libervia-backend: sat/plugins/plugin_sec

comparison sat/plugins/plugin_sec_otr.py @ 2743:da59ff099b32

core (memory/encryption), plugin OTR: finished OTR integration in encryption: - messageEncryptionStart and messageEncryptionStop are now async - an encryption plugin can now have a startEncryption and endEncryption method, which are called automatically when suitable - trust is now put in "trusted" key of message_data, and markAsTrusted has been added, it is used in OTR - getTrustUI implemented for OTR, using legacy authenticate code - catch potr.crypt.InvalidParameterError on decryption - fixed some service OTR messages which were not correctly marked as not for storing, and thus were added to MAM archive/carbon copied - other bug fixes

author	Goffi <goffi@goffi.org>
date	Thu, 03 Jan 2019 21:00:00 +0100
parents	a86f494457c2
children	3dd265d281e1

comparison

equal deleted inserted replaced

-:1f5b02623355
+:da59ff099b32
 OTR_STATE_UNENCRYPTED = "unencrypted"
 OTR_STATE_ENCRYPTED = "encrypted"
 class Context(potr.context.Context):
-def __init__(self, host, account, other_jid):
+def __init__(self, context_manager, other_jid):
-super(Context, self).__init__(account, other_jid)
+self.context_manager = context_manager
-self.host = host
+super(Context, self).__init__(context_manager.account, other_jid)
+@property
+def host(self):
+return self.context_manager.host
+@property
+def _p_hints(self):
+return self.context_manager.parent._p_hints
+@property
+def _p_carbons(self):
+return self.context_manager.parent._p_carbons
 def getPolicy(self, key):
 if key in DEFAULT_POLICY_FLAGS:
 return DEFAULT_POLICY_FLAGS[key]
 else:
 "type": "chat",
 "extra": {},
 "timestamp": time.time(),
 }
 client.generateMessageXML(mess_data)
+xml = mess_data[u'xml']
+self._p_carbons.setPrivate(xml)
+self._p_hints.addHintElements(xml, [
+self._p_hints.HINT_NO_COPY,
+self._p_hints.HINT_NO_PERMANENT_STORE])
 client.send(mess_data["xml"])
 else:
 message_elt = appdata[u"xml"]
 assert message_elt.name == u"message"
 message_elt.addElement("body", content=msg)
+def stopCb(self, __, feedback):
+client = self.user.client
+self.host.bridge.otrState(
+OTR_STATE_UNENCRYPTED, self.peer.full(), client.profile
+)
+client.feedback(self.peer, feedback)
+def stopEb(self, failure_):
+# encryption may be already stopped in case of manual stop
+if not failure_.check(exceptions.NotFound):
+log.error(u"Error while stopping OTR encryption: {msg}".format(msg=failure_))
+def isTrusted(self):
+# we have to check value because potr code says that a 2-tuples should be
+# returned while in practice it's either None or u"trusted"
+trusted = self.getCurrentTrust()
+if trusted is None:
+return False
+elif trusted == u'trusted':
+return True
+else:
+log.error(u"Unexpected getCurrentTrust() value: {value}".format(
+value=trusted))
+return False
 def setState(self, state):
 client = self.user.client
 old_state = self.state
 super(Context, self).setState(state)
 log.debug(u"setState: %s (old_state=%s)" % (state, old_state))
 if state == potr.context.STATE_PLAINTEXT:
-client.encryption.stop(self.peer, NS_OTR)
 feedback = _(u"/!\\ conversation with %(other_jid)s is now UNENCRYPTED") % {
 "other_jid": self.peer.full()
 }
-self.host.bridge.otrState(
+d = client.encryption.stop(self.peer, NS_OTR)
-OTR_STATE_UNENCRYPTED, self.peer.full(), client.profile
+d.addCallback(self.stopCb, feedback=feedback)
-)
+d.addErrback(self.stopEb)
+return
 elif state == potr.context.STATE_ENCRYPTED:
 client.encryption.start(self.peer, NS_OTR)
 try:
-trusted = self.getCurrentTrust()
+trusted = self.isTrusted()
 except TypeError:
 trusted = False
 trusted_str = _(u"trusted") if trusted else _(u"untrusted")
 if old_state == potr.context.STATE_ENCRYPTED:
 )
 self.host.bridge.otrState(
 OTR_STATE_ENCRYPTED, self.peer.full(), client.profile
 )
 elif state == potr.context.STATE_FINISHED:
-client.encryption.stop(self.peer, NS_OTR)
 feedback = D_(u"OTR conversation with {other_jid} is FINISHED").format(
 other_jid=self.peer.full()
 )
-self.host.bridge.otrState(
+d = client.encryption.stop(self.peer, NS_OTR)
-OTR_STATE_UNENCRYPTED, self.peer.full(), client.profile
+d.addCallback(self.stopCb, feedback=feedback)
-)
+d.addErrback(self.stopEb)
+return
 else:
 log.error(D_(u"Unknown OTR state"))
 return
 client.feedback(self.peer, feedback)
 jid_data[fingerprint] = trustLevel
 super(Account, self).setTrust(other_jid, fingerprint, trustLevel)
 class ContextManager(object):
-def __init__(self, host, client):
+def __init__(self, parent, client):
-self.host = host
+self.parent = parent
-self.account = Account(host, client)
+self.account = Account(parent.host, client)
 self.contexts = {}
+@property
+def host(self):
+return self.parent.host
 def startContext(self, other_jid):
 assert isinstance(other_jid, jid.JID)
 context = self.contexts.setdefault(
-other_jid, Context(self.host, self.account, other_jid)
+other_jid, Context(self, other_jid)
 )
 return context
 def getContextForUser(self, other):
 log.debug(u"getContextForUser [%s]" % other)
 @defer.inlineCallbacks
 def profileConnected(self, client):
 if client.profile in self.skipped_profiles:
 return
-ctxMng = client._otr_context_manager = ContextManager(self.host, client)
+ctxMng = client._otr_context_manager = ContextManager(self, client)
 client._otr_data = persistent.PersistentBinaryDict(NS_OTR, client.profile)
 yield client._otr_data.load()
 encrypted_priv_key = client._otr_data.get(PRIVATE_KEY, None)
 if encrypted_priv_key is not None:
 priv_key = yield self.host.memory.decryptValue(
 self.skipped_profiles.remove(client.profile)
 return
 for context in client._otr_context_manager.contexts.values():
 context.disconnect()
 del client._otr_context_manager
+# encryption plugin methods
+def startEncryption(self, client, entity_jid):
+self.startRefresh(client, entity_jid)
+def stopEncryption(self, client, entity_jid):
+self.endSession(client, entity_jid)
+def getTrustUI(self, client, entity_jid):
+if not entity_jid.resource:
+entity_jid.resource = self.host.memory.getMainResource(
+client, entity_jid
+)  # FIXME: temporary and unsecure, must be changed when frontends
+#        are refactored
+ctxMng = client._otr_context_manager
+otrctx = ctxMng.getContextForUser(entity_jid)
+priv_key = ctxMng.account.privkey
+if priv_key is None:
+# we have no private key yet
+dialog = xml_tools.XMLUI(
+C.XMLUI_DIALOG,
+dialog_opt={
+C.XMLUI_DATA_TYPE: C.XMLUI_DIALOG_MESSAGE,
+C.XMLUI_DATA_MESS: _(
+u"You have no private key yet, start an OTR conversation to "
+u"have one"
+),
+C.XMLUI_DATA_LVL: C.XMLUI_DATA_LVL_WARNING,
+},
+title=_(u"No private key"),
+)
+return dialog
+other_fingerprint = otrctx.getCurrentKey()
+if other_fingerprint is None:
+# we have a private key, but not the fingerprint of our correspondent
+dialog = xml_tools.XMLUI(
+C.XMLUI_DIALOG,
+dialog_opt={
+C.XMLUI_DATA_TYPE: C.XMLUI_DIALOG_MESSAGE,
+C.XMLUI_DATA_MESS: _(
+u"Your fingerprint is:\n{fingerprint}\n\n"
+u"Start an OTR conversation to have your correspondent one."
+).format(fingerprint=priv_key),
+C.XMLUI_DATA_LVL: C.XMLUI_DATA_LVL_INFO,
+},
+title=_(u"Fingerprint"),
+)
+return dialog
+def setTrust(raw_data, profile):
+if xml_tools.isXMLUICancelled(raw_data):
+return {}
+# This method is called when authentication form is submited
+data = xml_tools.XMLUIResult2DataFormResult(raw_data)
+if data["match"] == "yes":
+otrctx.setCurrentTrust(OTR_STATE_TRUSTED)
+note_msg = _(u"Your correspondent {correspondent} is now TRUSTED")
+self.host.bridge.otrState(
+OTR_STATE_TRUSTED, entity_jid.full(), client.profile
+)
+else:
+otrctx.setCurrentTrust("")
+note_msg = _(u"Your correspondent {correspondent} is now UNTRUSTED")
+self.host.bridge.otrState(
+OTR_STATE_UNTRUSTED, entity_jid.full(), client.profile
+)
+note = xml_tools.XMLUI(
+C.XMLUI_DIALOG,
+dialog_opt={
+C.XMLUI_DATA_TYPE: C.XMLUI_DIALOG_NOTE,
+C.XMLUI_DATA_MESS: note_msg.format(correspondent=otrctx.peer),
+},
+)
+return {"xmlui": note.toXml()}
+submit_id = self.host.registerCallback(setTrust, with_data=True, one_shot=True)
+trusted = otrctx.isTrusted()
+xmlui = xml_tools.XMLUI(
+C.XMLUI_FORM,
+title=_(u"Authentication ({entity_jid})").format(entity_jid=entity_jid.full()),
+submit_id=submit_id,
+)
+xmlui.addText(_(AUTH_TXT))
+xmlui.addDivider()
+xmlui.addText(
+D_(u"Your own fingerprint is:\n{fingerprint}").format(fingerprint=priv_key)
+)
+xmlui.addText(
+D_(u"Your correspondent fingerprint should be:\n{fingerprint}").format(
+fingerprint=other_fingerprint
+)
+)
+xmlui.addDivider("blank")
+xmlui.changeContainer("pairs")
+xmlui.addLabel(D_(u"Is your correspondent fingerprint the same as here ?"))
+xmlui.addList(
+"match", [("yes", _("yes")), ("no", _("no"))], ["yes" if trusted else "no"]
+)
+return xmlui
 def _otrStartRefresh(self, menu_data, profile):
 """Start or refresh an OTR session
 @param menu_data: %(menu_data)s
 return defer.fail(exceptions.DataError)
 return self.authenticate(client, to_jid)
 def authenticate(self, client, to_jid):
 """Authenticate other user and see our own fingerprint"""
-if not to_jid.resource:
+xmlui = self.getTrustUI(client, to_jid)
-to_jid.resource = self.host.memory.getMainResource(
-client, to_jid
-)  # FIXME: temporary and unsecure, must be changed when frontends
-#        are refactored
-ctxMng = client._otr_context_manager
-otrctx = ctxMng.getContextForUser(to_jid)
-priv_key = ctxMng.account.privkey
-if priv_key is None:
-# we have no private key yet
-dialog = xml_tools.XMLUI(
-C.XMLUI_DIALOG,
-dialog_opt={
-C.XMLUI_DATA_TYPE: C.XMLUI_DIALOG_MESSAGE,
-C.XMLUI_DATA_MESS: _(
-u"You have no private key yet, start an OTR conversation to "
-u"have one"
-),
-C.XMLUI_DATA_LVL: C.XMLUI_DATA_LVL_WARNING,
-},
-title=_(u"No private key"),
-)
-return {"xmlui": dialog.toXml()}
