69 lines
2 KiB
Python
69 lines
2 KiB
Python
|
#!/usr/bin/env python3
|
||
|
|
||
|
import hmac
|
||
|
import hashlib
|
||
|
import base64
|
||
|
import argparse
|
||
|
|
||
|
SMTP_REGIONS = [
|
||
|
"us-east-2", # US East (Ohio)
|
||
|
"us-east-1", # US East (N. Virginia)
|
||
|
"us-west-2", # US West (Oregon)
|
||
|
"ap-south-1", # Asia Pacific (Mumbai)
|
||
|
"ap-northeast-2", # Asia Pacific (Seoul)
|
||
|
"ap-southeast-1", # Asia Pacific (Singapore)
|
||
|
"ap-southeast-2", # Asia Pacific (Sydney)
|
||
|
"ap-northeast-1", # Asia Pacific (Tokyo)
|
||
|
"ca-central-1", # Canada (Central)
|
||
|
"eu-central-1", # Europe (Frankfurt)
|
||
|
"eu-west-1", # Europe (Ireland)
|
||
|
"eu-west-2", # Europe (London)
|
||
|
"eu-south-1", # Europe (Milan)
|
||
|
"eu-north-1", # Europe (Stockholm)
|
||
|
"sa-east-1", # South America (Sao Paulo)
|
||
|
"us-gov-west-1", # AWS GovCloud (US)
|
||
|
]
|
||
|
|
||
|
# These values are required to calculate the signature. Do not change them.
|
||
|
DATE = "11111111"
|
||
|
SERVICE = "ses"
|
||
|
MESSAGE = "SendRawEmail"
|
||
|
TERMINAL = "aws4_request"
|
||
|
VERSION = 0x04
|
||
|
|
||
|
|
||
|
def sign(key, msg):
|
||
|
return hmac.new(key, msg.encode("utf-8"), hashlib.sha256).digest()
|
||
|
|
||
|
|
||
|
def calculate_key(secret_access_key, region):
|
||
|
if region not in SMTP_REGIONS:
|
||
|
raise ValueError(f"The {region} Region doesn't have an SMTP endpoint.")
|
||
|
|
||
|
signature = sign(("AWS4" + secret_access_key).encode("utf-8"), DATE)
|
||
|
signature = sign(signature, region)
|
||
|
signature = sign(signature, SERVICE)
|
||
|
signature = sign(signature, TERMINAL)
|
||
|
signature = sign(signature, MESSAGE)
|
||
|
signature_and_version = bytes([VERSION]) + signature
|
||
|
smtp_password = base64.b64encode(signature_and_version)
|
||
|
return smtp_password.decode("utf-8")
|
||
|
|
||
|
|
||
|
def main():
|
||
|
parser = argparse.ArgumentParser(
|
||
|
description="Convert a Secret Access Key to an SMTP password."
|
||
|
)
|
||
|
parser.add_argument("secret", help="The Secret Access Key to convert.")
|
||
|
parser.add_argument(
|
||
|
"region",
|
||
|
help="The AWS Region where the SMTP password will be used.",
|
||
|
choices=SMTP_REGIONS,
|
||
|
)
|
||
|
args = parser.parse_args()
|
||
|
print(calculate_key(args.secret, args.region))
|
||
|
|
||
|
|
||
|
if __name__ == "__main__":
|
||
|
main()
|