From ee2a74380b02f23c91ed77dc21939dca3976706e Mon Sep 17 00:00:00 2001
From: Kevin Froman <beardog@firemail.cc>
Date: Thu, 13 Sep 2018 12:26:22 -0500
Subject: [PATCH] work on metadata, forward secrecy, and starting on sockets

---
 onionr/core.py                                |  1 +
 onionr/dbcreator.py                           | 24 ++++++++++++++++++-
 onionr/onionrusers.py                         | 20 ++++++++++++++++
 onionr/onionrutils.py                         |  3 ++-
 .../default-plugins/metadataprocessor/main.py | 19 +++++++++++----
 5 files changed, 61 insertions(+), 6 deletions(-)

diff --git a/onionr/core.py b/onionr/core.py
index 15c862c5..3ce4bbfd 100644
--- a/onionr/core.py
+++ b/onionr/core.py
@@ -48,6 +48,7 @@ class Core:
             self.torPort = torPort
             self.dataNonceFile = 'data/block-nonces.dat'
             self.dbCreate = dbcreator.DBCreator(self)
+            self.forwardKeysFile = 'data/forward-keys.db'
 
             self.usageFile = 'data/disk-usage.txt'
             self.config = config
diff --git a/onionr/dbcreator.py b/onionr/dbcreator.py
index 05ea796e..f9838342 100644
--- a/onionr/dbcreator.py
+++ b/onionr/dbcreator.py
@@ -71,7 +71,9 @@ class DBCreator:
         c.execute('''CREATE TABLE forwardKeys(
         peerKey text not null,
         forwardKey text not null,
-        date int not null);''')
+        date int not null,
+        expire int not null
+        );''')
         conn.commit()
         conn.close()
         return
@@ -108,4 +110,24 @@ class DBCreator:
         ''')
         conn.commit()
         conn.close()
+        return
+
+    def createForwardKeyDB(self):
+        '''
+            Create the forward secrecy key db (*for *OUR* keys*)
+        '''
+        if os.path.exists(self.core.forwardKeysFile):
+            raise Exception("Block database already exists")
+        conn = sqlite3.connect(self.core.forwardKeysFile)
+        c = conn.cursor()
+        c.execute('''CREATE TABLE myForwardKeys(
+            peer text not null,
+            public key text not null,
+            private key text not null,
+            date int not null,
+            expire int not null
+            );
+        ''')
+        conn.commit()
+        conn.close()
         return
\ No newline at end of file
diff --git a/onionr/onionrusers.py b/onionr/onionrusers.py
index 898f9ae4..1e8cdf29 100644
--- a/onionr/onionrusers.py
+++ b/onionr/onionrusers.py
@@ -93,6 +93,26 @@ class OnionrUser:
 
         return list(keyList)
 
+    def generateForwardKey(self, expire=432000):
+
+        # Generate a forward secrecy key for the peer
+        conn = sqlite3.connect(self._core.forwardKeysFile)
+        c = conn.cursor()
+        # Prepare the insert
+        time = self._core._utils.getEpoch()
+        newKeys = self._core._crypto.generatePubKey()
+        newPub = newKeys[0]
+        newPriv = newKeys[1]
+
+        time = self._core._utils.getEpoch()
+        command = (self.publicKey, newPub, newPriv, time, expire)
+
+        c.execute("INSERT INTO myForwardKeys VALUES(?, ?, ?, ?);", command)
+
+        conn.commit()
+        conn.close()
+
+
     def addForwardKey(self, newKey):
         if not self._core._utils.validatePubKey(newKey):
             raise onionrexceptions.InvalidPubkey
diff --git a/onionr/onionrutils.py b/onionr/onionrutils.py
index 6449e152..b5fc10c1 100644
--- a/onionr/onionrutils.py
+++ b/onionr/onionrutils.py
@@ -265,11 +265,12 @@ class OnionrUtils:
             myBlock.decrypt()
         blockType = myBlock.getMetadata('type') # we would use myBlock.getType() here, but it is bugged with encrypted blocks
         signer = self.bytesToStr(myBlock.signer)
+        valid = myBlock.verifySig()
         try:
             if len(blockType) <= 10:
                 self._core.updateBlockInfo(blockHash, 'dataType', blockType)
 
-                onionrevents.event('processBlocks', data = {'block': myBlock, 'type': blockType}, onionr = None)
+                onionrevents.event('processBlocks', data = {'block': myBlock, 'type': blockType, 'signer': signer, 'validSig': valid}, onionr = None)
 
         except TypeError:
             pass
diff --git a/onionr/static-data/default-plugins/metadataprocessor/main.py b/onionr/static-data/default-plugins/metadataprocessor/main.py
index 74397c12..5145d911 100644
--- a/onionr/static-data/default-plugins/metadataprocessor/main.py
+++ b/onionr/static-data/default-plugins/metadataprocessor/main.py
@@ -22,7 +22,7 @@
 import logger, config
 import os, sys, json, time, random, shutil, base64, getpass, datetime, re
 from onionrblockapi import Block
-import onionrusers
+import onionrusers, onionrexceptions
 
 plugin_name = 'metadataprocessor'
 
@@ -50,6 +50,13 @@ def _processForwardKey(api, myBlock):
         Get the forward secrecy key specified by the user for us to use
     '''
     peer = onionrusers.OnionrUser(self.api.get_core(), myBlock.signer)
+    key = myBlock.getMetadata('newFSKey')
+
+    # We don't need to validate here probably, but it helps
+    if api.get_utils().validatePubKey(key):
+        peer.addForwardKey(key)
+    else:
+        raise onionrexceptions.InvalidPubkey("%s is nota valid pubkey key" % (key,))
 
 def on_processBlocks(api):
     myBlock = api.data['block']
@@ -60,12 +67,16 @@ def on_processBlocks(api):
 
     # userInfo blocks, such as for setting username
     if blockType == 'userInfo':
-        if myBlock.verifySig():
+        if api.data['validSig']:
             _processUserInfo(api, myBlock)
-    # forwardKey blocks
+    # forwardKey blocks, add a new forward secrecy key for a peer
     elif blockType == 'forwardKey':
-        if myBlock.verifySig():
+        if api.data['validSig']:
             _processForwardKey(api, myBlock)
+    # socket blocks
+    elif blockType == 'openSocket':
+        if api.data['validSig']:
+            pass
 
 def on_init(api, data = None):