def get(self, request):
gks = db.get('gks')
stream = server.getps(db.get('gkfp'))
gke = db.get('gke')
box = pubfool.Box(gke, gke.public_key)
hits = list()
for post in stream:
valid = True # Valid signature, will be flipped to False on error
try:
post = json.loads(box.decrypt(debase(post['encrypted']), debase(post['nonce'])).decode())
print(post)
except Exception: # Multiple exceptions can happen which can show malformed message, such as non-UTF8 characters, bad JSON, bad nonce, bad ciphertext, etc. just miss and move on
continue
try:
gks.verify_key.verify(post['msg'].encode(), debase(post['sig']))
uks = signfool.VerifyKey(post['gangsta']['edpub'].encode(), encoder=b64)
uks.verify(post['msg'].encode(), debase(post['usig']))
post['KH'] = base64.b64encode(whirlpool(post['gangsta']['edpub'].encode()+post['gangsta']['cvpub'].encode())).decode()
except BadSignatureError:
valid = False
except Exception:
continue
if valid:
hits.append(post)
pass
pass
hits.reverse()
ctx = dict(hits=hits)
return render(request, 'stream.get.html', ctx)
def post(self, request):
f = FPForm(request.POST)
if not f.is_valid():
raise RuntimeError("Invalid HTML form submitted")
msg = f.cleaned_data['message']
msig = db.get('user-edkeys').sign(msg.encode())
msig = msig._signature
msig = base64.b64encode(msig).decode()
key = db.get('user-edkeys').verify_key.encode(encoder=b64).decode()
j = {'msg': msg, 'sig': msig, 'key': key}
server.HTTP().POST('/new/fp', j)
return render(request, 'feeds.post.html', dict(j=j,
msig=msig,
feed=key))
def post(self, request):
form = USF(request.POST)
if not form.is_valid():
raise RuntimeError("Invalid HTML Form submitted")
password = form.cleaned_data['password']
pseudonym = form.cleaned_data['pseudonym']
kdf = KDF(
algorithm=hashes.Whirlpool(),
length=int(
32 + 32), # 32: Edwards25519 seed, second 32: Curve25519 seed
salt=whirlpool(pseudonym.encode()),
iterations=int(1e6),
backend=default_backend())
key = kdf.derive(password.encode())
edkey = signfool.SigningKey(
key[0:32]
) # Use the first 32-bytes of the derived key as Edwards25519 seed
cvkp = pubfool.PrivateKey(
key[32:64]) # Use the second half as Curve25519 seed
try:
sig = db.get('gks').sign(cvkp.public_key.encode(encoder=b64))
except KeyError:
return render(request, 'freakedup.html',
{'err': "You are not part of a group, yet"})
db.set("user-edkeys", edkey)
db.set("user-cvkeys", cvkp)
db.set("user-keysig", sig)
edkey_fingerprint = base64.b64encode(whirlpool(
edkey._signing_key)).decode()
cvkey_fingerprint = base64.b64encode(whirlpool(
cvkp._private_key)).decode()
ctx = dict(edkey_fp=edkey_fingerprint,
cvkey_fp=cvkey_fingerprint,
sig=base64.b64encode(sig).decode())
return render(request, 'user.post.html', ctx)
def get(self, request, key):
if key == 'self':
key = db.get('user-edkeys').verify_key.encode(encoder=b64)
key = quote(key)
return redirect(to="/feeds/{key}".format(key=key))
stream = server.HTTP().POST('/get/feed', {'key': key})
key = signfool.VerifyKey(key, b64)
hits = list()
for feed in stream:
valid = True
try:
key.verify(feed['message'].encode(), debase(feed['sig']))
except Exception:
valid = False
if valid:
hits.append(feed['message'])
hits.reverse()
ctx = dict(hits=hits, key=key.encode(encoder=b64))
return render(request, 'feeds.get.html', ctx)
def post(self, request):
form = PF(request.POST, request.FILES)
if not form.is_valid():
raise RuntimeError("Invalid HTML form submitted")
message = form.cleaned_data['message']
name = form.cleaned_data['name']
image = form.cleaned_data['image']
if message == 'none':
raise KeyError("Message doesn't exist")
gks = db.get('gks')
gke = db.get('gke')
sig = gks.sign(message.encode())
usig = db.get("user-edkeys").sign(message.encode())
box = pubfool.Box(gke, gke.public_key)
gangsta = {
'name': name,
'edpub': db.get("user-edkeys").verify_key.encode(encoder=b64).decode(),
'cvpub': db.get("user-cvkeys").public_key.encode(encoder=b64).decode(),
}
payload = {
'msg': sig.message.decode(),
'sig': base64.b64encode(sig.signature).decode(),
'usig': base64.b64encode(usig.signature).decode(),
'gangsta': gangsta,
}
if image is not None:
buf = image.read()
payload ['image'] = base64.b64encode(buf).decode()
else:
payload['image'] = None
nonce = os.urandom(24)
payload = json.dumps(payload)
payload = box.encrypt(plaintext=payload.encode(), nonce=nonce)
realpayload = {
'key': db.get('gkfp'),
'encrypted': base64.b64encode(payload._ciphertext).decode(),
'nonce': base64.b64encode(nonce).decode(),
}
server.HTTP().POST("/new/post", realpayload)
ctx = dict(sig=base64.b64encode(sig.signature).decode())
return render(request, "newpost.post.html", ctx)