Beispiel #1
0
def register_shared_folder(shared_folder, records):
    # type: (shared_folder.SharedFolder, dict) -> bytes

    shared_folder_key = api.generate_aes_key()
    sf = {
        'shared_folder_uid': shared_folder.shared_folder_uid,
        'key_type': 1,
        'shared_folder_key': api.encrypt_aes(shared_folder_key, _USER_DATA_KEY),
        'name': api.encrypt_aes(shared_folder.name.encode('utf-8'), shared_folder_key),
        'is_account_folder': False,
        'manage_records': False,
        'manage_users': False,
        'default_manage_records': True,
        'default_manage_users': True,
        'default_can_edit': True,
        'default_can_share': True,
        'full_sync': True,
        'records': [{
            'record_uid': x[0],
            'record_key': api.encrypt_aes(x[1], shared_folder_key),
            'can_share': False,
            'can_edit': False
        } for x in records.items()],
        'users': [{
            'username': _USER_NAME,
            'manage_records': True,
            'manage_users': True
        }],
        'revision': 5
    }
    _SHARED_FOLDERS.append(sf)

    return shared_folder_key
Beispiel #2
0
def register_record(record, key_type=None):
    # type: (record.Record, int or None) -> bytes
    data = {
        'title': record.title or '',
        'secret1': record.login or '',
        'secret2': record.password or '',
        'link': record.login_url or '',
        'notes': record.notes or '',
        'custom': record.custom_fields or '',
        'folder': record.folder or ''
    }

    extra = None
    udata = None
    if record.attachments:
        extra = {'files': record.attachments}
        udata = {'file_id': [x['id'] for x in record.attachments]}

    record_key = api.generate_aes_key() if key_type != 0 else _USER_DATA_KEY
    rec_object = {
        'record_uid': record.record_uid,
        'revision': record.revision if
        (0 < record.revision <= _REVISION) else _REVISION,
        'version': 2 if key_type != 0 else 1,
        'shared': key_type not in [0, 1],
        'data': api.encrypt_aes(json.dumps(data).encode('utf-8'), record_key),
    }
    if extra:
        rec_object['extra'] = api.encrypt_aes(
            json.dumps(extra).encode('utf-8'), record_key)
    if udata:
        rec_object['udata'] = udata

    _RECORDS.append(rec_object)

    meta_data = {
        'record_uid': record.record_uid,
        'owner': key_type in [0, 1],
        'can_share': key_type == 1,
        'can_edit': key_type == 1,
        'record_key_type': key_type
    }

    if key_type == 0:
        _RECORD_METADATA.append(meta_data)
    if key_type == 1:
        meta_data['record_key'] = utils.base64_url_encode(
            crypto.encrypt_aes_v1(record_key, _USER_DATA_KEY))
        _RECORD_METADATA.append(meta_data)
    elif key_type == 2:
        meta_data['record_key'] = utils.base64_url_encode(
            crypto.encrypt_rsa(record_key, _IMPORTED_PUBLIC_KEY))
        _RECORD_METADATA.append(meta_data)

    return record_key
Beispiel #3
0
def register_team(team, key_type, sfs=None):
    # type: (team.Team, int, dict) -> bytes
    team_key = api.generate_aes_key()
    t = {
        'team_uid':
        team.team_uid,
        'name':
        team.name,
        'team_key_type':
        key_type,
        'team_key':
        api.encrypt_aes(team_key, _USER_DATA_KEY)
        if key_type == 1 else api.encrypt_rsa(team_key, _IMPORTED_PUBLIC_KEY),
        'team_private_key':
        api.encrypt_aes(_DER_PRIVATE_KEY, team_key),
        'restrict_edit':
        team.restrict_edit,
        'restrict_share':
        team.restrict_share,
        'restrict_view':
        team.restrict_view,
    }
    _TEAMS.append(t)

    if sfs:
        t['shared_folder_keys'] = [{
            'shared_folder_uid':
            x[0],
            'key_type':
            1,
            'shared_folder_key':
            api.encrypt_aes(x[1], team_key)
        } for x in sfs.items()]

        sf_uids = set()
        for uid in sfs:
            sf_uids.add(uid)
        for sf in _SHARED_FOLDERS:
            if sf['shared_folder_uid'] in sf_uids:
                if 'teams' not in sf:
                    sf['teams'] = []
                sf['teams'].append({
                    'team_uid': team.team_uid,
                    'name': team.name,
                    'manage_records': key_type == 1,
                    'manage_users': key_type == 1
                })

    return team_key
Beispiel #4
0
def generate_data():
    r1 = record.Record()
    r1.record_uid = api.generate_record_uid()
    r1.folder = 'Old Folder'
    r1.title = 'Record 1'
    r1.login = '******'
    r1.password = '******'
    r1.login_url = 'https://keepersecurity.com/1'
    r1.set_field('field1', 'value1')
    r1.notes = 'note1'
    r1.attachments = [{
        'name':
        'Attachment 1',
        'key':
        base64.urlsafe_b64encode(
            api.generate_aes_key()).decode('utf-8').rstrip('='),
        'id':
        'ABCDEFGH',
        'size':
        1000
    }]
    r1.revision = 1
    r1_key = register_record(r1, 1)

    r2 = record.Record()
    r2.record_uid = api.generate_record_uid()
    r2.title = 'Record 2'
    r2.login = '******'
    r2.password = '******'
    r2.login_url = 'https://keepersecurity.com/2'
    r2.set_field('field2', 'value2')
    r2.notes = 'note2'
    r2.revision = 2
    r2_key = register_record(r2, 2)

    register_records_to_folder(None, [r1.record_uid, r2.record_uid])

    r3 = record.Record()
    r3.record_uid = api.generate_record_uid()
    r3.title = 'Record 3'
    r3.login = '******'
    r3.password = '******'
    r3.login_url = 'https://keepersecurity.com/3'
    r3.revision = 3
    r3_key = register_record(r3)

    sf1 = shared_folder.SharedFolder()
    sf1.shared_folder_uid = api.generate_record_uid()
    sf1.default_manage_records = False
    sf1.default_manage_users = False
    sf1.default_can_edit = False
    sf1.default_can_share = False
    sf1.name = 'Shared Folder 1'
    sf1_key = register_shared_folder(sf1, {r3.record_uid: r3_key})
    register_records_to_folder(sf1.shared_folder_uid, [r3.record_uid])
    _USER_FOLDER_SHARED_FOLDER.append(
        {'shared_folder_uid': sf1.shared_folder_uid})

    t1 = team.Team()
    t1.team_uid = api.generate_record_uid()
    t1.name = 'Team 1'
    t1.restrict_edit = True
    t1.restrict_share = True
    t1.restrict_view = False

    register_team(t1, 1, {sf1.shared_folder_uid: sf1_key})

    folder_key = api.generate_aes_key()
    _USER_FOLDERS.append({
        'folder_uid':
        api.generate_record_uid(),
        'key_type':
        1,
        'user_folder_key':
        api.encrypt_aes(folder_key, _USER_DATA_KEY),
        'revision':
        200,
        'type':
        'user_folder',
        'data':
        api.encrypt_aes(
            json.dumps({
                'name': 'User Folder 1'
            }).encode('utf-8'), folder_key)
    })
Beispiel #5
0
import json

from data_vault import VaultEnvironment
from keepercommander import api, crypto, utils
from keepercommander.params import KeeperParams

_TREE_KEY = api.generate_aes_key()
_ENTERPRISE_ID = 123

_VAULT_ENV = VaultEnvironment()

_USE_DATA_KEY = True

_TEAM_KEY = api.generate_aes_key()
_TEAM1_UID = api.generate_record_uid()
_TEAM2_UID = api.generate_record_uid()
_TEAM1_NAME = 'Team 1'
_TEAM2_NAME = 'Team 2'

_NODE1_ID = (_ENTERPRISE_ID << 32) + 2
_NODE2_ID = (_ENTERPRISE_ID << 32) + 100

_USER1_ID = (_ENTERPRISE_ID << 32) + 201
_USER2_ID = (_ENTERPRISE_ID << 32) + 202
_USER2_EMAIL = '*****@*****.**'

_ROLE1_ID = (_ENTERPRISE_ID << 32) + 301
_ROLE1_NAME = 'Role 1'

_LAST_ID = 1000