def decrypt_config(server_name, filename): """ Decrypt password in config. """ if not acmd.util.crypto.is_supported(): error( "Crypto functions are not supported on this system. Install pycrypto or pycryptodome" ) return USER_ERROR config = read_config(filename) section_name = 'server {}'.format(server_name) prop = config.get(section_name, PASSWORD_PROP) if not is_encrypted(prop): error("Password for server {} is not encrypted".format(server_name)) return USER_ERROR iv_bytes, key_salt, ciphertext_bytes, = parse_prop(prop) key_bytes = get_key(key_salt, "Passphrase: ") assert type(key_bytes) == bytes plaintext_password, err = decrypt(iv_bytes, key_bytes, ciphertext_bytes) if err is not None: error(err) return USER_ERROR config.set(section_name, PASSWORD_PROP, plaintext_password) with open(filename, 'w') as f: config.write(f) return OK
def test_encrypt_decrypt_str(): iv = b'This is an IV456' msg = "Hello Wörld" key = b'Some kind of key' ciphertext = encrypt_str(iv, key, msg) eq_(b'I\xaaL/\t?6\xa7\x07\xbb.2', ciphertext) new_msg = decrypt(iv, key, ciphertext) eq_(msg, new_msg)
def password(self): if is_encrypted(self._password): passphrase = getpass.getpass("Passphrase: ") iv, salt, ciphertext = parse_prop(self._password) key = make_key(salt, passphrase) plaintext_password, err = decrypt(iv, key, ciphertext) if err is not None: raise Exception(err) self._password = plaintext_password return self._password
def test_encrypt_decrypt_str(): iv = b'This is an IV456' msg = "Hello Wörld" key = b'Some kind of key' ciphertext = encrypt_str(iv, key, msg) eq_(b'Z\xa7\xdce\xd9]\x9b\x02?\x12\xe0\x95\xf6\\', ciphertext) new_msg, err = decrypt(iv, key, ciphertext) eq_(msg, new_msg)
def password(self): if is_encrypted(self._password): passphrase = getpass.getpass("Passphrase: ") iv, salt, ciphertext = parse_prop(self._password) key = make_key(salt, passphrase) formatted_password = decrypt(iv, key, ciphertext) if formatted_password[0] != '[' or formatted_password[-1] != ']': raise Exception("Incorrect passphrase") plaintext_password = formatted_password[1:-1] self._password = plaintext_password return self._password
def decrypt_config(server_name, filename): """ Decrypt password in config. """ config = read_config(filename) section_name = 'server {}'.format(server_name) prop = config.get(section_name, PASSWORD_PROP) if not is_encrypted(prop): error("Password for server {} is not encrypted".format(server_name)) return USER_ERROR iv_bytes, key_salt, ciphertext_bytes, = parse_prop(prop) key_bytes = get_key(key_salt, "Passphrase: ") assert type(key_bytes) == bytes msg = decrypt(iv_bytes, key_bytes, ciphertext_bytes) if msg[0] != '[' or msg[-1] != ']': error("Passphrase incorrect") return USER_ERROR plaintext_password = msg[1:-1] config.set(section_name, PASSWORD_PROP, plaintext_password) with open(filename, 'w') as f: config.write(f) return OK