|
|
|
@ -18,12 +18,20 @@ LOG_GET_SET = 0
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class Crypt(Logger):
|
|
|
|
|
def __init__(self,name=None,fn=None,cell=None,init_d=None,use_secret=CRYPT_USE_SECRET,path_secret=PATH_CRYPT_SECRET,encrypt_values=True,path_encrypt_key=PATH_CRYPT_SECRET_KEY):
|
|
|
|
|
def __init__(self,
|
|
|
|
|
name=None,
|
|
|
|
|
fn=None,
|
|
|
|
|
use_secret=CRYPT_USE_SECRET,
|
|
|
|
|
path_secret=PATH_CRYPT_SECRET,
|
|
|
|
|
encrypt_values=True,
|
|
|
|
|
encryptor_func=lambda x: x,
|
|
|
|
|
decryptor_func=lambda x: x):
|
|
|
|
|
|
|
|
|
|
# defaults
|
|
|
|
|
if not name and fn: name=os.path.basename(fn).replace('.','_')
|
|
|
|
|
self.name,self.fn,self.cell=name,fn,cell
|
|
|
|
|
self.encryptor_key = None
|
|
|
|
|
|
|
|
|
|
self.name,self.fn=name,fn
|
|
|
|
|
|
|
|
|
|
# use secret? for salting
|
|
|
|
|
if use_secret and path_secret:
|
|
|
|
|
if not os.path.exists(path_secret):
|
|
|
|
|
self.secret = get_random_binary_id()
|
|
|
|
@ -38,44 +46,10 @@ class Crypt(Logger):
|
|
|
|
|
self.secret = b''
|
|
|
|
|
|
|
|
|
|
self.encrypt_values = encrypt_values
|
|
|
|
|
|
|
|
|
|
if encrypt_values:
|
|
|
|
|
from komrade.backend.keymaker import make_key_discreet_str
|
|
|
|
|
from komrade.backend.keymaker import KomradeSymmetricKeyWithoutPassphrase
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if self.cell:
|
|
|
|
|
pass
|
|
|
|
|
elif path_encrypt_key:
|
|
|
|
|
if not os.path.exists(path_encrypt_key):
|
|
|
|
|
self.encryptor_key = KomradeSymmetricKeyWithoutPassphrase()
|
|
|
|
|
with open(path_encrypt_key,'wb') as of:
|
|
|
|
|
of.write(self.encryptor_key.data)
|
|
|
|
|
self.log(f'shhh! creating secret at {path_encrypt_key}:',make_key_discreet_str(self.encryptor_key.data_b64_s))
|
|
|
|
|
else:
|
|
|
|
|
with open(path_encrypt_key,'rb') as f:
|
|
|
|
|
self.encryptor_key = KomradeSymmetricKeyWithoutPassphrase(
|
|
|
|
|
key=f.read()
|
|
|
|
|
)
|
|
|
|
|
else:
|
|
|
|
|
self.log('cannot encrypt values!')
|
|
|
|
|
else:
|
|
|
|
|
self.encryptor_key=None
|
|
|
|
|
|
|
|
|
|
if self.encryptor_key and not self.cell: self.cell = self.encryptor_key.cell
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
self.encryptor_func=encryptor_func
|
|
|
|
|
self.decryptor_func=decryptor_func
|
|
|
|
|
self.store = FilesystemStore(self.fn)
|
|
|
|
|
if init_d:
|
|
|
|
|
for k,v in init_d.items():
|
|
|
|
|
try:
|
|
|
|
|
self.store.put(k,v)
|
|
|
|
|
except OSError as e:
|
|
|
|
|
self.log('!!',e)
|
|
|
|
|
self.log('!! key ->',k)
|
|
|
|
|
self.log('!! val ->',v)
|
|
|
|
|
raise KomradeException()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def log(self,*x):
|
|
|
|
|
if LOG_GET_SET:
|
|
|
|
@ -83,8 +57,6 @@ class Crypt(Logger):
|
|
|
|
|
|
|
|
|
|
def hash(self,binary_data):
|
|
|
|
|
return hasher(binary_data,self.secret)
|
|
|
|
|
# return b64encode(hashlib.sha256(binary_data + self.secret).hexdigest().encode()).decode()
|
|
|
|
|
# return zlib.adler32(binary_data)
|
|
|
|
|
|
|
|
|
|
def force_binary(self,k_b):
|
|
|
|
|
if k_b is None: return None
|
|
|
|
@ -100,20 +72,13 @@ class Crypt(Logger):
|
|
|
|
|
|
|
|
|
|
def package_val(self,k):
|
|
|
|
|
k_b = self.force_binary(k)
|
|
|
|
|
# if self.cell is not None:
|
|
|
|
|
# k_b = self.cell.encrypt(k_b)
|
|
|
|
|
# if not isBase64(k_b): k_b = b64encode(k_b)
|
|
|
|
|
if self.encrypt_values:
|
|
|
|
|
k_b = self.encryptor_func(k_b)
|
|
|
|
|
return k_b
|
|
|
|
|
|
|
|
|
|
def unpackage_val(self,k_b):
|
|
|
|
|
# from komrade import ThemisError
|
|
|
|
|
# try:
|
|
|
|
|
# if self.cell is not None:
|
|
|
|
|
# k_b = self.cell.decrypt(k_b)
|
|
|
|
|
# except ThemisError as e:
|
|
|
|
|
# self.log('error decrypting!',e,k_b)
|
|
|
|
|
# return
|
|
|
|
|
# if isBase64(k_b): k_b = b64decode(k_b)
|
|
|
|
|
if self.encrypt_values:
|
|
|
|
|
k_b = self.decryptor_func(k_b)
|
|
|
|
|
return k_b
|
|
|
|
|
|
|
|
|
|
def has(self,k,prefix=''):
|
|
|
|
@ -122,7 +87,7 @@ class Crypt(Logger):
|
|
|
|
|
|
|
|
|
|
def set(self,k,v,prefix='',override=False):
|
|
|
|
|
if self.has(k,prefix=prefix) and not override:
|
|
|
|
|
#self.log(f"I'm afraid I can't let you do that, overwrite someone's data!\n\nat {prefix}{k} = {v}")
|
|
|
|
|
self.log(f"I'm afraid I can't let you do that, overwrite someone's data!\n\nat {prefix}{k} = {v}")
|
|
|
|
|
return False #(False,None,None)
|
|
|
|
|
|
|
|
|
|
k_b=self.package_key(k,prefix=prefix)
|
|
|
|
@ -130,11 +95,7 @@ class Crypt(Logger):
|
|
|
|
|
v_b=self.package_val(v)
|
|
|
|
|
if not override:
|
|
|
|
|
self.log(f'''Crypt.set(\n\t{k_b}\n\n\t{k_b_hash}\n\n\t{v_b}\n)''')
|
|
|
|
|
# store
|
|
|
|
|
# stop
|
|
|
|
|
self.store.put(k_b_hash,v_b)
|
|
|
|
|
#return (True,k_b_hash,v_b)
|
|
|
|
|
# self.log('now keys are:',list(self.store.iter_keys()))
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def exists(self,k,prefix=''):
|
|
|
|
@ -162,7 +123,6 @@ class Crypt(Logger):
|
|
|
|
|
except KeyError:
|
|
|
|
|
return None
|
|
|
|
|
v_b=self.unpackage_val(v)
|
|
|
|
|
# self.log(f'Crypt.get(\n\t{prefix}{k}\n\n\t{v_b}')
|
|
|
|
|
return v_b
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -206,13 +166,7 @@ class CryptList(Crypt): # like inbox
|
|
|
|
|
|
|
|
|
|
@property
|
|
|
|
|
def values(self):
|
|
|
|
|
from pythemis.exception import ThemisError
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
val_b=self.val_b
|
|
|
|
|
except ThemisError as e:
|
|
|
|
|
self.log(f'!! DECRYPTION FAILURE: {e}')
|
|
|
|
|
return []
|
|
|
|
|
val_b=self.val_b
|
|
|
|
|
if not val_b: return []
|
|
|
|
|
return pickle.loads(val_b)
|
|
|
|
|
|
|
|
|
|