Dockery/Trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-10-31 10:26:08 +01:00
Code Issues Packages Projects Releases Activity

change password modularized

Browse Source
This commit is contained in:
azivner
2017-09-12 22:09:09 -04:00
parent 8bc1bdd5f7
commit b0957a0c8f
2 changed files with 69 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
change-password.py
View File

@@ -1,69 +1,27 @@
#!/usr/bin/python #!/usr/bin/python
import src.config_provider
import src.sql
import base64
import getpass import getpass
from Crypto.Cipher import AES
from Crypto.Util import Counter
import binascii
import src.my_scrypt import src.my_scrypt
import src.sql
import src.change_password
config = src.config_provider.getConfig() config = src.config_provider.getConfig()
src.sql.connect(config['Document']['documentPath']) src.sql.connect(config['Document']['documentPath'])
currentPassword = getpass.getpass(prompt="Enter current password: ") current_password = getpass.getpass(prompt="Enter current password: ")
currentPasswordHash = binascii.hexlify(src.my_scrypt.getVerificationHash(currentPassword)) new_password1 = getpass.getpass(prompt="Enter new password: ")
new_password2 = getpass.getpass(prompt="Repeat the same password: ")
if currentPasswordHash != src.sql.getOption('password'): if new_password1 != new_password2:
print("Given password doesn't match hash")
exit(-1)
currentPasswordEncryptionKey = src.my_scrypt.getEncryptionHash(currentPassword)
newPassword1 = getpass.getpass(prompt="Enter new password: ")
newPassword2 = getpass.getpass(prompt="Repeat the same password: ")
if newPassword1 != newPassword2:
print('Entered passwords are not identical!') print('Entered passwords are not identical!')
exit(-1) exit(-1)
newPasswordVerificationKey = binascii.hexlify(src.my_scrypt.getVerificationHash(newPassword1)) ret = src.change_password.change_password(current_password, new_password1)
newPasswordEncryptionKey = src.my_scrypt.getEncryptionHash(newPassword1)
encryptedNotes = src.sql.getResults("select note_id, note_title, note_text from notes where encryption = 1") if (ret['success']):
print("Changes committed. All encrypted notes were re-encrypted successfully with new password key.")
def decrypt(encryptedBase64): print("You can now start application and login with new password.")
encryptedBytes = base64.b64decode(encryptedBase64) else:
print(ret['message'])
aes = getAes(currentPasswordEncryptionKey)
return aes.decrypt(encryptedBytes)
def encrypt(plainText):
aes = getAes(newPasswordEncryptionKey)
encryptedBytes = aes.encrypt(plainText)
return base64.b64encode(encryptedBytes)
def getAes(key):
return AES.new(key, AES.MODE_CTR, counter=Counter.new(128, initial_value=5))
for note in encryptedNotes:
decryptedTitle = decrypt(note['note_title'])
decryptedText = decrypt(note['note_text'])
reEncryptedTitle = encrypt(decryptedTitle)
reEncryptedText = encrypt(decryptedText)
src.sql.execute("update notes set note_title = ?, note_text = ? where note_id = ?",
[reEncryptedTitle, reEncryptedText, note['note_id']])
print("Note " + note['note_id'] + " re-encrypted with new password")
src.sql.setOption('password', newPasswordVerificationKey)
src.sql.commit()
print("Changes committed. All encrypted notes were re-encrypted successfully with new password key.")
print("You can now start application and login with new password.")

57
src/change_password.py Normal file
View File

@@ -0,0 +1,57 @@
import src.config_provider
import src.sql
import base64
from Crypto.Cipher import AES
from Crypto.Util import Counter
import binascii
import src.my_scrypt
def change_password(current_password, new_password):
current_password_hash = binascii.hexlify(src.my_scrypt.getVerificationHash(current_password))
if current_password_hash != src.sql.getOption('password'):
return {
'success': False,
'message': "Given current password doesn't match hash"
}
current_password_encryption_key = src.my_scrypt.getEncryptionHash(current_password)
new_password_verification_key = binascii.hexlify(src.my_scrypt.getVerificationHash(new_password))
new_password_encryption_key = src.my_scrypt.getEncryptionHash(new_password)
encrypted_notes = src.sql.getResults("select note_id, note_title, note_text from notes where encryption = 1")
def decrypt(encrypted_base64):
encrypted_bytes = base64.b64decode(encrypted_base64)
aes = get_aes(current_password_encryption_key)
return aes.decrypt(encrypted_bytes)
def encrypt(plain_text):
aes = get_aes(new_password_encryption_key)
encryptedBytes = aes.encrypt(plain_text)
return base64.b64encode(encryptedBytes)
def get_aes(key):
return AES.new(key, AES.MODE_CTR, counter=Counter.new(128, initial_value=5))
for note in encrypted_notes:
decrypted_title = decrypt(note['note_title'])
decrypted_text = decrypt(note['note_text'])
re_encrypted_title = encrypt(decrypted_title)
re_encrypted_text = encrypt(decrypted_text)
src.sql.execute("update notes set note_title = ?, note_text = ? where note_id = ?",
[re_encrypted_title, re_encrypted_text, note['note_id']])
src.sql.setOption('password', new_password_verification_key)
src.sql.commit()
return {
'success': True
}