removed non-anonymous pubkey encryption, fixes, more tests
parent
4afff79d2f
commit
2e99b6b95c
|
@ -779,10 +779,10 @@ class Core:
|
||||||
if self._utils.validatePubKey(asymPeer):
|
if self._utils.validatePubKey(asymPeer):
|
||||||
# Encrypt block data with forward secrecy key first, but not meta
|
# Encrypt block data with forward secrecy key first, but not meta
|
||||||
jsonMeta = json.dumps(meta)
|
jsonMeta = json.dumps(meta)
|
||||||
jsonMeta = self._crypto.pubKeyEncrypt(jsonMeta, asymPeer, encodedData=True, anonymous=True).decode()
|
jsonMeta = self._crypto.pubKeyEncrypt(jsonMeta, asymPeer, encodedData=True).decode()
|
||||||
data = self._crypto.pubKeyEncrypt(data, asymPeer, encodedData=True, anonymous=True).decode()
|
data = self._crypto.pubKeyEncrypt(data, asymPeer, encodedData=True).decode()
|
||||||
signature = self._crypto.pubKeyEncrypt(signature, asymPeer, encodedData=True, anonymous=True).decode()
|
signature = self._crypto.pubKeyEncrypt(signature, asymPeer, encodedData=True).decode()
|
||||||
signer = self._crypto.pubKeyEncrypt(signer, asymPeer, encodedData=True, anonymous=True).decode()
|
signer = self._crypto.pubKeyEncrypt(signer, asymPeer, encodedData=True).decode()
|
||||||
onionrusers.OnionrUser(self, asymPeer, saveUser=True)
|
onionrusers.OnionrUser(self, asymPeer, saveUser=True)
|
||||||
else:
|
else:
|
||||||
raise onionrexceptions.InvalidPubkey(asymPeer + ' is not a valid base32 encoded ed25519 key')
|
raise onionrexceptions.InvalidPubkey(asymPeer + ' is not a valid base32 encoded ed25519 key')
|
||||||
|
|
|
@ -94,46 +94,35 @@ class OnionrCrypto:
|
||||||
retData = key.sign(data).signature
|
retData = key.sign(data).signature
|
||||||
return retData
|
return retData
|
||||||
|
|
||||||
def pubKeyEncrypt(self, data, pubkey, anonymous=True, encodedData=False):
|
def pubKeyEncrypt(self, data, pubkey, encodedData=False):
|
||||||
'''Encrypt to a public key (Curve25519, taken from base32 Ed25519 pubkey)'''
|
'''Encrypt to a public key (Curve25519, taken from base32 Ed25519 pubkey)'''
|
||||||
retVal = ''
|
retVal = ''
|
||||||
try:
|
box = None
|
||||||
pubkey = pubkey.encode()
|
data = self._core._utils.strToBytes(data)
|
||||||
except AttributeError:
|
|
||||||
pass
|
pubkey = nacl.signing.VerifyKey(pubkey, encoder=nacl.encoding.Base32Encoder()).to_curve25519_public_key()
|
||||||
|
|
||||||
if encodedData:
|
if encodedData:
|
||||||
encoding = nacl.encoding.Base64Encoder
|
encoding = nacl.encoding.Base64Encoder
|
||||||
else:
|
else:
|
||||||
encoding = nacl.encoding.RawEncoder
|
encoding = nacl.encoding.RawEncoder
|
||||||
|
|
||||||
if self.privKey != None and not anonymous:
|
box = nacl.public.SealedBox(pubkey)
|
||||||
ownKey = nacl.signing.SigningKey(seed=self.privKey, encoder=nacl.encoding.Base32Encoder).to_curve25519_private_key()
|
retVal = box.encrypt(data, encoder=encoding)
|
||||||
key = nacl.signing.VerifyKey(key=pubkey, encoder=nacl.encoding.Base32Encoder).to_curve25519_public_key()
|
|
||||||
ourBox = nacl.public.Box(ownKey, key)
|
|
||||||
retVal = ourBox.encrypt(data.encode(), encoder=encoding)
|
|
||||||
elif anonymous:
|
|
||||||
key = nacl.signing.VerifyKey(key=pubkey, encoder=nacl.encoding.Base32Encoder).to_curve25519_public_key()
|
|
||||||
anonBox = nacl.public.SealedBox(key)
|
|
||||||
try:
|
|
||||||
data = data.encode()
|
|
||||||
except AttributeError:
|
|
||||||
pass
|
|
||||||
retVal = anonBox.encrypt(data, encoder=encoding)
|
|
||||||
return retVal
|
return retVal
|
||||||
|
|
||||||
def pubKeyDecrypt(self, data, pubkey='', privkey='', anonymous=False, encodedData=False):
|
def pubKeyDecrypt(self, data, pubkey='', privkey='', encodedData=False):
|
||||||
'''pubkey decrypt (Curve25519, taken from Ed25519 pubkey)'''
|
'''pubkey decrypt (Curve25519, taken from Ed25519 pubkey)'''
|
||||||
decrypted = False
|
decrypted = False
|
||||||
if encodedData:
|
if encodedData:
|
||||||
encoding = nacl.encoding.Base64Encoder
|
encoding = nacl.encoding.Base64Encoder
|
||||||
else:
|
else:
|
||||||
encoding = nacl.encoding.RawEncoder
|
encoding = nacl.encoding.RawEncoder
|
||||||
ownKey = nacl.signing.SigningKey(seed=self.privKey, encoder=nacl.encoding.Base32Encoder()).to_curve25519_private_key()
|
if privkey == '':
|
||||||
if self.privKey != None and not anonymous:
|
privkey = self.privKey
|
||||||
ourBox = nacl.public.Box(ownKey, pubkey)
|
ownKey = nacl.signing.SigningKey(seed=privkey, encoder=nacl.encoding.Base32Encoder()).to_curve25519_private_key()
