Added libs

lockbox/utils.py

@@ -0,0 +1,89 @@
+import os, sys
+import keyring
+import json
+import base64
+from libs.fspn.utils import sha256_util, aes_util, ecdh_util, ecdsa_util
+from libs.app.common.paths import ROOT_DIR
+
+def encrypt_secret(secret: dict, user_password: str) -> str:
+    secret = json.dumps(secret)
+    key = ecdh_util.generate_derived_key(user_password.encode())
+    nonce, ciphertext, mac = aes_util.encrypt(secret.encode(), key)
+
+    payload = {
+        "nonce": base64.b64encode(nonce).decode(),
+        "ciphertext": base64.b64encode(ciphertext).decode(),
+        "mac": base64.b64encode(mac).decode()
+    }
+
+    return json.dumps(payload)
+
+def decrypt_secret(payload_json: str, user_password: str) -> str | None:
+    payload = json.loads(payload_json)
+
+    nonce = base64.b64decode(payload["nonce"])
+    ciphertext = base64.b64decode(payload["ciphertext"])
+    mac = base64.b64decode(payload["mac"])
+
+    key = ecdh_util.generate_derived_key(user_password.encode())
+    plaintext = aes_util.decrypt_and_verify(nonce, ciphertext, mac, key)
+
+    return json.loads(plaintext.decode())
+
+SERVICE_NAME = "NoSys"
+
+def save_credential_data(data, verifying_key_b64, user_password):
+    credential_name = get_credential_name(verifying_key_b64)
+    payload = encrypt_secret(data, user_password)
+    keyring.set_password(credential_name, verifying_key_b64, payload)
+
+def delete_credential(verifying_key_b64):
+    credential_name = get_credential_name(verifying_key_b64)
+    keyring.delete_password(credential_name, verifying_key_b64)
+
+def get_credential_data(verifying_key_b64, user_password):
+    credential_name = get_credential_name(verifying_key_b64)
+    payload = keyring.get_password(credential_name, verifying_key_b64)
+    if payload:
+        data = decrypt_secret(payload, user_password)
+        return data
+    return None
+
+def credential_exists(verifying_key_b64):
+    credential_name = get_credential_name(verifying_key_b64)
+    payload = keyring.get_password(credential_name, verifying_key_b64)
+    if payload:
+        return True
+    return False
+
+def get_credential_name(verifying_key_b64):
+    return f"{SERVICE_NAME}|{verifying_key_b64}"
+
+import json
+import os
+
+HISTORY_FILE = os.path.join(ROOT_DIR, "libs/lockbox", "userHistory.json")
+
+def load_history():
+    if os.path.exists(HISTORY_FILE):
+        with open(HISTORY_FILE, "r") as f:
+            return json.load(f)
+    return []
+
+def save_history(history):
+    with open(HISTORY_FILE, "w") as f:
+        json.dump(history, f, indent=2)
+
+def add_to_history(item):
+    history = load_history()
+    if item not in history:
+        history.append(item)
+        save_history(history)
+
+def delete_from_history(item):
+    history = load_history()
+    if item in history:
+        history.remove(item)
+        save_history(history)
+        return True
+    return False