Mercurial > libervia-backend
annotate libervia/backend/plugins/plugin_sec_gre_encrypter_openpgp.py @ 4348:35d41de5b2aa default tip @
doc (component): document use of Gateway Relayed Encryption:
fix 455
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Mon, 13 Jan 2025 01:23:22 +0100 |
| parents | 62746042e6d9 |
| children |
| rev | line source |
|---|---|
|
4346
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
1 #!/usr/bin/env python3 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
2 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
3 # Libervia plugin |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
4 # Copyright (C) 2009-2025 Jérôme Poisson (goffi@goffi.org) |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
5 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
6 # This program is free software: you can redistribute it and/or modify |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
7 # it under the terms of the GNU Affero General Public License as published by |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
8 # the Free Software Foundation, either version 3 of the License, or |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
9 # (at your option) any later version. |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
10 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
11 # This program is distributed in the hope that it will be useful, |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
14 # GNU Affero General Public License for more details. |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
15 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
16 # You should have received a copy of the GNU Affero General Public License |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
17 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
18 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
19 import base64 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
20 from typing import Final, TYPE_CHECKING, cast |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
21 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
22 from twisted.words.protocols.jabber import jid |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
23 from twisted.words.protocols.jabber.xmlstream import XMPPHandler |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
24 from twisted.words.xish import domish |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
25 from wokkel import data_form, disco, iwokkel |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
26 from zope.interface import implementer |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
27 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
28 from libervia.backend.core import exceptions |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
29 from libervia.backend.core.constants import Const as C |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
30 from libervia.backend.core.core_types import SatXMPPEntity |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
31 from libervia.backend.core.i18n import _ |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
32 from libervia.backend.core.log import getLogger |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
33 from libervia.backend.plugins import plugin_xep_0373 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
34 from .plugin_exp_gre import Encrypter |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
35 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
36 if TYPE_CHECKING: |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
37 from libervia.backend.core.main import LiberviaBackend |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
38 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
39 log = getLogger(__name__) |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
40 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
41 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
42 PLUGIN_INFO = { |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
43 C.PI_NAME: "GRE Encrypter: OpenPGP", |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
44 C.PI_IMPORT_NAME: "GRE-OpenPGP", |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
45 C.PI_TYPE: "XEP", |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
46 C.PI_MODES: C.PLUG_MODE_BOTH, |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
47 C.PI_PROTOCOLS: [], |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
48 C.PI_DEPENDENCIES: [ |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
49 "GRE", |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
50 ], |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
51 C.PI_RECOMMENDATIONS: [], |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
52 C.PI_MAIN: "GREEncrypterOpenPGP", |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
53 C.PI_HANDLER: "yes", |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
54 C.PI_DESCRIPTION: _("Handle MIME formatting for Gateway Relayed Encryption."), |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
55 } |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
56 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
57 NS_GRE_OPENPGP: Final = "urn:xmpp:gre:encrypter:openpgp:0" |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
58 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
59 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
60 class GREEncrypterOpenPGP(Encrypter): |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
61 name = "openpgp" |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
62 namespace = NS_GRE_OPENPGP |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
63 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
64 def __init__(self, host: "LiberviaBackend") -> None: |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
65 log.info(f"plugin {PLUGIN_INFO[C.PI_NAME]!r} initialization") |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
66 super().__init__(host) |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
67 host.register_namespace("gre-openpgp", NS_GRE_OPENPGP) |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
68 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
69 def get_handler(self, client: SatXMPPEntity) -> XMPPHandler: |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
70 return GREMIMEHandler(self) |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
71 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
72 async def encrypt( |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
73 self, |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
74 client: SatXMPPEntity, |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
75 recipient_id: str, |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
76 message_elt: domish.Element, |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
77 formatted_payload: bytes, |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
78 encryption_data_form: data_form.Form, |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
79 ) -> str: |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
80 gpg_provider = plugin_xep_0373.get_gpg_provider(self.host, client) |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
81 public_keys = gpg_provider.list_public_keys(recipient_id) |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
82 if not public_keys: |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
83 raise exceptions.NotFound( |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
84 f"No public keys found for {recipient_id!r}, we can't encrypt." |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
85 ) |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
86 encrypted_data = gpg_provider.encrypt( |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
87 formatted_payload, public_keys |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
88 ) |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
89 return base64.b64encode(encrypted_data).decode("ASCII") |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
90 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
91 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
92 @implementer(iwokkel.IDisco) |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
93 class GREMIMEHandler(XMPPHandler): |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
94 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
95 def __init__(self, plugin_parent): |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
96 self.plugin_parent = plugin_parent |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
97 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
98 def getDiscoInfo( |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
99 self, requestor: jid.JID, target: jid.JID, nodeIdentifier: str = "" |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
100 ) -> list[disco.DiscoFeature]: |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
101 return [ |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
102 disco.DiscoFeature(NS_GRE_OPENPGP), |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
103 ] |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
104 |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
105 def getDiscoItems( |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
106 self, requestor: jid.JID, target: jid.JID, nodeIdentifier: str = "" |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
107 ) -> list[disco.DiscoItems]: |
|
62746042e6d9
plugin gre encrypter: implement GRE Encrypter: OpenPGP:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
108 return [] |