insecure_client module

Insecure (and inefficient) client implementation.

This module implements an insecure client class InsecureClient. You can use this class as a guide for how to subclass from BaseClient and implement the necessary methods. Feel free to borrow as much or as little code from this implementation as you want, but remember that it is not secure – do not submit the insecure client as your secure client!

This implementation provides all of the functionality requirements of this project, but has no security properties at all. (Simply submitting this client will earn you 0 points on the project.)

This client gives each user their own “namespace” within the master server by concatenating the username, a slash, and then the filename and using that as the id for the storage server.

The client works by maintaining two types of objects on the server storage: pointers and data. A data object has the contents of a file. A pointer simply acts as a reference to the file. (If you’ve taken operating systems, you can think of pointers as symlinks.) When a user updates a file that is a pointer, she follows the pointers until a data file is reached, and then updates the corresponding data file. Sharing is simply providing the other user with a pointer to the file, and revocation removes the pointer. This satisfies the revocation properties that sub-children are also revoked.

class insecure_client.Client(storage_server, public_key_server, crypto_object, username)

Bases: base_client.BaseClient

An insecure reference implementation of a client.

download(name)

Returns the last value stored at name by the owner or anyone with whom it has been shared, or None if the file does not exist.

A secure client implementation of this method should meet all of the required properties listed in the project specification.

Parameters:name (str) – The name of the file. You can assume file names are alphanumeric (that is, they match the regex [A-Za-z0-9]+).
Returns:A string, the last value stored at name, or None if the file does not exist.
receive_share(from_username, newname, message)

Receive a share message generated by the share method of another client with username from_username. Once this is done, the client calling this method should now be able to access the shared file under the name newname.

A secure client implementation of this method should meet all of the required properties listed in the project specification.

share and receive_share work together as follows:

msg = alice.share("bob", filename)
bob.receive_share("alice", msg, newfilename)
Parameters:
  • from_username (str) – The username of the sharing client.
  • newname (str) – The new filename under which this client will access the file.
  • message (str) – The message generated by the sharing client’s share method.
resolve(uid)
revoke(user, name)

Revokes user’s access to the file name.

user should not be able to observe new updated to name, and should not be able update it.

Anyone with whom user shared this file should also be revoked.

You may not send any messages during revocation.

A secure client implementation of this method should meet all of the required properties listed in the project specification.

Parameters:
  • user (str) – The username of the user whose access will be revoked
  • name (str) – The name of the file
share(user, name)

Share a file name with user.

A secure client implementation of this method should meet all of the required properties listed in the project specification.

share and receive_share work together as follows:

msg = alice.share("bob", filename)
bob.receive_share("alice", msg, newfilename)
Parameters:
  • user (str) – The username of the user you are sharing with.
  • name (str) – The name of the file you are sharing with user.
Returns:

A string, containing the message to give to user through an out-of-band channel that will let them access the file.
upload(name, value)

Places the string value at name so that future calls to download for name return value.

A secure client implementation of this method should meet all of the required properties listed in the project specification.

Parameters:
  • name (str) – The name of the file. You can assume file names are alphanumeric (that is, they match the regex [A-Za-z0-9]+).
  • value (str) – The value to upload.
insecure_client.path_join(*strings)

Joins a list of strings putting a “/” between each.

Parameters:strings – a list of strings to join
Returns:a string