def test_poa(self):
self.poa_a.verify()
self.poa_b.verify()
# Test poa expiretime
expire_time = time.mktime(time.gmtime()) + 60 # Expire in one minute
self.poa_a = ClosedSwarm.create_poa(self.torrent_id,
self.torrent_keypair,
self.node_a_pub_permid,
expire_time=expire_time)
try:
self.poa_a.verify()
except ClosedSwarm.POAExpiredException:
self.fail("POA verify means expired, but it is not")
expire_time = time.mktime(time.gmtime()) - 1 # Expire one second ago
self.poa_a = ClosedSwarm.create_poa(self.torrent_id,
self.torrent_keypair,
self.node_a_pub_permid,
expire_time=expire_time)
try:
self.poa_a.verify()
self.fail("POA verify does not honor expire time")
except ClosedSwarm.POAExpiredException:
pass
def create_poa(torrent, torrent_keypair, node_id, target_file):
# Sanity - check that this key matches the torrent
pubkey = torrent_keypair.pub()
good_key = False
for key in torrent.get_cs_keys():
if pubkey.get_der() == key.get_der():
good_key = True
break
if not good_key:
raise Exception("Bad key given for this torrent")
# if the node_id is base64 encoded, decode it
try:
actual_node_id = decodestring(node_id)
print "Node ID was base64 encoded"
except:
actual_node_id = node_id
# Got the right key, now create POA
poa = ClosedSwarm.create_poa(t.infohash, torrent_keypair, actual_node_id)
# Now we save it
if target_file:
ClosedSwarm.write_poa_to_file(target_file)
tf = target_file
else:
tf = ClosedSwarm.trivial_save_poa("./", decodestring(node_id), t.infohash, poa)
print "Proof of access written to file '%s'"%tf
def generate_poa(self, swarm_id, perm_id):
"""
Generate a POA if the swarm-id private key is available
"""
status = Status.get_status_holder("LivingLab")
# Randomly allow 80% to be authorized...
if random.randint(0, 100) > 80:
status.create_and_add_event("denied", [swarm_id, perm_id])
status.get_status_element("poas_failed").inc()
raise Exception("Randomly denied...")
key_file = os.path.join(KEY_PATH, swarm_id + ".tkey")
if not os.path.exists(key_file):
raise Exception("Missing key file")
# Load keys
try:
torrent_keypair = ClosedSwarm.read_cs_keypair(key_file)
except Exception as e:
raise Exception("Bad torrent key file")
# TODO? Sanity - check that this key matches the torrent
poa = ClosedSwarm.create_poa(swarm_id, torrent_keypair, perm_id)
status.create_and_add_event("allowed", [swarm_id, perm_id])
status.get_status_element("poas_generated").inc()
return poa.serialize()
def test_poa(self):
self.poa_a.verify()
self.poa_b.verify()
# Test poa expiretime
expire_time = time.mktime(time.gmtime())+60 # Expire in one minute
self.poa_a = ClosedSwarm.create_poa(self.torrent_id,
self.torrent_keypair,
self.node_a_pub_permid,
expire_time=expire_time)
try:
self.poa_a.verify()
except ClosedSwarm.POAExpiredException:
self.fail("POA verify means expired, but it is not")
expire_time = time.mktime(time.gmtime())-1 # Expire one second ago
self.poa_a = ClosedSwarm.create_poa(self.torrent_id,
self.torrent_keypair,
self.node_a_pub_permid,
expire_time=expire_time)
try:
self.poa_a.verify()
self.fail("POA verify does not honor expire time")
except ClosedSwarm.POAExpiredException:
pass
def create_poa(torrent, torrent_keypair, node_id, target_file):
# Sanity - check that this key matches the torrent
pubkey = torrent_keypair.pub()
good_key = False
for key in torrent.get_cs_keys():
if pubkey.get_der() == key.get_der():
good_key = True
break
if not good_key:
raise Exception("Bad key given for this torrent")
# if the node_id is base64 encoded, decode it
try:
actual_node_id = decodestring(node_id)
print "Node ID was base64 encoded"
except:
actual_node_id = node_id
# Got the right key, now create POA
poa = ClosedSwarm.create_poa(t.infohash, torrent_keypair, actual_node_id)
# Now we save it
if target_file:
ClosedSwarm.write_poa_to_file(target_file)
tf = target_file
else:
tf = ClosedSwarm.trivial_save_poa("./", decodestring(node_id), t.infohash, poa)
print "Proof of access written to file '%s'"%tf
def get_cs_keys(self):
if "cs_keys" in self.input:
keys = self.input["cs_keys"].split(",")
cs_keys = []
for key in keys:
k = ClosedSwarm.pubkey_from_der(key)
cs_keys.append(k)
return cs_keys
return None
def test_invalid_poa_node_b(self):
self.cs_b.poa = ClosedSwarm.POA(self.torrent_id, "stuff", "stuff2")
# Update to a bad POA
msg_1 = self.cs_a.a_create_challenge()
msg_2 = self.cs_b.b_create_challenge(msg_1)
msg_3 = self.cs_a.a_provide_poa_message(msg_2)
msg_4 = self.cs_b.b_provide_poa_message(msg_3)
try:
self.cs_a.a_check_poa_message(msg_4)
self.fail("Node B failed to discover bad POA")
except ClosedSwarm.InvalidPOAException, e:
pass
def test_invalid_poa_node_a(self):
self.cs_a.poa = ClosedSwarm.POA("bad_poa_a", "stuff", "stuff2")
# Update to a bad POA
msg_1 = self.cs_a.a_create_challenge()
msg_2 = self.cs_b.b_create_challenge(msg_1)
msg_3 = self.cs_a.a_provide_poa_message(msg_2)
msg_4 = self.cs_b.b_provide_poa_message(msg_3)
self.cs_a.a_check_poa_message(msg_4)
self.assertTrue(self.cs_a.is_remote_node_authorized())
self.assertFalse(self.cs_b.is_remote_node_authorized())
def setUp(self):
self.keyfiles = [
".node_a_keypair", ".node_b_keypair", ".torrent_keypair"
]
for filename in self.keyfiles:
if not os.path.exists(filename):
keypair = permid.generate_keypair()
permid.save_keypair(keypair, filename)
self.node_a_keypair = permid.read_keypair(".node_a_keypair")
self.node_b_keypair = permid.read_keypair(".node_b_keypair")
self.torrent_keypair = permid.read_keypair(".torrent_keypair")
self.torrent_id = "1234"
# Shortcuts
self.node_a_pub_permid = str(self.node_a_keypair.pub().get_der())
self.node_b_pub_permid = str(self.node_b_keypair.pub().get_der())
self.torrent_pubkeys = [
encodestring(str(self.torrent_keypair.pub().get_der())).replace(
"\n", "")
]
# Create the certificate for this torrent ("proof of access")
self.poa_a = ClosedSwarm.create_poa(self.torrent_id,
self.torrent_keypair,
self.node_a_pub_permid)
self.poa_b = ClosedSwarm.create_poa(self.torrent_id,
self.torrent_keypair,
self.node_b_pub_permid)
self.cs_a = ClosedSwarm.ClosedSwarm(self.node_a_keypair,
self.torrent_id,
self.torrent_pubkeys, self.poa_a)
self.cs_b = ClosedSwarm.ClosedSwarm(self.node_b_keypair,
self.torrent_id,
self.torrent_pubkeys, self.poa_b)
def get_cs_keys(self):
""" Get the Closed swarm keys for this torrent.
@return A list of key objects ready to be used or [] if not a CS
"""
if 'cs_keys' in self.input:
keys = self.input['cs_keys'].split(",")
cs_keys = []
for key in keys:
k = ClosedSwarm.pubkey_from_der(key)
cs_keys.append(k)
return cs_keys
return []
def get_cs_keys(self):
""" Get the Closed swarm keys for this torrent.
@return A list of key objects ready to be used or [] if not a CS
"""
if 'cs_keys' in self.input:
keys = self.input['cs_keys'].split(",")
cs_keys = []
for key in keys:
k = ClosedSwarm.pubkey_from_der(key)
cs_keys.append(k)
return cs_keys
return []
def setUp(self):
self.keyfiles = [".node_a_keypair",".node_b_keypair",".torrent_keypair"]
for filename in self.keyfiles:
if not os.path.exists(filename):
keypair = permid.generate_keypair()
permid.save_keypair(keypair, filename)
self.node_a_keypair = permid.read_keypair(".node_a_keypair")
self.node_b_keypair = permid.read_keypair(".node_b_keypair")
self.torrent_keypair = permid.read_keypair(".torrent_keypair")
self.torrent_id = "1234"
# Shortcuts
self.node_a_pub_permid = str(self.node_a_keypair.pub().get_der())
self.node_b_pub_permid = str(self.node_b_keypair.pub().get_der())
self.torrent_pubkeys = [encodestring(str(self.torrent_keypair.pub().get_der())).replace("\n","")]
# Create the certificate for this torrent ("proof of access")
self.poa_a = ClosedSwarm.create_poa(self.torrent_id,
self.torrent_keypair,
self.node_a_pub_permid)
self.poa_b = ClosedSwarm.create_poa(self.torrent_id,
self.torrent_keypair,
self.node_b_pub_permid)
self.cs_a = ClosedSwarm.ClosedSwarm(self.node_a_keypair,
self.torrent_id,
self.torrent_pubkeys,
self.poa_a)
self.cs_b = ClosedSwarm.ClosedSwarm(self.node_b_keypair,
self.torrent_id,
self.torrent_pubkeys,
self.poa_b)
def create_poa(torrent, torrent_keypair, node_id, target_file):
# Sanity - check that this key matches the torrent
pubkey = torrent_keypair.pub()
good_key = False
for key in torrent.get_cs_keys():
if pubkey.get_der() == key.get_der():
good_key = True
break
if not good_key:
raise Exception("Bad key given for this torrent")
# Got the right key, now create POA
poa = ClosedSwarm.create_poa(t.infohash, torrent_keypair, node_id)
f = open(target_file, "wb")
f.write(poa.serialize())
print "Proof of access written to file '%s'"%target_file
config['key_file'] = torrent + ".tkey"
if not os.path.exists(config['key_file']):
print "Error: Could not find key file '%s'"%config['key_file']
raise SystemExit(1)
# Load the torrent file
try:
t = TorrentDef.load(torrent)
except Exception,e:
print "Bad torrent file:",e
raise SystemExit(1)
if not t.get_cs_keys():
print "Not a closed swarm torrent"
raise SystemExit(1)
try:
torrent_keypair = ClosedSwarm.read_cs_keypair(config['key_file'])
except Exception,e:
print "Bad torrent key file",e
raise SystemExit(1)
# Need permid of the receiving node
if not config['node_id']:
print "Missing nodeid"
raise SystemExit(1)
create_poa(t, torrent_keypair,
config['node_id'], config['output_file'])
status.get_status_element("poas_failed").inc()
raise Exception("Randomly denied...")
key_file = os.path.join(KEY_PATH, swarm_id + ".tkey")
if not os.path.exists(key_file):
raise Exception("Missing key file")
# Load keys
try:
torrent_keypair = ClosedSwarm.read_cs_keypair(key_file)
except Exception,e:
raise Exception("Bad torrent key file")
# TODO? Sanity - check that this key matches the torrent
poa = ClosedSwarm.create_poa(swarm_id, torrent_keypair, perm_id)
status.create_and_add_event("allowed", [swarm_id, perm_id])
status.get_status_element("poas_generated").inc()
return poa.serialize()
class WebServer(threading.Thread):
def __init__(self, port):
threading.Thread.__init__(self)
print "Starting WebServer on port %s"%port
self.server = MyWebServer(('', int(port)), WebHandler)
self.port = port
self.running = False
if not config['key_file']:
config['key_file'] = torrent + ".tkey"
if not os.path.exists(config['key_file']):
print "Error: Could not find key file '%s'"%config['key_file']
raise SystemExit(1)
# Load the torrent file
try:
t = TorrentDef.load(torrent)
except Exception,e:
print "Bad torrent file:",e
raise SystemExit(1)
if not t.get_cs_keys():
print "Not a closed swarm torrent"
raise SystemExit(1)
try:
torrent_keypair = ClosedSwarm.read_cs_keypair(config['key_file'])
except Exception,e:
print "Bad torrent key file",e
raise SystemExit(1)
# Need permid of the receiving node
if not config['node_id']:
print "Missing nodeid"
raise SystemExit(1)
create_poa(t, torrent_keypair,
config['node_id'], config['output_file'])