Get n, n1, n2 from password

Peter mail at pbrooks.net
Fri Jun 29 14:01:27 CEST 2018


I proposed this as a solution many moons ago, but didn't follow up with any
extra details. I have this patched on my own local, but I'd probably change
it to count from 1 instead of 0.
"
Hello everyone,
Up for discussion, it would be useful to allow extraction from pass a
selection of character indexes.
My use case is where some providers (i.e banks) want character 0, 3, 5 from
a password. I modify the show command to accept --index(-i)
  i.e show -i0,3,5 for the password p at ssword would output 'p s o'

Attached is an initial patch, all feedback welcome :)


diff --git a/src/password-store.sh b/src/password-store.sh
index d77ff12..bcc8d62 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -263,8 +263,8 @@ cmd_usage() {
             List passwords.
         $PROGRAM find pass-names...
             List passwords that match pass-names.
-        $PROGRAM [show] [--clip[=line-number],-c[line-number]] pass-name
-            Show existing password and optionally put it on the clipboard.
+        $PROGRAM [show] [--clip[=line-number],-c[line-
number]],[--index[=indexes],-i[=indexes] pass-name
+            Show existing password, optionally put it on the clipboard,
optionally extract out character indexes (i.e -i0,3,5).
             If put on the clipboard, it will be cleared in $CLIP_TIME
seconds.
         $PROGRAM grep search-string
             Search for password files containing search-string when
decrypted.
@@ -346,26 +346,33 @@ cmd_init() {

 cmd_show() {
     local opts selected_line clip=0 qrcode=0
-    opts="$($GETOPT -o q::c:: -l qrcode::,clip:: -n "$PROGRAM" -- "$@")"
+    opts="$($GETOPT -o q::c::i:: -l qrcode::,clip::,index:: -n "$PROGRAM"
-- "$@")"
     local err=$?
     eval set -- "$opts"
     while true; do case $1 in
         -q|--qrcode) qrcode=1; selected_line="${2:-1}"; shift 2 ;;
         -c|--clip) clip=1; selected_line="${2:-1}"; shift 2 ;;
+        -i|--index) index=1; _=$IFS IFS="," indexes=(${2:-1}) IFS=$_;
shift 2 ;;
         --) shift; break ;;
     esac done

-    [[ $err -ne 0 || ( $qrcode -eq 1 && $clip -eq 1 ) ]] && die "Usage:
$PROGRAM $COMMAND [--clip[=line-number],-c[line-number]]
[--qrcode[=line-number],-q[line-number]] [pass-name]"
+    [[ $err -ne 0 || ( $qrcode -eq 1 && $clip -eq 1 ) ]] && die "Usage:
$PROGRAM $COMMAND [--clip[=line-number],-c[line-
number]],[--index=[character-indexes],-i[character-indexes]
[--qrcode[=line-number],-q[line-number]] [pass-name]"

     local path="$1"
     local passfile="$PREFIX/$path.gpg"
     check_sneaky_paths "$path"
     if [[ -f $passfile ]]; then
+        local pass=`$GPG -d "${GPG_OPTS[@]}" "$passfile"`
+
+        if [[ $index -eq 1 ]]; then
+            pass=$(for i in ${indexes[*]}; do echo ${pass:i:1}; done) ||
exit $?
+        fi
         if [[ $clip -eq 0 && $qrcode -eq 0 ]]; then
-            $GPG -d "${GPG_OPTS[@]}" "$passfile" || exit $?
+            [[ -n $pass ]] || exit $?
+            echo $pass
         else
             [[ $selected_line =~ ^[0-9]+$ ]] || die "Clip location
'$selected_line' is not a number."
-            local pass="$($GPG -d "${GPG_OPTS[@]}" "$passfile" | tail -n
+${selected_line} | head -n 1)"
+            pass="$(echo $pass | tail -n +${selected_line} | head -n 1)"
             [[ -n $pass ]] || die "There is no password to put on the
clipboard at line ${selected_line}."
             if [[ $clip -eq 1 ]]; then
                 clip "$pass" "$path"
diff --git a/tests/t0020-show-tests.sh b/tests/t0020-show-tests.sh
index a4b782f..c005c7d 100755
--- a/tests/t0020-show-tests.sh
+++ b/tests/t0020-show-tests.sh
@@ -19,4 +19,24 @@ test_expect_success 'Test "show" of nonexistant
password' '
     test_must_fail "$PASS" show cred2
 '

+test_expect_success 'Test "show" of single character' '
+    "$PASS" insert -e "cred3"<<<"p at ssword!" &&
+    [[ $("$PASS" show -i1 cred3) == "@" ]]
+'
+
+test_expect_success 'Test "show" of first character' '
+    "$PASS" insert -e "cred3"<<<"p at ssword!" &&
+    [[ $("$PASS" show -i0 cred3) == "p" ]]
+'
+
+test_expect_success 'Test "show" of last character' '
+    "$PASS" insert -e "cred3"<<<"p at ssword!" &&
+    [[ $("$PASS" show -i8 cred3) == "!" ]]
+'
+
+test_expect_success 'Test "show" of multiple characters' '
+    "$PASS" insert -e "cred3"<<<"p at ssword!" &&
+    [[ $("$PASS" show -i1,5 cred3) == "@ o" ]]
+'
+
 test_done

"

On Fri, Jun 29, 2018 at 11:54 AM, Kjetil Torgrim Homme <
kjetil.homme at redpill-linpro.com> wrote:

> On 06/29/2018 12:51 PM, Ben Oliver wrote:
> > On 18-06-29 11:37:04, Steve Harriss wrote:
> >> Is there any value in enabling pass to get just 3, or more, specific
> >> characters from a password and just displaying them?
> >>
> >> A lot of banking sites now ask for specific numbered characters and,
> >> in a longer password it can be challenging to get the 6th, 12th and
> 18th.
> >
> > I have this exact use case too. Would be cool to be able to do this.
> >
> > Out of interest, what would be the best way of doing it on the CLI
> anyway?
>
> I've never seen this security "feature", but you use cut(1) to do this
>
>   $ echo 1234567890 | cut -c2,4,7-9
>   24789
>
> --
> Kjetil T. Homme
> Redpill Linpro AS - Changing the game
>
>
> _______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/password-store
>
>


-- 
Peter Brooks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20180629/ded9b50c/attachment-0001.html>


More information about the Password-Store mailing list