diff --git a/KPass.v2.4.alfredworkflow b/KPass.v2.4.alfredworkflow new file mode 100644 index 0000000..f2fceba Binary files /dev/null and b/KPass.v2.4.alfredworkflow differ diff --git a/README.md b/README.md index c85a301..1e09a26 100644 --- a/README.md +++ b/README.md @@ -8,16 +8,18 @@ - List all entries from a KeePassXC database - Get the password for the selected entry, and put it in the clipboard -- The password is copied to the transient clipboard. - +- The password is copied to the transient clipboard. +- Allow to cache the keys to a file. Default `disabled` ## Setup #### Prerequisites - - Alfred 4 - - KeePassXC - - A created KeePassXC database - - jq installed ( https://stedolan.github.io/jq/download/ ) + +- Alfred 4 +- KeePassXC +- A created KeePassXC database +- homebrew installed( ) +- jq installed ( ) #### Configuration @@ -29,6 +31,11 @@ Run **kpassinit** KPass Setup and follow the instructions: 4. Enter the password for the KeePassXC database selected 5. Done! +#### Enable the cache + +In order to enable the cache, go to the Alfred workflow and into environment `[x]` set the env var `cacheFile` to a full file path where to store the cache. As an example `/Users/my_user/Library/Caches/kpass.cache` + +Finally the env var `cacheTimeout` controlls the recreation of cache in seconds. ## Known problems @@ -41,8 +48,9 @@ This Alfred workflow integrate with keepassxc using keepassxc cli, the script ad Having a high transformation rounds allows to slow down bruteforce attacks so pickup a number that is seems right for you. More information: - - https://github.com/Angoll/KPass/issues/17#issuecomment-888096305 - - https://github.com/keepassxreboot/keepassxc/issues/6778 + +- +- ### Keepass file appears unselectable @@ -54,11 +62,10 @@ Open the Alfred workflow from the Alfred App, double click the Run Script /usr/b This will make any file selectable. - ## References -- https://www.alfredapp.com/ -- https://keepassxc.org/ +- +- Any feedback is welcome! diff --git a/scripts/getPassword.sh b/scripts/getPassword.sh index 8abb3f0..94b3e90 100644 --- a/scripts/getPassword.sh +++ b/scripts/getPassword.sh @@ -1,19 +1,24 @@ -export PATH='/usr/local/bin/:/usr/bin:/Applications/KeePassXC.app/Contents/MacOS/:${PATH}' +export PATH='/bin:/usr/local/bin/:/usr/bin:/Applications/KeePassXC.app/Contents/MacOS/:/opt/homebrew/bin:${PATH}' -keePassKeyFile="" -if [[ ! -z ${keyfile} ]]; then - keePassKeyFile="--key-file \"${keyfile}\"" -fi - -function get_keys() { - security find-generic-password -a $(id -un) -c 'kpas' -C 'kpas' -s "${keychainItem}" -w "${keychain}" |\ - keepassxc-cli show -q ${keePassKeyFile} -a Password "$database" "$1" +function get_keys { + if [ ! -z "${keePassKeyFile}" ]; then + security find-generic-password -a $(id -un) -c 'kpas' -C 'kpas' -s "${keychainItem}" -w "${keychain}" |\ + keepassxc-cli show --key-file "${keePassKeyFile}" -q -a Password "${database}" "$1" + else + security find-generic-password -a $(id -un) -c 'kpas' -C 'kpas' -s "${keychainItem}" -w "${keychain}" |\ + keepassxc-cli show -q -a Password "${database}" "$1" + fi } function get_errorInfo { exec 3<&1 - security find-generic-password -a $(id -un) -c 'kpas' -C 'kpas' -s "${keychainItem}" -w "${keychain}" 2>&3 |\ - keepassxc-cli ls -R ${keePassKeyFile} -f "$database" 2>&3 | grep -Ev '(/|\[empty\]?)