Mercurial > libervia-backend
annotate sat/plugins/plugin_sec_pte.py @ 3982:74f7c10a48bc
component AP gateway: properly close the HTTP connection on `checkSignature` exception:
if something is going wrong during `checkSignature` (other than signature verification
failing), a `500 Internal Server Error` code is returned, and the connection is properly
closed.
author | Goffi <goffi@goffi.org> |
---|---|
date | Tue, 15 Nov 2022 18:10:33 +0100 |
parents | 5fbdf986670c |
children | 524856bd7b19 |
rev | line source |
---|---|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
1 #!/usr/bin/env python3 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
2 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
3 # Libervia plugin for Pubsub Targeted Encryption |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
4 # Copyright (C) 2009-2022 Jérôme Poisson (goffi@goffi.org) |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
5 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
6 # This program is free software: you can redistribute it and/or modify |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
7 # it under the terms of the GNU Affero General Public License as published by |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
8 # the Free Software Foundation, either version 3 of the License, or |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
9 # (at your option) any later version. |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
10 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
11 # This program is distributed in the hope that it will be useful, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
14 # GNU Affero General Public License for more details. |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
15 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
16 # You should have received a copy of the GNU Affero General Public License |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
17 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
18 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
19 from typing import Any, Dict, List, Optional |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
20 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
21 from twisted.internet import defer |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
22 from twisted.words.protocols.jabber import jid, xmlstream |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
23 from twisted.words.xish import domish |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
24 from wokkel import disco, iwokkel |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
25 from wokkel import rsm |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
26 from zope.interface import implementer |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
27 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
28 from sat.core import exceptions |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
29 from sat.core.constants import Const as C |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
30 from sat.core.core_types import SatXMPPEntity |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
31 from sat.core.i18n import _ |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
32 from sat.core.log import getLogger |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
33 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
34 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
35 log = getLogger(__name__) |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
36 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
37 IMPORT_NAME = "PTE" |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
38 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
39 PLUGIN_INFO = { |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
40 C.PI_NAME: "Pubsub Targeted Encryption", |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
41 C.PI_IMPORT_NAME: IMPORT_NAME, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
42 C.PI_TYPE: C.PLUG_TYPE_XEP, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
43 C.PI_MODES: C.PLUG_MODE_BOTH, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
44 C.PI_PROTOCOLS: [], |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
45 C.PI_DEPENDENCIES: ["XEP-0060", "XEP-0384"], |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
46 C.PI_MAIN: "PTE", |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
47 C.PI_HANDLER: "yes", |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
48 C.PI_DESCRIPTION: _("""Encrypt some items to specific entities"""), |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
49 } |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
50 NS_PTE = "urn:xmpp:pte:0" |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
51 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
52 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
53 class PTE: |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
54 namespace = NS_PTE |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
55 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
56 def __init__(self, host): |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
57 log.info(_("Pubsub Targeted Encryption plugin initialization")) |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
58 host.registerNamespace("pte", NS_PTE) |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
59 self.host = host |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
60 self._o = host.plugins["XEP-0384"] |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
61 host.trigger.add("XEP-0060_publish", self._publish_trigger) |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
62 host.trigger.add("XEP-0060_items", self._items_trigger) |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
63 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
64 def getHandler(self, client): |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
65 return PTE_Handler() |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
66 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
67 async def _publish_trigger( |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
68 self, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
69 client: SatXMPPEntity, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
70 service: jid.JID, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
71 node: str, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
72 items: Optional[List[domish.Element]], |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
73 options: Optional[dict], |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
74 sender: jid.JID, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
75 extra: Dict[str, Any] |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
76 ) -> bool: |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
77 if not items or extra.get("encrypted_for") is None: |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
78 return True |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
79 encrypt_data = extra["encrypted_for"] |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
80 try: |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
81 targets = {jid.JID(t) for t in encrypt_data["targets"]} |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
82 except (KeyError, RuntimeError): |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
83 raise exceptions.DataError(f"Invalid encryption data: {encrypt_data}") |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
84 for item in items: |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
85 log.debug( |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
86 f"encrypting item {item.getAttribute('id', '')} for " |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
87 f"{', '.join(t.full() for t in targets)}" |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
88 ) |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
89 encryption_type = encrypt_data.get("type", self._o.NS_TWOMEMO) |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
90 if encryption_type != self._o.NS_TWOMEMO: |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
91 raise NotImplementedError("only TWOMEMO is supported for now") |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
92 await self._o.encrypt( |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
93 client, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
94 self._o.NS_TWOMEMO, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
95 item, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
96 targets, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
97 is_muc_message=False, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
98 stanza_id=None |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
99 ) |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
100 item_elts = list(item.elements()) |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
101 if len(item_elts) != 1: |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
102 raise ValueError( |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
103 f"there should be exactly one item payload: {item.toXml()}" |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
104 ) |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
105 encrypted_payload = item_elts[0] |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
106 item.children.clear() |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
107 encrypted_elt = item.addElement((NS_PTE, "encrypted")) |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
108 encrypted_elt["by"] = sender.userhost() |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
109 encrypted_elt["type"] = encryption_type |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
110 encrypted_elt.addChild(encrypted_payload) |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
111 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
112 return True |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
113 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
114 async def _items_trigger( |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
115 self, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
116 client: SatXMPPEntity, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
117 service: Optional[jid.JID], |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
118 node: str, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
119 items: List[domish.Element], |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
120 rsm_response: rsm.RSMResponse, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
121 extra: Dict[str, Any], |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
122 ) -> bool: |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
123 if not extra.get(C.KEY_DECRYPT, True): |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
124 return True |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
125 if service is None: |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
126 service = client.jid.userhostJID() |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
127 for item in items: |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
128 payload = item.firstChildElement() |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
129 if (payload is not None |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
130 and payload.name == "encrypted" |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
131 and payload.uri == NS_PTE): |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
132 encrypted_elt = payload |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
133 item.children.clear() |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
134 try: |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
135 encryption_type = encrypted_elt.getAttribute("type") |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
136 encrypted_by = jid.JID(encrypted_elt["by"]) |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
137 except (KeyError, RuntimeError): |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
138 raise exceptions.DataError( |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
139 f"invalid <encrypted> element: {encrypted_elt.toXml()}" |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
140 ) |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
141 if encryption_type!= self._o.NS_TWOMEMO: |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
142 raise NotImplementedError("only TWOMEMO is supported for now") |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
143 log.debug(f"decrypting item {item.getAttribute('id', '')}") |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
144 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
145 # FIXME: we do use _message_received_trigger now to decrypt the stanza, a |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
146 # cleaner separated decrypt method should be used |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
147 encrypted_elt["from"] = encrypted_by.full() |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
148 if not await self._o._message_received_trigger( |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
149 client, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
150 encrypted_elt, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
151 defer.Deferred() |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
152 ) or not encrypted_elt.children: |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
153 raise exceptions.EncryptionError("can't decrypt the message") |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
154 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
155 item.addChild(encrypted_elt.firstChildElement()) |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
156 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
157 extra.setdefault("encrypted", {})[item["id"]] = { |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
158 "type": NS_PTE, |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
159 "algorithm": encryption_type |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
160 } |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
161 return True |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
162 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
163 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
164 @implementer(iwokkel.IDisco) |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
165 class PTE_Handler(xmlstream.XMPPHandler): |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
166 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
167 def getDiscoInfo(self, requestor, service, nodeIdentifier=""): |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
168 return [disco.DiscoFeature(NS_PTE)] |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
169 |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
170 def getDiscoItems(self, requestor, service, nodeIdentifier=""): |
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
171 return [] |