def test_encrypt_and_decrypt_file(self): chunk_size = 1 prv_key, pub_key = GCE.generate_keypair() a = __file__ b = os.path.join(Settings.tmp_path, 'b') c = os.path.join(Settings.tmp_path, 'c') with open(a, 'rb') as input_fd, GCE.streaming_encryption_open('ENCRYPT', pub_key, b) as seo: chunk = input_fd.read(1) while(True): x = input_fd.read(1) if not x: seo.encrypt_chunk(chunk, 1) break seo.encrypt_chunk(chunk, 0) chunk = x with open(c, 'wb') as output_fd,\ GCE.streaming_encryption_open('DECRYPT', prv_key, b) as seo: while(True): last, data = seo.decrypt_chunk() output_fd.write(data) if last: break self.assertFalse(filecmp.cmp(a, b, False)) self.assertTrue(filecmp.cmp(a, c, False))
def test_encrypt_and_decrypt_file(self): chunk_size = 1 prv_key, pub_key = GCE.generate_keypair() a = __file__ b = os.path.join(Settings.tmp_path, 'b') c = os.path.join(Settings.tmp_path, 'c') with open(a, 'rb') as input_fd, GCE.streaming_encryption_open( 'ENCRYPT', pub_key, b) as seo: chunk = input_fd.read(1) while (True): x = input_fd.read(1) if not x: seo.encrypt_chunk(chunk, 1) break seo.encrypt_chunk(chunk, 0) chunk = x with open(c, 'wb') as output_fd,\ GCE.streaming_encryption_open('DECRYPT', prv_key, b) as seo: while (True): last, data = seo.decrypt_chunk() output_fd.write(data) if last: break self.assertFalse(filecmp.cmp(a, b, False)) self.assertTrue(filecmp.cmp(a, c, False))
def get(self, rtip_id): tip_export = yield get_tip_export(self.request.tid, self.current_user.user_id, rtip_id, self.request.language) if tip_export['crypto_tip_prv_key']: tip_export['tip'] = yield deferToThread( decrypt_tip, self.current_user.cc, tip_export['crypto_tip_prv_key'], tip_export['tip']) for file_dict in tip_export['tip']['rfiles'] + tip_export['tip'][ 'wbfiles']: if file_dict.get('status', '') == 'encrypted' or file_dict.get('forged'): continue tip_prv_key = GCE.asymmetric_decrypt( self.current_user.cc, tip_export['crypto_tip_prv_key']) file_dict['fo'] = GCE.streaming_encryption_open( 'DECRYPT', tip_prv_key, file_dict['path']) del file_dict['path'] for file_dict in tip_export['tip']['rfiles']: file_dict['name'] = 'files/' + file_dict['name'] if file_dict.get('status', '') == 'encrypted': file_dict['name'] += '.pgp' for file_dict in tip_export['tip']['wbfiles']: file_dict[ 'name'] = 'files_attached_from_recipients/' + file_dict['name'] tip_export['comments'] = tip_export['tip']['comments'] tip_export['messages'] = tip_export['tip']['messages'] files = tip_export['tip']['rfiles'] + tip_export['tip']['wbfiles'] del tip_export['tip']['rfiles'], tip_export['tip']['wbfiles'] export_template = Templating().format_template( tip_export['notification']['export_template'], tip_export).encode() export_template = msdos_encode(export_template.decode()).encode() files.append({ 'fo': BytesIO(export_template), 'name': 'data.txt', 'forged': True }) self.request.setHeader(b'X-Download-Options', b'noopen') self.request.setHeader(b'Content-Type', b'application/octet-stream') self.request.setHeader(b'Content-Disposition', b'attachment; filename="submission.zip"') self.zip_stream = iter(ZipStream(files)) yield ZipStreamProducer(self, self.zip_stream).start()
def write_encrypted_file(key, sf, dest_path): try: with sf.open('rb') as encrypted_file, \ GCE.streaming_encryption_open('ENCRYPT', key, dest_path) as seo: chunk = encrypted_file.read(abstract.FileDescriptor.bufferSize) while chunk: seo.encrypt_chunk(chunk, 0) chunk = encrypted_file.read(abstract.FileDescriptor.bufferSize) seo.encrypt_chunk(b'', 1) except Exception as excep: log.err("Unable to create plaintext file %s: %s", dest_path, excep)
def get(self, rfile_id): rfile, tip_prv_key = yield self.download_rfile(self.request.tid, self.current_user.user_id, rfile_id) filelocation = os.path.join(Settings.attachments_path, rfile['filename']) directory_traversal_check(Settings.attachments_path, filelocation) if tip_prv_key: tip_prv_key = GCE.asymmetric_decrypt(self.current_user.cc, tip_prv_key) fo = GCE.streaming_encryption_open('DECRYPT', tip_prv_key, filelocation) yield self.write_file_as_download_fo(rfile['name'], fo) else: yield self.write_file_as_download(rfile['name'], filelocation)
def get(self, rfile_id): rfile, tip_prv_key = yield self.download_rfile(self.request.tid, self.current_user.user_id, rfile_id) filelocation = os.path.join(Settings.attachments_path, rfile['filename']) directory_traversal_check(Settings.attachments_path, filelocation) if tip_prv_key: tip_prv_key = GCE.asymmetric_decrypt(self.current_user.cc, tip_prv_key) fo = GCE.streaming_encryption_open('DECRYPT', tip_prv_key, filelocation) yield self.write_file_as_download_fo(rfile['name'], fo) else: yield self.write_file_as_download(rfile['name'], filelocation)
def write_encrypted_file(key, sf, dest_path): try: with sf.open('rb') as encrypted_file, \ GCE.streaming_encryption_open('ENCRYPT', key, dest_path) as seo: chunk = encrypted_file.read(abstract.FileDescriptor.bufferSize) while True: x = encrypted_file.read(abstract.FileDescriptor.bufferSize) if not x: seo.encrypt_chunk(chunk, 1) break seo.encrypt_chunk(chunk, 0) chunk = x except Exception as excep: log.err("Unable to create plaintext file %s: %s", dest_path, excep)
def get(self, rtip_id): tip_export = yield get_tip_export(self.request.tid, self.current_user.user_id, rtip_id, self.request.language) if tip_export['crypto_tip_prv_key']: for file_dict in tip_export['files']: if file_dict['forged']: continue tip_prv_key = GCE.asymmetric_decrypt(self.current_user.cc, tip_export['crypto_tip_prv_key']) file_dict['fo'] = GCE.streaming_encryption_open('DECRYPT', tip_prv_key, file_dict['path']) del file_dict['path'] self.request.setHeader(b'X-Download-Options', b'noopen') self.request.setHeader(b'Content-Type', b'application/octet-stream') self.request.setHeader(b'Content-Disposition', b'attachment; filename="submission.zip"') self.zip_stream = iter(ZipStream(tip_export['files'])) yield ZipStreamProducer(self, self.zip_stream).start()