This is a platform-independent password (secret?) manager which hides your secrets in plain sight. It takes extreme care about the reliability and safety of your data.
Given an arbitrary master password inplainsight derives two 32 bytes length keys through a slow hashing algorithm. They will encrypt the header and the data through AES-256 CTR. An HMAC is appended to the ciphertexts, to ensure the integrity of the encrypted secrets while decrypting.
The ciphertext is then interwoven within any supported media file through a process of adaptive steganography.
Media file(s) might be stored locally or remotely, depending on the source of data used while logging in. It would be advisable to keep a couple of remote backups, just to ensure a good level of data redundancy.
Secret models are defined in core/inplainsight/secrets/. To create your own model you just need to create a struct
which extends secrets.AbstractSecret and implements secrets.SecretInterface.
Look into SimpleSecret or WebsiteCredential if you need an example of implementation.
When defining a new model you'll also need to specify a custom secrets.MagicNumber.
Please keep in mind that value 0x00 and 0x03 are reserved.
In the end, register it in an init function to make it globally available:
func init() {
secrets.SecretsModelRegister[magicNumber] = func(serialized string)secrets.SecretInterface {
// do something here if you need to...
return (&YourSecretModel{}).Unserialize(serialized)
}
}| ID | Type | Fields |
|---|---|---|
| 0x01 | Secret |
Title, Description, Secret |
| 0x02 | WebsiteCredential |
URL, Note, Account, Password |
| 0x04 | Note |
Title, Note |
| 0x05 | File |
Title, Note, File path |
Media formats live under the folder core/steganography/medium/ and each one must have its own folder and dedicated tests.
Structs implementing steganography.HostInterface and registered can be used as media format.
This is how you register a new media format:
// core/steganography/medium/yourmediaformat/register.go
package image
import (
"github.com/zangarmarsh/inplainsight/core/steganography"
)
func init() {
// Extend `Media` collection with a callback that returns an instance
// of `steganography.HostInterface` if the given `filePath` can be
// handled by this `Media`. The check is typically based on specific conditions,
// such as mimetype or content extension. Otherwise, return `nil`.
steganography.Media = append(
steganography.Media,
func(filePath string) steganography.HostInterface {
// ...
return nil
},
)
}images/*- will eventually outputimage/pngbinary data- [ ... ]
- file://
- [ ... ]
Complete refactoringOutput image formats other than actual( ngl, that was faked atm - needs lots of effort )png- Improve
SecretMultiple secrets in one mediumMakeSecretmore abstract and implementable in order to be easily extendedGive the user the ability to choose which file will be used (default will berandom)Exclusive host for one secretmake it choosable by any create formstealth modefile header encryptionAdd secret iconsAdd customAction
- Feature that allows to move a specific
Secretinto another choosable medium - New
Secretmodels:WebsiteNoteFile- Folders
- TOTP
- HOTP
- Optional user preferences persistance
Pool path at loginLogout on screen lockSession timeout while inactivehaveibeenpwnedoptional periodical checks
- Blank dummy medium generation
- Support new data sources
HTTPSS3FTPSSH
- Support
single-fileinitialization mode - Dockerization
- Self-hostable version
- optional
2FAthrough TOTP
- optional
- Support
hardware keys - Steganography the following media formats:
- Audio files
MP3/WAV(?) MP4(?)
- Audio files
- Browser extension
- Pool of data-sources from text file (?)
- UX/UI improvements
- Enable navigation through arrow up/down