mpw 3.1.0 → 3.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ef1f27beb1e85561895eeaec053e65339d404a18
-  data.tar.gz: b69ea026f373f5b3039a71776e4acc9ec4d44e3c
+  metadata.gz: 38a2af169d14523a873d9ca733b19ce2f7856830
+  data.tar.gz: 7d3365270ad43f53316ce9519e7b2feb01ee73ca
 SHA512:
-  metadata.gz: 46c34128083ac6a70fcbb1ef3b9e0fb29b9bb58419a51d0b3623d0dbc34dd8b6371c8bed9c13b4dc61ffd7c9d0a2de06f37a61477e296b78934878edcf62959c
-  data.tar.gz: 0ff807e8c938d31abec7bce1f4a18b4f795eacf87065c8166430ffc9f86e3a9533f9098032db6ca94455345761099ea89c006072017868cac29aff6e1a381443
+  metadata.gz: 3d8931b9d43a244cae00039e66cc9575d21cb6ab4b7448104eccbaa70bc95bf0e3ebbec3c2297504fd5d59b2f6610764777e94e59750e2d7020b71bc9d2449c3
+  data.tar.gz: eea9b9f36d27dc035e1c18a04a0ef6c3cdda0b71fb1709f72dc30739373c088c06b40b0464fa42d196fda2020d1f58ff38489ed0f24caf22479dcfce0df8e9fe

data/Gemfile

@@ -7,3 +7,4 @@ gem 'colorize'
 gem 'net-ssh'
 gem 'net-scp'
 gem 'clipboard'
+gem 'rotp'

data/VERSION

@@ -1 +1 @@
-3.1.0
+3.2.0

data/bin/mpw

@@ -16,11 +16,15 @@
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 
+$: << File.expand_path('../../lib', __FILE__)
+
 require 'optparse'
-require 'pathname'
 require 'locale'
 require 'set'
 require 'i18n'
+require 'mpw/mpw'
+require 'mpw/config'
+require 'mpw/cli'
 
 # --------------------------------------------------------- #
 # Set local
@@ -32,15 +36,8 @@ if defined?(I18n.enforce_available_locales)
 	I18n.enforce_available_locales = true
 end
 
-APP_ROOT = File.dirname(Pathname.new(__FILE__).realpath)
-
-# TODO
-require "#{APP_ROOT}/../lib/mpw/mpw.rb"
-require "#{APP_ROOT}/../lib/mpw/config.rb"
-require "#{APP_ROOT}/../lib/mpw/ui/cli.rb"
-
 I18n::Backend::Simple.send(:include, I18n::Backend::Fallbacks)
-I18n.load_path      = Dir["#{APP_ROOT}/../i18n/*.yml"]
+I18n.load_path      = Dir["#{File.expand_path('../../i18n', __FILE__)}/*.yml"]
 I18n.default_locale = :en
 I18n.locale         = lang.to_sym
 
@@ -48,8 +45,10 @@ I18n.locale         = lang.to_sym
 # Options
 # --------------------------------------------------------- #
 
+options_password    = {}
 options             = {}
 options[:force]     = false
+options[:otp]       = false
 options[:sync]      = true
 options[:clipboard] = true
 options[:group]     = nil
@@ -97,8 +96,7 @@ OptionParser.new do |opts|
 	end
 
 	opts.on('-G', '--generate-password [LENGTH]', I18n.t('option.generate_password')) do |length|
-		puts MPW::MPW::password(length)
-		exit 0
+		options_password[:length] = length
 	end
 
 	opts.on('-h', '--help', I18n.t('option.help')) do
@@ -118,10 +116,18 @@ OptionParser.new do |opts|
 		options[:key] = key
 	end
 
+	opts.on('-n', '--numeric', I18n.t('option.numeric')) do
+		options_password[:numeric] = true
+	end
+
 	opts.on('-N', '--no-sync', I18n.t('option.no_sync')) do
 		options[:sync] = false
 	end
 
+	opts.on('-O', '--otp', I18n.t('option.otp')) do
+		options[:otp] = true
+	end
+
 	opts.on('-s', '--show [SEARCH]', I18n.t('option.show')) do |search|
 		search.nil? ? (options[:show]  = '')  : (options[:show] = search)
 	end
@@ -141,15 +147,29 @@ OptionParser.new do |opts|
 	opts.on('-W', '--setup-wallet', I18n.t('option.setup_wallet')) do
 		options[:setup_wallet] = true
 	end
+
+	opts.on('-x', '--special-chars', I18n.t('option.special_chars')) do
+		options_password[:special] = true
+	end
+
+	opts.on('-y', '--alpha', I18n.t('option.alpha')) do
+		options_password[:alpha] = true
+	end
 end.parse!
 
 # --------------------------------------------------------- #
 # Main
 # --------------------------------------------------------- #
 
+# Generate password
+if not options_password.empty?
+	puts MPW::MPW::password(options_password)
+	exit 0
+end
+
 begin
 	config = MPW::Config.new(options[:config])
-	cli    = MPW::Cli.new(config, options[:clipboard], options[:sync])
+	cli    = MPW::Cli.new(config, options[:clipboard], options[:sync], options[:otp])
 		
 	# Setup a new config 
 	if not options[:setup].nil?

data/i18n/en.yml

@@ -37,6 +37,7 @@ en:
 
   option:
     add: "Add an item or key"
+    alpha: "Use letter to generate a password"
     config: "Specify the configuration file to use"
     clipboard: "Disable the clipboard feature"
     export: "Export a wallet in an yaml file"
@@ -49,8 +50,10 @@ en:
     import: "Import item since a yaml file"
     key: "Specify the key name, to use with the options [--add | --delete | --update]"
     no_sync: "Disable synchronization with the server"
+    numeric: "Use number to generate a password"
     setup: "Create a new configuration file" 
     setup_wallet: "Create a new configuration file for a wallet"
+    special_chars: "Use special char to generate a password"
     show: "Search and show the items"
     show_all: "List all items"
     remove: "Delete an item"
@@ -72,11 +75,19 @@ en:
       password: "Enter the the password: "
       port: "Enter the connection port (optional): "
       comment: "Enter a comment (optional): "
+      otp_key: "Enter the otp secret (base32 secret key): "
       valid: "Item has been added!"
     clipboard:
+      choice: "What do you want to copy ? [q = quit, p = password, l = login]: "
       clean: "The clipboard has been cleaned."
-      login: "The login has been copied in clipboard, press any key to continue."
+      login: "The login has been copied in clipboard."
       password: "The password has been copied in clipboard for 30s!"
+      otp: "The OTP code has been copied for %{time}s!"
+      help:
+         name: "Help"
+         login: "Press <l> to copy the login"
+         password: "Press <p> to copy the password"
+         otp_code: "Press <o> to copy the otp code"
     delete_key:
       valid: "Key has been deleted!"
     delete_item:
@@ -125,6 +136,7 @@ en:
       password: "Enter the the password: "
       port: "Enter the connection port [%{port}]: "
       comment: "Enter a comment [%{comment}]: "
+      otp_key: "Enter the otp secret (base32 secret key): "
       valid: "Item has been updated!" 
     export:
       valid: "The export in %{file} is succesfull!"
@@ -136,7 +148,9 @@ en:
     group: "Group"
     login: "Login"
     name: "Name"
+    no_group: "Without group"
     nothing: "No matches!"
+    otp_code: "OTP code"
     password: "Password"
     port: "Port"
     protocol: "Protocol"

data/i18n/fr.yml

@@ -37,6 +37,7 @@ fr:
 
   option:
     add: "Ajoute un élément ou une clé"
+    alpha: "Utilise des lettres dans la génération d'un mot de passe"
     config: "Spécifie le fichier de configuration à utiliser"
     clipboard: "Désactive la fonction presse papier"
     export: "Exporte un portefeuille dans un fichier yaml"
@@ -49,8 +50,10 @@ fr:
     import: "Importe des éléments depuis un fichier yaml"
     key: "Spécifie le nom d'une clé, à utiliser avec les options [--add | --delete | --update]"
     no_sync: "Désactive la synchronisation avec le serveur"
+    numeric: "Utilise des chiffre dans la génération d'un mot de passe"
     setup: "Création d'un nouveau fichier de configuration"
     setup_wallet: "Création d'un nouveau fichier de configuration pour un portefeuille"
+    special_chars: "Utilise des charactères speciaux dans la génération d'un mot de passe"
     show: "Recherche et affiche les éléments"
     show_all: "Liste tous les éléments"
     remove: "Supprime un élément"
@@ -72,11 +75,19 @@ fr:
       password: "Entrez le mot de passe: "
       port: "Entrez le port de connexion (optionnel): "
       comment: "Entrez un commentaire (optionnel): "
+      otp_key: "Entrez le secret OTP: "
       valid: "L'élément a bien été ajouté!"
     clipboard:
+      choice: "Que voulez-vous copier ? : "
       clean: "Le presse papier a été nettoyé."
-      login: "L'identifiant a été copié dans le presse papier, pressez n'importe quelle touche pour continuer."
+      login: "L'identifiant a été copié dans le presse papier"
       password: "Le mot de passe a été copié dans le presse papier pour 30s!"
+      otp: "Le code OTP a été copié dans le presse papier il est valable %{time}s!"
+      help:
+         name: "Aide"
+         login: "Pressez <l> pour copier l'identifiant"
+         password: "Pressez <p> pour copier le mot de passe"
+         otp_code: "Pressez <o> pour copier le code OTP"
     delete_key:
       valid: "La clé a bien été supprimée!"
     delete_item:
@@ -125,6 +136,7 @@ fr:
       password: "Entrez le mot de passe: "
       port: "Entrez un port de connexion [%{port}]: "
       comment: "Entrez un commentaire [%{comment}]: "
+      otp_key: "Entrez le secret OTP: "
       valid: "L'élément a bien été mis à jour!" 
     export:
       valid: "L'export dans %{file} est un succès!"
@@ -136,7 +148,9 @@ fr:
     group: "Groupe"
     login: "Identifiant"
     name: "Nom"
+    no_group: "Sans groupe"
     nothing: "Aucun résultat!"
+    otp_code: "Code OTP"
     password: "Mot de passe"
     port: "Port"
     protocol: "Protocol"

data/lib/mpw/{ui/cli.rb → cli.rb}

@@ -21,10 +21,8 @@ require 'i18n'
 require 'colorize'
 require 'highline/import'
 require 'clipboard'
-
-#TODO
-require "#{APP_ROOT}/../lib/mpw/item.rb"
-require "#{APP_ROOT}/../lib/mpw/mpw.rb"
+require 'mpw/item'
+require 'mpw/mpw'
 
 module MPW
 class Cli
@@ -32,10 +30,13 @@ class Cli
 	# Constructor
 	# @args: config -> the config
 	#        sync -> boolean for sync or not
-	def initialize(config, clipboard=true, sync=true)
+	#        clipboard -> enable clopboard
+	#        otp -> enable otp
+	def initialize(config, clipboard=true, sync=true, otp=false)
 		@config    = config
 		@clipboard = clipboard
 		@sync      = sync
+		@otp       = otp
 	end
 
 	# Create a new config file
@@ -160,7 +161,12 @@ class Cli
 			result.each do |item|
 				if group != item.group
 					group = item.group
-					puts "#{I18n.t('display.group')}: #{group}".yellow
+
+					if group.empty?
+						puts I18n.t('display.no_group').yellow
+					else
+						puts "\n#{group}".yellow
+					end
 				end
 
 				print " |_ ".yellow
@@ -171,6 +177,8 @@ class Cli
 
 				i += 1
 			end
+
+			print "\n"
 			choice = ask(I18n.t('form.select')).to_i
 
 			if choice >= 1 and choice < i 
@@ -197,12 +205,20 @@ class Cli
 		puts  item.protocol
 		print "#{I18n.t('display.login')}: ".cyan
 		puts  item.user
-		print "#{I18n.t('display.password')}: ".cyan
+
 		if @clipboard
+			print "#{I18n.t('display.password')}: ".cyan
 			puts '***********'
 		else
+			print "#{I18n.t('display.password')}: ".cyan
 			puts  @mpw.get_password(item.id)
+
+			if @mpw.get_otp_code(item.id) > 0
+				print "#{I18n.t('display.otp_code')}: ".cyan
+				puts "#{@mpw.get_otp_code(item.id)} (#{@mpw.get_otp_remaining_time}s)"
+			end
 		end
+
 		print "#{I18n.t('display.port')}: ".cyan
 		puts  item.port
 		print "#{I18n.t('display.comment')}: ".cyan
@@ -212,18 +228,51 @@ class Cli
 	end
 
