[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [bridgedb/master] Move getKey() to crypto module.



commit 808ff48c972e829d48232d393143acf41de9707d
Author: Isis Lovecruft <isis@xxxxxxxxxxxxxx>
Date:   Sat Oct 26 12:48:54 2013 +0000

    Move getKey() to crypto module.
---
 lib/bridgedb/Main.py   |   33 ++----------------------------
 lib/bridgedb/crypto.py |   53 ++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 55 insertions(+), 31 deletions(-)

diff --git a/lib/bridgedb/Main.py b/lib/bridgedb/Main.py
index 2b8e4f8..5701681 100644
--- a/lib/bridgedb/Main.py
+++ b/lib/bridgedb/Main.py
@@ -18,6 +18,7 @@ from twisted.internet import reactor
 
 from bridgedb.parse import options
 
+import bridgedb.crypto
 import bridgedb.Bridges as Bridges
 import bridgedb.Dist as Dist
 import bridgedb.Time as Time
@@ -148,36 +149,6 @@ def configureLogging(cfg):
         logging.warn("Safe Logging: Disabled")
 
 
-def getKey(fname):
-    """Load the key stored in fname, or create a new 32-byte key and store
-       it in fname.
-
-    >>> name = os.tmpnam()
-    >>> os.path.exists(name)
-    False
-    >>> k1 = getKey(name)
-    >>> os.path.exists(name)
-    True
-    >>> open(name).read() == k1
-    True
-    >>> k2 = getKey(name)
-    >>> k1 == k2
-    True
-    """
-    try:
-        f = open(fname, 'rb')
-    except IOError:
-        k = os.urandom(32)
-        flags = os.O_WRONLY|os.O_TRUNC|os.O_CREAT|getattr(os, "O_BIN", 0)
-        fd = os.open(fname, flags, 0400)
-        os.write(fd, k)
-        os.close(fd)
-    else:
-        k = f.read()
-        f.close()
-
-    return k
-
 def load(cfg, splitter, clear=False):
     """Read all the bridge files from cfg, and pass them into a splitter
        object.
@@ -329,7 +300,7 @@ def startup(cfg, options):
     from bridgedb import HTTPServer
 
     # Load the master key, or create a new one.
-    key = getKey(cfg.MASTER_KEY_FILE)
+    key = bridgedb.crypto.getKey(cfg.MASTER_KEY_FILE)
 
     # Initialize our DB file.
     db = bridgedb.Storage.Database(cfg.DB_FILE+".sqlite",
diff --git a/lib/bridgedb/crypto.py b/lib/bridgedb/crypto.py
new file mode 100644
index 0000000..ea00733
--- /dev/null
+++ b/lib/bridgedb/crypto.py
@@ -0,0 +1,53 @@
+# -*- coding: utf-8 -*-
+#
+# This file is part of BridgeDB, a Tor bridge distribution system.
+#
+# :authors: Isis Lovecruft 0xA3ADB67A2CDB8B35 <isis@xxxxxxxxxxxxxx>
+#           please also see AUTHORS file
+# :copyright: (c) 2007-2013, The Tor Project, Inc.
+#             (c) 2007-2013, all entities within the AUTHORS file
+# :license: 3-clause BSD, see included LICENSE for information
+
+
+from __future__ import absolute_import
+from __future__ import unicode_literals
+
+import os
+
+import OpenSSL.rand
+
+
+def getKey(filename):
+    """Load the key stored in ``filename``, or create a new key.
+
+    If ``filename`` does not exist, create a new 32-byte key and store it in
+    ``filename``.
+
+    >>> name = os.tmpnam()
+    >>> os.path.exists(name)
+    False
+    >>> k1 = getKey(name)
+    >>> os.path.exists(name)
+    True
+    >>> open(name).read() == k1
+    True
+    >>> k2 = getKey(name)
+    >>> k1 == k2
+    True
+
+    :param string filename: The filename to store the secret key in.
+    :rtype: bytes
+    :returns: A byte string containing the secret key.
+    """
+    try:
+        fh = open(filename, 'rb')
+    except IOError:
+        key = OpenSSL.rand.bytes(32)
+        flags = os.O_WRONLY | os.O_TRUNC | os.O_CREAT | getattr(os, "O_BIN", 0)
+        with os.open(filename, flags, 0400) as fd:
+            os.write(fd, key)
+            os.fsync(fd)
+    else:
+        key = fh.read()
+        fh.close()
+    return key



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits