spass 0.0.2 → 0.0.3

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    spass (0.0.1)
+    spass (0.0.2)
 
 GEM
   remote: http://rubygems.org/

data/History.md

@@ -1,6 +1,14 @@
 History
 =======
 
+0.0.3
+-----
+
+- Eliminate -l/--length argument
+- Use -w/--words argument to specify the number of words
+- Default --chars to 8 instead of 10
+
+
 0.0.2
 -----
 

data/README.md

@@ -10,8 +10,9 @@ computer to guess.
 Prerequisites
 -------------
 
-Currently, spass only words on Unix-like systems, which are expected to have a
-`/usr/share/dict/words` file. Future versions may support other platforms.
+spass assumes you have a dictionary file to use as its source of words. By
+default, `/usr/share/dict/words` is used, but you can pass your own dictionary
+using the `-f/--file` option.
 
 
 Installation
@@ -25,30 +26,38 @@ spass is distributed as a gem, so just do:
 Usage
 -----
 
-Run `spass` from the command-line to see usage notes. The first argument is the
-minimum passphrase length (in characters). Examples:
+When run without arguments, spass generates 10 passphrases, each 4 words long,
+using words up to 8 characters long. You can configure this behavior by passing
+command-line arguments; run `spass -h` to see full usage notes.
 
-    $ spass 12
-    hive frighten
+Examples:
 
-    $ spass 24
-    moppet castigator harvesters
+    $ spass -w 3            # Generate 3-word phrases
+    $ spass -w 5 -n 20      # Generate twenty 5-word phrases
+    $ spass -c 6            # Limit words to 6 characters
+    $ spass -d              # Append a digit to each word
+    $ spass -f mywords.txt  # Get words from mywords.txt (one per line)
 
-    $ spass 32
-    munificent icebound raymond clorets
 
-Passphrases are guaranteed to be at least as long as the given number, but
-may be longer. By default, the words are taken from `/usr/share/dict/words`;
-if you want to use words from a different dictionary, pass a second argument:
 
-    $ spass 12 my_words.txt
+Disclaimer
+----------
+
+spass makes absolutely no guarantee that its output results in secure
+passwords. If you use spass to protect your bank account or your porn
+collection, I cannot be held responsible if you lose your money or marriage.
+[Check your password strength](http://rumkin.com/tools/password/passchk.php)
+before using it for anything important. Passwords generated with spass are
+inherently vulnerable to a dictionary attack; the only thing that can make
+them resistant to such attacks is their length, so always use at least three
+(preferably more) words.
 
 
 Future plans
 ------------
 
 - Optional inclusion of uppercase and symbols
-- Avoid word repetition
+- Avoid possible word repetition
 
 
 MIT License

data/bin/spass

@@ -5,45 +5,37 @@ require 'optparse'
 
 HELP = <<EOF
 
-This script generates a plain-English passphrase of at least the given length
-(in characters), using random words from the given dictionary file
-(/usr/share/dict/words by default). Only lowercase letters a-z will be included
-in the output, making passphrases relatively easy to type (though usually
-nonsensical).
+This script generates passphrases using random words from the given dictionary
+file (default: /usr/share/dict/words). It was inspired by http://xkcd.com/936/
 
 Examples:
 
-  $ spass -l 12
-  hive frighten
+    $ spass -w 3            # Generate 3-word phrases
+    $ spass -w 5 -n 20      # Generate twenty 5-word phrases
+    $ spass -c 6            # Limit words to 6 characters
+    $ spass -d              # Append a digit to each word
+    $ spass -f mywords.txt  # Get words from mywords.txt (one per line)
 
-  $ spass -l 24
-  moppet castigator harvesters
-
-A 32-character passphrase has about 120 bits of entropy, which is overkill for
-most purposes. A 24-character passphrase clocks in at about 90 bits of entropy,
-suitable for most high-security applications like root passwords or financial
-records. You might want to use a password checker to verify the strength of
-your passphrase after generating one that you like:
-
-  http://rumkin.com/tools/password/passchk.php
-
-Inspired by http://xkcd.com/936/
+Passphrases generated from dictionary words are inherently vulnerable to
+dictionary attacks; using more and/or longer words strengthens them against
+such attacks. The default settings are intended to yield relatively strong,
+easy-to-remember passphrases.
 
 EOF
 
 options = {
-  :length => 24,
   :number => 10,
   :dict => '/usr/share/dict/words',
   :digits => false,
-  :chars => 10,
+  :chars => 8,
+  :words => 4,
 }
 
 optparse = OptionParser.new do |opts|
-  opts.on('-l', '--length [NUM]', Integer,
-          "Ensure passphrases are at least NUM characters.",
-          "Default: #{options[:length]}") do |len|
-    options[:length] = len
+  opts.on('-w', '--words [NUM]', Integer,
+          "Ensure passphrases are at least NUM words long.",
+          "Default: #{options[:words]}") do |words|
+    options[:words] = words
   end
 
   opts.on('-n', '--number [NUM]', Integer,
@@ -59,14 +51,14 @@ optparse = OptionParser.new do |opts|
   end
 
   opts.on('-d', '--digits',
-          "Include random numbers from 1-99.",
-          "Default: False") do |digits|
+          "Append a random digit from 0-9 to each word.",
+          "Default: #{options[:digits]}") do |digits|
     options[:digits] = digits
   end
 
   opts.on('-c', '--chars NUM',
           "Limit words to NUM characters in length.",
-          "Default: 10") do |chars|
+          "Default: #{options[:chars]}") do |chars|
     options[:chars] = chars
   end
 
@@ -86,7 +78,8 @@ rescue OptionParser::InvalidOption => e
 end
 
 sp = Generator.new(options[:dict], options)
+puts "Read #{sp.dict.count} words up to #{sp.chars} characters long from #{sp.file}"
 options[:number].times do
-  puts sp.generate(options[:length], :digits=>options[:digits])
+  puts sp.generate(options[:words], :digits=>options[:digits])
 end
 

data/lib/spass.rb

@@ -1,25 +1,25 @@
 
 class Generator
-  # Create a Generator using the given word dictionary, returning
-  # only words that match the given regular expression
-  def initialize(dict_path='/usr/share/dict/words', options={})
-    @dict_path = dict_path
-    @dict = read_dict(dict_path, options)
+  attr_reader :dict, :chars, :allowed, :file
+  # Create a Generator using the given word dictionary
+  def initialize(file='/usr/share/dict/words', options={})
+    @file = file
+    @allowed = options[:allowed] || /^[a-z]+$/
+    @chars = (options[:chars] || 10).to_i
+    @dict = read_dict
   end
 
   # Read a word dictionary from the given file, and return an array
   # of elements that match the allowed regex. Raise an exception if
   # the given dictionary file cannot be found.
-  def read_dict(path, options={})
-    allowed = options[:allowed] || /^[a-z]+$/
-    chars = (options[:chars] || 10).to_i
-    if !File.file?(path)
-      raise RuntimeError, "Cannot find dict file: #{path}"
+  def read_dict
+    if !File.file?(@file)
+      raise RuntimeError, "Cannot find dict file: #{@file}"
     end
     dict = []
-    IO.readlines(path).each do |line|
+    IO.readlines(@file).each do |line|
       line.strip!
-      if line.length <= chars && line =~ allowed
+      if line.length <= @chars && line =~ @allowed
         dict << line
       end
     end
@@ -31,19 +31,20 @@ class Generator
     @dict[rand(@dict.count)]
   end
 
-  # Return a random number from 1 to 99
+  # Return a random number from 0 to 9
   def random_number
-    1 + rand(99)
+    rand(10)
   end
 
