search

fritzy / SleekXMPP

Python 2.6+/3.1+ XMPP Library
http://groups.google.com/group/sleekxmpp-discussion
Other
1.1k stars 299 forks source link

Unable to send encrypted message via XEP-0027 #235

Closed SecurityForUs closed 11 years ago

SecurityForUs commented 11 years ago

Unless I'm doing something wrong here, I can receive and handle incoming encrypted messages just fine. However, I cannot seem to send them back out.

            if resp != None:
                if self.xep27 and encrypted == True:
                    print "> sending encrypted message"
                    to = msg['from']
                    from_ = msg['to']
                                        # Below also doesn't work if I do self.xmpp['xep_0027'].encrypt(resp, to)
                    msg['encrypted'] = resp
                    msg['to'] = to
                    msg['from'] = from_
                    msg.send(resp)
                else:
                    self.xmpp.send_message(mto=msg['from'].bare, mbody=resp, mtype=msg['type'])

Here's the output I get:

> sending encrypted message
DEBUG    at 2013-05-22 10:28:13,031 : SEND (IMMED): <message to="admin@localhost/Psi+" type="chat" id="ab51a" from="server_free@localhost/192.168.0.6">
<body>[ERROR: This message is encrypted, and you are unable to decrypt it.]</body>
<active xmlns="http://jabber.org/protocol/chatstates" />
<request xmlns="urn:xmpp:receipts" />
</message>
DEBUG    at 2013-05-22 10:28:13,061 : RECV: <message to="server_free@localhost/192.168.0.6" from="admin@localhost/Psi+" id="ab51a">
<received xmlns="urn:xmpp:receipts" />
</message>

Basically the encrypted stanza isn't being set.

legastero commented 11 years ago

Huh, I know this used to work. I'll dig in and see where I broke it :/

SecurityForUs commented 11 years ago

Thanks, appreciated. :) It's not a deal breaker for me but the end-to-end encryption is a big selling point for what I'm making.

If I can help let me know, I'm just not really familiar with the backend of Sleek.

legastero commented 11 years ago

Ok, fixed. It was looking for encryption keys based on bare JID, when they were stored by full JID

SecurityForUs commented 11 years ago

Can you provide an example of how you send an encrypted message?

Even after making the change, it doesn't seem to want to even run through the encryption process.

Decryption output:

DEBUG    at 2013-05-22 11:03:20,124 : gpg --status-fd 2 --no-tty --use-agent --decrypt
DEBUG    at 2013-05-22 11:03:20,129 : data copier: <Thread(Thread-11, initial daemon)>, <_io.BytesIO object at 0x2a260b0>, <open file '<fdopen>', mode 'wb' at 0x2a55f60>
DEBUG    at 2013-05-22 11:03:20,129 : sending chunk (529): '-----BEGIN PGP MESSAGE-----\n\nhQEMA+XPd8O1WTumAQf+KHySkbUWD2+TkxsxH3Z6Bzf7cH3EakE1dMy3OnutwU8e\nPikGDFi+HLEP9rKDt3ioazoF16fg8JmAz/ai2NnIcPkerNymboKDXTfhJQDxtQzb\nnoHKHe0jrT64VyQixC4e9h/Dw3FMy4K1nDqTre+q/mIP6AdvVnJI43nv0jI3xncS\nzQ2JktCaMXYlCUDgST0zvSeYHoYOa1Ni'
DEBUG    at 2013-05-22 11:03:20,130 : closed output, 529 bytes sent
DEBUG    at 2013-05-22 11:03:20,129 : stderr reader: <Thread(Thread-12, initial daemon)>
DEBUG    at 2013-05-22 11:03:20,130 : stdout reader: <Thread(Thread-13, initial daemon)>
DEBUG    at 2013-05-22 11:03:20,160 : [GNUPG:] ENC_TO E5CF77C3B5593BA6 1 0
DEBUG    at 2013-05-22 11:03:20,160 : [GNUPG:] GOOD_PASSPHRASE
DEBUG    at 2013-05-22 11:03:20,160 : chunk: 'uptime fancy'
DEBUG    at 2013-05-22 11:03:20,161 : gpg: encrypted with 2048-bit RSA key, ID B5593BA6, created 2013-05-22
DEBUG    at 2013-05-22 11:03:20,162 :       "Server Free <server_free@localhost>"
DEBUG    at 2013-05-22 11:03:20,162 : [GNUPG:] BEGIN_DECRYPTION
DEBUG    at 2013-05-22 11:03:20,162 : [GNUPG:] DECRYPTION_INFO 2 9
DEBUG    at 2013-05-22 11:03:20,163 : [GNUPG:] PLAINTEXT 62 1369235000
DEBUG    at 2013-05-22 11:03:20,163 : [GNUPG:] PLAINTEXT_LENGTH 12
DEBUG    at 2013-05-22 11:03:20,163 : [GNUPG:] DECRYPTION_OKAY
DEBUG    at 2013-05-22 11:03:20,164 : [GNUPG:] GOODMDC
DEBUG    at 2013-05-22 11:03:20,164 : [GNUPG:] END_DECRYPTION
DEBUG    at 2013-05-22 11:03:20,164 : decrypt result: 'uptime fancy'
DEBUG    at 2013-05-22 11:03:20,165 : gpg --status-fd 2 --no-tty --use-agent --decrypt
DEBUG    at 2013-05-22 11:03:20,170 : data copier: <Thread(Thread-14, initial daemon)>, <_io.BytesIO object at 0x2a260b0>, <open file '<fdopen>', mode 'wb' at 0x2a55f60>
DEBUG    at 2013-05-22 11:03:20,170 : sending chunk (529): '-----BEGIN PGP MESSAGE-----\n\nhQEMA+XPd8O1WTumAQf+KHySkbUWD2+TkxsxH3Z6Bzf7cH3EakE1dMy3OnutwU8e\nPikGDFi+HLEP9rKDt3ioazoF16fg8JmAz/ai2NnIcPkerNymboKDXTfhJQDxtQzb\nnoHKHe0jrT64VyQixC4e9h/Dw3FMy4K1nDqTre+q/mIP6AdvVnJI43nv0jI3xncS\nzQ2JktCaMXYlCUDgST0zvSeYHoYOa1Ni'
DEBUG    at 2013-05-22 11:03:20,171 : stderr reader: <Thread(Thread-15, initial daemon)>
DEBUG    at 2013-05-22 11:03:20,171 : stdout reader: <Thread(Thread-16, initial daemon)>
DEBUG    at 2013-05-22 11:03:20,171 : closed output, 529 bytes sent
DEBUG    at 2013-05-22 11:03:20,201 : [GNUPG:] ENC_TO E5CF77C3B5593BA6 1 0
DEBUG    at 2013-05-22 11:03:20,202 : [GNUPG:] GOOD_PASSPHRASE
DEBUG    at 2013-05-22 11:03:20,202 : chunk: 'uptime fancy'
DEBUG    at 2013-05-22 11:03:20,202 : gpg: encrypted with 2048-bit RSA key, ID B5593BA6, created 2013-05-22
DEBUG    at 2013-05-22 11:03:20,203 :       "Server Free <server_free@localhost>"
DEBUG    at 2013-05-22 11:03:20,203 : [GNUPG:] BEGIN_DECRYPTION
DEBUG    at 2013-05-22 11:03:20,204 : [GNUPG:] DECRYPTION_INFO 2 9
DEBUG    at 2013-05-22 11:03:20,204 : [GNUPG:] PLAINTEXT 62 1369235000
DEBUG    at 2013-05-22 11:03:20,204 : [GNUPG:] PLAINTEXT_LENGTH 12
DEBUG    at 2013-05-22 11:03:20,205 : [GNUPG:] DECRYPTION_OKAY
DEBUG    at 2013-05-22 11:03:20,205 : [GNUPG:] GOODMDC
DEBUG    at 2013-05-22 11:03:20,205 : [GNUPG:] END_DECRYPTION
DEBUG    at 2013-05-22 11:03:20,206 : decrypt result: 'uptime fancy'

Encryption output:

> sending encrypted message
DEBUG    at 2013-05-22 11:03:20,210 : SEND (IMMED): <message to="admin@localhost/Psi+" type="chat" id="ab54a" from="server_free@localhost/192.168.0.6">
<body>[ERROR: This message is encrypted, and you are unable to decrypt it.]</body>
<active xmlns="http://jabber.org/protocol/chatstates" />
<request xmlns="urn:xmpp:receipts" />
</message>
DEBUG    at 2013-05-22 11:03:20,238 : RECV: <message to="server_free@localhost/192.168.0.6" from="admin@localhost/Psi+" id="ab54a">
<received xmlns="urn:xmpp:receipts" />
</message>

I'm using the same code as mentioned in my first comment.

legastero commented 11 years ago

Oh, you need to set msg['to'] before setting msg['encrypted'], since setting the 'encrypted' interfaces accepts plaintext and encrypts it based on the key for the current 'to' recipient.

SecurityForUs commented 11 years ago

Awesome! Man that works out pretty well lol.

Instead of opening a new issue (which I will if need/want be), is it possible to transfer files between a SleekXMPP client and someone using Pidgin or Psi+? I read some threads on the Google Groups that said its not possible, and I haven't been able to get the examples to work, so I'm just curious.

legastero commented 11 years ago

It is possible now in the development branch, though it uses the old SI protocol and not Jingle. Go ahead and make an issue for it; I at least need to make an example for how to do it.

SecurityForUs commented 11 years ago

That's what I was using last night and couldn't get it to work. I'll open one right now as it's a big deal for me.