def export_data(self, entrystore, password): "Exports data to a data stream" data = "GNOME Password Manager\n" iter = entrystore.iter_nth_child(None, 0) while iter is not None: e = entrystore.get_entry(iter) if type(e) != entry.FolderEntry: e = e.convert_generic() data += e.name + "\n" data += (e[entry.UsernameField] or "") + "\n" data += (e[entry.PasswordField] or "") + "\n" data += (e[entry.HostnameField] or "") + "\n" data += str(e.updated) + "\n" data += str(e.updated) + "\n" data += "0\n" data += str(len(e.description) + 1) + "\n" data += e.description + "\n" iter = entrystore.iter_traverse_next(iter) return encrypt(data.encode(), password)
def __decrypt(self, cipher, data): "Decrypts data" if isinstance(data, str): data = data.encode() # decode ascii armoring decoded = b"" for i in range(len(data) // 2): high = data[2 * i] - ord("a") low = data[2 * i + 1] - ord("a") decoded += bytes((high * 16 + low, )) data = decoded # decrypt data data = cipher.decrypt(data) # unrotate field blocks = int(math.ceil(len(data) / float(8))) plain = b"" for offset in range(8): for block in range(blocks): plain += bytes((data[block * 8 + offset], )) return plain.split(b"\x00")[0]
def export_data(self, entrystore, password): "Exports data from an entrystore" # check and pad password if password is None: raise base.PasswordError password = util.pad_right(password[:32], 32, "\0") # generate XML data = RevelationXML.export_data(self, entrystore) # compress data, and right-pad with the repeated ascii # value of the pad length data = zlib.compress(data.encode()) padlen = 16 - (len(data) % 16) if padlen == 0: padlen = 16 data += bytearray((padlen, )) * padlen # generate an initial vector for the CBC encryption iv = util.random_string(16) # encrypt data AES.block_size = 16 AES.key_size = 32 data = AES.new(password, AES.MODE_CBC, iv).encrypt(data) # encrypt the iv, and prepend it to the data with a header data = self.__generate_header() + AES.new(password).encrypt(iv) + data return data
def export_data(self, entrystore, password): "Exports data from an entrystore" # check and pad password if password is None: raise base.PasswordError # generate and compress XML data = RevelationXML.export_data(self, entrystore) data = zlib.compress(data.encode()) # data needs to be padded to 512 bytes # We use Merkle-Damgard length padding (1 bit followed by 0 bits + size) # http://en.wikipedia.org/wiki/Merkle-Damg%C3%A5rd_hash_function padlen = 512 - (len(data) % 512) if padlen < 4: padlen = 512 + padlen if padlen > 4: data += "\x80" + "\x00" * (padlen - 5) data += struct.pack("<I", padlen) # create a new luks file in memory buffer = StringIO() luksfile = luks.LuksFile() luksfile.create(buffer, "aes", "cbc-essiv:sha256", "sha1", 16, 400) luksfile.set_key(0, password, 5000, 400) # encrypt the data luksfile.encrypt_data(0, data) buffer.seek(0) return buffer.read()
def export_data(self, entrystore, password): "Exports data from an entrystore" # check and hash password with a salt if password is None: raise base.PasswordError # 64-bit salt salt = os.urandom(8) # 256-bit key key = PBKDF2(password, salt, iterations=12000).read(32) # generate XML data = RevelationXML.export_data(self, entrystore) # compress data, and right-pad with the repeated ascii # value of the pad length data = zlib.compress(data.encode()) padlen = 16 - (len(data) % 16) if padlen == 0: padlen = 16 data += bytearray((padlen, )) * padlen # 128-bit IV iv = os.urandom(16) data = AES.new(key, AES.MODE_CBC, iv).encrypt(hashlib.sha256(data).digest() + data) # encrypt the iv, and prepend it to the data with a header and the used salt data = self.__generate_header() + salt + iv + data return data