gtk2passwordapp 2.7.1 → 3.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: e1f5fbf47b366cf245f90ca03e06a7aa53e4d6be
+  data.tar.gz: c5367dcbca6ae0bcd28eceac5c66c37c2bca587a
+SHA512:
+  metadata.gz: 9d09e2b32fe1555bed2835a221aad56e542032b86b094136a85840a1b299782298c67e87bfa14d5ad0bc30a02a1b88ba69e7dc59c117e0f78f2b525d3f74dcc3
+  data.tar.gz: c9ab09470fda034eb759478005852f5904b0cda5649cfd1871f69912d12d33d2006beea25cbbb489786d2bc6c669360d9bafdc6069a18d219246970393e1815e

data/README.txt

@@ -1,7 +1,7 @@
 Ruby-Gnome Password Manager
 
 A Ruby-Gnome password manager.
-Uses crypt-tea's Tiny Encryption Algorithm to encrypt the datafile.
+Uses Blowfish to encrypt the datafile.
 Features random password generator and clipboard use.
 
 

data/bin/{gtk2passwordapp2 → gtk2passwordapp3}

@@ -1,54 +1,27 @@
 #!/usr/bin/env ruby
-require 'rubygems'
 
 if (nogui = ARGV.include?('--no-gui')) || (ARGV.include?('--dump')) then
+
   require 'gtk2passwordapp/passwords'
   # Unfortunately, gtk2applib makes this awkard.
   # Have to assume things...
-  pwfile = File.expand_path('~/.gtk2passwordapp-2/passwords.dat')
+  pwfile = File.expand_path('~/.gtk2passwordapp-3/passwords.dat')
   raise "Need #{pwfile}" unless File.exist?(pwfile)
   # Note: user may want to send stdout to a file,
   # so commicating with user via stderr.
   $stderr.print  "Warning: password will be shown.\nPassword: "
   pwd = $stdin.gets.strip
-  if pwd.length == 7 then
-    begin
-      otpr = `which otpr`
-      if otpr.length > 0 then
-        bucket = ''
-        while bucket == '' do
-          $stderr.print "Bucket: "
-          bucket = $stdin.gets.strip
-          $stderr.puts "Need Google Cloud Storage's bucket name. (Ctrl-C to break)" if bucket.length == 0
-        end
-        $stderr.print "Pad Name('gtk2passwordapp'): "
-        padname = $stdin.gets.strip
-        padname = 'gtk2passwordapp' if padname.length == 0
-        $stderr.puts "otpr -u #{bucket} #{padname}"
-        IO.popen( "otpr -u #{bucket} #{padname}", 'w+' ) do |pipe|
-          if pipe.gets then		# asks for pin
-            pipe.puts pwd		# give pin
-            pwd = pipe.gets.strip	# get password
-          end
-        end
-      end
-    rescue Exception
-      # user probably wanted out of the loop
-      $stderr.puts
-    end
-    # Sending master password to standard out.
-    # The assumption here is that the user is doing a recovery...
-    # Why else would the user be using this --no-gui?
-    $stdout.puts pwd
-  end
+
+  pattern = nil
   if nogui then
     $stderr.print "Warning: selected passwords will be shown.\nEnter Account pattern: "
     pattern = Regexp.new( $stdin.gets.strip, Regexp::IGNORECASE )
   end
+
   begin
     passwords = Gtk2Password::Passwords.new(pwfile, pwd)
     passwords.load
-    if $options=~/-dump/ then
+    if ARGV.include?('--dump') then
       require 'pp'
       # puts to stdout
       pp passwords
@@ -66,9 +39,9 @@ if (nogui = ARGV.include?('--no-gui')) || (ARGV.include?('--dump')) then
     $stderr.puts $!
   end
   exit
+
 end
 
-gem 'gtk2applib', '~> 15.3'
 $help = <<EOT
 \t--no-gui\tcommand line access to passwords
 \t--dump\t\tpp dump of data
@@ -85,4 +58,3 @@ rescue Exception
 ensure
   program.finalize
 end
-

data/lib/gtk2passwordapp/appconfig.rb

@@ -118,74 +118,53 @@ module Configuration
   AGAIN = 'Again' # for when verifying new passwords.
   RETRY = 'Retry' # for when you got your password wrong.
 
-  # These are the --no-gui dialogs...
-  COMMAND_LINE_MSG1 = "Warning: password will be shown.\nPassword:"
-  COMMAND_LINE_MSG2 = "Warning: selected passwords will be shown.\nEnter Account pattern:"
 end
 
-  # Set OTP to true if you're going to use otpr, version 1 (search for it in rubygems.org)
-  OTP = false
-
-  # arguments for otpr
-  BUCKET	= 'YourBucket' # <== put the name of your google cloud storage bucket here.
-  PADNAME	= 'gtk2passwordapp' # <== suggested pad name, you can change it.
-  OTPBACKUP	= '/media/1234-5678/.gtk2passwordapp-2/cipher.pad' # <== edit to your backup file on removable media.
-
-  # Do yoy have a custom backup script to run?
-  BACKUPSCRIPT	= nil # File.expand_path('~/bin/backup') 
-
   # Here you can edit in your own backups.
   def self.passwords_updated(password=nil)
     begin
-      # you might want to backup your passwords file here
-      # here, backup is a custom script to backup passwords.dat
-      system("#{BACKUPSCRIPT} passwords &")	if BACKUPSCRIPT
-      Gtk2Password.set_password_to_pad(password) if password && OTP
-      # you might want to backup your otp here
-      # here, backup is a custom script to backup the .otpr directory
-      system("#{BACKUPSCRIPT} otpr &")		if BACKUPSCRIPT
-      Gtk2AppLib::DIALOGS.quick_message("Passwords Data Saved.",{:TITLE => 'Saved',:SCROLLED_WINDOW => false})
+      ### you might want to backup your passwords file ###
+      # system('cp ~/.gtk2passwordapp-3/passwords.dat ~/Dropbox/Backups/passwords.dat')
+      # Gtk2AppLib::DIALOGS.quick_message("Passwords Data Saved.",{:TITLE => 'Saved',:SCROLLED_WINDOW => false})
     rescue Exception
       Gtk2AppLib::DIALOGS.quick_message("Warning: #{$!}",{:TITLE => 'Warning',:SCROLLED_WINDOW => false})
     end
   end
 
-  def self.set_password_to_pad(password)
-    begin
-      IO.popen("otpr --new #{BUCKET} #{PADNAME} #{OTPBACKUP}",'w+') do |pipe|
-        raise "WUT?" unless pipe.gets.strip == 'Password:'
-        pipe.puts password
-        return pipe.gets.strip
-      end
-    rescue Exception
-      return ''
-    end
-  end
-
-  def self.get_password_from_pad(pin)
-    begin
-      IO.popen("otpr #{BUCKET} #{PADNAME} #{OTPBACKUP}",'w+') do |pipe|
-        raise "WUT?" unless pipe.gets.strip == 'Pin:'
-        pipe.puts pin
-        return pipe.gets.strip
-      end
-    rescue Exception
-      return ''
-    end
-  end
-
   def self.get_password(prompt,title=prompt)
     if password = Gtk2AppLib::DIALOGS.entry( prompt, {:TITLE=>title, :Entry => [{:visibility= => false},'activate']} ) then
       password.strip!
-      if OTP then
-        if password.length == 7 then
-          # the user sent the pin
-          password = Gtk2Password.get_password_from_pad(password)
-          # You might want to back up your otp here
-          # here, backup is a custom written script to backup the .otpr directory
-          system("#{BACKUPSCRIPT} otpr &")	if BACKUPSCRIPT
-        end
-      end
+      ### Do your custom interventions to the password here ###
+      ### For example ###
+      # if password.length == 0
+      #   # User wants to enter the password via QR code
+      #   qrc_png = File.join Gtk2AppLib::USERDIR, 'pngs', 'qrc.png'
+      #   system("fswebcam -q #{qrc_png}")
+      #   password = `zbarimg -q --raw #{qrc_png}`.strip
+      #   system("shred -u #{qrc_png}")
+      # end
+      # if password =~ /^[23]\-[0123456789abcdef]+$/
+      #   # User is using a shared secret, assuming 2 of 3....
+      #   require 'open3'
+      #   Open3.popen2('ssss-combine -t 2 -Q') do |stdin, stdout, stderr|
+      #     stdin.puts '1-....' # script's shared secret
+      #     stdin.puts password # user's shared secret
+      #     stdin.close
+      #     # Weird, ssss currently using stderr instead of stdout for output.
+      #     password = stderr.read.strip.split.last # So get the last line of stderr.
+      #   end
+      # end
+      # unless password.length > 7
+      #  if password.length == 0
+      #    Gtk2AppLib::DIALOGS.quick_message(
+      #    "Sorry, could not get password.",
+      #    {:TITLE => 'No Password',:SCROLLED_WINDOW => false})
+      #  else
+      #    Gtk2AppLib::DIALOGS.quick_message(
+      #    "Warning, weak password!",
+      #    {:TITLE => 'Weak!',:SCROLLED_WINDOW => false})
+      #  end
+      # end
     end
     return password
   end

data/lib/gtk2passwordapp/iocrypt.rb

@@ -1,30 +1,39 @@
 require 'yaml'
-require 'rubygems'
-gem 'crypt-tea','= 1.3.0'
-begin
-  require 'crypt_tea'
-rescue Exception
-  # above is what works, but documentation shows this...
-  require 'crypt-tea'
-end
+require 'zlib'
+require 'openssl'
+require 'digest/sha2'
+
+YAML::ENGINE.yamler = 'psych' # ensure it's psych
 
 module Gtk2Password
-# Wrapper around Crypt::XXTEA
-class IOCrypt
-  LENGTH = 16
 
+class IOCrypt
   def initialize(passphrase)
-    @key = Crypt::XXTEA.new(passphrase[0..(LENGTH-1)])
+    @key = Digest::SHA256.digest passphrase
+  end
+
+  def _cipher(mode, data)
+    cipher = OpenSSL::Cipher::Cipher.new('bf-cbc').send(mode)
+    cipher.key = @key
+    cipher.update(data) << cipher.final
+  end
+
+  def _decrypt(e)
+    Zlib::Inflate.inflate(_cipher(:decrypt, e))
+  end
+
+  def _encrypt(p)
+     _cipher(:encrypt, Zlib::Deflate.deflate(p))
   end
 
   def load(dumpfile)
     data = nil
     begin
-      File.open(dumpfile,'r'){|fh| data = YAML.load( @key.decrypt( fh.read ) ) }
+      File.open(dumpfile,'r'){|fh| data = YAML.load( _decrypt( fh.read ) ) }
     rescue Psych::SyntaxError
       # assume it's syck
       YAML::ENGINE.yamler = 'syck'
-      File.open(dumpfile,'r'){|fh| data = YAML.load( @key.decrypt( fh.read ) ) }
+      File.open(dumpfile,'r'){|fh| data = YAML.load( _decrypt( fh.read ) ) }
       YAML::ENGINE.yamler = 'psych' # make it psych
     end
     return data
@@ -32,7 +41,7 @@ class IOCrypt
 
   def dump(dumpfile, data)
     count = nil
-    File.open(dumpfile,'w') { |fh| count = fh.write( @key.encrypt( YAML.dump( data ) ) ) }
+    File.open(dumpfile,'w') { |fh| count = fh.write( _encrypt( YAML.dump( data ) ) ) }
     return count
   end
 end

data/lib/gtk2passwordapp/passwords_data.rb

@@ -13,9 +13,7 @@ class PasswordsData
   LAST_UPDATE	= 5
 
   def reset(password)
-    # MD5 digest length is 16 to match tiny encryption's block length
-    passphrase = Digest::MD5.digest( password )
-    @iocrypt =  IOCrypt.new(passphrase)
+    @iocrypt =  IOCrypt.new(password)
   end
 
   attr_reader :data

data/lib/gtk2passwordapp.rb

@@ -4,12 +4,12 @@ require 'gtk2passwordapp/rnd'
 module Gtk2Password
 
   ABOUT		= {
-	'name'		=> 'Ruby-Gnome Password Manager II',
+	'name'		=> 'Ruby-Gnome Password Manager III',
 	'authors'	=> ['carlosjhr64@gmail.com'],
 	'website'	=> 'https://sites.google.com/site/gtk2applib/home/gtk2applib-applications/gtk2passwordapp',
 	'website-label'	=> 'Ruby-Gnome Password Manager',
         'license'        => 'GPL',
-        'copyright'      => '2011-09-19 12:00:24',
+        'copyright'      => '2014-07-29 17:00:00',
   }
 
   PRIMARY	= Gtk::Clipboard.get((Configuration::SWITCH_CLIPBOARDS)? Gdk::Selection::CLIPBOARD: Gdk::Selection::PRIMARY)

metadata

@@ -1,85 +1,85 @@
 --- !ruby/object:Gem::Specification
 name: gtk2passwordapp
 version: !ruby/object:Gem::Version
-  version: 2.7.1
-  prerelease: 
+  version: 3.0.0
 platform: ruby
 authors:
 - carlosjhr64@gmail.com
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-04-10 00:00:00.000000000 Z
+date: 2014-07-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: crypt-tea
-  requirement: &12210460 !ruby/object:Gem::Requirement
-    none: false
+  name: gtk2applib
+  requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - =
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.3.0
+        version: '15.3'
   type: :runtime
   prerelease: false
-  version_requirements: *12210460
-- !ruby/object:Gem::Dependency
-  name: gtk2applib
-  requirement: &12380780 !ruby/object:Gem::Requirement
-    none: false
+  version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '15.3'
+- !ruby/object:Gem::Dependency
+  name: gtk2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.2'
   type: :runtime
   prerelease: false
-  version_requirements: *12380780
-description: ! 'A Ruby-Gnome password manager.
-
-  Uses crypt-tea''s Tiny Encryption Algorithm to encrypt the datafile.
-
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.2'
+description: |
+  A Ruby-Gnome password manager.
+  Uses Blowfish to encrypt the datafile.
   Features random password generator and clipboard use.
-
-'
 email: carlosjhr64@gmail.com
 executables:
-- gtk2passwordapp2
+- gtk2passwordapp3
 extensions: []
 extra_rdoc_files: []
 files:
-- ./lib/gtk2passwordapp/appconfig.rb
-- ./lib/gtk2passwordapp/iocrypt.rb
-- ./lib/gtk2passwordapp/passwords.rb
-- ./lib/gtk2passwordapp/passwords_data.rb
-- ./lib/gtk2passwordapp/rnd.rb
-- ./lib/gtk2passwordapp.rb
-- ./pngs/icon.png
-- ./pngs/logo.png
+- "./lib/gtk2passwordapp.rb"
+- "./lib/gtk2passwordapp/appconfig.rb"
+- "./lib/gtk2passwordapp/iocrypt.rb"
+- "./lib/gtk2passwordapp/passwords.rb"
+- "./lib/gtk2passwordapp/passwords_data.rb"
+- "./lib/gtk2passwordapp/rnd.rb"
+- "./pngs/icon.png"
+- "./pngs/logo.png"
 - README.txt
-- bin/gtk2passwordapp2
+- bin/gtk2passwordapp3
 homepage: https://sites.google.com/site/gtk2applib/home/gtk2applib-applications/gtk2passwordapp
-licenses: []
+licenses:
+- GPL
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
-requirements:
-- gtk2
+requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.11
+rubygems_version: 2.2.0
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: Ruby-Gnome Password Manager
 test_files: []
-has_rdoc: false