src/secrets.py

   1 # -*- coding:utf-8 -*-
   2 ## src/secrets.py
   3 ##
   4 ## Copyright (C) 2007-2008 Brendan Taylor <whateley AT gmail.com>
   5 ## Copyright (C) 2008 Jonathan Schleifer <js-gajim AT webkeks.org>
   6 ##
   7 ## This file is part of Gajim.
   8 ##
   9 ## Gajim is free software; you can redistribute it and/or modify
  10 ## it under the terms of the GNU General Public License as published
  11 ## by the Free Software Foundation; version 3 only.
  12 ##
  13 ## Gajim is distributed in the hope that it will be useful,
  14 ## but WITHOUT ANY WARRANTY; without even the implied warranty of
  15 ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  16 ## GNU General Public License for more details.
  17 ##
  18 ## You should have received a copy of the GNU General Public License
  19 ## along with Gajim. If not, see <http://www.gnu.org/licenses/>.
  20 ##
  21
  22 from common.configpaths import gajimpaths
  23
  24 import Crypto
  25 from common import crypto
  26 from common import exceptions
  27
  28 import os
  29 import pickle
  30
  31 secrets_filename = gajimpaths['SECRETS_FILE']
  32 secrets_cache = None
  33
  34 class Secrets:
  35     def __init__(self, filename):
  36         self.filename = filename
  37         self.srs = {}
  38         self.pubkeys = {}
  39         self.privkeys = {}
  40
  41     def cancel(self):
  42         raise exceptions.Cancelled
  43
  44     def save(self):
  45         f = open(secrets_filename, 'w')
  46         pickle.dump(self, f)
  47         f.close()
  48
  49     def retained_secrets(self, account, bare_jid):
  50         try:
  51             return self.srs[account][bare_jid]
  52         except KeyError:
  53             return []
  54
  55     # retained secrets are stored as a tuple of the secret and whether the user
  56     # has verified it
  57     def save_new_srs(self, account, jid, secret, verified):
  58         if not account in self.srs:
  59             self.srs[account] = {}
  60
  61         if not jid in self.srs[account]:
  62             self.srs[account][jid] = []
  63
  64         self.srs[account][jid].append((secret, verified))
  65
  66         self.save()
  67
  68     def find_srs(self, account, jid, srs):
  69         our_secrets = self.srs[account][jid]
  70         return [(x, y) for x, y in our_secrets if x == srs][0]
  71
  72     # has the user verified this retained secret?
  73     def srs_verified(self, account, jid, srs):
  74         return self.find_srs(account, jid, srs)[1]
  75
  76     def replace_srs(self, account, jid, old_secret, new_secret, verified):
  77         our_secrets = self.srs[account][jid]
  78
  79         idx = our_secrets.index(self.find_srs(account, jid, old_secret))
  80
  81         our_secrets[idx] = (new_secret, verified)
  82
  83         self.save()
  84
  85     # the public key associated with 'account'
  86     def my_pubkey(self, account):
  87         try:
  88             pk = self.privkeys[account]
  89         except KeyError:
  90             pk = Crypto.PublicKey.RSA.generate(384, crypto.random_bytes)
  91
  92             self.privkeys[account] = pk
  93             self.save()
  94
  95         return pk
  96
  97 def load_secrets(filename):
  98     f = open(filename, 'r')
  99
 100     try:
 101         secrets = pickle.load(f)
 102     except (KeyError, EOFError):
 103         f.close()
 104         secrets = Secrets(filename)
 105
 106     return secrets
 107
 108 def secrets():
 109     global secrets_cache
 110
 111     if secrets_cache:
 112         return secrets_cache
 113
 114     if os.path.exists(secrets_filename):
 115         secrets_cache = load_secrets(secrets_filename)
 116     else:
 117         secrets_cache = Secrets(secrets_filename)
 118
 119     return secrets_cache