def decrypt(self):
plaintext = ""
data = ""
logger.info("Please enter your message (ctrl-d or -q to stop):",
terminal=True)
keypair = getourkeypair.get_keypair()
try:
for line in sys.stdin:
if line == '-q\n':
break
data += line
except KeyboardInterrupt:
sys.exit(1)
if len(data) <= 1:
return
encrypted = data.replace('ONIONR ENCRYPTED DATA ',
'').replace('END ENCRYPTED DATA', '')
myPub = keypair[0]
decrypted = encryption.pub_key_decrypt(encrypted,
privkey=keypair[1],
encodedData=True)
if decrypted == False:
logger.error("Decryption failed", terminal=True)
else:
data = json.loads(decrypted)
logger.info('Decrypted Message: \n\n%s' % data['data'],
terminal=True)
try:
logger.info("Signing public key: %s" % (data['signer'], ),
terminal=True)
if not signing.ed_verify(data['data'], data['signer'],
data['sig']):
raise ValueError
except (ValueError, KeyError) as e:
logger.warn(
"WARNING: THIS MESSAGE HAS A MISSING OR INVALID SIGNATURE",
terminal=True)
else:
logger.info("Message has good signature.", terminal=True)
return
def decrypt(self, encodedData=True):
"""
Decrypt a block, loading decrypted data into their vars
"""
if self.decrypted:
return True
retData = False
# decrypt data
if self.getHeader('encryptType') == 'asym':
try:
try:
self.bcontent = encryption.pub_key_decrypt(
self.bcontent, encodedData=encodedData)
except (binascii.Error, ValueError) as e:
self.bcontent = encryption.pub_key_decrypt(
self.bcontent, encodedData=False)
bmeta = encryption.pub_key_decrypt(self.bmetadata,
encodedData=encodedData)
try:
bmeta = bmeta.decode()
except AttributeError:
# yet another bytes fix
pass
self.bmetadata = json.loads(bmeta)
self.signature = encryption.pub_key_decrypt(
self.signature, encodedData=encodedData)
self.signer = encryption.pub_key_decrypt(
self.signer, encodedData=encodedData)
self.bheader['signer'] = self.signer.decode()
self.signedData = json.dumps(
self.bmetadata).encode() + self.bcontent
if not self.signer is None:
if not self.verifySig():
raise onionrexceptions.SignatureError(
"Block has invalid signature")
# Check for replay attacks
try:
if epoch.get_epoch() - blockmetadb.get_block_date(
self.hash) > 60:
if not cryptoutils.replay_validator(
self.bmetadata['rply']):
raise onionrexceptions.ReplayAttack
except (AssertionError, KeyError, TypeError,
onionrexceptions.ReplayAttack) as e:
if not self.bypassReplayCheck:
# Zero out variables to prevent reading of replays
self.bmetadata = {}
self.signer = ''
self.bheader['signer'] = ''
self.signedData = ''
self.signature = ''
raise onionrexceptions.ReplayAttack(
'Signature is too old. possible replay attack')
try:
if not self.bmetadata['forwardEnc']: raise KeyError
except (AssertionError, KeyError) as e:
pass
else:
try:
self.bcontent = onionrusers.OnionrUser(
self.signer).forwardDecrypt(self.bcontent)
except (onionrexceptions.DecryptionError,
nacl.exceptions.CryptoError) as e:
#logger.error(str(e))
pass
except nacl.exceptions.CryptoError:
pass
#logger.debug('Could not decrypt block. Either invalid key or corrupted data')
except onionrexceptions.ReplayAttack:
logger.warn('%s is possibly a replay attack' % (self.hash, ))
else:
retData = True
self.decrypted = True
return retData