 	# Copy in clipboard the login and password
+	# @args: item -> the item
 	def clipboard(item)
-		Clipboard.copy(item.user)
-		print "\n#{I18n.t('form.clipboard.login')}".green
-		gets
+		pid = nil
+
+		# Security: force quit after 90s
+		Thread.new do
+			sleep 90
+			exit
+		end
+		
+		while true
+			choice = ask(I18n.t('form.clipboard.choice')).to_s
+			
+			case choice
+			when 'q', 'quit'
+				break
+
+			when 'l', 'login'
+				Clipboard.copy(item.user)
+				puts I18n.t('form.clipboard.login').green
 
-		Clipboard.copy(@mpw.get_password(item.id))
-		puts I18n.t('form.clipboard.password').yellow
+			when 'p', 'password'
+				Clipboard.copy(@mpw.get_password(item.id))
+				puts I18n.t('form.clipboard.password').yellow
 
-		sleep(30)
+				Thread.new do
+					sleep 30
+
+					Clipboard.clear
+				end
+
+			when 'o', 'otp'
+				Clipboard.copy(@mpw.get_otp_code(item.id))
+				puts I18n.t('form.clipboard.otp', time: @mpw.get_otp_remaining_time).yellow
+
+			else
+				puts "----- #{I18n.t('form.clipboard.help.name')} -----".cyan
+				puts I18n.t('form.clipboard.help.login')
+				puts I18n.t('form.clipboard.help.password')
+				puts I18n.t('form.clipboard.help.otp_code')
+				next
+			end
+		end
 
 		Clipboard.clear
-		puts I18n.t('form.clipboard.clean').green
 	rescue SystemExit, Interrupt
 		Clipboard.clear
 	end
@@ -254,6 +303,7 @@ class Cli
 					@wallet_file = wallets[choice-1]
 				else
 					puts "#{I18n.t('display.warning')}: #{I18n.t('warning.select')}".yellow
+					exit 2
 				end
 			end
 		else
@@ -301,10 +351,15 @@ class Cli
 		options[:port]     = ask(I18n.t('form.add_item.port')).to_s
 		options[:comment]  = ask(I18n.t('form.add_item.comment')).to_s
 
+		if @otp
+			otp_key = ask(I18n.t('form.add_item.otp_key')).to_s
+		end
+
 		item = Item.new(options)
 
 		@mpw.add(item)
 		@mpw.set_password(item.id, password)
+		@mpw.set_otp_key(item.id, otp_key)
 		@mpw.write_data
 		@mpw.sync(true) if @sync
 
@@ -330,10 +385,15 @@ class Cli
 			options[:port]     = ask(I18n.t('form.update_item.port'    , port:     item.port)).to_s
 			options[:comment]  = ask(I18n.t('form.update_item.comment' , comment:  item.comment)).to_s
 
+			if @otp
+				otp_key = ask(I18n.t('form.update_item.otp_key')).to_s
+			end
+
 			options.delete_if { |k,v| v.empty? }
-				
+
 			item.update(options)
 			@mpw.set_password(item.id, password) if not password.empty?
+			@mpw.set_otp_key(item.id, otp_key)   if not otp_key.to_s.empty?
 			@mpw.write_data
 			@mpw.sync(true) if @sync
 

data/lib/mpw/item.rb

@@ -21,8 +21,6 @@ require 'i18n'
 module MPW
 class Item
 
-	attr_accessor :error_msg
-
 	attr_accessor :id
 	attr_accessor :name
 	attr_accessor :group
@@ -41,8 +39,7 @@ class Item
 	# raise an error if the hash hasn't the key name 
 	def initialize(options={})
 		if not options.has_key?(:name) or options[:name].to_s.empty?
-			@error_msg = I18n.t('error.update.name_empty')
-			raise @error_msg
+			raise I18n.t('error.update.name_empty')
 		end
 
 		if not options.has_key?(:id) or options[:id].to_s.empty? or not options.has_key?(:created) or options[:created].to_s.empty?  
@@ -60,11 +57,9 @@ class Item
 
 	# Update the item
 	# @args: options -> a hash of parameter
-	# @rtrn: true if the item is update
 	def update(options={})
 		if options.has_key?(:name) and options[:name].to_s.empty?
-			@error_msg = I18n.t('error.update.name_empty')
-			return false
+			raise I18n.t('error.update.name_empty')
 		end
 
 		@name      = options[:name]       if options.has_key?(:name)
@@ -75,8 +70,6 @@ class Item
 		@port      = options[:port].to_i  if options.has_key?(:port) and not options[:port].to_s.empty?
 		@comment   = options[:comment]    if options.has_key?(:comment)
 		@last_edit = Time.now.to_i        if not options.has_key?(:no_update_last_edit)
-
-		return true
 	end
 
 	# Update last_sync
@@ -85,7 +78,6 @@ class Item
 	end
 
 	# Delete all data
-	# @rtrn: true
 	def delete
 		@id        = nil
 		@name      = nil
@@ -98,8 +90,6 @@ class Item
 		@created   = nil
 		@last_edit = nil
 		@last_sync = nil
-
-		return true
 	end
 
 	def empty?

data/lib/mpw/mpw.rb

@@ -20,9 +20,8 @@ require 'rubygems/package'
 require 'gpgme'
 require 'i18n'
 require 'yaml'
-
-#TODO
-require "#{APP_ROOT}/../lib/mpw/item.rb"
+require 'rotp'
+require 'mpw/item'
 	
 module MPW
 class MPW
@@ -45,6 +44,7 @@ class MPW
 		@data      = []
 		@keys      = {}
 		@passwords = {}
+		@otp_keys  = {}
 
 		data       = nil
 
@@ -70,6 +70,10 @@ class MPW
 
 					when /^wallet\/passwords\/(?<id>[a-zA-Z0-9]+)\.gpg$/
 						@passwords[Regexp.last_match('id')] = f.read
+
+					when /^wallet\/otp_keys\/(?<id>[a-zA-Z0-9]+)\.gpg$/
+						@otp_keys[Regexp.last_match('id')] = f.read
+
 					else
 						next
 				end
@@ -120,6 +124,8 @@ class MPW
 			           )
 		end
 
+		@config['last_update'] = Time.now.to_i
+
 		Gem::Package::TarWriter.new(File.open(tmp_file, 'w+')) do |tar|
 			data_encrypt = encrypt(data.to_yaml)
 			tar.add_file_simple('wallet/meta.gpg', 0400, data_encrypt.length) do |io|
@@ -137,6 +143,12 @@ class MPW
 				end
 			end
 
+			@otp_keys.each do |id, key|
+				tar.add_file_simple("wallet/otp_keys/#{id}.gpg", 0400, key.length) do |io|
+					io.write(key)
+				end
+			end
+
 			@keys.each do |id, key|
 				tar.add_file_simple("wallet/keys/#{id}.pub", 0400, key.length) do |io|
 					io.write(key)
@@ -167,7 +179,7 @@ class MPW
 	# args: id -> the item id
 	#       password -> the new password
 	def set_password(id, password)
-		salt     = MPW::password(Random.rand(4..9))
+		salt     = MPW::password(length: Random.rand(4..9))
 		password = "$#{salt}::#{password}"
 
 		@passwords[id] = encrypt(password)
@@ -319,13 +331,13 @@ class MPW
 	# @args: force -> force the sync
 	def sync(force=false)
 		return if @config.empty? or @config['sync']['type'].to_s.empty?
-		return if get_last_sync < Time.now.to_i + 300 and not force
-		
+		return if get_last_sync + 300 > Time.now.to_i and not force
+
 		tmp_file  = "#{@wallet_file}.sync"
 		
 		case @config['sync']['type']
 		when 'sftp', 'scp', 'ssh'
-			require "#{APP_ROOT}/../lib/mpw/sync/ssh.rb"
+			require "mpw/sync/ssh"
 			sync = SyncSSH.new(@config['sync'])
 		when 'ftp'
 			require 'mpw/sync/ftp'
@@ -342,7 +354,7 @@ class MPW
 
 		File.unlink(tmp_file) if File.exist?(tmp_file)
 
-		return if remote.get_last_sync == get_last_sync
+		return if remote.get_last_sync == @config['last_update']
 
 		if not remote.to_s.empty?
 			@data.each do |item|
@@ -413,22 +425,54 @@ class MPW
 		raise "#{I18n.t('error.sync.general')}\n#{e}"
 	end
 
+	# Set an opt key
+	# args: id -> the item id
+	#       key -> the new key
+	def set_otp_key(id, key)
+		@otp_keys[id] = encrypt(key)
+	end
+
+	# Get an otp code
+	# @args: id -> the item id
+	# @rtrn: an otp code
+	def	get_otp_code(id)
+		if not @otp_keys.has_key?(id)
+			return 0
+		else
+			return ROTP::TOTP.new(decrypt(@otp_keys[id])).now
+		end
+	end
+
+	# Get remaining time before expire otp code
+	# @rtrn: return time in seconde
+	def get_otp_remaining_time
+		return (Time.now.utc.to_i / 30 + 1) * 30 - Time.now.utc.to_i
+	end
+
 	# Generate a random password
-	# @args: length -> the length password
+	# @args: options -> :length, :special, :alpha, :numeric
 	# @rtrn: a random string
-	def self.password(length=8)
-		if length.to_i <= 0
+	def self.password(options={})
+		if not options.include?(:length) or options[:length].to_i <= 0
 			length = 8
+		elsif options[:length].to_i >= 32768
+			length = 32768
 		else
-			length = length.to_i
+			length = options[:length].to_i
 		end
 
+		chars = []
+		chars += [*('!'..'?')] - [*('0'..'9')]        if options.include?(:special)
+		chars += [*('A'..'Z'),*('a'..'z')]            if options.include?(:alpha)
+		chars += [*('0'..'9')]                        if options.include?(:numeric)
+		chars = [*('A'..'Z'),*('a'..'z'),*('0'..'9')] if chars.empty?
+
 		result = ''
 		while length > 62 do
-			result << ([*('A'..'Z'),*('a'..'z'),*('0'..'9')]).sample(62).join
+			result << chars.sample(62).join
 			length -= 62
 		end
-		result << ([*('A'..'Z'),*('a'..'z'),*('0'..'9')]).sample(length).join
+		result << chars.sample(length).join
 
 		return result
 	end

data/mpw.gemspec

@@ -25,4 +25,5 @@ Gem::Specification.new do |spec|
   spec.add_dependency "net-ssh"
   spec.add_dependency "net-scp"
   spec.add_dependency "clipboard"
+  spec.add_dependency "rotp"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: mpw
 version: !ruby/object:Gem::Version
-  version: 3.1.0
+  version: 3.2.0
 platform: ruby
 authors:
 - Adrien Waksberg
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-07-09 00:00:00.000000000 Z
+date: 2016-08-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: i18n
@@ -122,6 +122,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: rotp
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Manage your passwords in all security with MPW, we use GPG to encrypt
   your passwords
 email:
@@ -140,12 +154,12 @@ files:
 - bin/mpw
 - i18n/en.yml
 - i18n/fr.yml
+- lib/mpw/cli.rb
 - lib/mpw/config.rb
 - lib/mpw/item.rb
 - lib/mpw/mpw.rb
 - lib/mpw/sync/ftp.rb
 - lib/mpw/sync/ssh.rb
-- lib/mpw/ui/cli.rb
 - mpw.gemspec
 - test/files/fixtures.yml
 - test/files/test_import.csv