diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..1b051bc --- /dev/null +++ b/LICENSE @@ -0,0 +1,23 @@ +BSD 2-Clause License + +Copyright (c) 2019, The Selfpass Author(s) All rights reserved. + +Redistribution and use in source and binary forms, with or without modification, are permitted +provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, this list of conditions + and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright notice, this list of + conditions and the following disclaimer in the documentation and/or other materials provided + with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR +IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND +FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR +CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER +IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + diff --git a/README.md b/README.md new file mode 100644 index 0000000..7dd59de --- /dev/null +++ b/README.md @@ -0,0 +1,52 @@ +# selfpass + +This is the project home of *selfpass*, the self-hosted password manager. This project is intended +to be a single-user (or **trusted** multi-user) password manager capable of encrypting/decrypting +credentials and storing them remotely through encrypted transportation, all of which is deployable +locally or to popular cloud platforms such as GCP and AWS. + +It is still currently in development. However, the service is already capable of serving a gRPC based +API using mutual TLS encryption, backed by Redis and Docker. It is also capable of being deployed in +a semi-automated fashion locally and to GCP thanks to Docker. + +In addition to the service there is `spc` (**s**elf**p**ass **C**LI), which is a fully fledged *selfpass* client +capable of interacting with the whole selfpass API and creating AES-CBC encrypted credentials using +a *private key* and *master password*. All of which is done using mutual TLS and an AES-CBC +encrypted config. + +#### Service Roadmap + +| Goal | Progress | Comment | +| --- | :---: | --- | +| Support credentials CRUD on gRPC API. | 100% | | +| Enable server-side mutual TLS, using cfssl. | 100% | | +| Deployable on Docker. | 100% | | +| Automatically deployable to GCP using docker-machine and Terraform. | 50% | TODO: Terraform | +| Automatically deployable to AWS using docker-machine and Terraform. | 0% | | + +#### SPC Roadmap + +| Goal | Progress | Comment | +| --- | :---: | --- | +| Support credentials CRUD via gRPC. | 80% | TODO: Update | +| Support mutual TLS. | 100% | | +| Support storage of certs, PK, and host in AES-CBC encrypted config. | 100% | | +| Support AES-CBC encryption of passes and OTP secrets, using MP and PK. | 100% | | +| Support AES-CBC encryption of local files, using MP and PK. | 100% | | + + +#### Unplanned Goals + +- Web client. +- Sensitive financial info support. +- Miscellaneous text/file encryption and storage support. +- Vault separation. + +#### 3rd-party Technologies in Use (and where): +- Golang (all) +- Go-Kit (all) +- gRPC (all) +- Cobra Commander & Viper Config (spc) +- Redis (service) +- Docker (service) +- Debian (docker images and machines)