Mercurial > libervia-backend
annotate libervia/backend/plugins/plugin_sec_pte.py @ 4306:94e0968987cd
plugin XEP-0033: code modernisation, improve delivery, data validation:
- Code has been rewritten using Pydantic models and `async` coroutines for data validation
and cleaner element parsing/generation.
- Delivery has been completely rewritten. It now works even if server doesn't support
multicast, and send to local multicast service first. Delivering to local multicast
service first is due to bad support of XEP-0033 in server (notably Prosody which has an
incomplete implementation), and the current impossibility to detect if a sub-domain
service handles fully multicast or only for local domains. This is a workaround to have
a good balance between backward compatilibity and use of bandwith, and to make it work
with the incoming email gateway implementation (the gateway will only deliver to
entities of its own domain).
- disco feature checking now uses `async` corountines. `host` implementation still use
Deferred return values for compatibility with legacy code.
rel 450
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Thu, 26 Sep 2024 16:12:01 +0200 |
| parents | 0d7bb4df2343 |
| children |
| rev | line source |
|---|---|
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
1 #!/usr/bin/env python3 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
2 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
3 # Libervia plugin for Pubsub Targeted Encryption |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
4 # Copyright (C) 2009-2022 Jérôme Poisson (goffi@goffi.org) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
5 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
6 # This program is free software: you can redistribute it and/or modify |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
7 # it under the terms of the GNU Affero General Public License as published by |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
8 # the Free Software Foundation, either version 3 of the License, or |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
9 # (at your option) any later version. |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
10 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
11 # This program is distributed in the hope that it will be useful, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
14 # GNU Affero General Public License for more details. |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
15 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
16 # You should have received a copy of the GNU Affero General Public License |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
17 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
18 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
19 from typing import Any, Dict, List, Optional |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
20 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
21 from twisted.internet import defer |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
22 from twisted.words.protocols.jabber import jid, xmlstream |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
23 from twisted.words.xish import domish |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
24 from wokkel import disco, iwokkel |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
25 from wokkel import rsm |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
26 from zope.interface import implementer |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
27 |
|
4071
4b842c1fb686
refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents:
4037
diff
changeset
|
28 from libervia.backend.core import exceptions |
|
4b842c1fb686
refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents:
4037
diff
changeset
|
29 from libervia.backend.core.constants import Const as C |
|
4b842c1fb686
refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents:
4037
diff
changeset
|
30 from libervia.backend.core.core_types import SatXMPPEntity |
|
4b842c1fb686
refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents:
4037
diff
changeset
|
31 from libervia.backend.core.i18n import _ |
|
4b842c1fb686
refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents:
4037
diff
changeset
|
32 from libervia.backend.core.log import getLogger |
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
33 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
34 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
35 log = getLogger(__name__) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
36 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
37 IMPORT_NAME = "PTE" |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
38 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
39 PLUGIN_INFO = { |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
40 C.PI_NAME: "Pubsub Targeted Encryption", |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
41 C.PI_IMPORT_NAME: IMPORT_NAME, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
42 C.PI_TYPE: C.PLUG_TYPE_XEP, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
43 C.PI_MODES: C.PLUG_MODE_BOTH, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
44 C.PI_PROTOCOLS: [], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
45 C.PI_DEPENDENCIES: ["XEP-0060", "XEP-0384"], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
46 C.PI_MAIN: "PTE", |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
47 C.PI_HANDLER: "yes", |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
48 C.PI_DESCRIPTION: _("""Encrypt some items to specific entities"""), |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
49 } |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
50 NS_PTE = "urn:xmpp:pte:0" |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
51 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
52 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
53 class PTE: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
54 namespace = NS_PTE |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
55 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
56 def __init__(self, host): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
57 log.info(_("Pubsub Targeted Encryption plugin initialization")) |
|
4037
524856bd7b19
massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents:
3972
diff
changeset
|
58 host.register_namespace("pte", NS_PTE) |
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
59 self.host = host |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
60 self._o = host.plugins["XEP-0384"] |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
61 host.trigger.add("XEP-0060_publish", self._publish_trigger) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
62 host.trigger.add("XEP-0060_items", self._items_trigger) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
63 |
|
4037
524856bd7b19
massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents:
3972
diff
changeset
|
64 def get_handler(self, client): |
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
65 return PTE_Handler() |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
66 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
67 async def _publish_trigger( |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
68 self, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
69 client: SatXMPPEntity, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
70 service: jid.JID, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
71 node: str, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
72 items: Optional[List[domish.Element]], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
73 options: Optional[dict], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
74 sender: jid.JID, |
|
4270
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
75 extra: Dict[str, Any], |
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
76 ) -> bool: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
77 if not items or extra.get("encrypted_for") is None: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
78 return True |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
79 encrypt_data = extra["encrypted_for"] |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
80 try: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
81 targets = {jid.JID(t) for t in encrypt_data["targets"]} |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
82 except (KeyError, RuntimeError): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
83 raise exceptions.DataError(f"Invalid encryption data: {encrypt_data}") |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
84 for item in items: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
85 log.debug( |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
86 f"encrypting item {item.getAttribute('id', '')} for " |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
87 f"{', '.join(t.full() for t in targets)}" |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
88 ) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
89 encryption_type = encrypt_data.get("type", self._o.NS_TWOMEMO) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
90 if encryption_type != self._o.NS_TWOMEMO: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
91 raise NotImplementedError("only TWOMEMO is supported for now") |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
92 await self._o.encrypt( |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
93 client, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
94 self._o.NS_TWOMEMO, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
95 item, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
96 targets, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
97 is_muc_message=False, |
|
4270
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
98 stanza_id=None, |
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
99 ) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
100 item_elts = list(item.elements()) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
101 if len(item_elts) != 1: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
102 raise ValueError( |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
103 f"there should be exactly one item payload: {item.toXml()}" |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
104 ) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
105 encrypted_payload = item_elts[0] |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
106 item.children.clear() |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
107 encrypted_elt = item.addElement((NS_PTE, "encrypted")) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
108 encrypted_elt["by"] = sender.userhost() |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
109 encrypted_elt["type"] = encryption_type |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
110 encrypted_elt.addChild(encrypted_payload) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
111 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
112 return True |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
113 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
114 async def _items_trigger( |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
115 self, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
116 client: SatXMPPEntity, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
117 service: Optional[jid.JID], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
118 node: str, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
119 items: List[domish.Element], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
120 rsm_response: rsm.RSMResponse, |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
121 extra: Dict[str, Any], |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
122 ) -> bool: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
123 if not extra.get(C.KEY_DECRYPT, True): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
124 return True |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
125 if service is None: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
126 service = client.jid.userhostJID() |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
127 for item in items: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
128 payload = item.firstChildElement() |
|
4270
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
129 if ( |
|
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
130 payload is not None |
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
131 and payload.name == "encrypted" |
|
4270
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
132 and payload.uri == NS_PTE |
|
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
133 ): |
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
134 encrypted_elt = payload |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
135 item.children.clear() |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
136 try: |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
137 encryption_type = encrypted_elt.getAttribute("type") |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
138 encrypted_by = jid.JID(encrypted_elt["by"]) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
139 except (KeyError, RuntimeError): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
140 raise exceptions.DataError( |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
141 f"invalid <encrypted> element: {encrypted_elt.toXml()}" |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
142 ) |
|
4270
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
143 if encryption_type != self._o.NS_TWOMEMO: |
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
144 raise NotImplementedError("only TWOMEMO is supported for now") |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
145 log.debug(f"decrypting item {item.getAttribute('id', '')}") |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
146 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
147 # FIXME: we do use _message_received_trigger now to decrypt the stanza, a |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
148 # cleaner separated decrypt method should be used |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
149 encrypted_elt["from"] = encrypted_by.full() |
|
4270
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
150 if ( |
|
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
151 not await self._o._message_received_trigger( |
|
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
152 client, encrypted_elt, defer.Deferred() |
|
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
153 ) |
|
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
154 or not encrypted_elt.children |
|
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
155 ): |
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
156 raise exceptions.EncryptionError("can't decrypt the message") |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
157 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
158 item.addChild(encrypted_elt.firstChildElement()) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
159 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
160 extra.setdefault("encrypted", {})[item["id"]] = { |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
161 "type": NS_PTE, |
|
4270
0d7bb4df2343
Reformatted code base using black.
Goffi <goffi@goffi.org>
parents:
4071
diff
changeset
|
162 "algorithm": encryption_type, |
|
3972
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
163 } |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
164 return True |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
165 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
166 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
167 @implementer(iwokkel.IDisco) |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
168 class PTE_Handler(xmlstream.XMPPHandler): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
169 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
170 def getDiscoInfo(self, requestor, service, nodeIdentifier=""): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
171 return [disco.DiscoFeature(NS_PTE)] |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
172 |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
173 def getDiscoItems(self, requestor, service, nodeIdentifier=""): |
|
5fbdf986670c
plugin pte: Pubsub Target Encryption implementation:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
174 return [] |