a-c-m
/
community.general
mirror of https://github.com/ansible-collections/community.general.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
community.general/lib/ansible/parsing/vault/__init__.py

837 lines
29 KiB
Python
Raw Normal View History

Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
# (c) 2014, James Tanner <tanner.jc@gmail.com>
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
# (c) 2016, Adrian Likins <alikins@redhat.com>
# (c) 2016, Toshio Kuratomi <tkuratomi@ansible.com>
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
Add python3 compat header
2014-10-29 00:44:21 +00:00
# Make coding more python3-ish
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
import os
import shlex
import shutil
Implement cat-like filtering behaviour for encrypt/decrypt This allows the following invocations: # Interactive use, like gpg ansible-vault encrypt --output x # Non-interactive, for scripting echo plaintext|ansible-vault encrypt --output x # Separate input and output files ansible-vault encrypt input.yml --output output.yml # Existing usage (in-place encryption) unchanged ansible-vault encrypt inout.yml …and the analogous cases for ansible-vault decrypt as well. In all cases, the input and output files can be '-' to read from stdin or write to stdout. This permits sensitive data to be encrypted and decrypted without ever hitting disk.
2015-08-26 17:21:20 +00:00
import sys
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
import tempfile
cleaner implementation and random chunk length.
2016-01-05 17:04:38 +00:00
import random
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
from io import BytesIO
from subprocess import call
from hashlib import sha256
from binascii import hexlify
from binascii import unhexlify
Move uses of to_bytes, to_text, to_native to use the module_utils version (#17423) We couldn't copy to_unicode, to_bytes, to_str into module_utils because of licensing. So once created it we had two sets of functions that did the same things but had different implementations. To remedy that, this change removes the ansible.utils.unicode versions of those functions.
2016-09-07 05:54:17 +00:00
from hashlib import md5
Fix exceptions thrown from cryptography import (#16723) A simple import of cryptography can throw several types of errors. For example, if `setuptools` is less than cryptography's minimum requirement of 11.3, then this import of cryptography will throw a VersionConflict here. An earlier case threw a DistributionNotFound exception. An optional dependency should not stop ansible. If the error is more than an ImportError, log a warning, so that errors can be fixed in ansible or elsewhere.
2016-07-20 10:32:23 +00:00
simplified ansible errors, moved md5 hash import with notes to be more prominent
2015-07-11 18:24:00 +00:00
# Note: Only used for loading obsolete VaultAES files. All files are written
# using the newer VaultAES256 which does not require md5
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
try:
from Crypto.Hash import SHA256, HMAC
HAS_HASH = True
except ImportError:
HAS_HASH = False
# Counter import fails for 2.0.1, requires >= 2.6.1 from pip
try:
from Crypto.Util import Counter
HAS_COUNTER = True
except ImportError:
HAS_COUNTER = False
# KDF import fails for 2.0.1, requires >= 2.6.1 from pip
try:
from Crypto.Protocol.KDF import PBKDF2
HAS_PBKDF2 = True
except ImportError:
HAS_PBKDF2 = False
# AES IMPORTS
try:
from Crypto.Cipher import AES as AES
Updated the vault/__init__.py and test_vault.py files to support 2/3. Existing tests pass under both versions, but there could still be some issues since, it involves a lot of 2/3 bytes-unicode conversions.
2015-04-15 18:08:53 +00:00
HAS_AES = True
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
except ImportError:
Updated the vault/__init__.py and test_vault.py files to support 2/3. Existing tests pass under both versions, but there could still be some issues since, it involves a lot of 2/3 bytes-unicode conversions.
2015-04-15 18:08:53 +00:00
HAS_AES = False
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
from ansible.errors import AnsibleError
Update module_utils.six to latest (#22855) * Update module_utils.six to latest We've been held back on the version of six we could use on the module side to 1.4.x because of python-2.4 compatibility. Now that our minimum is Python-2.6, we can update to the latest version of six in module_utils and get rid of the second copy in lib/ansible/compat.
2017-03-23 20:35:05 +00:00
from ansible.module_utils.six import PY3, binary_type
from ansible.module_utils.six.moves import zip
Move uses of to_bytes, to_text, to_native to use the module_utils version (#17423) We couldn't copy to_unicode, to_bytes, to_str into module_utils because of licensing. So once created it we had two sets of functions that did the same things but had different implementations. To remedy that, this change removes the ansible.utils.unicode versions of those functions.
2016-09-07 05:54:17 +00:00
from ansible.module_utils._text import to_bytes, to_text
try:
from __main__ import display
except ImportError:
from ansible.utils.display import Display
display = Display()
Use PBKDF2HMAC() from cryptography for vault keys. When stretching the key for vault files, use PBKDF2HMAC() from the cryptography package instead of pycrypto. This will speed up the opening of vault files by ~10x. The problem is here in lib/ansible/utils/vault.py: hash_function = SHA256 # make two keys and one iv pbkdf2_prf = lambda p, s: HMAC.new(p, s, hash_function).digest() derivedkey = PBKDF2(password, salt, dkLen=(2 * keylength) + ivlength, count=10000, prf=pbkdf2_prf) `PBKDF2()` calls a Python callback function (`pbkdf2_pr()`) 10000 times. If one has several vault files, this will cause excessive start times with `ansible` or `ansible-playbook` (we experience ~15 second startup times). Testing the original implementation in 1.9.2 with a vault file: In [2]: %timeit v.decrypt(encrypted_data) 1 loops, best of 3: 265 ms per loop Having a recent OpenSSL version and using the vault.py changes in this commit: In [2]: %timeit v.decrypt(encrypted_data) 10 loops, best of 3: 23.2 ms per loop
2015-07-22 17:52:42 +00:00
# OpenSSL pbkdf2_hmac
HAS_PBKDF2HMAC = False
try:
from cryptography.hazmat.primitives.hashes import SHA256 as c_SHA256
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
from cryptography.hazmat.backends import default_backend
HAS_PBKDF2HMAC = True
except ImportError:
pass
Catch DistributionNotFound when pycrypto is absent (#15731) * Catch DistributionNotFound when pycrypto is absent On Solaris 11, module `pkg_resources` throws `DistributionNotFound` on import if `cryptography` is installed but `pycrypto` is not. This change causes that situation to be handled gracefully. I'm not using Paramiko or Vault, so I my understanding is that I don't need `pycrpto`. I could install `pycrypto` to make the error go away, but: - The latest released version of `pycrypto` doesn't build cleanly on Solaris (https://github.com/dlitz/pycrypto/issues/184). - Solaris includes an old version of GMP that triggers warnings every time Ansible runs (https://github.com/ansible/ansible/issues/6941). I notice that I can silence these warnings with `system_warnings` in `ansible.cfg`, but not installing `pycrypto` seems like a safer solution. * Ignore only `pkg_resources.DistributionNotFound`, not other exceptions.
2016-05-19 18:39:34 +00:00
except Exception as e:
Only dispkay failure to use cryptography at a higher verbosity Fixes #17982
2016-10-12 16:58:11 +00:00
display.vvvv("Optional dependency 'cryptography' raised an exception, falling back to 'Crypto'.")
Fix exceptions thrown from cryptography import (#16723) A simple import of cryptography can throw several types of errors. For example, if `setuptools` is less than cryptography's minimum requirement of 11.3, then this import of cryptography will throw a VersionConflict here. An earlier case threw a DistributionNotFound exception. An optional dependency should not stop ansible. If the error is more than an ImportError, log a warning, so that errors can be fixed in ansible or elsewhere.
2016-07-20 10:32:23 +00:00
import traceback
Only dispkay failure to use cryptography at a higher verbosity Fixes #17982
2016-10-12 16:58:11 +00:00
display.vvvv("Traceback from import of cryptography was {0}".format(traceback.format_exc()))
Use PBKDF2HMAC() from cryptography for vault keys. When stretching the key for vault files, use PBKDF2HMAC() from the cryptography package instead of pycrypto. This will speed up the opening of vault files by ~10x. The problem is here in lib/ansible/utils/vault.py: hash_function = SHA256 # make two keys and one iv pbkdf2_prf = lambda p, s: HMAC.new(p, s, hash_function).digest() derivedkey = PBKDF2(password, salt, dkLen=(2 * keylength) + ivlength, count=10000, prf=pbkdf2_prf) `PBKDF2()` calls a Python callback function (`pbkdf2_pr()`) 10000 times. If one has several vault files, this will cause excessive start times with `ansible` or `ansible-playbook` (we experience ~15 second startup times). Testing the original implementation in 1.9.2 with a vault file: In [2]: %timeit v.decrypt(encrypted_data) 1 loops, best of 3: 265 ms per loop Having a recent OpenSSL version and using the vault.py changes in this commit: In [2]: %timeit v.decrypt(encrypted_data) 10 loops, best of 3: 23.2 ms per loop
2015-07-22 17:52:42 +00:00
HAS_ANY_PBKDF2HMAC = HAS_PBKDF2 or HAS_PBKDF2HMAC
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
Move uses of to_bytes, to_text, to_native to use the module_utils version (#17423) We couldn't copy to_unicode, to_bytes, to_str into module_utils because of licensing. So once created it we had two sets of functions that did the same things but had different implementations. To remedy that, this change removes the ansible.utils.unicode versions of those functions.
2016-09-07 05:54:17 +00:00
CRYPTO_UPGRADE = "ansible-vault requires a newer version of pycrypto than the one installed on your platform." \
" You may fix this with OS-specific commands such as: yum install python-devel; rpm -e --nodeps python-crypto; pip install pycrypto"
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
b_HEADER = b'$ANSIBLE_VAULT'
CIPHER_WHITELIST = frozenset((u'AES', u'AES256'))
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
CIPHER_WRITE_WHITELIST = frozenset((u'AES256',))
Make vault use a mapping of cipher name to classes instead of formatting the name for safety.
2015-10-16 17:04:37 +00:00
# See also CIPHER_MAPPING at the bottom of the file which maps cipher strings
# (used in VaultFile header) to a cipher class
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Attempted to updated the vault editor to support 2/3 compatibility. Unfortunately, I wasn't able to fix a bug in the VaultAES in which during the test_decrypt_1_0 and test_rekey_migration in which VaultAES wasn't successfully writing the writing the encrypted key to out_file (BytesIO). Added skipping vault_editor tests test_decrypt_1_0 and test_rekey_migration in python3 since I wasn't able to successfully backport VaultAES without weird bugs.
2015-04-16 16:53:59 +00:00
generalized prereqs check added vaultfile class for action and lookup plugin usage
2015-06-16 13:20:15 +00:00
def check_prereqs():
Use PBKDF2HMAC() from cryptography for vault keys. When stretching the key for vault files, use PBKDF2HMAC() from the cryptography package instead of pycrypto. This will speed up the opening of vault files by ~10x. The problem is here in lib/ansible/utils/vault.py: hash_function = SHA256 # make two keys and one iv pbkdf2_prf = lambda p, s: HMAC.new(p, s, hash_function).digest() derivedkey = PBKDF2(password, salt, dkLen=(2 * keylength) + ivlength, count=10000, prf=pbkdf2_prf) `PBKDF2()` calls a Python callback function (`pbkdf2_pr()`) 10000 times. If one has several vault files, this will cause excessive start times with `ansible` or `ansible-playbook` (we experience ~15 second startup times). Testing the original implementation in 1.9.2 with a vault file: In [2]: %timeit v.decrypt(encrypted_data) 1 loops, best of 3: 265 ms per loop Having a recent OpenSSL version and using the vault.py changes in this commit: In [2]: %timeit v.decrypt(encrypted_data) 10 loops, best of 3: 23.2 ms per loop
2015-07-22 17:52:42 +00:00
if not HAS_AES or not HAS_COUNTER or not HAS_ANY_PBKDF2HMAC or not HAS_HASH:
simplified ansible errors, moved md5 hash import with notes to be more prominent
2015-07-11 18:24:00 +00:00
raise AnsibleError(CRYPTO_UPGRADE)
generalized prereqs check added vaultfile class for action and lookup plugin usage
2015-06-16 13:20:15 +00:00
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
class AnsibleVaultError(AnsibleError):
pass
Move uses of to_bytes, to_text, to_native to use the module_utils version (#17423) We couldn't copy to_unicode, to_bytes, to_str into module_utils because of licensing. So once created it we had two sets of functions that did the same things but had different implementations. To remedy that, this change removes the ansible.utils.unicode versions of those functions.
2016-09-07 05:54:17 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
def is_encrypted(data):
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
""" Test if this is vault encrypted data blob
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
:arg data: a byte or text string to test whether it is recognized as vault
encrypted data
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
:returns: True if it is recognized. Otherwise, False.
"""
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
try:
# Make sure we have a byte string and that it only contains ascii
# bytes.
b_data = to_bytes(to_text(data, encoding='ascii', errors='strict', nonstring='strict'), encoding='ascii', errors='strict')
except (UnicodeError, TypeError):
# The vault format is pure ascii so if we failed to encode to bytes
# via ascii we know that this is not vault data.
# Similarly, if it's not a string, it's not vault data
return False
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
if b_data.startswith(b_HEADER):
return True
return False
Move uses of to_bytes, to_text, to_native to use the module_utils version (#17423) We couldn't copy to_unicode, to_bytes, to_str into module_utils because of licensing. So once created it we had two sets of functions that did the same things but had different implementations. To remedy that, this change removes the ansible.utils.unicode versions of those functions.
2016-09-07 05:54:17 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
def is_encrypted_file(file_obj, start_pos=0, count=-1):
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
"""Test if the contents of a file obj are a vault encrypted data blob.
:arg file_obj: A file object that will be read from.
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
:kwarg start_pos: A byte offset in the file to start reading the header
from. Defaults to 0, the beginning of the file.
:kwarg count: Read up to this number of bytes from the file to determine
if it looks like encrypted vault data. The default is -1, read to the
end of file.
:returns: True if the file looks like a vault file. Otherwise, False.
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
"""
# read the header and reset the file stream to where it started
current_position = file_obj.tell()
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
try:
file_obj.seek(start_pos)
vault: call is_encrypted directly in is_encrypted_file Doing the conversion and checking for exceptions there is pointless since is_encrypted already does it.
2017-02-26 23:55:16 +00:00
return is_encrypted(file_obj.read(count))
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
finally:
file_obj.seek(current_position)
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
class VaultLib:
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Retain vault password as bytes in 2.2 (#22378) * Retain vault password as bytes in 2.2 Prior to 2.2.1, the vault password was read in as byes and then remained bytes all the way through the code. A bug existed where bytes and text were mixed, leading to a traceback with non-ascii passwords. In devel, this was fixed by changing the read in password to text type to match with our overall strategy of converting at the borders. This was backported to stable-2.2 for the 2.2.1 release. On reflection, this should not have been backported as it causes passwords which were originally non-utf-8 to become utf-8. People will then have their working 2.2.x vault files become in-accessible. this commit pipes bytes all the way through the system for vault password. That way if a password is read in as a non-utf-8 character sequence, it will continue to work in 2.2.2+. This change is only for the 2.2 branch, not for 2.3 and beyond. Why not everywhere? The reason is that non-utf-8 passwords will cause problems when vault files are shared between systems or users. If the password is read from the prompt and one user/machine has a latin1 encoded locale while a second one has utf-8, the non-ascii password typed in won't match between machines. Deal with this by making sure that when we encrypt the data, we always use valid utf-8. Fixes #20398 (cherry picked from commit 5dcce0666a81917c68b76286685642fd72d84327)
2017-03-07 20:30:09 +00:00
def __init__(self, b_password):
self.b_password = to_bytes(b_password, errors='strict', encoding='utf-8')
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
self.cipher_name = None
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
self.b_version = b'1.1'
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
@staticmethod
def is_encrypted(data):
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
""" Test if this is vault encrypted data
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
:arg data: a byte or text string or a python3 to test for whether it is
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
recognized as vault encrypted data
:returns: True if it is recognized. Otherwise, False.
"""
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
# This could in the future, check to see if the data is a vault blob and
# is encrypted with a key associated with this vault
# instead of just checking the format.
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
display.deprecated(u'vault.VaultLib.is_encrypted is deprecated. Use vault.is_encrypted instead', version='2.4')
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
return is_encrypted(data)
fixed memoryerror when coping huge file (#16392) * fixed * support both python 2 and 3
2016-07-22 13:06:06 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
@staticmethod
def is_encrypted_file(file_obj):
display.deprecated(u'vault.VaultLib.is_encrypted_file is deprecated. Use vault.is_encrypted_file instead', version='2.4')
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
return is_encrypted_file(file_obj)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
def encrypt(self, plaintext):
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
"""Vault encrypt a piece of data.
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
:arg plaintext: a text or byte string to encrypt.
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
:returns: a utf-8 encoded byte str of encrypted data. The string
contains a header identifying this as vault encrypted data and
formatted to newline terminated lines of 80 characters. This is
suitable for dumping as is to a vault file.
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
If the string passed in is a text string, it will be encoded to UTF-8
before encryption.
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
"""
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_plaintext = to_bytes(plaintext, errors='surrogate_or_strict')
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
if is_encrypted(b_plaintext):
Simplify VaultEditor methods We don't need to keep creating VaultLibs everywhere, and we don't need to keep checking for errors because VaultLib does it already.
2015-08-26 16:49:54 +00:00
raise AnsibleError("input is already encrypted")
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Use AES256 if the cipher is not write-whitelisted
2015-08-25 09:24:23 +00:00
if not self.cipher_name or self.cipher_name not in CIPHER_WRITE_WHITELIST:
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
self.cipher_name = u"AES256"
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Make vault use a mapping of cipher name to classes instead of formatting the name for safety.
2015-10-16 17:04:37 +00:00
try:
vault: Uniformize construction of cipher objects
2017-02-27 04:02:49 +00:00
this_cipher = CIPHER_MAPPING[self.cipher_name]()
Make vault use a mapping of cipher name to classes instead of formatting the name for safety.
2015-10-16 17:04:37 +00:00
except KeyError:
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
raise AnsibleError(u"{0} cipher could not be found".format(self.cipher_name))
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
# encrypt data
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_ciphertext = this_cipher.encrypt(b_plaintext, self.b_password)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
# format the data for output to the file
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_vaulttext = self._format_output(b_ciphertext)
return b_vaulttext
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
def decrypt(self, vaulttext, filename=None):
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
"""Decrypt a piece of vault encrypted data.
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
:arg vaulttext: a string to decrypt. Since vault encrypted data is an
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
ascii text format this can be either a byte str or unicode string.
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
:kwarg filename: a filename that the data came from. This is only
used to make better error messages in case the data cannot be
decrypted.
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
:returns: a byte string containing the decrypted data
"""
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_vaulttext = to_bytes(vaulttext, errors='strict', encoding='utf-8')
Updated the vault/__init__.py and test_vault.py files to support 2/3. Existing tests pass under both versions, but there could still be some issues since, it involves a lot of 2/3 bytes-unicode conversions.
2015-04-15 18:08:53 +00:00
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
if self.b_password is None:
simplified ansible errors, moved md5 hash import with notes to be more prominent
2015-07-11 18:24:00 +00:00
raise AnsibleError("A vault password must be specified to decrypt data")
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
if not is_encrypted(b_vaulttext):
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
msg = "input is not vault encrypted data"
If decryption of a vaulted file failed, include the filename in the error. (#16329) Fixes #16327
2016-06-18 13:30:08 +00:00
if filename:
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
msg += "%s is not a vault encrypted file" % filename
If decryption of a vaulted file failed, include the filename in the error. (#16329) Fixes #16327
2016-06-18 13:30:08 +00:00
raise AnsibleError(msg)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
# clean out header
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_vaulttext = self._split_header(b_vaulttext)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
# create the cipher object
vault: Uniformize construction of cipher objects
2017-02-27 04:02:49 +00:00
if self.cipher_name in CIPHER_WHITELIST:
this_cipher = CIPHER_MAPPING[self.cipher_name]()
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
else:
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
raise AnsibleError("{0} cipher could not be found".format(self.cipher_name))
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
# try to unencrypt vaulttext
b_plaintext = this_cipher.decrypt(b_vaulttext, self.b_password)
if b_plaintext is None:
If decryption of a vaulted file failed, include the filename in the error. (#16329) Fixes #16327
2016-06-18 13:30:08 +00:00
msg = "Decryption failed"
if filename:
msg += " on %s" % filename
raise AnsibleError(msg)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
return b_plaintext
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
def _format_output(self, b_ciphertext):
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
""" Add header and format to 80 columns
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
:arg b_vaulttext: the encrypted and hexlified data as a byte string
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
:returns: a byte str that should be dumped into a file. It's
formatted to 80 char columns and has the header prepended
"""
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
if not self.cipher_name:
simplified ansible errors, moved md5 hash import with notes to be more prominent
2015-07-11 18:24:00 +00:00
raise AnsibleError("the cipher must be set before adding a header")
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
header = b';'.join([b_HEADER, self.b_version,
Move uses of to_bytes, to_text, to_native to use the module_utils version (#17423) We couldn't copy to_unicode, to_bytes, to_str into module_utils because of licensing. So once created it we had two sets of functions that did the same things but had different implementations. To remedy that, this change removes the ansible.utils.unicode versions of those functions.
2016-09-07 05:54:17 +00:00
to_bytes(self.cipher_name,'utf-8', errors='strict')])
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_vaulttext = [header]
b_vaulttext += [b_ciphertext[i:i + 80] for i in range(0, len(b_ciphertext), 80)]
b_vaulttext += [b'']
b_vaulttext = b'\n'.join(b_vaulttext)
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
return b_vaulttext
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
def _split_header(self, b_vaulttext):
"""Retrieve information about the Vault and clean the data
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
When data is saved, it has a header prepended and is formatted into 80
character lines. This method extracts the information from the header
and then removes the header and the inserted newlines. The string returned
is suitable for processing by the Cipher classes.
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
:arg b_vaulttext: byte str containing the data from a save file
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
:returns: a byte str suitable for passing to a Cipher class's
decrypt() function.
"""
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
# used by decrypt
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_tmpdata = b_vaulttext.split(b'\n')
b_tmpheader = b_tmpdata[0].strip().split(b';')
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
self.b_version = b_tmpheader[1].strip()
self.cipher_name = to_text(b_tmpheader[2].strip())
b_ciphertext = b''.join(b_tmpdata[1:])
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
return b_ciphertext
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
class VaultEditor:
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Retain vault password as bytes in 2.2 (#22378) * Retain vault password as bytes in 2.2 Prior to 2.2.1, the vault password was read in as byes and then remained bytes all the way through the code. A bug existed where bytes and text were mixed, leading to a traceback with non-ascii passwords. In devel, this was fixed by changing the read in password to text type to match with our overall strategy of converting at the borders. This was backported to stable-2.2 for the 2.2.1 release. On reflection, this should not have been backported as it causes passwords which were originally non-utf-8 to become utf-8. People will then have their working 2.2.x vault files become in-accessible. this commit pipes bytes all the way through the system for vault password. That way if a password is read in as a non-utf-8 character sequence, it will continue to work in 2.2.2+. This change is only for the 2.2 branch, not for 2.3 and beyond. Why not everywhere? The reason is that non-utf-8 passwords will cause problems when vault files are shared between systems or users. If the password is read from the prompt and one user/machine has a latin1 encoded locale while a second one has utf-8, the non-ascii password typed in won't match between machines. Deal with this by making sure that when we encrypt the data, we always use valid utf-8. Fixes #20398 (cherry picked from commit 5dcce0666a81917c68b76286685642fd72d84327)
2017-03-07 20:30:09 +00:00
def __init__(self, b_password):
self.vault = VaultLib(b_password)
use integer division instead of floating point division. Fixes #13855
2016-01-13 20:34:12 +00:00
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
# TODO: mv shred file stuff to it's own class
use unix shred if possible, otherwise fast custom impl; do not shred encrypted file
2016-01-05 00:34:45 +00:00
def _shred_file_custom(self, tmp_path):
""""Destroy a file, when shred (core-utils) is not available
use integer division instead of floating point division. Fixes #13855
2016-01-13 20:34:12 +00:00
Unix `shred' destroys files "so that they can be recovered only with great difficulty with
specialised hardware, if at all". It is based on the method from the paper
"Secure Deletion of Data from Magnetic and Solid-State Memory",
use unix shred if possible, otherwise fast custom impl; do not shred encrypted file
2016-01-05 00:34:45 +00:00
Proceedings of the Sixth USENIX Security Symposium (San Jose, California, July 22-25, 1996).
use integer division instead of floating point division. Fixes #13855
2016-01-13 20:34:12 +00:00
use unix shred if possible, otherwise fast custom impl; do not shred encrypted file
2016-01-05 00:34:45 +00:00
We do not go to that length to re-implement shred in Python; instead, overwriting with a block
use integer division instead of floating point division. Fixes #13855
2016-01-13 20:34:12 +00:00
of random data should suffice.
add docs, remove unnecessary int() cast
2016-01-04 17:13:59 +00:00
See https://github.com/ansible/ansible/pull/13700 .
"""
use integer division instead of floating point division. Fixes #13855
2016-01-13 20:34:12 +00:00
use unix shred if possible, otherwise fast custom impl; do not shred encrypted file
2016-01-05 00:34:45 +00:00
file_len = os.path.getsize(tmp_path)
use integer division instead of floating point division. Fixes #13855
2016-01-13 20:34:12 +00:00
Move uses of to_bytes, to_text, to_native to use the module_utils version (#17423) We couldn't copy to_unicode, to_bytes, to_str into module_utils because of licensing. So once created it we had two sets of functions that did the same things but had different implementations. To remedy that, this change removes the ansible.utils.unicode versions of those functions.
2016-09-07 05:54:17 +00:00
if file_len > 0: # avoid work when file was empty
avoid shredding empty files, also x/0 also cleaned up unused import and exception var
2016-01-21 15:53:02 +00:00
max_chunk_len = min(1024*1024*2, file_len)
use integer division instead of floating point division. Fixes #13855
2016-01-13 20:34:12 +00:00
avoid shredding empty files, also x/0 also cleaned up unused import and exception var
2016-01-21 15:53:02 +00:00
passes = 3
with open(tmp_path, "wb") as fh:
for _ in range(passes):
fh.seek(0, 0)
# get a random chunk of data, each pass with other length
chunk_len = random.randint(max_chunk_len//2, max_chunk_len)
data = os.urandom(chunk_len)
use integer division instead of floating point division. Fixes #13855
2016-01-13 20:34:12 +00:00
avoid shredding empty files, also x/0 also cleaned up unused import and exception var
2016-01-21 15:53:02 +00:00
for _ in range(0, file_len // chunk_len):
fh.write(data)
fh.write(data[:file_len % chunk_len])
Move uses of to_bytes, to_text, to_native to use the module_utils version (#17423) We couldn't copy to_unicode, to_bytes, to_str into module_utils because of licensing. So once created it we had two sets of functions that did the same things but had different implementations. To remedy that, this change removes the ansible.utils.unicode versions of those functions.
2016-09-07 05:54:17 +00:00
assert(fh.tell() == file_len) # FIXME remove this assert once we have unittests to check its accuracy
avoid shredding empty files, also x/0 also cleaned up unused import and exception var
2016-01-21 15:53:02 +00:00
os.fsync(fh)
use integer division instead of floating point division. Fixes #13855
2016-01-13 20:34:12 +00:00
use unix shred if possible, otherwise fast custom impl; do not shred encrypted file
2016-01-05 00:34:45 +00:00
def _shred_file(self, tmp_path):
"""Securely destroy a decrypted file
use integer division instead of floating point division. Fixes #13855
2016-01-13 20:34:12 +00:00
Note standard limitations of GNU shred apply (For flash, overwriting would have no effect
use unix shred if possible, otherwise fast custom impl; do not shred encrypted file
2016-01-05 00:34:45 +00:00
due to wear leveling; for other storage systems, the async kernel->filesystem->disk calls never
use integer division instead of floating point division. Fixes #13855
2016-01-13 20:34:12 +00:00
guarantee data hits the disk; etc). Furthermore, if your tmp dirs is on tmpfs (ramdisks),
it is a non-issue.
Nevertheless, some form of overwriting the data (instead of just removing the fs index entry) is
a good idea. If shred is not available (e.g. on windows, or no core-utils installed), fall back on
use unix shred if possible, otherwise fast custom impl; do not shred encrypted file
2016-01-05 00:34:45 +00:00
a custom shredding method.
"""
use integer division instead of floating point division. Fixes #13855
2016-01-13 20:34:12 +00:00
use unix shred if possible, otherwise fast custom impl; do not shred encrypted file
2016-01-05 00:34:45 +00:00
if not os.path.isfile(tmp_path):
# file is already gone
use integer division instead of floating point division. Fixes #13855
2016-01-13 20:34:12 +00:00
return
use unix shred if possible, otherwise fast custom impl; do not shred encrypted file
2016-01-05 00:34:45 +00:00
try:
r = call(['shred', tmp_path])
Catch ValueError as well because of El Capitan provoking a bug in python2's subprocess Fixes #14895
2016-03-18 12:52:53 +00:00
except (OSError, ValueError):
minor spelling changes
2016-12-11 02:50:09 +00:00
# shred is not available on this system, or some other error occurred.
Catch ValueError as well because of El Capitan provoking a bug in python2's subprocess Fixes #14895
2016-03-18 12:52:53 +00:00
# ValueError caught because OS X El Capitan is raising an
# exception big enough to hit a limit in python2-2.7.11 and below.
# Symptom is ValueError: insecure pickle when shred is not
# installed there.
cleaner implementation and random chunk length.
2016-01-05 17:04:38 +00:00
r = 1
use integer division instead of floating point division. Fixes #13855
2016-01-13 20:34:12 +00:00
use unix shred if possible, otherwise fast custom impl; do not shred encrypted file
2016-01-05 00:34:45 +00:00
if r != 0:
use integer division instead of floating point division. Fixes #13855
2016-01-13 20:34:12 +00:00
# we could not successfully execute unix shred; therefore, do custom shred.
use unix shred if possible, otherwise fast custom impl; do not shred encrypted file
2016-01-05 00:34:45 +00:00
self._shred_file_custom(tmp_path)
use integer division instead of floating point division. Fixes #13855
2016-01-13 20:34:12 +00:00
shred ansible-vault tmp_file. Also when editor is interruped.
2015-12-30 17:21:34 +00:00
os.remove(tmp_path)
use integer division instead of floating point division. Fixes #13855
2016-01-13 20:34:12 +00:00
Pass the filename to the individual VaultEditor methods, not __init__ Now we don't have to recreate VaultEditor objects for each file, and so on. It also paves the way towards specifying separate input and output files later.
2015-08-26 13:47:37 +00:00
def _edit_file_helper(self, filename, existing_data=None, force_save=False):
Merge the vault tempfile fix to the v2 tree
2014-10-21 14:33:33 +00:00
# Create a tempfile
Vault: Remove tmp decrypted file when experiencing error while writing (#14835) * Vault edit: Erase tmp file if error while writing to it * Close the FDs returned by mkstemp()
2017-03-27 20:52:18 +00:00
fd, tmp_path = tempfile.mkstemp()
os.close(fd)
Merge the vault tempfile fix to the v2 tree
2014-10-21 14:33:33 +00:00
shred ansible-vault tmp_file. Also when editor is interruped.
2015-12-30 17:21:34 +00:00
try:
Vault: Remove tmp decrypted file when experiencing error while writing (#14835) * Vault edit: Erase tmp file if error while writing to it * Close the FDs returned by mkstemp()
2017-03-27 20:52:18 +00:00
if existing_data:
self.write_data(existing_data, tmp_path, shred=False)
# drop the user into an editor on the tmp file
shred ansible-vault tmp_file. Also when editor is interruped.
2015-12-30 17:21:34 +00:00
call(self._editor_shell_command(tmp_path))
use integer division instead of floating point division. Fixes #13855
2016-01-13 20:34:12 +00:00
except:
shred ansible-vault tmp_file. Also when editor is interruped.
2015-12-30 17:21:34 +00:00
# whatever happens, destroy the decrypted file
self._shred_file(tmp_path)
use integer division instead of floating point division. Fixes #13855
2016-01-13 20:34:12 +00:00
raise
Fix 'ansible-vault edit' crash on changed nonascii ansible-vault edit was attempting to decode the file contents and failing. Fixes #18428
2016-11-04 17:28:44 +00:00
b_tmpdata = self.read_data(tmp_path)
Merge the vault tempfile fix to the v2 tree
2014-10-21 14:33:33 +00:00
Encrypt the vault file after editing only if the contents changed
2014-08-13 12:58:17 +00:00
# Do nothing if the content has not changed
Fix 'ansible-vault edit' crash on changed nonascii ansible-vault edit was attempting to decode the file contents and failing. Fixes #18428
2016-11-04 17:28:44 +00:00
if existing_data == b_tmpdata and not force_save:
shred ansible-vault tmp_file. Also when editor is interruped.
