Mercurial Repositories > eric / file comparison
comparison: Utilities/crypto/__init__.py
Utilities/crypto/__init__.py
- changeset 1682
- 0eefcc28fa74
- parent 1680
- 28e57079dab5
- child 2227
- b7aceb255831
equal
deleted
inserted
replaced
| 1681:34c774fb57b5 | 1682:0eefcc28fa74 |
|---|---|
| 241 MasterPassword = None | 241 MasterPassword = None |
| 242 else: | 242 else: |
| 243 MasterPassword = pwEncode(newPassword) | 243 MasterPassword = pwEncode(newPassword) |
| 244 | 244 |
| 245 | 245 |
| 246 def dataEncrypt(data, password): | 246 def dataEncrypt(data, password, keyLength=32, hashIterations=10000): |
| 247 """ | 247 """ |
| 248 Module function to encrypt a password. | 248 Module function to encrypt a password. |
| 249 | 249 |
| 250 @param data data to encrypt (bytes) | 250 @param data data to encrypt (bytes) |
| 251 @param password password to be used for encryption (string) | 251 @param password password to be used for encryption (string) |
| 252 @keyparam keyLength length of the key to be generated for encryption (16, 24 or 32) | |
| 253 @keyparam hashIterations number of hashes to be applied to the password for | |
| 254 generating the encryption key (integer) | |
| 252 @return encrypted data (bytes) and flag indicating | 255 @return encrypted data (bytes) and flag indicating |
| 253 success (boolean) | 256 success (boolean) |
| 254 """ | 257 """ |
| 255 digestname, iterations, salt, hash = hashPasswordTuple(password) | 258 digestname, iterations, salt, hash = \ |
| 256 key = hash[:32] | 259 hashPasswordTuple(password, iterations=hashIterations) |
| 260 key = hash[:keyLength] | |
| 257 try: | 261 try: |
| 258 cipher = encryptData(key, data) | 262 cipher = encryptData(key, data) |
| 259 except ValueError: | 263 except ValueError: |
| 260 return b"", False | 264 return b"", False |
| 261 return CryptoMarker.encode() + Delimiter.encode().join([ | 265 return CryptoMarker.encode() + Delimiter.encode().join([ |
| 264 base64.b64encode(salt), | 268 base64.b64encode(salt), |
| 265 base64.b64encode(cipher) | 269 base64.b64encode(cipher) |
| 266 ]), True | 270 ]), True |
| 267 | 271 |
| 268 | 272 |
| 269 def dataDecrypt(edata, password): | 273 def dataDecrypt(edata, password, keyLength=32): |
| 270 """ | 274 """ |
| 271 Module function to decrypt a password. | 275 Module function to decrypt a password. |
| 272 | 276 |
| 273 @param edata hashed data to decrypt (string) | 277 @param edata hashed data to decrypt (string) |
| 274 @param password password to be used for decryption (string) | 278 @param password password to be used for decryption (string) |
| 279 @keyparam keyLength length of the key to be generated for decryption (16, 24 or 32) | |
| 275 @return decrypted data (bytes) and flag indicating | 280 @return decrypted data (bytes) and flag indicating |
| 276 success (boolean) | 281 success (boolean) |
| 277 """ | 282 """ |
| 278 if not edata.startswith(CryptoMarker.encode()): | 283 if not edata.startswith(CryptoMarker.encode()): |
| 279 return edata, False # it was not encoded using dataEncrypt | 284 return edata, False # it was not encoded using dataEncrypt |
| 280 | 285 |
| 281 hashParametersBytes, edata = edata[3:].rsplit(Delimiter.encode(), 1) | 286 hashParametersBytes, edata = edata[3:].rsplit(Delimiter.encode(), 1) |
| 282 hashParameters = hashParametersBytes.decode() | 287 hashParameters = hashParametersBytes.decode() |
| 283 try: | 288 try: |
| 284 # recreate the key used to encrypt | 289 # recreate the key used to encrypt |
| 285 key = rehashPassword(password, hashParameters)[:32] | 290 key = rehashPassword(password, hashParameters)[:keyLength] |
| 286 plaintext = decryptData(key, base64.b64decode(edata)) | 291 plaintext = decryptData(key, base64.b64decode(edata)) |
| 287 except ValueError: | 292 except ValueError: |
| 288 return "", False | 293 return "", False |
| 289 return plaintext, True | 294 return plaintext, True |
| 290 | 295 |
