RubyGems - passw3rd - Versions diffs - 0.0.5 → 0.0.6 - Mend

passw3rd 0.0.5 → 0.0.6

Files changed (12) hide show

data/EXAMPLES +67 -0
data/History.txt +10 -0
data/LICENSE +18 -6
data/README.md +41 -0
data/bin/passw3rd +1 -1
data/lib/passw3rd/password_client.rb +25 -18
data/lib/passw3rd/password_service.rb +18 -13
data/lib/passw3rd/version.rb +1 -1
data/lib/passw3rd.rb +0 -1
data/test/{test_password_service.rb → password_service_test.rb} +15 -0
metadata +25 -41
data/README +0 -27

data/EXAMPLES ADDED Viewed

@@ -0,0 +1,67 @@
+------------------------------------------------------------------------------
+Command line use
+------------------------------------------------------------------------------
+Generate key/iv in ~/ by default
+passw3rd -k
+Create a password file
+passw3rd -e 'foobar_app'
+Enter password:
+Read a password file
+passw3rd -d 'foobar_app'
+> "Your password"
+------------------------------------------------------------------------------
+Manual JDBC Connection
+------------------------------------------------------------------------------
+Before:
+Datasource ds = new Datasource();
+ds.setPassword("suparSekret");
+After:
+Datasource ds = new Datasource();
+ds.setPassword(PasswordService.getPassword(USER);
+------------------------------------------------------------------------------
+Java properties file
+------------------------------------------------------------------------------
+Before:
+password=suparSekret
+After:
+password=${password}
+------------------------------------------------------------------------------
+Ruby on Rails config/database.yml
+------------------------------------------------------------------------------
+Before:
+development:
+  adapter: mysql
+  database: rails_development
+  username: root
+  password: my super secret password
+After:
+development:
+  adapter: mysql
+  database: rails_development
+  username: root
+  password: <%= PasswordService.get_password('foobar_app') -%>

data/History.txt ADDED Viewed

@@ -0,0 +1,10 @@
+=== 0.6.0 / 2011-10-02
+Added custom password directories, more tests.  Some code cleanup.  Java version maven site generation.
+=== 0.1.0 / 2010-06-07
+* 1 major enhancement
+  * Adding ruby gem packaging

data/LICENSE CHANGED Viewed

@@ -1,10 +1,22 @@
-Open Source Initiative OSI - The MIT License (MIT):Licensing
+The MIT License
-The MIT License (MIT)
-Copyright (c) 2011 YELLOWPAGES.COM LLC
+Copyright (c) 2010 YELLOWPAGES.COM LLC
-Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
-The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md ADDED Viewed

@@ -0,0 +1,41 @@
+![Build status](/https://secure.travis-ci.org/oreoshake/passw3rd.png)
+------------------------------------------------------------------------------
+Introduction
+------------------------------------------------------------------------------
+This is a collection of encryption libraries intended to encrypt and store
+passwords outside of source code.
+Some advantages of keeping credentials out of source code are:
+1. Credentials are not passed around when source code is shared.
+2. Unintentional exposure of source code does not reveal credentials.
+3. Read-access to source code can be much more permissive.
+4. Source code can be checked into version control systems without concern
+   for exposure of credentials.
+5. It is easier to change credentials without having to worry about changing
+   all instances.
+6. Leaving credentials in source code leads to poor password management in
+   general. If changing a credential requires you to change code, you are less
+   likely to want to do it.
+------------------------------------------------------------------------------
+Status
+------------------------------------------------------------------------------
+This project is IN PROGRESS. All features and functionality are not working yet.
+------------------------------------------------------------------------------
+License
+------------------------------------------------------------------------------
+License: MIT (see LICENSE file)
+------------------------------------------------------------------------------
+Credits
+------------------------------------------------------------------------------
+Copyright 2010, YELLOWPAGES.COM LLC
+Development by Neil Matatall <neil.matatall@gmail.com>

data/bin/passw3rd CHANGED Viewed

@@ -1,5 +1,5 @@
 #!/usr/bin/env ruby -w
 require File.expand_path('../../lib/passw3rd',  __FILE__)
-# require File.expand_path('../../lib/passw3rd/password_client.rb',  __FILE__)
+require File.expand_path('../../lib/passw3rd/password_client.rb',  __FILE__)

data/lib/passw3rd/password_client.rb CHANGED Viewed

@@ -4,27 +4,40 @@ require 'optparse'
 module Passw3rd
   class PasswordClient
-    #  def self.run argv = ARGV
     password_file = nil
-    output_path = nil
     gen_key_path = nil
     key_path = nil
+    password_dir = nil
+    mode = nil
     opts = OptionParser.new
     opts.banner = 'Usage: password_client [options]'
     opts.on('-d', '--decrypt PATH_TO_PASSWORD', 'Path to password file') do |opt|
       password_file = opt
+      mode = "decrypt"
     end
-    opts.on('-e', '--encrypt OUTPUT_PATH', 'Write the password to this location') do |opt|
-      output_path = opt
+    opts.on('-e', '--encrypt PASSWORD_FILE', 'Write the password to this location') do |opt|
+      password_file = opt
+      mode = "encrypt"
     end
-    opts.on('-p', '--key-path KEY_PATH', 'Use the keys specificed in this directory for encryption or decryption') do |opt|
+    opts.on('-k', '--key-dir KEY_PATH', 'Use the keys specificed in this directory for encryption or decryption (default is ~/)') do |opt|
       key_path = opt
       if !File.directory?(File.expand_path(key_path))
         raise "#{opt} must be a directory"
       end
     end
-    opts.on('-k', '--generate-key [PATH]', 'generate key/iv and store in PATH, defaults to the home directory') do |opt|
+    opts.on('-p', '--password-dir PATH', 'Read and write password files to this directory (default is ~/)') do |opt|
+      password_dir = opt
+      if !File.directory?(File.expand_path(password_dir))
+        raise "#{password_dir} must be a directory"
+      end
+    end
+    opts.on('-g', '--generate-key [PATH]', 'generate key/iv and store in PATH, defaults to the home directory') do |opt|
       gen_key_path = opt
       if gen_key_path.nil?
         gen_key_path = ENV["HOME"]
@@ -47,20 +60,14 @@ module Passw3rd
       puts "generated keys in #{gen_key_path}"
     end
-    # default the key directory to the users home, can also be specified by -p [path]
-    if key_path.nil?
-      key_path = ENV["HOME"]
-    end
     # decrypt password_file using the key/IV in key_path
-    if password_file
-      decrypted = Passw3rd::PasswordService.getPassword(password_file, key_path)
-      puts("The password is: #{decrypted}")
+    if mode == "decrypt"
+      decrypted = Passw3rd::PasswordService.get_password(password_file, key_path)
+      puts "The password is: #{decrypted}"
     end
     # encrypt password, store it in output path
-    if output_path
+    if mode == "encrypt"
       begin
         system 'stty -echo'
         print "Enter the password: "
@@ -69,8 +76,8 @@ module Passw3rd
         system 'stty echo; echo ""'
       end
-      Passw3rd::PasswordService.write_password_file(password, output_path, key_path)
-      puts "Wrote password to #{output_path}"
+      file = Passw3rd::PasswordService.write_password_file(password, password_file, key_path)
+      puts "Wrote password to #{file}"
     end
   end
 end

data/lib/passw3rd/password_service.rb CHANGED Viewed

@@ -1,20 +1,27 @@
 module Passw3rd
   class PasswordService
-    VERSION = '0.1.0'
+    @@password_file_dir = ENV["HOME"]
-    def self.getPassword (password_file, key_path=nil)
-      encoded_password = IO.readlines(password_file).join
-      encrypted_password = Base64.decode64(encoded_password)
-      PasswordService.decrypt(encrypted_password, key_path)
+    def self.password_file_dir= dir
+      @@password_file_dir = dir
     end
-    def self.write_password_file password, output_path, key_path
+    def self.get_password (password_file, key_path=nil)
+      encoded_password = Base64.decode64(IO.readlines(File.join(@@password_file_dir, password_file)).join)
+      PasswordService.decrypt(encoded_password, key_path)
+    end
+    def self.write_password_file(password, output_path, key_path = nil)
       enc_password = PasswordService.encrypt(password, key_path)
       base64pw = Base64.encode64(enc_password)
-      File.open(output_path, 'w') { |f| f.write base64pw }
+      path = File.join(@@password_file_dir, output_path)
+      File.open(path, 'w') { |f| f.write base64pw }
+      path
     end
     def self.encrypt(password, key_path = nil)
+      raise "password cannot be blank" if password.empty?
       pair = KeyLoader.load(key_path)
       cipher = OpenSSL::Cipher::Cipher.new('aes-128-cbc')
       cipher.encrypt
@@ -23,27 +30,25 @@ module Passw3rd
       begin
         e = cipher.update(password)
         e << cipher.final
-      rescue OpenSSL::Cipher::CipherError=>err
+      rescue OpenSSL::Cipher::CipherError => err
         puts "Couldn't encrypt password."
         raise err
       end
     end
-    def self.decrypt(password, key_path = nil)
+    def self.decrypt(cipher_text, key_path = nil)
       pair = KeyLoader.load(key_path)
       cipher = OpenSSL::Cipher::Cipher.new('aes-128-cbc')
       cipher.decrypt
       cipher.key = pair.key
       cipher.iv = pair.iv
       begin
-        d = cipher.update(password)
+        d = cipher.update(cipher_text)
         d << cipher.final
       rescue OpenSSL::Cipher::CipherError => err
         puts "Coudln't decrypt password.  Are you using the right keys?"
         raise err
       end
     end
   end
-end
+end

data/lib/passw3rd/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Passw3rd
-  Version = VERSION = '0.0.5'
+  Version = VERSION = '0.0.6'
 end

data/lib/passw3rd.rb CHANGED Viewed

@@ -3,5 +3,4 @@ require 'openssl'
 require 'optparse'
 require File.expand_path('../passw3rd/key_loader',  __FILE__)
 require File.expand_path('../passw3rd/password_service',  __FILE__)
-require File.expand_path('../passw3rd/password_client',  __FILE__)

data/test/{test_password_service.rb → password_service_test.rb} RENAMED Viewed

@@ -16,6 +16,21 @@ class PasswordServiceTest < Test::Unit::TestCase
     assert_equal(@random_string, dec)
   end
+  def test_set_and_get_password
+    ::Passw3rd::KeyLoader.create_key_iv_file(Dir.tmpdir)
+    password_file = ::Passw3rd::PasswordService.write_password_file(@random_string, "test", Dir.tmpdir)
+    decrypted = Passw3rd::PasswordService.get_password("test", Dir.tmpdir)
+    assert_equal(@random_string, decrypted)
+  end
+  def test_set_and_get_password_custom_dir
+    ::Passw3rd::PasswordService.password_file_dir = Dir.tmpdir
+    ::Passw3rd::KeyLoader.create_key_iv_file(Dir.tmpdir)
+    password_file = ::Passw3rd::PasswordService.write_password_file(@random_string, "test2")
+    decrypted = Passw3rd::PasswordService.get_password("test2")
+    assert_equal(@random_string, decrypted)
+  end
   def test_gen_key
     ::Passw3rd::KeyLoader.create_key_iv_file(Dir.tmpdir)

metadata CHANGED Viewed

@@ -1,74 +1,58 @@
---- !ruby/object:Gem::Specification
+--- !ruby/object:Gem::Specification
 name: passw3rd
-version: !ruby/object:Gem::Version
-  hash: 21
+version: !ruby/object:Gem::Version
+  version: 0.0.6
   prerelease:
-  segments:
-  - 0
-  - 0
-  - 5
-  version: 0.0.5
 platform: ruby
-authors:
+authors:
 - Neil Matatall
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-09-24 00:00:00 Z
+date: 2011-10-02 00:00:00.000000000Z
 dependencies: []
-description: Generate a key/iv file, generate passwords, and store encrypted files in source control, keep the key/iv safe!
-email:
+description: Generate a key/iv file, generate passwords, and store encrypted files
+  in source control, keep the key/iv safe!
+email:
 - neil.matatall@gmail.com
-executables:
+executables:
 - passw3rd
 extensions: []
 extra_rdoc_files: []
-files:
-- README
+files:
+- README.md
 - LICENSE
+- EXAMPLES
+- History.txt
 - lib/passw3rd/key_loader.rb
 - lib/passw3rd/password_client.rb
 - lib/passw3rd/password_service.rb
 - lib/passw3rd/version.rb
 - lib/passw3rd.rb
 - bin/passw3rd
-- test/test_password_service.rb
+- test/password_service_test.rb
 homepage: https://github.com/oreoshake/passw3rd
 licenses: []
 post_install_message:
 rdoc_options: []
-require_paths:
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement
+required_ruby_version: !ruby/object:Gem::Requirement
   none: false
-  requirements:
-  - - ">="
-    - !ruby/object:Gem::Version
-      hash: 3
-      segments:
-      - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
-  requirements:
-  - - ">="
-    - !ruby/object:Gem::Version
-      hash: 3
-      segments:
-      - 0
-      version: "0"
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
 rubyforge_project:
 rubygems_version: 1.8.10
 signing_key:
 specification_version: 3
 summary: A simple "keep the passwords out of source code and config files".
 test_files: []

data/README DELETED Viewed

@@ -1,27 +0,0 @@
-== DESCRIPTION:
-* Programmatic Password Crytpo
-== FEATURES/PROBLEMS:
-* Simple mechanism to store encrypted values using keys on the system
-== SYNOPSIS:
-require 'password_service'
-== REQUIREMENTS:
-openssl
-base64
-optparse
-== INSTALL:
-* gem install programmatic_crypto
-== DEVELOPERS:
-== LICENSE:
-MIT