def recgetdata(self, data):
numberOfRequestedInventoryItems, lengthOfVarint = decodeVarint(
data[:10])
if len(data) < lengthOfVarint + (32 * numberOfRequestedInventoryItems):
logger.debug(
'getdata message does not contain enough data. Ignoring.')
return
self.antiIntersectionDelay(
True
) # only handle getdata requests if we have been connected long enough
for i in xrange(numberOfRequestedInventoryItems):
hash = data[lengthOfVarint + (i * 32):32 + lengthOfVarint +
(i * 32)]
logger.debug('received getdata request for item:' + hexlify(hash))
if self.objectHashHolderInstance.hasHash(hash):
self.antiIntersectionDelay()
else:
if hash in Inventory():
self.sendObject(hash, Inventory()[hash].payload)
else:
self.antiIntersectionDelay()
logger.warning(
'%s asked for an object with a getdata which is not in either our memory inventory or our SQL inventory. We probably cleaned it out after advertising it but before they got around to asking for it.'
% (self.peer, ))
def recgetdata(self, data):
numberOfRequestedInventoryItems, lengthOfVarint = decodeVarint(
data[:10])
if len(data) < lengthOfVarint + (32 * numberOfRequestedInventoryItems):
print 'getdata message does not contain enough data. Ignoring.'
return
for i in xrange(numberOfRequestedInventoryItems):
hash = data[lengthOfVarint + (
i * 32):32 + lengthOfVarint + (i * 32)]
with shared.printLock:
print 'received getdata request for item:', hash.encode('hex')
shared.numberOfInventoryLookupsPerformed += 1
shared.inventoryLock.acquire()
if hash in shared.inventory:
objectType, streamNumber, payload, expiresTime, tag = shared.inventory[hash]
shared.inventoryLock.release()
self.sendObject(payload)
else:
shared.inventoryLock.release()
queryreturn = sqlQuery(
'''select payload from inventory where hash=? and expirestime>=?''',
hash,
int(time.time()))
if queryreturn != []:
for row in queryreturn:
payload, = row
self.sendObject(payload)
else:
logger.warning('%s asked for an object with a getdata which is not in either our memory inventory or our SQL inventory. We probably cleaned it out after advertising it but before they got around to asking for it.' % self.peer)
def ensureNamecoinOptions():
"""
Ensure all namecoin options are set, by setting those to default values
that aren't there.
"""
if not BMConfigParser().has_option(configSection, "namecoinrpctype"):
BMConfigParser().set(configSection, "namecoinrpctype", "namecoind")
if not BMConfigParser().has_option(configSection, "namecoinrpchost"):
BMConfigParser().set(configSection, "namecoinrpchost", "localhost")
hasUser = BMConfigParser().has_option(configSection, "namecoinrpcuser")
hasPass = BMConfigParser().has_option(configSection, "namecoinrpcpassword")
hasPort = BMConfigParser().has_option(configSection, "namecoinrpcport")
# Try to read user/password from .namecoin configuration file.
defaultUser = ""
defaultPass = ""
nmcFolder = lookupNamecoinFolder()
nmcConfig = nmcFolder + "namecoin.conf"
try:
nmc = open(nmcConfig, "r")
while True:
line = nmc.readline()
if line == "":
break
parts = line.split("=")
if len(parts) == 2:
key = parts[0]
val = parts[1].rstrip()
if key == "rpcuser" and not hasUser:
defaultUser = val
if key == "rpcpassword" and not hasPass:
defaultPass = val
if key == "rpcport":
defaults.namecoinDefaultRpcPort = val
nmc.close()
except IOError:
logger.warning(
"%s unreadable or missing, Namecoin support deactivated",
nmcConfig)
except Exception:
logger.warning("Error processing namecoin.conf", exc_info=True)
# If still nothing found, set empty at least.
if not hasUser:
BMConfigParser().set(configSection, "namecoinrpcuser", defaultUser)
if not hasPass:
BMConfigParser().set(configSection, "namecoinrpcpassword", defaultPass)
# Set default port now, possibly to found value.
if not hasPort:
BMConfigParser().set(configSection, "namecoinrpcport",
defaults.namecoinDefaultRpcPort)
def cleanupKnownNodes():
"""
Cleanup knownnodes: remove old nodes and nodes with low rating
"""
now = int(time.time())
needToWriteKnownNodesToDisk = False
dns_done = False
spawnConnections = not BMConfigParser().safeGetBoolean(
'bitmessagesettings',
'dontconnect') and BMConfigParser().safeGetBoolean(
'bitmessagesettings', 'sendoutgoingconnections')
with knownNodesLock:
for stream in knownNodes:
if stream not in state.streamsInWhichIAmParticipating:
continue
keys = knownNodes[stream].keys()
if len(keys) <= 1: # leave at least one node
if not dns_done and spawnConnections:
dns()
dns_done = True
continue
for node in keys:
try:
# scrap old nodes
if (now - knownNodes[stream][node]["lastseen"] >
2419200): # 28 days
needToWriteKnownNodesToDisk = True
del knownNodes[stream][node]
continue
# scrap old nodes with low rating
if (now - knownNodes[stream][node]["lastseen"] > 10800
and knownNodes[stream][node]["rating"] <=
knownNodesForgetRating):
needToWriteKnownNodesToDisk = True
del knownNodes[stream][node]
continue
except TypeError:
logger.warning('Error in %s', node)
keys = []
# Let us write out the knowNodes to disk
# if there is anything new to write out.
if needToWriteKnownNodesToDisk:
saveKnownNodes()
def handle_accept(self):
pair = self.accept()
if pair is not None:
sock, addr = pair
state.ownAddresses[state.Peer(sock.getsockname()[0], sock.getsockname()[1])] = True
if len(network.connectionpool.BMConnectionPool().inboundConnections) + \
len(network.connectionpool.BMConnectionPool().outboundConnections) > \
BMConfigParser().safeGetInt("bitmessagesettings", "maxtotalconnections") + \
BMConfigParser().safeGetInt("bitmessagesettings", "maxbootstrapconnections") + 10:
# 10 is a sort of buffer, in between it will go through the version handshake
# and return an error to the peer
logger.warning("Server full, dropping connection")
sock.close()
return
try:
network.connectionpool.BMConnectionPool().addConnection(TCPConnection(sock=sock))
except socket.error:
pass
def recgetdata(self, data):
numberOfRequestedInventoryItems, lengthOfVarint = decodeVarint(
data[:10])
if len(data) < lengthOfVarint + (32 * numberOfRequestedInventoryItems):
logger.debug('getdata message does not contain enough data. Ignoring.')
return
self.antiIntersectionDelay(True) # only handle getdata requests if we have been connected long enough
for i in xrange(numberOfRequestedInventoryItems):
hash = data[lengthOfVarint + (
i * 32):32 + lengthOfVarint + (i * 32)]
logger.debug('received getdata request for item:' + hexlify(hash))
if self.objectHashHolderInstance.hasHash(hash):
self.antiIntersectionDelay()
else:
if hash in Inventory():
self.sendObject(hash, Inventory()[hash].payload)
else:
self.antiIntersectionDelay()
logger.warning('%s asked for an object with a getdata which is not in either our memory inventory or our SQL inventory. We probably cleaned it out after advertising it but before they got around to asking for it.' % (self.peer,))
def fixSensitiveFilePermissions(filename, hasEnabledKeys):
if hasEnabledKeys:
logger.warning(
'Keyfile had insecure permissions, and there were enabled'
' keys. The truly paranoid should stop using them immediately.')
else:
logger.warning(
'Keyfile had insecure permissions, but there were no enabled keys.'
)
try:
present_permissions = os.stat(filename)[0]
disallowed_permissions = stat.S_IRWXG | stat.S_IRWXO
allowed_permissions = ((1 << 32) - 1) ^ disallowed_permissions
new_permissions = (allowed_permissions & present_permissions)
os.chmod(filename, new_permissions)
logger.info('Keyfile permissions automatically fixed.')
except Exception:
logger.exception('Keyfile permissions could not be fixed.')
raise
def run(self):
while state.shutdown == 0:
queueValue = queues.addressGeneratorQueue.get()
nonceTrialsPerByte = 0
payloadLengthExtraBytes = 0
live = True
if queueValue[0] == 'createChan':
command, addressVersionNumber, streamNumber, label, \
deterministicPassphrase, live = queueValue
eighteenByteRipe = False
numberOfAddressesToMake = 1
numberOfNullBytesDemandedOnFrontOfRipeHash = 1
elif queueValue[0] == 'joinChan':
command, chanAddress, label, deterministicPassphrase, \
live = queueValue
eighteenByteRipe = False
addressVersionNumber = decodeAddress(chanAddress)[1]
streamNumber = decodeAddress(chanAddress)[2]
numberOfAddressesToMake = 1
numberOfNullBytesDemandedOnFrontOfRipeHash = 1
elif len(queueValue) == 7:
command, addressVersionNumber, streamNumber, label, \
numberOfAddressesToMake, deterministicPassphrase, \
eighteenByteRipe = queueValue
try:
numberOfNullBytesDemandedOnFrontOfRipeHash = \
BMConfigParser().getint(
'bitmessagesettings',
'numberofnullbytesonaddress'
)
except:
if eighteenByteRipe:
numberOfNullBytesDemandedOnFrontOfRipeHash = 2
else:
# the default
numberOfNullBytesDemandedOnFrontOfRipeHash = 1
elif len(queueValue) == 9:
command, addressVersionNumber, streamNumber, label, \
numberOfAddressesToMake, deterministicPassphrase, \
eighteenByteRipe, nonceTrialsPerByte, \
payloadLengthExtraBytes = queueValue
try:
numberOfNullBytesDemandedOnFrontOfRipeHash = \
BMConfigParser().getint(
'bitmessagesettings',
'numberofnullbytesonaddress'
)
except:
if eighteenByteRipe:
numberOfNullBytesDemandedOnFrontOfRipeHash = 2
else:
# the default
numberOfNullBytesDemandedOnFrontOfRipeHash = 1
elif queueValue[0] == 'stopThread':
break
else:
logger.error(
'Programming error: A structure with the wrong number'
' of values was passed into the addressGeneratorQueue.'
