forgiva 1.0.1.3 → 1.0.1.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +13 -0
- data/bin/forgiva +3 -1
- data/forgiva.gemspec +4 -2
- data/lib/forgiva.rb +8 -2
- data/lib/forgiva_commands.rb +8 -3
- data/lib/forgiva_test.rb +12 -4
- data/lib/testvectors.rb +26 -9
- metadata +16 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 68b2ee29a36af7011dc08b12cd2e349a58e7051a
|
4
|
+
data.tar.gz: 50b85a2071572aaf2ac7512a1c25f6f40d8a62d8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: edf632949c2525c29ac37e04095bbe43bbec0b164542a1be02f8cf8f1dc909e97f78d9654818e8b6668d90333a67dd41ee036e8233d97bdb81d74272e2bfe5a8
|
7
|
+
data.tar.gz: bf252d1e773ca9944c9eb66396df81f0d1af258349596aee7537e62593e0ef1c347c607033f09dd1d298f0f6581729fe25537664c6590fc7748ce2181f0ad1a9
|
data/README.md
CHANGED
@@ -80,10 +80,19 @@ Application Options:
|
|
80
80
|
-c, --complexity=C_LEVEL 0-3 complexity level of password generation. (Default: 0)
|
81
81
|
-e, --select-credentials Select host and account info from saved list of credentials. If just host or account specified then you get filtered credentials.
|
82
82
|
-t, --test Runs core tests for the algorithm
|
83
|
+
-p, --scrypt Use scrypt algorithm to strengthen algorithm
|
83
84
|
```
|
84
85
|
|
86
|
+
## Release notes
|
87
|
+
|
88
|
+
- 1.0.1.3 and 1.0.1.4
|
89
|
+
- Added scrypt support with -p/--scrypt option
|
90
|
+
- Fixed various parameter parsing bugs
|
91
|
+
|
85
92
|
## Algorithm
|
86
93
|
|
94
|
+
(Note: After 1.0.1.4 version, SCrypt support added)
|
95
|
+
|
87
96
|
Forgiva uses following digest and encryption algorithm to complex password
|
88
97
|
generation phases:
|
89
98
|
|
@@ -201,11 +210,15 @@ Forgiva uses PBKDF2-HMAC as base of the key-derivation family and uses **forgiva
|
|
201
210
|
|
202
211
|
Depending on choices of the complexity it uses SHA1 (Normal),SHA256 (Intermediate) and SHA512 (Advanced) hashing algorithms.
|
203
212
|
|
213
|
+
Note: After 1.0.1.4 Algorithm; SCrypt support added
|
214
|
+
|
204
215
|
```
|
205
216
|
algorithm key-derivation
|
206
217
|
Input: forgiva-encrypted-inputs as SALT, SHA512 value of master key as KEY
|
207
218
|
Output: Array of password sized of animal count
|
208
219
|
hash = KEY
|
220
|
+
if scrypt_required
|
221
|
+
hash = scrypt(hash,SALT,131072,8,1) // n = 2^7 , p=8, r=1
|
209
222
|
for each Animal
|
210
223
|
hash = PBKDF2_HMAC_SHA1(hash,SALT, 10.000 iterationg with 32 bit key expectation)
|
211
224
|
password = forgiva-hash-to-password(hash)
|
data/bin/forgiva
CHANGED
@@ -15,7 +15,7 @@ BANNER = Constants::COLOR_CYA + "\n .-\" L_ " +
|
|
15
15
|
|
16
16
|
USAGE = <<ENDUSAGE
|
17
17
|
Usage:
|
18
|
-
forgiva [-h HOST] [-a ACCOUNT-ID] [-l LENGTH] [-s] [-c [1-3]] [-e] [OPTION...]
|
18
|
+
forgiva [-h HOST] [-a ACCOUNT-ID] [-l LENGTH] [-s] [-c [1-3]] [-e] [-p] [OPTION...]
|
19
19
|
ENDUSAGE
|
20
20
|
|
21
21
|
HELP = <<ENDHELP
|
@@ -32,6 +32,7 @@ Application Options:
|
|
32
32
|
\t-c, --complexity=C_LEVEL 0-3 complexity level of password generation. (Default: 0)
|
33
33
|
\t-e, --select-credentials Select host and account info from saved list of credentials. If just host or account specified then you get filtered credentials.
