SecureNUS is a Command-Line-Interface (CLI) application that allows users to store sensitive credentials locally. Examples of such credentials include basic password, credit card details as well as CryptoWallet fields. Information submitted by users are encrypted to safeguard the interests of the user in the event the device is lost or hacked.
RepoSense link
***
$save
All credentials submitted by users thus far will be written to the database. This function is automatically triggered when new secrets added, edited or deleted from the database.
Enter Command: $save
_____________________________________________________
Saving secrets to storage, please do not close application...
_____________________________________________________
_____________________________________________________
Save complete. All secrets saved into assets/database.txt.
If exporting to another device, save this file into the root directory's assets/database.txt before you start me again!
_____________________________________________________
File paths are retrieved via $System.getProperty(Backend.USER_DIRECTORY_IDENTIFIER)
so as to circumvent differences in path syntax across different operating systems. A folder and a database.txt file is
generated on behalf of users.
$~!@#$%^&*()-=_+[]\{}|;':",./<>?
can be submitted in certain fields. To ensure the veracity of
the data, modifications have to be performed before they are written into the database. When reading from the database,
these modifications have to be reversed accordingly.Sensitive fields like $username
and $password
are encrypted into the database when it is written to the database and
decrypted again when loaded into the program
Intentional / unintentional edits may be performed on the data in database.txt file. Therefore checks have to be
performed to verify the veracity of the data when a new session starts. These checks can be divided into 4 main categories:
$name
and $folder name
only contain alphanumeric characters
if (Secret.isIllegalName(input[2]) || !SecretMaster.isLegalFolderName(input[3]))
if (!creditCardNumber.matches(CREDIT_CARD_NUMBER_FMT)) {
throw new InvalidCreditCardNumberException();
}
if (!expiryDate.matches(EXPIRY_DATE_FMT)) {
throw new InvalidExpiryDateException();
}
if (!isLegalCvcNumber(cvcNumber)) {
throw new InvalidCVCNumberException();
}
if (secretNames.contains(secret.getUid())) {
throw new RepeatedIdException();
}
public static String hash(String data) {
int hashcode = 0;
...
}
——————————— | Session began at: 2023-04-09T23:28:12.788915800Z | ——————————————————————- | Session began at: 2023-04-09T23:29:18.053986200Z | ———————————– |
command by user: new pass10
fields: idk.com, c/,
>>>>user cancelled operation
command by user: exit
fields:
------------
| ALERT !!!|
------------
Program Crashed: unexpected exception: null
Time: 2023-04-09T23:47:28.668632600Z
...
Within the abstract method format, all relevant information are rearranged and formatted using static methods based on the context of the information.
if (logArray[0].equals("start")) {
return SecureNUSLogFormatter.startOfSessionLog(record);
}
Added assertions to the code to better safeguard the program against unexpected inputs and lapses in programming logic
assert this.storage != null;
assert index >= 0;
if (index >= storage.size()) {
throw new ArrayIndexOutOfBoundsException();
}