def register_shared_folder(shared_folder, records):
# type: (shared_folder.SharedFolder, dict) -> bytes
shared_folder_key = api.generate_aes_key()
sf = {
'shared_folder_uid': shared_folder.shared_folder_uid,
'key_type': 1,
'shared_folder_key': api.encrypt_aes(shared_folder_key, _USER_DATA_KEY),
'name': api.encrypt_aes(shared_folder.name.encode('utf-8'), shared_folder_key),
'is_account_folder': False,
'manage_records': False,
'manage_users': False,
'default_manage_records': True,
'default_manage_users': True,
'default_can_edit': True,
'default_can_share': True,
'full_sync': True,
'records': [{
'record_uid': x[0],
'record_key': api.encrypt_aes(x[1], shared_folder_key),
'can_share': False,
'can_edit': False
} for x in records.items()],
'users': [{
'username': _USER_NAME,
'manage_records': True,
'manage_users': True
}],
'revision': 5
}
_SHARED_FOLDERS.append(sf)
return shared_folder_key
def register_record(record, key_type=None):
# type: (record.Record, int or None) -> bytes
data = {
'title': record.title or '',
'secret1': record.login or '',
'secret2': record.password or '',
'link': record.login_url or '',
'notes': record.notes or '',
'custom': record.custom_fields or '',
'folder': record.folder or ''
}
extra = None
udata = None
if record.attachments:
extra = {'files': record.attachments}
udata = {'file_id': [x['id'] for x in record.attachments]}
record_key = api.generate_aes_key() if key_type != 0 else _USER_DATA_KEY
rec_object = {
'record_uid': record.record_uid,
'revision': record.revision if
(0 < record.revision <= _REVISION) else _REVISION,
'version': 2 if key_type != 0 else 1,
'shared': key_type not in [0, 1],
'data': api.encrypt_aes(json.dumps(data).encode('utf-8'), record_key),
}
if extra:
rec_object['extra'] = api.encrypt_aes(
json.dumps(extra).encode('utf-8'), record_key)
if udata:
rec_object['udata'] = udata
_RECORDS.append(rec_object)
meta_data = {
'record_uid': record.record_uid,
'owner': key_type in [0, 1],
'can_share': key_type == 1,
'can_edit': key_type == 1,
'record_key_type': key_type
}
if key_type == 0:
_RECORD_METADATA.append(meta_data)
if key_type == 1:
meta_data['record_key'] = utils.base64_url_encode(
crypto.encrypt_aes_v1(record_key, _USER_DATA_KEY))
_RECORD_METADATA.append(meta_data)
elif key_type == 2:
meta_data['record_key'] = utils.base64_url_encode(
crypto.encrypt_rsa(record_key, _IMPORTED_PUBLIC_KEY))
_RECORD_METADATA.append(meta_data)
return record_key
def register_team(team, key_type, sfs=None):
# type: (team.Team, int, dict) -> bytes
team_key = api.generate_aes_key()
t = {
'team_uid':
team.team_uid,
'name':
team.name,
'team_key_type':
key_type,
'team_key':
api.encrypt_aes(team_key, _USER_DATA_KEY)
if key_type == 1 else api.encrypt_rsa(team_key, _IMPORTED_PUBLIC_KEY),
'team_private_key':
api.encrypt_aes(_DER_PRIVATE_KEY, team_key),
'restrict_edit':
team.restrict_edit,
'restrict_share':
team.restrict_share,
'restrict_view':
team.restrict_view,
}
_TEAMS.append(t)
if sfs:
t['shared_folder_keys'] = [{
'shared_folder_uid':
x[0],
'key_type':
1,
'shared_folder_key':
api.encrypt_aes(x[1], team_key)
} for x in sfs.items()]
sf_uids = set()
for uid in sfs:
sf_uids.add(uid)
for sf in _SHARED_FOLDERS:
if sf['shared_folder_uid'] in sf_uids:
if 'teams' not in sf:
sf['teams'] = []
sf['teams'].append({
'team_uid': team.team_uid,
'name': team.name,
'manage_records': key_type == 1,
'manage_users': key_type == 1
})
return team_key
def generate_data():
r1 = record.Record()
r1.record_uid = api.generate_record_uid()
r1.folder = 'Old Folder'
r1.title = 'Record 1'
r1.login = '******'
r1.password = '******'
r1.login_url = 'https://keepersecurity.com/1'
r1.set_field('field1', 'value1')
r1.notes = 'note1'
r1.attachments = [{
'name':
'Attachment 1',
'key':
base64.urlsafe_b64encode(
api.generate_aes_key()).decode('utf-8').rstrip('='),
'id':
'ABCDEFGH',
'size':
1000
}]
r1.revision = 1
r1_key = register_record(r1, 1)
r2 = record.Record()
r2.record_uid = api.generate_record_uid()
r2.title = 'Record 2'
r2.login = '******'
r2.password = '******'
r2.login_url = 'https://keepersecurity.com/2'
r2.set_field('field2', 'value2')
r2.notes = 'note2'
r2.revision = 2
r2_key = register_record(r2, 2)
register_records_to_folder(None, [r1.record_uid, r2.record_uid])
r3 = record.Record()
r3.record_uid = api.generate_record_uid()
r3.title = 'Record 3'
r3.login = '******'
r3.password = '******'
r3.login_url = 'https://keepersecurity.com/3'
r3.revision = 3
r3_key = register_record(r3)
sf1 = shared_folder.SharedFolder()
sf1.shared_folder_uid = api.generate_record_uid()
sf1.default_manage_records = False
sf1.default_manage_users = False
sf1.default_can_edit = False
sf1.default_can_share = False
sf1.name = 'Shared Folder 1'
sf1_key = register_shared_folder(sf1, {r3.record_uid: r3_key})
register_records_to_folder(sf1.shared_folder_uid, [r3.record_uid])
_USER_FOLDER_SHARED_FOLDER.append(
{'shared_folder_uid': sf1.shared_folder_uid})
t1 = team.Team()
t1.team_uid = api.generate_record_uid()
t1.name = 'Team 1'
t1.restrict_edit = True
t1.restrict_share = True
t1.restrict_view = False
register_team(t1, 1, {sf1.shared_folder_uid: sf1_key})
folder_key = api.generate_aes_key()
_USER_FOLDERS.append({
'folder_uid':
api.generate_record_uid(),
'key_type':
1,
'user_folder_key':
api.encrypt_aes(folder_key, _USER_DATA_KEY),
'revision':
200,
'type':
'user_folder',
'data':
api.encrypt_aes(
json.dumps({
'name': 'User Folder 1'
}).encode('utf-8'), folder_key)
})
import json from data_vault import VaultEnvironment from keepercommander import api, crypto, utils from keepercommander.params import KeeperParams _TREE_KEY = api.generate_aes_key() _ENTERPRISE_ID = 123 _VAULT_ENV = VaultEnvironment() _USE_DATA_KEY = True _TEAM_KEY = api.generate_aes_key() _TEAM1_UID = api.generate_record_uid() _TEAM2_UID = api.generate_record_uid() _TEAM1_NAME = 'Team 1' _TEAM2_NAME = 'Team 2' _NODE1_ID = (_ENTERPRISE_ID << 32) + 2 _NODE2_ID = (_ENTERPRISE_ID << 32) + 100 _USER1_ID = (_ENTERPRISE_ID << 32) + 201 _USER2_ID = (_ENTERPRISE_ID << 32) + 202 _USER2_EMAIL = '*****@*****.**' _ROLE1_ID = (_ENTERPRISE_ID << 32) + 301 _ROLE1_NAME = 'Role 1' _LAST_ID = 1000
