onionr/src/onionrusers/onionrusers.py

260 lines
8.4 KiB
Python
Raw Normal View History

"""Onionr - Private P2P Communication.
Contains abstractions for interacting with users of Onionr
"""
import sqlite3
import time
import onionrexceptions
from onionrutils import stringvalidators, bytesconverter, epoch
import unpaddedbase32
import nacl.exceptions
from coredb import keydb, dbfiles
import onionrcrypto
from onionrcrypto import getourkeypair
from etc.onionrvalues import DATABASE_LOCK_TIMEOUT
"""
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
"""
2018-11-09 19:07:26 +00:00
2019-07-19 19:49:56 +00:00
def deleteExpiredKeys():
2018-11-09 19:07:26 +00:00
# Fetch the keys we generated for the peer, that are still around
conn = sqlite3.connect(
dbfiles.forward_keys_db, timeout=DATABASE_LOCK_TIMEOUT)
2018-11-09 19:07:26 +00:00
c = conn.cursor()
curTime = epoch.get_epoch()
2018-11-09 19:07:26 +00:00
c.execute("DELETE from myForwardKeys where expire <= ?", (curTime,))
conn.commit()
conn.execute("VACUUM")
conn.close()
return
2019-07-19 19:49:56 +00:00
def deleteTheirExpiredKeys(pubkey):
conn = sqlite3.connect(
dbfiles.user_id_info_db, timeout=DATABASE_LOCK_TIMEOUT)
2019-03-14 04:51:29 +00:00
c = conn.cursor()
# Prepare the insert
command = (pubkey, epoch.get_epoch())
2019-03-14 04:51:29 +00:00
c.execute("DELETE from forwardKeys where peerKey = ? and expire <= ?", command)
conn.commit()
conn.close()
2019-03-15 16:48:06 +00:00
DEFAULT_KEY_EXPIRE = 604800
class OnionrUser:
2019-07-19 19:49:56 +00:00
2019-07-21 16:15:20 +00:00
def __init__(self, publicKey, saveUser=False):
"""
OnionrUser is an abstraction for "users" of the network.
Takes a base32 encoded ed25519 public key, and a bool saveUser
saveUser determines if we should add a user to our peer database or not.
"""
publicKey = unpaddedbase32.repad(
bytesconverter.str_to_bytes(publicKey)).decode()
self.trust = 0
self.publicKey = publicKey
if saveUser and not publicKey == getourkeypair.get_keypair():
2019-02-13 04:57:05 +00:00
try:
2019-07-19 19:49:56 +00:00
keydb.addkeys.add_peer(publicKey)
except (AssertionError, ValueError) as _:
2019-02-13 04:57:05 +00:00
pass
2018-12-09 17:29:39 +00:00
2019-07-19 19:49:56 +00:00
self.trust = keydb.userinfo.get_user_info(self.publicKey, 'trust')
return
def setTrust(self, newTrust):
"""Set the peers trust. 0 = not trusted, 1 = friend, 2 = ultimate"""
2019-07-19 19:49:56 +00:00
keydb.userinfo.set_user_info(self.publicKey, 'trust', newTrust)
def isFriend(self):
if keydb.userinfo.get_user_info(self.publicKey, 'trust') == 1:
return True
return False
2018-08-28 04:45:31 +00:00
def getName(self):
retData = 'anonymous'
2019-07-19 19:49:56 +00:00
name = keydb.userinfo.get_user_info(self.publicKey, 'name')
2018-08-28 04:45:31 +00:00
try:
if len(name) > 0:
retData = name
except ValueError:
pass
return retData
def encrypt(self, data):
encrypted = onionrcrypto.encryption.pub_key_encrypt(
data, self.publicKey, encodedData=True)
return encrypted
2019-02-17 20:21:03 +00:00
def decrypt(self, data):
decrypted = onionrcrypto.encryption.pub_key_decrypt(
data, self.publicKey, encodedData=True)
return decrypted
def forwardEncrypt(self, data):
2019-07-19 19:49:56 +00:00
deleteTheirExpiredKeys(self.publicKey)
deleteExpiredKeys()
2018-09-13 01:23:50 +00:00
retData = ''
forwardKey = self._getLatestForwardKey()
if stringvalidators.validate_pub_key(forwardKey[0]):
retData = onionrcrypto.encryption.pub_key_encrypt(
data, forwardKey[0], encodedData=True)
2018-09-13 01:23:50 +00:00
else:
raise onionrexceptions.InvalidPubkey(
"No valid forward secrecy key available for this user")
return (retData, forwardKey[0], forwardKey[1])
def forwardDecrypt(self, encrypted):
2018-10-07 05:06:44 +00:00
retData = ""
2018-11-09 19:07:26 +00:00
for key in self.getGeneratedForwardKeys(False):
2018-10-09 23:36:52 +00:00
try:
retData = onionrcrypto.encryption.pub_key_decrypt(
encrypted, privkey=key[1], encodedData=True)
2018-10-09 23:36:52 +00:00
except nacl.exceptions.CryptoError:
retData = False
else:
2018-10-07 05:06:44 +00:00
