search

oxur / rucksack

A terminal-based secrets manager, generator, and importer/exporter (Firefox, Chrome) backed with a concurrent hashmap
Apache License 2.0
12 stars 1 forks source link

Data modeling secrets #11

Closed oubiwann closed 1 year ago

oubiwann commented 1 year ago

Using SurrealDB, we're looking at this, right now:

CREATE secret SET
type=password
name='YYY',
user='XXX',
url='ZZZ',
password='AAA',
created=time::now(),
updated='';

Usage is like this:

USER=alice
PASS=abc123
KEY=$(openssl enc -aes128 -k $PASS -md sha1 -P|grep key=|sed 's/key=//')
echo $KEY
surreal start --key $KEY --pass $PASS --strict --bind 0.0.0.0:5099 file://data/$USER

DATA="INFO FOR DB;"
curl --request POST \
    --header "Accept: application/json" \
    --header "NS: secrets" \
    --header "DB: $USER" \
    --user "$USER:$PASS" \
    --data "${DATA}" \
    http://localhost:5099/sql

DATA="CREATE secret SET
type=password
name='YYY',
user='XXX',
url='ZZZ',
password='AAA',
created=time::now(),
updated='';"

curl -k -L -s --compressed POST \
    --header "Accept: application/json" \
    --header "NS: secrets" \
    --header "DB: $USER" \
    --user "$USER:$PASS" \
    --data "${DATA}" \
    http://localhost:5099/sql
oubiwann commented 1 year ago

Since we're not going with SurrealDB, it ended up looking like this instead:

pub struct EncryptedRecord {
    pub key: String,
    pub kind: Kind,
    pub value: Vec<u8>,
    pub created: String,
    pub updated: String,
}

pub struct PasswordValue {
    pub user: String,
    pub password: String,
}

pub struct DecryptedRecord {
    pub key: String,
    pub kind: Kind,
    pub value: PasswordValue,
    pub created: String,
    pub updated: String,
}