Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20 System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64 User : apache ( 48) PHP Version : 7.4.20 Disable Function : NONE Directory : /proc/self/root/usr/share/mysqlsh/oci_sdk/oci/auth/ |
# coding: utf-8
# Copyright (c) 2016, 2020, Oracle and/or its affiliates. All rights reserved.
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.asymmetric import rsa
import threading
class SessionKeySupplier(object):
# Magic number recommended by cryptography.io docs. Also see: http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html
PUBLIC_EXPONENT = 65537
def __init__(self, key_size=2048):
"""
A supplier which vends public and private keys, and can refresh the keys it uses.
:param int key_size (optional):
The key size to use when generating private keys. Defaults to 2048 if not provided.
"""
self.key_size = key_size
self.private_key = rsa.generate_private_key(
public_exponent=self.PUBLIC_EXPONENT,
key_size=self.key_size,
backend=default_backend()
)
self._refresh_lock = threading.Lock()
def get_key_pair(self):
self._refresh_lock.acquire()
private_key = self.private_key
self._refresh_lock.release()
return {'private': private_key, 'public': private_key.public_key()}
def refresh(self):
self._refresh_lock.acquire()
try:
self.private_key = rsa.generate_private_key(
public_exponent=self.PUBLIC_EXPONENT,
key_size=self.key_size,
backend=default_backend()
)
finally:
self._refresh_lock.release()