2015-12-30 17:21:34 +00:00
self._shred_file(tmp_path)
Encrypt the vault file after editing only if the contents changed
2014-08-13 12:58:17 +00:00
return
Merge the vault tempfile fix to the v2 tree
2014-10-21 14:33:33 +00:00
# encrypt new data and write out to tmp
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
# An existing vaultfile will always be UTF-8,
# so decode to unicode here
Fix 'ansible-vault edit' crash on changed nonascii ansible-vault edit was attempting to decode the file contents and failing. Fixes #18428
2016-11-04 17:28:44 +00:00
b_ciphertext = self.vault.encrypt(b_tmpdata)
self.write_data(b_ciphertext, tmp_path)
Merge the vault tempfile fix to the v2 tree
2014-10-21 14:33:33 +00:00
# shuffle tmp file into place
Pass the filename to the individual VaultEditor methods, not __init__ Now we don't have to recreate VaultEditor objects for each file, and so on. It also paves the way towards specifying separate input and output files later.
2015-08-26 13:47:37 +00:00
self.shuffle_files(tmp_path, filename)
Merge the vault tempfile fix to the v2 tree
2014-10-21 14:33:33 +00:00
Fix vault reading from stdin (avoid realpath() on non-links) (#23583) * Fix vault reading from stdin (avoid realpath() on non-links) os.path.realpath() is used to find the target of file paths that are symlinks so vault operations happen directly on the target. However, in addition to resolving symlinks, realpath() also returns a full path. when reading from stdin, vault cli uses '-' as a special file path so VaultEditor() will replace with stdin. realpath() was expanding '-' with the CWD to something like '/home/user/playbooks/-' causing errors like: ERROR! [Errno 2] No such file or directory: u'/home/user/ansible/-' Fix is to specialcase '-' to not use realpath() Fixes #23567 * to_text decrypt output when writing to stdout
2017-04-18 17:09:02 +00:00
def _real_path(self, filename):
# '-' is special to VaultEditor, dont expand it.
if filename == '-':
return filename
real_path = os.path.realpath(filename)
return real_path
Vault encrypt string cli (#21024) * Add a vault 'encrypt_string' command. The command will encrypt the string on the command line and print out the yaml block that can be included in a playbook. To be prompted for a string to encrypt: ansible-vault encrypt_string --prompt To specify a string on the command line: ansible-vault encrypt_string "some string to encrypt" To read a string from stdin to encrypt: echo "the plaintext to encrypt" | ansible-vault encrypt_string If a --name or --stdin-name is provided, the output will include that name in yaml key value format: $ ansible-vault encrypt_string "42" --name "the_answer" the_answer: !vault-encrypted | $ANSIBLE_VAULT;1.1;AES256 <vault cipher text here> plaintext provided via prompt, cli, and/or stdin can be mixed: $ ansible-vault encrypt_string "42" --name "the_answer" --prompt Vault password: Variable name (enter for no name): some_variable String to encrypt: microfiber # The encrypted version of variable ("some_variable", the string #1 from the interactive prompt). some_variable: !vault-encrypted | $ANSIBLE_VAULT;1.1;AES256 < vault cipher text here> # The encrypted version of variable ("the_answer", the string #2 from the command line args). the_answer: !vault-encrypted | $ANSIBLE_VAULT;1.1;AES256 < vault cipher text here> Encryption successful * add stdin and prompting to vault 'encrypt_string' * add a --name to encrypt_string to optional specify a var name * prompt for a var name to use with --prompt * add a --stdin-name for the var name for value read from stdin
2017-02-17 15:12:14 +00:00
def encrypt_bytes(self, b_plaintext):
check_prereqs()
b_ciphertext = self.vault.encrypt(b_plaintext)
return b_ciphertext
Implement cat-like filtering behaviour for encrypt/decrypt This allows the following invocations: # Interactive use, like gpg ansible-vault encrypt --output x # Non-interactive, for scripting echo plaintext|ansible-vault encrypt --output x # Separate input and output files ansible-vault encrypt input.yml --output output.yml # Existing usage (in-place encryption) unchanged ansible-vault encrypt inout.yml …and the analogous cases for ansible-vault decrypt as well. In all cases, the input and output files can be '-' to read from stdin or write to stdout. This permits sensitive data to be encrypted and decrypted without ever hitting disk.
2015-08-26 17:21:20 +00:00
def encrypt_file(self, filename, output_file=None):
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
generalized prereqs check added vaultfile class for action and lookup plugin usage
2015-06-16 13:20:15 +00:00
check_prereqs()
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
# A file to be encrypted into a vaultfile could be any encoding
# so treat the contents as a byte string.
Fix 'ansible-vault edit /some/symlink' (#20417) Since vault edit attempts to unlink edited files before creating a new file with the same name and writing to it, if the file was a symlink, the symlink would be replaced with a regular file. VaultEditor file ops now check if files it is changing are symlinks and instead works directly on the target, so that os.rename() and shutils do the right thing. Add unit tests cases for this case and assorted VaultEditor test cases. Fixes #20264
2017-02-24 17:35:39 +00:00
# follow the symlink
Fix vault reading from stdin (avoid realpath() on non-links) (#23583) * Fix vault reading from stdin (avoid realpath() on non-links) os.path.realpath() is used to find the target of file paths that are symlinks so vault operations happen directly on the target. However, in addition to resolving symlinks, realpath() also returns a full path. when reading from stdin, vault cli uses '-' as a special file path so VaultEditor() will replace with stdin. realpath() was expanding '-' with the CWD to something like '/home/user/playbooks/-' causing errors like: ERROR! [Errno 2] No such file or directory: u'/home/user/ansible/-' Fix is to specialcase '-' to not use realpath() Fixes #23567 * to_text decrypt output when writing to stdout
2017-04-18 17:09:02 +00:00
filename = self._real_path(filename)
Fix 'ansible-vault edit /some/symlink' (#20417) Since vault edit attempts to unlink edited files before creating a new file with the same name and writing to it, if the file was a symlink, the symlink would be replaced with a regular file. VaultEditor file ops now check if files it is changing are symlinks and instead works directly on the target, so that os.rename() and shutils do the right thing. Add unit tests cases for this case and assorted VaultEditor test cases. Fixes #20264
2017-02-24 17:35:39 +00:00
Fix 'ansible-vault edit' crash on changed nonascii ansible-vault edit was attempting to decode the file contents and failing. Fixes #18428
2016-11-04 17:28:44 +00:00
b_plaintext = self.read_data(filename)
b_ciphertext = self.vault.encrypt(b_plaintext)
self.write_data(b_ciphertext, output_file or filename)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Implement cat-like filtering behaviour for encrypt/decrypt This allows the following invocations: # Interactive use, like gpg ansible-vault encrypt --output x # Non-interactive, for scripting echo plaintext|ansible-vault encrypt --output x # Separate input and output files ansible-vault encrypt input.yml --output output.yml # Existing usage (in-place encryption) unchanged ansible-vault encrypt inout.yml …and the analogous cases for ansible-vault decrypt as well. In all cases, the input and output files can be '-' to read from stdin or write to stdout. This permits sensitive data to be encrypted and decrypted without ever hitting disk.
2015-08-26 17:21:20 +00:00
def decrypt_file(self, filename, output_file=None):
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
generalized prereqs check added vaultfile class for action and lookup plugin usage
2015-06-16 13:20:15 +00:00
check_prereqs()
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Fix 'ansible-vault edit /some/symlink' (#20417) Since vault edit attempts to unlink edited files before creating a new file with the same name and writing to it, if the file was a symlink, the symlink would be replaced with a regular file. VaultEditor file ops now check if files it is changing are symlinks and instead works directly on the target, so that os.rename() and shutils do the right thing. Add unit tests cases for this case and assorted VaultEditor test cases. Fixes #20264
2017-02-24 17:35:39 +00:00
# follow the symlink
Fix vault reading from stdin (avoid realpath() on non-links) (#23583) * Fix vault reading from stdin (avoid realpath() on non-links) os.path.realpath() is used to find the target of file paths that are symlinks so vault operations happen directly on the target. However, in addition to resolving symlinks, realpath() also returns a full path. when reading from stdin, vault cli uses '-' as a special file path so VaultEditor() will replace with stdin. realpath() was expanding '-' with the CWD to something like '/home/user/playbooks/-' causing errors like: ERROR! [Errno 2] No such file or directory: u'/home/user/ansible/-' Fix is to specialcase '-' to not use realpath() Fixes #23567 * to_text decrypt output when writing to stdout
2017-04-18 17:09:02 +00:00
filename = self._real_path(filename)
Fix 'ansible-vault edit /some/symlink' (#20417) Since vault edit attempts to unlink edited files before creating a new file with the same name and writing to it, if the file was a symlink, the symlink would be replaced with a regular file. VaultEditor file ops now check if files it is changing are symlinks and instead works directly on the target, so that os.rename() and shutils do the right thing. Add unit tests cases for this case and assorted VaultEditor test cases. Fixes #20264
2017-02-24 17:35:39 +00:00
Simplify VaultEditor methods We don't need to keep creating VaultLibs everywhere, and we don't need to keep checking for errors because VaultLib does it already.
2015-08-26 16:49:54 +00:00
ciphertext = self.read_data(filename)
Fix 'ansible-vault edit /some/symlink' (#20417) Since vault edit attempts to unlink edited files before creating a new file with the same name and writing to it, if the file was a symlink, the symlink would be replaced with a regular file. VaultEditor file ops now check if files it is changing are symlinks and instead works directly on the target, so that os.rename() and shutils do the right thing. Add unit tests cases for this case and assorted VaultEditor test cases. Fixes #20264
2017-02-24 17:35:39 +00:00
better error messages when failing to decrypt
2016-02-18 16:56:25 +00:00
try:
plaintext = self.vault.decrypt(ciphertext)
except AnsibleError as e:
raise AnsibleError("%s for %s" % (to_bytes(e),to_bytes(filename)))
use unix shred if possible, otherwise fast custom impl; do not shred encrypted file
2016-01-05 00:34:45 +00:00
self.write_data(plaintext, output_file or filename, shred=False)
Merge the vault tempfile fix to the v2 tree
2014-10-21 14:33:33 +00:00
Simplify VaultEditor methods We don't need to keep creating VaultLibs everywhere, and we don't need to keep checking for errors because VaultLib does it already.
2015-08-26 16:49:54 +00:00
def create_file(self, filename):
""" create a new encrypted file """
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
generalized prereqs check added vaultfile class for action and lookup plugin usage
2015-06-16 13:20:15 +00:00
check_prereqs()
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Simplify VaultEditor methods We don't need to keep creating VaultLibs everywhere, and we don't need to keep checking for errors because VaultLib does it already.
2015-08-26 16:49:54 +00:00
# FIXME: If we can raise an error here, we can probably just make it
# behave like edit instead.
if os.path.isfile(filename):
raise AnsibleError("%s exists, please use 'edit' instead" % filename)
Merge the vault tempfile fix to the v2 tree
2014-10-21 14:33:33 +00:00
Simplify VaultEditor methods We don't need to keep creating VaultLibs everywhere, and we don't need to keep checking for errors because VaultLib does it already.
