annotate sat/plugins/plugin_sec_aesgcm.py @ 3213:c2f958dde5d2

plugin XEP-0060: async sendItems + precondition-not-met policy: - sendItems is now an "async" coroutine, and sendItem use it instead of duplicating publication logic - policy to use when a precondition is not met (with publish-options) can now be specified, for now it's either raise the exception (default policy), or try to publish without the options - constants have been added to handle "extra" keys
author Goffi <goffi@goffi.org>
date Wed, 11 Mar 2020 19:15:48 +0100
parents 2c0628f3927e
children 2ba602aef90e
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3090
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
1 #!/usr/bin/env python3
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
2
3174
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
3 # SàT plugin for handling AES-GCM file encryption
3136
9d0df638c8b4 dates update
Goffi <goffi@goffi.org>
parents: 3090
diff changeset
4 # Copyright (C) 2009-2020 Jérôme Poisson (goffi@goffi.org)
3090
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
5
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
6 # This program is free software: you can redistribute it and/or modify
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
7 # it under the terms of the GNU Affero General Public License as published by
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
8 # the Free Software Foundation, either version 3 of the License, or
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
9 # (at your option) any later version.
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
10
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
11 # This program is distributed in the hope that it will be useful,
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
14 # GNU Affero General Public License for more details.
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
15
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
16 # You should have received a copy of the GNU Affero General Public License
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
17 # along with this program. If not, see <http://www.gnu.org/licenses/>.
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
18
3174
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
19 import re
3090
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
20 from textwrap import dedent
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
21 from functools import partial
3186
84b0c8b4dee0 plugin download, aesgcm: fixed handling of HTTP errors
Goffi <goffi@goffi.org>
parents: 3178
diff changeset
22 from urllib import parse
3174
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
23 import mimetypes
3090
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
24 import secrets
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
25 from cryptography.hazmat.primitives import ciphers
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
26 from cryptography.hazmat.primitives.ciphers import modes
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
27 from cryptography.hazmat import backends
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
28 from cryptography.exceptions import AlreadyFinalized
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
29 import treq
3186
84b0c8b4dee0 plugin download, aesgcm: fixed handling of HTTP errors
Goffi <goffi@goffi.org>
parents: 3178
diff changeset
30 from twisted.internet import defer
3090
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
31 from sat.core.i18n import _
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
32 from sat.core.constants import Const as C
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
33 from sat.core import exceptions
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
34 from sat.tools import stream
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
35 from sat.core.log import getLogger
3205
2c0628f3927e plugin download, aesgcm: disable TLS check if `check_certificate` setting is disabled
Goffi <goffi@goffi.org>
parents: 3196
diff changeset
36 from sat.tools.web import treq_client_no_ssl
3090
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
37
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
38 log = getLogger(__name__)
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
39
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
40 PLUGIN_INFO = {
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
41 C.PI_NAME: "AES-GCM",
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
42 C.PI_IMPORT_NAME: "AES-GCM",
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
43 C.PI_TYPE: "SEC",
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
44 C.PI_PROTOCOLS: ["OMEMO Media sharing"],
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
45 C.PI_DEPENDENCIES: ["XEP-0363", "XEP-0384", "DOWNLOAD"],
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
46 C.PI_MAIN: "AESGCM",
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
47 C.PI_HANDLER: "no",
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
48 C.PI_DESCRIPTION: dedent(_("""\
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
49 Implementation of AES-GCM scheme, a way to encrypt files (not official XMPP standard).
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
50 See https://xmpp.org/extensions/inbox/omemo-media-sharing.html for details
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
51 """)),
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
52 }
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
53
3174
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
54 AESGCM_RE = re.compile(
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
55 r'aesgcm:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9'
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
56 r'()@:%_\+.~#?&\/\/=]*)')
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
57
3090
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
58
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
59 class AESGCM(object):
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
60
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
61 def __init__(self, host):
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
62 self.host = host
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
63 log.info(_("AESGCM plugin initialization"))
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
64 host.plugins["DOWNLOAD"].registerScheme(
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
65 "aesgcm", self.download
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
66 )
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
67 host.trigger.add("XEP-0363_upload_size", self._uploadSizeTrigger)
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
68 host.trigger.add("XEP-0363_upload", self._uploadTrigger)
3174
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
69 host.trigger.add("messageReceived", self._messageReceivedTrigger)
3090
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
70
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
71 async def download(self, client, uri_parsed, dest_path, options):
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
72 fragment = bytes.fromhex(uri_parsed.fragment)
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
73
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
74 # legacy method use 16 bits IV, but OMEMO media sharing published spec indicates
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
75 # which is 12 bits IV (AES-GCM spec recommandation), so we have to determine
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
76 # which size has been used.
