Mercurial > libervia-backend
annotate libervia/backend/plugins/plugin_sec_pte.py @ 4351:6a0a081485b8
plugin autocrypt: Autocrypt protocol implementation:
Implementation of autocrypt: `autocrypt` header is checked, and if present and no public
key is known for the peer, the key is imported.
`autocrypt` header is also added to outgoing message (only if an email gateway is
detected).
For the moment, the JID is use as identifier, but the real email used by gateway should be
used in the future.
rel 456
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Fri, 28 Feb 2025 09:23:35 +0100 |
| parents | 0d7bb4df2343 |
| children |
| rev | line source |
|---|---|
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
1 #!/usr/bin/env python3 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
2 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
3 # Libervia plugin for Pubsub Targeted Encryption |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
4 # Copyright (C) 2009-2022 Jérôme Poisson (goffi@goffi.org) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
5 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
6 # This program is free software: you can redistribute it and/or modify |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
7 # it under the terms of the GNU Affero General Public License as published by |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
8 # the Free Software Foundation, either version 3 of the License, or |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
9 # (at your option) any later version. |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
10 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
11 # This program is distributed in the hope that it will be useful, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
14 # GNU Affero General Public License for more details. |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
15 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
16 # You should have received a copy of the GNU Affero General Public License |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
17 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
18 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
19 from typing import Any, Dict, List, Optional |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
20 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
21 from twisted.internet import defer |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
22 from twisted.words.protocols.jabber import jid, xmlstream |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
23 from twisted.words.xish import domish |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
24 from wokkel import disco, iwokkel |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
25 from wokkel import rsm |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
26 from zope.interface import implementer |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
27 |
|
4071
4b842c1fb686
refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents:
4037
diff
changeset
|
28 from libervia.backend.core import exceptions |
|
4b842c1fb686
refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents:
4037
diff
changeset
|
29 from libervia.backend.core.constants import Const as C |
|
4b842c1fb686
refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents:
4037
diff
changeset
|
30 from libervia.backend.core.core_types import SatXMPPEntity |
|
4b842c1fb686
refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents:
4037
diff
changeset
|
31 from libervia.backend.core.i18n import _ |
|
4b842c1fb686
refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents:
4037
diff
changeset
|
32 from libervia.backend.core.log import getLogger |
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
33 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
34 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
35 log = getLogger(__name__) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
36 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
37 IMPORT_NAME = "PTE" |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
38 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
39 PLUGIN_INFO = { |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
40 C.PI_NAME: "Pubsub Targeted Encryption", |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
41 C.PI_IMPORT_NAME: IMPORT_NAME, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
42 C.PI_TYPE: C.PLUG_TYPE_XEP, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
43 C.PI_MODES: C.PLUG_MODE_BOTH, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
44 C.PI_PROTOCOLS: [], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
45 C.PI_DEPENDENCIES: ["XEP-0060", "XEP-0384"], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
46 C.PI_MAIN: "PTE", |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
47 C.PI_HANDLER: "yes", |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
48 C.PI_DESCRIPTION: _("""Encrypt some items to specific entities"""), |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
49 } |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
50 NS_PTE = "urn:xmpp:pte:0" |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
51 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
52 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
53 class PTE: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
54 namespace = NS_PTE |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
55 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
56 def __init__(self, host): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
57 log.info(_("Pubsub Targeted Encryption plugin initialization")) |
|
4037
524856bd7b19
massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents:
3972
diff
changeset
|
58 host.register_namespace("pte", NS_PTE) |
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
59 self.host = host |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
60 self._o = host.plugins["XEP-0384"] |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
61 host.trigger.add("XEP-0060_publish", self._publish_trigger) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
62 host.trigger.add("XEP-0060_items", self._items_trigger) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
63 |
|
4037
524856bd7b19
massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents:
3972
diff
changeset
|
64 def get_handler(self, client): |
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
65 return PTE_Handler() |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
66 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
67 async def _publish_trigger( |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
68 self, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
69 client: SatXMPPEntity, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
70 service: jid.JID, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
71 node: str, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
72 items: Optional[List[domish.Element]], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
73 options: Optional[dict], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
74 sender: jid.JID, |
|
4270
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
75 extra: Dict[str, Any], |
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
76 ) -> bool: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
77 if not items or extra.get("encrypted_for") is None: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
78 return True |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
79 encrypt_data = extra["encrypted_for"] |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
80 try: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
81 targets = {jid.JID(t) for t in encrypt_data["targets"]} |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
82 except (KeyError, RuntimeError): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
83 raise exceptions.DataError(f"Invalid encryption data: {encrypt_data}") |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
84 for item in items: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
85 log.debug( |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
86 f"encrypting item {item.getAttribute('id', '')} for " |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
87 f"{', '.join(t.full() for t in targets)}" |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
88 ) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
89 encryption_type = encrypt_data.get("type", self._o.NS_TWOMEMO) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
90 if encryption_type != self._o.NS_TWOMEMO: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
91 raise NotImplementedError("only TWOMEMO is supported for now") |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
92 await self._o.encrypt( |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
93 client, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
94 self._o.NS_TWOMEMO, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
95 item, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
96 targets, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
97 is_muc_message=False, |
|
4270
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
98 stanza_id=None, |
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
99 ) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
100 item_elts = list(item.elements()) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
101 if len(item_elts) != 1: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
102 raise ValueError( |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
103 f"there should be exactly one item payload: {item.toXml()}" |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
104 ) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
105 encrypted_payload = item_elts[0] |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
106 item.children.clear() |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
107 encrypted_elt = item.addElement((NS_PTE, "encrypted")) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
108 encrypted_elt["by"] = sender.userhost() |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
109 encrypted_elt["type"] = encryption_type |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
110 encrypted_elt.addChild(encrypted_payload) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
111 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
112 return True |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
113 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
114 async def _items_trigger( |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
115 self, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
116 client: SatXMPPEntity, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
117 service: Optional[jid.JID], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
118 node: str, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
119 items: List[domish.Element], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
120 rsm_response: rsm.RSMResponse, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
121 extra: Dict[str, Any], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
122 ) -> bool: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
123 if not extra.get(C.KEY_DECRYPT, True): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
124 return True |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
125 if service is None: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
126 service = client.jid.userhostJID() |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
127 for item in items: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
128 payload = item.firstChildElement() |
|
4270
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
129 if ( |
|
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
130 payload is not None |
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
131 and payload.name == "encrypted" |
|
4270
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
132 and payload.uri == NS_PTE |
|
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
133 ): |
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
134 encrypted_elt = payload |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
135 item.children.clear() |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
136 try: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
137 encryption_type = encrypted_elt.getAttribute("type") |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
138 encrypted_by = jid.JID(encrypted_elt["by"]) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
139 except (KeyError, RuntimeError): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
140 raise exceptions.DataError( |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
141 f"invalid <encrypted> element: {encrypted_elt.toXml()}" |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
142 ) |
|
4270
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
143 if encryption_type != self._o.NS_TWOMEMO: |
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
144 raise NotImplementedError("only TWOMEMO is supported for now") |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
145 log.debug(f"decrypting item {item.getAttribute('id', '')}") |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
146 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
147 # FIXME: we do use _message_received_trigger now to decrypt the stanza, a |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
148 # cleaner separated decrypt method should be used |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
149 encrypted_elt["from"] = encrypted_by.full() |
|
4270
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
150 if ( |
|
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
151 not await self._o._message_received_trigger( |
|
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
152 client, encrypted_elt, defer.Deferred() |
|
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
153 ) |
|
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
154 or not encrypted_elt.children |
|
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
155 ): |
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
156 raise exceptions.EncryptionError("can't decrypt the message") |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
157 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
158 item.addChild(encrypted_elt.firstChildElement()) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
159 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
160 extra.setdefault("encrypted", {})[item["id"]] = { |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
161 "type": NS_PTE, |
|
4270
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
162 "algorithm": encryption_type, |
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
163 } |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
164 return True |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
165 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
166 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
167 @implementer(iwokkel.IDisco) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
168 class PTE_Handler(xmlstream.XMPPHandler): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
169 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
170 def getDiscoInfo(self, requestor, service, nodeIdentifier=""): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
171 return [disco.DiscoFeature(NS_PTE)] |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
172 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
173 def getDiscoItems(self, requestor, service, nodeIdentifier=""): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
174 return [] |