From fb0126d519ef639e57956afac04f92b2e3a2839e Mon Sep 17 00:00:00 2001 From: nishiki Date: Sun, 8 Sep 2013 20:04:31 +0200 Subject: [PATCH] remove the password file --- lib/Cli.rb | 44 +++++++++++++++++++++++++++----------------- lib/MPW.rb | 43 +++++-------------------------------------- 2 files changed, 32 insertions(+), 55 deletions(-) diff --git a/lib/Cli.rb b/lib/Cli.rb index 1f49887..649de7e 100644 --- a/lib/Cli.rb +++ b/lib/Cli.rb @@ -31,10 +31,9 @@ class Cli puts "# --------------------" key = ask("Enter the GPG key: ") file_gpg = ask("Enter the path to encrypt file [default=#{Dir.home()}/.mpw.gpg]: ") - file_pwd = ask("Enter te path to password file [default=#{Dir.home()}/.mpw.pwd]: ") - timeout_pwd = ask("Enter the timeout (in seconde) to GPG password [default=300]: ") + timeout_pwd = ask("Enter the timeout (in seconde) to GPG password [default=60]: ") - if @m.setup(key, file_gpg, file_pwd, timeout_pwd) + if @m.setup(key, file_gpg, timeout_pwd) puts "The config file has been created!" else puts "ERROR: #{@m.error_msg}" @@ -43,12 +42,8 @@ class Cli # Request the GPG password and decrypt the file def decrypt() - if not @m.checkFilePassword() - passwd = ask("Password GPG: ") {|q| q.echo = false} - return @m.decrypt(passwd) - else - return @m.decrypt() - end + @passwd = ask("Password GPG: ") {|q| q.echo = false} + return @m.decrypt(@passwd) end # Display the query's result @@ -60,9 +55,9 @@ class Cli if not result.empty? result.each do |r| if format.nil? || !format - displayFormat(r) + self.displayFormat(r) else - displayFormatAlt(r) + self.displayFormatAlt(r) end end else @@ -165,7 +160,7 @@ class Cli result = @m.searchById(id) if result.length > 0 - displayFormat(result) + self.displayFormat(result) confirm = ask("Are you sure to remove the item: #{id} ? (y/N) ") if confirm =~ /^(y|yes|YES|Yes|Y)$/ @@ -209,7 +204,7 @@ class Cli if not force if result.is_a?(Array) && !result.empty? result.each do |r| - displayFormat(r) + self.displayFormat(r) end confirm = ask("Are you sure to import this file: #{file} ? (y/N) ") @@ -232,23 +227,38 @@ class Cli # Interactive mode def interactive() + last_access = Time.now.to_i + while true + if @m.timeout_pwd < Time.now.to_i - last_access + passwd_confirm = ask("Password GPG: ") {|q| q.echo = false} + + if @passwd.eql?(passwd_confirm) + last_access = Time.now.to_i + else + puts 'Bad password!' + next + end + else + last_access = Time.now.to_i + end + command = ask(" ").split(' ') case command[0] when 'display', 'show', 'd', 's' if !command[1].nil? && !command[1].empty? - display(command[1], command[2]) + self.display(command[1], command[2]) end when 'add', 'a' - cli.add() + add() when 'update', 'u' if !command[1].nil? && !command[1].empty? - update(command[1]) + self.update(command[1]) end when 'remove', 'delete', 'r', 'd' if !command[1].nil? && !command[1].empty? - remove(command[1]) + self.remove(command[1]) end when 'help', 'h', '?' puts '# Help' diff --git a/lib/MPW.rb b/lib/MPW.rb index 1ec5b01..496189e 100644 --- a/lib/MPW.rb +++ b/lib/MPW.rb @@ -21,6 +21,7 @@ class MPW COMMENT = 8 attr_accessor :error_msg + attr_accessor :timeout_pwd # Constructor def initialize() @@ -34,7 +35,7 @@ class MPW # file_pwd -> the file who stock the password # timeout_pwd -> time to save the password # @rtrn: true if le config file is create - def setup(key, file_gpg, file_pwd, timeout_pwd) + def setup(key, file_gpg, timeout_pwd) if not key =~ /[a-zA-Z0-9.-_]+\@[a-zA-Z0-9]+\.[a-zA-Z]+/ @error_msg = "The key string isn't in good format!" @@ -45,16 +46,11 @@ class MPW file_gpg = "#{Dir.home()}/.mpw.gpg" end - if file_pwd.empty? - file_pwd = "#{Dir.home()}/.mpw.pwd" - end - - timeout_pwd.empty? ? (timeout_pwd = 300) : (timeout_pwd = timeout_pwd.to_i) + timeout_pwd.empty? ? (timeout_pwd = 60) : (timeout_pwd = timeout_pwd.to_i) config = {'config' => {'key' => key, 'file_gpg' => file_gpg, - 'timeout_pwd' => timeout_pwd, - 'file_pwd' => file_pwd}} + 'timeout_pwd' => timeout_pwd}} begin File.open(@file_config, 'w') do |file| @@ -75,10 +71,9 @@ class MPW config = YAML::load_file(@file_config) @key = config['config']['key'] @file_gpg = config['config']['file_gpg'] - @file_pwd = config['config']['file_pwd'] @timeout_pwd = config['config']['timeout_pwd'].to_i - if @key.empty? || @file_gpg.empty? || @file_pwd.empty? + if @key.empty? || @file_gpg.empty? @error_msg = "Checkconfig failed!" return false end @@ -97,21 +92,6 @@ class MPW def decrypt(passwd=nil) @data = Array.new - begin - if passwd.nil? || passwd.empty? - passwd = IO.read(@file_pwd) - - elsif !passwd.nil? && !passwd.empty? - file_pwd = File.new(@file_pwd, 'w') - File.chmod(0600, @file_pwd) - file_pwd << passwd - file_pwd.close - end - rescue Exception => e - @error_msg = "Can't decrypt file!\n#{e}" - return false - end - begin if File.exist?(@file_gpg) crypto = GPGME::Crypto.new(:armor => true) @@ -135,19 +115,6 @@ class MPW end end - # Check if a password it saved - # @rtrn: true if a password exist in the password file - def checkFilePassword() - if !@file_pwd.nil? && File.exist?(@file_pwd) && File.stat(@file_pwd).mtime.to_i + @timeout_pwd < Time.now.to_i - File.delete(@file_pwd) - return false - elsif !@file_pwd.nil? && File.exist?(@file_pwd) - return true - else - return false - end - end - # Encrypt a file # @rtrn: true if the file has been encrypted def encrypt()