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
77 if len(fragment) == 48:
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
78 iv_size = 16
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
79 elif len(fragment) == 44:
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
80 iv_size = 12
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
81 else:
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
82 raise ValueError(
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
83 f"Invalid URL fragment, can't decrypt file at {uri_parsed.get_url()}")
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
84
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
85 iv, key = fragment[:iv_size], fragment[iv_size:]
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
86
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
87 decryptor = ciphers.Cipher(
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
88 ciphers.algorithms.AES(key),
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
89 modes.GCM(iv),
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
90 backend=backends.default_backend(),
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
91 ).decryptor()
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
92
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
93 download_url = parse.urlunparse(
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
94 ('https', uri_parsed.netloc, uri_parsed.path, '', '', ''))
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
95
3205
2c0628f3927e plugin download, aesgcm: disable TLS check if `check_certificate` setting is disabled
Goffi <goffi@goffi.org>
parents: 3196
diff changeset
96 if options.get('ignore_tls_errors', False):
2c0628f3927e plugin download, aesgcm: disable TLS check if `check_certificate` setting is disabled
Goffi <goffi@goffi.org>
parents: 3196
diff changeset
97 log.warning(
2c0628f3927e plugin download, aesgcm: disable TLS check if `check_certificate` setting is disabled
Goffi <goffi@goffi.org>
parents: 3196
diff changeset
98 "TLS certificate check disabled, this is highly insecure"
2c0628f3927e plugin download, aesgcm: disable TLS check if `check_certificate` setting is disabled
Goffi <goffi@goffi.org>
parents: 3196
diff changeset
99 )
2c0628f3927e plugin download, aesgcm: disable TLS check if `check_certificate` setting is disabled
Goffi <goffi@goffi.org>
parents: 3196
diff changeset
100 treq_client = treq_client_no_ssl
2c0628f3927e plugin download, aesgcm: disable TLS check if `check_certificate` setting is disabled
Goffi <goffi@goffi.org>
parents: 3196
diff changeset
101 else:
2c0628f3927e plugin download, aesgcm: disable TLS check if `check_certificate` setting is disabled
Goffi <goffi@goffi.org>
parents: 3196
diff changeset
102 treq_client = treq
2c0628f3927e plugin download, aesgcm: disable TLS check if `check_certificate` setting is disabled
Goffi <goffi@goffi.org>
parents: 3196
diff changeset
103
2c0628f3927e plugin download, aesgcm: disable TLS check if `check_certificate` setting is disabled
Goffi <goffi@goffi.org>
parents: 3196
diff changeset
104 head_data = await treq_client.head(download_url)
3090
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
105 content_length = int(head_data.headers.getRawHeaders('content-length')[0])
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
106 # the 128 bits tag is put at the end
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
107 file_size = content_length - 16
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
108
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
109 file_obj = stream.SatFile(
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
110 self.host,
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
111 client,
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
112 dest_path,
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
113 mode="wb",
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
114 size = file_size,
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
115 )
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
116
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
117 progress_id = file_obj.uid
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
118
3205
2c0628f3927e plugin download, aesgcm: disable TLS check if `check_certificate` setting is disabled
Goffi <goffi@goffi.org>
parents: 3196
diff changeset
119 resp = await treq_client.get(download_url, unbuffered=True)
3186
84b0c8b4dee0 plugin download, aesgcm: fixed handling of HTTP errors
Goffi <goffi@goffi.org>
parents: 3178
diff changeset
120 if resp.code == 200:
84b0c8b4dee0 plugin download, aesgcm: fixed handling of HTTP errors
Goffi <goffi@goffi.org>
parents: 3178
diff changeset
121 d = treq.collect(resp, partial(
84b0c8b4dee0 plugin download, aesgcm: fixed handling of HTTP errors
Goffi <goffi@goffi.org>
parents: 3178
diff changeset
122 self.onDataDownload,
84b0c8b4dee0 plugin download, aesgcm: fixed handling of HTTP errors
Goffi <goffi@goffi.org>
parents: 3178
diff changeset
123 client=client,
84b0c8b4dee0 plugin download, aesgcm: fixed handling of HTTP errors
Goffi <goffi@goffi.org>
parents: 3178
diff changeset
124 file_obj=file_obj,
84b0c8b4dee0 plugin download, aesgcm: fixed handling of HTTP errors
Goffi <goffi@goffi.org>
parents: 3178
diff changeset
125 decryptor=decryptor))
84b0c8b4dee0 plugin download, aesgcm: fixed handling of HTTP errors
Goffi <goffi@goffi.org>
parents: 3178
diff changeset
126 else:
84b0c8b4dee0 plugin download, aesgcm: fixed handling of HTTP errors
Goffi <goffi@goffi.org>
parents: 3178
diff changeset
127 d = defer.Deferred()
84b0c8b4dee0 plugin download, aesgcm: fixed handling of HTTP errors
Goffi <goffi@goffi.org>
parents: 3178
diff changeset
128 self.host.plugins["DOWNLOAD"].errbackDownload(file_obj, d, resp)
3090
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
129 return progress_id, d
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
130
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
131 def onDataDownload(self, data, client, file_obj, decryptor):
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
132 if file_obj.tell() + len(data) > file_obj.size:
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
133 # we're reaching end of file with this bunch of data
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
134 # we may still have a last bunch if the tag is incomplete
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
135 bytes_left = file_obj.size - file_obj.tell()
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
136 if bytes_left > 0:
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
137 decrypted = decryptor.update(data[:bytes_left])
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
138 file_obj.write(decrypted)
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
139 tag = data[bytes_left:]
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
140 else:
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
141 tag = data
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
142 if len(tag) < 16:
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
143 # the tag is incomplete, either we'll get the rest in next data bunch
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
144 # or we have already the other part from last bunch of data
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
145 try:
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
146 # we store partial tag in decryptor._sat_tag
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
147 tag = decryptor._sat_tag + tag
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
148 except AttributeError:
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
149 # no other part, we'll get the rest at next bunch
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
150 decryptor.sat_tag = tag
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
151 else:
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
152 # we have the complete tag, it must be 128 bits
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
153 if len(tag) != 16:
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
154 raise ValueError(f"Invalid tag: {tag}")
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
155 remain = decryptor.finalize_with_tag(tag)
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
156 file_obj.write(remain)
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
157 file_obj.close()
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
158 else:
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
159 decrypted = decryptor.update(data)
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
160 file_obj.write(decrypted)
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
161
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
162 def _uploadSizeTrigger(self, client, options, file_path, size, size_adjust):
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
163 if options.get('encryption') != C.ENC_AES_GCM:
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
164 return True
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
165 # the tag is appended to the file
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
166 size_adjust.append(16)
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
167 return True
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
168
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
169 def _encrypt(self, data, encryptor):
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
170 if data:
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
171 return encryptor.update(data)
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
172 else:
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
173 try:
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
174 # end of file is reached, me must finalize
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
175 ret = encryptor.finalize()
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
176 tag = encryptor.tag
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
177 return ret + tag
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
178 except AlreadyFinalized:
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
179 # as we have already finalized, we can now send EOF
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
180 return b''
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
181
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
182 def _uploadTrigger(self, client, options, sat_file, file_producer, slot):
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
183 if options.get('encryption') != C.ENC_AES_GCM:
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
184 return True
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
185 log.debug("encrypting file with AES-GCM")
3178
98b321234068 plugin aesgcm: use 12 bytes Initialisation Vector:
Goffi <goffi@goffi.org>
parents: 3174
diff changeset
186 iv = secrets.token_bytes(12)
3090
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
187 key = secrets.token_bytes(32)
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
188 fragment = f'{iv.hex()}{key.hex()}'
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
189 ori_url = parse.urlparse(slot.get)
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
190 # we change the get URL with the one with aesgcm scheme and containing the
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
191 # encoded key + iv
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
192 slot.get = parse.urlunparse(['aesgcm', *ori_url[1:5], fragment])
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
193
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
194 # encrypted data size will be bigger than original file size
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
195 # so we need to check with final data length to avoid a warning on close()
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
196 sat_file.check_size_with_read = True
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
197
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
198 # file_producer get length directly from file, and this cause trouble has
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
199 # we have to change the size because of encryption. So we adapt it here,
