2 bug fixes, new CLI option, more inline documentation

Author: 8go

README.md

@@ -1,4 +1,4 @@
-# ![Trezor icon](https://github.com/8go/TrezorSymmetricFileEncryption/blob/master/icons/TrezorSymmetricFileEncryption.png)
+# ![Trezor icon](icons/TrezorSymmetricFileEncryption.png)
 
 # Trezor Symmetric File Encryption
 
@@ -74,7 +74,7 @@ Run:
 Run-time command line options are
 
 ```
-TrezorSymmetricFileEncryption.py [-v] [-h] [-l <level>] [-t] [-2] [-s] [-w] [-o | -e | -d | -m | -n] [-p <passphrase>] <files>
+TrezorSymmetricFileEncryption.py [-v] [-h] [-l <level>] [-t] [-e | -o | -d | -m | -n] [-2] [-s] [-w] [-p <passphrase>] [-r] [-R] <files>
     -v, --verion
             print the version number
     -h, --help
@@ -84,6 +84,13 @@ TrezorSymmetricFileEncryption.py [-v] [-h] [-l <level>] [-t] [-2] [-s] [-w] [-o
     -t, --terminal
             run in the terminal, except for a possible PIN query
             and a Passphrase query this avoids the GUI
+    -e, --encrypt
+            encrypt file and keep output filename as plaintext
+            (appends .tsfe suffix to input file)
+    -o, --obfuscatedencrypt
+            encrypt file and obfuscate output file name
+    -d, --decrypt
+            decrypt file
     -m, --encnameonly
             just encrypt the plaintext filename, show what the obfuscated
             filename would be; does not encrypt the file itself;
@@ -92,13 +99,6 @@ TrezorSymmetricFileEncryption.py [-v] [-h] [-l <level>] [-t] [-2] [-s] [-w] [-o
             just decrypt the obfuscated filename;
             does not decrypt the file itself;
             incompaible with `-o`, `-e`, and `-m`
-    -d, --decrypt
-            decrypt file
-    -e, --encrypt
-            encrypt file and keep output filename as plaintext
-            (appends .tsfe suffix to input file)
-    -o, --obfuscatedencrypt
-            encrypt file and obfuscate output file name
     -2, --twice
             paranoid mode; encrypt file a second time on the Trezor chip itself;
             only relevant for `-e` and `-o`; ignored in all other cases.
@@ -107,6 +107,14 @@ TrezorSymmetricFileEncryption.py [-v] [-h] [-l <level>] [-t] [-2] [-s] [-w] [-o
             master passphrase used for Trezor.
             It is recommended that you do not use this command line option
             but rather give the passphrase through a small window interaction.
+    -r, --readpinfromstdin
+            read the PIN, if needed, from the standard input, i.e. terminal,
+            when in terminal mode `-t`. By default, even with `-t` set
+            it is read via a GUI window.
+    -R, --readpassphrasefromstdin
+            read the passphrase, when needed, from the standard input,
+            when in terminal mode `-t`. By default, even with `-t` set
+            it is read via a GUI window.
     -s, --safety
             doublechecks the encryption process by decrypting the just
             encrypted file immediately and comparing it to original file;

TrezorSymmetricFileEncryption.py

@@ -3,14 +3,16 @@
 '''
 Use TREZOR as a hardware device for symmetric file encryption
 
-Usage: python TrezorSymmetricFileEncryption.py [-v] [-h] [-o | -e | -d] <files>
+Usage: python TrezorSymmetricFileEncryption.py
+Usage: python TrezorSymmetricFileEncryption.py --help
 
 Source and readme is on www.github.com, search for TrezorSymmetricFileEncryption
 
 '''
 
 import sys
 import logging
+import getpass
 
 from PyQt4 import QtGui, QtCore
 from PyQt4.QtCore import QTimer
@@ -33,42 +35,90 @@
 
 class QtTrezorMixin(object):
 	"""
-	Mixin for input of passhprases.
+	Mixin for input of Trezor PIN and passhprases.
+	Works via both, terminal as well as PyQt GUI
 	"""
 
 	def __init__(self, *args, **kwargs):
 		super(QtTrezorMixin, self).__init__(*args, **kwargs)
 		self.passphrase = None
+		self.readpinfromstdin = None
+		self.readpassphrasefromstdin = None
 
 	def callback_ButtonRequest(self, msg):
 		return proto.ButtonAck()
 
 	def callback_PassphraseRequest(self, msg):
 		if self.passphrase is not None:
-			return proto.PassphraseAck(passphrase=self.passphrase)
+			return proto.PassphraseAck(passphrase=unicode(self.passphrase))
 
-		dialog = TrezorPassphraseDialog()
-		if not dialog.exec_():
-			sys.exit(3)
+		if self.readpassphrasefromstdin:
+			# read passphrase from stdin
+			try:
+				passphrase = getpass.getpass("Please enter passphrase: ")
+				passphrase = unicode(passphrase)
+			except KeyboardInterrupt:
+				sys.stderr.write("\nKeyboard interrupt: passphrase not read. Aborting.\n")
+				sys.exit(3)
+			except Exception, e:
+				sys.stderr.write("Critical error: Passphrase not read. Aborting. (%s)" % e)
+				sys.exit(3)
 		else:
-			passphrase = dialog.passphraseEdit.text()
-			passphrase = unicode(passphrase)
+			dialog = TrezorPassphraseDialog()
+			if not dialog.exec_():
+				sys.exit(3)
+			else:
+				passphrase = dialog.passphraseEdit.text()
+				passphrase = unicode(passphrase)
 
 		return proto.PassphraseAck(passphrase=passphrase)
 
 	def callback_PinMatrixRequest(self, msg):
-		dialog = EnterPinDialog()
-		if not dialog.exec_():
-			sys.exit(7)
+		if self.readpinfromstdin:
+			# read PIN from stdin
+			print "                  7  8  9"
+			print "                  4  5  6"
+			print "                  1  2  3"
+			try:
+				pin = getpass.getpass("Please enter PIN: ")
+			except KeyboardInterrupt:
+				sys.stderr.write("\nKeyboard interrupt: PIN not read. Aborting.\n")
+				sys.exit(7)
+			except Exception, e:
+				sys.stderr.write("Critical error: PIN not read. Aborting. (%s)" % e)
+				sys.exit(7)
+		else:
+			dialog = EnterPinDialog()
+			if not dialog.exec_():
+				sys.exit(7)
+			pin = q2s(dialog.pin())
 
-		pin = q2s(dialog.pin())
 		return proto.PinMatrixAck(pin=pin)
 
 	def prefillPassphrase(self, passphrase):
 		"""
 		Instead of asking for passphrase, use this one
 		"""
-		self.passphrase = passphrase.decode("utf-8")
+		if passphrase is not None:
+			self.passphrase = passphrase.decode("utf-8")
+		else:
+			self.passphrase = None
+
+	def prefillReadpinfromstdin(self, readpinfromstdin=False):
+		"""
+		Specify if PIN should be read from stdin instead of from GUI
+		@param readpinfromstdin: True to force it to read from stdin, False otherwise
+		@type readpinfromstdin: C{bool}
+		"""
+		self.readpinfromstdin = readpinfromstdin
+
+	def prefillReadpassphrasefromstdin(self, readpassphrasefromstdin=False):
+		"""
+		Specify if passphrase should be read from stdin instead of from GUI
+		@param readpassphrasefromstdin: True to force it to read from stdin, False otherwise
+		@type readpassphrasefromstdin: C{bool}
+		"""
+		self.readpassphrasefromstdin = readpassphrasefromstdin
 
 class QtTrezorClient(ProtocolMixin, QtTrezorMixin, BaseClient):
 	"""
@@ -196,6 +246,9 @@ def showGui(trezor, settings, fileMap, logger):
 	sys.exit(1)
 
 trezor.clear_session()
+trezor.prefillReadpinfromstdin(settings.RArg)
+trezor.prefillReadpassphrasefromstdin(settings.AArg)
+trezor.prefillPassphrase(settings.PArg)
 
 fileMap = file_map.FileMap(trezor,logger)
 
@@ -216,8 +269,6 @@ def showGui(trezor, settings, fileMap, logger):
 			"the encrypted files will be shredded after decryption. "
 			"Abort if you are uncertain or don't understand.", logging.WARNING,
 			"Dangerous arguments", settings, logger, None)
-	if settings.PArg is not None:
-		trezor.prefillPassphrase(settings.PArg)
 
 	processing.processAll(trezor, settings, fileMap, logger, dialog=None)
 	sys.exit(0)

basics.py

@@ -7,7 +7,7 @@
 TSFEFILEFORMATVERSION = 1
 
 # Name of software version, must be less than 16 long
-TSFEVERSION = "v0.4"
+TSFEVERSION = "v0.4.1"
 
 # Date of software version, only used in GUI
 TSFEVERSIONTEXT = "May 2017"

dialogs.py

@@ -13,7 +13,7 @@
 from ui_trezor_chooser_dialog import Ui_TrezorChooserDialog
 
 from encoding import q2s, s2q
-from processing import processAllFromApply, reportLogging
+from processing import processAll, reportLogging
 
 import basics
 
@@ -398,7 +398,7 @@ def validate(self):
 #	def handleButtonClick(self, button):
 #		sb = self.buttonBox.standardButton(button)
 #		if sb == QtGui.QDialogButtonBox.Apply:
-#			processAllFromApply(self, self.trezor, self.settings, self.fileMap, self.logger) #
+#			processAll(self.trezor, self.settings, self.fileMap, self.logger, self) #
 #		# elif sb == QtGui.QDialogButtonBox.Reset:
 #		#	reportLogging("Reset Clicked, quitting now...", logging.DEBUG,
 #		#		"UI", self.settings, self.logger, self)
@@ -410,12 +410,7 @@ def accept(self):
 		if self.validate():
 			reportLogging("Apply was called by user request. Start processing now.",
 				logging.DEBUG, "GUI IO", self.settings, self.logger, self)
-			processAllFromApply(self, self.trezor, self.settings, self.fileMap, self.logger) #
-			# move the cursor to the end of the text, scroll to the bottom
-			cursor = self.textBrowser.textCursor()
-			cursor.setPosition(len(self.textBrowser.toPlainText()))
-			self.textBrowser.ensureCursorVisible()
-			self.textBrowser.setTextCursor(cursor)
+			processAll(self.trezor, self.settings, self.fileMap, self.logger, self) #
 		else:
 			reportLogging("Apply was called by user request. Apply is denied. "
 				"User input is not valid for processing. Did you select a file?",

file_map.py

@@ -44,7 +44,7 @@ class FileMap(object):
 
 	def __init__(self, trezor, logger):
 		assert trezor is not None
-		self.blob = {}
+		self.blob = None
 		self.trezor = trezor
 		self.outerKey = None # outer AES-CBC key, 1st-level encryption
 		self.outerIv = None  # IV for data blob encrypted with outerKey
@@ -76,32 +76,36 @@ def createDecFile(self, fname):
 				#os.chmod(fname, stat.S_IRUSR | stat.S_IWUSR )
 				self.logger.error("File %s cannot be written. "
 					"No write permissions. Skipping it.", fname)
-				return
+				raise IOError("File IO error: File %s cannot be written. "
+					"No write permissions. Skipping it. "
+					"Change file permissions and try again." % (fname))
 
 		self.loadBlobFromEncFile(originalFilename)
 		with open(fname, 'w+b') as f:
 			s = len(self.blob)
 			f.write(self.blob)
 			if f.tell() != s:
-				raise IOError("File IO problem - not enough data written")
+				self.logger.error("File IO problem: not enough data written "
+					"(file=%s, target=%d, done=%d)" % (fname, s, f.tell()))
+				raise IOError("File IO problem - not enough data written "
+					"(file=%s, target=%d, done=%d)" % (fname, s, f.tell()))
 			self.logger.debug("Decryption wrote %d bytes to file %s.",s,fname)
-			f.flush()
-			f.close()
 		# overwrite with nonsense to shred memory
 		rng = Random.new()
 		self.outerKey = rng.read(KEYSIZE)
 		return fname # output file name
 
 	def loadBlobFromEncFile(self, fname):
 		"""
-		Load/read data from encrypted file, decrypt data amd store data in blob
+		Load/read data from encrypted file,
+		decrypt data amd store data in blob
 		Requires Trezor connected.
 
 		@param fname: name of the encrypted file to decrypt
 
 		@throws IOError: if reading file failed
 		"""
-		with file(fname) as f:
+		with open(fname, 'rb') as f:
 			header = f.read(len(Magic.headerStr))
 			if header != Magic.headerStr:
 				raise IOError("Bad header in storage file")
@@ -161,7 +165,8 @@ def loadBlobFromEncFile(self, fname):
 			for (ch1, ch2) in zip(hmacDigest, newHmacDigest):
 				hmacCompare |= int(ch1 != ch2)
 			if hmacCompare != 0:
-				raise IOError("Corrupted disk format - HMAC does not match or bad passphrase")
+				raise IOError("Corrupted disk format - HMAC does not match "
+					"or bad passphrase. Try again with the correct passphrase.")
 
 			if self.noOfEncryptions == 2:
 				encrypted = self.decryptOnTrezorDevice(encrypted, Magic.levelTwoKey)
@@ -177,11 +182,12 @@ def createEncFile(self, fname, obfuscate, twice):
 
 		with open(fname, 'rb') as f:
 			# Size 0 will read the ENTIRE file into memory!
-			m = mmap.mmap(f.fileno(), 0, prot=mmap.PROT_READ) #File is open read-only
+			# File is open read-only
+			# mmap does not implement __exit__ so we cannot use "with mmap... as m:"
+			m = mmap.mmap(f.fileno(), 0, prot=mmap.PROT_READ)
 			s = m.size()
 			self.blob = m.read(s)
-			m.close()
-			f.close()
+			del m
 		if len(self.blob) != s:
 			raise IOError("File IO problem - not enough data read")
 		self.logger.debug("Read %d bytes from file %s.",s,fname)
@@ -228,7 +234,7 @@ def saveBlobToEncFile(self, fname, obfuscate, twice):
 				#raise IOError("File " + fname + " cannot be written. "
 				#	"No write permissions. Skipping it.")
 
-		with file(fname, "wb") as f:
+		with open(fname, "wb") as f:
 			version = basics.TSFEFILEFORMATVERSION
 			futureUse = ""
 			f.write(Magic.headerStr)
@@ -256,8 +262,6 @@ def saveBlobToEncFile(self, fname, obfuscate, twice):
 			f.write(encrypted)
 			f.write(hmacDigest)
 			ww = f.tell()
-			f.flush()
-			f.close()
 			self.logger.debug("Wrote %d bytes to file %s.", ww, fname)
 			return fname
 
@@ -267,8 +271,8 @@ def obfuscateFilename(self, plaintextFileName):
 			--> homegrown padding == obfuscated filename
 		"""
 		pad16 = Padding(BLOCKSIZE).pad(plaintextFileName)
-		self.logger.debug("Press confirm on Trezor device to encrypt file "
-			"name %s (if necessary).", plaintextFileName)
+		# self.logger.debug("Press confirm on Trezor device to encrypt file "
+		#	"name %s (if necessary).", plaintextFileName)
 		# we do not use an IV here so that we can quickly deobfuscate
 		# filenames without having to read the file
 		encFn = self.trezor.encrypt_keyvalue(Magic.fileNameNode,
@@ -321,6 +325,7 @@ def encrypt(self, plaintext, iv, key):
 		"""
 		Pad plaintext with PKCS#5 and encrypt it.
 		"""
+		self.logger.debug("AES CBC encryption with key of size %d bits." % (len(key)*8))
 		cipher = AES.new(key, AES.MODE_CBC, iv)
 		padded = Padding(BLOCKSIZE).pad(plaintext)
 		return cipher.encrypt(padded)
@@ -335,6 +340,7 @@ def decrypt(self, ciphertext, iv, key):
 		"""
 		Decrypt ciphertext, unpad it and return
 		"""
+		self.logger.debug("AES CBC decryption with key of size %d bits." % (len(key)*8))
 		cipher = AES.new(key, AES.MODE_CBC, iv)
 		plaintext = cipher.decrypt(ciphertext)
 		unpadded = Padding(BLOCKSIZE).unpad(plaintext)