Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add a crypto handler #26

Merged
merged 9 commits into from
Oct 12, 2022
Merged

Add a crypto handler #26

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
48d4669
Add a crypto handler
babolivier Sep 29, 2022
ac7e6e6
Use custom branch for olm bindings with mypy
babolivier Sep 29, 2022
884dcda
Incorporate review
babolivier Oct 3, 2022
5eddde5
Incorporate review
babolivier Oct 4, 2022
7883e9d
Lint
babolivier Oct 4, 2022
8a999d2
New olm release!
babolivier Oct 10, 2022
36201ed
Revert back to generating the pickle file automatically
babolivier Oct 11, 2022
2c53eb4
Incorporate review
babolivier Oct 12, 2022
11f7ed6
Update config.sample.yaml
babolivier Oct 12, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ deployment instructions) is the configuration format:
* `acceptedMimeType` is renamed `scan.allowed_mimetypes`
* `requestHeader` is renamed `download.additional_headers` and turned into a dictionary.

Note that the format of the cryptographic pickle file file and key are compatible between
Note that the format of the cryptographic pickle file and key are compatible between
this project and the legacy Matrix Content Scanner. If no file exist at that path one will
be created automatically.

Expand Down
1 change: 1 addition & 0 deletions config.sample.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,7 @@ download:
crypto:
# The path to the Olm pickle file. This file contains the key pair to use when
# encrypting and decrypting encrypted POST request bodies.
# The pickle file is automatically created at startup if it doesn't already exist.
babolivier marked this conversation as resolved.
Show resolved Hide resolved
# Required.
pickle_path: "./pickle"

Expand Down
18 changes: 9 additions & 9 deletions matrix_content_scanner/crypto.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,18 +52,12 @@ def __init__(self, mcs: "MatrixContentScanner") -> None:
# content.
raise ConfigError(
"Configured value for crypto.pickle_key is incorrect or pickle file"
" is corrupted (Olm error code: %s)" % e
f" is corrupted (Olm error code: {e})"
)

logger.info("Loaded Olm key pair from pickle file %s", path)

except OSError as e:
if not isinstance(e, FileNotFoundError):
raise ConfigError(
"Failed to read the pickle file at the location configured for"
" crypto.pickle_path (%s): %s" % (path, e)
)

except FileNotFoundError:
logger.info(
"Pickle file not found, generating a new Olm key pair and storing it in"
" pickle file %s",
Expand All @@ -81,9 +75,15 @@ def __init__(self, mcs: "MatrixContentScanner") -> None:
except OSError as e:
raise ConfigError(
"Failed to write the pickle file at the location configured for"
" crypto.pickle_path (%s): %s" % (path, e)
f" crypto.pickle_path ({path}): {e}"
)

except OSError as e:
raise ConfigError(
"Failed to read the pickle file at the location configured for"
f" crypto.pickle_path ({path}): {e}"
)

self.public_key = self._decryptor.public_key

def decrypt_body(self, ciphertext: str, mac: str, ephemeral: str) -> JsonDict:
Expand Down