[catacomb-python] / catacomb / pwsafe.py

# -*-python-*-

import catacomb as _C
import gdbm as _G
import struct as _S

class DecryptError (Exception):
  pass

class Crypto (object):
  def __init__(me, c, h, m, ck, mk):
    me.c = c(ck)
    me.m = m(mk)
    me.h = h
  def encrypt(me, pt):
    if me.c.__class__.blksz:
      iv = _C.rand.block(me.c.__class__.blksz)
      me.c.setiv(iv)
    else:
      iv = ''
    y = iv + me.c.encrypt(pt)
    t = me.m().hash(y).done()
    return t + y
  def decrypt(me, ct):
    t = ct[:me.m.__class__.tagsz]
    y = ct[me.m.__class__.tagsz:]
    if t != me.m().hash(y).done():
      raise DecryptError
    iv = y[:me.c.__class__.blksz]
    if me.c.__class__.blksz: me.c.setiv(iv)
    return me.c.decrypt(y[me.c.__class__.blksz:])
  
class PPK (Crypto):
  def __init__(me, pp, c, h, m, salt = None):
    if not salt: salt = _C.rand.block(h.hashsz)
    tag = '%s\0%s' % (pp, salt)
    Crypto.__init__(me, c, h, m,
                  h().hash('cipher:' + tag).done(),
                  h().hash('mac:' + tag).done())
    me.salt = salt

class Buffer (object):
  def __init__(me, s):
    me.str = s
    me.i = 0
  def get(me, n):
    i = me.i
    if n + i > len(me.str):
      raise IndexError, 'buffer underflow'
    me.i += n
    return me.str[i:i + n]
  def getbyte(me):
    return ord(me.get(1))
  def unpack(me, fmt):
    return _S.unpack(fmt, me.get(_S.calcsize(fmt)))
  def getstring(me):
    return me.get(me.unpack('>H')[0])
  def checkend(me):
    if me.i != len(me.str):
      raise ValueError, 'junk at end of buffer'

def _wrapstr(s):
  return _S.pack('>H', len(s)) + s

class PWIter (object):
  def __init__(me, pw):
    me.pw = pw
    me.k = me.pw.db.firstkey()
  def next(me):
    k = me.k
    while True:
      if k is None:
        raise StopIteration
      if k[0] == '$':
        break
      k = me.pw.db.nextkey(k)
    me.k = me.pw.db.nextkey(k)
    return me.pw.unpack(me.pw.db[k])[0]
class PW (object):
  def __init__(me, file, mode = 'r'):
    me.db = _G.open(file, mode)
    c = _C.gcciphers[me.db['cipher']]
    h = _C.gchashes[me.db['hash']]
    m = _C.gcmacs[me.db['mac']]
    tag = me.db['tag']
    ppk = PPK(_C.ppread(tag), c, h, m, me.db['salt'])
    try:
      buf = Buffer(ppk.decrypt(me.db['key']))
    except DecryptError:
      _C.ppcancel(tag)
      raise
    me.ck = buf.getstring()
    me.mk = buf.getstring()
    buf.checkend()
    me.k = Crypto(c, h, m, me.ck, me.mk)
    me.magic = me.k.decrypt(me.db['magic'])
  def keyxform(me, key):
    return '$' + me.k.h().hash(me.magic).hash(key).done()
  def changepp(me):
    tag = me.db['tag']
    _C.ppcancel(tag)
    ppk = PPK(_C.ppread(tag, _C.PMODE_VERIFY),
              me.k.c.__class__, me.k.h, me.k.m.__class__)
    me.db['key'] = ppk.encrypt(_wrapstr(me.ck) + _wrapstr(me.mk))
    me.db['salt'] = ppk.salt
  def pack(me, key, value):
    w = _wrapstr(key) + _wrapstr(value)
    pl = (len(w) + 255) & ~255
    w += '\0' * (pl - len(w))
    return me.k.encrypt(w)
  def unpack(me, p):
    buf = Buffer(me.k.decrypt(p))
    key = buf.getstring()
    value = buf.getstring()
    return key, value
  def __getitem__(me, key):
    try:
      return me.unpack(me.db[me.keyxform(key)])[1]
    except KeyError:
      raise KeyError, key
  def __setitem__(me, key, value):
    me.db[me.keyxform(key)] = me.pack(key, value)
  def __delitem__(me, key):
    try:
      del me.db[me.keyxform(key)]
    except KeyError:
      raise KeyError, key
  def __iter__(me):
    return PWIter(me)
Commit	Line	Data
43c09851	1	# --python--
	2
	3	import catacomb as _C
	4	import gdbm as _G
	5	import struct as _S
	6
	7	class DecryptError (Exception):
	8	pass
	9
	10	class Crypto (object):
	11	def __init__(me, c, h, m, ck, mk):
	12	me.c = c(ck)
	13	me.m = m(mk)
	14	me.h = h
	15	def encrypt(me, pt):
	16	if me.c.__class__.blksz:
	17	iv = _C.rand.block(me.c.__class__.blksz)
	18	me.c.setiv(iv)
	19	else:
	20	iv = ''
	21	y = iv + me.c.encrypt(pt)
	22	t = me.m().hash(y).done()
	23	return t + y
	24	def decrypt(me, ct):
	25	t = ct[:me.m.__class__.tagsz]
	26	y = ct[me.m.__class__.tagsz:]
	27	if t != me.m().hash(y).done():
	28	raise DecryptError
	29	iv = y[:me.c.__class__.blksz]
	30	if me.c.__class__.blksz: me.c.setiv(iv)
	31	return me.c.decrypt(y[me.c.__class__.blksz:])
	32
	33	class PPK (Crypto):
	34	def __init__(me, pp, c, h, m, salt = None):
	35	if not salt: salt = _C.rand.block(h.hashsz)
	36	tag = '%s\0%s' % (pp, salt)
	37	Crypto.__init__(me, c, h, m,
	38	h().hash('cipher:' + tag).done(),
	39	h().hash('mac:' + tag).done())
	40	me.salt = salt
	41
	42	class Buffer (object):
	43	def __init__(me, s):
	44	me.str = s
	45	me.i = 0
	46	def get(me, n):
	47	i = me.i
	48	if n + i > len(me.str):
	49	raise IndexError, 'buffer underflow'
	50	me.i += n
	51	return me.str[i:i + n]
	52	def getbyte(me):
	53	return ord(me.get(1))
	54	def unpack(me, fmt):
	55	return _S.unpack(fmt, me.get(_S.calcsize(fmt)))
	56	def getstring(me):
	57	return me.get(me.unpack('>H')[0])
	58	def checkend(me):
	59	if me.i != len(me.str):
	60	raise ValueError, 'junk at end of buffer'
	61
	62	def _wrapstr(s):
	63	return _S.pack('>H', len(s)) + s
	64
65	class PWIter (object):
66	def __init__(me, pw):
67	me.pw = pw
68	me.k = me.pw.db.firstkey()
69	def next(me):
70	k = me.k
71	while True:
72	if k is None:
73	raise StopIteration
74	if k[0] == '$':
75	break
76	k = me.pw.db.nextkey(k)
77	me.k = me.pw.db.nextkey(k)
78	return me.pw.unpack(me.pw.db[k])[0]
79	class PW (object):
80	def __init__(me, file, mode = 'r'):
81	me.db = _G.open(file, mode)
82	c = _C.gcciphers[me.db['cipher']]
83	h = _C.gchashes[me.db['hash']]
84	m = _C.gcmacs[me.db['mac']]
85	tag = me.db['tag']
86	ppk = PPK(_C.ppread(tag), c, h, m, me.db['salt'])
87	try:
88	buf = Buffer(ppk.decrypt(me.db['key']))
89	except DecryptError:
90	_C.ppcancel(tag)
91	raise
92	me.ck = buf.getstring()
93	me.mk = buf.getstring()
94	buf.checkend()
95	me.k = Crypto(c, h, m, me.ck, me.mk)
96	me.magic = me.k.decrypt(me.db['magic'])
97	def keyxform(me, key):
98	return '$' + me.k.h().hash(me.magic).hash(key).done()
99	def changepp(me):
100	tag = me.db['tag']
101	_C.ppcancel(tag)
102	ppk = PPK(_C.ppread(tag, _C.PMODE_VERIFY),
103	me.k.c.__class__, me.k.h, me.k.m.__class__)
104	me.db['key'] = ppk.encrypt(_wrapstr(me.ck) + _wrapstr(me.mk))
105	me.db['salt'] = ppk.salt
106	def pack(me, key, value):
107	w = _wrapstr(key) + _wrapstr(value)
108	pl = (len(w) + 255) & ~255
109	w += '\0' * (pl - len(w))
110	return me.k.encrypt(w)
111	def unpack(me, p):
112	buf = Buffer(me.k.decrypt(p))
113	key = buf.getstring()
114	value = buf.getstring()
115	return key, value
116	def __getitem__(me, key):
2e6a3fda	117	try:
	118	return me.unpack(me.db[me.keyxform(key)])[1]
	119	except KeyError:
	120	raise KeyError, key
43c09851	121	def __setitem__(me, key, value):
	122	me.db[me.keyxform(key)] = me.pack(key, value)
	123	def __delitem__(me, key):
2e6a3fda	124	try:
	125	del me.db[me.keyxform(key)]
	126	except KeyError:
	127	raise KeyError, key
43c09851	128	def __iter__(me):
	129	return PWIter(me)
	130