summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordrebs <drebs@leap.se>2016-04-26 09:58:36 -0300
committerdrebs <drebs@leap.se>2016-04-26 22:40:09 -0300
commitc634874aeeb4a9950e77ed28c8b8e643246e6bbd (patch)
tree9567af43b50a1eff89745118af724c09fab25ebb
parentdaf515b0601f9ec2b0a8024b8a06a6814b45903d (diff)
[refactor] cleanup bootstrap process
-rw-r--r--client/src/leap/soledad/client/secrets.py89
-rw-r--r--common/src/leap/soledad/common/tests/test_crypto.py9
2 files changed, 45 insertions, 53 deletions
diff --git a/client/src/leap/soledad/client/secrets.py b/client/src/leap/soledad/client/secrets.py
index a72aac0d..16487572 100644
--- a/client/src/leap/soledad/client/secrets.py
+++ b/client/src/leap/soledad/client/secrets.py
@@ -190,21 +190,33 @@ class SoledadSecrets(object):
storage on server sequence has failed for some reason.
"""
# STAGE 1 - verify if secrets exist locally
- if not self._has_secret(): # try to load from local storage.
-
- # STAGE 2 - there are no secrets in local storage and this is the
- # first time we are running soledad with the specified
- # secrets_path. Try to fetch encrypted secrets from
- # server.
+ try:
+ logger.info("Trying to load secrets from local storage...")
+ self._load_secrets_from_local_file()
+ logger.info("Found secrets in local storage.")
+ return
+ except NoStorageSecret:
+ logger.info("Could not find secrets in local storage.")
+
+ # STAGE 2 - there are no secrets in local storage and this is the
+ # first time we are running soledad with the specified
+ # secrets_path. Try to fetch encrypted secrets from
+ # server.
+ try:
+ logger.info('Trying to fetch secrets from remote storage...')
self._download_crypto_secrets()
+ logger.info('Found secrets in remote storage.')
+ return
+ except NoStorageSecret:
+ logger.info("Could not find secrets in remote storage.")
- if not self._has_secret():
-
- # STAGE 3 - there are no secrets in server also, so we want to
- # generate the secrets and store them in the remote
- # db.
- self._gen_crypto_secrets()
- self._upload_crypto_secrets()
+ # STAGE 3 - there are no secrets in server also, so we want to
+ # generate the secrets and store them in the remote
+ # db.
+ logger.info("Generating secrets...")
+ self._gen_crypto_secrets()
+ logger.info("Uploading secrets...")
+ self._upload_crypto_secrets()
def _has_secret(self):
"""
@@ -213,21 +225,7 @@ class SoledadSecrets(object):
:return: Whether there's a storage secret for symmetric encryption.
:rtype: bool
"""
- logger.info("Checking if there's a secret in local storage...")
- if (self._secret_id is None or self._secret_id not in self._secrets) \
- and os.path.isfile(self._secrets_path):
- try:
- self._load_secrets() # try to load from disk
- except IOError as e:
- logger.warning(
- 'IOError while loading secrets from disk: %s' % str(e))
-
- if self.storage_secret is not None:
- logger.info("Found a secret in local storage.")
- return True
-
- logger.info("Could not find a secret in local storage.")
- return False
+ return self.storage_secret is not None
def _maybe_set_active_secret(self, active_secret):
"""
@@ -239,10 +237,16 @@ class SoledadSecrets(object):
active_secret = self._secrets.items()[0][0]
self.set_secret_id(active_secret)
- def _load_secrets(self):
+ def _load_secrets_from_local_file(self):
"""
Load storage secrets from local file.
+ :raise NoStorageSecret: Raised if there are no secrets available in
+ local storage.
"""
+ # check if secrets file exists and we can read it
+ if not os.path.isfile(self._secrets_path):
+ raise NoStorageSecret
+
# read storage secrets from file
content = None
with open(self._secrets_path, 'r') as f:
@@ -264,24 +268,21 @@ class SoledadSecrets(object):
def _download_crypto_secrets(self):
"""
- Downloads the crypto secrets.
- """
- logger.info(
- 'Trying to fetch cryptographic secrets from shared recovery '
- 'database...')
+ Download crypto secrets.
+ :raise NoStorageSecret: Raised if there are no secrets available in
+ remote storage.
+ """
+ doc = None
if self._shared_db.syncable:
doc = self._get_secrets_from_shared_db()
- else:
- doc = None
-
- if doc is not None:
- logger.info(
- 'Found cryptographic secrets in shared recovery '
- 'database.')
- _, active_secret = self._import_recovery_document(doc.content)
- self._maybe_set_active_secret(active_secret)
- self._store_secrets() # save new secrets in local file
+
+ if doc is None:
+ raise NoStorageSecret
+
+ _, active_secret = self._import_recovery_document(doc.content)
+ self._maybe_set_active_secret(active_secret)
+ self._store_secrets() # save new secrets in local file
def _gen_crypto_secrets(self):
"""
diff --git a/common/src/leap/soledad/common/tests/test_crypto.py b/common/src/leap/soledad/common/tests/test_crypto.py
index ca10a1e1..4fc3161d 100644
--- a/common/src/leap/soledad/common/tests/test_crypto.py
+++ b/common/src/leap/soledad/common/tests/test_crypto.py
@@ -133,15 +133,6 @@ class SoledadSecretsTestCase(BaseSoledadTest):
self.assertTrue(
sol.secrets._has_secret(),
"Should have a secret at this point")
- # setting secret id to None should not interfere in the fact we have a
- # secret.
- sol.secrets.set_secret_id(None)
- self.assertTrue(
- sol.secrets._has_secret(),
- "Should have a secret at this point")
- # but not being able to decrypt correctly should
- sol.secrets._secrets[sol.secrets.secret_id] = None
- self.assertFalse(sol.secrets._has_secret())
sol.close()