|
34
34
|
\t-t, --test Runs core tests for the algorithm
|
35
|
+
\t-p, --scrypt Use scrypt algorithm to strengthen algorithm
|
35
36
|
ENDHELP
|
36
37
|
|
37
38
|
|
@@ -74,6 +75,7 @@ t_hash_args = Hash[ ARGV.join(" ").
|
|
74
75
|
gsub("-e","-e 0").
|
75
76
|
gsub("-t","-t 0").
|
76
77
|
gsub("-s","-s 0").
|
78
|
+
gsub("-p","-p 0").
|
77
79
|
scan(/--?([^=\s]+)(?:[=\s+]?([^-]\S+))?/) ]
|
78
80
|
|
79
81
|
|
data/forgiva.gemspec
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
Gem::Specification.new do |gem|
|
2
2
|
gem.name = 'forgiva'
|
3
|
-
gem.version = '1.0.1.
|
4
|
-
gem.date = '2016-
|
3
|
+
gem.version = '1.0.1.4'
|
4
|
+
gem.date = '2016-10-03'
|
5
5
|
|
6
6
|
gem.summary = 'Forgiva'
|
7
7
|
gem.description = 'The new-age password manager.'
|
@@ -16,6 +16,8 @@ Gem::Specification.new do |gem|
|
|
16
16
|
gem.files = `git ls-files`.split("\n")
|
17
17
|
|
18
18
|
gem.add_runtime_dependency 'highline', '~> 1.6', '>= 1.6.20'
|
19
|
+
gem.add_runtime_dependency 'scrypt'
|
20
|
+
|
19
21
|
|
20
22
|
gem.add_development_dependency 'rubocop', '~> 0.26'
|
21
23
|
end
|
data/lib/forgiva.rb
CHANGED
@@ -2,18 +2,20 @@
|
|
2
2
|
require 'openssl'
|
3
3
|
require 'highline/import'
|
4
4
|
require 'constants'
|
5
|
+
require 'scrypt'
|
5
6
|
|
6
7
|
# Password generation from 4 inputs
|
7
8
|
class Forgiva
|
8
|
-
attr_accessor :hostname, :account, :renewal_date, :master_password, :complexity, :length
|
9
|
+
attr_accessor :hostname, :account, :renewal_date, :master_password, :complexity, :length, :use_scrypt
|
9
10
|
|
10
|
-
def initialize(hostname, account, renewal_date, master_password, complexity, length)
|
11
|
+
def initialize(hostname, account, renewal_date, master_password, complexity, length, use_scrypt)
|
11
12
|
@hostname = hostname
|
12
13
|
@account = account
|
13
14
|
@renewal_date = renewal_date
|
14
15
|
@master_password = master_password
|
15
16
|
@complexity = complexity
|
16
17
|
@length = length
|
18
|
+
@use_scrypt = use_scrypt
|
17
19
|
end
|
18
20
|
|
19
21
|
def passwords
|
@@ -43,6 +45,10 @@ class Forgiva
|
|
43
45
|
|
44
46
|
puts "ENC KEY: #{key.unpack('H*')}" if Constants::DEBUG_OUTPUT
|
45
47
|
|
48
|
+
if (@use_scrypt) then
|
49
|
+
key = SCrypt::Engine.scrypt(key,salt,131072,8,1,32)
|
50
|
+
end
|
51
|
+
|
46
52
|
|
47
53
|
Constants::ANIMALS.each do |a|
|
48
54
|
# For every other animal we re-run pbkdf2 hmac with sha1 over key
|
data/lib/forgiva_commands.rb
CHANGED
@@ -91,13 +91,14 @@ class ForgivaCommands
|
|
91
91
|
init_length
|
92
92
|
init_master_password
|
93
93
|
init_complexity
|
94
|
+
init_scrypt
|
94
95
|
|
95
96
|
puts Constants::COLOR_GRN + "Generating..." + Constants::COLOR_RST
|
96
97
|
puts ""
|
97
98
|
|
98
99
|
record if record?