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
200 # else the producer would stop reading prematurely
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
201 file_producer.length = sat_file.size
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
202
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
203 encryptor = ciphers.Cipher(
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
204 ciphers.algorithms.AES(key),
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
205 modes.GCM(iv),
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
206 backend=backends.default_backend(),
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
207 ).encryptor()
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
208
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
209 if sat_file.data_cb is not None:
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
210 raise exceptions.InternalError(
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
211 f"data_cb was expected to be None, it is set to {sat_file.data_cb}")
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
212
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
213 # with data_cb we encrypt the file on the fly
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
214 sat_file.data_cb = partial(self._encrypt, encryptor=encryptor)
4f8bdf50593f plugin sec aesgcm: new plugin handling `aesgcm:` scheme for e2e encrypted media sharing:
Goffi <goffi@goffi.org>
parents:
diff changeset
215 return True
3174
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
216
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
217
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
218 def _popAESGCMLinks(self, match, links):
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
219 link = match.group()
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
220 if link not in links:
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
221 links.append(link)
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
222 return ""
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
223
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
224 def _checkAESGCMAttachments(self, client, data):
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
225 if not data.get('message'):
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
226 return data
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
227 links = []
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
228
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
229 for lang, message in list(data['message'].items()):
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
230 message = AESGCM_RE.sub(
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
231 partial(self._popAESGCMLinks, links=links),
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
232 message)
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
233 if links:
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
234 message = message.strip()
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
235 if not message:
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
236 del data['message'][lang]
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
237 else:
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
238 data['message'][lang] = message
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
239 mess_encrypted = client.encryption.isEncrypted(data)
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
240 attachments = data['extra'].setdefault(C.MESS_KEY_ATTACHMENTS, [])
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
241 for link in links:
3186
84b0c8b4dee0 plugin download, aesgcm: fixed handling of HTTP errors
Goffi <goffi@goffi.org>
parents: 3178
diff changeset
242 path = parse.urlparse(link).path
3174
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
243 attachment = {
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
244 "url": link,
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
245 }
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
246 media_type = mimetypes.guess_type(path, strict=False)[0]
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
247 if media_type is not None:
3196
adf1aeaa0d37 core (constants): renamed `MESS_KEY_MEDIA_TYPE` to `MESS_KEY_ATTACHMENTS_MEDIA_TYPE`
Goffi <goffi@goffi.org>
parents: 3186
diff changeset
248 attachment[C.MESS_KEY_ATTACHMENTS_MEDIA_TYPE] = media_type
3174
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
249
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
250 if mess_encrypted:
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
251 # we don't add the encrypted flag if the message itself is not
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
252 # encrypted, because the decryption key is part of the link,
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
253 # so sending it over unencrypted channel is like having no
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
254 # encryption at all.
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
255 attachment['encrypted'] = True
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
256 attachments.append(attachment)
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
257
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
258 return data
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
259
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
260 def _messageReceivedTrigger(self, client, message_elt, post_treat):
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
261 # we use a post_treat callback instead of "message_parse" trigger because we need
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
262 # to check if the "encrypted" flag is set to decide if we add the same flag to the
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
263 # attachment
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
264 post_treat.addCallback(partial(self._checkAESGCMAttachments, client))
c90f27ce52b0 plugin aesgcm: look for "aesgcm" links in body to use them as attachments
Goffi <goffi@goffi.org>
parents: 3136
diff changeset
265 return True