diff options
author | Sandy Walsh <sandy.walsh@rackspace.com> | 2011-05-11 06:28:07 -0700 |
---|---|---|
committer | Sandy Walsh <sandy.walsh@rackspace.com> | 2011-05-11 06:28:07 -0700 |
commit | eb0619c91b4756d355b7a5cd5c1f16d342f14a6b (patch) | |
tree | 9ff60eeffb5581dfb2509e5cae64f5a5cc0de67f /nova/crypto.py | |
parent | 5f2bfe56cf12d8f45ae24a5c9dd0c99e6c4d0310 (diff) | |
download | nova-eb0619c91b4756d355b7a5cd5c1f16d342f14a6b.tar.gz |
First cut with tests passing
Diffstat (limited to 'nova/crypto.py')
-rw-r--r-- | nova/crypto.py | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/nova/crypto.py b/nova/crypto.py index 14b9cbef6b..bdc32482ab 100644 --- a/nova/crypto.py +++ b/nova/crypto.py @@ -332,6 +332,51 @@ def mkcacert(subject='nova', years=1): return cert, pk, pkey +def _build_cipher(key, iv, encode=True): + """Make a 128bit AES CBC encode/decode Cipher object. + Padding is handled internally.""" + operation = 1 if encode else 0 + return M2Crypto.EVP.Cipher(alg='aes_128_cbc', key=key, iv=iv, op=operation) + + +def encryptor(key, iv=None): + """Simple symmetric key encryption.""" + key = base64.b64decode(key) + if iv is None: + iv = '\0' * 16 + else: + iv = base64.b64decode(iv) + + def encrypt(data): + cipher = _build_cipher(key, iv, encode=True) + v = cipher.update(data) + v = v + cipher.final() + del cipher + v = base64.b64encode(v) + return v + + return encrypt + + +def decryptor(key, iv=None): + """Simple symmetric key decryption.""" + key = base64.b64decode(key) + if iv is None: + iv = '\0' * 16 + else: + iv = base64.b64decode(iv) + + def decrypt(data): + data = base64.b64decode(data) + cipher = _build_cipher(key, iv, encode=False) + v = cipher.update(data) + v = v + cipher.final() + del cipher + return v + + return decrypt + + # Copyright (c) 2006-2009 Mitch Garnaat http://garnaat.org/ # # Permission is hereby granted, free of charge, to any person obtaining a |