Version 4 pubkeys are encrypted. This function is run when we already have the address to which we want to try to send a message. The 'data' may come either off of the wire or we might have had it already in our inventory when we tried to send a msg to this particular address.
(data, address)
| 226 | |
| 227 | |
| 228 | def decryptAndCheckPubkeyPayload(data, address): |
| 229 | """ |
| 230 | Version 4 pubkeys are encrypted. This function is run when we already have the |
| 231 | address to which we want to try to send a message. The 'data' may come either |
| 232 | off of the wire or we might have had it already in our inventory when we tried |
| 233 | to send a msg to this particular address. |
| 234 | """ |
| 235 | try: |
| 236 | status, addressVersion, streamNumber, ripe = decodeAddress(address) |
| 237 | |
| 238 | readPosition = 20 # bypass the nonce, time, and object type |
| 239 | embeddedAddressVersion, varintLength = decodeVarint(data[readPosition:readPosition + 10]) |
| 240 | readPosition += varintLength |
| 241 | embeddedStreamNumber, varintLength = decodeVarint(data[readPosition:readPosition + 10]) |
| 242 | readPosition += varintLength |
| 243 | storedData = data[20:readPosition] # We'll store the address version and stream number (and some more) in the pubkeys table. |
| 244 | |
| 245 | if addressVersion != embeddedAddressVersion: |
| 246 | logger.info('Pubkey decryption was UNsuccessful due to address version mismatch.') |
| 247 | return 'failed' |
| 248 | if streamNumber != embeddedStreamNumber: |
| 249 | logger.info('Pubkey decryption was UNsuccessful due to stream number mismatch.') |
| 250 | return 'failed' |
| 251 | |
| 252 | tag = data[readPosition:readPosition + 32] |
| 253 | readPosition += 32 |
| 254 | signedData = data[8:readPosition] # the time through the tag. More data is appended onto signedData below after the decryption. |
| 255 | encryptedData = data[readPosition:] |
| 256 | |
| 257 | # Let us try to decrypt the pubkey |
| 258 | toAddress, cryptorObject = state.neededPubkeys[tag] |
| 259 | if toAddress != address: |
| 260 | logger.critical('decryptAndCheckPubkeyPayload failed due to toAddress mismatch. This is very peculiar. toAddress: %s, address %s' % (toAddress, address)) |
| 261 | # the only way I can think that this could happen is if someone encodes their address data two different ways. |
| 262 | # That sort of address-malleability should have been caught by the UI or API and an error given to the user. |
| 263 | return 'failed' |
| 264 | try: |
| 265 | decryptedData = cryptorObject.decrypt(encryptedData) |
| 266 | except: |
| 267 | # Someone must have encrypted some data with a different key |
| 268 | # but tagged it with a tag for which we are watching. |
| 269 | logger.info('Pubkey decryption was unsuccessful.') |
| 270 | return 'failed' |
| 271 | |
| 272 | readPosition = 0 |
| 273 | bitfieldBehaviors = decryptedData[readPosition:readPosition + 4] |
| 274 | readPosition += 4 |
| 275 | publicSigningKey = '\x04' + decryptedData[readPosition:readPosition + 64] |
| 276 | readPosition += 64 |
| 277 | publicEncryptionKey = '\x04' + decryptedData[readPosition:readPosition + 64] |
| 278 | readPosition += 64 |
| 279 | specifiedNonceTrialsPerByte, specifiedNonceTrialsPerByteLength = decodeVarint( |
| 280 | decryptedData[readPosition:readPosition + 10]) |
| 281 | readPosition += specifiedNonceTrialsPerByteLength |
| 282 | specifiedPayloadLengthExtraBytes, specifiedPayloadLengthExtraBytesLength = decodeVarint( |
| 283 | decryptedData[readPosition:readPosition + 10]) |
| 284 | readPosition += specifiedPayloadLengthExtraBytesLength |
| 285 | storedData += decryptedData[:readPosition] |
nothing calls this directly
no test coverage detected