def PrepareMessage(self,message,alt_pgpkey=None, signmessage=True):
# Send a message object. First serialize, then sign, then encrypt (if recipients are named), finally send.
# First set the send time - ALWAYS USE UTC! Never use any local system timezone information
self.recipient = message.recipient
message.datetime_sent = current_time()
serialized_message = json.dumps(message,default=jdefault,sort_keys=True)
# Now PGP clearsign if enabled
#print serialized_message
serialized_message = textwrap.fill(serialized_message, 80, drop_whitespace=False)
#print serialized_message
if signmessage:
final_clear_message = str(self.gpg.sign(serialized_message, keyid=self.mypgpkeyid,passphrase=self.pgp_passphrase ))
else:
final_clear_message = serialized_message
# Now always encrypt if this is a directed message
if self.recipient:
# TODO: encrypt to alternate pgp key if ephemeral pgp message keys are enabled and we have one for this recipient
print "PrepareMessage: calling recv keys"
self.gpg.recv_keys('hkp://127.0.0.1:5000',self.recipient) # We don't really want to do this every time but it will do for now
print "PrepareMessage: calling encrypt"
final_message_raw = self.gpg.encrypt(final_clear_message,self.recipient,passphrase=self.pgp_passphrase, always_trust=True)
if final_message_raw == False:
# Encryption did not succeed - stop now
print ("Encryption failed")
return False
else: final_message = str(final_message_raw)
else:
# This will be an unencrypted message (only for "posted" broadcast messages such as listings and open chat channels)
final_message = final_clear_message
# OK, ready to send
return final_message
def GetMessage(self,rawmessage,alt_pgpkey=None,allow_unsigned=True):
# Decode and return a message object. First decrypt if encrypted, then check outer signature if signed, the parse
# json, then attempt to safely deserialize into a message object, then set received time, finally return message or error
input_message_encrypted = False
input_message_signed = False
lrawmessage = str(rawmessage)
# First set the send time - ALWAYS USE UTC! Never use any local system timezone information
#### Step 1 - Is it encrypted?
if lrawmessage.startswith('-----BEGIN PGP MESSAGE-----'):
decrypt_msg = self.gpg.decrypt(lrawmessage, passphrase=self.pgp_passphrase )
if not str(decrypt_msg):
print "Unable to decrypt received message, dropping message"
return False
else:
clear_lrawmessage = str(decrypt_msg)
input_message_encrypted = True
else:
clear_lrawmessage = lrawmessage
#### Step 2 - Is it signed?
# TODO - FIND OUT WHAT KEY WE NEED - IF WE DON'T HAVE IT THEN DEFER THIS MESSAGE WHILE THE KEY IS RETRIEVED
if clear_lrawmessage.startswith('-----BEGIN PGP SIGNED MESSAGE-----'):
verify_signature = self.gpg.verify(clear_lrawmessage)
# if verify_signature.pubkey_fingerprint: # Proper signature check, full fp only returned if key present
if verify_signature.key_id: # Weak signature check - TODO: TESTING ONLY!
input_message_signed = True
try:
clear_strippedlrawmessage = clear_lrawmessage[clear_lrawmessage.index('{'):clear_lrawmessage.rindex('}')+1]
except:
return False
else:
return False
else:
print "WARNING: Unsigned message block identified..."
if allow_unsigned:
clear_strippedlrawmessage = clear_lrawmessage
else:
return False
#### Step 3 - Is it a valid JSON message?
clear_strippedlrawmessage = clear_strippedlrawmessage.replace('\n', '') # strip out all those newlines we added pre-signing
message = Message()
if message.loadjson(clear_strippedlrawmessage) == False:
print "Could not decode JSON, dropping message. Message was " + clear_strippedlrawmessage
return False
else:
# Finally make sure the sender keyid matches the signing keyid
if not verify_signature.key_id == message.sender:
print "WARNING! Apparent spoofed message - claiming to be from " + message.sender
return False
if input_message_encrypted:
message.encrypted = True
if input_message_signed:
message.signed = True
message.datetime_received = current_time()
return message
def PrepareMessage(self, message, alt_pgpkey=None, signmessage=True):
