?hM;SrSSKrSSKrSSKrSSKrSSKrSSKJr SSKJ r J r J r SSK J r SSKJrJr SSKJr SSKJr SSKrSSKrSSKrSS KJr "S S 5rS rS r\S:Xa\"5 gg)a Secure Password Vault for Python Applications Uses industry-standard encryption (AES-256-GCM) with PBKDF2 key derivation pip install cryptography # Create a new vault python vault.py create # Store a password python vault.py store gmail john.doe@gmail.com # Retrieve a password python vault.py get gmail # List all services python vault.py list # Delete a password python vault.py delete gmail # Change master password python vault.py change-master N)Path)DictOptionalAny) PBKDF2HMAC)hashes serialization)AESGCM)InvalidSignature)datetimec H\rSrSrSrSS\4SjjrS\S\S\4S jrS\S\S\4S jr S \ \\ 4S \S\4S jr S\S \S\ \\ 44Sjr SS \S\4SjjrSS \S\4SjjrSrSS\S\S\S\S\4 SjjrS\S\\ \\44SjrS\4SjrS\S\4SjrSS\S\4SjjrSrSrg) SecureVault,a_ Secure password vault using AES-256-GCM encryption with PBKDF2 key derivation. Security Features: - AES-256-GCM encryption (authenticated encryption) - PBKDF2-SHA256 key derivation (600,000 iterations) - Cryptographically secure random salts and nonces - Master password verification without storing password - Secure memory handling where possible N vault_pathcU(a [U5O[R"5S- S- UlURRR SSS9 SUlg)Nz .secure_vaultz vault.enciT)modeexist_ok)rhomerparentmkdir _master_key)selfrs C:\Oracle\vault\vault.py__init__SecureVault.__init__8sH.8$z*diikO>[^i>i $$%$$?passwordsaltreturnc[[R"5SUSS9nURUR S55$)z7Derive encryption key from master password using PBKDF2 ' ) algorithmlengthr iterationsutf-8)rrSHA256deriveencode)rrrkdfs r _derive_keySecureVault._derive_key=s8mmo   zz(//'233rcn[R"SURS5US5R5$)z5Create a hash of the master password for verificationsha256r&r")hashlib pbkdf2_hmacr)hex)rrrs r_create_password_hash!SecureVault._create_password_hashGs+""8X__W-EtVTXXZZrdatamaster_passwordc[R"S5n[R"S5nURX#5nURX#5nS[R "5R 5UUS.n[U5nURU[R"U5RS5S5n [R"U5RS5[R"U5RS5[R"U 5RS5S.n [R"U 5RS5$)zEncrypt vault datar! z1.0)versioncreated password_hashentriesr&N)rnonce ciphertext)secrets token_bytesr+r2r now isoformatr encryptjsondumpsr)base64 b64encodedecode) rr4r5rr<keyr: vault_dataaesgcmr=encrypted_packages r _encrypt_dataSecureVault._encrypt_dataKs""2&##B'522?I ||~//1*  ^^E4::j+A+H+H+QSWX $$T*11':%%e,33G< **:6==gF  zz+,33G<S>ST ##N3rserviceusernamenotesc[US5(d [S5 gUUU[R"5R 5[R"5R 5S.nXR ;a%UR UR SUS5US'XPR U'UR5 [SUS35 g) zStore a password in the vaultrp+Vault is not unlocked. Please unlock first.F)rzrr{r9modifiedr9Password for 'z' stored successfully.T)rurer r@rArpgetrw)rryrzrr{entrys rstore_passwordSecureVault.store_passwordst]++ ? @! ||~//1 002   && &#//8<?rcr[US5(d [S5 gURRU5$)z"Retrieve a password from the vaultrpr}N)rurerprrrys r get_passwordSecureVault.get_passwords2t]++ ? @##G,,rc[US5(d [S5 /$[URR 55$)zList all services in the vaultrpr})rurelistrpkeysrs r list_servicesSecureVault.list_servicess7t]++ ? @ID$$))+,,rc[US5(d [S5 gXR;a-URU UR5 [SUS35 g[SUS35 g) z Delete a password from the vaultrpr}Frz' deleted successfully.Tz Service 'z' not found in vault.)rurerprwrs rdelete_passwordSecureVault.delete_passwordskt]++ ? @ && &  )     N7)+BC D IgY&;< =r new_passwordcF[US5(d [S5 gU(d\[R"S5n[R"S5nX:wa [S5 M?[U5S:a [S 5 M[XlUR 5 [S 5 g) zChange the master passwordrpr}FTzEnter new master password: zConfirm new master password: r`r7raz%Master password changed successfully.)rurerfrgrqrw)rrrks rchange_master_password"SecureVault.change_master_passwordst]++ ? @&/LM #*??3R#S 3DE|$r)PQ ,  56rc[US5(aURR5 U?[US5(aS[UR5-UlU?[ S5 g)z3Lock the vault and clear sensitive data from memoryrprqxz Vault locked.N)rurpclearrgrqrers r lock_vaultSecureVault.lock_vaults[ 4 ' '    " " $ 4+ , ,$'#d.C.C*D$DD !% or)rrqrpr)N))__name__ __module__ __qualname____firstlineno____doc__strrbytesr+r2rrrLrZboolrlrrrwrrrrrrrr__static_attributes__rrrr,sD  3 4C4u44[c[[3[=$sCx.=3=5=BPEPCPDQTVYQYNP6C4BC4&4cSCPS]a,-C-HT#s(^,D--t- s t 3$4 rrcP[R"SS9nURSSS9 URSSS9nUR S S S9nUR S S S9nURS SS9 URSSS9 URSSSS9 UR SSS9nURS SS9 UR SSS9nUR SSS9nURS SS9 UR SSS9nUR 5nUR (dUR5 g[UR5n UR S :XaU R5 gUR S :Xa|U R5(af[R"SURS35n U RURURXR 5 U R#5 ggUR S:XaU R5(aU R%UR5n U (ax['S UR35 ['S!U S35 ['S"U S#35 U S$(a['S%U S$35 ['S&U S'35 ['S(U S)35 O['S*URS+35 U R#5 ggUR S:XaU R5(awU R)5n U (aD['S,5 [+U 5H)n U R%U 5n ['S-U S.U SS/35 M+ O ['S05 U R#5 ggUR S:XaoU R5(aY[-S1URS235nUR/5S3:XaU R1UR5 U R#5 ggUR S:Xa7U R5(a!U R35 U R#5 ggg)4z-Command-line interface for the password vaultzSecure Password Vault) descriptionz --vault-pathzPath to vault file)helpcommandzAvailable commands)destrcreater]storezStore a passwordryz Service namerzUsernamez--notesrzAdditional notes)defaultrrzRetrieve a passwordrzList all servicesdeletezDelete a passwordz change-masterzChange master passwordNzEnter password for z: z Service: z Username: z Password: rr{zNotes: z Created: r9z Modified: r~zNo password found for ''zStored services:z - z ()zNo passwords stored in vault.zDelete password for 'z '? (y/N): r^)argparseArgumentParser add_argumentadd_subparsers add_parser parse_argsr print_helprrrlrrrfryrrzr{rrrersortedrcrdrr)parser subparsers create_parser store_parser get_parser list_parser delete_parser change_parserargsvaultrrservicesryconfirms rmainr!s  $ $1H IF -AB&&I))/@X)YM    D <<  (E ||x       )GE'N#345 % "2!345 5#4"567/ ~Q?@            **,H()%h/G!..w7ED E*,=+>a@A 056       !     3DLL>LMG}}#%%%dll3      (       ( ( *      )rcd[S5nURR5(dURS5 UR S5(a_UR SSSS5 UR S5nU(a"[SUS35 [S US 35 UR5 g g ) z;Example of how to use the vault in your Python applicationszmy_app_vault.encyour_secure_master_passworddatabaseadminsuper_secret_passwordz Production DBz DB Username: rzz DB Password: rN) rrrbrlrrrrrer)rdb_credss rexample_library_usagerys * +E    " " $ $ 89 788 Z2I?[%%j1  M(:"6!78 9 M(:"6!78 9 9r__main__)rosrCrErfr/pathlibrtypingrrr)cryptography.hazmat.primitives.kdf.pbkdf2rcryptography.hazmat.primitivesrr +cryptography.hazmat.primitives.ciphers.aeadr cryptography.exceptionsr r>rsysr rrrrrrrrsi4 &&@@>4 rrjTp4 zFr