[tor-commits] [bridgedb/master] Move getKey() to crypto module.
isis at torproject.org
isis at torproject.org
Sun Jan 12 06:06:31 UTC 2014
commit 808ff48c972e829d48232d393143acf41de9707d
Author: Isis Lovecruft <isis at torproject.org>
Date: Sat Oct 26 12:48:54 2013 +0000
Move getKey() to crypto module.
---
lib/bridgedb/Main.py | 33 ++----------------------------
lib/bridgedb/crypto.py | 53 ++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 55 insertions(+), 31 deletions(-)
diff --git a/lib/bridgedb/Main.py b/lib/bridgedb/Main.py
index 2b8e4f8..5701681 100644
--- a/lib/bridgedb/Main.py
+++ b/lib/bridgedb/Main.py
@@ -18,6 +18,7 @@ from twisted.internet import reactor
from bridgedb.parse import options
+import bridgedb.crypto
import bridgedb.Bridges as Bridges
import bridgedb.Dist as Dist
import bridgedb.Time as Time
@@ -148,36 +149,6 @@ def configureLogging(cfg):
logging.warn("Safe Logging: Disabled")
-def getKey(fname):
- """Load the key stored in fname, or create a new 32-byte key and store
- it in fname.
-
- >>> name = os.tmpnam()
- >>> os.path.exists(name)
- False
- >>> k1 = getKey(name)
- >>> os.path.exists(name)
- True
- >>> open(name).read() == k1
- True
- >>> k2 = getKey(name)
- >>> k1 == k2
- True
- """
- try:
- f = open(fname, 'rb')
- except IOError:
- k = os.urandom(32)
- flags = os.O_WRONLY|os.O_TRUNC|os.O_CREAT|getattr(os, "O_BIN", 0)
- fd = os.open(fname, flags, 0400)
- os.write(fd, k)
- os.close(fd)
- else:
- k = f.read()
- f.close()
-
- return k
-
def load(cfg, splitter, clear=False):
"""Read all the bridge files from cfg, and pass them into a splitter
object.
@@ -329,7 +300,7 @@ def startup(cfg, options):
from bridgedb import HTTPServer
# Load the master key, or create a new one.
- key = getKey(cfg.MASTER_KEY_FILE)
+ key = bridgedb.crypto.getKey(cfg.MASTER_KEY_FILE)
# Initialize our DB file.
db = bridgedb.Storage.Database(cfg.DB_FILE+".sqlite",
diff --git a/lib/bridgedb/crypto.py b/lib/bridgedb/crypto.py
new file mode 100644
index 0000000..ea00733
--- /dev/null
+++ b/lib/bridgedb/crypto.py
@@ -0,0 +1,53 @@
+# -*- coding: utf-8 -*-
+#
+# This file is part of BridgeDB, a Tor bridge distribution system.
+#
+# :authors: Isis Lovecruft 0xA3ADB67A2CDB8B35 <isis at torproject.org>
+# please also see AUTHORS file
+# :copyright: (c) 2007-2013, The Tor Project, Inc.
+# (c) 2007-2013, all entities within the AUTHORS file
+# :license: 3-clause BSD, see included LICENSE for information
+
+
+from __future__ import absolute_import
+from __future__ import unicode_literals
+
+import os
+
+import OpenSSL.rand
+
+
+def getKey(filename):
+ """Load the key stored in ``filename``, or create a new key.
+
+ If ``filename`` does not exist, create a new 32-byte key and store it in
+ ``filename``.
+
+ >>> name = os.tmpnam()
+ >>> os.path.exists(name)
+ False
+ >>> k1 = getKey(name)
+ >>> os.path.exists(name)
+ True
+ >>> open(name).read() == k1
+ True
+ >>> k2 = getKey(name)
+ >>> k1 == k2
+ True
+
+ :param string filename: The filename to store the secret key in.
+ :rtype: bytes
+ :returns: A byte string containing the secret key.
+ """
+ try:
+ fh = open(filename, 'rb')
+ except IOError:
+ key = OpenSSL.rand.bytes(32)
+ flags = os.O_WRONLY | os.O_TRUNC | os.O_CREAT | getattr(os, "O_BIN", 0)
+ with os.open(filename, flags, 0400) as fd:
+ os.write(fd, key)
+ os.fsync(fd)
+ else:
+ key = fh.read()
+ fh.close()
+ return key
More information about the tor-commits
mailing list