break
else:
raise onionrexceptions.DecryptionError(
"Could not decrypt forward secrecy content")
2018-10-07 05:06:44 +00:00
return retData
def _getLatestForwardKey(self):
# Get the latest forward secrecy key for a peer
2018-10-06 18:06:46 +00:00
key = ""
conn = sqlite3.connect(
dbfiles.user_id_info_db, timeout=DATABASE_LOCK_TIMEOUT)
c = conn.cursor()
# TODO: account for keys created at the same time (same epoch)
for row in c.execute(
"SELECT forwardKey, max(EXPIRE) FROM forwardKeys WHERE peerKey = ? ORDER BY expire DESC", # noqa
(self.publicKey,)):
key = (row[0], row[1])
break
conn.commit()
conn.close()
2018-11-17 07:23:10 +00:00
return key
2018-09-13 01:23:50 +00:00
def _getForwardKeys(self):
conn = sqlite3.connect(
dbfiles.user_id_info_db, timeout=DATABASE_LOCK_TIMEOUT)
2018-09-13 01:23:50 +00:00
c = conn.cursor()
keyList = []
2018-11-17 07:23:10 +00:00
for row in c.execute(
"SELECT forwardKey, date FROM forwardKeys WHERE peerKey = ? ORDER BY expire DESC", # noqa
(self.publicKey,)):
keyList.append((row[0], row[1]))
2018-09-13 01:23:50 +00:00
conn.commit()
conn.close()
return list(keyList)
def generateForwardKey(self, expire=DEFAULT_KEY_EXPIRE):
# Generate a forward secrecy key for the peer
conn = sqlite3.connect(
dbfiles.forward_keys_db, timeout=DATABASE_LOCK_TIMEOUT)
c = conn.cursor()
# Prepare the insert
time = epoch.get_epoch()
2019-07-21 16:15:20 +00:00
newKeys = onionrcrypto.generate()
newPub = bytesconverter.bytes_to_str(newKeys[0])
newPriv = bytesconverter.bytes_to_str(newKeys[1])
2018-11-09 19:07:26 +00:00
command = (self.publicKey, newPub, newPriv, time, expire + time)
2018-10-07 20:39:22 +00:00
c.execute("INSERT INTO myForwardKeys VALUES(?, ?, ?, ?, ?);", command)
conn.commit()
conn.close()
2018-10-06 18:06:46 +00:00
return newPub
2018-11-09 19:07:26 +00:00
def getGeneratedForwardKeys(self, genNew=True):
2018-10-06 18:06:46 +00:00
# Fetch the keys we generated for the peer, that are still around
conn = sqlite3.connect(
dbfiles.forward_keys_db, timeout=DATABASE_LOCK_TIMEOUT)
2018-10-06 18:06:46 +00:00
c = conn.cursor()
2018-10-09 23:36:52 +00:00
pubkey = self.publicKey
pubkey = bytesconverter.bytes_to_str(pubkey)
2018-10-09 23:36:52 +00:00
command = (pubkey,)
keyList = [] # list of tuples containing pub, private for peer
2018-11-17 07:23:10 +00:00
for result in c.execute(
"SELECT * FROM myForwardKeys WHERE peer = ?", command):
2018-10-06 18:06:46 +00:00
keyList.append((result[1], result[2]))
2018-11-17 07:23:10 +00:00
2018-10-09 23:36:52 +00:00
if len(keyList) == 0:
2018-11-09 19:07:26 +00:00
if genNew:
self.generateForwardKey()
keyList = self.getGeneratedForwardKeys()
2018-10-09 23:36:52 +00:00
return list(keyList)
def addForwardKey(self, newKey, expire=DEFAULT_KEY_EXPIRE):
newKey = bytesconverter.bytes_to_str(
unpaddedbase32.repad(bytesconverter.str_to_bytes(newKey)))
if not stringvalidators.validate_pub_key(newKey):
# Do not add if something went wrong with the key
raise onionrexceptions.InvalidPubkey(newKey)
conn = sqlite3.connect(
dbfiles.user_id_info_db, timeout=DATABASE_LOCK_TIMEOUT)
2018-09-11 19:45:06 +00:00
c = conn.cursor()
# Get the time we're inserting the key at
timeInsert = epoch.get_epoch()
# Look at our current keys for duplicate key data or time
for entry in self._getForwardKeys():
if entry[0] == newKey:
return False
if entry[1] == timeInsert:
timeInsert += 1
# Sleep if our time is the same to prevent dupe time records
time.sleep(1)
# Add a forward secrecy key for the peer
2018-09-11 19:45:06 +00:00
# Prepare the insert
command = (self.publicKey, newKey, timeInsert, timeInsert + expire)
2018-09-11 19:45:06 +00:00
2018-10-07 20:39:22 +00:00
c.execute("INSERT INTO forwardKeys VALUES(?, ?, ?, ?);", command)
2018-09-11 19:45:06 +00:00
conn.commit()
conn.close()
return True
2019-02-22 01:55:13 +00:00
@classmethod
2019-07-19 19:49:56 +00:00
def list_friends(cls):
2019-02-22 01:55:13 +00:00
friendList = []
2019-07-19 19:49:56 +00:00
for x in keydb.listkeys.list_peers(trust=1):
friendList.append(cls(x))
return list(friendList)