def fsops_gpg_encrypt(fpath, recipient_gpg): """ return path of encrypted file, length of the encrypted file this function is used to encrypt a file for a specific recipient. commonly 'receiver_desc' is expected as second argument; anyhow a simpler dict can be used. required keys are checked on top """ gpoj = GLBGPG() try: gpoj.load_key(recipient_gpg['gpg_key_armor']) filepath = os.path.join(GLSetting.submission_path, fpath) with GLSecureFile(filepath) as f: encrypted_file_path, encrypted_file_size = \ gpoj.encrypt_file(recipient_gpg['gpg_key_fingerprint'], filepath, f, GLSetting.submission_path) except: raise finally: # the finally statement is always called also if # except contains a return or a raise gpoj.destroy_environment() return encrypted_file_path, encrypted_file_size
def test_pgp_read_expirations(self): gpgobj = GLBGPG() self.assertEqual( gpgobj.load_key(VALID_PGP_KEY1)['expiration'], datetime.utcfromtimestamp(0)) self.assertEqual( gpgobj.load_key(EXPIRED_PGP_KEY)['expiration'], datetime.utcfromtimestamp(1391012793)) gpgobj.destroy_environment()
def test_encrypt_message(self): dummy_template = "In %EventTime% you've got a crush for Taryn Southern, yay!! \ more info on: https://www.youtube.com/watch?v=C7JZ4F3zJdY \ and know that you're not alone!" mock_event = Event( type=u'encrypted_tip', trigger='Tip', tip_info={ 'creation_date': '2013-05-13T17:49:26.105485', #epoch! 'id': 'useless', 'wb_steps': fill_random_fields(self.dummyContext['id']), }, node_info=MockDict().dummyNode, receiver_info=MockDict().dummyReceiver, context_info=MockDict().dummyContext, steps_info={}, subevent_info={}, do_mail=False) mail_content = Templating().format_template(dummy_template, mock_event) # setup the GPG key before GLSetting.gpgroot = GPGROOT fake_receiver_desc = { 'gpg_key_armor': unicode(VALID_PGP_KEY1), 'gpg_key_fingerprint': u"CF4A22020873A76D1DCB68D32B25551568E49345", 'gpg_key_status': u'enabled', 'username': u'*****@*****.**', } gpgobj = GLBGPG() gpgobj.load_key(VALID_PGP_KEY1) encrypted_body = gpgobj.encrypt_message( fake_receiver_desc['gpg_key_fingerprint'], mail_content) self.assertSubstring('-----BEGIN PGP MESSAGE-----', encrypted_body) gpgobj.destroy_environment()
def test_encrypt_file(self): # setup the GPG key before GLSetting.gpgroot = GPGROOT tempsource = os.path.join(os.getcwd(), "temp_source.txt") with file(tempsource, 'w+') as f1: f1.write( "\n\nDecrypt the Cat!\n\nhttp://tobtu.com/decryptocat.php\n\n") f1.seek(0) fake_receiver_desc = { 'gpg_key_armor': unicode(VALID_PGP_KEY1), 'gpg_key_status': u'enabled', 'gpg_key_fingerprint': u"CF4A22020873A76D1DCB68D32B25551568E49345", 'username': u'*****@*****.**', } # these are the same lines used in delivery_sched.py gpgobj = GLBGPG() gpgobj.load_key(VALID_PGP_KEY1) encrypted_file_path, encrypted_file_size = gpgobj.encrypt_file( fake_receiver_desc['gpg_key_fingerprint'], tempsource, f1, "/tmp") gpgobj.destroy_environment() with file(encrypted_file_path, "r") as f2: first_line = f2.readline() self.assertSubstring('-----BEGIN PGP MESSAGE-----', first_line) with file(encrypted_file_path, "r") as f2: whole = f2.read() self.assertEqual(encrypted_file_size, len(whole))
def migrate_Receiver(self): print "%s Receiver migration assistant" % self.std_fancy gpgobj = GLBGPG() old_receivers = self.store_old.find( self.get_right_model("Receiver", 16)) for old_receiver in old_receivers: new_receiver = self.get_right_model("Receiver", 17)() gpg_key_expiration = datetime_null() if old_receiver.gpg_key_armor: try: gpg_key_expiration = gpgobj.load_key( old_receiver.gpg_key_armor)['expiration'] except: pass for _, v in new_receiver._storm_columns.iteritems(): if v.name == 'gpg_key_status': if old_receiver.gpg_key_status == u'Enabled': new_receiver.gpg_key_status = u'enabled' else: new_receiver.gpg_key_status = u'disabled' continue if v.name == 'gpg_key_expiration': new_receiver.gpg_key_expiration = gpg_key_expiration continue setattr(new_receiver, v.name, getattr(old_receiver, v.name)) self.store_new.add(new_receiver) self.store_new.commit() gpgobj.destroy_environment()