# Send a message object. First serialize, then sign, then encrypt (if recipients are named), finally send.
# First set the send time - ALWAYS USE UTC! Never use any local system
# timezone information
self.recipient = message.recipient
message.datetime_sent = current_time()
serialized_message = json.dumps(message,
default=jdefault,
sort_keys=True)
# Now PGP clearsign if enabled
# print serialized_message
serialized_message = textwrap.fill(serialized_message,
80,
drop_whitespace=False)
# print serialized_message
if signmessage:
final_clear_message = str(
self.gpg.sign(serialized_message,
keyid=self.mypgpkeyid,
passphrase=self.pgp_passphrase))
else:
final_clear_message = serialized_message
# Now always encrypt if this is a directed message
if self.recipient:
# TODO: encrypt to alternate pgp key if ephemeral pgp message keys
# are enabled and we have one for this recipient
print "PrepareMessage: calling recv keys"
# We don't really want to do this every time but it will do for now
self.gpg.recv_keys('hkp://127.0.0.1:5000', self.recipient)
print "PrepareMessage: calling encrypt"
final_message_raw = self.gpg.encrypt(
final_clear_message,
self.recipient,
passphrase=self.pgp_passphrase,
always_trust=True)
if final_message_raw == False:
# Encryption did not succeed - stop now
print("Encryption failed")
return False
else:
final_message = str(final_message_raw)
else:
# This will be an unencrypted message (only for "posted" broadcast
# messages such as listings and open chat channels)
final_message = final_clear_message
# OK, ready to send
return final_message
def rebuild(self):
print "Info: Rebuilding front end in-memory cache db"
session = self.DBSession()
session.query(self.cacheFullDirectory).delete() # full rebuild so clear the table
session.commit()
main_session = self.main_db.DBSession()
# 1st copy over the current cacheDirectory as is
cache_dir_res = main_session.query(self.main_db.cacheDirectory).all()
for row in cache_dir_res:
cache_dir_entry = self.cacheFullDirectory(key_id=row.key_id,
updated=row.updated,
display_name=row.display_name,
is_active_user = True, # Since this is from the directory it must be an active user
is_seller = row.is_seller,
is_upl = row.is_upl,
is_notary = row.is_notary,
is_arbiter = row.is_arbiter,
is_looking_glass = row.is_looking_glass)
# aggregate_transactions = # TODO caclulate based on available cached UPL's
# aggregate_feedback = # TODO caclulate based on available cached UPL's
session.add(cache_dir_entry)
session.commit()
# our own key should go in now if it hasn't already come from the directory (this is usually only needed for the very first run following installation)
my_entry = session.query(self.cacheFullDirectory).filter_by(key_id=self.my_key).first()
if my_entry:
pass # our key is already present
else:
my_dir_entry = self.cacheFullDirectory(key_id=self.my_key,
updated=datetime.strptime(current_time(), "%Y-%m-%d %H:%M:%S"),
is_contact=True,
is_active_user=True,
display_name = self.my_display_name)
session.add(my_dir_entry)
session.commit()
# Now read in keyids from the users contacts, add these and update where necessary (usually the contact will also be in teh directory but not always)
contacts_res = main_session.query(self.main_db.Contacts).all()
for row in contacts_res:
qry_res = session.query(self.cacheFullDirectory).filter_by(key_id=row.contact_key).first()
if qry_res:
qry_res.is_contact = True
else:
contact = self.cacheFullDirectory(key_id=row.contact_key, updated=datetime.strptime(current_time(), "%Y-%m-%d %H:%M:%S"),is_contact = True, display_name = row.display_name)
session.add(contact)
session.commit()
# Now read in keyids from UPLs including notary lists, add these and update where necessary
pass
def GetMessage(self,
rawmessage,
client_instance,
topic,
alt_pgpkey=None,
allow_unsigned=True):
# Decode and return a message object. First decrypt if encrypted, then check outer signature if signed, the parse
# json, then attempt to safely deserialize into a message object, then
# set received time, finally return message or error
input_message_encrypted = False
input_message_signed = False
lrawmessage = str(rawmessage)
