class KeyHolder:
def __init__(self, database_manager: DatabaseManagerMongo):
"""
Args:
key_directory: key based directory
"""
self.ssr = SystemSettingsReader(database_manager)
self.rsa_public = self.get_public_key()
self.rsa_private = self.get_private_key()
def get_public_key(self):
return self.ssr.get_value('asymmetric_key', 'security')['public']
def get_private_key(self):
return self.ssr.get_value('asymmetric_key', 'security')['private']
class KeyHolder:
def __init__(self, key_directory=None):
"""
Args:
key_directory: key based directory
"""
self.scr = SystemConfigReader()
self.__dbm = DatabaseManagerMongo(
**self.scr.get_all_values_from_section('Database'))
self.ssr = SystemSettingsReader(self.__dbm)
self.rsa_public = self.get_public_key()
self.rsa_private = self.get_private_key()
def get_public_key(self):
return self.ssr.get_value('asymmetric_key', 'security')['public']
def get_private_key(self):
return self.ssr.get_value('asymmetric_key', 'security')['private']
class SecurityManager:
DEFAULT_BLOCK_SIZE = 32
DEFAULT_ALG = 'HS512'
DEFAULT_EXPIRES = int(10)
def __init__(self, database_manager):
self.ssr = SystemSettingsReader(database_manager)
self.ssw = SystemSettingsWriter(database_manager)
self.salt = "cmdb"
def generate_hmac(self, data):
import hashlib
import hmac
generated_hash = hmac.new(self.get_symmetric_aes_key(),
bytes(data + self.salt, 'utf-8'),
hashlib.sha256)
generated_hash.hexdigest()
return base64.b64encode(generated_hash.digest()).decode("utf-8")
def encrypt_aes(self, raw):
"""
see https://stackoverflow.com/questions/12524994/encrypt-decrypt-using-pycrypto-aes-256
:param raw: unencrypted data
:return:
"""
if type(raw) == list:
import json
from bson import json_util
raw = json.dumps(raw, default=json_util.default)
raw = SecurityManager._pad(raw).encode('UTF-8')
iv = Random.new().read(AES.block_size)
cipher = AES.new(self.get_symmetric_aes_key(), AES.MODE_CBC, iv)
return base64.b64encode(iv + cipher.encrypt(raw))
def decrypt_aes(self, enc):
enc = base64.b64decode(enc)
iv = enc[:AES.block_size]
cipher = AES.new(self.get_symmetric_aes_key(), AES.MODE_CBC, iv)
return SecurityManager._unpad(cipher.decrypt(
enc[AES.block_size:])).decode('utf-8')
@staticmethod
def _pad(s):
return s + (SecurityManager.DEFAULT_BLOCK_SIZE - len(s) % SecurityManager.DEFAULT_BLOCK_SIZE) * \
chr(SecurityManager.DEFAULT_BLOCK_SIZE - len(s) % SecurityManager.DEFAULT_BLOCK_SIZE)
@staticmethod
def _unpad(s):
return s[:-ord(s[len(s) - 1:])]
def generate_symmetric_aes_key(self):
return self.ssw.write(
'security', {'symmetric_aes_key': Random.get_random_bytes(32)})
def get_symmetric_aes_key(self):
try:
symmetric_key = self.ssr.get_value('symmetric_aes_key', 'security')
except NoDocumentFound:
self.generate_symmetric_aes_key()
symmetric_key = self.ssr.get_value('symmetric_aes_key', 'security')
return symmetric_key
@staticmethod
def encode_object_base_64(data: object):
from bson.json_util import dumps
return base64.b64encode(dumps(data).encode('utf-8')).decode("utf-8")
