annotate libervia/backend/plugins/plugin_sec_pubsub_signing.py @ 4320:9658c534287e

plugin XEP-0215, XEP-0376: fix bad calls to `hasFeature`: `hasFeature` was called like blocking code, missing the `await`. This has been fixed, and is now using the `memory.disco.has_feature` version.
author Goffi <goffi@goffi.org>
date Mon, 30 Sep 2024 14:14:38 +0200
parents 0d7bb4df2343
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
1 #!/usr/bin/env python3
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
2
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
3 # Libervia plugin for Pubsub Items Signature
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
4 # Copyright (C) 2009-2022 Jérôme Poisson (goffi@goffi.org)
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
5
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
6 # This program is free software: you can redistribute it and/or modify
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
7 # it under the terms of the GNU Affero General Public License as published by
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
8 # the Free Software Foundation, either version 3 of the License, or
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
9 # (at your option) any later version.
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
10
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
11 # This program is distributed in the hope that it will be useful,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
14 # GNU Affero General Public License for more details.
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
15
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
16 # You should have received a copy of the GNU Affero General Public License
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
17 # along with this program. If not, see <http://www.gnu.org/licenses/>.
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
18
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
19 import base64
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
20 import time
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
21 from typing import Any, Dict, List, Optional
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
22
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
23 from lxml import etree
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
24 import shortuuid
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
25 from twisted.internet import defer
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
26 from twisted.words.protocols.jabber import jid, xmlstream
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
27 from twisted.words.xish import domish
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
28 from wokkel import disco, iwokkel
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
29 from wokkel import pubsub
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
30 from zope.interface import implementer
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
31
4071
4b842c1fb686 refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents: 4037
diff changeset
32 from libervia.backend.core import exceptions
4b842c1fb686 refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents: 4037
diff changeset
33 from libervia.backend.core.constants import Const as C
4b842c1fb686 refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents: 4037
diff changeset
34 from libervia.backend.core.core_types import SatXMPPEntity
4b842c1fb686 refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents: 4037
diff changeset
35 from libervia.backend.core.i18n import _
4b842c1fb686 refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents: 4037
diff changeset
36 from libervia.backend.core.log import getLogger
4b842c1fb686 refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents: 4037
diff changeset
37 from libervia.backend.tools import utils
4b842c1fb686 refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents: 4037
diff changeset
38 from libervia.backend.tools.common import data_format
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
39
3961
a15c171836bb plugin pubsub signing: fix `gpg_provider` instanciation:
Goffi <goffi@goffi.org>
parents: 3956
diff changeset
40 from .plugin_xep_0373 import VerificationFailed
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
41
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
42
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
43 log = getLogger(__name__)
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
44
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
45 IMPORT_NAME = "pubsub-signing"
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
46
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
47 PLUGIN_INFO = {
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
48 C.PI_NAME: "Pubsub Signing",
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
49 C.PI_IMPORT_NAME: IMPORT_NAME,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
50 C.PI_TYPE: C.PLUG_TYPE_XEP,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
51 C.PI_MODES: C.PLUG_MODE_BOTH,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
52 C.PI_PROTOCOLS: [],
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
53 C.PI_DEPENDENCIES: ["XEP-0060", "XEP-0373", "XEP-0470"],
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
54 C.PI_MAIN: "PubsubSigning",
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
55 C.PI_HANDLER: "yes",
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
56 C.PI_DESCRIPTION: _(
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
57 """Pubsub Signature can be used to strongly authenticate a pubsub item"""
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
58 ),
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
59 }
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
60 NS_PUBSUB_SIGNING = "urn:xmpp:pubsub-signing:0"
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
61 NS_PUBSUB_SIGNING_OPENPGP = "urn:xmpp:pubsub-signing:openpgp:0"
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
62
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
63
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
64 class PubsubSigning:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
65 namespace = NS_PUBSUB_SIGNING
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
66
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
67 def __init__(self, host):
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
68 log.info(_("Pubsub Signing plugin initialization"))
4037
524856bd7b19 massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents: 3963
diff changeset
69 host.register_namespace("pubsub-signing", NS_PUBSUB_SIGNING)
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
70 self.host = host
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
71 self._p = host.plugins["XEP-0060"]
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
72 self._ox = host.plugins["XEP-0373"]
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
73 self._a = host.plugins["XEP-0470"]
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
74 self._a.register_attachment_handler(
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
75 "signature", NS_PUBSUB_SIGNING, self.signature_get, self.signature_set
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
76 )
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
77 host.trigger.add("XEP-0060_publish", self._publish_trigger)
4037
524856bd7b19 massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents: 3963
diff changeset
78 host.bridge.add_method(
524856bd7b19 massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents: 3963
diff changeset
79 "ps_signature_check",
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
80 ".plugin",
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
81 in_sign="sssss",
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
82 out_sign="s",
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
83 method=self._check,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
84 async_=True,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
85 )
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
86
4037
524856bd7b19 massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents: 3963
diff changeset
87 def get_handler(self, client):
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
88 return PubsubSigning_Handler()
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
89
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
90 def get_data_to_sign(
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
91 self,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
92 item_elt: domish.Element,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
93 to_jid: jid.JID,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
94 timestamp: float,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
95 signer: str,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
96 ) -> bytes:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
97 """Generate the wrapper element, normalize, serialize and return it"""
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
98 # we remove values which must not be in the serialised data
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
99 item_id = item_elt.attributes.pop("id")
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
100 item_publisher = item_elt.attributes.pop("publisher", None)
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
101 item_parent = item_elt.parent
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
102
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
103 # we need to be sure that item element namespace is right
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
104 item_elt.uri = item_elt.defaultUri = pubsub.NS_PUBSUB
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
105
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
106 sign_data_elt = domish.Element((NS_PUBSUB_SIGNING, "sign-data"))
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
107 to_elt = sign_data_elt.addElement("to")
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
108 to_elt["jid"] = to_jid.userhost()
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
109 time_elt = sign_data_elt.addElement("time")
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
110 time_elt["stamp"] = utils.xmpp_date(timestamp)
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
111 sign_data_elt.addElement("signer", content=signer)
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
112 sign_data_elt.addChild(item_elt)
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
113 # FIXME: xml_tools.domish_elt_2_et_elt must be used once implementation is
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
114 # complete. For now serialisation/deserialisation is more secure.
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
115 # et_sign_data_elt = xml_tools.domish_elt_2_et_elt(sign_data_elt, True)
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
116 et_sign_data_elt = etree.fromstring(sign_data_elt.toXml())
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
117 to_sign = etree.tostring(
4270
0d7bb4df2343 Reformatted code base using black.
Goffi <goffi@goffi.org>
parents: 4071
diff changeset
118 et_sign_data_elt, method="c14n2", with_comments=False, strip_text=True
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
119 )
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
120 # the data to sign is serialised, we cna restore original values
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
121 item_elt["id"] = item_id
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
122 if item_publisher is not None:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
123 item_elt["publisher"] = item_publisher
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
124 item_elt.parent = item_parent
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
125 return to_sign
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
126
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
127 def _check(
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
128 self,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
129 service: str,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
130 node: str,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
131 item_id: str,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
132 signature_data_s: str,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
133 profile_key: str,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
134 ) -> defer.Deferred:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
135 d = defer.ensureDeferred(
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
136 self.check(
4037
524856bd7b19 massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents: 3963
diff changeset
137 self.host.get_client(profile_key),
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
138 jid.JID(service),
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
139 node,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
140 item_id,
4270
0d7bb4df2343 Reformatted code base using black.
Goffi <goffi@goffi.org>
parents: 4071
diff changeset
141 data_format.deserialise(signature_data_s),
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
142 )
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
143 )
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
144 d.addCallback(data_format.serialise)
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
145 return d
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
146
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
147 async def check(
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
148 self,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
149 client: SatXMPPEntity,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
150 service: jid.JID,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
151 node: str,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
152 item_id: str,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
153 signature_data: Dict[str, Any],
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
154 ) -> Dict[str, Any]:
4270
0d7bb4df2343 Reformatted code base using black.
Goffi <goffi@goffi.org>
parents: 4071
diff changeset
155 items, __ = await self._p.get_items(client, service, node, item_ids=[item_id])
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
156 if not items != 1:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
157 raise exceptions.NotFound(
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
158 f"target item not found for {item_id!r} at {node!r} for {service}"
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
159 )
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
160 item_elt = items[0]
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
161 timestamp = signature_data["timestamp"]
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
162 signers = signature_data["signers"]
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
163 if not signers:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
164 raise ValueError("we must have at least one signer to check the signature")
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
165 if len(signers) > 1:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
166 raise NotImplemented("multiple signers are not supported yet")
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
167 signer = jid.JID(signers[0])
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
168 signature = base64.b64decode(signature_data["signature"])
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
169 verification_keys = {
4270
0d7bb4df2343 Reformatted code base using black.
