fixed forward secrecy time conflicts, adjusted tests

2019-02-20 17:12:11 -06:00 · 2019-02-20 17:12:11 -06:00 · bcb0af2e54
commit bcb0af2e54
parent 651e2b173b
6 changed files with 47 additions and 30 deletions
--- a/onionr/onionrusers/onionrusers.py
+++ b/onionr/onionrusers/onionrusers.py
@ -17,7 +17,7 @@
    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <https://www.gnu.org/licenses/>.
 '''
-import onionrblockapi, logger, onionrexceptions, json, sqlite3
+import onionrblockapi, logger, onionrexceptions, json, sqlite3, time
 import nacl.exceptions

 def deleteExpiredKeys(coreInst):
@ -76,11 +76,11 @@ class OnionrUser:
        return retData

    def encrypt(self, data):
-        encrypted = coreInst._crypto.pubKeyEncrypt(data, self.publicKey, encodedData=True)
+        encrypted = self._core._crypto.pubKeyEncrypt(data, self.publicKey, encodedData=True)
        return encrypted

    def decrypt(self, data):
-        decrypted = coreInst._crypto.pubKeyDecrypt(data, self.publicKey, encodedData=True)
+        decrypted = self._core._crypto.pubKeyDecrypt(data, self.publicKey, encodedData=True)
        return decrypted

    def forwardEncrypt(self, data):
@ -127,9 +127,8 @@ class OnionrUser:
        c = conn.cursor()
        keyList = []

-        for row in c.execute("SELECT forwardKey FROM forwardKeys WHERE peerKey = ? ORDER BY date DESC", (self.publicKey,)):
-            key = row[0]
-            keyList.append(key)
+        for row in c.execute("SELECT forwardKey, date FROM forwardKeys WHERE peerKey = ? ORDER BY date DESC", (self.publicKey,)):
+            keyList.append((row[0], row[1]))

        conn.commit()
        conn.close()
@ -176,15 +175,26 @@ class OnionrUser:

    def addForwardKey(self, newKey, expire=604800):
        if not self._core._utils.validatePubKey(newKey):
+            # Do not add if something went wrong with the key
            raise onionrexceptions.InvalidPubkey(newKey)
-        if newKey in self._getForwardKeys():
-            return False
-        # Add a forward secrecy key for the peer
+
        conn = sqlite3.connect(self._core.peerDB, timeout=10)
        c = conn.cursor()
+
+        # Get the time we're inserting the key at
+        timeInsert = self._core._utils.getEpoch()
+
+        # Look at our current keys for duplicate key data or time
+        for entry in self._getForwardKeys():
+            if entry[0] == newKey:
+                return False
+            if entry[1] == timeInsert:
+                timeInsert += 1
+                time.sleep(1) # Sleep if our time is the same in order to prevent duplicate time records
+
+        # Add a forward secrecy key for the peer
        # Prepare the insert
-        time = self._core._utils.getEpoch()
-        command = (self.publicKey, newKey, time, time + expire)
+        command = (self.publicKey, newKey, timeInsert, timeInsert + expire)

        c.execute("INSERT INTO forwardKeys VALUES(?, ?, ?, ?);", command)