From d151e0d3023bafe676c8d639110e2be1b002c6b5 Mon Sep 17 00:00:00 2001 From: Kevin Froman Date: Tue, 11 Sep 2018 14:45:06 -0500 Subject: [PATCH] work on forward secrecy --- .gitignore | 1 + onionr/core.py | 15 +++---- onionr/dbcreator.py | 5 ++- onionr/onionrusers.py | 16 ++++++- .../default-plugins/metadataprocessor/main.py | 44 ++++++++++++++----- 5 files changed, 60 insertions(+), 21 deletions(-) diff --git a/.gitignore b/.gitignore index 6edc23ff..26e43b0e 100644 --- a/.gitignore +++ b/.gitignore @@ -13,3 +13,4 @@ onionr/data-encrypted.dat onionr/.onionr-lock core .vscode/* +venv/* diff --git a/onionr/core.py b/onionr/core.py index 97b822af..c1edf921 100644 --- a/onionr/core.py +++ b/onionr/core.py @@ -472,18 +472,17 @@ class Core: id text 0 name text, 1 adders text, 2 - forwardKey text, 3 - dateSeen not null, 4 - bytesStored int, 5 - trust int 6 - pubkeyExchanged int 7 - hashID text 8 - pow text 9 + dateSeen not null, 3 + bytesStored int, 4 + trust int 5 + pubkeyExchanged int 6 + hashID text 7 + pow text 8 ''' conn = sqlite3.connect(self.peerDB) c = conn.cursor() command = (peer,) - infoNumbers = {'id': 0, 'name': 1, 'adders': 2, 'forwardKey': 3, 'dateSeen': 4, 'bytesStored': 5, 'trust': 6, 'pubkeyExchanged': 7, 'hashID': 8} + infoNumbers = {'id': 0, 'name': 1, 'adders': 2, 'dateSeen': 3, 'bytesStored': 4, 'trust': 5, 'pubkeyExchanged': 6, 'hashID': 7} info = infoNumbers[info] iterCount = 0 retVal = '' diff --git a/onionr/dbcreator.py b/onionr/dbcreator.py index 5f3d2c79..05ea796e 100644 --- a/onionr/dbcreator.py +++ b/onionr/dbcreator.py @@ -61,7 +61,6 @@ class DBCreator: ID text not null, name text, adders text, - forwardKey text, dateSeen not null, bytesStored int, trust int, @@ -69,6 +68,10 @@ class DBCreator: hashID text, pow text not null); ''') + c.execute('''CREATE TABLE forwardKeys( + peerKey text not null, + forwardKey text not null, + date int not null);''') conn.commit() conn.close() return diff --git a/onionr/onionrusers.py b/onionr/onionrusers.py index 7340fed3..10e2be33 100644 --- a/onionr/onionrusers.py +++ b/onionr/onionrusers.py @@ -17,7 +17,7 @@ You should have received a copy of the GNU General Public License along with this program. If not, see . ''' -import onionrblockapi, logger, onionrexceptions, json +import onionrblockapi, logger, onionrexceptions, json, sqlite3 class OnionrUser: def __init__(self, coreInst, publicKey): self.trust = 0 @@ -60,6 +60,20 @@ class OnionrUser: def forwardDecrypt(self, encrypted): return + def addForwardKey(self, newKey): + # Add a forward secrecy key for the peer + conn = sqlite3.connect(self._core.peerDB) + c = conn.cursor() + # Prepare the insert + time = self._core._utils.getEpoch() + command = (self.publicKey, newKey, time) + + c.execute("INSERT INTO forwardKeys VALUES(?, ?, ?);", command) + + conn.commit() + conn.close() + return + def findAndSetID(self): '''Find any info about the user from existing blocks and cache it to their DB entry''' infoBlocks = [] diff --git a/onionr/static-data/default-plugins/metadataprocessor/main.py b/onionr/static-data/default-plugins/metadataprocessor/main.py index 842eaf88..994bf818 100644 --- a/onionr/static-data/default-plugins/metadataprocessor/main.py +++ b/onionr/static-data/default-plugins/metadataprocessor/main.py @@ -22,28 +22,50 @@ import logger, config import os, sys, json, time, random, shutil, base64, getpass, datetime, re from onionrblockapi import Block +import onionrusers plugin_name = 'metadataprocessor' # event listeners +def _processUserInfo(api, newBlock): + ''' + Set the username for a particular user, from a signed block by them + ''' + myBlock = newBlock + peerName = myBlock.getMetadata('name') + try: + if len(peerName) > 20: + raise onionrexceptions.InvalidMetdata('Peer name specified is too large') + except TypeError: + pass + except onionrexceptions.InvalidMetadata: + pass + else: + api.get_core().setPeerInfo(signer, 'name', peerName) + logger.info('%s is now using the name %s.' % (signer, api.get_utils().escapeAnsi(peerName))) + +def _processForwardKey(api, myBlock): + ''' + Get the forward secrecy key specified by the user for us to use + ''' + peer = onionrusers.OnionrUser(self.api.get_core(), myBlock.signer) + def on_processBlocks(api): myBlock = api.data['block'] blockType = api.data['type'] print('blockType is ' + blockType) + + # Process specific block types + + # userInfo blocks, such as for setting username if blockType == 'userInfo': if myBlock.verifySig(): - peerName = myBlock.getMetadata('name') - try: - if len(peerName) > 20: - raise onionrexceptions.InvalidMetdata('Peer name specified is too large') - except TypeError: - pass - except onionrexceptions.InvalidMetadata: - pass - else: - api.get_core().setPeerInfo(signer, 'name', peerName) - logger.info('%s is now using the name %s.' % (signer, api.get_utils().escapeAnsi(peerName))) + _processUserInfo(api, myBlock) + # forwardKey blocks + elif blockType == 'forwardKey': + if myBlock.verifySig(): + _processForwardKey(api, myBlock) def on_init(api, data = None):