tome 1.0.0 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. data/README.md +5 -1
  2. data/lib/tome/command.rb +25 -8
  3. data/lib/tome/tome.rb +12 -1
  4. data/lib/tome/usage.rb +18 -2
  5. data/lib/tome/version.rb +1 -1
  6. metadata +4 -4
data/README.md CHANGED
@@ -94,7 +94,7 @@ of every website you sign up with, you can use tome to help mitigate your risk a
94
94
  computing power and time. To further reduce risk, don't store usernames (e.g. do `tome set gmail.com` instead of `tome set foo@gmail.com`).
95
95
  * Dependence on the `.tome` file: if your `.tome` file is lost or corrupt and you forget your passwords, you'll have to reset them.
96
96
  * If you want access to your passwords on multiple machines, you'll have to sync the `.tome` file between machines.
97
- * Trust in *my* secure coding practices: I encourage you to look at the source yourself.
97
+ * Trust in *my* secure coding practices. I encourage you to look at the source yourself.
98
98
 
99
99
  ## Under the hood
100
100
 
@@ -102,6 +102,10 @@ All account and password information is stored in a single `.tome` file in the u
102
102
  YAML-formatted and stores the encrypted account and password information as well as the encryption parameters.
103
103
  These encryption parameters, along with the master password, are used to decrypt the password information.
104
104
 
105
+ A randomly-generated 1K-4K block of data is appended to the actual password data to obfuscate the number of passwords
106
+ stored in the database. This is not a security mechanism, but rather a hindrance to attempts to infer
107
+ anything from the encrypted data.
108
+
105
109
  Each time the `.tome` file is modified, new encryption parameters (i.e. the salt and IV) are randomly generated
106
110
  and used for encryption.
107
111
 
data/lib/tome/command.rb CHANGED
@@ -64,6 +64,7 @@ module Tome
64
64
  /\A(generate|gen)\z/i => :generate,
65
65
  /\A(copy|cp)\z/i => :copy,
66
66
  /\A(rename|ren|rn)\z/i => :rename,
67
+ /\A(master)\z/i => :master,
67
68
  /\A(list|ls)\z/i => :list
68
69
  }
69
70
 
@@ -98,6 +99,7 @@ module Tome
98
99
  :generate => $generate_usage,
99
100
  :copy => $copy_usage,
100
101
  :rename => $rename_usage,
102
+ :master => $master_usage,
101
103
  :list => $list_usage
102
104
  }
103
105
 
@@ -118,7 +120,7 @@ module Tome
118
120
  raise CommandError, "Invalid arguments.\n\n#{$set_usage}"
119
121
  end
120
122
 
121
- tome = tome_create_connect()
123
+ created, tome = tome_create_connect()
122
124
 
123
125
  case args.length
124
126
  # TODO: Validate that first argument is in [username@]domain form.
@@ -213,7 +215,7 @@ module Tome
213
215
  raise CommandError, "Invalid arguments.\n\n#{$generate_usage}"
214
216
  end
215
217
 
216
- tome = tome_create_connect()
218
+ created, tome = tome_create_connect()
217
219
 
218
220
  # tome gen bar.com
219
221
  # tome gen foo@bar.com
@@ -229,11 +231,12 @@ module Tome
229
231
  end
230
232
 
231
233
  created = tome.set(id, password)
234
+ Clipboard.copy(password)
232
235
 
233
236
  if created
234
- @out.puts "Generated password for #{id}."
237
+ @out.puts "Generated and copied password for #{id}."
235
238
  else
236
- @out.puts "Updated #{id} with the generated password."
239
+ @out.puts "Updated and copied password for #{id}."
237
240
  end
238
241
  end
239
242
 
@@ -262,7 +265,7 @@ module Tome
262
265
  match = matches.first
263
266
  password = match.last
264
267
 
265
- Clipboard.copy password
268
+ Clipboard.copy(password)
266
269
  if Clipboard.paste == password
267
270
  @out.puts "Password for #{match.first} copied to clipboard."
268
271
  else
@@ -316,6 +319,20 @@ module Tome
316
319
  end
317
320
  end
318
321
 
