fulla - File README.txt
fulla
CLI based secrets manager for storing passwords and otp (totp) codes.
[GIT] git clone git://vigrey.com/git/fulla
README.txt - (3796 Bytes)
# Fulla
Fulla is a CLI based secrets manager for storing passwords and otp
(totp) codes.
## IMPORTANT NOTICE
THIS PROGRAM AND SPECIFICATION ARE BUILT BY VI GREY FOR VI GREY.
DO NOT TRUST THIS PROGRAM OR THIS SPECIFICATION. I'M JUST "SOME
PERSON", SO DON'T TRUST THIS PROGRAM OR SPECIFICATION WITH YOUR
SECURITY.
Cryptography is hard. You should not trust this program or
specification with your security.
Nothing about this program or specification has gone through any sort
of security audit.
## OS Dependencies
Fulla is meant to build and run on Linux and Plan9. Maybe OpenBSD or
FreeBSD in the future. There are currently no plans to make Fulla work
on Windows or macOS.
## Plan9 Security Consideration
The Plan9 version of this program does not hide passphrase input like
the Linux version does while typing the passphrase.
## Build Dependencies
- go >= 1.20
## Build Fulla on Linux
To build Fulla on Linux, from the root directory of this repository,
run the following command:
```
make
```
The resulting binary file will be at `build/bin/fulla`.
## Build Fulla on Plan9
To build Fulla on Plan9, from the root directory of this repository,
run the following commands:
```
mkdir -p build/bin
cd src
go build
mv src ../build/bin/fulla
cd ..
```
The resulting binary file will be at `build/bin/fulla`.
## FSV Files
Fulla uses FSV (Fulla Secret Vault) files to store encrypted password
entries and otp entries. The data is encrypted using a user provided
passphrase. For the sake of security, password entries and totp
entries cannot be in the same FSV file together, so an FSV file can
contain password entries only or contain totp entries only. FSV files
contain the encrypted password/otp entries along with the information
required to decrypt the password/otp entries when provided with the
correct passphrase from the user.
The FSV file version 1 specification can be found at
`docs/fsv-spec-0001.txt` from the root of this repository.
Example FSV files can be found in the `docs/examples/fsv-spec-0001-fsv`
directory from the root of this repository. All example fsv files in
that directory use an empty passphrase (0 octet long passprase) to
generate the fsv file's encryption key.
## FSV File Plaintext
The plaintext data of FSV files is JSON encoded. The JSON schema to
veify the structure of the FSV file plaintext data can be found in
`docs/fsv-spec-0001-plaintext.schema.json` and some examples of what
the plaintext data json can look like can be found in the
`docs/examples/fsv-spec-0001-plaintext/` directory from the root of
this repository.
## Make the FSV File Version 1 Specification Files
The FSV file version 1 specification uses `xml2rfc` to convert the XML
formatted specification data to TXT format. `xml2rfc`
can be installed using `pip` and the following command:
```
pip install 'xml2rfc'
```
You may need to use pipx instead, depending on the OS or distribution.
If so, you can use the following command to install `xml2rfc`:
```
pipx install 'xml2rfc'
```
To generate the TXT formatted specification, use the following command
at the root of this repository:
```
make documents
```
The resulting TXT formatted specification file will be located at
`build/docs/fsv-spec-0001.txt`.
It is possible to generate the specification as an HTML file as well.
Running the following commands at the root directory of this repository
will generate an HTML file of the specification:
```
mkdir -p build/docs
xml2rfc src/docs/fsv-spec-0001.xml -p build/docs --html \
--no-external-js --no-external-css --v3
```
The resulting HTML formatted specification file will be located at
`build/docs/fsv-spec-0001.html`.
Generating the specification as a PDF file is also possible, but is out
of the scope of this README.txt file.