Trezor users: I wrote a python script that allows a fully offline, trezor encrypted password solution, that can be integrated into any Password Manager


247 BTC

Bitcoin News Search

1 News - 247 News - 247 Bitcoin - 1 Search


I was searching for a way to have a hardware device for managing my passwords. Trezor has a password manager but its integrated into dropbox and i wanted a completely offline solution, and also i wanted to integrate the solution into other password managers.

I came up with a simple solution to encrypt/decrypt any password using trezor, to and from the clipboard.

This is the only password solution to my knowledge which doesnt allow malwares on your computer to fully dump your master password and your entire password database once they have access to your computer. The worst thing a malware can do is steal passwords when you actually use them.

Example on how to use: https://vid.me/xtqc (here i use a simple text file as a "password manager")

Code:

from trezorlib.client import TrezorClient, TrezorClientDebug, CallException import clipboard import sys import re import StringIO import binascii def get_usb_transport(**kwargs): from trezorlib.transport_hid import HidTransport return HidTransport(HidTransport.enumerate()[0],**kwargs) raise CallException(types.Failure_Other, "Device not found") def pkcs7_decode(text): k=16 nl = len(text) val = int(binascii.hexlify(text[-1]), 16) if val > k: raise ValueError('Input is not padded or padding is corrupt') l = nl - val return text[:l] def pkcs7_encode(text): k=16 l = len(text) output = StringIO.StringIO() val = k - (l % k) for _ in xrange(val): output.write('%02x' % val) return text + binascii.unhexlify(output.getvalue()) c = clipboard.paste().encode('ascii','ignore') if len(c)<3: print "clipboard must be more than 3 characters" sys.exit() if c.startswith("tz:"): print "Trezor password found, decrypting..." c_split = c.replace('\r', '').replace('\n', '').split(":") if len(c_split)>3: print "error with encrypted string" sys.exit() client = TrezorClient(get_usb_transport()) new_value = pkcs7_decode(client.decrypt_keyvalue(client.expand_path(None), c_split[1],c_split[2].decode("hex"))) clipboard.copy(new_value) else: print "Encrypting..." print "Please enter your id for this password (i.e myusername@gmail.com or facebook.com):" while True: nid = raw_input("Enter Id: ") if re.match("^[a-z A-Z0-9_.!@#-]*$", nid) is not None: if len(nid) == 0: sys.exit() break else: print "For id, Enter only letters, numbers, characters -_.!@#" client = TrezorClient(get_usb_transport()) new_value = "tz:" + nid + ":" + client.encrypt_keyvalue(client.expand_path(None), nid, pkcs7_encode(c)).encode("hex") clipboard.copy(new_value) 

submitted by /u/doge100
[link] [comments]


247 BTC

Bitcoin News Search

1 News - 247 News - 247 Bitcoin - 1 Search


Leave a Reply