[tor-commits] [bridgedb/develop] Separate key storage from crypto.getKey() to crypto.writeKeyToFile().
isis at torproject.org
isis at torproject.org
Sun Mar 16 16:38:45 UTC 2014
commit 7cd17a7fe7cc7a18407371fcff9083d79203caf5
Author: Isis Lovecruft <isis at torproject.org>
Date: Tue Mar 11 20:23:17 2014 +0000
Separate key storage from crypto.getKey() to crypto.writeKeyToFile().
* ADD a new function, bridgedb.crypto.writeKeyToFile(), which is merely the
keyfile writing logic from bridgedb.crypto.getKey().
---
lib/bridgedb/crypto.py | 26 +++++++++++++++++++++-----
1 file changed, 21 insertions(+), 5 deletions(-)
diff --git a/lib/bridgedb/crypto.py b/lib/bridgedb/crypto.py
index 054ec11..f5a95ec 100644
--- a/lib/bridgedb/crypto.py
+++ b/lib/bridgedb/crypto.py
@@ -40,6 +40,26 @@ import OpenSSL.rand
#: The hash digest to use for HMACs.
DIGESTMOD = hashlib.sha1
+
+def writeKeyToFile(key, filename):
+ """Write **key** to **filename**, with ``0400`` permissions.
+
+ If **filename** doesn't exist, it will be created. If it does exist
+ already, and is writable by the owner of the current process, then it will
+ be truncated to zero-length and overwritten.
+
+ :param bytes key: A key (or some other private data) to write to
+ **filename**.
+ :param str filename: The path of the file to write to.
+ :raises: Any exceptions which may occur.
+ """
+ logging.info("Writing key to file: %r" % filename)
+ flags = os.O_WRONLY | os.O_TRUNC | os.O_CREAT | getattr(os, "O_BIN", 0)
+ fd = os.open(filename, flags, 0400)
+ os.write(fd, key)
+ os.fsync(fd)
+ os.close(fd)
+
def getKey(filename):
"""Load the key stored in ``filename``, or create a new key.
@@ -69,11 +89,7 @@ def getKey(filename):
except IOError:
logging.debug("getKey(): Creating new secret key.")
key = OpenSSL.rand.bytes(32)
- flags = os.O_WRONLY | os.O_TRUNC | os.O_CREAT | getattr(os, "O_BIN", 0)
- fd = os.open(filename, flags, 0400)
- os.write(fd, key)
- os.fsync(fd)
- os.close(fd)
+ writeKeyToFile(key, filename)
else:
logging.debug("getKey(): Secret key file found. Loading...")
key = fh.read()
More information about the tor-commits
mailing list