1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
|
# -*- coding: utf-8 -*-
# _secrets/__init__.py
# Copyright (C) 2016 LEAP
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import os
import scrypt
from collections import namedtuple
from leap.soledad.common.log import getLogger
from leap.soledad.client._secrets.storage import SecretsStorage
from leap.soledad.client._secrets.crypto import SecretsCrypto
from leap.soledad.client._secrets.util import emit, UserDataMixin
logger = getLogger(__name__)
SecretLength = namedtuple('SecretLength', 'name length')
class Secrets(UserDataMixin):
# remote secret is used
lengths = {
'remote_secret': 512, # remote_secret is used to encrypt remote data.
'local_salt': 64, # local_salt is used in conjunction with
'local_secret': 448, # local_secret to derive a local_key for storage
}
def __init__(self, soledad):
self._soledad = soledad
self._secrets = {}
self.crypto = SecretsCrypto(soledad)
self.storage = SecretsStorage(soledad)
self._bootstrap()
#
# bootstrap
#
def _bootstrap(self):
# attempt to load secrets from local storage
encrypted = self.storage.load_local()
if not encrypted:
# we have not found a secret stored locally, so this is a first run
# of soledad for this user in this device. It is mandatory that we
# check if there's a secret stored in server.
encrypted = self.storage.load_remote()
if encrypted:
# we found a secret either in local or in remote storage, so we
# have to decrypt it.
self._secrets = self.crypto.decrypt(encrypted)
if encrypted['version'] < self.crypto.VERSION:
# there is a format version for secret storage that is newer
# than the one we found (either in local or remote storage), so
# we re-encrypt and store with the newest version.
self.store_secrets()
else:
# we have *not* found a secret neither in local nor in remote
# storage, so we have to generate a new one, and store it.
self._secrets = self._generate()
self.store_secrets()
#
# generation
#
@emit('creating')
def _generate(self):
logger.info("generating new set of secrets...")
secrets = {}
for name, length in self.lengths.iteritems():
secret = os.urandom(length)
secrets[name] = secret
logger.info("new set of secrets successfully generated")
return secrets
#
# crypto
#
def store_secrets(self):
# TODO: we have to improve the logic here, as we want to make sure that
# whatever is stored locally should only be used after remote storage
# is successful. Otherwise, this soledad could start encrypting with a
# secret while another soledad in another device could start encrypting
# with another secret, which would lead to decryption failures during
# sync.
encrypted = self.crypto.encrypt(self._secrets)
self.storage.save_local(encrypted)
self.storage.save_remote(encrypted)
#
# secrets
#
@property
def remote_secret(self):
return self._secrets.get('remote_secret')
@property
def local_salt(self):
return self._secrets.get('local_salt')
@property
def local_secret(self):
return self._secrets.get('local_secret')
@property
def local_key(self):
# local storage key is scrypt-derived from `local_secret` and
# `local_salt` above
secret = scrypt.hash(
password=self.local_secret,
salt=self.local_salt,
buflen=32, # we need a key with 256 bits (32 bytes)
)
return secret
|
