trocla 0.4.0 → 0.5.0

data/lib/trocla/util.rb

@@ -1,30 +1,30 @@
 require 'securerandom'
 class Trocla
+  # Utils
   class Util
     class << self
-      def random_str(length=12, charset='default')
-        _charsets = charsets[charset] || charsets['default']
-        (1..length).collect{|a| _charsets[SecureRandom.random_number(_charsets.size)] }.join.to_s
+      def random_str(length = 12, charset = 'default')
+        char = charsets[charset] || charsets['default']
+        charsets_size = char.size
+        (1..length).collect { |_| char[rand_num(charsets_size)] }.join.to_s
       end
 
-      def salt(length=8)
-        alphanumeric_size = alphanumeric.size
-        (1..length).collect{|a| alphanumeric[SecureRandom.random_number(alphanumeric_size)] }.join.to_s
+      def salt(length = 8)
+        random_str(length, 'alphanumeric')
       end
 
       private
 
+      def rand_num(n)
+        SecureRandom.random_number(n)
+      end
+
       def charsets
         @charsets ||= begin
           h = {
-            'default'      => chars,
-            'alphanumeric' => alphanumeric,
-            'shellsafe'    => shellsafe,
-            'windowssafe'  => windowssafe,
-            'numeric'      => numeric,
-            'hexadecimal'  => hexadecimal,
-            'consolesafe'  => consolesafe,
-            'typesafe'     => typesafe,
+            'default' => chars, 'alphanumeric' => alphanumeric, 'shellsafe' => shellsafe,
+            'windowssafe' => windowssafe, 'numeric' => numeric, 'hexadecimal' => hexadecimal,
+            'consolesafe' => consolesafe, 'typesafe' => typesafe
           }
           h.each { |k, v| h[k] = v.uniq }
         end
@@ -33,36 +33,47 @@ class Trocla
       def chars
         @chars ||= shellsafe + special_chars
       end
+
       def shellsafe
         @shellsafe ||= alphanumeric + shellsafe_chars
       end
+
       def windowssafe
         @windowssafe ||= alphanumeric + windowssafe_chars
       end
+
       def consolesafe
         @consolesafe ||= alphanumeric + consolesafe_chars
       end
+
       def hexadecimal
         @hexadecimal ||= numeric + ('a'..'f').to_a
       end
+
       def alphanumeric
         @alphanumeric ||= ('a'..'z').to_a + ('A'..'Z').to_a + numeric
       end
+
       def numeric
         @numeric ||= ('0'..'9').to_a
       end
+
       def typesafe
         @typesafe ||= ('a'..'x').to_a - ['i'] - ['l'] + ('A'..'X').to_a - ['I'] - ['L'] + ('1'..'9').to_a
       end
+
       def special_chars
-        @special_chars ||= "*()&![]{}-".split(//)
+        @special_chars ||= '*()&![]{}-'.split(//)
       end
+
       def shellsafe_chars
-        @shellsafe_chars ||= "+%/@=?_.,:".split(//)
+        @shellsafe_chars ||= '+%/@=?_.,:'.split(//)
       end
+
       def windowssafe_chars
-        @windowssafe_chars ||= "+%/@=?_.,".split(//)
+        @windowssafe_chars ||= '+%/@=?_.,'.split(//)
       end
+
       def consolesafe_chars
         @consolesafe_chars ||= '+.-,_'.split(//)
       end

data/lib/trocla/version.rb

@@ -1,20 +1,23 @@
 # encoding: utf-8
+
 class Trocla
+  # VERSION
   class VERSION
     version = {}
     File.read(File.join(File.dirname(__FILE__), '../', 'VERSION')).each_line do |line|
-      type, value = line.chomp.split(":")
+      type, value = line.chomp.split(':')
       next if type =~ /^\s+$/ || value =~ /^\s+$/
+
       version[type] = value
     end
-    
+
     MAJOR = version['major']
     MINOR = version['minor']
     PATCH = version['patch']
     BUILD = version['build']
-    
+
     STRING = [MAJOR, MINOR, PATCH, BUILD].compact.join('.')
-    
+
     def self.version
       STRING
     end

data/lib/trocla.rb

@@ -4,16 +4,17 @@ require 'trocla/formats'
 require 'trocla/encryptions'
 require 'trocla/stores'
 
+# Trocla class
 class Trocla
-  def initialize(config_file=nil)
+  def initialize(config_file = nil)
     if config_file
       @config_file = File.expand_path(config_file)
-    elsif File.exists?(def_config_file=File.expand_path('~/.troclarc.yaml')) || File.exists?(def_config_file=File.expand_path('/etc/troclarc.yaml'))
+    elsif File.exist?(def_config_file = File.expand_path('~/.troclarc.yaml')) || File.exist?(def_config_file = File.expand_path('/etc/troclarc.yaml'))
       @config_file = def_config_file
     end
   end
 
-  def self.open(config_file=nil)
+  def self.open(config_file = nil)
     trocla = Trocla.new(config_file)
 
     if block_given?
@@ -24,78 +25,76 @@ class Trocla
     end
   end
 
-  def password(key,format,options={})
+  def password(key, format, options={})
     # respect a default profile, but let the
     # profiles win over the default options
     options['profiles'] ||= config['options']['profiles']
-    if options['profiles']
-      options = merge_profiles(options['profiles']).merge(options)
-    end
+    options = merge_profiles(options['profiles']).merge(options) if options['profiles']
     options = config['options'].merge(options)
 
     raise "Format #{format} is not supported! Supported formats: #{Trocla::Formats.all.join(', ')}" unless Trocla::Formats::available?(format)
 
-    unless (password=get_password(key,format,options)).nil?
+    unless (password = get_password(key, format, options)).nil?
       return password
     end
 
-    plain_pwd = get_password(key,'plain',options)
+    plain_pwd = get_password(key, 'plain', options)
     if options['random'] && plain_pwd.nil?
-      plain_pwd = Trocla::Util.random_str(options['length'].to_i,options['charset'])
-      set_password(key,'plain',plain_pwd,options) unless format == 'plain'
+      plain_pwd = Trocla::Util.random_str(options['length'].to_i, options['charset'])
+      set_password(key, 'plain', plain_pwd, options) unless format == 'plain'
     elsif !options['random'] && plain_pwd.nil?
       raise "Password must be present as plaintext if you don't want a random password"
     end
-    pwd = self.formats(format).format(plain_pwd,options)
+    pwd = self.formats(format).format(plain_pwd, options)
     # it's possible that meanwhile another thread/process was faster in
     # formating the password. But we want todo that second lookup
     # only for expensive formats
     if self.formats(format).expensive?
-      get_password(key,format,options) || set_password(key, format, pwd, options)
+      get_password(key, format, options) || set_password(key, format, pwd, options)
     else
       set_password(key, format, pwd, options)
     end
   end
 
-  def get_password(key, format, options={})
-    render(format,decrypt(store.get(key,format)),options)
+  def get_password(key, format, options = {})
+    render(format, decrypt(store.get(key, format)), options)
   end
 
-  def reset_password(key,format,options={})
-    delete_password(key,format)
-    password(key,format,options)
+  def reset_password(key, format, options = {})
+    delete_password(key, format)
+    password(key, format, options)
   end
 
-  def delete_password(key,format=nil,options={})
-    v = store.delete(key,format)
+  def delete_password(key, format = nil, options = {})
+    v = store.delete(key, format)
     if v.is_a?(Hash)
-      Hash[*v.map do |f,encrypted_value|
-        [f,render(format,decrypt(encrypted_value),options)]
+      Hash[*v.map do |f, encrypted_value|
+        [f, render(format, decrypt(encrypted_value), options)]
       end.flatten]
     else
-      render(format,decrypt(v),options)
+      render(format, decrypt(v), options)
     end
   end
 
-  def set_password(key,format,password,options={})
-    store.set(key,format,encrypt(password),options)
-    render(format,password,options)
+  def set_password(key, format, password, options = {})
+    store.set(key, format, encrypt(password), options)
+    render(format, password, options)
   end
 
-  def available_format(key, options={})
-    render(false,store.formats(key),options)
+  def available_format(key, options = {})
+    render(false, store.formats(key), options)
   end
 
-  def search_key(key, options={})
-    render(false,store.search(key),options)
+  def search_key(key, options = {})
+    render(false, store.search(key), options)
   end
 
   def formats(format)
-    (@format_cache||={})[format] ||= Trocla::Formats[format].new(self)
+    (@format_cache ||= {})[format] ||= Trocla::Formats[format].new(self)
   end
 
   def encryption
-    @encryption ||= Trocla::Encryptions[config['encryption']].new(config['encryption_options'],self)
+    @encryption ||= Trocla::Encryptions[config['encryption']].new(config['encryption_options'], self)
   end
 
   def config
@@ -107,6 +106,7 @@ class Trocla
   end
 
   private
+
   def store
     @store ||= build_store
   end
@@ -114,19 +114,20 @@ class Trocla
   def build_store
     s = config['store']
     clazz = if s.is_a?(Symbol)
-      Trocla::Stores[s]
-    else
-      require config['store_require'] if config['store_require']
-      eval(s)
-    end
-    clazz.new(config['store_options'],self)
+              Trocla::Stores[s]
+            else
+              require config['store_require'] if config['store_require']
+              eval(s)
+            end
+    clazz.new(config['store_options'], self)
   end
 
   def read_config
     if @config_file.nil?
       default_config
     else
-      raise "Configfile #{@config_file} does not exist!" unless File.exists?(@config_file)
+      raise "Configfile #{@config_file} does not exist!" unless File.exist?(@config_file)
+
       c = default_config.merge(YAML.load(File.read(@config_file)))
       c['profiles'] = default_config['profiles'].merge(c['profiles'])
       # migrate all options to new store options
@@ -144,12 +145,13 @@ class Trocla
 
   def decrypt(value)
     return nil if value.nil?
+
     encryption.decrypt(value)
   end
 
-  def render(format,output,options={})
-    if format && output && f=self.formats(format)
-      f.render(output,options['render']||{})
+  def render(format, output, options = {})
+    if format && output && f = self.formats(format)
+      f.render(output, options['render'] || {})
     else
       output
     end
@@ -157,14 +159,14 @@ class Trocla
 
   def default_config
     require 'yaml'
-    YAML.load(File.read(File.expand_path(File.join(File.dirname(__FILE__),'trocla','default_config.yaml'))))
+    YAML.load(File.read(File.expand_path(File.join(File.dirname(__FILE__), 'trocla', 'default_config.yaml'))))
   end
 
   def merge_profiles(profiles)
-    Array(profiles).inject({}) do |res,profile|
+    Array(profiles).inject({}) do |res, profile|
       raise "No such profile #{profile} defined" unless profile_hash = config['profiles'][profile]
+
       profile_hash.merge(res)
     end
   end
-
 end

data/spec/trocla/formats/pgsql_spec.rb

@@ -0,0 +1,25 @@
+require File.expand_path(File.dirname(__FILE__) + '/../../spec_helper')
+
+describe 'Trocla::Format::Pgsql' do
+  before(:each) do
+    expect_any_instance_of(Trocla).to receive(:read_config).and_return(test_config)
+    @trocla = Trocla.new
+  end
+
+  describe 'default pgsql' do
+    it 'create a pgsql password keypair without options in sha256' do
+      pass = @trocla.password('pgsql_password_sh256', 'pgsql', {})
+      expect(pass).to match(/^SCRAM-SHA-256\$(.*):(.*)\$(.*):/)
+    end
+  end
+
+  describe 'pgsql in md5 encode' do
+    it 'create a pgsql password in md5 encode' do
+      pass = @trocla.password(
+        'pgsql_password_md5', 'pgsql',
+        { 'username' => 'toto', 'encode' => 'md5' }
+      )
+      expect(pass).to match(/^md5/)
+    end
+  end
+end

data/spec/trocla_spec.rb

@@ -72,6 +72,9 @@ describe "Trocla" do
           expect(pwd).not_to match(/[={}\[\]\?%\*()&!]+/)
         end
         it 'is possible to combine profiles but first profile wins 3' do
+          # mysql profile uses a 32 long random pwd with shell safe characters
+          # and we want to use a fixed random str here https://github.com/duritong/trocla/issues/55
+          allow(Trocla::Util).to receive(:random_str).with(32,'shellsafe') { "jmNi6+7dsUn@H?vfbXCq=ULEGPW,u:hu" }
           pwd = @trocla.password('some_test3','plain', 'profiles' => ['mysql','login'])
           expect(pwd).not_to be_empty
           expect(pwd.length).to eq(32)

data/trocla.gemspec

@@ -2,16 +2,16 @@
 # DO NOT EDIT THIS FILE DIRECTLY
 # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
 # -*- encoding: utf-8 -*-
-# stub: trocla 0.4.0 ruby lib
+# stub: trocla 0.5.0 ruby lib
 
 Gem::Specification.new do |s|
   s.name = "trocla".freeze
-  s.version = "0.4.0"
+  s.version = "0.5.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version=
   s.require_paths = ["lib".freeze]
   s.authors = ["mh".freeze]
-  s.date = "2021-05-11"
+  s.date = "2023-01-01"
   s.description = "Trocla helps you to generate random passwords and to store them in various formats (plain, MD5, bcrypt) for later retrival.".freeze
   s.email = "mh+trocla@immerda.ch".freeze
   s.executables = ["trocla".freeze]
@@ -21,8 +21,8 @@ Gem::Specification.new do |s|
   ]
   s.files = [
     ".document",
+    ".github/workflows/ruby.yml",
     ".rspec",
-    ".travis.yml",
     "CHANGELOG.md",
     "Gemfile",
     "LICENSE.txt",
@@ -47,6 +47,7 @@ Gem::Specification.new do |s|
     "lib/trocla/formats/sha512crypt.rb",
     "lib/trocla/formats/ssha.rb",
     "lib/trocla/formats/sshkey.rb",
+    "lib/trocla/formats/wireguard.rb",
     "lib/trocla/formats/x509.rb",
     "lib/trocla/store.rb",
     "lib/trocla/stores.rb",
@@ -59,6 +60,7 @@ Gem::Specification.new do |s|
     "spec/spec_helper.rb",
     "spec/trocla/encryptions/none_spec.rb",
     "spec/trocla/encryptions/ssl_spec.rb",
+    "spec/trocla/formats/pgsql_spec.rb",
     "spec/trocla/formats/sshkey_spec.rb",
     "spec/trocla/formats/x509_spec.rb",
     "spec/trocla/store/memory_spec.rb",
@@ -69,7 +71,7 @@ Gem::Specification.new do |s|
   ]
   s.homepage = "https://tech.immerda.ch/2011/12/trocla-get-hashed-passwords-out-of-puppet-manifests/".freeze
   s.licenses = ["GPLv3".freeze]
-  s.rubygems_version = "3.1.2".freeze
+  s.rubygems_version = "3.3.26".freeze
   s.summary = "Trocla a simple password generator and storage".freeze
 
   if s.respond_to? :specification_version then
@@ -77,24 +79,26 @@ Gem::Specification.new do |s|
   end
 
   if s.respond_to? :add_runtime_dependency then
-    s.add_runtime_dependency(%q<moneta>.freeze, ["~> 1.4.0"])
     s.add_runtime_dependency(%q<highline>.freeze, ["~> 2.0.0"])
+    s.add_runtime_dependency(%q<moneta>.freeze, ["~> 1.4.0"])
     s.add_runtime_dependency(%q<bcrypt>.freeze, [">= 0"])
+    s.add_runtime_dependency(%q<openssl>.freeze, [">= 0"])
     s.add_runtime_dependency(%q<sshkey>.freeze, [">= 0"])
-    s.add_development_dependency(%q<rspec>.freeze, [">= 0"])
-    s.add_development_dependency(%q<rdoc>.freeze, [">= 0"])
-    s.add_development_dependency(%q<jeweler>.freeze, [">= 0"])
     s.add_development_dependency(%q<addressable>.freeze, [">= 0"])
+    s.add_development_dependency(%q<jeweler>.freeze, [">= 0"])
+    s.add_development_dependency(%q<rdoc>.freeze, [">= 0"])
+    s.add_development_dependency(%q<rspec>.freeze, [">= 0"])
     s.add_development_dependency(%q<rspec-pending_for>.freeze, [">= 0"])
   else
-    s.add_dependency(%q<moneta>.freeze, ["~> 1.4.0"])
     s.add_dependency(%q<highline>.freeze, ["~> 2.0.0"])
+    s.add_dependency(%q<moneta>.freeze, ["~> 1.4.0"])
     s.add_dependency(%q<bcrypt>.freeze, [">= 0"])
+    s.add_dependency(%q<openssl>.freeze, [">= 0"])
     s.add_dependency(%q<sshkey>.freeze, [">= 0"])
-    s.add_dependency(%q<rspec>.freeze, [">= 0"])
-    s.add_dependency(%q<rdoc>.freeze, [">= 0"])
-    s.add_dependency(%q<jeweler>.freeze, [">= 0"])
     s.add_dependency(%q<addressable>.freeze, [">= 0"])
+    s.add_dependency(%q<jeweler>.freeze, [">= 0"])
+    s.add_dependency(%q<rdoc>.freeze, [">= 0"])
+    s.add_dependency(%q<rspec>.freeze, [">= 0"])
     s.add_dependency(%q<rspec-pending_for>.freeze, [">= 0"])
   end
 end

metadata

@@ -1,43 +1,43 @@
 --- !ruby/object:Gem::Specification
 name: trocla
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.5.0
 platform: ruby
 authors:
 - mh
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-05-11 00:00:00.000000000 Z
+date: 2023-01-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: moneta
+  name: highline
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.4.0
+        version: 2.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.4.0
+        version: 2.0.0
 - !ruby/object:Gem::Dependency
-  name: highline
+  name: moneta
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.0.0
+        version: 1.4.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.0.0
+        version: 1.4.0
 - !ruby/object:Gem::Dependency
   name: bcrypt
   requirement: !ruby/object:Gem::Requirement
@@ -52,6 +52,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: openssl
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: sshkey
   requirement: !ruby/object:Gem::Requirement
@@ -67,7 +81,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: addressable
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -81,7 +95,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rdoc
+  name: jeweler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -95,7 +109,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: jeweler
+  name: rdoc
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -109,7 +123,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: addressable
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -147,8 +161,8 @@ extra_rdoc_files:
 - README.md
 files:
 - ".document"
+- ".github/workflows/ruby.yml"
 - ".rspec"
-- ".travis.yml"
 - CHANGELOG.md
 - Gemfile
 - LICENSE.txt
@@ -173,6 +187,7 @@ files:
 - lib/trocla/formats/sha512crypt.rb
 - lib/trocla/formats/ssha.rb
 - lib/trocla/formats/sshkey.rb
+- lib/trocla/formats/wireguard.rb
 - lib/trocla/formats/x509.rb
 - lib/trocla/store.rb
 - lib/trocla/stores.rb
@@ -185,6 +200,7 @@ files:
 - spec/spec_helper.rb
 - spec/trocla/encryptions/none_spec.rb
 - spec/trocla/encryptions/ssl_spec.rb
+- spec/trocla/formats/pgsql_spec.rb
 - spec/trocla/formats/sshkey_spec.rb
 - spec/trocla/formats/x509_spec.rb
 - spec/trocla/store/memory_spec.rb
@@ -211,7 +227,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.3.26
 signing_key:
 specification_version: 4
 summary: Trocla a simple password generator and storage

data/.travis.yml

@@ -1,6 +0,0 @@
-language: ruby
-sudo: false
-rvm:
-  - jruby
-  - 2.7.0
-  - 3.0.0