Merge pull request #17 from pythonhacker/release

Release

Author: pythonhacker

README.md

@@ -50,12 +50,15 @@ should work.
 
 Then,
 
-	$ make
-	go: downloading github.com/kirsle/configdir v0.0.0-20170128060238-e45d2f54772f
-	go: downloading github.com/pborman/getopt/v2 v2.1.0
-	go: downloading golang.org/x/crypto v0.0.0-20210921155107-089bfa567519
-	go: downloading gorm.io/driver/sqlite v1.2.3
-	...
+	 $ make
+	 Building varuh
+	 go: downloading github.com/akamensky/argparse v1.3.1
+	 go: downloading golang.org/x/crypto v0.0.0-20210921155107-089bfa567519
+	 go: downloading github.com/atotto/clipboard v0.1.4
+	 go: downloading github.com/kirsle/configdir v0.0.0-20170128060238-e45d2f54772f
+	 go: downloading github.com/pythonhacker/argparse v1.3.2
+	 go: downloading gorm.io/driver/sqlite v1.2.3
+	 ...
 
 	$ sudo make install
 	Installing varuh...done
@@ -66,55 +69,43 @@ The binary will be installed in `/usr/local/bin` folder.
 Usage
 =====
 
-	$ varuh -h
-
-
-	SYNOPSIS
-
-		varuh [options] [flags]
-
-	OPTIONS
-
-		EDIT/CREATE ACTIONS:
-
-		  -A --add                        Add a new entry
-		  -I --init            <path>     Initialize a new database
-		  -R --remove          <id>       Remove an entry
-		  -e --encrypt                    Encrypt the current database
-		  -d --decrypt         <path>     Decrypt password database
-		  -C --clone           <id>       Clone an entry
-		  -U --use-db          <path>     Set as active database
-		  -E --edit            <id>       Edit entry by id
-
-		FIND/LIST ACTIONS:
-
-		  -f --find            <term>     Search entries
-		  -l --list-entry      <id>       List entry by id
-		  -x --export          <filename> Export all entries to <filename>
-		  -p --path                       Show current database path
-		  -a --list-all                   List all entries in current database
-
-		MISC ACTIONS:
-
-		  -g --genpass         <length>   Generate password of given length
-
-		HELP ACTIONS:
-
-		  -h --help                       Print this help message and exit
-		  -v --version                    Show version information and exit
-
-		FLAGS:
-
-		  -s --show                       Show passwords when listing entries
-		  -c --copy                       Copy password to clipboard
+	$ ./varuh -h
+	usage: varuh [-h|--help] [-I|--init "<value>"] [-d|--decrypt "<value>"]
+				 [-C|--clone "<value>"] [-R|--remove "<value>"] [-U|--use-db
+				 "<value>"] [-f|--find "<value>"] [-E|--edit "<value>"]
+				 [-l|--list-entry "<value>"] [-x|--export "<value>"] [-e|--encrypt]
+				 [-A|--add] [-p|--path] [-a|--list-all] [-g|--genpass] [-s|--show]
+				 [-c|--copy] [-v|--version]
+
+				 Password manager for the command line for Unix like operating
+				 systems
+
+	Options:
+
+	  -h  --help                   Print help information
+	  -I  --init        <path>     Initialize a new database
+	  -d  --decrypt     <path>     Decrypt password database
+	  -C  --clone       <id>       Clone an entry with <id>
+	  -R  --remove      <id>       Remove an entry with <id>
+	  -U  --use-db      <path>     Set <path> as active database
+	  -f  --find        <term>     Search entries with <term>
+	  -E  --edit        <id>       Edit entry by <id>
+	  -l  --list-entry  <id>       List entry by <id>
+	  -x  --export      <filename> Export all entries to <filename>
+	  -e  --encrypt                Encrypt the current database
+	  -A  --add                    Add a new entry
+	  -p  --path                   Show current database path
+	  -a  --list-all               List all entries in current database
+	  -g  --genpass                Generate a strong password of length from 12 - 16
+	  -s  --show                   Show passwords when listing entries
+	  -c  --copy                   Copy password to clipboard
+	  -v  --version                Show version information and exit
 
 
 	AUTHORS
 		Copyright (C) 2021 Anand B Pillai <[email protected]>
 
 
-The command line flags are grouped into `Edit/Create`, `Find/List`, `Misc` and `Help` actions. The first group of actions allows you to work with password databases and perform create/edit as well as encrypt/decrypt actions. The second set of actions allows you to work with an active decrypted database and view/search/list entries.
-
 Encryption and Security
 =======================
 

actions.go

@@ -239,7 +239,7 @@ func addNewEntry() error {
 
 	if len(passwd) == 0 {
 		fmt.Printf("\nGenerating password ...")
-		err, passwd = generateRandomPassword(16)
+		err, passwd = generateStrongPassword()
 		fmt.Printf("done")
 	}
 	//	fmt.Printf("Password => %s\n", passwd)
@@ -315,7 +315,7 @@ func editCurrentEntry(idString string) error {
 
 	if strings.ToLower(passwd) == "y" {
 		fmt.Printf("\nGenerating new password ...")
-		err, passwd = generateRandomPassword(16)
+		err, passwd = generateStrongPassword()
 	}
 	//	fmt.Printf("Password => %s\n", passwd)
 

crypto.go

@@ -13,7 +13,9 @@ import (
 	"golang.org/x/crypto/pbkdf2"
 	"io"
 	"math/big"
+	"math/rand"
 	"os"
+	"time"
 	"unsafe"
 
 	crand "crypto/rand"
@@ -435,10 +437,10 @@ func decryptFileXChachaPoly(encDbPath string, password string) error {
 }
 
 // Generate a random password - for adding listings
-func generateRandomPassword(length int) (error, string) {
+func generatePassword(length int) (error, string) {
 
 	var data []byte
-	const source = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?)(/%#!?)="
+	const source = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789=+_()$#@!~:/%"
 
 	data = make([]byte, length)
 
@@ -453,3 +455,97 @@ func generateRandomPassword(length int) (error, string) {
 
 	return nil, string(data)
 }
+
+// Generate a "strong" password
+// A strong password is defined as,
+// A mix of upper and lower case alphabets
+// at least one number [0-9]
+// at least one upper case alphabet [A-Z]
+// at least one punctuation character
+// at least length 12
+func generateStrongPassword() (error, string) {
+
+	var data []byte
+	var length int
+
+	const sourceAlpha = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
+	const sourceLargeAlpha = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+	const sourceNum = "0123456789"
+	const sourcePunct = "=+_()$#@!~:/%"
+	const source = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789=+_()$#@!~:/%"
+
+	// Generate in range 12 - 16
+	rand.Seed(time.Now().UnixNano())
+
+	length = rand.Intn(4) + 12
+
+	data = make([]byte, length)
+
+	var lengthAlpha int
+	var i, j, k, l int
+
+	// Alpha chars is at least length 3-5
+	lengthAlpha = rand.Intn(2) + 3
+
+	for i = 0; i < lengthAlpha; i++ {
+		num, err := crand.Int(crand.Reader, big.NewInt(int64(len(sourceAlpha))))
+		if err != nil {
+			return err, ""
+		}
+
+		data[i] = sourceAlpha[num.Int64()]
+	}
+
+	// Add in numbers 1 or 2
+	var lengthNum int
+
+	lengthNum = rand.Intn(2) + 1
+
+	for j = i; j < i+lengthNum; j++ {
+		num, err := crand.Int(crand.Reader, big.NewInt(int64(len(sourceNum))))
+		if err != nil {
+			return err, ""
+		}
+
+		data[j] = sourceNum[num.Int64()]
+	}
+
+	// Add in punctuations 1 or 2
+	var lengthPunc int
+
+	lengthPunc = rand.Intn(2) + 1
+
+	for k = j; k < j+lengthPunc; k++ {
+		num, err := crand.Int(crand.Reader, big.NewInt(int64(len(sourcePunct))))
+		if err != nil {
+			return err, ""
+		}
+
+		data[k] = sourcePunct[num.Int64()]
+	}
+
+	// Fill in the rest
+	var lengthRem int
+
+	lengthRem = length - k
+
+	if lengthRem > 0 {
+		for l = k; l < k+lengthRem; l++ {
+			num, err := crand.Int(crand.Reader, big.NewInt(int64(len(source))))
+			if err != nil {
+				return err, ""
+			}
+
+			data[l] = source[num.Int64()]
+		}
+	}
+
+	// Shuffle a few times
+	for i = 0; i < 5; i++ {
+		rand.Shuffle(len(data), func(i, j int) {
+			data[i], data[j] = data[j], data[i]
+		})
+	}
+
+	return nil, string(data)
+}

go.mod

@@ -3,9 +3,10 @@ module varuh
 go 1.16
 
 require (
+	github.com/akamensky/argparse v1.3.1
 	github.com/atotto/clipboard v0.1.4
 	github.com/kirsle/configdir v0.0.0-20170128060238-e45d2f54772f
-	github.com/pborman/getopt/v2 v2.1.0
+	github.com/pythonhacker/argparse v1.3.2
 	golang.org/x/crypto v0.0.0-20210921155107-089bfa567519
 	gorm.io/driver/sqlite v1.2.3
 	gorm.io/gorm v1.22.2

go.sum

@@ -1,3 +1,5 @@
+github.com/akamensky/argparse v1.3.1 h1:kP6+OyvR0fuBH6UhbE6yh/nskrDEIQgEA1SUXDPjx4g=
+github.com/akamensky/argparse v1.3.1/go.mod h1:S5kwC7IuDcEr5VeXtGPRVZ5o/FdhcMlQz4IZQuw64xA=
 github.com/atotto/clipboard v0.1.4 h1:EH0zSVneZPSuFR11BlR9YppQTVDbh5+16AmcJi4g1z4=
 github.com/atotto/clipboard v0.1.4/go.mod h1:ZY9tmq7sm5xIbd9bOK4onWV4S6X0u6GY7Vn0Yu86PYI=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -11,10 +13,10 @@ github.com/kirsle/configdir v0.0.0-20170128060238-e45d2f54772f h1:dKccXx7xA56UNq
 github.com/kirsle/configdir v0.0.0-20170128060238-e45d2f54772f/go.mod h1:4rEELDSfUAlBSyUjPG0JnaNGjf13JySHFeRdD/3dLP0=
 github.com/mattn/go-sqlite3 v1.14.9 h1:10HX2Td0ocZpYEjhilsuo6WWtUqttj2Kb0KtD86/KYA=
 github.com/mattn/go-sqlite3 v1.14.9/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
-github.com/pborman/getopt/v2 v2.1.0 h1:eNfR+r+dWLdWmV8g5OlpyrTYHkhVNxHBdN2cCrJmOEA=
-github.com/pborman/getopt/v2 v2.1.0/go.mod h1:4NtW75ny4eBw9fO1bhtNdYTlZKYX5/tBLtsOpwKIKd0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/pythonhacker/argparse v1.3.2 h1:JOojnYFHk7oap+MQiFgiPAHlzvhJfqukErLneWaHR/M=
+github.com/pythonhacker/argparse v1.3.2/go.mod h1:gdUstTr/g1ojhRwrF9gKFOVLwsNfwarBg8aCQRjtvo8=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=