keepassx 0.1.0 → 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 4db73a09546a08ab55cb858af6633140b1330b29512f67b2fc535dfc7faa497d
+  data.tar.gz: 07ce161d5e70797499e7fc91c16ad6e4155e39ec38088ea615ca4e1adddf35e7
+SHA512:
+  metadata.gz: 8b02a38627723697feda5d948e8a678840a4fbfefe035da2b53ce745bc4041ee3b18d933cefa313943a5710b30d5162b1a4037c13eb00ce6db9fb6127c361d71
+  data.tar.gz: b5724c17a5f53249ce6a54e48fbe99f9d4282ed017ce15b12ea4174afa5d7e4abef05096280bd7020afb948b881e3135b929b6e85ed4483a5167ceff0d4ac706

data/.codeclimate.yml

@@ -0,0 +1,30 @@
+---
+engines:
+  duplication:
+    enabled: true
+    exclude_fingerprints:
+    # dumper.rb
+    - dec843d4724d26c64427d1037a2ea4f1
+    # aes_crypt.rb
+    - 33893778c027f4ce2aaef293c8eb00e0
+    config:
+      languages:
+      - ruby
+      - javascript
+      - python
+      - php
+  fixme:
+    enabled: true
+  rubocop:
+    enabled: true
+ratings:
+  paths:
+  - "**.inc"
+  - "**.js"
+  - "**.jsx"
+  - "**.module"
+  - "**.php"
+  - "**.py"
+  - "**.rb"
+exclude_paths:
+- spec/

data/.gitignore

@@ -0,0 +1,9 @@
+*.gem
+*.lock
+*.log
+.bundle
+/pkg
+/rdoc
+/coverage
+/junit
+/tmp

data/.rubocop.yml

@@ -0,0 +1,64 @@
+AllCops:
+  TargetRubyVersion: 2.6
+  Exclude:
+    - spec/**/*
+
+Documentation:
+  Enabled: false
+
+Layout/AlignHash:
+  Enabled: false
+
+Layout/EmptyLines:
+  Enabled: false
+
+Layout/EmptyLinesAroundClassBody:
+  Enabled: false
+
+Layout/EmptyLinesAroundBlockBody:
+  Enabled: false
+
+Layout/EmptyLinesAroundModuleBody:
+  Enabled: false
+
+Layout/EmptyLineBetweenDefs:
+  Enabled: false
+
+Layout/IndentationConsistency:
+  EnforcedStyle: rails
+
+Metrics/AbcSize:
+  Enabled: false
+
+Metrics/LineLength:
+  Enabled: false
+
+Metrics/MethodLength:
+  Max: 12
+
+Metrics/ModuleLength:
+  Max: 160
+
+Metrics/ClassLength:
+  Max: 160
+
+Metrics/CyclomaticComplexity:
+  Enabled: false
+
+Metrics/PerceivedComplexity:
+  Enabled: false
+
+Naming/AccessorMethodName:
+  Enabled: false
+
+Style/TrailingCommaInArrayLiteral:
+  EnforcedStyleForMultiline: comma
+
+Style/TrailingCommaInHashLiteral:
+  EnforcedStyleForMultiline: comma
+
+Style/NumericPredicate:
+  EnforcedStyle: comparison
+
+Style/UnpackFirst:
+  Enabled: false

data/.travis.yml

@@ -1,5 +1,14 @@
 language: ruby
+cache: bundler
+sudo: false
 rvm:
-  - 1.8.7
-  - 1.9.1
-  - 1.9.3
+  - 2.6.5
+  - 2.5.7
+  - 2.4.9
+  - 2.3.8
+  - jruby-9.2.8.0
+before_install:
+  - gem update --system
+  - gem install bundler --no-document
+after_success:
+  - bundle exec codeclimate-test-reporter

data/Gemfile

@@ -1,5 +1,7 @@
-source "http://rubygems.org"
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
 
 gemspec
 
-gem 'rake', '0.8.7'
+gem 'codeclimate-test-reporter', group: :test, require: false

data/Guardfile

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+guard :rspec, cmd: 'bundle exec rspec' do
+  require 'guard/rspec/dsl'
+  dsl = Guard::RSpec::Dsl.new(self)
+
+  # RSpec files
+  rspec = dsl.rspec
+  watch(rspec.spec_helper) { rspec.spec_dir }
+  watch(rspec.spec_support) { rspec.spec_dir }
+  watch(rspec.spec_files)
+
+  # Ruby files
+  ruby = dsl.ruby
+  dsl.watch_spec_files_for(ruby.lib_files)
+end

