Gestionnaire de mots de passe chiffré avec CAGOULE
Project description
cagoule-pass
Gestionnaire de mots de passe en ligne de commande, chiffré avec CAGOULE.
Chaque coffre est un fichier .cgl1 chiffré par CAGOULE (ChaCha20-Poly1305 + couche algébrique Z/pZ). Le mot de passe maître ne quitte jamais votre machine.
Installation
pip install cagoule-pass
Démarrage rapide
# 1. Créer un coffre
cagoule-pass init
# 2. Ajouter une entrée (mot de passe généré automatiquement)
cagoule-pass add github -u monuser --generate --length 20 --symbols
# 3. Récupérer une entrée
cagoule-pass get github --show
# 4. Copier le mot de passe dans le presse-papier
cagoule-pass copy github
# 5. Lister toutes les entrées
cagoule-pass list
Commandes
| Commande | Description |
|---|---|
init |
Créer un nouveau coffre |
add <service> |
Ajouter une entrée |
get <service> |
Afficher une entrée |
copy <service> |
Copier le mot de passe |
list |
Lister toutes les entrées |
search <query> |
Rechercher |
edit <service> |
Modifier une entrée |
remove <service> |
Supprimer une entrée |
generate |
Générer un mot de passe seul |
passwd |
Changer le mot de passe maître |
export <fichier> |
Exporter en JSON |
import <fichier> |
Importer depuis JSON |
info |
Informations sur le coffre |
Options communes
# Dossier personnalisé
cagoule-pass --dir /chemin/vault list
# Générer un mot de passe fort
cagoule-pass generate --length 24 --symbols --no-ambiguous --copy
# Ajouter avec URL et tags
cagoule-pass add github -u user --generate --url https://github.com --tags "dev,pro"
Sécurité
- Chiffrement : CAGOULE v1.5+ (CGL1) — ChaCha20-Poly1305 + CBC interne sur Z/pZ
- KDF : Argon2id (t=3, m=64MB) — résistant aux attaques par GPU
- Stockage :
~/.cagoule-pass/vault.cgl1— un seul fichier chiffré - Écriture atomique (fichier temporaire + rename) — pas de corruption partielle
- Mot de passe maître : jamais stocké, jamais logué
⚠️ Basé sur CAGOULE qui est à usage académique. Ne pas utiliser en production sans audit.
Structure du coffre
~/.cagoule-pass/
├── vault.cgl1 ← coffre chiffré (format CGL1)
└── config.json ← métadonnées non-sensibles (version, date)
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file cagoule_pass-1.2.0.tar.gz.
File metadata
- Download URL: cagoule_pass-1.2.0.tar.gz
- Upload date:
- Size: 22.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
7544d7be31943e4d8ffe8d36170137c6a7cde1229896bd294cd5302025f3616c
|
|
| MD5 |
79b2a1afc9e6ddb7184f8d566cd5810e
|
|
| BLAKE2b-256 |
ce96e3c1d6f893127d7d52829b9a6347ff3487c90349b00d47191874430f9a91
|
Provenance
The following attestation bundles were made for cagoule_pass-1.2.0.tar.gz:
Publisher:
python-publish.yml on slimissa/cagoule-pass
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
cagoule_pass-1.2.0.tar.gz -
Subject digest:
7544d7be31943e4d8ffe8d36170137c6a7cde1229896bd294cd5302025f3616c - Sigstore transparency entry: 1340691154
- Sigstore integration time:
-
Permalink:
slimissa/cagoule-pass@1cab788d3c91b53e31768d6ed7072c674036a06c -
Branch / Tag:
refs/tags/v1.2.0 - Owner: https://github.com/slimissa
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
python-publish.yml@1cab788d3c91b53e31768d6ed7072c674036a06c -
Trigger Event:
release
-
Statement type:
File details
Details for the file cagoule_pass-1.2.0-py3-none-any.whl.
File metadata
- Download URL: cagoule_pass-1.2.0-py3-none-any.whl
- Upload date:
- Size: 19.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
901fc04502420536db502eef1806971c9672f711d877a107700dd8a56302f58d
|
|
| MD5 |
9a0622e7160a917f7d2df8aac235b704
|
|
| BLAKE2b-256 |
2550674a733fe374d0ace03a8a64cc6bf61e9af88dcf902e932c5cf93aaf8bbd
|
Provenance
The following attestation bundles were made for cagoule_pass-1.2.0-py3-none-any.whl:
Publisher:
python-publish.yml on slimissa/cagoule-pass
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
cagoule_pass-1.2.0-py3-none-any.whl -
Subject digest:
901fc04502420536db502eef1806971c9672f711d877a107700dd8a56302f58d - Sigstore transparency entry: 1340691157
- Sigstore integration time:
-
Permalink:
slimissa/cagoule-pass@1cab788d3c91b53e31768d6ed7072c674036a06c -
Branch / Tag:
refs/tags/v1.2.0 - Owner: https://github.com/slimissa
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
python-publish.yml@1cab788d3c91b53e31768d6ed7072c674036a06c -
Trigger Event:
release
-
Statement type: