Merge pull request #18 from shihaamabr/openssl

SAVED PASSWORD ENCRYPTION YOO

README.md

@@ -4,21 +4,21 @@ BML CLI written in Bash. This project is currently under development and a lot o
 ![photo_2021-04-28_14-59-35](https://user-images.githubusercontent.com/18140039/116385581-5c948300-a832-11eb-899b-9133501a4ae7.jpg)
     
 ## Requirements
-`curl` `jq`
+`curl` `jq` `openssl`
 - Make sure all requirements are met before running script.
 - Termux users will need `ncurses-utils` additionally for terminal colors
 
 #### Arch Linux
-`sudo pacman -S curl jq`
+`sudo pacman -S curl jq openssl`
 
 #### Ubuntu
-`sudo apt install curl jq`
+`sudo apt install curl jq openssl`
 
 #### Fedora
-`sudo dnf  install curl jq`
+`sudo dnf  install curl jq openssl`
 
 ### Termux
-`pkg install curl jq ncurses-utils`
+`pkg install curl jq openssl-tools ncurses-utils`
 
 ## Installation
 ```

readpass.sh

@@ -1,7 +1,10 @@
 if [ -f $CREDENTIALS ]
 then
 	source $CREDENTIALS
-	echo "Attempting to login with saved credentials"
+#	echo "Attempting to login with saved credentials"
+	read -s -p 'Enter Pin: ' PIN
+	BML_USERNAME=$(echo ${BML_USERNAME} |openssl enc -d -des3 -base64 -pass pass:${PIN} -pbkdf2)
+	BML_PASSWORD=$(echo ${BML_PASSWORD} |openssl enc -d -des3 -base64 -pass pass:${PIN} -pbkdf2)
 	if [ "$LOGIN" = "2" ]
 	then
 		echo "${red}Login Required${reset}"
@@ -12,6 +15,9 @@ then
 	else
 		:
 	fi
+
+
+
 elif [ ! -f $CREDENTIALS ]
 then
 	echo "${red}Login Required${reset}"

savepass.sh

@@ -1,5 +1,3 @@
-#echo "Do ${red}NOT${reset} save password if password contain '|' '^' '$' '&' ';' ':' '(' ')'  "
-
 if [ ! -f $CREDENTIALS ]
 then
 	if [ "$LOGIN" = "0" ]
@@ -7,15 +5,42 @@ then
 		read -p 'Do you want to save login? [y/N] ' SAVE_LOGIN
 		if [ "$SAVE_LOGIN" = "Y" ]
 		then
-			echo "Username and Password is saved in ${lightred}PAIN TEXT${reset} in $CREDENTIALS"
+			read -s -p 'Enter Pin: ' PIN
-			echo "BML_USERNAME='${BML_USERNAME}'" > $CREDENTIALS
+			echo ""
-			echo "BML_PASSWORD='${BML_PASSWORD}'" >> $CREDENTIALS
+			read -s -p 'Repeat Pin: ' REPEAT_PIN
+			if [ "$PIN" = "$REPEAT_PIN" ]
+			then
+				echo ""
+				echo "Your credentials are ${lightgreen}encrypted${reset} and saved in $CREDENTIALS"
+				BML_USERNAME=$(echo "${BML_USERNAME}" | openssl enc -e -des3 -base64 -pass pass:${PIN} -pbkdf2)
+				BML_PASSWORD=$(echo "${BML_PASSWORD}" | openssl enc -e -des3 -base64 -pass pass:${PIN} -pbkdf2)
+				echo "BML_USERNAME='${BML_USERNAME}'" > $CREDENTIALS
+				echo "BML_PASSWORD='${BML_PASSWORD}'" >> $CREDENTIALS
 
+			else
+				echo ""
+				echo "${red}Pin do not match${reset}"
+				source savepass.sh
+			fi
 		elif [ "$SAVE_LOGIN" = "y" ]
-		then
+                then
-			echo "Username and Password is saved in ${lightred}PAIN TEXT${reset} in $CREDENTIALS"
+                        read -s -p 'Enter Pin: ' PIN
-			echo "BML_USERNAME='${BML_USERNAME}'" > $CREDENTIALS
+                        echo ""
-			echo "BML_PASSWORD='${BML_PASSWORD}'" >> $CREDENTIALS
+                        read -s -p 'Repeat Pin: ' REPEAT_PIN
+                        if [ "$PIN" = "$REPEAT_PIN" ]
+                        then
+                                echo ""
+                                echo "Your credentials are ${lightgreen}encrypted${reset} and saved in $CREDENTIALS"
+                                BML_USERNAME=$(echo "${BML_USERNAME}" | openssl enc -e -des3 -base64 -pass pass:${PIN} -pbkdf2)
+                                BML_PASSWORD=$(echo "${BML_PASSWORD}" | openssl enc -e -des3 -base64 -pass pass:${PIN} -pbkdf2)
+                                echo "BML_USERNAME='${BML_USERNAME}'" > $CREDENTIALS
+                                echo "BML_PASSWORD='${BML_PASSWORD}'" >> $CREDENTIALS
+
+                        else
+                                echo ""
+                                echo "${red}Pin do not match${reset}"
+                                source savepass.sh
+                        fi
 		else
 			:
 		fi