def _secureReplaceKey(self, slot, newKey):
partitionId = self._getPartitionIdForSlot(slot)
self.log.debug('SECURE replacing key in slot: {} in partition: {}'.format(slot, partitionId))
if (0 == partitionId):
oldPartitionKey = self._getMasterKey()
newPartitionKey = self._getMasterKey()
else:
oldPartitionKey = self._getKeyFromCascade(partitionId)
newPartitionKey = CryptoLib.generateRandomKey()
partition = self.getPartition(partitionId, oldPartitionKey)
localSlot = self._slotToLocalSlot(slot)
partition.setKey(localSlot, newKey)
self.storePartition(partition, newPartitionKey)
if (0 == partitionId):
# print('Replaced master key with: {}'.format(newPartitionKey))
pass
else:
self._secureReplaceKey(partitionId, newPartitionKey)
def getObject(self, name):
key = CryptoLib.digestKeyString('keeey')
c = self.si.getObject(container=self.containerName, name=name)
return DataCrypt.DataCrypt(key).decryptBytesIO(ciphertext=c)
def putObject(self, o, name):
key = CryptoLib.digestKeyString('keeey')
c = DataCrypt.DataCrypt(key).encryptBytesIO(plaintext=o)
self.si.putObject(self.containerName, name, c)
def _getMasterKey(self):
return CryptoLib.digestKeyString('MASTERKEY')
def generateKey(self, slot):
if (self.EMPTY_KEY != self.keys[slot]):
raise SystemError('requested generate key but slot is not empty')
key = CryptoLib.generateRandomKey()
self.setKey(slot, key)
return key
def getObject(self, name):
key = CryptoLib.digestKeyString('keeey')
c = self.si.getObject(container=self.containerName, name=name)
return DataCrypt.DataCrypt(key).decryptBytesIO(ciphertext=c)
def putObject(self, o, name):
key = CryptoLib.digestKeyString('keeey')
c = DataCrypt.DataCrypt(key).encryptBytesIO(plaintext=o)
self.si.putObject(self.containerName, name, c)