def rename_key(current_key_id, new_key_id, keys_folder=None): """ """ if not keys_folder: keys_folder = settings.KeyStoreDir() if current_key_id not in known_keys(): lg.warn('key %s is not found' % current_key_id) return False if key_obj(current_key_id).isPublic(): current_key_filepath = os.path.join(keys_folder, current_key_id + '.public') new_key_filepath = os.path.join(keys_folder, new_key_id + '.public') is_private = False else: current_key_filepath = os.path.join(keys_folder, current_key_id + '.private') new_key_filepath = os.path.join(keys_folder, new_key_id + '.private') is_private = True try: os.rename(current_key_filepath, new_key_filepath) except: lg.exc() return False key_object = known_keys().pop(current_key_id) known_keys()[new_key_id] = key_object gc.collect() if _Debug: lg.out(_DebugLevel, 'my_keys.rename_key key %s renamed to %s' % (current_key_id, new_key_id, )) lg.out(_DebugLevel, ' file %s renamed to %s' % (current_key_filepath, new_key_filepath, )) events.send('key-renamed', data=dict(old_key_id=current_key_id, new_key_id=new_key_id, is_private=is_private)) return True
def sign_key(key_id, keys_folder=None): key_id = latest_key_id(strng.to_text(key_id)) if key_id not in known_keys(): lg.warn('key %s is not found' % key_id) return False if not keys_folder: keys_folder = settings.KeyStoreDir() key_object = known_keys()[key_id] signed_key_info = make_key_info(key_object, key_id=key_id, include_private=True, sign_key=True) key_object.signed = ( signed_key_info['signature'], signed_key_info['signature_pubkey'], ) known_keys()[key_id] = key_object save_key(key_id, keys_folder=keys_folder) events.send('key-signed', data=dict( key_id=key_id, label=key_object.label, key_size=key_object.size(), )) return key_object
def register_key(key_id, key_object_or_string, label='', keys_folder=None): """ """ if key_id in known_keys(): lg.warn('key %s already exists' % key_id) return None if not label: label = 'key%s' % utime.make_timestamp() if strng.is_string(key_object_or_string): if _Debug: lg.out(_DebugLevel, 'my_keys.register_key %s from %d bytes openssh_input_string' % ( key_id, len(key_object_or_string))) key_object = unserialize_key_to_object(key_object_or_string) if not key_object: lg.warn('invalid openssh string, unserialize_key_to_object() failed') return None else: if _Debug: lg.out(_DebugLevel, 'my_keys.register_key %s from object' % key_id) key_object = key_object_or_string known_keys()[key_id] = key_object if _Debug: lg.out(_DebugLevel, ' key %s added' % key_id) if not keys_folder: keys_folder = settings.KeyStoreDir() save_key(key_id, keys_folder=keys_folder) events.send('key-registered', data=dict(key_id=key_id, label=label, key_size=key_object.size(), )) return key_object
def read_key_file(key_id, keys_folder=None): if not keys_folder: keys_folder = settings.KeyStoreDir() key_filepath = os.path.join(keys_folder, '%s.private' % key_id) is_private = True if not os.path.exists(key_filepath): key_filepath = os.path.join(keys_folder, '%s.public' % key_id) is_private = False key_raw = local_fs.ReadTextFile(key_filepath) if not key_raw: lg.warn('failed reading key from %r' % key_filepath) return None key_raw_strip = key_raw.strip() try: if key_raw_strip.startswith('{') and key_raw_strip.endswith('}'): key_dict = jsn.loads_text(key_raw_strip) else: key_dict = { 'label': key_id, 'is_private': is_private, 'body': key_raw_strip, 'local_key_id': None, 'need_to_convert': True, } except: lg.exc() return None return key_dict
def register_key(key_id, key_object_or_string, keys_folder=None): """ """ if key_id in known_keys(): lg.warn('key %s already exists' % key_id) return None if isinstance(key_object_or_string, six.string_types): lg.out( 4, 'my_keys.register_key %s from %d bytes openssh_input_string' % (key_id, len(key_object_or_string))) key_object = unserialize_key_to_object(key_object_or_string) if not key_object: lg.warn( 'invalid openssh string, unserialize_key_to_object() failed') return None else: lg.out(4, 'my_keys.register_key %s from object' % key_id) key_object = key_object_or_string known_keys()[key_id] = key_object if not keys_folder: keys_folder = settings.KeyStoreDir() if key_object.isPublic(): key_string = key_object.toPublicString() key_filepath = os.path.join(keys_folder, key_id + '.public') bpio.WriteTextFile(key_filepath, key_string) else: key_string = key_object.toPrivateString() key_filepath = os.path.join(keys_folder, key_id + '.private') bpio.WriteTextFile(key_filepath, key_string) if _Debug: lg.out(_DebugLevel, ' key %s added, saved to %s' % (key_id, key_filepath)) return key_filepath
def load_local_keys(keys_folder=None): """ """ if not keys_folder: keys_folder = settings.KeyStoreDir() if _Debug: lg.out(_DebugLevel, 'my_keys.load_local_keys will read files from %s' % keys_folder) known_keys().clear() count = 0 for key_filename in os.listdir(keys_folder): key_filepath = os.path.join(keys_folder, key_filename) try: key_object = rsa_key.RSAKey() key_object.fromFile(key_filepath) except: lg.exc() continue if not key_object.isPublic(): if not validate_key(key_object): lg.warn('validation failed for %s' % key_filepath) continue key_id = key_filename.replace('.private', '').replace('.public', '') if not is_valid_key_id(key_id): lg.warn('key_id is not valid: %s' % key_id) continue known_keys()[key_id] = key_object count += 1 if _Debug: lg.out(_DebugLevel, ' %d keys loaded' % count)
def generate_key(key_id, key_size=4096, keys_folder=None, output_type='openssh'): """ """ if key_id in known_keys(): lg.warn('key "%s" already exists' % key_id) return None lg.out(4, 'my_keys.generate_key "%s" of %d bits' % (key_id, key_size)) rsa_key = RSA.generate(key_size, os.urandom) key_object = keys.Key(rsa_key) known_keys()[key_id] = key_object if not keys_folder: keys_folder = settings.KeyStoreDir() key_string = key_object.toString(output_type) if key_object.isPublic(): key_filepath = os.path.join(keys_folder, key_id + '.public') else: key_filepath = os.path.join(keys_folder, key_id + '.private') bpio.WriteFile(key_filepath, key_string) if _Debug: lg.out(_DebugLevel, ' key %s generated, saved to %s' % (key_id, key_filepath)) return key_object
def save_key(key_id, keys_folder=None): """ """ key_object = known_keys()[key_id] if key_object is None: lg.warn('can not save key %s because it is not loaded yet' % key_id) return False if not keys_folder: keys_folder = settings.KeyStoreDir() if key_object.isPublic(): key_filepath = os.path.join(keys_folder, key_id + '.public') key_dict = key_object.toDict(include_private=False) key_string = jsn.dumps(key_dict, indent=1, separators=(',', ':')) else: key_filepath = os.path.join(keys_folder, key_id + '.private') key_dict = key_object.toDict(include_private=True) key_string = jsn.dumps(key_dict, indent=1, separators=(',', ':')) if not bpio.WriteTextFile(key_filepath, key_string): lg.warn('failed saving key %r to %r' % ( key_id, key_filepath, )) return False if _Debug: lg.out( _DebugLevel, 'my_keys.save_key stored key %r locally in %r' % ( key_id, key_filepath, )) return True
def generate_key(key_id, label='', key_size=4096, keys_folder=None): """ """ if key_id in known_keys(): lg.warn('key "%s" already exists' % key_id) return None if not label: label = 'key%s' % utime.make_timestamp() if _Debug: lg.out( _DebugLevel, 'my_keys.generate_key "%s" of %d bits, label=%r' % (key_id, key_size, label)) key_object = rsa_key.RSAKey() key_object.generate(key_size) key_object.label = label known_keys()[key_id] = key_object if _Debug: lg.out(_DebugLevel, ' key %s generated' % key_id) if not keys_folder: keys_folder = settings.KeyStoreDir() save_key(key_id, keys_folder=keys_folder) events.send('key-generated', data=dict( key_id=key_id, label=label, key_size=key_size, )) return key_object
