def rm(USER_NAME, USER_PATH, USER_PRK, args):
# verify command
rm_file = args[0]
if rm_file[-1] == '/':
info = 'this is not a file'
return False, info
if rm_file[0:2] == './':
rm_file = rm_file[2:]
if rm_file[0] == '/':
rm_path_split = rm_file.split('/')
if USER_NAME != rm_path_split[1]:
info = 'file permission denied'
with open(ILLIGAL_LOG_FILE, 'a') as f:
f.write('\n' + USER_NAME + ':' + 'rm ' + rm_file)
return False, info
else:
rm_path = EFS_DIR + rm_file[1:]
else:
rm_path = EFS_DIR + USER_PATH + '/' + rm_file
if not os.path.isfile(rm_path):
info = 'no such file'
return False, info
if rm_path == EFS_DIR + USER_NAME + '/' + 'share.json' or rm_path == EFS_DIR + USER_NAME + '/' + 'share_mirror.json':
info = 'permission denied'
with open(ILLIGAL_LOG_FILE, 'a') as f:
f.write('\n' + USER_NAME + ':' + 'rm ' + rm_path)
return False, info
if not os.path.isfile(rm_path):
#os.system(" sshpass -p 'gjr950614' ssh [email protected] rm /home/gaojiarui/myserver/test.txt")
info = 'no such file'
return False, info
try:
USER_PK, USER_PRK, USER_AES = _get_keys(USER_NAME, USER_PRK)
except:
info = 'get keys error'
return False, info
# get encrypted file name
en_file_name = encrypt.encrypt_filename(USER_PK, rm_path)
en_file_name = en_file_name.replace("/", r"_")[0:100]
try:
os.system(PASS + ' ssh ' + SSH_SERVER + ' rm ' + SERVER_PATH +
en_file_name)
except:
info = 'error in removing file from the server'
return False, info
os.remove(rm_path)
info = 'succeed'
return True, info
def download_share(USER_NAME, args):
file_path = args[0]
loc_RSA_1 = args[1]
loc_RSA_2 = args[2]
save_pos = args[3]
if file_path[0] == '/':
info = 'file name should be one of the listed results in "ls -s" in user/share/'
return False, info
share_path = '/' + USER_NAME + '/share/' + file_path
with open(EFS_DIR + USER_NAME + '/share_mirror.json', 'r') as f:
data = json.load(f)
if share_path not in data.keys():
info = 'file name should be one of the listed results in "ls -s" in user/share/'
return False, info
share_mirror = data[share_path]
group_name = share_mirror.split('/')
filename = group_name[-1]
group_name = group_name[1]
real_path = EFS_DIR + str(share_mirror[1:])
with open(loc_RSA_1, 'r') as f:
SHARE_RSA_1 = RSA.importKey(f.read())
with open(loc_RSA_2, 'r') as f:
SHARE_RSA_2 = RSA.importKey(f.read())
with open(EFS_DIR + '/key/' + group_name + '_RSA_1.pem', 'r') as f:
SHARE_PUBLIC_RSA_1 = RSA.importKey(f.read())
with open(EFS_DIR + '/key/' + group_name + '_RSA_2.pem', 'r') as f:
SHARE_PUBLIC_RSA_2 = RSA.importKey(f.read())
with open(EFS_DIR + '/key/' + group_name + '_RSA_3.pem', 'r') as f:
SHARE_PUBLIC_RSA_3 = RSA.importKey(f.read())
if not SHARE_RSA_1.decrypt(SHARE_PUBLIC_RSA_1.encrypt(USER_NAME,
'')) == USER_NAME:
with open(ILLIGAL_LOG_FILE, 'a') as f:
f.write('\n' + USER_NAME + ':' + 'download-share RSA_1 ' +
file_path)
info = 'invalid RSA_1'
return False, info
if not SHARE_RSA_2.decrypt(SHARE_PUBLIC_RSA_2.encrypt(USER_NAME,
'')) == USER_NAME:
with open(ILLIGAL_LOG_FILE, 'a') as f:
f.write('\n' + USER_NAME + ':' + 'download-share RSA_ ' +
file_path)
info = 'invalid RSA_2'
return False, info
# get AES key
with open(EFS_DIR + 'user_encrypt_AES.json', 'r') as f:
AES_data = json.load(f)
cipheraes = AES_data[group_name]
SHARE_AES = encrypt.decrypt_aes(SHARE_RSA_2, cipheraes)
en_file_name = encrypt.encrypt_filename(SHARE_RSA_1, real_path)
en_file_name = en_file_name.replace("/", r"_")[0:100]
# download file
os.system(PASS + 'scp ' + SERVER + en_file_name + ' ' + save_pos)
os.rename(save_pos + '/' + en_file_name, save_pos + '/' + filename)
with open(save_pos + '/' + filename, 'r') as f:
cipherfile = f.read()
signature = cipherfile[0:344]
cipherfile = cipherfile[344:]
with open(save_pos + '/' + filename, 'w') as f:
f.write(cipherfile)
verify = encrypt.verify_sign(SHARE_PUBLIC_RSA_3, signature, cipherfile)
if not verify:
info = 'the file has been modified illegally'
os.remove(save_pos + '/' + filename)
try:
split_real_path = real_path.split('/')
split_real_path = split_real_path[:-1]
en_source = '/'.join(split_real_path) + '/' + en_file_name
os.rename(real_path, en_source)
os.system(PASS + 'scp ' + en_source + SERVER)
os.rename(en_source, real_path)
info = info + ' and the backup file has been uploaded, please download again'
return False, info
except:
info = info + ' and fail to upload the backup file'
return False, info
else:
try:
# update backup
with open(save_pos + '/' + filename, 'r') as f:
cipherfile = f.read()
with open(real_path, 'w') as f:
f.write(cipherfile)
plain = encrypt.decrypt_file(SHARE_AES, save_pos + '/' + filename)
with open(save_pos + '/' + filename, 'w') as f:
f.write(plain)
info = 'succeed'
return True, info
except:
info = 'decrypt error'
return False, info
info = 'succeed'
return True, info
def upload_share(USER_NAME, args):
file_path = args[0]
group_name = args[1]
loc_RSA_1 = args[2]
loc_RSA_3 = args[3]
if not os.path.isfile(file_path):
info = 'no such file'
return False, info
if file_path[0] != '/':
info = 'absolute file path only'
return False, info
with open(loc_RSA_1, 'r') as f:
SHARE_RSA_1 = RSA.importKey(f.read())
with open(loc_RSA_3, 'r') as f:
SHARE_RSA_3 = RSA.importKey(f.read())
with open(EFS_DIR + '/key/' + group_name + '_RSA_1.pem', 'r') as f:
SHARE_PUBLIC_RSA_1 = RSA.importKey(f.read())
with open(EFS_DIR + '/key/' + group_name + '_RSA_2.pem', 'r') as f:
SHARE_PUBLIC_RSA_2 = RSA.importKey(f.read())
with open(EFS_DIR + '/key/' + group_name + '_RSA_3.pem', 'r') as f:
SHARE_PUBLIC_RSA_3 = RSA.importKey(f.read())
split_file_path = file_path.split('/')
filename = split_file_path[-1]
share_path = EFS_DIR + group_name + '/' + filename
if not SHARE_RSA_1.decrypt(SHARE_PUBLIC_RSA_1.encrypt(USER_NAME,
'')) == USER_NAME:
with open(ILLIGAL_LOG_FILE, 'a') as f:
f.write('\n' + USER_NAME + ':' + 'upload-share RSA_1 ' + file_path)
info = 'invalid RSA_1'
return False, info
if not SHARE_RSA_3.decrypt(SHARE_PUBLIC_RSA_3.encrypt(USER_NAME,
'')) == USER_NAME:
with open(ILLIGAL_LOG_FILE, 'a') as f:
f.write('\n' + USER_NAME + ':' + 'upload-share RSA_3 ' + file_path)
info = 'invalid RSA_3'
return False, info
with open(file_path, 'r') as f:
data = f.read()
with open(share_path, 'w') as f:
f.write(data)
# new AES key
SHARE_AES = encrypt.generate_AES()
EN_SHARE_AES = encrypt.encrypt_aes(SHARE_PUBLIC_RSA_2, SHARE_AES)
with open(EFS_DIR + 'user_encrypt_AES.json', 'r') as f:
AES_data = json.load(f)
AES_data[group_name] = EN_SHARE_AES
with open(EFS_DIR + 'user_encrypt_AES.json', 'w') as f:
json.dump(AES_data, f)