Goffi <goffi@goffi.org>
parents: 4071
diff changeset
170 k
0d7bb4df2343 Reformatted code base using black.
Goffi <goffi@goffi.org>
parents: 4071
diff changeset
171 for k in await self._ox.import_all_public_keys(client, signer)
3961
a15c171836bb plugin pubsub signing: fix `gpg_provider` instanciation:
Goffi <goffi@goffi.org>
parents: 3956
diff changeset
172 if client.gpg_provider.can_sign(k)
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
173 }
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
174 signed_data = self.get_data_to_sign(item_elt, service, timestamp, signer.full())
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
175 try:
3961
a15c171836bb plugin pubsub signing: fix `gpg_provider` instanciation:
Goffi <goffi@goffi.org>
parents: 3956
diff changeset
176 client.gpg_provider.verify_detached(signed_data, signature, verification_keys)
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
177 except VerificationFailed:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
178 validated = False
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
179 else:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
180 validated = True
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
181
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
182 trusts = {
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
183 k.fingerprint: (await self._ox.get_trust(client, k, signer)).value.lower()
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
184 for k in verification_keys
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
185 }
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
186 return {
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
187 "signer": signer.full(),
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
188 "validated": validated,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
189 "trusts": trusts,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
190 }
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
191
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
192 def signature_get(
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
193 self,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
194 client: SatXMPPEntity,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
195 attachments_elt: domish.Element,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
196 data: Dict[str, Any],
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
197 ) -> None:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
198 try:
4270
0d7bb4df2343 Reformatted code base using black.
Goffi <goffi@goffi.org>
parents: 4071
diff changeset
199 signature_elt = next(attachments_elt.elements(NS_PUBSUB_SIGNING, "signature"))
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
200 except StopIteration:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
201 pass
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
202 else:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
203 time_elts = list(signature_elt.elements(NS_PUBSUB_SIGNING, "time"))
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
204 if len(time_elts) != 1:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
205 raise exceptions.DataError("only a single <time/> element is allowed")
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
206 try:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
207 timestamp = utils.parse_xmpp_date(time_elts[0]["stamp"])
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
208 except (KeyError, exceptions.ParsingError):
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
209 raise exceptions.DataError(
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
210 "invalid time element: {signature_elt.toXml()}"
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
211 )
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
212
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
213 signature_data: Dict[str, Any] = {
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
214 "timestamp": timestamp,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
215 "signers": [
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
216 str(s) for s in signature_elt.elements(NS_PUBSUB_SIGNING, "signer")
4270
0d7bb4df2343 Reformatted code base using black.
Goffi <goffi@goffi.org>
parents: 4071
diff changeset
217 ],
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
218 }
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
219 # FIXME: only OpenPGP signature is available for now, to be updated if and
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
220 # when more algorithms are available.
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
221 sign_elt = next(
4270
0d7bb4df2343 Reformatted code base using black.
Goffi <goffi@goffi.org>
parents: 4071
diff changeset
222 signature_elt.elements(NS_PUBSUB_SIGNING_OPENPGP, "sign"), None
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
223 )
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
224 if sign_elt is None:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
225 log.warning(
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
226 "no known signature profile element found, ignoring signature: "
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
227 f"{signature_elt.toXml()}"
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
228 )
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
229 return
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
230 else:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
231 signature_data["signature"] = str(sign_elt)
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
232
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
233 data["signature"] = signature_data
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
234
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
235 async def signature_set(
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
236 self,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
237 client: SatXMPPEntity,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
238 attachments_data: Dict[str, Any],
4270
0d7bb4df2343 Reformatted code base using black.
