4 ### Tool for maintaining a secure-ish password database
6 ### (c) 2005 Straylight/Edgeware
9 ###----- Licensing notice ---------------------------------------------------
11 ### This file is part of the Python interface to Catacomb.
13 ### Catacomb/Python is free software; you can redistribute it and/or modify
14 ### it under the terms of the GNU General Public License as published by
15 ### the Free Software Foundation; either version 2 of the License, or
16 ### (at your option) any later version.
18 ### Catacomb/Python is distributed in the hope that it will be useful,
19 ### but WITHOUT ANY WARRANTY; without even the implied warranty of
20 ### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 ### GNU General Public License for more details.
23 ### You should have received a copy of the GNU General Public License
24 ### along with Catacomb/Python; if not, write to the Free Software Foundation,
25 ### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
27 ###---------------------------------------------------------------------------
31 from os
import environ
32 from sys
import argv
, exit
, stdin
, stdout
, stderr
33 from getopt
import getopt
, GetoptError
34 from fnmatch
import fnmatch
38 from catacomb
.pwsafe
import *
40 ###--------------------------------------------------------------------------
44 prog
= re
.sub(r
'^.*[/\\]', '', argv
[0])
47 """Issue a warning message MSG."""
48 print >>stderr
, '%s: %s' %
(prog
, msg
)
51 """Report MSG as a fatal error, and exit."""
56 """Return the string PP, without its trailing newline if it has one."""
57 if len(pp
) > 0 and pp
[-1] == '\n':
62 """Answer whether all of the characters of S are plain ASCII."""
64 if ch
< ' ' or ch
> '~': return False
69 Return a presentation form of the string S.
71 If S is plain ASCII, then return S unchanged; otherwise return it as one of
72 Catacomb's ByteString objects.
74 if asciip(s
): return s
75 return C
.ByteString(s
)
77 ###--------------------------------------------------------------------------
78 ### Subcommand implementations.
82 ## Default crypto-primitive selections.
83 cipher
= 'blowfish-cbc'
89 opts
, args
= getopt(av
, 'c:h:m:', ['cipher=', 'mac=', 'hash='])
93 if o
in ('-c', '--cipher'):
95 elif o
in ('-m', '--mac'):
97 elif o
in ('-h', '--hash'):
108 ## Set up the database.
109 if mac
is None: mac
= hash + '-hmac'
110 PW
.create(file, C
.gcciphers
[cipher
], C
.gchashes
[hash], C
.gcmacs
[mac
], tag
)
112 def cmd_changepp(av
):
124 except KeyError, exc
:
125 die('Password `%s\' not found.' % exc
.args
[0])
128 if len(av
) < 1 or len(av
) > 2:
132 pp
= C
.getpass("Enter passphrase `%s': " % tag
)
133 vpp
= C
.getpass("Confirm passphrase `%s': " % tag
)
135 raise ValueError, "passphrases don't match"
137 pp
= stdin
.readline()
141 pw
[av
[0]] = chomp(pp
)
144 if len(av
) < 1 or len(av
) > 2:
147 pw_out
= PW(av
[0], 'w')
153 if pat
is None or fnmatch(k
, pat
):
165 if pat
is None or fnmatch(k
, pat
):
175 pix
.set(tag
, pw
[tag
])
182 pix
.set(pptag
, pw
[tag
])
191 except KeyError, exc
:
192 die('Password `%s\' not found.' % exc
.args
[0])
195 db
= gdbm
.open(file, 'r')
199 print '%r: %r' %
(present(k
), present(db
[k
]))
202 commands
= { 'create': [cmd_create
,
203 '[-c CIPHER] [-h HASH] [-m MAC] [PP-TAG]'],
204 'find' : [cmd_find
, 'LABEL'],
205 'store' : [cmd_store
, 'LABEL [VALUE]'],
206 'list' : [cmd_list
, '[GLOB-PATTERN]'],
207 'changepp' : [cmd_changepp
, ''],
208 'copy' : [cmd_copy
, 'DEST-FILE [GLOB-PATTERN]'],
209 'to-pixie' : [cmd_topixie
, '[TAG [PIXIE-TAG]]'],
210 'delete' : [cmd_del
, 'TAG'],
211 'dump' : [cmd_dump
, '']}
213 ###--------------------------------------------------------------------------
214 ### Command-line handling and dispatch.
217 print '%s 1.0.0' % prog
220 print >>fp
, 'Usage: %s COMMAND [ARGS...]' % prog
227 Maintains passwords or other short secrets securely.
231 -h, --help Show this help text.
232 -v, --version Show program version number.
233 -u, --usage Show short usage message.
235 -f, --file=FILE Where to find the password-safe file.
239 for c
in sorted(commands
):
240 print '%s %s' %
(c
, commands
[c
][1])
242 ## Choose a default database file.
243 if 'PWSAFE' in environ
:
244 file = environ
['PWSAFE']
246 file = '%s/.pwsafe' % environ
['HOME']
248 ## Parse the command-line options.
250 opts
, argv
= getopt(argv
[1:], 'hvuf:',
251 ['help', 'version', 'usage', 'file='])
256 if o
in ('-h', '--help'):
259 elif o
in ('-v', '--version'):
262 elif o
in ('-u', '--usage'):
265 elif o
in ('-f', '--file'):
273 ## Dispatch to a command handler.
274 if argv
[0] in commands
:
280 if commands
[c
][0](argv
):
281 print >>stderr
, 'Usage: %s %s %s' %
(prog
, c
, commands
[c
][1])
284 die("decryption failure")
286 ###----- That's all, folks --------------------------------------------------