simplepass 1.0.0

data/History.txt

@@ -0,0 +1,6 @@
+=== 1.0.0 / 2008-07-28
+
+* 1 major enhancement
+
+  * Birthday!
+

data/Manifest.txt

@@ -0,0 +1,8 @@
+History.txt
+Manifest.txt
+README.txt
+Rakefile
+bin/simplepass
+lib/simplepass.rb
+spec/simplepass_spec.rb
+spec/data

data/README.txt

@@ -0,0 +1,107 @@
+= simplepass
+
+* Project homepage: http://danielchoi.com/software/simplepass.html
+
+== DESCRIPTION:
+
+simplepass is a lightweight, secure password database with a simple command-line
+interface.  
+
+== FEATURES/PROBLEMS:
+
+* Uses the Blowfish encryption algorithm to securely store your passwords.
+* Can export all your passwords into an unencrypted YAML format whenever you
+need to.
+
+== SYNOPSIS:
+
+Usage: simplepass [options] [domain name]
+
+Where domain name is typically a website domain, e.g. yahoo.com. The domain can
+also be any other string, e.g. "Gmail account".
+
+For example, you enter 
+
+    simplepass gmail.com
+    
+If your domain name has spaces, remember to quote it like so:
+
+    simplepass 'Gmail account'
+
+for the first time, simplepass will launch your text editor (whatever your
+EDITOR environment variable has been set to) and present you with a simple form
+that you can fill out to save a login, password, and arbitrary notes for that
+domain: 
+
+    gmail.com
+    login:
+    password:
+    notes:
+
+You can leave any of the fields blank. So if you want, you can just fill out 
+the 'notes' portion for items that are not web logins, such as credit card
+numbers and such.
+
+Once you fill out the fields save the file and exit your editor, simplepass will
+parse the information, encrypt it, store it in the database, and delete the
+temporary file.
+
+The next time you give the command,
+    
+    simplepass gmail.com
+
+simplepass will display something like this, via the 'less' command: (This is so 
+
+    gmail.com
+    login: funnyface
+    password: audreyhepburn
+    notes: I love gmail! blah... blah...
+  
+(We pipe the output to 'less' so as to leave no trace of your password in your
+console, where someone can find it by scrolling up.)
+
+The first time you launch simplepass, it will ask you to set a master password.
+This password will unlock the simplepass database. This database is stored in
+a single file: a partly encrypted text file called simplepass.db. This file will be 
+saved in the directory in which you invoked the #{opt.program_name} command.
+
+The top part of this file is a message in plain text and just serves to remind
+you of the file's purpose. The bottom part is your password database, which is
+nothing more than a YAML string encrypted with the Blowfish encryption
+algorithm. Your master password is the the key that decrypts this portion of the
+simplepass.db file. Do not edit this file directly; any edits may render the
+data un-decryptable.
+
+
+== REQUIREMENTS:
+
+* crypt
+
+== INSTALL:
+
+* sudo gem install simplepass
+
+== LICENSE:
+
+(The MIT License)
+
+Copyright (c) 2008 FIX
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+'Software'), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,16 @@
+# -*- ruby -*-
+
+require 'rubygems'
+require 'hoe'
+require './lib/simplepass.rb'
+
+Hoe.new('Simple Password Manager', SimplePass::VERSION) do |p|
+  p.name = 'simplepass'
+  p.rubyforge_name = 'simplepass' # if different than lowercase project name
+  p.developer('Daniel Choi', 'dhchoi@gmail.com')
+  p.extra_deps << ['crypt', '>=1.1.4']
+  p.remote_rdoc_dir = 'rdoc'
+  p.post_install_message = 'Type simplepass -h for instructions.'
+end
+
+# vim: syntax=Ruby

data/bin/simplepass

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require 'simplepass'
+
+SimplePass.run ARGV

data/lib/simplepass.rb

@@ -0,0 +1,392 @@
+require 'rubygems'
+require 'tempfile'
+require 'optparse'
+require 'crypt/blowfish'
+require 'delegate'
+require 'yaml'
+$:.unshift File.dirname(__FILE__)
+
+class SimplePass < DelegateClass(Hash)
+  VERSION = "1.0.0"
+
+  def self.process_args(argv)
+    @options = options = {
+      :editor => ENV['EDITOR'] || 'nano'
+    }
+    opts = OptionParser.new do |opt|
+      opt.program_name = File.basename $0
+      opt.version = SimplePass::VERSION
+      opt.summary_indent = ' ' * 4
+      opt.banner = <<-EOT
+Usage: #{opt.program_name} [options] [domain name]
+
+Where domain name is typically a website domain, e.g. yahoo.com. The domain can
+also be any other string, e.g. "Gmail account".
+
+For example, you enter 
+
+    #{opt.program_name} gmail.com
+    
+If your domain name has spaces, remember to quote it like so:
+
+    #{opt.program_name} 'Gmail account'
+
+for the first time, simplepass will launch your text editor (whatever your
+EDITOR environment variable has been set to) and present you with a simple form
+that you can fill out to save a login, password, and arbitrary notes for that
+domain: 
+
+    gmail.com
+    login:
+    password:
+    notes:
+
+You can leave any of the fields blank. So if you want, you can just fill out 
+the 'notes' portion for items that are not web logins, such as credit card
+numbers and such.
+
+Once you fill out the fields save the file and exit your editor, simplepass will
+parse the information, encrypt it, store it in the database, and delete the
+temporary file.
+
+The next time you give the command,
+    
+    #{opt.program_name} gmail.com
+
+simplepass will display something like this, via the 'less' command: (This is so 
+
+    gmail.com
+    login: funnyface
+    password: audreyhepburn
+    notes: I love gmail! blah... blah...
+  
+(We pipe the output to 'less' so as to leave no trace of your password in your
+console, where someone can find it by scrolling up.)
+
+The first time you launch simplepass, it will ask you to set a master password.
+This password will unlock the simplepass database. This database is stored in
+a single file: a partly encrypted text file called simplepass.db. This file will be 
+saved in the directory in which you invoked the #{opt.program_name} command.
+
+The top part of this file is a message in plain text and just serves to remind
+you of the file's purpose. The bottom part is your password database, which is
+nothing more than a YAML string encrypted with the Blowfish encryption
+algorithm. Your master password is the the key that decrypts this portion of the
+simplepass.db file. Do not edit this file directly; any edits may render the
+data un-decryptable.
+      EOT
+      opt.separator nil
+      opt.separator "Options:"
+      opt.separator nil
+
+      opt.on("--edit", "-e", 
+             "Edit the login information for the domain.",
+             "This invokes your text editor.") do |value|
+        options[:edit] = true
+      end
+      opt.separator nil
+      opt.on("--remove", "-r",
+             "Deletes the entry for the domain.") do |value|
+        options[:remove] = true
+      end
+      opt.on("--list", "-l",
+             "List all the domains in the databse.") do |value|
+        options[:list] = true
+      end
+      opt.on("--change-password", "-p",
+             "Changes the master password.") do |value|
+        options[:change_password] = true
+      end
+      opt.on("--dump", "-d", 
+             "If you specify a domain, this causes the ",
+             "login info to be printed out directly in ",
+             "the console, instead of via 'less'. If you",
+             "don't specify a domain, this decrypts and ",
