osmarks
/
potatOS
2
1
Fork 5
Code Issues 2 Pull Requests Releases Wiki Activity
potatOS/genkeys.py

38 lines
1014 B
Python
Executable File
Raw Permalink Blame History

#!/usr/bin/env python3
import ccecc
import getpass
import hashlib
from cryptography.fernet import Fernet
import base64
import os
import sys
def hash_pw(pw, salt):
return hashlib.scrypt(pw.encode("utf-8"), salt=salt, n=2**14, r=8, p=1)[:32]
def encrypt(data, pw):
salt = os.urandom(16)
key = hash_pw(pw, salt)
f = Fernet(base64.urlsafe_b64encode(key))
return base64.b64encode(salt) + b"\n" + f.encrypt(data)
def decrypt(data, pw):
rsalt, encdata = data.split(b"\n", 1)
salt = base64.b64decode(rsalt)
key = hash_pw(pw, salt)
f = Fernet(base64.urlsafe_b64encode(key))
return f.decrypt(encdata)
if __name__ == "__main__":
pw = getpass.getpass()
pwconfirm = getpass.getpass()
if pw != pwconfirm:
print("passwords do not match")
sys.exit(1)
priv, pub = ccecc.keypair()
open("update-key", "wb").write(encrypt(priv, pw))
# for use in generate_manifest.py
def get_key():
return decrypt(open("update-key", "rb").read(), getpass.getpass())
Reference in New Issue View Git Blame Copy Permalink