RunasSudo/cryptomator-utils
1
Fork 0
Code Issues Pull Requests Activity
cryptomator-utils/decrypt_file.py

55 lines
2.2 KiB
Python
Executable File
Raw Blame History

#!/usr/bin/env python3
# cryptomator-utils: Python utilities for inspecting Cryptomator drives
# Copyright (C) 2024 Lee Yingtong Li (RunasSudo)
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
from lib_cryptomator_utils.cryptomator import decrypt_file, directory_path_to_id, encrypt_filename, hash_directory_id, load_vault_config
import os
import sys
def main():
if len(sys.argv) < 3:
print('Decrypts a single file from a Cryptomator drive and prints to standard output', file=sys.stderr)
print('', file=sys.stderr)
print('Usage: {} /path/to/vault.cryptomator /plaintext/path/within/drive'.format(sys.argv[0]), file=sys.stderr)
sys.exit(1)
# Parse CLI arguments
vault_config_path = sys.argv[1]
target_directory = sys.argv[2]
vault_path = os.path.split(vault_config_path)[0]
# Load vault config (asks for password)
primary_master_key, hmac_master_key = load_vault_config(vault_config_path)
# Resolve the parent directory of the file
target_directory_parts = target_directory.strip('/').split('/')
directory_id = directory_path_to_id(vault_path, primary_master_key, hmac_master_key, '/'.join(target_directory_parts[:-1]))
# Decrypt the file
hashed_directory_id = hash_directory_id(primary_master_key, hmac_master_key, directory_id)
encrypted_filename = encrypt_filename(primary_master_key, hmac_master_key, directory_id, target_directory_parts[-1])
content = decrypt_file(vault_path, primary_master_key, hashed_directory_id, encrypted_filename)
# Print to stdout
sys.stdout.buffer.write(content)
sys.stdout.buffer.flush()
if __name__ == '__main__':
main()
Reference in New Issue View Git Blame Copy Permalink