leeloo 0.3.0 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f395de66b0d5e6550921e66339d5dcd2df759bc38662d09b4bc650a510cb4dd8
-  data.tar.gz: 9b311918a29972cd5bca9dc0c856bf37e8bacf59db8b6b954ff1ebd5d4790eeb
+  metadata.gz: 45be4ecf01ce08cd7317d3c6f9d8a612d999b972efdcbfe322a964a06f77a303
+  data.tar.gz: bd3a8767c2c1d70cdc21856b180cb7f3651c9777471f70a35af810130650d4ef
 SHA512:
-  metadata.gz: 36703d60d92d086540d33d16171d1aa290595f4d408db707ac22fdeb11077f8d393ffd861c25aaafa331441586b27b98a8b4f16ac33f61da654c6e27b992ff3f
-  data.tar.gz: dde8201181fbfb863f091accb97bd2fea285e1cdb7bc75c7ec94ee2c9ce4c1783b8b0c55d593b55b5446506c3826862f32d989657a64873205d4052dbba2ea1b
+  metadata.gz: 1ec00409e8ac173872aac71537aad50d40f93a24634b1b101b6f46b59d658696c2480d6e5157fd7cd1d864acc4cc6ec5e421eed6ff74f560c4e25f57ecd7bd27
+  data.tar.gz: 1d259f7fc29192bcf6d1cd3a7f7f92d8e9244d79e11741f2fce8f82f8aab0d7cfd5c96ad120c16aa018b8c69540e937e6986a8f18a297a7d137d748e5e19511d

data/lib/leeloo.rb

@@ -1,9 +1,11 @@
 require 'leeloo/version'
+require 'leeloo/controller'
 require 'leeloo/command'
 require 'leeloo/preferences'
 require 'leeloo/keystore'
 require 'leeloo/secret'
 require 'leeloo/output'
+require 'leeloo/server'
 
 module Leeloo
   def self.start

data/lib/leeloo/command.rb

@@ -9,29 +9,9 @@ end
 
 module Leeloo
 
-  class OutputFactory
-    def self.create options
-      output = nil
-      if options.ascii
-        output = Ascii.new
-      else
-        output = Terminal.new
-      end
-      if options.clipboard
-        ClipboardOutputDecorator.new output
-      else
-        output
-      end
-    end
-  end
-
   class Command
     include Commander::Methods
 
-    def initialize
-      @preferences = PrivateLocalFileSystemPreferences.new.load
-    end
-
     def run
       program :name, 'leeloo'
       program :version, Leeloo::VERSION
@@ -52,8 +32,7 @@ module Leeloo
         c.option '--keystore STRING', String, 'a selected keystore'
 
         c.action do |args, options|
-          keystore = @preferences.keystore(options.keystore)
-          OutputFactory.create(options).render_secrets keystore.secrets
+          SecretsController.new(options).display
         end
       end
 
@@ -66,10 +45,9 @@ module Leeloo
         c.action do |args, options|
           abort "name is missing" unless args.length == 1
           name = args.first
-
-          keystore = @preferences.keystore(options.keystore)
-          secrets = keystore.secrets.select { |secret| secret.name.downcase.include? name.downcase } || []
-          OutputFactory.create(options).render_secrets secrets
+          ctl = SecretsController.new(options)
+          ctl.search(name)
+          ctl.display
         end
       end
 
@@ -79,7 +57,7 @@ module Leeloo
         c.option '--ascii', nil, 'display secrets without unicode tree'
 
         c.action do |args, options|
-          OutputFactory.create(options).render_preferences @preferences
+          KeystoreController.new(options).display
         end
       end
 
@@ -87,10 +65,12 @@ module Leeloo
         c.syntax      = 'leeloo keystore remove <name>'
         c.description = "remove a keystore (path/to/keystore is not destroyed)"
 
-        c.action do |args, options|
+        c.action do |args, options|args
           abort "name is missing" unless args.length == 1
-          @preferences.remove_keystore args.first
-          OutputFactory.create(options).render_preferences @preferences
+          name = args.first
+          ctl = KeystoreController.new(options)
+          ctl.remove(name)
+          ctl.display
         end
       end
 
