passw3rd 0.0.11 → 0.1.0

data/History.txt

@@ -1,3 +1,10 @@
+=== 0.1.0 / 2011-10-31
+
+Finally some real life support
+* Defaults to aes-256 for regulatory compliance (Thanks Edward Bonver)
+* loads URIs, so password files can live anywhere (Thanks Ben Duong)
+* Internals: code cleanup (Thanks @xternal), guard + test::unit + rspec love, better configuration options (thanks again @xternal)
+
 === 0.0.11 / 2011-10-12
 
 Keys/ivs were being written as arrays, broke openssl command line compatibility:

data/lib/passw3rd/key_loader.rb

@@ -7,7 +7,7 @@ module Passw3rd
 
     def self.load(path=nil) 
       if path.nil?
-        path = ENV['HOME']
+        path = ::Passw3rd::PasswordService.key_file_dir
       end
 
       begin
@@ -29,7 +29,8 @@ module Passw3rd
         path = ENV['HOME']
       end    
 
-      cipher = OpenSSL::Cipher::Cipher.new('aes-128-cbc')
+      # d'oh!
+      cipher = OpenSSL::Cipher::Cipher.new(::Passw3rd::PasswordService.cipher_name)
       iv = cipher.random_iv
       key = cipher.random_key
 

data/lib/passw3rd/password_service.rb

@@ -1,37 +1,46 @@
+require 'open-uri'
+
 module Passw3rd
   class PasswordService
-    @@password_file_dir = ENV["HOME"]
-    @@key_file_dir = ENV["HOME"]
+    class << self
+      attr_writer :password_file_dir
+      def password_file_dir
+        @password_file_dir || ENV.fetch("HOME")
+      end
 
-    def self.password_file_dir= dir
-      @@password_file_dir = dir
+      attr_writer :key_file_dir
+      def key_file_dir
+        @key_file_dir || ENV.fetch("HOME")
+      end
+
+      attr_writer :cipher_name
+      def cipher_name
+        @cipher_name || 'aes-256-cbc'
+      end
     end
 
-    def self.key_file_dir= dir
-      @@key_file_dir = dir
-    end    
+    def self.configure(&block)
+      instance_eval &block
+    end
 
-    def self.get_password (password_file, key_path=nil)
-      encoded_password = Base64.decode64(IO.readlines(File.join(@@password_file_dir, password_file)).join)
-      PasswordService.decrypt(encoded_password, key_path || @@key_file_dir)
+    def self.get_password (password_file, key_path = key_file_dir)
+      uri = _parse_uri(password_file)
+      encoded_password = Base64.decode64(open(uri.to_s) { |f| f.read })
+      decrypt(encoded_password, key_path)
     end
 
-    def self.write_password_file(password, output_path, key_path = nil)
-      enc_password = PasswordService.encrypt(password, key_path || @@key_file_dir)
+    def self.write_password_file(password, output_path, key_path = key_file_dir)
+      enc_password = encrypt(password, key_path)
       base64pw = Base64.encode64(enc_password) 
-      path = File.join(@@password_file_dir, output_path)
-      File.open(path, 'w') { |f| f.write base64pw }
+      path = File.join(password_file_dir, output_path)
+      open(path, 'w') { |f| f.write base64pw }
       path
     end
 
-    def self.encrypt(password, key_path = nil)
-      raise "password cannot be blank" if password.empty?
+    def self.encrypt(password, key_path = key_file_dir)
+      raise ArgumentError, "password cannot be blank" if password.to_s.empty?
 
-      pair = KeyLoader.load(key_path || @@key_file_dir)
-      cipher = OpenSSL::Cipher::Cipher.new('aes-128-cbc')
-      cipher.encrypt
-      cipher.key = pair.key
-      cipher.iv = pair.iv
+      cipher = cipher_setup(:encrypt, key_path)
       begin
         e = cipher.update(password)
         e << cipher.final
@@ -41,19 +50,34 @@ module Passw3rd
       end
     end
 
-    def self.decrypt(cipher_text, key_path = nil)
-      pair = KeyLoader.load(key_path || @@key_file_dir)
-      cipher = OpenSSL::Cipher::Cipher.new('aes-128-cbc')
-      cipher.decrypt
-      cipher.key = pair.key
-      cipher.iv = pair.iv
+    def self.decrypt(cipher_text, key_path = key_file_dir)
+      cipher = cipher_setup(:decrypt, key_path)
       begin
         d = cipher.update(cipher_text)
         d << cipher.final
       rescue OpenSSL::Cipher::CipherError => err
-        puts "Coudln't decrypt password.  Are you using the right keys?"
+        puts "Couldn't decrypt password.  Are you using the right keys?"
         raise err
       end
     end
+
+    protected
+
+    def self.cipher_setup(method, key_path)
+      pair = KeyLoader.load(key_path)
+      cipher = OpenSSL::Cipher::Cipher.new(cipher_name)
+      cipher.send(method)
+      cipher.key = pair.key
+      cipher.iv = pair.iv
+      cipher
+    end
+    
+    def self._parse_uri password_file
+      unless (password_file =~ URI::regexp(['ftp', 'http', 'https', 'file'])).nil?
+        URI.parse(password_file)
+      else
+        File.join(password_file_dir, password_file)
+      end
+    end
   end
 end

data/lib/passw3rd/version.rb

@@ -1,3 +1,3 @@
 module Passw3rd
-  Version = VERSION = '0.0.11'
+  Version = VERSION = '0.1.0'
 end

data/spec/config_spec.rb

@@ -0,0 +1,3 @@
+describe "Config" do
+  it "does stuff"
+end

data/spec/password_service_spec.rb

@@ -0,0 +1,14 @@
+require 'spec_helper'
+
+describe ::Passw3rd::PasswordService do 
+  describe "#_parse_uri" do
+    it "detects uris" do
+      ::Passw3rd::PasswordService._parse_uri("http://example.com").should be_is_a URI::HTTP
+    end
+
+    it "falls back to a file path" do
+      URI.should_not_receive(:parse)
+      ::Passw3rd::PasswordService._parse_uri("/some/file/some/where/over/the/rainbow").should be_is_a String
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1 @@
+require 'passw3rd'

data/test/password_service_test.rb

@@ -11,6 +11,7 @@ class PasswordServiceTest < Test::Unit::TestCase
 
     ::Passw3rd::KeyLoader.create_key_iv_file(Dir.tmpdir)
     ::Passw3rd::PasswordService.key_file_dir = Dir.tmpdir    
+    ::Passw3rd::PasswordService.cipher_name = 'aes-256-cbc'
   end
   
   def test_enc_dec
@@ -20,6 +21,14 @@ class PasswordServiceTest < Test::Unit::TestCase
     assert_equal(@random_string, dec)
   end
 
+  def test_enc_raise_on_blank_password
+    assert_raise(ArgumentError) { ::Passw3rd::PasswordService.encrypt("") }
+  end
+
+  def test_enc_raise_on_nil_password
+    assert_raise(ArgumentError) { ::Passw3rd::PasswordService.encrypt(nil) }
+  end
+
   def test_set_and_get_password
     password_file = ::Passw3rd::PasswordService.write_password_file(@random_string, "test")
     decrypted = Passw3rd::PasswordService.get_password("test")
@@ -33,6 +42,15 @@ class PasswordServiceTest < Test::Unit::TestCase
     decrypted = Passw3rd::PasswordService.get_password("test2")
     assert_equal(@random_string, decrypted)
   end  
+
+  def test_configure_with_block
+    Passw3rd::PasswordService.configure do |c|
+      c.password_file_dir = "/tmp/"
+      c.cipher_name = "aes-256-cbc"
+    end
+    assert_equal(Passw3rd::PasswordService.password_file_dir, "/tmp/")
+    assert_equal(Passw3rd::PasswordService.cipher_name, "aes-256-cbc")
+  end
   
   def test_gen_key
     enc = ::Passw3rd::PasswordService.encrypt(@random_string)
@@ -44,4 +62,4 @@ class PasswordServiceTest < Test::Unit::TestCase
   def sudorandumb
     Digest::SHA1.hexdigest(Time.now.to_s.split(//).sort_by{rand}.join)
   end
-end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: passw3rd
 version: !ruby/object:Gem::Version
-  version: 0.0.11
+  version: 0.1.0
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2011-10-13 00:00:00.000000000Z
+date: 2011-10-31 00:00:00.000000000Z
 dependencies: []
 description: Generate a key/iv file, generate passwords, and store encrypted files
   in source control, keep the key/iv safe!
@@ -31,6 +31,9 @@ files:
 - lib/passw3rd.rb
 - bin/passw3rd
 - test/password_service_test.rb
+- spec/config_spec.rb
+- spec/password_service_spec.rb
+- spec/spec_helper.rb
 homepage: https://github.com/oreoshake/passw3rd
 licenses: []
 post_install_message: