work on foward secrecy
This commit is contained in:
		
							parent
							
								
									8de7bd16c6
								
							
						
					
					
						commit
						5606a07757
					
				
					 3 changed files with 17 additions and 7 deletions
				
			
		|  | @ -76,6 +76,8 @@ class Core: | |||
|                 os.mkdir(self.dataDir + 'blocks/') | ||||
|             if not os.path.exists(self.blockDB): | ||||
|                 self.createBlockDB() | ||||
|             if not os.path.exists(self.forwardKeysFile): | ||||
|                 self.dbCreate.createForwardKeyDB() | ||||
| 
 | ||||
|             if os.path.exists(self.dataDir + '/hs/hostname'): | ||||
|                 with open(self.dataDir + '/hs/hostname', 'r') as hs: | ||||
|  |  | |||
|  | @ -37,6 +37,9 @@ class InvalidPubkey(Exception): | |||
| class KeyNotKnown(Exception): | ||||
|     pass | ||||
| 
 | ||||
| class DecryptionError(Exception): | ||||
|     pass | ||||
| 
 | ||||
| # block exceptions | ||||
| class InvalidMetadata(Exception): | ||||
|     pass | ||||
|  |  | |||
|  | @ -59,15 +59,20 @@ class OnionrUser: | |||
|         retData = '' | ||||
|         forwardKey = self._getLatestForwardKey() | ||||
|         if self._core._utils.validatePubKey(forwardKey): | ||||
|             encrypted = self._core._crypto.pubKeyEncrypt(data, forwardKey, encodedData=True) | ||||
|             retData = self._core._crypto.pubKeyEncrypt(data, forwardKey, encodedData=True) | ||||
|         else: | ||||
|             raise onionrexceptions.InvalidPubkey("No valid forward key available for this user") | ||||
|         return (data, forwardKey) | ||||
|         return (retData, forwardKey) | ||||
|      | ||||
|     def forwardDecrypt(self, encrypted): | ||||
|         retData = '' | ||||
|         for key in self | ||||
|         return | ||||
|         retData = "" | ||||
|         for key in self.getGeneratedForwardKeys(): | ||||
|             retData = self._core._crypto.pubKeyDecrypt(encrypted, pubkey=key[1]) | ||||
|             if retData != False: | ||||
|                 break | ||||
|         else: | ||||
|             raise onionrexceptions.DecryptionError("Could not decrypt forward secrecy content") | ||||
|         return retData | ||||
| 
 | ||||
|     def _getLatestForwardKey(self): | ||||
|         # Get the latest forward secrecy key for a peer | ||||
|  | @ -116,11 +121,11 @@ class OnionrUser: | |||
|         conn.close() | ||||
|         return newPub | ||||
| 
 | ||||
|     def getGeneratedForwardKeys(self, peer): | ||||
|     def getGeneratedForwardKeys(self): | ||||
|         # Fetch the keys we generated for the peer, that are still around | ||||
|         conn = sqlite3.connect(self._core.peerDB, timeout=10) | ||||
|         c = conn.cursor() | ||||
|         command = (peer,) | ||||
|         command = (self.publicKey,) | ||||
|         keyList = [] # list of tuples containing pub, private for peer | ||||
|         for result in c.execute("SELECT * FROM myForwardKeys where peer=?", command): | ||||
|             keyList.append((result[1], result[2])) | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue