TG-353 Размаскирован пакет www-plugins/chrome-bitwarden

* Обновлен скрипт настройки плагина * Обновлен манифест
9 months ago · 3d4d335154
parent 1f0b8f9186
commit 3d4d335154
3 changed files with 137 additions and 8 deletions
--- a/www-plugins/chrome-bitwarden/Manifest
+++ b/www-plugins/chrome-bitwarden/Manifest
@ -1 +1 @@
-DIST chrome-bitwarden-2023.5.1.tar.bz2 1063 BLAKE2B 55fec5699153e9beca910615756a3d1c626485c0dc86b70114ccd151a87b26e4cd23554e07b2a4d047c3a384372bb0a626c96b024e791e8e66a127141e17848c SHA512 a4d559f03e92c2c587cb428b3862f50e61b4bfa0c6c9818e122411d5f3f6d6463a4e1d34c3d193fe67fd68f7d99da112d2e6f8b8a8860301e6f8215de9318fa8
+DIST chrome-bitwarden-2023.5.1.tar.bz2 7350422 BLAKE2B 71ce8df74d070105967a6c2ee7d9c0eeda5f93168d9a7c5bea27c533746ceb2d51897ffb36dd281bd1a564dbb6aaac7b1776c8d617608de948fc08ae220cc39f SHA512 f518197472261f1cbf733eee806725a7769fdb0b9cb893a0474ffaf34d987afc7fdf1be833075fee55c5744bd715072666bf723fc42be0940ae716c9562d4013
--- a/www-plugins/chrome-bitwarden/chrome-bitwarden-2023.5.1.ebuild
+++ b/www-plugins/chrome-bitwarden/chrome-bitwarden-2023.5.1.ebuild
@ -10,7 +10,7 @@ DESCRIPTION="Bitwarden - The password manager"
 HOMEPAGE="https://chrome.google.com/webstore/detail/nngceckbapebfimnlniiiahkandclblb"
 LICENSE="GPL-3"
 SLOT="0"
-KEYWORDS="~amd64 x86"
+KEYWORDS="amd64 x86"

 RDEPEND="dev-python/plyvel
 	dev-python/sjcl"
--- a/www-plugins/chrome-bitwarden/files/configure.py
+++ b/www-plugins/chrome-bitwarden/files/configure.py
@ -1,21 +1,150 @@
-#!/usr/bin/python3
+#!/usr/bin/env python

+import requests
+import base64
+import hashlib
+import secrets
 import plyvel
 import json
 import sys
 from os import path

-data = json.load(sys.stdin)

-if len(sys.argv) < 3:
-    sys.stderr.write("configure.py chrome-dir ext-id")
+
+def hash_key(password, salt=None, iterations=600000):
+    """
+    Хэширование ключа для хэширования пароля
+    """
+
+    if salt is None:
+        salt = secrets.token_hex(16)
+    assert salt and isinstance(salt, str) and "$" not in salt
+    assert isinstance(password, str)
+    pw_hash = hashlib.pbkdf2_hmac(
+        "sha256", password.encode("utf-8"), salt.encode("utf-8"), iterations
+    )
+    key_hash = base64.b64encode(pw_hash).decode("ascii").strip()
+    return key_hash
+
+
+def hash_password(password, salt=None, iterations=600000):
+    """
+    Хэширование пароля для авторизации
+    """
+
+    if salt is None:
+        salt = secrets.token_hex(16)
+    assert salt and isinstance(salt, str) and "$" not in salt
+    pw_hash = hashlib.pbkdf2_hmac(
+        "sha256", base64.b64decode(password), salt.encode("utf-8"), iterations
+    )
+    password_hash = base64.b64encode(pw_hash).decode("ascii").strip()
+    return password_hash
+
+
+def authorization(password,login):
+    """
+    Авторизация и получение данных
+    """
+
+    global Key, PrivateKey, hashKey, access_token, refresh_token, userId
+
+    url = "https://vw.calculate.ru"
+    pre_login_url = url + "/identity/accounts/prelogin"
+    login_url = url + "/identity/connect/token"
+    profile_url = url + "/api/accounts/profile"
+
+    hashKey = hash_key(password,login)
+    hashPassword = hash_password(hashKey, password, iterations=1)
+
+    pre_login_data = {"email": login}
+    login_data = {
+        "scope": "api offline_access",
+        "client_id": "web",
+        "deviceType": "9",
+        "deviceIdentifier": "ff75e99b-a577-4143-a553-f4083f1d2413",
+        "deviceName": "chrome",
+        "grant_type": "password",
+        "username": login,
+        "password": hashPassword
+    }
+
+    session = requests.Session()
+    try:
+        ping = session.get(url)
+        if ping.status_code == 200:
+            try:
+                pre_login = session.post(pre_login_url, json=pre_login_data)
+                if pre_login.status_code == 200:
+                    try:
+                        auth = session.post(login_url, data=login_data)
+                        auth_json = json.loads(auth.content.decode())
+                        Key = auth_json['Key']
+                        PrivateKey = auth_json['PrivateKey']
+                        access_token = auth_json['access_token']
+                        refresh_token = auth_json['refresh_token']
+                        headers = {
+                            "Authorization": f'Bearer {access_token}'
+                        }
+                        profile = session.get(profile_url, headers=headers)
+                        profile_json = json.loads(profile.content)
+                        userId = profile_json['Id']
+                    except:
+                        sys.stderr.write(auth.content.decode())
+                        sys.exit(1)
+            except:
+                sys.stderr.write(pre_login.content.decode())
+                sys.exit(1)
+    except:
+        sys.stderr.write(ping.content.decode())
+        sys.exit(1)
+
+
+def update_json(data_list):
+    """
+    Заполнение конфигурационного файла json
+    """
+
+    userId_masterkey_auto = f'{userId + "_masterkey_auto"}'
+    data_list[f'{userId_masterkey_auto}'] = data_list.pop('userId_masterkey_auto')
+    data_list[f'{userId}'] = data_list.pop('userId')
+    id = data_list[f'{userId}']
+    keys = id['keys']
+    profile = id['profile']
+    tokens = id['tokens']
+    keys['cryptoSymmetricKey']['encrypted'] = Key
+    keys['privateKey']['encrypted'] = PrivateKey
+    profile['userId'] = userId
+    tokens['accessToken'] = access_token
+    tokens['refreshToken'] = refresh_token
+    data_list['activeUserId'] = userId
+    data_list['authenticatedAccounts'] = [userId]
+    data_list[f'{userId_masterkey_auto}'] = hashKey
+
+    data_list[f'{userId}'] = json.dumps(id)
+    data_list[f'{userId_masterkey_auto}'] = json.dumps(data_list[f'{userId_masterkey_auto}'])
+    data_list['activeUserId'] = json.dumps(data_list['activeUserId'])
+    data_list['authenticatedAccounts'] = json.dumps(data_list['authenticatedAccounts'])
+    data_list['global'] = json.dumps(data_list['global'])
+
+
+data_list = json.load(sys.stdin)
+
+if len(sys.argv) < 5:
+    sys.stderr.write("configure.py chrome-dir ext-id login password")
    sys.exit(1)

 chrome_dir = sys.argv[1]
 ext_id = sys.argv[2]
+login = sys.argv[3]
+password = sys.argv[4]
+
+authorization(password,login)
+update_json(data_list)

 db_path = path.join(chrome_dir,"Default/Local Extension Settings", ext_id)
 db = plyvel.DB(db_path, create_if_missing=True)
-for k,v in data.items():
-    db.put(bytes(k,encoding='utf-8'), bytes(v,encoding='utf-8'))
+
+for k, v in data_list.items():
+    db.put(bytes(k,encoding='utf-8'), bytes(str(v),encoding='utf-8'))
 db.close()