def mkdir_handler(arg):
if arg.path:
# TODO do recursive get on the path /a/b/c/
# TODO assert somehow that the path exists on the server
return
else:
if arg.root:
# create root dir
(root_private, root_public, cap) = crypto.generate_RSA()
root_cap = [DIR_WRITE_CAP, cap[0], cap[1]]
data = {".": ":".join(root_cap)}
print "ROOT CAP: ", root_cap
with open("private/root_dir.cap", 'w') as f:
c = arg.name + "|" + capToString(root_cap) + "\n"
f.write(c)
else:
# assume the root exists
with open("private/root_dir.cap", 'r') as f:
line = f.read()
if line and line != "\n":
line = line[line.find("|")+1:].strip("\n")
root_cap = line.split(":")
root_cap[2] = root_cap[2]
cipher = get_data(line)
(data, root_private, root_public)= crypto.unpackage_data(root_cap, cipher)
data = json.loads(data)
(private, public, cap) = crypto.generate_RSA()
cap = [DIR_WRITE_CAP, cap[0], cap[1]]
data[arg.name] = ":".join(cap)
# post new dir 1st
new_data = {".": ":".join(cap)}
new_data = json.dumps(new_data)
new_data = crypto.package_data(new_data, cap, private, public)
print_capabilities(cap)
post_data(new_data, capToString(cap))
else:
return
# post root dir data
data = json.dumps(data)
data = crypto.package_data(data, root_cap, root_private, root_public)
print_capabilities(root_cap)
post_data(data, capToString(root_cap))
def put_handler(arg):
if arg.writecap:
# putting with a cap requires
# 1) Getting the encrypted private key
# 2) Decrypting it, and using it to sign the updated data
# 3) Signing the encryption of the updated data with the private key
cap = arg.writecap.split(":")
cipher = get_data(arg.writecap)
(data, private, public) = crypto.unpackage_data(cap, cipher)
else:
with open("private/root_dir.cap", 'r') as f:
line = f.read()
if line and line != "\n":
line = line[line.find("|")+1:].strip("\n")
root_cap = line.split(":")
cipher = get_data(line)
(data, root_private, root_public)= crypto.unpackage_data(root_cap, cipher)
data = json.loads(data)
# here cap is (my_hash(private_key), my_hash(public_key))
(private, public, cap) = crypto.generate_RSA()
cap = [FILE_WRITE_CAP, cap[0], cap[1]]
# put name in dir
data[arg.name] = capToString(cap)
# update root dir data
data = json.dumps(data)
data = crypto.package_data(data, root_cap, root_private, root_public)
print_capabilities(root_cap)
post_data(data, capToString(root_cap))
# save the cap in a private file
with open('private/files.txt', "a") as f:
c = arg.name+ "|" + capToString(cap)+ "\n"
f.write(c)
# TODO get rid of key storage by making get to the server via URI after createion
# save the private key in a file
with open('private/keys/'+arg.name+"public", "w") as f:
f.write(public)
with open('private/keys/'+arg.name+"private", "w") as f:
f.write(private)
data = arg.data
data = crypto.package_data(data, cap, private, public)
print_capabilities(cap)
h = crypto.my_hash(cap[1])[:16]
cap[1] = crypto.my_hash(h)
post_data(data, capToString(cap))
def put_handler(arg):
if arg.writecap:
# putting with a cap requires
# 1) Getting the encrypted private key
# 2) Decrypting it, and using it to sign the updated data same signature fro authenticity
# 3) Signing the encryption of the updated data with the private key
cap = arg.writecap.split(":")
cipher = get_data(arg.writecap)
data_ar = cipher.split(SPLIT_SYMBOL)
sign = data_ar[1]
data = data_ar[0]
public = data_ar[2]
assert(data_ar[3] == crypto.my_hash(public))
valid = crypto.verify_RSA(public, sign, data)
print "Valid: ", valid
if valid:
# generate the AES decryption key and decrypt
salt = "a"*16
s = str(cap[1] + salt)
hashed_key = crypto.my_hash(s)
ptext = crypto.decrypt(data, hashed_key[:16])
splitted = ptext.split(SPLIT_SYMBOL)
raw_data = splitted[0]
enc_pk = splitted[1]
private = crypto.decrypt(enc_pk, cap[1])
data = arg.data
else:
# here cap is (my_hash(private_key), my_hash(public_key))
(private, public, cap) = crypto.generate_RSA()
cap = [FILE_WRITE_CAP, cap[0], cap[1]]
# save the cap in a private file
with open('private/files.txt', "a") as f:
c = arg.name+ "|" + cap[0] + ":" + cap[1] + ":" + cap[2] + "\n"
f.write(c)
# save the private key in a file
with open('private/keys/'+arg.name+"public", "w") as f:
f.write(public)
with open('private/keys/'+arg.name+"private", "w") as f:
f.write(private)
data = arg.data
# store the encrypted private key in the data
data = data + SPLIT_SYMBOL + crypto.encrypt(private, cap[1], False)
# use the read key as an encryption key for the concatted data
salt = "a"*16
s = str(cap[1] + salt)
hashed_key = crypto.my_hash(s)
# encrypt the data
data = crypto.encrypt(data, hashed_key[:16], False)
# sign it with private key
signature = crypto.sign_data(private, data)
# FINAL DATA IS
# enc_data | signature | public_key | hash(public_key)
data = data +SPLIT_SYMBOL+ signature + SPLIT_SYMBOL + public + SPLIT_SYMBOL + crypto.my_hash(public)
# double hash the key to get the file name
file_name = crypto.my_hash(crypto.my_hash(cap[1]))
write = ":".join(map(str, cap))
print "Write cap for the file is: %s" % write
cap[0] = FILE_READ_CAP
cap[1] = crypto.my_hash(cap[1])[:16]
read = ":".join(map(str, cap))
print "Read cap for the file is: %s" % read
print "You can access the capability in private/files.txt"
post_data(data, write)