Domovská stránka Prehľadávať Pomoc
Prihlásiť sa
kzimmermann
/
quickpass
Pridať medzi pozorované 3
Hviezda 3
Fork 2
Súbory Issues 1 Pull requesty 0 Wiki
Strom: 22639e6c27
Branche Tagy
quickpass
/
passman

passman 6.5 KB
História Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241 
  1. #!/bin/bash
    2. 

  2. #
    3. 

  3. # Companion password manager for quickpass.
    4. 

  4. #
    5. 

  5. # A few things worth noting before you decide to use this program:
    6. 

  6. #
    7. 

  7. #  - An accredited security audit has NOT been performed on this program yet.
    8. 

  8. #  - This program relies on GnuPG and a PGP key to perform encryption and
    9. 

  9. #    decryption, so make sure you use a strong (>4000 bits) key!
    10. 

  10. #  - Unlike KeePass, this program does NOT encrypt the RAM it uses, nor does
    11. 

  11. #    it encrypt the entire database. Decide for yourself if this is enough.
    12. 

  12. #
    13. 

  13. # Inspired by alimiracles `pm` file.
    14. 

  14. #
    15. 

  15. #    Copyright (c) 2016 ali abdul ghani <alimiracle@riseup.net>
    16. 

  16. #    Copyright (c) 2016 kzimmermann <kzimmermann@vivaldi.net>
    17. 

  17. #
    18. 

  18. #    This file is part of quickpass 
    19. 

  19. #
    20. 

  20. #    quickpass is free software: you can redistribute it and/or modify
    21. 

  21. #    it under the terms of the GNU General Public License as published by
    22. 

  22. #    the Free Software Foundation, either version 3 of the License, or
    23. 

  23. #    (at your option) any later version.
    24. 

  24. #    quickpass is distributed in the hope that it will be useful,
    25. 

  25. #    but WITHOUT ANY WARRANTY; without even the implied warranty of
    26. 

  26. #    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    27. 

  27. #    GNU General Public License for more details.
    28. 

  28. #    You should have received a copy of the GNU General Public License
    29. 

  29. #    along with quickpass.  If not, see <http://www.gnu.org/licenses/>.
    30. 

  30. #
    31. 

  31. 

  32. #-- predefined variables --#
    33. 

  33. 

  34. VAULT="$HOME/.quickpassdb"
    35. 

  35. 

  36. # change this to a private key available in your keyring.
    37. 

  37. # you can use any format that gpg accepts, like an email address or fingerprint
    38. 

  38. RECIPIENT=""
    39. 

  39. 

  40. #-- /predefined variables --#
    41. 

  41. 

  42. #-- Function definitions --
    43. 

  43. 

  44. error() {
    45. 

  45.     # shorthand for a quit-due-to-error message.
    46. 

  46.     echo "Error: $1"
    47. 

  47.     exit 1
    48. 

  48. }
    49. 

  49. 

  50. helper() {
    51. 

  51.     cat <<EOF
    52. 

  52. $(basename $0): a password manager for quickpass.
    53. 

  53. USAGE $(basename $0) COMMAND [ARGUMENT]
    54. 

  54. 

  55. COMMANDS are:
    56. 

  56.  -h, --help: this help message.
    57. 

  57.  -n, --new [SERVICE NAME]: creates a new entry in the vault using quickpass.
    58. 

  58.  -r, --read [SERVICE NAME]: decrypts and reads the entry for [SERVICE NAME].
    59. 

  59.  -d, --delete [SERVICE NAME]: deletes entry for [SERVICE NAME].
    60. 

  60.  -l, --list: lists all available password entries.
    61. 

  61.  -L, --length [N]: generates passwords of N characters long instead of 32.
    62. 

  62. 

  63. EOF
    64. 

  64. if [[ -n "$RECIPIENT" ]]
    65. 

  65. then
    66. 

  66.     cat <<EOF
    67. 

  67. The current recipient (user) is: $RECIPIENT.
    68. 

  68. $(gpg --list-keys $RECIPIENT)
    69. 

