def create_share(self, localbox_path, passphrase, user_list):
"""
Share directory with users.
:return: True if success, False otherwise
"""
if localbox_path.startswith('/'):
localbox_path = localbox_path[1:]
data = dict()
data['identities'] = user_list
request = Request(url=self.url + 'lox_api/share_create/' +
quote_plus(localbox_path),
data=dumps(data))
try:
result = self._make_call(request).read()
key, iv = self.call_keys(localbox_path, passphrase)
# import public key in the user_list
for user in user_list:
public_key = user['public_key']
username = user['username']
gpg().add_public_key(self.label, username, public_key)
self.save_key(username, localbox_path, key, iv)
return True
except Exception as error:
getLogger(__name__).exception(error)
return False
def _add_encryption_keys(self, localbox_path, user_list):
if localbox_path.startswith('/'):
localbox_path = localbox_path[1:]
key, iv = self.call_keys(localbox_path,
LoginController().get_passphrase(self.label))
# import public key in the user_list
for user in user_list:
public_key = user['public_key']
username = user['username']
gpg().add_public_key(self.label, username, public_key)
self.save_key(username, localbox_path, key, iv)
def save_key(self, user, path, key, iv):
"""
saves an encrypted key on the localbox server
:param path: path relative to localbox location. eg: /some_folder/image.jpg
:param key:
:param iv:
:param site: localbox label
:param user:
:return:
"""
cryptopath = os_utils.get_keys_path(path)
getLogger(__name__).debug('saving key for %s', cryptopath)
site = self.authenticator.label
pgpclient = gpg()
encodedata = {
'cryptopath': cryptopath,
'key': b64encode(pgpclient.encrypt(key, site, user)),
'iv': b64encode(pgpclient.encrypt(iv, site, user)),
'user': user
}
data = dumps(encodedata)
request = Request(url=self.url + 'lox_api/key/', data=data)
result = self._make_call(request)
# NOTE: this is just the result of the last call, not all of them.
# should be more robust then this
return result
def call_keys(self, localbox_path, passphrase):
"""
Get the encrypted (key, iv) pair stored on the server.
:return: the key for symmetric encryption in the form: (key, iv)
"""
if not passphrase:
raise InvalidPassphraseError
pgp_client = gpg()
keys_path = os_utils.get_keys_path(localbox_path)
keys_path = quote_plus(keys_path.encode('utf8'))
getLogger(__name__).debug("call lox_api/key on localbox_path %s = %s",
localbox_path, keys_path)
request = Request(url=self.url + 'lox_api/key/' + keys_path)
result = self._make_call(request)
key_data = loads(result.read())
key = pgp_client.decrypt(b64decode(key_data['key']), passphrase)
iv = pgp_client.decrypt(b64decode(key_data['iv']), passphrase)
if not key or not iv:
getLogger(__name__).error(
"Failed to decrypt keys with passphrase = %s", passphrase)
raise InvalidPassphraseError()
getLogger(__name__).debug("Got key %s for localbox_path %s",
getChecksum(key), localbox_path)
return key, iv
def store_passphrase(self, passphrase, label, user):
if gpg().is_passphrase_valid(passphrase=passphrase,
label=label,
user=user):
self._passphrase[label] = passphrase
else:
raise InvalidPassphraseError
def store_keys(self, localbox_client, pubkey, privkey, passphrase):
username = localbox_client.authenticator.username
site = localbox_client.label
# set up gpg
keys = gpg()
if pubkey is not None and privkey is not None:
getLogger(__name__).debug("private key found and public key found")
result = keys.add_keypair(pubkey, privkey, site, username,
passphrase)
if result is None:
getLogger(__name__).debug("could not add keypair")
else:
getLogger(__name__).debug("public keys not found. generating...")
fingerprint = keys.generate(passphrase, site,
localbox_client.authenticator.username)
data = {
'private_key': keys.get_key(fingerprint, True),
'public_key': keys.get_key(fingerprint, False)
}
data_json = json.dumps(data)
# register key data
result = localbox_client.call_user(data_json)
if result is not None:
self._passphrase[site] = passphrase
return result
def call_keys(self, path, passphrase):
"""
do the keys call
:return: the key for symmetric encryption in the form: (key, iv)
"""
pgp_client = gpg()
keys_path = LocalBox.get_keys_path(path)
keys_path = quote_plus(keys_path)
getLogger(__name__).debug("call lox_api/key on path %s = %s", path,
keys_path)
request = Request(url=self.url + 'lox_api/key/' + keys_path)
result = self._make_call(request)
key_data = loads(result.read())
key = pgp_client.decrypt(b64decode(key_data['key']), passphrase)
iv = pgp_client.decrypt(b64decode(key_data['iv']), passphrase)
getLogger(__name__).debug("Got key %s for path %s", getChecksum(key),
path)
return key, iv