python-novaclient/novaclient/crypto.py

# Copyright 2013 Nebula, Inc.
# All Rights Reserved.
#
#    Licensed under the Apache License, Version 2.0 (the "License"); you may
#    not use this file except in compliance with the License. You may obtain
#    a copy of the License at
#
#         http://www.apache.org/licenses/LICENSE-2.0
#
#    Unless required by applicable law or agreed to in writing, software
#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
#    License for the specific language governing permissions and limitations
#    under the License.

import base64
import subprocess


class DecryptionFailure(Exception):
    pass


def decrypt_password(private_key, password):
    """Base64 decodes password and unencrypts it with private key.

    Requires openssl binary available in the path.
    """
    unencoded = base64.b64decode(password)
    cmd = ['openssl', 'rsautl', '-decrypt', '-inkey', private_key]
    proc = subprocess.Popen(cmd, stdin=subprocess.PIPE,
                            stdout=subprocess.PIPE,
                            stderr=subprocess.PIPE)
    out, err = proc.communicate(unencoded)
    proc.stdin.close()
    if proc.returncode:
        raise DecryptionFailure(err)
    return out
Implement get password for novaclient This will download and decrypt a base64 encoded encrypted password from the os-server-password extension. It depends on the user having openssl installed, but if there is an error of any kind it will print out the encoded and encrypted password instead. It also implements clear_password which will delete the password so it can no longer be retrieved. Change-Id: I2c4e6c3f03b70dc98d6d339381648a6058f46e21 2013-01-11 14:30:41 -08:00			`# Copyright 2013 Nebula, Inc.`
			`# All Rights Reserved.`
			`#`
			`# Licensed under the Apache License, Version 2.0 (the "License"); you may`
			`# not use this file except in compliance with the License. You may obtain`
			`# a copy of the License at`
			`#`
			`# http://www.apache.org/licenses/LICENSE-2.0`
			`#`
			`# Unless required by applicable law or agreed to in writing, software`
			`# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT`
			`# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the`
			`# License for the specific language governing permissions and limitations`
			`# under the License.`

			`import base64`
			`import subprocess`


			`class DecryptionFailure(Exception):`
			`pass`


			`def decrypt_password(private_key, password):`
Corrects typos "coearse," "proejct," and "unecrypts" Misspelling of "coerce" found in the docstring body of method _boot from class ServerManager. Misspellings of "project" and "unencrypts" found in docstrings of client.py and crypto.py. Change-Id: I052c321f3ad5e13aa57a559e2f28ec5eec32a9b4 2014-09-16 17:40:06 -07:00			`"""Base64 decodes password and unencrypts it with private key.`
Implement get password for novaclient This will download and decrypt a base64 encoded encrypted password from the os-server-password extension. It depends on the user having openssl installed, but if there is an error of any kind it will print out the encoded and encrypted password instead. It also implements clear_password which will delete the password so it can no longer be retrieved. Change-Id: I2c4e6c3f03b70dc98d6d339381648a6058f46e21 2013-01-11 14:30:41 -08:00
Enables H403 pep8 rules Updates tox.ini to reduce ignored rules. Updates code for H403 violation. Change-Id: Iee7b34a27c62ce8cb0f26166b3c16e3386e2fecd 2013-12-12 03:55:50 +00:00			`Requires openssl binary available in the path.`
			`"""`
Implement get password for novaclient This will download and decrypt a base64 encoded encrypted password from the os-server-password extension. It depends on the user having openssl installed, but if there is an error of any kind it will print out the encoded and encrypted password instead. It also implements clear_password which will delete the password so it can no longer be retrieved. Change-Id: I2c4e6c3f03b70dc98d6d339381648a6058f46e21 2013-01-11 14:30:41 -08:00			`unencoded = base64.b64decode(password)`
			`cmd = ['openssl', 'rsautl', '-decrypt', '-inkey', private_key]`
			`proc = subprocess.Popen(cmd, stdin=subprocess.PIPE,`
			`stdout=subprocess.PIPE,`
			`stderr=subprocess.PIPE)`
			`out, err = proc.communicate(unencoded)`
			`proc.stdin.close()`
			`if proc.returncode:`
			`raise DecryptionFailure(err)`
			`return out`