Initial import

Initial import of nitrotool. Cannot yet store certificates on the smart
card, but generate and remove keys.

.editorconfig

@@ -0,0 +1,6 @@
+root = true
+
+[*]
+end_of_line = lf
+indent_style = tab
+indent_size = 4

.gitignore

@@ -0,0 +1,2 @@
+.*.swp
+__pycache__

ActionExplore.py

@@ -0,0 +1,28 @@
+#	nitrotool - Frontend for NitroKey USB HSM
+#	Copyright (C) 2018-2018 Johannes Bauer
+#
+#	This file is part of nitrotool.
+#
+#	nitrotool is free software; you can redistribute it and/or modify
+#	it under the terms of the GNU General Public License as published by
+#	the Free Software Foundation; this program is ONLY licensed under
+#	version 3 of the License, later versions are explicitly excluded.
+#
+#	nitrotool is distributed in the hope that it will be useful,
+#	but WITHOUT ANY WARRANTY; without even the implied warranty of
+#	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#	GNU General Public License for more details.
+#
+#	You should have received a copy of the GNU General Public License
+#	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+#
+#	Johannes Bauer <[email protected]>
+
+import sys
+from BaseAction import BaseAction
+from NitroKey import NitroKey
+
+class ActionExplore(BaseAction):
+	def __init__(self, cmdname, args):
+		BaseAction.__init__(self, cmdname, args)
+		nitrokey = NitroKey(verbose = (self.args.verbose > 0)).explore()

ActionGetPublicKey.py

@@ -0,0 +1,32 @@
+#	nitrotool - Frontend for NitroKey USB HSM
+#	Copyright (C) 2018-2018 Johannes Bauer
+#
+#	This file is part of nitrotool.
+#
+#	nitrotool is free software; you can redistribute it and/or modify
+#	it under the terms of the GNU General Public License as published by
+#	the Free Software Foundation; this program is ONLY licensed under
+#	version 3 of the License, later versions are explicitly excluded.
+#
+#	nitrotool is distributed in the hope that it will be useful,
+#	but WITHOUT ANY WARRANTY; without even the implied warranty of
+#	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#	GNU General Public License for more details.
+#
+#	You should have received a copy of the GNU General Public License
+#	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+#
+#	Johannes Bauer <[email protected]>
+
+import sys
+from BaseAction import BaseAction
+from NitroKey import NitroKey
+
+class ActionGetPublicKey(BaseAction):
+	def __init__(self, cmdname, args):
+		BaseAction.__init__(self, cmdname, args)
+		if all(argument is None for argument in [ self.args.label, self.args.id ]):
+			print("Error: Must specify either a label or key ID to fetch from smartcard.", file = sys.stderr)
+			sys.exit(1)
+		nitrokey = NitroKey(verbose = (self.args.verbose > 0), so_path = self.args.so_path, pin = self.args.pin)
+		nitrokey.getpubkey(key_id = self.args.id, key_label = self.args.label)

ActionIdentify.py

@@ -0,0 +1,28 @@
+#	nitrotool - Frontend for NitroKey USB HSM
+#	Copyright (C) 2018-2018 Johannes Bauer
+#
+#	This file is part of nitrotool.
+#
+#	nitrotool is free software; you can redistribute it and/or modify
+#	it under the terms of the GNU General Public License as published by
+#	the Free Software Foundation; this program is ONLY licensed under
+#	version 3 of the License, later versions are explicitly excluded.
+#
+#	nitrotool is distributed in the hope that it will be useful,
+#	but WITHOUT ANY WARRANTY; without even the implied warranty of
+#	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#	GNU General Public License for more details.
+#
+#	You should have received a copy of the GNU General Public License
+#	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+#
+#	Johannes Bauer <[email protected]>
+
+import sys
+from BaseAction import BaseAction
+from NitroKey import NitroKey
+
+class ActionIdentify(BaseAction):
+	def __init__(self, cmdname, args):
+		BaseAction.__init__(self, cmdname, args)
+		nitrokey = NitroKey(verbose = True).list()

ActionInit.py

@@ -0,0 +1,32 @@
+#	nitrotool - Frontend for NitroKey USB HSM
+#	Copyright (C) 2018-2018 Johannes Bauer
+#
+#	This file is part of nitrotool.
+#
+#	nitrotool is free software; you can redistribute it and/or modify
+#	it under the terms of the GNU General Public License as published by
+#	the Free Software Foundation; this program is ONLY licensed under
+#	version 3 of the License, later versions are explicitly excluded.
+#
+#	nitrotool is distributed in the hope that it will be useful,
+#	but WITHOUT ANY WARRANTY; without even the implied warranty of
+#	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#	GNU General Public License for more details.
+#
+#	You should have received a copy of the GNU General Public License
+#	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+#
+#	Johannes Bauer <[email protected]>
+
+import sys
+from BaseAction import BaseAction
+from NitroKey import NitroKey
+
+class ActionInit(BaseAction):
+	def __init__(self, cmdname, args):
+		BaseAction.__init__(self, cmdname, args)
+		nitrokey = NitroKey(verbose = (self.args.verbose > 0))
+		if nitrokey.initialized:
+			print("Error: Cannot initialize NitroKey -- already initialized.", file = sys.stderr)
+			sys.exit(1)
+

ActionKeyGen.py

@@ -0,0 +1,29 @@
+#	nitrotool - Frontend for NitroKey USB HSM
+#	Copyright (C) 2018-2018 Johannes Bauer
+#
+#	This file is part of nitrotool.
+#
+#	nitrotool is free software; you can redistribute it and/or modify
+#	it under the terms of the GNU General Public License as published by
+#	the Free Software Foundation; this program is ONLY licensed under
+#	version 3 of the License, later versions are explicitly excluded.
+#
+#	nitrotool is distributed in the hope that it will be useful,
+#	but WITHOUT ANY WARRANTY; without even the implied warranty of
+#	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#	GNU General Public License for more details.
+#
+#	You should have received a copy of the GNU General Public License
+#	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+#
+#	Johannes Bauer <[email protected]>
+
+import sys
+from BaseAction import BaseAction
+from NitroKey import NitroKey
+
+class ActionKeyGen(BaseAction):
+	def __init__(self, cmdname, args):
+		BaseAction.__init__(self, cmdname, args)
+		nitrokey = NitroKey(verbose = (self.args.verbose > 0), so_path = self.args.so_path, pin = self.args.pin)
+		nitrokey.keygen(key_spec = self.args.keyspec, key_id = self.args.id, key_label = self.args.label)

ActionRemoveKey.py

@@ -0,0 +1,32 @@
+#	nitrotool - Frontend for NitroKey USB HSM
+#	Copyright (C) 2018-2018 Johannes Bauer
+#
+#	This file is part of nitrotool.
+#
+#	nitrotool is free software; you can redistribute it and/or modify
+#	it under the terms of the GNU General Public License as published by
+#	the Free Software Foundation; this program is ONLY licensed under
+#	version 3 of the License, later versions are explicitly excluded.
+#
+#	nitrotool is distributed in the hope that it will be useful,
+#	but WITHOUT ANY WARRANTY; without even the implied warranty of
+#	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#	GNU General Public License for more details.
+#
+#	You should have received a copy of the GNU General Public License
+#	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+#
+#	Johannes Bauer <[email protected]>
+
+import sys
+from BaseAction import BaseAction
+from NitroKey import NitroKey
+
+class ActionRemoveKey(BaseAction):
+	def __init__(self, cmdname, args):
+		BaseAction.__init__(self, cmdname, args)
+		if all(argument is None for argument in [ self.args.label, self.args.id ]):
+			print("Error: Must specify either a label or key ID to fetch from smartcard.", file = sys.stderr)
+			sys.exit(1)
+		nitrokey = NitroKey(verbose = (self.args.verbose > 0), so_path = self.args.so_path, pin = self.args.pin)
+		nitrokey.removekey(key_id = self.args.id, key_label = self.args.label)

ActionUnblock.py

@@ -0,0 +1,29 @@
+#	nitrotool - Frontend for NitroKey USB HSM
+#	Copyright (C) 2018-2018 Johannes Bauer
+#
+#	This file is part of nitrotool.
+#
+#	nitrotool is free software; you can redistribute it and/or modify
+#	it under the terms of the GNU General Public License as published by
+#	the Free Software Foundation; this program is ONLY licensed under
+#	version 3 of the License, later versions are explicitly excluded.
+#
+#	nitrotool is distributed in the hope that it will be useful,
+#	but WITHOUT ANY WARRANTY; without even the implied warranty of
+#	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#	GNU General Public License for more details.
+#
+#	You should have received a copy of the GNU General Public License
+#	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+#
+#	Johannes Bauer <[email protected]>
+
+import sys
+from BaseAction import BaseAction
+from NitroKey import NitroKey
+
+class ActionUnblock(BaseAction):
+	def __init__(self, cmdname, args):
+		BaseAction.__init__(self, cmdname, args)
+		nitrokey = NitroKey(verbose = (self.args.verbose > 0), so_path = self.args.so_path, pin = self.args.pin, sopin = self.args.sopin)
+		nitrokey.unblock_pin()

ActionVerifyPIN.py

@@ -0,0 +1,32 @@
+#	nitrotool - Frontend for NitroKey USB HSM
+#	Copyright (C) 2018-2018 Johannes Bauer
+#
+#	This file is part of nitrotool.
+#
+#	nitrotool is free software; you can redistribute it and/or modify
+#	it under the terms of the GNU General Public License as published by
+#	the Free Software Foundation; this program is ONLY licensed under
+#	version 3 of the License, later versions are explicitly excluded.
+#
+#	nitrotool is distributed in the hope that it will be useful,
+#	but WITHOUT ANY WARRANTY; without even the implied warranty of
+#	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#	GNU General Public License for more details.
+#
+#	You should have received a copy of the GNU General Public License
+#	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+#
+#	Johannes Bauer <[email protected]>
+
+import sys
+from BaseAction import BaseAction
+from NitroKey import NitroKey
+
+class ActionVerifyPIN(BaseAction):
+	def __init__(self, cmdname, args):
+		BaseAction.__init__(self, cmdname, args)
+		nitrokey = NitroKey(verbose = (self.args.verbose > 0), so_path = self.args.so_path, pin = self.args.pin)
+		if nitrokey.login():
+			print("PIN correct.", file = sys.stderr)
+		else:
+			print("PIN was WRONG!", file = sys.stderr)

BaseAction.py

@@ -0,0 +1,28 @@
+#	nitrotool - Frontend for NitroKey USB HSM
+#	Copyright (C) 2018-2018 Johannes Bauer
+#
+#	This file is part of nitrotool.
+#
+#	nitrotool is free software; you can redistribute it and/or modify
+#	it under the terms of the GNU General Public License as published by
+#	the Free Software Foundation; this program is ONLY licensed under
+#	version 3 of the License, later versions are explicitly excluded.
+#
+#	nitrotool is distributed in the hope that it will be useful,
+#	but WITHOUT ANY WARRANTY; without even the implied warranty of
+#	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#	GNU General Public License for more details.
+#
+#	You should have received a copy of the GNU General Public License
+#	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+#
+#	Johannes Bauer <[email protected]>
+
+class BaseAction(object):
+	def __init__(self, cmdname, args):
+		self._cmdname = cmdname
+		self._args = args
+
+	@property
+	def args(self):
+		return self._args

