def check(self, input):
"Checks if the data is valid"
if input is None:
raise base.FormatError
sbuf = StringIO.StringIO(input)
l = luks.LuksFile()
try:
l.load_from_file(sbuf)
except:
l.close()
raise base.FormatError
l.close()
def import_data(self, input, password):
"Imports data into an entrystore"
# check password
if password is None:
raise base.PasswordError
# create a LuksFile
buffer = StringIO.StringIO(input)
luksfile = luks.LuksFile()
try:
luksfile.load_from_file(buffer)
except:
luksfile.close()
buffer.close()
raise base.FormatError
slot = luksfile.open_any_key(password)
if slot == None:
luksfile.close()
buffer.close()
raise base.PasswordError
data = luksfile.decrypt_data(0, luksfile.data_length())
# remove the pad, and decompress
padlen = struct.unpack("<I", data[-4:])[0]
data = zlib.decompress(data[0:-padlen])
if data.strip()[:5] != "<?xml":
raise base.FormatError
entrystore = RevelationXML.import_data(self, data)
return entrystore
def export_data(self, entrystore, password):
"Exports data from an entrystore"
# check and pad password
if password is None:
raise base.PasswordError
# generate and compress XML
data = RevelationXML.export_data(self, entrystore)
data = zlib.compress(data)
# data needs to be padded to 512 bytes
# We use Merkle-Damgard length padding (1 bit followed by 0 bits + size)
# http://en.wikipedia.org/wiki/Merkle-Damg%C3%A5rd_hash_function
padlen = 512 - (len(data) % 512)
if padlen < 4:
padlen = 512 + padlen
if padlen > 4:
data += "\x80" + "\x00" * (padlen - 5)
data += struct.pack("<I", padlen)
# create a new luks file in memory
buffer = StringIO.StringIO()
luksfile = luks.LuksFile()
luksfile.create(buffer, "aes", "cbc-essiv:sha256", "sha1", 16, 400)
luksfile.set_key(0, password, 5000, 400)
# encrypt the data
luksfile.encrypt_data(0, data)
buffer.seek(0)
return buffer.read()