def main():
args = parser_options().parse_args()
PwmanCli, OSX = get_ui_platform(sys.platform)
xselpath, dbtype, config = get_conf_options(args, OSX)
dburi = config.get_value('Database', 'dburi')
print(dburi)
dbver = get_db_version(config, args)
CryptoEngine.get()
db = factory.createdb(dburi, dbver)
if args.import_file:
importer = Importer((args, config, db))
importer.run()
sys.exit(0)
cli = PwmanCli(db, xselpath, CLICallback, config)
try:
cli.cmdloop()
except KeyboardInterrupt as e:
print(e)
finally:
config.save()
def main():
args = parser_options().parse_args()
PwmanCli, OSX = get_ui_platform(sys.platform)
xselpath, dbtype, config = get_conf_options(args, OSX)
dburi = config.get_value('Database', 'dburi')
client_info = config.get_value('Updater', 'client_info')
if not client_info:
client_info = calculate_client_info()
config.set_value('Updater', 'client_info', client_info)
if not has_cryptography:
import colorama
if config.get_value('Crypto', 'supress_warning').lower() != 'yes':
print("{}WARNING: You are not using PyCrypto!!!\n"
"WARNING: You should install PyCrypto for better security and " # noqa
"perfomance\nWARNING: You can supress this warning by editing " # noqa
"pwman config file.{}".format(colorama.Fore.RED,
colorama.Style.RESET_ALL))
if args.cmd == "version":
latest = check_version(version, client_info)
print("version: %s is latest: %s" % (version, latest))
sys.exit(0)
elif config.get_value('Updater',
'supress_version_check').lower() != 'yes':
check_version(version, client_info)
print(dburi)
dbver = get_db_version(config, args)
timeout = int(config.get_value('Global', 'lock_timeout'))
CryptoEngine.get(timeout)
db = factory.createdb(dburi, dbver)
if args.file_delim:
importer = Importer((args, config, db))
importer.run()
sys.exit(0)
cli = PwmanCli(db, xselpath, CLICallback, config)
if args.cmd == "p":
cli.onecmd("pp %s" % args.node)
sys.exit(0)
if args.cmd == "cp":
cli.onecmd("cp %s" % args.node)
sys.exit(0)
try:
cli.cmdloop()
except KeyboardInterrupt as e:
print(e)
finally:
config.save()
def main():
args = parser_options().parse_args()
PwmanCli, OSX = get_ui_platform(sys.platform)
xselpath, dbtype, config = get_conf_options(args, OSX)
dburi = config.get_value('Database', 'dburi')
client_info = config.get_value('Updater', 'client_info')
if not client_info:
client_info = calculate_client_info()
config.set_value('Updater', 'client_info', client_info)
if not has_cryptography:
import colorama
if config.get_value('Crypto', 'supress_warning').lower() != 'yes':
print(
"{}WARNING: You are not using PyCrypto!!!\n"
"WARNING: You should install PyCrypto for better security and " # noqa
"perfomance\nWARNING: You can supress this warning by editing " # noqa
"pwman config file.{}".format(colorama.Fore.RED,
colorama.Style.RESET_ALL))
if args.cmd == "version":
latest = check_version(version, client_info)
print("version: %s is latest: %s" % (version, latest))
sys.exit(0)
elif config.get_value('Updater', 'supress_version_check').lower() != 'yes':
check_version(version, client_info)
print(dburi)
dbver = get_db_version(config, args)
timeout = int(config.get_value('Global', 'lock_timeout'))
CryptoEngine.get(timeout)
db = factory.createdb(dburi, dbver)
if args.file_delim:
importer = Importer((args, config, db))
importer.run()
sys.exit(0)
cli = PwmanCli(db, xselpath, CLICallback, config)
if args.cmd == "p":
cli.onecmd("pp %s" % args.node)
sys.exit(0)
if args.cmd == "cp":
cli.onecmd("cp %s" % args.node)
sys.exit(0)
try:
cli.cmdloop()
except KeyboardInterrupt as e:
print(e)
finally:
config.save()
def test_get(self):
CryptoEngine._instance_new = None
old_engine = CryptoEngine.get(0.4)
self.assertIsInstance(old_engine, CryptoEngineOld)
CryptoEngine._instance = None
new_engine = CryptoEngine.get(dbver=0.5)
self.assertIsInstance(new_engine, CryptoEngine)
self.assertFalse(isinstance(new_engine, CryptoEngineOld))
CryptoEngine._instance = None
old_engine = CryptoEngine.get()
def test_get(self):
CryptoEngine._instance_new = None
old_engine = CryptoEngine.get(0.4)
self.assertIsInstance(old_engine, CryptoEngineOld)
CryptoEngine._instance = None
new_engine = CryptoEngine.get(dbver=0.5)
self.assertIsInstance(new_engine, CryptoEngine)
self.assertFalse(isinstance(new_engine, CryptoEngineOld))
CryptoEngine._instance = None
old_engine = CryptoEngine.get()
def __init__(self):
config.set_defaults(default_config)
enc = CryptoEngine.get(dbver=0.4)
enc.callback = DummyCallback4()
self.enc1 = copy.copy(enc)
enc = CryptoEngine.get(dbver=0.5)
enc.callback = DummyCallback4()
self.enc2 = copy.copy(enc)
self.db1 = SQLiteDatabaseNewForm('konverter-v0.4.db', dbformat=0.4)
self.db2 = SQLiteDatabaseNewForm('konverter-v0.5.db', dbformat=0.5)
assert self.enc1 is not self.enc2
def run(self):
global AUTHENTICATED, TAGS, DB
OSX = False
print(sys.argv)
args = parser_options().parse_args()
xselpath, dburi, configp = get_conf_options(args, OSX)
DB = pwman.data.factory.createdb(dburi, None)
DB.open()
print(dburi)
print(dir(DB))
CryptoEngine.get()
debug(True)
run(port=9030)
def test6_is_timedout(self):
ce = CryptoEngine.get()
ce._expires_at = time.time() - 2
time.sleep(1.1)
self.assertTrue(ce._is_timedout())
self.assertIsNone(ce._cipher)
self.assertFalse(ce._is_authenticated())
def test5_e_authenticate(self):
ce = CryptoEngine.get()
ce._reader = give_key
self.assertFalse(ce.authenticate(b'verywrong'))
self.assertTrue(ce.authenticate(b'12345'))
ce._expires_at = int(time.time()) + 600
self.assertTrue(ce._is_authenticated())
def __init__(self, db, hasxsel, callback, config_parser, **kwargs):
"""
initialize CLI interface, set up the DB
connecion, see if we have xsel ...
"""
super(PwmanCli, self).__init__(**kwargs)
self.intro = "%s %s (c) visit: %s" % ('pwman3', version, website)
self._historyfile = config_parser.get_value("Readline", "history")
self.hasxsel = hasxsel
self.config = config_parser
try:
enc = CryptoEngine.get()
enc.callback = callback()
self._db = db
# this cascades down all the way to setting the database key
self._db.open()
except Exception as e: # pragma: no cover
self.error(e)
sys.exit(1)
try:
readline.read_history_file(self._historyfile)
except IOError as e: # pragma: no cover
pass
self.prompt = "pwman> "
def do_forget(self, args):
"""
drop saved key forcing the user to re-enter the master
password
"""
enc = CryptoEngine.get()
enc.forget()
def get_user_password(self):
"""
get the databases password from the user
"""
enc = CryptoEngine.get()
newkey = enc.changepassword()
return self.savekey(newkey)
def test5_e_authenticate(self):
ce = CryptoEngine.get()
ce._reader = give_key
self.assertFalse(ce.authenticate('verywrong'))
self.assertTrue(ce.authenticate('12345'))
ce._timeout = -1
self.assertTrue(ce._is_authenticated())
def __init__(self, db, hasxsel, callback, config_parser, **kwargs):
"""
initialize CLI interface, set up the DB
connecion, see if we have xsel ...
"""
super(PwmanCli, self).__init__(**kwargs)
self.intro = "%s %s (c) visit: %s" % ('pwman3', version, website)
self._historyfile = config_parser.get_value("Readline", "history")
self.hasxsel = hasxsel
self.config = config_parser
try:
enc = CryptoEngine.get()
enc.callback = callback()
self._db = db
# this cascades down all the way to setting the database key
self._db.open()
except Exception as e: # pragma: no cover
self.error(e)
sys.exit(1)
try:
readline.read_history_file(self._historyfile)
except IOError as e: # pragma: no cover
pass
self.prompt = "pwman> "
def get_user_password(self):
"""
get the databases password from the user
"""
enc = CryptoEngine.get()
newkey = enc.changepassword()
return self.savekey(newkey)
def tags(self):
enc = CryptoEngine.get()
try:
return [enc.decrypt(tag) for tag in
filter(None, self._tags)]
except Exception:
return [tag for tag in filter(None, self._tags)]
def test5_e_authenticate(self):
ce = CryptoEngine.get()
ce._reader = give_key
self.assertFalse(ce.authenticate(b'verywrong'))
self.assertTrue(ce.authenticate(b'12345'))
ce._expires_at = int(time.time()) + 600
self.assertTrue(ce._is_authenticated())
def do_forget(self, args):
"""
drop saved key forcing the user to re-enter the master
password
"""
enc = CryptoEngine.get()
enc.forget()
def test_6_list_nodes(self):
ret = self.db.listnodes()
self.assertEqual(ret, [1])
ce = CryptoEngine.get()
fltr = ce.encrypt("footag")
ret = self.db.listnodes(fltr)
self.assertEqual(ret, [1])
def test_2_create_node(self):
# create a node , should be encrypted, but not yet inserted to db
n = "alice;wonderland.com;secert;scratch;foo,bar".split(";")
node = self.importer._create_node(n)
ce = CryptoEngine.get()
self.assertEqual(ce.decrypt(node._username).decode(), u'alice')
self.assertEqual([b'foo', b'bar'], [t for t in node.tags])
def test6_is_timedout(self):
ce = CryptoEngine.get()
ce._expires_at = time.time() - 2
time.sleep(1.1)
self.assertTrue(ce._is_timedout())
self.assertIsNone(ce._cipher)
self.assertFalse(ce._is_authenticated())
def tags(self):
enc = CryptoEngine.get()
try:
return [enc.decrypt(tag).decode() for tag in
filter(None, self._tags)]
except Exception:
return [tag for tag in filter(None, self._tags)]
def test_2_create_node(self):
# create a node , should be encrypted, but not yet inserted to db
n = "alice;wonderland.com;secert;scratch;foo,bar".split(";")
node = self.importer._create_node(n)
ce = CryptoEngine.get()
self.assertEqual(ce.decrypt(node._username).decode(), u'alice')
self.assertEqual([b'foo', b'bar'], [t for t in node.tags])
def listnodes(apply=['require_login']):
global AUTHENTICATED, TAGS, DB
_filter = None
if 'POST' in request.method:
_filter = request.POST.get('tag')
if _filter:
DB._filtertags = []
if _filter == 'None':
DB._filtertags = []
nodeids = DB.listnodes()
raw_nodes = DB.getnodes(nodeids)
_nodes_inst = []
for node in raw_nodes:
_nodes_inst.append(Node.from_encrypted_entries(
node[1],
node[2],
node[3],
node[4],
node[5:]))
_nodes_inst[-1]._id = node[0]
nodesd = _nodes_inst
ce = CryptoEngine.get()
tags = [ce.decrypt(t).decode() for t in DB.listtags()]
html_nodes = template("index.tpl", nodes=nodesd, tags=tags, request=request,
template_lookup=[resource_filename('pwman',
'ui/templates')])
return html_nodes
def forget():
global AUTHENTICATED
AUTHENTICATED = False
enc = CryptoEngine.get()
enc.forget()
redirect('/auth')
def test_do_encdict(self):
ce = CryptoEngine.get()
for k, v in self.node.to_encdict().items():
if k == 'user':
self.assertEqual(
ce.decrypt(v).decode(), getattr(self.node, 'username'))
elif k != 'tags':
self.assertEqual(ce.decrypt(v).decode(), getattr(self.node, k))
def _get_node_ids(self, args):
filter = None
if args:
filter = args.split()[0]
ce = CryptoEngine.get()
filter = ce.encrypt(filter)
nodeids = self._db.listnodes(filter=filter)
return nodeids
def _get_node_ids(self, args):
filter = None
if args:
filter = args.split()[0]
ce = CryptoEngine.get()
filter = ce.encrypt(filter)
nodeids = self._db.listnodes(filter=filter)
return nodeids
def test_do_encdict(self):
ce = CryptoEngine.get()
for k, v in self.node.to_encdict().items():
if k == 'user':
self.assertEqual(ce.decrypt(v).decode(), getattr(self.node,
'username'))
elif k != 'tags':
self.assertEqual(ce.decrypt(v).decode(), getattr(self.node, k))
def do_tags(self, args):
"""
print all existing tags
"""
ce = CryptoEngine.get()
print("Tags:")
tags = self._db.listtags()
for t in tags:
print(ce.decrypt(t).decode())
def test_g_encrypt_decrypt_wrong_pass(self):
ce = CryptoEngine.get()
ce._cipher = None
ce._getsecret = give_wrong_key
self.assertRaises(CryptoException, ce.encrypt, b"secret")
ce._getsecret = lambda x: b'12345'
secret = ce.encrypt(b"topsecret")
decrypt = ce.decrypt(secret)
self.assertEqual(decrypt.decode(), "topsecret")
def __init__(self, clear_text=True, **kwargs):
if clear_text:
enc = CryptoEngine.get()
self._username = enc.encrypt(kwargs.get('username')).strip()
self._password = enc.encrypt(kwargs.get('password')).strip()
self._url = enc.encrypt(kwargs.get('url')).strip()
self._notes = enc.encrypt(kwargs.get('notes')).strip()
self._tags = [enc.encrypt(t).strip() for t in
kwargs.get('tags', '')]
def __init__(self, clear_text=True, **kwargs):
if clear_text:
enc = CryptoEngine.get()
self._username = enc.encrypt(kwargs.get('username')).strip()
self._password = enc.encrypt(kwargs.get('password')).strip()
self._url = enc.encrypt(kwargs.get('url')).strip()
self._notes = enc.encrypt(kwargs.get('notes')).strip()
self._tags = [enc.encrypt(t).strip() for t in
kwargs.get('tags', '')]
def test_g_encrypt_decrypt_wrong_pass(self):
ce = CryptoEngine.get()
ce._cipher = None
ce._getsecret = give_wrong_key
self.assertRaises(CryptoException, ce.encrypt, b"secret")
ce._getsecret = lambda x: b'12345'
secret = ce.encrypt(b"topsecret")
decrypt = ce.decrypt(secret)
self.assertEqual(decrypt.decode(), "topsecret")
def do_tags(self, args):
"""
print all existing tags
"""
ce = CryptoEngine.get()
print("Tags:")
tags = self._db.listtags()
for t in tags:
print(ce.decrypt(t).decode())
def test_9_test_no_orphans(self):
self.db._clean_orphans()
self.db._con.commit()
ce = CryptoEngine.get()
tags = None
while not tags:
tags = self.db._cur.execute('SELECT * FROM tag').fetchall()
tags_clear = [ce.decrypt(tag[1]) for tag in tags]
self.assertNotIn(b"baz", tags_clear)
def test_9_test_no_orphans(self):
self.db._clean_orphans()
self.db._con.commit()
ce = CryptoEngine.get()
tags = None
while not tags:
tags = self.db._cur.execute('SELECT * FROM tag').fetchall()
tags_clear = [ce.decrypt(tag[1]) for tag in tags]
self.assertNotIn(b"baz", tags_clear)
def test4_d_get_crypto(self):
ce = CryptoEngine.get()
ce.callback = DummyCallback()
secret2 = ce.changepassword(reader=give_key)
secret1 = ce.changepassword(reader=give_key)
# althouth the same secret key is used,
# the secret hash is not the same, because a
# different random seed is used when calling
# CryptoEngine._get_digest
self.assertNotEqual(secret1, secret2)
def test4_d_get_crypto(self):
ce = CryptoEngine.get()
ce.callback = DummyCallback()
secret2 = ce.changepassword(reader=give_key)
secret1 = ce.changepassword(reader=give_key)
# althouth the same secret key is used,
# the secret hash is not the same, because a
# different random seed is used when calling
# CryptoEngine._get_digest
self.assertNotEqual(secret1, secret2)
def run(self, callback=CLICallback):
enc = CryptoEngine.get()
enc.callback = callback()
self._open_db()
for row in self._read_file():
node = self._create_node(row)
self._insert_node(node)
self._db.close()
def run(self, callback=CLICallback):
enc = CryptoEngine.get()
enc.callback = callback()
self._open_db()
for row in self._read_file():
node = self._create_node(row)
self._insert_node(node)
self._db.close()
def test_3_add_node(self):
node = Node(clear_text=True,
**{'username': "******", 'password': "******",
'url': "wonderland.com",
'notes': "a really great place",
'tags': ['foo', 'bar']})
self.db.add_node(node)
rv = self.db._cur.execute("select * from node")
ce = CryptoEngine.get()
res = rv.fetchone()
self.assertEqual(ce.decrypt(res[1]), b"alice")
def test_f_encrypt_decrypt(self):
ce = CryptoEngine.get()
ce._reader = give_key
if not ce._salt:
ce._salt = salt
secret = ce.encrypt(b"topsecret")
decrypt = ce.decrypt(secret)
self.assertEqual(decrypt.decode(), "topsecret")
ce._cipher = None
secret = ce.encrypt(b"topsecret")
decrypt = ce.decrypt(secret)
self.assertEqual(decrypt.decode(), "topsecret")
def test_4_test_tags(self):
node = Node(clear_text=True,
**{'username': u"alice", 'password': u"secret",
'url': u"wonderland.com",
'notes': u"a really great place",
'tags': [u'foo', u'bar']})
ce = CryptoEngine.get()
self.db._get_or_create_tag(node._tags[0])
self.assertEqual(1, self.db._get_or_create_tag(node._tags[0]))
rv = self.db._get_or_create_tag(ce.encrypt('baz'))
self.db._con.commit()
self.assertEqual(3, rv)
def test_f_encrypt_decrypt(self):
ce = CryptoEngine.get()
ce._reader = give_key
if not ce._salt:
ce._salt = salt
secret = ce.encrypt(b"topsecret")
decrypt = ce.decrypt(secret)
self.assertEqual(decrypt.decode(), "topsecret")
ce._cipher = None
secret = ce.encrypt(b"topsecret")
decrypt = ce.decrypt(secret)
self.assertEqual(decrypt.decode(), "topsecret")
def test_9_test_orphans(self):
self.db._clean_orphans()
ce = CryptoEngine.get()
baz_encrypted = ce.encrypt(u'baz').decode()
self.db._cur.execute('SELECT DATA FROM TAG')
rv = self.db._cur.fetchall()
for data in rv:
if isinstance(data[0], str):
self.assertNotIn(u'bank', data[0])
else:
self.assertNotIn(baz_encrypted, data[0].decode())
def do_delete(self, args):
ce = CryptoEngine.get()
ce.encrypt("")
ids = self._get_ids(args)
if not ids:
return
ans = tools.getinput("Are you sure you want to delete node{} {}"
" [y/N]?".format("s" if len(ids) > 1 else "",
",".join(ids) if len(ids) > 1 else ids[0])) # noqa
if ans.lower() == 'y':
self._do_rm(ids)
def listnodes(self, filter_=None):
if not filter_:
nodes = self._db.nodes.find({}, {'_id': 1})
return [node["_id"] for node in nodes]
else:
matching = []
ce = CryptoEngine.get()
nodes = list(self._db.nodes.find({}, {'_id': 1, 'tags': 1}))
for node in nodes:
node['tags'] = [ce.decrypt(t) for t in node['tags']]
if filter_ in node['tags']:
matching.append(node)
return [node["_id"] for node in matching]
def do_delete(self, args):
ce = CryptoEngine.get()
ce.encrypt("")
ids = self._get_ids(args)
if not ids:
return
ans = tools.getinput("Are you sure you want to delete node{} {}"
" [y/N]?".format("s" if len(ids) > 1 else "",
",".join(ids) if len(ids) > 1 else ids[0])) # noqa
if ans.lower() == 'y':
self._do_rm(ids)
def listnodes(self, filter_=None):
if not filter_:
nodes = self._db.nodes.find({}, {'_id': 1})
return [node["_id"] for node in nodes]
else:
matching = []
ce = CryptoEngine.get()
nodes = list(self._db.nodes.find({}, {'_id': 1, 'tags': 1}))
for node in nodes:
node['tags'] = [ce.decrypt(t) for t in node['tags']]
if filter_ in node['tags']:
matching.append(node)
return [node["_id"] for node in matching]
def test_7_listnodes_w_filter(self):
ce = CryptoEngine.get()
# the tag 'bar' is found in a node created in:
# test_3_add_node
# test_6_listnodes
tag = ce.encrypt(b'bar')
rv = self.db.listnodes(tag)
self.assertEqual(len(rv), 2)
tag = ce.encrypt(b'baz')
# the tag 'baz' is found in a node created in
# test_6_listnodes
rv = self.db.listnodes(tag)
self.assertEqual(len(rv), 1)
def test_3_add_node(self):
node = Node(clear_text=True,
**{
'username': "******",
'password': "******",
'url': "wonderland.com",
'notes': "a really great place",
'tags': ['foo', 'bar']
})
self.db.add_node(node)
rv = self.db._cur.execute("select * from node")
ce = CryptoEngine.get()
res = rv.fetchone()
self.assertEqual(ce.decrypt(res[1]), b"alice")
def test_9_editnode(self):
# delibertly insert clear text into the database
ce = CryptoEngine.get()
tags = [ce.encrypt("foo"), ce.encrypt("auto")]
node = {'user': '******', 'password': '******', 'tags': tags}
self.db.editnode('2', **node)
self.db._cur.execute('SELECT USER, PASSWORD FROM NODE WHERE ID=2')
rv = self.db._cur.fetchone()
self.assertEqual(rv, ('transparent', 'notsecret'))
node = {'user': '******', 'password': '******', 'tags': tags}
# now the tags bank and baz are orphan ...
# what happens? it should be completely removed.
# To spare IO we only delete orphand tags when
# db.close is called.
self.db.editnode('2', **node)
def test_4_test_tags(self):
node = Node(clear_text=True,
**{
'username': u"alice",
'password': u"secret",
'url': u"wonderland.com",
'notes': u"a really great place",
'tags': ['foo', 'bar']
})
ce = CryptoEngine.get()
self.db._get_or_create_tag(node._tags[0])
self.assertEqual(1, self.db._get_or_create_tag(node._tags[0]))
rv = self.db._get_or_create_tag(ce.encrypt(b'baz'))
self.assertEqual(3, rv)
self.db._con.commit()
def open(self, dbver=None):
"""
Open the database, by calling the _open method of the
class inherited for the specific database.
When done validation that the file is OK, check if it has
encryption key, by calling
enc = CryptoEngine.get()
key = self.loadkey()
"""
self._open()
enc = CryptoEngine.get()
key = self.loadkey()
if key is not None:
enc.set_cryptedkey(key)
else:
self.get_user_password()
def test_1_do_new(self):
sys.stdin = BytesIO((b"alice\nsecret\nexample.com\nsome notes"
b"\nfoo bar baz"))
_node = self.tester.cli._do_new('')
sys.stdin = sys.__stdin__
self.assertListEqual([b'foo', b'bar', b'baz'], [t for t in _node.tags])
nodeid = self.tester.cli._db.listnodes()
self.assertListEqual([1], nodeid)
nodes = self.tester.cli._db.getnodes(nodeid)
ce = CryptoEngine.get()
user = ce.decrypt(nodes[0][1])
self.assertTrue(user, 'alice')
tags = nodes[0][5:]
for idx, t in enumerate(['foo', 'bar', 'baz']):
self.assertTrue(t, tags[idx])
def do_open(self, args): # pragma: no cover
ids = self._get_ids(args)
if not args:
self.help_open()
return
nodes = self._db.getnodes(ids)
ce = CryptoEngine.get()
for node in nodes:
url = ce.decrypt(node[3]).decode()
if not url.startswith(("http://", "https://")):
url = "https://" + url
if url:
mask = os.umask(22)
tools.open_url(url)
os.umask(mask)