gtk2passwordapp 5.1.0 → 5.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 79485306d9e37506f0e8fa7448a241750025df9c
-  data.tar.gz: c18908868eed76153a2fac67c35a29941d1fef87
+  metadata.gz: 8e1a7fc4482638c1e48e23e95acd85352c7394ef
+  data.tar.gz: d0e03faec80ad444b930b8f1154330c1a2b2aa0a
 SHA512:
-  metadata.gz: f009160e3875f503e46c5c9188cf86a0bbff21779b823cdee3ff7776086f016583b571fcdabf1f7a2317bdc4a326f6e673737e839573b95f6353b5746eaa68cf
-  data.tar.gz: 70b7a5347ed2f322458f0223cc6b1c9763e0e74a1d1b9ce9d047d18b57fe11d3c6efce4485fc56377c005991c33ca628c5f1f3125c9a96c9b00a3a702e3d5b20
+  metadata.gz: 4e3b17b4781554d70e0b44781f74bd503c330bf171f475db5f3c177d3688f49adf75b0e84f89e15c23137dfe00a2a296ade1f4c945259f2f31eae103aa09d52f
+  data.tar.gz: 6e5550cc6bda20473c448059816672d83427e0144f422aab0413ebde722ac96531979b0d4070337a65ab1750cf6388eb81cbc091838090aec6282cfec9cbc07b

data/README.rdoc

@@ -1,19 +1,19 @@
-= Gtk2passwordapp
+= Gtk2PasswordApp
 
 {<img src="https://badge.fury.io/rb/gtk2passwordapp.svg" alt="Gem Version" />}[http://badge.fury.io/rb/gtk2passwordapp]
 
-== DESCRIPTION:
+== Description:
 
 Ruby-Gnome Password Manager.
 
 Uses Blowfish to encrypt the datafile.
-Features random password generator and clipboard use.
+Features random password generator, clipboard use, and TOTP.
 
-== INSTALL:
+== Install:
 
    sudo gem install gtk2passwordapp
 
-== HELP:
+== Help:
 
     Usage:
       gtk2pwdV [:options]
@@ -21,42 +21,22 @@ Features random password generator and clipboard use.
     Options:
       -v --version 	Show version and exit
       -h --help    	Show help and exit
-    Notes:
-    With the --nogui option,
-    one can give a pattern to filter by account names.
-    On the first run, --nogui can be used to export
-    version's 4 password data into version's 5 password data.
 
-== MORE:
+== More:
 
 "Mouse Left Click" on window to get the application menu.
-Anything I thought could be customized I made configurable.
-See:
 
-  ~/.config/gtk3app/gtk2passwordapp/config-?.?.yml
 
-You may want to change the following settings:
+== Configuration:
+
+  ~/.config/gtk3app/gtk2passwordapp/config-?.?.yml
 
-[SharedSecretFile]  You may prefer it to be a file in some removable media.
+[Salt]  If your master-password length is under 14(MinPwdLen), it'll append this Salt.
+[TOTP]  If password matches this pattern, it will show the time based one time code.
 [BackupFile]  Although the GUI allows you to specify the file, this gives a default.
 [TooOld]  I have this set for a year (in seconds).
-[CustomDigits]  I have this as "ABC...XYZ" for CAPS.
-[Custom]  I have this as CAPS.  Describes CustomDigits.
-
-If you're updating from a previous version,
-you may need to edit the new config file to match you're previously edited changes.
-
-If you use a qrcode to enter your master password, and
-the result is a multiline string,
-gtk2passwordapp will assume you want the qgraph-sha256-digest.
-See gtk2passwordapp/gtk2pwdv.rb's #process_pwd_entries to see how that's done.
-
-If you add :Salt to the configuration file, it'll use the qgraph-sha256-digest
-of the entry salted as can be seen in #process_pwd_entries.
-
-Note that the initial set up of the mater-password still needs to be done explicitly.
-That is, you'll need to enter the final resulting string when setting the master-password.
-Again, see Gtk2PasswordApp::Gtk2PwdV#process_pwd_entries.
+[CustomDigits]  I have this as "3479ACEFHJKLMNPRTUVWXYabcdefghijkmnopqrstuvwxyz".
+[Custom]  I have this as "Custom".
 
 == LICENSE:
 

data/bin/gtk2pwdV

@@ -1,14 +1,17 @@
 #!/usr/bin/env ruby
+module Gtk2PasswordApp
+  VERSION = '5.2.1'
+end
 
-if a0 = ARGV.shift
-  if ['-v', '--version'].include?(a0)
-    require 'gtk2passwordapp/version'
-    puts Gtk2PasswordApp::VERSION
-    exit 0
-  end
+begin
+  if a1 = ARGV.shift
+    if ['-v', '--version'].include?(a1)
+      puts Gtk2PasswordApp::VERSION
+      exit 0
+    end
 
-  if ['-h', '--help'].include?(a0)
-    puts <<-HELP
+    if ['-h', '--help'].include?(a1)
+      puts <<-HELP
 Usage:
   gtk2pwdV [:options]
   gtk2pwdV --nogui [<pattern>]
@@ -18,62 +21,47 @@ Options:
 Notes:
 With the --nogui option,
 one can give a pattern to filter by account names.
-On the first run, --nogui can be used to export
-version's 4 password data into version's 5 password data.
-Expected file is:
+Expected passwords data file is:
   ~/.cache/gtk3app/gtk2passwordapp/gtk2pwdV.dat
-    HELP
-    exit 0
-  end
+      HELP
+      exit 0
+    end
 
-  if a0 == '--nogui'
-    require 'pp'
-    require 'yaml_zlib_blowfish'
-    print "Enter password: "
-    PWD = $stdin.gets.strip
-    system('clear; clear')
-    F1 = File.expand_path('~/.cache/gtk3app/gtk2passwordapp/gtk2pwdV.dat')
-    unless File.exist?(F1)
-      F0 = File.expand_path('~/.cache/gtk3app/gtk2passwordapp/passwords.dat')
-      if File.exist?(F0)
-        class YZB < YamlZlibBlowfish
-          def initialize(passphrase)
-            key = Digest::SHA256.digest(passphrase)[0..15]
-            @cipher = OpenSSL::Cipher::BF.new(:CBC)
-            @cipher.key = key
-          end
-        end
-        begin
-          YamlZlibBlowfish.new(PWD).dump(F1, YZB.new(PWD).load(F0))
-          $stderr.puts "Auto-exported:"
-          $stderr.puts "\t#{F0} =>"
-          $stderr.puts "\t#{F1}"
-        rescue OpenSSL::Cipher::CipherError
-          $stderr.puts "Bad password"
-          exit 65
-        end
-      else
-        $stderr.puts "No passwords file found."
-        $stderr.puts "Expected: #{F1}"
+    if a1 == '--nogui'
+      dat = File.expand_path('~/.cache/gtk3app/gtk2passwordapp/gtk2pwdV.dat')
+      raise "Passwords data file missing: #{dat}" unless File.exist? dat
+      require 'pp'
+      require 'yaml_zlib_blowfish'
+      require 'base_convert'
+      system('clear; clear')
+      print "Enter password: "
+      pwd = $stdin.gets.strip
+      system('clear; clear')
+      print "Enter salt: "
+      pwd << $stdin.gets.strip
+      system('clear; clear')
+      pwd = BaseConvert::FromTo.new(:hex, :qgraph).convert Digest::SHA256.hexdigest pwd
+      begin
+        lst = YamlZlibBlowfish.new(pwd).load(dat)
+      rescue OpenSSL::Cipher::CipherError
+        $stderr.puts "Bad password"
+        exit 65
+      end
+      if pattern = ARGV.shift
+        pattern = Regexp.new(pattern, Regexp::IGNORECASE)
+      end
+      if ARGV.empty? # if ARGV is not empty, it's bad usage.
+        pp (pattern)? lst.select{|k,v|pattern.match(k)} : lst
+        exit 0
       end
     end
-    begin
-      LIST = YamlZlibBlowfish.new(PWD).load(F1)
-    rescue OpenSSL::Cipher::CipherError
-      $stderr.puts "Bad password"
-      exit 65
-    end
-    if pattern = ARGV.shift
-      pattern = Regexp.new(pattern, Regexp::IGNORECASE)
-    end
-    unless ARGV.shift
-      pp (pattern)? LIST.select{|k,v|pattern.match(k)} : LIST
-      exit 0
-    end
-  end
 
-  $stderr.puts "Please match usage."
-  exit 64
+    $stderr.puts "Please match usage."
+    exit 64
+  end
+rescue RuntimeError
+  $stderr.puts $!
+  exit 66
 end
 
 require 'gtk2passwordapp'

data/data/VERSION

@@ -1 +1 @@
-5.1.0
+5.2.1

data/lib/gtk2passwordapp.rb

@@ -2,13 +2,13 @@
 require 'gtk3app'
 
 # Helper Gems.
+require 'base32'
+require 'totp'
 require 'yaml_zlib_blowfish'
 require 'super_random'
 require 'base_convert'
-require 'helpema'
 
 # This Gem.
-require_relative 'gtk2passwordapp/version.rb'
 require_relative 'gtk2passwordapp/config.rb'
 require_relative 'gtk2passwordapp/such_parts.rb'
 require_relative 'gtk2passwordapp/account.rb'

data/lib/gtk2passwordapp/config.rb

@@ -8,12 +8,12 @@ module Gtk2PasswordApp
   a0 = Rafini::Empty::ARRAY
 
   CONFIG = {
+    Salt: s0, # Password Salt
+    MinPwdLen: 14,
+    TOTP: /^[A-Z2-7]{16,}$/,
 
     # Password Data File
     PwdFile: "#{XDG['CACHE']}/gtk3app/gtk2passwordapp/gtk2pwdV.dat",
-    # Shared Secret File
-    # Consider using a file found in a removable flashdrive.
-    SharedSecretFile: "#{XDG['CACHE']}/gtk3app/gtk2passwordapp/key.ssss",
     BackupFile: "#{ENV['HOME']}/Dropbox/gtk2pwdV.bak",
 
     # Mark Recent Selections
@@ -22,14 +22,11 @@ module Gtk2PasswordApp
     # Mark Old Passwords
     TooOld: 60*60*24*365, # Year
 
-    # Timeout for qr-code read.
-    QrcTimeOut: 15,
-
     # Password Generators
     Random:       'Random',
     AlphaNumeric: 'Alpha-Numeric',
-    Custom:       'Caps',
-    CustomDigits: 'ABCDEFGHIJKLMNOPQRSTUVWXYZ',
+    Custom:       'Custom',
+    CustomDigits: '3479ACEFHJKLMNPRTUVWXYabcdefghijkmnopqrstuvwxyz',
 
     # Button Labels
     Go:       'Go',
@@ -126,7 +123,7 @@ module Gtk2PasswordApp
       about_dialog: {
         set_program_name: 'Password Manager',
         set_version: VERSION.semantic(0..1),
-        set_copyright: '(c) 2014 CarlosJHR64',
+        set_copyright: '(c) 2017 CarlosJHR64',
         set_comments: 'A Gtk3App Password Manager',
         set_website: 'https://github.com/carlosjhr64/gtk2passwordapp',
         set_website_label: 'See it at GitHub!',

data/lib/gtk2passwordapp/gtk2pwdv.rb

@@ -149,32 +149,20 @@ class Gtk2PwdV
     end
   end
 
+  def rehash(pwd)
+    pwd << CONFIG[:Salt] if pwd.length < CONFIG[:MinPwdLen]
+    BaseConvert::FromTo.new(:hex, :qgraph).convert Digest::SHA256.hexdigest(pwd)
+  end
+
   def process_pwd_entries(entry1, entry2)
     begin
-      pwd1 = entry1.text.strip
-      if pwd1 == '' and pwd = Helpema::ZBar.qrcode(CONFIG[:QrcTimeOut])
-        if pwd.include?("\n")
-          pwd1 = BaseConvert::FromTo.new(:hex, :qgraph).convert Digest::SHA256.hexdigest pwd
-        else
-          pwd1 = pwd
-        end
-      end
-      raise 'No password given.' if pwd1 == ''
+      pwd = entry1.text.strip
+      raise 'No password given.' if pwd == ''
       if entry2
-        raise 'Passwords did not match' unless entry2.text.strip==pwd1
-        @accounts.save pwd1
+        raise 'Passwords did not match' unless entry2.text.strip==pwd
+        @accounts.save rehash pwd
       else
-        if pwd1=~/^\d+\-[\dabcdef]+$/ # then we probably have a shared secret...
-          if File.exist? CONFIG[:SharedSecretFile] # and looks like we really do...
-            pwd0 = File.read(CONFIG[:SharedSecretFile]).strip
-            pwd = Helpema::SSSS.combine(pwd0, pwd1)
-            pwd1 = pwd unless pwd=='' # but maybe not.
-          end
-        end
-        if salt = CONFIG[:Salt]
-          pwd1 = BaseConvert::FromTo.new(:hex, :qgraph).convert Digest::SHA256.hexdigest(pwd1+salt)
-        end
-        @accounts.load pwd1
+        @accounts.load rehash pwd
       end
       true
     rescue StandardError
@@ -253,8 +241,9 @@ class Gtk2PwdV
     CONFIG[:FIELDS].each do |field, text|
       entry = Such::PromptedLabel.new @page, :hbox!
       entry.prompt_Label.text = text
-      entry.prompted_Label.text = @account.method(field).call
-      entry.prompted_Label.set_alignment(*CONFIG[:FIELD_ALIGNMENT])
+      (_=entry.prompted_Label).text = @account.method(field).call
+      _.set_alignment(*CONFIG[:FIELD_ALIGNMENT])
+      _.selectable = true
       entries[field] = entry
     end
     return entries
@@ -303,9 +292,18 @@ class Gtk2PwdV
       when clip_box.b_Button # Previous
         copy2clipboard @account.previous, @account.password
       when clip_box.c_Button # Show
-        label.text == hidden ?
-        label.text = @account.password :
-        label.text = hidden
+        case label.text
+        when hidden
+          pwd = @account.password
+          if pwd=~/^[A-Z2-7]+$/
+            pwd = TOTP.passwords(pwd)[1].to_s
+          end
+          label.text = pwd
+        when @account.password
+          label.text = hidden
+        else
+          label.text = @account.password
+        end
       end
     end
     clip_box.labels :Current, :Previous, :Show
@@ -353,7 +351,7 @@ class Gtk2PwdV
 
