Ejemplo n.º 1
0
def rm(USER_NAME, USER_PATH, USER_PRK, args):

    # verify command
    rm_file = args[0]

    if rm_file[-1] == '/':
        info = 'this is not a file'
        return False, info
    if rm_file[0:2] == './':
        rm_file = rm_file[2:]

    if rm_file[0] == '/':
        rm_path_split = rm_file.split('/')
        if USER_NAME != rm_path_split[1]:
            info = 'file permission denied'
            with open(ILLIGAL_LOG_FILE, 'a') as f:
                f.write('\n' + USER_NAME + ':' + 'rm ' + rm_file)
            return False, info
        else:
            rm_path = EFS_DIR + rm_file[1:]
    else:
        rm_path = EFS_DIR + USER_PATH + '/' + rm_file

    if not os.path.isfile(rm_path):
        info = 'no such file'
        return False, info

    if rm_path == EFS_DIR + USER_NAME + '/' + 'share.json' or rm_path == EFS_DIR + USER_NAME + '/' + 'share_mirror.json':
        info = 'permission denied'
        with open(ILLIGAL_LOG_FILE, 'a') as f:
            f.write('\n' + USER_NAME + ':' + 'rm ' + rm_path)
        return False, info
    if not os.path.isfile(rm_path):
        #os.system(" sshpass -p 'gjr950614' ssh [email protected] rm /home/gaojiarui/myserver/test.txt")
        info = 'no such file'
        return False, info

    try:
        USER_PK, USER_PRK, USER_AES = _get_keys(USER_NAME, USER_PRK)
    except:
        info = 'get keys error'
        return False, info

    # get encrypted file name
    en_file_name = encrypt.encrypt_filename(USER_PK, rm_path)
    en_file_name = en_file_name.replace("/", r"_")[0:100]

    try:
        os.system(PASS + ' ssh ' + SSH_SERVER + ' rm ' + SERVER_PATH +
                  en_file_name)

    except:
        info = 'error in removing file from the server'
        return False, info

    os.remove(rm_path)
    info = 'succeed'
    return True, info
Ejemplo n.º 2
0
def download_share(USER_NAME, args):
    file_path = args[0]
    loc_RSA_1 = args[1]
    loc_RSA_2 = args[2]
    save_pos = args[3]

    if file_path[0] == '/':
        info = 'file name should be one of the listed results in "ls -s" in user/share/'
        return False, info

    share_path = '/' + USER_NAME + '/share/' + file_path

    with open(EFS_DIR + USER_NAME + '/share_mirror.json', 'r') as f:
        data = json.load(f)

    if share_path not in data.keys():
        info = 'file name should be one of the listed results in "ls -s" in user/share/'
        return False, info

    share_mirror = data[share_path]
    group_name = share_mirror.split('/')
    filename = group_name[-1]
    group_name = group_name[1]
    real_path = EFS_DIR + str(share_mirror[1:])

    with open(loc_RSA_1, 'r') as f:
        SHARE_RSA_1 = RSA.importKey(f.read())

    with open(loc_RSA_2, 'r') as f:
        SHARE_RSA_2 = RSA.importKey(f.read())

    with open(EFS_DIR + '/key/' + group_name + '_RSA_1.pem', 'r') as f:
        SHARE_PUBLIC_RSA_1 = RSA.importKey(f.read())
    with open(EFS_DIR + '/key/' + group_name + '_RSA_2.pem', 'r') as f:
        SHARE_PUBLIC_RSA_2 = RSA.importKey(f.read())
    with open(EFS_DIR + '/key/' + group_name + '_RSA_3.pem', 'r') as f:
        SHARE_PUBLIC_RSA_3 = RSA.importKey(f.read())

    if not SHARE_RSA_1.decrypt(SHARE_PUBLIC_RSA_1.encrypt(USER_NAME,
                                                          '')) == USER_NAME:
        with open(ILLIGAL_LOG_FILE, 'a') as f:
            f.write('\n' + USER_NAME + ':' + 'download-share RSA_1 ' +
                    file_path)
        info = 'invalid RSA_1'
        return False, info
    if not SHARE_RSA_2.decrypt(SHARE_PUBLIC_RSA_2.encrypt(USER_NAME,
                                                          '')) == USER_NAME:
        with open(ILLIGAL_LOG_FILE, 'a') as f:
            f.write('\n' + USER_NAME + ':' + 'download-share RSA_ ' +
                    file_path)
        info = 'invalid RSA_2'
        return False, info

    # get AES key
    with open(EFS_DIR + 'user_encrypt_AES.json', 'r') as f:
        AES_data = json.load(f)
    cipheraes = AES_data[group_name]
    SHARE_AES = encrypt.decrypt_aes(SHARE_RSA_2, cipheraes)

    en_file_name = encrypt.encrypt_filename(SHARE_RSA_1, real_path)
    en_file_name = en_file_name.replace("/", r"_")[0:100]

    # download file
    os.system(PASS + 'scp ' + SERVER + en_file_name + ' ' + save_pos)
    os.rename(save_pos + '/' + en_file_name, save_pos + '/' + filename)

    with open(save_pos + '/' + filename, 'r') as f:
        cipherfile = f.read()

    signature = cipherfile[0:344]
    cipherfile = cipherfile[344:]

    with open(save_pos + '/' + filename, 'w') as f:
        f.write(cipherfile)

    verify = encrypt.verify_sign(SHARE_PUBLIC_RSA_3, signature, cipherfile)

    if not verify:
        info = 'the file has been modified illegally'
        os.remove(save_pos + '/' + filename)
        try:
            split_real_path = real_path.split('/')
            split_real_path = split_real_path[:-1]
            en_source = '/'.join(split_real_path) + '/' + en_file_name
            os.rename(real_path, en_source)
            os.system(PASS + 'scp ' + en_source + SERVER)
            os.rename(en_source, real_path)
            info = info + ' and the backup file has been uploaded, please download again'
            return False, info
        except:
            info = info + ' and fail to upload the backup file'
            return False, info

    else:
        try:
            # update backup
            with open(save_pos + '/' + filename, 'r') as f:
                cipherfile = f.read()
            with open(real_path, 'w') as f:
                f.write(cipherfile)

            plain = encrypt.decrypt_file(SHARE_AES, save_pos + '/' + filename)
            with open(save_pos + '/' + filename, 'w') as f:
                f.write(plain)
            info = 'succeed'
            return True, info
        except:
            info = 'decrypt error'
            return False, info

    info = 'succeed'
    return True, info
Ejemplo n.º 3
0
def upload_share(USER_NAME, args):

    file_path = args[0]
    group_name = args[1]
    loc_RSA_1 = args[2]
    loc_RSA_3 = args[3]

    if not os.path.isfile(file_path):
        info = 'no such file'
        return False, info

    if file_path[0] != '/':
        info = 'absolute file path only'
        return False, info

    with open(loc_RSA_1, 'r') as f:
        SHARE_RSA_1 = RSA.importKey(f.read())

    with open(loc_RSA_3, 'r') as f:
        SHARE_RSA_3 = RSA.importKey(f.read())

    with open(EFS_DIR + '/key/' + group_name + '_RSA_1.pem', 'r') as f:
        SHARE_PUBLIC_RSA_1 = RSA.importKey(f.read())
    with open(EFS_DIR + '/key/' + group_name + '_RSA_2.pem', 'r') as f:
        SHARE_PUBLIC_RSA_2 = RSA.importKey(f.read())
    with open(EFS_DIR + '/key/' + group_name + '_RSA_3.pem', 'r') as f:
        SHARE_PUBLIC_RSA_3 = RSA.importKey(f.read())

    split_file_path = file_path.split('/')
    filename = split_file_path[-1]
    share_path = EFS_DIR + group_name + '/' + filename

    if not SHARE_RSA_1.decrypt(SHARE_PUBLIC_RSA_1.encrypt(USER_NAME,
                                                          '')) == USER_NAME:
        with open(ILLIGAL_LOG_FILE, 'a') as f:
            f.write('\n' + USER_NAME + ':' + 'upload-share RSA_1 ' + file_path)
        info = 'invalid RSA_1'
        return False, info
    if not SHARE_RSA_3.decrypt(SHARE_PUBLIC_RSA_3.encrypt(USER_NAME,
                                                          '')) == USER_NAME:
        with open(ILLIGAL_LOG_FILE, 'a') as f:
            f.write('\n' + USER_NAME + ':' + 'upload-share RSA_3 ' + file_path)
        info = 'invalid RSA_3'
        return False, info

    with open(file_path, 'r') as f:
        data = f.read()
    with open(share_path, 'w') as f:
        f.write(data)