CmdTools.py

@@ -0,0 +1,29 @@
+#	nitrotool - Frontend for NitroKey USB HSM
+#	Copyright (C) 2018-2018 Johannes Bauer
+#
+#	This file is part of nitrotool.
+#
+#	nitrotool is free software; you can redistribute it and/or modify
+#	it under the terms of the GNU General Public License as published by
+#	the Free Software Foundation; this program is ONLY licensed under
+#	version 3 of the License, later versions are explicitly excluded.
+#
+#	nitrotool is distributed in the hope that it will be useful,
+#	but WITHOUT ANY WARRANTY; without even the implied warranty of
+#	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#	GNU General Public License for more details.
+#
+#	You should have received a copy of the GNU General Public License
+#	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+#
+#	Johannes Bauer <[email protected]>
+
+class CmdTools(object):
+	@classmethod
+	def cmdline(cls, cmd):
+		def escape(text):
+			if (" " in text) or ("\"" in text):
+				return "\"%s\"" % (text.replace("\"", "\\\""))
+			else:
+				return text
+		return " ".join(escape(arg) for arg in cmd)

FriendlyArgumentParser.py

@@ -0,0 +1,69 @@
+#!/usr/bin/python3
+#
+#	FriendlyArgumentParser - Argument parser with default help pages
+#	Copyright (C) 2011-2012 Johannes Bauer
+#
+#	This file is part of jpycommon.
+#
+#	jpycommon is free software; you can redistribute it and/or modify
+#	it under the terms of the GNU General Public License as published by
+#	the Free Software Foundation; this program is ONLY licensed under
+#	version 3 of the License, later versions are explicitly excluded.
+#
+#	jpycommon is distributed in the hope that it will be useful,
+#	but WITHOUT ANY WARRANTY; without even the implied warranty of
+#	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#	GNU General Public License for more details.
+#
+#	You should have received a copy of the GNU General Public License
+#	along with jpycommon; if not, write to the Free Software
+#	Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+#
+#	Johannes Bauer <[email protected]>
+#
+#	File UUID c55a0ea0-6dc8-4ceb-a9ff-e54ea8a2ea62
+
+import sys
+import argparse
+import textwrap
+
+class FriendlyArgumentParser(argparse.ArgumentParser):
+	def __init__(self, *args, **kwargs):
+		argparse.ArgumentParser.__init__(self, *args, **kwargs)
+		self.__silent_error = False
+
+	def setsilenterror(self, silenterror):
+		self.__silent_error = silenterror
+
+	def error(self, msg):
+		if self.__silent_error:
+			raise Exception(msg)
+		else:
+			for line in textwrap.wrap("Error: %s" % (msg), subsequent_indent = "  "):
+				print(line, file = sys.stderr)
+			print(file = sys.stderr)
+			self.print_help(file = sys.stderr)
+			sys.exit(1)
+
+def baseint(value, default_base = 10):
+	if value.lower().startswith("0x"):
+		return int(value, 16)
+	elif value.lower().startswith("0b"):
+		return int(value, 2)
+	elif value.lower().startswith("0o"):
+		return int(value, 8)
+	elif value.lower().startswith("0b"):
+		return int(value, 2)
+	else:
+		return int(value, default_base)
+
+if __name__ == "__main__":
+	parser = FriendlyArgumentParser()
+	parser.add_argument("-d", "--dbfile", metavar = "filename", type = str, default = "mydb.sqlite", help = "Specifies database file to use. Defaults to %(default)s.")
+	parser.add_argument("-f", "--force", action = "store_true", help = "Do not ask for confirmation")
+	parser.add_argument("-x", metavar = "hexint", type = baseint, default = "0x100", help = "Defaults to %(default)s.")
+	parser.add_argument("qids", metavar = "qid", type = int, nargs = "+", help = "Question ID(s) of the question(s) to be edited")
+	args = parser.parse_args(sys.argv[1:])
+	print(args)
+
+