$' + if [ ! -z "${keePassKeyFile}" ]; then + security find-generic-password -a $(id -un) -c 'kpas' -C 'kpas' -s "${keychainItem}" -w "${keychain}" 2>&3 |\ + keepassxc-cli ls -R --key-file "${keePassKeyFile}" -f "$database" 2>&3 | grep -Ev '(/|\[empty\]?)$' + else + security find-generic-password -a $(id -un) -c 'kpas' -C 'kpas' -s "${keychainItem}" -w "${keychain}" 2>&3 |\ + keepassxc-cli ls -R -f "$database" 2>&3 | grep -Ev '(/|\[empty\]?)$' + fi exec 3>&- } diff --git a/scripts/listDatabase.sh b/scripts/listDatabase.sh index 9f80ab7..0c4f612 100644 --- a/scripts/listDatabase.sh +++ b/scripts/listDatabase.sh @@ -1,25 +1,45 @@ -export PATH='/usr/local/bin/:/usr/bin:/Applications/KeePassXC.app/Contents/MacOS/:${PATH}' - - -useKeePassKeyFile="" -if [[ ! -z ${keePassKeyFile} ]]; then - useKeePassKeyFile="--key-file ${keePassKeyFile}" -fi +export PATH='/bin:/usr/local/bin/:/usr/bin:/Applications/KeePassXC.app/Contents/MacOS/:/opt/homebrew/bin:${PATH}' +function get_db_keys { + if [ ! -z "${keePassKeyFile}" ]; then + security find-generic-password -a $(id -un) -c 'kpas' -C 'kpas' -s "${keychainItem}" -w "${keychain}" |\ + keepassxc-cli locate --key-file "${keePassKeyFile}" "${database}" / -q + else + security find-generic-password -a $(id -un) -c 'kpas' -C 'kpas' -s "${keychainItem}" -w "${keychain}" |\ + keepassxc-cli locate "${database}" / -q + fi +} -function get_keys() { - security find-generic-password -a $(id -un) -c 'kpas' -C 'kpas' -s "${keychainItem}" -w "${keychain}" |\ - keepassxc-cli locate ${useKeePassKeyFile} "$database" / -q +function get_keys { + if [ -z "${cacheFile}" ]; then + get_db_keys + else + # Cache is enabled + if [ -f "${cacheFile}" ]; then + lastModifiedTime=$(GetFileInfo -d "${cacheFile}") + else + lastModifiedTime=$(date +"%m/%d/%Y %H:%M:%S") + fi + lastModifiedTime=$(date -jf "%m/%d/%Y %H:%M:%S" "${lastModifiedTime}" +%s) + currTime=$(date +%s) + interval=$( expr $currTime - $lastModifiedTime ) + if [ ! -f "${cacheFile}" ] || [ "${interval}" -gt "${cacheTimeout}" ]; then + # Update cache + echo "$(get_db_keys)" > "${cacheFile}" + fi + # Get keys from the cache + cat "${cacheFile}" | grep -i "${query}" + fi } function get_errorInfo { exec 3<&1 security find-generic-password -a $(id -un) -c 'kpas' -C 'kpas' -s "${keychainItem}" -w "${keychain}" 2>&3 |\ - keepassxc-cli locate ${useKeePassKeyFile} "$database" / -q 2>&3 + keepassxc-cli locate ${useKeePassKeyFile} '$database' / -q 2>&3 exec 3>&- } -if [[ -z ${database} ]] || [[ -z ${keychain} ]]; +if [[ -z "${database}" ]] || [[ -z "${keychain}" ]]; then echo "{\"items\": [{\"title\":\"Not configured, please run: kpassinit\"}]}"; exit @@ -32,5 +52,5 @@ if [ $? -ne 0 ]; then echo "{\"items\": [{\"title\":\"Error listing database, please check config: Error: ${info}\"}]}"; exit else - echo ${keys[@]} | sed 's/ \//\n\//g' | awk -v iconPath="${PWD}/icon.png" '{printf "{\"uid\":\"%s\", \"title\":\"%s\", \"subtitle\":\"%s\", \"arg\":\"%s\", \"autocomplete\": \"%s\", \"icon\":{\"type\":\"png\", \"path\": \"%s\"}}", $0, $0, $0, $0, $0, iconPath}' | jq -c -s '{"items": .}' + echo ${keys[@]} | sed 's/ \//\n\//g' | awk -v iconPath="${PWD}/icon.png" '{printf "{\"uid\":\"%s\", \"title\":\"%s\", \"subtitle\":\"%s\", \"arg\":\"%s\", \"autocomplete\": \"%s\", \"icon\":{\"type\":\"png\", \"path\": \"%s\"}}", $0, substr($0,2, length($0)), $0, $0, $0, iconPath}' | jq -c -s '{"items": .}' fi