From e94e2f9d70224301f34b388578c68b951e74a72e Mon Sep 17 00:00:00 2001 From: Tom Hacohen Date: Tue, 26 May 2020 13:44:40 +0300 Subject: [PATCH] Add a separate pubkey/privatekey for sharing. It's separated from the login one so that encryption key and identity can be rotated separately. --- .../migrations/0006_auto_20200526_1040.py | 25 +++++++++++++++++++ django_etesync/models.py | 2 ++ django_etesync/serializers.py | 7 +++++- 3 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 django_etesync/migrations/0006_auto_20200526_1040.py diff --git a/django_etesync/migrations/0006_auto_20200526_1040.py b/django_etesync/migrations/0006_auto_20200526_1040.py new file mode 100644 index 0000000..84e8fa3 --- /dev/null +++ b/django_etesync/migrations/0006_auto_20200526_1040.py @@ -0,0 +1,25 @@ +# Generated by Django 3.0.3 on 2020-05-26 10:40 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('django_etesync', '0005_auto_20200526_1021'), + ] + + operations = [ + migrations.AddField( + model_name='userinfo', + name='encryptedSeckey', + field=models.BinaryField(default=b'', editable=True), + preserve_default=False, + ), + migrations.AddField( + model_name='userinfo', + name='pubkey', + field=models.BinaryField(default=b'', editable=True), + preserve_default=False, + ), + ] diff --git a/django_etesync/models.py b/django_etesync/models.py index 62c3868..edfb18d 100644 --- a/django_etesync/models.py +++ b/django_etesync/models.py @@ -175,6 +175,8 @@ class UserInfo(models.Model): owner = models.OneToOneField(settings.AUTH_USER_MODEL, on_delete=models.CASCADE, primary_key=True) version = models.PositiveSmallIntegerField(default=1) loginPubkey = models.BinaryField(editable=True, blank=False, null=False) + pubkey = models.BinaryField(editable=True, blank=False, null=False) + encryptedSeckey = models.BinaryField(editable=True, blank=False, null=False) salt = models.BinaryField(editable=True, blank=False, null=False) def __str__(self): diff --git a/django_etesync/serializers.py b/django_etesync/serializers.py index 5772000..bff20ad 100644 --- a/django_etesync/serializers.py +++ b/django_etesync/serializers.py @@ -326,9 +326,12 @@ class InvitationAcceptSerializer(serializers.Serializer): class UserSerializer(serializers.ModelSerializer): + pubkey = BinaryBase64Field(source='userinfo.pubkey') + encryptedSeckey = BinaryBase64Field(source='userinfo.encryptedSeckey') + class Meta: model = User - fields = (User.USERNAME_FIELD, User.EMAIL_FIELD) + fields = (User.USERNAME_FIELD, User.EMAIL_FIELD, 'pubkey', 'encryptedSeckey') class UserQuerySerializer(serializers.ModelSerializer): @@ -349,6 +352,8 @@ class AuthenticationSignupSerializer(serializers.Serializer): user = UserQuerySerializer(many=False) salt = BinaryBase64Field() loginPubkey = BinaryBase64Field() + pubkey = BinaryBase64Field() + encryptedSeckey = BinaryBase64Field() def create(self, validated_data): """Function that's called when this serializer creates an item"""