            time.sleep(1)
+        return
+
+unittest.main()
\ No newline at end of file