Mercurial > libervia-backend
annotate sat/plugins/plugin_xep_0380.py @ 3934:e345d93fb6e5
plugin OXPS: OpenPGP for XMPP Pubsub implementation:
OpenPGP for XMPP Pubsub (https://xmpp.org/extensions/inbox/pubsub-encryption.html,
currently a protoXEP) is implemented and activated when `encrypted` is set to `True` in
pubsub's `extra` data.
On item retrieval, the decryption is transparent if the key is known, except if the
`decrypt` key in `extra` is set to `False` (notably useful when one wants to checks that
data is well encrypted).
Methods and corresponding bridge methods have been implemented to manage shared secrets
(to share, revoke or rotate the secrets).
plugin XEP-0060's `XEP-0060_publish` trigger point as been move before actual publish so
item can be modified (here e2ee) by the triggers. A new `XEP-0060_items` trigger point has
also been added.
`encrypted` flag can be used with plugin XEP-0277's microblog data
rel 380
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Sat, 15 Oct 2022 20:36:53 +0200 |
| parents | be6d91572633 |
| children | 524856bd7b19 |
| rev | line source |
|---|---|
| 3028 | 1 #!/usr/bin/env python3 |
| 3137 | 2 |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
3 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
4 # SAT plugin for Explicit Message Encryption |
| 3479 | 5 # Copyright (C) 2009-2021 Jérôme Poisson (goffi@goffi.org) |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
6 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
7 # This program is free software: you can redistribute it and/or modify |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
8 # it under the terms of the GNU Affero General Public License as published by |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
9 # the Free Software Foundation, either version 3 of the License, or |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
10 # (at your option) any later version. |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
11 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
12 # This program is distributed in the hope that it will be useful, |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
15 # GNU Affero General Public License for more details. |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
16 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
17 # You should have received a copy of the GNU Affero General Public License |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
19 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
20 from sat.core.i18n import _, D_ |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
21 from sat.core.constants import Const as C |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
22 from sat.core.log import getLogger |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
23 from twisted.words.protocols.jabber import jid |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
24 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
25 log = getLogger(__name__) |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
26 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
27 PLUGIN_INFO = { |
| 3028 | 28 C.PI_NAME: "Explicit Message Encryption", |
| 29 C.PI_IMPORT_NAME: "XEP-0380", | |
| 30 C.PI_TYPE: "SEC", | |
| 31 C.PI_PROTOCOLS: ["XEP-0380"], | |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
32 C.PI_DEPENDENCIES: [], |
| 3028 | 33 C.PI_MAIN: "XEP_0380", |
| 34 C.PI_HANDLER: "no", | |
| 35 C.PI_DESCRIPTION: _("""Implementation of Explicit Message Encryption"""), | |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
36 } |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
37 |
| 3028 | 38 NS_EME = "urn:xmpp:eme:0" |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
39 KNOWN_NAMESPACES = { |
| 3028 | 40 "urn:xmpp:otr:0": "OTR", |
| 41 "jabber:x:encrypted": "Legacy OpenPGP", | |
| 42 "urn:xmpp:openpgp:0": "OpenPGP for XMPP", | |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
43 } |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
44 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
45 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
46 class XEP_0380(object): |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
47 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
48 def __init__(self, host): |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
49 self.host = host |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
50 host.trigger.add("sendMessage", self._sendMessageTrigger) |
|
3172
dcebc585c29f
core: renamed "MessageReceived" trigger to "messageReceived" for consistency.
Goffi <goffi@goffi.org>
parents:
3137
diff
changeset
|
51 host.trigger.add("messageReceived", self._messageReceivedTrigger, priority=100) |
| 3028 | 52 host.registerNamespace("eme", NS_EME) |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
53 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
54 def _addEMEElement(self, mess_data, namespace, name): |
| 3028 | 55 message_elt = mess_data['xml'] |
| 56 encryption_elt = message_elt.addElement((NS_EME, 'encryption')) | |
| 57 encryption_elt['namespace'] = namespace | |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
58 if name is not None: |
| 3028 | 59 encryption_elt['name'] = name |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
60 return mess_data |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
61 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
62 def _sendMessageTrigger(self, client, mess_data, __, post_xml_treatments): |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
63 encryption = mess_data.get(C.MESS_KEY_ENCRYPTION) |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
64 if encryption is not None: |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
65 namespace = encryption['plugin'].namespace |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
66 if namespace not in KNOWN_NAMESPACES: |
| 3028 | 67 name = encryption['plugin'].name |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
68 else: |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
69 name = None |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
70 post_xml_treatments.addCallback( |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
71 self._addEMEElement, namespace=namespace, name=name) |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
72 return True |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
73 |
|
3172
dcebc585c29f
core: renamed "MessageReceived" trigger to "messageReceived" for consistency.
Goffi <goffi@goffi.org>
parents:
3137
diff
changeset
|
74 def _messageReceivedTrigger(self, client, message_elt, post_treat): |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
75 try: |
| 3028 | 76 encryption_elt = next(message_elt.elements(NS_EME, 'encryption')) |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
77 except StopIteration: |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
78 return True |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
79 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
80 namespace = encryption_elt['namespace'] |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
81 if namespace in client.encryption.getNamespaces(): |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
82 # message is encrypted and we can decrypt it |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
83 return True |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
84 |
| 3028 | 85 name = KNOWN_NAMESPACES.get(namespace, encryption_elt.getAttribute("name")) |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
86 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
87 # at this point, message is encrypted but we know that we can't decrypt it, |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
88 # we need to notify the user |
| 3028 | 89 sender_s = message_elt['from'] |
| 90 to_jid = jid.JID(message_elt['from']) | |
| 91 algorithm = "{} [{}]".format(name, namespace) if name else namespace | |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
92 log.warning( |
| 3028 | 93 _("Message from {sender} is encrypted with {algorithm} and we can't " |
| 94 "decrypt it.".format(sender=message_elt['from'], algorithm=algorithm))) | |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
95 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
96 user_msg = D_( |
| 3028 | 97 "User {sender} sent you an encrypted message (encrypted with {algorithm}), " |
| 98 "and we can't decrypt it.").format(sender=sender_s, algorithm=algorithm) | |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
99 |
|
2754
3bea6b5ae972
plugin XEP-0380, XEP-0384: use C.EXTRA_INFO_DECR_ERR as info sub-type when a message can't be decrypted.
Goffi <goffi@goffi.org>
parents:
2750
diff
changeset
|
100 extra = {C.MESS_EXTRA_INFO: C.EXTRA_INFO_DECR_ERR} |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
101 client.feedback(to_jid, user_msg, extra) |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
102 return False |