@@ -100,10 +80,11 @@ module Leeloo
 
         c.action do |args, options|
           abort "name or path is missing" unless args.length == 2
-
-          @preferences.add_keystore({"name" => args.first, "path" => args.last, "cypher" => "gpg", "vc" => "git"})
-          @preferences.keystore(args.first).init
-          OutputFactory.create(options).render_preferences @preferences
+          name = args.first
+          path = args.last
+          ctl = KeystoreController.new(options)
+          ctl.add(name, path)
+          ctl.display
         end
       end
 
@@ -113,9 +94,10 @@ module Leeloo
 
         c.action do |args, options|
           abort "name is missing" unless args.length == 1
-
-          @preferences.set_default_keystore args.first
-          OutputFactory.create(options).render_preferences @preferences
+          name = args.first
+          ctl = KeystoreController.new(options)
+          ctl.set_default(name)
+          ctl.display
         end
       end
 
@@ -129,10 +111,9 @@ module Leeloo
         c.action do |args, options|
           abort "name is missing" unless args.length == 1
           name = args.first
-
-          keystore = @preferences.keystore(options.keystore)
-          secret = keystore.secret_from_name(name)
-          OutputFactory.create(options).render_secret secret
+          ctl = SecretController.new(options)
+          ctl.read(name)
+          ctl.display
         end
       end
 
@@ -147,22 +128,9 @@ module Leeloo
         c.action do |args, options|
           abort "name is missing" unless args.length == 1
           name = args.first
-          phrase = nil
-
-          phrase = STDIN.read if options.stdin
-          phrase = SecureRandom.base64(32).truncate(options.generate.to_i) if options.generate
-
-          unless phrase
-            phrase  = password "secret"
-            confirm = password "confirm it"
-            abort "not the same secret" unless phrase == confirm
-          end
-
-          keystore = @preferences.keystore(options.keystore)
-          secret = keystore.secret_from_name(name)
-          secret.write(phrase)
-
-          OutputFactory.create(options).render_secret secret
+          ctl = SecretController.new(options)
+          ctl.write(name)
+          ctl.display
         end
       end
 
@@ -172,9 +140,9 @@ module Leeloo
         c.option '--keystore STRING', String, 'a selected keystore'
 
         c.action do |args, options|
-          keystore = @preferences.keystore(options.keystore)
-          text = STDIN.read
-          OutputFactory.create(options).render_translate keystore, text
+          ctl = TranslateController.new(options)
+          ctl.translate
+          ctl.display
         end
       end
 
@@ -186,10 +154,9 @@ module Leeloo
         c.action do |args, options|
           abort "name is missing" unless args.length == 1
           name = args.first
-
-          keystore = @preferences.keystore(options.keystore)
-          secret = keystore.secret_from_name(name)
-          secret.erase
+          ctl = SecretController.new(options)
+          ctl.remove(name)
+          ctl.display
         end
       end
 
@@ -199,8 +166,9 @@ module Leeloo
         c.option '--keystore STRING', String, 'a selected keystore'
 
         c.action do |args, options|
-          keystore = @preferences.keystore(options.keystore)
-          keystore.sync
+          ctl = KeystoreController.new(options)
+          ctl.sync
+          ctl.display
         end
       end
 
@@ -210,8 +178,48 @@ module Leeloo
         c.option '--keystore STRING', String, 'a selected keystore'
 
         c.action do |args, options|
-          keystore = @preferences.keystore(options.keystore)
-          keystore.init
+          ctl = KeystoreController.new(options)
+          ctl.init
+          ctl.display
+        end
+      end
+
+      command :share do |c|
+        c.syntax      = 'leeloo share <name>'
+        c.description = "share a secret with someone"
+        c.option '--keystore STRING', String, 'a selected keystore'
+
+        c.action do |args, options|
+          abort "name is missing" unless args.length == 1
+          name = args.first
+          ctl = ShareController.new(options)
+          ctl.token(name)
+          ctl.display
+          ctl.start_server
+        end
+      end
+
+      command :token do |c|
+        c.syntax      = 'leeloo token <name>'
+        c.description = "generate an access token for a given secret"
+        c.option '--keystore STRING', String, 'a selected keystore'
+
+        c.action do |args, options|
+          abort "name is missing" unless args.length == 1
+          name = args.first
+          ctl = ShareController.new(options)
+          ctl.token(name)
+          ctl.display
+        end
+      end
+
+      command :server do |c|
+        c.syntax      = 'leeloo server'
+        c.description = "start a server access token"
+
+        c.action do |args, options|
+          ctl = ShareController.new(options)
+          ctl.start_server
         end
       end
 