2015-08-26 16:49:54 +00:00
self._edit_file_helper(filename)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Pass the filename to the individual VaultEditor methods, not __init__ Now we don't have to recreate VaultEditor objects for each file, and so on. It also paves the way towards specifying separate input and output files later.
2015-08-26 13:47:37 +00:00
def edit_file(self, filename):
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
generalized prereqs check added vaultfile class for action and lookup plugin usage
2015-06-16 13:20:15 +00:00
check_prereqs()
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Fix 'ansible-vault edit /some/symlink' (#20417) Since vault edit attempts to unlink edited files before creating a new file with the same name and writing to it, if the file was a symlink, the symlink would be replaced with a regular file. VaultEditor file ops now check if files it is changing are symlinks and instead works directly on the target, so that os.rename() and shutils do the right thing. Add unit tests cases for this case and assorted VaultEditor test cases. Fixes #20264
2017-02-24 17:35:39 +00:00
# follow the symlink
Fix vault reading from stdin (avoid realpath() on non-links) (#23583) * Fix vault reading from stdin (avoid realpath() on non-links) os.path.realpath() is used to find the target of file paths that are symlinks so vault operations happen directly on the target. However, in addition to resolving symlinks, realpath() also returns a full path. when reading from stdin, vault cli uses '-' as a special file path so VaultEditor() will replace with stdin. realpath() was expanding '-' with the CWD to something like '/home/user/playbooks/-' causing errors like: ERROR! [Errno 2] No such file or directory: u'/home/user/ansible/-' Fix is to specialcase '-' to not use realpath() Fixes #23567 * to_text decrypt output when writing to stdout
2017-04-18 17:09:02 +00:00
filename = self._real_path(filename)
Fix 'ansible-vault edit /some/symlink' (#20417) Since vault edit attempts to unlink edited files before creating a new file with the same name and writing to it, if the file was a symlink, the symlink would be replaced with a regular file. VaultEditor file ops now check if files it is changing are symlinks and instead works directly on the target, so that os.rename() and shutils do the right thing. Add unit tests cases for this case and assorted VaultEditor test cases. Fixes #20264
2017-02-24 17:35:39 +00:00
Simplify VaultEditor methods We don't need to keep creating VaultLibs everywhere, and we don't need to keep checking for errors because VaultLib does it already.
2015-08-26 16:49:54 +00:00
ciphertext = self.read_data(filename)
Fix 'ansible-vault edit /some/symlink' (#20417) Since vault edit attempts to unlink edited files before creating a new file with the same name and writing to it, if the file was a symlink, the symlink would be replaced with a regular file. VaultEditor file ops now check if files it is changing are symlinks and instead works directly on the target, so that os.rename() and shutils do the right thing. Add unit tests cases for this case and assorted VaultEditor test cases. Fixes #20264
2017-02-24 17:35:39 +00:00
better error messages when failing to decrypt
2016-02-18 16:56:25 +00:00
try:
plaintext = self.vault.decrypt(ciphertext)
except AnsibleError as e:
raise AnsibleError("%s for %s" % (to_bytes(e),to_bytes(filename)))
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Don't create a VaultLib in each method; do it in __init__ instead
2015-08-26 15:55:50 +00:00
if self.vault.cipher_name not in CIPHER_WRITE_WHITELIST:
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
# we want to get rid of files encrypted with the AES cipher
Simplify VaultEditor methods We don't need to keep creating VaultLibs everywhere, and we don't need to keep checking for errors because VaultLib does it already.
2015-08-26 16:49:54 +00:00
self._edit_file_helper(filename, existing_data=plaintext, force_save=True)
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
else:
Simplify VaultEditor methods We don't need to keep creating VaultLibs everywhere, and we don't need to keep checking for errors because VaultLib does it already.
2015-08-26 16:49:54 +00:00
self._edit_file_helper(filename, existing_data=plaintext, force_save=False)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Make «ansible-vault view» not write plaintext to a tempfile CLI already provides a pager() method that feeds $PAGER on stdin, so we just feed that the plaintext from the vault file. We can also eliminate the redundant and now-unused shell_pager_command method in VaultEditor.
2015-09-30 14:30:34 +00:00
def plaintext(self, filename):
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
generalized prereqs check added vaultfile class for action and lookup plugin usage
2015-06-16 13:20:15 +00:00
check_prereqs()
Simplify VaultEditor methods We don't need to keep creating VaultLibs everywhere, and we don't need to keep checking for errors because VaultLib does it already.
2015-08-26 16:49:54 +00:00
ciphertext = self.read_data(filename)
better error messages when failing to decrypt
2016-02-18 16:56:25 +00:00
try:
plaintext = self.vault.decrypt(ciphertext)
except AnsibleError as e:
raise AnsibleError("%s for %s" % (to_bytes(e),to_bytes(filename)))
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Make «ansible-vault view» not write plaintext to a tempfile CLI already provides a pager() method that feeds $PAGER on stdin, so we just feed that the plaintext from the vault file. We can also eliminate the redundant and now-unused shell_pager_command method in VaultEditor.
2015-09-30 14:30:34 +00:00
return plaintext
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Retain vault password as bytes in 2.2 (#22378) * Retain vault password as bytes in 2.2 Prior to 2.2.1, the vault password was read in as byes and then remained bytes all the way through the code. A bug existed where bytes and text were mixed, leading to a traceback with non-ascii passwords. In devel, this was fixed by changing the read in password to text type to match with our overall strategy of converting at the borders. This was backported to stable-2.2 for the 2.2.1 release. On reflection, this should not have been backported as it causes passwords which were originally non-utf-8 to become utf-8. People will then have their working 2.2.x vault files become in-accessible. this commit pipes bytes all the way through the system for vault password. That way if a password is read in as a non-utf-8 character sequence, it will continue to work in 2.2.2+. This change is only for the 2.2 branch, not for 2.3 and beyond. Why not everywhere? The reason is that non-utf-8 passwords will cause problems when vault files are shared between systems or users. If the password is read from the prompt and one user/machine has a latin1 encoded locale while a second one has utf-8, the non-ascii password typed in won't match between machines. Deal with this by making sure that when we encrypt the data, we always use valid utf-8. Fixes #20398 (cherry picked from commit 5dcce0666a81917c68b76286685642fd72d84327)
2017-03-07 20:30:09 +00:00
def rekey_file(self, filename, b_new_password):
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
generalized prereqs check added vaultfile class for action and lookup plugin usage
2015-06-16 13:20:15 +00:00
check_prereqs()
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Fix 'ansible-vault edit /some/symlink' (#20417) Since vault edit attempts to unlink edited files before creating a new file with the same name and writing to it, if the file was a symlink, the symlink would be replaced with a regular file. VaultEditor file ops now check if files it is changing are symlinks and instead works directly on the target, so that os.rename() and shutils do the right thing. Add unit tests cases for this case and assorted VaultEditor test cases. Fixes #20264
2017-02-24 17:35:39 +00:00
# follow the symlink
Fix vault reading from stdin (avoid realpath() on non-links) (#23583) * Fix vault reading from stdin (avoid realpath() on non-links) os.path.realpath() is used to find the target of file paths that are symlinks so vault operations happen directly on the target. However, in addition to resolving symlinks, realpath() also returns a full path. when reading from stdin, vault cli uses '-' as a special file path so VaultEditor() will replace with stdin. realpath() was expanding '-' with the CWD to something like '/home/user/playbooks/-' causing errors like: ERROR! [Errno 2] No such file or directory: u'/home/user/ansible/-' Fix is to specialcase '-' to not use realpath() Fixes #23567 * to_text decrypt output when writing to stdout
2017-04-18 17:09:02 +00:00
filename = self._real_path(filename)
Fix 'ansible-vault edit /some/symlink' (#20417) Since vault edit attempts to unlink edited files before creating a new file with the same name and writing to it, if the file was a symlink, the symlink would be replaced with a regular file. VaultEditor file ops now check if files it is changing are symlinks and instead works directly on the target, so that os.rename() and shutils do the right thing. Add unit tests cases for this case and assorted VaultEditor test cases. Fixes #20264
2017-02-24 17:35:39 +00:00
vault noe preserves permissions on edit and rekey and sets a restricitve default umask for all other cases
2015-10-31 17:56:14 +00:00
prev = os.stat(filename)
Simplify VaultEditor methods We don't need to keep creating VaultLibs everywhere, and we don't need to keep checking for errors because VaultLib does it already.
2015-08-26 16:49:54 +00:00
ciphertext = self.read_data(filename)
Fix 'ansible-vault edit /some/symlink' (#20417) Since vault edit attempts to unlink edited files before creating a new file with the same name and writing to it, if the file was a symlink, the symlink would be replaced with a regular file. VaultEditor file ops now check if files it is changing are symlinks and instead works directly on the target, so that os.rename() and shutils do the right thing. Add unit tests cases for this case and assorted VaultEditor test cases. Fixes #20264
2017-02-24 17:35:39 +00:00
better error messages when failing to decrypt
2016-02-18 16:56:25 +00:00
try:
plaintext = self.vault.decrypt(ciphertext)
except AnsibleError as e:
raise AnsibleError("%s for %s" % (to_bytes(e),to_bytes(filename)))
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Fix 'vault rekey' with vault secret env var if ANSIBLE_VAULT_PASSWORD_FILE is set, 'ansible-vault rekey myvault.yml' will fail to prompt for the new vault password file, and will use None. Fix is to split out 'ask_vault_passwords' into 'ask_vault_passwords' and 'ask_new_vault_passwords' to make the logic simpler. And then make sure new_vault_pass is always set for 'rekey', and if not, then call ask_new_vault_passwords() to set it. ask_vault_passwords() would return values for vault_pass and new vault_pass, and vault cli previously would not prompt for new_vault_pass if there was a vault_pass set via a vault password file. Fixes #18247
2016-10-31 16:56:18 +00:00
# This is more or less an assert, see #18247
Retain vault password as bytes in 2.2 (#22378) * Retain vault password as bytes in 2.2 Prior to 2.2.1, the vault password was read in as byes and then remained bytes all the way through the code. A bug existed where bytes and text were mixed, leading to a traceback with non-ascii passwords. In devel, this was fixed by changing the read in password to text type to match with our overall strategy of converting at the borders. This was backported to stable-2.2 for the 2.2.1 release. On reflection, this should not have been backported as it causes passwords which were originally non-utf-8 to become utf-8. People will then have their working 2.2.x vault files become in-accessible. this commit pipes bytes all the way through the system for vault password. That way if a password is read in as a non-utf-8 character sequence, it will continue to work in 2.2.2+. This change is only for the 2.2 branch, not for 2.3 and beyond. Why not everywhere? The reason is that non-utf-8 passwords will cause problems when vault files are shared between systems or users. If the password is read from the prompt and one user/machine has a latin1 encoded locale while a second one has utf-8, the non-ascii password typed in won't match between machines. Deal with this by making sure that when we encrypt the data, we always use valid utf-8. Fixes #20398 (cherry picked from commit 5dcce0666a81917c68b76286685642fd72d84327)
2017-03-07 20:30:09 +00:00
if b_new_password is None:
Fix 'vault rekey' with vault secret env var if ANSIBLE_VAULT_PASSWORD_FILE is set, 'ansible-vault rekey myvault.yml' will fail to prompt for the new vault password file, and will use None. Fix is to split out 'ask_vault_passwords' into 'ask_vault_passwords' and 'ask_new_vault_passwords' to make the logic simpler. And then make sure new_vault_pass is always set for 'rekey', and if not, then call ask_new_vault_passwords() to set it. ask_vault_passwords() would return values for vault_pass and new vault_pass, and vault cli previously would not prompt for new_vault_pass if there was a vault_pass set via a vault password file. Fixes #18247
2016-10-31 16:56:18 +00:00
raise AnsibleError('The value for the new_password to rekey %s with is not valid' % filename)
Retain vault password as bytes in 2.2 (#22378) * Retain vault password as bytes in 2.2 Prior to 2.2.1, the vault password was read in as byes and then remained bytes all the way through the code. A bug existed where bytes and text were mixed, leading to a traceback with non-ascii passwords. In devel, this was fixed by changing the read in password to text type to match with our overall strategy of converting at the borders. This was backported to stable-2.2 for the 2.2.1 release. On reflection, this should not have been backported as it causes passwords which were originally non-utf-8 to become utf-8. People will then have their working 2.2.x vault files become in-accessible. this commit pipes bytes all the way through the system for vault password. That way if a password is read in as a non-utf-8 character sequence, it will continue to work in 2.2.2+. This change is only for the 2.2 branch, not for 2.3 and beyond. Why not everywhere? The reason is that non-utf-8 passwords will cause problems when vault files are shared between systems or users. If the password is read from the prompt and one user/machine has a latin1 encoded locale while a second one has utf-8, the non-ascii password typed in won't match between machines. Deal with this by making sure that when we encrypt the data, we always use valid utf-8. Fixes #20398 (cherry picked from commit 5dcce0666a81917c68b76286685642fd72d84327)
2017-03-07 20:30:09 +00:00
new_vault = VaultLib(b_new_password)
Simplify VaultEditor methods We don't need to keep creating VaultLibs everywhere, and we don't need to keep checking for errors because VaultLib does it already.
2015-08-26 16:49:54 +00:00
new_ciphertext = new_vault.encrypt(plaintext)
vault noe preserves permissions on edit and rekey and sets a restricitve default umask for all other cases
2015-10-31 17:56:14 +00:00
Simplify VaultEditor methods We don't need to keep creating VaultLibs everywhere, and we don't need to keep checking for errors because VaultLib does it already.
2015-08-26 16:49:54 +00:00
self.write_data(new_ciphertext, filename)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Fix typo
2015-11-03 05:27:48 +00:00
# preserve permissions
vault noe preserves permissions on edit and rekey and sets a restricitve default umask for all other cases
2015-10-31 17:56:14 +00:00
os.chmod(filename, prev.st_mode)
os.chown(filename, prev.st_uid, prev.st_gid)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
def read_data(self, filename):
better error messages when failing to decrypt
2016-02-18 16:56:25 +00:00
Simplify VaultEditor methods We don't need to keep creating VaultLibs everywhere, and we don't need to keep checking for errors because VaultLib does it already.
2015-08-26 16:49:54 +00:00
try:
Implement cat-like filtering behaviour for encrypt/decrypt This allows the following invocations: # Interactive use, like gpg ansible-vault encrypt --output x # Non-interactive, for scripting echo plaintext|ansible-vault encrypt --output x # Separate input and output files ansible-vault encrypt input.yml --output output.yml # Existing usage (in-place encryption) unchanged ansible-vault encrypt inout.yml …and the analogous cases for ansible-vault decrypt as well. In all cases, the input and output files can be '-' to read from stdin or write to stdout. This permits sensitive data to be encrypted and decrypted without ever hitting disk.
2015-08-26 17:21:20 +00:00
if filename == '-':
More helpful prompts from ansible-vault encrypt/decrypt Now we issue a "Reading … from stdin" prompt if our input isatty(), as gpg does. We also suppress the "x successful" confirmation message at the end if we're part of a pipeline. (The latter requires that we not close sys.stdout in VaultEditor, and for symmetry we do the same for sys.stdin, though it doesn't matter in that case.)
2015-08-27 07:07:42 +00:00
data = sys.stdin.read()
Implement cat-like filtering behaviour for encrypt/decrypt This allows the following invocations: # Interactive use, like gpg ansible-vault encrypt --output x # Non-interactive, for scripting echo plaintext|ansible-vault encrypt --output x # Separate input and output files ansible-vault encrypt input.yml --output output.yml # Existing usage (in-place encryption) unchanged ansible-vault encrypt inout.yml …and the analogous cases for ansible-vault decrypt as well. In all cases, the input and output files can be '-' to read from stdin or write to stdout. This permits sensitive data to be encrypted and decrypted without ever hitting disk.
2015-08-26 17:21:20 +00:00
else:
More helpful prompts from ansible-vault encrypt/decrypt Now we issue a "Reading … from stdin" prompt if our input isatty(), as gpg does. We also suppress the "x successful" confirmation message at the end if we're part of a pipeline. (The latter requires that we not close sys.stdout in VaultEditor, and for symmetry we do the same for sys.stdin, though it doesn't matter in that case.)
2015-08-27 07:07:42 +00:00
with open(filename, "rb") as fh:
data = fh.read()
Simplify VaultEditor methods We don't need to keep creating VaultLibs everywhere, and we don't need to keep checking for errors because VaultLib does it already.
2015-08-26 16:49:54 +00:00
except Exception as e:
raise AnsibleError(str(e))
return data
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
# TODO: add docstrings for arg types since this code is picky about that
use unix shred if possible, otherwise fast custom impl; do not shred encrypted file
2016-01-05 00:34:45 +00:00
def write_data(self, data, filename, shred=True):
Use sys.stdout.buffer to write vault bytes to stdout on py3 (#23760) * Use sys.stdout.buffer to write vault bytes to stdout on py3 We need sys.stdout.buffer on py3 so we can write bytes to it since the plaintext of the vaulted object could be anything/binary/etc Before, attempting to write bytes to stdout on py3 would cause: TypeError: write() argument must be str, not bytes
2017-04-24 14:09:03 +00:00
"""Write the data bytes to given path
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
Use sys.stdout.buffer to write vault bytes to stdout on py3 (#23760) * Use sys.stdout.buffer to write vault bytes to stdout on py3 We need sys.stdout.buffer on py3 so we can write bytes to it since the plaintext of the vaulted object could be anything/binary/etc Before, attempting to write bytes to stdout on py3 would cause: TypeError: write() argument must be str, not bytes
2017-04-24 14:09:03 +00:00
This is used to write a byte string to a file or stdout. It is used for
writing the results of vault encryption or decryption. It is used for
saving the ciphertext after encryption and it is also used for saving the
plaintext after decrypting a vault. The type of the 'data' arg should be bytes,
since in the plaintext case, the original contents can be of any text encoding
or arbitrary binary data.
When used to write the result of vault encryption, the val of the 'data' arg
should be a utf-8 encoded byte string and not a text typ and not a text type..
When used to write the result of vault decryption, the val of the 'data' arg
should be a byte string and not a text type.
:arg data: the byte string (bytes) data
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
:arg filename: filename to save 'data' to.
Use sys.stdout.buffer to write vault bytes to stdout on py3 (#23760) * Use sys.stdout.buffer to write vault bytes to stdout on py3 We need sys.stdout.buffer on py3 so we can write bytes to it since the plaintext of the vaulted object could be anything/binary/etc Before, attempting to write bytes to stdout on py3 would cause: TypeError: write() argument must be str, not bytes
2017-04-24 14:09:03 +00:00
:arg shred: if shred==True, make sure that the original data is first shredded so that is cannot be recovered.
:returns: None
use unix shred if possible, otherwise fast custom impl; do not shred encrypted file
2016-01-05 00:34:45 +00:00
"""
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
# FIXME: do we need this now? data_bytes should always be a utf-8 byte string
b_file_data = to_bytes(data, errors='strict')
Use sys.stdout.buffer to write vault bytes to stdout on py3 (#23760) * Use sys.stdout.buffer to write vault bytes to stdout on py3 We need sys.stdout.buffer on py3 so we can write bytes to it since the plaintext of the vaulted object could be anything/binary/etc Before, attempting to write bytes to stdout on py3 would cause: TypeError: write() argument must be str, not bytes
2017-04-24 14:09:03 +00:00
# get a ref to either sys.stdout.buffer for py3 or plain old sys.stdout for py2
# We need sys.stdout.buffer on py3 so we can write bytes to it since the plaintext
# of the vaulted object could be anything/binary/etc
output = getattr(sys.stdout, 'buffer', sys.stdout)
Implement cat-like filtering behaviour for encrypt/decrypt This allows the following invocations: # Interactive use, like gpg ansible-vault encrypt --output x # Non-interactive, for scripting echo plaintext|ansible-vault encrypt --output x # Separate input and output files ansible-vault encrypt input.yml --output output.yml # Existing usage (in-place encryption) unchanged ansible-vault encrypt inout.yml …and the analogous cases for ansible-vault decrypt as well. In all cases, the input and output files can be '-' to read from stdin or write to stdout. This permits sensitive data to be encrypted and decrypted without ever hitting disk.
2015-08-26 17:21:20 +00:00
if filename == '-':
Use sys.stdout.buffer to write vault bytes to stdout on py3 (#23760) * Use sys.stdout.buffer to write vault bytes to stdout on py3 We need sys.stdout.buffer on py3 so we can write bytes to it since the plaintext of the vaulted object could be anything/binary/etc Before, attempting to write bytes to stdout on py3 would cause: TypeError: write() argument must be str, not bytes
2017-04-24 14:09:03 +00:00
output.write(b_file_data)
Implement cat-like filtering behaviour for encrypt/decrypt This allows the following invocations: # Interactive use, like gpg ansible-vault encrypt --output x # Non-interactive, for scripting echo plaintext|ansible-vault encrypt --output x # Separate input and output files ansible-vault encrypt input.yml --output output.yml # Existing usage (in-place encryption) unchanged ansible-vault encrypt inout.yml …and the analogous cases for ansible-vault decrypt as well. In all cases, the input and output files can be '-' to read from stdin or write to stdout. This permits sensitive data to be encrypted and decrypted without ever hitting disk.
2015-08-26 17:21:20 +00:00
else:
if os.path.isfile(filename):
use unix shred if possible, otherwise fast custom impl; do not shred encrypted file
2016-01-05 00:34:45 +00:00
if shred:
self._shred_file(filename)
else:
os.remove(filename)
More helpful prompts from ansible-vault encrypt/decrypt Now we issue a "Reading … from stdin" prompt if our input isatty(), as gpg does. We also suppress the "x successful" confirmation message at the end if we're part of a pipeline. (The latter requires that we not close sys.stdout in VaultEditor, and for symmetry we do the same for sys.stdin, though it doesn't matter in that case.)
2015-08-27 07:07:42 +00:00
with open(filename, "wb") as fh:
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
fh.write(b_file_data)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
def shuffle_files(self, src, dest):
vault noe preserves permissions on edit and rekey and sets a restricitve default umask for all other cases
2015-10-31 17:56:14 +00:00
prev = None
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
# overwrite dest with src
if os.path.isfile(dest):
vault noe preserves permissions on edit and rekey and sets a restricitve default umask for all other cases
2015-10-31 17:56:14 +00:00
prev = os.stat(dest)
shred ansible-vault tmp_file. Also when editor is interruped.
2015-12-30 17:21:34 +00:00
# old file 'dest' was encrypted, no need to _shred_file
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
os.remove(dest)
shutil.move(src, dest)
vault noe preserves permissions on edit and rekey and sets a restricitve default umask for all other cases
2015-10-31 17:56:14 +00:00
# reset permissions if needed
if prev is not None:
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
# TODO: selinux, ACLs, xattr?
vault noe preserves permissions on edit and rekey and sets a restricitve default umask for all other cases
2015-10-31 17:56:14 +00:00
os.chmod(dest, prev.st_mode)
os.chown(dest, prev.st_uid, prev.st_gid)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
def _editor_shell_command(self, filename):
make vi the default editor if no EDITOR fixes #15577
2016-05-02 12:42:50 +00:00
EDITOR = os.environ.get('EDITOR','vi')
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
editor = shlex.split(EDITOR)
editor.append(filename)
return editor
Move uses of to_bytes, to_text, to_native to use the module_utils version (#17423) We couldn't copy to_unicode, to_bytes, to_str into module_utils because of licensing. So once created it we had two sets of functions that did the same things but had different implementations. To remedy that, this change removes the ansible.utils.unicode versions of those functions.
2016-09-07 05:54:17 +00:00
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
########################################
# CIPHERS #
########################################
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
class VaultAES:
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
# this version has been obsoleted by the VaultAES256 class
# which uses encrypt-then-mac (fixing order) and also improving the KDF used
# code remains for upgrade purposes only
# http://stackoverflow.com/a/16761459
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
# Note: strings in this class should be byte strings by default.
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
def __init__(self):
if not HAS_AES:
simplified ansible errors, moved md5 hash import with notes to be more prominent
2015-07-11 18:24:00 +00:00
raise AnsibleError(CRYPTO_UPGRADE)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
def _aes_derive_key_and_iv(self, b_password, b_salt, key_length, iv_length):
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
""" Create a key and an initialization vector """
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_d = b_di = b''
while len(b_d) < key_length + iv_length:
b_text = b''.join([b_di, b_password, b_salt])
b_di = to_bytes(md5(b_text).digest(), errors='strict')
b_d += b_di
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_key = b_d[:key_length]
b_iv = b_d[key_length:key_length+iv_length]
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
return b_key, b_iv
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
def encrypt(self, b_plaintext, b_password, key_length=32):
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
""" Read plaintext data from in_file and write encrypted to out_file """
Remove deprecated and unused VaultAES encryption code Now that VaultLib always decides to use AES256 to encrypt, we don't need this broken code any more. We need to be able to decrypt this format for a while longer, but encryption support can be safely dropped.
2015-08-27 10:47:13 +00:00
raise AnsibleError("Encryption disabled for deprecated VaultAES class")
Updated the vault/__init__.py and test_vault.py files to support 2/3. Existing tests pass under both versions, but there could still be some issues since, it involves a lot of 2/3 bytes-unicode conversions.
2015-04-15 18:08:53 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
def decrypt(self, b_vaulttext, b_password, key_length=32):
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
""" Decrypt the given data and return it
:arg b_data: A byte string containing the encrypted data
:arg b_password: A byte string containing the encryption password
:arg key_length: Length of the key
:returns: A byte string containing the decrypted data
"""
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
display.deprecated(u'The VaultAES format is insecure and has been'
' deprecated since Ansible-1.5. Use vault rekey FILENAME to'
' switch to the newer VaultAES256 format', version='2.3')
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
# http://stackoverflow.com/a/14989032
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_ciphertext = unhexlify(b_vaulttext)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
in_file = BytesIO(b_ciphertext)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
in_file.seek(0)
out_file = BytesIO()
bs = AES.block_size
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_tmpsalt = in_file.read(bs)
b_salt = b_tmpsalt[len(b'Salted__'):]
b_key, b_iv = self._aes_derive_key_and_iv(b_password, b_salt, key_length, bs)
cipher = AES.new(b_key, AES.MODE_CBC, b_iv)
b_next_chunk = b''
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
finished = False
while not finished:
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_chunk, b_next_chunk = b_next_chunk, cipher.decrypt(in_file.read(1024 * bs))
if len(b_next_chunk) == 0:
Fix for six version 1.1.0 (rhel6).
2015-06-03 17:24:35 +00:00
if PY3:
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
padding_length = b_chunk[-1]
Fix for six version 1.1.0 (rhel6).
2015-06-03 17:24:35 +00:00
else:
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
padding_length = ord(b_chunk[-1])
Updated the vault/__init__.py and test_vault.py files to support 2/3. Existing tests pass under both versions, but there could still be some issues since, it involves a lot of 2/3 bytes-unicode conversions.
2015-04-15 18:08:53 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_chunk = b_chunk[:-padding_length]
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
finished = True
Attempted to updated the vault editor to support 2/3 compatibility. Unfortunately, I wasn't able to fix a bug in the VaultAES in which during the test_decrypt_1_0 and test_rekey_migration in which VaultAES wasn't successfully writing the writing the encrypted key to out_file (BytesIO). Added skipping vault_editor tests test_decrypt_1_0 and test_rekey_migration in python3 since I wasn't able to successfully backport VaultAES without weird bugs.
2015-04-16 16:53:59 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
out_file.write(b_chunk)
Attempted to updated the vault editor to support 2/3 compatibility. Unfortunately, I wasn't able to fix a bug in the VaultAES in which during the test_decrypt_1_0 and test_rekey_migration in which VaultAES wasn't successfully writing the writing the encrypted key to out_file (BytesIO). Added skipping vault_editor tests test_decrypt_1_0 and test_rekey_migration in python3 since I wasn't able to successfully backport VaultAES without weird bugs.
2015-04-16 16:53:59 +00:00
out_file.flush()
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
# reset the stream pointer to the beginning
out_file.seek(0)
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_out_data = out_file.read()
Attempted to updated the vault editor to support 2/3 compatibility. Unfortunately, I wasn't able to fix a bug in the VaultAES in which during the test_decrypt_1_0 and test_rekey_migration in which VaultAES wasn't successfully writing the writing the encrypted key to out_file (BytesIO). Added skipping vault_editor tests test_decrypt_1_0 and test_rekey_migration in python3 since I wasn't able to successfully backport VaultAES without weird bugs.
2015-04-16 16:53:59 +00:00
out_file.close()
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
# split out sha and verify decryption
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_split_data = b_out_data.split(b"\n", 1)
b_this_sha = b_split_data[0]
b_plaintext = b_split_data[1]
b_test_sha = to_bytes(sha256(b_plaintext).hexdigest())
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
if b_this_sha != b_test_sha:
simplified ansible errors, moved md5 hash import with notes to be more prominent
2015-07-11 18:24:00 +00:00
raise AnsibleError("Decryption failed")
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
return b_plaintext
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
class VaultAES256:
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
"""
Updated the vault/__init__.py and test_vault.py files to support 2/3. Existing tests pass under both versions, but there could still be some issues since, it involves a lot of 2/3 bytes-unicode conversions.
2015-04-15 18:08:53 +00:00
Vault implementation using AES-CTR with an HMAC-SHA256 authentication code.
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Keys are derived using PBKDF2
"""
# http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html
Unicode and other fixes for vault
2015-08-24 22:49:55 +00:00
# Note: strings in this class should be byte strings by default.
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
def __init__(self):
generalized prereqs check added vaultfile class for action and lookup plugin usage
2015-06-16 13:20:15 +00:00
check_prereqs()
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
@staticmethod
def _create_key(b_password, b_salt, keylength, ivlength):
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
hash_function = SHA256
# make two keys and one iv
pbkdf2_prf = lambda p, s: HMAC.new(p, s, hash_function).digest()
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_derivedkey = PBKDF2(b_password, b_salt, dkLen=(2 * keylength) + ivlength,
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
count=10000, prf=pbkdf2_prf)
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
return b_derivedkey
Use PBKDF2HMAC() from cryptography for vault keys. When stretching the key for vault files, use PBKDF2HMAC() from the cryptography package instead of pycrypto. This will speed up the opening of vault files by ~10x. The problem is here in lib/ansible/utils/vault.py: hash_function = SHA256 # make two keys and one iv pbkdf2_prf = lambda p, s: HMAC.new(p, s, hash_function).digest() derivedkey = PBKDF2(password, salt, dkLen=(2 * keylength) + ivlength, count=10000, prf=pbkdf2_prf) `PBKDF2()` calls a Python callback function (`pbkdf2_pr()`) 10000 times. If one has several vault files, this will cause excessive start times with `ansible` or `ansible-playbook` (we experience ~15 second startup times). Testing the original implementation in 1.9.2 with a vault file: In [2]: %timeit v.decrypt(encrypted_data) 1 loops, best of 3: 265 ms per loop Having a recent OpenSSL version and using the vault.py changes in this commit: In [2]: %timeit v.decrypt(encrypted_data) 10 loops, best of 3: 23.2 ms per loop
2015-07-22 17:52:42 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
@classmethod
def _gen_key_initctr(cls, b_password, b_salt):
Use PBKDF2HMAC() from cryptography for vault keys. When stretching the key for vault files, use PBKDF2HMAC() from the cryptography package instead of pycrypto. This will speed up the opening of vault files by ~10x. The problem is here in lib/ansible/utils/vault.py: hash_function = SHA256 # make two keys and one iv pbkdf2_prf = lambda p, s: HMAC.new(p, s, hash_function).digest() derivedkey = PBKDF2(password, salt, dkLen=(2 * keylength) + ivlength, count=10000, prf=pbkdf2_prf) `PBKDF2()` calls a Python callback function (`pbkdf2_pr()`) 10000 times. If one has several vault files, this will cause excessive start times with `ansible` or `ansible-playbook` (we experience ~15 second startup times). Testing the original implementation in 1.9.2 with a vault file: In [2]: %timeit v.decrypt(encrypted_data) 1 loops, best of 3: 265 ms per loop Having a recent OpenSSL version and using the vault.py changes in this commit: In [2]: %timeit v.decrypt(encrypted_data) 10 loops, best of 3: 23.2 ms per loop
2015-07-22 17:52:42 +00:00
# 16 for AES 128, 32 for AES256
keylength = 32
# match the size used for counter.new to avoid extra work
ivlength = 16
if HAS_PBKDF2HMAC:
backend = default_backend()
kdf = PBKDF2HMAC(
algorithm=c_SHA256(),
length=2 * keylength + ivlength,
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
salt=b_salt,
Use PBKDF2HMAC() from cryptography for vault keys. When stretching the key for vault files, use PBKDF2HMAC() from the cryptography package instead of pycrypto. This will speed up the opening of vault files by ~10x. The problem is here in lib/ansible/utils/vault.py: hash_function = SHA256 # make two keys and one iv pbkdf2_prf = lambda p, s: HMAC.new(p, s, hash_function).digest() derivedkey = PBKDF2(password, salt, dkLen=(2 * keylength) + ivlength, count=10000, prf=pbkdf2_prf) `PBKDF2()` calls a Python callback function (`pbkdf2_pr()`) 10000 times. If one has several vault files, this will cause excessive start times with `ansible` or `ansible-playbook` (we experience ~15 second startup times). Testing the original implementation in 1.9.2 with a vault file: In [2]: %timeit v.decrypt(encrypted_data) 1 loops, best of 3: 265 ms per loop Having a recent OpenSSL version and using the vault.py changes in this commit: In [2]: %timeit v.decrypt(encrypted_data) 10 loops, best of 3: 23.2 ms per loop
2015-07-22 17:52:42 +00:00
iterations=10000,
backend=backend)
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_derivedkey = kdf.derive(b_password)
Use PBKDF2HMAC() from cryptography for vault keys. When stretching the key for vault files, use PBKDF2HMAC() from the cryptography package instead of pycrypto. This will speed up the opening of vault files by ~10x. The problem is here in lib/ansible/utils/vault.py: hash_function = SHA256 # make two keys and one iv pbkdf2_prf = lambda p, s: HMAC.new(p, s, hash_function).digest() derivedkey = PBKDF2(password, salt, dkLen=(2 * keylength) + ivlength, count=10000, prf=pbkdf2_prf) `PBKDF2()` calls a Python callback function (`pbkdf2_pr()`) 10000 times. If one has several vault files, this will cause excessive start times with `ansible` or `ansible-playbook` (we experience ~15 second startup times). Testing the original implementation in 1.9.2 with a vault file: In [2]: %timeit v.decrypt(encrypted_data) 1 loops, best of 3: 265 ms per loop Having a recent OpenSSL version and using the vault.py changes in this commit: In [2]: %timeit v.decrypt(encrypted_data) 10 loops, best of 3: 23.2 ms per loop
2015-07-22 17:52:42 +00:00
else:
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_derivedkey = cls._create_key(b_password, b_salt, keylength, ivlength)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_key1 = b_derivedkey[:keylength]
b_key2 = b_derivedkey[keylength:(keylength * 2)]
b_iv = b_derivedkey[(keylength * 2):(keylength * 2) + ivlength]
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
return b_key1, b_key2, hexlify(b_iv)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
def encrypt(self, b_plaintext, b_password):
b_salt = os.urandom(32)
b_key1, b_key2, b_iv = self._gen_key_initctr(b_password, b_salt)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
# PKCS#7 PAD DATA http://tools.ietf.org/html/rfc5652#section-6.3
bs = AES.block_size
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
padding_length = (bs - len(b_plaintext) % bs) or bs
b_plaintext += to_bytes(padding_length * chr(padding_length), encoding='ascii', errors='strict')