|
||||||
decrypted = ourBox.decrypt(data, encoder=encoding)
|
|
||||||
elif anonymous:
|
|
||||||
if self._core._utils.validatePubKey(privkey):
|
if self._core._utils.validatePubKey(privkey):
|
||||||
privkey = nacl.signing.SigningKey(seed=privkey, encoder=nacl.encoding.Base32Encoder()).to_curve25519_private_key()
|
privkey = nacl.signing.SigningKey(seed=privkey, encoder=nacl.encoding.Base32Encoder()).to_curve25519_private_key()
|
||||||
anonBox = nacl.public.SealedBox(privkey)
|
anonBox = nacl.public.SealedBox(privkey)
|
||||||
|
|
|
@ -64,9 +64,9 @@ def getDifficultyForNewBlock(data, ourBlock=True):
|
||||||
else:
|
else:
|
||||||
raise ValueError('not Block, str, or int')
|
raise ValueError('not Block, str, or int')
|
||||||
if ourBlock:
|
if ourBlock:
|
||||||
minDifficulty = config.get('general.minimum_send_pow')
|
minDifficulty = config.get('general.minimum_send_pow', 4)
|
||||||
else:
|
else:
|
||||||
minDifficulty = config.get('general.minimum_block_pow')
|
minDifficulty = config.get('general.minimum_block_pow', 4)
|
||||||
|
|
||||||
retData = max(minDifficulty, math.floor(dataSize / 100000)) + getDifficultyModifier()
|
retData = max(minDifficulty, math.floor(dataSize / 100000)) + getDifficultyModifier()
|
||||||
return retData
|
return retData
|
||||||
|
|
|
@ -87,7 +87,7 @@ class OnionrUser:
|
||||||
retData = ''
|
retData = ''
|
||||||
forwardKey = self._getLatestForwardKey()
|
forwardKey = self._getLatestForwardKey()
|
||||||
if self._core._utils.validatePubKey(forwardKey):
|
if self._core._utils.validatePubKey(forwardKey):
|
||||||
retData = self._core._crypto.pubKeyEncrypt(data, forwardKey, encodedData=True, anonymous=True)
|
retData = self._core._crypto.pubKeyEncrypt(data, forwardKey, encodedData=True)
|
||||||
else:
|
else:
|
||||||
raise onionrexceptions.InvalidPubkey("No valid forward secrecy key available for this user")
|
raise onionrexceptions.InvalidPubkey("No valid forward secrecy key available for this user")
|
||||||
#self.generateForwardKey()
|
#self.generateForwardKey()
|
||||||
|
|
|
@ -69,7 +69,7 @@ class PlainEncryption:
|
||||||
data['data'] = plaintext
|
data['data'] = plaintext
|
||||||
data = json.dumps(data)
|
data = json.dumps(data)
|
||||||
plaintext = data
|
plaintext = data
|
||||||
encrypted = self.api.get_core()._crypto.pubKeyEncrypt(plaintext, pubkey, anonymous=True, encodedData=True)
|
encrypted = self.api.get_core()._crypto.pubKeyEncrypt(plaintext, pubkey, encodedData=True)
|
||||||
encrypted = self.api.get_core()._utils.bytesToStr(encrypted)
|
encrypted = self.api.get_core()._utils.bytesToStr(encrypted)
|
||||||
logger.info('Encrypted Message: \n\nONIONR ENCRYPTED DATA %s END ENCRYPTED DATA' % (encrypted,))
|
logger.info('Encrypted Message: \n\nONIONR ENCRYPTED DATA %s END ENCRYPTED DATA' % (encrypted,))
|
||||||
|
|
||||||
|
|
|
@ -49,13 +49,13 @@ class StorageCounter:
|
||||||
def getPercent(self):
|
def getPercent(self):
|
||||||
'''Return percent (decimal/float) of disk space we're using'''
|
'''Return percent (decimal/float) of disk space we're using'''
|
||||||
amount = self.getAmount()
|
amount = self.getAmount()
|
||||||
return round(amount / self._core.config.get('allocations.disk'), 2)
|
return round(amount / self._core.config.get('allocations.disk', 2000000000), 2)
|
||||||
|
|
||||||
def addBytes(self, amount):
|
def addBytes(self, amount):
|
||||||
'''Record that we are now using more disk space, unless doing so would exceed configured max'''
|
'''Record that we are now using more disk space, unless doing so would exceed configured max'''
|
||||||
newAmount = amount + self.getAmount()
|
newAmount = amount + self.getAmount()
|
||||||
retData = newAmount
|
retData = newAmount
|
||||||
if newAmount > self._core.config.get('allocations.disk'):
|
if newAmount > self._core.config.get('allocations.disk', 2000000000):
|
||||||
retData = False
|
retData = False
|
||||||
else:
|
else:
|
||||||
self._update(newAmount)
|
self._update(newAmount)
|
||||||
|
|
|
@ -1,7 +1,10 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
cd onionr;
|
cd onionr;
|
||||||
mkdir testdata;
|
mkdir testdata;
|
||||||
|
ran=0
|
||||||
for f in tests/*.py; do
|
for f in tests/*.py; do
|
||||||
python3 "$f" || break # if needed
|
python3 "$f" || break # if needed
|
||||||
|
let "ran++"
|
||||||
done
|
done
|
||||||
rm -rf testdata;
|
rm -rf testdata;
|
||||||
|
echo "ran $ran test files successfully"
|
Loading…
Reference in New Issue