  69. EOF
    70. 

  70. else
    71. 

  71.     echo "Error: you have not specified a recipient (vault user) yet."
    72. 

  72.     echo "Please change the line RECIPIENT=\"\" to your gpg key to use it."
    73. 

  73.     exit 1
    74. 

  74. fi
    75. 

  75. }
    76. 

  76. 

  77. create_db() {
    78. 

  78.     # create a db if there's none available.
    79. 

  79.     if [[ ! -f "$VAULT" ]]
    80. 

  80.     then
    81. 

  81.         sqlite3 "$VAULT" "
    82. 

  82.         CREATE TABLE IF NOT EXISTS entries (
    83. 

  83.             service TEXT PRIMARY KEY,
    84. 

  84.             password TEXT
    85. 

  85.         )"
    86. 

  86.         echo "New password vault created at $VAULT"
    87. 

  87.     else
    88. 

  88.         echo "A password vault already exists at $VAULT."
    89. 

  89.     fi
    90. 

  90. }
    91. 

  91. 

  92. new_entry() {
    93. 

  93.     # add a new row in the password database.
    94. 

  94.     service="$1"
    95. 

  95.     if [[ -z "$LENGTH" ]]
    96. 

  96.     then
    97. 

  97.         encrypted=$(quickpass -p | gpg -a -e -r $RECIPIENT)
    98. 

  98.     else
    99. 

  99.         encrypted=$(quickpass -p -l $LENGTH | gpg -a -e -r $RECIPIENT)
    100. 

  100.     fi
    101. 

  101.     sqlite3 "$VAULT" "
    102. 

  102.     INSERT INTO entries (service, password)
    103. 

  103.     VALUES ('$service', '$encrypted')" || error "could not insert into vault..."
    104. 

  104.     if [[ -z "$LENGTH" ]]
    105. 

  105.     then
    106. 

  106.         echo "Created 1 new password entry for service '$service'"
    107. 

  107.     else
    108. 

  108.         echo "Created 1 new password $LENGTH characters long for service '$service'"
    109. 

  109.     fi
    110. 

  110. }
    111. 

  111. 

  112. delete_entry() {
    113. 

  113.     # remove a row from the database.
    114. 

  114.     sanity=$(sqlite3 "$VAULT" "
    115. 

  115.             SELECT service FROM entries
    116. 

  116.             WHERE service = '$1'
    117. 

  117.     ")
    118. 

  118.     [[ -z "$sanity" ]] && error "entry '$1' not found"
    119. 

  119. 

  120.     printf "Would you like to delete entry '$1'? (y/n) "
    121. 

  121.     read decision
    122. 

  122.     if [[ "$decision" == "y" ]]
    123. 

  123.     then
    124. 

  124.         sqlite3 "$VAULT" "
    125. 

  125.             DELETE FROM entries
    126. 

  126.             WHERE service = '$1'
    127. 

  127.         " 
    128. 

  128.         echo "Entry '$1' deleted."
    129. 

  129.     else
    130. 

  130.         echo "Aborted."
    131. 

  131.         exit 1
    132. 

  132.     fi
    133. 

  133. }
    134. 

  134. 

  135. read_entry() {
    136. 

  136.     # return a decrypted row from the database
    137. 

  137.     encrypted=$(sqlite3 "$VAULT" "
    138. 

  138.         SELECT password FROM entries
    139. 

  139.         WHERE service = '$1'
    140. 

  140.         ")
    141. 

  141.     if [[ -n "$encrypted" ]]
    142. 

  142.     then
    143. 

  143.         echo "Unlock your key to obtain the password"
    144. 

  144.         printf %b "$encrypted" | gpg --decrypt | xsel -i -b
    145. 

  145.         echo "Password copied to the clipboard."
    146. 

  146.         printf "Clearing automatically in "
    147. 

  147.         for i in $(seq 1 10)
    148. 

  148.         do
    149. 

  149.             printf "$(expr 11 - $i)... "
    150. 

  150.             sleep 1
    151. 

  151.         done
    152. 

  152.         echo $RANDOM | xsel -i -b
    153. 

  153.         echo "** Cleared. **"
    154. 

  154.     else
    155. 

  155.         echo "Entry $1 doesn't exist in the vault."
    156. 

  156.         echo "Use '--list' to see all available entries."
    157. 

  157.         exit 1
    158. 

  158.     fi
    159. 

  159. }
    160. 

  160. 

  161. list_entry() {
    162. 

  162.     # list all available entries from the database:
    163. 

  163.     echo "You have the following password entries available here:"
    164. 

  164.     sqlite3 "$VAULT" "SELECT service FROM entries"
    165. 

  165. }
    166. 

  166. 

  167. #-- /Function definitions --
    168. 

  168. 

  169. [[ -z $(which sqlite3) ]] && error "sqlite3 not found."
    170. 

  170. [[ -z $(which gpg) ]] && error "gpg not found."
    171. 

  171. [[ -z "$RECIPIENT" ]] && helper
    172. 

  172. [[ ! -f "$VAULT" ]] && create_db
    173. 

  173. 

  174. # We can only perform an action at a time. Sorry.
    175. 

  175. action=""
    176. 

  176. 

  177. while [[ -n "$1" ]]
    178. 

  178. do
    179. 

  179.     case "$1" in
    180. 

  180.         "-h" | "--help" ) 
    181. 

  181.             helper
    182. 

  182.             exit 0
    183. 

  183.         ;;
    184. 

  184.         "-n" | "--new" )
    185. 

  185.             [[ -n "$action" ]] && error "one action at a time only."
    186. 

  186.             action="new"
    187. 

  187.             shift
    188. 

  188.             [[ -z "$1" ]] && error "Missing arguments. See --help"
    189. 

  189.             token="$1"
    190. 

  190.         ;;
    191. 

  191.         "-r" | "--read" )
    192. 

  192.             [[ -n "$action" ]] && error "one action at a time only."
    193. 

  193.             action="read"
    194. 

  194.             shift
    195. 

  195.             [[ -z "$1" ]] && error "Missing arguments. See --help"
    196. 

  196.             token="$1"
    197. 

  197.         ;;
    198. 

  198.         "-d" | "--delete" )
    199. 

  199.             [[ -n "$action" ]] && error "one action at a time only."
    200. 

  200.             action="delete"
    201. 

  201.             shift
    202. 

  202.             [[ -z "$1" ]] && error "Missing arguments. See --help"
    203. 

  203.             token="$1"
    204. 

  204.         ;;
    205. 

  205.         "-l" | "--list" )
    206. 

  206.             list_entry
    207. 

  207.             exit 0
    208. 

  208.         ;;
    209. 

  209.         "-L" | "--length" )
    210. 

  210.             shift
    211. 

  211.             [[ -z "$1" ]] && error "Missing arguments. See --help"
    212. 

  212.             LENGTH="$1"
    213. 

  213.         ;;
    214. 

  214.         * )
    215. 

  215.             echo "Unknown option '$1'"
    216. 

  216.             exit 1
    217. 

  217.         ;;
    218. 

  218.     esac
    219. 

  219.     shift
    220. 

  220. done
    221. 

  221. 

  222. # No argument?
    223. 

  223. if [[ -z "$action" ]]
    224. 

  224. then
    225. 

  225.     echo "No action specified to proceed."
    226. 

  226.     helper
    227. 

  227.     exit 1
    228. 

  228. fi
    229. 

  229. 

  230. case "$action" in
    231. 

  231.     "new" ) 
    232. 

  232.         new_entry "$token"
    233. 

  233.     ;;
    234. 

  234.     "read" ) 
    235. 

  235.         read_entry "$token"
    236. 

  236.     ;;
    237. 

  237.     "delete" ) 
    238. 

  238.         delete_entry "$token"
    239. 

  239.     ;;
    240. 

  240. esac
    241. 

  241.