コード例 #1
0
ファイル: ec2bundleinstance.py プロジェクト: Athena88/aws-cli
def _generate_signature(params):
    # If we have a policy and a sak, create the signature.
    policy = params.get('UploadPolicy')
    sak = params.get('_SAK')
    if policy and sak:
        policy = base64.b64encode(six.b(policy)).decode('utf-8')
        new_hmac = hmac.new(sak.encode('utf-8'), digestmod=sha1)
        new_hmac.update(six.b(policy))
        ps = base64.encodestring(new_hmac.digest()).strip().decode('utf-8')
        params['UploadPolicySignature'] = ps
        del params['_SAK']
コード例 #2
0
def _generate_signature(params):
    # If we have a policy and a sak, create the signature.
    policy = params.get('UploadPolicy')
    sak = params.get('_SAK')
    if policy and sak:
        policy = base64.b64encode(six.b(policy)).decode('utf-8')
        new_hmac = hmac.new(sak.encode('utf-8'), digestmod=sha1)
        new_hmac.update(six.b(policy))
        ps = base64.encodebytes(new_hmac.digest()).strip().decode('utf-8')
        params['UploadPolicySignature'] = ps
        del params['_SAK']
コード例 #3
0
ファイル: ec2decryptpassword.py プロジェクト: lolo-pop/dast
 def _decrypt_password_data(self, parsed, **kwargs):
     """
     This handler gets called after the GetPasswordData command has been
     executed.  It is called with the and the ``parsed`` data.  It checks to
     see if a private launch key was specified on the command.  If it was,
     it tries to use that private key to decrypt the password data and
     replace it in the returned data dictionary.
     """
     if self._key_path is not None:
         logger.debug("Decrypting password data using: %s", self._key_path)
         value = parsed.get('PasswordData')
         if not value:
             return
         try:
             with open(self._key_path) as pk_file:
                 pk_contents = pk_file.read()
                 private_key = rsa.PrivateKey.load_pkcs1(six.b(pk_contents))
                 value = base64.b64decode(value)
                 value = rsa.decrypt(value, private_key)
                 logger.debug(parsed)
                 parsed['PasswordData'] = value.decode('utf-8')
                 logger.debug(parsed)
         except Exception:
             logger.debug('Unable to decrypt PasswordData', exc_info=True)
             msg = ('Unable to decrypt password data using '
                    'provided private key file.')
             raise ValueError(msg)
コード例 #4
0
ファイル: decryptpassword.py プロジェクト: Athena88/aws-cli
 def _decrypt_password_data(self, parsed, **kwargs):
     """
     This handler gets called after the GetPasswordData command has been
     executed.  It is called with the and the ``parsed`` data.  It checks to
     see if a private launch key was specified on the command.  If it was,
     it tries to use that private key to decrypt the password data and
     replace it in the returned data dictionary.
     """
     if self._key_path is not None:
         logger.debug("Decrypting password data using: %s", self._key_path)
         value = parsed.get('PasswordData')
         if not value:
             return
         try:
             with open(self._key_path) as pk_file:
                 pk_contents = pk_file.read()
                 private_key = rsa.PrivateKey.load_pkcs1(six.b(pk_contents))
                 value = base64.b64decode(value)
                 value = rsa.decrypt(value, private_key)
                 logger.debug(parsed)
                 parsed['PasswordData'] = value.decode('utf-8')
                 logger.debug(parsed)
         except Exception:
             logger.debug('Unable to decrypt PasswordData', exc_info=True)
             msg = ('Unable to decrypt password data using '
                    'provided private key file.')
             raise ValueError(msg)
コード例 #5
0
    def setUp(self):
        self.session = FakeSession({'config_file': 'myconfigfile'})
        self.subscribe = CloudTrailSubscribe(self.session)
        self.subscribe.region_name = 'us-east-1'

        self.subscribe.iam = Mock()
        self.subscribe.iam.get_user = Mock(
            return_value={'User': {
                'Arn': '::::123:456'
            }})

        self.subscribe.s3 = Mock()
        self.subscribe.s3.meta.region_name = 'us-east-1'
        policy_template = six.BytesIO(six.b(u'{"Statement": []}'))
        self.subscribe.s3.get_object = Mock(
            return_value={'Body': policy_template})
        self.subscribe.s3.head_bucket.return_value = {}

        self.subscribe.sns = Mock()
        self.subscribe.sns.meta.region_name = 'us-east-1'
        self.subscribe.sns.list_topics = Mock(
            return_value={'Topics': [{
                'TopicArn': ':test2'
            }]})
        self.subscribe.sns.create_topic = Mock(
            return_value={'TopicArn': 'foo'})
        self.subscribe.sns.get_topic_attributes = Mock(
            return_value={'Attributes': {
                'Policy': '{"Statement": []}'
            }})
コード例 #6
0
    def setUp(self):
        self.session = FakeSession({'config_file': 'myconfigfile'})
        self.subscribe = CloudTrailSubscribe(self.session)

        self.subscribe.iam = Mock()
        self.subscribe.iam.GetUser = Mock(
            return_value={'User': {
                'Arn': '::::123:456'
            }})

        self.subscribe.s3 = Mock()
        self.subscribe.s3.endpoint = Mock()
        self.subscribe.s3.endpoint.region_name = 'us-east-1'
        policy_template = six.BytesIO(six.b(u'{"Statement": []}'))
        self.subscribe.s3.GetObject = Mock(
            return_value={'Body': policy_template})
        self.subscribe.s3.ListBuckets = Mock(
            return_value={'Buckets': [{
                'Name': 'test2'
            }]})

        self.subscribe.sns = Mock()
        self.subscribe.sns.endpoint = Mock()
        self.subscribe.sns.endpoint.region_name = 'us-east-1'
        self.subscribe.sns.ListTopics = Mock(
            return_value={'Topics': [{
                'TopicArn': ':test2'
            }]})
        self.subscribe.sns.CreateTopic = Mock(return_value={'TopicArn': 'foo'})
        self.subscribe.sns.GetTopicAttributes = Mock(
            return_value={'Attributes': {
                'Policy': '{"Statement": []}'
            }})
コード例 #7
0
ファイル: test_cloudtrail.py プロジェクト: emyphan/aws-cli
    def setUp(self):
        self.session = FakeSession({'config_file': 'myconfigfile'})
        self.subscribe = CloudTrailSubscribe(self.session)

        self.subscribe.iam = Mock()
        self.subscribe.iam.GetUser = Mock(
            return_value={'User': {'Arn': '::::123:456'}})

        self.subscribe.s3 = Mock()
        self.subscribe.s3.endpoint = Mock()
        self.subscribe.s3.endpoint.region_name = 'us-east-1'
        policy_template = six.BytesIO(six.b(u'{"Statement": []}'))
        self.subscribe.s3.GetObject = Mock(
            return_value={'Body': policy_template})
        self.subscribe.s3.ListBuckets = Mock(
            return_value={'Buckets': [{'Name': 'test2'}]})

        self.subscribe.sns = Mock()
        self.subscribe.sns.endpoint = Mock()
        self.subscribe.sns.endpoint.region_name = 'us-east-1'
        self.subscribe.sns.ListTopics = Mock(
            return_value={'Topics': [{'TopicArn': ':test2'}]})
        self.subscribe.sns.CreateTopic = Mock(
            return_value={'TopicArn': 'foo'})
        self.subscribe.sns.GetTopicAttributes = Mock(
            return_value={'Attributes': {'Policy': '{"Statement": []}'}})
コード例 #8
0
 def test_policy_provided(self):
     policy = '{"notarealpolicy":true}'
     base64policy = base64.encodestring(six.b(policy)).strip().decode('utf-8')
     policy_signature = 'a5SmoLOxoM0MHpOdC25nE7KIafg='
     args = ' --instance-id i-12345678 --owner-akid AKIAIOSFODNN7EXAMPLE'
     args += ' --owner-sak wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY'
     args += ' --bucket mybucket --prefix foobar --policy %s' % policy
     args_list = (self.prefix + args).split()
     result =  {'InstanceId': 'i-12345678',
                'Storage.S3.Bucket': 'mybucket',
                'Storage.S3.Prefix': 'foobar',
                'Storage.S3.AWSAccessKeyId': 'AKIAIOSFODNN7EXAMPLE',
                'Storage.S3.UploadPolicy': base64policy,
                'Storage.S3.UploadPolicySignature': policy_signature}
     self.assert_params_for_cmd(args_list, result)
コード例 #9
0
 def test_policy_provided(self):
     policy = '{"notarealpolicy":true}'
     base64policy = base64.encodestring(
         six.b(policy)).strip().decode('utf-8')
     policy_signature = 'a5SmoLOxoM0MHpOdC25nE7KIafg='
     args = ' --instance-id i-12345678 --owner-akid AKIAIOSFODNN7EXAMPLE'
     args += ' --owner-sak wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY'
     args += ' --bucket mybucket --prefix foobar --policy %s' % policy
     args_list = (self.prefix + args).split()
     result = {
         'InstanceId': 'i-12345678',
         'Storage.S3.Bucket': 'mybucket',
         'Storage.S3.Prefix': 'foobar',
         'Storage.S3.AWSAccessKeyId': 'AKIAIOSFODNN7EXAMPLE',
         'Storage.S3.UploadPolicy': base64policy,
         'Storage.S3.UploadPolicySignature': policy_signature
     }
     self.assert_params_for_cmd(args_list, result)
コード例 #10
0
    def setUp(self):
        self.session = FakeSession({"config_file": "myconfigfile"})
        self.subscribe = cloudtrail.CloudTrailSubscribe(self.session)
        self.subscribe.region_name = "us-east-1"

        self.subscribe.iam = Mock()
        self.subscribe.iam.get_user = Mock(return_value={"User": {"Arn": "::::123:456"}})

        self.subscribe.s3 = Mock()
        self.subscribe.s3.meta.region_name = "us-east-1"
        policy_template = six.BytesIO(six.b(u'{"Statement": []}'))
        self.subscribe.s3.get_object = Mock(return_value={"Body": policy_template})
        self.subscribe.s3.head_bucket.return_value = {}

        self.subscribe.sns = Mock()
        self.subscribe.sns.meta.region_name = "us-east-1"
        self.subscribe.sns.list_topics = Mock(return_value={"Topics": [{"TopicArn": ":test2"}]})
        self.subscribe.sns.create_topic = Mock(return_value={"TopicArn": "foo"})
        self.subscribe.sns.get_topic_attributes = Mock(return_value={"Attributes": {"Policy": '{"Statement": []}'}})
コード例 #11
0
 def test_policy_provided(self):
     policy = '{"notarealpolicy":true}'
     base64policy = base64.encodestring(six.b(policy)).strip().decode("utf-8")
     policy_signature = "a5SmoLOxoM0MHpOdC25nE7KIafg="
     args = " --instance-id i-12345678 --owner-akid AKIAIOSFODNN7EXAMPLE"
     args += " --owner-sak wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
     args += " --bucket mybucket --prefix foobar --policy %s" % policy
     args_list = (self.prefix + args).split()
     result = {
         "InstanceId": "i-12345678",
         "storage": {
             "S3": {
                 "Bucket": "mybucket",
                 "Prefix": "foobar",
                 "AWSAccessKeyId": "AKIAIOSFODNN7EXAMPLE",
                 "UploadPolicy": '{"notarealpolicy":true}',
                 "UploadPolicySignature": policy_signature,
             }
         },
     }
     self.assert_params_for_cmd2(args_list, result)
コード例 #12
0
    def setUp(self):
        self.session = FakeSession({'config_file': 'myconfigfile'})
        self.subscribe = CloudTrailSubscribe(self.session)
        self.subscribe.region_name = 'us-east-1'

        self.subscribe.iam = Mock()
        self.subscribe.iam.get_user = Mock(
            return_value={'User': {'Arn': '::::123:456'}})

        self.subscribe.s3 = Mock()
        self.subscribe.s3.meta.region_name = 'us-east-1'
        policy_template = six.BytesIO(six.b(u'{"Statement": []}'))
        self.subscribe.s3.get_object = Mock(
            return_value={'Body': policy_template})
        self.subscribe.s3.head_bucket.return_value = {}

        self.subscribe.sns = Mock()
        self.subscribe.sns.meta.region_name = 'us-east-1'
        self.subscribe.sns.list_topics = Mock(
            return_value={'Topics': [{'TopicArn': ':test2'}]})
        self.subscribe.sns.create_topic = Mock(
            return_value={'TopicArn': 'foo'})
        self.subscribe.sns.get_topic_attributes = Mock(
            return_value={'Attributes': {'Policy': '{"Statement": []}'}})