def verify_inner_zip(self, zip_file):
"""
Extract contents of outer zip, verify the inner zip
"""
zip = ZipFile(zip_file, "r")
nfiles = len(zip.namelist())
for fi, afile in enumerate(zip.namelist()):
zip.extract(afile, path=self.working_dir)
self.signature_file = os.path.join(self.working_dir,
Command.signature_filename)
self.inner_zip_file = os.path.join(self.working_dir,
Command.inner_zip_filename)
central_server = Device.get_central_server()
lines = open(self.signature_file, "r").read().split("\n")
chunk_size = int(lines.pop(0))
if not central_server:
logging.warn(
"No central server device object found; trusting zip file because you asked me to..."
)
elif central_server.key and central_server.key.verify_large_file(
self.inner_zip_file, signature=lines, chunk_size=chunk_size):
logging.info("Verified file!")
else:
raise Exception("Failed to verify inner zip file.")
return self.inner_zip_file
def verify_inner_zip(self, zip_file):
"""
Extract contents of outer zip, verify the inner zip
"""
zip = ZipFile(zip_file, "r")
nfiles = len(zip.namelist())
for fi,afile in enumerate(zip.namelist()):
zip.extract(afile, path=self.working_dir)
self.signature_file = os.path.join(self.working_dir, Command.signature_filename)
self.inner_zip_file = os.path.join(self.working_dir, Command.inner_zip_filename)
central_server = Device.get_central_server()
lines = open(self.signature_file, "r").read().split("\n")
chunk_size = int(lines.pop(0))
if not central_server:
logging.warn("No central server device object found; trusting zip file because you asked me to...")
elif central_server.key.verify_large_file(self.inner_zip_file, signature=lines, chunk_size=chunk_size):
logging.info("Verified file!")
else:
raise Exception("Failed to verify inner zip file.")
return self.inner_zip_file
def create_json_file(include_data):
central_server = Device.get_central_server()
if not zone_id:
models = [central_server] if central_server else []
else:
# Get a chain of trust to the zone owner.
# Because we're on the central server, this will
# simply be the central server, but in the future
# this would return an actual chain.
logging.debug("Generating a zone invitation...")
zone = Zone.objects.get(id=zone_id)
chain = ChainOfTrust(zone=zone)
assert chain.validate()
new_invitation = ZoneInvitation.generate(
zone=zone, invited_by=Device.get_own_device())
new_invitation.save(
) # keep a record of the invitation, for future revocation. Also, signs the thing
# This ordering of objects is a bit be hokey, but OK--invitation usually must be
# inserted before devicezones--but because it's not pointing to any devices,
# it's OK to be at the end.
# Note that the central server will always be at the front of the chain of trust,
# so no need to explicitly include.
models = chain.objects() + [new_invitation]
#
if include_data:
logging.debug("Serializing entire dataset...")
devices = Device.objects.by_zone(zone)
devicezones = DeviceZone.objects.filter(zone=zone)
models += list(devices) + list(devicezones)
models += engine.get_models(
zone=zone, limit=None) # get all models on this zone
models_file = tempfile.mkstemp()[1]
with open(models_file, "w") as fp:
fp.write(engine.serialize(models))
return models_file
def create_json_file(include_data):
central_server = Device.get_central_server()
if not zone_id:
models = [central_server] if central_server else []
else:
# Get a chain of trust to the zone owner.
# Because we're on the central server, this will
# simply be the central server, but in the future
# this would return an actual chain.
logging.debug("Generating a zone invitation...")
zone = Zone.objects.get(id=zone_id)
chain = ChainOfTrust(zone=zone)
assert chain.validate()
new_invitation = ZoneInvitation.generate(zone=zone, invited_by=Device.get_own_device())
new_invitation.save() # keep a record of the invitation, for future revocation. Also, signs the thing
# This ordering of objects is a bit be hokey, but OK--invitation usually must be
# inserted before devicezones--but because it's not pointing to any devices,
# it's OK to be at the end.
# Note that the central server will always be at the front of the chain of trust,
# so no need to explicitly include.
models = chain.objects() + [new_invitation]
#
if include_data:
logging.debug("Serializing entire dataset...")
devices = Device.objects.by_zone(zone)
devicezones = DeviceZone.objects.filter(zone=zone)
models += list(devices) + list(devicezones)
models += engine.get_models(zone=zone, limit=None) # get all models on this zone
models_file = tempfile.mkstemp()[1]
with open(models_file, "w") as fp:
fp.write(engine.serialize(models))
return models_file