|
99
100
|
|
100
|
-
passwords = make_passwords(@hostname, @account, @renewal_date, @master_password, @complexity, @length)
|
101
|
+
passwords = make_passwords(@hostname, @account, @renewal_date, @master_password, @complexity, @length, @use_scrypt)
|
101
102
|
|
102
103
|
if animals.length > 1
|
103
104
|
Constants::ANIMALS.each { |a| puts "#{Constants::COLOR_YEL}#{a}#{Constants::COLOR_RST}\t#{Constants::COLOR_BRI}#{passwords[a]}#{Constants::COLOR_RST}" }
|
@@ -114,6 +115,10 @@ class ForgivaCommands
|
|
114
115
|
hash_args.key?('e') || hash_args.key?('select-credentials')
|
115
116
|
end
|
116
117
|
|
118
|
+
def init_scrypt
|
119
|
+
@use_scrypt = (hash_args['p'] != nil || hash_args['scrypt'] != nil)
|
120
|
+
end
|
121
|
+
|
117
122
|
def init_length
|
118
123
|
@length = 16
|
119
124
|
@length = hash_args['l'].to_i if hash_args['l'] != nil
|
@@ -178,8 +183,8 @@ class ForgivaCommands
|
|
178
183
|
|
179
184
|
end
|
180
185
|
|
181
|
-
def make_passwords(hostname, account, renewal_date, master_password, complexity,length)
|
182
|
-
Forgiva.new(hostname, account, renewal_date, master_password,complexity,length).passwords
|
186
|
+
def make_passwords(hostname, account, renewal_date, master_password, complexity,length,use_scrypt)
|
187
|
+
Forgiva.new(hostname, account, renewal_date, master_password,complexity,length,use_scrypt).passwords
|
183
188
|
end
|
184
189
|
|
185
190
|
|
data/lib/forgiva_test.rb
CHANGED
@@ -34,9 +34,13 @@ class ForgivaTest
|
|
34
34
|
|
35
35
|
TestVectors::FG_TESTS.each do |test_vec|
|
36
36
|
|
37
|
+
for i in 0..1 do
|
37
38
|
puts "#{Constants::COLOR_GRN} Testing forgiva #{Constants::COLOR_BLU} #{test_vec[:host]} " \
|
38
39
|
<<"/ #{test_vec[:account]} / #{test_vec[:renewal_date]} / #{Constants::COLOR_MGN} #{test_vec[:animal_name]} #{Constants::COLOR_GRN} " \
|
39
|
-
<<" on complexity #{test_vec[:complexity]} #{Constants::COLOR_RST}"
|
40
|
+
<<" on complexity #{test_vec[:complexity]} #{Constants::COLOR_RST}" \
|
41
|
+
<<"#{Constants::COLOR_YEL}" \
|
42
|
+
<< (i == 1 ? "+SCRYPT" : "") \
|
43
|
+
<< "#{Constants::COLOR_RST}"
|
40
44
|
|
41
45
|
p_hash = OpenSSL::Digest.digest("sha512",test_vec[:master_key])
|
42
46
|
|
@@ -45,16 +49,20 @@ class ForgivaTest
|
|
45
49
|
test_vec[:renewal_date],
|
46
50
|
p_hash,
|
47
51
|
test_vec[:complexity],
|
48
|
-
16
|
52
|
+
16,
|
53
|
+
i == 1
|
54
|
+
).passwords
|
49
55
|
|
50
56
|
g_pass = passes[test_vec[:animal_name]].unpack('H*')[0]
|
51
57
|
|
58
|
+
expected = (i == 0 ? test_vec[:expected_password_hash] : test_vec[:expected_password_hash_scrypt])
|
52
59
|
|
53
|
-
if (g_pass.downcase !=
|
54
|
-
puts "#{Constants::COLOR_RED} FAILED: (Expected: #{
|
60
|
+
if (g_pass.downcase != expected) then
|
61
|
+
puts "#{Constants::COLOR_RED} FAILED: (Expected: #{expected}) #{Constants::COLOR_RST} #{g_pass}"
|
55
62
|
else
|
56
63
|