+             "dumps the entire password database into a ",
+             "YAML string. This string is printed to ",
+             "STDOUT, so you can redirect it into a file.",
+             "This is to ensure that you can get all your",
+             "login data out whenever you want.") do |value|
+        options[:dump] = true
+      end
+    end
+
+    opts.parse! argv
+    unless argv.first || options[:dump] || options[:list] || options[:change_password]
+      raise OptionParser::InvalidArgument, "You must specify a domain name."
+    end
+    options
+   rescue OptionParser::InvalidArgument, OptionParser::InvalidOption => e
+    puts opts
+    puts
+    puts e
+    exit 1
+  end
+
+  def self.run(argv = ARGV)
+    options = process_args argv
+    domain = argv.shift
+    @db = db = if database_exists?
+      unlock_database
+    else
+      create_database
+    end
+    if options[:change_password]
+      puts "To change the master password:"
+      password = set_password
+      @db.change_master_password(password)
+      @db.save!
+      puts "Master password changed."
+    elsif options[:list]
+      puts db.ui.list.join("\n")
+    elsif options[:remove]
+      puts db.ui.remove(domain)
+    elsif options[:dump]
+      puts db.ui.dump(domain)
+    else
+      # lookup the domain
+      output = db.ui.decrypt(domain)
+      if output
+        if options[:edit]
+          output = UI::EDIT_HEADER + output
+          edit_entry( output )
+        else
+          IO.popen("less", "w") do |pipe|
+            pipe.puts output
+          end
+        end
+      else
+        # if no entry, create one
+        # We loop so user can add multiple entries without having to enter the
+        # password every time.
+        loop do
+          puts "Creating entry."
+          sleep 1
+          edit_entry( UI::EDIT_HEADER + db.ui.new_entry(domain) )
+          puts "Added entry for #{domain}"
+          print "Add another? (y/n) "
+          reply = STDIN.gets.chomp
+          unless reply =~ /y/i
+            puts "Ok, good bye."
+            exit
+          end
+          puts
+          print "Domain name for new entry: "
+          domain = STDIN.gets.chomp
+        end
+      end
+    end
+
+    exit
+    # create database if no database in current dir
+    # ask for master password
+    # ask for password confirm
+    
+    if options[:dump]
+      # handle dump
+    end
+    domain = ARGV.shift
+    match = decrypt(domain)
+    if match
+      # show in less
+    else
+      # create entry
+    end
+  end
+
+  def self.edit_entry(entry)
+    tf = Tempfile.new('simplepass')
+    tf.puts( entry )
+    tf.close
+    system("#{@options[:editor]} #{tf.path}")
+    tf.open 
+    entry = tf.read 
+    @db.ui.add(entry)
+    @db.save!
+    tf.close(true)
+  end
+
+  def self.database_exists?
+    File.exist?('simplepass.db')
+  end
+
+  def self.unlock_database
+    loop do
+      print "Master password: "
+      `stty -echo`
+      password = STDIN.gets.chomp
+      `stty echo`
+      puts
+      exit if password == ''
+      db = SimplePass.new(password, 'simplepass.db')
+      begin
+        db.load
+        break db
+      rescue Exception
+        puts "Sorry, that password isn't correct." 
+      end
+    end
+  end
+
+  def self.create_database
+    print "Can't find a simplepass.db database in this directory. Create one? (y/n) "
+    reply = STDIN.gets.chomp
+    puts
+
+    unless reply =~ /y/i
+      puts "Ok, good bye."
+      exit
+    end
+    password = set_password
+    puts "Creating database simplepass.db and encrypting it with the master password."
+    db = SimplePass.new(password, 'simplepass.db')
+    db.save!
+    db