' Here is the queueValue: %r\n', queueValue)
if addressVersionNumber < 3 or addressVersionNumber > 4:
logger.error(
'Program error: For some reason the address generator'
' queue has been given a request to create at least'
' one version %s address which it cannot do.\n',
addressVersionNumber)
if nonceTrialsPerByte == 0:
nonceTrialsPerByte = BMConfigParser().getint(
'bitmessagesettings', 'defaultnoncetrialsperbyte')
if nonceTrialsPerByte < \
defaults.networkDefaultProofOfWorkNonceTrialsPerByte:
nonceTrialsPerByte = \
defaults.networkDefaultProofOfWorkNonceTrialsPerByte
if payloadLengthExtraBytes == 0:
payloadLengthExtraBytes = BMConfigParser().getint(
'bitmessagesettings', 'defaultpayloadlengthextrabytes')
if payloadLengthExtraBytes < \
defaults.networkDefaultPayloadLengthExtraBytes:
payloadLengthExtraBytes = \
defaults.networkDefaultPayloadLengthExtraBytes
if command == 'createRandomAddress':
queues.UISignalQueue.put(
('updateStatusBar',
tr._translate("MainWindow",
"Generating one new address")))
# This next section is a little bit strange. We're going
# to generate keys over and over until we find one
# that starts with either \x00 or \x00\x00. Then when
# we pack them into a Bitmessage address, we won't store
# the \x00 or \x00\x00 bytes thus making the address shorter.
startTime = time.time()
numberOfAddressesWeHadToMakeBeforeWeFoundOneWithTheCorrectRipePrefix = 0
potentialPrivSigningKey = OpenSSL.rand(32)
potentialPubSigningKey = highlevelcrypto.pointMult(
potentialPrivSigningKey)
while True:
numberOfAddressesWeHadToMakeBeforeWeFoundOneWithTheCorrectRipePrefix += 1
potentialPrivEncryptionKey = OpenSSL.rand(32)
potentialPubEncryptionKey = highlevelcrypto.pointMult(
potentialPrivEncryptionKey)
sha = hashlib.new('sha512')
sha.update(potentialPubSigningKey +
potentialPubEncryptionKey)
ripe = RIPEMD160Hash(sha.digest()).digest()
if (ripe[:numberOfNullBytesDemandedOnFrontOfRipeHash] ==
'\x00' *
numberOfNullBytesDemandedOnFrontOfRipeHash):
break
logger.info('Generated address with ripe digest: %s',
hexlify(ripe))
try:
logger.info(
'Address generator calculated %s addresses at %s'
' addresses per second before finding one with'
' the correct ripe-prefix.',
numberOfAddressesWeHadToMakeBeforeWeFoundOneWithTheCorrectRipePrefix,
numberOfAddressesWeHadToMakeBeforeWeFoundOneWithTheCorrectRipePrefix
/ (time.time() - startTime))
except ZeroDivisionError:
# The user must have a pretty fast computer.
# time.time() - startTime equaled zero.
pass
address = encodeAddress(addressVersionNumber, streamNumber,
ripe)
# An excellent way for us to store our keys
# is in Wallet Import Format. Let us convert now.
# https://en.bitcoin.it/wiki/Wallet_import_format
privSigningKey = '\x80' + potentialPrivSigningKey
checksum = hashlib.sha256(
hashlib.sha256(privSigningKey).digest()).digest()[0:4]
privSigningKeyWIF = arithmetic.changebase(
privSigningKey + checksum, 256, 58)
privEncryptionKey = '\x80' + potentialPrivEncryptionKey
checksum = hashlib.sha256(
hashlib.sha256(privEncryptionKey).digest()).digest()[0:4]
privEncryptionKeyWIF = arithmetic.changebase(
privEncryptionKey + checksum, 256, 58)
BMConfigParser().add_section(address)
BMConfigParser().set(address, 'label', label)
BMConfigParser().set(address, 'enabled', 'true')
BMConfigParser().set(address, 'decoy', 'false')
BMConfigParser().set(address, 'noncetrialsperbyte',
str(nonceTrialsPerByte))
BMConfigParser().set(address, 'payloadlengthextrabytes',
str(payloadLengthExtraBytes))
BMConfigParser().set(address, 'privsigningkey',
privSigningKeyWIF)
BMConfigParser().set(address, 'privencryptionkey',
privEncryptionKeyWIF)
BMConfigParser().save()
# The API and the join and create Chan functionality
# both need information back from the address generator.
queues.apiAddressGeneratorReturnQueue.put(address)
queues.UISignalQueue.put(
('updateStatusBar',
tr._translate(
"MainWindow",
"Done generating address. Doing work necessary"
" to broadcast it...")))
queues.UISignalQueue.put(
('writeNewAddressToTable', (label, address, streamNumber)))
shared.reloadMyAddressHashes()
if addressVersionNumber == 3:
queues.workerQueue.put(('sendOutOrStoreMyV3Pubkey', ripe))
elif addressVersionNumber == 4:
queues.workerQueue.put(
('sendOutOrStoreMyV4Pubkey', address))
elif command == 'createDeterministicAddresses' \
or command == 'getDeterministicAddress' \
or command == 'createChan' or command == 'joinChan':
if len(deterministicPassphrase) == 0:
logger.warning(
'You are creating deterministic'
' address(es) using a blank passphrase.'
' Bitmessage will do it but it is rather stupid.')
if command == 'createDeterministicAddresses':
queues.UISignalQueue.put(
('updateStatusBar',
tr._translate("MainWindow",
"Generating %1 new addresses.").arg(
str(numberOfAddressesToMake))))
signingKeyNonce = 0
encryptionKeyNonce = 1
# We fill out this list no matter what although we only
# need it if we end up passing the info to the API.
listOfNewAddressesToSendOutThroughTheAPI = []
for _ in range(numberOfAddressesToMake):
# This next section is a little bit strange. We're
# going to generate keys over and over until we find
# one that has a RIPEMD hash that starts with either
# \x00 or \x00\x00. Then when we pack them into a
# Bitmessage address, we won't store the \x00 or
# \x00\x00 bytes thus making the address shorter.
startTime = time.time()
numberOfAddressesWeHadToMakeBeforeWeFoundOneWithTheCorrectRipePrefix = 0
while True:
numberOfAddressesWeHadToMakeBeforeWeFoundOneWithTheCorrectRipePrefix += 1
potentialPrivSigningKey = hashlib.sha512(
deterministicPassphrase +
encodeVarint(signingKeyNonce)).digest()[:32]
potentialPrivEncryptionKey = hashlib.sha512(
deterministicPassphrase +
encodeVarint(encryptionKeyNonce)).digest()[:32]
potentialPubSigningKey = highlevelcrypto.pointMult(
potentialPrivSigningKey)
potentialPubEncryptionKey = highlevelcrypto.pointMult(
potentialPrivEncryptionKey)
signingKeyNonce += 2
encryptionKeyNonce += 2
sha = hashlib.new('sha512')
sha.update(potentialPubSigningKey +
potentialPubEncryptionKey)
ripe = RIPEMD160Hash(sha.digest()).digest()
if (ripe[:numberOfNullBytesDemandedOnFrontOfRipeHash]
== '\x00' *
numberOfNullBytesDemandedOnFrontOfRipeHash):
break
logger.info('Generated address with ripe digest: %s',
hexlify(ripe))
try:
logger.info(
'Address generator calculated %s addresses'
' at %s addresses per second before finding'
' one with the correct ripe-prefix.',
numberOfAddressesWeHadToMakeBeforeWeFoundOneWithTheCorrectRipePrefix,
numberOfAddressesWeHadToMakeBeforeWeFoundOneWithTheCorrectRipePrefix
/ (time.time() - startTime))
except ZeroDivisionError:
# The user must have a pretty fast computer.
# time.time() - startTime equaled zero.
pass
address = encodeAddress(addressVersionNumber, streamNumber,
ripe)
saveAddressToDisk = True
# If we are joining an existing chan, let us check
# to make sure it matches the provided Bitmessage address
if command == 'joinChan':
if address != chanAddress:
listOfNewAddressesToSendOutThroughTheAPI.append(
'chan name does not match address')
saveAddressToDisk = False
if command == 'getDeterministicAddress':
saveAddressToDisk = False
if saveAddressToDisk and live:
# An excellent way for us to store our keys is
# in Wallet Import Format. Let us convert now.
# https://en.bitcoin.it/wiki/Wallet_import_format
privSigningKey = '\x80' + potentialPrivSigningKey
checksum = hashlib.sha256(
hashlib.sha256(
privSigningKey).digest()).digest()[0:4]
privSigningKeyWIF = arithmetic.changebase(
privSigningKey + checksum, 256, 58)
privEncryptionKey = '\x80' + \
potentialPrivEncryptionKey
checksum = hashlib.sha256(
hashlib.sha256(
privEncryptionKey).digest()).digest()[0:4]
privEncryptionKeyWIF = arithmetic.changebase(
privEncryptionKey + checksum, 256, 58)
try:
BMConfigParser().add_section(address)
addressAlreadyExists = False
except:
addressAlreadyExists = True
if addressAlreadyExists:
logger.info(
'%s already exists. Not adding it again.',
address)
queues.UISignalQueue.put(
('updateStatusBar',
tr._translate(
"MainWindow",
"%1 is already in 'Your Identities'."
" Not adding it again.").arg(address)))
else:
logger.debug('label: %s', label)
BMConfigParser().set(address, 'label', label)
BMConfigParser().set(address, 'enabled', 'true')
BMConfigParser().set(address, 'decoy', 'false')
if command == 'joinChan' \
or command == 'createChan':
BMConfigParser().set(address, 'chan', 'true')
BMConfigParser().set(address, 'noncetrialsperbyte',
str(nonceTrialsPerByte))
BMConfigParser().set(address,
'payloadlengthextrabytes',
str(payloadLengthExtraBytes))
BMConfigParser().set(address, 'privSigningKey',
privSigningKeyWIF)
BMConfigParser().set(address, 'privEncryptionKey',
privEncryptionKeyWIF)
BMConfigParser().save()
queues.UISignalQueue.put(
('writeNewAddressToTable',
(label, address, str(streamNumber))))
listOfNewAddressesToSendOutThroughTheAPI.append(
address)
shared.myECCryptorObjects[ripe] = \
highlevelcrypto.makeCryptor(
hexlify(potentialPrivEncryptionKey))
shared.myAddressesByHash[ripe] = address
tag = hashlib.sha512(
hashlib.sha512(
encodeVarint(addressVersionNumber) +
encodeVarint(streamNumber) +
ripe).digest()).digest()[32:]
shared.myAddressesByTag[tag] = address
if addressVersionNumber == 3:
# If this is a chan address,
# the worker thread won't send out
# the pubkey over the network.
queues.workerQueue.put(
('sendOutOrStoreMyV3Pubkey', ripe))
elif addressVersionNumber == 4:
queues.workerQueue.put(
('sendOutOrStoreMyV4Pubkey', address))
queues.UISignalQueue.put(
('updateStatusBar',
tr._translate("MainWindow",
"Done generating address")))
elif saveAddressToDisk and not live \
and not BMConfigParser().has_section(address):
listOfNewAddressesToSendOutThroughTheAPI.append(
address)
# Done generating addresses.
if command == 'createDeterministicAddresses' \
or command == 'joinChan' or command == 'createChan':
queues.apiAddressGeneratorReturnQueue.put(
listOfNewAddressesToSendOutThroughTheAPI)
elif command == 'getDeterministicAddress':
queues.apiAddressGeneratorReturnQueue.put(address)
else:
raise Exception(
"Error in the addressGenerator thread. Thread was" +
" given a command it could not understand: " + command)
queues.addressGeneratorQueue.task_done()
def processbroadcast(self, data):
messageProcessingStartTime = time.time()
shared.numberOfBroadcastsProcessed += 1
shared.UISignalQueue.put(
('updateNumberOfBroadcastsProcessed', 'no data'))
inventoryHash = calculateInventoryHash(data)
readPosition = 20 # bypass the nonce, time, and object type
broadcastVersion, broadcastVersionLength = decodeVarint(
data[readPosition:readPosition + 9])
readPosition += broadcastVersionLength
if broadcastVersion < 4 or broadcastVersion > 5:
logger.info(
'Cannot decode incoming broadcast versions less than 4 or higher than 5. Assuming the sender isn\'t being silly, you should upgrade Bitmessage because this message shall be ignored.'
)
return
cleartextStreamNumber, cleartextStreamNumberLength = decodeVarint(
data[readPosition:readPosition + 10])
readPosition += cleartextStreamNumberLength
if broadcastVersion == 4:
"""
v4 broadcasts are encrypted the same way the msgs are encrypted. To see if we are interested in a
v4 broadcast, we try to decrypt it. This was replaced with v5 broadcasts which include a tag which
we check instead, just like we do with v4 pubkeys.
"""
signedData = data[8:readPosition]
initialDecryptionSuccessful = False
for key, cryptorObject in shared.MyECSubscriptionCryptorObjects.items(
):
try:
decryptedData = cryptorObject.decrypt(data[readPosition:])
toRipe = key # This is the RIPE hash of the sender's pubkey. We need this below to compare to the RIPE hash of the sender's address to verify that it was encrypted by with their key rather than some other key.
initialDecryptionSuccessful = True
logger.info(
'EC decryption successful using key associated with ripe hash: %s'
% key.encode('hex'))
break
except Exception as err:
pass
# print 'cryptorObject.decrypt Exception:', err
if not initialDecryptionSuccessful:
# This is not a broadcast I am interested in.
logger.debug(
'Length of time program spent failing to decrypt this v4 broadcast: %s seconds.'
% (time.time() - messageProcessingStartTime, ))
return
elif broadcastVersion == 5:
embeddedTag = data[readPosition:readPosition + 32]
readPosition += 32
if embeddedTag not in shared.MyECSubscriptionCryptorObjects:
logger.debug('We\'re not interested in this broadcast.')
return
# We are interested in this broadcast because of its tag.
signedData = data[
8:
readPosition] # We're going to add some more data which is signed further down.
cryptorObject = shared.MyECSubscriptionCryptorObjects[embeddedTag]
try:
decryptedData = cryptorObject.decrypt(data[readPosition:])
logger.debug('EC decryption successful')
except Exception as err:
logger.debug('Broadcast version %s decryption Unsuccessful.' %
broadcastVersion)
return
# At this point this is a broadcast I have decrypted and am
# interested in.
readPosition = 0
sendersAddressVersion, sendersAddressVersionLength = decodeVarint(
decryptedData[readPosition:readPosition + 9])
if broadcastVersion == 4:
if sendersAddressVersion < 2 or sendersAddressVersion > 3:
logger.warning(
'Cannot decode senderAddressVersion other than 2 or 3. Assuming the sender isn\'t being silly, you should upgrade Bitmessage because this message shall be ignored.'
)
return
elif broadcastVersion == 5:
if sendersAddressVersion < 4:
logger.info(
'Cannot decode senderAddressVersion less than 4 for broadcast version number 5. Assuming the sender isn\'t being silly, you should upgrade Bitmessage because this message shall be ignored.'
)
return
readPosition += sendersAddressVersionLength
sendersStream, sendersStreamLength = decodeVarint(
decryptedData[readPosition:readPosition + 9])
if sendersStream != cleartextStreamNumber:
logger.info(
'The stream number outside of the encryption on which the POW was completed doesn\'t match the stream number inside the encryption. Ignoring broadcast.'
)
return
readPosition += sendersStreamLength
behaviorBitfield = decryptedData[readPosition:readPosition + 4]
readPosition += 4
sendersPubSigningKey = '\x04' + \
decryptedData[readPosition:readPosition + 64]
readPosition += 64
sendersPubEncryptionKey = '\x04' + \
decryptedData[readPosition:readPosition + 64]
readPosition += 64
if sendersAddressVersion >= 3:
requiredAverageProofOfWorkNonceTrialsPerByte, varintLength = decodeVarint(
decryptedData[readPosition:readPosition + 10])
readPosition += varintLength
logger.debug(
'sender\'s requiredAverageProofOfWorkNonceTrialsPerByte is %s'
% requiredAverageProofOfWorkNonceTrialsPerByte)
requiredPayloadLengthExtraBytes, varintLength = decodeVarint(
decryptedData[readPosition:readPosition + 10])
readPosition += varintLength
logger.debug('sender\'s requiredPayloadLengthExtraBytes is %s' %
requiredPayloadLengthExtraBytes)
endOfPubkeyPosition = readPosition
sha = hashlib.new('sha512')
sha.update(sendersPubSigningKey + sendersPubEncryptionKey)
ripeHasher = hashlib.new('ripemd160')
ripeHasher.update(sha.digest())
calculatedRipe = ripeHasher.digest()
if broadcastVersion == 4:
if toRipe != calculatedRipe:
logger.info(
'The encryption key used to encrypt this message doesn\'t match the keys inbedded in the message itself. Ignoring message.'
