def fsops_gpg_encrypt(fpath, recipient_gpg):
"""
return
path of encrypted file,
length of the encrypted file
this function is used to encrypt a file for a specific recipient.
commonly 'receiver_desc' is expected as second argument;
anyhow a simpler dict can be used.
required keys are checked on top
"""
gpoj = GLBGPG()
try:
gpoj.load_key(recipient_gpg['gpg_key_armor'])
filepath = os.path.join(GLSetting.submission_path, fpath)
with GLSecureFile(filepath) as f:
encrypted_file_path, encrypted_file_size = \
gpoj.encrypt_file(recipient_gpg['gpg_key_fingerprint'], filepath, f, GLSetting.submission_path)
except:
raise
finally:
# the finally statement is always called also if
# except contains a return or a raise
gpoj.destroy_environment()
return encrypted_file_path, encrypted_file_size
def test_pgp_read_expirations(self):
gpgobj = GLBGPG()
self.assertEqual(
gpgobj.load_key(VALID_PGP_KEY1)['expiration'],
datetime.utcfromtimestamp(0))
self.assertEqual(
gpgobj.load_key(EXPIRED_PGP_KEY)['expiration'],
datetime.utcfromtimestamp(1391012793))
gpgobj.destroy_environment()
def test_encrypt_message(self):
dummy_template = "In %EventTime% you've got a crush for Taryn Southern, yay!! \
more info on: https://www.youtube.com/watch?v=C7JZ4F3zJdY \
and know that you're not alone!"
mock_event = Event(
type=u'encrypted_tip',
trigger='Tip',
tip_info={
'creation_date': '2013-05-13T17:49:26.105485', #epoch!
'id': 'useless',
'wb_steps': fill_random_fields(self.dummyContext['id']),
},
node_info=MockDict().dummyNode,
receiver_info=MockDict().dummyReceiver,
context_info=MockDict().dummyContext,
steps_info={},
subevent_info={},
do_mail=False)
mail_content = Templating().format_template(dummy_template, mock_event)
# setup the GPG key before
GLSetting.gpgroot = GPGROOT
fake_receiver_desc = {
'gpg_key_armor': unicode(VALID_PGP_KEY1),
'gpg_key_fingerprint': u"CF4A22020873A76D1DCB68D32B25551568E49345",
'gpg_key_status': u'enabled',
'username': u'*****@*****.**',
}
gpgobj = GLBGPG()
gpgobj.load_key(VALID_PGP_KEY1)
encrypted_body = gpgobj.encrypt_message(
fake_receiver_desc['gpg_key_fingerprint'], mail_content)
self.assertSubstring('-----BEGIN PGP MESSAGE-----', encrypted_body)
gpgobj.destroy_environment()
def test_encrypt_file(self):
# setup the GPG key before
GLSetting.gpgroot = GPGROOT
tempsource = os.path.join(os.getcwd(), "temp_source.txt")
with file(tempsource, 'w+') as f1:
f1.write(
"\n\nDecrypt the Cat!\n\nhttp://tobtu.com/decryptocat.php\n\n")
f1.seek(0)
fake_receiver_desc = {
'gpg_key_armor': unicode(VALID_PGP_KEY1),
'gpg_key_status': u'enabled',
'gpg_key_fingerprint':
u"CF4A22020873A76D1DCB68D32B25551568E49345",
'username': u'*****@*****.**',
}
# these are the same lines used in delivery_sched.py
gpgobj = GLBGPG()
gpgobj.load_key(VALID_PGP_KEY1)
encrypted_file_path, encrypted_file_size = gpgobj.encrypt_file(
fake_receiver_desc['gpg_key_fingerprint'], tempsource, f1,
"/tmp")
gpgobj.destroy_environment()
with file(encrypted_file_path, "r") as f2:
first_line = f2.readline()
self.assertSubstring('-----BEGIN PGP MESSAGE-----', first_line)
with file(encrypted_file_path, "r") as f2:
whole = f2.read()
self.assertEqual(encrypted_file_size, len(whole))
def migrate_Receiver(self):
print "%s Receiver migration assistant" % self.std_fancy
gpgobj = GLBGPG()
old_receivers = self.store_old.find(
self.get_right_model("Receiver", 16))
for old_receiver in old_receivers:
new_receiver = self.get_right_model("Receiver", 17)()
gpg_key_expiration = datetime_null()
if old_receiver.gpg_key_armor:
try:
gpg_key_expiration = gpgobj.load_key(
old_receiver.gpg_key_armor)['expiration']
except:
pass
for _, v in new_receiver._storm_columns.iteritems():
if v.name == 'gpg_key_status':
if old_receiver.gpg_key_status == u'Enabled':
new_receiver.gpg_key_status = u'enabled'
else:
new_receiver.gpg_key_status = u'disabled'
continue
if v.name == 'gpg_key_expiration':
new_receiver.gpg_key_expiration = gpg_key_expiration
continue
setattr(new_receiver, v.name, getattr(old_receiver, v.name))
self.store_new.add(new_receiver)
self.store_new.commit()
gpgobj.destroy_environment()
def do_notify(self, event):
if not self.validate_admin_opt(event.notification_settings):
log.info('invalid mail settings for admin')
return None
# At the moment the language used is a system language, not
# Receiver preferences language ?
if event.type == u'encrypted_tip':
body = Templating().format_template(
event.notification_settings['encrypted_tip_template'], event)
title = Templating().format_template(
event.notification_settings['encrypted_tip_mail_title'], event)
elif event.type == u'plaintext_tip':
body = Templating().format_template(
event.notification_settings['plaintext_tip_template'], event)
title = Templating().format_template(
event.notification_settings['plaintext_tip_mail_title'], event)
elif event.type == u'encrypted_file':
body = Templating().format_template(
event.notification_settings['encrypted_file_template'], event)
title = Templating().format_template(
event.notification_settings['encrypted_file_mail_title'], event)
elif event.type == u'plaintext_file':
body = Templating().format_template(
event.notification_settings['plaintext_file_template'], event)
title = Templating().format_template(
event.notification_settings['plaintext_file_mail_title'], event)
elif event.type == u'encrypted_comment':
body = Templating().format_template(
event.notification_settings['encrypted_comment_template'], event)
title = Templating().format_template(
event.notification_settings['encrypted_comment_mail_title'], event)
elif event.type == u'plaintext_comment':
body = Templating().format_template(
event.notification_settings['plaintext_comment_template'], event)
title = Templating().format_template(
event.notification_settings['plaintext_comment_mail_title'], event)
elif event.type == u'encrypted_message':
body = Templating().format_template(
event.notification_settings['encrypted_message_template'], event)
title = Templating().format_template(
event.notification_settings['encrypted_message_mail_title'], event)
elif event.type == u'plaintext_message':
body = Templating().format_template(
event.notification_settings['plaintext_message_template'], event)
title = Templating().format_template(
event.notification_settings['plaintext_message_mail_title'], event)
else:
raise NotImplementedError("At the moment, only Tip expected")
# If the receiver has encryption enabled (for notification), encrypt the mail body
if event.receiver_info['gpg_key_status'] == u'enabled':
gpob = GLBGPG()
try:
gpob.load_key(event.receiver_info['gpg_key_armor'])
body = gpob.encrypt_message(event.receiver_info['gpg_key_fingerprint'], body)
except Exception as excep:
log.err("Error in GPG interface object (for %s: %s)! (notification+encryption)" %
(event.receiver_info['username'], str(excep) ))
return None # We return None and the mail will be delayed
# If GPG is enabled and the key is invalid this
# is the only possiibly thing to do.
# The PGP check schedule will disable the key
# and alert the user and the admin
finally:
# the finally statement is always called also if
# except contains a return or a raise
gpob.destroy_environment()
receiver_mail = event.receiver_info['mail_address']
# XXX here can be catch the subject (may change if encrypted or whatever)
message = MIME_mail_build(GLSetting.memory_copy.notif_source_name,
GLSetting.memory_copy.notif_source_email,
event.receiver_info['name'],
receiver_mail,
title,
body)
return self.mail_flush(event.notification_settings['source_email'],
[receiver_mail], message, event)
