def _get_encrypted_validator(self): state_persistor = StatePersistor( self._models, self._controllers, persistence_file='private_data.yml') property_name = 'encryption_key_checker' value = state_persistor.recall_info([property_name]) return value
def _was_persisted_value_encrypted(self, property_name): secure_property_name = '%s__is_secure' % property_name state_persistor = StatePersistor( self._models, self._controllers, persistence_file='private_data.yml') value = state_persistor.recall_info([secure_property_name]) if value is None: return False return value is not None
def _encrypt_validator(self, secret): state_persistor = StatePersistor( self._models, self._controllers, persistence_file='private_data.yml') property_name = 'encryption_key_checker' property_value = 'encryption_key_checker' property_value = CPSecurity.encrypt(secret, property_value) info = {property_name: property_value} state_persistor.persist_info(info)
def is_deleted(models, controllers, elem_s): state_persistor = StatePersistor( models, controllers, persistence_file='server_allocations.yml') info = state_persistor.recall_info() for k, v in six.iteritems(info): if (v['pxe-mac-addr'] != elem_s['pxe-mac-addr'] or v['pxe-ip-addr'] != elem_s['pxe-ip-addr']): continue if 'state' not in v: return False if not CPState.is_active(v['state']): return True return False return False
def _migrate_keys(self, prev_encryption_key, encryption_key): state_persistor = StatePersistor( self._models, self._controllers, persistence_file='private_data.yml') all_private_data = state_persistor.recall_info() for k, v in six.iteritems(all_private_data): if k == 'encryption_key_checker': continue if not self._was_persisted_value_encrypted(k): continue v = CPSecurity.decrypt(prev_encryption_key, v) v = CPSecurity.encrypt(encryption_key, v) info = {k: v} state_persistor.persist_info(info)
def generate_value(instructions, models, controllers, name, value, payload=None): if not isinstance(value, str): return value if value.count('%') != 2: return value sp = StatePersistor(models, controllers, 'private_data.yml') if not instructions['refresh_passwords']: ri = sp.recall_info([name]) ri_e = HlmVariable.was_persisted_value_encrypted(sp, name) if ri and not ri_e: if 'encryption_key' in instructions: key = instructions['encryption_key'] secure_value = CPSecurity.encrypt(key, ri) HlmVariable.persist_value(sp, name, secure_value, True) return ri elif ri and ri_e: return HlmVariable.decrypt_value(ri, instructions) p1 = value.find('%') + 1 p2 = value.rfind('%') variable_type = value[p1:p2] version = instructions['model_version'] version = Version.normalize(version) if float(version) > 1.0: variable_type += '-%s' % version try: namespace = 'helion.configurationprocessor.variable' mgr = driver.DriverManager( namespace=namespace, name=variable_type, invoke_on_load=True, invoke_args=(instructions, models, controllers)) except RuntimeError as e: return value value = mgr.driver.calculate(payload) if not mgr.driver.ok: msg = '@@@@ Variable %s Failed to complete for name %s:\n' % ( variable_type, name) for e in mgr.driver.errors: msg += '@@@@ \t%s\n' % e print(msg) return None if 'encryption_key' in instructions: key = instructions['encryption_key'] secure_value = CPSecurity.encrypt(key, value) is_secure_val = True else: secure_value = value is_secure_val = False HlmVariable.persist_value(sp, name, secure_value, is_secure_val) return value
def generate_value(instructions, models, controllers, name, value, payload=None): if not isinstance(value, str): return value if value.count('%') != 2: return value sp = StatePersistor(models, controllers, 'private_data.yml') if not instructions['refresh_passwords']: ri = sp.recall_info([name]) ri_e = HlmVariable.was_persisted_value_encrypted(sp, name) if ri and not ri_e: if 'encryption_key' in instructions: key = instructions['encryption_key'] secure_value = CPSecurity.encrypt(key, ri) HlmVariable.persist_value(sp, name, secure_value, True) return ri elif ri and ri_e: return HlmVariable.decrypt_value(ri, instructions) p1 = value.find('%') + 1 p2 = value.rfind('%') variable_type = value[p1:p2] version = instructions['model_version'] version = Version.normalize(version) if float(version) > 1.0: variable_type += '-%s' % version try: namespace = 'helion.configurationprocessor.variable' mgr = driver.DriverManager(namespace=namespace, name=variable_type, invoke_on_load=True, invoke_args=(instructions, models, controllers)) except RuntimeError as e: return value value = mgr.driver.calculate(payload) if not mgr.driver.ok: msg = '@@@@ Variable %s Failed to complete for name %s:\n' % ( variable_type, name) for e in mgr.driver.errors: msg += '@@@@ \t%s\n' % e print(msg) return None if 'encryption_key' in instructions: key = instructions['encryption_key'] secure_value = CPSecurity.encrypt(key, value) is_secure_val = True else: secure_value = value is_secure_val = False HlmVariable.persist_value(sp, name, secure_value, is_secure_val) return value