Ejemplo n.º 1
0
    def retrieve_latest_version_number(self, metadata, attr):
        """ Return the most recent version number for the given attribute
            and metadata. 
            
            metadata : string - the metadata of the key version to search for
            attr : string - the attribute to search for

            Returns:

            v_num : int - the version number for the appropriate key

            Raises:

            PKILookupError - if no such version is found, or if the stored
                             value is not an integer
        """
        cell = get_single_entry(self.conn, self.vers_table,
                                row=attr, cf='', cq=metadata)

        if cell is None:
            raise PKILookupError('Cell not found for version lookup')

        try:
            return int(cell.val)
        except ValueError:
            raise PKILookupError('Stored version string does not parse as int')
Ejemplo n.º 2
0
    def retrieve_info(self, userid, attr, vers, metadata):
        """ Attempt to retrieve a wrapped key from the key store.

            Arguments:
            
            self - the KeyStore object being retrieved from
            userid : string - the ID of the user for whom the key is wrapped
            attr : string - the attribute for the key being retrieved, if any.
                   If this field is the empty string '', it denotes that this
                   is not an attribute key.
            vers : string - the version identifier for the key
            metadata : string - metadata about the key (e.g. the mode of
                       operation with which it is intended to be used)

            Returns:

            keyinfo - the KeyInfo object corresponding to the provided
                      values

            Raises:

            PKILookupError - when no key is found
        """

        if type(vers) is not IntType:
            raise PKILookupError('version to search for must be an integer')

        tabname = metadata

        if not self.conn.table_exists(tabname):
            raise PKILookupError('No such table %s' %tabname)

        row = userid
        cf = attr
        cq = str(vers)

        cell = get_single_entry(self.conn, tabname, row=row, cf=cf, cq=cq)
    
        if cell is not None:
            keywrap, raw_keylen = cell.val.rsplit(',', 1)

            try:
                keylen = int(raw_keylen)
            except ValueError:
                raise PKILookupError('Error: found non-integer key length')
                
            return KeyInfo(attr, vers, metadata, keywrap, keylen)
        else:
            raise PKILookupError('No keywrap found')
 def get_profile(self, name):
     try:
         fn, pubkey = self.store[name]
         return SigTuple(pubkey, fn.name)
     except KeyError:
         raise PKILookupError('ERROR: User %s not found in trust store.' %
                              name)
Ejemplo n.º 4
0
    def retrieve_info(self, userid, attr, vers, metadata):
        """ Attempt to retrieve a wrapped key from the key store.

            Arguments:
            
            self - the KeyStore object being retrieved from
            userid : string - the ID of the user for whom the key is wrapped
            attr : string - the attribute for the key being retrieved, if any.
                   If this field is the empty string '', it denotes that this
                   is not an attribute key.
            vers : string - the version identifier for the key
            metadata : string - metadata about the key (e.g. the mode of
                       operation with which it is intended to be used)

            Returns:

            keyinfo - the KeyInfo object corresponding to the provided
                      values

            Raises:

            PKILookupError - when no key is found
        """

        try:
            keywrap, keylen = self.store[metadata][userid][attr][vers]
            return KeyInfo(attr, vers, metadata, keywrap, keylen)
        except KeyError:
            raise PKILookupError('No key found in lookup')
Ejemplo n.º 5
0
 def get_attribute_key(self, algorithm, attribute, version=1):
     """
     Arguments:
     algorithm - (string) Name of algorithm for which the user
                 wishes to retrieve the current key for, triggers
                 PKILookupError if the algorithm is not part
                 of VIS_ALGORITHMS 
     attribute - (string) Attribute for which to retrieve the key for
     version - (int)version of key to grab, defaults to 1
     
     Returns:
         Key for (userid, algorithm, attribute, version) tuple
         
     Raises:
         PKILookupError if the key cannot be found for the 
         (userid, algorithm, attribute, version) tuple.
         
     """
     #get the keys
     try:
         key_wrap = self._acc_keystore.retrieve(self._user_id, attribute,
                                                version, algorithm)
     except PKILookupError as ple:
         raise PKILookupError(
             "User %s with algorithm %s and attribute %s is not present in keystore."
             % (self._user_id, algorithm, attribute))
     #unwrap the key
     return key_utils.unwrap_key(key_wrap, self._rsa_key)
Ejemplo n.º 6
0
 def get_key(self, algorithm, version=1):
     """
     Arguments:
     algorithm - (string) Name of algorithm for which the user
                 wishes to retrieve the key for, triggers
                 PKILookupError if the algorithm is not part
                 of AES_ALGORITHMS
     version - (int) version of key to grab, defaults to 1
     
     Returns:
         Key for (userid, algorithm, version) tuple
     
     Raises:
         PKILookupError if the key cannot be found for the
         (userid, algorithm, version) tuple. 
         
     """
     #get the keys
     try:
         key_wrap = self._acc_keystore.retrieve(self._user_id, '', version,
                                                algorithm)
     except PKILookupError:
         raise PKILookupError("User " + self._user_id + " with algorithm " +\
                               algorithm + " is not present in keystore.")
     #unwrap the key
     return key_utils.unwrap_key(key_wrap, self._rsa_key)
Ejemplo n.º 7
0
    def get_current_attribute_key(self, algorithm, attribute):
        """
        Arguments:
        algorithm - (string) Name of algorithm for which the user
                    wishes to retrieve the key for, triggers
                    PKILookupError if the algorithm is not part
                    of AES_ALGORITHMS 
        attribute - (string) Attribute for which to retrieve the key for
        
        Returns:
            (Most current key for (userid, algorithm, attribute) tuple, version)
        
        Raises:
            PKILookupError if the key cannot be found for the
            (userid, algorithm, attribute) tuple. 
            
        """
        #get the keys
        try:
            key_wrap = self._acc_keystore.retrieve_latest_version(
                self._user_id, algorithm, attribute)
        except PKILookupError as ple:
            raise PKILookupError(
                "User %s with algorithm %s and attribute %s is not present in keystore."
                % (self._user_id, algorithm, attribute))

        #unwrap the key
        return (key_utils.unwrap_key(key_wrap.keywrap,
                                     self._rsa_key), key_wrap.vers)
Ejemplo n.º 8
0
    def get_current_key(self, algorithm):
        """
        Arguments:
        algorithm - (string) Name of algorithm for which the user
                    wishes to retrieve the key for, triggers
                    PKILookupError if the algorithm is not part
                    of AES_ALGORITHMS
        
        Returns:
            (Most current key for (userid, algorithm) tuple, version)
        
        Raises:
            PKILookupError if the key cannot be found for the
            (userid, algorithm) tuple. 
            
        """
        #get the keys
        try:
            key_wrap = self._acc_keystore.retrieve_latest_version(
                self._user_id, algorithm, '')
        except PKILookupError:
            raise PKILookupError("User " + self._user_id + " with algorithm " +\
                                  algorithm + " is not present in keystore.")

        #unwrap the key
        return (key_utils.unwrap_key(key_wrap.keywrap,
                                     self._rsa_key), key_wrap.vers)
Ejemplo n.º 9
0
    def retrieve_latest_version_number(self, metadata, attr):
        """ Return the most recent version number for the given attribute
            and metadata. 
            
            metadata : string - the metadata of the key version to search for
            attr : string - the attribute to search for

            Returns:

            v_num : int - the version number for the appropriate key

            Raises:

            PKILookupError - if no such key is found
        """
        if (attr, metadata) not in self.vnums:
            raise PKILookupError('Key not found for latest version lookup')

        return self.vnums[(attr, metadata)]
Ejemplo n.º 10
0
 def get_profile(self, identifier):
     try:
         return SigTuple(*self.signers[identifier])
     except KeyError:
         raise PKILookupError('ERROR: identifier %s not found' %identifier)
Ejemplo n.º 11
0
    def batch_retrieve(self, userid, metadata, attr=None):
        """ Fetch all of a user's keys at once. Optionally, fetch only their
            keys either for a specified attribute or with no attribute at all.
            
            Arguments:

            self - the KeyStore object being read from
            userid : string - the ID of the user whose keys to fetch
            metadata : string - the metadata of the keys to search for
            attr : optional string - the attribute to search for. Default
                   value: None. If this argument is None, this method should
                   return all of the given user's keys. If this argument is
                   the empty string, it should return that user's non-attribute
                   keys. If this argument is a non-empty string, it should
                   return all of that user's keys for that attribute, including
                   all versions and metadata options.

            Returns:

            [KeyInfo] - a non-empty list of KeyInfo objects (that is, 
            (attr, vers, metadata, keywrap, keylen) tuples). If the attr
            argument was None, the attr field of each tuple will be the
            attribute corresponding to the returned version, metadata, and
            keywrap; otherwise, the attr field of each tuple will be equal to
            the attr argument.

            Raises:

            PKILookupError - if there is no information to be returned
        """

        tabname = metadata

        if not self.conn.table_exists(tabname):
            raise PKILookupError('Error: no such table %s' %tabname)

        if attr is None:
            # Get everything!
            scan_range = Range(srow=userid, erow=userid)
        else:
            # Get only things from the corresponding row
            scan_range = Range(srow=userid, erow=userid, scf=attr, ecf=attr)

        ret = []

        for c in self.conn.scan(tabname, scan_range):
            try:
                vers = int(c.cq)
            except ValueError:
                raise PKILookupException('Retrieved version must be int')

            keywrap, raw_keylen = c.val.rsplit(',', 1)

            try:
                keylen = int(raw_keylen)
            except ValueError:
                raise PKILookupError('Error: found non-integer key length')

            ret.append(KeyInfo(metadata=metadata, attr=c.cf,
                               vers=vers, keywrap=keywrap, keylen=keylen))

        if not ret:
            # If we found no elements, that's an error
            raise PKILookupError(
                'Error: no results found for batch key retrieval')
        else:
            return ret
 def get_attribute_key(self, algorithm, attribute, version=1):
     if attribute not in self.terms:
         raise PKILookupError('Nope')
     return self.keys[attribute]
Ejemplo n.º 13
0
    def batch_retrieve(self, userid, metadata, attr=None):
        """ Fetch all of a user's keys at once. Optionally, fetch only their
            keys either for a specified attribute or with no attribute at all.
            
            Arguments:

            self - the KeyStore object being read from
            userid : string - the ID of the user whose keys to fetch
            metadata : string - the metadata of the keys to search for
            attr : optional string - the attribute to search for. Default
                   value: None. If this argument is None, this method should
                   return all of the given user's keys. If this argument is
                   the empty string, it should return that user's non-attribute
                   keys. If this argument is a non-empty string, it should
                   return all of that user's keys for that attribute, including
                   all versions and metadata options.

            Returns:

            [KeyInfo] - a non-empty list of KeyInfo objects (that is, 
            (attr, vers, metadata, keywrap, keylen) tuples). If the attr
            argument was None, the attr field of each tuple will be the
            attribute corresponding to the returned version, metadata, and
            keywrap; otherwise, the attr field of each tuple will be equal to
            the attr argument.

            Raises:

            PKILookupError - if there is no information to be returned
        """

        try:
            metamap = self.store[metadata]
        except KeyError:
            raise PKILookupError('no metadata table found')

        try:
            usermap = metamap[userid]
        except KeyError:
            raise PKILookupError('No such user %s' % userid)

        ret = []

        if attr is None:
            # Return all attributes for this user

            for innerattr, attrmap in usermap.iteritems():
                for vers, (keywrap, keylen) in attrmap.iteritems():
                    ret.append(
                        KeyInfo(innerattr, vers, metadata, keywrap, keylen))
        else:
            # Return just this attribute
            try:
                attrmap = usermap[attr]
            except KeyError:
                raise PKILookupError('No such attribute %s' % attr)

            for vers, (keywrap, keylen) in attrmap.iteritems():
                ret.append(KeyInfo(attr, vers, metadata, keywrap, keylen))

        if not ret:
            raise PKILookupError('no key wraps to return')

        return ret