mirror of
https://github.com/quay/quay.git
synced 2026-01-26 06:21:37 +03:00
4785f2d119
Since we're already using the cryptography package elsewhere, there is no need to have 2 different crypto packages as dependencies.
34 lines
1.1 KiB
Python
34 lines
1.1 KiB
Python
import itertools
|
|
import uuid
|
|
|
|
|
|
# TODO(kleesc): There are probably better key derivation functions, but that would require existing ones to be rotated.
|
|
# Reference: https://cryptography.io/en/latest/hazmat/primitives/key-derivation-functions.html
|
|
def convert_secret_key(config_secret_key):
|
|
"""
|
|
Converts the secret key from the app config into a secret key that is usable by AES Cipher.
|
|
"""
|
|
secret_key = None
|
|
|
|
# First try parsing the key as an int.
|
|
try:
|
|
big_int = int(config_secret_key)
|
|
secret_key = bytearray.fromhex("{:02x}".format(big_int))
|
|
except ValueError:
|
|
pass
|
|
|
|
# Next try parsing it as an UUID.
|
|
if secret_key is None:
|
|
try:
|
|
secret_key = uuid.UUID(config_secret_key).bytes
|
|
except ValueError:
|
|
pass
|
|
|
|
if secret_key is None:
|
|
secret_key = bytearray(list(map(ord, config_secret_key)))
|
|
|
|
# Otherwise, use the bytes directly.
|
|
assert len(secret_key) > 0
|
|
|
|
return b"".join(itertools.islice(itertools.cycle([bytes([b]) for b in secret_key]), 32))
|