Exemplo n.º 1
0
 def generate_recovery_key(prv_key):
     rec_key = _GCE.generate_key()
     pub_key = PrivateKey(prv_key,
                          Base64Encoder).public_key.encode(Base64Encoder)
     bkp_key = _GCE.symmetric_encrypt(rec_key, prv_key)
     rec_key = _GCE.asymmetric_encrypt(pub_key, rec_key)
     return Base64Encoder.encode(bkp_key), Base64Encoder.encode(rec_key)
Exemplo n.º 2
0
    def handle(self, *args, **options):
        """Handle the command"""
        private_key = PrivateKey.generate()
        public_key = private_key.public_key

        self.stdout.write('--------------------------------------------------------------')
        self.stdout.write('Private Key Base64 Encoded:')
        self.stdout.write(Base64Encoder.encode(bytes(private_key)).decode("utf-8"))
        self.stdout.write('--------------------------------------------------------------')
        self.stdout.write('Public Key Base64 Encoded:')
        self.stdout.write(Base64Encoder.encode(bytes(public_key)).decode("utf-8"))
        self.stdout.write('--------------------------------------------------------------')
    def handle(self, *args, **options):
        """Handle the command"""
        private_key = PrivateKey.generate()
        public_key = private_key.public_key

        self.stdout.write(
            '--------------------------------------------------------------')
        self.stdout.write('Private Key Base64 Encoded:')
        self.stdout.write(
            Base64Encoder.encode(bytes(private_key)).decode("utf-8"))
        self.stdout.write(
            '--------------------------------------------------------------')
        self.stdout.write('Public Key Base64 Encoded:')
        self.stdout.write(
            Base64Encoder.encode(bytes(public_key)).decode("utf-8"))
        self.stdout.write(
            '--------------------------------------------------------------')
Exemplo n.º 4
0
def set_user_password(tid, user, password, cc):
    # Regenerate the password hash only if different from the best choice on the platform
    if user.hash_alg != 'ARGON2':
        user.hash_alg = 'ARGON2'
        user.salt = GCE.generate_salt()

    password_hash = GCE.hash_password(password, user.salt)

    # Check that the new password is different form the current password
    if user.password == password_hash:
        raise errors.PasswordReuseError

    user.password = password_hash
    user.password_change_date = datetime_now()

    State.log(tid=tid,
              type='change_password',
              user_id=user.id,
              object_id=user.id)

    if not State.tenant_cache[tid].encryption and cc == '':
        return None

    enc_key = GCE.derive_key(password.encode(), user.salt)
    if not cc:
        # The first password change triggers the generation
        # of the user encryption private key and its backup
        cc, user.crypto_pub_key = GCE.generate_keypair()
        user.crypto_bkp_key, user.crypto_rec_key = GCE.generate_recovery_key(
            cc)

    user.crypto_prv_key = Base64Encoder.encode(
        GCE.symmetric_encrypt(enc_key, cc))

    if State.tenant_cache[1].crypto_escrow_pub_key:
        user.crypto_escrow_bkp1_key = Base64Encoder.encode(
            GCE.asymmetric_encrypt(State.tenant_cache[1].crypto_escrow_pub_key,
                                   cc))

    if State.tenant_cache[tid].crypto_escrow_pub_key:
        user.crypto_escrow_bkp2_key = Base64Encoder.encode(
            GCE.asymmetric_encrypt(
                State.tenant_cache[tid].crypto_escrow_pub_key, cc))

    return cc
Exemplo n.º 5
0
def invalid_settings():
    """
    Fixture that runs a test against a set of invalid configurations
    """
    settings = copy.copy(DEFAULT_SETTINGS)
    settings.update({
        'EXAMS_AUDIT_NACL_PUBLIC_KEY': Base64Encoder.encode('bad'),
    })

    with override_settings(**settings):
        yield settings
Exemplo n.º 6
0
def invalid_settings():
    """
    Fixture that runs a test against a set of invalid configurations
    """
    settings = copy.copy(DEFAULT_SETTINGS)
    settings.update({
        'EXAMS_AUDIT_NACL_PUBLIC_KEY': Base64Encoder.encode('bad'),
    })

    with override_settings(**settings):
        yield settings
Exemplo n.º 7
0
def valid_settings(private_key):
    """
    Fixture that provides valid (passes checks in configure()) configuration
    """
    settings = copy.copy(DEFAULT_SETTINGS)
    settings.update({
        'EXAMS_AUDIT_NACL_PUBLIC_KEY': Base64Encoder.encode(bytes(private_key.public_key)),
    })

    with override_settings(**settings):
        yield DEFAULT_SETTINGS
Exemplo n.º 8
0
def valid_settings(private_key):
    """
    Fixture that provides valid (passes checks in configure()) configuration
    """
    settings = copy.copy(DEFAULT_SETTINGS)
    settings.update({
        'EXAMS_AUDIT_NACL_PUBLIC_KEY':
        Base64Encoder.encode(bytes(private_key.public_key)),
    })

    with override_settings(**settings):
        yield DEFAULT_SETTINGS
Exemplo n.º 9
0
def get_auth(user_id, name, secret, nonce, method, uri, body=None):
    if body is not None:
        if not isinstance(body, str):
            try:
                body = json.dumps(body, separators=(',', ':'))
            except ValueError as e:
                logger.exception(
                    'invalid body. json or string are valid body type')
    request_string = '{"method":"' + method + '","uri":"' + uri + ('",' if (
        body is None) else '","body":' + body + ',') + '"nonce":' + nonce + '}'
    logger.debug("message %s", request_string)
    raw_signed = crypto_sign(request_string.encode(), bytes.fromhex(secret))
    signature = Base64Encoder.encode(raw_signed[:crypto_sign_BYTES])
    return 'SIGN ' + user_id + "." + name + ':' + signature.decode()
Exemplo n.º 10
0
def get_cybersource_test_settings(private_key=None):
    """
    Generates a valid set of settings for CyberSource
    """
    if private_key is None:
        private_key = PrivateKey.generate()

    return {
        "CYBERSOURCE_WSDL_URL":
        (f"http://localhost/service/CyberSourceTransaction_{SERVICE_VERSION}.wsdl"
         ),
        "CYBERSOURCE_MERCHANT_ID":
        "merchant_id",
        "CYBERSOURCE_TRANSACTION_KEY":
        "transaction_key",
        "CYBERSOURCE_INQUIRY_LOG_NACL_ENCRYPTION_KEY":
        Base64Encoder.encode(bytes(private_key.public_key)),
    }
Exemplo n.º 11
0
################################################################################
# BEGIN MOCKS NECESSARY FOR DETERMINISTIC ENCRYPTION
VALID_PASSWORD1 = 'ACollectionOfDiplomaticHistorySince_1966_ToThe_Pr esentDay#'
VALID_PASSWORD2 = VALID_PASSWORD1
VALID_SALT1 = GCE.generate_salt()
VALID_SALT2 = GCE.generate_salt()
VALID_HASH1 = GCE.hash_password(VALID_PASSWORD1, VALID_SALT1)
VALID_HASH2 = GCE.hash_password(VALID_PASSWORD2, VALID_SALT2)
VALID_BASE64_IMG = 'iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVQYV2NgYAAAAAMAAWgmWQ0AAAAASUVORK5CYII='
INVALID_PASSWORD = '******'

KEY = GCE.generate_key()
USER_KEY = GCE.derive_key(VALID_PASSWORD1, VALID_SALT1)
USER_PRV_KEY, USER_PUB_KEY = GCE.generate_keypair()
USER_PRV_KEY_ENC = Base64Encoder.encode(
    GCE.symmetric_encrypt(USER_KEY, USER_PRV_KEY))
USER_BKP_KEY, USER_REC_KEY = GCE.generate_recovery_key(USER_PRV_KEY)
USER_REC_KEY_PLAIN = GCE.asymmetric_decrypt(USER_PRV_KEY,
                                            Base64Encoder.decode(USER_REC_KEY))
USER_REC_KEY_PLAIN = Base32Encoder.encode(USER_REC_KEY_PLAIN).replace(
    b'=', b'').decode('utf-8')
GCE_orig_generate_key = GCE.generate_key
GCE_orig_generate_keypair = GCE.generate_keypair


def mock_nullfunction(*args, **kwargs):
    return


def mock_GCE_generate_key():
    return KEY
Exemplo n.º 12
0
 def _base64(self, data: bytes):
     return Base64Encoder.encode(data).decode('ASCII')
Exemplo n.º 13
0
 def challenge(self):
     return Base64Encoder.encode(self.nonce())
Exemplo n.º 14
0
message = 'abcdefg1234'
encoding = 'utf-8'

print('-' * 100)
print('KEY and MESSAGE')
print('-' * 100)
print('PRIKEY:', prikey)
print('PRIKEY(BASE64):', prikey.encode(Base64Encoder).decode(encoding))
print('PUBKEY:', pubkey)
print('PUBKEY(BASE64):', pubkey.encode(Base64Encoder).decode(encoding))
print('MESSAGE:', message)

print('-' * 100)
print('ENCRYPT with public key')
print('-' * 100)

box = SealedBox(pubkey)
encrypted = box.encrypt(message.encode(encoding=encoding))
print('ENCRYPTED MESSAGE:', encrypted)
print('ENCRYPTED MESSAGE(BASE64):',
      Base64Encoder.encode(encrypted).decode(encoding))

print('-' * 100)
print('DECRYPT with private key')
print('-' * 100)

box = SealedBox(prikey)
decrypted = box.decrypt(encrypted).decode(encoding=encoding)
print('DECRYPTED MESSAGE:', decrypted)
Exemplo n.º 15
0
def b2a(b):
    return Base64Encoder.encode(b)
def write_file(file_name, data, base64=False):
    if base64:
        data = Base64Encoder.encode(data).decode('ascii')
    f = open(file_name, 'w')
    f.write(data)
    f.close()
Exemplo n.º 17
0
def b2a(b):
    return Base64Encoder.encode(b)