From b8f534df011fd3b16a182d25f627876aeecfee07 Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Wed, 2 Jul 2014 14:12:44 -0700
Subject: Remove keyring support from openstackclient

* The encryption it purports to offer is completely insecure.
* It also appears to be broken.

Closes-Bug: #1319381
Change-Id: Id15ecfbbfd15f142b14c125bfd85afd5032699ac
---
 openstackclient/common/openstackkeyring.py | 60 ------------------------------
 1 file changed, 60 deletions(-)
 delete mode 100644 openstackclient/common/openstackkeyring.py

(limited to 'openstackclient/common/openstackkeyring.py')

diff --git a/openstackclient/common/openstackkeyring.py b/openstackclient/common/openstackkeyring.py
deleted file mode 100644
index 30450e80..00000000
--- a/openstackclient/common/openstackkeyring.py
+++ /dev/null
@@ -1,60 +0,0 @@
-#   Copyright 2011-2013 OpenStack, LLC.
-#
-#   Licensed under the Apache License, Version 2.0 (the "License"); you may
-#   not use this file except in compliance with the License. You may obtain
-#   a copy of the License at
-#
-#        http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-#   WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-#   License for the specific language governing permissions and limitations
-#   under the License.
-#
-
-"""Keyring backend for OpenStack, to store encrypted password in a file."""
-
-from Crypto.Cipher import AES
-
-import keyring
-import os
-
-
-KEYRING_FILE = os.path.join(os.path.expanduser('~'), '.openstack-keyring.cfg')
-
-
-class OpenStackKeyring(keyring.backends.file.BaseKeyring):
-    """OpenStack Keyring to store encrypted password."""
-    filename = KEYRING_FILE
-
-    def supported(self):
-        """Applicable for all platforms, but not recommend."""
-        pass
-
-    def _init_crypter(self):
-        """Initialize the crypter using the class name."""
-        block_size = 32
-        padding = '0'
-
-        # init the cipher with the class name, up to block_size
-        password = __name__[block_size:]
-        password = password + (block_size - len(password) %
-                               block_size) * padding
-        return AES.new(password, AES.MODE_CFB)
-
-    def encrypt(self, password):
-        """Encrypt the given password."""
-        crypter = self._init_crypter()
-        return crypter.encrypt(password)
-
-    def decrypt(self, password_encrypted):
-        """Decrypt the given password."""
-        crypter = self._init_crypter()
-        return crypter.decrypt(password_encrypted)
-
-
-def os_keyring():
-    """Initialize the openstack keyring."""
-    ring = 'openstackclient.common.openstackkeyring.OpenStackKeyring'
-    return keyring.core.load_keyring(None, ring)
-- 
cgit v1.2.1