+  end
+
+  def self.set_password
+    password = nil
+    loop do
+      print "Please type a master password (will not show what you type): "
+      `stty -echo`
+      password = STDIN.gets.chomp
+      puts 
+      print "Please confirm by typing it again: "
+      password_confirm = STDIN.gets.chomp
+      puts
+      unless password == password_confirm
+        puts "Sorry, you passwords do not match."
+      else
+        `stty echo`
+        break
+      end
+    end
+    password
+  end
+
+  HEADER = "This is an encrypted SimplePass password file. Do not edit this file directly.\n"
+  DIVIDER = "====BEGIN DATA===\n" 
+  attr_accessor :master_password, :header
+  def initialize(master_password, file=nil)
+    @master_password = master_password
+    @blowfish = Crypt::Blowfish.new(@master_password)
+    @file = file
+    @header = HEADER
+    super({})
+  end
+
+  def change_master_password(password)
+    @master_password = password
+    @blowfish = Crypt::Blowfish.new(@master_password)
+  end
+
+  def encrypt(plain_string)
+    @blowfish.encrypt_string(plain_string)
+  end
+
+  def decrypt(encrypted_string)
+    @blowfish.decrypt_string(encrypted_string)
+  end
+
+  def load
+    File.open(@file, "r") do |file|
+      content = file.read
+      # strip the header
+      @header, data = content.split(DIVIDER, 2)
+      hash = YAML::load(decrypt(data))
+      hash.each_pair {|k,v| self[k] = v}
+    end
+  end
+
+  def self.load(master_password, file)
+    simplepass = self.new(master_password, file)
+    simplepass.load
+    simplepass
+  end
+
+  def save!
+    File.open(@file, "w") do |file|
+      # Write an informative header
+      file.write(@header + DIVIDER)
+      # Dump the encrypted data
+      dump = YAML::dump(self)
+      file.write(encrypt(dump))
+    end
+  end
+  alias_method :save, :save!
+
+  def ui
+    @ui ||= UI.new(self)
+    @ui
+  end
+
+  class UI
+    EDIT_HEADER = 
+"Fill the the fields below. Leave the first line, with the name of the domain,
+untouched. The notes field can accept multiple lines, including blank lines.\n" + ('-' * 20 + "\n")
+
+    def initialize(simplepass)
+      @database = simplepass
+    end
+
+    def decrypt(domain)
+      matching_key = @database.keys.detect {|k| k == domain}
+      return nil unless matching_key
+      # format the YAML to remove weird symbol markup
+      result = @database[matching_key]
+      formatted_result = "#{matching_key}\nlogin: #{result[:login]}\npassword: #{result[:password]}\nnotes: #{result[:notes]}\n"
+    end
+
+    def list
+      @database.keys.sort
+    end
+
+    def strip_header(text)
+      text.split(('-' * 20) + "\n", 2)[-1]
+    end
+
+    def add(text)
+      entry = {}
+      # strip off header text, which is just for instructions
+      text = strip_header(text)
+      # split text into lines
+      # first line is the domain
+      domain = text.split("\n")[0].chomp
+      login = text.match(/^login:(.*)/)[1].strip
+      password = text.match(/^password:(.*)/)[1].strip
+      notes = text.split(/^notes:\s*/, 2)[1].strip
+      @database[domain] = {:login => login, :password => password, :notes => notes}
+    end
+  
+    def dump(domain=nil)
+      unless domain
+        return @database.to_yaml
+      end
+      @database[domain].to_yaml
+    end
+
+    def new_entry(domain)
+      return <<END
+#{domain}
+login:  
+password:  
+notes:  
+END
+    end
+
+    def remove(domain)
+      unless decrypt(domain)
+        return "There is no entry for #{domain} in the database."
+      end
+      @database.delete(domain)
+      @database.save!
+      puts = "#{domain} deleted."
+    end
+
+  end
+
+end
+
+if __FILE__ == $0
+  SimplePass.run ARGV
+end

data/spec/simplepass_spec.rb

@@ -0,0 +1,121 @@
+require File.dirname(__FILE__) + "/../lib/simplepass.rb"
+require 'fileutils'
+
+data_dir = File.dirname(__FILE__) + '/data'
+
+describe "SimplePass: Core Engine" do
+
+  before do
+    @master_password = "betahouse"
+    @test_file = data_dir + "/testSimplePass.txt"
+    @simplepass = SimplePass.new(@master_password, @test_file)
+  end
+
+  it "should encrypt and decrypt a plain text string" do
+    # These are lower level methods
+    encrypted = @simplepass.encrypt("hello world")
+    decrypted = @simplepass.decrypt(encrypted)
+    decrypted.should == "hello world"
+  end
+
+  it "should act like a hash of entries, keyed by domain name" do
+    # Use these higher level methods
+    @simplepass['yahoo.com'] = {:login => "pasta", :password => "pizza"}
+    @simplepass['yahoo.com'][:password].should == 'pizza'
+    @simplepass['yahoo.com'][:login].should == 'pasta'
+    @simplepass['google.com'].should be_nil
+  end
+
+  it "should be able to retrieve a password by key (domain)" do
+    @simplepass['yahoo.com'] = {:login => "pasta", :password => "pizza"}
+    @simplepass['yahoo.com'].should == {:login => "pasta", :password => "pizza"}
+  end
+
+  it "should save the passwords into an encypted YAML file" do
+    @simplepass['yahoo.com'] = {:login => "pasta", :password => "pizza"}
+    @simplepass['flickr.com'] = {:login => "apple", :password => "orange", :note => "hello!"}
+
+    @simplepass.save!
+
+    new_simplepass = SimplePass.load("betahouse", @test_file) 
+    new_simplepass['yahoo.com'][:login].should == 'pasta'
+    new_simplepass['flickr.com'][:note].should == "hello!"
+    new_simplepass['flickr.com'][:password].should == "orange"
+  end
+
+  it "should put a default unecrypted header section on the file" do
+    @simplepass.header.should == SimplePass::HEADER 
+  end
+
+  it "should fail to decrypt a file with the wrong password" do
+    @simplepass['yahoo.com'] = {:login => "pasta", :password => "pizza"}
+    @simplepass.save!
+    lambda do
+      @simplepass2 = SimplePass.new("wrong password", @test_file)
+      @simplepass2.load
+    end.should raise_error(Exception)
+    @simplepass3 = SimplePass.new("betahouse", @test_file).load
+    @simplepass3['yahoo.com'].should == {:login => "pasta", :password => "pizza"}
+  end
+
+  after(:all) do
+    FileUtils.rm(@test_file)
+  end
+end
+
+# Use less as the viewer because it does not leave traces of the displayed 
+# content in the bash shell history.
+describe "User Interface: a user" do
+  before do
+    @test_file = data_dir + "/testSimplePass.txt"
+    @master_password = "betahouse"
+    @simplepass = SimplePass.new(@master_password, @test_file)
+    @simplepass['yahoo.com'] = {:login => "pasta", :password => "pizza"}
+    @simplepass['google.com'] = {:login => "glue", :password => "cheese"}
+    @simplepass['goo.com'] = {:login => "dog", :password => "rock"}
+    @simplepass.keys.size.should == 3
+    @ui = @simplepass.ui
+  end
+
+  it "should be able to retrieve a password as a YAML hash" do
+    @ui.decrypt('yahoo.com').should == "yahoo.com\nlogin: pasta\npassword: pizza\nnotes: \n"
+  end
+
+  it "should retrieve an empty if no matches" do
+    @ui.decrypt('blah').should be_nil
+  end
+
+  it "should read in a YAML and add it to the password database" do
+    entry = <<-yaml
+header text - will be stripped
+--------------------
+dogster.com
+login: u2
+password: hello
+notes: my dog
+is the best
+    yaml
+    @ui.add(entry)
+    @simplepass['dogster.com'].should == {:login => 'u2', :password => 'hello', :notes => "my dog\nis the best"}
+    @ui.decrypt('dogster.com').should == "dogster.com\nlogin: u2\npassword: hello\nnotes: my dog\nis the best\n"
+    @simplepass.keys.size.should == 4
+  end
+
+  it "should decrypt the entire password database" do
+    @ui.dump.should == @simplepass.to_yaml
+  end
+
+  it "should prepare a form for a new entry" do
+    @ui.new_entry('amazon.com').should == "amazon.com\nlogin:  \npassword:  \nnotes:  \n"
+  end
+
+  it "should delete a domain" do
+    @ui.remove("goo.com").should == "goo.com deleted."
+    @simplepass['goo.com'].should be_nil
+  end
+
+  after(:all) do
+    FileUtils.rm(@test_file) 
+  end
+end
+

metadata

@@ -0,0 +1,83 @@
+--- !ruby/object:Gem::Specification 
+name: simplepass
+version: !ruby/object:Gem::Version 
+  version: 1.0.0
+platform: ruby
+authors: 
+- Daniel Choi
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2008-07-28 00:00:00 -04:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: crypt
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 1.1.4
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: hoe
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 1.7.0
+    version: 
+description: simplepass is a lightweight, secure password database with a simple command-line interface.
+email: 
+- dhchoi@gmail.com
+executables: 
+- simplepass
+extensions: []
+
+extra_rdoc_files: 
+- History.txt
+- Manifest.txt
+- README.txt
+files: 
+- History.txt
+- Manifest.txt
+- README.txt
+- Rakefile
+- bin/simplepass
+- lib/simplepass.rb
+- spec/simplepass_spec.rb
+- spec/data
+has_rdoc: true
+homepage: "Project homepage: http://danielchoi.com/software/simplepass.html"
+post_install_message: Type simplepass -h for instructions.
+rdoc_options: 
+- --main
+- README.txt
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: simplepass
+rubygems_version: 1.2.0
+signing_key: 
+specification_version: 2
+summary: simplepass is a lightweight, secure password database with a simple command-line interface.
+test_files: []
+