Linux server.edchosting.com 4.18.0-553.79.1.lve.el7h.x86_64 #1 SMP Wed Oct 15 16:34:46 UTC 2025 x86_64
LiteSpeed
Server IP : 75.98.162.185 & Your IP : 216.73.216.163
Domains :
Cant Read [ /etc/named.conf ]
User : goons4good
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
usr /
lib /
python3.6 /
site-packages /
salt /
utils /
Delete
Unzip
Name
Size
Permission
Date
Action
__pycache__
[ DIR ]
drwxr-xr-x
2022-10-11 05:09
decorators
[ DIR ]
drwxr-xr-x
2022-10-11 05:09
dockermod
[ DIR ]
drwxr-xr-x
2022-10-11 05:09
openstack
[ DIR ]
drwxr-xr-x
2022-10-11 05:09
pkg
[ DIR ]
drwxr-xr-x
2022-10-11 05:09
validate
[ DIR ]
drwxr-xr-x
2022-10-11 05:09
__init__.py
237
B
-rw-r--r--
2022-05-16 09:16
aggregation.py
5.17
KB
-rw-r--r--
2022-05-16 09:16
args.py
19.86
KB
-rw-r--r--
2022-05-16 09:16
asynchronous.py
4.07
KB
-rw-r--r--
2022-05-16 09:16
atomicfile.py
5.33
KB
-rw-r--r--
2022-05-16 09:16
aws.py
19.38
KB
-rw-r--r--
2022-05-16 09:16
azurearm.py
11.38
KB
-rw-r--r--
2022-05-16 09:16
beacons.py
517
B
-rw-r--r--
2022-05-16 09:16
boto3_elasticsearch.py
3.73
KB
-rw-r--r--
2022-05-16 09:16
boto3mod.py
8.36
KB
-rw-r--r--
2022-05-16 09:16
boto_elb_tag.py
3.02
KB
-rw-r--r--
2022-05-16 09:16
botomod.py
7.98
KB
-rw-r--r--
2022-05-16 09:16
cache.py
9.81
KB
-rw-r--r--
2022-05-16 09:16
cloud.py
117.04
KB
-rw-r--r--
2022-05-16 09:16
color.py
2.72
KB
-rw-r--r--
2022-05-16 09:16
compat.py
1.81
KB
-rw-r--r--
2022-05-16 09:16
configcomparer.py
3.88
KB
-rw-r--r--
2022-05-16 09:16
configparser.py
10.82
KB
-rw-r--r--
2022-05-16 09:16
context.py
6.8
KB
-rw-r--r--
2022-05-16 09:16
crypt.py
4.71
KB
-rw-r--r--
2022-05-16 09:16
ctx.py
1.42
KB
-rw-r--r--
2022-05-16 09:16
data.py
49.28
KB
-rw-r--r--
2022-05-16 09:16
dateutils.py
2.31
KB
-rw-r--r--
2022-05-16 09:16
debug.py
4.19
KB
-rw-r--r--
2022-05-16 09:16
dictdiffer.py
14.16
KB
-rw-r--r--
2022-05-16 09:16
dicttrim.py
3.9
KB
-rw-r--r--
2022-05-16 09:16
dictupdate.py
11.33
KB
-rw-r--r--
2022-05-16 09:16
dns.py
35.17
KB
-rw-r--r--
2022-05-16 09:16
doc.py
2.25
KB
-rw-r--r--
2022-05-16 09:16
entrypoints.py
2.28
KB
-rw-r--r--
2022-05-16 09:16
environment.py
2.2
KB
-rw-r--r--
2022-05-16 09:16
error.py
1.18
KB
-rw-r--r--
2022-05-16 09:16
etcd_util.py
14.22
KB
-rw-r--r--
2022-05-16 09:16
event.py
52.3
KB
-rw-r--r--
2022-05-16 09:16
extend.py
8.87
KB
-rw-r--r--
2022-05-16 09:16
extmods.py
5.67
KB
-rw-r--r--
2022-05-16 09:16
filebuffer.py
3.15
KB
-rw-r--r--
2022-05-16 09:16
files.py
27.6
KB
-rw-r--r--
2022-05-16 09:16
find.py
22.09
KB
-rw-r--r--
2022-05-16 09:16
fsutils.py
3.29
KB
-rw-r--r--
2022-05-16 09:16
functools.py
5.02
KB
-rw-r--r--
2022-05-16 09:16
gitfs.py
124.49
KB
-rw-r--r--
2022-05-16 09:16
github.py
1.52
KB
-rw-r--r--
2022-05-16 09:16
gzip_util.py
2.86
KB
-rw-r--r--
2022-05-16 09:16
hashutils.py
5.91
KB
-rw-r--r--
2022-05-16 09:16
http.py
34.36
KB
-rw-r--r--
2022-05-16 09:16
iam.py
1.22
KB
-rw-r--r--
2022-05-16 09:16
icinga2.py
754
B
-rw-r--r--
2022-05-16 09:16
idem.py
1.22
KB
-rw-r--r--
2022-05-16 09:16
immutabletypes.py
2.46
KB
-rw-r--r--
2022-05-16 09:16
itertools.py
2.36
KB
-rw-r--r--
2022-05-16 09:16
jid.py
3
KB
-rw-r--r--
2022-05-16 09:16
jinja.py
31.54
KB
-rw-r--r--
2022-05-16 09:16
job.py
6.01
KB
-rw-r--r--
2022-05-16 09:16
json.py
3.78
KB
-rw-r--r--
2022-05-16 09:16
kickstart.py
41.04
KB
-rw-r--r--
2022-05-16 09:16
kinds.py
493
B
-rw-r--r--
2022-05-16 09:16
lazy.py
3.06
KB
-rw-r--r--
2022-05-16 09:16
listdiffer.py
10.9
KB
-rw-r--r--
2022-05-16 09:16
locales.py
2.06
KB
-rw-r--r--
2022-05-16 09:16
mac_utils.py
14.01
KB
-rw-r--r--
2022-05-16 09:16
mako.py
3.63
KB
-rw-r--r--
2022-05-16 09:16
master.py
29.57
KB
-rw-r--r--
2022-05-16 09:16
mattermost.py
1.77
KB
-rw-r--r--
2022-05-16 09:16
memcached.py
3.56
KB
-rw-r--r--
2022-05-16 09:16
migrations.py
1.46
KB
-rw-r--r--
2022-05-16 09:16
mine.py
3.68
KB
-rw-r--r--
2022-05-16 09:16
minion.py
4.13
KB
-rw-r--r--
2022-05-16 09:16
minions.py
43.4
KB
-rw-r--r--
2022-05-16 09:16
mount.py
1.15
KB
-rw-r--r--
2022-05-16 09:16
msazure.py
5.36
KB
-rw-r--r--
2022-05-16 09:16
msgpack.py
4.69
KB
-rw-r--r--
2022-05-16 09:16
nacl.py
13.58
KB
-rw-r--r--
2022-05-16 09:16
namecheap.py
4.32
KB
-rw-r--r--
2022-05-16 09:16
napalm.py
23.79
KB
-rw-r--r--
2022-05-16 09:16
nb_popen.py
7.24
KB
-rw-r--r--
2022-05-16 09:16
network.py
71.07
KB
-rw-r--r--
2022-05-16 09:16
nxos.py
12.94
KB
-rw-r--r--
2022-05-16 09:16
nxos_api.py
4
KB
-rw-r--r--
2022-05-16 09:16
odict.py
13.16
KB
-rw-r--r--
2022-05-16 09:16
oset.py
6.41
KB
-rw-r--r--
2022-05-16 09:16
pagerduty.py
3.03
KB
-rw-r--r--
2022-05-16 09:16
parsers.py
125.31
KB
-rw-r--r--
2022-05-16 09:16
path.py
10.78
KB
-rw-r--r--
2022-05-16 09:16
pbm.py
9.81
KB
-rw-r--r--
2022-05-16 09:16
platform.py
5.16
KB
-rw-r--r--
2022-05-16 09:16
powershell.py
4.15
KB
-rw-r--r--
2022-05-16 09:16
preseed.py
2.64
KB
-rw-r--r--
2022-05-16 09:16
process.py
43.34
KB
-rw-r--r--
2022-05-16 09:16
profile.py
3.21
KB
-rw-r--r--
2022-05-16 09:16
proxy.py
331
B
-rw-r--r--
2022-05-16 09:16
psutil_compat.py
3.65
KB
-rw-r--r--
2022-05-16 09:16
pushover.py
4.51
KB
-rw-r--r--
2022-05-16 09:16
pycrypto.py
5.39
KB
-rw-r--r--
2022-05-16 09:16
pydsl.py
13.74
KB
-rw-r--r--
2022-05-16 09:16
pyobjects.py
10.75
KB
-rw-r--r--
2022-05-16 09:16
reactor.py
19.09
KB
-rw-r--r--
2022-05-16 09:16
reclass.py
752
B
-rw-r--r--
2022-05-16 09:16
roster_matcher.py
3.55
KB
-rw-r--r--
2022-05-16 09:16
rsax931.py
8.07
KB
-rw-r--r--
2022-05-16 09:16
s3.py
8.78
KB
-rw-r--r--
2022-05-16 09:16
saltclass.py
14.27
KB
-rw-r--r--
2022-05-16 09:16
sanitizers.py
2.51
KB
-rw-r--r--
2022-05-16 09:16
schedule.py
70.67
KB
-rw-r--r--
2022-05-16 09:16
schema.py
54.26
KB
-rw-r--r--
2022-05-16 09:16
sdb.py
4.04
KB
-rw-r--r--
2022-05-16 09:16
slack.py
3.57
KB
-rw-r--r--