322
+ def master(args)
323
+ if args.count > 0
324
+ raise CommandError, "Invalid arguments.\n\n#{$master_usage}"
325
+ end
326
+
327
+ created, tome = tome_create_connect()
328
+
329
+ if !created
330
+ master_password = prompt_password('New master password')
331
+ tome.master_password = master_password
332
+ @out.puts 'Master password updated.'
333
+ end
334
+ end
335
+
319
336
  def generate_password
320
337
  Passgen.generate(:length => 30, :symbols => true)
321
338
  end
@@ -414,10 +431,10 @@ module Tome
414
431
  if !Tome.exists?(@tome_filename)
415
432
  @out.puts 'Creating tome database.'
416
433
  master_password = prompt_password('Master password')
417
- tome = Tome.create!(@tome_filename, master_password)
434
+ return true, Tome.create!(@tome_filename, master_password)
418
435
  else
419
- tome = tome_connect()
436
+ return false, tome_connect()
420
437
  end
421
438
  end
422
439
  end
423
- end
440
+ end
data/lib/tome/tome.rb CHANGED
@@ -105,6 +105,13 @@ module Tome
105
105
  end
106
106
  end
107
107
 
108
+ def master_password=(master_password)
109
+ return writable_store do |store|
110
+ @master_password = master_password
111
+ true
112
+ end
113
+ end
114
+
108
115
  private
109
116
  def set_by_id(store, id, password)
110
117
  created = !store.include?(id)
@@ -230,7 +237,11 @@ module Tome
230
237
  raise MasterPasswordError
231
238
  end
232
239
 
233
- store_yaml = Padding.unpad(padded_store_yaml)
240
+ begin
241
+ store_yaml = Padding.unpad(padded_store_yaml)
242
+ rescue Exception
243
+ raise MasterPasswordError
244
+ end
234
245
 
235
246
  store = YAML.load(store_yaml)
236
247
  return store || {}
data/lib/tome/usage.rb CHANGED
@@ -8,7 +8,7 @@ Usage:
8
8
 
9
9
  tome generate [user@]<domain>
10
10
 
11
- Generate a random password for an account.
11
+ Generate and copy a random password for an account.
12
12
  Example: tome generate reddit.com
13
13
 
14
14
  tome get <pattern>
@@ -36,6 +36,11 @@ Usage:
36
36
  Rename the account information stored.
37
37
  Example: tome rename twitter.com foo@twitter.com
38
38
 
39
+ tome master
40
+
41
+ Set the master password.
42
+ Example: tome master
43
+
39
44
  tome help
40
45
 
41
46
  Shows help for a specific command.
@@ -126,6 +131,7 @@ $generate_usage = <<END
126
131
  tome generate
127
132
 
128
133
  Generate a random password for an account. The user is optional.
134
+ The generated password is copied to the clipboard.
129
135
 
130
136
  Usage:
131
137
 
@@ -190,4 +196,14 @@ Examples:
190
196
  tome rename foo@gmail.com bar@gmail.com
191
197
 
192
198
  Alias: rename, ren, rn
193
- END
199
+ END
200
+
201
+ $master_usage = <<END
202
+ tome master
203
+
204
+ Set the master password.
205
+
206
+ Usage:
207
+
208
+ tome master
209
+ END
data/lib/tome/version.rb CHANGED
@@ -1 +1 @@
1
- $version = '1.0.0'
1
+ $version = '1.0.1'
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: tome
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.0.1
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-07-03 00:00:00.000000000 Z
12
+ date: 2012-08-08 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: passgen
@@ -50,7 +50,7 @@ dependencies:
50
50
  requirements:
51
51
  - - ~>
52
52
  - !ruby/object:Gem::Version
53
- version: '1.0'
53
+ version: '1.1'
54
54
  type: :runtime
55
55
  prerelease: false
56
56
  version_requirements: !ruby/object:Gem::Requirement
@@ -58,7 +58,7 @@ dependencies:
58
58
  requirements:
59
59
  - - ~>
60
60
  - !ruby/object:Gem::Version
61
- version: '1.0'
61
+ version: '1.1'
62
62
  - !ruby/object:Gem::Dependency
63
63
  name: rake
64
64
  requirement: !ruby/object:Gem::Requirement