Version 4 pubkeys are encrypted. This function is run when we already have the address to which we want to try to send a message. The 'data' may come either off of the wire or we might have had it already in our inventory when we tried to send a msg to this particular address.
(data, address)
| 262 | # Packet decoding |
| 263 | |
| 264 | def decryptAndCheckPubkeyPayload(data, address): |
| 265 | """ |
| 266 | Version 4 pubkeys are encrypted. This function is run when we already have the |
| 267 | address to which we want to try to send a message. The 'data' may come either |
| 268 | off of the wire or we might have had it already in our inventory when we tried |
| 269 | to send a msg to this particular address. |
| 270 | """ |
| 271 | try: |
| 272 | status, addressVersion, streamNumber, ripe = decodeAddress(address) |
| 273 | |
| 274 | readPosition = 20 # bypass the nonce, time, and object type |
| 275 | embeddedAddressVersion, varintLength = decodeVarint(data[readPosition:readPosition + 10]) |
| 276 | readPosition += varintLength |
| 277 | embeddedStreamNumber, varintLength = decodeVarint(data[readPosition:readPosition + 10]) |
| 278 | readPosition += varintLength |
| 279 | storedData = data[20:readPosition] # We'll store the address version and stream number (and some more) in the pubkeys table. |
| 280 | |
| 281 | if addressVersion != embeddedAddressVersion: |
| 282 | logger.info('Pubkey decryption was UNsuccessful due to address version mismatch.') |
| 283 | return 'failed' |
| 284 | if streamNumber != embeddedStreamNumber: |
| 285 | logger.info('Pubkey decryption was UNsuccessful due to stream number mismatch.') |
| 286 | return 'failed' |
| 287 | |
| 288 | tag = data[readPosition:readPosition + 32] |
| 289 | readPosition += 32 |
| 290 | signedData = data[8:readPosition] # the time through the tag. More data is appended onto signedData below after the decryption. |
| 291 | encryptedData = data[readPosition:] |
| 292 | |
| 293 | # Let us try to decrypt the pubkey |
| 294 | toAddress, cryptorObject = state.neededPubkeys[tag] |
| 295 | if toAddress != address: |
| 296 | logger.critical('decryptAndCheckPubkeyPayload failed due to toAddress mismatch. This is very peculiar. toAddress: %s, address %s', toAddress, address) |
| 297 | # the only way I can think that this could happen is if someone encodes their address data two different ways. |
| 298 | # That sort of address-malleability should have been caught by the UI or API and an error given to the user. |
| 299 | return 'failed' |
| 300 | try: |
| 301 | decryptedData = cryptorObject.decrypt(encryptedData) |
| 302 | except: |
| 303 | # Someone must have encrypted some data with a different key |
| 304 | # but tagged it with a tag for which we are watching. |
| 305 | logger.info('Pubkey decryption was unsuccessful.') |
| 306 | return 'failed' |
| 307 | |
| 308 | readPosition = 0 |
| 309 | bitfieldBehaviors = decryptedData[readPosition:readPosition + 4] |
| 310 | readPosition += 4 |
| 311 | publicSigningKey = '\x04' + decryptedData[readPosition:readPosition + 64] |
| 312 | readPosition += 64 |
| 313 | publicEncryptionKey = '\x04' + decryptedData[readPosition:readPosition + 64] |
| 314 | readPosition += 64 |
| 315 | specifiedNonceTrialsPerByte, specifiedNonceTrialsPerByteLength = decodeVarint( |
| 316 | decryptedData[readPosition:readPosition + 10]) |
| 317 | readPosition += specifiedNonceTrialsPerByteLength |
| 318 | specifiedPayloadLengthExtraBytes, specifiedPayloadLengthExtraBytesLength = decodeVarint( |
| 319 | decryptedData[readPosition:readPosition + 10]) |
| 320 | readPosition += specifiedPayloadLengthExtraBytesLength |
| 321 | storedData += decryptedData[:readPosition] |
nothing calls this directly
no test coverage detected