crypto.py 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395
  1. #============================================================================
  2. # This file is part of Pwman3.
  3. #
  4. # Pwman3 is free software; you can redistribute it and/or modify
  5. # it under the terms of the GNU General Public License, version 2
  6. # as published by the Free Software Foundation;
  7. #
  8. # Pwman3 is distributed in the hope that it will be useful,
  9. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  10. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  11. # GNU General Public License for more details.
  12. #
  13. # You should have received a copy of the GNU General Public License
  14. # along with Pwman3; if not, write to the Free Software
  15. # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
  16. #============================================================================
  17. # Copyright (C) 2012 Oz Nahum <nahumoz@gmail.com>
  18. #============================================================================
  19. # Copyright (C) 2006 Ivan Kelly <ivan@ivankelly.net>
  20. #============================================================================
  21. """
  22. Encryption Module used by PwmanDatabase
  23. Supports AES, ARC2, Blowfish, CAST, DES, DES3, IDEA, RC5.
  24. Usage:
  25. import pwman.util.crypto.CryptoEngine as CryptoEngine
  26. from pwman.util.crypto import CryptoEngine
  27. class myCallback(CryptoEngine.Callback):
  28. def execute(self):
  29. return "mykey"
  30. params = {'encryptionAlgorithm': 'AES',
  31. 'encryptionCallback': callbackFunction}
  32. CryptoEngine.init(params)
  33. crypto = CryptoEngine.get()
  34. ciphertext = crypto.encrypt("plaintext")
  35. plaintext = cyypto.decrypt(ciphertext)
  36. """
  37. from Crypto.Cipher import Blowfish as cBlowfish
  38. from Crypto.Cipher import AES as cAES
  39. from Crypto.Cipher import ARC2 as cARC2
  40. from Crypto.Cipher import ARC4 as cARC2
  41. from Crypto.Cipher import CAST as cCAST
  42. from Crypto.Cipher import DES as cDES
  43. from Crypto.Cipher import DES3 as cDES3
  44. from Crypto.Random import OSRNG
  45. from pwman.util.callback import Callback
  46. import pwman.util.config as config
  47. import cPickle
  48. import time
  49. import sys
  50. import ctypes
  51. def zerome(string):
  52. """
  53. securely erase strings ...
  54. for windows: ctypes.cdll.msvcrt.memset
  55. """
  56. bufsize = len(string) + 1
  57. offset = sys.getsizeof(string) - bufsize
  58. ctypes.memset(id(string) + offset, 0, bufsize)
  59. _INSTANCE = None
  60. # Use this to tell if crypto is successful or not
  61. _TAG = "PWMANCRYPTO"
  62. class CryptoException(Exception):
  63. """Generic Crypto Exception."""
  64. def __init__(self, message):
  65. self.message = message
  66. def __str__(self):
  67. return "CryptoException: " + self.message
  68. class CryptoUnsupportedException(CryptoException):
  69. """Unsupported feature requested."""
  70. def __str__(self):
  71. return "CryptoUnsupportedException: " +self.message
  72. class CryptoBadKeyException(CryptoException):
  73. """Encryption key is incorrect."""
  74. def __str__(self):
  75. return "CryptoBadKeyException: " + self.message
  76. class CryptoNoKeyException(CryptoException):
  77. """No key has been initalised."""
  78. def __str__(self):
  79. return "CryptoNoKeyException: " + self.message
  80. class CryptoNoCallbackException(CryptoException):
  81. """No Callback has been set."""
  82. def __str__(self):
  83. return "CryptoNoCallbackException: " + self.message
  84. class CryptoPasswordMismatchException(CryptoException):
  85. """Entered passwords do not match."""
  86. def __str__(self):
  87. return "CryptoPasswordMismatchException: " + self.message
  88. class CryptoEngine:
  89. """Cryptographic Engine"""
  90. _timeoutcount = 0
  91. _instance = None
  92. _callback = None
  93. @classmethod
  94. def get(cls):
  95. """
  96. CryptoEngine.get() -> CryptoEngine
  97. Return an instance of CryptoEngine.
  98. If no instance is found, a CryptoException is raised.
  99. """
  100. if (CryptoEngine._instance == None):
  101. algo = config.get_value("Encryption", "algorithm")
  102. if algo == "Dummy":
  103. CryptoEngine._instance = DummyCryptoEngine()
  104. else:
  105. CryptoEngine._instance = CryptoEngine()
  106. return CryptoEngine._instance
  107. #get = classmethod(get)
  108. def __init__(self):
  109. """Initialise the Cryptographic Engine
  110. params is a dictionary. Valid keys are:
  111. algorithm: Which cipher to use
  112. callback: Callback class.
  113. keycrypted: This should be set by the database layer.
  114. timeout: Time after which key will be forgotten.
  115. Default is -1 (disabled).
  116. """
  117. algo = config.get_value("Encryption", "algorithm")
  118. if len(algo) > 0:
  119. self._algo = algo
  120. else:
  121. raise CryptoException("Parameters missing, no algorithm given")
  122. callback = config.get_value("Encryption", "callback")
  123. if isinstance(callback, Callback):
  124. self._callback = callback
  125. else:
  126. self._callback = None
  127. keycrypted = config.get_value("Encryption", "keycrypted")
  128. if len(keycrypted) > 0:
  129. self._keycrypted = keycrypted
  130. else:
  131. self._keycrypted = None
  132. timeout = config.get_value("Encryption", "timeout")
  133. if timeout.isdigit():
  134. self._timeout = timeout
  135. else:
  136. self._timeout = -1
  137. self._cipher = None
  138. def encrypt(self, obj):
  139. """
  140. encrypt(obj) -> ciphertext
  141. Encrypt obj and return its ciphertext. obj must be a picklable class.
  142. Can raise a CryptoException and CryptoUnsupportedException"""
  143. cipher = self._getcipher()
  144. plaintext = self._preparedata(obj, cipher.block_size)
  145. ciphertext = cipher.encrypt(plaintext)
  146. return str(ciphertext).encode('base64')
  147. def decrypt(self, ciphertext):
  148. """
  149. decrypt(ciphertext) -> obj
  150. Decrypt ciphertext and returns the obj that was encrypted.
  151. If key is bad, a CryptoBadKeyException is raised
  152. Can also raise a CryptoException and CryptoUnsupportedException"""
  153. cipher = self._getcipher()
  154. ciphertext = str(ciphertext).decode('base64')
  155. plaintext = cipher.decrypt(ciphertext)
  156. return self._retrievedata(plaintext)
  157. def set_cryptedkey(self, key):
  158. """
  159. hold _keycrypted
  160. """
  161. self._keycrypted = key
  162. def get_cryptedkey(self):
  163. """
  164. return _keycrypted
  165. """
  166. return self._keycrypted
  167. def set_callback(self, callback):
  168. """
  169. set the callback function
  170. """
  171. self._callback = callback
  172. def get_callback(self):
  173. """
  174. return call back function
  175. """
  176. return self._callback
  177. def changepassword(self):
  178. """
  179. Creates a new key. The key itself is actually stored in
  180. the database in crypted form. This key is encrypted using the
  181. password that the user provides. This makes it easy to change the
  182. password for the database.
  183. If oldKeyCrypted is none, then a new password is generated."""
  184. if (self._callback == None):
  185. raise CryptoNoCallbackException("No call back class has been \
  186. specified")
  187. if (self._keycrypted == None):
  188. # Generate a new key, 32 bits in length, if that's
  189. # too long for the Cipher, _getCipherReal will sort it out
  190. random = OSRNG.new()
  191. key = str(random.read(32)).encode('base64')
  192. else:
  193. password = self._callback.getsecret("Please enter your current \
  194. password")
  195. cipher = self._getcipher_real(password, self._algo)
  196. plainkey = cipher.decrypt(str(self._keycrypted).decode('base64'))
  197. key = self._retrievedata(plainkey)
  198. newpassword1 = self._callback.getsecret("Please enter your new \
  199. password")
  200. newpassword2 = self._callback.getsecret("Please enter your new \
  201. password again")
  202. if (newpassword1 != newpassword2):
  203. raise CryptoPasswordMismatchException("Passwords do not match")
  204. newcipher = self._getcipher_real(newpassword1, self._algo)
  205. self._keycrypted = str(newcipher.encrypt(self._preparedata(key,
  206. newcipher.block_size))).encode('base64')
  207. # newpassword1, newpassword2 are not needed any more so we erase
  208. # them
  209. zerome(newpassword1)
  210. zerome(newpassword2)
  211. # we also want to create the cipher if there isn't one already
  212. # so this CryptoEngine can be used from now on
  213. if (self._cipher == None):
  214. self._cipher = self._getcipher_real(str(key).decode('base64'),
  215. self._algo)
  216. CryptoEngine._timeoutcount = time.time()
  217. return self._keycrypted
  218. def alive(self):
  219. """
  220. check if we have cipher
  221. """
  222. if (self._cipher != None):
  223. return True
  224. else:
  225. return False
  226. def forget(self):
  227. """
  228. discard cipher
  229. """
  230. self._cipher = None
  231. def _getcipher(self):
  232. """
  233. get cypher from user, to decrypt DB
  234. """
  235. if (self._cipher != None
  236. and (self._timeout == -1
  237. or (time.time() - CryptoEngine._timeoutcount) < self._timeout)):
  238. return self._cipher
  239. if (self._callback == None):
  240. raise CryptoNoCallbackException("No Callback exception")
  241. if (self._keycrypted == None):
  242. raise CryptoNoKeyException("Encryption key has not been generated")
  243. max_tries = 5
  244. tries = 0
  245. key = None
  246. while tries < max_tries:
  247. try:
  248. password = self._callback.getsecret("Please enter your \
  249. password")
  250. tmpcipher = self._getcipher_real(password, self._algo)
  251. plainkey = tmpcipher.decrypt(str(self._keycrypted).decode(
  252. 'base64'))
  253. key = self._retrievedata(plainkey)
  254. break
  255. except CryptoBadKeyException:
  256. print "Wrong password."
  257. tries += 1
  258. if not key:
  259. raise Exception("Wrong password entered %s times; giving up" \
  260. % max_tries)
  261. self._cipher = self._getcipher_real(str(key).decode('base64'),
  262. self._algo)
  263. CryptoEngine._timeoutcount = time.time()
  264. return self._cipher
  265. def _getcipher_real(self, key, algo):
  266. """
  267. do the real job of decrypting using functions
  268. form PyCrypto
  269. """
  270. if (algo == "AES"):
  271. key = self._padkey(key, [16, 24, 32])
  272. cipher = cAES.new(key, cAES.MODE_ECB)
  273. elif (algo == 'ARC2'):
  274. cipher = cARC2.new(key, cARC2.MODE_ECB)
  275. elif (algo == 'ARC4'):
  276. raise CryptoUnsupportedException("ARC4 is currently unsupported")
  277. elif (algo == 'Blowfish'):
  278. cipher = cBlowfish.new(key, cBlowfish.MODE_ECB)
  279. elif (algo == 'CAST'):
  280. cipher = cCAST.new(key, cCAST.MODE_ECB)
  281. elif (algo == 'DES'):
  282. self._padkey(key, [8])
  283. cipher = cDES.new(key, cDES.MODE_ECB)
  284. elif (algo == 'DES3'):
  285. key = self._padkey(key, [16, 24])
  286. cipher = cDES3.new(key, cDES3.MODE_ECB)
  287. elif (algo == 'XOR'):
  288. raise CryptoUnsupportedException("XOR is currently unsupported")
  289. else:
  290. raise CryptoException("Invalid algorithm specified")
  291. return cipher
  292. def _padkey(self, key, acceptable_lengths):
  293. """
  294. pad key with extra string
  295. """
  296. maxlen = max(acceptable_lengths)
  297. keylen = len(key)
  298. if (keylen > maxlen):
  299. return key[0:maxlen]
  300. acceptable_lengths.sort()
  301. acceptable_lengths.reverse()
  302. newkeylen = None
  303. for i in acceptable_lengths:
  304. if (i < keylen):
  305. break
  306. newkeylen = i
  307. return key.ljust(newkeylen)
  308. def _preparedata(self, obj, blocksize):
  309. """
  310. prepare data before encrypting
  311. """
  312. plaintext = cPickle.dumps(obj)
  313. plaintext = _TAG + plaintext
  314. numblocks = (len(plaintext)/blocksize) + 1
  315. newdatasize = blocksize*numblocks
  316. return plaintext.ljust(newdatasize)
  317. def _retrievedata(self, plaintext):
  318. """
  319. retrieve encrypted data
  320. """
  321. if (plaintext.startswith(_TAG)):
  322. plaintext = plaintext[len(_TAG):]
  323. else:
  324. raise CryptoBadKeyException("Error decrypting, bad key")
  325. return cPickle.loads(plaintext)
  326. class DummyCryptoEngine(CryptoEngine):
  327. """Dummy CryptoEngine used when database doesn't ask for encryption.
  328. Only for testing and debugging the DB drivers really."""
  329. def __init__(self):
  330. pass
  331. def encrypt(self, obj):
  332. """Return the object pickled."""
  333. return cPickle.dumps(obj)
  334. def decrypt(self, ciphertext):
  335. """Unpickle the object."""
  336. return cPickle.loads(str(ciphertext))
  337. def changepassword(self):
  338. return ''