free
/
freedombone
关注 1
点赞 0
派生 0
代码 工单 0 合并请求 0 版本发布 0 百科 动态
浏览代码

Leading and trailing padding on stored passwords 

To ensure that identical passwords have differing cyphertext
Bob Mottram 8 年前
父节点
ebd37f392c
当前提交
801e0569fd
共有 1 个文件被更改,包括 39 次插入2 次删除
合并视图 显示文件统计
  1. 39
    2
      src/freedombone-pass

+ 39
- 2
src/freedombone-pass 查看文件

48 
 CURR_APP=
 48 
 CURR_APP=
49 
 REMOVE_APP=
 49 
 REMOVE_APP=
50 
 CURR_PASSWORD=""
 50 
 CURR_PASSWORD=""
51 
+TESTS=
51
52
52 
 function get_backup_key_id {
 53 
 function get_backup_key_id {
53 
     MY_BACKUP_KEY_ID=$(gpg --list-keys "(backup key)" | \
 54 
     MY_BACKUP_KEY_ID=$(gpg --list-keys "(backup key)" | \
90 
 }
 91 
 }
91
92
92 
 function pad_string {
 93 
 function pad_string {
93 
-    echo -n -e "$1" | sed -e :a -e 's/^.\{1,128\}$/& /;ta'
94 
+    pass_string="$1"
95 
+    str_length=${#pass_string}
96 
+    total_padding=$((128 - str_length))
97 
+    leading_padding=$((1 + RANDOM % $total_padding))
98 
+    trailing_padding=$((total_padding - leading_padding))
99 
+    leading=printf "%-${leading_padding}s"
100 
+    trailing=printf "%-${trailing_padding}s"
101 
+    echo "${leading}${pass_string}${trailing}"
102 
+}
103 
+
104 
+function remove_padding {
105 
+    padded_string="$1"
106 
+    echo -e "${padded_string}" | tr -d '[:space:]'
107 
+}
108 
+
109 
+function run_tests {
110 
+    pass="SuperSecretPassword"
111 
+    padded=$(pad_string "$pass")
112 
+    echo "|${padded}|"
113 
+    ${PROJECT_NAME}-pass -u root -a tests -p "$pass"
114 
+    returned_pass=$(${PROJECT_NAME}-pass -u root -a tests)
115 
+    if [[ "$pass" != "$returned_pass" ]]; then
116 
+        echo "pass     :${pass}:"
117 
+        echo "padded   :${padded}:"
118 
+        echo "returned :${pass}:"
119 
+        exit 73825
120 
+    fi
121 
+    ${PROJECT_NAME}-pass -u root --rmapp tests
122 
+    echo "Tests passed"
94 
 }
 123 
 }
95
124
96 
 while [[ $# > 1 ]]
 125 
 while [[ $# > 1 ]]
101 
         -h|--help)
 130 
         -h|--help)
102 
             pass_show_help
 131 
             pass_show_help
103 
             ;;
 132 
             ;;
133 
+        -t|--test)
134 
+            TESTS=1
135 
+            ;;
104 
         -u|--user|--username)
 136 
         -u|--user|--username)
105 
             shift
 137 
             shift
106 
             CURR_USERNAME="${1}"
 138 
             CURR_USERNAME="${1}"
140 
 # Use the backups private key as a symmetric passphrase
 172 
 # Use the backups private key as a symmetric passphrase
141 
 MASTER_PASSWORD=$(gpg -q --armor --export-secret-key $MY_BACKUP_KEY_ID | sed '/---/d' | sed '/Version/d' | sed '/^$/d')
 173 
 MASTER_PASSWORD=$(gpg -q --armor --export-secret-key $MY_BACKUP_KEY_ID | sed '/---/d' | sed '/Version/d' | sed '/^$/d')
142
174
175 
+if [ $TESTS ]; then
176 
+    run_tests
177 
+    exit 0
178 
+fi
179 
+
143 
 if [ ! $CURR_USERNAME ]; then
 180 
 if [ ! $CURR_USERNAME ]; then
144 
     echo $'Error: No username given'
 181 
     echo $'Error: No username given'
145 
     exit 1
 182 
     exit 1
171 
         exit 4
 208 
         exit 4
172 
     else
 209 
     else
173 
         pass=$(gpg -dq --passphrase "$MASTER_PASSWORD" ~/.passwords/$CURR_USERNAME/$CURR_APP)
 210 
         pass=$(gpg -dq --passphrase "$MASTER_PASSWORD" ~/.passwords/$CURR_USERNAME/$CURR_APP)
174 
-        echo "${pass}" | xargs
211 
+        remove_padding "${pass}"
175 
     fi
 212 
     fi
176 
 else
 213 
 else
177 
     # store password
 214 
     # store password