easy-password 0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 22d9fd1676c83cd88d002fbc80e9f99727e524c704027a2d4d37078c17c5234d
+  data.tar.gz: 325356f44444034a31212ee79b0e2e92bb7392314351df8e4b78985baa09acb9
+SHA512:
+  metadata.gz: 67ffa6ec83d80b16bbcbddb2f649fe183b97d2753e018c35deb3a2fd27f6652af2cb191fa26282fde1c1020a97cdf5a6f995c7d1d70323ecbb9d7c8ead00b21c
+  data.tar.gz: 5763ce1f321402431fea4169d1bbb351adc6e33223eb1d2744970fd94aa73762b8dcd0e0b78114a939958847c80d5f8895ea775efb85d0c1f6d613102bbf8031

data/README.md

@@ -0,0 +1,52 @@
+easy-password
+=============
+Password generator, checker, hasher
+
+
+Examples
+========
+
+Adding a simple password generator and using it by default:
+
+~~~ruby
+# Generate 10 random alphanumeric characters
+EasyPassword.generator :random10 do
+  SecureRandom.alphanumeric(10)
+end
+
+# Define the default generator
+EasyPassword.default_generator = :random10
+~~~
+
+
+Adding a checker
+
+~~~ruby
+# Implementing classic at least 1 lowercase, 1 upercase, 1 digit
+EasyPassword.checker :aA1 do |password, all|
+  list = { /\d/    => :digit_needed,
+           /[A-Z]/ => :upercase_needed,
+           /[a-z]/ => :lowercase_needed,
+         }.lazy.map {|regex, failure| failure if password !~ regex }
+               .reject(&:nil?)
+  all ? list.to_a : list.first
+end
+
+# Looking for known bad passwords in a database (using Sequel)
+Password.checker :hack_dictionary do |password, all|
+  ! DB[:bad_passwords].first(:password => password).nil?
+end
+~~~
+
+Creating password
+
+~~~ruby
+password = EasyPassword.new
+password = EasyPassword.new('foobar')
+~~~
+
+Checking for weakness
+
+~~~ruby
+password.weakness
+~~~

data/easy-password.gemspec

@@ -0,0 +1,28 @@
+# -*- encoding: utf-8 -*-
+
+require_relative 'lib/easy-password/version'
+
+Gem::Specification.new do |s|
+    s.name        = 'easy-password'
+    s.version     = EasyPassword::VERSION
+    s.summary     = "Password generator, checker, hasher"
+    s.description =  <<~EOF
+      Ease password creation by allowing:
+      * password generation
+      * password weakness checking
+      * hashing password to sha256, md5, sha, ntlm, lmhash
+      EOF
+
+    s.homepage    = 'https://gitlab.com/sdalu/easy-password'
+    s.license     = 'MIT'
+
+    s.authors     = [ "Stéphane D'Alu" ]
+    s.email       = [ 'stephane.dalu@insa-lyon.fr' ]
+
+    s.files       = %w[ README.md easy-password.gemspec ] +
+                    Dir['lib/**/*.rb']
+
+    s.add_development_dependency 'yard',      '~>0'
+    s.add_development_dependency 'redcarpet', '~>3'
+    s.add_development_dependency 'rake',      '~>13'
+end

