Work on secure identity keystorage using system keyring

This commit is contained in:
Kevin F 2022-10-17 20:45:45 +00:00
parent 9501d73546
commit c2db671a85
6 changed files with 44 additions and 7 deletions

View File

@ -9,7 +9,7 @@ def list_idens():
main_menu = { main_menu = {
'l': (list_idens, 'list identities'), 'l': (list_idens, 'list trusted identities'),
'q': (do_quit, 'quit CLI') 'q': (do_quit, 'quit CLI')
} }

View File

@ -8,11 +8,10 @@ import locale
from time import sleep from time import sleep
from typing import Set, TYPE_CHECKING from typing import Set, TYPE_CHECKING
from threading import Thread, local from threading import Thread, local
from gossip.peerset import gossip_peer_set from gossip.peerset import gossip_peer_set
from logger import log as logging from logger import log as logging
import config
import onionrplugins import onionrplugins
from onionrplugins.pluginapis import plugin_apis from onionrplugins.pluginapis import plugin_apis
@ -37,6 +36,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
plugin_name = 'wot' plugin_name = 'wot'
PLUGIN_VERSION = '0.0.1' PLUGIN_VERSION = '0.0.1'
from wot.identity import identities from wot.identity import identities
from wot import wotkeyring
from cli import main_ui from cli import main_ui
from onionrplugins import plugin_apis from onionrplugins import plugin_apis
@ -45,6 +45,9 @@ from wot.loadfromblocks import load_identities_from_blocks
def on_init(api, data=None): def on_init(api, data=None):
def load_identity_from_config(identity_name: str):
identity_base85_key = config.get('wot.identity.{identity_name}')
logging.info( logging.info(
f"Web of Trust Plugin v{PLUGIN_VERSION} enabled") f"Web of Trust Plugin v{PLUGIN_VERSION} enabled")
@ -56,6 +59,24 @@ def on_init(api, data=None):
plugin_apis['rpc.add_module_to_api'](wot) plugin_apis['rpc.add_module_to_api'](wot)
# load active identity, from there load our trust graph
active_identity = config.get('wot.active_identity_name', '')
if active_identity:
try:
script = sys.argv[0] + ' '
except IndexError:
script = ''
logging.info(
"Generate a web of trust identity with '{script}wot new" +
"<name>' and restart Onionr")
return
if config.get('wot.use_system_keyring', True):
iden = wotkeyring.get_identity_by_name(active_identity)
else:
# load from file
iden = load_identity_from_config(active_identity)
def on_wot_cmd(api, data=None): def on_wot_cmd(api, data=None):
main_ui() main_ui()

View File

@ -1,2 +1,3 @@
PyNaCl==1.5.0 PyNaCl==1.5.0
cffi==1.15.1 cffi==1.15.1
keyring>=23.9.3

View File

@ -6,4 +6,3 @@ from .identity import Identity
from .getbykey import get_identity_by_key from .getbykey import get_identity_by_key
from .identity import identities from .identity import identities
from .identity.identityset import serialize_identity_set from .identity.identityset import serialize_identity_set

View File

@ -17,5 +17,3 @@ def get_identity_by_key(
if bytes(identity.key) == bytes(key): if bytes(identity.key) == bytes(key):
return identity return identity
raise KeyError("Identity not found") raise KeyError("Identity not found")
get_identity_by_key

View File

@ -0,0 +1,18 @@
import keyring
from identity import Identity
def get_identity_by_name(name: str) -> 'Identity':
iden_key = keyring.get_credential('onionr.wot', name)
if not iden_key:
raise KeyError('Identity not found')
return Identity(iden_key, name)
def set_identity_by_name(identity: 'Identity', name: str) -> None:
if identity.private_key:
keyring.set_credential('onionr.wot', name, identity.private_key)
else:
raise ValueError('Cannot set identity with no private key')