Home Explore Help
Sign In
RISCI_ATOM
/
sydent
mirror of https://github.com/matrix-org/sydent.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: 1492c1c2fc
Branches Tags
sydent
/
sydent
/
config
/
crypto.py

crypto.py 2.3 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071 
  1. # Copyright 2021 The Matrix.org Foundation C.I.C.
    2. 

  2. #
    3. 

  3. # Licensed under the Apache License, Version 2.0 (the "License");
    4. 

  4. # you may not use this file except in compliance with the License.
    5. 

  5. # You may obtain a copy of the License at
    6. 

  6. #
    7. 

  7. #     http://www.apache.org/licenses/LICENSE-2.0
    8. 

  8. #
    9. 

  9. # Unless required by applicable law or agreed to in writing, software
    10. 

  10. # distributed under the License is distributed on an "AS IS" BASIS,
    11. 

  11. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12. 

  12. # See the License for the specific language governing permissions and
    13. 

  13. # limitations under the License.
    14. 

  14. 

  15. 

  16. import logging
    17. 

  17. from typing import TYPE_CHECKING
    18. 

  18. 

  19. import nacl
    20. 

  20. import signedjson.key
    21. 

  21. 

  22. if TYPE_CHECKING:
    23. 

  23.     from configparser import ConfigParser
    24. 

  24. 

  25. logger = logging.getLogger(__name__)
    26. 

  26. 

  27. 

  28. class CryptoConfig:
    29. 

  29.     def parse_config(self, cfg: "ConfigParser") -> None:
    30. 

  30.         """
    31. 

  31.         Parse the crypto section of the config
    32. 

  32.         :param cfg: the configuration to be parsed
    33. 

  33.         """
    34. 

  34. 

  35.         signing_key_str = cfg.get("crypto", "ed25519.signingkey")
    36. 

  36.         signing_key_parts = signing_key_str.split(" ")
    37. 

  37. 

  38.         self.save_key = False
    39. 

  39. 

  40.         if signing_key_str == "":
    41. 

  41.             logger.info(
    42. 

  42.                 "This server does not yet have an ed25519 signing key. "
    43. 

  43.                 "Creating one and saving it in the config file."
    44. 

  44.             )
    45. 

  45. 

  46.             self.signing_key = signedjson.key.generate_signing_key("0")
    47. 

  47. 

  48.             self.save_key = True
    49. 

  49.         elif len(signing_key_parts) == 1:
    50. 

  50.             # old format key
    51. 

  51.             logger.info("Updating signing key format: brace yourselves")
    52. 

  52. 

  53.             self.signing_key = nacl.signing.SigningKey(
    54. 

  54.                 signing_key_str, encoder=nacl.encoding.HexEncoder
    55. 

  55.             )
    56. 

  56.             self.signing_key.version = "0"
    57. 

  57.             self.signing_key.alg = signedjson.key.NACL_ED25519
    58. 

  58. 

  59.             self.save_key = True
    60. 

  60.         else:
    61. 

  61.             self.signing_key = signedjson.key.decode_signing_key_base64(
    62. 

  62.                 signing_key_parts[0], signing_key_parts[1], signing_key_parts[2]
    63. 

  63.             )
    64. 

  64. 

  65.         if self.save_key:
    66. 

  66.             signing_key_str = "%s %s %s" % (
    67. 

  67.                 self.signing_key.alg,
    68. 

  68.                 self.signing_key.version,
    69. 

  69.                 signedjson.key.encode_signing_key_base64(self.signing_key),
    70. 

  70.             )
    71. 

  71.             cfg.set("crypto", "ed25519.signingkey", signing_key_str)
    72.