annotate sat/plugins/plugin_sec_oxps.py @ 3934:e345d93fb6e5

plugin OXPS: OpenPGP for XMPP Pubsub implementation: OpenPGP for XMPP Pubsub (https://xmpp.org/extensions/inbox/pubsub-encryption.html, currently a protoXEP) is implemented and activated when `encrypted` is set to `True` in pubsub's `extra` data. On item retrieval, the decryption is transparent if the key is known, except if the `decrypt` key in `extra` is set to `False` (notably useful when one wants to checks that data is well encrypted). Methods and corresponding bridge methods have been implemented to manage shared secrets (to share, revoke or rotate the secrets). plugin XEP-0060's `XEP-0060_publish` trigger point as been move before actual publish so item can be modified (here e2ee) by the triggers. A new `XEP-0060_items` trigger point has also been added. `encrypted` flag can be used with plugin XEP-0277's microblog data rel 380
author Goffi <goffi@goffi.org>
date Sat, 15 Oct 2022 20:36:53 +0200
parents
children cd4d95b3fed3
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3934
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
1 #!/usr/bin/env python3
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
2
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
3 # Libervia plugin for Pubsub Encryption
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
4 # Copyright (C) 2009-2022 Jérôme Poisson (goffi@goffi.org)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
5
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
6 # This program is free software: you can redistribute it and/or modify
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
7 # it under the terms of the GNU Affero General Public License as published by
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
8 # the Free Software Foundation, either version 3 of the License, or
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
9 # (at your option) any later version.
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
10
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
11 # This program is distributed in the hope that it will be useful,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
14 # GNU Affero General Public License for more details.
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
15
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
16 # You should have received a copy of the GNU Affero General Public License
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
17 # along with this program. If not, see <http://www.gnu.org/licenses/>.
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
18
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
19 import base64
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
20 import dataclasses
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
21 import secrets
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
22 import time
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
23 from typing import Any, Dict, Iterable, List, Optional, Set, Tuple, Union
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
24 from collections import OrderedDict
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
25
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
26 import shortuuid
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
27 from twisted.internet import defer
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
28 from twisted.words.protocols.jabber import jid, xmlstream
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
29 from twisted.words.xish import domish
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
30 from wokkel import disco, iwokkel
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
31 from wokkel import rsm
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
32 from zope.interface import implementer
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
33
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
34 from sat.core import exceptions
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
35 from sat.core.constants import Const as C
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
36 from sat.core.core_types import SatXMPPEntity
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
37 from sat.core.i18n import _
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
38 from sat.core.log import getLogger
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
39 from sat.memory import persistent
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
40 from sat.tools import utils
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
41 from sat.tools import xml_tools
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
42 from sat.tools.common import data_format
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
43 from sat.tools.common import uri
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
44 from sat.tools.common.async_utils import async_lru
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
45
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
46 from .plugin_xep_0373 import NS_OX, get_gpg_provider
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
47
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
48
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
49 log = getLogger(__name__)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
50
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
51 IMPORT_NAME = "OXPS"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
52
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
53 PLUGIN_INFO = {
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
54 C.PI_NAME: "OpenPGP for XMPP Pubsub",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
55 C.PI_IMPORT_NAME: IMPORT_NAME,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
56 C.PI_TYPE: C.PLUG_TYPE_XEP,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
57 C.PI_MODES: C.PLUG_MODE_BOTH,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
58 C.PI_PROTOCOLS: [],
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
59 C.PI_DEPENDENCIES: ["XEP-0060", "XEP-0334", "XEP-0373"],
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
60 C.PI_MAIN: "PubsubEncryption",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
61 C.PI_HANDLER: "yes",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
62 C.PI_DESCRIPTION: _("""Pubsub e2e encryption via OpenPGP"""),
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
63 }
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
64 NS_OXPS = "urn:xmpp:openpgp:pubsub:0"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
65
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
66 KEY_REVOKED = "revoked"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
67 CACHE_MAX = 5
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
68
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
69
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
70 @dataclasses.dataclass
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
71 class SharedSecret:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
72 id: str
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
73 key: str
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
74 timestamp: float
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
75 # bare JID of who has generated the secret
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
76 origin: jid.JID
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
77 revoked: bool = False
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
78 shared_with: Set[jid.JID] = dataclasses.field(default_factory=set)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
79
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
80
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
81 class PubsubEncryption:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
82 namespace = NS_OXPS
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
83
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
84 def __init__(self, host):
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
85 log.info(_("OpenPGP for XMPP Pubsub plugin initialization"))
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
86 host.registerNamespace("oxps", NS_OXPS)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
87 self.host = host
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
88 self._p = host.plugins["XEP-0060"]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
89 self._h = host.plugins["XEP-0334"]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
90 self._ox = host.plugins["XEP-0373"]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
91 host.trigger.add("XEP-0060_publish", self._publish_trigger)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
