RubyGems - rubeepass - Versions diffs - 0.1.0 - Mend

rubeepass 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (24) hide show

checksums.yaml +7 -0
data/bin/rpass +238 -0
data/lib/builtins/cd_wish.rb +56 -0
data/lib/builtins/clear_wish.rb +24 -0
data/lib/builtins/copy_wish.rb +134 -0
data/lib/builtins/ls_wish.rb +60 -0
data/lib/builtins/pwd_wish.rb +24 -0
data/lib/builtins/show_wish.rb +79 -0
data/lib/rubeepass/entry.rb +74 -0
data/lib/rubeepass/error/invalid_gzip_error.rb +7 -0
data/lib/rubeepass/error/invalid_header_error.rb +7 -0
data/lib/rubeepass/error/invalid_magic_error.rb +7 -0
data/lib/rubeepass/error/invalid_password_error.rb +7 -0
data/lib/rubeepass/error/invalid_protected_data_error.rb +7 -0
data/lib/rubeepass/error/invalid_protected_stream_key_error.rb +7 -0
data/lib/rubeepass/error/invalid_version_error.rb +7 -0
data/lib/rubeepass/error/not_aes_error.rb +7 -0
data/lib/rubeepass/error/not_salsa20_error.rb +7 -0
data/lib/rubeepass/error.rb +12 -0
data/lib/rubeepass/group.rb +133 -0
data/lib/rubeepass/protected_decryptor.rb +30 -0
data/lib/rubeepass.rb +491 -0
data/lib/string.rb +39 -0
metadata +167 -0

data/lib/rubeepass.rb ADDED Viewed

@@ -0,0 +1,491 @@
+require "cgi"
+require "digest"
+require "openssl"
+require "os"
+require "scoobydoo"
+require "uri"
+require "zlib"
+class RubeePass
+    @@END_OF_HEADER = 0
+    @@COMMENT = 1
+    @@CIPHER_ID = 2
+    @@COMPRESSION = 3
+    @@MASTER_SEED = 4
+    @@TRANSFORM_SEED = 5
+    @@TRANSFORM_ROUNDS = 6
+    @@ENCRYPTION_IV = 7
+    @@PROTECTED_STREAM_KEY = 8
+    @@STREAM_START_BYTES = 9
+    @@INNER_RANDOM_STREAM_ID = 10
+    @@MAGIC_SIG1 = 0x9aa2d903
+    @@MAGIC_SIG2 = 0xb54bfb67
+    @@VERSION = 0x00030000
+    attr_reader :db
+    attr_reader :gzip
+    attr_reader :protected_decryptor
+    attr_reader :xml
+    def absolute_path(to, from = "/")
+        return "/" if (to.nil? || to.empty? || (to == "/"))
+        from = "/" if (to.start_with?("/"))
+        path = Array.new
+        from.split("/").each do |group|
+            next if (group.empty?)
+            case group
+            when "."
+                # Do nothing
+            when ".."
+                path.pop
+            else
+                path.push(group)
+            end
+        end
+        to.split("/").each do |group|
+            next if (group.empty?)
+            case group
+            when "."
+                # Do nothing
+            when ".."
+                path.pop
+            else
+                path.push(group)
+            end
+        end
+        return "/#{path.join("/")}"
+    end
+    def clear_clipboard(time = 0)
+        @thread.kill if (@thread)
+        @thread = Thread.new do
+            sleep time
+            copy_to_clipboard("")
+        end
+    end
+    def copy_to_clipboard(string)
+        string = " \x7F" if (string.nil? || string.empty?)
+        if (OS::Underlying.windows?)
+            puts "Your OS is not currently supported!"
+            return
+        elsif (OS.mac?)
+            pbcopy = ScoobyDoo.where_are_you("pbcopy")
+            rn = ScoobyDoo.where_are_you("reattach-to-user-namespace")
+            cp = pbcopy
+            if (ENV["TMUX"])
+                cp = nil
+                cp = "#{rn} #{pbcopy}" if (rn)
+            end
+            if (cp)
+                system("echo \"#{string}\" | #{cp}")
+            else
+                puts "Please install reattach-to-user-namespace!"
+                return
+            end
+        elsif (OS.posix?)
+            xclip = ScoobyDoo.where_are_you("xclip")
+            xsel = ScoobyDoo.where_are_you("xsel")
+            cp = nil
+            if (xclip)
+                cp = "xclip -i -selection clipboard"
+            elsif (xsel)
+                cp = "xsel -i --clipboard"
+            end
+            if (cp)
+                system("echo \"#{string}\" | #{cp}")
+            else
+                puts "Please install either xclip or xsel!"
+                return
+            end
+        else
+            puts "Your OS is not currently supported!"
+            return
+        end
+    end
+    def derive_aes_key
+        cipher = OpenSSL::Cipher::AES.new(256, :ECB)
+        cipher.encrypt
+        cipher.key = @header[@@TRANSFORM_SEED]
+        cipher.padding = 0
+        @header[@@TRANSFORM_ROUNDS].times do
+            @key = cipher.update(@key) + cipher.final
+        end
+        transform_key = Digest::SHA256::digest(@key)
+        combined_key = @header[@@MASTER_SEED] + transform_key
+        @aes_key = Digest::SHA256::digest(combined_key)
+        @aes_iv = @header[@@ENCRYPTION_IV]
+    end
+    private :derive_aes_key
+    def extract_xml
+        @xml = Zlib::GzipReader.new(StringIO.new(@gzip)).read
+    end
+    private :extract_xml
+    def find_group(path)
+        return @db.find_group(path)
+    end
+    def fuzzy_find(input)
+        return @db.fuzzy_find(input)
+    end
+    def handle_protected(base64)
+        data = nil
+        begin
+            data = base64.unpack("m*")[0].fix
+        rescue ArgumentError => e
+            raise Error::InvalidProtectedDataError.new
+        end
+        raise Error::InvalidProtectedDataError.new if (data.nil?)
+        return @protected_decryptor.add_to_stream(data)
+    end
+    private :handle_protected
+    def initialize(kdbx, password, keyfile = nil)
+        @aes_iv = nil
+        @aes_key = nil
+        @db = nil
+        @gzip = nil
+        @header = nil
+        @kdbx = kdbx
+        @key = nil
+        @keyfile = keyfile
+        @password = password
+        @xml = nil
+    end
+    def join_key_and_keyfile
+        passhash = Digest::SHA256.digest(@password)
+        filehash = ""
+        if (@keyfile)
+            contents = File.readlines(@keyfile).join.fix
+            if (contents[0..4] == "<?xml")
+                # XML Key file
+                # My ugly attempt to parse a small XML Key file with a
+                # poor attempt at schema validation
+                keyfile_line = false
+                key_line = false
+                contents.each_line do |line|
+                    line.strip!
+                    case line
+                    when "<KeyFile>"
+                        keyfile_line = true
+                    when "<Key>"
+                        key_line = true
+                    when %r{<Data>.*</Data>}
+                        data = line.gsub(%r{^<Data>|</Data>$}, "")
+                        data = data.unpack("m*")[0]
+                        break if (!keyfile_line || !key_line)
+                        break if (data.length != 32)
+                        filehash = data
+                    end
+                end
+            elsif (contents.length == 32)
+                # Not XML but a 32 byte Key file
+                filehash = contents
+            elsif (contents.length == 64)
+                # Not XML but a 64 byte Key file
+                if (contents.match(/^[0-9A-Fa-f]+$/))
+                    filehash = [contents].pack("H*")
+                end
+            else
+                # Not a Key file
+                filehash = Digest::SHA256.digest(contents)
+            end
+        end
+        @key = Digest::SHA256.digest(passhash + filehash)
+    end
+    private :join_key_and_keyfile
+    def method_missing(method_name, *args)
+        if (method_name.to_s.match(/^clear_clipboard_after_/))
+            mn = method_name.to_s.gsub!(/^clear_clipboard_after_/, "")
+            case mn
+            when /^[0-9]+_sec(ond)?s$/
+                time = mn.gsub(/_sec(ond)?s$/, "").to_i
+                clear_clipboard(time)
+            when /^[0-9]+_min(ute)?s$/
+                time = mn.gsub(/_min(ute)?s$/, "").to_i
+                clear_clipboard(time * 60)
+            else
+                super
+            end
+        else
+            super
+        end
+    end
+    def open
+        file = File.open(@kdbx)
+        read_magic_and_version(file)
+        read_header(file)
+        join_key_and_keyfile
+        derive_aes_key
+        read_gzip(file)
+        file.close
+        @protected_decryptor = ProtectedDecryptor.new(
+            Digest::SHA256.digest(
+                @header[@@PROTECTED_STREAM_KEY]
+            ),
+            ["E830094B97205D2A"].pack("H*")
+        )
+        extract_xml
+        parse_xml
+        return self
+    end
+    def parse_gzip(file)
+        gzip = ""
+        block_id = 0
+        loop do
+            # Read block ID
+            data = file.read(4)
+            raise Error::InvalidGzipError.new if (data.nil?)
+            id = data.unpack("L*")[0]
+            raise Error::InvalidGzipError.new if (block_id != id)
+            block_id += 1
+            # Read expected hash
+            data = file.read(32)
+            raise Error::InvalidGzipError.new if (data.nil?)
+            expected_hash = data
+            # Read size
+            data = file.read(4)
+            raise Error::InvalidGzipError.new if (data.nil?)
+            size = data.unpack("L*")[0]
+            # Break is size is 0 and expected hash is all 0's
+            if (size == 0)
+                expected_hash.each_byte do |byte|
+                    if (byte != 0)
+                        raise Error::InvalidGzipError.new
+                    end
+                end
+                break
+            end
+            # Read data and get actual hash
+            data = file.read(size)
+            actual_hash = Digest::SHA256.digest(data)
+            # Check that actual hash is same as expected hash
+            if (actual_hash != expected_hash)
+                raise Error::InvalidGzipError.new
+            end
+            # Append data
+            gzip += data
+        end
+        return gzip
+    end
+    private :parse_gzip
+    def parse_xml
+        curr = Group.new(
+            {
+                "Keepass" => self,
+                "Name" => "/"
+            }
+        )
+        entry_params = Hash.new
+        group_params = Hash.new
+        ignore = true
+        status = nil
+        @xml.each_line do |line|
+            line.strip!
+            case line
+            when "<History>"
+                ignore = true
+                next
+            when "</History>"
+                ignore = false
+                next
+            when "<Root>"
+                ignore = false
+                next
+            when "</Root>"
+                break
+            end
+            line = CGI::unescapeHTML(line)
+            line = URI::unescape(line)
+            # Always handle protected data
+            case line
+            when %r{<Value Protected}
+                line.gsub!(%r{<?Value( Protected=\"True\")?>}, "")
+                if (ignore)
+                    handle_protected(line)
+                else
+                    entry_params[status] = handle_protected(line)
+                    status = nil
+                end
+                next
+            else
+                next if (ignore)
+            end
+            case line
+            when "<Entry>"
+                entry_params = { "Keepass" => self, "Group" => curr }
+            when "</Entry>"
+                entry = Entry.new(entry_params)
+                curr.entries[entry.title] = entry
+            when "<Group>"
+                group_params = { "Keepass" => self, "Group" => curr }
+            when "</Group>"
+                curr = curr.group
+                break if (curr.nil?)
+            when %r{<Key>.+</Key>}
+                status = line.gsub(%r{^<Key>|</Key>$}, "")
+            when %r{<Name>}
+                line.gsub!(%r{^<Name>|</Name>$}, "")
+                group_params["Name"] = line
+                group = Group.new(group_params)
+                curr.groups[group.name] = group
+                curr = group
+            when %r{<UUID>.+</UUID>}
+                uuid = line.gsub(%r{^<UUID>|</UUID>$}, "")
+                if (group_params["UUID"].nil?)
+                    group_params["UUID"] = uuid
+                else
+                    entry_params["UUID"] = uuid
+                end
+            when %r{<Value>}
+                line.gsub!(%r{</?Value( /)?>}, "")
+                entry_params[status] = line
+                status = nil
+            end
+        end
+        @db = curr
+    end
+    private :parse_xml
+    def read_gzip(file)
+        cipher = OpenSSL::Cipher::AES.new(256, :CBC)
+        cipher.decrypt
+        cipher.key = @aes_key
+        cipher.iv = @aes_iv
+        encrypted = file.read
+        begin
+            data = StringIO.new(
+                cipher.update(encrypted) + cipher.final
+            )
+        rescue OpenSSL::Cipher::CipherError => e
+            raise Error::InvalidPasswordError.new
+        end
+        if (data.read(32) != @header[@@STREAM_START_BYTES])
+            raise Error::InvalidPasswordError.new
+        end
+        @gzip = parse_gzip(data)
+    end
+    private :read_gzip
+    def read_header(file)
+        header = Hash.new
+        loop do
+            data = file.read(1)
+            raise Error::InvalidHeaderError.new if (data.nil?)
+            id = data.unpack("C*")[0]
+            data = file.read(2)
+            raise Error::InvalidHeaderError.new if (data.nil?)
+            size = data.unpack("S*")[0]
+            data = file.read(size)
+            case id
+            when @@END_OF_HEADER
+                break
+            when @@TRANSFORM_ROUNDS
+                header[id] = data.unpack("Q*")[0]
+            else
+                header[id] = data
+            end
+        end
+        irsi = "\x02\x00\x00\x00"
+        aes = "31c1f2e6bf714350be5805216afc5aff"
+        if (
+            (header[@@MASTER_SEED].length != 32) ||
+            (header[@@TRANSFORM_SEED].length != 32)
+        )
+            raise Error::InvalidHeaderError.new
+        elsif (header[@@INNER_RANDOM_STREAM_ID] != irsi)
+            raise Error::NotSalsaError.new
+        elsif (header[@@CIPHER_ID].unpack("H*")[0] != aes)
+            raise Error::NotAESError.new
+        end
+        @header = header
+    end
+    private :read_header
+    def read_magic_and_version(file)
+        data = file.read(4)
+        raise Error::InvalidMagicError.new if (data.nil?)
+        sig1 = data.unpack("L*")[0]
+        if (sig1 != @@MAGIC_SIG1)
+            raise Error::InvalidMagicError.new
+        end
+        data = file.read(4)
+        raise Error::InvalidMagicError.new if (data.nil?)
+        sig2 = data.unpack("L*")[0]
+        if (sig2 != @@MAGIC_SIG2)
+            raise Error::InvalidMagicError.new
+        end
+        data = file.read(4)
+        raise Error::InvalidVersionError.new if (data.nil?)
+        ver = data.unpack("L*")[0]
+        if ((ver & 0xffff0000) != @@VERSION)
+            raise Error::InvalidVersionError.new if (data.nil?)
+        end
+    end
+    private :read_magic_and_version
+    def to_s
+        return @db.to_s
+    end
+end
+require "rubeepass/entry"
+require "rubeepass/error"
+require "rubeepass/group"
+require "rubeepass/protected_decryptor"

data/lib/string.rb ADDED Viewed

@@ -0,0 +1,39 @@
+# Redefine String class to allow for colorizing and rsplit
+class String
+    def blue
+        return colorize(36)
+    end
+    def colorize(color)
+        return "\e[#{color}m#{self}\e[0m"
+    end
+    def fix
+        # Fix unicode (I think???)
+        # Apparently sometimes length and bytesize don't always agree.
+        # When this happens, there are "invisible" bytes, which I need
+        # to be "visible". Converting to hex and back fixes this.
+        if (length != bytesize)
+            return self.unpack("H*").pack("H*")
+        end
+        return self
+    end
+    def green
+        return colorize(32)
+    end
+    def red
+        return colorize(31)
+    end
+    def rsplit(pattern)
+        ret = rpartition(pattern)
+        ret.delete_at(1)
+        return ret
+    end
+    def white
+        return colorize(37)
+    end
+end

metadata ADDED Viewed

@@ -0,0 +1,167 @@
+--- !ruby/object:Gem::Specification
+name: rubeepass
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Miles Whittaker
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2015-10-17 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.8'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 5.8.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.8'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 5.8.1
+- !ruby/object:Gem::Dependency
+  name: djinni
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.2
+- !ruby/object:Gem::Dependency
+  name: os
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.9.6
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.9.6
+- !ruby/object:Gem::Dependency
+  name: salsa20
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.1.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.1.1
+- !ruby/object:Gem::Dependency
+  name: scoobydoo
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.1.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.1.1
+description: Ruby KeePass 2.x implementation. Currently it is read-only.
+email: mjwhitta@gmail.com
+executables:
+- rpass
+extensions: []
+extra_rdoc_files: []
+files:
+- bin/rpass
+- lib/builtins/cd_wish.rb
+- lib/builtins/clear_wish.rb
+- lib/builtins/copy_wish.rb
+- lib/builtins/ls_wish.rb
+- lib/builtins/pwd_wish.rb
+- lib/builtins/show_wish.rb
+- lib/rubeepass.rb
+- lib/rubeepass/entry.rb
+- lib/rubeepass/error.rb
+- lib/rubeepass/error/invalid_gzip_error.rb
+- lib/rubeepass/error/invalid_header_error.rb
+- lib/rubeepass/error/invalid_magic_error.rb
+- lib/rubeepass/error/invalid_password_error.rb
+- lib/rubeepass/error/invalid_protected_data_error.rb
+- lib/rubeepass/error/invalid_protected_stream_key_error.rb
+- lib/rubeepass/error/invalid_version_error.rb
+- lib/rubeepass/error/not_aes_error.rb
+- lib/rubeepass/error/not_salsa20_error.rb
+- lib/rubeepass/group.rb
+- lib/rubeepass/protected_decryptor.rb
+- lib/string.rb
+homepage: http://mjwhitta.github.io/rubeepass
+licenses:
+- GPL-3.0
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.4.8
+signing_key:
+specification_version: 4
+summary: Ruby KeePass 2.x implementation
+test_files: []
+has_rdoc: