upstream/ipython Commit - r14860:98aa10c5

Notaries sign notebooks now

MinRK -

r14860:98aa10c5

parent child

IPython/html/notebookapp.py

0 +1 -1

                          self.exit(1)
                      with io.open(notebook_path, encoding='utf8') as f:
                          nb = current.read(f, 'json')
-                     sign.trust_notebook(nb, self.notary.secret, self.notary.signature_scheme)
+                     self.notary.sign(nb)
                      with io.open(notebook_path, 'w', encoding='utf8') as f:
                          current.write(nb, f, 'json')

IPython/html/services/notebooks/filenbmanager.py

0 +9 -3

                              except Exception as e:
                                  raise web.HTTPError(400, u"Unreadable Notebook: %s %s" % (os_path, e))
                          model['content'] = nb
-                         sign.mark_trusted_cells(nb, self.notary.secret, self.notary.scheme)
+                         trusted = self.notary.check_signature(nb)
+                         if not trusted:
+                             self.log.warn("Notebook %s/%s is not trusted", model['path'], model['name'])
+                         self.notary.mark_cells(nb, trusted)
                      return model
                  def save_notebook_model(self, model, name='', path=''):
                      os_path = self.get_os_path(new_name, new_path)
                      nb = current.to_notebook_json(model['content'])
-                     if sign.check_trusted_cells(nb):
-                         sign.trust_notebook(nb, self.notary.secret, self.notary.scheme)
+                     if self.notary.check_cells(nb):
+                         self.notary.sign(nb)
+                     else:
+                         self.log.warn("Saving untrusted notebook %s/%s", new_path, new_name)
                      if 'name' in nb['metadata']:
                          nb['metadata']['name'] = u''

IPython/nbformat/sign.py

0 +76 -72

              from IPython.utils.py3compat import string_types, unicode_type, cast_bytes
              from IPython.config import LoggingConfigurable
-             from IPython.utils.traitlets import Instance, Bytes, Enum
+             from IPython.utils.traitlets import Instance, Bytes, Enum, Any, Unicode
              #-----------------------------------------------------------------------------
              # Code
                          nb['metadata']['signature'] = save_signature
-             def notebook_signature(nb, secret, scheme):
+             class NotebookNotary(LoggingConfigurable):
+                 """A class for computing and verifying notebook signatures."""
+                 profile_dir = Instance("IPython.core.profiledir.ProfileDir")
+                 def _profile_dir_default(self):
+                     from IPython.core.application import BaseIPythonApplication
+                     if BaseIPythonApplication.initialized():
+                         app = BaseIPythonApplication.instance()
+                     else:
+                         # create an app, without the global instance
+                         app = BaseIPythonApplication()
+                         app.initialize()
+                     return app.profile_dir
+                 algorithm = Enum(hashlib.algorithms, default_value='sha256', config=True,
+                     help="""The hashing algorithm used to sign notebooks."""
+                 )
+                 def _algorithm_changed(self, name, old, new):
+                     self.digestmod = getattr(hashlib, self.algorithm)
+                 digestmod = Any()
+                 def _digestmod_default(self):
+                     return getattr(hashlib, self.algorithm)
+                 secret_file = Unicode()
+                 def _secret_file_default(self):
+                     if self.profile_dir is None:
+                         return ''
+                     return os.path.join(self.profile_dir.security_dir, 'notebook_secret')
+                 secret = Bytes(config=True,
+                     help="""The secret key with which notebooks are signed."""
+                 )
+                 def _secret_default(self):
+                     # note : this assumes an Application is running
+                     if os.path.exists(self.secret_file):
+                         with io.open(self.secret_file, 'rb') as f:
+                             return f.read()
+                     else:
+                         secret = base64.encodestring(os.urandom(1024))
+                         self._write_secret_file(secret)
+                         return secret
+                 def _write_secret_file(self, secret):
+                     """write my secret to my secret_file"""
+                     self.log.info("Writing output secret to %s", self.secret_file)
+                     with io.open(self.secret_file, 'wb') as f:
+                         f.write(secret)
+                     try:
+                         os.chmod(self.secret_file, 0o600)
+                     except OSError:
+                         self.log.warn(
+                             "Could not set permissions on %s",
+                             self.secret_file
+                         )
+                     return secret
+                 def compute_signature(self, nb):
                  """Compute a notebook's signature
                  by hashing the entire contents of the notebook via HMAC digest.
-                 scheme is the hashing scheme, which must be an attribute of the hashlib module,
-                 as listed in hashlib.algorithms.
                  """
-                 hmac = HMAC(secret, digestmod=getattr(hashlib, scheme))
+                     hmac = HMAC(self.secret, digestmod=self.digestmod)
                  # don't include the previous hash in the content to hash
                  with signature_removed(nb):
                      # sign the whole thing
                  return hmac.hexdigest()
-             def check_notebook_signature(nb, secret, scheme):
+                 def check_signature(self, nb):
                  """Check a notebook's stored signature
                  If a signature is stored in the notebook's metadata,
                      or not isinstance(stored_signature, string_types) \
                      or ':' not in stored_signature:
                      return False
-                 stored_scheme, sig = stored_signature.split(':', 1)
-                 if scheme != stored_scheme:
-                     return False
-                 try:
-                     my_signature = notebook_signature(nb, secret, scheme)
-                 except AttributeError:
+                     stored_algo, sig = stored_signature.split(':', 1)
+                     if self.algorithm != stored_algo:
                      return False
+                     my_signature = self.compute_signature(nb)
                  return my_signature == sig
+                 def sign(self, nb):
+                     """Sign a notebook, indicating that its output is trusted
-             def trust_notebook(nb, secret, scheme):
-                 """Re-sign a notebook, indicating that its output is trusted
-                 stores 'scheme:hmac-hexdigest' in notebook.metadata.signature
+                     stores 'algo:hmac-hexdigest' in notebook.metadata.signature
                  e.g. 'sha256:deadbeef123...'
                  """
-                 signature = notebook_signature(nb, secret, scheme)
-                 nb['metadata']['signature'] = "%s:%s" % (scheme, signature)
+                     signature = self.compute_signature(nb)
+                     nb['metadata']['signature'] = "%s:%s" % (self.algorithm, signature)
-             def mark_trusted_cells(nb, secret, scheme):
+                 def mark_cells(self, nb, trusted):
                  """Mark cells as trusted if the notebook's signature can be verified
                  Sets ``cell.trusted = True | False`` on all code cells,
                  depending on whether the stored signature can be verified.
+                     This function is the inverse of check_cells
                  """
                  if not nb['worksheets']:
                      # nothing to mark if there are no cells
-                     return True
-                 trusted = check_notebook_signature(nb, secret, scheme)
+                         return
                  for cell in nb['worksheets'][0]['cells']:
                      if cell['cell_type'] == 'code':
                          cell['trusted'] = trusted
-                 return trusted
-             def check_trusted_cells(nb):
+                 def check_cells(self, nb):
                  """Return whether all code cells are trusted
                  If there are no code cells, return True.
+                     This function is the inverse of mark_cells.
                  """
                  if not nb['worksheets']:
                      return True
                  return True
-             class NotebookNotary(LoggingConfigurable):
-                 """A class for configuring notebook signatures
-                 It stores the secret with which to sign notebooks,
-                 and the hashing scheme to use for notebook signatures.
-                 """
-                 scheme = Enum(hashlib.algorithms, default_value='sha256', config=True,
-                     help="""The hashing algorithm used to sign notebooks."""
+                 )
-                 profile_dir = Instance("IPython.core.profiledir.ProfileDir")
-                 def _profile_dir_default(self):
-                     from IPython.core.application import BaseIPythonApplication
-                     if BaseIPythonApplication.initialized():
-                         app = BaseIPythonApplication.instance()
-                     else:
-                         # create an app, without the global instance
-                         app = BaseIPythonApplication()
-                         app.initialize()
-                     return app.profile_dir
-                 secret = Bytes(config=True,
-                     help="""The secret key with which notebooks are signed."""
+                 )
-                 def _secret_default(self):
-                     # note : this assumes an Application is running
-                     profile_dir = self.profile_dir
-                     secret_file = os.path.join(profile_dir.security_dir, 'notebook_secret')
-                     if os.path.exists(secret_file):
-                         with io.open(secret_file, 'rb') as f:
-                             return f.read()
-                     else:
-                         secret = base64.encodestring(os.urandom(1024))
-                         self.log.info("Writing output secret to %s", secret_file)
-                         with io.open(secret_file, 'wb') as f:
-                             f.write(secret)
-                         try:
-                             os.chmod(secret_file, 0o600)
-                         except OSError:
-                             self.log.warn(
-                                 "Could not set permissions on %s",
-                                 secret_file
+                             )
-                         return secret
   No newline at end of file

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No reviewers

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages