def decrypt_secret(self, uuid, metaonly=False):
'''retrieve secret from the database, decrypt and return tuple'''
uuid = bytes(uuid.encode('ascii'))
hasher = SHA256.new()
hasher.update(uuid + uuid)
uniqhash = hasher.hexdigest()
# see if we can find such a secret
try:
result = DBSession.query(Secret).filter(
Secret.uniqhash == uniqhash,
Secret.expiry_time >= datetime.datetime.now(),
or_(
Secret.lifetime_reads > 0,
Secret.lifetime_reads == -1
)).one()
except NoResultFound:
raise SecretExpiredException()
# if we're not decrypting it, we can go ahead and consider it unviewed
if metaonly:
return (result, None)
# excellent, decrement the views & immediately write to database
if not result.flag_unlimited_reads:
result.lifetime_reads -= 1
DBSession.flush()
# decrypt the data in our secret, return them
plaintext = self._decrypt(result, uuid)
return (result, plaintext)
def decrypt_secret(self, uuid):
'''retrieve secret from the database, decrypt and return tuple'''
session = DBSession()
hasher = SHA256.new()
hasher.update(bytes('{}{}'.format(uuid, uuid), encoding='utf-8'))
uniqhash = hasher.hexdigest()
# see if we can find such a secret
try:
result = session.query(Secret).filter(
Secret.uniqhash == uniqhash,
Secret.expiry_time >= datetime.datetime.now(),
or_(
Secret.lifetime_reads > 0,
Secret.lifetime_reads == -1
)).one()
except NoResultFound as e:
raise SecretExpiredException()
# excellent, decrement the views & immediately write to database
if not result.flag_unlimited_reads:
result.lifetime_reads -= 1
session.update(result)
session.flush()
# decrypt the data in our secret, return them
plaintext = _decrypt(result, uniqhash)
return (result, plaintext)