# encrypt filename
en_share_path = encrypt.encrypt_filename(SHARE_RSA_1, share_path)
en_share_path = en_share_path.replace("/", r"_")[0:100]
# encrypt file content
cipherfile = encrypt.encrypt_file(SHARE_AES, share_path)
# sign the hash value of the file
signature = encrypt.sign_file(SHARE_RSA_3, cipherfile)
# len(signature) = 344
cipherfile = signature + cipherfile
with open(EFS_DIR + group_name + '/' + en_share_path, 'w') as f:
f.write(cipherfile)
os.system(PASS + 'scp ' + EFS_DIR + group_name + '/' + en_share_path +
' ' + SERVER)
os.rename(EFS_DIR + group_name + '/' + en_share_path, share_path)
member = group_name.split('_')
for i in member:
user_path = EFS_DIR + i + '/'
with open(user_path + 'share_mirror.json', 'r') as f:
data = json.load(f)
data['/' + i + '/share/' + USER_NAME + '/' +
filename] = '/' + group_name + '/' + filename
with open(user_path + 'share_mirror.json', 'w') as f:
json.dump(data, f)
info = 'succeed'
return True, info
def prepare_share(USER_NAME, USER_PATH, USER_PRK, source, pair_user_mode,
pair_user_loc):
share_user = pair_user_mode.keys()
share_file = '_'.join(share_user)
if os.path.isdir(EFS_DIR + share_file):
info = 'directory exsits'
return False, info
try:
share_RSA_1 = encrypt.generate_RSA()
share_RSA_2 = encrypt.generate_RSA()
share_RSA_3 = encrypt.generate_RSA()
share_AES = encrypt.generate_AES()
except:
info = 'error generate keys'
return False, info
try:
with open(EFS_DIR + 'share_public_RSA.json', 'r') as f:
share_RSA_data = json.load(f)
except:
with open(EFS_DIR + 'share_public_RSA.json', 'w') as f:
json.dump({}, f)
share_RSA_data = {}
try:
with open(EFS_DIR + 'user_encrypt_AES.json', 'r') as f:
AES_data = json.load(f)
except:
with open(EFS_DIR + 'user_encrypt_AES.json', 'w') as f:
json.dump({}, f)
AES_data = {}
share_public_RSA_1 = share_RSA_1.publickey()
share_public_RSA_2 = share_RSA_2.publickey()
share_public_RSA_3 = share_RSA_3.publickey()
share_encrypt_AES = encrypt.encrypt_aes(share_RSA_2, share_AES)
share_RSA = {}
share_RSA['RSA_1'] = EFS_DIR + 'key/' + str(share_file) + '_RSA_1.pem'
share_RSA['RSA_2'] = EFS_DIR + 'key/' + str(share_file) + '_RSA_2.pem'
share_RSA['RSA_3'] = EFS_DIR + 'key/' + str(share_file) + '_RSA_3.pem'
share_RSA_data[share_file] = share_RSA
try:
with open(share_RSA['RSA_1'], 'w') as f:
f.write(share_public_RSA_1.exportKey('PEM'))
f.close()
with open(share_RSA['RSA_2'], 'w') as f:
f.write(share_public_RSA_2.exportKey('PEM'))
f.close()
with open(share_RSA['RSA_3'], 'w') as f:
f.write(share_public_RSA_3.exportKey('PEM'))
f.close()
except:
info = 'fail to save public key'
return False, info
AES_data[share_file] = share_encrypt_AES
try:
with open(EFS_DIR + 'user_encrypt_AES.json', 'w') as g:
json.dump(AES_data, g)
with open(EFS_DIR + 'share_public_RSA.json', 'w') as f:
json.dump(share_RSA_data, f)
except:
info = 'fail to update keys'
return False, info
# store keys for members
# read: rsa_1 rsa_2
# write: rsa_1 rsa_3
# read & write: rsa_1 rsa_2 rsa_3
for i in pair_user_mode.keys():
mode = pair_user_mode[i]
loc = pair_user_loc[i]
if loc[-1] != '/':
loc = loc + '/'
if not os.path.isdir(loc):
info = 'fail to save private key for ' + str(i) + ' at ' + str(loc)
return False, info
if mode == '-r':
try:
with open(loc + share_file + '_RSA_1.pem', 'w') as f:
f.write(share_RSA_1.exportKey('PEM'))
f.close()
with open(loc + share_file + '_RSA_2.pem', 'w') as f:
f.write(share_RSA_2.exportKey('PEM'))
f.close()
except:
info = 'fail to save private key for ' + str(i) + ' at ' + str(
loc)
return False, info
elif mode == '-w':
try:
with open(loc + share_file + '_RSA_1.pem', 'w') as f:
f.write(share_RSA_1.exportKey('PEM'))
f.close()
with open(loc + share_file + '_RSA_3.pem', 'w') as f:
f.write(share_RSA_3.exportKey('PEM'))
f.close()
except:
info = 'fail to save private key for ' + str(i) + ' at ' + str(
loc)
return False, info
else:
try:
with open(loc + share_file + '_RSA_1.pem', 'w') as f:
f.write(share_RSA_1.exportKey('PEM'))
f.close()
with open(loc + share_file + '_RSA_2.pem', 'w') as f:
f.write(share_RSA_2.exportKey('PEM'))
f.close()
with open(loc + share_file + '_RSA_3.pem', 'w') as f:
f.write(share_RSA_3.exportKey('PEM'))
f.close()
except:
info = 'fail to save private key for ' + str(i) + ' at ' + str(
loc)
return False, info
if source[0] == '/':
source_split = source.split('/')
if USER_NAME != source_split[1]:
info = 'file permission denied'
return False, info
else:
source_file = EFS_DIR + source[1:]
else:
source_file = EFS_DIR + USER_PATH + '/' + source
source_split = source_file.split('/')
filename = source_split[-1]
# update all share file lists
for i in pair_user_loc:
user_path = EFS_DIR + i + '/'
with open(user_path + 'share_mirror.json', 'r') as f:
data = json.load(f)
data['/' + i + '/share/' + USER_NAME + '/' +
filename] = '/' + share_file + '/' + filename
with open(user_path + 'share_mirror.json', 'w') as f:
json.dump(data, f)
try:
USER_PK, USER_PRK, USER_AES = _get_keys(USER_NAME, USER_PRK)
except:
info = 'get keys error'
return False, info
try:
# get encrypted name
dest_file = EFS_DIR + share_file + '/' + filename
en_source_file_name = encrypt.encrypt_filename(USER_PK, source_file)
en_source_file_name = en_source_file_name.replace("/", r"_")[0:100]
en_share_file_name = encrypt.encrypt_filename(USER_PK, dest_file)
en_share_file_name = en_share_file_name.replace("/", r"_")[0:100]
os.system(PASS + 'ssh ' + SSH_SERVER + ' mv ' + SERVER_PATH +
en_source_file_name + ' ' + SERVER_PATH + en_share_file_name)
except:
info = 'cannot move file on the server'
return False, info
try:
dest_file = EFS_DIR + share_file + '/' + filename
os.mkdir(EFS_DIR + share_file)
os.rename(source_file, dest_file)
except:
info = 'unable to make new share directory'
return False, info
info = share_file
return True, info
def cp(USER_NAME, USER_PATH, USER_PRK, args):
old_name = args[0]
new_name = args[1]
# verify old name
if old_name[-1] == '/':
old_name = old_name[:-1]
if old_name[0:2] == './':
old_name = old_name[2:]
if old_name[0] == '/':
old_name_split = old_name.split('/')
if USER_NAME != old_name_split[1]:
with open(ILLIGAL_LOG_FILE, 'a') as f:
f.write('\n' + USER_NAME + ':' + 'cp ' + old_name)
info = 'file permission denied'
return False, info
else:
old_file = EFS_DIR + old_name[1:]
else:
old_file = EFS_DIR + USER_PATH + '/' + old_name
if not os.path.isfile(old_file):
info = 'no such file'
return False, info
# verify new name
if new_name[-1] == '/':
old_file_name = old_file.split('/')
new_name = new_name + old_file_name[-1]
