def test_encrypt_and_decrypt_file(self):
chunk_size = 1
prv_key, pub_key = GCE.generate_keypair()
a = __file__
b = os.path.join(Settings.tmp_path, 'b')
c = os.path.join(Settings.tmp_path, 'c')
with open(a, 'rb') as input_fd, GCE.streaming_encryption_open('ENCRYPT', pub_key, b) as seo:
chunk = input_fd.read(1)
while(True):
x = input_fd.read(1)
if not x:
seo.encrypt_chunk(chunk, 1)
break
seo.encrypt_chunk(chunk, 0)
chunk = x
with open(c, 'wb') as output_fd,\
GCE.streaming_encryption_open('DECRYPT', prv_key, b) as seo:
while(True):
last, data = seo.decrypt_chunk()
output_fd.write(data)
if last:
break
self.assertFalse(filecmp.cmp(a, b, False))
self.assertTrue(filecmp.cmp(a, c, False))
def test_encrypt_and_decrypt_file(self):
chunk_size = 1
prv_key, pub_key = GCE.generate_keypair()
a = __file__
b = os.path.join(Settings.tmp_path, 'b')
c = os.path.join(Settings.tmp_path, 'c')
with open(a, 'rb') as input_fd, GCE.streaming_encryption_open(
'ENCRYPT', pub_key, b) as seo:
chunk = input_fd.read(1)
while (True):
x = input_fd.read(1)
if not x:
seo.encrypt_chunk(chunk, 1)
break
seo.encrypt_chunk(chunk, 0)
chunk = x
with open(c, 'wb') as output_fd,\
GCE.streaming_encryption_open('DECRYPT', prv_key, b) as seo:
while (True):
last, data = seo.decrypt_chunk()
output_fd.write(data)
if last:
break
self.assertFalse(filecmp.cmp(a, b, False))
self.assertTrue(filecmp.cmp(a, c, False))
def get(self, rtip_id):
tip_export = yield get_tip_export(self.request.tid,
self.current_user.user_id, rtip_id,
self.request.language)
if tip_export['crypto_tip_prv_key']:
tip_export['tip'] = yield deferToThread(
decrypt_tip, self.current_user.cc,
tip_export['crypto_tip_prv_key'], tip_export['tip'])
for file_dict in tip_export['tip']['rfiles'] + tip_export['tip'][
'wbfiles']:
if file_dict.get('status',
'') == 'encrypted' or file_dict.get('forged'):
continue
tip_prv_key = GCE.asymmetric_decrypt(
self.current_user.cc, tip_export['crypto_tip_prv_key'])
file_dict['fo'] = GCE.streaming_encryption_open(
'DECRYPT', tip_prv_key, file_dict['path'])
del file_dict['path']
for file_dict in tip_export['tip']['rfiles']:
file_dict['name'] = 'files/' + file_dict['name']
if file_dict.get('status', '') == 'encrypted':
file_dict['name'] += '.pgp'
for file_dict in tip_export['tip']['wbfiles']:
file_dict[
'name'] = 'files_attached_from_recipients/' + file_dict['name']
tip_export['comments'] = tip_export['tip']['comments']
tip_export['messages'] = tip_export['tip']['messages']
files = tip_export['tip']['rfiles'] + tip_export['tip']['wbfiles']
del tip_export['tip']['rfiles'], tip_export['tip']['wbfiles']
export_template = Templating().format_template(
tip_export['notification']['export_template'],
tip_export).encode()
export_template = msdos_encode(export_template.decode()).encode()
files.append({
'fo': BytesIO(export_template),
'name': 'data.txt',
'forged': True
})
self.request.setHeader(b'X-Download-Options', b'noopen')
self.request.setHeader(b'Content-Type', b'application/octet-stream')
self.request.setHeader(b'Content-Disposition',
b'attachment; filename="submission.zip"')
self.zip_stream = iter(ZipStream(files))
yield ZipStreamProducer(self, self.zip_stream).start()
def write_encrypted_file(key, sf, dest_path):
try:
with sf.open('rb') as encrypted_file, \
GCE.streaming_encryption_open('ENCRYPT', key, dest_path) as seo:
chunk = encrypted_file.read(abstract.FileDescriptor.bufferSize)
while chunk:
seo.encrypt_chunk(chunk, 0)
chunk = encrypted_file.read(abstract.FileDescriptor.bufferSize)
seo.encrypt_chunk(b'', 1)
except Exception as excep:
log.err("Unable to create plaintext file %s: %s", dest_path, excep)
def get(self, rfile_id):
rfile, tip_prv_key = yield self.download_rfile(self.request.tid, self.current_user.user_id, rfile_id)
filelocation = os.path.join(Settings.attachments_path, rfile['filename'])
directory_traversal_check(Settings.attachments_path, filelocation)
if tip_prv_key:
tip_prv_key = GCE.asymmetric_decrypt(self.current_user.cc, tip_prv_key)
fo = GCE.streaming_encryption_open('DECRYPT', tip_prv_key, filelocation)
yield self.write_file_as_download_fo(rfile['name'], fo)
else:
yield self.write_file_as_download(rfile['name'], filelocation)
def get(self, rfile_id):
rfile, tip_prv_key = yield self.download_rfile(self.request.tid, self.current_user.user_id, rfile_id)
filelocation = os.path.join(Settings.attachments_path, rfile['filename'])
directory_traversal_check(Settings.attachments_path, filelocation)
if tip_prv_key:
tip_prv_key = GCE.asymmetric_decrypt(self.current_user.cc, tip_prv_key)
fo = GCE.streaming_encryption_open('DECRYPT', tip_prv_key, filelocation)
yield self.write_file_as_download_fo(rfile['name'], fo)
else:
yield self.write_file_as_download(rfile['name'], filelocation)
def write_encrypted_file(key, sf, dest_path):
try:
with sf.open('rb') as encrypted_file, \
GCE.streaming_encryption_open('ENCRYPT', key, dest_path) as seo:
chunk = encrypted_file.read(abstract.FileDescriptor.bufferSize)
while True:
x = encrypted_file.read(abstract.FileDescriptor.bufferSize)
if not x:
seo.encrypt_chunk(chunk, 1)
break
seo.encrypt_chunk(chunk, 0)
chunk = x
except Exception as excep:
log.err("Unable to create plaintext file %s: %s", dest_path, excep)
def get(self, rtip_id):
tip_export = yield get_tip_export(self.request.tid,
self.current_user.user_id,
rtip_id,
self.request.language)
if tip_export['crypto_tip_prv_key']:
for file_dict in tip_export['files']:
if file_dict['forged']:
continue
tip_prv_key = GCE.asymmetric_decrypt(self.current_user.cc, tip_export['crypto_tip_prv_key'])
file_dict['fo'] = GCE.streaming_encryption_open('DECRYPT', tip_prv_key, file_dict['path'])
del file_dict['path']
self.request.setHeader(b'X-Download-Options', b'noopen')
self.request.setHeader(b'Content-Type', b'application/octet-stream')
self.request.setHeader(b'Content-Disposition', b'attachment; filename="submission.zip"')
self.zip_stream = iter(ZipStream(tip_export['files']))
yield ZipStreamProducer(self, self.zip_stream).start()