data/LICENSE

@@ -0,0 +1,19 @@
+The MIT License (MIT)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,33 @@
+## Keepassx
+
+[![GitHub license](https://img.shields.io/github/license/pitluga/keepassx.svg)](https://github.com/pitluga/keepassx/blob/master/LICENSE)
+[![GitHub release](https://img.shields.io/github/release/pitluga/keepassx.svg)](https://github.com/pitluga/keepassx/releases/latest)
+[![Build Status](https://travis-ci.org/pitluga/keepassx.svg?branch=master)](https://travis-ci.org/pitluga/keepassx)
+
+### A Ruby library to read and write [KeePassX](http://www.keepassx.org/) databases.
+
+## Installation
+
+```sh
+gem install keepassx
+```
+
+or if you use bundler
+
+```ruby
+gem 'keepassx'
+```
+
+## Usage
+
+```ruby
+require 'keepassx'
+
+database = Keepassx::Database.open("/path/to/database.kdb")
+database.unlock("the master password")
+puts database.entry("entry's title").password
+```
+
+## Security Warning
+
+No attempt is made to protect the memory used by this library; there may be something we can do with libgcrypt's secure-malloc functions, but right now your master password is unencrypted in ram that could possibly be paged to disk.

data/Rakefile

@@ -1,5 +1,6 @@
-require 'rspec/core/rake_task'
+# frozen_string_literal: true
 
-task :default => :spec
+require 'rspec/core/rake_task'
 
 RSpec::Core::RakeTask.new(:spec)
+task default: :spec

data/keepassx.gemspec

@@ -1,14 +1,24 @@
+# frozen_string_literal: true
+
+require_relative 'lib/keepassx/version'
+
 Gem::Specification.new do |s|
-  s.name = "keepassx"
-  s.summary = "Ruby API access for KeePassX databases"
-  s.description = "See http://github.com/pitluga/keepassx"
-  s.version = "0.1.0"
-  s.authors = ["Tony Pitluga", "Paul Hinze"]
-  s.email = ["tony.pitluga@gmail.com", "paul.t.hinze@gmail.com"]
-  s.homepage = "http://github.com/pitluga/keepassx"
-  s.files = `git ls-files`.split("\n")
+  s.name        = 'keepassx'
+  s.version     = Keepassx::VERSION
+  s.authors     = ['Tony Pitluga', 'Paul Hinze']
+  s.email       = ['tony.pitluga@gmail.com', 'paul.t.hinze@gmail.com']
+  s.homepage    = 'http://github.com/pitluga/keepassx'
+  s.summary     = 'Ruby API access for KeePassX databases'
+  s.description = 'See http://github.com/pitluga/keepassx'
+  s.license     = 'MIT'
 
-  s.add_dependency "fast-aes", "~> 0.1"
+  s.files = `git ls-files`.split("\n")
 
-  s.add_development_dependency "rspec", "2.11.0"
+  s.add_development_dependency 'factory_bot'
+  s.add_development_dependency 'guard'
+  s.add_development_dependency 'guard-rspec'
+  s.add_development_dependency 'rake', '~> 10.4'
+  s.add_development_dependency 'respect'
+  s.add_development_dependency 'rspec'
+  s.add_development_dependency 'simplecov'
 end

data/lib/keepassx.rb

@@ -1,13 +1,52 @@
+# frozen_string_literal: true
+
 require 'base64'
 require 'stringio'
 require 'openssl'
+require 'securerandom'
 require 'digest/sha2'
-require 'fast-aes'
+require 'yaml'
 
+require 'keepassx/database/dumper'
+require 'keepassx/database/loader'
+require 'keepassx/database/finder'
 require 'keepassx/database'
+require 'keepassx/field/base'
+require 'keepassx/field/entry'
+require 'keepassx/field/group'
+require 'keepassx/fieldable'
 require 'keepassx/entry'
-require 'keepassx/entry_field'
 require 'keepassx/group'
-require 'keepassx/group_field'
 require 'keepassx/header'
 require 'keepassx/aes_crypt'
+
+module Keepassx
+  class << self
+
+    # Create Keepassx database
+    #
+    # @param opts [Hash] Keepassx database options.
+    # @yield [opts]
+    # @yieldreturn [Fixnum]
+    # @return [Keepassx::Database]
+    def new(opts)
+      db = Database.new(opts)
+      yield db if block_given?
+      db
+    end
+
+
+    # Read Keepassx database from file storage.
+    #
+    # @param opts [Hash] Keepassx database options.
+    # @yield [opts]
+    # @yieldreturn [Fixnum]
+    # @return [Keepassx::Database]
+    def open(opts)
+      db = Database.new(opts)
+      yield db if block_given?
+      db
+    end
+
+  end
+end

