def mkdir_handler(arg): if arg.path: # TODO do recursive get on the path /a/b/c/ # TODO assert somehow that the path exists on the server return else: if arg.root: # create root dir (root_private, root_public, cap) = crypto.generate_RSA() root_cap = [DIR_WRITE_CAP, cap[0], cap[1]] data = {".": ":".join(root_cap)} print "ROOT CAP: ", root_cap with open("private/root_dir.cap", 'w') as f: c = arg.name + "|" + capToString(root_cap) + "\n" f.write(c) else: # assume the root exists with open("private/root_dir.cap", 'r') as f: line = f.read() if line and line != "\n": line = line[line.find("|")+1:].strip("\n") root_cap = line.split(":") root_cap[2] = root_cap[2] cipher = get_data(line) (data, root_private, root_public)= crypto.unpackage_data(root_cap, cipher) data = json.loads(data) (private, public, cap) = crypto.generate_RSA() cap = [DIR_WRITE_CAP, cap[0], cap[1]] data[arg.name] = ":".join(cap) # post new dir 1st new_data = {".": ":".join(cap)} new_data = json.dumps(new_data) new_data = crypto.package_data(new_data, cap, private, public) print_capabilities(cap) post_data(new_data, capToString(cap)) else: return # post root dir data data = json.dumps(data) data = crypto.package_data(data, root_cap, root_private, root_public) print_capabilities(root_cap) post_data(data, capToString(root_cap))
def put_handler(arg): if arg.writecap: # putting with a cap requires # 1) Getting the encrypted private key # 2) Decrypting it, and using it to sign the updated data # 3) Signing the encryption of the updated data with the private key cap = arg.writecap.split(":") cipher = get_data(arg.writecap) (data, private, public) = crypto.unpackage_data(cap, cipher) else: with open("private/root_dir.cap", 'r') as f: line = f.read() if line and line != "\n": line = line[line.find("|")+1:].strip("\n") root_cap = line.split(":") cipher = get_data(line) (data, root_private, root_public)= crypto.unpackage_data(root_cap, cipher) data = json.loads(data) # here cap is (my_hash(private_key), my_hash(public_key)) (private, public, cap) = crypto.generate_RSA() cap = [FILE_WRITE_CAP, cap[0], cap[1]] # put name in dir data[arg.name] = capToString(cap) # update root dir data data = json.dumps(data) data = crypto.package_data(data, root_cap, root_private, root_public) print_capabilities(root_cap) post_data(data, capToString(root_cap)) # save the cap in a private file with open('private/files.txt', "a") as f: c = arg.name+ "|" + capToString(cap)+ "\n" f.write(c) # TODO get rid of key storage by making get to the server via URI after createion # save the private key in a file with open('private/keys/'+arg.name+"public", "w") as f: f.write(public) with open('private/keys/'+arg.name+"private", "w") as f: f.write(private) data = arg.data data = crypto.package_data(data, cap, private, public) print_capabilities(cap) h = crypto.my_hash(cap[1])[:16] cap[1] = crypto.my_hash(h) post_data(data, capToString(cap))
def put_handler(arg): if arg.writecap: # putting with a cap requires # 1) Getting the encrypted private key # 2) Decrypting it, and using it to sign the updated data same signature fro authenticity # 3) Signing the encryption of the updated data with the private key cap = arg.writecap.split(":") cipher = get_data(arg.writecap) data_ar = cipher.split(SPLIT_SYMBOL) sign = data_ar[1] data = data_ar[0] public = data_ar[2] assert(data_ar[3] == crypto.my_hash(public)) valid = crypto.verify_RSA(public, sign, data) print "Valid: ", valid if valid: # generate the AES decryption key and decrypt salt = "a"*16 s = str(cap[1] + salt) hashed_key = crypto.my_hash(s) ptext = crypto.decrypt(data, hashed_key[:16]) splitted = ptext.split(SPLIT_SYMBOL) raw_data = splitted[0] enc_pk = splitted[1] private = crypto.decrypt(enc_pk, cap[1]) data = arg.data else: # here cap is (my_hash(private_key), my_hash(public_key)) (private, public, cap) = crypto.generate_RSA() cap = [FILE_WRITE_CAP, cap[0], cap[1]] # save the cap in a private file with open('private/files.txt', "a") as f: c = arg.name+ "|" + cap[0] + ":" + cap[1] + ":" + cap[2] + "\n" f.write(c) # save the private key in a file with open('private/keys/'+arg.name+"public", "w") as f: f.write(public) with open('private/keys/'+arg.name+"private", "w") as f: f.write(private) data = arg.data # store the encrypted private key in the data data = data + SPLIT_SYMBOL + crypto.encrypt(private, cap[1], False) # use the read key as an encryption key for the concatted data salt = "a"*16 s = str(cap[1] + salt) hashed_key = crypto.my_hash(s) # encrypt the data data = crypto.encrypt(data, hashed_key[:16], False) # sign it with private key signature = crypto.sign_data(private, data) # FINAL DATA IS # enc_data | signature | public_key | hash(public_key) data = data +SPLIT_SYMBOL+ signature + SPLIT_SYMBOL + public + SPLIT_SYMBOL + crypto.my_hash(public) # double hash the key to get the file name file_name = crypto.my_hash(crypto.my_hash(cap[1])) write = ":".join(map(str, cap)) print "Write cap for the file is: %s" % write cap[0] = FILE_READ_CAP cap[1] = crypto.my_hash(cap[1])[:16] read = ":".join(map(str, cap)) print "Read cap for the file is: %s" % read print "You can access the capability in private/files.txt" post_data(data, write)