free
/
freedombone
關註 1
收藏 0
複製 0
程式碼 問題管理 0 合併請求 0 版本發佈 0 Wiki Activity
瀏覽代碼

Leading and trailing padding on stored passwords 

To ensure that identical passwords have differing cyphertext
Bob Mottram 9 年之前
父節點
ebd37f392c
當前提交
801e0569fd
共有 1 個文件被更改,包括 39 次插入2 次删除
分割檢視 顯示文件統計
  1. 39
    2
      src/freedombone-pass

+ 39
- 2
src/freedombone-pass 查看文件 

@@ -48,6 +48,7 @@ REMOVE_USERNAME=
48 48 
 CURR_APP=
49 49 
 REMOVE_APP=
50 50 
 CURR_PASSWORD=""
51 
+TESTS=
51 52
52 53 
 function get_backup_key_id {
53 54 
     MY_BACKUP_KEY_ID=$(gpg --list-keys "(backup key)" | \
 
@@ -90,7 +91,35 @@ function pass_show_help {
90 91 
 }
91 92
92 93 
 function pad_string {
93 
-    echo -n -e "$1" | sed -e :a -e 's/^.\{1,128\}$/& /;ta'
94 
+    pass_string="$1"
95 
+    str_length=${#pass_string}
96 
+    total_padding=$((128 - str_length))
97 
+    leading_padding=$((1 + RANDOM % $total_padding))
98 
+    trailing_padding=$((total_padding - leading_padding))
99 
+    leading=printf "%-${leading_padding}s"
100 
+    trailing=printf "%-${trailing_padding}s"
101 
+    echo "${leading}${pass_string}${trailing}"
102 
+}
103 
+
104 
+function remove_padding {
105 
+    padded_string="$1"
106 
+    echo -e "${padded_string}" | tr -d '[:space:]'
107 
+}
108 
+
109 
+function run_tests {
110 
+    pass="SuperSecretPassword"
111 
+    padded=$(pad_string "$pass")
112 
+    echo "|${padded}|"
113 
+    ${PROJECT_NAME}-pass -u root -a tests -p "$pass"
114 
+    returned_pass=$(${PROJECT_NAME}-pass -u root -a tests)
115 
+    if [[ "$pass" != "$returned_pass" ]]; then
116 
+        echo "pass     :${pass}:"
117 
+        echo "padded   :${padded}:"
118 
+        echo "returned :${pass}:"
119 
+        exit 73825
120 
+    fi
121 
+    ${PROJECT_NAME}-pass -u root --rmapp tests
122 
+    echo "Tests passed"
94 123 
 }
95 124
96 125 
 while [[ $# > 1 ]]
 
@@ -101,6 +130,9 @@ do
101 130 
         -h|--help)
102 131 
             pass_show_help
103 132 
             ;;
133 
+        -t|--test)
134 
+            TESTS=1
135 
+            ;;
104 136 
         -u|--user|--username)
105 137 
             shift
106 138 
             CURR_USERNAME="${1}"
 
@@ -140,6 +172,11 @@ get_backup_key_id
140 172 
 # Use the backups private key as a symmetric passphrase
141 173 
 MASTER_PASSWORD=$(gpg -q --armor --export-secret-key $MY_BACKUP_KEY_ID | sed '/---/d' | sed '/Version/d' | sed '/^$/d')
142 174
175 
+if [ $TESTS ]; then
176 
+    run_tests
177 
+    exit 0
178 
+fi
179 
+
143 180 
 if [ ! $CURR_USERNAME ]; then
144 181 
     echo $'Error: No username given'
145 182 
     exit 1
 
@@ -171,7 +208,7 @@ if [ ${#CURR_PASSWORD} -eq 0 ]; then
171 208 
         exit 4
172 209 
     else
173 210 
         pass=$(gpg -dq --passphrase "$MASTER_PASSWORD" ~/.passwords/$CURR_USERNAME/$CURR_APP)
174 
-        echo "${pass}" | xargs
211 
+        remove_padding "${pass}"
175 212 
     fi
176 213 
 else
177 214 
     # store password