puts "#{Constants::COLOR_GRN}! SUCCESS: (#{g_pass}) #{Constants::COLOR_RST}"
|
57
64
|
end
|
65
|
+
end
|
58
66
|
|
59
67
|
|
60
68
|
end
|
data/lib/testvectors.rb
CHANGED
@@ -9,7 +9,9 @@ module TestVectors
|
|
9
9
|
:master_key => "forgiva_rockz_all_the_fuck1ng_t1m3",
|
10
10
|
:complexity => Constants::FORGIVA_PG_SIMPLE,
|
11
11
|
:animal_name => "Ape",
|
12
|
-
:expected_password_hash => "797036592a475f78444c6153504d3757"
|
12
|
+
:expected_password_hash => "797036592a475f78444c6153504d3757",
|
13
|
+
:expected_password_hash_scrypt => "466b74674d645a4d6939302a6e56797a"
|
14
|
+
},
|
13
15
|
|
14
16
|
## facebook.com - root
|
15
17
|
{:host => "facebook.com",
|
@@ -18,7 +20,8 @@ module TestVectors
|
|
18
20
|
:master_key => "forgiva_rockz_all_the_fuck1ng_t1m3",
|
19
21
|
:complexity => Constants::FORGIVA_PG_INTERMEDIATE,
|
20
22
|
:animal_name => "Bat",
|
21
|
-
:expected_password_hash => "5544245f2b72682e4635765040416a49"
|
23
|
+
:expected_password_hash => "5544245f2b72682e4635765040416a49",
|
24
|
+
:expected_password_hash_scrypt => "354b223d3b6c246733386c2d6674283d"
|
22
25
|
|
23
26
|
},
|
24
27
|
|
@@ -29,7 +32,8 @@ module TestVectors
|
|
29
32
|
:master_key => "forgiva_rockz_all_the_fuck1ng_t1m3",
|
30
33
|
:complexity => Constants::FORGIVA_PG_ADVANCED,
|
31
34
|
:animal_name => "Bear",
|
32
|
-
:expected_password_hash => "4f5c7653513251417a675949284c5539"
|
35
|
+
:expected_password_hash => "4f5c7653513251417a675949284c5539",
|
36
|
+
:expected_password_hash_scrypt => "587a796a7c40267426637b694d345459"
|
33
37
|
|
34
38
|
},
|
35
39
|
|
@@ -40,8 +44,11 @@ module TestVectors
|
|
40
44
|
:master_key => "forgiva_rockz_all_the_fuck1ng_t1m3",
|
41
45
|
:complexity => Constants::FORGIVA_PG_SIMPLE,
|
42
46
|
:animal_name => "Whale",
|
43
|
-
:expected_password_hash => "6465635a675374322f47695051464157"
|
47
|
+
:expected_password_hash => "6465635a675374322f47695051464157",
|
48
|
+
:expected_password_hash_scrypt => "496375392e63486a59434473334d6169"
|
44
49
|
},
|
50
|
+
|
51
|
+
|
45
52
|
|
46
53
|
## microsoft.com - toor
|
47
54
|
{:host => "microsoft.com",
|
@@ -50,9 +57,11 @@ module TestVectors
|
|
50
57
|
:master_key => "forgiva_rockz_all_the_fuck1ng_t1m3",
|
51
58
|
:complexity => Constants::FORGIVA_PG_INTERMEDIATE,
|
52
59
|
:animal_name => "Crow",
|
53
|
-
:expected_password_hash => "4d314573586d403649672970786d7133"
|
60
|
+
:expected_password_hash => "4d314573586d403649672970786d7133",
|
61
|
+
:expected_password_hash_scrypt => "3e51542a4d364d31657673467c6d4728"
|
54
62
|
},
|
55
63
|
|
64
|
+
|
56
65
|
## 192.168.0.1 - root
|
57
66
|
{:host => "192.168.0.1",
|
58
67
|
:account => "root",
|
@@ -60,9 +69,12 @@ module TestVectors
|
|
60
69
|
:master_key => "forgiva_rockz_all_the_fuck1ng_t1m3",
|
61
70
|
:complexity => Constants::FORGIVA_PG_ADVANCED,
|
62
71
|
:animal_name => "Dog",
|
63
|
-
:expected_password_hash => "2c376d234a7a6c4d6f785c34494a672a"
|
72
|
+
:expected_password_hash => "2c376d234a7a6c4d6f785c34494a672a",
|
73
|
+
:expected_password_hash_scrypt => "4939c2a232217c5c405a6c714e76552566"
|
64
74
|
},
|
65
75
|
|
76
|
+
|
77
|
+
|
66
78
|
## 10.0.0.2:22 - root
|
67
79
|
{:host => "10.0.0.2:22",
|
68
80
|
:account => "root",
|
@@ -70,10 +82,13 @@ module TestVectors
|
|
70
82
|
:master_key => "forgiva_rockz_all_the_fuck1ng_t1m3",
|
71
83
|
:complexity => Constants::FORGIVA_PG_SIMPLE,
|
72
84
|
:animal_name => "Duck",
|
73
|
-
:expected_password_hash => "6440562a36375065693646396e312c4b"
|
85
|
+
:expected_password_hash => "6440562a36375065693646396e312c4b",
|
86
|
+
:expected_password_hash_scrypt => "345057425a5133756c5965745f7a7054"
|
74
87
|
|
75
88
|
},
|
76
89
|
|
90
|
+
|
91
|
+
|
77
92
|
## 10.0.0.2:22 - k3ym4k3r
|
78
93
|
{:host => "10.0.0.2:22",
|
79
94
|
:account => "k3ym4k3r",
|
@@ -81,7 +96,8 @@ module TestVectors
|
|
81
96
|
:master_key => "forgiva_rockz_all_the_fuck1ng_t1m3",
|
82
97
|
:complexity => Constants::FORGIVA_PG_INTERMEDIATE,
|
83
98
|
:animal_name => "Cat",
|
84
|
-
:expected_password_hash => "78435f57566e2f53535f2e617738293b"
|
99
|
+
:expected_password_hash => "78435f57566e2f53535f2e617738293b",
|
100
|
+
:expected_password_hash_scrypt => "5c624f23723e704673452530773e3144"
|
85
101
|
|
86
102
|
},
|
87
103
|
|
@@ -92,7 +108,8 @@ module TestVectors
|
|
92
108
|
:master_key => "forgiva_rockz_all_the_fuck1ng_t1m3",
|
93
109
|
:complexity => Constants::FORGIVA_PG_ADVANCED,
|
94
110
|
:animal_name => "Wasp",
|
95
|
-
:expected_password_hash => "54534a582b265f337e2e43403b536861"
|
111
|
+
:expected_password_hash => "54534a582b265f337e2e43403b536861",
|
112
|
+
:expected_password_hash_scrypt => "332b2541364e306537704e4551763938"
|
96
113
|
}].freeze
|
97
114
|
|
98
115
|
FA_TESTS = [{:is_encryption_algorithm => true,
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: forgiva
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.1.
|
4
|
+
version: 1.0.1.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Harun Esur
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-10-
|
11
|
+
date: 2016-10-03 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: highline
|
@@ -30,6 +30,20 @@ dependencies:
|
|
30
30
|
- - ">="
|
31
31
|
- !ruby/object:Gem::Version
|
32
32
|
version: 1.6.20
|
33
|
+
- !ruby/object:Gem::Dependency
|
34
|
+
name: scrypt
|
35
|
+
requirement: !ruby/object:Gem::Requirement
|
36
|
+
requirements:
|
37
|
+
- - ">="
|
38
|
+
- !ruby/object:Gem::Version
|
39
|
+
version: '0'
|
40
|
+
type: :runtime
|
41
|
+
prerelease: false
|
42
|
+
version_requirements: !ruby/object:Gem::Requirement
|
43
|
+
requirements:
|
44
|
+
- - ">="
|
45
|
+
- !ruby/object:Gem::Version
|
46
|
+
version: '0'
|
33
47
|
- !ruby/object:Gem::Dependency
|
34
48
|
name: rubocop
|
35
49
|
requirement: !ruby/object:Gem::Requirement
|