fixed padding issue (hopefully), can now decrypt PMs, other improvements
parent
d3554008fd
commit
0cf4c97597
|
@ -32,11 +32,13 @@ class API:
|
|||
'''
|
||||
Validate that the client token (hmac) matches the given token
|
||||
'''
|
||||
|
||||
if not hmac.compare_digest(self.clientToken.strip(), token.strip()):
|
||||
try:
|
||||
if not hmac.compare_digest(self.clientToken, token):
|
||||
return False
|
||||
else:
|
||||
return True
|
||||
except TypeError:
|
||||
return False
|
||||
else:
|
||||
return True
|
||||
|
||||
def __init__(self, debug):
|
||||
'''
|
||||
|
@ -70,7 +72,7 @@ class API:
|
|||
bypass.write(self.timeBypassToken)
|
||||
|
||||
if not os.environ.get("WERKZEUG_RUN_MAIN") == "true":
|
||||
logger.debug('Your HMAC token: ' + logger.colors.underline + self.clientToken)
|
||||
logger.debug('Your web password (KEEP SECRET): ' + logger.colors.underline + self.clientToken)
|
||||
|
||||
if not debug and not self._developmentMode:
|
||||
hostNums = [random.randint(1, 255), random.randint(1, 255), random.randint(1, 255)]
|
||||
|
|
|
@ -87,6 +87,20 @@ class Core:
|
|||
if self._utils.validateID(address):
|
||||
conn = sqlite3.connect(self.addressDB)
|
||||
c = conn.cursor()
|
||||
# check if address is in database
|
||||
# this is safe to do because the address is validated above, but we strip some chars here too just in case
|
||||
address = address.replace('\'', '').replace(';', '').replace('"', '').replace('\\', '')
|
||||
for i in c.execute("SELECT * FROM adders where address = '" + address + "';"):
|
||||
try:
|
||||
if i[0] == address:
|
||||
logger.warn('Not adding existing address')
|
||||
conn.close()
|
||||
return False
|
||||
except ValueError:
|
||||
pass
|
||||
except IndexError:
|
||||
pass
|
||||
|
||||
t = (address, 1)
|
||||
c.execute('INSERT INTO adders (address, type) VALUES(?, ?);', t)
|
||||
conn.commit()
|
||||
|
|
|
@ -135,8 +135,8 @@ class Onionr:
|
|||
'reload-plugins': self.reloadPlugin,
|
||||
'reloadplugins': self.reloadPlugin,
|
||||
|
||||
'listpeers': self.listPeers,
|
||||
'list-peers': self.listPeers,
|
||||
'listkeys': self.listKeys,
|
||||
'list-keys': self.listKeys,
|
||||
|
||||
'addmsg': self.addMessage,
|
||||
'addmessage': self.addMessage,
|
||||
|
@ -144,6 +144,9 @@ class Onionr:
|
|||
'add-message': self.addMessage,
|
||||
'pm': self.sendEncrypt,
|
||||
|
||||
'getpms': self.getPMs,
|
||||
'get-pms': self.getPMs,
|
||||
|
||||
'gui': self.openGUI,
|
||||
|
||||
'addpeer': self.addPeer,
|
||||
|
@ -168,7 +171,8 @@ class Onionr:
|
|||
'add-peer': 'Adds a peer (?)',
|
||||
'add-msg': 'Broadcasts a message to the Onionr network',
|
||||
'pm': 'Adds a private message to block',
|
||||
'gui': 'Opens a graphical interface for Onionr'
|
||||
'gui': 'Opens a graphical interface for Onionr',
|
||||
'getpms': 'Shows private messages sent to you'
|
||||
}
|
||||
|
||||
command = ''
|
||||
|
@ -277,12 +281,12 @@ class Onionr:
|
|||
|
||||
gui.OnionrGUI(self.onionrCore)
|
||||
|
||||
def listPeers(self):
|
||||
def listKeys(self):
|
||||
'''
|
||||
Displays a list of peers (?)
|
||||
Displays a list of keys (used to be called peers) (?)
|
||||
'''
|
||||
|
||||
logger.info('Peer list:\n')
|
||||
logger.info('Public keys in database:\n')
|
||||
for i in self.onionrCore.listPeers():
|
||||
logger.info(i)
|
||||
|
||||
|
@ -290,7 +294,7 @@ class Onionr:
|
|||
'''
|
||||
Adds a peer (?)
|
||||
'''
|
||||
|
||||
|
||||
try:
|
||||
newPeer = sys.argv[2]
|
||||
except:
|
||||
|
@ -332,6 +336,12 @@ class Onionr:
|
|||
self.onionrCore.setBlockType(addedHash, 'txt')
|
||||
|
||||
return
|
||||
|
||||
def getPMs(self):
|
||||
'''
|
||||
display PMs sent to us
|
||||
'''
|
||||
self.onionrUtils.loadPMs()
|
||||
|
||||
def enablePlugin(self):
|
||||
'''
|
||||
|
|
|
@ -80,20 +80,20 @@ class OnionrCrypto:
|
|||
retVal = anonBox.encrypt(data.encode(), encoder=encoding)
|
||||
return retVal
|
||||
|
||||
def pubKeyDecrypt(self, data, pubkey, anonymous=False, encodedData=False):
|
||||
def pubKeyDecrypt(self, data, pubkey='', anonymous=False, encodedData=False):
|
||||
'''pubkey decrypt (Curve25519, taken from Ed25519 pubkey)'''
|
||||
retVal = ''
|
||||
retVal = False
|
||||
if encodedData:
|
||||
encoding = nacl.encoding.Base64Encoder
|
||||
else:
|
||||
encoding = nacl.encoding.RawEncoder
|
||||
ownKey = nacl.signing.SigningKey(seed=self.privKey, encoder=nacl.encoding.Base32Encoder())
|
||||
if self.privKey != None and not anoymous:
|
||||
ownKey = nacl.signing.SigningKey(seed=self.privKey, encoder=nacl.encoding.Base32Encoder()).to_curve25519_private_key()
|
||||
if self.privKey != None and not anonymous:
|
||||
ourBox = nacl.public.Box(ownKey, pubkey)
|
||||
decrypted = ourBox.decrypt(data, encoder=encoding)
|
||||
elif anonymous:
|
||||
anonBox = nacl.public.SealedBox(ownKey)
|
||||
decrypted = anonBox.decrypt(data.encode(), encoder=encoding)
|
||||
decrypted = anonBox.decrypt(data, encoder=encoding)
|
||||
return decrypted
|
||||
|
||||
def symmetricPeerEncrypt(self, data, peer):
|
||||
|
|
|
@ -224,7 +224,7 @@ class OnionrUtils:
|
|||
nacl.signing.SigningKey(seed=key, encoder=nacl.encoding.Base32Encoder)
|
||||
except nacl.exceptions.ValueError:
|
||||
pass
|
||||
except binascii.Error:
|
||||
except base64.binascii.Error as err:
|
||||
pass
|
||||
else:
|
||||
retVal = True
|
||||
|
@ -274,3 +274,26 @@ class OnionrUtils:
|
|||
retVal = False
|
||||
|
||||
return retVal
|
||||
|
||||
def loadPMs(self):
|
||||
'''
|
||||
Find, decrypt, and return array of PMs (array of dictionary, {from, text})
|
||||
'''
|
||||
blocks = self._core.getBlockList().split('\n')
|
||||
message = ''
|
||||
sender = ''
|
||||
for i in blocks:
|
||||
if len (i) == 0:
|
||||
continue
|
||||
with open('data/blocks/' + i + '.dat', 'r') as potentialMessage:
|
||||
message = potentialMessage.read()
|
||||
if message.startswith('-pm-'):
|
||||
try:
|
||||
message = self._core._crypto.pubKeyDecrypt(message.replace('-pm-', ''), encodedData=True, anonymous=True)
|
||||
except nacl.exceptions.CryptoError as e:
|
||||
#logger.debug('Unable to decrypt ' + i)
|
||||
#logger.debug(str(e))
|
||||
pass
|
||||
else:
|
||||
logger.info('Recieved message: ' + message.decode())
|
||||
return
|
Loading…
Reference in New Issue