def get_encryption_cipher(self): """ Return the cipher to encrypt an decrypt. If the secret key doesn't exist, it will be generated. """ if not self._cipher: if not self._encryption_key: self._encryption_key = credential_utils.CredentialHelper.get_secret_key('%s/%s' % (self._info_dir, self.ENCRYPTION_KEY_FILENAME)) #create blowfish cipher if data needs to be encrypted self._cipher = blowfish.Blowfish(self._encryption_key) return self._cipher
def store_passwd(cls, email, passwd): """ Encrypt and store gmail password """ passwd_file = '%s/%s.passwd' % (gmvault_utils.get_home_dir_path(), email) fdesc = os.open(passwd_file, os.O_CREAT|os.O_WRONLY, 0600) cipher = blowfish.Blowfish(cls.get_secret_key(cls.SECRET_FILEPATH % (gmvault_utils.get_home_dir_path()))) cipher.initCTR() encrypted = cipher.encryptCTR(passwd) the_bytes = os.write(fdesc, encrypted) os.close(fdesc) if the_bytes < len(encrypted): raise Exception("Error: Cannot write password in %s" % (passwd_file))
def read_password(cls, email): """ Read password credentials Look by default to ~/.gmvault Look for file ~/.gmvault/email.passwd """ gmv_dir = gmvault_utils.get_home_dir_path() #look for email.passwed in GMV_DIR user_passwd_file_path = "%s/%s.passwd" % (gmv_dir, email) password = None if os.path.exists(user_passwd_file_path): with open(user_passwd_file_path) as f: password = f.read() cipher = blowfish.Blowfish(cls.get_secret_key(cls.SECRET_FILEPATH % (gmvault_utils.get_home_dir_path()))) cipher.initCTR() password = cipher.decryptCTR(password) return password