Work on secure identity keystorage using system keyring

2022-10-17 20:45:45 +00:00 · 2022-10-17 20:45:45 +00:00 · c2db671a85
commit c2db671a85
parent 9501d73546
6 changed files with 44 additions and 7 deletions
--- a/static-data/official-plugins/wot/cli/init.py
+++ b/static-data/official-plugins/wot/cli/init.py
@ -9,7 +9,7 @@ def list_idens():


 main_menu = {
-    'l': (list_idens, 'list identities'),
+    'l': (list_idens, 'list trusted identities'),
    'q': (do_quit, 'quit CLI')
 }

--- a/static-data/official-plugins/wot/main.py
+++ b/static-data/official-plugins/wot/main.py
@ -8,11 +8,10 @@ import locale
 from time import sleep
 from typing import Set, TYPE_CHECKING
 from threading import Thread, local
+
 from gossip.peerset import gossip_peer_set
-
-
 from logger import log as logging
-
+import config
 import onionrplugins
 from onionrplugins.pluginapis import plugin_apis

@ -37,6 +36,7 @@ along with this program.  If not, see <https://www.gnu.org/licenses/>.
 plugin_name = 'wot'
 PLUGIN_VERSION = '0.0.1'
 from wot.identity import identities
+from wot import wotkeyring
 from cli import main_ui
 from onionrplugins import plugin_apis

@ -45,6 +45,9 @@ from wot.loadfromblocks import load_identities_from_blocks


 def on_init(api, data=None):
+    def load_identity_from_config(identity_name: str):
+        identity_base85_key = config.get('wot.identity.{identity_name}')
+
    logging.info(
        f"Web of Trust Plugin v{PLUGIN_VERSION} enabled")

@ -56,6 +59,24 @@ def on_init(api, data=None):

    plugin_apis['rpc.add_module_to_api'](wot)

+    # load active identity, from there load our trust graph
+    active_identity = config.get('wot.active_identity_name', '')
+    if active_identity:
+        try:
+            script = sys.argv[0] + ' '
+        except IndexError:
+            script = ''
+        logging.info(
+            "Generate a web of trust identity with '{script}wot new" +
+            "<name>' and restart Onionr")
+        return
+    if config.get('wot.use_system_keyring', True):
+        iden = wotkeyring.get_identity_by_name(active_identity)
+    else:
+        # load from file
+        iden = load_identity_from_config(active_identity)
+
+

 def on_wot_cmd(api, data=None):
    main_ui()
--- a/static-data/official-plugins/wot/requirements.in
+++ b/static-data/official-plugins/wot/requirements.in
@ -1,2 +1,3 @@
 PyNaCl==1.5.0
 cffi==1.15.1
+keyring>=23.9.3
--- a/static-data/official-plugins/wot/wot/init.py
+++ b/static-data/official-plugins/wot/wot/init.py
@ -6,4 +6,3 @@ from .identity import Identity
 from .getbykey import get_identity_by_key
 from .identity import identities
 from .identity.identityset import serialize_identity_set
-
--- a/static-data/official-plugins/wot/wot/getbykey.py
+++ b/static-data/official-plugins/wot/wot/getbykey.py
@ -17,5 +17,3 @@ def get_identity_by_key(
        if bytes(identity.key) == bytes(key):
            return identity
    raise KeyError("Identity not found")
-
-get_identity_by_key
--- a/static-data/official-plugins/wot/wot/wotkeyring/init.py
+++ b/static-data/official-plugins/wot/wot/wotkeyring/init.py
@ -0,0 +1,18 @@
+import keyring
+
+from identity import Identity
+
+
+def get_identity_by_name(name: str) -> 'Identity':
+    iden_key = keyring.get_credential('onionr.wot', name)
+    if not iden_key:
+        raise KeyError('Identity not found')
+    return Identity(iden_key, name)
+
+
+def set_identity_by_name(identity: 'Identity', name: str) -> None:
+    if identity.private_key:
+        keyring.set_credential('onionr.wot', name, identity.private_key)
+    else:
+        raise ValueError('Cannot set identity with no private key')
+