def updateFile(self, filePath=None):
if filePath == None:
print 'updateFile - Missing filePath'
return
recordPath = self.getRecord(filePath, self.userName)
fin = open(recordPath, 'rb')
secret = fin.read(344)
iv = fin.read(344)
fin.close()
secret = base64.standard_b64decode(secret)
iv = base64.standard_b64decode(iv)
secret = decipherModule.processObjectRSA(secret, self.RSAkey)
iv = decipherModule.processObjectRSA(iv, self.RSAkey)
""" Encrypt file with the same AES key that it receives in the record """
output = self.encryptFileAESwSecret(filePath, secret, iv)
f = FileLenIO(output, 'rb')
request = urllib2.Request('http://127.0.0.1:3030/updateFile', f)
request.add_header('Content-Type', 'application/octet-stream')
""" custom header with the name of the file """
request.add_header('File-Name', os.path.basename(filePath))
request.add_header('User-ID', self.userName)
request.add_header(
'hashClient',
self.hashArgs([os.path.basename(filePath), self.userName]))
response = urllib2.urlopen(request)
os.remove(recordPath)
os.remove(output)
def shareFile(self, fileName=None, fileReceiverID=None):
""" Get public key """
""" Get Record """
""" Decipher own record """
""" Cipher record with the public key received """
if fileName == None:
print 'shareFile - Missing fileName'
return
if fileReceiverID == None:
print 'shareFile - Missing fileReceiverID'
return
fileHolderID = self.userName
shareKey = self.getRSAPublicKey(fileReceiverID)
#shareKey = RSA.importKey(shareKey)
recordName = self.getRecord(fileName, fileHolderID)
fin = open(recordName, 'rb')
secret = fin.read(344)
iv = fin.read(344)
fin.close()
secret = base64.standard_b64decode(secret)
iv = base64.standard_b64decode(iv)
secret = decipherModule.processObjectRSA(secret, self.RSAkey)
iv = decipherModule.processObjectRSA(iv, self.RSAkey)
secret = cipherModule.processObjectRSA(secret, shareKey)
iv = cipherModule.processObjectRSA(iv, shareKey)
secret = base64.standard_b64encode(secret)
iv = base64.standard_b64encode(iv)
fout = open(recordName, 'wb')
fout.write(secret)
fout.write(iv)
fout.close()
f = FileLenIO(recordName, 'rb')
request = urllib2.Request('http://127.0.0.1:3030/shareFile', f)
request.add_header('Content-Type', 'application/octet-stream')
""" custom header with the name of the file """
request.add_header('File-Name', str(fileName))
request.add_header('File-Holder', str(fileHolderID))
request.add_header('File-Receiver', str(fileReceiverID))
request.add_header(
'hashClient',
self.hashArgs([fileName, fileHolderID, fileReceiverID]))
#request.add_header('Record-ID', str(fileHolderID))
response = urllib2.urlopen(request)
os.remove(recordName)
def getSalt(self, userID=None, hashClient=None):
if userID == None:
print 'getSalt - Missing userID'
return
if hashClient == None:
print 'getSalt - Missing hashClient'
return
if not self.registeredUser(userID):
print 'user not registered'
return
clearText = base64.urlsafe_b64decode(str(hashClient))
clearText = decipherModule.processObjectRSA(clearText, self.RSAkey)
if clearText != userID:
print 'getSalt - Corrupt Args'
return
dbconn = sqlite3.connect('seg.db')
dbcursor = dbconn.cursor()
dbcursor.execute('SELECT salt FROM User WHERE user_id =?', (userID, ))
salt = dbcursor.fetchone()
dbconn.close()
return salt
def addUser(self,
userID=None,
userBI=None,
pubKey=None,
passwordHS=None,
salt=None,
ccmodulus=None,
ccexponent=None):
if userID == None:
print 'addUser - Missing userID'
return
if userBI == None:
print 'addUser - Missing userBI'
return
if pubKey == None:
print 'addUser - Missing pubKey'
return
if passwordHS == None:
print 'addUser - Missing password'
return
if salt == None:
print 'addUser - Missing salt'
return
if ccmodulus == None:
print 'addUser - Missing ccmodulus'
return
if ccexponent == None:
print 'addUser - Missing ccexponent'
return
password = base64.urlsafe_b64decode(str(passwordHS))
password = decipherModule.processObjectRSA(password, self.RSAkey)
""" If the user is not on the database """
if not self.registeredUser(userID):
""" Insert user into Users table """
self.insertUser(userID, userBI, pubKey, password, salt, ccmodulus,
ccexponent)
self.createPbox(userID)
else:
print 'User is already registered'
return
def validatePassword(self,
userID=None,
passwordHash=None,
hashClient=None):
if userID == None:
print 'validatePassword - Missing userID'
return
if passwordHash == None:
print 'validatePassword - Missing password'
return
if hashClient == None:
print 'getSalt - Missing hashClient'
return
clearText = base64.urlsafe_b64decode(str(hashClient))
clearText = decipherModule.processObjectRSA(clearText, self.RSAkey)
if clearText != userID:
print 'getSalt - Corrupt Args'
return
password = base64.urlsafe_b64decode(str(passwordHash))
password = decipherModule.processObjectRSA(password, self.RSAkey)
dbconn = sqlite3.connect('seg.db')
dbcursor = dbconn.cursor()
dbcursor.execute(
'SELECT password FROM password WHERE password.user_id = ?',
(userID, ))
challenge = dbcursor.fetchone()
dbconn.close()
if challenge == None:
dbconn = sqlite3.connect('seg.db')
dbcursor = dbconn.cursor()
dbcursor.execute('INSERT INTO password VALUES(?,?,?)', (
userID,
password,
0,
))
dbconn.commit()
dbconn.close()
else:
dbconn = sqlite3.connect('seg.db')
dbcursor = dbconn.cursor()
dbcursor.execute(
'UPDATE password SET password = ?, dirty = ? WHERE user_id = ?',
(
password,
0,
userID,
))
dbconn.commit()
dbconn.close()
service = '/etc/pam.d/safebox'
auth = PAM.pam()
auth.start(service)
print ''
auth.set_item(PAM.PAM_USER, userID)
print ''
auth.set_item(PAM.PAM_CONV, pam_conv_pw)
try:
print ''
auth.authenticate()
except PAM.error, resp:
print 'Go away! (%s)' % resp
return '0'