PageRenderTime 130ms CodeModel.GetById 23ms RepoModel.GetById 0ms app.codeStats 0ms

/lib/galaxy/web/security/__init__.py

https://bitbucket.org/nicste/ballaxy
Python | 57 lines | 41 code | 5 blank | 11 comment | 5 complexity | 685946607499c4f8bfc61f0099bca6bf MD5 | raw file
    

  1. import os, os.path, logging
    2. 

  2. 

  3. import pkg_resources
    4. 

  4. pkg_resources.require( "pycrypto" )
    5. 

  5. 

  6. from Crypto.Cipher import Blowfish
    7. 

  7. from Crypto.Util.randpool import RandomPool
    8. 

  8. from Crypto.Util import number
    9. 

  9. 

  10. log = logging.getLogger( __name__ )
    11. 

  11. 

  12. if os.path.exists( "/dev/urandom" ):
    13. 

  13.     # We have urandom, use it as the source of random data
    14. 

  14.     random_fd = os.open( "/dev/urandom", os.O_RDONLY )
    15. 

  15.     def get_random_bytes( nbytes ):
    16. 

  16.         value = os.read( random_fd, nbytes )
    17. 

  17.         # Normally we should get as much as we need
    18. 

  18.         if len( value ) == nbytes:
    19. 

  19.             return value.encode( "hex" )
    20. 

  20.         # If we don't, keep reading (this is slow and should never happen)
    21. 

  21.         while len( value ) < nbytes:
    22. 

  22.             value += os.read( random_fd, nbytes - len( value ) )
    23. 

  23.         return value.encode( "hex" )
    24. 

  24. else:
    25. 

  25.     def get_random_bytes( nbytes ):
    26. 

  26.         nbits = nbytes * 8
    27. 

  27.         random_pool = RandomPool( 1064 )
    28. 

  28.         while random_pool.entropy < nbits:
    29. 

  29.             random_pool.add_event()
    30. 

  30.         random_pool.stir()
    31. 

  31.         return str( number.getRandomNumber( nbits, random_pool.get_bytes ) )
    32. 

  32. 

  33. class SecurityHelper( object ):
    34. 

  34.     def __init__( self, **config ):
    35. 

  35.         self.id_secret = config['id_secret']
    36. 

  36.         self.id_cipher = Blowfish.new( self.id_secret )
    37. 

  37.     def encode_id( self, obj_id ):
    38. 

  38.         # Convert to string
    39. 

  39.         s = str( obj_id )
    40. 

  40.         # Pad to a multiple of 8 with leading "!" 
    41. 

  41.         s = ( "!" * ( 8 - len(s) % 8 ) ) + s
    42. 

  42.         # Encrypt
    43. 

  43.         return self.id_cipher.encrypt( s ).encode( 'hex' )
    44. 

  44.     def decode_id( self, obj_id ):
    45. 

  45.         return int( self.id_cipher.decrypt( obj_id.decode( 'hex' ) ).lstrip( "!" ) )
    46. 

  46.     def encode_guid( self, session_key ):
    47. 

  47.         # Session keys are strings
    48. 

  48.         # Pad to a multiple of 8 with leading "!" 
    49. 

  49.         s = ( "!" * ( 8 - len( session_key ) % 8 ) ) + session_key
    50. 

  50.         # Encrypt
    51. 

  51.         return self.id_cipher.encrypt( s ).encode( 'hex' )
    52. 

  52.     def decode_guid( self, session_key ):
    53. 

  53.         # Session keys are strings
    54. 

  54.         return self.id_cipher.decrypt( session_key.decode( 'hex' ) ).lstrip( "!" )
    55. 

  55.     def get_new_guid( self ):
    56. 

  56.         # Generate a unique, high entropy 128 bit random number
    57. 

  57.         return get_random_bytes( 16 )
    58. 

  58.