-  # Generate a passphrase of at least the given length in characters
-  def generate(length, options={})
-    phrase = ''
-    while phrase.length < length + 1 # to account for trailing space
-      phrase += "#{random_word} "
-      phrase += "#{random_number} " if options[:digits]
+  # Generate a passphrase with the given number of words
+  def generate(num_words, options={})
+    words = []
+    num_words.times do
+      word = random_word
+      word += random_number.to_s if options[:digits]
+      words << word
     end
-    return phrase.chomp
+    return words.join(' ')
   end
 end
 

data/spass.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name = "spass"
-  s.version = "0.0.2"
+  s.version = "0.0.3"
   s.summary = "Generate passphrases"
   s.description = <<-EOS
     spass generates passphrases using random words

data/spec/spass_spec.rb

@@ -3,31 +3,35 @@ require 'spass'
 TEST_DICT = File.expand_path('../data/ten_words', __FILE__)
 
 describe Generator do
-  before(:all) do
+  before(:each) do
     @sp = Generator.new(TEST_DICT)
   end
 
 
-  describe "#read_dict" do
+  describe "#initialize" do
     it "returns an array of lines from the given file" do
-      @sp.read_dict(TEST_DICT).should == [
+      @sp = Generator.new(TEST_DICT)
+      @sp.dict.should == [
         'one', 'two', 'three', 'four', 'five', 'six', 'seven', 'eight', 'nine', 'ten']
     end
 
     it "only returns words matching a regex" do
-      @sp.read_dict(TEST_DICT, :allowed=>/^t/).should == ['two', 'three', 'ten']
-      @sp.read_dict(TEST_DICT, :allowed=>/^f/).should == ['four', 'five']
-      @sp.read_dict(TEST_DICT, :allowed=>/e$/).should == ['one', 'three', 'five', 'nine']
+      @sp = Generator.new(TEST_DICT, :allowed=>/^t/)
+      @sp.dict.should == ['two', 'three', 'ten']
+      @sp = Generator.new(TEST_DICT, :allowed=>/^f/)
+      @sp.dict.should == ['four', 'five']
+      @sp = Generator.new(TEST_DICT, :allowed=>/e$/)
+      @sp.dict.should == ['one', 'three', 'five', 'nine']
     end
 
     it "only returns words with N chars or fewer" do
-      @sp.read_dict(TEST_DICT, :chars=>3).should == ['one', 'two', 'six', 'ten']
+      @sp = Generator.new(TEST_DICT, :chars=>3)
+      @sp.dict.should == ['one', 'two', 'six', 'ten']
     end
 
     it "raises an exception when the file does not exist" do
-      path = File.expand_path('non/existent/path')
       lambda do
-        @sp.read_dict(path)
+        Generator.new(File.expand_path('non/existent/path'))
       end.should raise_error(RuntimeError, /Cannot find dict file/)
     end
   end
@@ -43,28 +47,27 @@ describe Generator do
 
 
   describe "#random_number" do
-    it "returns a number between 1 and 999" do
-      1000.times do
+    it "returns a number between 0 and 9" do
+      100.times do
         num = @sp.random_number
-        num.should be >= 1
-        num.should be <= 99
+        num.should be >= 0
+        num.should be <= 9
       end
     end
   end
 
 
   describe "#generate" do
-    it "is at least the given length" do
-      [10, 15, 20, 25, 30, 35, 40].each do |len|
-        10.times do
-          @sp.generate(len).length.should be >= len
-        end
+    it "has the given number of words" do
+      [1, 2, 3, 4, 5, 6].each do |words|
+        phrase = @sp.generate(words)
+        phrase.split.count.should == words
       end
     end
 
     it "includes digits when :digits is true" do
       10.times do
-        @sp.generate(24, :digits=>true).should =~ /^([a-z]+ [0-9]+ ?)+$/
+        @sp.generate(24, :digits=>true).should =~ /^([a-z]+[0-9] ?)+$/
       end
     end
   end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: spass
 version: !ruby/object:Gem::Version 
-  hash: 27
+  hash: 25
   prerelease: false
   segments: 
   - 0
   - 0
-  - 2
-  version: 0.0.2
+  - 3
+  version: 0.0.3
 platform: ruby
 authors: 
 - Eric Pierce
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-11-01 00:00:00 -06:00
+date: 2011-11-02 00:00:00 -06:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency