removed non-anonymous pubkey encryption, fixes, more tests
This commit is contained in:
parent
4afff79d2f
commit
2e99b6b95c
7 changed files with 33 additions and 41 deletions
|
@ -779,10 +779,10 @@ class Core:
|
|||
if self._utils.validatePubKey(asymPeer):
|
||||
# Encrypt block data with forward secrecy key first, but not meta
|
||||
jsonMeta = json.dumps(meta)
|
||||
jsonMeta = self._crypto.pubKeyEncrypt(jsonMeta, asymPeer, encodedData=True, anonymous=True).decode()
|
||||
data = self._crypto.pubKeyEncrypt(data, asymPeer, encodedData=True, anonymous=True).decode()
|
||||
signature = self._crypto.pubKeyEncrypt(signature, asymPeer, encodedData=True, anonymous=True).decode()
|
||||
signer = self._crypto.pubKeyEncrypt(signer, asymPeer, encodedData=True, anonymous=True).decode()
|
||||
jsonMeta = self._crypto.pubKeyEncrypt(jsonMeta, asymPeer, encodedData=True).decode()
|
||||
data = self._crypto.pubKeyEncrypt(data, asymPeer, encodedData=True).decode()
|
||||
signature = self._crypto.pubKeyEncrypt(signature, asymPeer, encodedData=True).decode()
|
||||
signer = self._crypto.pubKeyEncrypt(signer, asymPeer, encodedData=True).decode()
|
||||
onionrusers.OnionrUser(self, asymPeer, saveUser=True)
|
||||
else:
|
||||
raise onionrexceptions.InvalidPubkey(asymPeer + ' is not a valid base32 encoded ed25519 key')
|
||||
|
|
|
@ -94,52 +94,41 @@ class OnionrCrypto:
|
|||
retData = key.sign(data).signature
|
||||
return retData
|
||||
|
||||
def pubKeyEncrypt(self, data, pubkey, anonymous=True, encodedData=False):
|
||||
def pubKeyEncrypt(self, data, pubkey, encodedData=False):
|
||||
'''Encrypt to a public key (Curve25519, taken from base32 Ed25519 pubkey)'''
|
||||
retVal = ''
|
||||
try:
|
||||
pubkey = pubkey.encode()
|
||||
except AttributeError:
|
||||
pass
|
||||
box = None
|
||||
data = self._core._utils.strToBytes(data)
|
||||
|
||||
pubkey = nacl.signing.VerifyKey(pubkey, encoder=nacl.encoding.Base32Encoder()).to_curve25519_public_key()
|
||||
|
||||
if encodedData:
|
||||
encoding = nacl.encoding.Base64Encoder
|
||||
else:
|
||||
encoding = nacl.encoding.RawEncoder
|
||||
|
||||
box = nacl.public.SealedBox(pubkey)
|
||||
retVal = box.encrypt(data, encoder=encoding)
|
||||
|
||||
if self.privKey != None and not anonymous:
|
||||
ownKey = nacl.signing.SigningKey(seed=self.privKey, encoder=nacl.encoding.Base32Encoder).to_curve25519_private_key()
|
||||
key = nacl.signing.VerifyKey(key=pubkey, encoder=nacl.encoding.Base32Encoder).to_curve25519_public_key()
|
||||
ourBox = nacl.public.Box(ownKey, key)
|
||||
retVal = ourBox.encrypt(data.encode(), encoder=encoding)
|
||||
elif anonymous:
|
||||
key = nacl.signing.VerifyKey(key=pubkey, encoder=nacl.encoding.Base32Encoder).to_curve25519_public_key()
|
||||
anonBox = nacl.public.SealedBox(key)
|
||||
try:
|
||||
data = data.encode()
|
||||
except AttributeError:
|
||||
pass
|
||||
retVal = anonBox.encrypt(data, encoder=encoding)
|
||||
return retVal
|
||||
|
||||
def pubKeyDecrypt(self, data, pubkey='', privkey='', anonymous=False, encodedData=False):
|
||||
def pubKeyDecrypt(self, data, pubkey='', privkey='', encodedData=False):
|
||||
'''pubkey decrypt (Curve25519, taken from Ed25519 pubkey)'''
|
||||
decrypted = False
|
||||
if encodedData:
|
||||
encoding = nacl.encoding.Base64Encoder
|
||||
else:
|
||||
encoding = nacl.encoding.RawEncoder
|
||||
ownKey = nacl.signing.SigningKey(seed=self.privKey, encoder=nacl.encoding.Base32Encoder()).to_curve25519_private_key()
|
||||
if self.privKey != None and not anonymous:
|
||||
ourBox = nacl.public.Box(ownKey, pubkey)
|
||||
decrypted = ourBox.decrypt(data, encoder=encoding)
|
||||
elif anonymous:
|
||||
if self._core._utils.validatePubKey(privkey):
|
||||
privkey = nacl.signing.SigningKey(seed=privkey, encoder=nacl.encoding.Base32Encoder()).to_curve25519_private_key()
|
||||
anonBox = nacl.public.SealedBox(privkey)
|
||||
else:
|
||||
anonBox = nacl.public.SealedBox(ownKey)
|
||||
decrypted = anonBox.decrypt(data, encoder=encoding)
|
||||
if privkey == '':
|
||||
privkey = self.privKey
|
||||
ownKey = nacl.signing.SigningKey(seed=privkey, encoder=nacl.encoding.Base32Encoder()).to_curve25519_private_key()
|
||||
|
||||
if self._core._utils.validatePubKey(privkey):
|
||||
privkey = nacl.signing.SigningKey(seed=privkey, encoder=nacl.encoding.Base32Encoder()).to_curve25519_private_key()
|
||||
anonBox = nacl.public.SealedBox(privkey)
|
||||
else:
|
||||
anonBox = nacl.public.SealedBox(ownKey)
|
||||
decrypted = anonBox.decrypt(data, encoder=encoding)
|
||||
return decrypted
|
||||
|
||||
def symmetricEncrypt(self, data, key, encodedKey=False, returnEncoded=True):
|
||||
|
|
|
@ -64,9 +64,9 @@ def getDifficultyForNewBlock(data, ourBlock=True):
|
|||
else:
|
||||
raise ValueError('not Block, str, or int')
|
||||
if ourBlock:
|
||||
minDifficulty = config.get('general.minimum_send_pow')
|
||||
minDifficulty = config.get('general.minimum_send_pow', 4)
|
||||
else:
|
||||
minDifficulty = config.get('general.minimum_block_pow')
|
||||
minDifficulty = config.get('general.minimum_block_pow', 4)
|
||||
|
||||
retData = max(minDifficulty, math.floor(dataSize / 100000)) + getDifficultyModifier()
|
||||
return retData
|
||||
|
|
|
@ -87,7 +87,7 @@ class OnionrUser:
|
|||
retData = ''
|
||||
forwardKey = self._getLatestForwardKey()
|
||||
if self._core._utils.validatePubKey(forwardKey):
|
||||
retData = self._core._crypto.pubKeyEncrypt(data, forwardKey, encodedData=True, anonymous=True)
|
||||
retData = self._core._crypto.pubKeyEncrypt(data, forwardKey, encodedData=True)
|
||||
else:
|
||||
raise onionrexceptions.InvalidPubkey("No valid forward secrecy key available for this user")
|
||||
#self.generateForwardKey()
|
||||
|
|
|
@ -69,7 +69,7 @@ class PlainEncryption:
|
|||
data['data'] = plaintext
|
||||
data = json.dumps(data)
|
||||
plaintext = data
|
||||
encrypted = self.api.get_core()._crypto.pubKeyEncrypt(plaintext, pubkey, anonymous=True, encodedData=True)
|
||||
encrypted = self.api.get_core()._crypto.pubKeyEncrypt(plaintext, pubkey, encodedData=True)
|
||||
encrypted = self.api.get_core()._utils.bytesToStr(encrypted)
|
||||
logger.info('Encrypted Message: \n\nONIONR ENCRYPTED DATA %s END ENCRYPTED DATA' % (encrypted,))
|
||||
|
||||
|
|
|
@ -49,13 +49,13 @@ class StorageCounter:
|
|||
def getPercent(self):
|
||||
'''Return percent (decimal/float) of disk space we're using'''
|
||||
amount = self.getAmount()
|
||||
return round(amount / self._core.config.get('allocations.disk'), 2)
|
||||
return round(amount / self._core.config.get('allocations.disk', 2000000000), 2)
|
||||
|
||||
def addBytes(self, amount):
|
||||
'''Record that we are now using more disk space, unless doing so would exceed configured max'''
|
||||
newAmount = amount + self.getAmount()
|
||||
retData = newAmount
|
||||
if newAmount > self._core.config.get('allocations.disk'):
|
||||
if newAmount > self._core.config.get('allocations.disk', 2000000000):
|
||||
retData = False
|
||||
else:
|
||||
self._update(newAmount)
|
||||
|
|
|
@ -1,7 +1,10 @@
|
|||
#!/bin/bash
|
||||
cd onionr;
|
||||
mkdir testdata;
|
||||
ran=0
|
||||
for f in tests/*.py; do
|
||||
python3 "$f" || break # if needed
|
||||
let "ran++"
|
||||
done
|
||||
rm -rf testdata;
|
||||
rm -rf testdata;
|
||||
echo "ran $ran test files successfully"
|
Loading…
Reference in a new issue