diff options
| -rw-r--r-- | META6.json | 10 | ||||
| -rw-r--r-- | README.org | 2 | ||||
| -rw-r--r-- | lib/Orion/CLI.rakumod | 13 |
3 files changed, 17 insertions, 8 deletions
diff --git a/META6.json b/META6.json index c6548d1..70c597a 100644 --- a/META6.json +++ b/META6.json @@ -1,17 +1,17 @@ { "name" : "orion", - "auth" : "github:andinus", - "version" : "0.2.1", + "auth" : "zef:andinus", + "version" : "0.2.3", "description" : "Orion checks for compromised passwords using Have I Been Pwned API", "authors" : [ "Andinus <andinus@nand.sh>" ], "license" : "ISC", "perl" : "6.d", "provides" : { - "Orion::CLI" : "lib/Orion/CLI.rakumod", + "Orion::CLI" : "lib/Orion/CLI.rakumod" }, "depends" : [ - "Digest::SHA" - "LWP::Simple::auth<github:raku-community-modules>" + "Digest::SHA", + "LWP::Simple:auth<zef:dwarring>" ], "tags": [ "Orion", "PasswordStore", "pass", "HaveIBeenPwned", "HIBP" diff --git a/README.org b/README.org index 6b33738..3c2e030 100644 --- a/README.org +++ b/README.org @@ -34,7 +34,7 @@ Match means the password is present in HIBP database & has been compromised. *** verbose -This option does nothing. +If enabled, it prints a "." for every password entry it checks. * History diff --git a/lib/Orion/CLI.rakumod b/lib/Orion/CLI.rakumod index 3fe01b8..985f8e1 100644 --- a/lib/Orion/CLI.rakumod +++ b/lib/Orion/CLI.rakumod @@ -16,9 +16,13 @@ multi sub MAIN( } for @files -> $file { + print "." if $verbose; + my $proc = run <gpg2>, '--decrypt', '--quiet', $file, :out; + # Read the password, convert it to hex & uppercase. my Str $hash = uc buf_to_hex sha1 $proc.out.slurp(:close).lines.head; + # Send the prefix to HIBP API. for LWP::Simple.get( "$api/range/{ $hash.substr(0, 5) }", { @@ -26,12 +30,17 @@ multi sub MAIN( User-Agent => "Andinus / Orion - https://andinus.nand.sh/orion", } ).lines.map(*.split(":")).grep(*[1] > 0) -> ($entry, $freq) { + # Compare all the suffixes with our hash suffix. if $hash.substr(5, *) eq $entry { + # Get the password name. my Str $pass = $file.Str.split('.password-store/').tail.split('.gpg').first; - say $pass, " " x (72 - $pass.chars - $freq.chars), $freq; - }; + # Print the compromised password entry. + print "\n" if $verbose; + put $pass, " " x (72 - $pass.chars - $freq.chars), $freq; + } } } + print "\n" if $verbose; } sub buf_to_hex { [~] $^buf.list».fmt: "%02x" } |