lockr 0.4.5 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7462c0421259aa68f618fed002fc646889a615eb
-  data.tar.gz: a3d164b088c4145edd578065fa2ac9aa16d4ac5a
+  metadata.gz: 00c196c9cb57f262dee1286f37ffd5af4bfde695
+  data.tar.gz: cd8bd88ceec44eea89e2d62ad52c02d481cbb964
 SHA512:
-  metadata.gz: faa4356345ce5db24951360a5b580e36d2d603938bc91f8dbedd5cca998b9e26525c3078e06d2be2c1730ed203c64f4d0f27ce583bcd51e13383790e14026b03
-  data.tar.gz: 0f415641ee26e0946c3720fb68bca396ac60858261d10b4755a948ae128501711c15a40d6cc220d7af8b5516d82f4043e4c357977f0085c005f3e4ac701b3f1b
+  metadata.gz: 432c59d178834dd78d626c123b1025b344bba0c2e734d39baf0e051e10614b356a2cb3f347c2f0c1629ccce9667c4168f8bc19e91685d6d8a119a874b735d258
+  data.tar.gz: ff736641071a2fe9e4b7caee7d64666675254660fc8804596418c0829eeb66d1eff332c420814a8f931d1a0851afd145a9dd52882f921658da38dd8581c430ad

data/bin/httplockr.rb

@@ -0,0 +1,64 @@
+#!/usr/bin/env ruby
+
+require 'lockr/http/httplockrinit'
+require 'erb'
+require 'clipboard'  
+require 'padrino-helpers'
+
+include ERB::Util
+
+init = HttpLockrInit.new()
+init.start()
+
+# now start sinatra
+require 'sinatra'
+
+if init.getLoadBrowser
+  require "browser_gui"  
+end
+
+register Padrino::Helpers
+
+set :pwdmgr, init.getPwdMgr()
+# server config
+set :public_dir, 'resources/static'
+set :bind, '127.0.0.1'
+set :port, 32187
+set :views, 'resources/views'
+ 
+get '/' do
+  dir = settings.pwdmgr.list()
+  erb :index, :locals => { :directory => dir }
+end
+
+get '/password' do
+  id = params[:id]
+  username = params[:username]
+  settings.pwdmgr.copy_to_clipboard( id, username)
+  redirect '/'
+end
+
+post '/password' do
+  id = params[:id]
+  username = params[:username]
+  password = params[:password]
+  newPwdstore = settings.pwdmgr.add( id, username, password)
+  dir = settings.pwdmgr.list()
+  redirect '/'
+end
+
+patch '/password' do
+  id = params[:id]
+  username = params[:username]
+  password = params[:password]
+  settings.pwdmgr.change( id, username, password)
+  redirect '/'
+end
+
+delete '/password' do
+  id = params[:id]
+  username = params[:username]
+  settings.pwdmgr.delete( id, username)
+  redirect '/'
+end
+

data/lib/lockr.rb

@@ -12,7 +12,6 @@ require 'lockr/config'
 require 'lockr/pwdgen'
 require 'lockr/sftp'
 require 'lockr/version'
-require 'lockr/fileutils'
   
 class Lockr
   
@@ -156,9 +155,6 @@ class Lockr
   end
   
   def process_actions( configfile, options)
-    rotate_required = ( ! options[:download].nil? ) || ( ! %w{a add r remove}.index( options[:action]).nil? )
-    FileUtils.rotate_file( options[:vault], 3) if rotate_required
-    
     unless options[:download].nil?
       sftp = SFTP.new
       sftp.download( configfile, options[:vault])

data/lib/lockr/action/add.rb

@@ -1,15 +1,13 @@
-require 'lockr/action/aes'
-require 'lockr/pwdstore'
+require 'lockr/action/base'
 
-class AddAction < AesAction
+class AddAction < BaseAction
   
   def initialize(id,url,username,pwd,keyfile,vault)
-    keyfilehash = FileUtils.calculate_sha512_hash( keyfile)
-    
-    pwd_directory = load_from_vault( vault)
+    super( keyfile, vault)
+    pwd_directory = @pwdmgr.list()
     
     if pwd_directory.has_key?( id)
-      pwd_directory_id = YAML::load(decrypt( pwd_directory[id][:enc], keyfilehash, pwd_directory[id][:salt]))
+      pwd_directory_id = pwd_directory[id]
     else
       pwd_directory_id = {}
     end
@@ -21,13 +19,8 @@ class AddAction < AesAction
       end
     end
     
