pwl 0.0.1

data/.document

@@ -0,0 +1,5 @@
+lib/**/*.rb
+bin/*
+- 
+features/**/*.feature
+LICENSE.txt

data/.travis.yml

@@ -0,0 +1,3 @@
+language: ruby
+rvm:
+  - 1.9.3

data/Gemfile

@@ -0,0 +1,22 @@
+source "http://rubygems.org"
+# Add dependencies required to use your gem here.
+# Example:
+#   gem "activesupport", ">= 2.3.5"
+
+gem 'encryptor'
+gem 'commander'
+gem 'activesupport'
+
+group :test do
+  gem "rake"
+  gem 'simplecov', :require => false
+  gem 'nokogiri-diff'
+end
+
+# Add dependencies to develop your gem here.
+# Include everything needed to run rake, tests, features, etc.
+group :development do
+  gem "rdoc", "~> 3.12"
+  gem "bundler", "~> 1.0.0"
+  gem "jeweler", "~> 1.8.3"
+end

data/Gemfile.lock

@@ -0,0 +1,45 @@
+GEM
+  remote: http://rubygems.org/
+  specs:
+    activesupport (3.2.2)
+      i18n (~> 0.6)
+      multi_json (~> 1.0)
+    commander (4.1.2)
+      highline (~> 1.6.11)
+    encryptor (1.1.3)
+    git (1.2.5)
+    highline (1.6.11)
+    i18n (0.6.0)
+    jeweler (1.8.3)
+      bundler (~> 1.0)
+      git (>= 1.2.5)
+      rake
+      rdoc
+    json (1.6.5)
+    multi_json (1.1.0)
+    nokogiri (1.4.7)
+    nokogiri-diff (0.1.0)
+      nokogiri (~> 1.4.1)
+      tdiff (~> 0.3.2)
+    rake (0.9.2.2)
+    rdoc (3.12)
+      json (~> 1.4)
+    simplecov (0.6.1)
+      multi_json (~> 1.0)
+      simplecov-html (~> 0.5.3)
+    simplecov-html (0.5.3)
+    tdiff (0.3.2)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  activesupport
+  bundler (~> 1.0.0)
+  commander
+  encryptor
+  jeweler (~> 1.8.3)
+  nokogiri-diff
+  rake
+  rdoc (~> 3.12)
+  simplecov

