-
Notifications
You must be signed in to change notification settings - Fork 0
/
PasswordManager.py
87 lines (73 loc) · 3.24 KB
/
PasswordManager.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
from cryptography.hazmat.backends import default_backend
import os
import base64
import yaml
import cryptography.fernet
class PasswordManager:
def __init__(self, *args):
self.encryptiontype = cryptography.fernet.Fernet(
self.generateKey(args[0], self.retrieveSalt()))
def generateSalt(self):
salt = os.urandom(32)
path = '.salt'
# default salt
# salt = b'\x02\x90/\xef\xc75\x807A\xe5d\xcf\x9c\xae\xbdL/\xbd+\x07\xbb\xc5\x81\xdb\xb4\xbbJ\xac*~\xc6\x0c'
with open(path, 'wb') as file:
file.write(salt)
return salt
def retrieveSalt(self):
try:
with open(os.path.join(os.getcwd(), '.salt'), 'rb') as file:
return file.read()
except FileNotFoundError:
salt = b'\x02\x90/\xef\xc75\x807A\xe5d\xcf\x9c\xae\xbdL/\xbd+\x07\xbb\xc5\x81\xdb\xb4\xbbJ\xac*~\xc6\x0c'
return salt
def generateKey(self, passphrase, salt):
kdf = PBKDF2HMAC(
algorithm=hashes.SHA256(),
length=32,
salt=salt,
iterations=10000,
backend=default_backend()
)
return base64.urlsafe_b64encode(kdf.derive(passphrase.encode()))
def retrieveServerCredentials(self, server='remote'):
serverCreds = dict()
try:
if server == 'remote':
with open(os.path.join(os.getcwd(), 'creds.yml'), 'r') as file:
yaml_data = yaml.safe_load(file)
for key in yaml_data:
serverCreds[self.encryptiontype.decrypt(key).decode(
)] = self.encryptiontype.decrypt(yaml_data[key]).decode()
return serverCreds
elif server == 'local':
with open(os.path.join(os.getcwd(), 'creds_local.yml'), 'r') as file:
yaml_data = yaml.safe_load(file)
for key in yaml_data:
serverCreds[key] = yaml_data[key]
return serverCreds
except cryptography.fernet.InvalidToken:
print("Wrong passphrase")
return False
def encryptServerCredentials(self):
with open(os.path.join(os.getcwd(), 'creds.yml'), 'rb') as file:
yaml_data = yaml.safe_load(file)
print(yaml_data)
serverCreds = dict()
with open(os.path.join(os.getcwd(), 'creds.yml'), 'w') as file:
for key in yaml_data:
serverCreds[self.encryptiontype.encrypt(
key.encode())] = self.encryptiontype.encrypt(yaml_data[key].encode())
yaml.dump(serverCreds, file)
print("Server credentials encrypted and stored successfully")
if __name__ == '__main__':
# replace passphrase with your passphrase
a = PasswordManager('alphadeltafoxtrot')
# a.encryptServerCredentials()
print(a.retrieveServerCredentials())
# a.encryptServerCredentials()
# default salt used in here
# salt = b'\x02\x90/\xef\xc75\x807A\xe5d\xcf\x9c\xae\xbdL/\xbd+\x07\xbb\xc5\x81\xdb\xb4\xbbJ\xac*~\xc6\x0c'