data/lib/easy-password.rb

@@ -0,0 +1,316 @@
+require 'openssl'
+
+#
+# Adding a simple password generator and using it by default:
+#
+#   # Generate 10 random alphanumeric characters
+#   EasyPassword.generator :random10 do
+#     SecureRandom.alphanumeric(10)
+#   end
+#
+#   # Define the default generator
+#   EasyPassword.default_generator = :random10
+#
+#
+# Adding a checker
+#
+#   # Implementing classic at least 1 lowercase, 1 upercase, 1 digit
+#   EasyPassword.checker :aA1 do |password, all|
+#     list = { /\d/    => :digit_needed,
+#              /[A-Z]/ => :upercase_needed,
+#              /[a-z]/ => :lowercase_needed,
+#            }.lazy.map {|regex, failure| failure if password !~ regex }
+#                  .reject(&:nil?)
+#     all ? list.to_a : list.first
+#   end
+#
+#   # Looking for known bad passwords in a database (using Sequel)
+#   Password.checker :hack_dictionary do |password, all|
+#     ! DB[:bad_passwords].first(:password => password).nil?
+#   end
+#
+# Creating password
+#
+#   password = EasyPassword.new
+#   password = EasyPassword.new('foobar')
+#
+# Checking for weakness
+#
+#   password.weakness
+#
+
+class EasyPassword
+    Digest = OpenSSL::Digest
+
+    @hide              = true
+    @checkers          = {}
+    @generators        = {}
+    @default_generator = nil
+    @default_checkers  = nil
+
+    
+    # Is password value hidden when calling #to_s
+    def self.hide
+        @hide
+    end
+
+
+    # Control if password value is hidden when calling #to_s
+    def self.hide=(hide)
+        @hide = hide
+    end
+
+
+    # Define the default generator to use
+    #
+    # @param [Symbol] type  Generator nickname
+    #
+    def self.default_generator=(type)
+        @default_generator = type
+    end
+
+
+    # Default generator
+    def self.default_generator
+        @default_generator
+    end
+
+
+    # Define the list of default checkers to use
+    #
+    # @param [Array<Symbol>,nil] checkers list of checkers nickname, if nil
+    #                                     all available checkers will be used
+    #
+    def self.default_checkers=(checkers)
+        @default_checkers = checkers
+    end
+
+    
+    # List of default checkers to use
+    def self.default_checkers
+        @default_checkers
+    end
+
+
+    # DSL to add a new password generator
+    #
+    # @yieldparam [void]
+    # @yieldreturn [String] plain text password
+    #
+    def self.generator(name, &block)
+        @generators[name] = block
+    end
+
+
+    # DSL to ass a new password checker
+    #
+    # @yieldparam [String]  password  plain text password
+    # @yieldparam [Boolean] all       should all weakness be listed
+    # @yieldreturn [false, nil, []] if no weakness have been discovered
+    # @yieldreturn [true, Symbol, Array<Symbol>] name of weakness
+    #
+    def self.checker(name, &block)
+        @checkers[name] ||= block
+    end
+
+
+    # Check for weakness
+    #
+    # @param [String, EasyPassword] password
+    # @param [Symbol]               checkers
+    # @param [Boolean]              all
+    #
+    # @raise [KeyError] if a requested checker is not defined
+    #
+    # @return [Hash{Symbol=>Array<Symbol>}]
+    #
+    def self.weakness(password, *checkers, all: true)
+        return nil              if @checkers.empty?       
+        password = password.raw if password.kind_of?(EasyPassword)
+
+        checkers = self.default_checkers if checkers.empty?
+        list     = if checkers.nil? || checkers.empty?
+                   then @checkers.lazy
+                   else checkers.lazy.map {|n| [n, @checkers.fetch(n)] }
+                   end
+        list     = list.map {|name, checker|
+            case r = checker.call(password, all: all)
+            when Array      then [ name, r        ] unless r.empty?
+            when Symbol     then [ name, [ r ]    ]
+            when true       then [ name, [ name ] ]
+            when nil, false
+            else raise ArgumentError, 'unsupported checker return value'
+            end
+        }.reject(&:nil?)
+
+        list = if all
+               then Hash[list.to_a]
+               else Hash[*list.first].transform_values {|v| v[0,1] }
+               end
+        list unless list.empty?
+    end
+
+
+    # Generate a plain text password string.
+    #
+    # @param  [Symbol] type  Generator nickname
+    # @return [String]
+    #
+    def self.generate(type = self.default_generator)
+        if type.nil?
+            raise ArgumentError, 'invalid generator type'
+        end
+            
+        @generators[type]&.call() ||
+            raise("requested generator '#{type}' doesn't exist")
+    end
+
+
+    # Create a MD5-hashed password
+    #
+    # @param [String] password  plain text password
+    #
+    # @return [String] hashed password
+    #
+    def self.md5(password)
+        "{MD5}"    + [Digest::MD5.digest(password)   ].pack('m0')
+    end
+
+
+    # Create a SHA-hashed password
+    #
+    # @param [String] password  plain text password
+    #
+    # @return [String] hashed password
+    #
+    def self.sha(password)
+        "{SHA}"    + [Digest::SHA1.digest(password)  ].pack('m0')
+    end
+
+
+    # Create a SHA256-hashed password
+    #
+    # @param [String] password  plain text password
+    #
+    # @return [String] hashed password
+    #
+    def self.sha256(password)
+        "{sha256}" + [Digest::SHA256.digest(password)].pack('m0')
+    end
+
+
+    # Create an NTML-hashed password
+    #
+    # @param [String] password  plain text password
+    #
+    # @return [String] hashed password
+    #
+    def self.ntlm(password)
+        Digest::MD4.hexdigest(password.encode("utf-16le"))
+    end
+    
+
+    # Create a LMHASH-hashed password
+    #
+    # @param [String] password  plain text password
+    #
+    # @return [String] hashed password
+    #
+    def self.lmhash(password)
+        passwd = password[0..13].upcase
+        passwd = passwd + "\000" * (14 - passwd.length)
+        des = OpenSSL::Cipher::Cipher.new('des-ecb')
+        des.encrypt
+        [passwd[0..6], passwd[7..13]].collect { |key56|
+            keybin = key56.unpack('B*')[0].scan(/.{7}/).collect {|k|
+                k + (k.count('1') % 2 == 0 ? '1' : '0') }
+            des.key = keybin.pack('B8' * 8)
+            des.update('KGS!@#$%')
+        }.join.unpack('C*').map { |b| '%02x' % b }.join
+    end
+
+
+    # Create a new EasyPassword
+    def initialize(password = EasyPassword::generate)
+        @passwd = password.clone.freeze
+    end
+
+
+    # Get the plain text password
+    #
+    # @return [String] plain text password
+    def raw
+        @passwd
+    end
+
+
+    # Get the SHA256-hashed password
+    #
+    # @return [String] hashed password
+    #
+    def sha
+        self.class.sha(@passwd)
+    end
+
+
+    # Get the SHA256-hashed password
+    #
+    # @return [String] hashed password
+    #
+    def sha256
+        self.class.sha256(@passwd)
+    end
+
+
+    # Get the MD5-hashed password
+    #
+    # @return [String] hashed password
+    #
+    def md5
+        self.class.md5(@passwd)
+    end
+
+
+    # Get the NTLM-hashed password
+    #
+    # @return [String] hashed password
+    #
+    def ntlm
+        self.class.ntlm(@passwd)
+    end
+
+
+    # Get the LMHASH-hashed password
+    #
+    # @return [String] hashed password
+    #
+    def lmhash
+        self.class.lmhash(@passwd)
+    end
+
+
+    # Display password.
+    # The behavior is controlled by Password.hide, so either
+    # the plain text password will be displayed or ********
+    #
+    # @return [String]
+    #
+    def to_s
+        self.class.hide != true ? "********" : self.raw
+    end
+
+    
+    # Check for weakness
+    #
+    # @param [Symbol]           checkers
+    # @param [Boolean]          all
+    #
+    # @raise [KeyError] if a requested checker is not defined
+    #
+    # @return [Hash{Symbol=>Array<Symbol>}]
+    #
+    def weakness(*checkers, all: true)
+        self.class.weakness(@passwd, *checkers, all: all)
+    end
+    
+end

data/lib/easy-password/version.rb

@@ -0,0 +1,5 @@
+class EasyPassword
+    # Version
+    VERSION = '0.1'
+end
+

metadata

@@ -0,0 +1,93 @@
+--- !ruby/object:Gem::Specification
+name: easy-password
+version: !ruby/object:Gem::Version
+  version: '0.1'
+platform: ruby
+authors:
+- Stéphane D'Alu
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2021-05-27 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: redcarpet
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13'
+description: |
+  Ease password creation by allowing:
+  * password generation
+  * password weakness checking
+  * hashing password to sha256, md5, sha, ntlm, lmhash
+email:
+- stephane.dalu@insa-lyon.fr
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- README.md
+- easy-password.gemspec
+- lib/easy-password.rb
+- lib/easy-password/version.rb
+homepage: https://gitlab.com/sdalu/easy-password
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.0.8
+signing_key:
+specification_version: 4
+summary: Password generator, checker, hasher
+test_files: []