PageRenderTime 58ms CodeModel.GetById 21ms RepoModel.GetById 0ms app.codeStats 0ms

/lib/galaxy/web/security/__init__.py

https://bitbucket.org/nicste/ballaxy
Python | 57 lines | 41 code | 5 blank | 11 comment | 5 complexity | 685946607499c4f8bfc61f0099bca6bf MD5 | raw file
  1. import os, os.path, logging
  2. import pkg_resources
  3. pkg_resources.require( "pycrypto" )
  4. from Crypto.Cipher import Blowfish
  5. from Crypto.Util.randpool import RandomPool
  6. from Crypto.Util import number
  7. log = logging.getLogger( __name__ )
  8. if os.path.exists( "/dev/urandom" ):
  9. # We have urandom, use it as the source of random data
  10. random_fd = os.open( "/dev/urandom", os.O_RDONLY )
  11. def get_random_bytes( nbytes ):
  12. value = os.read( random_fd, nbytes )
  13. # Normally we should get as much as we need
  14. if len( value ) == nbytes:
  15. return value.encode( "hex" )
  16. # If we don't, keep reading (this is slow and should never happen)
  17. while len( value ) < nbytes:
  18. value += os.read( random_fd, nbytes - len( value ) )
  19. return value.encode( "hex" )
  20. else:
  21. def get_random_bytes( nbytes ):
  22. nbits = nbytes * 8
  23. random_pool = RandomPool( 1064 )
  24. while random_pool.entropy < nbits:
  25. random_pool.add_event()
  26. random_pool.stir()
  27. return str( number.getRandomNumber( nbits, random_pool.get_bytes ) )
  28. class SecurityHelper( object ):
  29. def __init__( self, **config ):
  30. self.id_secret = config['id_secret']
  31. self.id_cipher = Blowfish.new( self.id_secret )
  32. def encode_id( self, obj_id ):
  33. # Convert to string
  34. s = str( obj_id )
  35. # Pad to a multiple of 8 with leading "!"
  36. s = ( "!" * ( 8 - len(s) % 8 ) ) + s
  37. # Encrypt
  38. return self.id_cipher.encrypt( s ).encode( 'hex' )
  39. def decode_id( self, obj_id ):
  40. return int( self.id_cipher.decrypt( obj_id.decode( 'hex' ) ).lstrip( "!" ) )
  41. def encode_guid( self, session_key ):
  42. # Session keys are strings
  43. # Pad to a multiple of 8 with leading "!"
  44. s = ( "!" * ( 8 - len( session_key ) % 8 ) ) + session_key
  45. # Encrypt
  46. return self.id_cipher.encrypt( s ).encode( 'hex' )
  47. def decode_guid( self, session_key ):
  48. # Session keys are strings
  49. return self.id_cipher.decrypt( session_key.decode( 'hex' ) ).lstrip( "!" )
  50. def get_new_guid( self ):
  51. # Generate a unique, high entropy 128 bit random number
  52. return get_random_bytes( 16 )