debian/0000755000000000000000000000000011745406544007200 5ustar debian/rules0000755000000000000000000000123411745406544010260 0ustar #!/usr/bin/make -f #export DH_VERBOSE=1 clean: dh_testdir dh_testroot rm -f build-stamp dh_clean build-stamp: dh_testdir $(MAKE) GPG=/usr/bin/gpg touch build-stamp build: build-stamp build-arch: build build-indep: build install: build dh_testdir dh_testroot dh_prep $(MAKE) DESTDIR=$(CURDIR)/debian/rephrase install binary: binary-arch binary-arch: install dh_testdir dh_testroot dh_installchangelogs dh_installdocs dh_installman debian/rephrase.1 dh_lintian dh_strip dh_compress dh_fixperms dh_installdeb dh_shlibdeps dh_gencontrol dh_md5sums dh_builddeb binary-indep: .PHONY: clean build install binary binary-arch binary-indep debian/source/0000755000000000000000000000000011745406544010500 5ustar debian/source/format0000644000000000000000000000001411745406544011706 0ustar 3.0 (quilt) debian/copyright0000644000000000000000000000215611745406544011137 0ustar Name: rephrase Source: http://www.roguedaemon.net/rephrase/ Files: * Copyright: 2003, Phil Lanch License: GPL-2 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; version 2 of the License. . This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. . You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. . On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL-2 file. Files: debian/* Copyright: 2009, Tiago Bortoletto Vaz License: GPL-2+ On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL-2 file. debian/control0000644000000000000000000000161711745406544010610 0ustar Source: rephrase Section: utils Priority: extra Maintainer: Debian Forensics Uploaders: Tiago Bortoletto Vaz Build-Depends: debhelper (>= 9) Standards-Version: 3.9.3 Homepage: http://www.roguedaemon.net/rephrase/ Vcs-Browser: http://git.debian.org/?p=forensics/rephrase.git Vcs-Git: git://git.debian.org/forensics/rephrase.git Package: rephrase Architecture: any Depends: ${misc:Depends}, ${shlibs:Depends}, gnupg Description: Specialized passphrase recovery tool for GnuPG If you can nearly remember your GnuPG passphrase - but not quite - then Rephrase may be able to help. Tell Rephrase the parts of the passphrase you know, and any number of alternatives for the parts you're not sure about; and Rephrase will try all the alternatives, in all possible combinations, and tell you which combination (if any) gives you the correct passphrase. debian/changelog0000644000000000000000000000141711745406544011055 0ustar rephrase (0.1-3) unstable; urgency=low * Change CVS address due to my new user in Alioth * Change maintainer to Debian Forensics Team * Move to format 3.0. Thanks to Jari Aalto. (Closes: #668499) * Add build-arch and build-indep targets to rules file. Thanks to Jari Aalto. -- Tiago Bortoletto Vaz Mon, 23 Apr 2012 22:01:52 -0400 rephrase (0.1-2) unstable; urgency=low * Added gnupg as dependency. * debian/control: + pass the right gpg path to make. Thanks to Artur R. Czechowski. (Closes: #550508) -- Tiago Bortoletto Vaz Sun, 11 Oct 2009 12:27:14 -0300 rephrase (0.1-1) unstable; urgency=low * Initial Release. (Closes: #547659) -- Tiago Bortoletto Vaz Sat, 26 Sep 2009 23:15:23 -0300 debian/watch0000644000000000000000000000010511745406544010225 0ustar version=3 http://www.roguedaemon.net/rephrase/rephrase-(.+)\.tar\.gz debian/patches/0000755000000000000000000000000011745406544010627 5ustar debian/patches/01_fix_bin_path.patch0000755000000000000000000000071111745406544014604 0ustar From: Tiago Bortoletto Vaz Subject: Fix binary path in Makefile diff -urNad rephrase-0.1~/Makefile rephrase-0.1/Makefile --- rephrase-0.1~/Makefile 2009-09-27 00:51:00.000000000 -0300 +++ rephrase-0.1/Makefile 2009-09-27 00:51:11.000000000 -0300 @@ -41,7 +41,7 @@ CFLAGS = -Wall -DVERSION=\"$(version)\" $(gpg_def) $(pattern_max_def) -BINDIR = /usr/local/bin +BINDIR = /usr/bin files = COPYING Makefile README $(program).c debian/patches/series0000644000000000000000000000005311745406544012042 0ustar 01_fix_bin_path.patch 02_add_destdir.patch debian/patches/02_add_destdir.patch0000755000000000000000000000122211745406544014417 0ustar From: Tiago Bortoletto Vaz Subject: Add DESTDIR to Makefile diff -urNad rephrase-0.1~/Makefile rephrase-0.1/Makefile --- rephrase-0.1~/Makefile 2009-09-27 00:54:25.000000000 -0300 +++ rephrase-0.1/Makefile 2009-09-27 00:55:44.000000000 -0300 @@ -50,10 +50,10 @@ dist: $(what).tar.gz $(what).tar.bz2 install: all - mkdir -p $(BINDIR) - rm -f $(BINDIR)/$(program) - cp $(program) $(BINDIR)/$(program) - chmod 4711 $(BINDIR)/$(program) + mkdir -p $(DESTDIR)/$(BINDIR) + rm -f $(DESTDIR)/$(BINDIR)/$(program) + cp $(program) $(DESTDIR)/$(BINDIR)/$(program) + chmod 4711 $(DESTDIR)/$(BINDIR)/$(program) $(what).tar: $(files) rm -f $@ debian/rephrase.10000644000000000000000000001461511745406544011102 0ustar .TH REPHRASE "1" "September 2009" "rephrase " "User Commands" .SH NAME rephrase \- Specialized passphrase recovery tool for GnuPG .SH DESCRIPTION .B rephrase is a specialized passphrase recovery tool for GnuPG. If you can nearly remember your GnuPG passphrase \- but not quite \- then Rephrase may be able to help. .P Tell Rephrase the parts of the passphrase you know, and any number of alternatives for the parts you're not sure about; and Rephrase will try all the alternatives, in all possible combinations, and tell you which combination (if any) gives you the correct passphrase. You could try all the combinations yourself, of course, if there are just a handful of them; but if there are more, that might be impractical. .P On the other hand, if you