Exemplo n.º 1
0
def load_des_keys(files, files_size):
    assert (files)
    assert (files_size > 0)

    # Create and initialize keys manager, we use a simple list based
    # keys manager, implement your own KeysStore klass if you need
    # something more sophisticated
    mngr = xmlsec.KeysMngr()
    if mngr is None:
        print "Error: failed to create keys manager."
        return None
    if xmlsec.cryptoAppDefaultKeysMngrInit(mngr) < 0:
        print "Error: failed to initialize keys manager."
        mngr.destroy()
        return None
    for file in files:
        if not check_filename(file):
            mngr.destroy()
            return None
        # Load DES key
        key = xmlsec.keyReadBinaryFile(xmlsec.keyDataDesId(), file)
        if key is None:
            print "Error: failed to load des key from binary file \"%s\"" % file
            mngr.destroy()
            return None
        # Add key to keys manager, from now on keys manager is responsible
# for destroying key
        if xmlsec.cryptoAppDefaultKeysMngrAdoptKey(mngr, key) < 0:
            print "Error: failed to add key from \"%s\" to keys manager" % file
            key.destroy()
            mngr.destroy()
            return None
    return mngr
Exemplo n.º 2
0
def load_des_keys(files, files_size):
    assert(files)
    assert(files_size > 0)

    # Create and initialize keys manager, we use a simple list based
    # keys manager, implement your own KeysStore klass if you need
    # something more sophisticated
    mngr = xmlsec.KeysMngr()
    if mngr is None:
        print "Error: failed to create keys manager."
        return None
    if xmlsec.cryptoAppDefaultKeysMngrInit(mngr) < 0:
        print "Error: failed to initialize keys manager."
        mngr.destroy()
        return None
    for file in files:
        if not check_filename(file):
            mngr.destroy()
            return None
        # Load DES key
        key = xmlsec.keyReadBinaryFile(xmlsec.keyDataDesId(), file)
        if key is None:
    	    print "Error: failed to load des key from binary file \"%s\"" % file
	    mngr.destroy()
            return None
        # Add key to keys manager, from now on keys manager is responsible
	# for destroying key
        if xmlsec.cryptoAppDefaultKeysMngrAdoptKey(mngr, key) < 0:
    	    print "Error: failed to add key from \"%s\" to keys manager" % file
            key.destroy()
	    mngr.destroy()
            return None
    return mngr
Exemplo n.º 3
0
def decrypt_file(enc_file, key_file):
    assert(enc_file)
    assert(key_file)

    # Load template
    doc = libxml2.parseFile(enc_file)
    if doc is None or doc.getRootElement() is None:
	print "Error: unable to parse file \"%s\"" % enc_file
        return cleanup(doc)
    
    # Find start node
    node = xmlsec.findNode(doc.getRootElement(), xmlsec.NodeEncryptedData,
                           xmlsec.EncNs)
    if node is None:
	print "Error: start node not found in \"%s\"" % tmpl_file
        return cleanup(doc)

    # Create encryption context, we don't need keys manager in this example
    enc_ctx = xmlsec.EncCtx(None)
    if enc_ctx is None:
        print "Error: failed to create encryption context"
        return cleanup(doc)
        
    # Load DES key
    key = xmlsec.keyReadBinaryFile(xmlsec.keyDataDesId(), key_file)
    if key is None:
        print "Error failed to load DES key from binary file \"%s\"" % key_file
        return cleanup(doc, enc_ctx)

    # Set key name to the file name, this is just an example!
    if key.setName(key_file) < 0:
        print "Error: failed to set key name for key from \"%s\"" % key_file
        return cleanup(doc, enc_ctx)

    enc_ctx.encKey = key

    # Decrypt the data
    if enc_ctx.decrypt(node) < 0 or enc_ctx.result is None:
        print "Error: decryption failed"
        return cleanup(doc, enc_ctx)

    # Print decrypted data to stdout
    if enc_ctx.resultReplaced != 0:
        print "Decrypted XML data:"
        doc.dump("-")
    else:
        print "Decrypted binary data (%d bytes):" % enc_ctx.result.getSize()
        print enc_ctx.result.getData()

    # Success
    return cleanup(doc, enc_ctx, 1)
Exemplo n.º 4
0
def decrypt_file(enc_file, key_file):
    assert (enc_file)
    assert (key_file)

    # Load template
    doc = libxml2.parseFile(enc_file)
    if doc is None or doc.getRootElement() is None:
        print "Error: unable to parse file \"%s\"" % enc_file
        return cleanup(doc)

    # Find start node
    node = xmlsec.findNode(doc.getRootElement(), xmlsec.NodeEncryptedData,
                           xmlsec.EncNs)
    if node is None:
        print "Error: start node not found in \"%s\"" % tmpl_file
        return cleanup(doc)

    # Create encryption context, we don't need keys manager in this example
    enc_ctx = xmlsec.EncCtx(None)
    if enc_ctx is None:
        print "Error: failed to create encryption context"
        return cleanup(doc)

    # Load DES key
    key = xmlsec.keyReadBinaryFile(xmlsec.keyDataDesId(), key_file)
    if key is None:
        print "Error failed to load DES key from binary file \"%s\"" % key_file
        return cleanup(doc, enc_ctx)

    # Set key name to the file name, this is just an example!
    if key.setName(key_file) < 0:
        print "Error: failed to set key name for key from \"%s\"" % key_file
        return cleanup(doc, enc_ctx)

    enc_ctx.encKey = key

    # Decrypt the data
    if enc_ctx.decrypt(node) < 0 or enc_ctx.result is None:
        print "Error: decryption failed"
        return cleanup(doc, enc_ctx)

    # Print decrypted data to stdout
    if enc_ctx.resultReplaced != 0:
        print "Decrypted XML data:"
        doc.dump("-")
    else:
        print "Decrypted binary data (%d bytes):" % enc_ctx.result.getSize()
        print enc_ctx.result.getData()

    # Success
    return cleanup(doc, enc_ctx, 1)
Exemplo n.º 5
0
def encrypt_file(tmpl_file, key_file, data, dataSize):
    assert(tmpl_file)
    assert(key_file)
    assert(data)

    # Load template
    doc = libxml2.parseFile(tmpl_file)
    if doc is None or doc.getRootElement() is None:
	print "Error: unable to parse file \"%s\"" % tmpl_file
        return cleanup(doc)
    
    # Find start node
    node = xmlsec.findNode(doc.getRootElement(), xmlsec.NodeEncryptedData,
                           xmlsec.EncNs)
    if node is None:
	print "Error: start node not found in \"%s\"" % tmpl_file
        return cleanup(doc)

    # Create encryption context, we don't need keys manager in this example
    enc_ctx = xmlsec.EncCtx(None)
    if enc_ctx is None:
        print "Error: failed to create encryption context"
        return cleanup(doc)
        
    # Load DES key, assuming that there is not password
    key = xmlsec.keyReadBinaryFile(xmlsec.keyDataDesId(), key_file)
    if key is None:
        print "Error failed to load DES key from binary file \"%s\"" % key_file
        return cleanup(doc, enc_ctx)

    # Set key name to the file name, this is just an example!
    if key.setName(key_file) < 0:
        print "Error: failed to set key name for key from \"%s\"" % key_file
        return cleanup(doc, enc_ctx)

    enc_ctx.encKey = key

    # Encrypt the data
    if enc_ctx.binaryEncrypt(node, data, dataSize) < 0:
        print "Error: encryption failed"
        return cleanup(doc, enc_ctx)

    doc.dump("-")

    # Success
    return cleanup(doc, enc_ctx, 1)
Exemplo n.º 6
0
def encrypt_file(xml_file, key_file):
    assert(xml_file)
    assert(key_file)

    # Load template
    if not check_filename(xml_file):
        return -1
    doc = libxml2.parseFile(xml_file)
    if doc is None or doc.getRootElement() is None:
	print "Error: unable to parse file \"%s\"" % xml_file
        return cleanup(doc)

    # Create encryption template to encrypt XML file and replace 
    # its content with encryption result
    enc_data_node = xmlsec.TmplEncData(doc, xmlsec.transformDes3CbcId(),
                                       None, xmlsec.TypeEncElement, None, None)
    if enc_data_node is None:
	print "Error: failed to create encryption template"
        cleanup(doc)

    # We want to put encrypted data in the <enc:CipherValue/> node
    if enc_data_node.ensureCipherValue() is None:
	print "Error: failed to add CipherValue node"
        cleanup(doc, enc_data_node)

    # add <dsig:KeyInfo/> and <dsig:KeyName/> nodes to put key name in the
    # signed document
    key_info_node = enc_data_node.ensureKeyInfo(None)
    if key_info_node is None:
	print "Error: failed to add key info"
        cleanup(doc, enc_data_node)

    if key_info_node.addKeyName(None) is None:
	print "Error: failed to add key name"
        cleanup(doc, enc_data_node)

    # Create encryption context, we don't need keys manager in this example
    enc_ctx = xmlsec.EncCtx(None)
    if enc_ctx is None:
        print "Error: failed to create encryption context"
        cleanup(doc, enc_data_node)

