BastWord - A Password Manager Written in Bash

bastword.sh

# New Version : github.com/darkerego/bashword

#!/bin/bash
# Random password generator. Originally by jbsnake, modified by crouse to use Upper case letters as well.
# Now also does error checking and fails if the input isn't numerical integers or if no input is given at all.
# Modified by DarkerEgo to include some special characters, ask for a password description, and save the outputs
# to a file, which now uses aespipe with base64 to securely store the passwords. This functionality is currently 
# under development.
# TODO:
# - Add a function to create/recreate a master password, hash it and store somewhere.
# - Check if the master password is correct (if set) to avoid strings encrypted with different passwords in the \
# output file (we want to be able to decrypt ALL the passwords with ONE master password) *before* appending output \
# to .encpass file. I am still working on this (suggestions welcome!)

if [ "$(id -u)" != "1000" ]; then
   echo "Wrong user!" 1>&2
   exit 1
fi

usage(){
echo -e "#Bastword (Version 1.0 Alpha)#
# A Password Manager Written in Bash #
# USAGE: $0 -n/-d
Generate a New Password:
[$0 <-n\--new\-g\--gen> <length>]
Decrypt and Open Passwords:
[$0 <-d\--decrypt\-o\--open>]
# REQUIRES:
aespipe, base64, secure-delete, bash, vi, mktemp"
}

genPW(){

#if [[ -z "$2" || $2 = *[^0-9]* ]];
if [[ $len = *[^0-9]* ]];
  then
   echo " ";
   echo "      ######### COMMAND FAILED ########## ";
   echo "      USAGE: $0 passwordlength";
   echo "      EXAMPLE: $0 10";
   echo "      Creates a random password 10 chars long.";
   echo "      ######### COMMAND FAILED ########## ";echo " ";
   exit
  else
   if [[ "$len" -lt "6" ]]
   then echo "Your password is less than 6 characters in length."
         echo "This is a security risk. Suggested length is 6 characters or longer !"
   fi
   
   # Previously stored in plain text, now in base64 encoded aes.
   #if [[ ! -f .passwords ]]
   #then touch .passwords
   #fi
   
   RIGHTNOW=$(date +"%R %x")
   pwdlen=$len
   char=(0 1 2 3 4 5 6 7 8 9 a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H I J K L M N O P Q R S T U V X W Y Z _ - + % '$' '.' '^' '!' '`' '~' '#' '&' '*' '(' ')' '|' '{' '}' '[' ']' '"' '<' '>' '=' ',' ':' '?')
   max=${#char[*]}
   for i in `seq 1 $pwdlen`
      do
           let "rand=$RANDOM % 93"
      str="${str}${char[$rand]}"
      done
   echo $str ##| tee -a .passwords
fi
echo 'Enter a password description'
read pwinfo

if [[ ! -e .encpass ]]
then 
   touch .encpass
fi
# TODO: Check aespipe password against current master password to avoid accidentally encrypting different passwords with 
# the wrong password... (openssl enc -aes-128-cbc -salt -in .tmpmaster -out .bastword-master;srm .tmpmaster ;check_it())
echo $RIGHTNOW : $pwinfo : $str | aespipe -e aes128 | base64 >> .encpass
echo $str
echo 'Output saved to passwords file'
}

decrypt(){
rmerror="ERROR REMOVING TEMPORY FILE! Please manually delete!"
cwd=`pwd`
tmpf=`mktemp -p $cwd .tmp.XXXXXXXXXXXXX`
cat .encpass | base64 -d | aespipe -d > $tmpf
((vi $tmpf) && (srm $tmpf) || echo $rmerror)
}




case $1 in
-n|--new|-g|--gen|--generate)
len=$2
genPW $len
;;
-d|--decrypt|-o|--open)
decrypt
;;
-h|--help)
usage
;;
esac

exit