1 #!/usr/bin/env perl
2 #
3 # Copyright (c) 2022 Omar Polo <op@omarpolo.com>
4 #
5 # Permission to use, copy, modify, and distribute this software for any
6 # purpose with or without fee is hereby granted, provided that the above
7 # copyright notice and this permission notice appear in all copies.
8 #
9 # THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 # WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 # MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 # ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 
17 use strict;
18 use warnings;
19 use v5.32;
20 
21 use open ":std", ":encoding(UTF-8)";
22 
23 use Getopt::Long qw(:config bundling require_order);
24 use Pod::Usage;
25 use File::Basename;
26 use File::Find;
27 
28 my $store = $ENV{'PLASS_STORE'} || $ENV{'HOME'}.'/.password-store';
29 
30 my $got = $ENV{'PLASS_GOT'} || 'got';
31 my $tog = $ENV{'PLASS_TOG'} || 'tog';
32 
33 my $gpg = $ENV{'PLASS_GPG'} || 'gpg2';
34 my @gpg_flags = qw(--quiet --compress-algo=none --no-encrypt-to);
35 
36 my $default_chars = $ENV{'PLASS_CHARS'} || '!-~';
37 my $default_length = $ENV{'PLASS_LENGTH'};
38 if (!defined($default_length) || $default_length lt 0) {
39 	$default_length = 32;
40 }
41 
42 GetOptions(
43 	"h|?" => sub { pod2usage(0) },
44     ) or pod2usage(1);
45 
46 my $cmd = shift or pod2usage(1);
47 
48 my %subcmd = (
49 	cat	=> [\&cmd_cat,		"entries..."],
50 	find	=> [\&cmd_find,		"[pattern]"],
51 	gen	=> [\&cmd_gen,		"[-c chars] [-l length] entry"],
52 	got	=> [\&cmd_got,		"arguments ..."],
53 	mv	=> [\&cmd_mv,		"from to"],
54 	oneshot => [\&cmd_oneshot,	"[-c chars] [-l length]"],
55 	regen	=> [\&cmd_regen,	"[-c chars] [-l length] entry"],
56 	rm	=> [\&cmd_rm,		"entry"],
57 	tee	=> [\&cmd_tee,		"[-q] entry"],
58 	tog	=> [\&cmd_tog,		"arguments ..."],
59     );
60 pod2usage(1) unless defined $subcmd{$cmd};
61 my ($fn, $usage) = @{$subcmd{$cmd}};
62 chdir $store;
63 $fn->();
64 exit 0;
65 
66 
67 # utils
68 
69 sub usage {
70 	my $prog = basename $0;
71 	say STDERR "Usage: $prog $cmd $usage";
72 	exit 1;
73 }
74 
75 sub name2file {
76 	my $f = shift;
77 	$f .= ".gpg" unless $f =~ m,\.gpg$,;
78 	return $f;
79 }
80 
81 # tr -cd -- $chars < /dev/random | dd bs=$len count=1 status=none
82 sub gen {
83 	my ($chars, $length) = @_;
84 	my $pass = "";
85 
86 	open(my $fh, '<:raw', '/dev/random')
87 	    or die "can't open /dev/random: $!";
88 	my $l = $length;
89 	while ($l gt 0) {
90 		read($fh, my $t, $length * 4)
91 		    or die "failed to read /dev/random: $!";
92 		$t =~ s/[^$chars]//g;
93 		$l -= length($t);
94 		$pass .= $t;
95 	}
96 	close($fh);
97 
98 	return substr($pass, 0, $length);
99 }
100 
101 sub readpass {
102 	# todo some stty black magic to avoid echo
103 	print shift if -t;
104 	my $pass = <>;
105 	die "failed to read stdin: $!" unless defined($pass);
106 	chomp $pass;
107 	return $pass;
108 }
109 
110 sub mkdirs {
111 	my $dir = shift;
112 	my $parent = dirname $dir;
113 	mkdirs($parent) unless -d $parent || $parent eq '/';
114 	mkdir $dir or die "mkdir $dir: $!"
115 	    unless -d $dir;
116 }
117 
118 sub writepass {
119 	my ($file, $pass) = @_;
120 
121 	mkdirs(dirname $file);
122 
123 	my @args = ($gpg, @gpg_flags, '-e', '-r', recipient(),
124 	    '-o', $file);
125 	open my $fh, '|-', @args;
126 	say $fh "$pass";
127 	close($fh);
128 }
129 
130 sub recipient {
131 	open my $fh, '<', "$store/.gpg-id"
132 	    or die "can't open recipient file";
133 	my $r = <$fh>;
134 	chomp $r;
135 	close($fh);
136 	return $r;
137 }
138 
139 sub passfind {
140 	my $pattern = shift;
141 	my @entries;
142 
143 	find({
144 		wanted => sub {
145 			if (m,/.git$, || m,/.got$,) {
146 				$File::Find::prune = 1;
147 				return;
148 			}
149 
150 			return if defined($pattern) && ! m/$pattern/;
151 			return unless -f && m,.gpg$,;
152 
153 			s,^$store/*,,;
154 			s,.gpg$,,;
155 			push @entries, $_;
156 		},
157 		no_chdir => 1,
158 		follow_fast => 1,
159 	     }, ($store));
160 	return sort(@entries);
161 }
162 
163 sub got {
164 	open my $fh, '-|', ($got, @_);
165 	close($fh);
166 	return !$?;
167 }
168 
169 sub got_add {
170 	got 'add', '-I', shift
171 	    or exit 1;
172 }
173 
174 sub got_rm {
175 	got 'remove', '-f', shift
176 	    or exit 1;
177 }
178 
179 sub got_ci {
180 	my $pid = fork;
181 	die "failed to fork: $!" unless defined $pid;
182 
183 	if ($pid ne 0) {
184 		wait;
185 		die "failed to commit changes" if $?;
186 		return;
187 	}
188 
189 	open (STDOUT, ">&", \*STDERR)
190 	    or die "can't redirect stdout to stderr";
191 	exec ($got, 'commit', '-m', shift)
192 	    or die "failed to exec $got: $!";
193 }
194 
195 
196 # cmds
197 
198 sub cmd_cat {
199 	GetOptions('h|?' => \&usage) or usage;
200 	usage unless @ARGV;
201 
202 	while (@ARGV) {
203 		my $file = name2file(shift @ARGV);
204 		system ($gpg, @gpg_flags, '-d', $file);
205 		die "failed to exec $gpg: $!" if $? == -1;
206 	}
207 }
208 
209 sub cmd_find {
210 	GetOptions('h|?' => \&usage) or usage;
211 	usage if @ARGV gt 1;
212 
213 	map { say $_ } passfind(shift @ARGV);
214 }
215 
216 sub cmd_gen {
217 	my $chars = $default_chars;
218 	my $length = $default_length;
219 
220 	GetOptions(
221 		'c=s' => sub { $chars = $_[1] },
222 		'h|?' => \&usage,
223 		'l=i' => sub { $length = $_[1] },
224 	    ) or usage;
225 	usage if @ARGV ne 1;
226 
227 	my $name = shift @ARGV;
228 	my $file = name2file $name;
229 	die "password already exists: $file\n" if -e $file;
230 
231 	my $pass = gen($chars, $length);
232 	writepass($file, $pass);
233 
234 	got_add $file;
235 	got_ci "+$name";
236 }
237 
238 sub cmd_got {
239 	chdir $store;
240 	exec $got, @ARGV;
241 }
242 
243 # TODO: handle moving directories?
244 sub cmd_mv {
245 	GetOptions('h|?' => \&usage) or usage;
246 	usage if @ARGV ne 2;
247 
248 	my $a = shift @ARGV;
249 	my $b = shift @ARGV;
250 
251 	my $pa = name2file $a;
252 	my $pb = name2file $b;
253 
254 	die "source password doesn't exist" unless -f $pa;
255 	die "target password exists" if -f $pb;
256 
257 	rename $pa, $pb or die "can't rename $a to $b: $!";
258 
259 	got_rm $pa;
260 	got_add $pb;
261 	got_ci "mv $a $b";
262 }
263 
264 sub cmd_oneshot {
265 	my $chars = $default_chars;
266 	my $length = $default_length;
267 
268 	GetOptions(
269 		'c=s' => sub { $chars = $_[1] },
270 		'h|?' => \&usage,
271 		'l=i' => sub { $length = $_[1] },
272 	    ) or usage;
273 	usage if @ARGV ne 0;
274 
275 	say gen($chars, $length);
276 }
277 
278 sub cmd_regen {
279 	my $chars = $default_chars;
280 	my $length = $default_length;
281 
282 	GetOptions(
283 		'c=s' => sub { $chars = $_[1] },
284 		'h|?' => \&usage,
285 		'l=i' => sub { $length = $_[1] },
286 	    ) or usage;
287 	usage if @ARGV ne 1;
288 
289 	my $name = shift @ARGV;
290 	my $file = name2file $name;
291 	die "password doesn't exist" unless -f $file;
292 
293 	my $pass = gen($chars, $length);
294 	writepass($file, $pass);
295 
296 	got_add $file;
297 	got_ci "regen $name";
298 }
299 
300 sub cmd_rm {
301 	GetOptions('h|?' => \&usage) or usage;
302 	usage if @ARGV ne 1;
303 
304 	my $name = shift @ARGV;
305 	my $file = name2file $name;
306 
307 	got_rm $file;
308 	got_ci "-$name";
309 }
310 
311 sub cmd_tee {
312 	my $q;
313 	GetOptions(
314 		'h|?' => \&usage,
315 		'q'   => \$q,
316 	    ) or usage;
317 	usage if @ARGV ne 1;
318 
319 	my $name = shift @ARGV;
320 	my $file = name2file $name;
321 
322 	my $pass = readpass "Enter the password: ";
323 	writepass($file, $pass);
324 	say $pass unless $q;
325 
326 	got_add $file;
327 	got_ci (-f $file ? "update $name" : "+$name");
328 }
329 
330 sub cmd_tog {
331 	chdir $store;
332 	exec $tog, @ARGV;
333 }
334 
335 __END__
336 
337 =head1 NAME
338 
339 B<plass> - manage passwords
340 
341 =head1 SYNOPSIS
342 
343 B<plass> I<command> [-h] [arg ...]
344 
345 Valid subcommands are: cat, find, gen, got, mv, oneshot, regen, rm,
346 tee, tog.
347 
348 =head1 DESCRIPTION
349 
350 B<plass> is a simple password manager.  It manages passwords stored in
351 a directory tree rooted at I<~/.password-store> (or I<$PLASS_STORE>),
352 where every password is a single file encrypted with gpg2(1).
353 
354 Passwords entries can be referenced using the path relative to the
355 store directory.  The extension ".gpg" is optional.
356 
357 The whole store is supposed to be managed by the got(1) version
358 control system.
359 
360 The commands for B<plass> are as follows:
361 
362 =over
363 
364 =item B<cat> I<entries ...>
365 
366 Decrypt and print the passwords of the given I<entries>.
367 
368 =item B<find> [I<pattern>]
369 
370 Print one per line all the entries of the store, optionally filtered
371 by the given I<pattern>.
372 
373 =item B<gen> [B<-c> I<chars>] [B<-l> I<length>] I<entry>
374 
375 Generate and persist a password for the given I<entry> in the store.
376 B<-c> can be used to control the characters allowed in the password
377 (by default I<!-~> i.e. all the printable ASCII character) and B<-l>
378 the length (32 by default.)
379 
380 =item B<got> I<arguments ...>
381 
382 Execute got(1) in the password store directory with the given
383 I<arguments>.
384 
385 =item B<mv> I<from> I<to>
386 
387 Rename a password entry, doesn't work with directories.  I<from> must
388 exist and I<to> mustn't.
389 
390 =item B<oneshot> [B<-c> I<chars>] [B<-l> I<length>]
391 
392 Like B<gen> but prints the the generated password instead of persist
393 it.
394 
395 =item B<regen> [B<-c> I<chars>] [B<-l> I<length>] I<entry>
396 
397 Like B<gen> but re-generates a password in-place.
398 
399 =item B<rm> I<entry>
400 
401 Remove the password I<entry> from the store.
402 
403 =item B<tee> [B<-q>] I<entry>
404 
405 Prompt for a password, persist it in the store under the given
406 I<entry> name and then print it again to standard output.
407 
408 =item B<tog> I<arguments ...>
409 
410 Execute tog(1) in the password store directory with the given
411 I<arguments>.
412 
413 =back
414 
415 =head1 CREATING A PASSWORD STORE
416 
417 A password store is just a normal got(1) repository with a worktree
418 checked out in I<~/.password-store> (or I<$PLASS_STORE>).  The only
419 restriction is that a file called I<.gpg-id> must exist in the root of
420 the work tree for most B<plass> commands to work.
421 
422 For example, a got repository and password store can be created as
423 follows:
424 
425 	$ mkdir .password-store
426 	$ cd .password-store
427 	$ echo foo@example.com > .gpg-id
428 	$ cd ~/git
429 	$ got init pass.git
430 	$ cd pass.git
431 	$ got import -m 'initial import' ~/.password-store
432 	$ cd ~/.password-store
433 	$ got checkout -E ~/git/pass.git
434 
435 See got(1) for more information.
436 
437 Otherwise, if a repository already exists, a password-store can be
438 checked out more simply as:
439 
440 	$ got checkout ~/git/pass.git ~/.password-store
441 
442 To migrate from pass(1), just delete I<~/.password-store> and checkout
443 it again usign got(1).
444 
445 =head1 ENVIRONMENT
446 
447 =over
448 
449 =item PLASS_CHARS
450 
451 Default range of characters to use to generate passwords.
452 
453 =item PLASS_GOT
454 
455 Path to the got(1) executable.
456 
457 =item PLASS_GPG
458 
459 Path to the gpg2(1) executable.
460 
461 =item PLASS_LENGTH
462 
463 Default length for the passwords generated.
464 
465 =item PLASS_STORE
466 
467 Path to the password-store directory tree.  I<~/.password-store> by
468 default.
469 
470 =item PLASS_TOG
471 
472 Path to the tog(1) executable.
473 
474 =back
475 
476 =head1 FILES
477 
478 =over
479 
480 =item I<~/.password-store>
481 
482 Password store used by default.
483 
484 =item I<~/.password-store/.gpg-id>
485 
486 File containing the gpg recipient used to encrypt the passwords.
487 
488 =back
489 
490 =head1 ACKNOWLEDGEMENTS
491 
492 B<plass> was heavily influenced by pass(1) in the design, but it's a
493 complete different implementation with different tools involved.
494 
495 =head1 AUTHORS
496 
497 The B<plass> utility was written by Omar Polo <I<op@omarpolo.com>>.
498 
499 =head1 CAVEATS
500 
501 B<plass> B<find> output format isn't designed to handle files with
502 newlines in them.  Use find(1) B<-print0> or similar if it's a
503 concern.
504 
505 There isn't a B<init> sub-command, the store initialisation must be
506 performed manually.
507 
508 =cut