-
Notifications
You must be signed in to change notification settings - Fork 0
/
crud.py
84 lines (60 loc) · 2.93 KB
/
crud.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
import os, hashlib, base64, cryptography.fernet
from cryptography.fernet import Fernet
def hash_and_salt_used(username, password):
# return hashed_master_password, salt in a list. ONLY FOR SIGNUP
result = []
salt = os.urandom(16)
derived_key = hashlib.pbkdf2_hmac('sha256', password.encode('utf-8'), salt, 100000, dklen=32)
fernet_key = base64.urlsafe_b64encode(derived_key)
fernet = Fernet(fernet_key)
cipher = fernet.encrypt(password.encode()).decode()
result.append(cipher)
result.append(salt)
return result
def add_a_new_password(entered_pass):
password = input("Enter Account Password To Store: ")
# returns hash, salt
salt = os.urandom(16)
derived_key = hashlib.pbkdf2_hmac('sha256', entered_pass.encode('utf-8'), salt, 100000, dklen=32)
fernet_key = base64.urlsafe_b64encode(derived_key)
fernet = Fernet(fernet_key)
cipher = fernet.encrypt(password.encode()).decode()
return [cipher, salt]
def hashed_password_to_plaintext(cipher, salt, master_password):
# return str
derived_key = hashlib.pbkdf2_hmac('sha256', master_password.encode('utf-8'), salt, 100000, dklen=32)
fernet_key = base64.urlsafe_b64encode(derived_key)
fernet = Fernet(fernet_key)
try:
temp = fernet.decrypt(cipher.encode()).decode()
return temp
except cryptography.fernet.InvalidToken:
"""
Otherwise, an exception is raised (specifically, cryptography.fernet.InvalidToken), indicating that the decryption failed,
which happens if the entered password doesn't match the original password.
"""
return "decryption failed"
def update_a_password(entered_account_name, entered_pass):
password = input("Enter {}'s New Password To Update: ".format(entered_account_name))
# returns hash, salt
salt = os.urandom(16)
derived_key = hashlib.pbkdf2_hmac('sha256', entered_pass.encode('utf-8'), salt, 100000, dklen=32)
fernet_key = base64.urlsafe_b64encode(derived_key)
fernet = Fernet(fernet_key)
cipher = fernet.encrypt(password.encode()).decode()
return [cipher, salt]
def encrypt_the_new_master_password(entered_password):
# return cipher, salt
salt = os.urandom(16)
new_derived_master_key = hashlib.pbkdf2_hmac('sha256', entered_password.encode('utf-8'), salt, 100000, dklen=32)
fernet_key = base64.urlsafe_b64encode(new_derived_master_key)
fernet = Fernet(fernet_key)
cipher = fernet.encrypt(entered_password.encode()).decode()
return [cipher, salt]
def encrypt_stored_password_with_new_master_password(stored_pass_plaintext, new_entered_master_pass):
salt = os.urandom(16)
new_derived_master_key = hashlib.pbkdf2_hmac('sha256', new_entered_master_pass.encode('utf-8'), salt, 100000, dklen=32)
fernet_key = base64.urlsafe_b64encode(new_derived_master_key)
fernet = Fernet(fernet_key)
cipher = fernet.encrypt(stored_pass_plaintext.encode()).decode()
return [cipher, salt]