    # new AES key
    SHARE_AES = encrypt.generate_AES()
    EN_SHARE_AES = encrypt.encrypt_aes(SHARE_PUBLIC_RSA_2, SHARE_AES)

    with open(EFS_DIR + 'user_encrypt_AES.json', 'r') as f:
        AES_data = json.load(f)
    AES_data[group_name] = EN_SHARE_AES
    with open(EFS_DIR + 'user_encrypt_AES.json', 'w') as f:
        json.dump(AES_data, f)

    # encrypt filename
    en_share_path = encrypt.encrypt_filename(SHARE_RSA_1, share_path)
    en_share_path = en_share_path.replace("/", r"_")[0:100]

    # encrypt file content
    cipherfile = encrypt.encrypt_file(SHARE_AES, share_path)

    # sign the hash value of the file
    signature = encrypt.sign_file(SHARE_RSA_3, cipherfile)
    # len(signature) = 344

    cipherfile = signature + cipherfile

    with open(EFS_DIR + group_name + '/' + en_share_path, 'w') as f:
        f.write(cipherfile)

    os.system(PASS + 'scp ' + EFS_DIR + group_name + '/' + en_share_path +
              ' ' + SERVER)
    os.rename(EFS_DIR + group_name + '/' + en_share_path, share_path)

    member = group_name.split('_')
    for i in member:
        user_path = EFS_DIR + i + '/'
        with open(user_path + 'share_mirror.json', 'r') as f:
            data = json.load(f)
        data['/' + i + '/share/' + USER_NAME + '/' +
             filename] = '/' + group_name + '/' + filename
        with open(user_path + 'share_mirror.json', 'w') as f:
            json.dump(data, f)

    info = 'succeed'
    return True, info
Ejemplo n.º 4
0
def prepare_share(USER_NAME, USER_PATH, USER_PRK, source, pair_user_mode,
                  pair_user_loc):

    share_user = pair_user_mode.keys()
    share_file = '_'.join(share_user)

    if os.path.isdir(EFS_DIR + share_file):
        info = 'directory exsits'
        return False, info

    try:
        share_RSA_1 = encrypt.generate_RSA()
        share_RSA_2 = encrypt.generate_RSA()
        share_RSA_3 = encrypt.generate_RSA()
        share_AES = encrypt.generate_AES()
    except:
        info = 'error generate keys'
        return False, info

    try:
        with open(EFS_DIR + 'share_public_RSA.json', 'r') as f:
            share_RSA_data = json.load(f)
    except:
        with open(EFS_DIR + 'share_public_RSA.json', 'w') as f:
            json.dump({}, f)
            share_RSA_data = {}

    try:
        with open(EFS_DIR + 'user_encrypt_AES.json', 'r') as f:
            AES_data = json.load(f)
    except:
        with open(EFS_DIR + 'user_encrypt_AES.json', 'w') as f:
            json.dump({}, f)
            AES_data = {}

    share_public_RSA_1 = share_RSA_1.publickey()
    share_public_RSA_2 = share_RSA_2.publickey()
    share_public_RSA_3 = share_RSA_3.publickey()
    share_encrypt_AES = encrypt.encrypt_aes(share_RSA_2, share_AES)

    share_RSA = {}
    share_RSA['RSA_1'] = EFS_DIR + 'key/' + str(share_file) + '_RSA_1.pem'
    share_RSA['RSA_2'] = EFS_DIR + 'key/' + str(share_file) + '_RSA_2.pem'
    share_RSA['RSA_3'] = EFS_DIR + 'key/' + str(share_file) + '_RSA_3.pem'
    share_RSA_data[share_file] = share_RSA

    try:
        with open(share_RSA['RSA_1'], 'w') as f:
            f.write(share_public_RSA_1.exportKey('PEM'))
            f.close()
        with open(share_RSA['RSA_2'], 'w') as f:
            f.write(share_public_RSA_2.exportKey('PEM'))
            f.close()
        with open(share_RSA['RSA_3'], 'w') as f:
            f.write(share_public_RSA_3.exportKey('PEM'))
            f.close()
    except:
        info = 'fail to save public key'
        return False, info

    AES_data[share_file] = share_encrypt_AES

    try:
        with open(EFS_DIR + 'user_encrypt_AES.json', 'w') as g:
            json.dump(AES_data, g)

        with open(EFS_DIR + 'share_public_RSA.json', 'w') as f:
            json.dump(share_RSA_data, f)
    except:
        info = 'fail to update keys'
        return False, info

    # store keys for members
    # read: rsa_1 rsa_2
    # write: rsa_1 rsa_3
    # read & write: rsa_1 rsa_2 rsa_3

    for i in pair_user_mode.keys():
        mode = pair_user_mode[i]
        loc = pair_user_loc[i]
        if loc[-1] != '/':
            loc = loc + '/'
        if not os.path.isdir(loc):
            info = 'fail to save private key for ' + str(i) + ' at ' + str(loc)
            return False, info
        if mode == '-r':
            try:
                with open(loc + share_file + '_RSA_1.pem', 'w') as f:
                    f.write(share_RSA_1.exportKey('PEM'))
                    f.close()
                with open(loc + share_file + '_RSA_2.pem', 'w') as f:
                    f.write(share_RSA_2.exportKey('PEM'))
                    f.close()
            except:
                info = 'fail to save private key for ' + str(i) + ' at ' + str(
                    loc)
                return False, info
        elif mode == '-w':
            try:
                with open(loc + share_file + '_RSA_1.pem', 'w') as f:
                    f.write(share_RSA_1.exportKey('PEM'))
                    f.close()
                with open(loc + share_file + '_RSA_3.pem', 'w') as f:
                    f.write(share_RSA_3.exportKey('PEM'))
                    f.close()
            except:
                info = 'fail to save private key for ' + str(i) + ' at ' + str(
                    loc)
                return False, info
        else:
            try:
                with open(loc + share_file + '_RSA_1.pem', 'w') as f:
                    f.write(share_RSA_1.exportKey('PEM'))
                    f.close()
                with open(loc + share_file + '_RSA_2.pem', 'w') as f:
                    f.write(share_RSA_2.exportKey('PEM'))
                    f.close()
                with open(loc + share_file + '_RSA_3.pem', 'w') as f:
                    f.write(share_RSA_3.exportKey('PEM'))
                    f.close()
            except:
                info = 'fail to save private key for ' + str(i) + ' at ' + str(
                    loc)
                return False, info

    if source[0] == '/':
        source_split = source.split('/')
        if USER_NAME != source_split[1]:
            info = 'file permission denied'
            return False, info
        else:
            source_file = EFS_DIR + source[1:]
    else:
        source_file = EFS_DIR + USER_PATH + '/' + source

    source_split = source_file.split('/')
    filename = source_split[-1]

    # update all share file lists
    for i in pair_user_loc:
        user_path = EFS_DIR + i + '/'
        with open(user_path + 'share_mirror.json', 'r') as f:
            data = json.load(f)
        data['/' + i + '/share/' + USER_NAME + '/' +
             filename] = '/' + share_file + '/' + filename
        with open(user_path + 'share_mirror.json', 'w') as f:
            json.dump(data, f)

    try:
        USER_PK, USER_PRK, USER_AES = _get_keys(USER_NAME, USER_PRK)
    except:
        info = 'get keys error'
        return False, info

    try:
        # get encrypted name
        dest_file = EFS_DIR + share_file + '/' + filename
        en_source_file_name = encrypt.encrypt_filename(USER_PK, source_file)
        en_source_file_name = en_source_file_name.replace("/", r"_")[0:100]
        en_share_file_name = encrypt.encrypt_filename(USER_PK, dest_file)
        en_share_file_name = en_share_file_name.replace("/", r"_")[0:100]

        os.system(PASS + 'ssh ' + SSH_SERVER + ' mv ' + SERVER_PATH +
                  en_source_file_name + ' ' + SERVER_PATH + en_share_file_name)
    except:
        info = 'cannot move file on the server'
        return False, info

    try:
        dest_file = EFS_DIR + share_file + '/' + filename
        os.mkdir(EFS_DIR + share_file)
        os.rename(source_file, dest_file)
    except:
        info = 'unable to make new share directory'
        return False, info

    info = share_file
    return True, info
Ejemplo n.º 5
0
def cp(USER_NAME, USER_PATH, USER_PRK, args):

    old_name = args[0]
    new_name = args[1]

    # verify old name
    if old_name[-1] == '/':
        old_name = old_name[:-1]
    if old_name[0:2] == './':
        old_name = old_name[2:]

    if old_name[0] == '/':
        old_name_split = old_name.split('/')
        if USER_NAME != old_name_split[1]:
            with open(ILLIGAL_LOG_FILE, 'a') as f:
                f.write('\n' + USER_NAME + ':' + 'cp ' + old_name)
            info = 'file permission denied'
            return False, info
        else:
            old_file = EFS_DIR + old_name[1:]
    else:
        old_file = EFS_DIR + USER_PATH + '/' + old_name

    if not os.path.isfile(old_file):
        info = 'no such file'
        return False, info

