RubyGems - tome - Versions diffs - 1.0.1 → 1.0.3 - Mend

tome 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

data/lib/tome/crypt.rb CHANGED

@@ -1,56 +1,56 @@
-require 'openssl'
-require 'securerandom'
-module Tome
-  class Crypt
-    def self.encrypt(opts = {})
-      crypt :encrypt, opts
-    end
-    def self.decrypt(opts = {})
-      crypt :decrypt, opts
-    end
-    def self.new_iv
-      new_cipher.random_iv
-    end
-    def self.new_salt
-      SecureRandom.uuid
-    end
-  private
-    def self.new_cipher
-      OpenSSL::Cipher::AES.new(256, :CBC)
-    end
-    def self.crypt(method, opts)
-      raise ArgumentError if
-        opts.nil? || opts.empty? || opts[:value].nil? ||
-        opts[:password].nil? || opts[:password].empty? ||
-        opts[:salt].nil? || opts[:salt].empty? ||
-        opts[:iv].nil? || opts[:iv].empty? ||
-        opts[:stretch].nil? || opts[:stretch].nil?
-      cipher = new_cipher
-      cipher.send(method)
-      cipher.key = crypt_key(opts)
-      cipher.iv = opts[:iv]
-      result = cipher.update(opts[:value])
-      result << cipher.final
-      return result
-    end
-    def self.crypt_key(opts)
-      password = opts[:password]
-      salt = opts[:salt]
-      iterations = opts[:stretch]
-      key_length = 32 # 256 bits
-      hash = OpenSSL::Digest::SHA512.new
-      return OpenSSL::PKCS5.pbkdf2_hmac(password, salt, iterations, key_length, hash)
-    end
-  end
-end
+require 'openssl'
+require 'securerandom'
+module Tome
+  class Crypt
+    def self.encrypt(opts = {})
+      crypt :encrypt, opts
+    end
+    def self.decrypt(opts = {})
+      crypt :decrypt, opts
+    end
+    def self.new_iv
+      new_cipher.random_iv
+    end
+    def self.new_salt
+      SecureRandom.uuid
+    end
+  private
+    def self.new_cipher
+      OpenSSL::Cipher::AES.new(256, :CBC)
+    end
+    def self.crypt(method, opts)
+      raise ArgumentError if
+        opts.nil? || opts.empty? || opts[:value].nil? ||
+        opts[:password].nil? || opts[:password].empty? ||
+        opts[:salt].nil? || opts[:salt].empty? ||
+        opts[:iv].nil? || opts[:iv].empty? ||
+        opts[:stretch].nil? || opts[:stretch].nil?
+      cipher = new_cipher
+      cipher.send(method)
+      cipher.key = crypt_key(opts)
+      cipher.iv = opts[:iv]
+      result = cipher.update(opts[:value])
+      result << cipher.final
+      return result
+    end
+    def self.crypt_key(opts)
+      password = opts[:password]
+      salt = opts[:salt]
+      iterations = opts[:stretch]
+      key_length = 32 # 256 bits
+      hash = OpenSSL::Digest::SHA512.new
+      return OpenSSL::PKCS5.pbkdf2_hmac(password, salt, iterations, key_length, hash)
+    end
+  end
+end

data/lib/tome/padding.rb CHANGED

@@ -1,16 +1,16 @@
-require 'yaml'
-require 'securerandom'
-module Tome
-  class Padding
-    def self.pad(value, min_pad, max_pad)
-      padding = Random.rand(min_pad..max_pad)
-      YAML.dump(:value => value, :padding => SecureRandom.random_bytes(padding))
-    end
-    def self.unpad(inflated_value)
-      yaml = YAML.load(inflated_value)
-      yaml[:value]
-    end
-  end
+require 'yaml'
+require 'securerandom'
+module Tome
+  class Padding
+    def self.pad(value, min_pad, max_pad)
+      padding = Random.rand(min_pad..max_pad)
+      YAML.dump(:value => value, :padding => SecureRandom.random_bytes(padding))
+    end
+    def self.unpad(inflated_value)
+      yaml = YAML.load(inflated_value)
+      yaml[:value]
+    end
+  end
 end

data/lib/tome/tome.rb CHANGED

@@ -1,327 +1,327 @@
-require 'yaml'
-require 'fileutils'
-module Tome
-  class MasterPasswordError < RuntimeError
-  end
-  class FileFormatError < RuntimeError
-  end
-  class Tome
-    def self.exists?(tome_filename)
-      return !load_tome(tome_filename).nil?
-    end
-    def self.create!(tome_filename, master_password, stretch = 100_000)
-      if tome_filename.nil? || tome_filename.empty?
-        raise ArgumentError
-      end
-      if master_password.nil? || master_password.empty?
-        raise MasterPasswordError
-      end
-      save_tome(tome_filename, new_tome(stretch), {}, master_password)
-      return Tome.new(tome_filename, master_password)
-    end
-    def initialize(tome_filename, master_password)
-      if tome_filename.nil? || tome_filename.empty?
-        raise ArgumentError
-      end
-      if master_password.nil? || master_password.empty?
-        raise MasterPasswordError
-      end
-      @tome_filename = tome_filename
-      @master_password = master_password
-      # TODO: This is suboptimal. We are loading the store
-      # twice for most operations because of this authentication.
-      authenticate()
-    end
-    def set(id, password)
-      if id.nil? || id.empty? || password.nil? || password.empty?
-        raise ArgumentError
-      end
-      return writable_store do |store|
-        set_by_id(store, id, password)
-      end
-    end
-    def get(id)
-      if id.nil? || id.empty?
-        raise ArgumentError
-      end
-      return readable_store do |store|
-        get_by_id(store, id)
-      end
-    end
-    def find(pattern)
-      if pattern.nil? || pattern.empty?
-        raise ArgumentError
-      end
-      return readable_store do |store|
-        get_by_pattern(store, pattern)
-      end
-    end
-    def delete(id)
-      if id.nil? || id.empty?
-        raise ArgumentError
-      end
-      return writable_store do |store|
-        delete_by_id(store, id)
-      end
-    end
-    def rename(old_id, new_id)
-      if old_id.nil? || old_id.empty? || new_id.nil? || new_id.empty?
-        raise ArgumentError
-      end
-      return writable_store do |store|
-        rename_by_id(store, old_id, new_id)
-      end
-    end
-    def each_password
-      if !block_given?
-        raise ArgumentError
-      end
-      readable_store do |store|
-        store.each { |id, info|
-          yield id, info[:password]
-        }
-      end
-    end
-    def master_password=(master_password)
-      return writable_store do |store|
-        @master_password = master_password
-        true
-      end
-    end
-  private
-    def set_by_id(store, id, password)
-      created = !store.include?(id)
-      store[id] = {}
-      store[id][:password] = password
-      return created
-    end
-    def get_by_pattern(store, pattern)
-      find_by_pattern(store, pattern).map { |key, value|
-        { key => value[:password] }
-      }.inject { |hash, item|
-        hash.merge!(item)
-      } || {}
-    end
-    def get_by_id(store, id)
-      store[id]
-    end
-    def delete_by_id(store, id)
-      same = store.reject! { |key, info|
-        key.casecmp(id) == 0
-      }.nil?
-      return !same
-    end
-    def find_by_pattern(store, pattern)
-      return {} if pattern.nil?
-      # TODO: Better matching. Should allow separated
-      # substring matching. Exact match > solid substrings > separated substrings.
-      exact = store.select { |key, info|
-        key.casecmp(pattern) == 0
-      }
-      return exact if !exact.empty?
-      return store.select { |key, info|
-        key =~ /#{pattern}/i
-      }
-    end
-    def rename_by_id(store, old_id, new_id)
-      if store[old_id].nil?
-        return false
-      else
-        values = store[old_id]
-        store.delete(old_id)
-        store[new_id] = values
-        return true
-      end
-    end
-    def self.load_tome(tome_filename)
-      if tome_filename.nil? || tome_filename.empty?
-        raise ArgumentError
-      end
-      return nil if !File.exist?(tome_filename)
-      contents = File.open(tome_filename, 'rb') { |file| file.read }
-      return nil if contents.length == 0
-      tome = YAML.load(contents)
-      return nil if !tome
-      validate_tome(tome)
-      return tome
-    end
-    def self.validate_tome(tome)
-      if tome[:version].nil? || tome[:version].class != Fixnum
-        raise FileFormatError, 'The tome database is invalid (missing or invalid version).'
-      end
-      if tome[:version] > FILE_VERSION
-        raise FileFormatError, "The tome database comes from a newer version of tome (v#{tome[:version]} > v#{FILE_VERSION}). Try updating tome."
-      end
-      if tome[:version] < FILE_VERSION
-        raise FileFormatError, "The tome database is incompatible with this version of tome (v#{tome[:version]} < v#{FILE_VERSION})."
-      end
-      # TODO: Check version number, do file format migration if necessary.
-      if tome[:salt].nil? || tome[:salt].class != String || tome[:salt].empty?
-        raise FileFormatError, 'The tome database is invalid (missing or invalid salt).'
-      end
-      if tome[:iv].nil? || tome[:iv].class != String || tome[:iv].empty?
-        raise FileFormatError, 'The tome database is invalid (missing or invalid IV).'
-      end
-      if tome[:stretch].nil? || tome[:stretch].class != Fixnum || tome[:stretch] < 0
-        raise FileFormatError, 'The tome database is invalid (missing or invalid key stretch).'
-      end
-      if tome[:store].nil? || tome[:store].class != String || tome[:store].empty?
-        raise FileFormatError, 'The tome database is invalid (missing or invalid store).'
-      end
-    end
-    def load_store(tome)
-      if tome.nil?
-        raise ArgumentError
-      end
-      begin
-        padded_store_yaml = Crypt.decrypt(
-          :value => tome[:store],
-          :password => @master_password,
-          :stretch => tome[:stretch],
-          :salt => tome[:salt],
-          :iv => tome[:iv]
-        )
-      rescue OpenSSL::Cipher::CipherError
-        raise MasterPasswordError
-      end
-      begin
-        store_yaml = Padding.unpad(padded_store_yaml)
-      rescue Exception
-        raise MasterPasswordError
-      end
-      store = YAML.load(store_yaml)
-      return store || {}
-    end
-    def self.save_tome(tome_filename, tome, store, master_password)
-      if tome.nil? || store.nil? || master_password.nil? || master_password.empty?
-        raise ArgumentError
-      end
-      store_yaml = YAML.dump(store)
-      padded_store_yaml = Padding.pad(store_yaml, 1024, 4096)
-      new_salt = Crypt.new_salt
-      new_iv = Crypt.new_iv
-      encrypted_store = Crypt.encrypt(
-        :value => padded_store_yaml,
-        :password => master_password,
-        :salt => new_salt,
-        :iv => new_iv,
-        :stretch => tome[:stretch]
-      )
-      contents = tome.merge({
-        :version => FILE_VERSION,
-        :store => encrypted_store,
-        :salt => new_salt,
-        :iv => new_iv
-      })
-      File.open(tome_filename, 'wb') do |file|
-        YAML.dump(contents, file)
-      end
-    end
-    def readable_store()
-      tome = Tome.load_tome(@tome_filename)
-      store = load_store(tome)
-      begin
-        result = yield store
-      ensure
-        store = nil
-        GC.start
-      end
-      return result
-    end
-    def writable_store()
-      tome = Tome.load_tome(@tome_filename)
-      store = load_store(tome)
-      begin
-        result = yield store
-        Tome.save_tome(@tome_filename, tome, store, @master_password)
-      ensure
-        store = nil
-        GC.start
-      end
-      return result
-    end
-    def self.new_tome(stretch)
-      {
-        :store => {},
-        :salt => Crypt.new_salt,
-        :iv => Crypt.new_iv,
-        :stretch => stretch
-      }
-    end
-    def authenticate
-      # Force a read.
-      # If the master password is invalid, the access exception will propagate.
-      readable_store { }
-    end
-    FILE_VERSION = 2
-  end
-end
+require 'yaml'
+require 'fileutils'
+module Tome
+  class MasterPasswordError < RuntimeError
+  end
+  class FileFormatError < RuntimeError
+  end
+  class Tome
+    def self.exists?(tome_filename)
+      return !load_tome(tome_filename).nil?
+    end
+    def self.create!(tome_filename, master_password, stretch = 100_000)
+      if tome_filename.nil? || tome_filename.empty?
+        raise ArgumentError
+      end
+      if master_password.nil? || master_password.empty?
+        raise MasterPasswordError
+      end
+      save_tome(tome_filename, new_tome(stretch), {}, master_password)
+      return Tome.new(tome_filename, master_password)
+    end
+    def initialize(tome_filename, master_password)
+      if tome_filename.nil? || tome_filename.empty?
+        raise ArgumentError
+      end
+      if master_password.nil? || master_password.empty?
+        raise MasterPasswordError
+      end
+      @tome_filename = tome_filename
+      @master_password = master_password
+      # TODO: This is suboptimal. We are loading the store
+      # twice for most operations because of this authentication.
+      authenticate()
+    end
+    def set(id, password)
+      if id.nil? || id.empty? || password.nil? || password.empty?
+        raise ArgumentError
+      end
+      return writable_store do |store|
+        set_by_id(store, id, password)
+      end
+    end
+    def get(id)
+      if id.nil? || id.empty?
+        raise ArgumentError
+      end
+      return readable_store do |store|
+        get_by_id(store, id)
+      end
+    end
+    def find(pattern)
+      if pattern.nil? || pattern.empty?
+        raise ArgumentError
+      end
+      return readable_store do |store|
+        get_by_pattern(store, pattern)
+      end
+    end
+    def delete(id)
+      if id.nil? || id.empty?
+        raise ArgumentError
+      end
+      return writable_store do |store|
+        delete_by_id(store, id)
+      end
+    end
+    def rename(old_id, new_id)
+      if old_id.nil? || old_id.empty? || new_id.nil? || new_id.empty?
+        raise ArgumentError
+      end
+      return writable_store do |store|
+        rename_by_id(store, old_id, new_id)
+      end
+    end
+    def each_password
+      if !block_given?
+        raise ArgumentError
+      end
+      readable_store do |store|
+        store.each { |id, info|
+          yield id, info[:password]
+        }
+      end
+    end
+    def master_password=(master_password)
+      return writable_store do |store|
+        @master_password = master_password
+        true
+      end
+    end
+  private
+    def set_by_id(store, id, password)
+      created = !store.include?(id)
+      store[id] = {}
+      store[id][:password] = password
+      return created
+    end
+    def get_by_pattern(store, pattern)
+      find_by_pattern(store, pattern).map { |key, value|
+        { key => value[:password] }
+      }.inject { |hash, item|
+        hash.merge!(item)
+      } || {}
+    end
+    def get_by_id(store, id)
+      store[id]
+    end
+    def delete_by_id(store, id)
+      same = store.reject! { |key, info|
+        key.casecmp(id) == 0
+      }.nil?
+      return !same
+    end
+    def find_by_pattern(store, pattern)
+      return {} if pattern.nil?
+      # TODO: Better matching. Should allow separated
+      # substring matching. Exact match > solid substrings > separated substrings.
+      exact = store.select { |key, info|
+        key.casecmp(pattern) == 0
+      }
+      return exact if !exact.empty?
+      return store.select { |key, info|
+        key =~ /#{pattern}/i
+      }
+    end
+    def rename_by_id(store, old_id, new_id)
+      if store[old_id].nil?
+        return false
+      else
+        values = store[old_id]
+        store.delete(old_id)
+        store[new_id] = values
+        return true
+      end
+    end
+    def self.load_tome(tome_filename)
+      if tome_filename.nil? || tome_filename.empty?
+        raise ArgumentError
+      end
+      return nil if !File.exist?(tome_filename)
+      contents = File.open(tome_filename, 'rb') { |file| file.read }
+      return nil if contents.length == 0
+      tome = YAML.load(contents)
+      return nil if !tome
+      validate_tome(tome)
+      return tome
+    end
+    def self.validate_tome(tome)
+      if tome[:version].nil? || tome[:version].class != Fixnum
+        raise FileFormatError, 'The tome database is invalid (missing or invalid version).'
+      end
+      if tome[:version] > FILE_VERSION
+        raise FileFormatError, "The tome database comes from a newer version of tome (v#{tome[:version]} > v#{FILE_VERSION}). Try updating tome."
+      end
+      if tome[:version] < FILE_VERSION
+        raise FileFormatError, "The tome database is incompatible with this version of tome (v#{tome[:version]} < v#{FILE_VERSION})."
+      end
+      # TODO: Check version number, do file format migration if necessary.
+      if tome[:salt].nil? || tome[:salt].class != String || tome[:salt].empty?
+        raise FileFormatError, 'The tome database is invalid (missing or invalid salt).'
+      end
+      if tome[:iv].nil? || tome[:iv].class != String || tome[:iv].empty?
+        raise FileFormatError, 'The tome database is invalid (missing or invalid IV).'
+      end
+      if tome[:stretch].nil? || tome[:stretch].class != Fixnum || tome[:stretch] < 0
+        raise FileFormatError, 'The tome database is invalid (missing or invalid key stretch).'
+      end
+      if tome[:store].nil? || tome[:store].class != String || tome[:store].empty?
+        raise FileFormatError, 'The tome database is invalid (missing or invalid store).'
+      end
+    end
+    def load_store(tome)
+      if tome.nil?
+        raise ArgumentError
+      end
+      begin
+        padded_store_yaml = Crypt.decrypt(
+          :value => tome[:store],
+          :password => @master_password,
+          :stretch => tome[:stretch],
+          :salt => tome[:salt],
+          :iv => tome[:iv]
+        )
+      rescue OpenSSL::Cipher::CipherError
+        raise MasterPasswordError
+      end
+      begin
+        store_yaml = Padding.unpad(padded_store_yaml)
+      rescue Exception
+        raise MasterPasswordError
+      end
+      store = YAML.load(store_yaml)
+      return store || {}
+    end
+    def self.save_tome(tome_filename, tome, store, master_password)
+      if tome.nil? || store.nil? || master_password.nil? || master_password.empty?
+        raise ArgumentError
+      end
+      store_yaml = YAML.dump(store)
+      padded_store_yaml = Padding.pad(store_yaml, 1024, 4096)
+      new_salt = Crypt.new_salt
+      new_iv = Crypt.new_iv
+      encrypted_store = Crypt.encrypt(
+        :value => padded_store_yaml,
+        :password => master_password,
+        :salt => new_salt,
+        :iv => new_iv,
+        :stretch => tome[:stretch]
+      )
+      contents = tome.merge({
+        :version => FILE_VERSION,
+        :store => encrypted_store,
+        :salt => new_salt,
+        :iv => new_iv
+      })
+      File.open(tome_filename, 'wb') do |file|
+        YAML.dump(contents, file)
+      end
+    end
+    def readable_store()
+      tome = Tome.load_tome(@tome_filename)
+      store = load_store(tome)
+      begin
+        result = yield store
+      ensure
+        store = nil
+        GC.start
+      end
+      return result
+    end
+    def writable_store()
+      tome = Tome.load_tome(@tome_filename)
+      store = load_store(tome)
+      begin
+        result = yield store
+        Tome.save_tome(@tome_filename, tome, store, @master_password)
+      ensure
+        store = nil
+        GC.start
+      end
+      return result
+    end
+    def self.new_tome(stretch)
+      {
+        :store => {},
+        :salt => Crypt.new_salt,
+        :iv => Crypt.new_iv,
+        :stretch => stretch
+      }
+    end
+    def authenticate
+      # Force a read.
+      # If the master password is invalid, the access exception will propagate.
+      readable_store { }
+    end
+    FILE_VERSION = 2
+  end
+end