4 ### Tool for maintaining a secure-ish password database
6 ### (c) 2005 Straylight/Edgeware
9 ###----- Licensing notice ---------------------------------------------------
11 ### This file is part of the Python interface to Catacomb.
13 ### Catacomb/Python is free software; you can redistribute it and/or modify
14 ### it under the terms of the GNU General Public License as published by
15 ### the Free Software Foundation; either version 2 of the License, or
16 ### (at your option) any later version.
18 ### Catacomb/Python is distributed in the hope that it will be useful,
19 ### but WITHOUT ANY WARRANTY; without even the implied warranty of
20 ### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 ### GNU General Public License for more details.
23 ### You should have received a copy of the GNU General Public License
24 ### along with Catacomb/Python; if not, write to the Free Software Foundation,
25 ### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
27 ###---------------------------------------------------------------------------
30 from __future__ import with_statement
32 from os import environ
33 from sys import argv, exit, stdin, stdout, stderr
34 from getopt import getopt, GetoptError
35 from fnmatch import fnmatch
39 from catacomb.pwsafe import *
41 ###--------------------------------------------------------------------------
45 prog = re.sub(r'^.*[/\\]', '', argv[0])
48 """Issue a warning message MSG."""
49 print >>stderr, '%s: %s' % (prog, msg)
52 """Report MSG as a fatal error, and exit."""
56 ###--------------------------------------------------------------------------
57 ### Subcommand implementations.
61 ## Default crypto-primitive selections.
62 cipher = 'blowfish-cbc'
68 opts, args = getopt(av, 'c:d:h:m:',
69 ['cipher=', 'database=', 'mac=', 'hash='])
74 if o in ('-c', '--cipher'): cipher = a
75 elif o in ('-m', '--mac'): mac = a
76 elif o in ('-h', '--hash'): hash = a
77 elif o in ('-d', '--database'): dbty = a
79 if len(args) > 2: return 1
80 if len(args) >= 1: tag = args[0]
83 ## Set up the database.
84 if mac is None: mac = hash + '-hmac'
85 try: dbcls = StorageBackend.byname(dbty)
86 except KeyError: die("Unknown database backend `%s'" % dbty)
87 PW.create(dbcls, file, tag,
88 C.gcciphers[cipher], C.gchashes[hash], C.gcmacs[mac])
91 if len(av) != 0: return 1
92 with PW(file, writep = True) as pw: pw.changepp()
95 if len(av) != 1: return 1
98 except KeyError, exc: die("Password `%s' not found" % exc.args[0])
101 if len(av) < 1 or len(av) > 2: return 1
103 with PW(file, writep = True) as pw:
105 pp = C.getpass("Enter passphrase `%s': " % tag)
106 vpp = C.getpass("Confirm passphrase `%s': " % tag)
107 if pp != vpp: die("passphrases don't match")
109 pp = stdin.readline().rstrip('\n')
115 if len(av) < 1 or len(av) > 2: return 1
116 with PW(file) as pw_in:
117 with PW(av[0], writep = True) as pw_out:
118 if len(av) >= 3: pat = av[1]
121 if pat is None or fnmatch(k, pat): pw_out[k] = pw_in[k]
124 if len(av) > 1: return 1
126 if len(av) >= 1: pat = av[0]
129 if pat is None or fnmatch(k, pat): print k
132 if len(av) > 2: return 1
136 for tag in pw: pix.set(tag, pw[tag])
139 if len(av) >= 2: pptag = av[1]
141 pix.set(pptag, pw[tag])
144 if len(av) != 1: return 1
145 with PW(file, writep = True) as pw:
148 except KeyError, exc: die("Password `%s' not found" % exc.args[0])
150 commands = { 'create': [cmd_create,
151 '[-c CIPHER] [-d DBTYPE] [-h HASH] [-m MAC] [PP-TAG]'],
152 'find' : [cmd_find, 'LABEL'],
153 'store' : [cmd_store, 'LABEL [VALUE]'],
154 'list' : [cmd_list, '[GLOB-PATTERN]'],
155 'changepp' : [cmd_changepp, ''],
156 'copy' : [cmd_copy, 'DEST-FILE [GLOB-PATTERN]'],
157 'to-pixie' : [cmd_topixie, '[TAG [PIXIE-TAG]]'],
158 'delete' : [cmd_del, 'TAG']}
160 ###--------------------------------------------------------------------------
161 ### Command-line handling and dispatch.
164 print '%s 1.0.0' % prog
165 print 'Backend types: %s' % \
166 ' '.join([c.NAME for c in StorageBackend.classes()])
169 print >>fp, 'Usage: %s COMMAND [ARGS...]' % prog
176 Maintains passwords or other short secrets securely.
180 -h, --help Show this help text.
181 -v, --version Show program version number.
182 -u, --usage Show short usage message.
184 -f, --file=FILE Where to find the password-safe file.
188 for c in sorted(commands):
189 print '%s %s' % (c, commands[c][1])
191 ## Choose a default database file.
192 if 'PWSAFE' in environ:
193 file = environ['PWSAFE']
195 file = '%s/.pwsafe' % environ['HOME']
197 ## Parse the command-line options.
199 opts, argv = getopt(argv[1:], 'hvuf:',
200 ['help', 'version', 'usage', 'file='])
205 if o in ('-h', '--help'):
208 elif o in ('-v', '--version'):
211 elif o in ('-u', '--usage'):
214 elif o in ('-f', '--file'):
222 ## Dispatch to a command handler.
223 if argv[0] in commands:
229 if commands[c][0](argv):
230 print >>stderr, 'Usage: %s %s %s' % (prog, c, commands[c][1])
233 die("decryption failure")
235 ###----- That's all, folks --------------------------------------------------