Print informational messages to stderr
This commit is contained in:
parent
dc148214e5
commit
bba6e782f1
@ -23,8 +23,8 @@ import sys
|
||||
|
||||
def main():
|
||||
if len(sys.argv) < 3:
|
||||
print('Decrypts a single file from a Cryptomator drive and prints to standard output')
|
||||
print()
|
||||
print('Decrypts a single file from a Cryptomator drive and prints to standard output', file=sys.stderr)
|
||||
print('', file=sys.stderr)
|
||||
print('Usage: {} /path/to/vault.cryptomator /plaintext/path/within/drive'.format(sys.argv[0]), file=sys.stderr)
|
||||
sys.exit(1)
|
||||
|
||||
|
@ -47,7 +47,7 @@ def load_vault_config(vault_config_path):
|
||||
vault_config_jwt_parts = vault_config_data.split('.')
|
||||
|
||||
if len(vault_config_jwt_parts) != 3:
|
||||
print('Error: Invalid JWT (got {} parts, expected 3)'.format(len(vault_config_jwt_parts)))
|
||||
print('Error: Invalid JWT (got {} parts, expected 3)'.format(len(vault_config_jwt_parts)), file=sys.stderr)
|
||||
sys.exit(1)
|
||||
|
||||
# Parse JWT header and payload
|
||||
@ -55,29 +55,29 @@ def load_vault_config(vault_config_path):
|
||||
vault_config_header = json.loads(b64url_decode(vault_config_jwt_parts[0]).decode('utf-8'))
|
||||
vault_config_payload = json.loads(b64url_decode(vault_config_jwt_parts[1]).decode('utf-8'))
|
||||
except json.JSONDecodeError as ex:
|
||||
print('Error: Malformed JWT (invalid JSON)')
|
||||
print('Error: Malformed JWT (invalid JSON)', file=sys.stderr)
|
||||
import traceback; traceback.print_exc()
|
||||
sys.exit(1)
|
||||
|
||||
# Validate settings
|
||||
if vault_config_header['typ'] != 'JWT':
|
||||
print('Error: Malformed JWT (no "typ" in header)')
|
||||
print('Error: Malformed JWT (no "typ" in header)', file=sys.stderr)
|
||||
sys.exit(1)
|
||||
if vault_config_header['alg'] != 'HS256':
|
||||
print('Error: Unsupported JWT algorithm (got {}, expected HS256)'.format(vault_config_header['alg']))
|
||||
print('Error: Unsupported JWT algorithm (got {}, expected HS256)'.format(vault_config_header['alg']), file=sys.stderr)
|
||||
sys.exit(1)
|
||||
if vault_config_payload['format'] != 8: # Current Cryptomator vault format
|
||||
print('Error: Unsupported vault format (got {}, expected 8)'.format(vault_config_payload['format']))
|
||||
print('Error: Unsupported vault format (got {}, expected 8)'.format(vault_config_payload['format']), file=sys.stderr)
|
||||
sys.exit(1)
|
||||
if vault_config_payload['cipherCombo'] != 'SIV_GCM':
|
||||
print('Error: Unsupported vault cipher mode (got {}, expected SIV_GCM)'.format(vault_config_payload['cipherCombo']))
|
||||
print('Error: Unsupported vault cipher mode (got {}, expected SIV_GCM)'.format(vault_config_payload['cipherCombo']), file=sys.stderr)
|
||||
sys.exit(1)
|
||||
|
||||
# -------------
|
||||
# Read key file
|
||||
|
||||
if not vault_config_header['kid'].startswith('masterkeyfile:'):
|
||||
print('Error: Unsupported vault master key ID (got {}, expected masterkeyfile)'.format(vault_config_header['kid']))
|
||||
print('Error: Unsupported vault master key ID (got {}, expected masterkeyfile)'.format(vault_config_header['kid']), file=sys.stderr)
|
||||
sys.exit(1)
|
||||
|
||||
master_key_path = os.path.join(os.path.split(vault_config_path)[0], vault_config_header['kid'][len('masterkeyfile:'):])
|
||||
@ -105,7 +105,7 @@ def load_vault_config(vault_config_path):
|
||||
primary_master_key = aes_key_unwrap(kek, base64.b64decode(master_key_config['primaryMasterKey']))
|
||||
hmac_master_key = aes_key_unwrap(kek, base64.b64decode(master_key_config['hmacMasterKey']))
|
||||
except InvalidUnwrap:
|
||||
print('Error: Incorrect password')
|
||||
print('Error: Incorrect password', file=sys.stderr)
|
||||
sys.exit(1)
|
||||
|
||||
# -------------------------------
|
||||
@ -115,7 +115,7 @@ def load_vault_config(vault_config_path):
|
||||
expected_signature = hmac.digest(primary_master_key + hmac_master_key, (vault_config_jwt_parts[0] + '.' + vault_config_jwt_parts[1]).encode('utf-8'), 'SHA256')
|
||||
|
||||
if b64url_encode(expected_signature) != vault_config_jwt_parts[2]:
|
||||
print('Error: Invalid vault configuration file signature')
|
||||
print('Error: Invalid vault configuration file signature', file=sys.stderr)
|
||||
sys.exit(1)
|
||||
|
||||
return primary_master_key, hmac_master_key
|
||||
@ -172,7 +172,7 @@ def list_directory(vault_path, primary_master_key, hmac_master_key, directory_id
|
||||
# Check directory ID given by dirid.c9r matches the expected directory ID
|
||||
stored_directory_id = decrypt_file(vault_path, primary_master_key, hashed_directory_id, 'dirid.c9r')
|
||||
if stored_directory_id != directory_id.encode('utf-8'):
|
||||
print('Error: Unexpected dirid.c9r (got "{}", expected "{}")'.format(stored_directory_id.decode('utf-8'), directory_id))
|
||||
print('Error: Unexpected dirid.c9r (got "{}", expected "{}")'.format(stored_directory_id.decode('utf-8'), directory_id), file=sys.stderr)
|
||||
sys.exit(1)
|
||||
|
||||
# List directory contents
|
||||
@ -184,9 +184,9 @@ def list_directory(vault_path, primary_master_key, hmac_master_key, directory_id
|
||||
elif entry.name.endswith('.c9r'):
|
||||
directory_contents.append(decrypt_filename(primary_master_key, hmac_master_key, directory_id, entry.name))
|
||||
elif entry.name.endswith('.c9s'):
|
||||
print('Warning: Unsupported entry with long filename "{}" - not yet implemented'.format(entry.name))
|
||||
print('Warning: Unsupported entry with long filename "{}" - not yet implemented'.format(entry.name), file=sys.stderr)
|
||||
else:
|
||||
print('Warning: Unknown file "{}" - ignoring'.format(entry.name))
|
||||
print('Warning: Unknown file "{}" - ignoring'.format(entry.name), file=sys.stderr)
|
||||
|
||||
return directory_contents
|
||||
|
||||
|
@ -23,9 +23,9 @@ import sys
|
||||
|
||||
def main():
|
||||
if len(sys.argv) < 3:
|
||||
print('Lists the contents of a given directory in a Cryptomator drive')
|
||||
print()
|
||||
print('Usage: {} /path/to/vault.cryptomator /plaintext/path/within/drive'.format(sys.argv[0]))
|
||||
print('Lists the contents of a given directory in a Cryptomator drive', file=sys.stderr)
|
||||
print('', file=sys.stderr)
|
||||
print('Usage: {} /path/to/vault.cryptomator /plaintext/path/within/drive'.format(sys.argv[0]), file=sys.stderr)
|
||||
sys.exit(1)
|
||||
|
||||
# Parse CLI arguments
|
||||
|
Loading…
Reference in New Issue
Block a user