def erase_key(key_id, keys_folder=None): """ """ if key_id not in known_keys(): lg.warn('key %s is not found' % key_id) return False if not keys_folder: keys_folder = settings.KeyStoreDir() if key_obj(key_id).isPublic(): key_filepath = os.path.join(keys_folder, key_id + '.public') is_private = False else: key_filepath = os.path.join(keys_folder, key_id + '.private') is_private = True try: os.remove(key_filepath) except: lg.exc() return False known_keys().pop(key_id) gc.collect() if _Debug: lg.out(_DebugLevel, ' key %s removed, file %s deleted' % (key_id, key_filepath)) events.send('key-erased', data=dict(key_id=key_id, is_private=is_private)) return True
def do_restore_key(key_id, is_private, keys_folder=None, wait_result=False): """ Restore given key from my suppliers if I do not have it locally. """ if _Debug: lg.out(_DebugLevel, 'key_ring.do_restore_key key_id=%r is_private=%r' % (key_id, is_private, )) if my_keys.is_key_registered(key_id): lg.err('local key already exist: "%s"' % key_id) if wait_result: return fail(Exception('local key already exist: "%s"' % key_id)) return False if not keys_folder: keys_folder = settings.KeyStoreDir() if is_private: remote_path_for_key = '.keys/%s.private' % key_id else: remote_path_for_key = '.keys/%s.public' % key_id global_key_path = global_id.MakeGlobalID( key_alias='master', customer=my_id.getGlobalID(), path=remote_path_for_key) ret = api.file_download_start( remote_path=global_key_path, destination_path=keys_folder, wait_result=True, open_share=False, ) if not isinstance(ret, Deferred): lg.err('failed to download key "%s": %s' % (key_id, ret)) if wait_result: return fail(Exception('failed to download key "%s": %s' % (key_id, ret))) return False result = Deferred() def _on_result(res): if not isinstance(res, dict): lg.err('failed to download key "%s": %s' % (key_id, res)) if wait_result: result.errback(Exception('failed to download key "%s": %s' % (key_id, res))) return None if res['status'] != 'OK': lg.err('failed to download key "%s": %r' % (key_id, res)) if wait_result: result.errback(Exception('failed to download key "%s": %r' % (key_id, res))) return None if not my_keys.load_key(key_id, keys_folder): lg.err('failed to read key "%s" from local folder "%s"' % (key_id, keys_folder)) if wait_result: result.errback(Exception('failed to read key "%s" from local folder "%s"' % (key_id, keys_folder))) return None if _Debug: lg.out(_DebugLevel, 'key_ring.do_restore_key._on_result key_id=%s is_private=%r : %r' % (key_id, is_private, res)) if wait_result: result.callback(res) return None ret.addBoth(_on_result) if not wait_result: return True return result
def scan_local_keys(keys_folder=None): global _LatestLocalKeyID if not keys_folder: keys_folder = settings.KeyStoreDir() if _Debug: lg.out(_DebugLevel, 'my_keys.scan_local_keys will read files from %r' % keys_folder) latest_local_key_id_filepath = os.path.join(keys_folder, 'latest_local_key_id') latest_local_key_id_src = local_fs.ReadTextFile( latest_local_key_id_filepath) if latest_local_key_id_src: _LatestLocalKeyID = int(latest_local_key_id_src) else: _LatestLocalKeyID = 0 known_keys().clear() local_keys().clear() local_keys_index().clear() count = 0 unregistered_keys = [] for key_filename in os.listdir(keys_folder): if key_filename == 'latest_local_key_id': continue key_id = key_filename.replace('.private', '').replace('.public', '') if not is_valid_key_id(key_id): lg.warn('key_id is not valid: %r' % key_id) continue key_dict = read_key_file(key_id, keys_folder=keys_folder) local_key_id = key_dict.get('local_key_id') if local_key_id is None: key_dict['key_id'] = key_id unregistered_keys.append(key_dict) continue if _LatestLocalKeyID < local_key_id: _LatestLocalKeyID = local_key_id local_keys()[local_key_id] = key_id known_keys()[key_id] = None count += 1 registered_count = 0 for key_dict in unregistered_keys: key_id = key_dict['key_id'] if not load_key(key_id, keys_folder=keys_folder): continue _LatestLocalKeyID += 1 new_local_key_id = _LatestLocalKeyID lg.warn('about to register key %r with local_key_id=%r' % ( key_id, new_local_key_id, )) known_keys()[key_id].local_key_id = new_local_key_id save_key(key_id, keys_folder=keys_folder) registered_count += 1 unregistered_keys = [] save_latest_local_key_id(keys_folder=keys_folder) if _Debug: lg.out( _DebugLevel, ' %d keys found and %d registered' % ( count, registered_count, ))
def load_key(key_id, keys_folder=None): """ """ if not is_valid_key_id(key_id): lg.warn('key_id is not valid: %s' % key_id) return False if not keys_folder: keys_folder = settings.KeyStoreDir() key_filepath = os.path.join(keys_folder, '%s.private' % key_id) is_private = True if not os.path.exists(key_filepath): key_filepath = os.path.join(keys_folder, '%s.public' % key_id) is_private = False key_raw = local_fs.ReadTextFile(key_filepath) if not key_raw: lg.warn('failed reading key from %r' % key_filepath) return False key_raw_strip = key_raw.strip() need_to_convert = False try: if key_raw_strip.startswith('{') and key_raw_strip.endswith('}'): key_dict = jsn.loads_text(key_raw_strip) else: key_dict = { 'label': key_id, 'body': key_raw_strip, } need_to_convert = True except: lg.exc() return False try: key_object = rsa_key.RSAKey() key_object.fromDict(key_dict) except: lg.exc() return False if not key_object.isPublic(): if not validate_key(key_object): lg.warn('validation failed for %s' % key_filepath) return False known_keys()[key_id] = key_object if _Debug: lg.out( _DebugLevel, 'my_keys.load_key %r label=%r is_private=%r from %s' % ( key_id, key_object.label, is_private, keys_folder, )) if need_to_convert: save_key(key_id, keys_folder=keys_folder) lg.info('key %r format converted to JSON' % key_id) return True
def save_latest_local_key_id(keys_folder=None): global _LatestLocalKeyID if not keys_folder: keys_folder = settings.KeyStoreDir() latest_local_key_id_filepath = os.path.join(keys_folder, 'latest_local_key_id') if not bpio.WriteTextFile(latest_local_key_id_filepath, '{}'.format(_LatestLocalKeyID)): lg.warn('failed saving latest_local_key_id to %r' % latest_local_key_id_filepath) return False return True
def sign_key(key_id, keys_folder=None, ignore_shared_keys=False, save=True): key_id = latest_key_id(strng.to_text(key_id)) if not is_key_registered(key_id): lg.warn('key %s is not found' % key_id) return False if not keys_folder: keys_folder = settings.KeyStoreDir() key_object = known_keys()[key_id] if key_object.signed: if key_object.signed[1] != key.MyPublicKey(): if ignore_shared_keys: if _Debug: lg.dbg( _DebugLevel, 'skip generating signature for shared key: %r' % key_id) return True raise Exception( 'must not generate and overwrite existing signature for shared key: %r' % key_id) signed_key_info = make_key_info( key_object=key_object, key_id=key_id, include_private=not key_object.isPublic(), generate_signature=True, ) key_object.signed = ( signed_key_info['signature'], signed_key_info['signature_pubkey'], ) known_keys()[key_id] = key_object if save: save_key(key_id, keys_folder=keys_folder) events.send('key-signed', data=dict( key_id=key_id, label=key_object.label, key_size=key_object.size(), )) listeners.push_snapshot('key', snap_id=key_id, data=make_key_info( key_object=key_object, key_id=key_id, event='key-signed', include_private=False, include_local_id=True, include_signature=True, include_label=True, )) return key_object
def save_keys_local(keys_folder=None): """ """ if not keys_folder: keys_folder = settings.KeyStoreDir() if _Debug: lg.out(_DebugLevel, 'my_keys.save_keys_local will store all known keys in %s' % keys_folder) count = 0 for key_id in known_keys().keys(): if save_key(key_id, keys_folder=keys_folder): count += 1 if _Debug: lg.out(_DebugLevel, ' %d keys saved' % count) return count
def load_local_keys(keys_folder=None): """ """ if not keys_folder: keys_folder = settings.KeyStoreDir() if _Debug: lg.out(_DebugLevel, 'my_keys.load_local_keys will read files from %s' % keys_folder) known_keys().clear() count = 0 for key_filename in os.listdir(keys_folder): key_filepath = os.path.join(keys_folder, key_filename) key_id = key_filename.replace('.private', '').replace('.public', '') if not is_valid_key_id(key_id): lg.warn('key_id is not valid: %s' % key_id) continue key_raw = local_fs.ReadTextFile(key_filepath) if not key_raw: lg.warn('failed reading key from %r' % key_filepath) continue key_raw_strip = key_raw.strip() try: if key_raw_strip.startswith('{') and key_raw_strip.endswith('}'): key_dict = jsn.loads_text(key_raw_strip) else: key_dict = { 'label': key_id, 'body': key_raw_strip, } except: lg.exc() continue try: key_object = rsa_key.RSAKey() key_object.fromDict(key_dict) except: lg.exc() continue if not key_object.isPublic(): if not validate_key(key_object): lg.warn('validation failed for %s' % key_filepath) continue known_keys()[key_id] = key_object count += 1 if _Debug: lg.out(_DebugLevel, ' %d keys loaded' % count) return count
def scan_local_keys(keys_folder=None): """ """ if not keys_folder: keys_folder = settings.KeyStoreDir() if _Debug: lg.out(_DebugLevel, 'my_keys.scan_local_keys will read files from %s' % keys_folder) known_keys().clear() count = 0 for key_filename in os.listdir(keys_folder): key_id = key_filename.replace('.private', '').replace('.public', '') if not is_valid_key_id(key_id): lg.warn('key_id is not valid: %s' % key_id) continue known_keys()[key_id] = None count += 1 if _Debug: lg.out(_DebugLevel, ' %d keys found' % count)
def generate_key(key_id, key_size=4096, keys_folder=None): """ """ if key_id in known_keys(): lg.warn('key "%s" already exists' % key_id) return None lg.out(4, 'my_keys.generate_key "%s" of %d bits' % (key_id, key_size)) key_object = rsa_key.RSAKey() key_object.generate(key_size) known_keys()[key_id] = key_object if not keys_folder: keys_folder = settings.KeyStoreDir() key_string = key_object.toPrivateString() key_filepath = os.path.join(keys_folder, key_id + '.private') bpio.WriteTextFile(key_filepath, key_string) if _Debug: lg.out(_DebugLevel, ' key %s generated, saved to %s' % (key_id, key_filepath)) return key_object
def generate_key(key_id, label='', key_size=4096, keys_folder=None): global _LatestLocalKeyID key_id = latest_key_id(key_id) if is_key_registered(key_id): lg.warn('key %r already registered' % key_id) return None if not label: label = 'key%s' % utime.make_timestamp() if _Debug: lg.out( _DebugLevel, 'my_keys.generate_key %r of %d bits, label=%r' % (key_id, key_size, label)) _LatestLocalKeyID += 1 save_latest_local_key_id(keys_folder=keys_folder) key_object = rsa_key.RSAKey() key_object.generate(key_size) key_object.label = label key_object.local_key_id = _LatestLocalKeyID known_keys()[key_id] = key_object if _Debug: lg.out(_DebugLevel, ' key %r generated' % key_id) if not keys_folder: keys_folder = settings.KeyStoreDir() save_key(key_id, keys_folder=keys_folder) events.send('key-generated', data=dict( key_id=key_id, label=label, key_size=key_size, )) listeners.push_snapshot('key', snap_id=key_id, data=make_key_info( key_object=key_object, key_id=key_id, event='key-generated', include_private=False, include_local_id=True, include_signature=True, include_label=True, )) return key_object
def save_keys_local(keys_folder=None): """ """ if not keys_folder: keys_folder = settings.KeyStoreDir() if _Debug: lg.out( _DebugLevel, 'my_keys.save_keys_local will store all known keys in %s' % keys_folder) count = 0 for key_id, key_object in known_keys().items(): if key_object.isPublic(): key_filepath = os.path.join(keys_folder, key_id + '.public') else: key_filepath = os.path.join(keys_folder, key_id + '.private') key_string = key_object.toPrivateString() bpio.WriteTextFile(key_filepath, key_string) count += 1 if _Debug: lg.out(_DebugLevel, ' %d keys saved' % count)
def erase_key(key_id, keys_folder=None): key_id = latest_key_id(key_id) if not is_key_registered(key_id): lg.warn('key %s is not registered' % key_id) return False if not keys_folder: keys_folder = settings.KeyStoreDir() if key_obj(key_id).isPublic(): key_filepath = os.path.join(keys_folder, key_id + '.public') is_private = False else: key_filepath = os.path.join(keys_folder, key_id + '.private') is_private = True try: os.remove(key_filepath) except: lg.exc() return False k_obj = known_keys().pop(key_id) local_keys().pop(k_obj.local_key_id, None) local_keys_index().pop(k_obj.toPublicString(), None) gc.collect() if _Debug: lg.out(_DebugLevel, ' key %s removed, file %s deleted' % (key_id, key_filepath)) events.send('key-erased', data=dict(key_id=key_id, is_private=is_private)) listeners.push_snapshot('key', snap_id=key_id, deleted=True, data=make_key_info( key_object=None, key_id=key_id, event='key-erased', include_private=False, include_local_id=True, include_signature=True, include_label=True, )) return True
def erase_key(key_id, keys_folder=None): """ """ if key_id not in known_keys(): lg.warn('key %s is not found' % key_id) return False if not keys_folder: keys_folder = settings.KeyStoreDir() if key_obj(key_id).isPublic(): key_filepath = os.path.join(keys_folder, key_id + '.public') else: key_filepath = os.path.join(keys_folder, key_id + '.private') try: os.remove(key_filepath) except: lg.exc() return False known_keys().pop(key_id) if _Debug: lg.out(_DebugLevel, ' key %s removed, file %s deleted' % (key_id, key_filepath)) return True
def do_backup_key(key_id, keys_folder=None, wait_result=False): """ Send given key to my suppliers to store it remotely. This will make a regular backup copy of that key file - encrypted with my master key. """ if _Debug: lg.out(_DebugLevel, 'key_ring.do_backup_key key_id=%r' % key_id) if key_id == my_id.getGlobalID(key_alias='master') or key_id == 'master': lg.err('master key must never leave local host') if wait_result: return fail(Exception('master key must never leave local host')) return False if not my_keys.is_key_registered(key_id): lg.err('unknown key: "%s"' % key_id) if wait_result: return fail(Exception('unknown key: "%s"' % key_id)) return False if not keys_folder: keys_folder = settings.KeyStoreDir() if my_keys.is_key_private(key_id): local_key_filepath = os.path.join(keys_folder, '%s.private' % key_id) remote_path_for_key = '.keys/%s.private' % key_id else: local_key_filepath = os.path.join(keys_folder, '%s.public' % key_id) remote_path_for_key = '.keys/%s.public' % key_id global_key_path = global_id.MakeGlobalID( key_alias='master', customer=my_id.getGlobalID(), path=remote_path_for_key) res = api.file_exists(global_key_path) if res['status'] == 'OK' and res['result'] and res['result'].get('exist'): lg.warn('key %s already exists in catalog' % global_key_path) global_key_path_id = res['result'].get('path_id') if global_key_path_id and backup_control.IsPathInProcess(global_key_path_id): lg.warn('skip, another backup for key already started: %s' % global_key_path_id) if not wait_result: return True backup_id_list = backup_control.FindRunningBackup(global_key_path_id) if backup_id_list: backup_id = backup_id_list[0] backup_job = backup_control.GetRunningBackupObject(backup_id) if backup_job: backup_result = Deferred() backup_job.resultDefer.addCallback( lambda resp: backup_result.callback(True) if resp == 'done' else backup_result.errback( Exception('failed to upload key "%s", task was not started: %r' % (global_key_path, resp)))) if _Debug: backup_job.resultDefer.addErrback(lg.errback, debug=_Debug, debug_level=_DebugLevel, method='key_ring.do_backup_key') backup_job.resultDefer.addErrback(backup_result.errback) if _Debug: lg.args(_DebugLevel, backup_id=backup_id, global_key_path_id=global_key_path_id) return