pwman-tools

## pwman2op

### How to use

Developed and tested in SBCL. Use as follows:


	sbcl --script /path/to/this/script

### Known issues

It's work-in-progress

- Assumes two-level hierarchy of data in pwman
- Only uses Login and Secure Note op templates
- Secure Notes have to be in a "SECURE-NOTES" category/heading in PWman
- Ignores stuff in a "INACTIVE" category/heading in PWman
- Assumes an existing authenticated op session

## pwman2op

### How to use

Developed and tested in SBCL. Use as follows:

	gpg -d ~/.pwman.db > ~/.pwman.db.decrypt
	sbcl --script /path/to/this/script

### Known issues/limitations



- Assumes two-level hierarchy of data in pwman
- Only uses Login and Secure Note op templates
- Secure Notes have to be in a "SECURE-NOTES" category/heading in PWman
- Ignores stuff in a "INACTIVE" category/heading in PWman
- Assumes an existing authenticated op session
- pwman.db file needs to be decrypted up front to `~/.pwman.db.decrypt`
- Mappings from PWman to 1password are as follows:
	- For Logins
		- name -> title
		- host -> url
		- user -> username
		- passwd -> password
		- launch -> notesPlain
		- category -> tag
	- For Secure Notes
		- name -> title
		- host -> notesPlain
		- user -> notesPlain
		- passwd -> notesPlain
		- launch -> notesPlain
		- category -> tag

  (username password content)
  (concatenate 'string "{\"notesPlain\":\"" content "\",\"sections\":[],\"passwordHistory\":[],\"fields\":[{\"value\":\"" username "\",\"name\":\"username\",\"type\":\"T\",\"designation\":\"username\"},{\"value\":\"" password "\",\"name\":\"password\",\"type\":\"P\",\"designation\":\"password\"}]}"))

(defun send-to-op
	(op-category pwman-category name host username passwd launch)
	(progn
		; Case would be better if I can figure that out
		; Need to fill in correct template
		(print "op-category:")
		(print op-category)
		(print "pwman-category")
		(print pwman-category)
		(print "name")
		(print name)
		(defparameter template
			(if (string= op-category "Login")
				(template-login username passwd launch)
				; Errr... I guess just assume it's... need to do this and not multiple ifs in progn as otherwise template picks up NIL from progmn
				; Need to combine fields for Secure notes
				(template-secure-note (concatenate 'string "host: " host "; user: " username "; password: " passwd "; launch: " launch))))
		;(print "template:")
		;(print template)
		; Encode first and get return
		; Probably many better ways to do this...
		; Myabe base64 encode directly here... subtle differences though it seems with op
		; Need to single quote encode the json
		(defparameter extproc (sb-ext:run-program "sh" (list "-c" (concatenate 'string "echo '" template "' | op encode")) :search :environment :output :stream))
		(defparameter encoded-item (read-line (sb-ext:process-output extproc)))
		;(print encoded-item)
		; Create item
		; Just going to send blanks, etc if that's what some fields are. It doesn't seem to matter.
		; ALMOST working...
		; Need to pick up correct env... I.e. thinks not logged in...
		; Maybe pass session variable to this? Maybe no need...?
		; Need to only send url if it's a Login item
		(defparameter defaultargs (list  "create" "item" op-category encoded-item (concatenate 'string "--title=" name) (concatenate 'string "--tags=" pwman-category)))
		(defparameter args
			(if (string= op-category "Login")
				; Append, because need at end
				(append defaultargs (list (concatenate 'string "--url=" host)))
				defaultargs))
		(defparameter cproc (sb-ext:run-program "op" args :search :environment :output :stream))
		(defparameter output (read-line (sb-ext:process-output cproc)))
		(print output)))


; Mappings are as follows:
; `op create item <category> <encodeditem> [--title=<title>] [--url=<url>] [--vault=<vault>] [--tags=<tags>]`
;
; PWman -> 1pass
; ==============
;
; For Logins
; ==========
; name -> title
; host -> url
; user -> username
; passwd -> password
; launch -> notesPlain
; category -> tag
;
; For Secure Notes
; ================
; name -> title
; host -> notesPlain
; user -> notesPlain
; passwd -> notesPlain
; launch -> notesPlain
; category -> tag

; decrpyt the file

;(sb-ext:run-program "gpg" (list "-d" (concatenate 'string (sb-unix::posix-getenv "HOME") "/.pwman.db") ">" ".pwman.db.decrypt") :search :environment)
; read file
(defparameter *pwman* (cxml:parse-file  (concatenate 'string (sb-unix::posix-getenv "HOME") "/.pwman.db.decrypt") (cxml-dom:make-dom-builder)))
(defparameter *categories* (dom:child-nodes (dom:item (dom:child-nodes (dom:document-element  *pwman* )) 0 )))

; Kept for ref
;(dom:do-node-list (category *categories*) (print (dom:get-attribute category "name")))

................................................................................
						(dom:data (dom:item (dom:child-nodes (dom:item pwitems 3)) 0))
						""))
				(defparameter launch
					(if (dom:item (dom:child-nodes (dom:item pwitems 4)) 0)
						(dom:data (dom:item (dom:child-nodes (dom:item pwitems 4)) 0))
						""))
				(if (string= category-name "SECURE-NOTES")


					(send-to-op "Secure Note" category-name name host username passwd launch)
					(progn
						(if (string/= category-name "INACTIVE")


							(send-to-op "Login" category-name name host username passwd launch)))))))

; Only right at end do we want to delete file
;	(if (= 0 (sb-ext:process-exit-code proc))
;		;If that was successful, then delete the un-encrypted files
;		(progn
;			(delete-file infile)
;			(delete-file "pwman.txt"))
;		;If not restore backup and leave plain text files (otherwise will fail next time on above rename)
;		(progn
;			(rename-file (concatenate 'string (sb-unix::posix-getenv "HOME") "/.pwman.db.bak") (concatenate 'string (sb-unix::posix-getenv "HOME") "/.pwman.db"))
;			(print "Couldn't encrypt file, plain text files have not been deleted"))))

  (username password content)
  (concatenate 'string "{\"notesPlain\":\"" content "\",\"sections\":[],\"passwordHistory\":[],\"fields\":[{\"value\":\"" username "\",\"name\":\"username\",\"type\":\"T\",\"designation\":\"username\"},{\"value\":\"" password "\",\"name\":\"password\",\"type\":\"P\",\"designation\":\"password\"}]}"))

(defun send-to-op
	(op-category pwman-category name host username passwd launch)
	(progn
		; Case would be better if I can figure that out







		(defparameter template
			(if (string= op-category "Login")
				(template-login username passwd launch)
				; Need to do this and not multiple ifs in progn as otherwise template picks up NIL from progmn
				; Need to combine fields for Secure notes
				(template-secure-note (concatenate 'string "host: " host "; user: " username "; password: " passwd "; launch: " launch))))


		; Encode first and get return
		; Probably many better ways to do this...
		; Maybe base64 encode directly here? Subtle differences though it seems with op
		; Need to single quote encode the json
		(defparameter extproc (sb-ext:run-program "sh" (list "-c" (concatenate 'string "echo '" template "' | op encode")) :search :environment :output :stream))
		(defparameter encoded-item (read-line (sb-ext:process-output extproc)))

		; Create item
		; Just going to send blanks, etc if that's what some fields are. It doesn't seem to matter.



		; Need to only send url if it's a Login item
		(defparameter defaultargs (list  "create" "item" op-category encoded-item (concatenate 'string "--title=" name) (concatenate 'string "--tags=" pwman-category)))
		(defparameter args
			(if (string= op-category "Login")
				; Append, because need at end
				(append defaultargs (list (concatenate 'string "--url=" host)))
				defaultargs))
		(defparameter cproc (sb-ext:run-program "op" args :search :environment :output :stream))
		(defparameter output (read-line (sb-ext:process-output cproc)))
		(print output)))


























; decrpyt the file
; Nice idea, but can't find a way of reading input in a concealed fashion so instead just decrypt the file manually before running this script
;(sb-ext:run-program "gpg" (list "-d" "--password" some-password-we-get-from-input (concatenate 'string (sb-unix::posix-getenv "HOME") "/.pwman.db") ">" ".pwman.db.decrypt") :search :environment)
; read file
(defparameter *pwman* (cxml:parse-file  (concatenate 'string (sb-unix::posix-getenv "HOME") "/.pwman.db.decrypt") (cxml-dom:make-dom-builder)))
(defparameter *categories* (dom:child-nodes (dom:item (dom:child-nodes (dom:document-element  *pwman* )) 0 )))

; Kept for ref
;(dom:do-node-list (category *categories*) (print (dom:get-attribute category "name")))

................................................................................
						(dom:data (dom:item (dom:child-nodes (dom:item pwitems 3)) 0))
						""))
				(defparameter launch
					(if (dom:item (dom:child-nodes (dom:item pwitems 4)) 0)
						(dom:data (dom:item (dom:child-nodes (dom:item pwitems 4)) 0))
						""))
				(if (string= category-name "SECURE-NOTES")
					(progn
						(print (concatenate 'string "Creating Secure Note for " name " in " category-name))
						(send-to-op "Secure Note" category-name name host username passwd launch))
					(progn
						(if (string/= category-name "INACTIVE")
							(progn
								(print (concatenate 'string "Creating Login for " name " in " category-name))
								(send-to-op "Login" category-name name host username passwd launch))))))))

; Only right at end do we want to delete file







(delete-file (concatenate 'string (sb-unix::posix-getenv "HOME") "/.pwman.db.decrypt"))