-    new_store = PasswordStore.new( id, url, username, pwd)
-    pwd_directory_id[username] = new_store
-    
-    pwd_directory[id] = {}
-    pwd_directory[id][:enc], pwd_directory[id][:salt] = encrypt( pwd_directory_id.to_yaml, keyfilehash)
-    
-    save_to_vault( pwd_directory, vault)
+    # ###TODO add url
+    @pwdmgr.add( id, username, pwd)
     say("Password saved for ID '<%= color('#{id}', :blue) %>' and user '<%= color('#{username}', :green) %>'")
   end
   

data/lib/lockr/action/base.rb

@@ -1,28 +1,7 @@
-require 'openssl'
-require 'lockr/encryption/aes'
-require 'lockr/fileutils'
+require 'lockr/pwdmgr'
 
 class BaseAction
-  include FileUtils
-  
-  def save_to_vault( storelist, vault)
-    FileUtils.store_obj_yaml( vault, storelist)
-  end
-  
-  # loads the datastructure for the password sets from the file
-  # it looks like this:
-  #
-  # pwd_directory = { 
-  #   :id => { 
-  #     :enc  => 'encrypted password store list', 
-  #     :salt => 'salt for decryption' 
-  #   } 
-  # }
-  #
-  # decrypted_store_list = {
-  #   :username => PasswordStore
-  # }
-  def load_from_vault( vault)
-    FileUtils.load_obj_yaml( vault)
+  def initialize( keyfile, vault)
+    @pwdmgr = PasswordManager.new( keyfile, vault)
   end
 end

data/lib/lockr/action/list.rb

@@ -1,20 +1,19 @@
-require 'lockr/action/aes'
-require 'lockr/pwdstore'
+require 'lockr/action/base'
 
-class ListAction < AesAction
+class ListAction < BaseAction
   
   def initialize( keyfile, vault)
-    pwd_directory = load_from_vault( vault)
+    super( keyfile, vault)
+    pwdlist = @pwdmgr.list()
     out = []
     
     if keyfile.nil?
-      pwd_directory.each { |id,value|
+      pwdlist.each { |id,value|
         out << "Id: #{id}"
       }
     else
-      keyfilehash = FileUtils.calculate_sha512_hash( keyfile)
-      pwd_directory.each { |oid,value|
-        pwd_directory_id = YAML::load(decrypt( value[:enc], keyfilehash, value[:salt]))
+      pwdlist.each { |oid,site_directory|
+        pwd_directory_id = site_directory
         pwd_directory_id.each { |username, pwdstore|
           out << "Id: #{pwdstore.id} / Username: #{pwdstore.username}"
         }

data/lib/lockr/action/remove.rb

@@ -1,18 +1,18 @@
-require 'lockr/action/aes'
-require 'lockr/pwdstore'
+require 'lockr/action/base'
 
-class RemoveAction < AesAction
+class RemoveAction < BaseAction
   
   def initialize(id,username,keyfile,vault)
-    keyfilehash = FileUtils.calculate_sha512_hash( keyfile)
-    pwd_directory = load_from_vault( vault)
+    super( keyfile, vault)
+    
+    pwd_directory = @pwdmgr.list()
     
     unless pwd_directory.has_key?( id)
       puts "Id '#{id}' not found"
       exit 20
     end
     
-    pwd_directory_id = YAML::load(decrypt( pwd_directory[id][:enc], keyfilehash, pwd_directory[id][:salt]))
+    pwd_directory_id = pwd_directory[id]
     
     unless pwd_directory_id.has_key?(username)
       puts "Username '#{username}' not found for id '#{id}'"
@@ -24,16 +24,7 @@ class RemoveAction < AesAction
       exit 22
     end
     
-    pwd_directory_id.delete( username)
-    
-    if ( pwd_directory_id.size == 0 )
-      pwd_directory.delete( id)
-    else
-      pwd_directory[id] = {}
-      pwd_directory[id][:enc], pwd_directory[id][:salt] = encrypt( pwd_directory_id.to_yaml, keyfilehash)
-    end
-    
-    save_to_vault( pwd_directory, vault)
+    @pwdmgr.delete( id, username)
     puts "Entry removed"
   end
   

data/lib/lockr/action/show.rb

@@ -1,18 +1,18 @@
-require 'lockr/action/aes'
+require 'lockr/action/base'
 
-class ShowAction < AesAction
+class ShowAction < BaseAction
   
-  def initialize(id,username,keyfile, vault)
-    keyfilehash = FileUtils.calculate_sha512_hash( keyfile)
+  def initialize(id, username, keyfile, vault)
+    super( keyfile, vault)
     
-    pwd_directory = load_from_vault( vault)
+    pwd_directory = @pwdmgr.list()
     
     unless pwd_directory.has_key?( id)
       puts "Id '#{id}' not found"
       exit 10
     end
     
-    pwd_directory_id = YAML::load(decrypt( pwd_directory[id][:enc], keyfilehash, pwd_directory[id][:salt]))
+    pwd_directory_id = pwd_directory[id]
     
     if username.nil? 
       if pwd_directory_id.length == 1

data/lib/lockr/fileutils.rb

@@ -1,8 +1,10 @@
-module FileUtils
+require 'yaml'
+
+module LockrFileUtils
   
   # rotate the provided file with a maximum of 'limit' backups
   # renamed filed will be named file_0, file_1, ...
-  def FileUtils.rotate_file( file, limit)
+  def LockrFileUtils.rotate_file( file, limit)
     return unless File.exists?(file)
     
     # move old files first
@@ -10,11 +12,11 @@ module FileUtils
     max_files.downto( 0) { |i|
       
       if i == 0
-        FileUtils.copy( file, "#{file}_#{i}")
+        LockrFileUtils.copy( file, "#{file}_#{i}")
       else
         j = i - 1
         if File.exists?("#{file}_#{j}")
-          FileUtils.copy( "#{file}_#{j}", "#{file}_#{i}")  
+          LockrFileUtils.copy( "#{file}_#{j}", "#{file}_#{i}")  
         end
       end
     }
@@ -23,7 +25,7 @@ module FileUtils
   end  
   
   # copy file_src to file_target
-  def FileUtils.copy( file_src, file_target)
+  def LockrFileUtils.copy( file_src, file_target)
     return unless File.exists?( file_src)
     
     dst = File.new( file_target, 'w')
@@ -34,14 +36,14 @@ module FileUtils
   end
   
   # store an object as yaml to file
-  def FileUtils.store_obj_yaml( file, object)
+  def LockrFileUtils.store_obj_yaml( file, object)
     File.open( file, 'w') do |f|
       f.write( object.to_yaml)
     end
   end
   
   # load an yaml object from file
-  def FileUtils.load_obj_yaml( file)
+  def LockrFileUtils.load_obj_yaml( file)
     object = {}
     
     unless File.exist?( file)
@@ -56,7 +58,7 @@ module FileUtils
   end
   
   # calculate the sha512 hash of a file
-  def FileUtils.calculate_sha512_hash( filename)
+  def LockrFileUtils.calculate_sha512_hash( filename)
     sha512 = OpenSSL::Digest::SHA512.new
 
     File.open( filename) do |file|
@@ -71,4 +73,25 @@ module FileUtils
     
     sha512.to_s
   end
+  
+  def save_to_vault( storelist, vault)
+    LockrFileUtils.store_obj_yaml( vault, storelist)
+  end
+  
+  # loads the datastructure for the password sets from the file
+  # it looks like this:
+  #
+  # pwd_directory = { 
+  #   :id => { 
+  #     :enc  => 'encrypted password store list', 
+  #     :salt => 'salt for decryption' 
+  #   } 
+  # }
+  #
+  # decrypted_store_list = {
+  #   :username => PasswordStore
+  # }
+  def load_from_vault( vault)
+    LockrFileUtils.load_obj_yaml( vault)
+  end
 end

data/lib/lockr/http/httplockrinit.rb

@@ -0,0 +1,79 @@
+require 'optparse'
+require 'lockr/config'
+require 'lockr/pwdmgr'
+    
+class HttpLockrInit
+  
+  def start()
+    options = parse_options()
+    
+    unless options[:keyfile]
+      puts 'Please provide a keyfile'
+      raise ArgumentError
+    end
+    
+    configfile = Configuration.new()
+    cfg = configfile.config[:lockr]
+    options[:vault] = File.expand_path(cfg[:vault]) if options[:vault] == 'vault.yaml'
+    
+    @pwdmgr = PasswordManager.new( options[:keyfile], options[:vault])
+    @load_browser = options[:browser]
+  end
+  
+  def getPwdMgr
+    return @pwdmgr
+  end
+  
+  def getLoadBrowser
+    return @load_browser
+  end
+  
+  def parse_options()
+    options = {}
+    
+    optparse = OptionParser.new do|opts|
+    # Set a banner, displayed at the top
+    # of the help screen.
+      opts.banner = "Usage: httplockr [options]"
+    
+      options[:keyfile] = nil
+      opts.on( '-k', '--keyfile FILE', 'the FILE to use as key for the password encryption') do |file|
+        options[:keyfile] = File.expand_path(file)
+      end
+      
+      options[:vault] = 'vault.yaml'
+      opts.on( '-v', '--vault FILE', 'FILE is the name of the vault to store the password sets') do |file|
+        options[:vault] = File.expand_path(file)
+      end
+      
+      options[:browser] = false
+      opts.on( '-b', '--browser', 'open browser windows for lockr') do |d|
+        options[:browser] = true
+      end
+      
+      # This displays the help screen, all programs are
+      # assumed to have this option.
+      opts.on( '-h', '--help', 'Display this screen' ) do
+        puts opts
+        exit
+      end
+      
+      opts.on('--version', 'Show version') do
+        puts "HttpLockr #{LockrVer::VERSION} (#{LockrVer::DATE})"
+        exit
+      end
+      
+      opts.separator ""
+      opts.separator "For detailed instructions on how to use HttpLockr, please visit http://lockr.byteblues.com"
+    end
+    
+    # Parse the command-line. Remember there are two forms
+    # of the parse method. The 'parse' method simply parses
+    # ARGV, while the 'parse!' method parses ARGV and removes
+    # any options found there, as well as any parameters for
+    # the options. What's left is the list of files to resize.
+    optparse.parse!
+  
+    options
+  end
+end

data/lib/lockr/pwdmgr.rb

@@ -0,0 +1,126 @@
+require 'lockr/encryption/aes'
+require 'lockr/pwdstore'
+require 'lockr/fileutils'
+require 'rufus/scheduler'
+
+class PasswordManager
+  include Aes
+  include LockrFileUtils
+  
+  NUM_BACKUP_FILES = 3
+  
+  def initialize( keyfile, vault)
+    puts "Initializing Password manager module. Vault: '#{vault}', Keyfile: '...'"
+    @vault_file = vault
+    @keyfile = keyfile
+    @scheduler = Rufus::Scheduler.new
+  end
+  
+  def list()
+    return decrypt_vault()
+  end
+  
+  def copy_to_clipboard( id, username)
+    vault = decrypt_vault()
+    
+    Clipboard.copy vault[id][username].password
+    puts 'Password copied to clipboard'
+    
+    if @job != nil
+      begin
+        @scheduler.unschedule( @job)
+        puts 'Unscheduled old clear task'
+      rescue ArgumentError
+        # job no longer active
+      end 
+    end
+    
+    puts 'Scheduling clipboard reset in 15 seconds'
+    @job = @scheduler.in '15s' do
+      Clipboard.copy ' '
+      puts 'Clipboard cleared'
+    end
+  end
+  
+  def add( id, username, password)
+    vault = decrypt_vault()
+    site_dir = {}
+    
+    # get site directory
+    if vault.has_key?( id)
+      site_dir = vault[id]
+    end
+    
+    # TODO add url
+    new_store = PasswordStore.new( id, nil, username, password)
+    site_dir[username] = new_store
+    vault[id] = site_dir
+    
+    encrypt_vault( vault)
+    puts 'Added new id/username combination'
+    return new_store
+  end
+  
+  def change( id, username, password)
+    vault = decrypt_vault()
+    site_dir = vault[id]
+    site_dir[username].password = password
+    
+    encrypt_vault( vault)
+    puts 'Changed password'
+  end
+  
+  def delete( id, username)
+    vault = decrypt_vault()
+    site_dir = vault[id]
+    
+    site_dir.delete( username)
+    
+    if ( site_dir.size == 0 )
+      vault.delete( id)
+    end
+    
+    encrypt_vault( vault)
+    puts 'Deleted password'
+  end
+  
+private
+  
+  def decrypt_vault()
+    pwd_directory = load_from_vault( @vault_file)
+    keyfilehash = '00000000' # initialize with dummy hash
+    
+    if ( @keyfile != nil )
+      keyfilehash = LockrFileUtils.calculate_sha512_hash( @keyfile)
+    end
+    
+    vault = {}
+    
+    pwd_directory.each { |id,site_dir_enc|
+      begin
+        vault[id] = YAML::load(decrypt( site_dir_enc[:enc], keyfilehash, site_dir_enc[:salt]))
+      rescue OpenSSL::Cipher::CipherError
+        # could not decrypt
+        vault[id] = nil
+      end
+    }
+    
+    return vault
+  end
+  
+  def encrypt_vault( vault)
+    LockrFileUtils.rotate_file( @vault_file, NUM_BACKUP_FILES)
+    keyfilehash = LockrFileUtils.calculate_sha512_hash( @keyfile)
+    
+    pwd_directory = {}
+    
+    vault.each { |id, site_dir_dec|
+      pwd_directory[id] = {}
+      pwd_directory[id][:enc], pwd_directory[id][:salt] = encrypt( site_dir_dec.to_yaml, keyfilehash)  
+    }    
+
+    save_to_vault( pwd_directory, @vault_file)
+    puts 'Vault saved'
+  end
+  
+end