     # cb and sb will be a CheckButton and SpinButton respectively.
     cb = sb = nil
-    password = @account ? @account.password : ''
+    password = (mode==:edit)? @account.password : ''
     truncate = Proc.new do |p|
       password = p
       if cb.active?

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: gtk2passwordapp
 version: !ruby/object:Gem::Version
-  version: 5.1.0
+  version: 5.2.1
 platform: ruby
 authors:
 - carlosjhr64
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-08-23 00:00:00.000000000 Z
+date: 2017-12-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: yaml_zlib_blowfish
@@ -30,6 +30,26 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.0.0
+- !ruby/object:Gem::Dependency
+  name: base_convert
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.2'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.2.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.2'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.2.0
 - !ruby/object:Gem::Dependency
   name: gtk3app
   requirement: !ruby/object:Gem::Requirement
@@ -39,7 +59,7 @@ dependencies:
         version: '2.0'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.0.0
+        version: 2.0.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -49,67 +69,67 @@ dependencies:
         version: '2.0'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.0.0
+        version: 2.0.1
 - !ruby/object:Gem::Dependency
-  name: super_random
+  name: base32
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
-    - - ">="
+        version: '0.3'
+    - - '='
       - !ruby/object:Gem::Version
-        version: 1.0.0
+        version: 0.3.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
-    - - ">="
+        version: '0.3'
+    - - '='
       - !ruby/object:Gem::Version
-        version: 1.0.0
+        version: 0.3.2
 - !ruby/object:Gem::Dependency
-  name: base_convert
+  name: totp
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.0'
-    - - ">="
+        version: '1.0'
+    - - '='
       - !ruby/object:Gem::Version
-        version: 2.0.0
+        version: 1.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.0'
-    - - ">="
+        version: '1.0'
+    - - '='
       - !ruby/object:Gem::Version
-        version: 2.0.0
+        version: 1.0.0
 - !ruby/object:Gem::Dependency
-  name: helpema
+  name: super_random
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.2'
+        version: '1.0'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.2.0
+        version: 1.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.2'
+        version: '1.0'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.2.0
+        version: 1.0.0
 description: |
   Ruby-Gnome Password Manager.
 
@@ -132,7 +152,6 @@ files:
 - lib/gtk2passwordapp/config.rb
 - lib/gtk2passwordapp/gtk2pwdv.rb
 - lib/gtk2passwordapp/such_parts.rb
-- lib/gtk2passwordapp/version.rb
 homepage: https://github.com/carlosjhr64/gtk2passwordapp
 licenses:
 - MIT
@@ -154,9 +173,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements:
-- 'ruby: ruby 2.4.1p111 (2017-03-22 revision 58053) [x86_64-linux]'
+- 'ruby: ruby 2.4.2p198 (2017-09-14 revision 59899) [x86_64-linux]'
 rubyforge_project: 
-rubygems_version: 2.6.11
+rubygems_version: 2.6.13
 signing_key: 
 specification_version: 4
 summary: Ruby-Gnome Password Manager.

data/lib/gtk2passwordapp/version.rb

@@ -1,3 +0,0 @@
-module Gtk2PasswordApp
-  VERSION = '5.1.0'
-end