Beispiel #1
0
def load_private_key( key_name, password, check_volume=True ):
   key_path = make_key_local_path( key_name )
   local = True
   if not storage.path_exists( key_path, volume=None ) and check_volume:
      # load it from the Volume
      key_path = make_key_volume_path( key_name )
      local = False
      
   return load_private_key_from_path( key_path, password, local )
Beispiel #2
0
def update_contact( pubkey_str, privkey_str, email_addr, extras ):
   contact_path = make_contact_path( pubkey_str, email_addr )
   if not storage.path_exists( contact_path ):
      log.error("No such contact '%s'" % email_addr)
      return False
   
   try:
      contact = read_contact( pubkey_str, privkey_str, email_addr )
   except Exception, e:
      log.error("Failed to read contact '%s'" % email_addr)
      log.exception(e)
      return False
Beispiel #3
0
def cleanup_syntool( key_paths, tmpdir ):
   
   for key_path in key_paths:
      if storage.path_exists( key_path, volume=None ):
         rc = storage.erase_file( key_path, volume=None )
         if not rc:
            log.critical( "!!! FAILED TO ERASE KEY! Securely erase %s !!!" % key_path )

   try:
      shutil.rmtree( tmpdir )
   except Exception, e:
      log.exception(e)
      log.error("Failed to remove %s" % t)
Beispiel #4
0
def read_message( receiver_vol_inst, pubkey_str, privkey_str, gateway_privkey_pem, folder, msg_timestamp, msg_id, sender_vol_inst=None, storage_root="/tmp/syndicate-unused" ):
   # is this an incoming message?
   mpath = incoming_message_path( msg_timestamp, msg_id )
   
   if storage.path_exists( mpath, volume=receiver_vol_inst ):
      # get the incoming message record
      incoming_message = read_incoming_message( privkey_str, msg_timestamp, msg_id, volume=receiver_vol_inst )
      
      if incoming_message is None:
         log.error("Failed to read incoming message %s" % message_handle( msg_timestamp, msg_id ) )
         return None
      
      # open the volume, if need be 
      if sender_vol_inst is None:
         sender_vol_inst = sender_volume_from_incoming_message( incoming_message, gateway_privkey_pem, storage_root )
         if sender_vol_inst is None:
            log.error("Failed to open Volume")
            return None
      
      # get the sender's public key
      sender_contact = contact.read_contact( pubkey_str, privkey_str, incoming_message.sender_addr )
         
      if sender_contact is None:
         log.error("No contact record for %s; cannot verify message authenticity" % incoming_message.sender_addr )
         return None
      
      # get the corresponding message from the remote Volume
      msg = read_message_from_volume( sender_vol_inst, sender_contact.pubkey_pem, pubkey_str, privkey_str, incoming_message )
      if msg is not None:
         # verify that it matches the incoming message
         if incoming_message.message_signature != msg.signature:
            log.error("Message signature mismatch")
            return None
         
         return msg
         
      else:
         log.error("Failed to read message from %s" % sender_contact.addr)
         return None
      
   else:
      # it's a stored message
      return read_stored_message( privkey_str, folder, msg_timestamp, msg_id, volume=receiver_vol_inst )
Beispiel #5
0
def read_stored_message( privkey_str, folder, msg_timestamp, msg_id, volume=None, receiver_pubkey_pem=None ):
   if receiver_pubkey_pem is None:
      pkey = CryptoKey.importKey( privkey_str )
      receiver_pubkey_pem = pkey.publickey().exportKey()

   mpath = stored_message_path( receiver_pubkey_pem, folder, msg_timestamp, msg_id )
   
   if not storage.path_exists( mpath, volume=volume ):
      log.error("No message at %s" % mpath )
      return None
   
   msg_json = storage.read_encrypted_file( privkey_str, mpath, volume=volume )
   if msg_json is None:
      log.error("Failed to read message")
      return None
   
   try:
      msg = storage.json_to_tuple( SyndicateMessage, msg_json )
   except Exception, e:
      log.error("Failed to parse message")
      log.exception(e)
      return None
Beispiel #6
0
def contact_exists( pubkey_str, email_addr ):
   contact_path = make_contact_path( pubkey_str, email_addr )
   return storage.path_exists( contact_path )
Beispiel #7
0
    
    # give the gateway write permission 
    try:
       setcaps_result = syntool.client_call( syntool_conf, "set_gateway_caps", gateway_name, "READWRITE" )
       assert setcaps_result
    except Exception, e:
       log.exception(e)
       log.error("Failed to set up Volume access")
       cleanup_syntool( [expected_gateway_pkey_path, expected_gateway_signingkey_path], tmpdir )
       return False
 
 cleanup_files = [expected_gateway_pkey_path, expected_gateway_signingkey_path]
 
 if gateway_pkey_pem is None:
    # get the private key 
    if not storage.path_exists( expected_gateway_pkey_path, volume=None ):
       log.error("Failed to create gateway %s (no key in %s), ret = %s" % (gateway_name, expected_gateway_pkey_path, gateway_info)  )
       cleanup_syntool( cleanup_files, tmpdir )
       return False
    
    gateway_pkey_pem = storage.read_file( expected_gateway_pkey_path, volume=None )
    if gateway_pkey_pem is None:
       log.error("Failed to load private key from %s" % expected_gateway_pkey_path )
       cleanup_syntool( cleanup_files, tmpdir )
       return None
    
    # store the key 
    rc = write_gateway_privkey( mail_password, gateway_name, gateway_pkey_pem )
    if not rc:
       log.error("Failed to store gateway private key")
       cleanup_syntool( cleanup_files, tmpdir )