def decrypt_account(encrypted_otpauth_account): # Get password from user password = getpass.getpass( f'Password for export file {encrypted_otpauth_account.name}: ') # Get IV and key for wrapping archive iv = bytes(16) key = hashlib.sha256('OTPAuth'.encode('utf-8')).digest() # Decrypt wrapping archive data = AES.new(key, AES.MODE_CBC, iv).decrypt(encrypted_otpauth_account.read()) data = data[:-data[-1]] # Decode wrapping archive archive = archiver.Unarchive(data).top_object() if archive['Version'] == 1.1: account = decrypt_account_11(archive, password) elif archive['Version'] == 1.2: account = decrypt_account_12(archive, password) else: click.echo(f'Encountered unknown file version: {archive["Version"]}') return render_qr_to_terminal(account.otp_uri(), account.type, account.issuer, account.label)
def decrypt_backup(encrypted_otpauth_backup): # Get password from user password = getpass.getpass( f'Password for export file {encrypted_otpauth_backup.name}: ') # Get IV and key for wrapping archive iv = bytes(16) key = hashlib.sha256('Authenticator'.encode('utf-8')).digest() # Decrypt wrapping archive data = AES.new(key, AES.MODE_CBC, iv).decrypt(encrypted_otpauth_backup.read()) data = data[:-data[-1]] # Decode wrapping archive archive = archiver.Unarchive(data).top_object() if archive['Version'] == 1.0: accounts = decrypt_backup_10(archive, password) elif archive['Version'] == 1.1: accounts = decrypt_backup_11(archive, password) else: click.echo(f'Encountered unknown file version: {archive["Version"]}') return for account in accounts: render_qr_to_terminal(account.otp_uri(), account.type, account.issuer, account.label) input("Press Enter to continue...")
def decrypt_backup(encrypted_otpauth_backup, png_output_path: Optional[Path]): if png_output_path: if not png_output_path.exists() or not png_output_path.is_dir(): click.echo( f'Output path for PNG does not exist: {png_output_path}', err=True) exit(1) # Get password from user password = getpass.getpass( f'Password for export file {encrypted_otpauth_backup.name}: ') # Get IV and key for wrapping archive iv = bytes(16) key = hashlib.sha256('Authenticator'.encode('utf-8')).digest() # Decrypt wrapping archive data = AES.new(key, AES.MODE_CBC, iv).decrypt(encrypted_otpauth_backup.read()) data = data[:-data[-1]] # with open('backup.plist', 'wb+') as f: # f.seek(0) # f.write(data) # Decode wrapping archive archive = archiver.Unarchive(data).top_object() if archive['Version'] == 1.0: accounts = decrypt_backup_10(archive, password) elif archive['Version'] == 1.1: accounts = decrypt_backup_11(archive, password) else: click.echo(f'Encountered unknow file version: {archive["Version"]}') return for account in accounts: # print(account.otp_uri()) # print(f'Account Type: {account.type}') # print(f'Account Issuer: {account.issuer}') # print(f'Account Label: {account.label}') if png_output_path: qr = qr_code(account.otp_uri()) file_name = f'{account.issuer}_{account.label}'.replace(" ", "-") qr.png(png_output_path.joinpath(f'{file_name}.png'), scale=12) else: render_qr_to_terminal(account.otp_uri(), account.type, account.issuer, account.label) input("Press Enter to continue...")