5,32 → 5,6 |
Relevation Password Printer |
a command line interface to Revelation Password Manager. |
|
Copyright (c) 2011, Toni Corvera |
All rights reserved. |
|
Redistribution and use in source and binary forms, with or without |
modification, are permitted provided that the following conditions are |
met: |
1. Redistributions of source code must retain the above copyright |
notice, this list of conditions and the following disclaimer. |
2. Redistributions in binary form must reproduce the above copyright |
notice, this list of conditions and the following disclaimer in the |
documentation and/or other materials provided with the distribution. |
|
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" |
AND EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE |
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
POSSIBILITY OF SUCH DAMAGE. |
|
--------------------------------------------------------------------- |
|
Code based on Revelation's former BTS (no longer online, not archived?): |
(ref1) code: |
http://oss.wired-networks.net/bugzilla/attachment.cgi?id=13&action=view |
39,22 → 13,100 |
-> http://web.archive.org/http://oss.wired-networks.net/bugzilla/show_bug.cgi?id=111 |
(ref3) http://docs.python.org/library/zlib.html |
""" |
from Crypto.Cipher import AES |
# Relevation Password Printer |
# |
# Copyright (c) 2011, Toni Corvera |
# All rights reserved. |
# |
# Redistribution and use in source and binary forms, with or without |
# modification, are permitted provided that the following conditions are |
# met: |
# 1. Redistributions of source code must retain the above copyright |
# notice, this list of conditions and the following disclaimer. |
# 2. Redistributions in binary form must reproduce the above copyright |
# notice, this list of conditions and the following disclaimer in the |
# documentation and/or other materials provided with the distribution. |
# |
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" |
# AND EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE |
# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
# POSSIBILITY OF SUCH DAMAGE. |
|
import ConfigParser |
import getopt |
import libxml2 |
from lxml import etree |
import os |
import stat |
import sys |
import zlib |
# Help py2exe in packaging lxml |
# <http://www.py2exe.org/index.cgi/WorkingWithVariousPackagesAndModules> |
import lxml._elementpath as _dummy |
import gzip # py2exe again |
|
USE_PYCRYPTO = True |
|
try: |
from Crypto.Cipher import AES |
except ImportError: |
USE_PYCRYPTO = False |
try: |
from crypto.cipher import rijndael, cbc |
from crypto.cipher.base import noPadding |
except ImportError: |
sys.stderr.write('Either PyCrypto or cryptopy are required\n') |
raise |
|
__author__ = 'Toni Corvera' |
__date__ = '$Date$' |
__revision__ = '$Rev$' |
__version_info__ = ( 1, 0 ) #, 0 ) |
__version_info__ = ( 1, 1 ) #, 0 ) |
__version__ = '.'.join(map(str, __version_info__)) |
RELEASE=True |
|
# These are pseudo-standardized exit codes, in Linux (*NIX?) they are defined |
#+in the header </usr/include/sysexits.h> and available as properties of 'os' |
#+In windows they aren't defined at all |
|
if 'EX_OK' not in dir(os): |
# If not defined set them manually |
codes = { 'EX_OK': 0, 'EX_USAGE': 64, 'EX_DATAERR': 65, |
'EX_NOINPUT': 66, 'EX_SOFTWARE': 70, 'EX_IOERR': 74, |
} |
for (k,v) in codes.items(): |
setattr(os, k, v) |
del codes, k, v |
|
TAGNAMES ={ 'generic-url': 'Url:', |
'generic-username': 'Username:', |
'generic-password': 'Password:', |
'generic-email': 'Email:', |
'generic-hostname': 'Hostname:', |
'generic-location': 'Location:', |
'generic-code': 'Code:', |
'generic-certificate': 'Certificate:', |
'generic-database': 'Database:', |
'generic-domain': 'Domain:', |
'generic-keyfile': 'Key file:', |
'generic-pin': 'PIN', |
'generic-port': 'Port' |
} |
|
def printe(s): |
' Print to stderr ' |
sys.stderr.write(s+'\n') |
|
def printen(s): |
' Print to stderr without added newline ' |
sys.stderr.write(s) |
|
def usage(channel): |
' Print help message ' |
def p(s): |
78,25 → 130,8 |
p(' --version Print the program\'s version information.\n') |
p('\n') |
|
def get_entries(document, xpath): |
""" |
get_entries(xmlDoc, str xpath expression) -> list of xmlNode's |
|
Get entry nodes that match xpath |
""" |
ctx = document.xpathNewContext() |
try: |
res = ctx.xpathEval(xpath) |
except libxml2.xpathError: |
if not RELEASE: |
sys.stderr.write('Failed with xpath expression: %s\n' % xpath) |
raise |
finally: |
ctx.xpathFreeContext() |
return res |
|
def make_xpath_query(search_text=None, type_filter=None, ignore_case=True, negate_filter=False): |
''' |
''' Construct the actual XPath expression |
make_xpath_query(str, str, bool, bool) -> str |
''' |
xpath = '/revelationdata//entry' |
115,17 → 150,20 |
|
def dump_all_entries(xmldata): |
' Dump all entries from xmldata, with no filter at all ' |
doc = libxml2.parseDoc(xmldata) |
res = get_entries(doc, '//entry') |
nr = dump_result(res, 'all') |
doc.freeDoc() |
return nr |
tree = etree.fromstring(xmldata) |
res = tree.xpath('//entry') |
return dump_result(res, 'all') |
|
def dump_entries(xmldata, search_text=None, type_filter=None, ignore_case=True, negate_filter=False): |
' Dump entries from xmldata that match criteria ' |
doc = libxml2.parseDoc(xmldata) |
tree = etree.fromstring(xmldata) |
xpath = make_xpath_query(search_text, type_filter, ignore_case, negate_filter) |
res = get_entries(doc, xpath) |
try: |
res = tree.xpath(xpath) |
except etree.XPathEvalError: |
if not RELEASE: |
printe('Failed with xpath expression: %s' % xpath) |
raise |
query_desc = '' |
if search_text: |
query_desc = '"%s"' % search_text |
138,14 → 176,14 |
else: |
query_desc = '%s%s entries' % ( neg, type_filter ) |
nr = dump_result(res, query_desc) |
doc.freeDoc() |
return nr |
|
def dump_result(res, query_desc): |
def print_wrapper(s): |
print s |
|
def dump_result(res, query_desc, printfn=print_wrapper): |
''' Print query results. |
dump_result(list of entries, query description) -> int |
|
Note the XML document can't be freed before calling this function. |
''' |
print '-> Search %s: ' % query_desc, |
if not len(res): |
152,48 → 190,31 |
print 'No results' |
return False |
print '%d matches' % len(res) |
tagnames ={ 'generic-url': 'Url:', |
'generic-username': 'Username:', |
'generic-password': 'Password:', |
'generic-email': 'Email:', |
'generic-hostname': 'Hostname:', |
'generic-location': 'Location:', |
'generic-code': 'Code:', |
'generic-certificate': 'Certificate:', |
'generic-database': 'Database:', |
'generic-domain': 'Domain:', |
'generic-keyfile': 'Key file:', |
'generic-pin': 'PIN', |
'generic-port': 'Port' |
} |
for x in res: |
sys.stderr.write('-------------------------------------------------------------------------------\n') |
print '' |
for attr in x.properties: # Is it accessible directly? |
if attr.name == 'type': |
print 'Type:',attr.children |
for chld in x.children: |
n = chld.name |
val = chld.content |
printe('-------------------------------------------------------------------------------') |
s = '\n' |
s += 'Type: %s\n' % x.get('type') |
for chld in x.getchildren(): |
n = chld.tag |
val = chld.text |
if n == 'name': |
print 'Name:',val |
s += 'Name: %s\n' % val |
elif n == 'description': |
print 'Description:',val |
s += 'Description: %s\n' % val |
elif n == 'field': |
for attr in chld.properties: |
if attr.name == 'id': |
idv = attr.content |
if idv in tagnames: |
idv = tagnames[idv] |
print idv,chld.content |
print '' |
idv = chld.get('id') |
if idv in TAGNAMES: |
idv = TAGNAMES[idv] |
s += '%s %s\n' % ( idv, chld.text ) |
#s += '\n' |
printfn(s) |
# / for chld in x.children |
nr = len(res) |
plural = '' |
if nr > 1: |
plural = 's' |
sys.stderr.write('-------------------------------------------------------------------------------\n') |
sys.stderr.write('<- (end of %d result%s for {%s})\n\n' % ( nr, plural, query_desc )) |
printe('-------------------------------------------------------------------------------') |
printe('<- (end of %d result%s for {%s})\n' % ( nr, plural, query_desc )) |
return nr |
|
def world_readable(path): |
205,10 → 226,9 |
return bool(st.st_mode & stat.S_IROTH) |
|
def load_config(): |
""" |
''' Load configuration file is one is found |
load_config() -> ( str file, str pass ) |
Load configuration file is one is found |
""" |
''' |
cfg = os.path.join(os.path.expanduser('~'), '.relevation.conf') |
pw = None |
fl = None |
215,8 → 235,8 |
if os.path.isfile(cfg): |
if os.access(cfg, os.R_OK): |
wr = world_readable(cfg) |
if wr: |
sys.stderr.write('Configuration (~/.relevation.conf) is world-readable!!!\n') |
if wr and sys.platform != 'win32': |
printe('Configuration (~/.relevation.conf) is world-readable!!!') |
parser = ConfigParser.ConfigParser() |
parser.read(cfg) |
ops = parser.options('relevation') |
223,14 → 243,37 |
if 'file' in ops: |
fl = os.path.expanduser(parser.get('relevation', 'file')) |
if 'password' in ops: |
if wr and sys.platform != 'win32': # TODO: how to check in windows? |
sys.stderr.write('Your password can be read by anyone!!!\n') |
if wr: # TODO: how to check in windows? |
printe('Your password can be read by anyone!!!') |
pw = parser.get('relevation', 'password') |
else: # exists but not readable |
sys.stderr.write('Configuration file (~/.relevation.conf) is not readable!\n') |
printe('Configuration file (~/.relevation.conf) is not readable!') |
return ( fl, pw ) |
|
def main(): |
def decrypt_gz(key, cipher_text): |
''' Decrypt cipher_text using key. |
decrypt(str, str) -> cleartext (gzipped xml) |
|
This function will use the underlying, available, cipher module. |
''' |
if USE_PYCRYPTO: |
# Extract IV |
c = AES.new(key) |
iv = c.decrypt(cipher_text[12:28]) |
# Decrypt data, CBC mode |
c = AES.new(key, AES.MODE_CBC, iv) |
ct = c.decrypt(cipher_text[28:]) |
else: |
# Extract IV |
c = rijndael.Rijndael(key, keySize=len(key), padding=noPadding()) |
iv = c.decrypt(cipher_text[12:28]) |
# Decrypt data, CBC mode |
bc = rijndael.Rijndael(key, keySize=len(key), padding=noPadding()) |
c = cbc.CBC(bc, padding=noPadding()) |
ct = c.decrypt(cipher_text[28:], iv=iv) |
return ct |
|
def main(argv): |
datafile = None |
password = None |
# values to search for |
240,13 → 283,13 |
searchTypes = [] |
dump_xml = False |
|
sys.stderr.write('Relevation v%s, (c) 2011 Toni Corvera\n\n' % __version__) |
printe('Relevation v%s, (c) 2011 Toni Corvera\n' % __version__) |
|
# ---------- OPTIONS ---------- # |
( datafile, password ) = load_config() |
try: |
# gnu_getopt requires py >= 2.3 |
ops, args = getopt.gnu_getopt(sys.argv[1:], 'f:p:s:0ciaht:x', |
ops, args = getopt.gnu_getopt(argv, 'f:p:s:0ciaht:x', |
[ 'file=', 'password=', 'search=', 'stdin', |
'case-sensitive', 'case-insensitive', 'ask', |
'help', 'version', 'type=', 'xml' ]) |
266,6 → 309,12 |
release=' [DEBUG]' |
print 'Relevation version %s%s' % ( __version__, release ) |
print 'Python version %s' % sys.version |
if USE_PYCRYPTO: |
import Crypto |
print 'PyCrypto version %s' % Crypto.__version__ |
else: |
# AFAIK cryptopy doesn't export version info |
print 'cryptopy' |
sys.exit(os.EX_OK) |
|
for opt, arg in ops: |
275,7 → 324,7 |
password = arg |
elif opt in ( '-a', '--ask', '-0', '--stdin' ): |
if opt in ( '-a', '--ask' ): |
sys.stderr.write('File password: ') |
printen('File password: ') |
password = sys.stdin.readline() |
password = password[:-1] |
elif opt in ( '-s', '--search' ): |
292,22 → 341,22 |
neg = True |
if not iarg in ( 'creditcard', 'cryptokey', 'database', 'door', 'email', |
'folder', 'ftp', 'generic', 'phone', 'shell', 'website' ): |
sys.stderr.write('Warning: Type "%s" is not known by relevation.\n' % arg) |
printe('Warning: Type "%s" is not known by relevation.' % arg) |
searchTypes.append( ( iarg, neg ) ) |
elif opt in ( '-x', '--xml' ): |
dump_xml = True |
else: |
sys.stderr.write('Unhandled option: %s\n' % opt) |
printe('Unhandled option: %s' % opt) |
assert False, "internal error parsing options" |
if not datafile or not password: |
usage(sys.stderr) |
if not datafile: |
sys.stderr.write('Input password filename is required\n') |
printe('Input password filename is required') |
if not password: |
sys.stderr.write('Password is required\n') |
printe('Password is required') |
sys.exit(os.EX_USAGE) |
|
# ---------- PASSWORDS FILE DECRYPTION ---------- # |
# ---------- PASSWORDS FILE DECRYPTION AND DECOMPRESSION ---------- # |
f = None |
try: |
if not os.access(datafile, os.R_OK): |
320,12 → 369,8 |
f.close() |
# Pad password |
password += (chr(0) * (32 - len(password))) |
# Data IV |
c = AES.new(password) |
iv = c.decrypt(data[12:28]) |
# Decrypt. Decrypted data is compressed |
c = AES.new(password, AES.MODE_CBC, iv) |
cleardata_gz = c.decrypt(data[28:]) |
cleardata_gz = decrypt_gz(password, data) |
# Length of data padding |
padlen = ord(cleardata_gz[-1]) |
# Decompress actual data (15 is wbits [ref3] DON'T CHANGE, 2**15 is the (initial) buf size) |
356,9 → 401,12 |
|
if __name__ == '__main__': |
try: |
main() |
except libxml2.parserError as e: |
sys.stderr.write('XML parsing error\n') |
main(sys.argv[1:]) |
except zlib.error: |
printe('Failed to decompress decrypted data. Wrong password?') |
sys.exit(os.EX_DATAERR) |
except etree.XMLSyntaxError as e: |
printe('XML parsing error') |
if not RELEASE: |
traceback.print_exc() |
sys.exit(os.EX_DATAERR) |
365,7 → 413,7 |
except IOError as e: |
if not RELEASE: |
traceback.print_exc() |
sys.stderr.write(str(e)+"\n") |
printe(str(e)) |
sys.exit(os.EX_IOERR) |
|
# vim:set ts=4 et ai fileencoding=utf-8: # |