Crates.io | steelsafe |
lib.rs | steelsafe |
version | 0.1.0 |
source | src |
created_at | 2024-10-04 18:19:11.984408 |
updated_at | 2024-10-04 18:19:11.984408 |
description | Simple, personal TUI password manager |
homepage | https://h2co3.github.io/steelsafe/ |
repository | https://github.com/H2CO3/steelsafe/ |
max_upload_size | |
id | 1396936 |
size | 133,551 |
Steelsafe is a minimalistic, portable, personal password manager with a terminal user interface (TUI), written entirely in safe Rust (not counting dependencies).
It aims to follow best practices of cryptography and secure software engineering. In particular:
unsafe
, and this is enforced via the
relevant #![forbid(unsafe_code)]
directive. Cryptography-related dependencies
are only from a trusted, well-known source, namely: the RustCrypto project.Due to its simplicity and zero-config nature, the application is primarily intended for personal use; a good use case is painless migration to a new computer. The use of an on-file database means that the migration of the password database is trivially done by copying over the SQLite file to the new location, as there's no migration scripts to run or services to log in to.
Secret entries are individually encrypted using a password to be specified upon insertion of the new entry. There is no single "master" password or master key; if you want, you can encrypt each individual entry using a different password.
Of course, this approach has its downsides. For example:
These make Steelsafe largely unsuited for corporate use, but we believe that it will still make a fine addition to the power user's toolbox.
This software has NOT yet been formally audited by a security expert. If you are in infosec/pentesting/verification, and you are willing to take a look, please contact me.
You'll need the Rust toolchain, then simply:
cargo install steelsafe
The program takes no command-line arguments, starting it is as simple as typing
steelsafe
at the prompt.
Steelsafe currently offers the bare minimum functionality required for convenient everyday use:
The bulk of the screen is occupied by the contents of the password database, one entry per row. The title, account name, and last modification date (currently, this is always the date of creation) are displayed. Use the following keys to access the basic features:
q
: Quit applicationj
, <TAB>
: Select next entryk
: Select previous entry1
: Select first entry0
: Select last entryc
, <ENTER>
: Ask for decryption password and copy cleartext secret to clipboardf
, /
: Find secret by metadata (label or account)n
: Add new secret entryWhen you press n
, a dialog for entering a new secret item appears. You will see text
fields for:
The credential to be encrypted may contain multiple lines, while the master encryption password must not contain line breaks. The account name, if given, must also span a single line only.
Use the up/down arrow keys or <TAB>
to cycle through the text fields.
Use <Ctrl>+G
to randomly generate a strong, unpredictable, high-entropy password in the
"secret" field. The generated password will have sufficient length and an appropriate variety
of characters (including lowercase and uppercase ASCII letters, the digits 0-9, and easily
accessible punctuation/symbols), which should satisfy even the most paranoid requirements.
Press <ENTER>
to confirm the operation and add the entry, <ESC>
to cancel and close the
dialog box, and <CTRL>+H
or <CTRL>+E
to show/hide the credential and the master password,
respectively. Once the new entry is added, it appears at the end of the table immediately, and
will also be selected.
When you press c
or <ENTER>
, the currently selected entry will be decrypted and
copied to the clipboard. You will be asked for the decryption password, which is also
used for verifying that the additional data (currently: the title, the account name,
and the creation/last modification date) has not been tampered with.
Press <ESC>
to cancel the operation, <ENTER>
to confirm the decryption password
and copy the item, and <CTRL>+H
to show/hide the decryption password while typing.
If you have many credentials in your database, you can search for them by their title or
account name. To enter search mode, press f
or /
(the latter should be familiar to users
of Vim, less
and more
). A search field will appear at the bottom. As you type, entries
in the table will be restricted to those containing the search term. The search text is
actually a SQL LIKE
pattern, so you can use the placeholders _
and %
to match one or
more arbitrary characters, respectively.
When you see the desired entry appear in the table, press <ENTER>
to shift focus from the
search text field to the main table again. Then, you can keep issuing the same commands as
normally; you'll most likely want to press c
or <ENTER>
to copy the entry to clipboard.
If you are done searching, press <ESC>
to exit search mode; this will restore the table of
credentials and show the full list again. Alternatively, you can press f
or /
again to
re-focus the search field and refine your search term.
Steelsafe uses SQL uniqueness constraints to prevent duplication of salts and/or nonces within a given database. It also uses a cryptographically-secure pseudo-random number generator (CSPRNG) for generating salts and nonces that are essentially unpredictable to an attacker. However, it can't possibly enforce global uniqueness across different password database files.
The length of the salt and nonce (128 and 192 bits, respectively) make it highly unlikely that salts and nonces are ever repeated during regular, personal use, given the relatively small number of entries, compared to the number of possible salts or nonces. Yet, to avoid catastrophic failure of the key derivation, encryption, and authentication mechanisms, it is strongly recommended that you do not re-use master passwords across databases. If you are only using a single database, as most users will, this criterion is automatically fulfilled.
As always, you are advised to employ password management best practices with your master (encryption and decryption) password(s) as well.
What we technically could do is add another level of database-global salt to the key derivation process. This would be equivalent with a longer salt, but it still wouldn't, strictly speaking, ensure global uniqueness across databases, so we simply don't bother.
On some platforms, especially Linux and other platforms using X11 or Wayland, clipboard contents are only available as long as the source application is running. Thus, in these environments, you will have to keep Steelsafe running until you are done with the copied secret.
The database is located in the project data directory by default, and it is called
secrets.sqlite3
. You can use the .steelsaferc
file (see below) to change the path
of the directory. The file name cannot be changed.
Steelsafe will search the .steelsaferc
configuration file (in this order) at:
$HOME
An example of the config file can be found here. It is a JSON with self-explanatory structure; you can currently use it to change the colors of various UI elements and the path of the secrets database.