def get_encryption_cipher(self):
"""
Return the cipher to encrypt an decrypt.
If the secret key doesn't exist, it will be generated.
"""
if not self._cipher:
if not self._encryption_key:
self._encryption_key = credential_utils.CredentialHelper.get_secret_key('%s/%s'
% (self._info_dir, self.ENCRYPTION_KEY_FILENAME))
#create blowfish cipher if data needs to be encrypted
self._cipher = blowfish.Blowfish(self._encryption_key)
return self._cipher
def store_passwd(cls, email, passwd):
"""
Encrypt and store gmail password
"""
passwd_file = '%s/%s.passwd' % (gmvault_utils.get_home_dir_path(), email)
fdesc = os.open(passwd_file, os.O_CREAT|os.O_WRONLY, 0600)
cipher = blowfish.Blowfish(cls.get_secret_key(cls.SECRET_FILEPATH % (gmvault_utils.get_home_dir_path())))
cipher.initCTR()
encrypted = cipher.encryptCTR(passwd)
the_bytes = os.write(fdesc, encrypted)
os.close(fdesc)
if the_bytes < len(encrypted):
raise Exception("Error: Cannot write password in %s" % (passwd_file))
def read_password(cls, email):
"""
Read password credentials
Look by default to ~/.gmvault
Look for file ~/.gmvault/email.passwd
"""
gmv_dir = gmvault_utils.get_home_dir_path()
#look for email.passwed in GMV_DIR
user_passwd_file_path = "%s/%s.passwd" % (gmv_dir, email)
password = None
if os.path.exists(user_passwd_file_path):
with open(user_passwd_file_path) as f:
password = f.read()
cipher = blowfish.Blowfish(cls.get_secret_key(cls.SECRET_FILEPATH % (gmvault_utils.get_home_dir_path())))
cipher.initCTR()
password = cipher.decryptCTR(password)
return password
