Add --chars option to show to allow printing a subset of the secret o…

…nly (gopasspw#2155) * Add --chars option to show to allow printing a subset of the secret only Fixes gopasspw#2068 RELEASE_NOTES=Add --chars option to print subset of secrets Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * Add some docs. Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org>
kpitt · Mar 12, 2022 · d27de06 · d27de06
1 parent 979c356
commit d27de06
Show file tree

Hide file tree

Showing 5 changed files with 47 additions and 1 deletion.
diff --git a/docs/commands/show.md b/docs/commands/show.md
@@ -28,6 +28,7 @@ Flag | Aliases | Description
 `--password` | `-o` | Display only the password. For use in scripts. Takes precedence over other flags.
 `--revision` | `-r` | Display a specific revision of the entry. Use an exact version identifier from `gopass history` or the special `-<N>` syntax. Does not work with native (e.g. git) refs.
 `--noparsing` | `-n` | Do not parse the content, disable YAML and Key-Value functions.
+`--chars` | | Display selected characters from the password.
 
 ## Details
 

diff --git a/internal/action/commands.go b/internal/action/commands.go
@@ -52,6 +52,10 @@ func ShowFlags() []cli.Flag {
 			Aliases: []string{"n"},
 			Usage:   "Do not parse the output.",
 		},
+		&cli.StringFlag{
+			Name:  "chars",
+			Usage: "Print specific characters from the secret",
+		},
 	}
 }
 

diff --git a/internal/action/context.go b/internal/action/context.go
@@ -12,6 +12,7 @@ const (
 	ctxKeyKey
 	ctxKeyOnlyClip
 	ctxKeyAlsoClip
+	ctxKeyPrintChars
 )
 
 // WithClip returns a context with the value for clip (for copy to clipboard)
@@ -126,3 +127,17 @@ func GetKey(ctx context.Context) string {
 	}
 	return sv
 }
+
+// WithPrintChars returns the context with the print chars set.
+func WithPrintChars(ctx context.Context, c []int) context.Context {
+	return context.WithValue(ctx, ctxKeyPrintChars, c)
+}
+
+// GetPrintChars returns a map of all character positions to print.
+func GetPrintChars(ctx context.Context) []int {
+	mv, ok := ctx.Value(ctxKeyPrintChars).([]int)
+	if !ok {
+		return nil
+	}
+	return mv
+}
diff --git a/internal/action/show.go b/internal/action/show.go
@@ -44,6 +44,21 @@ func showParseArgs(c *cli.Context) context.Context {
 	if c.IsSet("noparsing") {
 		ctx = ctxutil.WithShowParsing(ctx, !c.Bool("noparsing"))
 	}
+	if c.IsSet("chars") {
+		iv := []int{}
+		for _, v := range strings.Split(c.String("chars"), ",") {
+			v = strings.TrimSpace(v)
+			if v == "" {
+				continue
+			}
+			i, err := strconv.Atoi(v)
+			if err != nil {
+				continue
+			}
+			iv = append(iv, i)
+		}
+		ctx = WithPrintChars(ctx, iv)
+	}
 	ctx = WithClip(ctx, IsOnlyClip(ctx) || IsAlsoClip(ctx))
 	return ctx
 }
@@ -140,6 +155,17 @@ func (s *Action) showHandleOutput(ctx context.Context, name string, sec gopass.S
 		return err
 	}
 
+	if chars := GetPrintChars(ctx); len(chars) > 0 {
+		for _, c := range chars {
+			if c > len(pw) || c-1 < 0 {
+				debug.Log("Invalid char: %d", c)
+				continue
+			}
+			out.Printf(ctx, "%d: %s", c, out.Secret(pw[c-1]))
+		}
+		return nil
+	}
+
 	if pw == "" && body == "" {
 		if ctxutil.IsShowSafeContent(ctx) && !ctxutil.IsForce(ctx) {
 			out.Warning(ctx, "safecontent=true. Use -f to display password, if any")

diff --git a/internal/out/print.go b/internal/out/print.go
@@ -18,7 +18,7 @@ var (
 	Stderr io.Writer = os.Stderr
 )
 
-// Secret is a string wrapper for strings containing secrets. These won't b.
+// Secret is a string wrapper for strings containing secrets. These won't be
 // logged as long a GOPASS_DEBUG_LOG_SECRETS is not set.
 type Secret string