def storeConfig(key, val, typ=None, desc=None): """ storing the config entry into the db and in the global config - external interface for storing config entries, which implies the conversion of the encrypted data to an encrypted data object :param key: name of the entry :param val: the value :param typ: -optional- the type :param desc: -optional- the description """ if not typ and key in type_definitions: typ, converter = type_definitions[key] val = converter(val) if typ and typ.lower() in ["password", "encrypted_data"]: typ = "encrypted_data" if not isinstance(val, EncryptedData): val = EncryptedData.from_unencrypted(val) if isinstance(val, EncryptedData): typ = "encrypted_data" log.debug("Changing config entry %r: New value is %r", key, val) conf = getLinotpConfig() conf.addEntry(key, val, typ, desc) return True
def storeConfig(key, val, typ=None, desc=None): """ storing the config entry into the db and in the global config - external interface for storing config entries, which implies the conversion of the encrypted data to an encrypted data object :param key: name of the entry :param val: the value :param typ: -optional- the type :param desc: -optional- the description """ if not typ and key in type_definitions: typ, converter = type_definitions[key] val = converter(val) if typ and typ.lower() in ['password', 'encrypted_data']: typ = 'encrypted_data' if not isinstance(val, EncryptedData): val = EncryptedData.from_unencrypted(val) if isinstance(val, EncryptedData): typ = 'encrypted_data' log.debug('Changing config entry %r: New value is %r', key, val) conf = getLinotpConfig() conf.addEntry(key, val, typ, desc) return True
def set_duration(lic_dict, raiseException=False): """ set the duration value in linotp config and thus in config database :param lic_dict: the license info object :param raiseException: switch to control if an exception should be thrown in case of a problem """ # if there is no expiration in the license we just can go on if not ( lic_dict.license_expiration and "days" in lic_dict.license_expiration ): return True lic_sign = lic_dict.signature days = lic_dict.license_expiration.replace("days", "").strip() try: days = int(days) except ValueError as _val: raise LicenseException( "Unable to interpret duration in license description" ) # we have a timely limited version, so we have to check if there is # already a license like this installed by comparing the signatures date_format = "%d%m%y" # get the decrypted value from the config, if there is one expiration = _get_license_duration() if expiration: # fetch config and split the signature and the expiration date signature, _sep, _date_str = expiration.rpartition(":") # here we only verify that the license signature is not the same # - we only take a slice as the stored signature will be # stored in an encrypted way and then will become too long if base64.b64encode(lic_sign)[:500] == signature: error = _("License already installed!") if raiseException: raise LicenseException(error) else: log.error(error) return False # so we calculate the expiration and store this together # with the license signature expires = datetime.datetime.now() + datetime.timedelta(days=days) expires_str = expires.strftime(date_format) # we take only some bytes as it is encrypted afterwards signature = base64.b64encode(lic_sign)[:500].decode() license_expire = "%s:%s" % (signature, expires_str) enc_license_expire = EncryptedData.from_unencrypted(license_expire) storeConfig("license_duration", enc_license_expire) log.info("Set license expiration to %s", license_expire) return True
def test_round_trip(app): orig_string = TEST_STRING with app.test_request_context(): instance = EncryptedData.from_unencrypted(orig_string) unencrypted = instance.get_unencrypted() assert orig_string == unencrypted
def encrypted_data(value): """ type converter for config entries - similar to int(bla) it will try to conveert the given value into an object of EncryptedData :return: EncyptedData object """ # anything other than string will raise an error if not isinstance(value, str) and not isinstance(value, unicode): raise Exception('Unable to encode non textual data') # if value is already encrypted we can just return if isinstance(value, EncryptedData): return value return EncryptedData.from_unencrypted(value)
def encrypted_data(value): """ type converter for config entries - similar to int(bla) it will try to conveert the given value into an object of EncryptedData :return: EncyptedData object """ # anything other than string will raise an error if not isinstance(value, str) and not isinstance(value, unicode): raise Exception('Unable to encode non textual data') # if value is already encrypted we can just return if isinstance(value, EncryptedData): return value return EncryptedData.from_unencrypted(value)