Sākums Izpētīt Palīdzība
Pierakstīties
mirrors
/
borg
spogulis no https://github.com/borgbackup/borg
2
0
Atdalīts 0
Faili Problēmas 0 Vikivietne
Koks: 57a79f547b
Atzari Tagi
borg
/
dedupestore
/
crypto.py

crypto.py 6.6 KB
Vēsture Neapstrādāts

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180 
  1. from getpass import getpass
    2. 

  2. import hashlib
    3. 

  3. import os
    4. 

  4. import logging
    5. 

  5. import msgpack
    6. 

  6. import zlib
    7. 

  7. 

  8. from pbkdf2 import pbkdf2
    9. 

  9. from Crypto.Cipher import AES
    10. 

  10. from Crypto.Hash import SHA256, HMAC
    11. 

  11. from Crypto.PublicKey import RSA
    12. 

  12. from Crypto.Util import Counter
    13. 

  13. from Crypto.Util.number import bytes_to_long
    14. 

  14. 

  15. from .helpers import IntegrityError
    16. 

  16. from .oaep import OAEP
    17. 

  17. 

  18. 

  19. class KeyChain(object):
    20. 

  20. 

  21.     def __init__(self, path=None):
    22. 

  22.         self.aes_id = self.rsa_read = self.rsa_create = None
    23. 

  23.         self.path = path
    24. 

  24.         if path:
    25. 

  25.             self.open(path)
    26. 

  26. 

  27.     def open(self, path):
    28. 

  28.         with open(path, 'rb') as fd:
    29. 

  29.             cdata = fd.read()
    30. 

  30.         data = self.decrypt(cdata, '')
    31. 

  31.         while not data:
    32. 

  32.             self.password = getpass('Keychain password: ')
    33. 

  33.             if not self.password:
    34. 

  34.                 raise Exception('Keychain decryption failed')
    35. 

  35.             data = self.decrypt(cdata, self.password)
    36. 

  36.             if not data:
    37. 

  37.                 logging.error('Incorrect password')
    38. 

  38.         chain = msgpack.unpackb(data)
    39. 

  39.         logging.info('Key chain "%s" opened', path)
    40. 

  40.         assert chain['version'] == 1
    41. 

  41.         self.aes_id = chain['aes_id']
    42. 

  42.         self.rsa_read = RSA.importKey(chain['rsa_read'])
    43. 

  43.         self.rsa_create = RSA.importKey(chain['rsa_create'])
    44. 

  44. 

  45.     def encrypt(self, data, password):
    46. 

  46.         salt = os.urandom(32)
    47. 

  47.         iterations = 2000
    48. 

  48.         key = pbkdf2(password, salt, 32, iterations, hashlib.sha256)
    49. 

  49.         hash = HMAC.new(key, data, SHA256).digest()
    50. 

  50.         cdata = AES.new(key, AES.MODE_CTR, counter=Counter.new(128)).encrypt(data)
    51. 

  51.         d = {
    52. 

  52.             'version': 1,
    53. 

  53.             'salt': salt,
    54. 

  54.             'iterations': iterations,
    55. 

  55.             'algorithm': 'SHA256',
    56. 

  56.             'hash': hash,
    57. 

  57.             'data': cdata,
    58. 

  58.         }
    59. 

  59.         return msgpack.packb(d)
    60. 

  60. 

  61.     def decrypt(self, data, password):
    62. 

  62.         d = msgpack.unpackb(data)
    63. 

  63.         assert d['version'] == 1
    64. 

  64.         assert d['algorithm'] == 'SHA256'
    65. 

  65.         key = pbkdf2(password, d['salt'], 32, d['iterations'], hashlib.sha256)
    66. 

  66.         data = AES.new(key, AES.MODE_CTR, counter=Counter.new(128)).decrypt(d['data'])
    67. 

  67.         if HMAC.new(key, data, SHA256).digest() != d['hash']:
    68. 

  68.             return None
    69. 

  69.         return data
    70. 

  70. 

  71.     def save(self, path, password):
    72. 

  72.         chain = {
    73. 

  73.             'version': 1,
    74. 

  74.             'aes_id': self.aes_id,
    75. 

  75.             'rsa_read': self.rsa_read.exportKey('PEM'),
    76. 

  76.             'rsa_create': self.rsa_create.exportKey('PEM'),
    77. 

  77.         }
    78. 

  78.         data = self.encrypt(msgpack.packb(chain), password)
    79. 

  79.         with open(path, 'wb') as fd:
    80. 

  80.             fd.write(data)
    81. 

  81.             logging.info('Key chain "%s" saved', path)
    82. 

  82. 

  83.     def restrict(self, path):
    84. 

  84.         if os.path.exists(path):
    85. 

  85.             logging.error('%s already exists', path)
    86. 

  86.             return 1
    87. 

  87.         self.rsa_read = self.rsa_read.publickey()
    88. 

  88.         self.save(path, self.password)
    89. 

  89.         return 0
    90. 

  90. 

  91.     def chpass(self):
    92. 

  92.         self.rsa_read = self.rsa_read.publickey()
    93. 

  93.         password, password2 = 1, 2
    94. 

  94.         while password != password2:
    95. 

  95.             password = getpass('New password: ')
    96. 

  96.             password2 = getpass('New password again: ')
    97. 

  97.             if password != password2:
    98. 

  98.                 logging.error('Passwords do not match')
    99. 

  99.         self.save(self.path, password)
    100. 

  100.         return 0
    101. 

  101. 

  102.     @staticmethod
    103. 

  103.     def generate(path):
    104. 

  104.         if os.path.exists(path):
    105. 

  105.             logging.error('%s already exists', path)
    106. 

  106.             return 1
    107. 

  107.         password, password2 = 1, 2
    108. 

  108.         while password != password2:
    109. 

  109.             password = getpass('Keychain password: ')
    110. 

  110.             password2 = getpass('Keychain password again: ')
    111. 

  111.             if password != password2:
    112. 

  112.                 logging.error('Passwords do not match')
    113. 

  113.         chain = KeyChain()
    114. 

  114.         logging.info('Generating keys')
    115. 

  115.         chain.aes_id = os.urandom(32)
    116. 

  116.         chain.rsa_read = RSA.generate(2048)
    117. 

  117.         chain.rsa_create = RSA.generate(2048)
    118. 

  118.         chain.save(path, password)
    119. 

  119.         return 0
    120. 

  120. 

  121. class CryptoManager(object):
    122. 

  122. 

  123.     CREATE = '\1'
    124. 

  124.     READ = '\2'
    125. 

  125. 

  126.     def __init__(self, keychain):
    127. 

  127.         self._key_cache = {}
    128. 

  128.         self.keychain = keychain
    129. 

  129.         self.read_key = os.urandom(32)
    130. 

  130.         self.create_key = os.urandom(32)
    131. 

  131.         self.read_encrypted = OAEP(256, hash=SHA256).encode(self.read_key, os.urandom(32))
    132. 

  132.         self.read_encrypted = keychain.rsa_read.encrypt(self.read_encrypted, '')[0]
    133. 

  133.         self.create_encrypted = OAEP(256, hash=SHA256).encode(self.create_key, os.urandom(32))
    134. 

  134.         self.create_encrypted = keychain.rsa_create.encrypt(self.create_encrypted, '')[0]
    135. 

  135. 

  136.     def id_hash(self, data):
    137. 

  137.         return HMAC.new(self.keychain.aes_id, data, SHA256).digest()
    138. 

  138. 

  139.     def encrypt_read(self, data):
    140. 

  140.         data = zlib.compress(data)
    141. 

  141.         hash = self.id_hash(data)
    142. 

  142.         counter = Counter.new(128, initial_value=bytes_to_long(hash[:16]), allow_wraparound=True)
    143. 

  143.         data = AES.new(self.read_key, AES.MODE_CTR, '', counter=counter).encrypt(data)
    144. 

  144.         return ''.join((self.READ, self.read_encrypted, hash, data)), hash
    145. 

  145. 

  146.     def encrypt_create(self, data):
    147. 

  147.         data = zlib.compress(data)
    148. 

  148.         hash = self.id_hash(data)
    149. 

  149.         counter = Counter.new(128, initial_value=bytes_to_long(hash[:16]), allow_wraparound=True)
    150. 

  150.         data = AES.new(self.create_key, AES.MODE_CTR, '', counter=counter).encrypt(data)
    151. 

  151.         return ''.join((self.CREATE, self.create_encrypted, hash, data)), hash
    152. 

  152. 

  153.     def decrypt_key(self, data, rsa_key):
    154. 

  154.         try:
    155. 

  155.             return self._key_cache[data]
    156. 

  156.         except KeyError:
    157. 

  157.             self._key_cache[data] = OAEP(256, hash=SHA256).decode(rsa_key.decrypt(data))
    158. 

  158.             return self._key_cache[data]
    159. 

  159. 

  160.     def decrypt(self, data):
    161. 

  161.         type = data[0]
    162. 

  162.         if type == self.READ:
    163. 

  163.             key = self.decrypt_key(data[1:257], self.keychain.rsa_read)
    164. 

  164.             hash = data[257:289]
    165. 

  165.             counter = Counter.new(128, initial_value=bytes_to_long(hash[:16]), allow_wraparound=True)
    166. 

  166.             data = AES.new(key, AES.MODE_CTR, counter=counter).decrypt(data[289:])
    167. 

  167.             if self.id_hash(data) != hash:
    168. 

  168.                 raise IntegrityError('decryption failed')
    169. 

  169.             return zlib.decompress(data), hash
    170. 

  170.         elif type == self.CREATE:
    171. 

  171.             key = self.decrypt_key(data[1:257], self.keychain.rsa_create)
    172. 

  172.             hash = data[257:289]
    173. 

  173.             counter = Counter.new(128, initial_value=bytes_to_long(hash[:16]), allow_wraparound=True)
    174. 

  174.             data = AES.new(key, AES.MODE_CTR, '', counter=counter).decrypt(data[289:])
    175. 

  175.             if self.id_hash(data) != hash:
    176. 

  176.                 raise IntegrityError('decryption failed')
    177. 

  177.             return zlib.decompress(data), hash
    178. 

  178.         else:
    179. 

  179.             raise Exception('Unknown pack type %d found' % ord(type))
    180. 

  180.