Skip to content

Instantly share code, notes, and snippets.

@gawel
Created May 9, 2015
Embed
What would you like to do?
# -*- coding: utf-8 -*-
from chut import gpg
from chut import * # noqa
from getpass import getpass
from hashlib import sha1
import pexpect
def get_password():
pw = getpass('Password: ')
digest = sha1(pw).digest()
for i in range(8):
digest += sha1(digest).digest()
pw = [c for c in digest + sha1(digest).digest() if 35 < ord(c) < 126]
pw = ''.join(pw)[:40]
return pw
def gpg_decode(filename):
if test.f(filename):
child = pexpect.spawn('gpg --quiet --batch -d %s' % path(filename))
data = ''
while True:
try:
data += child.read_nonblocking(size=1, timeout=1)
except pexpect.EOF:
return data
except pexpect.TIMEOUT:
if sh.pgrep('-u gawel -x pinentry-curses'):
sh.killall('-9 pinentry-curses') > 1
sh['notify-send']('gpg "agent expired"', shell=True)()
sys.exit(1)
return ''
@console_script
def sec(args):
"""
Usage: %prog (sh|ls|lock)
%prog (cat|ed) <file>
%prog clip [<file>]
%prog pw <name>
%prog
"""
env.lc_all = 'C'
env.display = ':0'
#sh.pkill('-9 xclip') > 0
for e in cat(path('~/.gnupg/gpg-agent-info-boiboite')):
if '=' not in e:
continue
k, v = e.strip().split('=', 1)
env[k] = v
if not args['pw'] and (args['sh'] or not sh['ssh-add']('-l')):
if sh.pgrep('-u gawel -x pinentry-curses'):
sh.killall('-9 pinentry-curses') > 1
pw = get_password()
child = pexpect.spawn('ssh-add')
if child.expect('Enter passphrase for .*: ', timeout=3) == 0:
child.sendline(pw)
if child.expect(pexpect.EOF, timeout=3) == 0:
sh['ssh-add']('-l') > 1
sh.echo(pw) | sh.xclip('-d :0 -selection c', stderr=1) > 1
gpg(path('--batch --quiet -d', path('~/.gnupg/data/pw.gpg')),
stderr=0) > 0
rm('-f', path('~/.gnupg/data/pw')) > 1
sh.echo('') | sh.xclip('-d :0 -selection c', stderr=1) > 1
elif args['lock']:
for name in ('ssh-agent', 'gpg-agent'):
if sh.pgrep('-u gawel -x', name):
sh.pkill('-HUP', name) > 1
elif args['clip']:
name = args['<file>']
if not name:
pw = get_password()
sh.echo(pw) | sh.xclip('-d :0 -selection c', stderr=1) > 1
else:
filename = args['<file>']
if not test.f(filename):
filename = path('~/.gnupg/data/%s.gpg' % filename)
data = gpg_decode(filename).strip()
if not data:
return 1
sh.echo(data) | sh.xclip('-d :0 -selection c', stderr=1) > 1
elif args['pw']:
for line in gpg_decode(path('~/.gnupg/data/pw.gpg')).split('\n'):
if not line.strip():
continue
name, pw = line.split(' ')
if name == args['<name>']:
print(pw)
return 0
return 1
elif args['ls']:
for filename in sorted(ls(path('~/.gnupg/data'))):
print(path.basename(filename)[:-4])
elif args['cat']:
filename = args['<file>']
if not test.f(filename):
filename = path('~/.gnupg/data/%s.gpg' % filename)
data = gpg_decode(filename)
print(data.rstrip())
elif args['ed']:
filename = args['<file>']
if filename.endswith('.gpg'):
data = gpg_decode(filename)
filename = filename[:-4]
stdin(data) > filename
sh[env.visual or env.editor](filename) > 1
uid = 'Gael Pasgrimaud <gael@gawel.org>'
gpg('--yes -r', repr(uid), '-e', filename, shell=True) > 1
rm('-f', filename)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment