forked from github/szkolny
58 lines
1.4 KiB
Python
58 lines
1.4 KiB
Python
import base64
|
|
import secrets
|
|
from hashlib import sha256
|
|
from typing import Tuple
|
|
|
|
import mysql.connector as mysql
|
|
from Crypto.Cipher import AES
|
|
|
|
|
|
def get_password(
|
|
version_name: str,
|
|
version_code: int,
|
|
db_host: str,
|
|
db_user: str,
|
|
db_pass: str,
|
|
db_name: str,
|
|
) -> Tuple[str, bytes]:
|
|
db = mysql.connect(
|
|
host=db_host,
|
|
user=db_user,
|
|
password=db_pass,
|
|
database=db_name,
|
|
auth_plugin="mysql_native_password",
|
|
)
|
|
|
|
print(f"Generating passwords for version {version_name} ({version_code})")
|
|
|
|
password = base64.b64encode(secrets.token_bytes(16)).decode()
|
|
iv = secrets.token_bytes(16)
|
|
|
|
key = f"{version_name}.{password}.{version_code}"
|
|
key = sha256(key.encode()).digest()
|
|
data = "ThisIsOurHardWorkPleaseDoNotCopyOrSteal(c)2019.KubaSz"
|
|
data = sha256(data.encode()).digest()
|
|
data = data + (chr(16) * 16).encode()
|
|
|
|
aes = AES.new(key=key, mode=AES.MODE_CBC, iv=iv)
|
|
|
|
app_password = base64.b64encode(aes.encrypt(data)).decode()
|
|
|
|
c = db.cursor()
|
|
c.execute(
|
|
"INSERT IGNORE INTO _appPasswords (versionCode, appPassword, password, iv) VALUES (%s, %s, %s, %s);",
|
|
(version_code, app_password, password, iv),
|
|
)
|
|
db.commit()
|
|
|
|
c = db.cursor()
|
|
c.execute(
|
|
"SELECT password, iv FROM _appPasswords WHERE versionCode = %s;",
|
|
(version_code,),
|
|
)
|
|
row = c.fetchone()
|
|
|
|
db.close()
|
|
|
|
return (row[0], row[1])
|