2022-05-16 09:16
smb.py
11.16
KB
-rw-r--r--
2022-05-16 09:16
smtp.py
3.27
KB
-rw-r--r--
2022-05-16 09:16
ssdp.py
14.75
KB
-rw-r--r--
2022-05-16 09:16
ssh.py
769
B
-rw-r--r--
2022-05-16 09:16
state.py
8.43
KB
-rw-r--r--
2022-05-16 09:16
stringio.py
355
B
-rw-r--r--
2022-05-16 09:16
stringutils.py
16.63
KB
-rw-r--r--
2022-05-16 09:16
systemd.py
5.51
KB
-rw-r--r--
2022-05-16 09:16
templates.py
23.92
KB
-rw-r--r--
2022-05-16 09:16
textformat.py
5.03
KB
-rw-r--r--
2022-05-16 09:16
thin.py
31.64
KB
-rw-r--r--
2022-05-16 09:16
timed_subprocess.py
4.06
KB
-rw-r--r--
2022-05-16 09:16
timeout.py
1.53
KB
-rw-r--r--
2022-05-16 09:16
timeutil.py
2.4
KB
-rw-r--r--
2022-05-16 09:16
url.py
4.96
KB
-rw-r--r--
2022-05-16 09:16
user.py
10.92
KB
-rw-r--r--
2022-05-16 09:16
value.py
247
B
-rw-r--r--
2022-05-16 09:16
vault.py
19.23
KB
-rw-r--r--
2022-05-16 09:16
verify.py
26.97
KB
-rw-r--r--
2022-05-16 09:16
versions.py
16.32
KB
-rw-r--r--
2022-05-16 09:16
virt.py
3.24
KB
-rw-r--r--
2022-05-16 09:16
virtualbox.py
22.43
KB
-rw-r--r--
2022-05-16 09:16
vmware.py
129.74
KB
-rw-r--r--
2022-05-16 09:16
vsan.py
17.18
KB
-rw-r--r--
2022-05-16 09:16
vt.py
30.25
KB
-rw-r--r--
2022-05-16 09:16
vt_helper.py
4.4
KB
-rw-r--r--
2022-05-16 09:16
win_chcp.py
3.7
KB
-rw-r--r--
2022-05-16 09:16
win_dacl.py
94.69
KB
-rw-r--r--
2022-05-16 09:16
win_dotnet.py
4.75
KB
-rw-r--r--
2022-05-16 09:16
win_functions.py
12.69
KB
-rw-r--r--
2022-05-16 09:16
win_lgpo_auditpol.py
8.48
KB
-rw-r--r--
2022-05-16 09:16
win_lgpo_netsh.py
17.87
KB
-rw-r--r--
2022-05-16 09:16
win_network.py
12.41
KB
-rw-r--r--
2022-05-16 09:16
win_osinfo.py
2.83
KB
-rw-r--r--
2022-05-16 09:16
win_pdh.py
13.85
KB
-rw-r--r--
2022-05-16 09:16
win_reg.py
30.05
KB
-rw-r--r--
2022-05-16 09:16
win_runas.py
10.55
KB
-rw-r--r--
2022-05-16 09:16
win_service.py
5.2
KB
-rw-r--r--
2022-05-16 09:16
win_system.py
14.47
KB
-rw-r--r--
2022-05-16 09:16
win_update.py
40.36
KB
-rw-r--r--
2022-05-16 09:16
winapi.py
818
B
-rw-r--r--
2022-05-16 09:16
xdg.py
316
B
-rw-r--r--
2022-05-16 09:16
xmlutil.py
13.91
KB
-rw-r--r--
2022-05-16 09:16
yaml.py
348
B
-rw-r--r--
2022-05-16 09:16
yamldumper.py
3.38
KB
-rw-r--r--
2022-05-16 09:16
yamlencoding.py
1.55
KB
-rw-r--r--
2022-05-16 09:16
yamlloader.py
6.21
KB
-rw-r--r--
2022-05-16 09:16
yamlloader_old.py
8.33
KB
-rw-r--r--
2022-05-16 09:16
yast.py
619
B
-rw-r--r--
2022-05-16 09:16
zeromq.py
1.65
KB
-rw-r--r--
2022-05-16 09:16
zfs.py
19.2
KB
-rw-r--r--
2022-05-16 09:16
Save
Rename
""" Common code shared between the nacl module and runner. """ import base64 import logging import os import salt.syspaths import salt.utils.files import salt.utils.platform import salt.utils.stringutils import salt.utils.versions import salt.utils.win_dacl import salt.utils.win_functions log = logging.getLogger(__name__) REQ_ERROR = None try: import libnacl.secret import libnacl.sealed except (ImportError, OSError) as e: REQ_ERROR = ( "libnacl import error, perhaps missing python libnacl package or should update." ) __virtualname__ = "nacl" def __virtual__(): if __opts__["fips_mode"] is True: return False, "nacl utils not available in FIPS mode" return check_requirements() def check_requirements(): """ Check required libraries are available """ return (REQ_ERROR is None, REQ_ERROR) def _get_config(**kwargs): """ Return configuration """ sk_file = kwargs.get("sk_file") if not sk_file: sk_file = os.path.join(kwargs["opts"].get("pki_dir"), "master/nacl") pk_file = kwargs.get("pk_file") if not pk_file: pk_file = os.path.join(kwargs["opts"].get("pki_dir"), "master/nacl.pub") config = { "box_type": kwargs.get("box_type", "sealedbox"), "sk": None, "sk_file": sk_file, "pk": None, "pk_file": pk_file, } config_key = "{}.config".format(__virtualname__) try: config.update(__salt__["config.get"](config_key, {})) except (NameError, KeyError) as e: # likely using salt-run so fallback to __opts__ config.update(kwargs["opts"].get(config_key, {})) # pylint: disable=C0201 for k in set(config.keys()) & set(kwargs.keys()): config[k] = kwargs[k] return config def _get_sk(**kwargs): """ Return sk """ config = _get_config(**kwargs) key = None if config["sk"]: key = salt.utils.stringutils.to_str(config["sk"]) sk_file = config["sk_file"] if not key and sk_file: try: with salt.utils.files.fopen(sk_file, "rb") as keyf: key = salt.utils.stringutils.to_unicode(keyf.read()).rstrip("\n") except OSError: raise Exception("no key or sk_file found") return base64.b64decode(key) def _get_pk(**kwargs): """ Return pk """ config = _get_config(**kwargs) pubkey = None if config["pk"]: pubkey = salt.utils.stringutils.to_str(config["pk"]) pk_file = config["pk_file"] if not pubkey and pk_file: try: with salt.utils.files.fopen(pk_file, "rb") as keyf: pubkey = salt.utils.stringutils.to_unicode(keyf.read()).rstrip("\n") except OSError: raise Exception("no pubkey or pk_file found") pubkey = str(pubkey) return base64.b64decode(pubkey) def keygen(sk_file=None, pk_file=None, **kwargs): """ Use libnacl to generate a keypair. If no `sk_file` is defined return a keypair. If only the `sk_file` is defined `pk_file` will use the same name with a postfix `.pub`. When the `sk_file` is already existing, but `pk_file` is not. The `pk_file` will be generated using the `sk_file`. CLI Examples: .. code-block:: bash salt-call nacl.keygen salt-call nacl.keygen sk_file=/etc/salt/pki/master/nacl salt-call nacl.keygen sk_file=/etc/salt/pki/master/nacl pk_file=/etc/salt/pki/master/nacl.pub salt-call --local nacl.keygen sk_file Path to where there secret key exists. The argrument ``keyfile`` was deprecated in favor of ``sk_file``. ``keyfile`` will continue to work to ensure backwards compatbility, but please use the preferred ``sk_file``. """ if "keyfile" in kwargs: sk_file = kwargs["keyfile"] if sk_file is None: kp = libnacl.public.SecretKey() return {"sk": base64.b64encode(kp.sk), "pk": base64.b64encode(kp.pk)} if pk_file is None: pk_file = "{}.pub".format(sk_file) if sk_file and pk_file is None: if not os.path.isfile(sk_file): kp = libnacl.public.SecretKey() with salt.utils.files.fopen(sk_file, "wb") as keyf: keyf.write(base64.b64encode(kp.sk)) if salt.utils.platform.is_windows(): cur_user = salt.utils.win_functions.get_current_user() salt.utils.win_dacl.set_owner(sk_file, cur_user) salt.utils.win_dacl.set_permissions( sk_file, cur_user, "full_control", "grant", reset_perms=True, protected=True, ) else: # chmod 0600 file os.chmod(sk_file, 1536) return "saved sk_file: {}".format(sk_file) else: raise Exception("sk_file:{} already exist.".format(sk_file)) if sk_file is None and pk_file: raise Exception("sk_file: Must be set inorder to generate a public key.") if os.path.isfile(sk_file) and os.path.isfile(pk_file): raise Exception( "sk_file:{} and pk_file:{} already exist.".format(sk_file, pk_file) ) if os.path.isfile(sk_file) and not os.path.isfile(pk_file): # generate pk using the sk with salt.utils.files.fopen(sk_file, "rb") as keyf: sk = salt.utils.stringutils.to_unicode(keyf.read()).rstrip("\n") sk = base64.b64decode(sk) kp = libnacl.public.SecretKey(sk) with salt.utils.files.fopen(pk_file, "wb") as keyf: keyf.write(base64.b64encode(kp.pk)) return "saved pk_file: {}".format(pk_file) kp = libnacl.public.SecretKey() with salt.utils.files.fopen(sk_file, "wb") as keyf: keyf.write(base64.b64encode(kp.sk)) if salt.utils.platform.is_windows(): cur_user = salt.utils.win_functions.get_current_user() salt.utils.win_dacl.set_owner(sk_file, cur_user) salt.utils.win_dacl.set_permissions( sk_file, cur_user, "full_control", "grant", reset_perms=True, protected=True ) else: # chmod 0600 file os.chmod(sk_file, 1536) with salt.utils.files.fopen(pk_file, "wb") as keyf: keyf.write(base64.b64encode(kp.pk)) return "saved sk_file:{} pk_file: {}".format(sk_file, pk_file) def enc(data, **kwargs): """ Alias to `{box_type}_encrypt` box_type: secretbox, sealedbox(default) sk_file Path to where there secret key exists. The argrument ``keyfile`` was deprecated in favor of ``sk_file``. ``keyfile`` will continue to work to ensure backwards compatbility, but please use the preferred ``sk_file``. sk Secret key contents. The argument ``key`` was deprecated in favor of ``sk``. ``key`` will continue to work to ensure backwards compatibility, but please use the preferred ``sk``. """ if "keyfile" in kwargs: kwargs["sk_file"] = kwargs["keyfile"] # set boxtype to `secretbox` to maintain backward compatibility kwargs["box_type"] = "secretbox" if "key" in kwargs: kwargs["sk"] = kwargs["key"] # set boxtype to `secretbox` to maintain backward compatibility kwargs["box_type"] = "secretbox" box_type = _get_config(**kwargs)["box_type"] if box_type == "secretbox": return secretbox_encrypt(data, **kwargs) return sealedbox_encrypt(data, **kwargs) def enc_file(name, out=None, **kwargs): """ This is a helper function to encrypt a file and return its contents. You can provide an optional output file using `out` `name` can be a local file or when not using `salt-run` can be a url like `salt://`, `https://` etc. CLI Examples: .. code-block:: bash salt-run nacl.enc_file name=/tmp/id_rsa salt-call nacl.enc_file name=salt://crt/mycert out=/tmp/cert salt-run nacl.enc_file name=/tmp/id_rsa box_type=secretbox \ sk_file=/etc/salt/pki/master/nacl.pub """ try: data = __salt__["cp.get_file_str"](name) except Exception as e: # pylint: disable=broad-except # likly using salt-run so fallback to local filesystem with salt.utils.files.fopen(name, "rb") as f: data = salt.utils.stringutils.to_unicode(f.read()) d = enc(data, **kwargs) if out: if os.path.isfile(out): raise Exception("file:{} already exist.".format(out)) with salt.utils.files.fopen(out, "wb") as f: f.write(salt.utils.stringutils.to_bytes(d)) return "Wrote: {}".format(out) return d def dec(data, **kwargs): """ Alias to `{box_type}_decrypt` box_type: secretbox, sealedbox(default) sk_file Path to where there secret key exists. The argrument ``keyfile`` was deprecated in favor of ``sk_file``. ``keyfile`` will continue to work to ensure backwards compatbility, but please use the preferred ``sk_file``. sk Secret key contents. The argument ``key`` was deprecated in favor of ``sk``. ``key`` will continue to work to ensure backwards compatibility, but please use the preferred ``sk``. """ if "keyfile" in kwargs: kwargs["sk_file"] = kwargs["keyfile"] # set boxtype to `secretbox` to maintain backward compatibility kwargs["box_type"] = "secretbox" if "key" in kwargs: kwargs["sk"] = kwargs["key"] # set boxtype to `secretbox` to maintain backward compatibility kwargs["box_type"] = "secretbox" box_type = _get_config(**kwargs)["box_type"] if box_type == "secretbox": return secretbox_decrypt(data, **kwargs) return sealedbox_decrypt(data, **kwargs) def dec_file(name, out=None, **kwargs): """ This is a helper function to decrypt a file and return its contents. You can provide an optional output file using `out` `name` can be a local file or when not using `salt-run` can be a url like `salt://`, `https://` etc. CLI Examples: .. code-block:: bash salt-run nacl.dec_file name=/tmp/id_rsa.nacl salt-call nacl.dec_file name=salt://crt/mycert.nacl out=/tmp/id_rsa salt-run nacl.dec_file name=/tmp/id_rsa.nacl box_type=secretbox \ sk_file=/etc/salt/pki/master/nacl.pub """ try: data = __salt__["cp.get_file_str"](name) except Exception as e: # pylint: disable=broad-except # likly using salt-run so fallback to local filesystem with salt.utils.files.fopen(name, "rb") as f: data = salt.utils.stringutils.to_unicode(f.read()) d = dec(data, **kwargs) if out: if os.path.isfile(out): raise Exception("file:{} already exist.".format(out)) with salt.utils.files.fopen(out, "wb") as f: f.write(salt.utils.stringutils.to_bytes(d)) return "Wrote: {}".format(out) return d def sealedbox_encrypt(data, **kwargs): """ Encrypt data using a public key generated from `nacl.keygen`. The encryptd data can be decrypted using `nacl.sealedbox_decrypt` only with the secret key. CLI Examples: .. code-block:: bash salt-run nacl.sealedbox_encrypt datatoenc salt-call --local nacl.sealedbox_encrypt datatoenc pk_file=/etc/salt/pki/master/nacl.pub salt-call --local nacl.sealedbox_encrypt datatoenc pk='vrwQF7cNiNAVQVAiS3bvcbJUnF0cN6fU9YTZD9mBfzQ=' """ # ensure data is in bytes data = salt.utils.stringutils.to_bytes(data) pk = _get_pk(**kwargs) b = libnacl.sealed.SealedBox(pk) return base64.b64encode(b.encrypt(data)) def sealedbox_decrypt(data, **kwargs): """ Decrypt data using a secret key that was encrypted using a public key with `nacl.sealedbox_encrypt`. CLI Examples: .. code-block:: bash salt-call nacl.sealedbox_decrypt pEXHQM6cuaF7A= salt-call --local nacl.sealedbox_decrypt data='pEXHQM6cuaF7A=' sk_file=/etc/salt/pki/master/nacl salt-call --local nacl.sealedbox_decrypt data='pEXHQM6cuaF7A=' sk='YmFkcGFzcwo=' """ if data is None: return None # ensure data is in bytes data = salt.utils.stringutils.to_bytes(data) sk = _get_sk(**kwargs) keypair = libnacl.public.SecretKey(sk) b = libnacl.sealed.SealedBox(keypair) return b.decrypt(base64.b64decode(data)) def secretbox_encrypt(data, **kwargs): """ Encrypt data using a secret key generated from `nacl.keygen`. The same secret key can be used to decrypt the data using `nacl.secretbox_decrypt`. CLI Examples: .. code-block:: bash salt-run nacl.secretbox_encrypt datatoenc salt-call --local nacl.secretbox_encrypt datatoenc sk_file=/etc/salt/pki/master/nacl salt-call --local nacl.secretbox_encrypt datatoenc sk='YmFkcGFzcwo=' """ # ensure data is in bytes data = salt.utils.stringutils.to_bytes(data) sk = _get_sk(**kwargs) b = libnacl.secret.SecretBox(sk) return base64.b64encode(b.encrypt(data)) def secretbox_decrypt(data, **kwargs): """ Decrypt data that was encrypted using `nacl.secretbox_encrypt` using the secret key that was generated from `nacl.keygen`. CLI Examples: .. code-block:: bash salt-call nacl.secretbox_decrypt pEXHQM6cuaF7A= salt-call --local nacl.secretbox_decrypt data='pEXHQM6cuaF7A=' sk_file=/etc/salt/pki/master/nacl salt-call --local nacl.secretbox_decrypt data='pEXHQM6cuaF7A=' sk='YmFkcGFzcwo=' """ if data is None: return None # ensure data is in bytes data = salt.utils.stringutils.to_bytes(data) key = _get_sk(**kwargs) b = libnacl.secret.SecretBox(key=key) return b.decrypt(base64.b64decode(data))