#!/usr/bin/php<?php//*********************************************************

1. #!/usr/bin/php
2. <?php
3. //***************************************************************************
4. //**** PASSWORD MANAGER FOR SHELL ver 1.0
5. //**** Features:
6. //**** 3 layers of encryption: AES 256, Camellia 256 and Chacha
7. //**** Data is never saved on the disk
8. //**** No cache
9. //**** short source code easy to check for security
10. //**** db saved in the current folder as pwd.encrypted
11. //**** db backup at every rewrite as pwd.encrypted.backup
12. //**** no graphical interface
13. //**** Requirements:
14. //**** - PHP 7
15. //**** - OPENSSL library for PHP
16. //****
17. //**** Tested on:
18. //**** Mac Os/x 13.4 (High Sierra), requirement are installed by default.
19. //**** It should work on Linux and Windows as well.
20. //***************************************************************************
21. // create empty db
22. if(!file_exists("pwd.encrypted"))
23. create_pwdfile();
24. $r=NULL;
25. // ask Master Password
26. while($r==NULL){
27. $pwd=ask_hidden("Master Password:" );
28. $GLOBALS['r']=load_pwdfile($pwd);
29. if($GLOBALS['r']==NULL){
30. echo "Wrong password\n";
31. continue;
32. }
33. echo "\n";
34. system("clear");
35. }
36. $s=explode("\n",$GLOBALS['r']);
37. while(1){
38. echo "######################################################################\n";
39. echo "Password Manager - Commands: /add /delete /exit /pwd /gen /all/ /help\n";
40. echo "######################################################################\n";
41. $ss=readline("Search String/Command: ");
42. if(strlen($ss)==0)
43. continue;
44. if(strstr(strtoupper($ss),"/ADD")!=NULL){
45. new_entry($pwd);
46. $s=explode("\n",$GLOBALS['r']);
47. continue;
48. }
49. if(strstr(strtoupper($ss),"/EXIT")!=NULL)
50. exit(0);
51. if(strstr(strtoupper($ss),"/QUIT")!=NULL){
52. system(clear);
53. exit(0);
54. }
55. if(strstr(strtoupper($ss),"/PWD")!=NULL){
56. change_pwd($pwd);
57. continue;
58. }
59. if(strstr(strtoupper($ss),"/HELP")!=NULL){
60. show_help();
61. continue;
62. }
63. if(strstr(strtoupper($ss),"/GEN")!=NULL){
64. generate_randompwd();
65. continue;
66. }
67. if(strstr(strtoupper($ss),"/DELETE")!=NULL){
68. delete_entry($ss,$pwd);
69. $s=explode("\n",$GLOBALS['r']);
70. continue;
71. }
72. //*** SEARCHING
73. $c=1;
74. $x=count($s);
75. $ss=strtoupper($ss);
76. for($i=1;$i<$x;$i++){
77. $j=json_decode($s[$i]);
78. if(strstr(strtoupper($j->description),$ss)!=NULL ||
79. strstr(strtoupper($j->username),$ss)!=NULL ||
80. strstr(strtoupper($j->url),$ss)!=NULL || ($ss=="/ALL" && strlen($j->description)>0))
81. {
82. echo "******************************************************************\n";
83. echo "#..........:".$i."\n";
84. echo "Description: ".$j->description."\n";
85. echo "Username...: ".$j->username."\n";
86. echo "Password...: ";
87. echo "\033[30;40m";
88. echo $j->password;
89. echo "\033[0m";
90. echo "\n";
91. echo "Url........: ".$j->url."\n";
92. $c=$c+1;
93. }
94. }
95. if($c>1) echo "******************************************************************\n";
96. }
97. //******************************************
98. // function to change password
99. //******************************************
100. function change_pwd($pwd){
101. while(1){
102. $pwd1=ask_hidden("Current Master Password: ");
103. if(strlen($pwd1)==0)
104. return;
105. if($pwd!=$pwd1){
106. echo "Wrong password\n";
107. continue;
108. }
109. $pwdn1=ask_hidden("NEW Master Password: ");
110. $pwdn2=ask_hidden("Repeat NEW Master Password:");
111. if($pwdn1!=$pwdn2){
112. echo "NEW Passwords are not the same!\n";
113. continue;
114. }
115. save_pwdfile($pwdn1);
116. $GLOBALS['pwd']=$pwdn1;
117. echo "Password changed.";
118. return;
119. }
120. }
121.  
122. //******************************************
123. //*** function to delete an entry
124. //******************************************
125. function delete_entry($ss,$pwd){
126. $id=substr($ss,8);
127. if($id==0){
128. echo "Entry number is missing. for example: /delete 2\n";
129. echo "to delete the entry #2\n";
130. return;
131. }
132. $s=explode("\n",$GLOBALS['r']);
133. echo "******************************************************************\n";
134. $j=json_decode($s[$id]);
135. echo "#..........:".$id."\n";
136. echo "Description: ".$j->description."\n";
137. echo "Username...: ".$j->username."\n";
138. echo "Password...: ";
139. echo "\033[30;40m";
140. echo $j->password;
141. echo "\033[0m";
142. echo "\n";
143. echo "Url........: ".$j->url."\n";
144. echo "******************************************************************\n";
145. $c=readline("Delete? (Y/n) ");
146. if(strtoupper($c)=="Y"){
147. $s[$id]="";
148. $x=count($s);
149. $GLOBALS['r']="";
150. for($i=0;$i<$x;$i++){
151. if(strlen($s[$i])>0)
152. $GLOBALS['r'].=$s[$i]."\n";
153. }
154. save_pwdfile($pwd);
155. echo "#".$id." has been deleted.\n";
156. }
157. return;
158. }
159. //******************************************
160. //*** Load pwd.encrypted
161. //******************************************
162. function load_pwdfile($pwd){
163. $s=file_get_contents("pwd.encrypted");
164. $iv=substr($s,0,512);
165. $dbh=substr($s,512);
166. $db=base64_decode($dbh);
167. $dpwd=openssl_pbkdf2($pwd,$iv,64,10000,"sha512");
168. $ivl=openssl_cipher_iv_length($cipher="CAMELLIA-256-CFB");
169. $ivc=substr($iv,0,$ivl);
170. $r=openssl_decrypt($db,"CAMELLIA-256-CFB",$dpwd,$options=OPENSSL_RAW_DATA,$ivc);
171. $ivl=openssl_cipher_iv_length($cipher="ChaCha");
172. $ivc=substr($iv,0,$ivl);
173. $r=openssl_decrypt($r,"ChaCha",$dpwd,$options=OPENSSL_RAW_DATA,$ivc);
174. $ivl=openssl_cipher_iv_length($cipher="AES-256-OFB");
175. $ivc=substr($iv,0,$ivl);
176. $r=openssl_decrypt($r,"AES-256-OFB",$dpwd,$options=OPENSSL_RAW_DATA,$ivc);
177. if(substr($r,0,1)=="{")
178. return($r);
179. else
180. return(NULL);
181. }
182. //******************************************
183. //**** function to add new entry
184. //******************************************
185. function new_entry($pwd){
186. while(1){
187. $d=readline("Description: ");
188. $u=readline("Username...: ");
189. $p=readline("Password...: ");
190. $url=readline("Url........: ");
191. $c=readline("Confirm?(Y/N/Edit)");
192. if($c=="Y" || $c=="y"){
193. $s='{"description":';
194. $s.=json_encode($d);
195. $s.=',"username":';
196. $s.=json_encode($u);
197. $s.=',"password":';
198. $s.=json_encode($p);
199. $s.=',"url":';
200. $s.=json_encode($url);
201. $s.="}\n";
202. $GLOBALS['r'].=$s;
203. save_pwdfile($pwd);
204. }
205. if($c=="E" || $c=="e")
206. continue;
207. return;
208. }
209.  
210. }
211. //******************************************
212. //**** function to create new pwd.encrypted
213. //******************************************
214. function create_pwdfile(){
215. echo "Creating new pwd.encrypted file\n";
216. INIT:
217. $pwd=ask_hidden("Master Password (very,very long please!): ");
218. $pwd2=ask_hidden("Repeat Master Password:");
219. if($pwd!=$pwd2){
220. echo "Passwords are not the same!\n";
221. goto INIT;
222. }
223. $GLOBALS['r']="{}\n";
224. save_pwdfile($pwd);
225. echo "pwd.encrypted file has been created!\n";
226. return;
227. }
228.  
229. // save pwd.encrypted
230. function save_pwdfile($pwd){
231. echo "Generating True Random Init Vector...\n";
232. $iv=openssl_random_pseudo_bytes(512,$cs);
233. $iv=substr(base64_encode($iv),0,512);
234. echo "Encrypting...\n";
235. $s=$iv;
236. $dpwd=openssl_pbkdf2($pwd,$iv,64,10000,"sha512");
237. $ivl=openssl_cipher_iv_length($cipher="AES-256-OFB");
238. $ivc=substr($iv,0,$ivl);
239. $rc=openssl_encrypt($GLOBALS['r'],"AES-256-OFB",$dpwd,$options=OPENSSL_RAW_DATA,$ivc);
240. $ivl=openssl_cipher_iv_length($cipher="ChaCha");
241. $ivc=substr($iv,0,$ivl);
242. $rc=openssl_encrypt($rc,"ChaCha",$dpwd,$options=OPENSSL_RAW_DATA,$ivc);
243. $ivl=openssl_cipher_iv_length($cipher="CAMELLIA-256-CFB");
244. $ivc=substr($iv,0,$ivl);
245. $rc=openssl_encrypt($rc,"CAMELLIA-256-CFB",$dpwd,$options=OPENSSL_RAW_DATA,$ivc);
246. $rcf=$iv."!".base64_encode($rc);
247. echo "Encryption completed\n";
248. system("cp pwd.encrypted pwd.encrypted.backup");
249. file_put_contents("pwd.encrypted",$rcf);
250. return;
251. }
252.  
253. function ask_hidden( $prompt ) {
254. echo $prompt;
255. echo "\033[30;40m";
256. $input=readline();
257. echo "\033[0m";
258. return rtrim( $input, "\n" );
259. }
260. //******************************************************
261. // FUNCTION TO GENERATE A TRUE RANDOM STRONG PASSWORD
262. //******************************************************
263. function generate_randompwd(){
264. $tr=openssl_random_pseudo_bytes(512);
265. $p=substr(bin2hex($tr),0,64);
266. echo "Random STRONG password: ".$p."\n";
267. return;
268. }
269. //*** function to show an help
270. //******************************************
271. function show_help(){
272. echo "****************************************************************\n";
273. echo "Password Manager - Help\n";
274. echo "****************************************************************\n";
275. echo "You can write a string to search or a command and press enter.\n";
276. echo "The available commands are the following:\n";
277. echo "/add - To add a new entry\n";
278. echo "/delete # - To delete and entry where # should the entry number\n";
279. echo "/pwd - To change the master password\n";
280. echo "/gen - Generate a true random strong passwrd\n";
281. echo "/all - List all the entries\n";
282. echo "/exit - To exit from the program\n";
283. echo "/help - To access this help\n";
284. echo "****************************************************************\n";
285. return;
286. }
287. ?>