Mercurial > libervia-backend
annotate sat/plugins/plugin_sec_pte.py @ 4002:5245b675f7ad
plugin XEP-0313: don't wait for MAM to be retrieved in connection workflow:
MAM retrieval can be long, and can be done after connection, message just need to be
sorted when being inserted (i.e. frontends must do insort).
To avoid blocking connection for too long and result in bad UX and timeout risk, one2one
MAM message are not retrieved in background.
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Fri, 10 Mar 2023 17:22:45 +0100 |
| parents | 5fbdf986670c |
| children | 524856bd7b19 |
| rev | line source |
|---|---|
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
1 #!/usr/bin/env python3 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
2 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
3 # Libervia plugin for Pubsub Targeted Encryption |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
4 # Copyright (C) 2009-2022 Jérôme Poisson (goffi@goffi.org) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
5 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
6 # This program is free software: you can redistribute it and/or modify |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
7 # it under the terms of the GNU Affero General Public License as published by |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
8 # the Free Software Foundation, either version 3 of the License, or |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
9 # (at your option) any later version. |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
10 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
11 # This program is distributed in the hope that it will be useful, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
14 # GNU Affero General Public License for more details. |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
15 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
16 # You should have received a copy of the GNU Affero General Public License |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
17 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
18 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
19 from typing import Any, Dict, List, Optional |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
20 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
21 from twisted.internet import defer |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
22 from twisted.words.protocols.jabber import jid, xmlstream |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
23 from twisted.words.xish import domish |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
24 from wokkel import disco, iwokkel |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
25 from wokkel import rsm |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
26 from zope.interface import implementer |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
27 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
28 from sat.core import exceptions |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
29 from sat.core.constants import Const as C |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
30 from sat.core.core_types import SatXMPPEntity |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
31 from sat.core.i18n import _ |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
32 from sat.core.log import getLogger |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
33 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
34 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
35 log = getLogger(__name__) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
36 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
37 IMPORT_NAME = "PTE" |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
38 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
39 PLUGIN_INFO = { |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
40 C.PI_NAME: "Pubsub Targeted Encryption", |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
41 C.PI_IMPORT_NAME: IMPORT_NAME, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
42 C.PI_TYPE: C.PLUG_TYPE_XEP, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
43 C.PI_MODES: C.PLUG_MODE_BOTH, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
44 C.PI_PROTOCOLS: [], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
45 C.PI_DEPENDENCIES: ["XEP-0060", "XEP-0384"], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
46 C.PI_MAIN: "PTE", |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
47 C.PI_HANDLER: "yes", |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
48 C.PI_DESCRIPTION: _("""Encrypt some items to specific entities"""), |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
49 } |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
50 NS_PTE = "urn:xmpp:pte:0" |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
51 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
52 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
53 class PTE: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
54 namespace = NS_PTE |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
55 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
56 def __init__(self, host): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
57 log.info(_("Pubsub Targeted Encryption plugin initialization")) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
58 host.registerNamespace("pte", NS_PTE) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
59 self.host = host |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
60 self._o = host.plugins["XEP-0384"] |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
61 host.trigger.add("XEP-0060_publish", self._publish_trigger) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
62 host.trigger.add("XEP-0060_items", self._items_trigger) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
63 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
64 def getHandler(self, client): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
65 return PTE_Handler() |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
66 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
67 async def _publish_trigger( |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
68 self, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
69 client: SatXMPPEntity, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
70 service: jid.JID, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
71 node: str, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
72 items: Optional[List[domish.Element]], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
73 options: Optional[dict], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
74 sender: jid.JID, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
75 extra: Dict[str, Any] |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
76 ) -> bool: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
77 if not items or extra.get("encrypted_for") is None: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
78 return True |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
79 encrypt_data = extra["encrypted_for"] |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
80 try: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
81 targets = {jid.JID(t) for t in encrypt_data["targets"]} |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
82 except (KeyError, RuntimeError): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
83 raise exceptions.DataError(f"Invalid encryption data: {encrypt_data}") |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
84 for item in items: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
85 log.debug( |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
86 f"encrypting item {item.getAttribute('id', '')} for " |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
87 f"{', '.join(t.full() for t in targets)}" |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
88 ) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
89 encryption_type = encrypt_data.get("type", self._o.NS_TWOMEMO) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
90 if encryption_type != self._o.NS_TWOMEMO: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
91 raise NotImplementedError("only TWOMEMO is supported for now") |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
92 await self._o.encrypt( |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
93 client, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
94 self._o.NS_TWOMEMO, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
95 item, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
96 targets, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
97 is_muc_message=False, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
98 stanza_id=None |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
99 ) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
100 item_elts = list(item.elements()) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
101 if len(item_elts) != 1: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
102 raise ValueError( |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
103 f"there should be exactly one item payload: {item.toXml()}" |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
104 ) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
105 encrypted_payload = item_elts[0] |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
106 item.children.clear() |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
107 encrypted_elt = item.addElement((NS_PTE, "encrypted")) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
108 encrypted_elt["by"] = sender.userhost() |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
109 encrypted_elt["type"] = encryption_type |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
110 encrypted_elt.addChild(encrypted_payload) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
111 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
112 return True |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
113 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
114 async def _items_trigger( |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
115 self, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
116 client: SatXMPPEntity, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
117 service: Optional[jid.JID], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
118 node: str, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
119 items: List[domish.Element], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
120 rsm_response: rsm.RSMResponse, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
121 extra: Dict[str, Any], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
122 ) -> bool: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
123 if not extra.get(C.KEY_DECRYPT, True): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
124 return True |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
125 if service is None: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
126 service = client.jid.userhostJID() |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
127 for item in items: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
128 payload = item.firstChildElement() |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
129 if (payload is not None |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
130 and payload.name == "encrypted" |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
131 and payload.uri == NS_PTE): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
132 encrypted_elt = payload |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
133 item.children.clear() |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
134 try: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
135 encryption_type = encrypted_elt.getAttribute("type") |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
136 encrypted_by = jid.JID(encrypted_elt["by"]) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
137 except (KeyError, RuntimeError): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
138 raise exceptions.DataError( |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
139 f"invalid <encrypted> element: {encrypted_elt.toXml()}" |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
140 ) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
141 if encryption_type!= self._o.NS_TWOMEMO: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
142 raise NotImplementedError("only TWOMEMO is supported for now") |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
143 log.debug(f"decrypting item {item.getAttribute('id', '')}") |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
144 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
145 # FIXME: we do use _message_received_trigger now to decrypt the stanza, a |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
146 # cleaner separated decrypt method should be used |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
147 encrypted_elt["from"] = encrypted_by.full() |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
148 if not await self._o._message_received_trigger( |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
149 client, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
150 encrypted_elt, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
151 defer.Deferred() |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
152 ) or not encrypted_elt.children: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
153 raise exceptions.EncryptionError("can't decrypt the message") |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
154 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
155 item.addChild(encrypted_elt.firstChildElement()) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
156 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
157 extra.setdefault("encrypted", {})[item["id"]] = { |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
158 "type": NS_PTE, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
159 "algorithm": encryption_type |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
160 } |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
161 return True |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
162 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
163 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
164 @implementer(iwokkel.IDisco) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
165 class PTE_Handler(xmlstream.XMPPHandler): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
166 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
167 def getDiscoInfo(self, requestor, service, nodeIdentifier=""): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
168 return [disco.DiscoFeature(NS_PTE)] |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
169 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
170 def getDiscoItems(self, requestor, service, nodeIdentifier=""): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
171 return [] |