def store_public_key( config, key_type, object_id, key_data ): """ Store a public key for a given object of a given type. """ key_data_pem = key_data.exportKey() key_path = conf.object_key_path( config, key_type, object_id, public=True ) return write_key( key_path, key_data_pem )
def store_public_key(config, key_type, object_id, key_data):
"""
Store a public key for a given object of a given type.
"""
key_data_pem = key_data.exportKey()
key_path = conf.object_key_path(config, key_type, object_id, public=True)
return write_key(key_path, key_data_pem)
def store_private_key(config, key_type, object_id, key_data, overwrite=False):
"""
Store a private key for a given object of a given type.
"""
key_data_pem = key_data.exportKey()
assert key_data.has_private(), "Not a private key"
key_path = conf.object_key_path(config, key_type, object_id, public=False)
return write_key(key_path, key_data_pem, overwrite=overwrite)
def store_private_key( config, key_type, object_id, key_data, overwrite=False ): """ Store a private key for a given object of a given type. """ key_data_pem = key_data.exportKey() assert key_data.has_private(), "Not a private key" key_path = conf.object_key_path( config, key_type, object_id, public=False ) return write_key( key_path, key_data_pem, overwrite=overwrite )
def warn_key_change(config):
"""
return a warning string the user that the MS's public key has changed, and exit.
"""
return """
SECURE VERIFICATION FAILURE!
It's possible that someone is impersonating your Syndicate, to get you to leak sensitive data!
If you are certain this is not the case, you should remove the offending public key.
Offending public key path: %s
""" % conf.object_key_path(config, "syndicate", make_ms_url(config['syndicate_host'], config['syndicate_port'], config['no_tls']).strip("https://"), public=True)
def warn_key_change(config):
"""
return a warning string the user that the MS's public key has changed, and exit.
"""
return """
SECURE VERIFICATION FAILURE!
It's possible that someone is impersonating your Syndicate, to get you to leak sensitive data!
If you are certain this is not the case, you should remove the offending public key.
Offending public key path: %s
""" % conf.object_key_path(
config,
"syndicate",
make_ms_url(config['syndicate_host'], config['syndicate_port'],
config['no_tls']).strip("https://"),
public=True)
def erase_key(config, key_type, object_id, public=False):
"""
Erase a key for a given object of a given type.
"""
key_path = conf.object_key_path(config, key_type, object_id, public=public)
return secure_erase_key(key_path)
def load_private_key(config, key_type, object_id):
"""
Load a private key of the given type for the given object.
"""
key_path = conf.object_key_path(config, key_type, object_id, public=False)
return read_private_key(key_path)
def load_public_key(config, key_type, object_id):
"""
Load a public key of the given type for the given object.
"""
key_path = conf.object_key_path(config, key_type, object_id, public=True)
return read_public_key(key_path)
def erase_key( config, key_type, object_id, public=False ): """ Erase a key for a given object of a given type. """ key_path = conf.object_key_path( config, key_type, object_id, public=public ) return secure_erase_key( key_path )
def load_private_key( config, key_type, object_id ): """ Load a private key of the given type for the given object. """ key_path = conf.object_key_path( config, key_type, object_id, public=False ) return read_private_key( key_path )
def load_public_key( config, key_type, object_id ): """ Load a public key of the given type for the given object. """ key_path = conf.object_key_path( config, key_type, object_id, public=True ) return read_public_key( key_path )
def store_private_key( config, key_type, object_id, key_data ): """ Store a private key for a given object of a given type. """ key_path = conf.object_key_path( config, key_type, object_id, public=False ) return write_key( key_path, key_data )
