Moul · 41b60ea4
--- a/duniterpy/key/signing_key.py

+ 27

− 19
+++ b/duniterpy/key/signing_key.py

+ 27

− 19
 @@ -14,8 +14,10 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.

 import base64
+import os
 import re
 from hashlib import scrypt, sha256
+from pathlib import Path
 from typing import Optional, Type, TypeVar, Union

 import libnacl.sign
 @@ -35,6 +37,10 @@ from .scrypt_params import ScryptParams
 SigningKeyType = TypeVar("SigningKeyType", bound="SigningKey")


+def opener_user_rw(path, flags):
+    return os.open(path, flags, 0o600)
+
+
 class SigningKey(libnacl.sign.Signer):
    def __init__(self, seed: bytes) -> None:
        """
 @@ -78,7 +84,7 @@ class SigningKey(libnacl.sign.Signer):
    @classmethod
    def from_credentials_file(
        cls: Type[SigningKeyType],
-        path: str,
+        path: Union[Path, str],
        scrypt_params: Optional[ScryptParams] = None,
    ) -> SigningKeyType:
        """
 @@ -91,7 +97,7 @@ class SigningKey(libnacl.sign.Signer):
        :return:
        """
        # capture credentials from file
-        with open(path, encoding="utf-8") as fh:
+        with open(path, encoding="utf-8", opener=opener_user_rw) as fh:
            lines = fh.readlines()
            assert len(lines) > 1
            salt = lines[0].strip()
 @@ -99,22 +105,22 @@ class SigningKey(libnacl.sign.Signer):

        return cls.from_credentials(salt, password, scrypt_params)

-    def save_seedhex_file(self, path: str) -> None:
+    def save_seedhex_file(self, path: Union[Path, str]) -> None:
        """
        Save hexadecimal seed file from seed

        :param path: Authentication file path
        """
        seedhex = convert_seed_to_seedhex(self.seed)
-        with open(path, "w", encoding="utf-8") as fh:
+        with open(path, "w", encoding="utf-8", opener=opener_user_rw) as fh:
            fh.write(seedhex)

    @staticmethod
-    def from_seedhex_file(path: str) -> Type[SigningKeyType]:
+    def from_seedhex_file(path: Union[Path, str]) -> Type[SigningKeyType]:
        """
        Return SigningKey instance from Seedhex file

-        :param str path: Hexadecimal seed file path
+        :param path: Hexadecimal seed file path
        """
        with open(path, encoding="utf-8") as fh:
            seedhex = fh.read()
 @@ -135,7 +141,7 @@ class SigningKey(libnacl.sign.Signer):
        seed = convert_seedhex_to_seed(seedhex)
        return cls(seed)

-    def save_private_key(self, path: str) -> None:
+    def save_private_key(self, path: Union[Path, str]) -> None:
        """
        Save authentication file

 @@ -144,7 +150,7 @@ class SigningKey(libnacl.sign.Signer):
        self.save(path)

    @staticmethod
-    def from_private_key(path: str) -> Type[SigningKeyType]:
+    def from_private_key(path: Union[Path, str]) -> Type[SigningKeyType]:
        """
        Read authentication file
        Add public key attribute
 @@ -170,13 +176,15 @@ class SigningKey(libnacl.sign.Signer):
        )

    @classmethod
-    def from_pubsec_file(cls: Type[SigningKeyType], path: str) -> SigningKeyType:
+    def from_pubsec_file(
+        cls: Type[SigningKeyType], path: Union[Path, str]
+    ) -> SigningKeyType:
        """
        Return SigningKey instance from Duniter WIF file

        :param path: Path to WIF file
        """
-        with open(path, encoding="utf-8") as fh:
+        with open(path, encoding="utf-8", opener=opener_user_rw) as fh:
            pubsec_content = fh.read()

        # line patterns
 @@ -201,7 +209,7 @@ class SigningKey(libnacl.sign.Signer):

        return cls(seed)

-    def save_pubsec_file(self, path: str) -> None:
+    def save_pubsec_file(self, path: Union[Path, str]) -> None:
        """
        Save a Duniter PubSec file (PubSec) v1

 @@ -218,12 +226,12 @@ class SigningKey(libnacl.sign.Signer):
 Version: {version}\n\
 pub: {self.pubkey}\n\
 sec: {base58_signing_key}"
-        with open(path, "w", encoding="utf-8") as fh:
+        with open(path, "w", encoding="utf-8", opener=opener_user_rw) as fh:
            fh.write(content)

    @staticmethod
    def from_wif_or_ewif_file(
-        path: str, password: Optional[str] = None
+        path: Union[Path, str], password: Optional[str] = None
    ) -> Type[SigningKeyType]:
        """
        Return SigningKey instance from Duniter WIF or EWIF file
 @@ -268,7 +276,7 @@ sec: {base58_signing_key}"
        return result

    @staticmethod
-    def from_wif_file(path: str) -> Type[SigningKeyType]:
+    def from_wif_file(path: Union[Path, str]) -> Type[SigningKeyType]:
        """
        Return SigningKey instance from Duniter WIF file

 @@ -315,7 +323,7 @@ sec: {base58_signing_key}"

        return cls(seed)

-    def save_wif_file(self, path: str) -> None:
+    def save_wif_file(self, path: Union[Path, str]) -> None:
        """
        Save a Wallet Import Format file (WIF) v1

 @@ -338,11 +346,11 @@ sec: {base58_signing_key}"
        content = f"Type: WIF\n\
 Version: {version}\n\
 Data: {wif_key}"
-        with open(path, "w", encoding="utf-8") as fh:
+        with open(path, "w", encoding="utf-8", opener=opener_user_rw) as fh:
            fh.write(content)

    @staticmethod
-    def from_ewif_file(path: str, password: str) -> Type[SigningKeyType]:
+    def from_ewif_file(path: Union[Path, str], password: str) -> Type[SigningKeyType]:
        """
        Return SigningKey instance from Duniter EWIF file

 @@ -421,7 +429,7 @@ Data: {wif_key}"

        return cls(seed)

-    def save_ewif_file(self, path: str, password: str) -> None:
+    def save_ewif_file(self, path: Union[Path, str], password: str) -> None:
        """
        Save an Encrypted Wallet Import Format file (WIF v2)

 @@ -468,7 +476,7 @@ Data: {wif_key}"
        content = f"Type: EWIF\n\
 Version: {version}\n\
 Data: {ewif_key}"
-        with open(path, "w", encoding="utf-8") as fh:
+        with open(path, "w", encoding="utf-8", opener=opener_user_rw) as fh:
            fh.write(content)

    @classmethod