def do_notify(self, event): if not self.validate_admin_opt(event.notification_settings): log.info('invalid mail settings for admin') return None # At the moment the language used is a system language, not # Receiver preferences language ? if event.type == u'encrypted_tip': body = Templating().format_template( event.notification_settings['encrypted_tip_template'], event) title = Templating().format_template( event.notification_settings['encrypted_tip_mail_title'], event) elif event.type == u'plaintext_tip': body = Templating().format_template( event.notification_settings['plaintext_tip_template'], event) title = Templating().format_template( event.notification_settings['plaintext_tip_mail_title'], event) elif event.type == u'encrypted_file': body = Templating().format_template( event.notification_settings['encrypted_file_template'], event) title = Templating().format_template( event.notification_settings['encrypted_file_mail_title'], event) elif event.type == u'plaintext_file': body = Templating().format_template( event.notification_settings['plaintext_file_template'], event) title = Templating().format_template( event.notification_settings['plaintext_file_mail_title'], event) elif event.type == u'encrypted_comment': body = Templating().format_template( event.notification_settings['encrypted_comment_template'], event) title = Templating().format_template( event.notification_settings['encrypted_comment_mail_title'], event) elif event.type == u'plaintext_comment': body = Templating().format_template( event.notification_settings['plaintext_comment_template'], event) title = Templating().format_template( event.notification_settings['plaintext_comment_mail_title'], event) elif event.type == u'encrypted_message': body = Templating().format_template( event.notification_settings['encrypted_message_template'], event) title = Templating().format_template( event.notification_settings['encrypted_message_mail_title'], event) elif event.type == u'plaintext_message': body = Templating().format_template( event.notification_settings['plaintext_message_template'], event) title = Templating().format_template( event.notification_settings['plaintext_message_mail_title'], event) else: raise NotImplementedError("At the moment, only Tip expected") # If the receiver has encryption enabled (for notification), encrypt the mail body if event.receiver_info['gpg_key_status'] == u'enabled': gpob = GLBGPG() try: gpob.load_key(event.receiver_info['gpg_key_armor']) body = gpob.encrypt_message(event.receiver_info['gpg_key_fingerprint'], body) except Exception as excep: log.err("Error in GPG interface object (for %s: %s)! (notification+encryption)" % (event.receiver_info['username'], str(excep) )) return None # We return None and the mail will be delayed # If GPG is enabled and the key is invalid this # is the only possiibly thing to do. # The PGP check schedule will disable the key # and alert the user and the admin finally: # the finally statement is always called also if # except contains a return or a raise gpob.destroy_environment() receiver_mail = event.receiver_info['mail_address'] # XXX here can be catch the subject (may change if encrypted or whatever) message = MIME_mail_build(GLSetting.memory_copy.notif_source_name, GLSetting.memory_copy.notif_source_email, event.receiver_info['name'], receiver_mail, title, body) return self.mail_flush(event.notification_settings['source_email'], [receiver_mail], message, event)