예제 #1
0
def setup_brand(brand_identifier):
    """
    create keys, brand config file, and brand layers file for NUS
    """
    base_id, base_keypair = get_base()

    brand_id, brand_keypair = make_keypair()

    save_key(brand_id, brand_keypair)

    layers = (
        (
            brand_id,
            brand_keypair.publickey(),
        ),
        (
            base_id,
            base_keypair.publickey(),
        ),
    )

    layer_fn = os.path.join(_ESCROW_LAYERS_PATH,
                            "brand.%s.layers.serial" % (brand_identifier, ))

    if os.path.exists(layer_fn):
        raise EscrowError("Brand id %s layers exist" % (brand_identifier, ))
    with open(layer_fn, "ab") as fobj:
        dump(layers, fobj)

    write_config("brand.%s" % (brand_identifier, ), brand_id)

    print "new keys and config saved for brand %s" % brand_identifier

    return brand_id, brand_identifier, layers
예제 #2
0
파일: admin.py 프로젝트: SpiderOak/netkes
def setup_brand(brand_identifier):
    """
    create keys, brand config file, and brand layers file for NUS
    """
    base_id, base_keypair = get_base()

    brand_id, brand_keypair = make_keypair()

    save_key(brand_id, brand_keypair)

    layers = ( (brand_id, brand_keypair.publickey(), ),
               (base_id,  base_keypair.publickey(),  ), )
        
    layer_fn = os.path.join(_ESCROW_LAYERS_PATH, 
        "brand.%s.layers.serial" % ( brand_identifier, ))

    if os.path.exists(layer_fn):
        raise EscrowError("Brand id %s layers exist" % (brand_identifier, ))
    with open(layer_fn, "ab") as fobj:
        dump(layers, fobj)

    write_config("brand.%s" % (brand_identifier, ), brand_id)

    print "new keys and config saved for brand %s" % brand_identifier

    return brand_id, brand_identifier, layers
예제 #3
0
파일: test.py 프로젝트: SpiderOak/netkes
def test_write_and_read_layers():
    """
    test encapsulating data in many escrow layers and reading it back out
    """

    userkey = make_keypair()

    layers = list()
    for _ in range(_TEST_LAYERS): 
        layers.append(make_keypair())

    # this is the data that goes in the innermost layer
    data = os.urandom(_TEST_DATA_SIZE)

    layer_data = data

    # we encapsulate this data in layers of key escrow
    for idx, layer in enumerate(layers):
        cipher_layer_data = make_escrow_layer(
            layer[0], layer[1].publickey(), layer_data, userkey[1])

        # at every layer we test that we can read back the data
        plain_layer_data = read_escrow_layer(
            { layer[0]: layer[1] }, cipher_layer_data, userkey[1].publickey())
        assert plain_layer_data == layer_data, \
            "readback fail at layer %d" % (idx + 1)

        layer_data = cipher_layer_data


    # read back the layers in reverse
    for idx, layer in enumerate(layers[::-1]):
        plain_layer_data = read_escrow_layer(
            { layer[0]: layer[1] }, layer_data, userkey[1].publickey())
        layer_data = plain_layer_data

    # we should get our original data back out
    assert layer_data == data

    return True
예제 #4
0
def test_write_and_read_layers():
    """
    test encapsulating data in many escrow layers and reading it back out
    """

    userkey = make_keypair()

    layers = list()
    for _ in range(_TEST_LAYERS):
        layers.append(make_keypair())

    # this is the data that goes in the innermost layer
    data = os.urandom(_TEST_DATA_SIZE)

    layer_data = data

    # we encapsulate this data in layers of key escrow
    for idx, layer in enumerate(layers):
        cipher_layer_data = make_escrow_layer(layer[0], layer[1].publickey(),
                                              layer_data, userkey[1])

        # at every layer we test that we can read back the data
        plain_layer_data = read_escrow_layer({layer[0]: layer[1]},
                                             cipher_layer_data,
                                             userkey[1].publickey())
        assert plain_layer_data == layer_data, \
            "readback fail at layer %d" % (idx + 1)

        layer_data = cipher_layer_data

    # read back the layers in reverse
    for idx, layer in enumerate(layers[::-1]):
        plain_layer_data = read_escrow_layer({layer[0]: layer[1]}, layer_data,
                                             userkey[1].publickey())
        layer_data = plain_layer_data

    # we should get our original data back out
    assert layer_data == data

    return True
예제 #5
0
파일: admin.py 프로젝트: bdzim/netkes
def test_setup_brand():
    from key_escrow.server import read_escrow_data
    brand_identifier = 'my_test_brand'
    brand_id, _brand_keypair, layers = setup_brand(brand_identifier)

    assert brand_id == layers[0][0]

    _user_key_id, user_keypair = make_keypair()
    test_data = "0123456789"
    escrowed_data = escrow_binary(layers, test_data, user_keypair)
    plain_escrowed_data = read_escrow_data(brand_identifier, escrowed_data, 
        sign_key=user_keypair.publickey())
    assert plain_escrowed_data == test_data

    print "setup brand test ok"
    return True
예제 #6
0
파일: admin.py 프로젝트: SpiderOak/netkes
def create_base():
    """
    Run only once to create base layer of key escrow (which is kept internal.)

    create a new (key_id, keypair, ) and save it.
    create a new file base.cfg with key_id in first line
    """

    base_id, base_keypair = make_keypair()

    save_key(base_id, base_keypair)

    write_config("base", base_id)

    print "base key ID %s and cfg saved" % ( base_id, )

    return True
예제 #7
0
def create_base():
    """
    Run only once to create base layer of key escrow (which is kept internal.)

    create a new (key_id, keypair, ) and save it.
    create a new file base.cfg with key_id in first line
    """

    base_id, base_keypair = make_keypair()

    save_key(base_id, base_keypair)

    write_config("base", base_id)

    print "base key ID %s and cfg saved" % (base_id, )

    return True