need to try a huge number of possible passphrases, Rephrase might be too slow; it is far from being an efficient passphrase cracker. E.g. Rephrase can try out about 2600 possible passphrases per minute on my 1GHz Athlon (with other processes doing nothing very heavy at the same time). How many passphrases Rephrase can try depends on how long you are prepared to wait! Rephrase can reasonably be run for a long time; e.g. it *won't* use more memory the longer it runs. .P It would be a Bad Thing to leave your passphrase (or part of it, or your guesses at it) lying around on your hard drive; since a passphrase is supposed to be an extra line of defence if an attacker obtains access to your secret keyring (which you presumably *do* keep on your hard drive). That's why Rephrase keeps all the information about your passphrase that you give it in secure memory (and then pipes each possible passphrase to a child gpg process). For this reason, Rephrase is likely to be more secure than alternative solutions that involve generating a list of possible passphrases in a file and then testing them. .P [1] For more information about GnuPG, see http://www.gnupg.org/ . .SH USAGE .B rephrase <\fIkey\fR> .P where is the key whose passphrase you want to recover; you can identify the key in any of the ways that GnuPG understands. (To make sure you're using a sensible value for , you could first try .HP gpg \-\-list\-secret\-keys .P which should list exactly 1 key.) .P You will be prompted to enter a pattern (the pattern is not echoed to the screen as you type it). So what's a pattern? Suppose you know that your passphrase was something like "super\-secret", but you're not sure if you changed some (or all) of the "e"s into "3"s, or any of the consonants into upper case, or indeed changed the "c" into "k" or "K" or even "|<", or changed the "\-" into " " or just omitted it. Then you could enter this pattern: .HP (s|S)u(p|P)(e|3)(r|R)(\-| |)(s|S)(e|3)(c|C|k|K|\\|<)(r|R)(e|3)(t|T) .P The pattern is your passphrase \- except that 4 characters have special meanings. Brackets \- "(" and ")" \- are used to group alternatives wherever you're not sure what characters are correct; "|" is used inside a pair of brackets to separate the alternatives; and "\\" is used to escape any of the 4 special characters when you need to use it literally. .P Rephrase will tell you if your pattern contains a syntax error. That happens if there are unbalanced brackets (i.e. they aren't in proper pairs); or if the pattern ends with "\\" (because then there's nothing for it to escape). It also happens (and these cases are limitations in Rephrase's simple pattern parser) if you try to nest pairs of brackets; or if you try to use "|" anywhere that's not inside a pair of brackets. .P If the pattern contains no syntax errors, Rephrase will try each possible passphrase matching the pattern in turn. If the correct passphrase is found, Rephrase won't actually tell you what it is (in case someone's looking over your shoulder), but will tell you a string of numbers: you can work out the correct passphrase from these numbers and the pattern you entered. E.g. .HP 2 1 2 1 2 1 1 5 1 2 2 .P The first number \- 2 \- means that at the first pair of brackets in the pattern \- "(s|S)" \- you must take the second alternative \- viz. "S". The second number \- 1 \- means that at the seconds pair of brackets \- "(p|P)" \- you must take the first alternative \- viz. "p". And so forth. So in this case the correct passphrase is "Sup3r se| incorretly; how to check that the value of is OK is explained above.) .P Rephrase's exit status is 0 is the passphrase is found, 1 if it's not found, or other values if an error occurs. .SH SECURITY The good news is that Rephrase uses mlock() in order to keep the information about passphrases that it's given as secure as possible. The bad news is that using mlock() requires root privileges, so Rephrase needs to be setuid root. However, it does drop root privileges very quickly, as soon as it has called mlock(). .P It's also debatable whether mlock() is a proper way to protect sensitive information. According to POSIX, mlock()ing a page guarantees that it *is* in memory (useful for realtime applications), not that it *isn't* in the swap (useful for security applications). Possibly an encrypted swap partition (or no swap partition) is a better solution. Anyway, GnuPG itself uses mlock(), which makes it sensible for Rephrase to follow suit. .SH BUGS Portability is untested: I have only used Rephrase on a GNU/Linux system (Linux 2.4.21 and Glibc 2.3.2; building with GNU Make 3.79.1, bash 2.05 (as /bin/sh) and either GCC 2.95.3 or GCC 3.3). I believe setreuid() is a BSD\-ism, so it may not exist on more SysV\-like systems. There are probably many other issues. .P If mlock() fails (probably because Rephrase is not setuid root), Rephrase refuses to proceed: it would be better to issue a warning and continue, since that's what GnuPG does. .P Before it asks you to enter a pattern, Rephrase should check that the argument does refer to exactly 1 key and that that key is available. .P If you'd like Rephrase to be faster, then it's too slow. (But if you're happy with it, then it's fast enough.) .P The standard \-\-version and \-\-help options are unimplemented. .SH AUTHOR .PP This manual page was prepared by Tiago Bortoletto Vaz for the Debian GNU/Linux system (but may be used by others). Most of the text used here comes from the original README file by Phil Lanch's . debian/compat0000644000000000000000000000000211745406544010376 0ustar 5