forgiva 1.0.1.3 → 1.0.1.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6eea18fa057dc130bf24a605e77cb21234c7d4cb
-  data.tar.gz: 13d03552aa15adb692d2b51f513de68b69e2a763
+  metadata.gz: 68b2ee29a36af7011dc08b12cd2e349a58e7051a
+  data.tar.gz: 50b85a2071572aaf2ac7512a1c25f6f40d8a62d8
 SHA512:
-  metadata.gz: 0eb94f1d579590c611fd117ae256c75a0fa5b8ec1fdd681fe14364f74cdbffb056c834641fa1277af0178c45dcc6037035eedf968ac23c729a95f04c1cfd56ea
-  data.tar.gz: cfab0220121da7cbabd4cbda407eece93b4524fbba833dd2a981b9f33d33adab9b3bf233f8540b007d4763b36e74af069d4193d65357e779954b2af52c06978a
+  metadata.gz: edf632949c2525c29ac37e04095bbe43bbec0b164542a1be02f8cf8f1dc909e97f78d9654818e8b6668d90333a67dd41ee036e8233d97bdb81d74272e2bfe5a8
+  data.tar.gz: bf252d1e773ca9944c9eb66396df81f0d1af258349596aee7537e62593e0ef1c347c607033f09dd1d298f0f6581729fe25537664c6590fc7748ce2181f0ad1a9

data/README.md

@@ -80,10 +80,19 @@ Application Options:
        	-c, --complexity=C_LEVEL         0-3 complexity level of password generation. (Default: 0)
        	-e, --select-credentials         Select host and account info from saved list of credentials. If just host or account specified then you get filtered credentials.
        	-t, --test                       Runs core tests for the algorithm
+       	-p, --scrypt                     Use scrypt algorithm to strengthen algorithm
 ```
 
+## Release notes
+
+	- 1.0.1.3 and 1.0.1.4
+		- Added scrypt support with -p/--scrypt option
+		- Fixed various parameter parsing bugs
+
 ## Algorithm
 
+(Note: After 1.0.1.4 version, SCrypt support added)
+
 Forgiva uses following digest and encryption algorithm to complex password
 generation phases:
 
@@ -201,11 +210,15 @@ Forgiva uses PBKDF2-HMAC as base of the key-derivation family and uses **forgiva
 
 Depending on choices of the complexity it uses SHA1 (Normal),SHA256 (Intermediate) and SHA512 (Advanced) hashing algorithms.
 
+Note: After 1.0.1.4 Algorithm; SCrypt support added
+
 ```
 	algorithm key-derivation
 		Input: forgiva-encrypted-inputs as SALT, SHA512 value of master key as KEY
 		Output: Array of password sized of animal count
 		hash = KEY
+		if scrypt_required
+			hash = scrypt(hash,SALT,131072,8,1) // n = 2^7 , p=8, r=1 
 		for each Animal
 			hash = PBKDF2_HMAC_SHA1(hash,SALT, 10.000 iterationg with 32 bit key expectation)
 			password = forgiva-hash-to-password(hash)

data/bin/forgiva

@@ -15,7 +15,7 @@ BANNER = Constants::COLOR_CYA + "\n      .-\" L_  " +
 
 USAGE = <<ENDUSAGE
 Usage:
-  forgiva [-h HOST] [-a ACCOUNT-ID] [-l LENGTH] [-s] [-c [1-3]] [-e] [OPTION...]
+  forgiva [-h HOST] [-a ACCOUNT-ID] [-l LENGTH] [-s] [-c [1-3]] [-e] [-p] [OPTION...]
 ENDUSAGE
 
 HELP = <<ENDHELP
@@ -32,6 +32,7 @@ Application Options:
 \t-c, --complexity=C_LEVEL         0-3 complexity level of password generation. (Default: 0)
 \t-e, --select-credentials         Select host and account info from saved list of credentials. If just host or account specified then you get filtered credentials.
 \t-t, --test                       Runs core tests for the algorithm
+\t-p, --scrypt                     Use scrypt algorithm to strengthen algorithm
 ENDHELP
 
 
@@ -74,6 +75,7 @@ t_hash_args = Hash[ ARGV.join(" ").
   gsub("-e","-e 0").
   gsub("-t","-t 0").
   gsub("-s","-s 0").
+  gsub("-p","-p 0").
   scan(/--?([^=\s]+)(?:[=\s+]?([^-]\S+))?/)  ]
 
 

data/forgiva.gemspec

@@ -1,7 +1,7 @@
 Gem::Specification.new do |gem|
   gem.name        = 'forgiva'
-  gem.version     = '1.0.1.3'
-  gem.date        = '2016-09-31'
+  gem.version     = '1.0.1.4'
+  gem.date        = '2016-10-03'
 
   gem.summary     = 'Forgiva'
   gem.description = 'The new-age password manager.'
@@ -16,6 +16,8 @@ Gem::Specification.new do |gem|
   gem.files = `git ls-files`.split("\n")
 
   gem.add_runtime_dependency 'highline', '~> 1.6', '>= 1.6.20'
+  gem.add_runtime_dependency 'scrypt'
+
 
   gem.add_development_dependency 'rubocop', '~> 0.26'
 end

data/lib/forgiva.rb

@@ -2,18 +2,20 @@
 require 'openssl'
 require 'highline/import'
 require 'constants'
+require 'scrypt'
 
 # Password generation from 4 inputs
 class Forgiva
-  attr_accessor :hostname, :account, :renewal_date, :master_password, :complexity, :length
+  attr_accessor :hostname, :account, :renewal_date, :master_password, :complexity, :length, :use_scrypt
 
-  def initialize(hostname, account, renewal_date, master_password, complexity, length)
+  def initialize(hostname, account, renewal_date, master_password, complexity, length, use_scrypt)
     @hostname = hostname
     @account = account
     @renewal_date = renewal_date
     @master_password = master_password
     @complexity = complexity
     @length = length
+    @use_scrypt = use_scrypt
   end
 
   def passwords
@@ -43,6 +45,10 @@ class Forgiva
 
     puts "ENC KEY: #{key.unpack('H*')}"  if Constants::DEBUG_OUTPUT
 
+    if (@use_scrypt) then
+      key = SCrypt::Engine.scrypt(key,salt,131072,8,1,32)
+    end
+
 
     Constants::ANIMALS.each do |a|
       # For every other animal we re-run pbkdf2 hmac with sha1 over key

data/lib/forgiva_commands.rb

@@ -91,13 +91,14 @@ class ForgivaCommands
     init_length
     init_master_password
     init_complexity
+    init_scrypt
 
     puts Constants::COLOR_GRN + "Generating..." + Constants::COLOR_RST
     puts ""
 
     record if record?
 
-    passwords = make_passwords(@hostname, @account, @renewal_date, @master_password, @complexity, @length)
+    passwords = make_passwords(@hostname, @account, @renewal_date, @master_password, @complexity, @length, @use_scrypt)
 
     if animals.length > 1
       Constants::ANIMALS.each { |a| puts  "#{Constants::COLOR_YEL}#{a}#{Constants::COLOR_RST}\t#{Constants::COLOR_BRI}#{passwords[a]}#{Constants::COLOR_RST}" }
@@ -114,6 +115,10 @@ class ForgivaCommands
     hash_args.key?('e') || hash_args.key?('select-credentials')
   end
 
+  def init_scrypt 
+    @use_scrypt = (hash_args['p'] != nil || hash_args['scrypt'] != nil)
+  end
+
   def init_length
     @length = 16
     @length = hash_args['l'].to_i if hash_args['l'] != nil
@@ -178,8 +183,8 @@ class ForgivaCommands
 
   end
 
-  def make_passwords(hostname, account, renewal_date, master_password, complexity,length)
-    Forgiva.new(hostname, account, renewal_date, master_password,complexity,length).passwords
+  def make_passwords(hostname, account, renewal_date, master_password, complexity,length,use_scrypt)
+    Forgiva.new(hostname, account, renewal_date, master_password,complexity,length,use_scrypt).passwords
   end
 
 

data/lib/forgiva_test.rb

@@ -34,9 +34,13 @@ class ForgivaTest
 
       TestVectors::FG_TESTS.each do |test_vec|
 
+        for i in 0..1 do
           puts "#{Constants::COLOR_GRN} Testing forgiva #{Constants::COLOR_BLU} #{test_vec[:host]}  " \
           <<"/ #{test_vec[:account]} / #{test_vec[:renewal_date]} /  #{Constants::COLOR_MGN} #{test_vec[:animal_name]} #{Constants::COLOR_GRN} " \
-          <<" on complexity #{test_vec[:complexity]} #{Constants::COLOR_RST}"
+          <<" on complexity #{test_vec[:complexity]} #{Constants::COLOR_RST}" \
+          <<"#{Constants::COLOR_YEL}" \
+          << (i == 1 ? "+SCRYPT" : "") \
+          << "#{Constants::COLOR_RST}"
 
           p_hash = OpenSSL::Digest.digest("sha512",test_vec[:master_key])
 
@@ -45,16 +49,20 @@ class ForgivaTest
           test_vec[:renewal_date],
           p_hash,
           test_vec[:complexity],
-          16).passwords
+          16,
+          i == 1
+          ).passwords
 
           g_pass = passes[test_vec[:animal_name]].unpack('H*')[0]
 
+          expected = (i == 0 ? test_vec[:expected_password_hash] : test_vec[:expected_password_hash_scrypt])
 
-          if (g_pass.downcase != test_vec[:expected_password_hash]) then
-              puts "#{Constants::COLOR_RED}  FAILED: (Expected: #{test_vec[:expected_password_hash]}) #{Constants::COLOR_RST} #{g_pass}"
+          if (g_pass.downcase != expected) then
+              puts "#{Constants::COLOR_RED}  FAILED: (Expected: #{expected}) #{Constants::COLOR_RST} #{g_pass}"
           else
               puts "#{Constants::COLOR_GRN}! SUCCESS: (#{g_pass}) #{Constants::COLOR_RST}"
           end
+        end
         
 
       end

data/lib/testvectors.rb

@@ -9,7 +9,9 @@ module TestVectors
     :master_key => "forgiva_rockz_all_the_fuck1ng_t1m3",
     :complexity => Constants::FORGIVA_PG_SIMPLE,
     :animal_name => "Ape",
-    :expected_password_hash => "797036592a475f78444c6153504d3757"},
+    :expected_password_hash => "797036592a475f78444c6153504d3757",
+    :expected_password_hash_scrypt => "466b74674d645a4d6939302a6e56797a"
+    },
 
     ## facebook.com - root
     {:host => "facebook.com",
@@ -18,7 +20,8 @@ module TestVectors
      :master_key => "forgiva_rockz_all_the_fuck1ng_t1m3",
      :complexity => Constants::FORGIVA_PG_INTERMEDIATE,
      :animal_name => "Bat",
-     :expected_password_hash => "5544245f2b72682e4635765040416a49"
+     :expected_password_hash => "5544245f2b72682e4635765040416a49",
+     :expected_password_hash_scrypt => "354b223d3b6c246733386c2d6674283d"
 
     },
 
@@ -29,7 +32,8 @@ module TestVectors
       :master_key => "forgiva_rockz_all_the_fuck1ng_t1m3",
       :complexity => Constants::FORGIVA_PG_ADVANCED,
       :animal_name => "Bear",
-      :expected_password_hash => "4f5c7653513251417a675949284c5539"
+      :expected_password_hash => "4f5c7653513251417a675949284c5539",
+      :expected_password_hash_scrypt => "587a796a7c40267426637b694d345459"
 
     },
 
@@ -40,8 +44,11 @@ module TestVectors
        :master_key => "forgiva_rockz_all_the_fuck1ng_t1m3",
        :complexity => Constants::FORGIVA_PG_SIMPLE,
        :animal_name => "Whale",
-       :expected_password_hash => "6465635a675374322f47695051464157"
+       :expected_password_hash => "6465635a675374322f47695051464157",
+       :expected_password_hash_scrypt => "496375392e63486a59434473334d6169"
       },
+      
+
 
     ## microsoft.com - toor
     {:host => "microsoft.com",
@@ -50,9 +57,11 @@ module TestVectors
      :master_key => "forgiva_rockz_all_the_fuck1ng_t1m3",
      :complexity => Constants::FORGIVA_PG_INTERMEDIATE,
      :animal_name => "Crow",
-     :expected_password_hash => "4d314573586d403649672970786d7133"
+     :expected_password_hash => "4d314573586d403649672970786d7133",
+     :expected_password_hash_scrypt => "3e51542a4d364d31657673467c6d4728"
     },
 
+
     ## 192.168.0.1 - root
     {:host => "192.168.0.1",
       :account => "root",
@@ -60,9 +69,12 @@ module TestVectors
       :master_key => "forgiva_rockz_all_the_fuck1ng_t1m3",
       :complexity => Constants::FORGIVA_PG_ADVANCED,
       :animal_name => "Dog",
-      :expected_password_hash => "2c376d234a7a6c4d6f785c34494a672a"
+      :expected_password_hash => "2c376d234a7a6c4d6f785c34494a672a",
+      :expected_password_hash_scrypt => "4939c2a232217c5c405a6c714e76552566"
     },
 
+
+
     ## 10.0.0.2:22 - root
     {:host => "10.0.0.2:22",
        :account => "root",
@@ -70,10 +82,13 @@ module TestVectors
        :master_key => "forgiva_rockz_all_the_fuck1ng_t1m3",
        :complexity => Constants::FORGIVA_PG_SIMPLE,
        :animal_name => "Duck",
-       :expected_password_hash => "6440562a36375065693646396e312c4b"
+       :expected_password_hash => "6440562a36375065693646396e312c4b",
+       :expected_password_hash_scrypt => "345057425a5133756c5965745f7a7054"
 
     },
 
+    
+
     ## 10.0.0.2:22 - k3ym4k3r
     {:host => "10.0.0.2:22",
       :account => "k3ym4k3r",
@@ -81,7 +96,8 @@ module TestVectors
       :master_key => "forgiva_rockz_all_the_fuck1ng_t1m3",
       :complexity => Constants::FORGIVA_PG_INTERMEDIATE,
       :animal_name => "Cat",
-      :expected_password_hash => "78435f57566e2f53535f2e617738293b"
+      :expected_password_hash => "78435f57566e2f53535f2e617738293b",
+      :expected_password_hash_scrypt => "5c624f23723e704673452530773e3144"
 
     },
 
@@ -92,7 +108,8 @@ module TestVectors
       :master_key => "forgiva_rockz_all_the_fuck1ng_t1m3",
       :complexity => Constants::FORGIVA_PG_ADVANCED,
       :animal_name => "Wasp",
-      :expected_password_hash => "54534a582b265f337e2e43403b536861"
+      :expected_password_hash => "54534a582b265f337e2e43403b536861",
+      :expected_password_hash_scrypt => "332b2541364e306537704e4551763938"
     }].freeze
 
     FA_TESTS = [{:is_encryption_algorithm => true,

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: forgiva
 version: !ruby/object:Gem::Version
-  version: 1.0.1.3
+  version: 1.0.1.4
 platform: ruby
 authors:
 - Harun Esur
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-10-01 00:00:00.000000000 Z
+date: 2016-10-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: highline
@@ -30,6 +30,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.6.20
+- !ruby/object:Gem::Dependency
+  name: scrypt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement