def register_shared_folder(shared_folder, records): # type: (shared_folder.SharedFolder, dict) -> bytes shared_folder_key = api.generate_aes_key() sf = { 'shared_folder_uid': shared_folder.shared_folder_uid, 'key_type': 1, 'shared_folder_key': api.encrypt_aes(shared_folder_key, _USER_DATA_KEY), 'name': api.encrypt_aes(shared_folder.name.encode('utf-8'), shared_folder_key), 'is_account_folder': False, 'manage_records': False, 'manage_users': False, 'default_manage_records': True, 'default_manage_users': True, 'default_can_edit': True, 'default_can_share': True, 'full_sync': True, 'records': [{ 'record_uid': x[0], 'record_key': api.encrypt_aes(x[1], shared_folder_key), 'can_share': False, 'can_edit': False } for x in records.items()], 'users': [{ 'username': _USER_NAME, 'manage_records': True, 'manage_users': True }], 'revision': 5 } _SHARED_FOLDERS.append(sf) return shared_folder_key
def register_record(record, key_type=None): # type: (record.Record, int or None) -> bytes data = { 'title': record.title or '', 'secret1': record.login or '', 'secret2': record.password or '', 'link': record.login_url or '', 'notes': record.notes or '', 'custom': record.custom_fields or '', 'folder': record.folder or '' } extra = None udata = None if record.attachments: extra = {'files': record.attachments} udata = {'file_id': [x['id'] for x in record.attachments]} record_key = api.generate_aes_key() if key_type != 0 else _USER_DATA_KEY rec_object = { 'record_uid': record.record_uid, 'revision': record.revision if (0 < record.revision <= _REVISION) else _REVISION, 'version': 2 if key_type != 0 else 1, 'shared': key_type not in [0, 1], 'data': api.encrypt_aes(json.dumps(data).encode('utf-8'), record_key), } if extra: rec_object['extra'] = api.encrypt_aes( json.dumps(extra).encode('utf-8'), record_key) if udata: rec_object['udata'] = udata _RECORDS.append(rec_object) meta_data = { 'record_uid': record.record_uid, 'owner': key_type in [0, 1], 'can_share': key_type == 1, 'can_edit': key_type == 1, 'record_key_type': key_type } if key_type == 0: _RECORD_METADATA.append(meta_data) if key_type == 1: meta_data['record_key'] = utils.base64_url_encode( crypto.encrypt_aes_v1(record_key, _USER_DATA_KEY)) _RECORD_METADATA.append(meta_data) elif key_type == 2: meta_data['record_key'] = utils.base64_url_encode( crypto.encrypt_rsa(record_key, _IMPORTED_PUBLIC_KEY)) _RECORD_METADATA.append(meta_data) return record_key
def register_team(team, key_type, sfs=None): # type: (team.Team, int, dict) -> bytes team_key = api.generate_aes_key() t = { 'team_uid': team.team_uid, 'name': team.name, 'team_key_type': key_type, 'team_key': api.encrypt_aes(team_key, _USER_DATA_KEY) if key_type == 1 else api.encrypt_rsa(team_key, _IMPORTED_PUBLIC_KEY), 'team_private_key': api.encrypt_aes(_DER_PRIVATE_KEY, team_key), 'restrict_edit': team.restrict_edit, 'restrict_share': team.restrict_share, 'restrict_view': team.restrict_view, } _TEAMS.append(t) if sfs: t['shared_folder_keys'] = [{ 'shared_folder_uid': x[0], 'key_type': 1, 'shared_folder_key': api.encrypt_aes(x[1], team_key) } for x in sfs.items()] sf_uids = set() for uid in sfs: sf_uids.add(uid) for sf in _SHARED_FOLDERS: if sf['shared_folder_uid'] in sf_uids: if 'teams' not in sf: sf['teams'] = [] sf['teams'].append({ 'team_uid': team.team_uid, 'name': team.name, 'manage_records': key_type == 1, 'manage_users': key_type == 1 }) return team_key
def generate_data(): r1 = record.Record() r1.record_uid = api.generate_record_uid() r1.folder = 'Old Folder' r1.title = 'Record 1' r1.login = '******' r1.password = '******' r1.login_url = 'https://keepersecurity.com/1' r1.set_field('field1', 'value1') r1.notes = 'note1' r1.attachments = [{ 'name': 'Attachment 1', 'key': base64.urlsafe_b64encode( api.generate_aes_key()).decode('utf-8').rstrip('='), 'id': 'ABCDEFGH', 'size': 1000 }] r1.revision = 1 r1_key = register_record(r1, 1) r2 = record.Record() r2.record_uid = api.generate_record_uid() r2.title = 'Record 2' r2.login = '******' r2.password = '******' r2.login_url = 'https://keepersecurity.com/2' r2.set_field('field2', 'value2') r2.notes = 'note2' r2.revision = 2 r2_key = register_record(r2, 2) register_records_to_folder(None, [r1.record_uid, r2.record_uid]) r3 = record.Record() r3.record_uid = api.generate_record_uid() r3.title = 'Record 3' r3.login = '******' r3.password = '******' r3.login_url = 'https://keepersecurity.com/3' r3.revision = 3 r3_key = register_record(r3) sf1 = shared_folder.SharedFolder() sf1.shared_folder_uid = api.generate_record_uid() sf1.default_manage_records = False sf1.default_manage_users = False sf1.default_can_edit = False sf1.default_can_share = False sf1.name = 'Shared Folder 1' sf1_key = register_shared_folder(sf1, {r3.record_uid: r3_key}) register_records_to_folder(sf1.shared_folder_uid, [r3.record_uid]) _USER_FOLDER_SHARED_FOLDER.append( {'shared_folder_uid': sf1.shared_folder_uid}) t1 = team.Team() t1.team_uid = api.generate_record_uid() t1.name = 'Team 1' t1.restrict_edit = True t1.restrict_share = True t1.restrict_view = False register_team(t1, 1, {sf1.shared_folder_uid: sf1_key}) folder_key = api.generate_aes_key() _USER_FOLDERS.append({ 'folder_uid': api.generate_record_uid(), 'key_type': 1, 'user_folder_key': api.encrypt_aes(folder_key, _USER_DATA_KEY), 'revision': 200, 'type': 'user_folder', 'data': api.encrypt_aes( json.dumps({ 'name': 'User Folder 1' }).encode('utf-8'), folder_key) })
import json from data_vault import VaultEnvironment from keepercommander import api, crypto, utils from keepercommander.params import KeeperParams _TREE_KEY = api.generate_aes_key() _ENTERPRISE_ID = 123 _VAULT_ENV = VaultEnvironment() _USE_DATA_KEY = True _TEAM_KEY = api.generate_aes_key() _TEAM1_UID = api.generate_record_uid() _TEAM2_UID = api.generate_record_uid() _TEAM1_NAME = 'Team 1' _TEAM2_NAME = 'Team 2' _NODE1_ID = (_ENTERPRISE_ID << 32) + 2 _NODE2_ID = (_ENTERPRISE_ID << 32) + 100 _USER1_ID = (_ENTERPRISE_ID << 32) + 201 _USER2_ID = (_ENTERPRISE_ID << 32) + 202 _USER2_EMAIL = '*****@*****.**' _ROLE1_ID = (_ENTERPRISE_ID << 32) + 301 _ROLE1_NAME = 'Role 1' _LAST_ID = 1000