| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186 |
- # ============================================================================
- # This file is part of Pwman3.
- #
- # Pwman3 is free software; you can redistribute it and/or modify
- # it under the terms of the GNU General Public License, version 2
- # as published by the Free Software Foundation;
- #
- # Pwman3 is distributed in the hope that it will be useful,
- # but WITHOUT ANY WARRANTY; without even the implied warranty of
- # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- # GNU General Public License for more details.
- #
- # You should have received a copy of the GNU General Public License
- # along with Pwman3; if not, write to the Free Software
- # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
- # ============================================================================
- # Copyright (C) 2015 Oz Nahum <nahumoz@gmail.com>
- # ============================================================================
- # Copyright (C) 2006 Ivan Kelly <ivan@ivankelly.net>
- # ============================================================================
- """Postgresql Database implementation."""
- import psycopg2 as pg
- from pwman.data.database import Database, __DB_FORMAT__
- from pwman.util.crypto_engine import CryptoEngine
- class PostgresqlDatabase(Database):
- """
- Postgresql Database implementation
- This assumes that your database admin has created a pwman database
- for you and shared the user name and password with you.
- This driver send no clear text on wire. ONLY excrypted stuff is sent
- between the client and the server.
- Encryption and decryption are happening on your localhost, not on
- the Postgresql server.
- """
- @classmethod
- def check_db_version(cls, dburi):
- """
- Check the database version
- """
- con = pg.connect(dburi)
- cur = con.cursor()
- try:
- cur.execute("SELECT VERSION from DBVERSION")
- version = cur.fetchone()
- cur.close()
- con.close()
- return version[-1]
- except pg.ProgrammingError:
- con.rollback()
- return __DB_FORMAT__
- def __init__(self, pgsqluri, dbformat=__DB_FORMAT__):
- """
- Initialise PostgresqlDatabase instance.
- """
- self._pgsqluri = pgsqluri
- self.dbversion = dbformat
- self._sub = "%s"
- self._list_nodes_sql = "SELECT NODEID FROM LOOKUP WHERE TAGID = %s "
- self._add_node_sql = ('INSERT INTO NODE(USERNAME, PASSWORD, URL, '
- 'NOTES) VALUES(%s, %s, %s, %s) RETURNING ID')
- self._insert_tag_sql = "INSERT INTO TAG(DATA) VALUES(%s) RETURNING ID"
- self.ProgrammingError = pg.ProgrammingError
- self._data_wrapper = lambda x: pg.Binary(x)
- def _open(self):
- self._con = pg.connect(self._pgsqluri.geturl())
- self._cur = self._con.cursor()
- self._create_tables()
- def _get_tag(self, tagcipher):
- sql_search = "SELECT * FROM TAG"
- self._cur.execute(sql_search)
- ce = CryptoEngine.get()
- try:
- tag = ce.decrypt(tagcipher)
- encrypted = True
- except Exception:
- tag = tagcipher
- encrypted = False
- rv = self._cur.fetchall()
- for idx, cipher in rv:
- cipher = cipher.tobytes()
- if encrypted and tag == ce.decrypt(cipher):
- return idx
- elif tag == cipher:
- return idx
- def _create_tables(self):
- if self._check_tables():
- return
- try:
- self._cur.execute("CREATE TABLE NODE(ID SERIAL PRIMARY KEY, "
- "USERNAME BYTEA NOT NULL, "
- "PASSWORD BYTEA NOT NULL, "
- "URL BYTEA NOT NULL, "
- "NOTES BYTEA NOT NULL"
- ")")
- self._cur.execute("CREATE TABLE TAG"
- "(ID SERIAL PRIMARY KEY,"
- "DATA BYTEA NOT NULL)")
- self._cur.execute("CREATE TABLE LOOKUP ("
- "nodeid INTEGER NOT NULL REFERENCES NODE(ID),"
- "tagid INTEGER NOT NULL REFERENCES TAG(ID)"
- ")")
- self._cur.execute("CREATE TABLE CRYPTO "
- "(SEED BYTEA, DIGEST BYTEA)")
- self._cur.execute("CREATE TABLE DBVERSION("
- "VERSION TEXT NOT NULL)")
- self._cur.execute("INSERT INTO DBVERSION VALUES(%s)",
- (self.dbversion,))
- self._con.commit()
- except Exception: # pragma: no cover
- self._con.rollback()
- def savekey(self, key):
- salt, digest = key.split('$6$')
- try:
- salt, digest = salt.encode(), digest.encode()
- except AttributeError:
- pass
- sql = "INSERT INTO CRYPTO(SEED, DIGEST) VALUES({},{})".format(self._sub, # noqa
- self._sub) # noqa
- self._cur.execute("DELETE FROM CRYPTO")
- self._cur.execute(sql, list(map(self._data_wrapper, (salt, digest))))
- self._digest = digest
- self._salt = salt
- self._con.commit()
- def loadkey(self):
- """
- return _keycrypted
- """
- sql = "SELECT * FROM CRYPTO"
- try:
- self._cur.execute(sql)
- seed, digest = self._cur.fetchone()
- return seed.tobytes() + b'$6$' + digest.tobytes()
- except TypeError: # pragma: no cover
- return None
- def getnodes(self, ids):
- if ids:
- sql = ("SELECT * FROM NODE WHERE ID IN ({})"
- "".format(','.join(self._sub for i in ids)))
- else:
- sql = "SELECT * FROM NODE"
- self._cur.execute(sql, (ids))
- nodes = self._cur.fetchall()
- if not nodes:
- return []
- nodes_w_tags = []
- for node in nodes:
- tags = [t.tobytes() for t in self._get_node_tags(node)]
- nodes_w_tags.append([node[0]] + [item.tobytes() for item in node[1:]] + tags)
- return nodes_w_tags
- def listtags(self):
- self._clean_orphans()
- get_tags = "select DATA from TAG"
- self._cur.execute(get_tags)
- tags = self._cur.fetchall()
- if tags:
- return [t[0].tobytes() for t in tags]
- return [] # pragma: no cover
|
