def moveKeys(db, crypt): try: if args.keys is None: logger.error("Must specify key file for key manipulation") return 1 clientId = db.getConfigValue('ClientID') salt, vkey = db.getSrpValues() #(db, _) = getDB(crypt) if args.extract: (f, c) = db.getKeys() if not (f and c): raise Exception("Unable to retrieve keys from server. Aborting.") Util.saveKeys(args.keys, clientId, f, c) if args.deleteKeys: db.setKeys(salt, vkey, None, None) elif args.insert: (f, c) = Util.loadKeys(args.keys, clientId) logger.info("Keys: F: %s C: %s", f, c) if not (f and c): raise Exception("Unable to retrieve keys from key database. Aborting.") db.setKeys(salt, vkey, f, c) if args.deleteKeys: Util.saveKeys(args.keys, clientId, None, None) return 0 except TardisDB.AuthenticationException as e: logger.error("Authentication failed. Bad password") return 1 except Exception as e: logger.error(e) exceptionLogger.log(e) return 1
def changePassword(crypt, crypt2): try: (db, _) = getDB(crypt) # Load the keys, and insert them into the crypt object, to decyrpt them if args.keys: (f, c) = Util.loadKeys(args.keys, db.getConfigValue("ClientID")) else: (f, c) = db.getKeys() crypt.setKeys(f, c) # Grab the keys from one crypt object. # Need to do this because getKeys/setKeys assumes they're encrypted, and we need the raw # versions crypt2._filenameKey = crypt._filenameKey crypt2._contentKey = crypt._contentKey # Now get the encrypted versions (f, c) = crypt2.getKeys() if args.keys: db.beginTransaction() db.setToken(crypt2.createToken()) Util.saveKeys(args.keys, db.getConfigValue("ClientID"), f, c) db.commit() else: db.setKeys(crypt2.createToken(), f, c) db.close() return 0 except Exception as e: logger.error(e) return 1
def moveKeys(db, crypt): try: if args.keys is None: logger.error("Must specify key file for key manipulation") return 1 clientId = db.getConfigValue("ClientID") token = crypt.createToken() (db, _) = getDB(crypt) if args.extract: (f, c) = db.getKeys() if not (f and c): raise Exception("Unable to retrieve keys from server. Aborting.") Util.saveKeys(args.keys, clientId, f, c) if args.deleteKeys: db.setKeys(token, None, None) elif args.insert: (f, c) = Util.loadKeys(args.keys, clientId) logger.info("Keys: F: %s C: %s", f, c) if not (f and c): raise Exception("Unable to retrieve keys from key database. Aborting.") db.setKeys(token, f, c) if args.deleteKeys: Util.saveKeys(args.keys, clientId, None, None) return 0 except Exception as e: logger.error(e) logger.exception(e) return 1
def moveKeys(db, crypt): try: if args.keys is None: logger.error("Must specify key file for key manipulation") return 1 clientId = db.getConfigValue('ClientID') token = crypt.createToken() #(db, _) = getDB(crypt) if args.extract: (f, c) = db.getKeys() if not (f and c): raise Exception( "Unable to retrieve keys from server. Aborting.") Util.saveKeys(args.keys, clientId, f, c) if args.deleteKeys: db.setKeys(token, None, None) elif args.insert: (f, c) = Util.loadKeys(args.keys, clientId) logger.info("Keys: F: %s C: %s", f, c) if not (f and c): raise Exception( "Unable to retrieve keys from key database. Aborting.") db.setKeys(token, f, c) if args.deleteKeys: Util.saveKeys(args.keys, clientId, None, None) return 0 except Exception as e: logger.error(e) logger.exception(e) return 1
def changePassword(crypt, crypt2): try: (db, _) = getDB(crypt) # Load the keys, and insert them into the crypt object, to decyrpt them if args.keys: (f, c) = Util.loadKeys(args.keys, db.getConfigValue('ClientID')) else: (f, c) = db.getKeys() crypt.setKeys(f, c) # Grab the keys from one crypt object. # Need to do this because getKeys/setKeys assumes they're encrypted, and we need the raw # versions crypt2._filenameKey = crypt._filenameKey crypt2._contentKey = crypt._contentKey # Now get the encrypted versions (f, c) = crypt2.getKeys() if args.keys: db.beginTransaction() db.setToken(crypt2.createToken()) Util.saveKeys(args.keys, db.getConfigValue('ClientID'), f, c) db.commit() else: db.setKeys(crypt2.createToken(), f, c) return 0 except Exception as e: logger.error(e) return 1
def moveKeys(db, crypt): try: if args.keys is None: logger.error("Must specify key file for key manipulation") return 1 clientId = db.getConfigValue('ClientID') salt, vkey = db.getSrpValues() #(db, _) = getDB(crypt) if args.extract: (f, c) = db.getKeys() if not (f and c): raise Exception("Unable to retrieve keys from server. Aborting.") Util.saveKeys(args.keys, clientId, f, c) if args.deleteKeys: db.setKeys(salt, vkey, None, None) elif args.insert: (f, c) = Util.loadKeys(args.keys, clientId) logger.info("Keys: F: %s C: %s", f, c) if not (f and c): raise Exception("Unable to retrieve keys from key database. Aborting.") db.setKeys(salt, vkey, f, c) if args.deleteKeys: Util.saveKeys(args.keys, clientId, None, None) return 0 except TardisDB.AuthenticationException as e: logger.error("Authentication failed. Bad password") return 1 except Exception as e: logger.error(e) if args.exceptions: logger.exception(e) return 1
def changePassword(crypt, oldpw): try: (db, _, crypt) = getDB(oldpw) # Get the new password try: newpw = Util.getPassword(args.newpw, args.newpwf, args.newpwp, prompt="New Password for %s: " % (args.client), allowNone=False, confirm=True, strength=True) except Exception as e: logger.critical(str(e)) if args.exceptions: logger.exception(e) return -1 scheme = db.getConfigValue('CryptoScheme', 1) crypt2 = TardisCrypto.getCrypto(scheme, newpw, args.client) # Load the keys, and insert them into the crypt object, to decyrpt them if args.keys: (f, c) = Util.loadKeys(args.keys, db.getConfigValue('ClientID')) # No need to check here, loadKeys() throws exception if nothing set. else: (f, c) = db.getKeys() if f is None or c is None: logger.critical( "No keys loaded from database. Please specify --keys as appropriate" ) raise Exception("No keys loaded") crypt.setKeys(f, c) # Grab the keys from one crypt object. # Need to do this because getKeys/setKeys assumes they're encrypted, and we need the raw # versions crypt2._filenameKey = crypt._filenameKey crypt2._contentKey = crypt._contentKey # Now get the encrypted versions (f, c) = crypt2.getKeys() (salt, vkey) = srp.create_salted_verification_key(args.client, newpw) if args.keys: db.beginTransaction() db.setSrpValues(salt, vkey) Util.saveKeys(args.keys, db.getConfigValue('ClientID'), f, c) db.commit() else: db.setKeys(salt, vkey, f, c) return 0 except Exception as e: logger.error(str(e)) if args.exceptions: logger.exception(e) return 1
def changePassword(crypt, oldpw) : try: (db, _, crypt) = getDB(crypt, oldpw) # Get the new password try: newpw = Util.getPassword(args.newpw, args.newpwf, args.newpwp, prompt="New Password for %s: " % (args.client), allowNone=False, confirm=True, strength=True) except Exception as e: logger.critical(str(e)) if args.exceptions: logger.exception(e) return -1 crypt2 = TardisCrypto.TardisCrypto(newpw, args.client) # Load the keys, and insert them into the crypt object, to decyrpt them if args.keys: (f, c) = Util.loadKeys(args.keys, db.getConfigValue('ClientID')) # No need to check here, loadKeys() throws exception if nothing set. else: (f, c) = db.getKeys() if f is None or c is None: logger.critical("No keys loaded from database. Please specify --keys as appropriate") raise Exception("No keys loaded") crypt.setKeys(f, c) # Grab the keys from one crypt object. # Need to do this because getKeys/setKeys assumes they're encrypted, and we need the raw # versions crypt2._filenameKey = crypt._filenameKey crypt2._contentKey = crypt._contentKey # Now get the encrypted versions (f, c) = crypt2.getKeys() (salt, vkey) = srp.create_salted_verification_key(args.client, newpw) if args.keys: db.beginTransaction() db.setSrpValues(salt, vkey) Util.saveKeys(args.keys, db.getConfigValue('ClientID'), f, c) db.commit() else: db.setKeys(salt, vkey, f, c) return 0 except Exception as e: logger.error(str(e)) if args.exceptions: logger.exception(e) return 1
