Use uuid instead of address.

author: drebs <drebs@leap.se> 2013-04-30 17:41:31 -0300
committer: drebs <drebs@leap.se> 2013-04-30 17:41:31 -0300
commit: 516a5adb4f8328bd94446f4ea7ad0bc9298d7bfb (patch)
tree: 7ce57bc0a824a31e519ee18cebe11e3e1918ef97 /src
parent: 1e9b0e85a5de03f399c0cf52f46458dc6e77e103 (diff)
6 files changed, 47 insertions, 86 deletions
diff --git a/src/leap/soledad/__init__.py b/src/leap/soledad/__init__.py
index be8a7054..7d2663e8 100644
--- a/src/leap/soledad/__init__.py
+++ b/src/leap/soledad/__init__.py
@@ -126,7 +126,7 @@ class Soledad(object):
     """
 
     SYMKEY_KEY = '_symkey'
-    ADDRESS_KEY = '_address'
+    UUID_KEY = '_uuid'
     """
     Key used to access symmetric keys in recovery documents.
     """
@@ -138,14 +138,14 @@ class Soledad(object):
     Prefix for default values for path.
     """
 
-    def __init__(self, address, passphrase, secret_path=None,
+    def __init__(self, uuid, passphrase, secret_path=None,
                  local_db_path=None, server_url=None, auth_token=None,
                  bootstrap=True):
         """
         Initialize configuration, cryptographic keys and dbs.
 
-        @param address: User's address in the form C{user@provider}.
-        @type address: str
+        @param uuid: User's uuid.
+        @type uuid: str
         @param passphrase: The passphrase for locking and unlocking encryption
             secrets for disk storage.
         @type passphrase: str
@@ -165,7 +165,7 @@ class Soledad(object):
         @type bootstrap: bool
         """
         # TODO: allow for fingerprint enforcing.
-        self._address = address
+        self._uuid = uuid
         self._passphrase = passphrase
         self._set_token(auth_token)
         self._init_config(secret_path, local_db_path, server_url)
@@ -243,7 +243,7 @@ class Soledad(object):
                 self._set_symkey(
                     self._crypto.decrypt_sym(
                         doc.content[self.KEY_SYMKEY],
-                        passphrase=self._address_hash()))
+                        passphrase=self._passphrase))
         # Stage 2 - Keys synchronization
         self._assert_keys_in_shared_db()
         # Stage 3 - Local database initialization
@@ -270,13 +270,13 @@ class Soledad(object):
         """
         Generate (if needed) and load secret for symmetric encryption.
         """
-        events.signal(events.events_pb2.SOLEDAD_CREATING_KEYS, self._address)
+        events.signal(events.events_pb2.SOLEDAD_CREATING_KEYS, self._uuid)
         # load/generate secret
         if not self._has_symkey():
             self._gen_symkey()
         self._load_symkey()
         events.signal(
-            events.events_pb2.SOLEDAD_DONE_CREATING_KEYS, self._address)
+            events.events_pb2.SOLEDAD_DONE_CREATING_KEYS, self._uuid)
 
     def _init_db(self):
         """
@@ -399,15 +399,15 @@ class Soledad(object):
         """
         self._gen_symkey()
 
-    def _address_hash(self):
+    def _uuid_hash(self):
         """
         Calculate a hash for storing/retrieving key material on shared
-        database, based on user's address.
+        database, based on user's uuid.
 
         @return: the hash
         @rtype: str
         """
-        return sha256('address-%s' % self._address).hexdigest()
+        return sha256('uuid-%s' % self._uuid).hexdigest()
 
     def _shared_db(self):
         """
@@ -427,10 +427,10 @@ class Soledad(object):
         @rtype: LeapDocument
         """
         events.signal(
-            events.events_pb2.SOLEDAD_DOWNLOADING_KEYS, self._address)
-        doc = self._shared_db().get_doc_unauth(self._address_hash())
+            events.events_pb2.SOLEDAD_DOWNLOADING_KEYS, self._uuid)
+        doc = self._shared_db().get_doc_unauth(self._uuid_hash())
         events.signal(
-            events.events_pb2.SOLEDAD_DONE_DOWNLOADING_KEYS, self._address)
+            events.events_pb2.SOLEDAD_DONE_DOWNLOADING_KEYS, self._uuid)
         return doc
 
     def _assert_keys_in_shared_db(self):
@@ -456,16 +456,16 @@ class Soledad(object):
                 'Local and remote symmetric secrets differ!')
         else:
             events.signal(
-                events.events_pb2.SOLEDAD_UPLOADING_KEYS, self._address)
+                events.events_pb2.SOLEDAD_UPLOADING_KEYS, self._uuid)
             content = {
                 self.SYMKEY_KEY: self._crypto.encrypt_sym(
                     self._symkey, self._passphrase),
             }
-            doc = LeapDocument(doc_id=self._address_hash())
+            doc = LeapDocument(doc_id=self._uuid_hash())
             doc.content = content
             self._shared_db().put_doc(doc)
             events.signal(
-                events.events_pb2.SOLEDAD_DONE_UPLOADING_KEYS, self._address)
+                events.events_pb2.SOLEDAD_DONE_UPLOADING_KEYS, self._uuid)
 
     #
     # Document storage, retrieval and sync.
@@ -719,7 +719,7 @@ class Soledad(object):
         @rtype: str
         """
         local_gen = self._db.sync(self.server_url, creds=self._creds, autocreate=True)
-        events.signal(events.events_pb2.SOLEDAD_DONE_DATA_SYNC, self._address)
+        events.signal(events.events_pb2.SOLEDAD_DONE_DATA_SYNC, self._uuid)
         return local_gen
 
     def need_sync(self, url):
@@ -737,7 +737,7 @@ class Soledad(object):
         # compare source generation with target's last known source generation
         if self._db._get_generation() != info[4]:
             events.signal(
-                events.events_pb2.SOLEDAD_NEW_DATA_TO_SYNC, self._address)
+                events.events_pb2.SOLEDAD_NEW_DATA_TO_SYNC, self._uuid)
             return True
         return False
 
@@ -749,7 +749,7 @@ class Soledad(object):
 
             self._{
                 'token': {
-                    'address': 'user@provider',
+                    'uuid': '<uuid>'
                     'token': '<token>'
             }
 
@@ -758,7 +758,7 @@ class Soledad(object):
         """
         self._creds = {
             'token': {
-                'address': self._address,
+                'uuid': self._uuid,
                 'token': token,
             }
         }
@@ -802,7 +802,7 @@ class Soledad(object):
         @rtype: str
         """
         data = json.dumps({
-            self.ADDRESS_KEY: self._address,
+            self.UUID_KEY: self._uuid,
             self.SYMKEY_KEY: self._symkey,
         })
         if passphrase:
@@ -828,7 +828,7 @@ class Soledad(object):
         if passphrase:
             data = self._crypto.decrypt_sym(data, passphrase=passphrase)
         data = json.loads(data)
-        self._address = data[self.ADDRESS_KEY]
+        self._uuid = data[self.UUID_KEY]
         self._symkey = data[self.SYMKEY_KEY]
         self._crypto.symkey = self._symkey
         self._store_symkey()
@@ -839,10 +839,10 @@ class Soledad(object):
     # Setters/getters
     #
 
-    def _get_address(self):
-        return self._address
+    def _get_uuid(self):
+        return self._uuid
 
-    address = property(_get_address, doc='The user address.')
+    uuid = property(_get_uuid, doc='The user uuid.')
 
     def _get_secret_path(self):
         return self._secret_path
diff --git a/src/leap/soledad/auth.py b/src/leap/soledad/auth.py
index 094278dc..080bb806 100644
--- a/src/leap/soledad/auth.py
+++ b/src/leap/soledad/auth.py
@@ -27,16 +27,16 @@ they can do token-based auth requests to the Soledad server.
 from u1db.remote.http_client import HTTPClientBase
 
 
-def set_token_credentials(self, address, token):
+def set_token_credentials(self, uuid, token):
     """
     Store given credentials so we can sign the request later.
 
-    @param address: The user's address.
-    @type address: str
+    @param uuid: The user's uuid.
+    @type uuid: str
     @param token: The authentication token.
     @type token: str
     """
-    self._creds = {'token': (address, token)}
+    self._creds = {'token': (uuid, token)}
 
 
 def _sign_request(self, method, url_query, params):
@@ -51,8 +51,8 @@ def _sign_request(self, method, url_query, params):
     @type param: list
     """
     if 'token' in self._creds:
-        address, token = self._creds['token']
-        auth = '%s:%s' % (address, token)
+        uuid, token = self._creds['token']
+        auth = '%s:%s' % (uuid, token)
         return [('Authorization', 'Token %s' % auth.encode('base64'))]
     else:
         return HTTPClientBase._sign_request(self, method, url_query, params)
diff --git a/src/leap/soledad/crypto.py b/src/leap/soledad/crypto.py
index c956f602..9d2227bd 100644
--- a/src/leap/soledad/crypto.py
+++ b/src/leap/soledad/crypto.py
@@ -49,20 +49,6 @@ class SoledadCrypto(object):
         self._pgp = openpgp.OpenPGPScheme(self._soledad)
         self._symkey = None
 
-    def encrypt_asym(self, data, key):
-        """
-        Encrypt data.
-
-        @param data: the data to be encrypted
-        @type data: str
-        @param key: the key to be used for encryption
-        @type key: str
-
-        @return: the encrypted data
-        @rtype: str
-        """
-        return openpgp.encrypt_asym(data, key)
-
     def encrypt_sym(self, data, passphrase):
         """
         Encrypt C{data} using a {password}.
@@ -77,21 +63,6 @@ class SoledadCrypto(object):
         """
         return openpgp.encrypt_sym(data, passphrase)
 
-    def decrypt_asym(self, data):
-        """
-        Decrypt data.
-
-        @param data: the data to be decrypted
-        @type data: str
-        @param passphrase: the passphrase to be used for decryption
-        @type passphrase: str
-
-        @return: the decrypted data
-        @rtype: str
-        """
-        key = self._pgp.get_key(self._soledad.address, private=True)
-        return openpgp.decrypt_asym(data, key)
-
     def decrypt_sym(self, data, passphrase):
         """
         Decrypt data using symmetric secret.
@@ -127,16 +98,6 @@ class SoledadCrypto(object):
         """
         return openpgp.is_encrypted_sym(data)
 
-    def is_encrypted_asym(self, data):
-        """
-        Test whether some chunk of data was encrypted to an OpenPGP private
-        key.
-
-        @return: whether data is encrypted to an OpenPGP private key
-        @rtype: bool
-        """
-        return openpgp.is_encrypted_asym(data)
-
     def passphrase_hash(self, suffix):
         """
         Generate a passphrase for symmetric encryption.
diff --git a/src/leap/soledad/server.py b/src/leap/soledad/server.py
index 3d3c6f69..38bf31fd 100644
--- a/src/leap/soledad/server.py
+++ b/src/leap/soledad/server.py
@@ -125,25 +125,25 @@ class SoledadAuthMiddleware(object):
             return self._error(
                 start_response, 401, "unauthorized",
                 "Missing Token Authentication")
-        address, token = encoded.decode('base64').split(':', 1)
+        uuid, token = encoded.decode('base64').split(':', 1)
         try:
-            self.verify_token(environ, address, token)
+            self.verify_token(environ, uuid, token)
         except Unauthorized:
             return self._error(
                 start_response, 401, "unauthorized",
-                "Incorrect address or token.")
+                "Incorrect uuid or token.")
         del environ['HTTP_AUTHORIZATION']
         shift_path_info(environ)
         return self.app(environ, start_response)
 
-    def verify_token(self, environ, address, token):
+    def verify_token(self, environ, uuid, token):
         """
         Verify if token is valid for authenticating this request.
 
         @param environ: Dictionary containing CGI variables.
         @type environ: dict
-        @param token: The user address.
-        @type token: str
+        @param uuid: The user's uuid.
+        @type uuid: str
         @param token: The authentication token.
         @type token: str
 
diff --git a/src/leap/soledad/tests/test_crypto.py b/src/leap/soledad/tests/test_crypto.py
index 322be622..abe32661 100644
--- a/src/leap/soledad/tests/test_crypto.py
+++ b/src/leap/soledad/tests/test_crypto.py
@@ -167,7 +167,7 @@ class EncryptedSyncTestCase(BaseSoledadTest):
 #        # setup credentials for access to soledad server
 #        creds = {
 #            'token': {
-#                'address': 'leap@leap.se',
+#                'uuid': 'leap@leap.se',
 #                'token': '1234',
 #            }
 #        }
@@ -189,7 +189,7 @@ class RecoveryDocumentTestCase(BaseSoledadTest):
         rd = self._soledad.export_recovery_document(None)
         self.assertEqual(
             {
-                self._soledad.ADDRESS_KEY: self._soledad._address,
+                self._soledad.UUID_KEY: self._soledad._uuid,
                 self._soledad.SYMKEY_KEY: self._soledad._symkey
             },
             json.loads(rd),
@@ -201,7 +201,7 @@ class RecoveryDocumentTestCase(BaseSoledadTest):
         self.assertEqual(True,
                          self._soledad._crypto.is_encrypted_sym(rd))
         data = {
-            self._soledad.ADDRESS_KEY: self._soledad._address,
+            self._soledad.UUID_KEY: self._soledad._uuid,
             self._soledad.SYMKEY_KEY: self._soledad._symkey,
         }
         raw_data = json.loads(self._soledad._crypto.decrypt_sym(
@@ -224,8 +224,8 @@ class RecoveryDocumentTestCase(BaseSoledadTest):
         s._init_dirs()
         s._crypto = SoledadCrypto(s)
         s.import_recovery_document(rd, None)
-        self.assertEqual(self._soledad._address,
-                         s._address, 'Failed setting user email.')
+        self.assertEqual(self._soledad._uuid,
+                         s._uuid, 'Failed setting user uuid.')
         self.assertEqual(self._soledad._symkey,
                          s._symkey,
                          'Failed settinng secret for symmetric encryption.')
@@ -236,8 +236,8 @@ class RecoveryDocumentTestCase(BaseSoledadTest):
         s._init_dirs()
         s._crypto = SoledadCrypto(s)
         s.import_recovery_document(rd, '123456')
-        self.assertEqual(self._soledad._address,
-                         s._address, 'Failed setting user email.')
+        self.assertEqual(self._soledad._uuid,
+                         s._uuid, 'Failed setting user uuid.')
         self.assertEqual(self._soledad._symkey,
                          s._symkey,
                          'Failed settinng secret for symmetric encryption.')
diff --git a/src/leap/soledad/tests/test_soledad.py b/src/leap/soledad/tests/test_soledad.py
index 1ce9adb7..e7d34a87 100644
--- a/src/leap/soledad/tests/test_soledad.py
+++ b/src/leap/soledad/tests/test_soledad.py
@@ -105,7 +105,7 @@ class SoledadSharedDBTestCase(BaseSoledadTest):
         Ensure the shared db is queried with the correct doc_id.
         """
         self._soledad._shared_db = Mock()
-        doc_id = self._soledad._address_hash()
+        doc_id = self._soledad._uuid_hash()
         self._soledad._fetch_keys_from_shared_db()
         self.assertTrue(
             self._soledad._shared_db.get_doc_unauth.assert_called_once(doc_id),
@@ -128,7 +128,7 @@ class SoledadSharedDBTestCase(BaseSoledadTest):
                 return self
 
         self._soledad._shared_db = MockSharedDB()
-        doc_id = self._soledad._address_hash()
+        doc_id = self._soledad._uuid_hash()
         self._soledad._assert_keys_in_shared_db()
         self.assertTrue(
             self._soledad._shared_db().get_doc_unauth.assert_called_once_with(
author	drebs <drebs@leap.se>	2013-04-30 17:41:31 -0300
committer	drebs <drebs@leap.se>	2013-04-30 17:41:31 -0300
commit	516a5adb4f8328bd94446f4ea7ad0bc9298d7bfb (patch)
tree	7ce57bc0a824a31e519ee18cebe11e3e1918ef97 /src
parent	1e9b0e85a5de03f399c0cf52f46458dc6e77e103 (diff)