    # Load DES key, assuming that there is not password
    if not check_filename(key_file):
        cleanup(doc, enc_data_node, enc_ctx)
    key = xmlsec.keyReadBinaryFile(xmlsec.keyDataDesId(), key_file)
    if key is None:
        print "Error failed to load DES key from binary file \"%s\"" % key_file
        return cleanup(doc, enc_data_node, enc_ctx)

    # Set key name to the file name, this is just an example!
    if key.setName(key_file) < 0:
        print "Error: failed to set key name for key from \"%s\"" % key_file
        return cleanup(doc, enc_data_node, enc_ctx)

    enc_ctx.encKey = key

    # Encrypt the data
    if enc_ctx.xmlEncrypt(enc_data_node, doc.getRootElement()) < 0:
        print "Error: encryption failed"
        return cleanup(doc, enc_data_node, enc_ctx)

    doc.dump("-")

    # Success
    return cleanup(doc, None, enc_ctx, 1)
Exemplo n.º 7
0
def encrypt_file(xml_file, key_file):
    assert (xml_file)
    assert (key_file)

    # Load template
    if not check_filename(xml_file):
        return -1
    doc = libxml2.parseFile(xml_file)
    if doc is None or doc.getRootElement() is None:
        print "Error: unable to parse file \"%s\"" % xml_file
        return cleanup(doc)

    # Create encryption template to encrypt XML file and replace
    # its content with encryption result
    enc_data_node = xmlsec.TmplEncData(doc, xmlsec.transformDes3CbcId(), None,
                                       xmlsec.TypeEncElement, None, None)
    if enc_data_node is None:
        print "Error: failed to create encryption template"
        cleanup(doc)

    # We want to put encrypted data in the <enc:CipherValue/> node
    if enc_data_node.ensureCipherValue() is None:
        print "Error: failed to add CipherValue node"
        cleanup(doc, enc_data_node)

    # add <dsig:KeyInfo/> and <dsig:KeyName/> nodes to put key name in the
    # signed document
    key_info_node = enc_data_node.ensureKeyInfo(None)
    if key_info_node is None:
        print "Error: failed to add key info"
        cleanup(doc, enc_data_node)

    if key_info_node.addKeyName(None) is None:
        print "Error: failed to add key name"
        cleanup(doc, enc_data_node)

    # Create encryption context, we don't need keys manager in this example
    enc_ctx = xmlsec.EncCtx(None)
    if enc_ctx is None:
        print "Error: failed to create encryption context"
        cleanup(doc, enc_data_node)

    # Load DES key, assuming that there is not password
    if not check_filename(key_file):
        cleanup(doc, enc_data_node, enc_ctx)
    key = xmlsec.keyReadBinaryFile(xmlsec.keyDataDesId(), key_file)
    if key is None:
        print "Error failed to load DES key from binary file \"%s\"" % key_file
        return cleanup(doc, enc_data_node, enc_ctx)

    # Set key name to the file name, this is just an example!
    if key.setName(key_file) < 0:
        print "Error: failed to set key name for key from \"%s\"" % key_file
        return cleanup(doc, enc_data_node, enc_ctx)

    enc_ctx.encKey = key

    # Encrypt the data
    if enc_ctx.xmlEncrypt(enc_data_node, doc.getRootElement()) < 0:
        print "Error: encryption failed"
        return cleanup(doc, enc_data_node, enc_ctx)

    doc.dump("-")

    # Success
    return cleanup(doc, None, enc_ctx, 1)
Exemplo n.º 8
0
def encrypt_file(mngr, xml_file, key_name):
    assert(mngr)
    assert(xml_file)
    assert(key_name)

    # Load template
    if not check_filename(xml_file):
        return -1
    doc = libxml2.parseFile(xml_file)
    if doc is None or doc.getRootElement() is None:
	print "Error: unable to parse file \"%s\"" % xml_file
        return cleanup(doc)

    # Create encryption template to encrypt XML file and replace 
    # its content with encryption result
    enc_data_node = xmlsec.TmplEncData(doc, xmlsec.transformDes3CbcId(),
                                       None, xmlsec.TypeEncElement, None, None)
    if enc_data_node is None:
	print "Error: failed to create encryption template"
        cleanup(doc)

    # We want to put encrypted data in the <enc:CipherValue/> node
    if enc_data_node.ensureCipherValue() is None:
	print "Error: failed to add CipherValue node"
        cleanup(doc, enc_data_node)

    # add <dsig:KeyInfo/>
    key_info_node = enc_data_node.ensureKeyInfo(None)
    if key_info_node is None:
	print "Error: failed to add key info"
        cleanup(doc, enc_data_node)

    # Add <enc:EncryptedKey/> to store the encrypted session key
    enc_key_node = key_info_node.addEncryptedKey(xmlsec.transformRsaOaepId(), 
                                               None, None, None)
    if enc_key_node is None:
	print "Error: failed to add key info"
        cleanup(doc, enc_data_node)

    # We want to put encrypted key in the <enc:CipherValue/> node
    if enc_key_node.ensureCipherValue() is None:
	print "Error: failed to add CipherValue node"
        cleanup(doc, enc_data_node)

    # Add <dsig:KeyInfo/> and <dsig:KeyName/> nodes to <enc:EncryptedKey/>
    key_info_node2 = enc_key_node.ensureKeyInfo(None)
    if key_info_node2 is None:
	print "Error: failed to add key info"
        cleanup(doc, enc_data_node)
    
    # Set key name so we can lookup key when needed
    if key_info_node2.addKeyName(key_name) is None:
	print "Error: failed to add key name"
        cleanup(doc, enc_data_node)

    # Create encryption context
    enc_ctx = xmlsec.EncCtx(mngr)
    if enc_ctx is None:
        print "Error: failed to create encryption context"
        cleanup(doc, enc_data_node)

    # Generate a Triple DES key
    key = xmlsec.keyGenerate(xmlsec.keyDataDesId(), 192,
                             xmlsec.KeyDataTypeSession)
    if key is None:
        print "Error: failed to generate session DES key"
        cleanup(doc, enc_data_node)

    enc_ctx.encKey = key

    # Encrypt the data
    if enc_ctx.xmlEncrypt(enc_data_node, doc.getRootElement()) < 0:
        print "Error: encryption failed"
        return cleanup(doc, enc_data_node, enc_ctx)

    doc.dump("-")

    # Success
    return cleanup(doc, None, enc_ctx, 1)
Exemplo n.º 9
0
def encrypt_file(mngr, xml_file, key_name):
    assert (mngr)
    assert (xml_file)
    assert (key_name)

    # Load template
    if not check_filename(xml_file):
        return -1
    doc = libxml2.parseFile(xml_file)
    if doc is None or doc.getRootElement() is None:
        print "Error: unable to parse file \"%s\"" % xml_file
        return cleanup(doc)

    # Create encryption template to encrypt XML file and replace
    # its content with encryption result
    enc_data_node = xmlsec.TmplEncData(doc, xmlsec.transformDes3CbcId(), None,
                                       xmlsec.TypeEncElement, None, None)
    if enc_data_node is None:
        print "Error: failed to create encryption template"
        cleanup(doc)

    # We want to put encrypted data in the <enc:CipherValue/> node
    if enc_data_node.ensureCipherValue() is None:
        print "Error: failed to add CipherValue node"
        cleanup(doc, enc_data_node)

    # add <dsig:KeyInfo/>
    key_info_node = enc_data_node.ensureKeyInfo(None)
    if key_info_node is None:
        print "Error: failed to add key info"
        cleanup(doc, enc_data_node)

    # Add <enc:EncryptedKey/> to store the encrypted session key
    enc_key_node = key_info_node.addEncryptedKey(xmlsec.transformRsaOaepId(),
                                                 None, None, None)
    if enc_key_node is None:
        print "Error: failed to add key info"
        cleanup(doc, enc_data_node)

    # We want to put encrypted key in the <enc:CipherValue/> node
    if enc_key_node.ensureCipherValue() is None:
        print "Error: failed to add CipherValue node"
        cleanup(doc, enc_data_node)

    # Add <dsig:KeyInfo/> and <dsig:KeyName/> nodes to <enc:EncryptedKey/>
    key_info_node2 = enc_key_node.ensureKeyInfo(None)
    if key_info_node2 is None:
        print "Error: failed to add key info"
        cleanup(doc, enc_data_node)

    # Set key name so we can lookup key when needed
    if key_info_node2.addKeyName(key_name) is None:
        print "Error: failed to add key name"
        cleanup(doc, enc_data_node)

    # Create encryption context
    enc_ctx = xmlsec.EncCtx(mngr)
    if enc_ctx is None:
        print "Error: failed to create encryption context"
        cleanup(doc, enc_data_node)

    # Generate a Triple DES key
    key = xmlsec.keyGenerate(xmlsec.keyDataDesId(), 192,
                             xmlsec.KeyDataTypeSession)
    if key is None:
        print "Error: failed to generate session DES key"
        cleanup(doc, enc_data_node)

    enc_ctx.encKey = key

    # Encrypt the data
    if enc_ctx.xmlEncrypt(enc_data_node, doc.getRootElement()) < 0:
        print "Error: encryption failed"
        return cleanup(doc, enc_data_node, enc_ctx)

    doc.dump("-")

    # Success
    return cleanup(doc, None, enc_ctx, 1)