def decrypt_secret(self, uuid, metaonly=False): '''retrieve secret from the database, decrypt and return tuple''' uuid = bytes(uuid.encode('ascii')) hasher = SHA256.new() hasher.update(uuid + uuid) uniqhash = hasher.hexdigest() # see if we can find such a secret try: result = DBSession.query(Secret).filter( Secret.uniqhash == uniqhash, Secret.expiry_time >= datetime.datetime.now(), or_( Secret.lifetime_reads > 0, Secret.lifetime_reads == -1 )).one() except NoResultFound: raise SecretExpiredException() # if we're not decrypting it, we can go ahead and consider it unviewed if metaonly: return (result, None) # excellent, decrement the views & immediately write to database if not result.flag_unlimited_reads: result.lifetime_reads -= 1 DBSession.flush() # decrypt the data in our secret, return them plaintext = self._decrypt(result, uuid) return (result, plaintext)
def decrypt_secret(self, uuid): '''retrieve secret from the database, decrypt and return tuple''' session = DBSession() hasher = SHA256.new() hasher.update(bytes('{}{}'.format(uuid, uuid), encoding='utf-8')) uniqhash = hasher.hexdigest() # see if we can find such a secret try: result = session.query(Secret).filter( Secret.uniqhash == uniqhash, Secret.expiry_time >= datetime.datetime.now(), or_( Secret.lifetime_reads > 0, Secret.lifetime_reads == -1 )).one() except NoResultFound as e: raise SecretExpiredException() # excellent, decrement the views & immediately write to database if not result.flag_unlimited_reads: result.lifetime_reads -= 1 session.update(result) session.flush() # decrypt the data in our secret, return them plaintext = _decrypt(result, uniqhash) return (result, plaintext)