From 67b29e1505b1aa7beabd6cb1703bb23ebd8fea08 Mon Sep 17 00:00:00 2001 From: Knut Ahlers Date: Fri, 30 Nov 2018 12:06:36 +0100 Subject: [PATCH] add script to obfuscate wpa keys in netctl files Signed-off-by: Knut Ahlers --- bin/obfuscate_netctl | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100755 bin/obfuscate_netctl diff --git a/bin/obfuscate_netctl b/bin/obfuscate_netctl new file mode 100755 index 0000000..43590f8 --- /dev/null +++ b/bin/obfuscate_netctl @@ -0,0 +1,44 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +from pbkdf2 import PBKDF2 +import sys + + +def get_ssid(netctl_file): + for line in netctl_file: + if line.startswith('ESSID='): + return line.split('=')[1].strip("\"'") + + raise Exception("No ESSID assignment found") + + +def replace_key(netctl_file, ssid): + netctl_out = [] + + for line in netctl_file: + if line.startswith('Key='): + passphrase = line.split('=')[1].strip("\"'") + key = PBKDF2(passphrase, ssid, iterations=4096).hexread(32) + netctl_out.append('Key=\\"{}'.format(key)) + else: + netctl_out.append(line) + + return netctl_out + + +def main(args): + netctl_file = [] + + with open(args[1], 'r') as f: + netctl_file = f.read().split('\n') + + ssid = get_ssid(netctl_file) + netctl_file = replace_key(netctl_file, ssid) + + with open(args[1], 'w+') as f: + f.write('\n'.join(netctl_file)) + + +if __name__ == '__main__': + main(sys.argv)