password_safe 0.0.4

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage*
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--format progress

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in password_safe.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2012 Alec Tower
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,34 @@
+# PasswordSafe
+
+PasswordSafe allows you to store passwords in a local file using AES-CBC-256 encryption.
+
+It is a simple command line application providing a minimal command line interface.
+
+## Requirements
+
+Ruby 1.9
+
+Currently only supported on OSX
+
+## Installation
+
+PasswordSafe can be installed using RubyGems:
+
+    $ gem install password_safe
+
+## Usage
+
+    user$ password_safe
+
+    Options:           
+        -a <key>      ::   add password related to <key>
+        -g <key>      ::   get password related to <key>
+        -g            ::   get all keys
+        -d <key>      ::   delete password related to <key>
+        -d            ::   delete all passwords
+        -l            ::   print current location of safe
+        -l <path>     ::   move safe location to <path>
+        -c            ::   change password to safe
+        -r            ::   remove safe completely
+        
+        Passwords will be copied to the clipboard for 5 seconds

data/Rakefile

@@ -0,0 +1,25 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"
+require 'rspec/core/rake_task'
+
+namespace :spec do 
+  desc 'Run specs for Crypt'
+  RSpec::Core::RakeTask.new :crypt do |t|
+    t.pattern = 'spec/crypt_spec.rb'
+  end
+  desc 'Run specs for Safe'
+  RSpec::Core::RakeTask.new :safe do |t|
+    t.pattern = 'spec/safe_spec.rb'
+  end
+  desc 'Run specs for Guard'
+  RSpec::Core::RakeTask.new :guard do |t|
+    t.pattern = 'spec/guard_spec.rb'
+  end
+  desc 'Rub specs for Config'
+  RSpec::Core::RakeTask.new :config do |t|
+    t.pattern = 'spec/config_spec.rb'
+  end
+  task :all => [:safe, :guard, :crypt, :config]
+end
+
+task :default => 'spec:all'

data/bin/password_safe

@@ -0,0 +1,7 @@
+#!/usr/bin/env ruby
+
+$: << File.expand_path(File.dirname(__FILE__) + "/../lib") unless $:.include? File.expand_path(File.dirname(__FILE__) + "/../lib")
+
+require 'password_safe'
+
+PasswordSafe::Guard.new.on_the_job

data/lib/password_safe/config.rb

@@ -0,0 +1,19 @@
+module PasswordSafe
+  module Config
+    PASSWORD_SAFE = "#{ENV['HOME']}/.pswds"
+    
+    def change_safe_location(new_location)
+      if new_location
+        FileUtils.mkpath File.dirname new_location unless Dir.exists? File.dirname new_location
+        old_file = File.readlink PASSWORD_SAFE if File.symlink? PASSWORD_SAFE
+        IO.readlines(PASSWORD_SAFE).empty? ? (File.new new_location, 'w' unless File.exists? new_location) 
+            : (FileUtils.copy_file(PASSWORD_SAFE, new_location, true) unless File.exists? new_location)
+        FileUtils.ln_s(new_location, PASSWORD_SAFE, :force => true)
+        FileUtils.rm_f old_file if old_file
+      else
+        (puts "Current safe location is #{File.readlink PASSWORD_SAFE}"; return) if File.symlink? PASSWORD_SAFE
+        puts "Current safe location is #{PASSWORD_SAFE}"
+      end
+    end
+  end
+end

data/lib/password_safe/crypt.rb

@@ -0,0 +1,32 @@
+module PasswordSafe
+  # This module provides encrypt 
+  # and decrypt methods using aes-256-cbc
+  module Crypt
+  
+    # Encrypts data and returns
+    # binary encoded string
+    def encrypt(data, password)
+      Base64.encode64 aes(:encrypt, password, data)
+    end
+  
+    # Decrypts data from binary encoded string
+    def decrypt(data, password)
+      aes(:decrypt, password, Base64.decode64(data))
+    end
+  
+    # Uses AES-256-CBC to encrypt data
+    # Key length is 32 bytes
+    # IV length is 16 bytes
+    # TODO Use random IV and include it in 
+    # encrypted data rather than using the same
+    # IV every time.
+    def aes(mode, password, data)
+      sha256 = Digest::SHA2.new
+      aes = OpenSSL::Cipher.new("AES-256-CBC")
+      aes.send(mode)
+      aes.key = sha256.digest(password)
+      aes.iv = '0123456789012345'
+      '' << aes.update(data) << aes.final
+    end
+  end
+end

data/lib/password_safe/guard.rb

@@ -0,0 +1,235 @@
+module PasswordSafe
+  # Handles user requests and interacts
+  # with the Safe class.
+  #
+  # Main class to interface with user.
+  # The Guard protects the safe by 
+  # authenticating the user, and making sure
+  # data is in the correct format to be
+  # held in the safe.
+  class Guard
+    include PasswordSafe::Config
+    
+    # Create new guard object with specified safe.
+    # Default safe location is ENV['HOME']/.pswds
+    def initialize(safe = Safe.new)
+      @safe = safe
+    end
+  
+    # Main method that validates arguments
+    # and processes input
+    def on_the_job
+      validate_args ? process_input : print_options
+    end
+  
+    # Checks for the correct switches to be
+    # supplied by user
+    def validate_args
+      if ARGV.size > 0 && ARGV.size < 3
+        @command = ARGV[0]
+        @arg = ARGV[1]
+        (@command =~ /[(-c)]/ && !@arg.nil?) || (@command =~ /[(-a)(-g)(-l)]/ && @arg.nil?)
+      else
+        false
+      end
+    end
+  
+    # Command line options
+    def print_options
+      puts "PasswordSafe v#{PasswordSafe::VERSION}\
+            \nOptions: \
+            \n\t-a <key>      ::   add password related to <key> \
+            \n\t-g <key>      ::   get password related to <key> \
+            \n\t-g            ::   get all keys \
+            \n\t-d <key>      ::   delete password related to <key> \
+            \n\t-d            ::   delete all passwords \
+            \n\t-l            ::   print current location of safe \
+            \n\t-l <path>     ::   move safe location to <path> \
+            \n\t-c            ::   change password to safe \
+            \n\t-r            ::   remove safe completely
+            \n\n\tPasswords will be copied to the clipboard for 5 seconds \
+            \n\n"
+    end
+  
+    # Case statement for switches
+    # Main logic method
+    def process_input
+      case @command
+      when "-a"
+        add_value
+      when "-g"
+        get_value
+      when "-d"
+        delete_value
+      when "-l"
+        change_safe_location(@arg)
+      when "-c"
+        change_safe_password
+      when "-r"
+        remove_safe
+      else
+        print_options
+      end
+    end
+    
+    # Adds a new value to the safe
+    # and binds it to the key provided
+    # by the user.
+    def add_value
+      if @arg
+        puts "Enter the password for the safe"
+        safe_password = get_password
+        puts "Enter the password for #{@arg}"
+        key_password = get_password
+        add_data "#{@arg}:#{key_password}", safe_password
+      else
+        puts "A key is needed in order to store a password"
+      end
+    end
+    
+    # Retrieves value from safe
+    # that is related to the key
+    # entered by the user
+    def get_value
+      (puts "The safe is empty"; return) if @safe.empty?
+      puts "Enter the password for the safe"
+      safe_password = get_password
+      case @arg
+      when /^\S+$/
+        data = retrieve_data(safe_password)
+        value = data[@arg] if data
+        if value
+          IO.popen('pbcopy', 'w') {|clipboard| clipboard.print "#{value}"}
+          sleep(5)
+          IO.popen('pbcopy', 'w') {|clipboard| clipboard.print ""}
+        else
+          puts "No value found for #{@arg}"
+        end
+      else
+        data = retrieve_data safe_password
+        if data
+          data.each_key { |key| puts key }
+        else
+          puts "Safe is empty"
+        end
+      end
+    end
+    
+    # Removes key and value from safe.
+    def delete_value
+      (puts " The safe is empty"; return) if @safe.empty?
+      case @arg
+      when /^\S+$/
+        puts "Enter the password for the safe"
+        safe_password = get_password
+        remove_key_value safe_password
+      when nil
+        empty_safe
+      end
+    end
+  
+    # Gets password from user.
+    # Hides password on console by replacing
+    # input characters with "*"
+    def get_password
+      system "stty raw -echo"
+      password = ""
+      loop do
+        char = STDIN.getc
+        char != "\r" ? password << char : break
+        print "*"
+      end
+      password
+    ensure
+      puts
+      print "\033[ 1 E"
+      system "stty -raw echo"
+    end
+  
+    # First retrieves old data to see if
+    # the key already exists in the safe,
+    # adds it if not.
+    def add_data(key_value, safe_password)
+      old_data = retrieve_data safe_password
+      if old_data && old_data[@arg]
+        puts "#@arg already exists"
+        return
+      end
+      merge_data(old_data, key_value, safe_password)
+      puts "Successfully added key value pair"
+    end
+    
+    # Merges new key value pair with old data
+    def merge_data(old_data, key_value, safe_password)
+      new_data = ''
+      old_data.each { |key, value| new_data << "#{key}:#{value}\n" } if old_data
+      new_data << "#{key_value}\n" if key_value
+      @safe.lock(new_data, safe_password)
+    end
+  
+    # Retrieves data from safe and returns
+    # it in a key value hash
+    def retrieve_data(safe_password)
+      begin
+        return if !data = @safe.unlock(safe_password)
+        data.split("\n").map {|l| l.split(":")}.map {|k, v| Hash[k => v]}.reduce({}) {|h, i| h.merge i}
+      rescue OpenSSL::Cipher::CipherError
+        puts "You entered an incorrect password"
+        exit(0)
+      end
+    end
+  
+    # Prompts user for delete confirmation
+    # and empties safe if user entered "Y" or "y". 
+    def empty_safe
+      (puts "The safe is already empty"; return) if @safe.empty?
+      puts "Are you sure? (y|Y)"
+      if STDIN.gets =~ /^[yY]{1}$/
+        @safe.empty_safe 
+        puts "Safe was emptied!"
+      else
+        puts "Not empyting safe"
+      end
+    end
+  
+    # Attempts to remove key and value
+    # from safe if it exists.
+    # If new_data is empty, it means that
+    # there is only one key value in the safe,
+    # So the safe needs to be emptied rather
+    # re-storing the new information.
+    def remove_key_value(safe_password)
+      new_data = ''
+      old_data = retrieve_data safe_password
+      if old_data
+        puts "Deleting #@arg and related password"
+        old_data.each { |key, value| new_data << "#{key}:#{value}\n" if key !~ /^#@arg$/ }
+        if new_data.empty?
+          @safe.empty_safe
+        else
+          @safe.lock(new_data, safe_password) 
+        end
+      else
+        puts "Safe is empty"
+      end
+    end
+    
+    # Attempts to change the password for the safe.
+    # If the safe is empty, there is no password to be changed.
+    def change_safe_password
+      (puts "The safe is empty, no password is currently active"; return) if @safe.empty?
+      puts "Enter the old password for the safe"
+      old_safe_password = get_password
+      puts "Enter the new password for the safe"
+      new_safe_password = get_password
+      data = retrieve_data old_safe_password
+      puts "Successfully changed password" if (merge_data(data, nil, new_safe_password) if data)
+    end
+    
+    # Removes safe from file system
+    def remove_safe
+      @safe.self_destruct
+      puts "The safe has been removed!"
+    end
+  end
+end

data/lib/password_safe/safe.rb

@@ -0,0 +1,54 @@
+module PasswordSafe
+  # The Safe class interacts with a file (safe),
+  # storing, retrieving, or removing data from it.
+  class Safe
+    include PasswordSafe::Crypt
+    include PasswordSafe::Config
+    
+    # Default initialization of safe 
+    # in PASSWORD_SAFE location
+    def initialize(safe_location = PasswordSafe::Config::PASSWORD_SAFE)
+      @safe_location = safe_location
+      File.new @safe_location, 'w' unless File.exists?(@safe_location) || File.symlink?(@safe_location)
+      if File.symlink?(@safe_location) && !File.exists?(File.readlink @safe_location)
+        FileUtils.rm_f File.readlink @safe_location
+      end
+    end
+  
+    # Empties safe by writing nil to file
+    def empty_safe
+      if File.exists? @safe_location
+        File.open(@safe_location, 'w') { |f| f << nil }
+      end
+    end
+    
+    # Checks for contents in safe
+    def empty?
+      if File.symlink? @safe_location 
+        IO.readlines(File.readlink @safe_location).empty? if File.exists? File.readlink @safe_location
+      else
+        IO.readlines(@safe_location).empty?
+      end
+    end
+  
+    # Removes safe from file system
+    def self_destruct
+      FileUtils.rm_f File.readlink @safe_location if File.symlink? @safe_location
+      FileUtils.rm_f @safe_location
+    end
+  
+    # Unlocks the safe by decrypting the data
+    # currently in the safe with the specified password
+    # If the password is incorrect an OpenSSL::Cipher::CipherError
+    # exception is thrown
+    def unlock(password)
+       decrypt(IO.readlines(@safe_location).join, password) unless File.zero? @safe_location
+    end
+  
+    # Locks the safe by encrypting the data with the
+    # specified password
+    def lock(data, password)
+      File.open(@safe_location, 'w') { |f| f << encrypt(data, password) }
+    end
+  end
+end

data/lib/password_safe/version.rb

@@ -0,0 +1,3 @@
+module PasswordSafe
+  VERSION = "0.0.4"
+end

data/lib/password_safe.rb

@@ -0,0 +1,9 @@
+require 'openssl'
+require 'base64'
+require 'digest/sha2'
+require 'fileutils'
+require 'password_safe/version'
+require 'password_safe/crypt'
+require 'password_safe/config'
+require 'password_safe/safe'
+require 'password_safe/guard'

data/password_safe.gemspec

@@ -0,0 +1,19 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/password_safe/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.name          = "password_safe"
+  gem.version       = PasswordSafe::VERSION
+  gem.authors       = ["Alec Tower"]
+  gem.email         = ["alectower@gmail.com"]
+  gem.description   = %q{A ruby command line tool for storing encrypted passwords on *nix systems}
+  gem.summary       = %q{A ruby command line tool that uses AES-256-CBC encryption to store passwords. It provides easy storage and retrieval on *nix systems}
+  gem.homepage      = "https://github.com/uniosx/password_safe"
+  gem.platform      = Gem::Platform::RUBY
+  gem.files         = `git ls-files`.split($\)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.require_paths = ["lib"]
+  gem.add_development_dependency 'rspec', '~>2.8'
+  gem.add_development_dependency 'cover_me', '~>1.2'
+end

data/spec/config_spec.rb

@@ -0,0 +1,47 @@
+require 'spec_helper'
+
+describe PasswordSafe::Config do
+  include PasswordSafe::Config
+  before :all do
+    PasswordSafe::Config::PASSWORD_SAFE = "#{ENV['HOME']}/.tstpswds"
+    File.new PasswordSafe::Config::PASSWORD_SAFE, 'w'
+    self.instance_eval do 
+      @new_location = "#{ENV['HOME']}/Dropbox/.tstpswds"
+      @newer_location = "#{ENV['HOME']}/Dropbox/.tst_pswds"
+    end
+  end
+  after :each do 
+    File.delete PasswordSafe::Config::PASSWORD_SAFE if File.exists? PasswordSafe::Config::PASSWORD_SAFE
+    File.delete @new_location if File.exists? @new_location
+    File.delete @newer_location if File.exists? @newer_location
+  end
+  it "should change the location of the password file" do
+    change_safe_location @new_location
+    File.exists?(@new_location).should eql true
+    File.symlink?(PasswordSafe::Config::PASSWORD_SAFE).should eql true
+  end
+  it "should move default safe location contents to a new safe" do
+    File.open(PasswordSafe::Config::PASSWORD_SAFE, 'a') {|f| f << "stuff"}
+    change_safe_location @new_location
+    IO.readlines(@new_location).should eql ["stuff"]
+    IO.readlines(PasswordSafe::Config::PASSWORD_SAFE).should eql ["stuff"]
+  end
+  it "should move sym linked safe location contents to a new safe" do
+    File.open(@new_location, 'a') {|f| f << "stuff"}
+    FileUtils.ln_s @new_location, PasswordSafe::Config::PASSWORD_SAFE, :force => true
+    change_safe_location @newer_location
+    IO.readlines(PasswordSafe::Config::PASSWORD_SAFE).should eql ["stuff"]
+    IO.readlines(@newer_location).should eql ["stuff"]
+  end
+  it "should delete old safe when moving to a new location" do
+    File.open(PasswordSafe::Config::PASSWORD_SAFE, 'a') {|f| f << "stuff"}
+    change_safe_location @new_location
+    change_safe_location @newer_location
+    IO.readlines(@newer_location).should eql ["stuff"]
+    File.exists?(@new_location).should eql false
+  end
+  it "should print the current safe location if no argument is supplied" do
+    $stdout.should_receive(:puts).with("Current safe location is #{PasswordSafe::Config::PASSWORD_SAFE}")
+    change_safe_location nil
+  end
+end

data/spec/crypt_spec.rb

@@ -0,0 +1,11 @@
+require 'spec_helper'
+
+describe PasswordSafe::Crypt do
+  include PasswordSafe::Crypt
+  it "should encrypt data" do
+    encrypt("this is a test",'password').should_not eql "this is a test"
+  end
+  it "should decrypt data" do
+    decrypt(encrypt("this is a test",'password'), 'password').should eql "this is a test"
+  end
+end

data/spec/guard_spec.rb

@@ -0,0 +1,135 @@
+require 'spec_helper'
+
+describe PasswordSafe::Guard do
+  before :each do
+    PasswordSafe::Guard.instance_eval do
+      attr_accessor :safe, :command, :arg
+    end
+    @guard = PasswordSafe::Guard.new mock("safe")
+    ARGV.clear
+  end
+  it "should validate 0 args" do
+    @guard.validate_args.should eql false
+  end
+  it "should validate 1 arg" do
+    ARGV << "-g"
+    @guard.validate_args.should eql true
+  end
+  it "should validate > 1 and < 3 args" do
+    ARGV << "-g" << "keys"
+    @guard.validate_args.should eql true
+  end
+  it "should validate >= 3 args" do
+    ARGV << "-g" << "all" << "too many"
+    @guard.validate_args.should eql false
+  end
+  it "should process input after validating args" do
+    @guard.stub(:validate_args).and_return true
+    @guard.should_receive(:validate_args)
+    @guard.should_receive(:process_input)
+    @guard.on_the_job.should
+  end
+  it "should print options if no args are provided" do
+    @guard.stub(:validate_args).and_return false
+    @guard.should_receive(:print_options)
+    @guard.on_the_job
+  end
+  it "should process the -a switch to add a key and value" do
+    $stdout.should_receive(:puts).with("Enter the password for the safe")
+    @guard.stub(:get_password).and_return("safepassword", "gmailpassword")
+    $stdout.should_receive(:puts).with("Enter the password for gmail")
+    @guard.stub(:add_data).with("gmail:gmailpassword", "safepassword").and_return "Successfully added key value pair"
+    @guard.command = "-a"
+    @guard.arg = "gmail"
+    @guard.process_input.should eql "Successfully added key value pair" 
+  end
+  it "should process the -g switch with no argument" do
+    @guard.stub(:get_password).and_return "safepassword"
+    @guard.stub(:retrieve_data).with("safepassword").and_return nil
+    @guard.safe.should_receive(:empty?).and_return true
+    $stdout.should_receive(:puts).with("The safe is empty")
+    @guard.command = "-g"
+    @guard.process_input
+  end
+  it "should process the -g switch with an argument" do
+    @guard.safe.stub(:empty?).and_return false
+    @guard.stub(:get_password).and_return "safepassword"
+    @guard.stub(:retrieve_data).with("safepassword").and_return Hash["gmail" => "gmailpassword"]
+    IO.should_receive(:popen).with('pbcopy', 'w')
+    @guard.should_receive(:sleep).with(5)
+    IO.should_receive(:popen).with('pbcopy', 'w')
+    @guard.command = "-g"
+    @guard.arg = "gmail"
+    @guard.process_input
+  end
+  it "should process the -d switch with an argument" do
+    @guard.safe.stub(:empty?).and_return false
+    @guard.stub(:remove_key_value).with("safepassword")
+    @guard.stub(:get_password).and_return "safepassword"
+    $stdout.should_receive(:puts).with("Enter the password for the safe")
+    @guard.should_receive(:remove_key_value).with("safepassword")
+    @guard.command = "-d"
+    @guard.arg = "gmail"
+    @guard.process_input
+  end
+  it "should process the -d switch with no argument" do
+    @guard.safe.stub(:empty?).and_return false
+    @guard.should_receive(:empty_safe)
+    @guard.command = "-d"
+    @guard.arg = nil
+    @guard.process_input
+  end
+  it "should process the -l switch with a path as an argument" do
+    @guard.command = "-l"
+    @guard.arg = "~/.new_safe"
+    @guard.should_receive(:change_safe_location).with("~/.new_safe")
+    @guard.process_input
+  end
+  it "should process the -c switch" do
+    @guard.command = "-c"
+    @guard.should_receive(:change_safe_password)
+    @guard.process_input
+  end
+  it "should process the -r switch" do
+    @guard.command = "-r"
+    @guard.should_receive(:remove_safe)
+    @guard.process_input
+  end
+  it "should get a password from the user" do
+    @guard.stub!(:system)
+    @guard.should_receive(:system).with("stty raw -echo")
+    STDIN.stub(:getc).and_return("g", "m", "\r")
+    @guard.get_password.should eql "gm"
+  end
+  it "should add data to safe" do
+    @guard.stub(:retrieve_data).with("fakepassword").and_return nil
+    @guard.safe.stub(:lock).with("gmail:gmailpassword\n", "fakepassword")
+    $stdout.should_receive(:puts).with("Successfully added key value pair")
+    @guard.add_data "gmail:gmailpassword", "fakepassword"
+  end
+  it "should retreive data froms safe" do
+    @guard.safe.stub(:unlock).with("safepassword").and_return("gmail:gmailpassword")
+    @guard.retrieve_data("safepassword").should eql Hash["gmail" => "gmailpassword"]
+  end
+  it "should empty the safe" do 
+    STDIN.stub(:gets).and_return("Y")
+    @guard.safe.stub(:empty?).and_return false
+    $stdout.should_receive(:puts).with("Are you sure? (y|Y)")
+    @guard.safe.should_receive(:empty_safe)
+    $stdout.should_receive(:puts).with("Safe was emptied!")
+    @guard.empty_safe
+  end
+  it "should remove key value from safe" do
+    @guard.stub(:retrieve_data).with("safepassword").and_return Hash["gmail" => "gmailpassword", "facebook" => "facebookpassword"]
+    $stdout.should_receive(:puts).with("Deleting gmail and related password")
+    @guard.safe.should_receive(:lock).with("facebook:facebookpassword\n", "safepassword")
+    @guard.arg = "gmail"
+    @guard.remove_key_value "safepassword"
+  end
+  it "should remove the safe" do
+    @guard.safe.stub(:self_destruct)
+    @guard.safe.should_receive(:self_destruct)
+    $stdout.should_receive(:puts).with("The safe has been removed!")
+    @guard.remove_safe
+  end
+end

data/spec/safe_spec.rb

@@ -0,0 +1,40 @@
+require 'spec_helper'
+
+describe PasswordSafe::Safe do
+  include PasswordSafe::Crypt
+  before :each do
+    @safe = PasswordSafe::Safe.new "#{ENV['HOME']}/.tmp_pswds"
+    PasswordSafe::Safe.instance_eval do
+      attr_reader :safe_location
+    end
+  end
+  after :each do
+    @safe.self_destruct
+  end
+  it "should create a new safe if one doesn't already exist" do
+    File.exists?(@safe.safe_location).should eql true
+  end
+  it "should remove broken sym link of file doesn't exist" do
+    FileUtils.ln_s "#{ENV['HOME']}/.doesnt_exist", @safe.safe_location, :force => true
+    @safe = PasswordSafe::Safe.new "#{ENV['HOME']}/.tmp_pswds"
+    File.exists?("#{ENV['HOME']}/.doesnt_exist").should eql false
+  end
+  it "should lock data" do
+    data = "gmail:password"
+    @safe.lock(data, "password")
+    decrypt(IO.readlines(@safe.safe_location).to_s, "password").should eql data
+  end
+  it "should unlock data" do
+    @safe.lock "gmail:password", "password"
+    @safe.unlock("password").should eql "gmail:password"
+  end
+  it "should know if it's empty" do
+    @safe.empty?.should eql true
+  end
+  it "should remove sym link when self destructing" do
+    FileUtils.ln_s("#{ENV['HOME']}/.tmp_pswds_lnk", @safe.safe_location, :force => true)
+    @safe.self_destruct
+    File.exists?("#{ENV['HOME']}/.tmp_pswds_lnk").should eql false
+    File.exists?(@safe.safe_location).should eql false
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,28 @@
+# This file was generated by the `rspec --init` command. Conventionally, all
+# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
+# Require this file using `require "spec_helper.rb"` to ensure that it is only
+# loaded once.
+#
+# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+
+require 'cover_me'
+require 'password_safe'
+require 'rspec'
+
+RSpec.configure do |config|
+  config.treat_symbols_as_metadata_keys_with_true_values = true
+end
+
+at_exit do
+  CoverMe.instance_eval do 
+    def complete
+      data_file = CoverMe.config.results.store
+      if File.exists?(data_file)
+        data = CoverMe::Results.read_results(data_file)
+        CoverMe::Processor.new(data).process!
+        File.delete(data_file)
+      end
+    end
+  end
+  CoverMe.complete
+end

metadata

@@ -0,0 +1,103 @@
+--- !ruby/object:Gem::Specification
+name: password_safe
+version: !ruby/object:Gem::Version
+  version: 0.0.4
+  prerelease: 
+platform: ruby
+authors:
+- Alec Tower
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-05-26 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.8'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.8'
+- !ruby/object:Gem::Dependency
+  name: cover_me
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.2'
+description: A ruby command line tool for storing encrypted passwords on *nix systems
+email:
+- alectower@gmail.com
+executables:
+- password_safe
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .rspec
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- bin/password_safe
+- lib/password_safe.rb
+- lib/password_safe/config.rb
+- lib/password_safe/crypt.rb
+- lib/password_safe/guard.rb
+- lib/password_safe/safe.rb
+- lib/password_safe/version.rb
+- password_safe.gemspec
+- spec/config_spec.rb
+- spec/crypt_spec.rb
+- spec/guard_spec.rb
+- spec/safe_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/uniosx/password_safe
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.23
+signing_key: 
+specification_version: 3
+summary: A ruby command line tool that uses AES-256-CBC encryption to store passwords.
+  It provides easy storage and retrieval on *nix systems
+test_files:
+- spec/config_spec.rb
+- spec/crypt_spec.rb
+- spec/guard_spec.rb
+- spec/safe_spec.rb
+- spec/spec_helper.rb