def main(): global logger, exceptionLogger, args parseArgs() logger = Util.setupLogging(args.verbose) exceptionLogger = Util.ExceptionLogger(logger, args.exceptions) # Commands which cannot be executed on remote databases allowRemote = args.command not in ['create', 'upgrade'] db = None crypt = None cache = None try: confirm = args.command in ['setpass', 'create'] allowNone = args.command not in ['setpass', 'chpass'] try: password = Util.getPassword(args.password, args.passwordfile, args.passwordprog, prompt="Password for %s: " % (args.client), allowNone=allowNone, confirm=confirm) except Exception as e: logger.critical(str(e)) exceptionLogger.log(e) return -1 if password: crypt = TardisCrypto.TardisCrypto(password, args.client) args.password = None if args.command == 'create': return createClient(crypt, password) if args.command == 'setpass': if not Util.checkPasswordStrength(password): return -1 if not crypt: logger.error("No password specified") return -1 return setPassword(crypt, password) if args.command == 'chpass': return changePassword(crypt, password) upgrade = (args.command == 'upgrade') try: (db, cache) = getDB(crypt, password, allowRemote=allowRemote, allowUpgrade=upgrade) if crypt and args.command != 'keys': if args.keys: (f, c) = Util.loadKeys(args.keys, db.getConfigValue('ClientID')) else: (f, c) = db.getKeys() crypt.setKeys(f, c) except TardisDB.AuthenticationException as e: logger.error("Authentication failed. Bad password") exceptionLogger.log(e) sys.exit(1) except Exception as e: logger.critical("Unable to connect to database: %s", e) exceptionLogger.log(e) sys.exit(1) if args.command == 'keys': return moveKeys(db, crypt) elif args.command == 'list': return listBSets(db, crypt, cache) elif args.command == 'files': return listFiles(db, crypt) elif args.command == 'info': return bsetInfo(db) elif args.command == 'purge': return purge(db, cache) elif args.command == 'delete': return deleteBsets(db, cache) elif args.command == 'priority': return setPriority(db) elif args.command == 'rename': return renameSet(db) elif args.command == 'getconfig': return getConfig(db) elif args.command == 'setconfig': return setConfig(db) elif args.command == 'orphans': return removeOrphans(db, cache) elif args.command == 'upgrade': return except KeyboardInterrupt: pass except TardisDB.AuthenticationException as e: logger.error("Authentication failed. Bad password") sys.exit(1) except Exception as e: logger.error("Caught exception: %s", str(e)) exceptionLogger.log(e) finally: if db: db.close()
def main(): global logger parseArgs() logger = Util.setupLogging(args.verbose) # Commands which cannot be executed on remote databases allowRemote = args.command not in ['create'] db = None crypt = None cache = None try: password = Util.getPassword(args.password, args.passwordfile, args.passwordprog, prompt="Password for %s: " % (args.client), allowNone=(args.command != 'setPass')) if args.command in ['setpass', 'create']: if password and not checkPasswordStrength(password): return -1 if args.password: pw2 = Util.getPassword(args.password, args.passwordfile, args.passwordprog, prompt='Confirm Password: '******'t match") return -1 pw2 = None if password: crypt = TardisCrypto.TardisCrypto(password, args.client) password = None args.password = None if args.command == 'create': return createClient(crypt) if args.command == 'setpass': if not crypt: logger.error("No password specified") return -1 return setToken(crypt) if args.command == 'chpass': newpw = Util.getPassword(args.newpw, args.newpwf, args.newpwp, prompt="New Password for %s: " % (args.client), allowNone=False) if not checkPasswordStrength(newpw): return -1 if args.newpw is True: newpw2 = Util.getPassword(args.newpw, args.newpwf, args.newpwp, prompt="New Password for %s: " % (args.client), allowNone=False) if newpw2 != newpw: logger.error("Passwords don't match") return -1 newpw2 = None crypt2 = TardisCrypto.TardisCrypto(newpw, args.client) newpw = None args.newpw = None return changePassword(crypt, crypt2) try: (db, cache) = getDB(crypt, allowRemote=allowRemote) if crypt: if args.keys: (f, c) = Util.loadKeys(args.keys, db.getConfigValue('ClientID')) else: (f, c) = db.getKeys() crypt.setKeys(f, c) except Exception as e: logger.critical("Unable to connect to database: %s", e) sys.exit(1) if args.command == 'keys': return moveKeys(db, crypt) elif args.command == 'list': return listBSets(db) elif args.command == 'files': return listFiles(db, crypt) elif args.command == 'info': return bsetInfo(db) elif args.command == 'purge': return purge(db, cache) elif args.command == 'delete': return deleteBsets(db, cache) elif args.command == 'getconfig': return getConfig(db) elif args.command == 'setconfig': return setConfig(db) elif args.command == 'orphans': return removeOrphans(db, cache) except KeyboardInterrupt: pass except Exception as e: logger.error("Caught exception: %s", str(e)) logger.exception(e) finally: if db: db.close()
def main(): global logger parseArgs() logger = Util.setupLogging(args.verbose) # Commands which cannot be executed on remote databases allowRemote = args.command not in ['create', 'upgrade'] db = None crypt = None cache = None try: confirm = args.command in ['setpass', 'create'] allowNone = args.command not in ['setpass', 'chpass'] try: password = Util.getPassword(args.password, args.passwordfile, args.passwordprog, prompt="Password for %s: " % (args.client), allowNone=allowNone, confirm=confirm) except Exception as e: logger.critical(str(e)) if args.exceptions: logger.exception(e) return -1 if password: crypt = TardisCrypto.TardisCrypto(password, args.client) args.password = None if args.command == 'create': return createClient(crypt, password) if args.command == 'setpass': if not Util.checkPasswordStrength(password): return -1 if not crypt: logger.error("No password specified") return -1 return setPassword(crypt, password) if args.command == 'chpass': return changePassword(crypt, password) upgrade = (args.command == 'upgrade') try: (db, cache, crypt) = getDB(crypt, password, allowRemote=allowRemote, allowUpgrade=upgrade) if crypt and args.command != 'keys': if args.keys: (f, c) = Util.loadKeys(args.keys, db.getConfigValue('ClientID')) else: (f, c) = db.getKeys() crypt.setKeys(f, c) except TardisDB.AuthenticationException as e: logger.error("Authentication failed. Bad password") if args.exceptions: logger.exception(e) sys.exit(1) except Exception as e: logger.critical("Unable to connect to database: %s", e) if args.exceptions: logger.exception(e) sys.exit(1) if args.command == 'keys': return moveKeys(db, crypt) elif args.command == 'list': return listBSets(db, crypt, cache) elif args.command == 'files': return listFiles(db, crypt) elif args.command == 'info': return bsetInfo(db) elif args.command == 'purge': return purge(db, cache) elif args.command == 'delete': return deleteBsets(db, cache) elif args.command == 'priority': return setPriority(db) elif args.command == 'rename': return renameSet(db) elif args.command == 'getconfig': return getConfig(db) elif args.command == 'setconfig': return setConfig(db) elif args.command == 'orphans': return removeOrphans(db, cache) elif args.command == 'upgrade': return except KeyboardInterrupt: pass except TardisDB.AuthenticationException as e: logger.error("Authentication failed. Bad password") sys.exit(1) except Exception as e: logger.error("Caught exception: %s", str(e)) if args.exceptions: logger.exception(e) finally: if db: db.close()