Class: SafeFile

Inherits:

Object

• Object
• SafeFile

Defined in:

lib/safefile.rb

Overview

SafeFile The file containing the safe entries

Instance Attribute Summary

• #entries ⇒ Object

  Returns the value of attribute entries.

• #filename ⇒ Object

  Returns the value of attribute filename.

• #password ⇒ Object

  Returns the value of attribute password.

Instance Method Summary

• #add(name) ⇒ Object

  Adds an entry.

• #authorized? ⇒ Boolean

  Returns whether the password is authorized.

• #can_insert?(name) ⇒ Boolean

  Determines whether we can insert this entry–if it exists, we prompt for the OK.

• #change_password ⇒ Object

  Changes the file’s password.

• #count ⇒ Object

  Returns the count of entries in the file.

• #create_element(name, text) ⇒ Object

  Helper method to create an XML element with a name and text.

• #create_file(file) ⇒ Object

  Creates a new file.

• #decrypt_file(file) ⇒ Object

  Decrypts the file.

• #delete(name) ⇒ Object

  Deletes an entry.

• #generate_salt_and_hash ⇒ Object
• #initialize(password, dir, filename = '.safe.xml') ⇒ SafeFile constructor

  A new instance of SafeFile.

• #insert(name, id, pw) ⇒ Object

  Inserts an entry.

• #list(name) ⇒ Object

  Lists the desired entries.

• #load ⇒ Object

  Loads the file.

• #save ⇒ Object

  Saves the file.

Constructor Details

#initialize(password, dir, filename = '.safe.xml') ⇒ SafeFile

Returns a new instance of SafeFile.

# File 'lib/safefile.rb', line 47

def initialize(password, dir, filename = '.safe.xml')
  raise "Password must not be blank" unless password
  self.entries = Hash.new
  self.filename = "#{dir}/#{filename}"
  self.password = password
  load
end

Instance Attribute Details

#entries ⇒ Object

Returns the value of attribute entries.

# File 'lib/safefile.rb', line 45

def entries
  @entries
end

#filename ⇒ Object

Returns the value of attribute filename.

# File 'lib/safefile.rb', line 45

def filename
  @filename
end

#password ⇒ Object

Returns the value of attribute password.

# File 'lib/safefile.rb', line 45

def password
  @password
end

Instance Method Details

#add(name) ⇒ Object

Adds an entry

# File 'lib/safefile.rb', line 119

def add(name)
  if can_insert? name
    print "#{name} User ID: "
    id = gets.chomp!
    pw = SafeUtils::get_password("#{name} Password: ")
    insert(name, id, pw)
    save
  end
end

#authorized? ⇒ Boolean

Returns whether the password is authorized

Returns:

• (Boolean)

# File 'lib/safefile.rb', line 193

def authorized?
  @hash == Digest::SHA256.hexdigest(self.password + @salt)
end

#can_insert?(name) ⇒ Boolean

Determines whether we can insert this entry–if it exists, we prompt for the OK

Returns:

• (Boolean)

# File 'lib/safefile.rb', line 136

def can_insert?(name)
  proceed = true
  if @entries.has_key?(name)
    print "Overwrite existing #{name} (y/N)? "
    proceed = (gets.chomp == 'y')
  end
  proceed
end

#change_password ⇒ Object

Changes the file’s password

# File 'lib/safefile.rb', line 175

def change_password
  new_password = SafeUtils::get_password('Enter new password: ')
  rpt_password = SafeUtils::get_password('Confirm password: ')
  if new_password == rpt_password
    self.password = new_password
    generate_salt_and_hash
    save
  else
    puts 'Passwords do not match'
  end
end

#count ⇒ Object

Returns the count of entries in the file

# File 'lib/safefile.rb', line 170

def count()
  @entries.length
end

#create_element(name, text) ⇒ Object

Helper method to create an XML element with a name and text

# File 'lib/safefile.rb', line 198

def create_element(name, text)
  e = Element.new name
  e.text = text
  e
end

#create_file(file) ⇒ Object

Creates a new file

# File 'lib/safefile.rb', line 90

def create_file(file)
  puts 'Creating new file . . .'
  generate_salt_and_hash
  save
end

#decrypt_file(file) ⇒ Object

Decrypts the file

# File 'lib/safefile.rb', line 69

def decrypt_file(file)
  begin
    root = Document.new(file).root
    @salt = root.attributes["salt"]
    @hash = root.attributes["hash"]
    if authorized?
      crypt_key = Crypt::Blowfish.new(self.password)
      e_entries = root.elements["entries"]
      e_entries.elements.each("entry") do |entry|
        fields = crypt_key.decrypt_string(Base64::decode64(entry.cdatas[0].to_s)).split("\t")
        fields.length == 3 ? insert(fields[0], fields[1], fields[2]) : puts("Cannot parse #{fields}, discarding.")
      end
    else
      raise 'The password you entered is not valid'
    end
  rescue ParseException
    puts "Cannot parse #{file.path}"
  end
end

#delete(name) ⇒ Object

Deletes an entry

# File 'lib/safefile.rb', line 146

def delete(name)
  if @entries.has_key?(name)
    @entries.delete(name)
    save
  else
    puts "Entry #{name} not found"
  end
end

#generate_salt_and_hash ⇒ Object

# File 'lib/safefile.rb', line 187

def generate_salt_and_hash
  @salt = [Array.new(20){rand(256).chr}.join].pack('m').chomp
  @hash = Digest::SHA256.hexdigest(self.password + @salt)
end

#insert(name, id, pw) ⇒ Object

Inserts an entry

# File 'lib/safefile.rb', line 130

def insert(name, id, pw)
  @entries.delete(name)
  @entries[name] = SafeEntry.new(name, id, pw)
end

#list(name) ⇒ Object

Lists the desired entries

# File 'lib/safefile.rb', line 156

def list(name)
  output = Array.new
  @entries.each_value do |entry|
    # TODO Inconsistent case handling
    if name == nil || entry.name.upcase =~ /^#{name.upcase}/
      output << entry
    end
  end
  output.sort.each do |entry|
    puts entry
  end
end

#load ⇒ Object

Loads the file

# File 'lib/safefile.rb', line 56

def load
  f = File.open(@filename, File::CREAT)
  begin
    f.lstat.size == 0 ? create_file(f) : decrypt_file(f)
  rescue
    # TODO Determine whether error is can't create file, and print appropriate error
    raise $!
  ensure
    f.close unless f.nil?
  end
end

#save ⇒ Object

Saves the file

# File 'lib/safefile.rb', line 97

def save
  doc = Document.new
  root = Element.new "safe"
  root.attributes["salt"] = @salt
  root.attributes["hash"] = @hash
  doc.add_element root

  crypt_key = Crypt::Blowfish.new(self.password)
  e_entries = Element.new "entries"
  @entries.each_value do |entry|
    e = Element.new "entry"
    CData.new Base64.encode64(crypt_key.encrypt_string(entry.to_s)), true, e
    e_entries.add_element e
  end
  root.add_element e_entries
  
  f = File.new(@filename, 'w')
  doc.write f, 2
  f.close
end