-other_fingerprint = otrctx.getCurrentKey()
-if other_fingerprint is None:
-# we have a private key, but not the fingerprint of our correspondent
-dialog = xml_tools.XMLUI(
-C.XMLUI_DIALOG,
-dialog_opt={
-C.XMLUI_DATA_TYPE: C.XMLUI_DIALOG_MESSAGE,
-C.XMLUI_DATA_MESS: _(
-u"Your fingerprint is:\n{fingerprint}\n\n"
-u"Start an OTR conversation to have your correspondent one."
-).format(fingerprint=priv_key),
-C.XMLUI_DATA_LVL: C.XMLUI_DATA_LVL_INFO,
-},
-title=_(u"Fingerprint"),
-)
-return {"xmlui": dialog.toXml()}
-def setTrust(raw_data, profile):
-# This method is called when authentication form is submited
-data = xml_tools.XMLUIResult2DataFormResult(raw_data)
-if data["match"] == "yes":
-otrctx.setCurrentTrust(OTR_STATE_TRUSTED)
-note_msg = _(u"Your correspondent {correspondent} is now TRUSTED")
-self.host.bridge.otrState(
-OTR_STATE_TRUSTED, to_jid.full(), client.profile
-)
-else:
-otrctx.setCurrentTrust("")
-note_msg = _(u"Your correspondent {correspondent} is now UNTRUSTED")
-self.host.bridge.otrState(
-OTR_STATE_UNTRUSTED, to_jid.full(), client.profile
-)
-note = xml_tools.XMLUI(
-C.XMLUI_DIALOG,
-dialog_opt={
-C.XMLUI_DATA_TYPE: C.XMLUI_DIALOG_NOTE,
-C.XMLUI_DATA_MESS: note_msg.format(correspondent=otrctx.peer),
-},
-)
-return {"xmlui": note.toXml()}
-submit_id = self.host.registerCallback(setTrust, with_data=True, one_shot=True)
-trusted = bool(otrctx.getCurrentTrust())
-xmlui = xml_tools.XMLUI(
-C.XMLUI_FORM,
-title=_("Authentication (%s)") % to_jid.full(),
-submit_id=submit_id,
-)
-xmlui.addText(_(AUTH_TXT))
-xmlui.addDivider()
-xmlui.addText(
-D_(u"Your own fingerprint is:\n{fingerprint}").format(fingerprint=priv_key)
-)
-xmlui.addText(
-D_(u"Your correspondent fingerprint should be:\n{fingerprint}").format(
-fingerprint=other_fingerprint
-)
-)
-xmlui.addDivider("blank")
-xmlui.changeContainer("pairs")
-xmlui.addLabel(D_(u"Is your correspondent fingerprint the same as here ?"))
-xmlui.addList(
-"match", [("yes", _("yes")), ("no", _("no"))], ["yes" if trusted else "no"]
-)
 return {"xmlui": xmlui.toXml()}
 def _dropPrivKey(self, menu_data, profile):
 """Drop our private Key
 feedback = msg
 client.feedback(from_jid, msg)
 raise failure.Failure(exceptions.CancelError(msg))
 except potr.context.ErrorReceived as e:
 msg = D_(u"WARNING: received OTR error message: {msg}".format(msg=e))
+log.warning(msg)
+feedback = msg
+client.feedback(from_jid, msg)
+raise failure.Failure(exceptions.CancelError(msg))
+except potr.crypt.InvalidParameterError as e:
+msg = D_(u"Error while trying de decrypt OTR message: {msg}".format(msg=e))
 log.warning(msg)
 feedback = msg
 client.feedback(from_jid, msg)
 raise failure.Failure(exceptions.CancelError(msg))
 except StopIteration:
 else:
 raise failure.Failure(
 exceptions.CancelError("Cancelled by OTR")
 )  # no message at all (no history, no signal)
 client.encryption.markAsEncrypted(data)
+trusted = otrctx.isTrusted()
+if trusted:
+client.encryption.markAsTrusted(data)
+else:
+client.encryption.markAsUntrusted(data)
 return data
 def _receivedTreatmentForSkippedProfiles(self, data):
 """This profile must be skipped because the frontend manages OTR itself,

Mercurial > libervia-backend

comparison sat/plugins/plugin_sec_otr.py @ 2743:da59ff099b32