work on foward secrecy

master
Kevin Froman 2018-10-07 00:06:44 -05:00
parent 8de7bd16c6
commit 5606a07757
3 changed files with 17 additions and 7 deletions

View File

@ -76,6 +76,8 @@ class Core:
os.mkdir(self.dataDir + 'blocks/')
if not os.path.exists(self.blockDB):
self.createBlockDB()
if not os.path.exists(self.forwardKeysFile):
self.dbCreate.createForwardKeyDB()
if os.path.exists(self.dataDir + '/hs/hostname'):
with open(self.dataDir + '/hs/hostname', 'r') as hs:

View File

@ -37,6 +37,9 @@ class InvalidPubkey(Exception):
class KeyNotKnown(Exception):
pass
class DecryptionError(Exception):
pass
# block exceptions
class InvalidMetadata(Exception):
pass

View File

@ -59,15 +59,20 @@ class OnionrUser:
retData = ''
forwardKey = self._getLatestForwardKey()
if self._core._utils.validatePubKey(forwardKey):
encrypted = self._core._crypto.pubKeyEncrypt(data, forwardKey, encodedData=True)
retData = self._core._crypto.pubKeyEncrypt(data, forwardKey, encodedData=True)
else:
raise onionrexceptions.InvalidPubkey("No valid forward key available for this user")
return (data, forwardKey)
return (retData, forwardKey)
def forwardDecrypt(self, encrypted):
retData = ''
for key in self
return
retData = ""
for key in self.getGeneratedForwardKeys():
retData = self._core._crypto.pubKeyDecrypt(encrypted, pubkey=key[1])
if retData != False:
break
else:
raise onionrexceptions.DecryptionError("Could not decrypt forward secrecy content")
return retData
def _getLatestForwardKey(self):
# Get the latest forward secrecy key for a peer
@ -116,11 +121,11 @@ class OnionrUser:
conn.close()
return newPub
def getGeneratedForwardKeys(self, peer):
def getGeneratedForwardKeys(self):
# Fetch the keys we generated for the peer, that are still around
conn = sqlite3.connect(self._core.peerDB, timeout=10)
c = conn.cursor()
command = (peer,)
command = (self.publicKey,)
keyList = [] # list of tuples containing pub, private for peer
for result in c.execute("SELECT * FROM myForwardKeys where peer=?", command):
keyList.append((result[1], result[2]))