def format_secret(session, secret, content_type):
"""Formats `secret` to make possible to pass it to the
Secret Service API."""
if not isinstance(secret, bytes):
secret = secret.encode('utf-8')
if not session.encrypted:
return dbus.Struct(
(session.object_path, '', dbus.ByteArray(secret), content_type))
# PKCS-7 style padding
padding = 0x10 - (len(secret) & 0xf)
secret += bytes(bytearray((padding, )) * padding)
aes_iv = long_to_bytes(getrandbits(0x80))
# If shorter than 16 bytes, prepend zero bytes
aes_iv = b'\x00' * (0x10 - len(aes_iv)) + aes_iv
aes_cipher = AESCipher(session.aes_key, mode=MODE_CBC, IV=aes_iv)
return dbus.Struct(
(session.object_path, dbus.Array(aes_iv),
dbus.Array(bytearray(aes_cipher.encrypt(secret))), content_type))
def format_secret(session, secret, content_type):
"""Formats `secret` to make possible to pass it to the
Secret Service API."""
if not isinstance(secret, bytes):
secret = secret.encode('utf-8')
if not session.encrypted:
return dbus.Struct((session.object_path, '',
dbus.ByteArray(secret), content_type))
# PKCS-7 style padding
padding = 0x10 - (len(secret) & 0xf)
secret += bytes(bytearray((padding,)) * padding)
aes_iv = long_to_bytes(getrandbits(0x80))
# If shorter than 16 bytes, prepend zero bytes
aes_iv = b'\x00' * (0x10 - len(aes_iv)) + aes_iv
aes_cipher = AESCipher(session.aes_key, mode=MODE_CBC, IV=aes_iv)
return dbus.Struct((
session.object_path,
dbus.Array(aes_iv),
dbus.Array(bytearray(aes_cipher.encrypt(secret))),
content_type
))
def open_session(bus):
"""Returns a new Secret Service session."""
service_obj = bus_get_object(bus, SECRETS, SS_PATH)
service_iface = dbus.Interface(service_obj, SS_PREFIX + 'Service')
session = Session()
try:
output, result = service_iface.OpenSession(
ALGORITHM_DH,
dbus.ByteArray(long_to_bytes(session.my_public_key)),
signature='sv')
except dbus.exceptions.DBusException as e:
if e.get_dbus_name() != DBUS_NOT_SUPPORTED:
raise
output, result = service_iface.OpenSession(ALGORITHM_PLAIN,
'',
signature='sv')
session.encrypted = False
else:
session.set_server_public_key(bytes_to_long(output))
session.object_path = result
return session
def open_session(bus): """Returns a new Secret Service session.""" service_obj = bus_get_object(bus, SECRETS, SS_PATH) service_iface = dbus.Interface(service_obj, SS_PREFIX+'Service') session = Session() try: output, result = service_iface.OpenSession( ALGORITHM_DH, dbus.ByteArray(long_to_bytes(session.my_public_key)), signature='sv' ) except dbus.exceptions.DBusException as e: if e.get_dbus_name() != DBUS_NOT_SUPPORTED: raise output, result = service_iface.OpenSession( ALGORITHM_PLAIN, '', signature='sv' ) session.encrypted = False else: session.set_server_public_key(bytes_to_long(output)) session.object_path = result return session
def test_long_to_bytes(self): self.assertEqual(long_to_bytes(1), b'\x01') self.assertEqual(long_to_bytes(258), b'\x01\x02') self.assertEqual(long_to_bytes(1 << 64), b'\x01' + b'\x00' * 8)