passbox 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 04ac7ed6574fa1f0647f44dc8f19d522cd668c35ab1b0bc680c4af28f724fb7d
4
+ data.tar.gz: c21638c4eb47791c5e39fa682a30083744307670a9046101ccfdb515374329b5
5
+ SHA512:
6
+ metadata.gz: 595b8fdff85d782828e65731955a03524be9a45e178befc0559bb06b2b68b9c39ea4602a201072e81a105d7110e659b933b34fc426f54fa519a1d590e9bd8423
7
+ data.tar.gz: a43ac4ec10eada49313a1ae5b77c553cd49c970475dd5df494bda03bdf288804216dc8fabbc35f386e9a6f2455840ef9ec7250f5f603f87aa51bc5b614296fe9
data/LICENSE ADDED
File without changes
@@ -0,0 +1,95 @@
1
+ # passbox
2
+
3
+ A Ruby based minimalistic offline cli password manager using strong AES encryption.
4
+
5
+ ## Table of Contents
6
+ - [1. Introduction](#introduction)
7
+ - [2. Installation](#install)
8
+ - [3. Usage](#usage)
9
+ - [3a. Initial Setup](#init)
10
+ - [3b. Add a new password](#add)
11
+ - [3c. Read an existing password](#read)
12
+ - [3d. Update an existing password](#update)
13
+ - [3e. Delete an existing account](#delete)
14
+ - [3f. List all available accounts](#list)
15
+ - [Contributing](#contributing)
16
+ - [Issues](#issues)
17
+
18
+
19
+ ## <a name="introduction"></a> 1. Introduction
20
+ Passbox is a Ruby based cli password manager which uses strong AES encryption and is completely offline.
21
+
22
+ I had initially created this little password manager utility for my personal use and one fine day a few colleagues saw it, liked it and suggested to share it with them and here it is, so yeah, its pretty minimalistic but gets the job done and that too securely.
23
+
24
+ If you feel you can improve passbox, feel free to drop in your suggestions or even better, fork it and start contributing.
25
+
26
+ Note: I wouldn't say its uncrackable as nothing in the world is.
27
+
28
+
29
+ ## <a name="install"></a> 2. Installation
30
+ Passbox currently only supports Linux/MacOS based envvrionments.
31
+ As its a ruby based, it needs a working installation of Ruby version 2 and above installed as a pre-requisite.
32
+ It can be installed as just any other gem.
33
+
34
+ ``` gem install passbox ```
35
+
36
+
37
+ ## <a name="usage"></a> 3. Usage
38
+ As mentioned above, passbox is a cli based utility. Below are few basic functions which you can perform.
39
+
40
+ ### <a name="init"></a> 3a. Initial Setup
41
+ Before starting, you need to setup the passbox utility which will include creating a base directory and creating your master password.
42
+ This can be easily done using the init command as follows:
43
+
44
+ ``` passbox init ```
45
+
46
+ This will ask you create a master password, its recommended you create this one time master password really complex and more than 10 characters to make it really difficult to brute force.
47
+
48
+ ### <a name="add"></a> 3b. Add a new password
49
+ Once passbox is setup, you can start adding password. It can be done using the create command which can be used as follows:
50
+
51
+ ``` passbox add ```
52
+
53
+ This command will ask you 3 questions:
54
+ - first to enter your account name (no special charaters)
55
+ - eg twitter, facebook etc
56
+ - second to enter your account username
57
+ - last to enter your password
58
+
59
+ ### <a name="read"></a> 3c. Read an existing password
60
+ Once you have saved your password, you can view them as and when needed, authenticating using your master password and entering your account name of the password you want to view, as follows :
61
+
62
+ ``` passbox read ```
63
+
64
+ This command will ask you 2 questions:
65
+ - to enter you account name for which you want to view the password.
66
+ - to enter you master password for authentication purposes.
67
+
68
+ ### <a name="update"></a> 3d. Update an existing password
69
+ You can update your account details (username and password) when needed, authenticating using your master password and entering your account name you need to update :
70
+
71
+ ``` passbox update ```
72
+
73
+ This command will ask you 4 questions:
74
+ - First to enter you account name for which you want to update the password.
75
+ - Next, to enter you master password for authentication purposes.
76
+ - Then to enter your new updated account username
77
+ - Last to enter your new updated password
78
+
79
+ ### <a name="delete"></a> 3e. Delete an existing account
80
+ You can delete an existing account, if you do not need it anymore. It can be done using the delete command and does not require any kind of authentication.
81
+
82
+ ``` passbox delete ```
83
+
84
+ This command will only ask you the account name to delete.
85
+
86
+ ### <a name="list"></a> 3f. List all available accounts
87
+ You can list all accounts you have using the following command without any authentication required.
88
+
89
+ ``` passbox list ```
90
+
91
+ ## <a name="contributing"></a> 4. Contributing
92
+ Ideas and suggestions are always always most welcome. Please fork this code and feel free to add any updates, suggestions etc and create a pull request.
93
+
94
+ ## <a name="issues"></a> 5. Issues
95
+ If you face any problem related to syntax, usability, documentation then please raise an [issues](https://github.com/krupani/passbox/issues) . Please note to add in detailed description of the issue you are facing.
@@ -0,0 +1,68 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require 'passbox'
4
+
5
+ def print_help
6
+ puts <<HELP
7
+
8
+ Usage: passbox <command>
9
+
10
+ Commands
11
+
12
+ version : Prints the version of passbox
13
+ currently installed.
14
+ Usage: passbox --version | passbox -v
15
+
16
+ help : Prints help information
17
+ (No authentication required.)
18
+
19
+ init : Helps setup a passbox store and
20
+ setup a master password.
21
+
22
+ list : Lists all the accounts present
23
+ in passbox.
24
+ (No authentication required.)
25
+
26
+ add : add a new account with username and
27
+ password into passbox.
28
+ (Authentication required.)
29
+
30
+ read : read username and password from an
31
+ existing account present in passbox.
32
+ (Authentication required.)
33
+
34
+ update : update username and password in an
35
+ existing account present in passbox.
36
+ (Authentication required.)
37
+
38
+ delete : delete an account from passbox.
39
+ (Authentication required.)
40
+
41
+ HELP
42
+ end
43
+
44
+ if ARGV.length == 0
45
+ print_help
46
+ else
47
+ cmd = ARGV.shift
48
+ case(cmd.downcase)
49
+ when "help", "--help", "-h"
50
+ print_help
51
+ when 'version', '--version', '-v'
52
+ puts File.read(File.expand_path("../../lib/passbox/version", __FILE__))
53
+ when "init"
54
+ init
55
+ when "add"
56
+ create_pass
57
+ when "read"
58
+ read_pass
59
+ when "update"
60
+ update_pass
61
+ when "delete"
62
+ delete_pass
63
+ when "list"
64
+ list_of_accounts
65
+ else
66
+ puts "Invalid Command. Enter 'passbox help' to show usage"
67
+ end
68
+ end
@@ -0,0 +1,5 @@
1
+ require 'passbox/aes'
2
+ require 'passbox/auth'
3
+ require 'passbox/init'
4
+ require 'passbox/crud'
5
+ include Passbox
@@ -0,0 +1,27 @@
1
+ module Passbox
2
+ require 'openssl'
3
+ def encrypt(data, key, file)
4
+ cipher = OpenSSL::Cipher::AES256.new(:CTR)
5
+ cipher.encrypt
6
+ $iv = cipher.random_iv
7
+ cipher.key = key[0..31]
8
+ encrypted_data = $iv + cipher.update(data) + cipher.final
9
+ file = File.open(file, 'wb')
10
+ file.write(encrypted_data)
11
+ file.close
12
+ end
13
+
14
+ def decrypt(datafile, key)
15
+ file = File.open(datafile, 'rb')
16
+ data = file.read
17
+ file.close
18
+ decipher = OpenSSL::Cipher::AES256.new(:CTR)
19
+ decipher.decrypt
20
+ decipher.iv = data[0..15]
21
+ data = data[16..]
22
+ decipher.key = key[0..31]
23
+ decrypted_data = decipher.update(data) + decipher.final
24
+ return decrypted_data
25
+ end
26
+
27
+ end
@@ -0,0 +1,52 @@
1
+ module Passbox
2
+ require 'io/console'
3
+ require 'digest'
4
+
5
+ def get_password_from_user(action=:account)
6
+ if (action == :account)
7
+ print "Please enter your account password: "
8
+ return password_input(action)
9
+ elsif (action == :master)
10
+ while(true)
11
+ print "Please create your master password (min 8 chars): "
12
+ pass256 = password_input(action)
13
+ return pass256 if pass256;
14
+ end
15
+ elsif (action == :auth)
16
+ print "Please enter your master password: "
17
+ return password_input(action)
18
+ end
19
+ end
20
+
21
+ def password_input(action)
22
+ pass = STDIN.noecho(&:gets).chomp
23
+ if (pass.length < 8 && action != :account)
24
+ if (action == :master)
25
+ print "\nPassword should be minimum 8 characters, try again!!\n"
26
+ return false
27
+ elsif (action == :auth)
28
+ print "\nInvalid Password!!\n"
29
+ exit(0)
30
+ end
31
+ elsif (action == :account)
32
+ print("\n")
33
+ return pass
34
+ else
35
+ print("\n")
36
+ return Digest::SHA256.hexdigest(pass)
37
+ end
38
+ end
39
+
40
+ def passbox_auth
41
+ pass256User = get_password_from_user(:auth)
42
+ pass256File = decrypt($passfile, pass256User)
43
+ if pass256File == pass256User
44
+ print("Authentication Successful!!\n")
45
+ return pass256File
46
+ else
47
+ print("Authentication Failed!!\n")
48
+ return false
49
+ end
50
+ end
51
+
52
+ end
@@ -0,0 +1,77 @@
1
+ module Passbox
2
+ require 'json'
3
+
4
+ def verify_account
5
+ print "Please enter you account name (case-sensitive): "
6
+ acc = gets.chomp
7
+ if (!File.exists?("#{$pbdir}/#{acc}.pb"))
8
+ print "Account not found, Use 'passbox list' to see all your existing accounts.\n"
9
+ exit(0)
10
+ end
11
+ return acc
12
+ end
13
+
14
+ def creds(acc, key)
15
+ print "Please enter in your account username: "
16
+ uname = gets.chomp
17
+ pass = get_password_from_user(:account)
18
+ hash = {:username => uname, :password => pass}
19
+ json = hash.to_json
20
+ encrypt(json, key, "#{$pbdir}/#{acc}.pb")
21
+ end
22
+
23
+ def create_pass
24
+ check_passbox
25
+ key = passbox_auth
26
+ if key
27
+ while(true)
28
+ print "\nEnter you account name (alphabets/numbers only): "
29
+ acc = gets.chomp.downcase
30
+ if (acc.count("a-z0-9") == acc.length)
31
+ break
32
+ else
33
+ "\nAccount name can only have Alphabets and Numbers (no special characters), try again!!"
34
+ end
35
+ end
36
+ end
37
+ creds(acc,key)
38
+ print "Account #{acc} has been successfully created!! \n"
39
+ end
40
+
41
+ def read_pass
42
+ check_passbox
43
+ acc=verify_account
44
+ key = passbox_auth
45
+ if key
46
+ data = JSON.parse(decrypt("#{$pbdir}/#{acc}.pb", key))
47
+ print "username : #{data['username']}\n"
48
+ print "password : #{data['password']}\n"
49
+ end
50
+ end
51
+
52
+ def update_pass
53
+ check_passbox
54
+ acc=verify_account
55
+ key = passbox_auth
56
+ creds(acc,key)
57
+ print "Account details has been successfully updated!! \n"
58
+ end
59
+
60
+ def delete_pass
61
+ check_passbox
62
+ acc = verify_account
63
+ if key
64
+ File.delete("#{$pbdir}/#{acc}.pb")
65
+ print("\nAccount #{acc} has been deleted!!")
66
+ end
67
+ end
68
+
69
+ def list_of_accounts
70
+ check_passbox
71
+ files_ext = Dir["#{$pbdir}/*.pb"]
72
+ files_ext.each_with_index do |file,i|
73
+ print "#{i+1}. #{file.split('/').last.split('.').first}\n"
74
+ end
75
+ end
76
+
77
+ end
@@ -0,0 +1,30 @@
1
+
2
+ module Passbox
3
+ homedir = Dir.home
4
+ $pbdir = homedir+"/.passbox"
5
+ $passfile = $pbdir+"/pass.mp"
6
+
7
+ def init
8
+ pass256=""
9
+
10
+ if (Dir.exists?($pbdir))
11
+ if(File.exists?($passfile))
12
+ print "Your passbox is already setup. Please type 'passbox help' to see usage.\n"
13
+ return
14
+ else
15
+ pass256 = get_password_from_user(:master)
16
+ end
17
+ else
18
+ pass256 = get_password_from_user(:master)
19
+ Dir.mkdir($pbdir)
20
+ end
21
+ encrypt(pass256, pass256, $passfile)
22
+ end
23
+
24
+ def check_passbox
25
+ if !File.exists?($passfile)
26
+ print "Passbox is not setup, please start with 'passbox init' command to start using passbox\n"
27
+ end
28
+ end
29
+
30
+ end
@@ -0,0 +1 @@
1
+ 1.0.0
metadata ADDED
@@ -0,0 +1,53 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: passbox
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.0.0
5
+ platform: ruby
6
+ authors:
7
+ - Kaushal Rupani
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2020-08-26 00:00:00.000000000 Z
12
+ dependencies: []
13
+ description: A gem to store and manage password offline, encrypted using AES 256 strong
14
+ encryption.
15
+ email: kushrupani@live.com
16
+ executables:
17
+ - passbox
18
+ extensions: []
19
+ extra_rdoc_files: []
20
+ files:
21
+ - LICENSE
22
+ - README.md
23
+ - bin/passbox
24
+ - lib/passbox.rb
25
+ - lib/passbox/aes.rb
26
+ - lib/passbox/auth.rb
27
+ - lib/passbox/crud.rb
28
+ - lib/passbox/init.rb
29
+ - lib/passbox/version
30
+ homepage: https://github.com/krupani/passbox
31
+ licenses:
32
+ - MIT
33
+ metadata: {}
34
+ post_install_message:
35
+ rdoc_options: []
36
+ require_paths:
37
+ - lib
38
+ required_ruby_version: !ruby/object:Gem::Requirement
39
+ requirements:
40
+ - - "~>"
41
+ - !ruby/object:Gem::Version
42
+ version: '2'
43
+ required_rubygems_version: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ requirements: []
49
+ rubygems_version: 3.1.2
50
+ signing_key:
51
+ specification_version: 4
52
+ summary: 'PassBox gem : AES encrypted offline password manager'
53
+ test_files: []