Sunday, July 26, 2009

Win32CryptoKeyring and CryptedFileKeyring

We've finished the keyring for Windows: Win32CryptoKeyring. It is based on the Windows's CryptAPI. CryptAPI is a set of APIs which can encrypt/decrpty the data using the login user's info. Thus, the user dose not need to type in the password when he/she is going to unlock the data.

We've also created a CryptedFileKeyring in the similar way. The difference between Win32CryptoKeyring and CryptedFileKeyring is that CryptedFileKeyring uses the AES algorithm provided by PyCrypto to encrypt/decrypt users' passwords. This results that CryptedFileKeyring need the user input their password in encryption/decryption. This may be annoying, so this keyring is not encouraged for daily use.

Both keyrings extend the BasicFileKeyring in the lib. BasicFileKeyring is the abstract base class for general file keyring which supports encryption/decryption. You can created a keyring with your encrypt/decrypt algorithms by easily extending BasicFileKeyring.

For example, here is the source code for the UncryptedFileKeyring of the lib. 
class UncrpytedFileKeyring(BasicFileKeyring):
    """A simple filekeyring which dose not encrypt the password.
    """
    def filename(self):
        """Return the filename of the password file. It should be
        "keyring_password.cfg" for Windows, ".keyring_password" for other
        platforms.
        """
        import sys
        if sys.platform in ['win32']:
            return "keyring_password.cfg"
        return ".keyring_password"

    def encrypt(self, password):
        """Directly return the password itself.
        """
        return password
    def decrypt(self, password_encrypted):
        """Directly return encrypted password.
        """
        return password_encrypted

    def supported(self):
        """Applicable for all platforms, but do not recommend.
        """
        return 0
Since UncryptFileKeyring dose not encrypt the password, its implementation is simple. The BasicFileKeyring handle all file parsing/stroring affairs. Here we just need due with the encryption/decryption.

Notice that there is a supported() method for the keyring. It is a new abstract method added for the KeyringBackend. Every keyring needs implement this method to tell if it is applicable for current environment.

We've also polish the code according to PEP 008. So some method names have been changed. Here is the new definition for the KeyringBackend. 
class KeyringBackend():
    """The abstract base class of the keyring, every backend must implement
    this interface.
    """
    __metaclass__ = ABCMeta

    @abstractmethod
    def supported(self):
        """Return if this keyring supports current enviroment.
        -1: not applicable
         0: suitable
         1: recommended
        """
        return -1

    @abstractmethod
    def get_password(self, service, username): 
        """Get password of the username for the service
        """
        pass

    @abstractmethod
    def set_password(self, service, username, password): 
        """Set password for the username of the service
        """
        return -1

For more information, please visit our repository.
Posted by Kang Zhang at 7:22 PM

4 comments:

  1. Most people in fashion know that Coach bags is a very reputable and prestigious brand. Furthermore, Coach Gallery is extremely well known for Coach Legacy and backpacks (bags in other words). You can find Coach Luggage in a variety of sizes, colors, and styles that are sure to meet your individual needs.
    If in a hurry, you can match Hogan scarpe with any garments and you will be ready to ride off. Being keep an eye of through your fancy Hogan scarpe donna , you will definitely be the glamorous and smart one wherever you are at. The comfortable hogan donna gives allow you to play all day long without getting fatigue on your feet. Style with Hogan scarpe uomo today!
    To tell you a little more, I started searching the Internet for a wholesaleTHE MANY LOVES OF DOBIE GILLIS list that can give me the prices I was looking for both my THE MANY LOVES OF DOBIE GILLIS DVD collection and my store on the Internet. I found them, the THE MANY LOVES OF DOBIE GILLIS DVD COLLECTION distributors that I found are profitable- just in case you decide to build a DVD store business in the future either online or offline.
    ReplyDelete
  2. Both the methods are really useful. But if the Crypt API is not used during installation and my public/private key pairs have been removed from the registry database, then does key container really work on that situation?
    ReplyDelete
  3. Thanks for the great information. Our forums are also powered by phpBB which is a bulletin board solution released under the “General Public License” (hereinafter “GPL”).
    ReplyDelete
  4. I see these are great apps. I just hope that the password would be encrypted. I know there will still be ways to decrypt them but at least you can make it a little bit harder for them to crack. Fashion Handbags
    ReplyDelete

Subscribe to: Post Comments (Atom)