)
return
elif broadcastVersion == 5:
calculatedTag = hashlib.sha512(
hashlib.sha512(
encodeVarint(sendersAddressVersion) +
encodeVarint(sendersStream) +
calculatedRipe).digest()).digest()[32:]
if calculatedTag != embeddedTag:
logger.debug(
'The tag and encryption key used to encrypt this message doesn\'t match the keys inbedded in the message itself. Ignoring message.'
)
return
messageEncodingType, messageEncodingTypeLength = decodeVarint(
decryptedData[readPosition:readPosition + 9])
if messageEncodingType == 0:
return
readPosition += messageEncodingTypeLength
messageLength, messageLengthLength = decodeVarint(
decryptedData[readPosition:readPosition + 9])
readPosition += messageLengthLength
message = decryptedData[readPosition:readPosition + messageLength]
readPosition += messageLength
readPositionAtBottomOfMessage = readPosition
signatureLength, signatureLengthLength = decodeVarint(
decryptedData[readPosition:readPosition + 9])
readPosition += signatureLengthLength
signature = decryptedData[readPosition:readPosition + signatureLength]
signedData += decryptedData[:readPositionAtBottomOfMessage]
if not highlevelcrypto.verify(signedData, signature,
sendersPubSigningKey.encode('hex')):
logger.debug('ECDSA verify failed')
return
logger.debug('ECDSA verify passed')
fromAddress = encodeAddress(sendersAddressVersion, sendersStream,
calculatedRipe)
logger.info('fromAddress: %s' % fromAddress)
# Let's store the public key in case we want to reply to this person.
sqlExecute('''INSERT INTO pubkeys VALUES (?,?,?,?,?)''',
calculatedRipe,
sendersAddressVersion, decryptedData[:endOfPubkeyPosition],
int(time.time()), 'yes')
# Check to see whether we happen to be awaiting this
# pubkey in order to send a message. If we are, it will do the POW
# and send it.
if broadcastVersion == 4:
self.possibleNewPubkey(ripe=calculatedRipe)
elif broadcastVersion == 5:
self.possibleNewPubkey(address=fromAddress)
fromAddress = encodeAddress(sendersAddressVersion, sendersStream,
calculatedRipe)
with shared.printLock:
print 'fromAddress:', fromAddress
if messageEncodingType == 2:
subject, body = self.decodeType2Message(message)
logger.info('Broadcast subject (first 100 characters): %s' %
repr(subject)[:100])
elif messageEncodingType == 1:
body = message
subject = ''
elif messageEncodingType == 0:
logger.info(
'messageEncodingType == 0. Doing nothing with the message.')
else:
body = 'Unknown encoding type.\n\n' + repr(message)
subject = ''
toAddress = '[Broadcast subscribers]'
if messageEncodingType != 0:
if helper_inbox.isMessageAlreadyInInbox(toAddress, fromAddress,
subject, body,
messageEncodingType):
logger.info(
'This broadcast is already in our inbox. Ignoring it.')
else:
t = (inventoryHash, toAddress, fromAddress, subject,
int(time.time()), body, 'inbox', messageEncodingType, 0)
helper_inbox.insert(t)
shared.UISignalQueue.put(
('displayNewInboxMessage', (inventoryHash, toAddress,
fromAddress, subject, body)))
# If we are behaving as an API then we might need to run an
# outside command to let some program know that a new message
# has arrived.
if shared.safeConfigGetBoolean('bitmessagesettings',
'apienabled'):
try:
apiNotifyPath = shared.config.get(
'bitmessagesettings', 'apinotifypath')
except:
apiNotifyPath = ''
if apiNotifyPath != '':
call([apiNotifyPath, "newBroadcast"])
# Display timing data
logger.info('Time spent processing this interesting broadcast: %s' %
(time.time() - messageProcessingStartTime, ))
def processpubkey(self, data):
pubkeyProcessingStartTime = time.time()
shared.numberOfPubkeysProcessed += 1
shared.UISignalQueue.put(('updateNumberOfPubkeysProcessed', 'no data'))
embeddedTime, = unpack('>Q', data[8:16])
readPosition = 20 # bypass the nonce, time, and object type
addressVersion, varintLength = decodeVarint(
data[readPosition:readPosition + 10])
readPosition += varintLength
streamNumber, varintLength = decodeVarint(
data[readPosition:readPosition + 10])
readPosition += varintLength
if addressVersion == 0:
logger.debug(
'(Within processpubkey) addressVersion of 0 doesn\'t make sense.'
)
return
if addressVersion > 4 or addressVersion == 1:
logger.info(
'This version of Bitmessage cannot handle version %s addresses.'
% addressVersion)
return
if addressVersion == 2:
if len(
data
) < 146: # sanity check. This is the minimum possible length.
logger.debug(
'(within processpubkey) payloadLength less than 146. Sanity check failed.'
)
return
bitfieldBehaviors = data[readPosition:readPosition + 4]
readPosition += 4
publicSigningKey = data[readPosition:readPosition + 64]
# Is it possible for a public key to be invalid such that trying to
# encrypt or sign with it will cause an error? If it is, it would
# be easiest to test them here.
readPosition += 64
publicEncryptionKey = data[readPosition:readPosition + 64]
if len(publicEncryptionKey) < 64:
logger.debug(
'publicEncryptionKey length less than 64. Sanity check failed.'
)
return
readPosition += 64
dataToStore = data[
20:readPosition] # The data we'll store in the pubkeys table.
sha = hashlib.new('sha512')
sha.update('\x04' + publicSigningKey + '\x04' +
publicEncryptionKey)
ripeHasher = hashlib.new('ripemd160')
ripeHasher.update(sha.digest())
ripe = ripeHasher.digest()
logger.info(
'within recpubkey, addressVersion: %s, streamNumber: %s \n\
ripe %s\n\
publicSigningKey in hex: %s\n\
publicEncryptionKey in hex: %s' %
(addressVersion, streamNumber, ripe.encode('hex'),
publicSigningKey.encode('hex'),
publicEncryptionKey.encode('hex')))
queryreturn = sqlQuery(
'''SELECT usedpersonally FROM pubkeys WHERE hash=? AND addressversion=? AND usedpersonally='yes' ''',
ripe, addressVersion)
if queryreturn != []: # if this pubkey is already in our database and if we have used it personally:
logger.info(
'We HAVE used this pubkey personally. Updating time.')
t = (ripe, addressVersion, dataToStore, int(time.time()),
'yes')
else:
logger.info(
'We have NOT used this pubkey personally. Inserting in database.'
)
t = (ripe, addressVersion, dataToStore, int(time.time()), 'no')
sqlExecute('''INSERT INTO pubkeys VALUES (?,?,?,?,?)''', *t)
self.possibleNewPubkey(ripe=ripe)
if addressVersion == 3:
if len(data) < 170: # sanity check.
logger.warning(
'(within processpubkey) payloadLength less than 170. Sanity check failed.'
)
return
bitfieldBehaviors = data[readPosition:readPosition + 4]
readPosition += 4
publicSigningKey = '\x04' + data[readPosition:readPosition + 64]
readPosition += 64
publicEncryptionKey = '\x04' + data[readPosition:readPosition + 64]
readPosition += 64
specifiedNonceTrialsPerByte, specifiedNonceTrialsPerByteLength = decodeVarint(
data[readPosition:readPosition + 10])
readPosition += specifiedNonceTrialsPerByteLength
specifiedPayloadLengthExtraBytes, specifiedPayloadLengthExtraBytesLength = decodeVarint(
data[readPosition:readPosition + 10])
readPosition += specifiedPayloadLengthExtraBytesLength
endOfSignedDataPosition = readPosition
dataToStore = data[
20:readPosition] # The data we'll store in the pubkeys table.
signatureLength, signatureLengthLength = decodeVarint(
data[readPosition:readPosition + 10])
readPosition += signatureLengthLength
signature = data[readPosition:readPosition + signatureLength]
if highlevelcrypto.verify(data[8:endOfSignedDataPosition],
signature,
publicSigningKey.encode('hex')):
logger.debug('ECDSA verify passed (within processpubkey)')
else:
logger.warning('ECDSA verify failed (within processpubkey)')
return
sha = hashlib.new('sha512')
sha.update(publicSigningKey + publicEncryptionKey)
ripeHasher = hashlib.new('ripemd160')
ripeHasher.update(sha.digest())
ripe = ripeHasher.digest()
logger.info(
'within recpubkey, addressVersion: %s, streamNumber: %s \n\
ripe %s\n\
publicSigningKey in hex: %s\n\
publicEncryptionKey in hex: %s' %
(addressVersion, streamNumber, ripe.encode('hex'),
publicSigningKey.encode('hex'),
publicEncryptionKey.encode('hex')))
queryreturn = sqlQuery(
'''SELECT usedpersonally FROM pubkeys WHERE hash=? AND addressversion=? AND usedpersonally='yes' ''',
ripe, addressVersion)
if queryreturn != []: # if this pubkey is already in our database and if we have used it personally:
logger.info(
'We HAVE used this pubkey personally. Updating time.')
t = (ripe, addressVersion, dataToStore, int(time.time()),
'yes')
else:
logger.info(
'We have NOT used this pubkey personally. Inserting in database.'
)
t = (ripe, addressVersion, dataToStore, int(time.time()), 'no')
sqlExecute('''INSERT INTO pubkeys VALUES (?,?,?,?,?)''', *t)
self.possibleNewPubkey(ripe=ripe)
if addressVersion == 4:
if len(data) < 350: # sanity check.
logger.debug(
'(within processpubkey) payloadLength less than 350. Sanity check failed.'
)
return
tag = data[readPosition:readPosition + 32]
if tag not in shared.neededPubkeys:
logger.info(
'We don\'t need this v4 pubkey. We didn\'t ask for it.')
return
# Let us try to decrypt the pubkey
toAddress, cryptorObject = shared.neededPubkeys[tag]
if shared.decryptAndCheckPubkeyPayload(data,
toAddress) == 'successful':
# At this point we know that we have been waiting on this pubkey.
# This function will command the workerThread to start work on
# the messages that require it.
self.possibleNewPubkey(address=toAddress)
# Display timing data
timeRequiredToProcessPubkey = time.time() - pubkeyProcessingStartTime
logger.debug('Time required to process this pubkey: %s' %
timeRequiredToProcessPubkey)
def processgetpubkey(self, data):
readPosition = 20 # bypass the nonce, time, and object type
requestedAddressVersionNumber, addressVersionLength = decodeVarint(
data[readPosition:readPosition + 10])
readPosition += addressVersionLength
streamNumber, streamNumberLength = decodeVarint(
data[readPosition:readPosition + 10])
readPosition += streamNumberLength
if requestedAddressVersionNumber == 0:
logger.debug(
'The requestedAddressVersionNumber of the pubkey request is zero. That doesn\'t make any sense. Ignoring it.'
)
return
elif requestedAddressVersionNumber == 1:
logger.debug(
'The requestedAddressVersionNumber of the pubkey request is 1 which isn\'t supported anymore. Ignoring it.'
)
return
elif requestedAddressVersionNumber > 4:
logger.debug(
'The requestedAddressVersionNumber of the pubkey request is too high. Can\'t understand. Ignoring it.'
)
return
myAddress = ''
if requestedAddressVersionNumber <= 3:
requestedHash = data[readPosition:readPosition + 20]
if len(requestedHash) != 20:
logger.debug(
'The length of the requested hash is not 20 bytes. Something is wrong. Ignoring.'
)
return
logger.info('the hash requested in this getpubkey request is: %s' %
requestedHash.encode('hex'))
if requestedHash in shared.myAddressesByHash: # if this address hash is one of mine
myAddress = shared.myAddressesByHash[requestedHash]
elif requestedAddressVersionNumber >= 4:
requestedTag = data[readPosition:readPosition + 32]
if len(requestedTag) != 32:
logger.debug(
'The length of the requested tag is not 32 bytes. Something is wrong. Ignoring.'
)
return
logger.debug('the tag requested in this getpubkey request is: %s' %
requestedTag.encode('hex'))
if requestedTag in shared.myAddressesByTag:
myAddress = shared.myAddressesByTag[requestedTag]
if myAddress == '':
logger.info('This getpubkey request is not for any of my keys.')
return
if decodeAddress(myAddress)[1] != requestedAddressVersionNumber:
logger.warning(
'(Within the processgetpubkey function) Someone requested one of my pubkeys but the requestedAddressVersionNumber doesn\'t match my actual address version number. Ignoring.'
)
return
if decodeAddress(myAddress)[2] != streamNumber:
logger.warning(
'(Within the processgetpubkey function) Someone requested one of my pubkeys but the stream number on which we heard this getpubkey object doesn\'t match this address\' stream number. Ignoring.'
)
return
if shared.safeConfigGetBoolean(myAddress, 'chan'):
logger.info(
'Ignoring getpubkey request because it is for one of my chan addresses. The other party should already have the pubkey.'
)
return
try:
lastPubkeySendTime = int(
shared.config.get(myAddress, 'lastpubkeysendtime'))
except:
lastPubkeySendTime = 0
if lastPubkeySendTime > time.time(
) - 2419200: # If the last time we sent our pubkey was more recent than 28 days ago...
logger.info(
'Found getpubkey-requested-item in my list of EC hashes BUT we already sent it recently. Ignoring request. The lastPubkeySendTime is: %s'
% lastPubkeySendTime)
return
logger.info(
'Found getpubkey-requested-hash in my list of EC hashes. Telling Worker thread to do the POW for a pubkey message and send it out.'
)
if requestedAddressVersionNumber == 2:
shared.workerQueue.put(('doPOWForMyV2Pubkey', requestedHash))
elif requestedAddressVersionNumber == 3:
shared.workerQueue.put(('sendOutOrStoreMyV3Pubkey', requestedHash))
elif requestedAddressVersionNumber == 4:
shared.workerQueue.put(('sendOutOrStoreMyV4Pubkey', myAddress))
def processgetpubkey(self, data):
readPosition = 20 # bypass the nonce, time, and object type
requestedAddressVersionNumber, addressVersionLength = decodeVarint(
data[readPosition:readPosition + 10])
readPosition += addressVersionLength
streamNumber, streamNumberLength = decodeVarint(
data[readPosition:readPosition + 10])
readPosition += streamNumberLength
if requestedAddressVersionNumber == 0:
logger.debug('The requestedAddressVersionNumber of the pubkey request is zero. That doesn\'t make any sense. Ignoring it.')
return
elif requestedAddressVersionNumber == 1:
logger.debug('The requestedAddressVersionNumber of the pubkey request is 1 which isn\'t supported anymore. Ignoring it.')
return
elif requestedAddressVersionNumber > 4:
logger.debug('The requestedAddressVersionNumber of the pubkey request is too high. Can\'t understand. Ignoring it.')
return
myAddress = ''
if requestedAddressVersionNumber <= 3 :
requestedHash = data[readPosition:readPosition + 20]
if len(requestedHash) != 20:
logger.debug('The length of the requested hash is not 20 bytes. Something is wrong. Ignoring.')
return
logger.info('the hash requested in this getpubkey request is: %s' % requestedHash.encode('hex'))
if requestedHash in shared.myAddressesByHash: # if this address hash is one of mine
myAddress = shared.myAddressesByHash[requestedHash]
elif requestedAddressVersionNumber >= 4:
requestedTag = data[readPosition:readPosition + 32]
if len(requestedTag) != 32:
logger.debug('The length of the requested tag is not 32 bytes. Something is wrong. Ignoring.')
return
logger.debug('the tag requested in this getpubkey request is: %s' % requestedTag.encode('hex'))
if requestedTag in shared.myAddressesByTag:
myAddress = shared.myAddressesByTag[requestedTag]
if myAddress == '':
logger.info('This getpubkey request is not for any of my keys.')
return
if decodeAddress(myAddress)[1] != requestedAddressVersionNumber:
logger.warning('(Within the processgetpubkey function) Someone requested one of my pubkeys but the requestedAddressVersionNumber doesn\'t match my actual address version number. Ignoring.')
return
if decodeAddress(myAddress)[2] != streamNumber:
logger.warning('(Within the processgetpubkey function) Someone requested one of my pubkeys but the stream number on which we heard this getpubkey object doesn\'t match this address\' stream number. Ignoring.')
return
if shared.safeConfigGetBoolean(myAddress, 'chan'):
logger.info('Ignoring getpubkey request because it is for one of my chan addresses. The other party should already have the pubkey.')
return
try:
lastPubkeySendTime = int(shared.config.get(
myAddress, 'lastpubkeysendtime'))
except:
lastPubkeySendTime = 0
if lastPubkeySendTime > time.time() - 2419200: # If the last time we sent our pubkey was more recent than 28 days ago...
logger.info('Found getpubkey-requested-item in my list of EC hashes BUT we already sent it recently. Ignoring request. The lastPubkeySendTime is: %s' % lastPubkeySendTime)
return
logger.info('Found getpubkey-requested-hash in my list of EC hashes. Telling Worker thread to do the POW for a pubkey message and send it out.')
if requestedAddressVersionNumber == 2:
shared.workerQueue.put((
'doPOWForMyV2Pubkey', requestedHash))
elif requestedAddressVersionNumber == 3:
shared.workerQueue.put((
'sendOutOrStoreMyV3Pubkey', requestedHash))
elif requestedAddressVersionNumber == 4:
shared.workerQueue.put((
'sendOutOrStoreMyV4Pubkey', myAddress))
def processbroadcast(self, data):
messageProcessingStartTime = time.time()
shared.numberOfBroadcastsProcessed += 1
shared.UISignalQueue.put((
'updateNumberOfBroadcastsProcessed', 'no data'))
inventoryHash = calculateInventoryHash(data)
readPosition = 20 # bypass the nonce, time, and object type
broadcastVersion, broadcastVersionLength = decodeVarint(
data[readPosition:readPosition + 9])
readPosition += broadcastVersionLength
if broadcastVersion < 4 or broadcastVersion > 5:
logger.info('Cannot decode incoming broadcast versions less than 4 or higher than 5. Assuming the sender isn\'t being silly, you should upgrade Bitmessage because this message shall be ignored.')
return
cleartextStreamNumber, cleartextStreamNumberLength = decodeVarint(
data[readPosition:readPosition + 10])
readPosition += cleartextStreamNumberLength
if broadcastVersion == 4:
"""
v4 broadcasts are encrypted the same way the msgs are encrypted. To see if we are interested in a
v4 broadcast, we try to decrypt it. This was replaced with v5 broadcasts which include a tag which
we check instead, just like we do with v4 pubkeys.
