Exemplo n.º 1
0
Arquivo: pbp.py Projeto: dnet/pbp
def keysign_handler(name=None, self=None, basedir=None):
    fname = publickey.get_pk_filename(basedir, name)
    with open(fname, 'rb') as fd:
        data = fd.read()
    with open(fname + '.sig', 'ab') as fd:
        me = publickey.Identity(self, basedir=basedir)
        sig = me.sign(data, master=True)
        if not sig:
            sys.stderr.write('signature failed\n')
        me.clear()
        fd.write(sig[:nacl.crypto_sign_BYTES])
Exemplo n.º 2
0
Arquivo: pbp.py Projeto: fpletz/pbp
def keysign_handler(name=None, self=None, basedir=None):
    # handles signing of keys using the master key
    # name is the key to be signed
    # self the signers name
    # basedir the root for the keystore
    fname = publickey.get_pk_filename(basedir, name)
    with open(fname,'r') as fd:
        data = fd.read()
    with open(fname+'.sig','a') as fd:
        me = publickey.Identity(self, basedir=basedir)
        sig = me.sign(data, master=True)
        if sig:
            me.clear()
            fd.write(sig[:nacl.crypto_sign_BYTES])
            return fname+'.sig'
Exemplo n.º 3
0
def keysign_handler(name=None, self=None, basedir=None):
    # handles signing of keys using the master key
    # name is the key to be signed
    # self the signers name
    # basedir the root for the keystore
    fname = publickey.get_pk_filename(basedir, name)
    with open(fname, 'r') as fd:
        data = fd.read()
    with open(fname + '.sig', 'a') as fd:
        me = publickey.Identity(self, basedir=basedir)
        sig = me.sign(data, master=True)
        if sig:
            me.clear()
            fd.write(sig[:nacl.crypto_sign_BYTES])
            return fname + '.sig'
Exemplo n.º 4
0
Arquivo: pbp.py Projeto: dnet/pbp
def keycheck_handler(name=None, basedir=None):
    fname = publickey.get_pk_filename(basedir, name)
    with open(fname, 'rb') as fd:
        pk = fd.read()
    sigs = []
    with open(fname + ".sig", 'rb') as fd:
        sigdat = fd.read()
    i = 0
    csb = nacl.crypto_sign_BYTES
    while i < len(sigdat) / 64:
        res = publickey.verify(sigdat[i * csb:(i + 1) * csb] + pk,
                               basedir=basedir,
                               master=True)
        if res:
            sigs.append(res[0])
        i += 1
    sys.stderr.write('good signatures on %s from %s\n' %
                     (name, ', '.join(sigs)))
Exemplo n.º 5
0
Arquivo: pbp.py Projeto: fpletz/pbp
def keycheck_handler(name=None, basedir=None):
    # handles verifying signatures of keys
    # name is the key to be verified
    # basedir the root for the keystore
    fname = publickey.get_pk_filename(basedir, name)
    with open(fname,'r') as fd:
        pk = fd.read()
    sigs=[]
    with open(fname+".sig",'r') as fd:
        sigdat=fd.read()
    i=0
    csb = nacl.crypto_sign_BYTES
    while i<len(sigdat)/64:
        res = publickey.verify(sigdat[i*csb:(i+1)*csb]+pk,
                              basedir=basedir,
                              master=True)
        if res:
            sigs.append(res[0])
        i+=1
    return sigs
Exemplo n.º 6
0
def keycheck_handler(name=None, basedir=None):
    # handles verifying signatures of keys
    # name is the key to be verified
    # basedir the root for the keystore
    fname = publickey.get_pk_filename(basedir, name)
    with open(fname, 'r') as fd:
        pk = fd.read()
    sigs = []
    with open(fname + ".sig", 'r') as fd:
        sigdat = fd.read()
    i = 0
    csb = nacl.crypto_sign_BYTES
    while i < len(sigdat) / 64:
        res = publickey.verify(sigdat[i * csb:(i + 1) * csb] + pk,
                               basedir=basedir,
                               master=True)
        if res:
            sigs.append(res[0])
        i += 1
    return sigs
Exemplo n.º 7
0
def import_handler(infile=None, basedir=None):
    # imports ascii armored key from infile or stdin to basedir
    if not infile:
        b85 = sys.stdin.readline().strip()
    else:
        with file(infile) as fd:
            b85 = fd.readline().strip()
    pkt = b85decode(b85)
    mp = pkt[nacl.crypto_sign_BYTES:nacl.crypto_sign_BYTES+nacl.crypto_sign_PUBLICKEYBYTES]
    keys = nacl.crypto_sign_open(pkt, mp)
    if not keys:
        return
    name = keys[(nacl.crypto_sign_PUBLICKEYBYTES*3)+2*32:]
    kfile = publickey.get_pk_filename(basedir, name)
    if os.path.exists(kfile):
        bkp = kfile+'.old'
        print >>sys.stderr, "backing up existing key to %s" % bkp
        os.rename(kfile,bkp)
    with open(kfile, 'w') as fd:
        fd.write(pkt)
    # TODO check if key exists, then ask for confirmation of pk overwrite
    return name
Exemplo n.º 8
0
def import_handler(infile=None, basedir=None):
    # imports ascii armored key from infile or stdin to basedir
    if not infile:
        b85 = sys.stdin.readline().strip()
    else:
        with file(infile) as fd:
            b85 = fd.readline().strip()
    pkt = b85decode(b85)
    mp = pkt[nacl.crypto_sign_BYTES:nacl.crypto_sign_BYTES +
             nacl.crypto_sign_PUBLICKEYBYTES]
    keys = nacl.crypto_sign_open(pkt, mp)
    if not keys:
        return
    name = keys[(nacl.crypto_sign_PUBLICKEYBYTES * 3) + 2 * 32:]
    kfile = publickey.get_pk_filename(basedir, name)
    if os.path.exists(kfile):
        bkp = kfile + '.old'
        print >> sys.stderr, "backing up existing key to %s" % bkp
        os.rename(kfile, bkp)
    with open(kfile, 'w') as fd:
        fd.write(pkt)
    # TODO check if key exists, then ask for confirmation of pk overwrite
    return name