data/lib/keepassx/aes_crypt.rb

@@ -1,19 +1,29 @@
+# frozen_string_literal: true
+
 module Keepassx
   module AESCrypt
-    def self.decrypt(encrypted_data, key, iv, cipher_type)
-      aes = OpenSSL::Cipher::Cipher.new(cipher_type)
+    module_function
+
+    # rubocop:disable Naming/UncommunicativeMethodParamName
+    def decrypt(encrypted_data, key, iv, cipher_type)
+      aes = OpenSSL::Cipher.new(cipher_type)
       aes.decrypt
       aes.key = key
-      aes.iv = iv unless iv.nil?
+      aes.iv  = iv unless iv.nil?
       aes.update(encrypted_data) + aes.final
     end
+    # rubocop:enable Naming/UncommunicativeMethodParamName
 
-    def self.encrypt(data, key, iv, cipher_type)
-      aes = OpenSSL::Cipher::Cipher.new(cipher_type)
+
+    # rubocop:disable Naming/UncommunicativeMethodParamName
+    def encrypt(data, key, iv, cipher_type)
+      aes = OpenSSL::Cipher.new(cipher_type)
       aes.encrypt
       aes.key = key
-      aes.iv = iv unless iv.nil?
+      aes.iv  = iv unless iv.nil?
       aes.update(data) + aes.final
     end
+    # rubocop:enable Naming/UncommunicativeMethodParamName
+
   end
 end

data/lib/keepassx/database.rb

@@ -1,45 +1,236 @@
+# frozen_string_literal: true
+
 module Keepassx
   class Database
 
-    attr_reader :header, :groups, :entries
+    include Database::Dumper
+    include Database::Loader
+    include Database::Finder
 
-    def self.open(path)
-      content = File.respond_to?(:binread) ? File.binread(path) : File.read(path)
-      self.new(content)
-    end
 
-    def initialize(raw_db)
-      @header = Header.new(raw_db[0..124])
-      @encrypted_payload = raw_db[124..-1]
+    # Check database validity.
+    #
+    # @return [Boolean]
+    def valid?
+      header.valid?
     end
 
-    def entry(title)
-      @entries.detect { |e| e.title == title }
+
+    # Get lock state
+    #
+    # @return [Boolean]
+    def locked?
+      @locked
     end
 
-    def unlock(master_password)
-      @final_key = header.final_key(master_password)
-      decrypt_payload
-      payload_io = StringIO.new(@payload)
-      @groups = Group.extract_from_payload(header, payload_io)
-      @entries = Entry.extract_from_payload(header, payload_io)
-      true
-    rescue OpenSSL::Cipher::CipherError
-      false
+
+    # Add new group to database.
+    #
+    # @param opts [Hash] Options that will be passed to Keepassx::Group#new.
+    # @return [Keepassx::Group]
+    # rubocop:disable Metrics/MethodLength
+    def add_group(opts)
+      raise ArgumentError, "Expected Hash or Keepassx::Group, got #{opts.class}" unless valid_group?(opts)
+
+      if opts.is_a?(Keepassx::Group)
+        # Assign parent group
+        parent = opts.parent
+        index  = last_sibling_index(parent) + 1
+        @groups.insert(index, opts)
+
+        # Increment counter
+        header.groups_count += 1
+
+        # Return group
+        opts
+
+      elsif opts.is_a?(Hash)
+        opts = deep_copy(opts)
+        opts = build_group_options(opts)
+
+        # Create group
+        group = create_group(opts)
+
+        # Increment counter
+        header.groups_count += 1
+
+        # Return group
+        group
+      end
     end
+    # rubocop:enable Metrics/MethodLength
+
+
+    # Add new entry to database.
+    #
+    # @param opts [Hash] Options that will be passed to Keepassx::Entry#new.
+    # @return [Keepassx::Entry]
+    def add_entry(opts)
+      raise ArgumentError, "Expected Hash or Keepassx::Entry, got #{opts.class}" unless valid_entry?(opts)
 
-    def search(pattern)
-      backup = groups.detect { |g| g.name == "Backup" }
-      backup_group_id = backup && backup.group_id
-      entries.select { |e| e.group_id != backup_group_id && e.title =~ /#{pattern}/i }
+      if opts.is_a?(Keepassx::Entry)
+        # Add entry
+        @entries << opts
+
+        # Increment counter
+        header.entries_count += 1
+
+        # Return entry
+        opts
+
+      elsif opts.is_a?(Hash)
+        opts = deep_copy(opts)
+        opts = build_entry_options(opts)
+
+        # Create entry
+        entry = create_entry(opts)
+
+        # Increment counter
+        header.entries_count += 1
+
+        # Return entry
+        entry
+      end
     end
 
-    def valid?
-      @header.valid?
+
+    def delete_group(item)
+      # Get group entries and delete them
+      group_entries = entries.select { |e| e.group == item }
+      group_entries.each { |e| delete_entry(e) }
+
+      # Recursively delete ancestor groups
+      group_ancestors = groups.select { |g| g.parent == item }
+      group_ancestors.each { |g| delete_group(g) }
+
+      item = groups.delete(item)
+      header.groups_count -= 1
+      item
     end
 
-    def decrypt_payload
-      @payload = AESCrypt.decrypt(@encrypted_payload, @final_key, header.encryption_iv, 'AES-256-CBC')
+
+    def delete_entry(item)
+      item = entries.delete(item)
+      header.entries_count -= 1
+      item
     end
+
+
+    private
+
+
+      # Make deep copy of Hash
+      def deep_copy(opts)
+        Marshal.load Marshal.dump(opts)
+      end
+
+
+      # Get next group ID number.
+      #
+      # @return [Fixnum]
+      def next_group_id
+        if @groups.empty?
+          # Start each time from 1 to make sure groups get the same id's for the
+          # same input data
+          1
+        else
+          id = @groups.last.id
+          loop do
+            id += 1
+            break id if @groups.find { |g| g.id == id }.nil?
+          end
+        end
+      end
+
+
+      # Retrieves last sibling index
+      #
+      #  @param parent [Keepassx::Group] Last sibling group.
+      #  @return [Integer] index Group index.
+      def last_sibling_index(parent)
+        return -1 if groups.empty?
+
+        if parent.nil?
+          parent_index  = 0
+          sibling_level = 1
+        else
+          parent_index  = groups.find_index(parent)
+          sibling_level = parent.level + 1
+        end
+
+        raise "Could not find group #{parent.name}" if parent_index.nil?
+
+        (parent_index..(header.groups_count - 1)).each do |i|
+          break i unless groups[i].level == sibling_level
+        end
+      end
+
+
+      def create_group(opts = {})
+        group = Keepassx::Group.new(opts)
+        if group.parent.nil?
+          @groups << group
+        else
+          index = last_sibling_index(group.parent) + 1
+          @groups.insert(index, group)
+        end
+        group
+      end
+
+
+      def build_group_options(opts = {})
+        opts[:id] = next_group_id unless opts.key?(:id)
+
+        # Replace parent, which is specified by symbol with actual group
+        if opts[:parent].is_a?(Symbol)
+          group = find_group(opts[:parent])
+          raise "Group #{opts[:parent].inspect} does not exist" if group.nil?
+
+          opts[:parent] = group
+        end
+        opts
+      end
+
+
+      def create_entry(opts = {})
+        entry = Keepassx::Entry.new(opts)
+        @entries << entry
+        entry
+      end
+
+
+      # rubocop:disable Metrics/MethodLength, Style/SafeNavigation
+      def build_entry_options(opts = {})
+        if opts[:group]
+          if opts[:group].is_a?(String) || opts[:group].is_a?(Hash)
+            group = find_group(opts[:group])
+            raise "Group #{opts[:group].inspect} does not exist" if group.nil?
+
+            opts[:group] = group
+            opts[:group_id] = group.id
+          elsif opts[:group].is_a?(Keepassx::Group)
+            opts[:group_id] = opts[:group].id
+          end
+
+        elsif opts[:group_id] && opts[:group_id].is_a?(Integer)
+          group = find_group(id: opts[:group_id])
+          raise "Group #{opts[:group_id].inspect} does not exist" if group.nil?
+
+          opts[:group] = group
+        end
+        opts
+      end
+      # rubocop:enable Metrics/MethodLength, Style/SafeNavigation
+
+
+      def valid_group?(object)
+        object.is_a?(Keepassx::Group) || object.is_a?(Hash)
+      end
+
+
+      def valid_entry?(object)
+        object.is_a?(Keepassx::Entry) || object.is_a?(Hash)
+      end
+
   end
 end