1pass.lua
author Ryan C. Gordon <icculus@icculus.org>
Thu, 19 Dec 2013 09:28:12 -0500
changeset 9 98c872cc0560
parent 8 eada72719d17
child 11 b52e0f1798b8
permissions -rw-r--r--
Removed dumptable.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
0
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
     1
JSON = (loadfile "JSON.lua")()
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
     2
6
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
     3
local function load_json_str(str, desc)
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
     4
    local retval = JSON:decode(str)
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
     5
    return retval
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
     6
end
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
     7
0
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
     8
local function load_json(fname)
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
     9
    local f = io.open(fname, "rb")
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    10
    if (f == nil) then
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    11
        return nil
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    12
    end
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    13
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    14
    local str = f:read("*all")
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    15
    f:close()
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    16
6
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
    17
    return load_json_str(str, fname)
0
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    18
end
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    19
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    20
5
6f80cd157c13 Cache loaded encryption keys.
Ryan C. Gordon <icculus@icculus.org>
parents: 1
diff changeset
    21
local keys = {}
0
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    22
function loadKey(basedir, level, password)
5
6f80cd157c13 Cache loaded encryption keys.
Ryan C. Gordon <icculus@icculus.org>
parents: 1
diff changeset
    23
    if keys[level] ~= nil then
6f80cd157c13 Cache loaded encryption keys.
Ryan C. Gordon <icculus@icculus.org>
parents: 1
diff changeset
    24
        return keys[level]
6f80cd157c13 Cache loaded encryption keys.
Ryan C. Gordon <icculus@icculus.org>
parents: 1
diff changeset
    25
    end
6f80cd157c13 Cache loaded encryption keys.
Ryan C. Gordon <icculus@icculus.org>
parents: 1
diff changeset
    26
0
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    27
    local keysjson = load_json(basedir .. "/encryptionKeys.js");
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    28
    if (keysjson == nil) or (keysjson[level] == nil) then
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    29
        return nil
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    30
    end
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    31
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    32
    local identifier = keysjson[level]
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    33
    for i,v in ipairs(keysjson.list) do
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    34
        if v.identifier == identifier then
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    35
			local iterations = v.iterations
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    36
            if (iterations == nil) or (iterations < 1000) then
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    37
			    iterations = 1000
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    38
            end
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    39
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    40
			local decrypted = decryptUsingPBKDF2(v.data, password, iterations)
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    41
			if decrypted == nil then
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    42
                return nil
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    43
            end
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    44
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    45
			local validate = decryptBase64UsingKey(v.validation, decrypted)
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    46
			if validate ~= decrypted then
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    47
                return nil
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    48
            end
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    49
5
6f80cd157c13 Cache loaded encryption keys.
Ryan C. Gordon <icculus@icculus.org>
parents: 1
diff changeset
    50
            keys[level] = decrypted
0
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    51
            return decrypted
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    52
        end
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    53
    end
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    54
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    55
    return nil
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    56
end
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    57
1
0919d17b13f9 Move the mainline into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 0
diff changeset
    58
local function showHint(basedir)
0
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    59
    local f = io.open(basedir .. "/.password.hint", "r")
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    60
    if (f == nil) then
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    61
        return
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    62
    end
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    63
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    64
    local str = f:read("*all")
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    65
    f:close()
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    66
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    67
    print("(hint is '" .. str .. "').")
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    68
end
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
    69
1
0919d17b13f9 Move the mainline into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 0
diff changeset
    70
6
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
    71
function loadContents(basedir)
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
    72
    return load_json(basedir .. "/contents.js");
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
    73
end
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
    74
8
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
    75
local function shouldFilterOut(filter, type, name, url)
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
    76
    if filter == nil then
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
    77
        return false   -- no filter? Don't filter.
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
    78
    elseif type == "system.Tombstone" then
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
    79
        return true    -- I guess those are dead items?
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
    80
    elseif string.find(string.lower(name), filter) ~= nil then
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
    81
        return false   -- matched keep-filter on name
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
    82
    elseif string.find(string.lower(url), filter) ~= nil then
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
    83
        return false   -- matched keep-filter on URL
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
    84
    end
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
    85
    return true  -- didn't match our keep-filter. Chuck it.
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
    86
end
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
    87
6
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
    88
1
0919d17b13f9 Move the mainline into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 0
diff changeset
    89
-- Mainline!
0919d17b13f9 Move the mainline into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 0
diff changeset
    90
7
682d7ea1e7f3 Moved command lines into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 6
diff changeset
    91
--for i,v in ipairs(argv) do
682d7ea1e7f3 Moved command lines into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 6
diff changeset
    92
--    print("argv[" .. i .. "] = " .. v)
682d7ea1e7f3 Moved command lines into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 6
diff changeset
    93
--end
682d7ea1e7f3 Moved command lines into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 6
diff changeset
    94
1
0919d17b13f9 Move the mainline into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 0
diff changeset
    95
local basedir = "1Password/1Password.agilekeychain/data/default"  -- !!! FIXME
0919d17b13f9 Move the mainline into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 0
diff changeset
    96
7
682d7ea1e7f3 Moved command lines into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 6
diff changeset
    97
local password = argv[3]
682d7ea1e7f3 Moved command lines into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 6
diff changeset
    98
if password == nil then
682d7ea1e7f3 Moved command lines into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 6
diff changeset
    99
    showHint(basedir)
682d7ea1e7f3 Moved command lines into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 6
diff changeset
   100
    io.write("password: ")
682d7ea1e7f3 Moved command lines into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 6
diff changeset
   101
    password = io.read("*l")
682d7ea1e7f3 Moved command lines into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 6
diff changeset
   102
end
1
0919d17b13f9 Move the mainline into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 0
diff changeset
   103
5
6f80cd157c13 Cache loaded encryption keys.
Ryan C. Gordon <icculus@icculus.org>
parents: 1
diff changeset
   104
if loadKey(basedir, "SL5", password) == nil then
1
0919d17b13f9 Move the mainline into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 0
diff changeset
   105
    print("wrong password?\n")
0919d17b13f9 Move the mainline into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 0
diff changeset
   106
    os.exit(1)
0919d17b13f9 Move the mainline into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 0
diff changeset
   107
end
0919d17b13f9 Move the mainline into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 0
diff changeset
   108
8
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   109
local filter = argv[2]
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   110
if filter ~= nil then
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   111
    filter = string.lower(filter)
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   112
end
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   113
6
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
   114
items = loadContents(basedir)
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
   115
for i,v in ipairs(items) do
8
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   116
    local type = v[2]
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   117
    local name = v[3]
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   118
    local url = v[4]
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   119
    if not shouldFilterOut(filter, type, name, url) then
6
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
   120
        local metadata = load_json(basedir .. "/" .. v[1] .. ".1password")
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
   121
        if metadata ~= nil then
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
   122
            local plaintext = decryptBase64UsingKey(metadata.encrypted, loadKey(basedir, metadata.securityLevel, password))
8
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   123
            local username = nil
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   124
            local password = nil
6
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
   125
            if plaintext ~= nil then
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
   126
                local secure = load_json_str(plaintext, v[1])
8
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   127
                if type == "webforms.WebForm" then
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   128
                    for ii,vv in ipairs(secure.fields) do
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   129
                        if vv.type == "P" then
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   130
                            password = vv.value
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   131
                        elseif vv.type == "E" then
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   132
                            username = vv.value
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   133
                        end
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   134
                    end
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   135
                elseif type == "passwords.Password" then
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   136
                    password = secure.password
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   137
                end
6
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
   138
            end
8
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   139
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   140
            print("item: " .. metadata.title)
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   141
            if username ~= nil then print("username: " .. username) end
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   142
            if password ~= nil then print("password: " .. password) end
eada72719d17 Make the app basically useful.
Ryan C. Gordon <icculus@icculus.org>
parents: 7
diff changeset
   143
6
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
   144
        end
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
   145
    end
b7f19e0599db Dump out all the encrypted data.
Ryan C. Gordon <icculus@icculus.org>
parents: 5
diff changeset
   146
end
1
0919d17b13f9 Move the mainline into Lua.
Ryan C. Gordon <icculus@icculus.org>
parents: 0
diff changeset
   147
0
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
   148
-- end of 1pass.lua ...
d7ee4e2ed49d Initial work.
Ryan C. Gordon <icculus@icculus.org>
parents:
diff changeset
   149