data/LICENSE.txt

@@ -0,0 +1,20 @@
+Copyright (c) 2012 Nicholas E. Rabenau
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,102 @@
+pwl - Password Locker
+=====================
+
+pwl is a secure password locker for the command-line.
+
+[![Build Status](https://secure.travis-ci.org/nerab/pwl.png?branch=master)](http://travis-ci.org/nerab/pwl)
+
+Installation
+============
+pwl is written in [Ruby](http://www.ruby-lang.org/) and can be installed using Ruby's [gem](http://rubygems.org/) package manager:
+
+      gem install pwl
+
+Basic Usage
+===========
+Before it can store passwords, pwl needs to initialize the password database. The database file is created with the `init` command and located by default at `~/.pwl.pstore`.
+
+      pwl init
+
+Storing a password requires a name under which the password can be retrieved later on:
+
+      pwl put "Mail Account" s3cret
+
+This command will store the password "s3cret" under the name "Mail Account". Later on this password can be retrieved using the get command:
+
+      pwl get "Mail Account"
+
+This command will print "s3cret" to the console (STDOUT).
+
+For more usage information, invoke the help command:
+
+      pwl help
+
+Concept
+=======
+pwl is written in the UNIX tradition of having a tool do one thing, and do it well. With this in mind, password management becomes not much more than keeping a list of name-value pairs and securing it from unauthorized access (by encrypting the password database with a master password).
+
+The whole topic becomes much more interesting when you start integrating a password locker into various tools and applications. There is no widely accepted standard for how password lockers could hook into applications, and so almost every tool falls back to the system clipboard. Notable exceptions are modern browsers, which provide password locker integration by their generic plugin concepts.
+
+pwl focuses on the command line where standard input (STDIN) and output (STDOUT) are the established way to share data between commands (applications). Therefore pwl was built with the following principles in mind:
+
+  * All input is read from STDIN
+  * All regular output (e.g. the password retrieved) goes to STDOUT
+  * All messages and errors are printed to STDERR  (prevents side effects of the message)
+  * Exit code is set to 0 for success and non-zero for errors
+
+Security
+========
+When it comes to securing passwords, pwl does not make any compromises. It relies on the proven OpenSSL library for all encryption functions via the [Encryptor](https://github.com/shuber/encryptor) wrapper. The password store itself is a Ruby [PStore](http://ruby-doc.org/stdlib/libdoc/pstore/rdoc/PStore.html). All names and values are individually encrypted with the master password.
+
+Code security is enforced with two major concepts:
+
+1. The complete source code of pwl, and all libraries it uses, are open source. Therefore, everyone can freely inspect the complete source code of pwl, run penetration tests, etc.
+1. Nearly 100% of pwl's code is covered by unit and acceptance tests. All tests are re-run whenever new code is pushed to the public git repository. All build and test results are published with the help of [Travis CI](http://travis-ci.org/nerab/pwl).
+
+Integration
+===========
+When invoked on a console, pwl will ask for the master password to be typed into the console (using the [HighLine](http://highline.rubyforge.org) library). pwl also behaves well when run in a pipe. You can pipe the master password into pwl. Similarly, instead of printing the retrieved password to the console, pwl's output can be used as input for yet another program.For instance, the popular request for copying a password to the clipboard can be achieved by piping pwl's output into a clipboard application that reads from STDIN, e.g. pbcopy (Mac), xclip (Linux), clip (Windows >= Vista), putclip (cygwin).
+
+Example on MacOS:
+
+    pwl get nerab@example.com | pbcopy
+
+Or, if you prefer to enter the master password via a regular dialog box, you can run the same command with the --gui flag:
+
+    pwl get nerab@example.com --gui | pbcopy
+
+By calling this line, the password stored under nerab@example.com is copied to the clipboard.
+
+Backup & Restore
+================
+* Backup: Copy ~/.pwl.pstore (or whatever you pass in with --file) to a safe place.
+* Restore: Replace ~/.pwl.pstore (or whatever you pass in with --file) with the version you kept in a safe place.
+
+Export and Printing
+===================
+pwl provides a simple export into the HTML format with the following command:
+
+    pwl export
+
+This will print raw HTML markup on STDOUT, so it can be written into a file
+
+    pwl export > my_passwords.html
+    
+and then viewed and printed with a browser. With [bcat](http://rtomayko.github.com/bcat/) the export can be directly piped into a browser:
+
+    pwl export | bcat
+
+Contributing to pwl
+===================
+
+* Check out the [latest master](http://github.com/nerab/pwl/) to make sure the feature hasn't been implemented or the bug hasn't been fixed yet.
+* Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it.
+* Fork the project.
+* Start a feature/bugfix branch.
+* Commit and push until you are happy with your contribution.
+* Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
+* Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.
+
+Copyright
+=========
+Copyright (c) 2012 Nicholas E. Rabenau. See [LICENSE.txt](https://raw.github.com/nerab/pwl/master/LICENSE.txt) for further details.

data/Rakefile

@@ -0,0 +1,45 @@
+# encoding: utf-8
+
+require 'rubygems'
+require 'bundler'
+begin
+  Bundler.setup(:default, :development)
+rescue Bundler::BundlerError => e
+  $stderr.puts e.message
+  $stderr.puts "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+require 'rake'
+
+require 'jeweler'
+Jeweler::Tasks.new do |gem|
+  # gem is a Gem::Specification... see http://docs.rubygems.org/read/chapter/20 for more options
+  gem.name = "pwl"
+  gem.homepage = "http://github.com/nerab/pwl"
+  gem.license = "MIT"
+  gem.summary = %Q{Command-line password locker}
+  gem.description = %Q{pwl is a secure password locker for the commandline}
+  gem.email = "nerab@gmx.net"
+  gem.authors = ["Nicholas E. Rabenau"]
+  gem.executables << 'pwl'
+end
+Jeweler::RubygemsDotOrgTasks.new
+
+require 'rake/testtask'
+Rake::TestTask.new(:test) do |test|
+  test.libs << 'lib' << 'test'
+  test.test_files = FileList['test/**/test_*.rb'].exclude("test/acceptance/test_dialogs.rb")
+  test.verbose = true
+end
+
+task :default => :test
+
+require 'rdoc/task'
+Rake::RDocTask.new do |rdoc|
+  version = File.exist?('VERSION') ? File.read('VERSION') : ""
+
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title = "pwl #{version}"
+  rdoc.rdoc_files.include('README*')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end

