Merge branch 'main' of github.com:silicoflare/confidant

feat: remove complete dependency on bun to be able to compile to .js
build: add license
2026-05-26 12:45:24 +05:30 · 2024-10-08 10:24:05 +05:30 · 2024-10-08 10:23:17 +05:30 · 2024-10-01 14:33:28 +05:30 · 2024-10-01 11:05:01 +05:30 · 2024-09-30 23:13:53 +05:30
10 changed files with 100 additions and 85 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -177,3 +177,4 @@ dist
 # confidant
 env.ts
 test
 executables
--- a/22
+++ b/22
@@ -0,0 +1,22 @@
 MIT License
 Copyright (c) 2024, Suraj B M "SilicoFlare"
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:
 The above copyright notice and this permission notice shall be included in all
 copies or substantial portions of the Software.
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
--- a/README.md
+++ b/README.md
@@ -5,9 +5,6 @@
 1. [Introduction](#introduction)
 2. [Security](#security)
 3. [Installation](#installation)
   a. [Linux](#linux)
   b. [Windows](#windows)
   c. [MacOS](#macos)
 4. [Usage](#usage)
 5. [Build from source](#build-from-source)
 6. [Disclaimer](#disclaimer)
@@ -28,6 +25,7 @@ The vault has several layers of security to ensure that the contents are safe. T
 2. **AES256**: The vault is encrypted using the AES256 algorithm, which is a symmetric encryption algorithm. The key is generated using the ECDH algorithm.
 3. **PBKDF2**: The password is hashed using the PBKDF2 algorithm, which is a key derivation function. This ensures that the password is not stored in plain text.
 4. **HMAC-SHA256**: The keys are encrypted using the HMAC-SHA256 algorithm, which is a hash-based message authentication code. This ensures that the keys are unique and cannot be tampered with.
 5. **Unique build parameters:** Every binary built by you from source has completely unique parameters in the `env.ts` file, which means ONLY that binary can be used to decrypt a vault made with the binary.
 ---
--- a/bun.lockb
+++ b/bun.lockb
--- a/confidant.ts
+++ b/confidant.ts
@@ -1,12 +1,11 @@
-#!/bin/env bun
+#!/bin/env node
 import { input, password } from "@inquirer/prompts";
 import { $ } from "bun";
 import chalk from "chalk-template";
 import { Command } from "commander";
 import { decrypt_vault, encrypt_vault, initialize, reset } from "./src/main";
-import { existsSync, readdirSync } from "fs";
+import { readdirSync } from "fs";
-import checkForFiles, {
+import {
  Files,
  getDecryptedName,
  getDirectoryNames,
@@ -15,11 +14,9 @@ import checkForFiles, {
  log,
  panic,
 } from "./src/utils";
 import { randomBytes } from "crypto";
 const program = new Command();
 const { exit } = process;
 $.nothrow();
 program.name("confidant").description("Creates a very secure file vault.");
--- a/package.json
+++ b/package.json
@@ -1,15 +1,15 @@
 {
  "name": "confidant",
-  "version": "1.0.0",
+  "version": "1.1.0",
  "module": "confidant.ts",
  "type": "module",
  "scripts": {
    "init": "bun ./scripts/init.ts",
-    "sh": "bun ./scripts/sh.ts",
+    "build": "bun build --minify ./confidant.ts --target node --outfile ./dist/confidant.mjs",
-    "build": "bun ./scripts/build.ts"
+    "build-exec": "bun build --compile --minify ./confidant.ts --outfile ./dist/confidant"
  },
  "bin": {
-    "confidant": "./confidant.ts"
+    "confidant": "./dist/confidant.mjs"
  },
  "devDependencies": {
    "@types/bun": "latest"
@@ -20,9 +20,11 @@
  "dependencies": {
    "@iarna/toml": "^2.2.5",
    "@inquirer/prompts": "^6.0.1",
    "@types/adm-zip": "^0.5.5",
    "@types/commander": "^2.12.2",
    "@types/crypto-js": "^4.2.2",
    "@types/eccrypto": "^1.1.6",
    "adm-zip": "^0.5.16",
    "argon2": "^0.41.1",
    "chalk": "^5.3.0",
    "chalk-template": "^1.1.0",
--- a/scripts/build.ts
+++ b/scripts/build.ts
@@ -1,11 +0,0 @@
 import { $ } from "bun";
 import data from "../package.json";
 const { version: ver } = data;
 await $`
 rm -rf ./dist
 bun build --compile --target=bun-linux-x64 ./confidant.ts --outfile ./dist/confidant_${ver}_linux_x64
 bun build --compile --target=bun-windows-x64 ./confidant.ts --outfile ./dist/confidant_${ver}_win_x64.exe
 bun build --compile --target=bun-darwin-arm64 ./confidant.ts --outfile ./dist/confidant_${ver}_darwin_arm64
 `;
--- a/scripts/init.ts
+++ b/scripts/init.ts
@@ -1,7 +1,7 @@
 import { $ } from "bun";
 import { stringy } from "../src/utils";
 import { randomBytes } from "crypto";
 import chalkTemplate from "chalk-template";
 import { writeFileSync } from "fs";
 const envstring = `// env.ts
 const env = {
@@ -15,5 +15,5 @@ const env = {
 export default env;
 `;
-await $`echo ${envstring} > env.ts`;
+writeFileSync("./env.ts", envstring);
 console.log(chalkTemplate`{green env.ts initialized sucessfully!}`);
--- a/src/main.ts
+++ b/src/main.ts
@@ -1,8 +1,7 @@
 import { parse, stringify } from "@iarna/toml";
 import { $ } from "bun";
 import { pbkdf2Sync as pbkdf2, randomBytes } from "crypto";
 import { derive, getPublic } from "eccrypto";
-import { readFileSync, writeFileSync } from "fs";
+import { readFileSync, rmSync, writeFileSync } from "fs";
 import {
  buffer,
  decrypt,
@@ -24,6 +23,7 @@ import env from "../env";
 import { AES, enc, HmacSHA256 } from "crypto-js";
 import chalk from "chalk-template";
 import { input, password } from "@inquirer/prompts";
 import AdmZip from "adm-zip";
 console.info = function () {};
 const { exit } = process;
@@ -36,8 +36,10 @@ export async function initialize(password: string, dirname: string) {
  const salt = randomBytes(32);
  const code = random(10000, 100000);
  const D = pbkdf2(S_AB, salt, code, 64, "sha256");
-  await $`zip -r9 confidant.zip ${dirname} > /dev/null`;
+  const zip = new AdmZip();
-  await $`rm -rf ${dirname}`;
+  zip.addLocalFolder("./" + dirname);
  zip.writeZip("./confidant.zip");
  rmSync(dirname, { recursive: true });
  const Z = readFileSync("confidant.zip");
  const E_Z = encrypt_file(Z, D);
@@ -84,13 +86,12 @@ export async function initialize(password: string, dirname: string) {
  console.log(`Recovery phrase:`);
  console.log(chalk`{magenta    ${recovery_phrase}}`);
-  await $`rm confidant.zip`;
+  rmSync("confidant.zip");
  // create .gitignore
  const gitignore = `# .gitignore
-*.con
+*.key
 *.fid
 *_recovery.txt
 confidant.zip
 *.confidant
@@ -132,7 +133,9 @@ export async function decrypt_vault(password: string, dirname: string) {
    const Z = decrypt_file(E_Z, D);
    writeFileSync(`confidant.zip`, Z);
    writeFileSync(`.${dirname}.confidant`, encrypt(D, buffer(env.AUTH_KEY)));
-    await $`unzip confidant.zip > /dev/null && rm confidant.zip`;
+    const unzip = new AdmZip("./confidant.zip");
    unzip.extractAllTo(`./${dirname}`, true);
    rmSync("./confidant.zip");
  } catch (e) {
    panic`Error decrypting vault. The files could be corrupted.`;
  }
@@ -145,8 +148,10 @@ export async function encrypt_vault(dirname: string) {
      buffer(env.AUTH_KEY),
    );
    // create zip file and encrypt it
-    await $`zip -r9 confidant.zip ${dirname} > /dev/null`;
+    const zip = new AdmZip();
-    await $`rm -rf ${dirname}`;
+    zip.addLocalFolder("./" + dirname);
    zip.writeZip("./confidant.zip");
    rmSync(dirname, { recursive: true });
    const Z = readFileSync("confidant.zip");
    const E_Z = encrypt_file(Z, D);
@@ -159,7 +164,8 @@ export async function encrypt_vault(dirname: string) {
      `${dirname}.vault`,
      Buffer.concat([vaultfile.subarray(0, index), separator, E_Z]),
    );
-    await $`rm confidant.zip .${dirname}.confidant`;
+    rmSync("./confidant.zip");
    rmSync(`./.${dirname}.confidant`);
  } catch (e) {
    panic`Error encrypting vault. The files could be corrupted.`;
  }
@@ -231,7 +237,7 @@ export async function reset(dirname: string, recoverystring: string) {
      ]),
    );
-    writeFileSync(`${dirname}_recovery.txt`, newrecphrase);
+    writeFileSync(`${dirname}_recovery.txt`, newrecphrase + "\n");
    console.log(`New recovery phrase:`);
    console.log(chalk`{magenta    ${newrecphrase}}`);
  } catch (e) {
--- a/src/utils.ts
+++ b/src/utils.ts
@@ -3,7 +3,6 @@ import { createHmac } from "crypto";
 import { generatePrivate, getPublic } from "eccrypto";
 import { generate } from "random-words";
 import chalk from "chalk-template";
 import { $ } from "bun";
 import { existsSync, readdirSync } from "fs";
 import { select } from "@inquirer/prompts";
@@ -61,15 +60,6 @@ export function decrypt_file(input: Buffer, key: Buffer) {
  return Buffer.from(result.toString(enc.Utf8), "base64");
 }
 export async function exists(dir: string) {
  try {
    await $`test -d ${dir}`;
    return true;
  } catch (e) {
    return false;
  }
 }
 export function log(
  str: TemplateStringsArray,
  ...placeholders: unknown[]
@@ -109,13 +99,17 @@ export function print(key: string, value: string) {
 export class Files {
  data: string[] | null = null;
-  constructor(regex?: RegExp | string) {
+  constructor(regex?: RegExp | string | string[]) {
    if (!regex) {
      return this;
    }
    try {
-      const data = readdirSync(".").filter((x) => x.match(regex));
+      if (Array.isArray(regex)) {
-      this.data = data ? data.map((x) => x.replace(regex, "$1")) : null;
+        this.data = regex;
      } else {
        const data = readdirSync(".").filter((x) => x.match(regex));
        this.data = data ? data.map((x) => x.replace(regex, "$1")) : null;
      }
    } catch (error) {
      console.error("Error executing command:", error);
      this.data = null;
@@ -130,51 +124,57 @@ export class Files {
    return `[ ${this.data ? this.data.join(", ") : "empty"} ]`;
  }
-  intersection(a: Files) {
+  intersection(a: Files): Files {
    const obj = new Files();
-    obj.data = Array.from(new Set(this.data).intersection(new Set(a.data)));
+    if (this.data && a.data) {
      obj.data = this.data.filter((x) => a.data!.includes(x));
    }
    return obj;
  }
-  difference(a: Files) {
+  difference(a: Files): Files {
    const obj = new Files();
-    obj.data = Array.from(new Set(this.data).difference(new Set(a.data)));
+    if (this.data && a.data) {
      obj.data = this.data.filter((x) => !a.data!.includes(x));
    }
    return obj;
  }
 }
 export async function getDirectoryNames() {
-  const dirlist = (await $`ls -d */`.text()).trim();
+  try {
    const dirlist = readdirSync(".", { withFileTypes: true })
      .filter((file) => file.isDirectory())
      .map((file) => file.name);
-  if (!dirlist) {
+    if (dirlist.length === 0) {
-    panic`No directories found in current directory, please create one and run "init" again.`;
+      panic`No directories found in current directory, please create one and run "init" again.`;
-    return;
+      return;
    }
    const dirs = new Files(dirlist);
    const vaults = new Files(/.*\.vault/g);
    const usableDirs = dirs.difference(vaults);
    if (usableDirs.data && usableDirs.data.length === 0) {
      panic`No usable directories found in current directory, please create one and run "init" again.`;
      return;
    } else if (usableDirs.data && usableDirs.data.length === 1) {
      return usableDirs.data[0];
    }
    const dirname = await select({
      message: "Select a directory to use:",
      choices: usableDirs.data!.map((x) => ({
        name: x,
        value: x,
      })),
    });
    return dirname;
  } catch (e) {
    console.log(chalk`{red ${e.message}}`);
    process.exit(1);
  }
  let dirs: string[];
  const vaultList = (await $`ls *.vault`.text()).trim().match(/.*\.vault/g);
  if (vaultList) {
    const vaults = vaultList.map((x) => x.replace(".vault", ""));
    dirs = Array.from(new Set(dirlist.split("\n")).difference(new Set(vaults)));
  } else {
    dirs = dirlist.split("\n");
  }
  if (dirs.length === 0) {
    panic`No usable directories found in current directory, please create one and run "init" again.`;
    return;
  } else if (dirs.length === 1) {
    return dirs[0];
  }
  const dirname = await select({
    message: "Select a directory to use:",
    choices: dirs.map((x) => ({
      name: x,
      value: x,
    })),
  });
  return dirname;
 }
 export async function getVaultName() {
@@ -252,7 +252,7 @@ export async function getDecryptedName() {
 export function getRandomPassword(length: number) {
  const STRING =
-    "0123456789abcdefghijklmnopqrstuvwxyz!@#$%^&*()ABCDEFGHIJKLMNOPQRSTUVWXYZ";
+    "0123456789abcdefghijklmnopqrstuvwxyz!@#$%^&*ABCDEFGHIJKLMNOPQRSTUVWXYZ";
  let pass = "";
  while (pass.length < length) {
Author	SHA1	Message	Date
Suraj B M	fb254e97b5	Merge branch 'main' of github.com:silicoflare/confidant	2024-10-08 10:24:05 +05:30
Suraj B M	d5669b2988	feat: remove complete dependency on bun to be able to compile to .js	2024-10-08 10:23:17 +05:30
Suraj B M	f008eea843	build: add license	2024-10-01 14:33:28 +05:30
Suraj B M	50d377d6bd	fix: refactor confidant.ts and add extra security feature in README	2024-10-01 11:05:01 +05:30
Suraj B M	8acfc09ea5	fix: update README and minify binaries during build	2024-09-30 23:13:53 +05:30