def __init__(self, key_directory=None): self.scr = SystemConfigReader() ssc = SystemConfigReader() database_options = ssc.get_all_values_from_section('Database') self.__dbm = DatabaseManagerMongo(**database_options) self.ssw = SystemSettingsWriter(self.__dbm) self.key_directory = key_directory or SystemConfigReader.DEFAULT_CONFIG_LOCATION + "/keys"
def update_db_version(self): # update version updater settings try: updater_settings_values = UpdaterModule.__DEFAULT_SETTINGS__ ssr = SystemSettingsReader(self.setup_database_manager) try: updater_settings_values = ssr.get_all_values_from_section( 'updater') updater_setting_instance = UpdateSettings( **updater_settings_values) except Exception: # create updater section if not exist system_setting_writer: SystemSettingsWriter = SystemSettingsWriter( self.setup_database_manager) updater_setting_instance = UpdateSettings( **updater_settings_values) system_setting_writer.write( _id='updater', data=updater_setting_instance.__dict__) # start running update files updater_setting_instance.run_updates( updater_settings_values.get('version'), ssr) except Exception as err: self.status = UpdateRoutine.UpateStatus.ERROR raise RuntimeError( f'Something went wrong during the generation of the updater module. \n Error: {err}' )
def increase_updater_version(self, value: int): ssr = SystemSettingsReader(self.database_manager) system_setting_writer: SystemSettingsWriter = SystemSettingsWriter( self.database_manager) updater_settings_values = ssr.get_all_values_from_section('updater') updater_setting_instance = UpdateSettings(**updater_settings_values) updater_setting_instance.version = value system_setting_writer.write(_id='updater', data=updater_setting_instance.__dict__)
class KeyGenerator: def __init__(self, key_directory=None): self.scr = SystemConfigReader() ssc = SystemConfigReader() database_options = ssc.get_all_values_from_section('Database') self.__dbm = DatabaseManagerMongo(**database_options) self.ssw = SystemSettingsWriter(self.__dbm) self.key_directory = key_directory or SystemConfigReader.DEFAULT_CONFIG_LOCATION + "/keys" def generate_rsa_keypair(self): from Crypto.PublicKey import RSA key = RSA.generate(2048) private_key = key.export_key() public_key = key.publickey().export_key() asymmetric_key = {'private': private_key, 'public': public_key} self.ssw.write('security', {'asymmetric_key': asymmetric_key}) def generate_symmetric_aes_key(self): from Crypto import Random self.ssw.write('security', {'symmetric_aes_key': Random.get_random_bytes(32)})
def __init__(self, database_manager): self.ssr = SystemSettingsReader(database_manager) self.ssw = SystemSettingsWriter(database_manager) self.salt = "cmdb"
class SecurityManager: DEFAULT_BLOCK_SIZE = 32 DEFAULT_ALG = 'HS512' DEFAULT_EXPIRES = int(10) def __init__(self, database_manager): self.ssr = SystemSettingsReader(database_manager) self.ssw = SystemSettingsWriter(database_manager) self.salt = "cmdb" def generate_hmac(self, data): import hashlib import hmac generated_hash = hmac.new(self.get_symmetric_aes_key(), bytes(data + self.salt, 'utf-8'), hashlib.sha256) generated_hash.hexdigest() return base64.b64encode(generated_hash.digest()).decode("utf-8") def encrypt_aes(self, raw): """ see https://stackoverflow.com/questions/12524994/encrypt-decrypt-using-pycrypto-aes-256 :param raw: unencrypted data :return: """ if type(raw) == list: import json from bson import json_util raw = json.dumps(raw, default=json_util.default) raw = SecurityManager._pad(raw).encode('UTF-8') iv = Random.new().read(AES.block_size) cipher = AES.new(self.get_symmetric_aes_key(), AES.MODE_CBC, iv) return base64.b64encode(iv + cipher.encrypt(raw)) def decrypt_aes(self, enc): enc = base64.b64decode(enc) iv = enc[:AES.block_size] cipher = AES.new(self.get_symmetric_aes_key(), AES.MODE_CBC, iv) return SecurityManager._unpad(cipher.decrypt( enc[AES.block_size:])).decode('utf-8') @staticmethod def _pad(s): return s + (SecurityManager.DEFAULT_BLOCK_SIZE - len(s) % SecurityManager.DEFAULT_BLOCK_SIZE) * \ chr(SecurityManager.DEFAULT_BLOCK_SIZE - len(s) % SecurityManager.DEFAULT_BLOCK_SIZE) @staticmethod def _unpad(s): return s[:-ord(s[len(s) - 1:])] def generate_symmetric_aes_key(self): return self.ssw.write( 'security', {'symmetric_aes_key': Random.get_random_bytes(32)}) def get_symmetric_aes_key(self): try: symmetric_key = self.ssr.get_value('symmetric_aes_key', 'security') except NoDocumentFound: self.generate_symmetric_aes_key() symmetric_key = self.ssr.get_value('symmetric_aes_key', 'security') return symmetric_key @staticmethod def encode_object_base_64(data: object): from bson.json_util import dumps return base64.b64encode(dumps(data).encode('utf-8')).decode("utf-8")
def setup(self) -> SetupStatus: LOGGER.info('SETUP ROUTINE: STARTED...') self.status = SetupRoutine.SetupStatus.RUNNING # check database if not self.__check_database(): self.status = SetupRoutine.SetupStatus.ERROR raise RuntimeError( 'The database managers could not be initialized. Perhaps the database cannot be reached, \ or the database was already initialized.') if self.__is_database_empty(): # init database try: self.__init_database() except Exception as err: self.status = SetupRoutine.SetupStatus.ERROR raise RuntimeError( f'Something went wrong during the initialization of the database. \n Error: {err}' ) # generate keys LOGGER.info('SETUP ROUTINE: Generate rsa key pair') try: self.init_keys() except Exception as err: self.status = SetupRoutine.SetupStatus.ERROR raise RuntimeError( f'Something went wrong during the generation of the rsa keypair. \n Error: {err}' ) # create user management LOGGER.info('SETUP ROUTINE: UserModel management') try: self.__create_user_management() except Exception as err: self.status = SetupRoutine.SetupStatus.ERROR raise RuntimeError( f'Something went wrong during the generation of the user management. \n Error: {err}' ) # create version updater settings try: from cmdb.updater import UpdaterModule from cmdb.updater.updater_settings import UpdateSettings from cmdb.utils.system_reader import SystemSettingsReader from cmdb.utils.system_writer import SystemSettingsWriter system_setting_writer: SystemSettingsWriter = SystemSettingsWriter( self.setup_database_manager) updater_setting_instance = UpdateSettings( **UpdaterModule.get_last_version()) system_setting_writer.write( _id='updater', data=updater_setting_instance.__dict__) except Exception as err: self.status = SetupRoutine.SetupStatus.ERROR raise RuntimeError( f'Something went wrong during the generation of the updater module. \n Error: {err}' ) self.status = SetupRoutine.SetupStatus.FINISHED LOGGER.info('SETUP ROUTINE: FINISHED!') return self.status
from cmdb.utils.system_reader import SystemSettingsReader from cmdb.utils.system_writer import SystemSettingsWriter try: from cmdb.utils.error import CMDBError except ImportError: CMDBError = Exception auth_blueprint = RootBlueprint('auth_rest', __name__, url_prefix='/auth') LOGGER = logging.getLogger(__name__) with current_app.app_context(): user_manager: UserManager = current_app.user_manager system_settings_reader: SystemSettingsReader = SystemSettingsReader( current_app.database_manager) system_setting_writer: SystemSettingsWriter = SystemSettingsWriter( current_app.database_manager) @auth_blueprint.route('/settings/', methods=['GET']) @auth_blueprint.route('/settings', methods=['GET']) @login_required @insert_request_user @right_required('base.system.view') def get_auth_settings(request_user: User): auth_module = AuthModule(system_settings_reader) return make_response(auth_module.settings) @auth_blueprint.route('/settings/', methods=['POST', 'PUT']) @auth_blueprint.route('/settings', methods=['POST', 'PUT']) @login_required