Managing settings¶
Settings are stored as PasswordSetting
objects.
Sets of password settings for a domain.
-
class
password_setting.
PasswordSetting
(domain)[source]¶ This saves one set of settings for a certain domain. Use a PasswordSettingsManager to save the settings to a file.
-
calculate_template
()[source]¶ Calculates a new template based on the character set configuration and the length.
-
get_c_date
()[source]¶ Returns the creation date as a datetime object.
Returns: the creation date Return type: datetime
-
get_character_set
()[source]¶ Returns the character set as a string.
Returns: character set Return type: str
-
get_complexity
()[source]¶ Returns the complexity as a digit from 0 to 6. If the character selection does not match a complexity group -1 is returned.
Returns: a digit from 0 to 6 or -1 Return type: int
-
get_creation_date
()[source]¶ Returns the creation date as string.
Returns: the creation date Return type: str
-
static
get_default_character_set
()[source]¶ Returns the default character set. This is completely independent of the character set stored at instances of this class.
Returns: the default character set Return type: str
-
static
get_digits_character_set
()[source]¶ Returns the default digits characters.
Returns: string with digits characters Return type: str
-
get_domain
()[source]¶ Returns the domain name or another string used in the domain field.
Returns: the domain Return type: str
-
get_extra_character_set
()[source]¶ Returns the set of special characters.
Returns: set of special characters Return type: str
-
get_full_template
()[source]¶ Constructs a template string with digit and semicolon.
Returns: template string Return type: str
-
get_iterations
()[source]¶ Returns the iteration count which is to be used.
Returns: iteration count Return type: int
-
get_legacy_password
()[source]¶ Returns the legacy password if set or an empty string otherwise.
Returns: the legacy password Return type: str
-
static
get_lower_character_set
()[source]¶ Returns the default lower case characters.
Returns: string with lower case characters Return type: str
-
get_m_date
()[source]¶ Returns the modification date as a datetime object.
Returns: the modification date Return type: datetime
-
get_modification_date
()[source]¶ Returns the modification date as string.
Returns: the modification date Return type: str
-
get_template
()[source]¶ Returns the template without digit and semicolon.
Returns: template Return type: str
-
static
get_upper_character_set
()[source]¶ Returns the default upper case characters.
Returns: string with upper case characters Return type: str
-
get_username
()[source]¶ Returns the username or an empty string if there was no username.
Returns: the username Return type: str
-
has_legacy_password
()[source]¶ Returns True if the legacy password is set.
Returns: Return type: bool
-
is_synced
()[source]¶ Query if the synced flag is set. The flag switches to false if settings are changed.
Returns: is synced? Return type: bool
-
load_from_dict
(loaded_setting)[source]¶ Loads the setting from a dictionary.
Parameters: loaded_setting (dict) –
-
set_complexity
(complexity)[source]¶ Sets the complexity by activating the appropriate character groups.
Parameters: complexity (int) – 0, 1, 2, 3, 4, 5 or 6
-
set_creation_date
(creation_date)[source]¶ Sets the creation date passed as string.
Parameters: creation_date (str) –
-
set_custom_character_set
(character_set)[source]¶ Sets the character set to the given string. Use this method to save reordered default sets.
Parameters: character_set (str) – character set
-
set_extra_character_set
(extra_set)[source]¶ Sets the set of special characters. This function does not check if these characters are in the whole character set.
Parameters: extra_set (str) – string of special characters
-
set_full_template
(full_template)[source]¶ Sets a template from a complete template string with digit and semicolon. This also preferences the template so other settings might get ignored.
Parameters: full_template (str) – complete template string
-
set_legacy_password
(legacy_password)[source]¶ Set a legacy password.
Parameters: legacy_password (str) – a legacy password
-
set_modification_date
(modification_date=None)[source]¶ Sets the modification date passed as string.
Parameters: modification_date (str) –
-
set_salt
(salt)[source]¶ You should normally pass bytes as a salt. For convenience this method also accepts strings which get UTF-8 encoded and stored in binary format. If in doubt pass bytes.
Parameters: salt (bytes or str) –
-
set_synced
(is_synced=True)[source]¶ Sets the synced state. Call this after syncing.
Parameters: is_synced (bool) –
-
set_use
(use, character_set)[source]¶ Generic method to add or remove characters from the character set.
Parameters: - use (bool) – should the characters be used?
- character_set (str) – character set which should be inserted or removed
-
set_use_digits
(use_digits)[source]¶ If set to True the digits are moved to the default position and brought into the default order. Missing digits are inserted. If set to False all digits are removed from the character set.
Parameters: use_digits (bool) –
-
set_use_extra
(use_extra)[source]¶ If set to True the default special characters are moved to the default position and brought into the default order. Missing special characters from the default set are inserted. If set to False all special characters from the default set are removed from the character set.
Parameters: use_extra (bool) –
-
set_use_letters
(use_letters)[source]¶ If set to True the letters are moved to the default position and brought into the default order. Missing letters are inserted. If set to False all default letters are removed from the character set.
Parameters: use_letters (bool) –
-
set_use_lower_case
(use_lower_case)[source]¶ If set to True the lower case letters are moved to the default position and brought into the default order. Missing lower case letters are inserted. If set to False all lower case letters are removed from the character set.
Parameters: use_lower_case (bool) –
-
set_use_upper_case
(use_upper_case)[source]¶ If set to True the upper case letters are moved to the default position and brought into the default order. Missing upper case letters from the default set of upper case letters are inserted. If set to False all default upper case letters are removed from the character set.
Parameters: use_upper_case (bool) –
-
to_dict
()[source]¶ Returns a dictionary with settings to be saved.
Returns: a dictionary with settings to be saved Return type: dict
-
use_custom_character_set
()[source]¶ Returns false if the character set is set to the default character set.
Returns: are we using a custom character set? Return type: bool
-
use_digits
()[source]¶ Returns true if the character set contains digits at the default position and with the default order.
Returns: use digits? Return type: bool
-
use_extra
()[source]¶ Returns true if the character set contains the special characters from the default set at the default position and with the default order.
Returns: use special characters? Return type: bool
-
use_letters
()[source]¶ Returns true if the character set contains the default set of letters at the default position and with the default order.
Returns: does it use letters? Return type: bool
-
The PasswordSettingsManager
saves and manages the PasswordSetting
objects.
The PasswordSettingsManager handles the settings and manages storage and synchronization.
-
class
password_settings_manager.
PasswordSettingsManager
(preference_manager)[source]¶ Use this class to manage password settings. It can save the settings locally to the settings file and it can export them to be sent to a sync server.
Parameters: preference_manager (PreferenceManager) – a PreferenceManager object -
delete_setting
(setting)[source]¶ This removes the setting from the internal list. Call save_settings_to_file if you want to have the change saved to disk.
Parameters: setting (PasswordSetting) – PasswordSetting object
-
get_domain_list
()[source]¶ This gives you a list of saved domains.
Returns: a list of domain names Return type: [str]
-
get_export_data
(kgk_manager)[source]¶ This gives you a base64 encoded string of encrypted settings data (the blob).
Parameters: kgk_manager (KgkManager) – kgk manager Returns: encrypted settings blob Return type: str
-
get_setting
(domain)[source]¶ This function always returns a setting. If no setting was stored for the given domain a new PasswordSetting object is created.
Parameters: domain (str) – The “domain” is the identifier of a settings object. Returns: a setting object Return type: PasswordSetting
-
get_settings_as_dict
()[source]¶ Constructs a dictionary with a list of settings (no PasswordSetting objects but dicts) and a list of domain names of synced domains.
Returns: a dictionary Return type: dict
-
static
get_settings_crypter
(kgk_manager)[source]¶ Creates a settings crypter
Parameters: kgk_manager (KgkManager) – a kgk manager Returns: Crypter for settings Return type: Crypter
-
load_local_settings
(kgk_manager)[source]¶ This loads the saved settings. It is a good idea to call this method the minute you have a kgk manager.
Parameters: kgk_manager (KgkManager) – kgk manager
-
load_settings
(kgk_manager, password, no_sync=False)[source]¶ Loads settings from local file and from a sync server if possible.
Parameters: - kgk_manager (KgkManager) – kgk manager
- password (str) – the masterpassword
- no_sync (bool) – skip the sync update?
-
set_all_settings_to_synced
()[source]¶ Convenience function for marking all saved settings as synced. Call this after a successful update at the sync server.
-
set_setting
(setting)[source]¶ This saves the supplied setting only in memory. Call save_settings_to_file if you want to have it saved to disk.
Parameters: setting (PasswordSetting) – the setting which should be saved
-
store_local_settings
(kgk_manager)[source]¶ This actually saves the settings to a file on the disk. The file is encrypted so you need to supply the password.
Parameters: kgk_manager (KgkManager) – kgk manager
-
store_settings
(kgk_manager)[source]¶ Stores settings locally and remotely.
Parameters: kgk_manager (KgkManager) – the kgk manager used for the encryption
-
update_from_export_data
(kgk_manager, blob)[source]¶ Call this method to pull settings from the sync server.
Parameters: - kgk_manager (KgkManager) – the kgk manager used for the decryption
- blob (bytes) – the export data
-
update_sync_server_if_necessary
(kgk_manager)[source]¶ Checks if the sync server needs to be updated. If necessary it does a push.
Parameters: kgk_manager (KgkManager) – the kgk manager used for the encryption
-
It uses a Packer
to compress data for storage and a Crypter
to encrypt it.
Compression with DEFLATE.
-
class
packer.
Packer
[source]¶ You do not need to create instances of this class because compress and decompress are both static methods.
Encryption and decryption module.
-
class
crypter.
Crypter
(key_iv)[source]¶ Encrypt and decrypt with AES in CBC mode with PKCS7 padding. The constructor calculates the key from the given password and salt with PBKDF2 using HMAC with SHA512 and 32768 iterations.
-
static
add_pkcs7_padding
(data)[source]¶ Adds PKCS7 padding so it can be divided into full blocks of 16 bytes.
Parameters: data (bytes) – data without padding Returns: padded data Return type: bytes
-
static
createIvKey
(password, salt, iterations=32768)[source]¶ Creates a key for encrypting/decrypting kgk blocks.
Parameters: - password (bytes) – this is the kgk
- salt (bytes) – the salt2
- iterations (int) – an iteration count
Returns: a key
Return type: bytes
-
static
create_key
(password, salt, iterations=1024)[source]¶ Creates a key for encrypting/decrypting settings.
Parameters: - password (bytes) – this is the kgk
- salt (bytes) – the salt2
- iterations (int) – an iteration count
Returns: a key
Return type: bytes
-
decrypt
(encrypted_data)[source]¶ Decrypts with AES in CBC mode with PKCS7 padding.
Parameters: encrypted_data (bytes) – encrypted data Returns: decrypted data Return type: bytes
-
decrypt_unpadded
(encrypted_data)[source]¶ Decrypts with AES in CBC mode without padding. The data has to fit into blocks of 16 bytes.
Parameters: encrypted_data (bytes) – encrypted data Returns: decrypted data Return type: bytes
-
encrypt
(data)[source]¶ Encrypts with AES in CBC mode with PKCS7 padding.
Parameters: data (bytes) – data for encryption Returns: encrypted data Return type: bytes
-
static