-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathmain.go
155 lines (143 loc) · 3.65 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
package main
import (
"context"
"fmt"
"log"
"os"
"os/signal"
hapi "github.com/gopasspw/gopass-hibp/pkg/hibp/api"
hibpdump "github.com/gopasspw/gopass-hibp/pkg/hibp/dump"
"github.com/gopasspw/gopass/pkg/gopass/api"
"github.com/urfave/cli/v2"
)
const (
name = "gopass-hibp"
)
// Version is the released version of gopass.
var version string
func main() {
ctx := context.Background()
// trap Ctrl+C and call cancel on the context
ctx, cancel := context.WithCancel(ctx)
sigChan := make(chan os.Signal, 1)
signal.Notify(sigChan, os.Interrupt)
defer func() {
signal.Stop(sigChan)
cancel()
}()
go func() {
select {
case <-sigChan:
cancel()
case <-ctx.Done():
}
}()
gp, err := api.New(ctx)
if err != nil {
fmt.Printf("Failed to initialize gopass API: %s\n", err)
os.Exit(1)
}
hibp := &hibp{
gp: gp,
}
app := cli.NewApp()
app.Name = name
app.Version = getVersion().String()
app.Usage = "haveibeenpwned.com leak checker for gopass"
app.EnableBashCompletion = true
app.Commands = []*cli.Command{
{
Name: "api",
Usage: "Detect leaked passwords using the HIBPv2 API",
Description: "" +
"This command will decrypt all secrets and check the passwords against the public " +
"havibeenpwned.com v2 API.",
Action: func(c *cli.Context) error {
return hibp.CheckAPI(c.Context, c.Bool("force"))
},
Flags: []cli.Flag{
&cli.BoolFlag{
Name: "force",
Aliases: []string{"f"},
Usage: "Force checking secrets against the public API",
},
},
},
{
Name: "dump",
Usage: "Detect leaked passwords using the HIBP SHA-1 dumps",
Description: "" +
"This command will decrypt all secrets and check the passwords against the " +
"havibeenpwned.com SHA-1 dumps (ordered by hash). " +
"To use the dumps you need to download the dumps from https://haveibeenpwned.com/passwords first. Be sure to grab the one that says '(ordered by hash)'. " +
"This is a very expensive operation, for advanced users. " +
"Most users should probably use the API. " +
"If you want to use the dumps you need to use 7z to extract the dump: 7z x pwned-passwords-ordered-2.0.txt.7z.",
Action: func(c *cli.Context) error {
return hibp.CheckDump(c.Context, c.Bool("force"), c.StringSlice("files"))
},
Flags: []cli.Flag{
&cli.BoolFlag{
Name: "force",
Aliases: []string{"f"},
Usage: "Force checking secrets against the dumps",
},
&cli.StringSliceFlag{
Name: "files",
Usage: "One or more HIBP v1/v2 dumps",
},
},
},
{
Name: "download",
Usage: "Download HIBP dumps from the v2 API",
Action: func(c *cli.Context) error {
return hapi.Download(c.Context, c.String("output"), c.Bool("keep"))
},
Flags: []cli.Flag{
&cli.StringFlag{
Name: "output",
Aliases: []string{"f"},
Usage: "Output location",
},
&cli.BoolFlag{
Name: "keep",
Aliases: []string{"k"},
Usage: "Keep and re-use partial downloads",
},
},
},
{
Name: "merge",
Usage: "Merge different dumps",
Action: func(c *cli.Context) error {
scanner, err := hibpdump.New(c.StringSlice("files")...)
if err != nil {
return err
}
return scanner.Merge(ctx, c.String("output"))
},
Flags: []cli.Flag{
&cli.StringSliceFlag{
Name: "files",
Usage: "One or more HIBP v1/v2 dumps",
},
&cli.StringFlag{
Name: "output",
Aliases: []string{"f"},
Usage: "Output location",
},
},
},
{
Name: "version",
Action: func(c *cli.Context) error {
cli.VersionPrinter(c)
return nil
},
},
}
if err := app.RunContext(ctx, os.Args); err != nil {
log.Fatal(err)
}
}