data/VERSION

@@ -0,0 +1 @@
+0.0.1

data/bin/pwl

@@ -0,0 +1,268 @@
+#!/usr/bin/env ruby
+
+require 'rubygems'
+require 'commander/import'
+
+$:.unshift File.join(File.dirname(__FILE__), *%w[.. lib])
+require 'pwl'
+
+program :version, Pwl::VERSION
+program :description, "#{program(:name)} is a secure password manager for the command line."
+
+EXIT_CODES = {
+  :success               => Pwl::Message.new('Success.'),
+  :aborted               => Pwl::Message.new('Aborted by user.', 1),
+  :passwords_dont_match  => Pwl::ErrorMessage.new('Passwords do not match.', 2),
+  :no_value_found        => Pwl::Message.new('No value found for <%= name %>.', 3, :name => 'NAME'),
+  :file_exists           => Pwl::ErrorMessage.new('There already exists a store at <%= file %>. Use --force to overwrite it or --file to specify a different store.', 4, :file => 'FILE'),
+  :file_not_found        => Pwl::ErrorMessage.new('Store file <%= file %> could not be found.', 5, :file => 'FILE'),
+  :name_blank            => Pwl::ErrorMessage.new('Name may not be blank.', 6),
+  :value_blank           => Pwl::ErrorMessage.new('Value may not be blank.', 7),
+  :list_empty            => Pwl::Message.new('List is empty.', 8),
+  :list_empty_filter     => Pwl::Message.new('No names found that match filter <%= filter %>.', 9, :filter => 'FILTER'),
+  :validation_new_failed => Pwl::ErrorMessage.new('<%= message %>.', 10, :message => 'Validation of new master password failed'),
+}
+
+program :help, 'Exit Status',  "#{program(:name)} sets the following exit status:\n\n" + EXIT_CODES.values.sort{|l,r| l.exit_code <=> r.exit_code}.collect{|m| "      #{m.exit_code.to_s}: #{m.to_s}"}.join("\n")
+program :help, 'Author', 'Nicholas E. Rabenau <nerab@gmx.at>'
+
+DEFAULT_STORE_FILE = File.expand_path("~/.#{program(:name)}.pstore")
+DEFAULT_EXPORT_TEMPLATE = File.join(File.dirname(__FILE__), *%w[.. templates export.html.erb])
+
+store_file = DEFAULT_STORE_FILE
+
+global_option '-V', '--verbose', 'Enable verbose output'
+global_option('-f', '--file FILE', 'Determine the file that holds the store'){|file| store_file = file}
+global_option '-g', '--gui', 'Request the master password using an OS-specific GUI dialog. This option takes precedence over STDIN.'
+
+command :init do |c|
+  c.syntax = "#{program(:name)} #{c.name}"
+  c.summary = 'Initializes a new store'
+  c.description = 'This command initializes a new password store. Password quality is enforced using validation rules.'
+  c.example "Initializes a new password store in #{DEFAULT_STORE_FILE}", "#{program(:name)} #{c.name}"
+  c.example "Initializes a new password store in /tmp/crackme.txt", "#{program(:name)} #{c.name} --file /tmp/crackme.txt"
+  c.option '--force', 'Force-overwrite an existing store file'
+  c.action do |args, options|
+    # Store checks this too, but we want to fail fast.
+    exit_with(:file_exists, options.verbose, :file => store_file) if File.exists?(store_file) && !options.force
+
+    begin
+      begin
+        master_password = get_password('Enter new master password:', options.gui)
+      end while begin
+        validate!(master_password) # Basic idea from http://stackoverflow.com/questions/136793/is-there-a-do-while-loop-in-ruby
+      rescue Pwl::InvalidMasterPasswordError => e
+        STDERR.puts e.message
+        options.gui || STDIN.tty? # only continue the loop when in interactive mode
+      end
+
+      # Ask for password confirmation if running in interactive mode (terminal)
+      if STDIN.tty? && master_password != get_password('Enter master password again:', options.gui)
+        exit_with(:passwords_dont_match, options.verbose)
+      end
+    rescue Pwl::Dialog::Cancelled
+      exit_with(:aborted, options.verbose)
+    end
+
+    Pwl::Store.new(store_file, master_password, {:force => options.force})
+    STDERR.puts "Successfully initialized new store at #{store_file}" if options.verbose
+  end
+end
+
+command :get do |c|
+  c.syntax = "#{program(:name)} #{c.name} NAME"
