FlightDeck/cuddlefish/preflight.py

183 строки
7.2 KiB
Python
Исходник Обычный вид История

2010-11-13 01:47:25 +03:00
import os, sys
import base64
import hashlib
import simplejson as json
def my_b32encode(bytes):
# a paddingless prettier base32 encoder
return base64.b32encode(bytes).lower().strip("=")
def my_b32decode(s):
# add "=" until we have a multiple of 8 characters (i.e. 40 bits / 5 bytes)
padding = "=" * ((8-len(s)%8)%8)
return base64.b32decode(s.upper()+padding)
def remove_prefix(s, prefix, errormsg):
if not s.startswith(prefix):
raise ValueError(errormsg)
return s[len(prefix):]
def vk_to_jid(vk):
"""Return 'jid0-XYZ', where 'XYZ' is a string that securely identifies
a specific public key. To get a suitable add-on ID, append '@jetpack'
to this string.
"""
# per https://developer.mozilla.org/en/Install_Manifests#id all XPI id
# values must either be in the form of a 128-bit GUID (crazy braces
# and all) or in the form of an email address (crazy @ and all).
# Firefox will refuse to install an add-on with an id that doesn't
# match one of these forms. The actual regexp is at:
# http://mxr.mozilla.org/mozilla-central/source/toolkit/mozapps/extensions/XPIProvider.jsm#130
# So the JID needs an @-suffix, and the only legal punctuation is
# "-._". So we start with a base64 encoding, and replace the
# punctuation (+/) with letters (AB), losing a few bits of integrity.
# even better: windows has a maximum path length limitation of 256
# characters:
# http://msdn.microsoft.com/en-us/library/aa365247%28VS.85%29.aspx
# (unless all paths are prefixed with "\\?\", I kid you not). The
# typical install will put add-on code in a directory like:
# C:\Documents and Settings\<username>\Application Data\Mozilla\Firefox\Profiles\232353483.default\extensions\$JID\...
# (which is 108 chars long without the $JID).
# Then the unpacked XPI contains packaged resources like:
# resources/$JID-jetpack-core-lib/main.js (35 chars plus the $JID)
#
# We hash the pubkey into a 160 bit string, base64 encode that (with
# AB instead of +/ to be path-safe), then bundle it into
# "jid0-XYZ@jetpack". This gives us 40 characters. The resulting
# main.js will have a path length of 224 characters, leaving us 32
# characters of margin.
# if length were no issue, we'd prefer to use this:
# s = base64.b64encode(vk.to_string()).strip("=")
h = hashlib.sha256("jetpack-id-v0:"+vk.to_string()).digest()[:160/8]
s = base64.b64encode(h, "AB").strip("=")
jid = "jid0-" + s
return jid
def jid_to_programid(jid):
return jid + "@jetpack"
def create_key(keydir, name):
# return jid
from ecdsa import SigningKey, NIST256p
sk = SigningKey.generate(curve=NIST256p)
sk_text = "private-jid0-%s" % my_b32encode(sk.to_string())
vk = sk.get_verifying_key()
vk_text = "public-jid0-%s" % my_b32encode(vk.to_string())
jid = vk_to_jid(vk)
program_id = jid_to_programid(jid)
# save privkey to ~/.jetpack-keys/$jid
f = open(os.path.join(keydir, jid), "w")
f.write("private-key: %s\n" % sk_text)
f.write("public-key: %s\n" % vk_text)
f.write("jid: %s\n" % jid)
f.write("program-id: %s\n" % program_id)
f.write("name: %s\n" % name)
f.close()
return jid
def programid_to_jid(programid):
assert programid.endswith("@jetpack")
jid = programid[:-len("@jetpack")]
return jid
def check_for_privkey(keydir, jid, stderr):
if jid.startswith("anonid0-"):
return None
keypath = os.path.join(keydir, jid)
if not os.path.isfile(keypath):
msg = """\
Your package.json says our ID is:
%(jid)s
But I don't have a corresponding private key in:
%(keypath)s
If you are the original developer of this package and have recently copied
the source code from a different machine to this one, you should copy the
private key into the file named above.
Otherwise, if you are a new developer who has made a copy of an existing
package to use as a starting point, you need to remove the 'id' property
from package.json, so that we can generate a new id and keypair. This will
disassociate our new package from the old one.
If you're collaborating on the same addon with a team, make sure at least
one person on the team has the private key. In the future, you may not
be able to distribute your addon without it.
"""
print >>stderr, msg % {"jid": jid, "keypath": keypath}
return None
keylines = open(keypath, "r").readlines()
keydata = {}
for line in keylines:
line = line.strip()
if line:
k,v = line.split(":", 1)
keydata[k.strip()] = v.strip()
if "private-key" not in keydata:
raise ValueError("invalid keydata: can't find 'private-key' line")
sk_s = remove_prefix(keydata["private-key"], "private-jid0-",
errormsg="unable to parse private-key data")
from ecdsa import SigningKey, VerifyingKey, NIST256p
sk = SigningKey.from_string(my_b32decode(sk_s), curve=NIST256p)
vk = sk.get_verifying_key()
jid_2 = vk_to_jid(vk)
if jid_2 != jid:
raise ValueError("invalid keydata: private-key in %s does not match"
" public key for %s" % (keypath, jid))
vk_s = remove_prefix(keydata["public-key"], "public-jid0-",
errormsg="unable to parse public-key data")
vk2 = VerifyingKey.from_string(my_b32decode(vk_s), curve=NIST256p)
if vk.to_string() != vk2.to_string():
raise ValueError("invalid keydata: public-key mismatch")
return sk
def preflight_config(target_cfg, filename, stderr=sys.stderr, keydir=None,
err_if_privkey_not_found=True):
# check the top-level package.json for missing keys. We generate anything
# that we can, and ask the user for the rest.
if keydir is None:
keydir = os.path.expanduser("~/.jetpack/keys")
modified = False
config = json.load(open(filename, 'r'))
name = target_cfg["name"] # defaults to parentdir if not set
if "id" not in config:
print >>stderr, ("No 'id' in package.json: creating a new"
" keypair for you.")
if not os.path.isdir(keydir):
os.makedirs(keydir, 0700) # not world readable
jid = create_key(keydir, name)
config["id"] = jid
modified = True
# make sure we have the privkey: this catches the case where developer B
# copies an add-on from developer A and then (accidentally) tries to
# publish it without replacing the JID
sk = check_for_privkey(keydir, config["id"], stderr)
if not sk and err_if_privkey_not_found:
return False, False
if modified:
i = 0
backup = filename + ".backup"
while os.path.exists(backup):
if i > 1000:
raise ValueError("I'm having problems finding a good name"
" for the backup file. Please move %s out"
" of the way and try again."
% (filename + ".backup"))
backup = filename + ".backup-%d" % i
i += 1
os.rename(filename, backup)
new_json = json.dumps(config, indent=4)
open(filename, 'w').write(new_json+"\n")
return False, True
return True, False