# First set the send time - ALWAYS USE UTC! Never use any local system timezone information
# Step 1 - Is it encrypted?
if lrawmessage.startswith('-----BEGIN PGP MESSAGE-----'):
decrypt_msg = self.gpg.decrypt(lrawmessage,
passphrase=self.pgp_passphrase)
if not str(decrypt_msg):
print "Unable to decrypt received message, dropping message"
return False
else:
clear_lrawmessage = str(decrypt_msg)
input_message_encrypted = True
else:
clear_lrawmessage = lrawmessage
# print clear_lrawmessage
# Step 2 - Is it signed?
if clear_lrawmessage.startswith('-----BEGIN PGP SIGNED MESSAGE-----'):
tmp_key = False
try:
tmp_stripped_msg = clear_lrawmessage[clear_lrawmessage.index(
'{'):clear_lrawmessage.rindex('}') + 1]
# strip out all those newlines we added pre-signing
tmp_stripped_msg = tmp_stripped_msg.replace('\n', '')
tmp_message = Message()
tmp_message.loadjson(tmp_stripped_msg)
tmp_key = tmp_message.sender
# we will need this when we finally get the key
tmp_message.raw_message = rawmessage
tmp_message.topic = topic
except:
print "Failed to parse json response and extract sender key id"
return False
if tmp_key:
# check if this key needs to be retreived
if got_pgpkey(client_instance.storageDB, tmp_key):
print "Already have the necessary key " + tmp_key # we already have the key
else:
print "Need key " + tmp_key # defer message processing until key is retrieved
# assign a temporary random id
random_id = random.randrange(1, stop=999999999, step=1)
client_instance.task_state_pgpkeys[tmp_key][
'state'] = KEY_LOOKUP_STATE_INITIAL # create task request for a lookup
client_instance.task_state_messages[random_id][
'state'] = MSG_STATE_KEY_REQUESTED
client_instance.task_state_messages[random_id][
'message'] = tmp_message
return MSG_STATE_KEY_REQUESTED
else:
print "Sending keyid could not be extracted from message - unable to verify sender key - dropping message..."
# print clear_lrawmessage
return False
# print clear_lrawmessage
if clear_lrawmessage.startswith('-----BEGIN PGP SIGNED MESSAGE-----'):
signed = True
verify_signature = self.gpg.verify(clear_lrawmessage)
# if verify_signature.pubkey_fingerprint: # Proper signature check,
# full fp only returned if key present
if verify_signature.key_id: # Weak signature check - TODO: TESTING ONLY!
input_message_signed = True
try:
clear_strippedlrawmessage = clear_lrawmessage[
clear_lrawmessage.
index('{'):clear_lrawmessage.rindex('}') + 1]
except:
return False
else:
return False
else:
print "WARNING: Unsigned message block identified..."
if allow_unsigned:
clear_strippedlrawmessage = clear_lrawmessage
signed = False
else:
return False
# Step 3 - Is it a valid JSON message?
clear_strippedlrawmessage = clear_strippedlrawmessage.replace(
'\n', '') # strip out all those newlines we added pre-signing
message = Message()
if message.loadjson(clear_strippedlrawmessage) == False:
print "Could not decode JSON, dropping message. Message was " + clear_strippedlrawmessage
return False
else:
# Finally make sure the sender keyid matches the signing keyid
if signed and not (verify_signature.key_id == message.sender):
print "WARNING! Apparent spoofed message - claiming to be from " + message.sender
return False
if input_message_encrypted:
message.encrypted = True
if input_message_signed:
message.signed = True
message.datetime_received = current_time()
message.topic = topic
return message
def GetMessage(self, rawmessage, client_instance, topic, alt_pgpkey=None, allow_unsigned=True):
# Decode and return a message object. First decrypt if encrypted, then check outer signature if signed, the parse
# json, then attempt to safely deserialize into a message object, then
# set received time, finally return message or error
input_message_encrypted = False
input_message_signed = False
lrawmessage = str(rawmessage)
# First set the send time - ALWAYS USE UTC! Never use any local system timezone information
# Step 1 - Is it encrypted?
if lrawmessage.startswith('-----BEGIN PGP MESSAGE-----'):
decrypt_msg = self.gpg.decrypt(
lrawmessage, passphrase=self.pgp_passphrase)
if not str(decrypt_msg):
print "Unable to decrypt received message, dropping message"
return False
else:
clear_lrawmessage = str(decrypt_msg)
input_message_encrypted = True
else:
clear_lrawmessage = lrawmessage
# print clear_lrawmessage
# Step 2 - Is it signed?
if clear_lrawmessage.startswith('-----BEGIN PGP SIGNED MESSAGE-----'):
tmp_key = False
try:
tmp_stripped_msg = clear_lrawmessage[
clear_lrawmessage.index('{'):clear_lrawmessage.rindex('}') + 1]
# strip out all those newlines we added pre-signing
tmp_stripped_msg = tmp_stripped_msg.replace('\n', '')
tmp_message = Message()
tmp_message.loadjson(tmp_stripped_msg)
tmp_key = tmp_message.sender
# we will need this when we finally get the key
tmp_message.raw_message = rawmessage
tmp_message.topic = topic
except:
print "Failed to parse json response and extract sender key id"
return False
if tmp_key:
# check if this key needs to be retreived
if got_pgpkey(client_instance.storageDB, tmp_key):
print "Already have the necessary key " + tmp_key # we already have the key
else:
print "Need key " + tmp_key # defer message processing until key is retrieved
# assign a temporary random id
random_id = random.randrange(1, stop=999999999, step=1)
client_instance.task_state_pgpkeys[tmp_key][
'state'] = KEY_LOOKUP_STATE_INITIAL # create task request for a lookup
client_instance.task_state_messages[random_id][
'state'] = MSG_STATE_KEY_REQUESTED
client_instance.task_state_messages[
random_id]['message'] = tmp_message
return MSG_STATE_KEY_REQUESTED
else:
print "Sending keyid could not be extracted from message - unable to verify sender key - dropping message..."
# print clear_lrawmessage
return False
# print clear_lrawmessage
if clear_lrawmessage.startswith('-----BEGIN PGP SIGNED MESSAGE-----'):
signed = True
verify_signature = self.gpg.verify(clear_lrawmessage)
# if verify_signature.pubkey_fingerprint: # Proper signature check,
# full fp only returned if key present
if verify_signature.key_id: # Weak signature check - TODO: TESTING ONLY!
input_message_signed = True
try:
clear_strippedlrawmessage = clear_lrawmessage[
clear_lrawmessage.index('{'):clear_lrawmessage.rindex('}') + 1]
except:
return False
else:
return False
else:
print "WARNING: Unsigned message block identified..."
if allow_unsigned:
clear_strippedlrawmessage = clear_lrawmessage
signed = False
else:
return False
# Step 3 - Is it a valid JSON message?
clear_strippedlrawmessage = clear_strippedlrawmessage.replace(
'\n', '') # strip out all those newlines we added pre-signing
message = Message()
if message.loadjson(clear_strippedlrawmessage) == False:
print "Could not decode JSON, dropping message. Message was " + clear_strippedlrawmessage
return False
else:
# Finally make sure the sender keyid matches the signing keyid
if signed and not (verify_signature.key_id == message.sender):
print "WARNING! Apparent spoofed message - claiming to be from " + message.sender
return False
if input_message_encrypted:
message.encrypted = True
if input_message_signed:
message.signed = True
message.datetime_received = current_time()
message.topic = topic
return message
