def load_syndicate_public_key( config ): if config.has_key("syndicate_public_key"): # already loaded return config['syndicate_public_key'] pubkey_name = conf.make_syndicate_pubkey_name( config['syndicate_host'], config['syndicate_port'], config['no_tls'] ) pubkey_path = conf.object_key_path( config, 'syndicate', pubkey_name, no_suffix=True ) return storage.read_public_key( pubkey_path )
def store_syndicate_public_key( config, syndicate_public_key, overwrite=True ): assert 'syndicate_host' in config assert 'syndicate_port' in config assert 'no_tls' in config pubkey_name = conf.make_syndicate_pubkey_name( config['syndicate_host'], config['syndicate_port'], config['no_tls'] ) pubkey_path = conf.object_key_path( config, "syndicate", pubkey_name, no_suffix=True ) return storage.write_key( pubkey_path, syndicate_public_key )
def warn_key_change( config ): print """ SECURE VERIFICATION FAILURE! It's possible that someone is impersonating your Syndicate, to get you to leak sensitive data! If you are certain this is not the case, you should remove the offending public key. Offending public key path: %s """ % conf.make_syndicate_pubkey_name( config['syndicate_host'], config['syndicate_port'], config['no_tls'] ) sys.exit(1)
def warn_key_change(config): print """ SECURE VERIFICATION FAILURE! It's possible that someone is impersonating your Syndicate, to get you to leak sensitive data! If you are certain this is not the case, you should remove the offending public key. Offending public key path: %s """ % conf.make_syndicate_pubkey_name( config['syndicate_host'], config['syndicate_port'], config['no_tls']) sys.exit(1)
def store_syndicate_public_key(config, syndicate_public_key, overwrite=True): assert 'syndicate_host' in config assert 'syndicate_port' in config assert 'no_tls' in config pubkey_name = conf.make_syndicate_pubkey_name(config['syndicate_host'], config['syndicate_port'], config['no_tls']) pubkey_path = conf.object_key_path(config, "syndicate", pubkey_name, no_suffix=True) return storage.write_key(pubkey_path, syndicate_public_key)
def load_syndicate_public_key(config): if config.has_key("syndicate_public_key"): # already loaded return config['syndicate_public_key'] pubkey_name = conf.make_syndicate_pubkey_name(config['syndicate_host'], config['syndicate_port'], config['no_tls']) pubkey_path = conf.object_key_path(config, 'syndicate', pubkey_name, no_suffix=True) return storage.read_public_key(pubkey_path)