Example #1
0
 def unvault(self, name, target=None, download=True):
     assert self.key, "you have to give a key or set in $VAULT_KEY"
     assert name, "give a vault name"
     vault_tmp, vault_zip, vault_crypt = self.directories(name)
     if download:
         assert self.s3_path, "No s3_path specified"
         assert self.s3_bucket, "No s3_bucket specified"
         assert self.s3_useragent, "you need to provide $S3_VAULT_USERAGENT"
         self.download(self.s3_bucket, self.s3_file(name), vault_crypt)
         assert os.path.exists(vault_crypt), "Download failed for %s" % self.s3_file(name)
     with open(vault_zip, 'w') as vz, open(vault_crypt) as vc:
         c = vc.read()
         aes = AESCipher(self.key)
         plain = aes.decrypt(c)
         vz.write(plain)
     try:
         zipf = ZipFile(vault_zip)
         zipf.extractall(target or self.location)
     except BadZipfile as e:
         raise BadZipfile('Could not extract %s. Did you set the key?' % vault_crypt)
     members = [os.path.join(target or self.location, member) 
                for member in zipf.namelist()]
     self.extracted_files.extend(members)
     self.cleanup(name)
     return members
Example #2
0
 def make(self, name=None, src=None, include=None, upload=True):
     """
     Takes a directory, zips all files in it, encrypts the file
     and uploads it to the path (use s3://bucket/path). 
     
     If not provided the key is randomly generated and output as a result. 
     Use this key to decrypt the file.
     
     Uses $S3_VAULT_KEY if available.
     """
     assert self.key, "you have to give a key or set in S3_VAULT_KEY"
     assert name, "give a vault name"
     vault_tmp, vault_zip, vault_crypt = self.directories(name)
     try:
         os.remove(vault_zip)
         os.remove(vault_crypt)
     except:
         pass
     # create zip file
     self.zipfiles(src or self.location, vault_zip, 
                   exclude='.vault', 
                   include=include)
     with open(vault_zip) as vz, open(vault_crypt, 'w') as vc:
         zipped = vz.read()
         aes = AESCipher(self.key)
         c = aes.encrypt(zipped)
         vc.write(c)
     if upload:
         assert self.s3_path, "No s3_path specified"
         assert self.s3_bucket, "No s3_bucket specified"
         self.upload(vault_crypt, self.s3_bucket, self.s3_file(name))
     return vault_crypt