yopass 1.1.1 → 1.1.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gemspec +1 -1
- data/.travis.yml +5 -0
- data/CHANGELOG.md +6 -0
- data/Gemfile +3 -0
- data/LICENSE +13 -0
- data/README.md +3 -0
- data/Rakefile +5 -0
- data/lib/static/packaged/css/font.css +6 -6
- data/lib/static/packaged/fonts/sans/OpenSans-Bold.ttf +0 -0
- data/lib/static/packaged/fonts/sans/OpenSans-Light.ttf +0 -0
- data/lib/static/packaged/fonts/sans/OpenSans.ttf +0 -0
- data/lib/static/packaged/fonts/sans/OpenSansLight-Italic.ttf +0 -0
- data/lib/static/packaged/fonts/sans/SourceSansPro-Bold.ttf +0 -0
- data/lib/static/packaged/fonts/sans/SourceSansPro-Regular.ttf +0 -0
- data/lib/views/index.erb +1 -1
- data/lib/yopass.rb +10 -2
- data/spec/spec_helper.rb +20 -0
- data/spec/yopass_spec.rb +57 -0
- metadata +16 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8db430181db17b14ef799a4967b2309d9394c53b
|
4
|
+
data.tar.gz: 1e61be3b5b13c9866cc85dbd8110b232a7b4acba
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 4f1e92c8c9ca27e0e91b641509c02361c60d13778797fe75bc21c014b3bbff940e9ba392d8f276cb2ee2aeeef057c35fb7cc1fa8ba7250a9847f000f547f6204
|
7
|
+
data.tar.gz: 67ee5fdb2509ab7d9934634c5a9ff1fabaa6f5e1f8f4216c0b7a9c68c5e36a3ca7bd2fabd9795a0cb54bfb2411724445b411d412ac35c0c48d46511d75328085
|
data/.gemspec
CHANGED
data/.travis.yml
ADDED
data/CHANGELOG.md
ADDED
data/Gemfile
CHANGED
data/LICENSE
ADDED
@@ -0,0 +1,13 @@
|
|
1
|
+
Copyright 2014 johan.haals@gmail.com
|
2
|
+
|
3
|
+
Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
+
you may not use this file except in compliance with the License.
|
5
|
+
You may obtain a copy of the License at
|
6
|
+
|
7
|
+
http://www.apache.org/licenses/LICENSE-2.0
|
8
|
+
|
9
|
+
Unless required by applicable law or agreed to in writing, software
|
10
|
+
distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
+
See the License for the specific language governing permissions and
|
13
|
+
limitations under the License.
|
data/README.md
CHANGED
@@ -1,4 +1,6 @@
|
|
1
1
|
# YoPass - Share Secrets Securely
|
2
|
+
[![Build Status](https://travis-ci.org/JHaals/yopass.png?branch=master)](https://travis-ci.org/JHaals/yopass)
|
3
|
+
|
2
4
|
YoPass is a website that store secrets encrypted(AES 256) in memory(memcached) for a fixed period of time.
|
3
5
|
Secrets can then be shared more securely over channels such as IRC and Email. The decryption password for the secret can be sent over SMS to improve security.
|
4
6
|
|
@@ -35,3 +37,4 @@ Bulksms
|
|
35
37
|
|
36
38
|
### Screenshot
|
37
39
|
![YoPass website](http://f.cl.ly/items/2F2T1L3a3R162K2G383q/yopass.png)
|
40
|
+
|
data/Rakefile
ADDED
@@ -2,35 +2,35 @@
|
|
2
2
|
font-family: 'Open Sans';
|
3
3
|
font-style: normal;
|
4
4
|
font-weight: 300;
|
5
|
-
src: local('Open Sans Light'), local('OpenSans-Light'), url(
|
5
|
+
src: local('Open Sans Light'), local('OpenSans-Light'), url(/packaged/fonts/sans/OpenSans-Light.ttf) format('truetype');
|
6
6
|
}
|
7
7
|
@font-face {
|
8
8
|
font-family: 'Open Sans';
|
9
9
|
font-style: normal;
|
10
10
|
font-weight: 400;
|
11
|
-
src: local('Open Sans'), local('OpenSans'), url(
|
11
|
+
src: local('Open Sans'), local('OpenSans'), url(/packaged/fonts/sans/OpenSans.ttf) format('truetype');
|
12
12
|
}
|
13
13
|
@font-face {
|
14
14
|
font-family: 'Open Sans';
|
15
15
|
font-style: normal;
|
16
16
|
font-weight: 700;
|
17
|
-
src: local('Open Sans Bold'), local('OpenSans-Bold'), url(
|
17
|
+
src: local('Open Sans Bold'), local('OpenSans-Bold'), url(/packaged/fonts/sans/OpenSans-Bold.ttf) format('truetype');
|
18
18
|
}
|
19
19
|
@font-face {
|
20
20
|
font-family: 'Open Sans';
|
21
21
|
font-style: italic;
|
22
22
|
font-weight: 300;
|
23
|
-
src: local('Open Sans Light Italic'), local('OpenSansLight-Italic'), url(
|
23
|
+
src: local('Open Sans Light Italic'), local('OpenSansLight-Italic'), url(/packaged/fonts/sans/OpenSansLight-Italic.ttf) format('truetype');
|
24
24
|
}
|
25
25
|
@font-face {
|
26
26
|
font-family: 'Source Sans Pro';
|
27
27
|
font-style: normal;
|
28
28
|
font-weight: 400;
|
29
|
-
src: local('Source Sans Pro'), local('SourceSansPro-Regular'), url(
|
29
|
+
src: local('Source Sans Pro'), local('SourceSansPro-Regular'), url(/packaged/fonts/sans/SourceSansPro-Regular.ttf) format('truetype');
|
30
30
|
}
|
31
31
|
@font-face {
|
32
32
|
font-family: 'Source Sans Pro';
|
33
33
|
font-style: normal;
|
34
34
|
font-weight: 700;
|
35
|
-
src: local('Source Sans Pro Bold'), local('SourceSansPro-Bold'), url(
|
35
|
+
src: local('Source Sans Pro Bold'), local('SourceSansPro-Bold'), url(/packaged/fonts/sans/SourceSansPro-Bold.ttf) format('truetype');
|
36
36
|
}
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
data/lib/views/index.erb
CHANGED
@@ -70,7 +70,7 @@
|
|
70
70
|
<h2 class="ui header">
|
71
71
|
<i class="remove circle icon"></i>
|
72
72
|
<div class="content">Not stored on disk
|
73
|
-
<div class="sub header">Your secret is stored in memory to
|
73
|
+
<div class="sub header">Your secret is stored in memory to increase security</div>
|
74
74
|
</div>
|
75
75
|
</h2>
|
76
76
|
</div>
|
data/lib/yopass.rb
CHANGED
@@ -12,12 +12,15 @@ class Yopass < Sinatra::Base
|
|
12
12
|
register Sinatra::Reloader
|
13
13
|
set :config, YAML.load_file('conf/yopass.yaml')
|
14
14
|
end
|
15
|
+
configure :test do
|
16
|
+
set :config, YAML.load_file('conf/yopass.yaml')
|
17
|
+
end
|
15
18
|
configure :production do
|
16
19
|
set :config, YAML.load_file('/etc/yopass.yaml')
|
17
20
|
end
|
18
21
|
configure do
|
19
|
-
set :cache, Memcached.new(settings.config['memcached_url'])
|
20
22
|
set :public_folder, File.dirname(__FILE__) + '/static'
|
23
|
+
set :cache, Memcached.new(settings.config['memcached_url'])
|
21
24
|
end
|
22
25
|
|
23
26
|
get '/' do
|
@@ -47,8 +50,13 @@ class Yopass < Sinatra::Base
|
|
47
50
|
password = SecureRandom.hex[0..8]
|
48
51
|
# encrypt secret with generated password
|
49
52
|
data = Encryptor.encrypt(params[:secret], :key => password)
|
53
|
+
|
50
54
|
# store secret in memcached
|
51
|
-
|
55
|
+
begin
|
56
|
+
settings.cache.set key, data, lifetime_options[lifetime]
|
57
|
+
rescue Memcached::ServerIsMarkedDead
|
58
|
+
return "Can't contact memcached"
|
59
|
+
end
|
52
60
|
|
53
61
|
if settings.config['send_sms'] == true and !params[:mobile_number].nil?
|
54
62
|
# strip everything except digits
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
require 'simplecov'
|
2
|
+
SimpleCov.start do
|
3
|
+
add_filter "/vendor/"
|
4
|
+
end
|
5
|
+
require 'sinatra'
|
6
|
+
require 'rack/test'
|
7
|
+
|
8
|
+
require File.join(File.dirname(__FILE__), '../lib/yopass.rb')
|
9
|
+
|
10
|
+
set :run, false
|
11
|
+
set :raise_errors, true
|
12
|
+
set :logging, true
|
13
|
+
|
14
|
+
def app
|
15
|
+
Yopass
|
16
|
+
end
|
17
|
+
|
18
|
+
RSpec.configure do |config|
|
19
|
+
config.include Rack::Test::Methods
|
20
|
+
end
|
data/spec/yopass_spec.rb
ADDED
@@ -0,0 +1,57 @@
|
|
1
|
+
#ENV['RACK_ENV'] = 'test'
|
2
|
+
require 'spec_helper'
|
3
|
+
|
4
|
+
describe 'yopass' do
|
5
|
+
|
6
|
+
it 'should give the website' do
|
7
|
+
get '/'
|
8
|
+
last_response.body.should match /Share Secrets Securely/
|
9
|
+
end
|
10
|
+
|
11
|
+
it 'should complain about invalid lifetime' do
|
12
|
+
post '/', params={'lifetime' => 'foo'}
|
13
|
+
last_response.body.should match /Invalid lifetime/
|
14
|
+
end
|
15
|
+
|
16
|
+
it 'should complain about missing secret' do
|
17
|
+
post '/', params={'lifetime' => '1h', 'secret' => ''}
|
18
|
+
last_response.body.should match /No secret submitted/
|
19
|
+
end
|
20
|
+
|
21
|
+
it 'should complain about secret being to long' do
|
22
|
+
post '/', params={'lifetime' => '1h', 'secret' => "0" * 10000}
|
23
|
+
last_response.body.should match /This site is meant to store secrets not novels/
|
24
|
+
end
|
25
|
+
|
26
|
+
it 'should complain about not being able to connect to memcached' do
|
27
|
+
post '/', params={'lifetime' => '1h', 'secret' => "0" * 100}
|
28
|
+
last_response.body.should match /Can't contact memcached/
|
29
|
+
end
|
30
|
+
|
31
|
+
it 'should store secret' do
|
32
|
+
Memcached.any_instance.stub(:set)
|
33
|
+
post '/', params={'lifetime' => '1h', 'secret' => "0" * 100}
|
34
|
+
last_response.body.should match /http:\/\/127.0.0.1:4567\/get\?k=/
|
35
|
+
end
|
36
|
+
|
37
|
+
it 'should receive secret' do
|
38
|
+
Memcached.any_instance.stub(:get).and_return("\xCD\xB6\xA8\xAD\x9A\x9A\xE6\xB2\xB1\\\x8EMULf\xAC")
|
39
|
+
Memcached.any_instance.stub(:delete)
|
40
|
+
get '/get?p=mykey&k=123'
|
41
|
+
last_response.body.should match /hello world/
|
42
|
+
end
|
43
|
+
|
44
|
+
it 'should raise Memcached::NotFound' do
|
45
|
+
Memcached.any_instance.stub(:get).and_raise(Memcached::NotFound)
|
46
|
+
get '/get?p=mykey&k=123'
|
47
|
+
last_response.body.should match /Secret does not exist/
|
48
|
+
end
|
49
|
+
|
50
|
+
it 'should complain about invalid decryption key' do
|
51
|
+
Memcached.any_instance.stub(:get).and_return("\xCD\xB6\xA8\xAD\x9A\x9A\xE6\xB2\xB1\\\x8EMULf\xAC")
|
52
|
+
Memcached.any_instance.stub(:delete)
|
53
|
+
get '/get?p=invalid&k=123'
|
54
|
+
last_response.body.should match /Invalid decryption key/
|
55
|
+
end
|
56
|
+
|
57
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: yopass
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.1.
|
4
|
+
version: 1.1.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Johan Haals
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-02-
|
11
|
+
date: 2014-02-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: encryptor
|
@@ -60,8 +60,12 @@ extensions: []
|
|
60
60
|
extra_rdoc_files: []
|
61
61
|
files:
|
62
62
|
- .gemspec
|
63
|
+
- .travis.yml
|
64
|
+
- CHANGELOG.md
|
63
65
|
- Gemfile
|
66
|
+
- LICENSE
|
64
67
|
- README.md
|
68
|
+
- Rakefile
|
65
69
|
- conf/config.ru
|
66
70
|
- conf/yopass.yaml
|
67
71
|
- lib/static/js/jquery.address.js
|
@@ -78,6 +82,12 @@ files:
|
|
78
82
|
- lib/static/packaged/fonts/icons.svg
|
79
83
|
- lib/static/packaged/fonts/icons.ttf
|
80
84
|
- lib/static/packaged/fonts/icons.woff
|
85
|
+
- lib/static/packaged/fonts/sans/OpenSans-Bold.ttf
|
86
|
+
- lib/static/packaged/fonts/sans/OpenSans-Light.ttf
|
87
|
+
- lib/static/packaged/fonts/sans/OpenSans.ttf
|
88
|
+
- lib/static/packaged/fonts/sans/OpenSansLight-Italic.ttf
|
89
|
+
- lib/static/packaged/fonts/sans/SourceSansPro-Bold.ttf
|
90
|
+
- lib/static/packaged/fonts/sans/SourceSansPro-Regular.ttf
|
81
91
|
- lib/static/packaged/images/loader-large-inverted.gif
|
82
92
|
- lib/static/packaged/images/loader-large.gif
|
83
93
|
- lib/static/packaged/images/loader-medium-inverted.gif
|
@@ -99,6 +109,8 @@ files:
|
|
99
109
|
- lib/yopass.rb
|
100
110
|
- lib/yopass/sms_provider.rb
|
101
111
|
- lib/yopass/sms_provider/bulksms.rb
|
112
|
+
- spec/spec_helper.rb
|
113
|
+
- spec/yopass_spec.rb
|
102
114
|
homepage: https://github.com/jhaals/yopass
|
103
115
|
licenses:
|
104
116
|
- Apache 2.0
|
@@ -124,4 +136,5 @@ rubygems_version: 2.0.3
|
|
124
136
|
signing_key:
|
125
137
|
specification_version: 4
|
126
138
|
summary: Secure sharing for secrets and passwords
|
127
|
-
test_files:
|
139
|
+
test_files:
|
140
|
+
- spec/yopass_spec.rb
|