/usr/lib/python3/dist-packages/keyrings/alt/keyczar.py is in python3-keyrings.alt 3.0-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 | from __future__ import absolute_import
import os
import abc
try:
from keyczar import keyczar
except ImportError:
pass
from keyring.backend import Crypter
from keyring import errors
def has_keyczar():
with errors.ExceptionRaisedContext() as exc:
keyczar.__name__
return not bool(exc)
class BaseCrypter(Crypter):
"""Base Keyczar keyset encryption and decryption.
The keyset initialisation is deferred until required.
"""
@abc.abstractproperty
def keyset_location(self):
"""Location for the main keyset that may be encrypted or not"""
pass
@abc.abstractproperty
def encrypting_keyset_location(self):
"""Location for the encrypting keyset.
Use None to indicate that the main keyset is not encrypted
"""
pass
@property
def crypter(self):
"""The actual keyczar crypter"""
if not hasattr(self, '_crypter'):
# initialise the Keyczar keysets
if not self.keyset_location:
raise ValueError('No encrypted keyset location!')
reader = keyczar.readers.CreateReader(self.keyset_location)
if self.encrypting_keyset_location:
encrypting_keyczar = keyczar.Crypter.Read(
self.encrypting_keyset_location)
reader = keyczar.readers.EncryptedReader(reader,
encrypting_keyczar)
self._crypter = keyczar.Crypter(reader)
return self._crypter
def encrypt(self, value):
"""Encrypt the value.
"""
if not value:
return ''
return self.crypter.Encrypt(value)
def decrypt(self, value):
"""Decrypt the value.
"""
if not value:
return ''
return self.crypter.Decrypt(value)
class Crypter(BaseCrypter):
"""A Keyczar crypter using locations specified in the constructor
"""
def __init__(self, keyset_location, encrypting_keyset_location=None):
self._keyset_location = keyset_location
self._encrypting_keyset_location = encrypting_keyset_location
@property
def keyset_location(self):
return self._keyset_location
@property
def encrypting_keyset_location(self):
return self._encrypting_keyset_location
class EnvironCrypter(BaseCrypter):
"""A Keyczar crypter using locations specified by environment vars
"""
KEYSET_ENV_VAR = 'KEYRING_KEYCZAR_ENCRYPTED_LOCATION'
ENC_KEYSET_ENV_VAR = 'KEYRING_KEYCZAR_ENCRYPTING_LOCATION'
@property
def keyset_location(self):
val = os.environ.get(self.KEYSET_ENV_VAR)
if not val:
raise ValueError('%s environment value not set' %
self.KEYSET_ENV_VAR)
return val
@property
def encrypting_keyset_location(self):
return os.environ.get(self.ENC_KEYSET_ENV_VAR)
|