+  c.summary = 'Retrieves the value for NAME and prints it to STDOUT.'
+  c.description = 'This command retrieves the value stored under NAME and prints it on STDOUT.'
+  c.example 'Reads the value stored under the name "foo" and prints it to STDOUT', "#{program(:name)} #{c.name} foo"
+  c.action do |args, options|
+    # Store checks this too, but we want to fail fast and provide a message.
+    exit_with(:file_not_found, options.verbose, :file => store_file) unless File.exists?(store_file)
+    exit_with(:name_blank, options.verbose) if 0 == args.size || args[0].blank?
+
+    begin
+      result = Pwl::Store.open(store_file, get_password('Enter master password:', options.gui)).get(args[0])
+      if result.blank?
+        exit_with(:no_value_found, options.verbose, :name => args[0])
+      else
+        puts result
+      end
+    rescue Pwl::Dialog::Cancelled
+      exit_with(:aborted, options.verbose)
+    end
+  end
+end
+
+command :list do |c|
+  c.syntax = "#{program(:name)} #{c.name} [FILTER]"
+  c.summary = 'Lists all names with optional FILTER.'
+  c.description = 'This command prints all names to STDOUT. If present, only those names matching FILTER will be returned.'
+  c.example 'Prints all names', "#{program(:name)} #{c.name}"
+  c.example 'Prints all names which start with "foo"', "#{program(:name)} #{c.name} foo"
+  c.example 'Prints all names separated by comma', "#{program(:name)} #{c.name} --separator ,"
+  c.option '-s', '--separator SEPARATOR', String, 'Separate names by SEPARATOR'
+  c.action do |args, options|
+    # Store checks this too, but we want to fail fast and provide a message.
+    exit_with(:file_not_found, options.verbose, :file => store_file) unless File.exists?(store_file)
+
+    options.default :separator => ' '
+
+    begin
+      result = Pwl::Store.open(store_file, get_password('Enter master password:', options.gui)).list(args[0]).join(options.separator)
+      if !result.blank?
+        puts result
+      else
+        if args[0] # filter given
+          exit_with(:list_empty_filter, options.verbose, args[0])
+        else
+          exit_with(:list_empty, options.verbose)
+        end
+      end
+    rescue Pwl::Dialog::Cancelled
+      exit_with(:aborted, options.verbose)
+    end
+  end
+end
+
+command :put do |c|
+  c.syntax = "#{program(:name)} #{c.name} NAME [VALUE]"
+  c.summary = 'Stores VALUE under NAME'
+  c.description = 'Adds or updates the entry stored under NAME. If NAME is already present in the store, it will be updated with VALUE. If NAME is not already present in the store, a new entry will be created. If VALUE is not given, it will be read from STDIN.'
+  c.example 'Stores the value "bar" under the name "foo"', "#{program(:name)} #{c.name} foo bar"
+  c.example 'Reads STDIN and stores that as value under the name "foo"', "#{program(:name)} #{c.name} foo"
+  c.action do |args, options|
+    exit_with(:file_not_found, options.verbose, :file => store_file) unless File.exists?(store_file)
+    exit_with(:name_blank, options.verbose) if 0 == args.size || args[0].blank?
+
+    # Ask for the master password _before_ it may be necessary to ask for the value in a terminal
+    begin
+      store = Pwl::Store.open(store_file, get_password('Enter master password:', options.gui))
+    rescue Pwl::Dialog::Cancelled
+      exit_with(:aborted, options.verbose)
+    end
+
+    value = args[1]
+
+    if !value
+      exit_with(:value_blank, options.verbose) unless STDIN.tty? || options.gui
+
+      begin
+        value = get_text("Enter value for name '#{args[0]}':", options.gui)
+      rescue Pwl::Dialog::Cancelled
+        exit_with(:aborted, options.verbose)
+      end
+
+      # still blank, even after asking for it?
+      if value.blank?
+        exit_with(:value_blank, true)
+      end
+    end
+
+    store.put(args[0], value)
+    STDERR.puts "Successfully stored new value under #{args[0]}." if options.verbose
+  end
+end
+
+command :delete do |c|
+  c.syntax = "#{program(:name)} #{c.name} NAME"