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
# COUNTER.new PARAMETERS
# 1) nbits (integer) - Length of the counter, in bits.
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
# 2) initial_value (integer) - initial value of the counter. "iv" from _gen_key_initctr
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
ctr = Counter.new(128, initial_value=int(b_iv, 16))
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
# AES.new PARAMETERS
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
# 1) AES key, must be either 16, 24, or 32 bytes long -- "key" from _gen_key_initctr
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
# 2) MODE_CTR, is the recommended mode
# 3) counter=<CounterObject>
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
cipher = AES.new(b_key1, AES.MODE_CTR, counter=ctr)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
# ENCRYPT PADDED DATA
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_ciphertext = cipher.encrypt(b_plaintext)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
# COMBINE SALT, DIGEST AND DATA
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
hmac = HMAC.new(b_key2, b_ciphertext, SHA256)
b_vaulttext = b'\n'.join([hexlify(b_salt), to_bytes(hmac.hexdigest()), hexlify(b_ciphertext)])
b_vaulttext = hexlify(b_vaulttext)
return b_vaulttext
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
def decrypt(self, b_vaulttext, b_password):
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
# SPLIT SALT, DIGEST, AND DATA
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_vaulttext = unhexlify(b_vaulttext)
b_salt, b_cryptedHmac, b_ciphertext = b_vaulttext.split(b"\n", 2)
b_salt = unhexlify(b_salt)
b_ciphertext = unhexlify(b_ciphertext)
b_key1, b_key2, b_iv = self._gen_key_initctr(b_password, b_salt)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Updated the vault/__init__.py and test_vault.py files to support 2/3. Existing tests pass under both versions, but there could still be some issues since, it involves a lot of 2/3 bytes-unicode conversions.
2015-04-15 18:08:53 +00:00
# EXIT EARLY IF DIGEST DOESN'T MATCH
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
hmacDecrypt = HMAC.new(b_key2, b_ciphertext, SHA256)
if not self._is_equal(b_cryptedHmac, to_bytes(hmacDecrypt.hexdigest())):
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
return None
# SET THE COUNTER AND THE CIPHER
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
ctr = Counter.new(128, initial_value=int(b_iv, 16))
cipher = AES.new(b_key1, AES.MODE_CTR, counter=ctr)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
# DECRYPT PADDED DATA
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_plaintext = cipher.decrypt(b_ciphertext)
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
# UNPAD DATA
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
if PY3:
padding_length = b_plaintext[-1]
else:
padding_length = ord(b_plaintext[-1])
Updated the vault/__init__.py and test_vault.py files to support 2/3. Existing tests pass under both versions, but there could still be some issues since, it involves a lot of 2/3 bytes-unicode conversions.
2015-04-15 18:08:53 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
b_plaintext = b_plaintext[:-padding_length]
return b_plaintext
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
@staticmethod
def _is_equal(b_a, b_b):
Updated the vault/__init__.py and test_vault.py files to support 2/3. Existing tests pass under both versions, but there could still be some issues since, it involves a lot of 2/3 bytes-unicode conversions.
2015-04-15 18:08:53 +00:00
"""
Comparing 2 byte arrrays in constant time
to avoid timing attacks.
It would be nice if there was a library for this but
hey.
"""
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
if not (isinstance(b_a, binary_type) and isinstance(b_b, binary_type)):
raise TypeError('_is_equal can only be used to compare two byte strings')
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
# http://codahale.com/a-lesson-in-timing-attacks/
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
if len(b_a) != len(b_b):
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
return False
Updated the vault/__init__.py and test_vault.py files to support 2/3. Existing tests pass under both versions, but there could still be some issues since, it involves a lot of 2/3 bytes-unicode conversions.
2015-04-15 18:08:53 +00:00
Overhauls to v2 code * using inspect module instead of iteritems(self.__class__.__dict__, due to the fact that the later does not include attributes from parent classes * added tags/when attributes to Base() class for use by all subclasses * removed value/callable code from Attribute, as they are not used * started moving some limited code from utils to new places in v2 tree (vault, yaml-parsing related defs) * re-added ability of Block.load() to create implicit blocks from tasks * started overhaul of Role class and role-related code
2014-10-19 05:14:30 +00:00
result = 0
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
for b_x, b_y in zip(b_a, b_b):
Fix for six version 1.1.0 (rhel6).
2015-06-03 17:24:35 +00:00
if PY3:
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
result |= b_x ^ b_y
Fix for six version 1.1.0 (rhel6).
2015-06-03 17:24:35 +00:00
else:
Many Cleanups to vault * Make is_encrypted_file handle both files opened in text and binary mode On python3, by default files are opened in text mode. Since we know the encoding of vault files (and especially the header which is the first set of bytes) we can decide whether the file is an encrypted vault file in either case. * Fix is_encrypted_file not resetting the file position * Update is_encrypted_file to check that all the data in the file is ascii * For is_encrypted_file(), add start_pos and count parameters This allows callers to specify reading vaulttext from the middle of a file if necessary. * Combine VaultLib.encrypt() and VaultLib.encrypt_bytestring() * Change vault's is_encrypted() to take either text or byte strings and to return False if any part of the data is non-ascii. * Remove unnecessary use of six.b * Vault Cipher: mark a few methods as private. * VaultAES256._is_equal throws a TypeError if given non byte strings * Make VaultAES256 methods that don't need self staticmethods and classmethods * Mark VaultAES and is_encrypted as deprecated * Get rid of VaultFile (unused and feature implemented in a different way) * Normalize variable and parameter names on plaintext, ciphertext, vaulttext * Normalize variable and parameter names on "b_" prefix when dealing with bytes * Test changes: * Remove redundant tests( both checking the same byte string) * Fix use of format string without format operator * Enable vault editor tests on python3 * Initialize the vault_cipher for VaultAES256 testing in setUp() * Make assertTrue and assertFalse take the actual method calls for better error messages. * Test that non-ascii byte strings compare correctly. * Test that unicode strings and ints raise TypeError * Test-specific: * Removed test_methods_exist(). We only have one VaultLib so the implementation is the assurance that the methods exist. (Can use an abc for this if it changes). * Add tests for both byte string and text string input where the API takes either. * Convert "assert" to unittest assert functions or add a custom message where that will make failures easier to debug. * Move instantiating the VaultLib into setUp().
2016-09-13 14:30:17 +00:00
result |= ord(b_x) ^ ord(b_y)
Updated the vault/__init__.py and test_vault.py files to support 2/3. Existing tests pass under both versions, but there could still be some issues since, it involves a lot of 2/3 bytes-unicode conversions.
2015-04-15 18:08:53 +00:00
return result == 0
simplified ansible errors, moved md5 hash import with notes to be more prominent
2015-07-11 18:24:00 +00:00
Make vault use a mapping of cipher name to classes instead of formatting the name for safety.
2015-10-16 17:04:37 +00:00
# Keys could be made bytes later if the code that gets the data is more
# naturally byte-oriented
CIPHER_MAPPING = {
Implement vault encrypted yaml variables. (#16274) Make !vault-encrypted create a AnsibleVaultUnicode yaml object that can be used as a regular string object. This allows a playbook to include a encrypted vault blob for the value of a yaml variable. A 'secret_password' variable can have it's value encrypted instead of having to vault encrypt an entire vars file. Add __ENCRYPTED__ to the vault yaml types so template.Template can treat it similar to __UNSAFE__ flags. vault.VaultLib api changes: - Split VaultLib.encrypt to encrypt and encrypt_bytestring - VaultLib.encrypt() previously accepted the plaintext data as either a byte string or a unicode string. Doing the right thing based on the input type would fail on py3 if given a arg of type 'bytes'. To simplify the API, vaultlib.encrypt() now assumes input plaintext is a py2 unicode or py3 str. It will encode to utf-8 then call the new encrypt_bytestring(). The new methods are less ambiguous. - moved VaultLib.is_encrypted logic to vault module scope and split to is_encrypted() and is_encrypted_file(). Add a test/unit/mock/yaml_helper.py It has some helpers for testing parsing/yaml Integration tests added as roles test_vault and test_vault_embedded
2016-08-24 00:03:11 +00:00
u'AES': VaultAES,
u'AES256': VaultAES256,
}