def hash_password(password, iterations, algorithm="pbkdf2hmac", sub_algorithm="sha256",
salt=None, salt_size=16, output_size=32,
backend="cryptographyless"):
salt = os.urandom(salt_size)
header = save_data(algorithm, sub_algorithm, iterations, salt_size, output_size)
if algorithm == "pbkdf2hmac":
return save_data(header, salt, hashlib.pbkdf2_hmac(sub_algorithm, header + password, salt, iterations, output_size))
else:
return -1
def test_save_data(tmpdir):
user1 = User(1, "https://randomuser.me/api/portraits/lego/8.jpg", "Elijah",
"Ku")
amazon_team = Team(1, "IFS", [user1])
persistence.add_user(user1)
persistence.add_team(amazon_team)
persistence.save_data(f"{tmpdir}/bla.json")
def persistir(app):
'''
Coletamos os dados da aplicação e salvamos em um arquivo.
'''
print('Salvando dados persistentes...')
data = (linhas_entradas, horarios_linhas, destinos, reservas,
linhas_visiveis, onibus_invisiveis, app.linhas.get_children(),
app.reservas.get_children(), linhas_possiveis)
save_data(data, cte.DATA_FILE_PATH)
print('Dados persistentes salvos!')
app.root.destroy()
def _encrypt(data, key, mac_key, nonce='', extra_data='', algorithm="sha256", nonce_size=32, hmac_algorithm="sha256",
return_mode="cryptogram"):
""" usage: _encrypt(data, key, extra_data='', nonce='',
hash_function="SHA256", nonce_size=32) => encrypted_packet
Encrypts data using key.
Returns a packet of encrypted data, nonce, mac_tag, extra_data
Authentication and integrity of data, nonce, and extra data are assured
Confidentiality of data is assured.
Encryption is provided by _hash_stream_cipher.
Integrity/authenticity are provided via HMAC.
nonce is randomly generated when not supplied.
nonce_size defaults to 32; decreasing below 16 may destroy security.
A nonce_size of 16 with a random nonce shortens key lifetime when encrypting many messages. """
nonce = nonce or os.urandom(nonce_size)
mode = "hmac"
algorithm = algorithm.lower()
hmac_algorithm = hmac_algorithm.lower()
encrypted_data = cipher(data, key, nonce, algorithm)
header = algorithm + '_' + mode + '_' + hmac_algorithm
mac_tag = hmac.HMAC(mac_key, header + extra_data + nonce + encrypted_data, getattr(hashlib, hmac_algorithm)).digest()
if return_mode == "cryptogram":
return save_data(header, encrypted_data, nonce, mac_tag, extra_data)
elif return_mode == "values":
return header, encrypted_data, nonce, mac_tag, extra_data
else:
raise ValueError("Invalid mode supplied: '{}'; (valid: {})".format(("cryptogram", "values")))
def hash_password(password,
iterations,
algorithm="pbkdf2hmac",
sub_algorithm="sha256",
salt=None,
salt_size=16,
output_size=32,
backend="cryptographyless"):
salt = os.urandom(salt_size)
header = save_data(algorithm, sub_algorithm, iterations, salt_size,
output_size)
if algorithm == "pbkdf2hmac":
return save_data(
header, salt,
hashlib.pbkdf2_hmac(sub_algorithm, header + password, salt,
iterations, output_size))
else:
return -1
def test_pack_unpack():
ciphertext = "as;flkjasdf;lkjasfd"
iv = "21209348afdso"
tag = "zpx98yvzclkj"
extra_data = "1x897=a[19njkS"
packed = save_data(ciphertext, iv, tag, extra_data)
_ciphertext, _iv, _tag, _extra_data = load_data(packed)
assert _ciphertext == ciphertext
assert _iv == iv
assert _tag == tag
assert _extra_data == extra_data
def test_pack_unpack():
ciphertext = "as;flkjasdf;lkjasfd"
iv = "21209348afdso"
tag = "zpx98yvzclkj"
extra_data = "1x897=a[19njkS"
packed = save_data(ciphertext, iv, tag, extra_data)
_ciphertext, _iv, _tag, _extra_data = unpack_data(packed)
assert _ciphertext == ciphertext
assert _iv == iv
assert _tag == tag
assert _extra_data == extra_data
def test__encrypt__decrypt():
packet = _encrypt(_TEST_MESSAGE, _TEST_KEY, _TEST_KEY, extra_data="extra_data")
#print "Encrypted packet: \n\n\n", packet
decrypted = _decrypt(packet, _TEST_KEY, _TEST_KEY)
assert decrypted == (_TEST_MESSAGE, "extra_data"), decrypted
header, encrypted_data, nonce, mac_tag, extra_data = load_data(packet)
extra_data = "Changed"
packet = save_data(header, encrypted_data, nonce, mac_tag, extra_data)
try:
_decrypt(packet, _TEST_KEY, _TEST_KEY)
except InvalidTag:
pass
else:
print "Failed to protect authenticity/integrity of extra_data"
assert False
def test__encrypt__decrypt():
packet = _encrypt(_TEST_MESSAGE,
_TEST_KEY,
_TEST_KEY,
extra_data="extra_data")
#print "Encrypted packet: \n\n\n", packet
decrypted = _decrypt(packet, _TEST_KEY, _TEST_KEY)
assert decrypted == (_TEST_MESSAGE, "extra_data"), decrypted
header, encrypted_data, nonce, mac_tag, extra_data = load_data(packet)
extra_data = "Changed"
packet = save_data(header, encrypted_data, nonce, mac_tag, extra_data)
try:
_decrypt(packet, _TEST_KEY, _TEST_KEY)
except InvalidTag:
pass
else:
print "Failed to protect authenticity/integrity of extra_data"
assert False
def _encrypt(data,
key,
mac_key,
nonce='',
extra_data='',
algorithm="sha256",
nonce_size=32,
hmac_algorithm="sha256",
return_mode="cryptogram"):
""" usage: _encrypt(data, key, extra_data='', nonce='',
hash_function="SHA256", nonce_size=32) => encrypted_packet
Encrypts data using key.
Returns a packet of encrypted data, nonce, mac_tag, extra_data
Authentication and integrity of data, nonce, and extra data are assured
Confidentiality of data is assured.
Encryption is provided by _hash_stream_cipher.
Integrity/authenticity are provided via HMAC.
nonce is randomly generated when not supplied.
nonce_size defaults to 32; decreasing below 16 may destroy security.
A nonce_size of 16 with a random nonce shortens key lifetime when encrypting many messages. """
nonce = nonce or os.urandom(nonce_size)
mode = "hmac"
algorithm = algorithm.lower()
hmac_algorithm = hmac_algorithm.lower()
encrypted_data = cipher(data, key, nonce, algorithm)
header = algorithm + '_' + mode + '_' + hmac_algorithm
mac_tag = hmac.HMAC(mac_key, header + extra_data + nonce + encrypted_data,
getattr(hashlib, hmac_algorithm)).digest()
if return_mode == "cryptogram":
return save_data(header, encrypted_data, nonce, mac_tag, extra_data)
elif return_mode == "values":
return header, encrypted_data, nonce, mac_tag, extra_data
else:
raise ValueError("Invalid mode supplied: '{}'; (valid: {})".format(
("cryptogram", "values")))
def apply_mac(key, data, algorithm="SHA256", backend=None):
return save_data(generate_mac(key, data, algorithm, backend), data)
from data_model.team import Team from data_model.user import User from persistence import save_data, add_user, add_team, load_data, get_team load_data() at = get_team(1) at.add_connection(1, 2) save_data()
def apply_mac(key, data, algorithm="SHA256", backend=None):
return save_data(generate_mac(key, data, algorithm, backend), data)
