Metadata-Version: 2.1
Name: krapplet
Version: 0.1.0
Summary: A password manager written as a gnome-keyring applet
Home-page: https://gitlab.com/hfernh/krapplet
Author: Johannes Willem Fernhout
Author-email: hfern@fernhout.info
License: BSD 3-clause
Description: # Krapplet
        Krapplet is a password manager which relies on gnome-keyring for storing secrets (passwords) and other
        information. It is developed as a Linux system tray icon applet, and aims to not be in the user's way.
        
        ## Installation
        ### Environment
        Krapplet is based on [gnome-keyring](https://github.com/GNOME/gnome-keyring), which limits its use to the Linux
        operating system. Krapplet has been tested on the amd64 and x64 architecture, but might work on other
        architectures as well. A system tray needs to be available for the applet to embed itself in.
        
        ### Software dependencies
        Krapplet makes use of the following software:
        - [Python](https://www.python.org/) as the programming language, tested with versions 3.7, 3.8 and 3.9.
        - [GTK3](https://www.gtk.org/) for the user interface. Developed against version 3.24.22. Please refer to
        [these instructions](https://pygobject.readthedocs.io/en/latest/getting_started.html) for how to install GTK3
        for your Linux distribution.
        - [Secretstorage](https://github.com/mitya57/secretstorage) as the Python API towards gnome-keyring. Developed
        against version 3.1.2. Secretstorage can be installed via [PyPI](https://pypi.org/project/SecretStorage), but is
        also available as an operating system package in many Linux distributions. Secretstorage makes use of a Python 
        package [cryptography](https://github.com/pyca/cryptography), which in turn requires some operating system
        packages to be installed: see [here](https://cryptography.io/en/latest/installation.html) for installation
        instructions.
        
        ### Installers
        Krapplet is available:
        - as source code on [Gitlab](https://gitlab.com/hfernh/krapplet)
        - on [PyPI](https://pypi.org/project/krapplet).
        
        ## Usage
        Once krapplet is started it will show itself as an icon in the system tray.  When this icon is right clicked it
        will show a menu with the available keyrings, the option to add a keyring, and about and quit options.  When
        hovering over a keyring it will give the option to unlock a keyring when it is locked or show the availabe keys,
        and options to add a key, remove the keyring, or lock the keyring.
        
        Once a key has been selected it will show a small floating window to manipulate the key. It shows the key name
        as a first input field and when it is not a new key also the create and modified timestamps.
        
        Next are the key attributes in name/value pairs. There is a button to add an additional attribute. A blank
        attribute name is interpreted as an instruction to remove that attribute. When an attribute name "URL" is
        present a launch button will be shown, which opens the system webbrowser for the listed URL when clicked.
        
        The "secret" section contains the password, by default shown hidden. This section has buttons to generate a new
        password, copy the password to the system clipboard, and to show or hide the password. 
        
        The generation of a new password is based on five parameters:
        - total lenght
        - minimum number of uppercase, lowercase, numeric and special characters; use zero to exclude a category.
        
        Special characters are defined as: \!#$%&()\*+,-./:;<=>?@[\\]^\_\`{|}~
        
        ## Secure storage of passwords
        Krapplet relies on gnome-keyring for storing secrets in a secure (encrypted) manner. How this works is described
        in [this gnome-keyring wiki page](https://wiki.gnome.org/Projects/GnomeKeyring/StoringSecrets). The upshot is 
        that:
        - There should be a password set for the first keyring to be unlocked, the login keyring
        - That password should be the same as the password for the user's Linux account 
        
        Desktop environments are capable of unlocking the login keyring as long as auto-login is not used.
        
        ## Disclaimers
        ### Password generation
        The generation of the password makes use of Python's random functions. These random funtions rely on operating
        system features, typically the current time in fractions of seconds, or when available from a random device like
        /dev/urandom in Linux, which seems better. Even better would be if there is a hardware random number generator 
        available and used by the operating system. How Python's random function works therefore depends on the Python
        interpretor, the system configuration, and the hardware. In any case, it is not good enough for real
        cryptographic purposes. Whether it is good enough for password generation is left to users of krapplet to
        decide.
        
        ### Clipboard usage
        Krapplet can copy secrets to the system clipboard, allowing a user to paste a secret in an input field, seemingly
        a secure way since bystanders cannot see what is being copied. However, please be weary of clipboard managers
        maintaining a clipboard history and therefore can reveal everything that has been copied to it, including 
        passwords.
        
        ## Troubleshooting
        
        ### Error: could not embed in systray
        - Make sure that there is a systray for krapplet to embed itself in
        
        ### Cannot see the krapplet icon
        - Verify that there are krapplet.png files in /usr/share/icons/hicolor/48x48/apps and in 
        /usr/share/icons/hicolor/96x96/apps
        - Refresh the icon cache by running gtk-update-icon-cache
        
        ### Login keyring not automatically unlocked
        - Please check your distribution's documentation with respect to gnome-keyring
        
        ## License
        Krapplet is licensed under the [BSD 3-Clause license](https://gitlab.com/hfernh/krapplet/-/blob/master/LICENSE).
        
        ## Author
        Johannes Willem Fernhout
        
Keywords: password manager,gnome-keyring
Platform: UNKNOWN
Classifier: Development Status :: 4 - Beta
Classifier: Environment :: X11 Applications :: GTK
Classifier: Intended Audience :: End Users/Desktop
Classifier: License :: OSI Approved :: BSD License
Classifier: Operating System :: POSIX :: Linux
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Topic :: Security
Classifier: Topic :: Utilities
Requires-Python: >=3.7
Description-Content-Type: text/markdown
