fix pubkey signature bug leftover from objectProcessorThread-related-changes
This commit is contained in:
Jonathan Warren
parent
df7116bd72
commit
80932bbab0
|
|
@ -149,7 +149,7 @@ class objectProcessor(threading.Thread):
|
||||||
print 'Ignoring getpubkey request because it is for one of my chan addresses. The other party should already have the pubkey.'
|
print 'Ignoring getpubkey request because it is for one of my chan addresses. The other party should already have the pubkey.'
|
||||||
return
|
return
|
||||||
try:
|
try:
|
||||||
lastPubkeySendTime = int(config.get(
|
lastPubkeySendTime = int(shared.config.get(
|
||||||
myAddress, 'lastpubkeysendtime'))
|
myAddress, 'lastpubkeysendtime'))
|
||||||
except:
|
except:
|
||||||
lastPubkeySendTime = 0
|
lastPubkeySendTime = 0
|
||||||
|
|
@ -298,6 +298,15 @@ class objectProcessor(threading.Thread):
|
||||||
self.possibleNewPubkey(ripe = ripe)
|
self.possibleNewPubkey(ripe = ripe)
|
||||||
|
|
||||||
if addressVersion == 4:
|
if addressVersion == 4:
|
||||||
|
"""
|
||||||
|
There exist a function: shared.decryptAndCheckPubkeyPayload which does something almost
|
||||||
|
the same as this section of code. There are differences, however; one being that
|
||||||
|
decryptAndCheckPubkeyPayload requires that a cryptor object be created each time it is
|
||||||
|
run which is an expensive operation. This, on the other hand, keeps them saved in
|
||||||
|
the shared.neededPubkeys dictionary so that if an attacker sends us many
|
||||||
|
incorrectly-tagged pubkeys, which would force us to try to decrypt them, this code
|
||||||
|
would run and handle that event quite quickly.
|
||||||
|
"""
|
||||||
if len(data) < 350: # sanity check.
|
if len(data) < 350: # sanity check.
|
||||||
print '(within processpubkey) payloadLength less than 350. Sanity check failed.'
|
print '(within processpubkey) payloadLength less than 350. Sanity check failed.'
|
||||||
return
|
return
|
||||||
|
|
@ -321,7 +330,6 @@ class objectProcessor(threading.Thread):
|
||||||
print 'Pubkey decryption was unsuccessful.'
|
print 'Pubkey decryption was unsuccessful.'
|
||||||
return
|
return
|
||||||
|
|
||||||
|
|
||||||
readPosition = 0
|
readPosition = 0
|
||||||
bitfieldBehaviors = decryptedData[readPosition:readPosition + 4]
|
bitfieldBehaviors = decryptedData[readPosition:readPosition + 4]
|
||||||
readPosition += 4
|
readPosition += 4
|
||||||
|
|
|
||||||
|
|
@ -260,7 +260,6 @@ class singleWorker(threading.Thread):
|
||||||
payload = pack('>Q', (embeddedTime))
|
payload = pack('>Q', (embeddedTime))
|
||||||
payload += encodeVarint(addressVersionNumber) # Address version number
|
payload += encodeVarint(addressVersionNumber) # Address version number
|
||||||
payload += encodeVarint(streamNumber)
|
payload += encodeVarint(streamNumber)
|
||||||
dataToStoreInOurPubkeysTable = payload # used if this is a chan. We'll add more data further down.
|
|
||||||
|
|
||||||
dataToEncrypt = '\x00\x00\x00\x01' # bitfield of features supported by me (see the wiki).
|
dataToEncrypt = '\x00\x00\x00\x01' # bitfield of features supported by me (see the wiki).
|
||||||
|
|
||||||
|
|
@ -291,8 +290,6 @@ class singleWorker(threading.Thread):
|
||||||
dataToEncrypt += encodeVarint(shared.config.getint(
|
dataToEncrypt += encodeVarint(shared.config.getint(
|
||||||
myAddress, 'payloadlengthextrabytes'))
|
myAddress, 'payloadlengthextrabytes'))
|
||||||
|
|
||||||
dataToStoreInOurPubkeysTable += dataToEncrypt # dataToStoreInOurPubkeysTable is used if this is a chan
|
|
||||||
|
|
||||||
signature = highlevelcrypto.sign(payload + dataToEncrypt, privSigningKeyHex)
|
signature = highlevelcrypto.sign(payload + dataToEncrypt, privSigningKeyHex)
|
||||||
dataToEncrypt += encodeVarint(len(signature))
|
dataToEncrypt += encodeVarint(len(signature))
|
||||||
dataToEncrypt += signature
|
dataToEncrypt += signature
|
||||||
|
|
@ -337,10 +334,8 @@ class singleWorker(threading.Thread):
|
||||||
myAddress, 'lastpubkeysendtime', str(int(time.time())))
|
myAddress, 'lastpubkeysendtime', str(int(time.time())))
|
||||||
with open(shared.appdata + 'keys.dat', 'wb') as configfile:
|
with open(shared.appdata + 'keys.dat', 'wb') as configfile:
|
||||||
shared.config.write(configfile)
|
shared.config.write(configfile)
|
||||||
except:
|
except Exception as err:
|
||||||
# The user deleted the address out of the keys.dat file before this
|
logger.error('Error: Couldn\'t add the lastpubkeysendtime to the keys.dat file. Error message: %s' % err)
|
||||||
# finished.
|
|
||||||
pass
|
|
||||||
|
|
||||||
def sendBroadcast(self):
|
def sendBroadcast(self):
|
||||||
queryreturn = sqlQuery(
|
queryreturn = sqlQuery(
|
||||||
|
|
@ -686,7 +681,7 @@ class singleWorker(threading.Thread):
|
||||||
ackdata, tr.translateText("MainWindow", "Doing work necessary to send message."))))
|
ackdata, tr.translateText("MainWindow", "Doing work necessary to send message."))))
|
||||||
|
|
||||||
embeddedTime = pack('>Q', (int(time.time()) + random.randrange(
|
embeddedTime = pack('>Q', (int(time.time()) + random.randrange(
|
||||||
-300, 300))) # the current time plus or minus five minutes. We will use this time both for our message and for the ackdata packed within our message.
|
-300, 300))) # the current time plus or minus five minutes.
|
||||||
if fromAddressVersionNumber == 2:
|
if fromAddressVersionNumber == 2:
|
||||||
payload = '\x01' # Message version.
|
payload = '\x01' # Message version.
|
||||||
payload += encodeVarint(fromAddressVersionNumber)
|
payload += encodeVarint(fromAddressVersionNumber)
|
||||||
|
|
@ -726,7 +721,7 @@ class singleWorker(threading.Thread):
|
||||||
payload += encodeVarint(len(messageToTransmit))
|
payload += encodeVarint(len(messageToTransmit))
|
||||||
payload += messageToTransmit
|
payload += messageToTransmit
|
||||||
fullAckPayload = self.generateFullAckMessage(
|
fullAckPayload = self.generateFullAckMessage(
|
||||||
ackdata, toStreamNumber, embeddedTime) # The fullAckPayload is a normal msg protocol message with the proof of work already completed that the receiver of this message can easily send out.
|
ackdata, toStreamNumber) # The fullAckPayload is a normal msg protocol message with the proof of work already completed that the receiver of this message can easily send out.
|
||||||
payload += encodeVarint(len(fullAckPayload))
|
payload += encodeVarint(len(fullAckPayload))
|
||||||
payload += fullAckPayload
|
payload += fullAckPayload
|
||||||
signature = highlevelcrypto.sign(payload, privSigningKeyHex)
|
signature = highlevelcrypto.sign(payload, privSigningKeyHex)
|
||||||
|
|
@ -795,7 +790,7 @@ class singleWorker(threading.Thread):
|
||||||
fullAckPayload = ''
|
fullAckPayload = ''
|
||||||
else:
|
else:
|
||||||
fullAckPayload = self.generateFullAckMessage(
|
fullAckPayload = self.generateFullAckMessage(
|
||||||
ackdata, toStreamNumber, embeddedTime) # The fullAckPayload is a normal msg protocol message with the proof of work already completed that the receiver of this message can easily send out.
|
ackdata, toStreamNumber) # The fullAckPayload is a normal msg protocol message with the proof of work already completed that the receiver of this message can easily send out.
|
||||||
payload += encodeVarint(len(fullAckPayload))
|
payload += encodeVarint(len(fullAckPayload))
|
||||||
payload += fullAckPayload
|
payload += fullAckPayload
|
||||||
signature = highlevelcrypto.sign(payload, privSigningKeyHex)
|
signature = highlevelcrypto.sign(payload, privSigningKeyHex)
|
||||||
|
|
@ -934,7 +929,9 @@ class singleWorker(threading.Thread):
|
||||||
shared.UISignalQueue.put(('updateSentItemStatusByHash', (ripe, tr.translateText("MainWindow",'Sending public key request. Waiting for reply. Requested at %1').arg(unicode(
|
shared.UISignalQueue.put(('updateSentItemStatusByHash', (ripe, tr.translateText("MainWindow",'Sending public key request. Waiting for reply. Requested at %1').arg(unicode(
|
||||||
strftime(shared.config.get('bitmessagesettings', 'timeformat'), localtime(int(time.time()))), 'utf-8')))))
|
strftime(shared.config.get('bitmessagesettings', 'timeformat'), localtime(int(time.time()))), 'utf-8')))))
|
||||||
|
|
||||||
def generateFullAckMessage(self, ackdata, toStreamNumber, embeddedTime):
|
def generateFullAckMessage(self, ackdata, toStreamNumber):
|
||||||
|
embeddedTime = pack('>Q', (int(time.time()) + random.randrange(
|
||||||
|
-300, 300))) # the current time plus or minus five minutes.
|
||||||
payload = embeddedTime + encodeVarint(toStreamNumber) + ackdata
|
payload = embeddedTime + encodeVarint(toStreamNumber) + ackdata
|
||||||
target = 2 ** 64 / ((len(payload) + shared.networkDefaultPayloadLengthExtraBytes +
|
target = 2 ** 64 / ((len(payload) + shared.networkDefaultPayloadLengthExtraBytes +
|
||||||
8) * shared.networkDefaultProofOfWorkNonceTrialsPerByte)
|
8) * shared.networkDefaultProofOfWorkNonceTrialsPerByte)
|
||||||
|
|
|
||||||
|
|
@ -437,7 +437,7 @@ def decryptAndCheckPubkeyPayload(payload, address):
|
||||||
print 'Pubkey decryption was UNsuccessful due to stream number mismatch. This shouldn\'t have happened.'
|
print 'Pubkey decryption was UNsuccessful due to stream number mismatch. This shouldn\'t have happened.'
|
||||||
return 'failed'
|
return 'failed'
|
||||||
readPosition += varintLength
|
readPosition += varintLength
|
||||||
signedData = payload[:readPosition] # Some of the signed data is not encrypted so let's keep it for now.
|
signedData = payload[8:readPosition] # Some of the signed data is not encrypted so let's keep it for now.
|
||||||
toTag = payload[readPosition:readPosition+32]
|
toTag = payload[readPosition:readPosition+32]
|
||||||
readPosition += 32 #for the tag
|
readPosition += 32 #for the tag
|
||||||
encryptedData = payload[readPosition:]
|
encryptedData = payload[readPosition:]
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user