92 host.trigger.add("XEP-0060_items", self._items_trigger)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
93 host.trigger.add(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
94 "messageReceived",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
95 self._message_received_trigger,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
96 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
97 host.bridge.addMethod(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
98 "psSecretShare",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
99 ".plugin",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
100 in_sign="sssass",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
101 out_sign="",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
102 method=self._ps_secret_share,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
103 async_=True,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
104 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
105 host.bridge.addMethod(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
106 "psSecretRevoke",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
107 ".plugin",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
108 in_sign="sssass",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
109 out_sign="",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
110 method=self._ps_secret_revoke,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
111 async_=True,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
112 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
113 host.bridge.addMethod(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
114 "psSecretRotate",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
115 ".plugin",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
116 in_sign="ssass",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
117 out_sign="",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
118 method=self._ps_secret_rotate,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
119 async_=True,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
120 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
121 host.bridge.addMethod(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
122 "psSecretsList",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
123 ".plugin",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
124 in_sign="sss",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
125 out_sign="s",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
126 method=self._ps_secrets_list,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
127 async_=True,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
128 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
129
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
130 def getHandler(self, client):
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
131 return PubsubEncryption_Handler()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
132
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
133 async def profileConnecting(self, client):
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
134 client.__storage = persistent.LazyPersistentBinaryDict(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
135 IMPORT_NAME, client.profile
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
136 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
137 # cache to avoid useless DB access, and to avoid race condition by ensuring that
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
138 # the same shared_secrets instance is always used for a given node.
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
139 client.__cache = OrderedDict()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
140 self.gpg_provider = get_gpg_provider(self.host, client)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
141
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
142 async def load_secrets(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
143 self,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
144 client: SatXMPPEntity,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
145 node_uri: str
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
146 ) -> Optional[Dict[str, SharedSecret]]:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
147 """Load shared secret from databse or cache
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
148
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
149 A cache is used per client to avoid usueless db access, as shared secrets are
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
150 often needed several times in a row. Cache is also necessary to avoir race
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
151 condition, when updating a secret, by ensuring that the same instance is used
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
152 for all updates during a session.
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
153
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
154 @param node_uri: XMPP URI of the encrypted pubsub node
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
155 @return shared secrets, or None if no secrets are known yet
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
156 """
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
157 try:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
158 shared_secrets = client.__cache[node_uri]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
159 except KeyError:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
160 pass
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
161 else:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
162 client.__cache.move_to_end(node_uri)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
163 return shared_secrets
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
164
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
165 secrets_as_dict = await client.__storage.get(node_uri)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
166
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
167 if secrets_as_dict is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
168 return None
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
169 else:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
170 shared_secrets = {
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
171 s["id"]: SharedSecret(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
172 id=s["id"],
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
173 key=s["key"],
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
174 timestamp=s["timestamp"],
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
175 origin=jid.JID(s["origin"]),
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
176 revoked=s["revoked"],
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
177 shared_with={jid.JID(w) for w in s["shared_with"]}
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
178 ) for s in secrets_as_dict
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
179 }
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
180 client.__cache[node_uri] = shared_secrets
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
181 while len(client.__cache) > CACHE_MAX:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
182 client.__cache.popitem(False)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
183 return shared_secrets
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
184
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
185 def __secrect_dict_factory(self, data: List[Tuple[str, Any]]) -> Dict[str, Any]:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
186 ret = {}
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
187 for k, v in data:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
188 if k == "origin":
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
189 v = v.full()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
190 elif k == "shared_with":
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
191 v = [j.full() for j in v]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
192 ret[k] = v
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
193 return ret
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
194
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
195 async def store_secrets(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
196 self,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
197 client: SatXMPPEntity,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
198 node_uri: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
199 shared_secrets: Dict[str, SharedSecret]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
200 ) -> None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
201 """Store shared secrets to database
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
202
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
203 Shared secrets are serialised before being stored.
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
204 If ``node_uri`` is not in cache, the shared_secrets instance is also put in cache/
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
205
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
206 @param node_uri: XMPP URI of the encrypted pubsub node
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
207 @param shared_secrets: shared secrets to store
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
208 """
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
209 if node_uri not in client.__cache:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
210 client.__cache[node_uri] = shared_secrets
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
211 while len(client.__cache) > CACHE_MAX:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
212 client.__cache.popitem(False)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
213
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
214 secrets_as_dict = [
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
215 dataclasses.asdict(s, dict_factory=self.__secrect_dict_factory)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
216 for s in shared_secrets.values()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
217 ]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
218 await client.__storage.aset(node_uri, secrets_as_dict)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
219
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
220 def generate_secret(self, client: SatXMPPEntity) -> SharedSecret:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
221 """Generate a new shared secret"""
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
222 log.info("Generating a new shared secret.")
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
223 secret_key = secrets.token_urlsafe(64)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
224 secret_id = shortuuid.uuid()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
225 return SharedSecret(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
226 id = secret_id,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
227 key = secret_key,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
228 timestamp = time.time(),
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
229 origin = client.jid.userhostJID()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
230 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
231
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
232 def _ps_secret_revoke(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
233 self,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
234 service: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
235 node: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
236 secret_id: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
237 recipients: List[str],
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
238 profile_key: str
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
239 ) -> defer.Deferred:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
240 return defer.ensureDeferred(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
241 self.revoke(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
242 self.host.getClient(profile_key),
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
243 jid.JID(service) if service else None,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
244 node,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
245 secret_id,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
246 [jid.JID(r) for r in recipients] or None,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
247 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
248 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
249
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
250 async def revoke(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
251 self,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
252 client: SatXMPPEntity,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
253 service: Optional[jid.JID],
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
254 node: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
255 secret_id: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
256 recipients: Optional[Iterable[jid.JID]] = None
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
257 ) -> None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
258 """Revoke a secret and notify entities
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
259
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
260 @param service: pubsub/PEP service where the node is
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
261 @param node: node name
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
262 @param secret_id: ID of the secret to revoke (must have been generated by
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
263 ourselves)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
264 recipients: JIDs of entities to send the revocation notice to. If None, all
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
265 entities known to have the shared secret will be notified.
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
266 Use empty list if you don't want to notify anybody (not recommended)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
267 """
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
268 if service is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
269 service = client.jid.userhostJID()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
270 node_uri = uri.buildXMPPUri("pubsub", path=service.full(), node=node)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
271 shared_secrets = await self.load_secrets(client, node_uri)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
272 if not shared_secrets:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
273 raise exceptions.NotFound(f"No shared secret is known for {node_uri}")
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
274 try:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
275 shared_secret = shared_secrets[secret_id]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
276 except KeyError:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
277 raise exceptions.NotFound(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
278 f"No shared secret with ID {secret_id!r} has been found for {node_uri}"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
279 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
280 else:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
281 if shared_secret.origin != client.jid.userhostJID():
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
282 raise exceptions.PermissionError(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
283 f"The shared secret {shared_secret.id} originate from "
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
284 f"{shared_secret.origin}, not you ({client.jid.userhostJID()}). You "
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
285 "can't revoke it"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
286 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
287 shared_secret.revoked = True
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
288 await self.store_secrets(client, node_uri, shared_secrets)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
289 log.info(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
290 f"shared secret {secret_id!r} for {node_uri} has been revoked."
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
291 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
292 if recipients is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
293 recipients = shared_secret.shared_with
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
294 if recipients:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
295 for recipient in recipients:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
296 await self.send_revoke_notification(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
297 client, service, node, shared_secret.id, recipient
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
298 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
299 log.info(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
300 f"shared secret {shared_secret.id} revocation notification for "
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
301 f"{node_uri} has been send to {''.join(str(r) for r in recipients)}"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
302 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
303 else:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
304 log.info(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
305 "Due to empty recipients list, no revocation notification has been sent "
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
306 f"for shared secret {shared_secret.id} for {node_uri}"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
307 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
308
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
309 async def send_revoke_notification(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
310 self,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
311 client: SatXMPPEntity,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
312 service: jid.JID,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
313 node: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
314 secret_id: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
315 recipient: jid.JID
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
316 ) -> None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
317 revoke_elt = domish.Element((NS_OXPS, "revoke"))
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
318 revoke_elt["jid"] = service.full()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
319 revoke_elt["node"] = node
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
320 revoke_elt["id"] = secret_id
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
321 signcrypt_elt, payload_elt = self._ox.build_signcrypt_element([recipient])
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
322 payload_elt.addChild(revoke_elt)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
323 openpgp_elt = await self._ox.build_openpgp_element(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
324 client, signcrypt_elt, {recipient}
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
325 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
326 message_elt = domish.Element((None, "message"))
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
327 message_elt["from"] = client.jid.full()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
328 message_elt["to"] = recipient.full()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
329 message_elt.addChild((openpgp_elt))
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
330 self._h.addHintElements(message_elt, [self._h.HINT_STORE])
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
331 client.send(message_elt)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
332
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
333 def _ps_secret_share(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
334 self,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
335 recipient: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
336 service: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
337 node: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
338 secret_ids: List[str],
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
339 profile_key: str
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
340 ) -> defer.Deferred:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
341 return defer.ensureDeferred(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
342 self.share_secrets(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
343 self.host.getClient(profile_key),
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
344 jid.JID(recipient),
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
345 jid.JID(service) if service else None,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
346 node,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
347 secret_ids or None,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
348 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
349 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
350
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
351 async def share_secret(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
352 self,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
353 client: SatXMPPEntity,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
354 service: Optional[jid.JID],
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
355 node: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
356 shared_secret: SharedSecret,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
357 recipient: jid.JID
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
358 ) -> None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
359 """Create and send <shared-secret> element"""
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
360 if service is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
361 service = client.jid.userhostJID()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
362 shared_secret_elt = domish.Element((NS_OXPS, "shared-secret"))
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
363 shared_secret_elt["jid"] = service.full()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
364 shared_secret_elt["node"] = node
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
365 shared_secret_elt["id"] = shared_secret.id
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
366 shared_secret_elt["timestamp"] = utils.xmpp_date(shared_secret.timestamp)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
367 if shared_secret.revoked:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
368 shared_secret_elt["revoked"] = C.BOOL_TRUE
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
369 # TODO: add type attribute
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
370 shared_secret_elt.addContent(shared_secret.key)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
371 signcrypt_elt, payload_elt = self._ox.build_signcrypt_element([recipient])
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
372 payload_elt.addChild(shared_secret_elt)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
373 openpgp_elt = await self._ox.build_openpgp_element(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
374 client, signcrypt_elt, {recipient}
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
375 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
376 message_elt = domish.Element((None, "message"))
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
377 message_elt["from"] = client.jid.full()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
378 message_elt["to"] = recipient.full()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
379 message_elt.addChild((openpgp_elt))
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
380 self._h.addHintElements(message_elt, [self._h.HINT_STORE])
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
381 client.send(message_elt)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
382 shared_secret.shared_with.add(recipient)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
383
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
384 async def share_secrets(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
385 self,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
386 client: SatXMPPEntity,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
387 recipient: jid.JID,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
388 service: Optional[jid.JID],
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
389 node: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
390 secret_ids: Optional[List[str]] = None,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
391 ) -> None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
392 """Share secrets of a pubsub node with a recipient
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
393
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
394 @param recipient: who to share secrets with
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
395 @param service: pubsub/PEP service where the node is
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
396 @param node: node name
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
397 @param secret_ids: IDs of the secrets to share, or None to share all known secrets
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
398 (disabled or not)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
399 """
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
400 if service is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
401 service = client.jid.userhostJID()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
402 node_uri = uri.buildXMPPUri("pubsub", path=service.full(), node=node)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
403 shared_secrets = await self.load_secrets(client, node_uri)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
404 if shared_secrets is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
405 # no secret shared yet, let's generate one
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
406 shared_secret = self.generate_secret(client)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
407 shared_secrets = {shared_secret.id: shared_secret}
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
408 await self.store_secrets(client, node_uri, shared_secrets)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
409 if secret_ids is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
410 # we share all secrets of the node
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
411 to_share = shared_secrets.values()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
412 else:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
413 try:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
414 to_share = [shared_secrets[s_id] for s_id in secret_ids]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
415 except KeyError as e:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
416 raise exceptions.NotFound(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
417 f"no shared secret found with given ID: {e}"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
418 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
419 for shared_secret in to_share:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
420 await self.share_secret(client, service, node, shared_secret, recipient)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
421 await self.store_secrets(client, node_uri, shared_secrets)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
422
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
423 def _ps_secret_rotate(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
424 self,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
425 service: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
426 node: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
427 recipients: List[str],
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
428 profile_key: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
429 ) -> defer.Deferred:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
430 return defer.ensureDeferred(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
431 self.rotate_secret(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
432 self.host.getClient(profile_key),
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
433 jid.JID(service) if service else None,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
434 node,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
435 [jid.JID(r) for r in recipients] or None
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
436 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
437 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
438
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
439 async def rotate_secret(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
440 self,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
441 client: SatXMPPEntity,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
442 service: Optional[jid.JID],
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
443 node: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
444 recipients: Optional[List[jid.JID]] = None
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
445 ) -> None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
446 """Revoke all current known secrets, create and share a new one
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
447
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
448 @param service: pubsub/PEP service where the node is
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
449 @param node: node name
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
450 @param recipients: who must receive the new shared secret
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
451 if None, all recipients known to have last active shared secret will get the
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
452 new secret
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
453 """
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
454 if service is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
455 service = client.jid.userhostJID()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
456 node_uri = uri.buildXMPPUri("pubsub", path=service.full(), node=node)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
457 shared_secrets = await self.load_secrets(client, node_uri)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
458 if shared_secrets is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
459 shared_secrets = {}
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
460 for shared_secret in shared_secrets.values():
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
461 if not shared_secret.revoked:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
462 await self.revoke(client, service, node, shared_secret.id)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
463 shared_secret.revoked = True
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
464
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
465 if recipients is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
466 if shared_secrets:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
467 # we get recipients from latests shared secret's shared_with list,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
468 # regarless of deprecation (cause all keys may be deprecated)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
469 recipients = list(sorted(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
470 shared_secrets.values(),
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
471 key=lambda s: s.timestamp,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
472 reverse=True
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
473 )[0].shared_with)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
474 else:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
475 recipients = []
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
476
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
477 shared_secret = self.generate_secret(client)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
478 shared_secrets[shared_secret.id] = shared_secret
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
479 # we send notification to last entities known to already have the shared secret
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
480 for recipient in recipients:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
481 await self.share_secret(client, service, node, shared_secret, recipient)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
482 await self.store_secrets(client, node_uri, shared_secrets)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
483
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
484 def _ps_secrets_list(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
485 self,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
486 service: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
487 node: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
488 profile_key: str
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
489 ) -> defer.Deferred:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
490 d = defer.ensureDeferred(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
491 self.list_shared_secrets(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
492 self.host.getClient(profile_key),
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
493 jid.JID(service) if service else None,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
494 node,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
495 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
496 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
497 d.addCallback(lambda ret: data_format.serialise(ret))
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
498 return d
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
499
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
500 async def list_shared_secrets(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
501 self,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
502 client: SatXMPPEntity,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
503 service: Optional[jid.JID],
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
504 node: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
505 ) -> List[Dict[str, Any]]:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
506 """Retrieve for shared secrets of a pubsub node
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
507
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
508 @param service: pubsub/PEP service where the node is
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
509 @param node: node name
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
510 @return: shared secrets data
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
511 @raise exceptions.NotFound: no shared secret found for this node
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
512 """
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
513 if service is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
514 service = client.jid.userhostJID()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
515 node_uri = uri.buildXMPPUri("pubsub", path=service.full(), node=node)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
516 shared_secrets = await self.load_secrets(client, node_uri)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
517 if shared_secrets is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
518 raise exceptions.NotFound(f"No shared secrets found for {node_uri}")
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
519 return [
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
520 dataclasses.asdict(s, dict_factory=self.__secrect_dict_factory)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
521 for s in shared_secrets.values()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
522 ]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
523
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
524 async def handle_revoke_elt(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
525 self,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
526 client: SatXMPPEntity,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
527 sender: jid.JID,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
528 revoke_elt: domish.Element
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
529 ) -> None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
530 """Parse a <revoke> element and update local secrets
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
531
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
532 @param sender: bare jid of the entity who has signed the secret
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
533 @param revoke: <revoke/> element
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
534 """
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
535 try:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
536 service = jid.JID(revoke_elt["jid"])
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
537 node = revoke_elt["node"]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
538 secret_id = revoke_elt["id"]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
539 except (KeyError, RuntimeError) as e:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
540 log.warning(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
541 f"ignoring invalid <revoke> element: {e}\n{revoke_elt.toXml()}"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
542 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
543 return
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
544 node_uri = uri.buildXMPPUri("pubsub", path=service.full(), node=node)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
545 shared_secrets = await self.load_secrets(client, node_uri)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
546 if shared_secrets is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
547 log.warning(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
548 f"Can't revoke shared secret {secret_id}: no known shared secrets for "
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
549 f"{node_uri}"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
550 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
551 return
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
552
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
553 if any(s.origin != sender for s in shared_secrets.values()):
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
554 log.warning(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
555 f"Rejecting shared secret revocation signed by invalid entity ({sender}):"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
556 f"\n{revoke_elt.toXml}"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
557 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
558 return
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
559
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
560 try:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
561 shared_secret = shared_secrets[secret_id]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
562 except KeyError:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
563 log.warning(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
564 f"Can't revoke shared secret {secret_id}: this secret ID is unknown for "
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
565 f"{node_uri}"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
566 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
567 return
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
568
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
569 shared_secret.revoked = True
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
570 await self.store_secrets(client, node_uri, shared_secrets)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
571 log.info(f"Shared secret {secret_id} has been revoked for {node_uri}")
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
572
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
573 async def handle_shared_secret_elt(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
574 self,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
575 client: SatXMPPEntity,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
576 sender: jid.JID,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
577 shared_secret_elt: domish.Element
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
578 ) -> None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
579 """Parse a <shared-secret> element and update local secrets
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
580
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
581 @param sender: bare jid of the entity who has signed the secret
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
582 @param shared_secret_elt: <shared-secret/> element
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
583 """
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
584 try:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
585 service = jid.JID(shared_secret_elt["jid"])
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
586 node = shared_secret_elt["node"]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
587 secret_id = shared_secret_elt["id"]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
588 timestamp = utils.parse_xmpp_date(shared_secret_elt["timestamp"])
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
589 # TODO: handle "type" attribute
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
590 revoked = C.bool(shared_secret_elt.getAttribute("revoked", C.BOOL_FALSE))
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
591 except (KeyError, RuntimeError, ValueError) as e:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
592 log.warning(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
593 f"ignoring invalid <shared-secret> element: "
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
594 f"{e}\n{shared_secret_elt.toXml()}"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
595 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
596 return
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
597 key = str(shared_secret_elt)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
598 if not key:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
599 log.warning(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
600 "ignoring <shared-secret> element with empty key: "
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
601 f"{shared_secret_elt.toXml()}"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
602 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
603 return
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
604 shared_secret = SharedSecret(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
605 id=secret_id, key=key, timestamp=timestamp, origin=sender, revoked=revoked
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
606 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
607 node_uri = uri.buildXMPPUri("pubsub", path=service.full(), node=node)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
608 shared_secrets = await self.load_secrets(client, node_uri)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
609 if shared_secrets is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
610 shared_secrets = {}
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
611 # no known shared secret yet for this node, we have to trust first user who
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
612 # send it
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
613 else:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
614 if any(s.origin != sender for s in shared_secrets.values()):
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
615 log.warning(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
616 f"Rejecting shared secret signed by invalid entity ({sender}):\n"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
617 f"{shared_secret_elt.toXml}"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
618 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
619 return
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
620
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
621 shared_secrets[shared_secret.id] = shared_secret
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
622 await self.store_secrets(client, node_uri, shared_secrets)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
623 log.info(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
624 f"shared secret {shared_secret.id} added for {node_uri} [{client.profile}]"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
625 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
626
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
627 async def _publish_trigger(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
628 self,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
629 client: SatXMPPEntity,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
630 service: jid.JID,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
631 node: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
632 items: Optional[List[domish.Element]],
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
633 options: Optional[dict],
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
634 sender: jid.JID,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
635 extra: Dict[str, Any]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
636 ) -> bool:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
637 if not items or not extra.get("encrypted"):
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
638 return True
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
639 node_uri = uri.buildXMPPUri("pubsub", path=service.full(), node=node)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
640 shared_secrets = await self.load_secrets(client, node_uri)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
641 if shared_secrets is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
642 shared_secrets = {}
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
643 shared_secret = None
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
644 else:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
645 current_secrets = [s for s in shared_secrets.values() if not s.revoked]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
646 if not current_secrets:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
647 shared_secret = None
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
648 elif len(current_secrets) > 1:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
649 log.warning(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
650 f"more than one active shared secret found for node {node!r} at "
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
651 f"{service}, using the most recent one"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
652 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
653 current_secrets.sort(key=lambda s: s.timestamp, reverse=True)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
654 shared_secret = current_secrets[0]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
655 else:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
656 shared_secret = current_secrets[0]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
657
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
658 if shared_secret is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
659 if any(s.origin != client.jid.userhostJID() for s in shared_secrets.values()):
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
660 raise exceptions.PermissionError(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
661 "there is no known active shared secret, and you are not the "
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
662 "creator of previous shared secrets, we can't encrypt items at "
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
663 f"{node_uri} ."
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
664 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
665 shared_secret = self.generate_secret(client)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
666 shared_secrets[shared_secret.id] = shared_secret
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
667 await self.store_secrets(client, node_uri, shared_secrets)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
668 # TODO: notify other entities
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
669
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
670 for item in items:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
671 item_elts = list(item.elements())
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
672 if len(item_elts) != 1:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
673 raise ValueError(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
674 f"there should be exactly one item payload: {item.toXml()}"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
675 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
676 item_payload = item_elts[0]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
677 log.debug(f"encrypting item {item.getAttribute('id', '')}")
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
678 encrypted_item = self.gpg_provider.encrypt_symmetrically(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
679 item_payload.toXml().encode(), shared_secret.key
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
680 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
681 item.children.clear()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
682 encrypted_elt = domish.Element((NS_OXPS, "encrypted"))
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
683 encrypted_elt["key"] = shared_secret.id
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
684 encrypted_elt.addContent(base64.b64encode(encrypted_item).decode())
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
685 item.addChild(encrypted_elt)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
686
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
687 return True
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
688
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
689 async def _items_trigger(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
690 self,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
691 client: SatXMPPEntity,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
692 service: Optional[jid.JID],
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
693 node: str,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
694 items: List[domish.Element],
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
695 rsm_response: rsm.RSMResponse,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
696 extra: Dict[str, Any],
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
697 ) -> None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
698 if not extra.get(C.KEY_DECRYPT, True):
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
699 return
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
700 if service is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
701 service = client.jid.userhostJID()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
702 shared_secrets = None
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
703 for item in items:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
704 payload = item.firstChildElement()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
705 if (payload is not None
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
706 and payload.name == "encrypted"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
707 and payload.uri == NS_OXPS):
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
708 encrypted_elt = payload
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
709 secret_id = encrypted_elt.getAttribute("key")
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
710 if not secret_id:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
711 log.warning(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
712 f'"key" attribute is missing from encrypted item: {item.toXml()}'
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
713 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
714 continue
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
715 if shared_secrets is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
716 node_uri = uri.buildXMPPUri("pubsub", path=service.full(), node=node)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
717 shared_secrets = await self.load_secrets(client, node_uri)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
718 if shared_secrets is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
719 log.warning(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
720 f"No known shared secret for {node_uri}, can't decrypt"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
721 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
722 return
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
723 try:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
724 shared_secret = shared_secrets[secret_id]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
725 except KeyError:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
726 log.warning(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
727 f"No key known for encrypted item {item['id']!r} (shared secret "
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
728 f"id: {secret_id!r})"
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
729 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
730 continue
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
731 log.debug(f"decrypting item {item.getAttribute('id', '')}")
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
732 decrypted = self.gpg_provider.decrypt_symmetrically(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
733 base64.b64decode(str(encrypted_elt)),
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
734 shared_secret.key
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
735 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
736 decrypted_elt = xml_tools.parse(decrypted)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
737 item.children.clear()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
738 item.addChild(decrypted_elt)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
739
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
740 async def _message_received_trigger(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
741 self,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
742 client: SatXMPPEntity,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
743 message_elt: domish.Element,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
744 post_treat: defer.Deferred
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
745 ) -> bool:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
746 sender = jid.JID(message_elt["from"]).userhostJID()
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
747 # there may be an openpgp element if OXIM is not activate, in this case we have to
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
748 # decrypt it here
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
749 openpgp_elt = next(message_elt.elements(NS_OX, "openpgp"), None)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
750 if openpgp_elt is not None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
751 try:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
752 payload_elt, __ = await self._ox.unpack_openpgp_element(
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
753 client,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
754 openpgp_elt,
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
755 "signcrypt",
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
756 sender
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
757 )
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
758 except Exception as e:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
759 log.warning(f"Can't decrypt element: {e}\n{message_elt.toXml()}")
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
760 return False
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
761 message_elt.children.remove(openpgp_elt)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
762 for c in payload_elt.children:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
763 message_elt.addChild(c)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
764
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
765 shared_secret_elt = next(message_elt.elements(NS_OXPS, "shared-secret"), None)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
766 if shared_secret_elt is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
767 # no <shared-secret>, we check if there is a <revoke> element
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
768 revoke_elt = next(message_elt.elements(NS_OXPS, "revoke"), None)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
769 if revoke_elt is None:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
770 return True
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
771 else:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
772 await self.handle_revoke_elt(client, sender, revoke_elt)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
773 else:
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
774 await self.handle_shared_secret_elt(client, sender, shared_secret_elt)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
775
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
776 return False
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
777
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
778
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
779 @implementer(iwokkel.IDisco)
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
780 class PubsubEncryption_Handler(xmlstream.XMPPHandler):
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
781
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
782 def getDiscoInfo(self, requestor, service, nodeIdentifier=""):
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
783 return [disco.DiscoFeature(NS_OXPS)]
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
784
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
785 def getDiscoItems(self, requestor, service, nodeIdentifier=""):
e345d93fb6e5 plugin OXPS: OpenPGP for XMPP Pubsub implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
786 return []