"""
signedData = data[8:readPosition]
initialDecryptionSuccessful = False
for key, cryptorObject in shared.MyECSubscriptionCryptorObjects.items():
try:
decryptedData = cryptorObject.decrypt(data[readPosition:])
toRipe = key # This is the RIPE hash of the sender's pubkey. We need this below to compare to the RIPE hash of the sender's address to verify that it was encrypted by with their key rather than some other key.
initialDecryptionSuccessful = True
logger.info('EC decryption successful using key associated with ripe hash: %s' % key.encode('hex'))
break
except Exception as err:
pass
# print 'cryptorObject.decrypt Exception:', err
if not initialDecryptionSuccessful:
# This is not a broadcast I am interested in.
logger.debug('Length of time program spent failing to decrypt this v4 broadcast: %s seconds.' % (time.time() - messageProcessingStartTime,))
return
elif broadcastVersion == 5:
embeddedTag = data[readPosition:readPosition+32]
readPosition += 32
if embeddedTag not in shared.MyECSubscriptionCryptorObjects:
logger.debug('We\'re not interested in this broadcast.')
return
# We are interested in this broadcast because of its tag.
signedData = data[8:readPosition] # We're going to add some more data which is signed further down.
cryptorObject = shared.MyECSubscriptionCryptorObjects[embeddedTag]
try:
decryptedData = cryptorObject.decrypt(data[readPosition:])
logger.debug('EC decryption successful')
except Exception as err:
logger.debug('Broadcast version %s decryption Unsuccessful.' % broadcastVersion)
return
# At this point this is a broadcast I have decrypted and am
# interested in.
readPosition = 0
sendersAddressVersion, sendersAddressVersionLength = decodeVarint(
decryptedData[readPosition:readPosition + 9])
if broadcastVersion == 4:
if sendersAddressVersion < 2 or sendersAddressVersion > 3:
logger.warning('Cannot decode senderAddressVersion other than 2 or 3. Assuming the sender isn\'t being silly, you should upgrade Bitmessage because this message shall be ignored.')
return
elif broadcastVersion == 5:
if sendersAddressVersion < 4:
logger.info('Cannot decode senderAddressVersion less than 4 for broadcast version number 5. Assuming the sender isn\'t being silly, you should upgrade Bitmessage because this message shall be ignored.')
return
readPosition += sendersAddressVersionLength
sendersStream, sendersStreamLength = decodeVarint(
decryptedData[readPosition:readPosition + 9])
if sendersStream != cleartextStreamNumber:
logger.info('The stream number outside of the encryption on which the POW was completed doesn\'t match the stream number inside the encryption. Ignoring broadcast.')
return
readPosition += sendersStreamLength
behaviorBitfield = decryptedData[readPosition:readPosition + 4]
readPosition += 4
sendersPubSigningKey = '\x04' + \
decryptedData[readPosition:readPosition + 64]
readPosition += 64
sendersPubEncryptionKey = '\x04' + \
decryptedData[readPosition:readPosition + 64]
readPosition += 64
if sendersAddressVersion >= 3:
requiredAverageProofOfWorkNonceTrialsPerByte, varintLength = decodeVarint(
decryptedData[readPosition:readPosition + 10])
readPosition += varintLength
logger.debug('sender\'s requiredAverageProofOfWorkNonceTrialsPerByte is %s' % requiredAverageProofOfWorkNonceTrialsPerByte)
requiredPayloadLengthExtraBytes, varintLength = decodeVarint(
decryptedData[readPosition:readPosition + 10])
readPosition += varintLength
logger.debug('sender\'s requiredPayloadLengthExtraBytes is %s' % requiredPayloadLengthExtraBytes)
endOfPubkeyPosition = readPosition
sha = hashlib.new('sha512')
sha.update(sendersPubSigningKey + sendersPubEncryptionKey)
ripeHasher = hashlib.new('ripemd160')
ripeHasher.update(sha.digest())
calculatedRipe = ripeHasher.digest()
if broadcastVersion == 4:
if toRipe != calculatedRipe:
logger.info('The encryption key used to encrypt this message doesn\'t match the keys inbedded in the message itself. Ignoring message.')
return
elif broadcastVersion == 5:
calculatedTag = hashlib.sha512(hashlib.sha512(encodeVarint(
sendersAddressVersion) + encodeVarint(sendersStream) + calculatedRipe).digest()).digest()[32:]
if calculatedTag != embeddedTag:
logger.debug('The tag and encryption key used to encrypt this message doesn\'t match the keys inbedded in the message itself. Ignoring message.')
return
messageEncodingType, messageEncodingTypeLength = decodeVarint(
decryptedData[readPosition:readPosition + 9])
if messageEncodingType == 0:
return
readPosition += messageEncodingTypeLength
messageLength, messageLengthLength = decodeVarint(
decryptedData[readPosition:readPosition + 9])
readPosition += messageLengthLength
message = decryptedData[readPosition:readPosition + messageLength]
readPosition += messageLength
readPositionAtBottomOfMessage = readPosition
signatureLength, signatureLengthLength = decodeVarint(
decryptedData[readPosition:readPosition + 9])
readPosition += signatureLengthLength
signature = decryptedData[
readPosition:readPosition + signatureLength]
signedData += decryptedData[:readPositionAtBottomOfMessage]
if not highlevelcrypto.verify(signedData, signature, sendersPubSigningKey.encode('hex')):
logger.debug('ECDSA verify failed')
return
logger.debug('ECDSA verify passed')
sigHash = hashlib.sha512(hashlib.sha512(signature).digest()).digest()[32:] # Used to detect and ignore duplicate messages in our inbox
fromAddress = encodeAddress(
sendersAddressVersion, sendersStream, calculatedRipe)
logger.info('fromAddress: %s' % fromAddress)
# Let's store the public key in case we want to reply to this person.
sqlExecute('''INSERT INTO pubkeys VALUES (?,?,?,?,?)''',
fromAddress,
sendersAddressVersion,
decryptedData[:endOfPubkeyPosition],
int(time.time()),
'yes')
# Check to see whether we happen to be awaiting this
# pubkey in order to send a message. If we are, it will do the POW
# and send it.
self.possibleNewPubkey(fromAddress)
fromAddress = encodeAddress(
sendersAddressVersion, sendersStream, calculatedRipe)
logger.debug('fromAddress: ' + fromAddress)
if messageEncodingType == 2:
subject, body = self.decodeType2Message(message)
logger.info('Broadcast subject (first 100 characters): %s' % repr(subject)[:100])
elif messageEncodingType == 1:
body = message
subject = ''
elif messageEncodingType == 0:
logger.info('messageEncodingType == 0. Doing nothing with the message.')
return
else:
body = 'Unknown encoding type.\n\n' + repr(message)
subject = ''
toAddress = '[Broadcast subscribers]'
if helper_inbox.isMessageAlreadyInInbox(sigHash):
logger.info('This broadcast is already in our inbox. Ignoring it.')
return
t = (inventoryHash, toAddress, fromAddress, subject, int(
time.time()), body, 'inbox', messageEncodingType, 0, sigHash)
helper_inbox.insert(t)
shared.UISignalQueue.put(('displayNewInboxMessage', (
inventoryHash, toAddress, fromAddress, subject, body)))
# If we are behaving as an API then we might need to run an
# outside command to let some program know that a new message
# has arrived.
if shared.safeConfigGetBoolean('bitmessagesettings', 'apienabled'):
try:
apiNotifyPath = shared.config.get(
'bitmessagesettings', 'apinotifypath')
except:
apiNotifyPath = ''
if apiNotifyPath != '':
call([apiNotifyPath, "newBroadcast"])
# Display timing data
logger.info('Time spent processing this interesting broadcast: %s' % (time.time() - messageProcessingStartTime,))
def processpubkey(self, data):
pubkeyProcessingStartTime = time.time()
shared.numberOfPubkeysProcessed += 1
shared.UISignalQueue.put((
'updateNumberOfPubkeysProcessed', 'no data'))
embeddedTime, = unpack('>Q', data[8:16])
readPosition = 20 # bypass the nonce, time, and object type
addressVersion, varintLength = decodeVarint(
data[readPosition:readPosition + 10])
readPosition += varintLength
streamNumber, varintLength = decodeVarint(
data[readPosition:readPosition + 10])
readPosition += varintLength
if addressVersion == 0:
logger.debug('(Within processpubkey) addressVersion of 0 doesn\'t make sense.')
return
if addressVersion > 4 or addressVersion == 1:
logger.info('This version of Bitmessage cannot handle version %s addresses.' % addressVersion)
return
if addressVersion == 2:
if len(data) < 146: # sanity check. This is the minimum possible length.
logger.debug('(within processpubkey) payloadLength less than 146. Sanity check failed.')
return
bitfieldBehaviors = data[readPosition:readPosition + 4]
readPosition += 4
publicSigningKey = data[readPosition:readPosition + 64]
# Is it possible for a public key to be invalid such that trying to
# encrypt or sign with it will cause an error? If it is, it would
# be easiest to test them here.
readPosition += 64
publicEncryptionKey = data[readPosition:readPosition + 64]
if len(publicEncryptionKey) < 64:
logger.debug('publicEncryptionKey length less than 64. Sanity check failed.')
return
readPosition += 64
dataToStore = data[20:readPosition] # The data we'll store in the pubkeys table.
sha = hashlib.new('sha512')
sha.update(
'\x04' + publicSigningKey + '\x04' + publicEncryptionKey)
ripeHasher = hashlib.new('ripemd160')
ripeHasher.update(sha.digest())
ripe = ripeHasher.digest()
logger.debug('within recpubkey, addressVersion: %s, streamNumber: %s \n\
ripe %s\n\
publicSigningKey in hex: %s\n\
publicEncryptionKey in hex: %s' % (addressVersion,
streamNumber,
ripe.encode('hex'),
publicSigningKey.encode('hex'),
publicEncryptionKey.encode('hex')
)
)
address = encodeAddress(addressVersion, streamNumber, ripe)
queryreturn = sqlQuery(
'''SELECT usedpersonally FROM pubkeys WHERE address=? AND usedpersonally='yes' ''', address)
if queryreturn != []: # if this pubkey is already in our database and if we have used it personally:
logger.info('We HAVE used this pubkey personally. Updating time.')
t = (address, addressVersion, dataToStore, int(time.time()), 'yes')
else:
logger.info('We have NOT used this pubkey personally. Inserting in database.')
t = (address, addressVersion, dataToStore, int(time.time()), 'no')
sqlExecute('''INSERT INTO pubkeys VALUES (?,?,?,?,?)''', *t)
self.possibleNewPubkey(address)
if addressVersion == 3:
if len(data) < 170: # sanity check.
logger.warning('(within processpubkey) payloadLength less than 170. Sanity check failed.')
return
bitfieldBehaviors = data[readPosition:readPosition + 4]
readPosition += 4
publicSigningKey = '\x04' + data[readPosition:readPosition + 64]
readPosition += 64
publicEncryptionKey = '\x04' + data[readPosition:readPosition + 64]
readPosition += 64
specifiedNonceTrialsPerByte, specifiedNonceTrialsPerByteLength = decodeVarint(
data[readPosition:readPosition + 10])
readPosition += specifiedNonceTrialsPerByteLength
specifiedPayloadLengthExtraBytes, specifiedPayloadLengthExtraBytesLength = decodeVarint(
data[readPosition:readPosition + 10])
readPosition += specifiedPayloadLengthExtraBytesLength
endOfSignedDataPosition = readPosition
dataToStore = data[20:readPosition] # The data we'll store in the pubkeys table.
signatureLength, signatureLengthLength = decodeVarint(
data[readPosition:readPosition + 10])
readPosition += signatureLengthLength
signature = data[readPosition:readPosition + signatureLength]
if highlevelcrypto.verify(data[8:endOfSignedDataPosition], signature, publicSigningKey.encode('hex')):
logger.debug('ECDSA verify passed (within processpubkey)')
else:
logger.warning('ECDSA verify failed (within processpubkey)')
return
sha = hashlib.new('sha512')
sha.update(publicSigningKey + publicEncryptionKey)
ripeHasher = hashlib.new('ripemd160')
ripeHasher.update(sha.digest())
ripe = ripeHasher.digest()
logger.debug('within recpubkey, addressVersion: %s, streamNumber: %s \n\
ripe %s\n\
publicSigningKey in hex: %s\n\
publicEncryptionKey in hex: %s' % (addressVersion,
streamNumber,
ripe.encode('hex'),
publicSigningKey.encode('hex'),
publicEncryptionKey.encode('hex')
)
)
address = encodeAddress(addressVersion, streamNumber, ripe)
queryreturn = sqlQuery('''SELECT usedpersonally FROM pubkeys WHERE address=? AND usedpersonally='yes' ''', address)
if queryreturn != []: # if this pubkey is already in our database and if we have used it personally:
logger.info('We HAVE used this pubkey personally. Updating time.')
t = (address, addressVersion, dataToStore, int(time.time()), 'yes')
else:
logger.info('We have NOT used this pubkey personally. Inserting in database.')
t = (address, addressVersion, dataToStore, int(time.time()), 'no')
sqlExecute('''INSERT INTO pubkeys VALUES (?,?,?,?,?)''', *t)
self.possibleNewPubkey(address)
if addressVersion == 4:
if len(data) < 350: # sanity check.
logger.debug('(within processpubkey) payloadLength less than 350. Sanity check failed.')
return
tag = data[readPosition:readPosition + 32]
if tag not in shared.neededPubkeys:
logger.info('We don\'t need this v4 pubkey. We didn\'t ask for it.')
return
# Let us try to decrypt the pubkey
toAddress, cryptorObject = shared.neededPubkeys[tag]
if shared.decryptAndCheckPubkeyPayload(data, toAddress) == 'successful':
# At this point we know that we have been waiting on this pubkey.
# This function will command the workerThread to start work on
# the messages that require it.
self.possibleNewPubkey(toAddress)
# Display timing data
timeRequiredToProcessPubkey = time.time(
) - pubkeyProcessingStartTime
logger.debug('Time required to process this pubkey: %s' % timeRequiredToProcessPubkey)
def processbroadcast(self, data):
messageProcessingStartTime = time.time()
shared.numberOfBroadcastsProcessed += 1
queues.UISignalQueue.put(
('updateNumberOfBroadcastsProcessed', 'no data'))
inventoryHash = calculateInventoryHash(data)
readPosition = 20 # bypass the nonce, time, and object type
broadcastVersion, broadcastVersionLength = decodeVarint(
data[readPosition:readPosition + 9])
readPosition += broadcastVersionLength
if broadcastVersion < 4 or broadcastVersion > 5:
logger.info(
'Cannot decode incoming broadcast versions less than 4'
' or higher than 5. Assuming the sender isn\'t being silly,'
' you should upgrade Bitmessage because this message shall'
' be ignored.')
return
cleartextStreamNumber, cleartextStreamNumberLength = decodeVarint(
data[readPosition:readPosition + 10])
readPosition += cleartextStreamNumberLength
if broadcastVersion == 4:
# v4 broadcasts are encrypted the same way the msgs are
# encrypted. To see if we are interested in a v4 broadcast,
# we try to decrypt it. This was replaced with v5 broadcasts
# which include a tag which we check instead, just like we do
# with v4 pubkeys.
signedData = data[8:readPosition]
initialDecryptionSuccessful = False
for key, cryptorObject in sorted(
shared.MyECSubscriptionCryptorObjects.items(),
key=lambda x: random.random()):
try:
# continue decryption attempts to avoid timing attacks
if initialDecryptionSuccessful:
cryptorObject.decrypt(data[readPosition:])
else:
decryptedData = cryptorObject.decrypt(
data[readPosition:])
# This is the RIPE hash of the sender's pubkey.
# We need this below to compare to the RIPE hash
# of the sender's address to verify that it was
# encrypted by with their key rather than some
# other key.
toRipe = key
initialDecryptionSuccessful = True
logger.info(
'EC decryption successful using key associated'
' with ripe hash: %s', hexlify(key))
except Exception:
logger.debug('cryptorObject.decrypt Exception:',
exc_info=True)
if not initialDecryptionSuccessful:
# This is not a broadcast I am interested in.
logger.debug(
'Length of time program spent failing to decrypt this'
' v4 broadcast: %s seconds.',
time.time() - messageProcessingStartTime)
return
elif broadcastVersion == 5:
embeddedTag = data[readPosition:readPosition + 32]
readPosition += 32
if embeddedTag not in shared.MyECSubscriptionCryptorObjects:
logger.debug('We\'re not interested in this broadcast.')
return
# We are interested in this broadcast because of its tag.
# We're going to add some more data which is signed further down.
signedData = data[8:readPosition]
cryptorObject = shared.MyECSubscriptionCryptorObjects[embeddedTag]
try:
decryptedData = cryptorObject.decrypt(data[readPosition:])
logger.debug('EC decryption successful')
except Exception:
logger.debug('Broadcast version %s decryption Unsuccessful.',
broadcastVersion)
return
# At this point this is a broadcast I have decrypted and am
# interested in.
readPosition = 0
sendersAddressVersion, sendersAddressVersionLength = decodeVarint(
decryptedData[readPosition:readPosition + 9])
if broadcastVersion == 4:
if sendersAddressVersion < 2 or sendersAddressVersion > 3:
logger.warning(
'Cannot decode senderAddressVersion other than 2 or 3.'
' Assuming the sender isn\'t being silly, you should'
' upgrade Bitmessage because this message shall be'
' ignored.')
return
elif broadcastVersion == 5:
if sendersAddressVersion < 4:
logger.info(
'Cannot decode senderAddressVersion less than 4 for'
' broadcast version number 5. Assuming the sender'
' isn\'t being silly, you should upgrade Bitmessage'
' because this message shall be ignored.')
return
readPosition += sendersAddressVersionLength
sendersStream, sendersStreamLength = decodeVarint(
decryptedData[readPosition:readPosition + 9])
if sendersStream != cleartextStreamNumber:
logger.info(
'The stream number outside of the encryption on which the'
' POW was completed doesn\'t match the stream number'
' inside the encryption. Ignoring broadcast.')
return
readPosition += sendersStreamLength
readPosition += 4
sendersPubSigningKey = '\x04' + \
decryptedData[readPosition:readPosition + 64]
readPosition += 64
sendersPubEncryptionKey = '\x04' + \
decryptedData[readPosition:readPosition + 64]
readPosition += 64
if sendersAddressVersion >= 3:
requiredAverageProofOfWorkNonceTrialsPerByte, varintLength = \
decodeVarint(decryptedData[readPosition:readPosition + 10])
readPosition += varintLength
logger.debug(
'sender\'s requiredAverageProofOfWorkNonceTrialsPerByte'
' is %s', requiredAverageProofOfWorkNonceTrialsPerByte)
requiredPayloadLengthExtraBytes, varintLength = decodeVarint(
decryptedData[readPosition:readPosition + 10])
readPosition += varintLength
logger.debug('sender\'s requiredPayloadLengthExtraBytes is %s',
requiredPayloadLengthExtraBytes)
endOfPubkeyPosition = readPosition
sha = hashlib.new('sha512')
sha.update(sendersPubSigningKey + sendersPubEncryptionKey)
calculatedRipe = RIPEMD160Hash(sha.digest()).digest()
if broadcastVersion == 4:
if toRipe != calculatedRipe:
logger.info('The encryption key used to encrypt this message'
' doesn\'t match the keys inbedded in the message'
' itself. Ignoring message.')
return
elif broadcastVersion == 5:
calculatedTag = hashlib.sha512(
hashlib.sha512(
encodeVarint(sendersAddressVersion) +
encodeVarint(sendersStream) +
calculatedRipe).digest()).digest()[32:]
if calculatedTag != embeddedTag:
logger.debug('The tag and encryption key used to encrypt this'
' message doesn\'t match the keys inbedded in the'
' message itself. Ignoring message.')
return
messageEncodingType, messageEncodingTypeLength = decodeVarint(
decryptedData[readPosition:readPosition + 9])
if messageEncodingType == 0:
return
readPosition += messageEncodingTypeLength
messageLength, messageLengthLength = decodeVarint(
decryptedData[readPosition:readPosition + 9])
readPosition += messageLengthLength
message = decryptedData[readPosition:readPosition + messageLength]
readPosition += messageLength
readPositionAtBottomOfMessage = readPosition
signatureLength, signatureLengthLength = decodeVarint(
decryptedData[readPosition:readPosition + 9])
readPosition += signatureLengthLength
signature = decryptedData[readPosition:readPosition + signatureLength]
signedData += decryptedData[:readPositionAtBottomOfMessage]
if not highlevelcrypto.verify(signedData, signature,
hexlify(sendersPubSigningKey)):
logger.debug('ECDSA verify failed')
return
logger.debug('ECDSA verify passed')
# Used to detect and ignore duplicate messages in our inbox
sigHash = hashlib.sha512(
hashlib.sha512(signature).digest()).digest()[32:]
fromAddress = encodeAddress(sendersAddressVersion, sendersStream,
calculatedRipe)
logger.info('fromAddress: %s' % fromAddress)
# Let's store the public key in case we want to reply to this person.
sqlExecute('''INSERT INTO pubkeys VALUES (?,?,?,?,?)''', fromAddress,
sendersAddressVersion, decryptedData[:endOfPubkeyPosition],
int(time.time()), 'yes')
# Check to see whether we happen to be awaiting this
# pubkey in order to send a message. If we are, it will do the POW
# and send it.
self.possibleNewPubkey(fromAddress)
fromAddress = encodeAddress(sendersAddressVersion, sendersStream,
calculatedRipe)
logger.debug('fromAddress: ' + fromAddress)
try:
decodedMessage = helper_msgcoding.MsgDecode(
messageEncodingType, message)
except helper_msgcoding.MsgDecodeException:
return
subject = decodedMessage.subject
body = decodedMessage.body
toAddress = '[Broadcast subscribers]'
if helper_inbox.isMessageAlreadyInInbox(sigHash):
logger.info('This broadcast is already in our inbox. Ignoring it.')
return
t = (inventoryHash, toAddress, fromAddress, subject, int(time.time()),
body, 'inbox', messageEncodingType, 0, sigHash)
helper_inbox.insert(t)
queues.UISignalQueue.put(
('displayNewInboxMessage', (inventoryHash, toAddress, fromAddress,
subject, body)))
# If we are behaving as an API then we might need to run an
# outside command to let some program know that a new message
# has arrived.
if BMConfigParser().safeGetBoolean('bitmessagesettings', 'apienabled'):
try:
apiNotifyPath = BMConfigParser().get('bitmessagesettings',
'apinotifypath')
except:
apiNotifyPath = ''
if apiNotifyPath != '':
call([apiNotifyPath, "newBroadcast"])
# Display timing data
logger.info('Time spent processing this interesting broadcast: %s',
time.time() - messageProcessingStartTime)
def processgetpubkey(data):
"""Process getpubkey object"""
if len(data) > 200:
logger.info('getpubkey is abnormally long. Sanity check failed.'
' Ignoring object.')
return
readPosition = 20 # bypass the nonce, time, and object type
requestedAddressVersionNumber, addressVersionLength = decodeVarint(
data[readPosition:readPosition + 10])
readPosition += addressVersionLength
streamNumber, streamNumberLength = decodeVarint(
data[readPosition:readPosition + 10])
readPosition += streamNumberLength
if requestedAddressVersionNumber == 0:
logger.debug(
'The requestedAddressVersionNumber of the pubkey request'
' is zero. That doesn\'t make any sense. Ignoring it.')
return
elif requestedAddressVersionNumber == 1:
logger.debug(
'The requestedAddressVersionNumber of the pubkey request'
' is 1 which isn\'t supported anymore. Ignoring it.')
return
elif requestedAddressVersionNumber > 4:
logger.debug(
'The requestedAddressVersionNumber of the pubkey request'
' is too high. Can\'t understand. Ignoring it.')
return
myAddress = ''
if requestedAddressVersionNumber <= 3:
requestedHash = data[readPosition:readPosition + 20]
if len(requestedHash) != 20:
logger.debug(
'The length of the requested hash is not 20 bytes.'
' Something is wrong. Ignoring.')
return
logger.info('the hash requested in this getpubkey request is: %s',
hexlify(requestedHash))
# if this address hash is one of mine
if requestedHash in shared.myAddressesByHash:
myAddress = shared.myAddressesByHash[requestedHash]
elif requestedAddressVersionNumber >= 4:
requestedTag = data[readPosition:readPosition + 32]
if len(requestedTag) != 32:
logger.debug('The length of the requested tag is not 32 bytes.'
' Something is wrong. Ignoring.')
return
logger.debug('the tag requested in this getpubkey request is: %s',
hexlify(requestedTag))
if requestedTag in shared.myAddressesByTag:
myAddress = shared.myAddressesByTag[requestedTag]
if myAddress == '':
logger.info('This getpubkey request is not for any of my keys.')
return
if decodeAddress(myAddress)[1] != requestedAddressVersionNumber:
logger.warning(
'(Within the processgetpubkey function) Someone requested'
' one of my pubkeys but the requestedAddressVersionNumber'
' doesn\'t match my actual address version number.'
' Ignoring.')
return
if decodeAddress(myAddress)[2] != streamNumber:
logger.warning(
'(Within the processgetpubkey function) Someone requested'
' one of my pubkeys but the stream number on which we'
' heard this getpubkey object doesn\'t match this'
' address\' stream number. Ignoring.')
return
if BMConfigParser().safeGetBoolean(myAddress, 'chan'):
logger.info(
'Ignoring getpubkey request because it is for one of my'
' chan addresses. The other party should already have'
' the pubkey.')
return
lastPubkeySendTime = BMConfigParser().safeGetInt(
myAddress, 'lastpubkeysendtime')
# If the last time we sent our pubkey was more recent than
# 28 days ago...
if lastPubkeySendTime > time.time() - 2419200:
logger.info(
'Found getpubkey-requested-item in my list of EC hashes'
' BUT we already sent it recently. Ignoring request.'
' The lastPubkeySendTime is: %s', lastPubkeySendTime)
return
logger.info('Found getpubkey-requested-hash in my list of EC hashes.'
' Telling Worker thread to do the POW for a pubkey message'
' and send it out.')
if requestedAddressVersionNumber == 2:
queues.workerQueue.put(('doPOWForMyV2Pubkey', requestedHash))
elif requestedAddressVersionNumber == 3:
queues.workerQueue.put(('sendOutOrStoreMyV3Pubkey', requestedHash))
elif requestedAddressVersionNumber == 4:
queues.workerQueue.put(('sendOutOrStoreMyV4Pubkey', myAddress))