if new_name[0:2] == './':
new_name = new_name[2:]
if new_name[0] == '/':
new_name_split = new_name.split('/')
if USER_NAME != new_name_split[1]:
with open(ILLIGAL_LOG_FILE, 'a') as f:
f.write('\n' + USER_NAME + ':' + 'cp ' + new_name)
info = 'file permission denied'
return False, info
else:
new_file = EFS_DIR + new_name[1:]
else:
new_file = EFS_DIR + USER_PATH + '/' + new_name
try:
USER_PK, USER_PRK, USER_AES = _get_keys(USER_NAME, USER_PRK)
except:
info = 'get keys error'
return False, info
#os.system(" sshpass -p 'gjr950614' ssh [email protected] rm /home/gaojiarui/myserver/test.txt")
try:
# get encrypted name
en_new_file_name = encrypt.encrypt_filename(USER_PK, new_file)
en_new_file_name = en_new_file_name.replace("/", r"_")[0:100]
with open(old_file, 'r') as f:
data = f.read()
with open(new_file, 'w') as f:
f.write(data)
new_split = new_file.split('/')
new_path = new_split[:-1]
en_source = '/'.join(new_path) + '/' + en_new_file_name
os.rename(new_file, en_source)
os.system(PASS + 'scp ' + en_source + SERVER)
os.rename(en_source, new_file)
except:
info = 'cannot copy file to the server'
return False, info
info = 'succeed'
return True, info
def download(USER_NAME, USER_PATH, USER_PRK, args):
#verigy command
source = args[0]
save_pos = args[1]
if source[-1] == '/':
source = source[:-1]
if source[0:2] == './':
source = source[2:]
if not os.path.isdir(save_pos):
info = 'no such destination directory'
return False, info
if source[0] == '/':
source_path_split = source.split('/')
if USER_NAME != source_path_split[1]:
info = 'source directory permission denied'
with open(ILLIGAL_LOG_FILE, 'a') as f:
f.write('\n' + USER_NAME + ':' + 'download ' + source)
return False, info
else:
source_file = EFS_DIR + source[1:]
else:
source_file = EFS_DIR + USER_PATH + '/' + source
if not os.path.isfile(source_file):
info = 'no such source file'
return False, info
try:
USER_PK, USER_PRK, USER_AES = _get_keys(USER_NAME, USER_PRK)
except:
info = 'get keys error'
return False, info
try:
# get encrypted name
en_file_name = encrypt.encrypt_filename(USER_PK, source_file)
en_file_name = en_file_name.replace("/", r"_")[0:100]
# download file
os.system(PASS + 'scp ' + SERVER + en_file_name + ' ' + save_pos)
source_split = source.split('/')
filename = source_split[-1]
os.rename(save_pos + '/' + en_file_name, save_pos + '/' + filename)
except:
info = 'download error'
return False, info
with open(save_pos + '/' + filename, 'r') as f:
cipherfile = f.read()
signature = cipherfile[0:344]
cipherfile = cipherfile[344:]
with open(save_pos + '/' + filename, 'w') as f:
f.write(cipherfile)
verify = encrypt.verify_sign(USER_PRK, signature, cipherfile)
if not verify:
info = 'the file has been modified illegally'
os.remove(save_pos + '/' + filename)
try:
source_path = source_split[:-1]
en_source = EFS_DIR + '/'.join(source_path) + '/' + en_file_name
os.rename(source_file, en_source)
os.system(PASS + 'scp ' + en_source + SERVER)
os.rename(en_source, source_file)
info = 'and the backup file has been uploaded, please read again'
return False, info
except:
info = 'and fail to upload the backup file'
return False, info
else:
try:
# update backup
with open(save_pos + '/' + filename, 'r') as f:
cipherfile = f.read()
with open(source_file, 'w') as f:
f.write(cipherfile)
plain = encrypt.decrypt_file(USER_AES, save_pos + '/' + filename)
with open(save_pos + '/' + filename, 'w') as f:
f.write(plain)
info = 'succeed'
return True, info
except:
info = 'decrypt error'
return False, info
def upload(USER_NAME, USER_PATH, USER_PRK, args):
# verify command
SOURCE = args[0]
dest = args[1]
if dest[-1] == '/':
dest = dest[:-1]
if dest[0:2] == './':
dest = dest[2:]
if not os.path.isfile(SOURCE):
info = 'no such source file'
return False, info
if dest[0] == '/':
dest_path_split = dest.split('/')
if USER_NAME != dest_path_split[1]:
info = 'destination directory permission denied'
with open(ILLIGAL_LOG_FILE, 'a') as f:
f.write('\n' + user + ':' + 'upload ' + dest)
return False, info
else:
DEST = EFS_DIR + dest[1:]
else:
DEST = EFS_DIR + USER_PATH + '/' + dest
if not os.path.isdir(DEST):
info = 'no such destination directory'
return False, info
try:
USER_PK, USER_PRK, USER_AES = _get_keys(USER_NAME, USER_PRK)
except:
info = 'get keys error'
return False, info
try:
# get encrypted file name
source_split = SOURCE.split('/')
filename = source_split[-1]
DEST_FILE = DEST + '/' + filename
en_file_name = encrypt.encrypt_filename(USER_PK, DEST_FILE)
en_file_name = en_file_name.replace("/", r"_")[0:100]
# encrypt file content
cipherfile = encrypt.encrypt_file(USER_AES, SOURCE)
# sign the hash value of the file
signature = encrypt.sign_file(USER_PRK, cipherfile)
# len(signature) = 344
cipherfile = signature + cipherfile
# backup in the file system
EN_DEST_FILE = DEST + '/' + en_file_name
with open(EN_DEST_FILE, 'w') as f:
f.write(cipherfile)
# test: try to decrypt
# plain = encrypt.decrypt_file(USER_AES, DEST_FILE)
# with open(DEST_FILE, 'w') as f:
# f.write(plain)
# upload to the server
os.system(PASS + 'scp ' + EN_DEST_FILE + SERVER)
os.rename(EN_DEST_FILE, DEST_FILE)
except:
info = 'error in uploading'
return False, info
info = 'succeed'
return True, info
def download(USER_NAME, USER_PATH, USER_PRK, USER_IP, SOCKET, ALL_SOCKET,
LOCK_SOCKET, args):
#verigy command
source = args[0]
save_pos = args[1]
if source[-1] == '/':
source = source[:-1]
if source[0:2] == './':
source = source[2:]
if not os.path.isdir(save_pos):
info = 'no such destination directory'
return False, info
if source[0] == '/':
source_path_split = source.split('/')
if USER_NAME != source_path_split[1]:
info = 'source directory permission denied'
with open(ILLIGAL_LOG_FILE, 'a') as f:
f.write('\n' + USER_NAME + ':' + 'download ' + source)
return False, info
else:
source_file = EFS_DIR + source[1:]
else:
source_file = EFS_DIR + USER_PATH + '/' + source
if not os.path.isfile(source_file):
info = 'no such source file'
return False, info
_USER_PRK = USER_PRK
try:
USER_PK, USER_PRK, USER_AES = _get_keys(USER_NAME, USER_PRK)
except:
info = 'get keys error'
return False, info
try:
# get encrypted name
en_file_name = encrypt.encrypt_filename(USER_PK, source_file)
en_file_name = en_file_name.replace("/", r"_")[0:100]
# download file
#os.system(PASS + 'scp ' + SERVER + en_file_name + ' ' + save_pos)
_inquire(en_file_name, SOCKET, 0)
DataNode = _get_datanode(SOCKET)
#_upload_DataNode(USER_IP, cipherfile[0:16384], DataNode_1, 1, en_file_name)
while _get_read_lock(LOCK_SOCKET, en_file_name) == 0:
pass
i = 1
cipherfile = ''
while DataNode.has_key(str(i)):
datanode_port = int(DataNode[str(i)][0])
data = str(
_download_DataNode(en_file_name + '_' + str(i), datanode_port,
ALL_SOCKET[datanode_port], int(i)))
cipherfile = cipherfile + data
i = i + 1
# if int(i) != len(cipherfile) / 16384 + 1:
# _upload_DataNode(USER_IP, cipherfile[(int(i)-1)*16384:int(i)*16384], ALL_SOCKET[j], int(i), en_file_name+'_'+str(i), j)
# else:
# _upload_DataNode(USER_IP, cipherfile[(int(i)-1)*16384:len(cipherfile)], ALL_SOCKET[j], int(i), en_file_name+'_'+str(i), j)
_release_read_lock(LOCK_SOCKET, en_file_name)
source_split = source.split('/')
filename = source_split[-1]
# os.rename(save_pos + '/' + en_file_name, save_pos + '/' + filename)
with open(save_pos + '/' + filename, 'wb') as f:
f.write(cipherfile)
except:
info = 'download error'
return False, info
# with open(save_pos + '/' + filename, 'r') as f:
# cipherfile = f.read()
signature = cipherfile[0:344]
cipherfile = cipherfile[344:]
with open(save_pos + '/' + filename, 'w') as f:
f.write(cipherfile)
verify = encrypt.verify_sign(USER_PRK, signature, cipherfile)
if not verify:
info = 'the file has been modified illegally'
os.remove(save_pos + '/' + filename)
try:
source_path = source_split[:-1]
en_source = EFS_DIR + '/'.join(source_path) + '/' + en_file_name
os.rename(source_file, en_source)
#os.system(PASS + 'scp ' + en_source + SERVER)
with open(en_source, 'w') as f:
cipherfile = f.read()
_inquire(en_file_name, SOCKET, len(cipherfile))
DataNode = _get_datanode(SOCKET)
while _get_write_lock(LOCK_SOCKET, en_file_name) == 0:
pass
for i in DataNode.keys():
for j in DataNode[i]:
if int(i) != len(cipherfile) / 16384 + 1:
_upload_DataNode(
USER_IP,
cipherfile[(int(i) - 1) * 16384:int(i) * 16384],
ALL_SOCKET[int(j)], int(i),
en_file_name + '_' + str(i), int(j))
else:
_upload_DataNode(
USER_IP,
cipherfile[(int(i) - 1) * 16384:len(cipherfile)],
ALL_SOCKET[int(j)], int(i),
en_file_name + '_' + str(i), int(j))
_release_write_lock(LOCK_SOCKET, en_file_name)
os.rename(en_source, source_file)
info = 'and the backup file has been uploaded, please read again'
return False, info
except:
info = 'and fail to upload the backup file'
return False, info
else:
try:
# update backup
with open(save_pos + '/' + filename, 'r') as f:
cipherfile = f.read()
with open(source_file, 'w') as f:
f.write(cipherfile)
plain = encrypt.decrypt_file(USER_AES, save_pos + '/' + filename)
with open(save_pos + '/' + filename, 'w') as f:
f.write(plain)
info = 'succeed'
return True, info
except:
info = 'decrypt error'
return False, info
def upload(USER_NAME, USER_PATH, USER_PRK, USER_IP, SOCKET, ALL_SOCKET,
LOCK_SOCKET, args):
# verify command
SOURCE = args[0]
dest = args[1]
if dest[-1] == '/':
dest = dest[:-1]
if dest[0:2] == './':
dest = dest[2:]
if not os.path.isfile(SOURCE):
info = 'no such source file'
return False, info
if dest[0] == '/':
dest_path_split = dest.split('/')
if USER_NAME != dest_path_split[1]:
info = 'destination directory permission denied'
with open(ILLIGAL_LOG_FILE, 'a') as f:
f.write('\n' + user + ':' + 'upload ' + dest)
return False, info
else:
DEST = EFS_DIR + dest[1:]
else:
DEST = EFS_DIR + USER_PATH + '/' + dest
if not os.path.isdir(DEST):
info = 'no such destination directory'
return False, info
try:
USER_PK, USER_PRK, USER_AES = _get_keys(USER_NAME, USER_PRK)
except:
info = 'get keys error'
return False, info
try:
# get encrypted file name
source_split = SOURCE.split('/')
filename = source_split[-1]
DEST_FILE = DEST + '/' + filename
en_file_name = encrypt.encrypt_filename(USER_PK, DEST_FILE)
en_file_name = en_file_name.replace("/", r"_")[0:100]
# encrypt file content
cipherfile = encrypt.encrypt_file(USER_AES, SOURCE)
# sign the hash value of the file
signature = encrypt.sign_file(USER_PRK, cipherfile)
# len(signature) = 344
cipherfile = signature + cipherfile
# backup in the file system
EN_DEST_FILE = DEST + '/' + en_file_name
with open(EN_DEST_FILE, 'w') as f:
f.write(cipherfile)
# test: try to decrypt
# plain = encrypt.decrypt_file(USER_AES, DEST_FILE)
# with open(DEST_FILE, 'w') as f:
# f.write(plain)
# inquire on namenode
_inquire(en_file_name, SOCKET, len(cipherfile))
DataNode = _get_datanode(SOCKET)
#_upload_DataNode(USER_IP, cipherfile[0:16384], DataNode_1, 1, en_file_name)
# get lock
while _get_write_lock(LOCK_SOCKET, en_file_name) == 0:
pass
for i in DataNode.keys():
for j in DataNode[i]:
if int(i) != len(cipherfile) / 16384 + 1:
_upload_DataNode(
USER_IP,
cipherfile[(int(i) - 1) * 16384:int(i) * 16384],
ALL_SOCKET[int(j)], int(i),
en_file_name + '_' + str(i), int(j))
else:
_upload_DataNode(
USER_IP,
cipherfile[(int(i) - 1) * 16384:len(cipherfile)],
ALL_SOCKET[int(j)], int(i),
en_file_name + '_' + str(i), int(j))
_release_write_lock(LOCK_SOCKET, en_file_name)
# upload to the datanode
# os.system(PASS + 'scp ' + EN_DEST_FILE + SERVER)
os.rename(EN_DEST_FILE, DEST_FILE)
except:
info = 'error in uploading'
return False, info
info = 'succeed'
return True, info
def rm(USER_NAME, USER_PATH, USER_PRK, USER_IP, SOCKET, ALL_SOCKET,
LOCK_SOCKET, args):
# verify command
rm_file = args[0]
if rm_file[-1] == '/':
info = 'this is not a file'
return False, info
if rm_file[0:2] == './':
rm_file = rm_file[2:]
if rm_file[0] == '/':
rm_path_split = rm_file.split('/')
if USER_NAME != rm_path_split[1]:
info = 'file permission denied'
with open(ILLIGAL_LOG_FILE, 'a') as f:
f.write('\n' + USER_NAME + ':' + 'rm ' + rm_file)
return False, info
else:
rm_path = EFS_DIR + rm_file[1:]
else:
rm_path = EFS_DIR + USER_PATH + '/' + rm_file
if not os.path.isfile(rm_path):
info = 'no such file'
return False, info
if not os.path.isfile(rm_path):
info = 'no such file'
return False, info
try:
USER_PK, USER_PRK, USER_AES = _get_keys(USER_NAME, USER_PRK)
except:
info = 'get keys error'
return False, info
# get encrypted file name
en_file_name = encrypt.encrypt_filename(USER_PK, rm_path)
en_file_name = en_file_name.replace("/", r"_")[0:100]
try:
#os.system(PASS + ' ssh ' + SSH_SERVER + ' rm ' + SERVER_PATH + en_file_name)
_inquire(en_file_name, SOCKET, 0)
DataNode = _get_datanode(SOCKET)
while _get_write_lock(LOCK_SOCKET, en_file_name) == 0:
pass
for i in DataNode.keys():
for j in DataNode[i]:
_delete_on_datanode(en_file_name + '_' + str(i), j,
ALL_SOCKET[int(j)], int(i))
_release_write_lock(LOCK_SOCKET, en_file_name)
_delete_on_namenode(en_file_name, SOCKET)
except:
info = 'error in removing file from the server'
return False, info
os.remove(rm_path)
info = 'succeed'
return True, info