backup_result else: lg.warn('did not found running backup job: %r' % backup_id) else: lg.warn('did not found running backup id for path: %r' % global_key_path_id) else: res = api.file_create(global_key_path) if res['status'] != 'OK': lg.err('failed to create path "%s" in the catalog: %r' % (global_key_path, res)) if wait_result: return fail(Exception('failed to create path "%s" in the catalog: %r' % (global_key_path, res))) return False res = api.file_upload_start( local_path=local_key_filepath, remote_path=global_key_path, wait_result=wait_result, open_share=False, ) if not wait_result: if res['status'] != 'OK': lg.err('failed to upload key "%s": %r' % (global_key_path, res)) return False if _Debug: lg.out(_DebugLevel, 'key_ring.do_backup_key key_id=%s : %r' % (key_id, res)) return True backup_result = Deferred() # TODO: put that code bellow into api.file_upload_start() method with additional parameter def _job_done(result): if _Debug: lg.args(_DebugLevel, key_id=key_id, result=result) if result == 'done': backup_result.callback(True) else: backup_result.errback(Exception('failed to upload key "%s", backup is %r' % (key_id, result))) return None def _task_started(resp): if _Debug: lg.args(_DebugLevel, key_id=key_id, response=resp) if resp['status'] != 'OK': backup_result.errback(Exception('failed to upload key "%s", task was not started: %r' % (global_key_path, resp))) return None backupObj = backup_control.jobs().get(resp['version']) if not backupObj: backup_result.errback(Exception('failed to upload key "%s", task %r failed to start' % (global_key_path, resp['version']))) return None backupObj.resultDefer.addCallback(_job_done) backupObj.resultDefer.addErrback(backup_result.errback) return None if not isinstance(res, Deferred): res_defer = Deferred() res_defer.callback(res) res = res_defer res.addCallback(_task_started) res.addErrback(backup_result.errback) return backup_result
def register_key(key_id, key_object_or_string, label='', keys_folder=None): global _LatestLocalKeyID key_id = latest_key_id(key_id) if is_key_registered(key_id): lg.warn('key %s already registered' % key_id) return None if not keys_folder: keys_folder = settings.KeyStoreDir() if not label: label = 'key%s' % utime.make_timestamp() if strng.is_string(key_object_or_string): key_object_or_string = strng.to_bin(key_object_or_string) if _Debug: lg.out( _DebugLevel, 'my_keys.register_key %r from %d bytes openssh_input_string' % (key_id, len(key_object_or_string))) key_object = unserialize_key_to_object(key_object_or_string) if not key_object: lg.warn( 'invalid openssh string, unserialize_key_to_object() failed') return None else: if _Debug: lg.out(_DebugLevel, 'my_keys.register_key %r from object' % key_id) key_object = key_object_or_string known_local_key_id = local_keys_index().get(key_object.toPublicString()) if known_local_key_id is not None: known_key_id = local_keys().get(known_local_key_id) if known_key_id is not None: known_key_id = latest_key_id(known_key_id) if known_key_id != key_id: raise Exception( 'must not register same key with local_key_id=%r twice with different key_id: %r ~ %r' % ( known_local_key_id, known_key_id, key_id, )) new_local_key_id = known_local_key_id if new_local_key_id is None: _LatestLocalKeyID += 1 save_latest_local_key_id(keys_folder=keys_folder) new_local_key_id = _LatestLocalKeyID key_object.local_key_id = new_local_key_id known_keys()[key_id] = key_object if _Debug: lg.out(_DebugLevel, ' key %r registered' % key_id) save_key(key_id, keys_folder=keys_folder) events.send('key-registered', data=dict( key_id=key_id, label=label, key_size=key_object.size(), )) listeners.push_snapshot('key', snap_id=key_id, data=make_key_info( key_object=key_object, key_id=key_id, event='key-registered', include_private=False, include_local_id=True, include_signature=True, include_label=True, )) return key_object