+  c.summary = 'Deletes the entry stored under NAME'
+  c.description = 'Deletes the complete entry that is stored under NAME. If NAME is not present in the store, an error will thrown.'
+  c.example 'Deletes what was stored under the name "foo"', "#{program(:name)} #{c.name} foo"
+  c.action do |args, options|
+    exit_with(:file_not_found, options.verbose, :file => store_file) unless File.exists?(store_file)
+    exit_with(:name_blank, options.verbose) if 0 == args.size || args[0].blank?
+
+    begin
+      store = Pwl::Store.open(store_file, get_password('Enter master password:', options.gui))
+    rescue Pwl::Dialog::Cancelled
+      exit_with(:aborted, options.verbose)
+    end
+
+    store.delete(args[0])
+    STDERR.puts "Successfully deleted the value under #{args[0]}." if options.verbose
+  end
+end
+
+command :passwd do |c|
+  c.syntax = "#{program(:name)} #{c.name} [NEW_MASTER_PASSWORD]"
+  c.summary = 'Changes the master password to NEW_MASTER_PASSWORD.'
+  c.description = 'This command changes the master password of the store. Password quality is enforced using validation rules.'
+  c.action do |args, options|
+    exit_with(:file_not_found, options.verbose, :file => store_file) unless File.exists?(store_file)
+
+    begin
+      store = Pwl::Store.open(store_file, get_password('Enter current master password:', options.gui))
+
+      if !STDIN.tty? && !options.gui
+        # If we are in a pipe and do not run in GUI mode, we accept the new master password as args[0]
+        new_master_password = args[0]
+
+        begin
+          validate!(new_master_password)
+        rescue Pwl::InvalidMasterPasswordError => e
+          exit_with(:validation_new_failed, options.verbose, :message => e.message)
+        end
+      else
+        # If running interactively (console or gui), we loop until we get a valid password or break
+        begin
+          new_master_password = get_password('Enter new master password:', options.gui)
+        end while begin
+          validate!(new_master_password)
+        rescue Pwl::InvalidMasterPasswordError => e
+          STDERR.puts e.message
+          options.gui || STDIN.tty? # only continue the loop when in interactive mode
+        end
+
+        # Confirm new password
+        if new_master_password != get_password('Enter new master password again:', options.gui)
+          exit_with(:passwords_dont_match, options.verbose)
+        end
+      end
+    rescue Pwl::Dialog::Cancelled
+      exit_with(:aborted, options.verbose)
+    end
+
+    store.change_password!(new_master_password)
+    STDERR.puts "Successfully changed master password." if options.verbose
+  end
+end
+
+command :export do |c|
+  c.syntax = "#{program(:name)} #{c.name}"
+  c.summary = 'Exports all entries.'
+  c.description = 'This command prints all entries to STDOUT.'
+  c.example 'Prints all entries', "#{program(:name)} #{c.name}"
+  c.action do |args, options|
+    exit_with(:file_not_found, options.verbose, :file => store_file) unless File.exists?(store_file)
+
+    begin
+      template = ERB.new(File.read(DEFAULT_EXPORT_TEMPLATE))
+      store = Pwl::Store.open(store_file, get_password('Enter master password:', options.gui))
+      puts template.result(binding)
+    rescue Pwl::Dialog::Cancelled
+      exit_with(:aborted, options.verbose)
+    end
+  end
+end
+
+def exit_with(error_code, verbose, msg_args = {})
+  msg = EXIT_CODES[error_code]
+  raise "No message defined for error #{error_code}" if !msg
+
+  if msg.error? || verbose # always print errors; messages only when verbose
+    STDERR.puts msg.to_s(msg_args)
+  end
+
+  exit(msg.exit_code)
+end
+
+def get_password(prompt, gui = false)
+  (gui ? Pwl::Dialog::Password.new(program(:name), prompt) : Pwl::Dialog::ConsolePasswordDialog.new(prompt)).get_input
+end
+
+def get_text(prompt, gui = false)
+  (gui ? Pwl::Dialog::Text.new(program(:name), prompt) : Pwl::Dialog::ConsoleTextDialog.new(prompt)).get_input
+end
+
+def validate!(pwd)
+  Pwl::Store.password_policy.validate!(pwd)
+end