    # verify new name
    if new_name[-1] == '/':
        old_file_name = old_file.split('/')
        new_name = new_name + old_file_name[-1]
    if new_name[0:2] == './':
        new_name = new_name[2:]

    if new_name[0] == '/':
        new_name_split = new_name.split('/')
        if USER_NAME != new_name_split[1]:
            with open(ILLIGAL_LOG_FILE, 'a') as f:
                f.write('\n' + USER_NAME + ':' + 'cp ' + new_name)
            info = 'file permission denied'
            return False, info
        else:
            new_file = EFS_DIR + new_name[1:]
    else:
        new_file = EFS_DIR + USER_PATH + '/' + new_name

    try:
        USER_PK, USER_PRK, USER_AES = _get_keys(USER_NAME, USER_PRK)
    except:
        info = 'get keys error'
        return False, info

    #os.system(" sshpass -p 'gjr950614' ssh [email protected] rm /home/gaojiarui/myserver/test.txt")
    try:
        # get encrypted name
        en_new_file_name = encrypt.encrypt_filename(USER_PK, new_file)
        en_new_file_name = en_new_file_name.replace("/", r"_")[0:100]
        with open(old_file, 'r') as f:
            data = f.read()
        with open(new_file, 'w') as f:
            f.write(data)

        new_split = new_file.split('/')
        new_path = new_split[:-1]
        en_source = '/'.join(new_path) + '/' + en_new_file_name
        os.rename(new_file, en_source)
        os.system(PASS + 'scp ' + en_source + SERVER)
        os.rename(en_source, new_file)
    except:
        info = 'cannot copy file to the server'
        return False, info

    info = 'succeed'
    return True, info
Ejemplo n.º 6
0
def download(USER_NAME, USER_PATH, USER_PRK, args):

    #verigy command
    source = args[0]
    save_pos = args[1]

    if source[-1] == '/':
        source = source[:-1]
    if source[0:2] == './':
        source = source[2:]

    if not os.path.isdir(save_pos):
        info = 'no such destination directory'
        return False, info
    if source[0] == '/':
        source_path_split = source.split('/')
        if USER_NAME != source_path_split[1]:
            info = 'source directory permission denied'
            with open(ILLIGAL_LOG_FILE, 'a') as f:
                f.write('\n' + USER_NAME + ':' + 'download ' + source)
            return False, info
        else:
            source_file = EFS_DIR + source[1:]
    else:
        source_file = EFS_DIR + USER_PATH + '/' + source

    if not os.path.isfile(source_file):
        info = 'no such source file'
        return False, info

    try:
        USER_PK, USER_PRK, USER_AES = _get_keys(USER_NAME, USER_PRK)
    except:
        info = 'get keys error'
        return False, info

    try:
        # get encrypted name
        en_file_name = encrypt.encrypt_filename(USER_PK, source_file)
        en_file_name = en_file_name.replace("/", r"_")[0:100]

        # download file
        os.system(PASS + 'scp ' + SERVER + en_file_name + ' ' + save_pos)
        source_split = source.split('/')
        filename = source_split[-1]
        os.rename(save_pos + '/' + en_file_name, save_pos + '/' + filename)
    except:
        info = 'download error'
        return False, info

    with open(save_pos + '/' + filename, 'r') as f:
        cipherfile = f.read()

    signature = cipherfile[0:344]
    cipherfile = cipherfile[344:]

    with open(save_pos + '/' + filename, 'w') as f:
        f.write(cipherfile)

    verify = encrypt.verify_sign(USER_PRK, signature, cipherfile)

    if not verify:
        info = 'the file has been modified illegally'
        os.remove(save_pos + '/' + filename)
        try:
            source_path = source_split[:-1]
            en_source = EFS_DIR + '/'.join(source_path) + '/' + en_file_name
            os.rename(source_file, en_source)
            os.system(PASS + 'scp ' + en_source + SERVER)
            os.rename(en_source, source_file)
            info = 'and the backup file has been uploaded, please read again'
            return False, info
        except:
            info = 'and fail to upload the backup file'
            return False, info

    else:
        try:
            # update backup
            with open(save_pos + '/' + filename, 'r') as f:
                cipherfile = f.read()
            with open(source_file, 'w') as f:
                f.write(cipherfile)

            plain = encrypt.decrypt_file(USER_AES, save_pos + '/' + filename)
            with open(save_pos + '/' + filename, 'w') as f:
                f.write(plain)
            info = 'succeed'
            return True, info
        except:
            info = 'decrypt error'
            return False, info
Ejemplo n.º 7
0
def upload(USER_NAME, USER_PATH, USER_PRK, args):