Goffi <goffi@goffi.org>
parents: 4071
diff changeset
239 former_elt: Optional[domish.Element],
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
240 ) -> Optional[domish.Element]:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
241 signature_data = attachments_data["extra"].get("signature")
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
242 if signature_data is None:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
243 return former_elt
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
244 elif signature_data:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
245 item_elt = signature_data.get("item_elt")
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
246 service = jid.JID(attachments_data["service"])
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
247 if item_elt is None:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
248 node = attachments_data["node"]
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
249 item_id = attachments_data["id"]
4037
524856bd7b19 massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents: 3963
diff changeset
250 items, __ = await self._p.get_items(
3963
d105ead599b6 plugin pubsub signature: fix attachment setting + default signer:
Goffi <goffi@goffi.org>
parents: 3961
diff changeset
251 client, service, node, item_ids=[item_id]
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
252 )
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
253 if not items != 1:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
254 raise exceptions.NotFound(
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
255 f"target item not found for {item_id!r} at {node!r} for {service}"
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
256 )
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
257 item_elt = items[0]
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
258
3963
d105ead599b6 plugin pubsub signature: fix attachment setting + default signer:
Goffi <goffi@goffi.org>
parents: 3961
diff changeset
259 signer = signature_data.get("signer") or client.jid.userhost()
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
260 timestamp = time.time()
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
261 timestamp_xmpp = utils.xmpp_date(timestamp)
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
262 to_sign = self.get_data_to_sign(item_elt, service, timestamp, signer)
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
263
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
264 signature_elt = domish.Element(
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
265 (NS_PUBSUB_SIGNING, "signature"),
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
266 )
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
267 time_elt = signature_elt.addElement("time")
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
268 time_elt["stamp"] = timestamp_xmpp
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
269 signature_elt.addElement("signer", content=signer)
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
270
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
271 sign_elt = signature_elt.addElement((NS_PUBSUB_SIGNING_OPENPGP, "sign"))
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
272 signing_keys = {
4270
0d7bb4df2343 Reformatted code base using black.
Goffi <goffi@goffi.org>
parents: 4071
diff changeset
273 k
0d7bb4df2343 Reformatted code base using black.
Goffi <goffi@goffi.org>
parents: 4071
diff changeset
274 for k in self._ox.list_secret_keys(client)
3961
a15c171836bb plugin pubsub signing: fix `gpg_provider` instanciation:
Goffi <goffi@goffi.org>
parents: 3956
diff changeset
275 if client.gpg_provider.can_sign(k.public_key)
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
276 }
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
277 # the base64 encoded signature itself
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
278 sign_elt.addContent(
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
279 base64.b64encode(
3961
a15c171836bb plugin pubsub signing: fix `gpg_provider` instanciation:
Goffi <goffi@goffi.org>
parents: 3956
diff changeset
280 client.gpg_provider.sign_detached(to_sign, signing_keys)
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
281 ).decode()
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
282 )
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
283 return signature_elt
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
284 else:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
285 return None
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
286
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
287 async def _publish_trigger(
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
288 self,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
289 client: SatXMPPEntity,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
290 service: jid.JID,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
291 node: str,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
292 items: Optional[List[domish.Element]],
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
293 options: Optional[dict],
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
294 sender: jid.JID,
4270
0d7bb4df2343 Reformatted code base using black.
Goffi <goffi@goffi.org>
parents: 4071
diff changeset
295 extra: Dict[str, Any],
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
296 ) -> bool:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
297 if not items or not extra.get("signed"):
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
298 return True
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
299
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
300 for item_elt in items:
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
301 # we need an ID to find corresponding attachment node, and so to sign an item
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
302 if not item_elt.hasAttribute("id"):
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
303 item_elt["id"] = shortuuid.uuid()
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
304 await self._a.set_attachements(
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
305 client,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
306 {
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
307 "service": service.full(),
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
308 "node": node,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
309 "id": item_elt["id"],
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
310 "extra": {
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
311 "signature": {
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
312 "item_elt": item_elt,
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
313 "signer": sender.userhost(),
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
314 }
4270
0d7bb4df2343 Reformatted code base using black.
Goffi <goffi@goffi.org>
parents: 4071
diff changeset
315 },
0d7bb4df2343 Reformatted code base using black.
Goffi <goffi@goffi.org>
parents: 4071
diff changeset
316 },
3956
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
317 )
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
318
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
319 return True
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
320
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
321
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
322 @implementer(iwokkel.IDisco)
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
323 class PubsubSigning_Handler(xmlstream.XMPPHandler):
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
324
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
325 def getDiscoInfo(self, requestor, service, nodeIdentifier=""):
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
326 return [disco.DiscoFeature(NS_PUBSUB_SIGNING)]
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
327
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
328 def getDiscoItems(self, requestor, service, nodeIdentifier=""):
3cb9ade2ab84 plugin pubsub signing: pubsub items signature implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
329 return []