MCPcopy Index your code
hub / github.com/Bitmessage/PyBitmessage / decryptAndCheckPubkeyPayload

Function decryptAndCheckPubkeyPayload

src/shared.py:228–332  ·  view source on GitHub ↗

Version 4 pubkeys are encrypted. This function is run when we already have the address to which we want to try to send a message. The 'data' may come either off of the wire or we might have had it already in our inventory when we tried to send a msg to this particular address.

(data, address)

Source from the content-addressed store, hash-verified

226
227
228def decryptAndCheckPubkeyPayload(data, address):
229 """
230 Version 4 pubkeys are encrypted. This function is run when we already have the
231 address to which we want to try to send a message. The 'data' may come either
232 off of the wire or we might have had it already in our inventory when we tried
233 to send a msg to this particular address.
234 """
235 try:
236 status, addressVersion, streamNumber, ripe = decodeAddress(address)
237
238 readPosition = 20 # bypass the nonce, time, and object type
239 embeddedAddressVersion, varintLength = decodeVarint(data[readPosition:readPosition + 10])
240 readPosition += varintLength
241 embeddedStreamNumber, varintLength = decodeVarint(data[readPosition:readPosition + 10])
242 readPosition += varintLength
243 storedData = data[20:readPosition] # We'll store the address version and stream number (and some more) in the pubkeys table.
244
245 if addressVersion != embeddedAddressVersion:
246 logger.info('Pubkey decryption was UNsuccessful due to address version mismatch.')
247 return 'failed'
248 if streamNumber != embeddedStreamNumber:
249 logger.info('Pubkey decryption was UNsuccessful due to stream number mismatch.')
250 return 'failed'
251
252 tag = data[readPosition:readPosition + 32]
253 readPosition += 32
254 signedData = data[8:readPosition] # the time through the tag. More data is appended onto signedData below after the decryption.
255 encryptedData = data[readPosition:]
256
257 # Let us try to decrypt the pubkey
258 toAddress, cryptorObject = state.neededPubkeys[tag]
259 if toAddress != address:
260 logger.critical('decryptAndCheckPubkeyPayload failed due to toAddress mismatch. This is very peculiar. toAddress: %s, address %s' % (toAddress, address))
261 # the only way I can think that this could happen is if someone encodes their address data two different ways.
262 # That sort of address-malleability should have been caught by the UI or API and an error given to the user.
263 return 'failed'
264 try:
265 decryptedData = cryptorObject.decrypt(encryptedData)
266 except:
267 # Someone must have encrypted some data with a different key
268 # but tagged it with a tag for which we are watching.
269 logger.info('Pubkey decryption was unsuccessful.')
270 return 'failed'
271
272 readPosition = 0
273 bitfieldBehaviors = decryptedData[readPosition:readPosition + 4]
274 readPosition += 4
275 publicSigningKey = '\x04' + decryptedData[readPosition:readPosition + 64]
276 readPosition += 64
277 publicEncryptionKey = '\x04' + decryptedData[readPosition:readPosition + 64]
278 readPosition += 64
279 specifiedNonceTrialsPerByte, specifiedNonceTrialsPerByteLength = decodeVarint(
280 decryptedData[readPosition:readPosition + 10])
281 readPosition += specifiedNonceTrialsPerByteLength
282 specifiedPayloadLengthExtraBytes, specifiedPayloadLengthExtraBytesLength = decodeVarint(
283 decryptedData[readPosition:readPosition + 10])
284 readPosition += specifiedPayloadLengthExtraBytesLength
285 storedData += decryptedData[:readPosition]

Callers

nothing calls this directly

Calls 6

decodeAddressFunction · 0.85
decodeVarintFunction · 0.85
sqlExecuteFunction · 0.85
decryptMethod · 0.80
verifyMethod · 0.80
updateMethod · 0.45

Tested by

no test coverage detected