data/lib/pwl/dialog/base.rb

@@ -0,0 +1,37 @@
+require 'open3'
+
+module Pwl
+  module Dialog
+    class AppNotFoundError < StandardError;end
+    class Cancelled < StandardError;end
+
+    #
+    # Base class for dialogs
+    #
+    class Base
+      attr_reader :title, :prompt
+
+      #
+      # Constructs a new dialog with the given title and prompt.
+      #
+      def initialize(title, prompt)
+        @title, @prompt = title, prompt
+      end
+    end
+
+    #
+    # Base class for dialogs implemented by executing a system command.
+    #
+    class SystemDialog < Base
+      def get_input
+        out, err, rc = Open3.capture3(command)
+        raise Cancelled.new(rc.exitstatus) unless 0 == rc.exitstatus
+        out.chomp
+      end
+
+      def command
+        raise "Not implemented. A derived class is expected to provide the OS command for prompting a password."
+      end
+    end
+  end
+end

data/lib/pwl/dialog/cocoa.rb

@@ -0,0 +1,67 @@
+module Pwl
+  module Dialog
+    class CocoaDialog < SystemDialog
+      #
+      # CocoaDialog returns two lines. The first line contains the number of the button, and the second line contains
+      # the actual user input. This method amends the base method with handling the two lines.
+      #
+      def get_input
+        result = super.lines.to_a
+        result = [] if result.blank?
+
+        case result.size
+          when 1 then return_or_cancel(result[0], '')
+          when 2 then return_or_cancel(result[0], result[1].chomp)
+          else raise "Unknown response from running '#{command}'"
+        end
+      end
+
+      protected
+
+      #
+      # Attempt to find an app within the user's home. If it doesn't exist, an attempt is made to find a system-installed file.
+      #
+      def local_app_name
+        [File.expand_path("~/"), '/'].each{|place|
+          local_app = File.join(place, APP_NAME)
+          return local_app if File.exist?(local_app) && File.executable?(local_app)
+        }
+        raise AppNotFoundError.new("Could not find the CocoaDialog app. Maybe it is not installed?")
+      end
+
+      #
+      # Return the generic command that is common for all dialogs deriving from this class.
+      #
+      # Derived classes are expected to implement the +type+ method that should return
+      #
+      def command
+        "#{local_app_name} #{type} --title \"#{title}\" --informative-text \"#{prompt}\""
+      end
+
+      private
+      APP_NAME = "Applications/CocoaDialog.app/Contents/MacOS/CocoaDialog"
+
+      def return_or_cancel(statusLine, resultLine)
+        status = statusLine.to_i - 1
+
+        if 0 == status
+          resultLine
+        else
+          raise Cancelled.new(status)
+        end
+      end
+    end
+
+    class CocoaTextDialog < CocoaDialog
+      def type
+        'standard-inputbox'
+      end
+    end
+
+    class CocoaPasswordDialog < CocoaDialog
+      def type
+        'secure-standard-inputbox'
+      end
+    end
+  end
+end

data/lib/pwl/dialog/console.rb

@@ -0,0 +1,39 @@
+require 'highline'
+
+module Pwl
+  module Dialog
+    class ConsoleDialog < Base
+      def initialize(prompt)
+        super(nil, prompt)
+        @dialog = HighLine.new(STDIN, STDERR)
+      end
+      
+      protected
+      attr_reader :dialog
+    end
+    
+    class ConsolePasswordDialog < ConsoleDialog
+      def initialize(prompt = 'Please enter the master password:')
+        super(prompt)
+      end
+
+      def get_input
+        begin
+          STDIN.tty? ? @dialog.ask(prompt){|q| q.echo = "*"} : STDIN.read.chomp
+        rescue Interrupt
+          raise Cancelled.new(1)
+        end
+      end
+    end
+    
+    class ConsoleTextDialog < ConsoleDialog
+      def get_input
+        begin
+          STDIN.tty? ? @dialog.ask(prompt) : STDIN.read.chomp
+        rescue Interrupt
+          raise Cancelled.new(1)
+        end
+      end
+    end
+  end
+end