def Create(loc, name, purpose, asymmetric=None): if mock is None and loc is None: # not testing raise errors.KeyczarError("Location missing") kmd = None if purpose == keyinfo.SIGN_AND_VERIFY: if asymmetric is None: kmd = keydata.KeyMetadata(name, purpose, keyinfo.HMAC_SHA1) elif asymmetric.lower() == "rsa": kmd = keydata.KeyMetadata(name, purpose, keyinfo.RSA_PRIV) else: # default to DSA kmd = keydata.KeyMetadata(name, purpose, keyinfo.DSA_PRIV) elif purpose == keyinfo.DECRYPT_AND_ENCRYPT: if asymmetric is None: kmd = keydata.KeyMetadata(name, purpose, keyinfo.AES) else: # default to RSA kmd = keydata.KeyMetadata(name, purpose, keyinfo.RSA_PRIV) else: raise errors.KeyczarError("Missing or unsupported purpose") if mock is not None: # just testing, update mock object mock.kmd = kmd else: writer = writers.CreateWriter(loc) try: writer.WriteMetadata(kmd, overwrite=False) finally: writer.Close()
def UpdateGenericKeyczar(czar, loc, encrypter=None): if mock is not None: # update key data mock.kmd = czar.metadata for v in czar.versions: mock.SetKey(v.version_number, czar.GetKey(v)) else: writer = writers.CreateWriter(loc) try: czar.Write(writer, encrypter) finally: writer.Close()
def Revoke(loc, num): czar = CreateGenericKeyczar(loc) if num < 0: raise errors.KeyczarError("Missing version") czar.Revoke(num) UpdateGenericKeyczar(czar, loc) if mock is not None: # testing, update mock mock.RemoveKey(num) else: writer = writers.CreateWriter(loc) try: writer.Remove(num) finally: writer.Close()
def Write(self, writer, encrypter=None): """ Write this key set to the specified location. @param writer: where to write the key set @type writer: Writer or file path (deprecated) @param encrypter: which encryption to use for this key set. Use None to write an unencrypted key set. @type encrypter: Encrypter """ if isinstance(writer, basestring): writer = writers.CreateWriter(writer) warnings.warn( 'Using a string as the writer is deprecated. Use writers.CreateWriter', DeprecationWarning) self.metadata.encrypted = (encrypter is not None) writer.WriteMetadata(self.metadata) for v in self.versions: writer.WriteKey(self.GetKey(v), v.version_number, encrypter)