summaryrefslogtreecommitdiff
path: root/src/leap/bitmask/backend/utils.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/leap/bitmask/backend/utils.py')
-rw-r--r--src/leap/bitmask/backend/utils.py61
1 files changed, 61 insertions, 0 deletions
diff --git a/src/leap/bitmask/backend/utils.py b/src/leap/bitmask/backend/utils.py
new file mode 100644
index 00000000..54a16fd7
--- /dev/null
+++ b/src/leap/bitmask/backend/utils.py
@@ -0,0 +1,61 @@
+# -*- coding: utf-8 -*-
+# utils.py
+# Copyright (C) 2013, 2014 LEAP
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+"""
+Backend utilities to handle ZMQ certificates.
+"""
+import os
+import shutil
+
+import zmq.auth
+
+from leap.bitmask.util import get_path_prefix
+from leap.common.files import mkdir_p
+
+KEYS_DIR = os.path.join(get_path_prefix(), 'leap', 'zmq_certificates')
+
+
+def generate_certificates():
+ """
+ Generate client and server CURVE certificate files.
+ """
+ # Create directory for certificates, remove old content if necessary
+ if os.path.exists(KEYS_DIR):
+ shutil.rmtree(KEYS_DIR)
+ mkdir_p(KEYS_DIR)
+
+ # create new keys in certificates dir
+ # public_file, secret_file = create_certificates(...)
+ zmq.auth.create_certificates(KEYS_DIR, "frontend")
+ zmq.auth.create_certificates(KEYS_DIR, "backend")
+
+
+def get_frontend_certificates():
+ """
+ Return the frontend's public and secret certificates.
+ """
+ frontend_secret_file = os.path.join(KEYS_DIR, "frontend.key_secret")
+ public, secret = zmq.auth.load_certificate(frontend_secret_file)
+ return public, secret
+
+
+def get_backend_certificates(base_dir='.'):
+ """
+ Return the backend's public and secret certificates.
+ """
+ backend_secret_file = os.path.join(KEYS_DIR, "backend.key_secret")
+ public, secret = zmq.auth.load_certificate(backend_secret_file)
+ return public, secret
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-10 21:48:57 +0000