def export_data(self, entrystore, password):
"Exports data to a data stream"
data = "GNOME Password Manager\n"
iter = entrystore.iter_nth_child(None, 0)
while iter is not None:
e = entrystore.get_entry(iter)
if type(e) != entry.FolderEntry:
e = e.convert_generic()
data += e.name + "\n"
data += (e[entry.UsernameField] or "") + "\n"
data += (e[entry.PasswordField] or "") + "\n"
data += (e[entry.HostnameField] or "") + "\n"
data += str(e.updated) + "\n"
data += str(e.updated) + "\n"
data += "0\n"
data += str(len(e.description) + 1) + "\n"
data += e.description + "\n"
iter = entrystore.iter_traverse_next(iter)
return encrypt(data.encode(), password)
def __decrypt(self, cipher, data):
"Decrypts data"
if isinstance(data, str):
data = data.encode()
# decode ascii armoring
decoded = b""
for i in range(len(data) // 2):
high = data[2 * i] - ord("a")
low = data[2 * i + 1] - ord("a")
decoded += bytes((high * 16 + low, ))
data = decoded
# decrypt data
data = cipher.decrypt(data)
# unrotate field
blocks = int(math.ceil(len(data) / float(8)))
plain = b""
for offset in range(8):
for block in range(blocks):
plain += bytes((data[block * 8 + offset], ))
return plain.split(b"\x00")[0]
def export_data(self, entrystore, password):
"Exports data from an entrystore"
# check and pad password
if password is None:
raise base.PasswordError
password = util.pad_right(password[:32], 32, "\0")
# generate XML
data = RevelationXML.export_data(self, entrystore)
# compress data, and right-pad with the repeated ascii
# value of the pad length
data = zlib.compress(data.encode())
padlen = 16 - (len(data) % 16)
if padlen == 0:
padlen = 16
data += bytearray((padlen, )) * padlen
# generate an initial vector for the CBC encryption
iv = util.random_string(16)
# encrypt data
AES.block_size = 16
AES.key_size = 32
data = AES.new(password, AES.MODE_CBC, iv).encrypt(data)
# encrypt the iv, and prepend it to the data with a header
data = self.__generate_header() + AES.new(password).encrypt(iv) + data
return data
def export_data(self, entrystore, password):
"Exports data from an entrystore"
# check and pad password
if password is None:
raise base.PasswordError
# generate and compress XML
data = RevelationXML.export_data(self, entrystore)
data = zlib.compress(data.encode())
# data needs to be padded to 512 bytes
# We use Merkle-Damgard length padding (1 bit followed by 0 bits + size)
# http://en.wikipedia.org/wiki/Merkle-Damg%C3%A5rd_hash_function
padlen = 512 - (len(data) % 512)
if padlen < 4:
padlen = 512 + padlen
if padlen > 4:
data += "\x80" + "\x00" * (padlen - 5)
data += struct.pack("<I", padlen)
# create a new luks file in memory
buffer = StringIO()
luksfile = luks.LuksFile()
luksfile.create(buffer, "aes", "cbc-essiv:sha256", "sha1", 16, 400)
luksfile.set_key(0, password, 5000, 400)
# encrypt the data
luksfile.encrypt_data(0, data)
buffer.seek(0)
return buffer.read()
def export_data(self, entrystore, password):
"Exports data from an entrystore"
# check and hash password with a salt
if password is None:
raise base.PasswordError
# 64-bit salt
salt = os.urandom(8)
# 256-bit key
key = PBKDF2(password, salt, iterations=12000).read(32)
# generate XML
data = RevelationXML.export_data(self, entrystore)
# compress data, and right-pad with the repeated ascii
# value of the pad length
data = zlib.compress(data.encode())
padlen = 16 - (len(data) % 16)
if padlen == 0:
padlen = 16
data += bytearray((padlen, )) * padlen
# 128-bit IV
iv = os.urandom(16)
data = AES.new(key, AES.MODE_CBC,
iv).encrypt(hashlib.sha256(data).digest() + data)
# encrypt the iv, and prepend it to the data with a header and the used salt
data = self.__generate_header() + salt + iv + data
return data
