yamp 0.1.0 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: af599784fb31d967ffc9f696ddc11691a5a294e8
-  data.tar.gz: 288685df62e89aa8ec9c77e9b837c06e561b7419
+  metadata.gz: 95c693293fc5c7bd9d42cf0f3aeca7361f02e4b9
+  data.tar.gz: d9de29b05eda8ee531f14e319c6527eec01a77cc
 SHA512:
-  metadata.gz: 4eec8131dc8f1f9b9c90992e32f6d37aaa79abf9b0092f51048c27669ed7159241cf88c09eb5cbfaad6d8e9bf4b39798523dbc2d2ca4f0f6151f3f3e78302b8d
-  data.tar.gz: 91b4c2ed2b91d8ac24eb6cc6b7e7c0ce4df2445400a4a7e62ff1726ebf7fe804fcad9e4a1ae8fc896df42823793e93411863eaf6b206a6552b969c6bf2ca6557
+  metadata.gz: 9b99277a33f585c6cd412b21d60bfec039d103825d7ccc5cb0b45f1e288bc794398d571f1d44cec45ce1afce2e7829ca36908cd0fe9586582a4b22561bf31428
+  data.tar.gz: c455b39c38c2378c36502415272d21c0d90f067d27d9e4d0d943e6295d2d475b3368b95218810c9e7eeebbea5c683a67e8ec3cce86ce8ae5d7ac2a09f7abbc2e

data/README.md

@@ -0,0 +1,40 @@
+# YAMP
+
+**Y**et **A**nother **M**inimalistic **P**asswordmanager
+
+## Description
+
+A minimal CLI-based password manager built upon redis-cache.
+
+## Installation
+
+*yamp* is available at [rubygems](https://rubygems.org). You can install it
+by typing `gem install yamp` in your terminal or download it directly from https://rubygems.org/gems/yamp.
+
+## Setup
+
+### General
+
+A running [redis](https://redis.io) server is required.
+
+You'll be prompted for the master password on every action and if *yamp* hasn't
+already been set up on the specified redis db instance the input will be used as the
+new master password, else the input gets validated against an existing master password.
+
+### Configuration File
+
+*yamp* creates a YAML configuration file in your home directory called *.yamp*
+where you can customize some behavior and specify another redis server to connect to
+instead of the local unprotected standard redis instance which is used by default.
+
+## Usage
+
+Each command prompts interactively for the master password which is used to encrypt and
+decrypt the data on the inside. When creating entries and no password is specified
+explicitly a random and secure 32 byte password will be generated and used instead.
+While a password is always mandatory for an entry a username is not.
+
+## Important notes
+
+This project is still under active development and is yet to see many upcoming
+changes, bug fixes and also feature implementations.

data/bin/yamp

@@ -8,6 +8,9 @@ require 'yamp'
 
 ARGV << '-h' if ARGV.empty?
 
+CONFIG         = ENV['HOME'] + "/.yamp"
+PASSWORD_CHARS = [*'0'..'9', *'a'..'z',*'A'..'Z','#','!','?','$','/','(',')','[',']']
+
 trap "SIGINT" do puts "\nk bye!"; exit(130) end
 
 class String
@@ -16,9 +19,6 @@ class String
 	def yellow;		"\033[33m#{self}\033[0m" end
 end
 
-CONFIG         = ENV['HOME'] + "/.yamp"
-PASSWORD_CHARS = [*'0'..'9', *'a'..'z',*'A'..'Z','#','!','?','$','/','(',')','[',']']
-
 options = {}
 OptionParser.new do |opts|
 	opts.banner = %q(
@@ -32,18 +32,20 @@ OptionParser.new do |opts|
 		yamp -g twitter --to-clipboard
 		yamp --delete facebook
 	)
-	opts.on('-a', '--add ENTRY',    'create an entry')            {|id| options[:add] = id}
-	opts.on('-g', '--get ENTRY',    'read an entry')              {|id| options[:get] = id}
-	opts.on('-u', '--update ENTRY', 'update an entry')            {|id| options[:upd] = id}
-	opts.on('-d', '--delete ENTRY', 'delete an entry')            {|id| options[:del] = id}
-	opts.on('-p', '--password PWD', 'specify a password')         {|pwd| options[:pwd] = pwd}
-	opts.on('-n', '--username USR', 'specify a username')         {|usr| options[:usr] = usr}
-	opts.on('-l', '--list',         'list all entries')           {options[:lst] = true}
-	opts.on('-c', '--to-clipboard', 'copy password to clipboard') {options[:clip] = true}
+	opts.on('-a', '--add ENTRY',    'create an entry')              {|id| options[:add] = id}
+	opts.on('-g', '--get ENTRY',    'read an entry')                {|id| options[:get] = id}
+	opts.on('-u', '--update ENTRY', 'update an entry')              {|id| options[:upd] = id}
+	opts.on('-d', '--delete ENTRY', 'delete an entry')              {|id| options[:del] = id}
+	opts.on('-p', '--password PWD', 'specify a password')           {|pwd| options[:pwd] = pwd}
+	opts.on('-n', '--username USR', 'specify a username')           {|usr| options[:usr] = usr}
+	opts.on('-l', '--list',         'list all entries')             {options[:lst] = true}
+	opts.on('-c', '--to-clipboard', 'copy password to clipboard')   {options[:clip] = true}
+	opts.on('-e', '--export FILE',  'export all entries to file')   {|f| options[:exp] = f}
+	opts.on('-i', '--import FILE',  'import all entries from file') {|f| options[:imp] = f}
 end.parse!
 
-unless (options.keys & [:add, :del, :upd, :get, :lst]).size == 1
-	puts "please specifiy either --add, --delete, --update, --get or --list"
+unless (options.keys & [:add, :del, :upd, :get, :lst, :exp, :imp]).size == 1
+	puts 'ERR zero or too many actions specified'
 	exit
 end
 
@@ -62,7 +64,7 @@ cfg = YAML.load_file(CONFIG)
 
 print cfg['ui']['prompt']
 master = STDIN.noecho(&:gets).chomp!; puts "\n"
-redis = Redis.new(
+redis  = Redis.new(
 	url: "redis://" +
 			 (cfg['redis']['protected'] ? ":#{master}@" : "") +
 			 "#{cfg['redis']['ip']}:" +
@@ -79,9 +81,9 @@ end
 if id = options[:add]
 	pwd = options[:pwd] ? options[:pwd] : 32.times.map {PASSWORD_CHARS.sample}.join
 	unless @vault.add id, pwd, options[:usr]
-		puts "entry already exists"
+		puts 'ERR entry already exists'
 	else
-		puts "+".green + " #{id}"
+		puts '+'.green + " #{id}"
 		Clipboard.copy pwd if options[:clip]
 	end
 	exit
@@ -89,16 +91,16 @@ end
 
 if id = options[:del]
 	unless @vault.remove id
-		puts "no such entry"
+		puts 'ERR no such entry'
 	else
-		puts "-".red + " #{id}"
+		puts '-'.red + " #{id}"
 	end
 	exit
 end
 
 if id = options[:upd]
 	unless options[:pwd] || options[:usr]
-		puts "oops! did you forget something?"
+		puts 'ERR no new data'
 		exit
 	end
 	pwd_updated = false
@@ -110,9 +112,9 @@ if id = options[:upd]
 		usr_updated = @vault.update id, :usr, usr
 	end
 	unless pwd_updated || usr_updated
-		puts "no such entry"
+		puts 'ERR no such entry'
 	else
-		puts "*".yellow + " #{id}"
+		puts '*'.yellow + " #{id}"
 		Clipboard.copy pwd if options[:clip]
 	end
 	exit
@@ -122,7 +124,7 @@ if id = options[:get]
 	password = @vault.get id, :pwd
 	username = @vault.get id, :usr
 	unless password || username
-		puts "no such entry"
+		puts 'ERR no such entry'
 	else
 		puts username if username
 		unless options[:clip]
@@ -138,3 +140,23 @@ if options[:lst]
 	puts @vault.list.sort
 	exit
 end
+
+if export_file = options[:exp]
+	begin
+		@vault.export export_file
+		puts '>'.red + " #{export_file}"
+	rescue Exception => e
+		puts e.message
+		exit
+	end
+end
+
+if import_file = options[:imp]
+	begin
+		@vault.import import_file
+		puts '<'.green + " #{import_file}"
+	rescue Exception => e
+		puts e.message
+		exit
+	end
+end

data/lib/yamp.rb

@@ -1,6 +1,7 @@
 
 require 'redis'
 require 'openssl'
+require 'yaml'
 
 module YAMP
 
@@ -11,7 +12,7 @@ module YAMP
       master_hash = redis.get "__mstr_h"
       master_salt = redis.get "__mstr_s"
       if master_hash && master_salt
-        @master_key = OpenSSL::PKCS5.pbkdf2_hmac_sha1(master, master_salt, 10000, 32)
+        @master_key = OpenSSL::PKCS5.pbkdf2_hmac_sha1(master, hex_to_bytes(master_salt), 10000, 32)
         unless OpenSSL::Digest::SHA512.hexdigest(@master_key) == master_hash
           raise ArgumentError, 'ERR invalid password'
         end
@@ -19,7 +20,7 @@ module YAMP
         salt = OpenSSL::Random.random_bytes(32)
         @master_key = OpenSSL::PKCS5.pbkdf2_hmac_sha1(master, salt, 10000, 32)
         redis.set "__mstr_h", OpenSSL::Digest::SHA512.hexdigest(@master_key)
-        redis.set "__mstr_s", salt
+        redis.set "__mstr_s", bytes_to_hex(salt)
       end
     end
 
@@ -52,28 +53,61 @@ module YAMP
       @redis.keys - %w{__mstr_h __mstr_s}
     end
 
+    def export file
+      begin
+        File.open file, 'w' do |f|
+          f.write "__mstr_h: #{@redis.get '__mstr_h'}\n"
+          f.write "__mstr_s: #{@redis.get '__mstr_s'}\n"
+          @redis.keys.select {|k| @redis.type(k) == "hash"} .each do |k|
+            f.write(({k => @redis.hgetall(k)}).to_yaml[3..-1])
+          end
+        end
+      rescue Errno::ENOENT
+        raise ArgumentError, 'ERR invalid path'
+      end
+    end
+
+    def import file
+      begin
+        data = YAML.load_file file
+        @redis.flushdb
+        data.each do |key, val|
+          if key.match "^__mstr_[h|s]"
+            @redis.set key, val
+            next
+          end
+          data[key].each {|k, v| @redis.hset key, k, v}
+        end
+      rescue Errno::ENOENT
+        raise ArgumentError, 'ERR file not found'
+      end
+    end
+
     private
 
+    def bytes_to_hex s; s.unpack('H*').first end
+    def hex_to_bytes s; s.scan(/../).map {|x| x.hex}.pack('c*') end
+
     def encrypt id, data
       cipher = OpenSSL::Cipher.new 'chacha20'
       cipher.encrypt
       iv = @redis.hget id, "__iv"
       unless iv
         iv = cipher.random_iv
-        @redis.hset id, "__iv", iv
+        @redis.hset id, "__iv", bytes_to_hex(iv)
       else
-        cipher.iv = iv
+        cipher.iv = hex_to_bytes(iv)
       end
       cipher.key = @master_key
-      cipher.update(data) + cipher.final
+      bytes_to_hex(cipher.update(data) + cipher.final)
     end
 
     def decrypt id, data
       cipher = OpenSSL::Cipher.new 'chacha20'
       cipher.decrypt
-      cipher.iv = @redis.hget id, "__iv"
+      cipher.iv = hex_to_bytes(@redis.hget id, "__iv")
       cipher.key = @master_key
-      cipher.update(data) + cipher.final
+      cipher.update(hex_to_bytes(data)) + cipher.final
     end
 
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: yamp
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 1.0.0
 platform: ruby
 authors:
 - Tobias Heilig
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-09-16 00:00:00.000000000 Z
+date: 2017-09-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: redis
@@ -57,8 +57,10 @@ email: holy708145@gmail.com
 executables:
 - yamp
 extensions: []
-extra_rdoc_files: []
+extra_rdoc_files:
+- README.md
 files:
+- README.md
 - bin/yamp
 - lib/yamp.rb
 homepage: https://github.com/HIGHphen/yamp