    # verify command
    SOURCE = args[0]
    dest = args[1]
    if dest[-1] == '/':
        dest = dest[:-1]
    if dest[0:2] == './':
        dest = dest[2:]

    if not os.path.isfile(SOURCE):
        info = 'no such source file'
        return False, info
    if dest[0] == '/':
        dest_path_split = dest.split('/')
        if USER_NAME != dest_path_split[1]:
            info = 'destination directory permission denied'
            with open(ILLIGAL_LOG_FILE, 'a') as f:
                f.write('\n' + user + ':' + 'upload ' + dest)
            return False, info
        else:
            DEST = EFS_DIR + dest[1:]
    else:
        DEST = EFS_DIR + USER_PATH + '/' + dest

    if not os.path.isdir(DEST):
        info = 'no such destination directory'
        return False, info

    try:
        USER_PK, USER_PRK, USER_AES = _get_keys(USER_NAME, USER_PRK)
    except:
        info = 'get keys error'
        return False, info

    try:
        # get encrypted file name
        source_split = SOURCE.split('/')
        filename = source_split[-1]
        DEST_FILE = DEST + '/' + filename

        en_file_name = encrypt.encrypt_filename(USER_PK, DEST_FILE)
        en_file_name = en_file_name.replace("/", r"_")[0:100]

        # encrypt file content
        cipherfile = encrypt.encrypt_file(USER_AES, SOURCE)

        # sign the hash value of the file
        signature = encrypt.sign_file(USER_PRK, cipherfile)
        # len(signature) = 344

        cipherfile = signature + cipherfile

        # backup in the file system
        EN_DEST_FILE = DEST + '/' + en_file_name
        with open(EN_DEST_FILE, 'w') as f:
            f.write(cipherfile)

        # test: try to decrypt
        # plain = encrypt.decrypt_file(USER_AES, DEST_FILE)
        # with open(DEST_FILE, 'w') as f:
        # 	f.write(plain)

        # upload to the server
        os.system(PASS + 'scp ' + EN_DEST_FILE + SERVER)
        os.rename(EN_DEST_FILE, DEST_FILE)
    except:
        info = 'error in uploading'
        return False, info

    info = 'succeed'
    return True, info
Ejemplo n.º 8
0
def download(USER_NAME, USER_PATH, USER_PRK, USER_IP, SOCKET, ALL_SOCKET,
             LOCK_SOCKET, args):

    #verigy command
    source = args[0]
    save_pos = args[1]

    if source[-1] == '/':
        source = source[:-1]
    if source[0:2] == './':
        source = source[2:]

    if not os.path.isdir(save_pos):
        info = 'no such destination directory'
        return False, info
    if source[0] == '/':
        source_path_split = source.split('/')
        if USER_NAME != source_path_split[1]:
            info = 'source directory permission denied'
            with open(ILLIGAL_LOG_FILE, 'a') as f:
                f.write('\n' + USER_NAME + ':' + 'download ' + source)
            return False, info
        else:
            source_file = EFS_DIR + source[1:]
    else:
        source_file = EFS_DIR + USER_PATH + '/' + source

    if not os.path.isfile(source_file):
        info = 'no such source file'
        return False, info
    _USER_PRK = USER_PRK
    try:
        USER_PK, USER_PRK, USER_AES = _get_keys(USER_NAME, USER_PRK)
    except:
        info = 'get keys error'
        return False, info

    try:
        # get encrypted name
        en_file_name = encrypt.encrypt_filename(USER_PK, source_file)
        en_file_name = en_file_name.replace("/", r"_")[0:100]

        # download file
        #os.system(PASS + 'scp ' + SERVER + en_file_name + ' ' + save_pos)
        _inquire(en_file_name, SOCKET, 0)

        DataNode = _get_datanode(SOCKET)

        #_upload_DataNode(USER_IP, cipherfile[0:16384], DataNode_1, 1, en_file_name)

        while _get_read_lock(LOCK_SOCKET, en_file_name) == 0:
            pass

        i = 1
        cipherfile = ''
        while DataNode.has_key(str(i)):
            datanode_port = int(DataNode[str(i)][0])
            data = str(
                _download_DataNode(en_file_name + '_' + str(i), datanode_port,
                                   ALL_SOCKET[datanode_port], int(i)))
            cipherfile = cipherfile + data
            i = i + 1
            # if int(i) != len(cipherfile) / 16384 + 1:
            # 	_upload_DataNode(USER_IP, cipherfile[(int(i)-1)*16384:int(i)*16384], ALL_SOCKET[j], int(i), en_file_name+'_'+str(i), j)
            # else:
            # 	_upload_DataNode(USER_IP, cipherfile[(int(i)-1)*16384:len(cipherfile)], ALL_SOCKET[j], int(i), en_file_name+'_'+str(i), j)

        _release_read_lock(LOCK_SOCKET, en_file_name)

        source_split = source.split('/')
        filename = source_split[-1]

        # os.rename(save_pos + '/' + en_file_name, save_pos + '/' + filename)
        with open(save_pos + '/' + filename, 'wb') as f:
            f.write(cipherfile)

    except:
        info = 'download error'
        return False, info

    # with open(save_pos + '/' + filename, 'r') as f:
    # 	cipherfile = f.read()

    signature = cipherfile[0:344]
    cipherfile = cipherfile[344:]

    with open(save_pos + '/' + filename, 'w') as f:
        f.write(cipherfile)

    verify = encrypt.verify_sign(USER_PRK, signature, cipherfile)

    if not verify:
        info = 'the file has been modified illegally'
        os.remove(save_pos + '/' + filename)
        try:
            source_path = source_split[:-1]
            en_source = EFS_DIR + '/'.join(source_path) + '/' + en_file_name
            os.rename(source_file, en_source)
            #os.system(PASS + 'scp ' + en_source + SERVER)

            with open(en_source, 'w') as f:
                cipherfile = f.read()

            _inquire(en_file_name, SOCKET, len(cipherfile))

            DataNode = _get_datanode(SOCKET)

            while _get_write_lock(LOCK_SOCKET, en_file_name) == 0:
                pass

            for i in DataNode.keys():
                for j in DataNode[i]:
                    if int(i) != len(cipherfile) / 16384 + 1:
                        _upload_DataNode(
                            USER_IP,
                            cipherfile[(int(i) - 1) * 16384:int(i) * 16384],
                            ALL_SOCKET[int(j)], int(i),
                            en_file_name + '_' + str(i), int(j))
                    else:
                        _upload_DataNode(
                            USER_IP,
                            cipherfile[(int(i) - 1) * 16384:len(cipherfile)],
                            ALL_SOCKET[int(j)], int(i),
                            en_file_name + '_' + str(i), int(j))

            _release_write_lock(LOCK_SOCKET, en_file_name)

            os.rename(en_source, source_file)
            info = 'and the backup file has been uploaded, please read again'
            return False, info
        except:
            info = 'and fail to upload the backup file'
            return False, info

    else:
        try:
            # update backup
            with open(save_pos + '/' + filename, 'r') as f:
                cipherfile = f.read()
            with open(source_file, 'w') as f:
                f.write(cipherfile)

            plain = encrypt.decrypt_file(USER_AES, save_pos + '/' + filename)
            with open(save_pos + '/' + filename, 'w') as f:
                f.write(plain)
            info = 'succeed'
            return True, info
        except:
            info = 'decrypt error'
            return False, info
Ejemplo n.º 9
0
def upload(USER_NAME, USER_PATH, USER_PRK, USER_IP, SOCKET, ALL_SOCKET,
           LOCK_SOCKET, args):

    # verify command
    SOURCE = args[0]
    dest = args[1]
    if dest[-1] == '/':
        dest = dest[:-1]
    if dest[0:2] == './':
        dest = dest[2:]

    if not os.path.isfile(SOURCE):
        info = 'no such source file'
        return False, info
    if dest[0] == '/':
        dest_path_split = dest.split('/')
        if USER_NAME != dest_path_split[1]:
            info = 'destination directory permission denied'
            with open(ILLIGAL_LOG_FILE, 'a') as f:
                f.write('\n' + user + ':' + 'upload ' + dest)
            return False, info
        else:
            DEST = EFS_DIR + dest[1:]
    else:
        DEST = EFS_DIR + USER_PATH + '/' + dest

    if not os.path.isdir(DEST):
        info = 'no such destination directory'
        return False, info

    try:
        USER_PK, USER_PRK, USER_AES = _get_keys(USER_NAME, USER_PRK)
    except:
        info = 'get keys error'
        return False, info

    try:
        # get encrypted file name
        source_split = SOURCE.split('/')
        filename = source_split[-1]
        DEST_FILE = DEST + '/' + filename

        en_file_name = encrypt.encrypt_filename(USER_PK, DEST_FILE)
        en_file_name = en_file_name.replace("/", r"_")[0:100]

        # encrypt file content
        cipherfile = encrypt.encrypt_file(USER_AES, SOURCE)

        # sign the hash value of the file
        signature = encrypt.sign_file(USER_PRK, cipherfile)
        # len(signature) = 344

        cipherfile = signature + cipherfile

        # backup in the file system
        EN_DEST_FILE = DEST + '/' + en_file_name
        with open(EN_DEST_FILE, 'w') as f:
            f.write(cipherfile)

        # test: try to decrypt
        # plain = encrypt.decrypt_file(USER_AES, DEST_FILE)
        # with open(DEST_FILE, 'w') as f:
        # 	f.write(plain)

        # inquire on namenode

        _inquire(en_file_name, SOCKET, len(cipherfile))

        DataNode = _get_datanode(SOCKET)

        #_upload_DataNode(USER_IP, cipherfile[0:16384], DataNode_1, 1, en_file_name)

        # get lock
        while _get_write_lock(LOCK_SOCKET, en_file_name) == 0:
            pass

        for i in DataNode.keys():
            for j in DataNode[i]:
                if int(i) != len(cipherfile) / 16384 + 1:
                    _upload_DataNode(
                        USER_IP,
                        cipherfile[(int(i) - 1) * 16384:int(i) * 16384],
                        ALL_SOCKET[int(j)], int(i),
                        en_file_name + '_' + str(i), int(j))
                else:
                    _upload_DataNode(
                        USER_IP,
                        cipherfile[(int(i) - 1) * 16384:len(cipherfile)],
                        ALL_SOCKET[int(j)], int(i),
                        en_file_name + '_' + str(i), int(j))

        _release_write_lock(LOCK_SOCKET, en_file_name)

        # upload to the datanode
        # os.system(PASS + 'scp ' + EN_DEST_FILE + SERVER)
        os.rename(EN_DEST_FILE, DEST_FILE)
    except:
        info = 'error in uploading'
        return False, info

    info = 'succeed'
    return True, info
Ejemplo n.º 10
0
def rm(USER_NAME, USER_PATH, USER_PRK, USER_IP, SOCKET, ALL_SOCKET,
       LOCK_SOCKET, args):

    # verify command
    rm_file = args[0]

    if rm_file[-1] == '/':
        info = 'this is not a file'
        return False, info
    if rm_file[0:2] == './':
        rm_file = rm_file[2:]

    if rm_file[0] == '/':
        rm_path_split = rm_file.split('/')
        if USER_NAME != rm_path_split[1]:
            info = 'file permission denied'
            with open(ILLIGAL_LOG_FILE, 'a') as f:
                f.write('\n' + USER_NAME + ':' + 'rm ' + rm_file)
            return False, info
        else:
            rm_path = EFS_DIR + rm_file[1:]
    else:
        rm_path = EFS_DIR + USER_PATH + '/' + rm_file

    if not os.path.isfile(rm_path):
        info = 'no such file'
        return False, info

    if not os.path.isfile(rm_path):
        info = 'no such file'
        return False, info

    try:
        USER_PK, USER_PRK, USER_AES = _get_keys(USER_NAME, USER_PRK)
    except:
        info = 'get keys error'
        return False, info

    # get encrypted file name
    en_file_name = encrypt.encrypt_filename(USER_PK, rm_path)
    en_file_name = en_file_name.replace("/", r"_")[0:100]

    try:
        #os.system(PASS + ' ssh ' + SSH_SERVER + ' rm ' + SERVER_PATH + en_file_name)

        _inquire(en_file_name, SOCKET, 0)

        DataNode = _get_datanode(SOCKET)

        while _get_write_lock(LOCK_SOCKET, en_file_name) == 0:
            pass

        for i in DataNode.keys():
            for j in DataNode[i]:
                _delete_on_datanode(en_file_name + '_' + str(i), j,
                                    ALL_SOCKET[int(j)], int(i))

        _release_write_lock(LOCK_SOCKET, en_file_name)

        _delete_on_namenode(en_file_name, SOCKET)

    except:
        info = 'error in removing file from the server'
        return False, info

    os.remove(rm_path)
    info = 'succeed'
    return True, info