def testAddKey(self): self.assertEquals(3, self.mock.numkeys) keyczart.main(['addkey', '--status=primary']) self.assertEquals(4, self.mock.numkeys) # The next version number will be 100, since the previous max was 99 self.assertEquals(keyinfo.PRIMARY, self.mock.GetStatus(100)) self.assertEquals(keyinfo.ACTIVE, self.mock.GetStatus(42))
def testAddKey(self):
self.assertEquals(3, self.mock.numkeys)
keyczart.main(['addkey', '--status=primary'])
self.assertEquals(4, self.mock.numkeys)
# The next version number will be 100, since the previous max was 99
self.assertEquals(keyinfo.PRIMARY, self.mock.GetStatus(100))
self.assertEquals(keyinfo.ACTIVE, self.mock.GetStatus(42))
def testCreate(self):
keyczart.main([
'create', '--name=testCreate', '--purpose=crypt',
'--asymmetric=rsa'
])
self.assertEquals('testCreate', self.mock.kmd.name)
self.assertEquals(keyinfo.DECRYPT_AND_ENCRYPT, self.mock.kmd.purpose)
self.assertEquals(keyinfo.RSA_PRIV, self.mock.kmd.type)
def testAddKeyCrypterCreatesCrypter(self):
self.dummy_location = None
def dummyCreateCrypter(location):
self.dummy_location = location
return self.mock
keyczart._CreateCrypter = dummyCreateCrypter
keyczart.main(['addkey', '--crypter=foo'])
self.assertEqual(self.dummy_location, 'foo')
def testAddKeyCrypterCreatesCrypter(self):
self.dummy_location = None
def dummyCreateCrypter(location):
self.dummy_location = location
return self.mock
keyczart._CreateCrypter = dummyCreateCrypter
keyczart.main(['addkey', '--crypter=foo'])
self.assertEquals(self.dummy_location, 'foo')
def handle(self, *args, **options):
if os.path.exists("keyset"):
print "Keys already generated."
return
print "Generating keys"
os.mkdir("keyset")
keyczart.main(['create','--location=keyset','--purpose=crypt'])
keyczart.main(['addkey','--location=keyset' ,'--status=primary'])
print "Done"
def testPubKey(self):
pubmock = readers.MockReader('PUBTEST', keyinfo.DECRYPT_AND_ENCRYPT,
keyinfo.RSA_PRIV)
pubmock.AddKey(33, keyinfo.PRIMARY, 1024) # small key size for fast tests
keyczart.mock = pubmock # use pubmock instead
self.assertEquals(None, pubmock.pubkmd)
keyczart.main(['pubkey'])
self.assertNotEqual(None, pubmock.pubkmd)
self.assertEquals('PUBTEST', pubmock.pubkmd.name)
self.assertEquals(keyinfo.ENCRYPT, pubmock.pubkmd.purpose)
self.assertEquals(keyinfo.RSA_PUB, pubmock.pubkmd.type)
self.assertTrue(pubmock.HasPubKey(33))
def testPubKey(self):
pubmock = readers.MockReader('PUBTEST', keyinfo.DECRYPT_AND_ENCRYPT,
keyinfo.RSA_PRIV)
pubmock.AddKey(33, keyinfo.PRIMARY, 1024) # small key size for fast tests
keyczart.mock = pubmock # use pubmock instead
self.assertEquals(None, pubmock.pubkmd)
keyczart.main(['pubkey'])
self.assertNotEqual(None, pubmock.pubkmd)
self.assertEquals('PUBTEST', pubmock.pubkmd.name)
self.assertEquals(keyinfo.ENCRYPT, pubmock.pubkmd.purpose)
self.assertEquals(keyinfo.RSA_PUB, pubmock.pubkmd.type)
self.assertTrue(pubmock.HasPubKey(33))
def encrypt(self,password):
"""
Encrypt password and return encrypted password.
"""
from keyczar import keyczar
from keyczar import keyczart
location = self.dir + '/kz'
d = os.path.relpath(location)
if not os.path.exists(d):
os.mkdir(d)
s1=['create', '--location='+d, '--purpose=crypt']
s2 = ['addkey', '--location='+d, '--status=primary']
keyczart.main(s1)
keyczart.main(s2)
crypter = keyczar.Crypter.Read(d)
return crypter.Encrypt(password)
def decrypt(self,password):
"""
Decrypt password and save as attribute.
"""
from keyczar import keyczar
from keyczar import keyczart
location = self.dir + '/kz'
d = os.path.relpath(location)
if not os.path.exists(d):
os.mkdir(d)
s1='create --location=/'+location+' --purpose=crypt'
s2 = 'addkey --location=/'+location+' --status=primary'
keyczart.main(s1)
keyczart.main(s1)
crypter = keyczar.Crypter.Read(d)
decrypted_password = crypter.Decrypt(password)
return decrypted_password
def gen_keys(self):
"""
Create new keys.
"""
print(
_("Creating new keys in %(location)s") %
{'location': self.keys_location})
# Create symmetric key
os.makedirs(self.keys_symmetric_location)
keyczartool.main([
'create',
"--location=%s" % self.keys_symmetric_location, "--purpose=crypt"
])
keyczartool.main([
'addkey',
"--location=%s" % self.keys_symmetric_location, "--status=primary",
"--size=%s" % self.encryption_key_length
])
# Create asymmetric private keys for signing
os.makedirs(self.keys_asymmetric_private_location)
keyczartool.main([
'create',
"--location=%s" % self.keys_asymmetric_private_location,
"--purpose=sign",
"--asymmetric=%s" % self.encrypt_algorithm
])
keyczartool.main([
'addkey',
"--location=%s" % self.keys_asymmetric_private_location,
"--status=primary",
"--size=%s" % self.signing_key_length
])
# Extract public keys for signing
os.makedirs(self.keys_asymmetric_public_location)
keyczartool.main([
'create',
"--location=%s" % self.keys_asymmetric_public_location,
"--purpose=sign",
"--asymmetric=%s" % self.encrypt_algorithm
])
keyczartool.main([
'pubkey',
"--location=%s" % self.keys_asymmetric_private_location,
"--status=primary",
"--destination=%s" % self.keys_asymmetric_public_location
])
# Gen a new master salt
from os import urandom
salt = urandom(20)
print "Please modify this line in esapi/conf/settings.py:"
print "Encryptor_MasterSalt = '" + ESAPI.encoder().encode_for_base64(
salt) + "'"
print "Done!"
def gen_keys(self):
"""
Create new keys.
"""
print (_("Creating new keys in %(location)s") %
{'location' : self.keys_location} )
# Create symmetric key
os.makedirs(self.keys_symmetric_location)
keyczartool.main(
['create',
"--location=%s" % self.keys_symmetric_location,
"--purpose=crypt"] )
keyczartool.main(
['addkey',
"--location=%s" % self.keys_symmetric_location,
"--status=primary",
"--size=%s" % self.encryption_key_length] )
# Create asymmetric private keys for signing
os.makedirs(self.keys_asymmetric_private_location)
keyczartool.main(
['create',
"--location=%s" % self.keys_asymmetric_private_location,
"--purpose=sign",
"--asymmetric=%s" % self.encrypt_algorithm] )
keyczartool.main(
['addkey',
"--location=%s" % self.keys_asymmetric_private_location,
"--status=primary",
"--size=%s" % self.signing_key_length] )
# Extract public keys for signing
os.makedirs(self.keys_asymmetric_public_location)
keyczartool.main(
['create',
"--location=%s" % self.keys_asymmetric_public_location,
"--purpose=sign",
"--asymmetric=%s" % self.encrypt_algorithm] )
keyczartool.main(
['pubkey',
"--location=%s" % self.keys_asymmetric_private_location,
"--status=primary",
"--destination=%s" % self.keys_asymmetric_public_location] )
# Gen a new master salt
from os import urandom
salt = urandom(20)
print "Please modify this line in esapi/conf/settings.py:"
print "Encryptor_MasterSalt = '" + ESAPI.encoder().encode_for_base64(salt) + "'"
print "Done!"
def _tool(fmt, **kwds):
'''Package the call to keyczart.main
which is awkwardly setup for command-line use without
organizing the underlying logic for direct function calls.
'''
return keyczart.main( (fmt % kwds).split() )
notify = SatelliteNotifier()
notify.initialize()
if (parser.has_option('security', 'enable_encryption')) and (parser.getboolean('security', 'enable_encryption') == 1):
try:
from keyczar import keyczar
from keyczar.keyczar import Crypter
from keyczar import keyczart
from keyczar.errors import KeyczarError
print("Checking for encryption keys...")
if not os.path.exists(keystore_path):
print("No keys found. Generating new keys...")
os.makedirs(keystore_path)
keyczart.main( ("create --location=" + keystore_path + " --purpose=crypt").split() )
keyczart.main( ("addkey --location=" + keystore_path + " --status=primary").split() )
else:
print("Keys found.")
_crypter = Crypter.Read(keystore_path);
key_data = ""
for file in [ f for f in listdir(keystore_path) if isfile(join(keystore_path,f)) ]:
f = open(keystore_path + "/" + file, 'r')
key_data += "(" + file + ")" + f.read()
f.close()
_qr_data += "<keystore>" + key_data + "</keystore>"
md5sum = hashlib.md5(key_data).hexdigest()
print("Key md5: " + md5sum)
import keyczar
from keyczar import keyczart
import os
directory = os.path.join(os.path.dirname(os.path.abspath(__file__)), 'keyset')
if not os.path.exists(directory):
os.makedirs(directory)
if not os.listdir(directory):
keyczart.main(
['create', '--location=keyset', '--purpose=crypt', '--name=crypt'])
keyczart.main(['addkey', '--location=keyset', '--status=primary'])
else:
print 'Keyset directory already has something in there. Skipping key generation.'
#!flask/bin/python
import keyczar
import os
from keyczar import keyczart
newpath = r'tmp/kz'
if not os.path.exists(newpath): os.makedirs(newpath)
keyczart.main(
['create', '--location=tmp/kz/', '--purpose=crypt', '--name=PryNotes'])
keyczart.main(['addkey', '--location=tmp/kz/', '--status=primary'])
def testDemote(self): keyczart.main(['demote', '--version=77']) self.assertEquals(keyinfo.INACTIVE, self.mock.GetStatus(77))
def _tool(fmt, **kwds):
'''Package the call to keyczart.main
which is awkwardly setup for command-line use without
organizing the underlying logic for direct function calls.
'''
return keyczart.main((fmt % kwds).split())
import keyczar
from keyczar import keyczart
import os
directory = os.path.join(os.path.dirname(os.path.abspath(__file__)), 'keyset')
if not os.path.exists(directory):
os.makedirs(directory)
if not os.listdir(directory):
keyczart.main(['create','--location=keyset','--purpose=crypt','--name=crypt'])
keyczart.main(['addkey','--location=keyset' ,'--status=primary'])
else:
print 'Keyset directory already has something in there. Skipping key generation.'
def testCreate(self):
keyczart.main(['create', '--name=testCreate',
'--purpose=crypt', '--asymmetric=rsa'])
self.assertEquals('testCreate', self.mock.kmd.name)
self.assertEquals(keyinfo.DECRYPT_AND_ENCRYPT, self.mock.kmd.purpose)
self.assertEquals(keyinfo.RSA_PRIV, self.mock.kmd.type)
def testAddKeySizeFlag(self):
keyczart.main(['addkey', '--size=256'])
self.assertEquals(256, self.mock.GetKeySize(100))
def testAddKeySizeFlag(self): keyczart.main(['addkey', '--size=256']) self.assertEquals(256, self.mock.GetKeySize(100))
def testPromote(self):
keyczart.main(['promote', '--version=77'])
self.assertEquals(keyinfo.PRIMARY, self.mock.GetStatus(77))
self.assertEquals(keyinfo.ACTIVE, self.mock.GetStatus(42))
def testPromote(self): keyczart.main(['promote', '--version=77']) self.assertEquals(keyinfo.PRIMARY, self.mock.GetStatus(77)) self.assertEquals(keyinfo.ACTIVE, self.mock.GetStatus(42))
def testDemote(self):
keyczart.main(['demote', '--version=77'])
self.assertEquals(keyinfo.INACTIVE, self.mock.GetStatus(77))
def testRevoke(self): self.assertTrue(self.mock.ExistsVersion(99)) keyczart.main(['revoke', '--version=99']) self.assertFalse(self.mock.ExistsVersion(99))
def testRevoke(self):
self.assertTrue(self.mock.ExistsVersion(99))
keyczart.main(['revoke', '--version=99'])
self.assertFalse(self.mock.ExistsVersion(99))
#!/usr/bin/env python2 import keyczar import os from keyczar import keyczart newpath = r'tmp/kz' if not os.path.exists(newpath): os.makedirs(newpath) keyczart.main(['create','--location=tmp/kz/','--purpose=crypt','--name=PryNotes']) keyczart.main(['addkey','--location=tmp/kz/' ,'--status=primary'])
#!/usr/bin/env python2 """ This will add another encryption key. Any new notes or resaved notes will use the new key. The old key is not deleted as it is used to decrypt the messages already encrypted using that key. You can do this as many times as you want. It is all automatic. """ import keyczar import os from keyczar import keyczart newpath = r'tmp/kz' keyczart.main(['addkey','--location=tmp/kz/' ,'--status=primary'])
