Skip to content

hypertensiune/Passknight

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

52 Commits

extension

extension

 
 

imgs

imgs

 
 

windows

windows

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

Repository files navigation

Open source self hosted password manager.

Description

Passknight is a cross-platform, self hosted password manager.

It supports multiple users / vaults, making it easy to organize your passwords and notes.

Easy to setup a secure environment for your whole family.


Current supported platforms

  • Windows
  • Chromium based browsers

Security

All of your passwords are encrypted before being stored in firebase.

A Passknight vault is represented by a user in firebase. The password used to authentificate in firebase and get the corresponding vault is the vault's masterpassword.

Private key

The masterpassword is then used to derive a private key unique to that vault that will encrypt and decrypt the vault content.

The derivation proccess is done using 600,000 iterations of PBKDF2 with SHA-256 and a randomly generated salt.

Encryption & Decryption

To encrypt and decrypt your passwords, Passknigth uses the AES-CBC algorithm with a randomly generated 16 bytes IV. The first 16 bytes of the stored buffer is represented by the IV.

Auth persistence - only in browser extension

To be able to use firebase's auth persistence Passknight encrypts the private key (using crypto.subtle.wrapKey) and stores it in session storage.

The key used for this encryption is imported from the firebase user UID (which is guaranteed to be unique) using the AES-CBC algorithm.

Cryptography libraries

Firebase setup

Required for the web extension. Optional for the windows app as it also has locally stored vaults.

  • Login to firebase and create a new project.
  • Register a web app.
  • Go to authentification and add the Email/Password provider.
  • Enable Firestore Database and add the following rules in the rules tab:
rules_version = '2';

service cloud.firestore {
  match /databases/{database}/documents {
    match /vaults/ids {
    	allow write, read;
    }
    
    match /vaults/{vault} {
    	allow write, read: if request.auth != null && request.auth.uid == vault
    }
  }
}

Web extension

To initialize Firebase create a file called firebaseConfig.js in the extension's folder that should look like this:

const firebaseConfig = {
    apiKey: "",
    authDomain: "",
    projectId: "",
    storageBucket: "",
    messagingSenderId: "",
    appId: ""
};
window.firebaseConfig = firebaseConfig;

Windows

Create a file firebase in the application root directory and paste the firebase API KEY:

[API_KEY]

Your config from can be found in Project settings > General.

About

Multi-vault, self hosted password manager

Topics

firebase extension password-generator password-manager wpf dotnet-core firebase-authentication wpf-ui encryption-decryption firestore-database manifest-v3

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

Release v1.0.0-beta Latest
May 10, 2024

Packages

No packages published

Languages