pws 0.1.2 → 0.1.3

data/VERSION

@@ -1 +1 @@
-0.1.2
+0.1.3

data/bin/pws

@@ -13,7 +13,7 @@ require 'zucker/kernel'
 require 'zucker/version'
 
 class PasswordSafe
-  VERSION = "0.1.2".freeze
+  VERSION = "0.1.3".freeze
 
   Entry = Struct.new :description, :password
 
@@ -171,28 +171,38 @@ class PasswordSafe
   end
 
   class << Encryptor = Module.new
-    CIPHER = 'AES256'
+    CIPHER = 'aes-256-cbc'
 
-    def decrypt( data, pwhash )
-      crypt :decrypt, data, pwhash
+    def decrypt( iv_and_data, pwhash )
+      iv, data = iv_and_data[0,16], iv_and_data[16..-1]
+      crypt :decrypt, data, pwhash, iv
     end
 
     def encrypt( data, pwhash )
-      crypt :encrypt, data, pwhash
+      iv = random_iv
+      encrypted_data = crypt :encrypt, data, pwhash, iv
+      iv + encrypted_data
     end
 
     def hash( plaintext )
       OpenSSL::Digest::SHA512.new( plaintext ).digest
     end
 
+    # you need a random iv for cbc mode. It is prepended to the encrypted text.
+    def random_iv
+      a = OpenSSL::Cipher.new CIPHER
+      a.random_iv
+    end
+
     private
 
     # Encrypts or decrypts the data with the password hash as key
     # NOTE: encryption exceptions do not get caught!
-    def crypt( decrypt_or_encrypt, data, pwhash )
+    def crypt( decrypt_or_encrypt, data, pwhash, iv )
       c = OpenSSL::Cipher.new CIPHER
       c.send decrypt_or_encrypt.to_sym
       c.key = pwhash
+      c.iv  = iv
       c.update( data ) << c.final
     end
   end

data/pws.gemspec

@@ -5,7 +5,7 @@
 
 Gem::Specification.new do |s|
   s.name = %q{pws}
-  s.version = "0.1.2"
+  s.version = "0.1.3"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Jan Lelis"]

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: pws
 version: !ruby/object:Gem::Version 
-  hash: 31
+  hash: 29
   prerelease: false
   segments: 
   - 0
   - 1
-  - 2
-  version: 0.1.2
+  - 3
+  version: 0.1.3
 platform: ruby
 authors: 
 - Jan Lelis