def fetch_keys(self, key_fetch_token, stretchpwd): url = "/account/keys" auth = HawkTokenAuth(key_fetch_token, "keyFetchToken", self.apiclient) resp = self.apiclient.get(url, auth=auth) bundle = unhexlify(resp["bundle"]) keys = auth.unbundle("account/keys", bundle) unwrap_key = derive_key(stretchpwd, "unwrapBkey") return (keys[:32], xor(keys[32:], unwrap_key))
def fetch_keys(self, key_fetch_token=None, stretchpwd=None): # Use values from session construction, if not overridden. if key_fetch_token is None: key_fetch_token = self._key_fetch_token if key_fetch_token is None: # XXX TODO: what error? raise RuntimeError("missing key_fetch_token") if stretchpwd is None: stretchpwd = self._stretchpwd if stretchpwd is None: # XXX TODO: what error? raise RuntimeError("missing stretchpwd") # Fetch the keys, and clear cached values from session construction. url = "/v1/account/keys" auth = HawkTokenAuth(key_fetch_token, "keyFetchToken", self.apiclient) resp = self.apiclient.get(url, auth=auth) self._key_fetch_token = None self._stretchpwd = None # Decrypt kB using the stretchpwd. bundle = unhexlify(resp["bundle"]) keys = auth.unbundle("account/keys", bundle) unwrap_key = derive_key(stretchpwd, "unwrapBkey") self.keys = (keys[:32], xor(keys[32:], unwrap_key)) return self.keys