Version 0.3.4, Rev656, CryptMessage plugin for AES and ECIES encryption, Added pyelliptic lib for OpenSSSL based encryption methods, Test CryptMessage plugin, Force reload content.json before signing and after write, Escaped Sql IN queries support, Test Sql parameter escaping, ui_websocket Test fixture, Plugin testing support, Always return websocket errors as dict, Wait for file on weboscket fileGet command if its already in bad_files queue, PushState and ReplaceState url manipulation support in wrapper API, Per auth-address localstorage, Longer timeout for udp tracker query
2015-12-10 21:36:20 +01:00
|
|
|
import base64
|
|
|
|
import os
|
|
|
|
|
|
|
|
from Plugin import PluginManager
|
|
|
|
from Crypt import CryptBitcoin
|
2019-03-15 21:06:59 +01:00
|
|
|
import lib.pybitcointools as btctools
|
Version 0.3.4, Rev656, CryptMessage plugin for AES and ECIES encryption, Added pyelliptic lib for OpenSSSL based encryption methods, Test CryptMessage plugin, Force reload content.json before signing and after write, Escaped Sql IN queries support, Test Sql parameter escaping, ui_websocket Test fixture, Plugin testing support, Always return websocket errors as dict, Wait for file on weboscket fileGet command if its already in bad_files queue, PushState and ReplaceState url manipulation support in wrapper API, Per auth-address localstorage, Longer timeout for udp tracker query
2015-12-10 21:36:20 +01:00
|
|
|
|
2019-03-15 21:06:59 +01:00
|
|
|
from . import CryptMessage
|
Version 0.3.4, Rev656, CryptMessage plugin for AES and ECIES encryption, Added pyelliptic lib for OpenSSSL based encryption methods, Test CryptMessage plugin, Force reload content.json before signing and after write, Escaped Sql IN queries support, Test Sql parameter escaping, ui_websocket Test fixture, Plugin testing support, Always return websocket errors as dict, Wait for file on weboscket fileGet command if its already in bad_files queue, PushState and ReplaceState url manipulation support in wrapper API, Per auth-address localstorage, Longer timeout for udp tracker query
2015-12-10 21:36:20 +01:00
|
|
|
|
|
|
|
|
|
|
|
@PluginManager.registerTo("UiWebsocket")
|
|
|
|
class UiWebsocketPlugin(object):
|
2019-03-16 02:23:00 +01:00
|
|
|
def eciesDecrypt(self, encrypted, privatekey):
|
Version 0.3.4, Rev656, CryptMessage plugin for AES and ECIES encryption, Added pyelliptic lib for OpenSSSL based encryption methods, Test CryptMessage plugin, Force reload content.json before signing and after write, Escaped Sql IN queries support, Test Sql parameter escaping, ui_websocket Test fixture, Plugin testing support, Always return websocket errors as dict, Wait for file on weboscket fileGet command if its already in bad_files queue, PushState and ReplaceState url manipulation support in wrapper API, Per auth-address localstorage, Longer timeout for udp tracker query
2015-12-10 21:36:20 +01:00
|
|
|
back = CryptMessage.getEcc(privatekey).decrypt(encrypted)
|
|
|
|
return back.decode("utf8")
|
|
|
|
|
|
|
|
# - Actions -
|
|
|
|
|
|
|
|
# Returns user's public key unique to site
|
|
|
|
# Return: Public key
|
|
|
|
def actionUserPublickey(self, to, index=0):
|
|
|
|
publickey = self.user.getEncryptPublickey(self.site.address, index)
|
|
|
|
self.response(to, publickey)
|
|
|
|
|
|
|
|
# Encrypt a text using the publickey or user's sites unique publickey
|
|
|
|
# Return: Encrypted text using base64 encoding
|
|
|
|
def actionEciesEncrypt(self, to, text, publickey=0, return_aes_key=False):
|
|
|
|
if type(publickey) is int: # Encrypt using user's publickey
|
|
|
|
publickey = self.user.getEncryptPublickey(self.site.address, publickey)
|
2019-03-16 02:23:00 +01:00
|
|
|
aes_key, encrypted = CryptMessage.eciesEncrypt(text.encode("utf8"), publickey)
|
Version 0.3.4, Rev656, CryptMessage plugin for AES and ECIES encryption, Added pyelliptic lib for OpenSSSL based encryption methods, Test CryptMessage plugin, Force reload content.json before signing and after write, Escaped Sql IN queries support, Test Sql parameter escaping, ui_websocket Test fixture, Plugin testing support, Always return websocket errors as dict, Wait for file on weboscket fileGet command if its already in bad_files queue, PushState and ReplaceState url manipulation support in wrapper API, Per auth-address localstorage, Longer timeout for udp tracker query
2015-12-10 21:36:20 +01:00
|
|
|
if return_aes_key:
|
2019-03-16 02:23:00 +01:00
|
|
|
self.response(to, [base64.b64encode(encrypted).decode("utf8"), base64.b64encode(aes_key).decode("utf8")])
|
Version 0.3.4, Rev656, CryptMessage plugin for AES and ECIES encryption, Added pyelliptic lib for OpenSSSL based encryption methods, Test CryptMessage plugin, Force reload content.json before signing and after write, Escaped Sql IN queries support, Test Sql parameter escaping, ui_websocket Test fixture, Plugin testing support, Always return websocket errors as dict, Wait for file on weboscket fileGet command if its already in bad_files queue, PushState and ReplaceState url manipulation support in wrapper API, Per auth-address localstorage, Longer timeout for udp tracker query
2015-12-10 21:36:20 +01:00
|
|
|
else:
|
2019-03-16 02:23:00 +01:00
|
|
|
self.response(to, base64.b64encode(encrypted).decode("utf8"))
|
Version 0.3.4, Rev656, CryptMessage plugin for AES and ECIES encryption, Added pyelliptic lib for OpenSSSL based encryption methods, Test CryptMessage plugin, Force reload content.json before signing and after write, Escaped Sql IN queries support, Test Sql parameter escaping, ui_websocket Test fixture, Plugin testing support, Always return websocket errors as dict, Wait for file on weboscket fileGet command if its already in bad_files queue, PushState and ReplaceState url manipulation support in wrapper API, Per auth-address localstorage, Longer timeout for udp tracker query
2015-12-10 21:36:20 +01:00
|
|
|
|
|
|
|
# Decrypt a text using privatekey or the user's site unique private key
|
|
|
|
# Return: Decrypted text or list of decrypted texts
|
|
|
|
def actionEciesDecrypt(self, to, param, privatekey=0):
|
|
|
|
if type(privatekey) is int: # Decrypt using user's privatekey
|
|
|
|
privatekey = self.user.getEncryptPrivatekey(self.site.address, privatekey)
|
|
|
|
|
|
|
|
if type(param) == list:
|
|
|
|
encrypted_texts = param
|
|
|
|
else:
|
|
|
|
encrypted_texts = [param]
|
|
|
|
|
|
|
|
texts = [] # Decoded texts
|
|
|
|
for encrypted_text in encrypted_texts:
|
|
|
|
try:
|
2019-03-16 02:23:00 +01:00
|
|
|
text = CryptMessage.eciesDecrypt(encrypted_text, privatekey).decode("utf8")
|
Version 0.3.4, Rev656, CryptMessage plugin for AES and ECIES encryption, Added pyelliptic lib for OpenSSSL based encryption methods, Test CryptMessage plugin, Force reload content.json before signing and after write, Escaped Sql IN queries support, Test Sql parameter escaping, ui_websocket Test fixture, Plugin testing support, Always return websocket errors as dict, Wait for file on weboscket fileGet command if its already in bad_files queue, PushState and ReplaceState url manipulation support in wrapper API, Per auth-address localstorage, Longer timeout for udp tracker query
2015-12-10 21:36:20 +01:00
|
|
|
texts.append(text)
|
2017-07-16 22:38:47 +02:00
|
|
|
except Exception as err:
|
Version 0.3.4, Rev656, CryptMessage plugin for AES and ECIES encryption, Added pyelliptic lib for OpenSSSL based encryption methods, Test CryptMessage plugin, Force reload content.json before signing and after write, Escaped Sql IN queries support, Test Sql parameter escaping, ui_websocket Test fixture, Plugin testing support, Always return websocket errors as dict, Wait for file on weboscket fileGet command if its already in bad_files queue, PushState and ReplaceState url manipulation support in wrapper API, Per auth-address localstorage, Longer timeout for udp tracker query
2015-12-10 21:36:20 +01:00
|
|
|
texts.append(None)
|
|
|
|
|
|
|
|
if type(param) == list:
|
|
|
|
self.response(to, texts)
|
|
|
|
else:
|
|
|
|
self.response(to, texts[0])
|
|
|
|
|
|
|
|
# Encrypt a text using AES
|
|
|
|
# Return: Iv, AES key, Encrypted text
|
|
|
|
def actionAesEncrypt(self, to, text, key=None, iv=None):
|
2019-03-16 02:23:00 +01:00
|
|
|
import pyelliptic
|
Version 0.3.4, Rev656, CryptMessage plugin for AES and ECIES encryption, Added pyelliptic lib for OpenSSSL based encryption methods, Test CryptMessage plugin, Force reload content.json before signing and after write, Escaped Sql IN queries support, Test Sql parameter escaping, ui_websocket Test fixture, Plugin testing support, Always return websocket errors as dict, Wait for file on weboscket fileGet command if its already in bad_files queue, PushState and ReplaceState url manipulation support in wrapper API, Per auth-address localstorage, Longer timeout for udp tracker query
2015-12-10 21:36:20 +01:00
|
|
|
|
|
|
|
if key:
|
2019-03-16 02:23:00 +01:00
|
|
|
key = base64.b64decode(key)
|
Version 0.3.4, Rev656, CryptMessage plugin for AES and ECIES encryption, Added pyelliptic lib for OpenSSSL based encryption methods, Test CryptMessage plugin, Force reload content.json before signing and after write, Escaped Sql IN queries support, Test Sql parameter escaping, ui_websocket Test fixture, Plugin testing support, Always return websocket errors as dict, Wait for file on weboscket fileGet command if its already in bad_files queue, PushState and ReplaceState url manipulation support in wrapper API, Per auth-address localstorage, Longer timeout for udp tracker query
2015-12-10 21:36:20 +01:00
|
|
|
else:
|
|
|
|
key = os.urandom(32)
|
|
|
|
|
|
|
|
if iv: # Generate new AES key if not definied
|
2019-03-16 02:23:00 +01:00
|
|
|
iv = base64.b64decode(iv)
|
Version 0.3.4, Rev656, CryptMessage plugin for AES and ECIES encryption, Added pyelliptic lib for OpenSSSL based encryption methods, Test CryptMessage plugin, Force reload content.json before signing and after write, Escaped Sql IN queries support, Test Sql parameter escaping, ui_websocket Test fixture, Plugin testing support, Always return websocket errors as dict, Wait for file on weboscket fileGet command if its already in bad_files queue, PushState and ReplaceState url manipulation support in wrapper API, Per auth-address localstorage, Longer timeout for udp tracker query
2015-12-10 21:36:20 +01:00
|
|
|
else:
|
|
|
|
iv = pyelliptic.Cipher.gen_IV('aes-256-cbc')
|
|
|
|
|
|
|
|
if text:
|
|
|
|
encrypted = pyelliptic.Cipher(key, iv, 1, ciphername='aes-256-cbc').ciphering(text.encode("utf8"))
|
|
|
|
else:
|
|
|
|
encrypted = ""
|
|
|
|
|
2019-03-16 02:23:00 +01:00
|
|
|
res = [base64.b64encode(item).decode("utf8") for item in [key, iv, encrypted]]
|
|
|
|
self.response(to, res)
|
Version 0.3.4, Rev656, CryptMessage plugin for AES and ECIES encryption, Added pyelliptic lib for OpenSSSL based encryption methods, Test CryptMessage plugin, Force reload content.json before signing and after write, Escaped Sql IN queries support, Test Sql parameter escaping, ui_websocket Test fixture, Plugin testing support, Always return websocket errors as dict, Wait for file on weboscket fileGet command if its already in bad_files queue, PushState and ReplaceState url manipulation support in wrapper API, Per auth-address localstorage, Longer timeout for udp tracker query
2015-12-10 21:36:20 +01:00
|
|
|
|
|
|
|
# Decrypt a text using AES
|
|
|
|
# Return: Decrypted text
|
|
|
|
def actionAesDecrypt(self, to, *args):
|
2019-03-16 02:23:00 +01:00
|
|
|
import pyelliptic
|
Version 0.3.4, Rev656, CryptMessage plugin for AES and ECIES encryption, Added pyelliptic lib for OpenSSSL based encryption methods, Test CryptMessage plugin, Force reload content.json before signing and after write, Escaped Sql IN queries support, Test Sql parameter escaping, ui_websocket Test fixture, Plugin testing support, Always return websocket errors as dict, Wait for file on weboscket fileGet command if its already in bad_files queue, PushState and ReplaceState url manipulation support in wrapper API, Per auth-address localstorage, Longer timeout for udp tracker query
2015-12-10 21:36:20 +01:00
|
|
|
|
|
|
|
if len(args) == 3: # Single decrypt
|
|
|
|
encrypted_texts = [(args[0], args[1])]
|
|
|
|
keys = [args[2]]
|
|
|
|
else: # Batch decrypt
|
|
|
|
encrypted_texts, keys = args
|
|
|
|
|
|
|
|
texts = [] # Decoded texts
|
|
|
|
for iv, encrypted_text in encrypted_texts:
|
2019-03-16 02:23:00 +01:00
|
|
|
encrypted_text = base64.b64decode(encrypted_text)
|
|
|
|
iv = base64.b64decode(iv)
|
Version 0.3.4, Rev656, CryptMessage plugin for AES and ECIES encryption, Added pyelliptic lib for OpenSSSL based encryption methods, Test CryptMessage plugin, Force reload content.json before signing and after write, Escaped Sql IN queries support, Test Sql parameter escaping, ui_websocket Test fixture, Plugin testing support, Always return websocket errors as dict, Wait for file on weboscket fileGet command if its already in bad_files queue, PushState and ReplaceState url manipulation support in wrapper API, Per auth-address localstorage, Longer timeout for udp tracker query
2015-12-10 21:36:20 +01:00
|
|
|
text = None
|
|
|
|
for key in keys:
|
2019-03-16 02:23:00 +01:00
|
|
|
ctx = pyelliptic.Cipher(base64.b64decode(key), iv, 0, ciphername='aes-256-cbc')
|
Version 0.3.4, Rev656, CryptMessage plugin for AES and ECIES encryption, Added pyelliptic lib for OpenSSSL based encryption methods, Test CryptMessage plugin, Force reload content.json before signing and after write, Escaped Sql IN queries support, Test Sql parameter escaping, ui_websocket Test fixture, Plugin testing support, Always return websocket errors as dict, Wait for file on weboscket fileGet command if its already in bad_files queue, PushState and ReplaceState url manipulation support in wrapper API, Per auth-address localstorage, Longer timeout for udp tracker query
2015-12-10 21:36:20 +01:00
|
|
|
try:
|
|
|
|
decrypted = ctx.ciphering(encrypted_text)
|
|
|
|
if decrypted and decrypted.decode("utf8"): # Valid text decoded
|
2019-03-16 02:23:00 +01:00
|
|
|
text = decrypted.decode("utf8")
|
|
|
|
except Exception as err:
|
Version 0.3.4, Rev656, CryptMessage plugin for AES and ECIES encryption, Added pyelliptic lib for OpenSSSL based encryption methods, Test CryptMessage plugin, Force reload content.json before signing and after write, Escaped Sql IN queries support, Test Sql parameter escaping, ui_websocket Test fixture, Plugin testing support, Always return websocket errors as dict, Wait for file on weboscket fileGet command if its already in bad_files queue, PushState and ReplaceState url manipulation support in wrapper API, Per auth-address localstorage, Longer timeout for udp tracker query
2015-12-10 21:36:20 +01:00
|
|
|
pass
|
|
|
|
texts.append(text)
|
|
|
|
|
|
|
|
if len(args) == 3:
|
|
|
|
self.response(to, texts[0])
|
|
|
|
else:
|
|
|
|
self.response(to, texts)
|
|
|
|
|
|
|
|
|
|
|
|
@PluginManager.registerTo("User")
|
|
|
|
class UserPlugin(object):
|
|
|
|
def getEncryptPrivatekey(self, address, param_index=0):
|
|
|
|
assert param_index >= 0 and param_index <= 1000
|
|
|
|
site_data = self.getSiteData(address)
|
|
|
|
|
|
|
|
if site_data.get("cert"): # Different privatekey for different cert provider
|
|
|
|
index = param_index + self.getAddressAuthIndex(site_data["cert"])
|
|
|
|
else:
|
|
|
|
index = param_index
|
|
|
|
|
|
|
|
if "encrypt_privatekey_%s" % index not in site_data:
|
|
|
|
address_index = self.getAddressAuthIndex(address)
|
|
|
|
crypt_index = address_index + 1000 + index
|
|
|
|
site_data["encrypt_privatekey_%s" % index] = CryptBitcoin.hdPrivatekey(self.master_seed, crypt_index)
|
|
|
|
self.log.debug("New encrypt privatekey generated for %s:%s" % (address, index))
|
|
|
|
return site_data["encrypt_privatekey_%s" % index]
|
|
|
|
|
|
|
|
def getEncryptPublickey(self, address, param_index=0):
|
|
|
|
assert param_index >= 0 and param_index <= 1000
|
|
|
|
site_data = self.getSiteData(address)
|
|
|
|
|
|
|
|
if site_data.get("cert"): # Different privatekey for different cert provider
|
|
|
|
index = param_index + self.getAddressAuthIndex(site_data["cert"])
|
|
|
|
else:
|
|
|
|
index = param_index
|
|
|
|
|
|
|
|
if "encrypt_publickey_%s" % index not in site_data:
|
|
|
|
privatekey = self.getEncryptPrivatekey(address, param_index)
|
|
|
|
publickey = btctools.encode_pubkey(btctools.privtopub(privatekey), "bin_compressed")
|
2019-03-16 02:23:00 +01:00
|
|
|
site_data["encrypt_publickey_%s" % index] = base64.b64encode(publickey).decode("utf8")
|
Version 0.3.4, Rev656, CryptMessage plugin for AES and ECIES encryption, Added pyelliptic lib for OpenSSSL based encryption methods, Test CryptMessage plugin, Force reload content.json before signing and after write, Escaped Sql IN queries support, Test Sql parameter escaping, ui_websocket Test fixture, Plugin testing support, Always return websocket errors as dict, Wait for file on weboscket fileGet command if its already in bad_files queue, PushState and ReplaceState url manipulation support in wrapper API, Per auth-address localstorage, Longer timeout for udp tracker query
2015-12-10 21:36:20 +01:00
|
|
|
return site_data["encrypt_publickey_%s" % index]
|