data/lib/leeloo/controller.rb

@@ -0,0 +1,122 @@
+module Leeloo
+	class OutputFactory
+		def self.create options
+			output = nil
+			if options.ascii
+				output = Ascii.new
+			else
+				output = Terminal.new
+			end
+			if options.clipboard
+				ClipboardOutputDecorator.new output
+			else
+				output
+			end
+		end
+	end
+
+	class Controller
+		def display
+		end
+	end
+    
+	class PrivateLocalFileSystemController < Controller
+		def initialize options
+			@preferences = PrivateLocalFileSystemPreferences.new.load
+			@keystore = @preferences.keystore(options.keystore)
+			@output = OutputFactory.create(options)
+			@options = options
+		end
+	end
+
+	class SecretsController < PrivateLocalFileSystemController
+		def initialize options
+			super options
+			@secrets = @preferences.keystore(@options.keystore).secrets
+		end
+		def search name
+			@secrets = @secrets.select { |secret| secret.name.downcase.include? name.downcase } || []
+		end
+		def display
+			@output.render_secrets @secrets
+		end
+	end
+
+	class SecretController < PrivateLocalFileSystemController
+		def read name
+			@secret = @keystore.secret_from_name(name)
+		end
+		def write name
+			phrase = nil
+
+			phrase = STDIN.read if @options.stdin
+			phrase = SecureRandom.base64(32).truncate(@options.generate.to_i) if @options.generate
+
+			unless phrase
+				phrase  = password "secret"
+				confirm = password "confirm it"
+				abort "not the same secret" unless phrase == confirm
+			end
+
+			@secret = @keystore.secret_from_name(name)
+			@secret.write(phrase)
+		end
+		def remove name
+			@secret = @keystore.secret_from_name(name)
+			@secret.erase
+		end
+		def display
+			@output.render_secret @secret
+		end
+	end
+
+	class TranslateController < PrivateLocalFileSystemController
+		def translate
+			@text = STDIN.read
+			@text.scan(/\$\{.*\}/).each do |secret|
+				begin
+				@text.gsub! secret, (@keystore.secret_from_name(secret[2..-2])).read.to_s.strip 
+				rescue => exception
+					# silent
+				end
+			end
+		end
+		def display
+			@output.render_text @text
+		end
+	end
+
+	class KeystoreController < PrivateLocalFileSystemController
+		def add name, path
+			@preferences.add_keystore({"name" => name, "path" => path, "cypher" => "gpg", "vc" => "git"})
+			@preferences.keystore(name).init
+		end
+		def remove name
+			@preferences.remove_keystore name
+		end
+		def set_default name
+			@preferences.set_default_keystore name
+		end
+		def sync
+			@keystore.sync
+		end
+		def init
+			@keystore.init
+		end
+		def display
+			@output.render_preferences @preferences
+		end
+    end
+
+    class ShareController < PrivateLocalFileSystemController
+        def token name
+            @footprint = @keystore.footprint_of(name)
+        end
+        def start_server
+            Server.new.start @preferences
+        end
+        def display
+            @output.render_footprint @footprint
+        end
+    end
+end

data/lib/leeloo/keystore.rb

@@ -1,6 +1,7 @@
 require 'gpgme'
 require 'fileutils'
 require 'git'
+require 'base64'
 
 module Leeloo
 
@@ -51,6 +52,14 @@ module Leeloo
       # initialize the keystore
     end
 
+    def footprint name
+      # footprint a given secret path
+    end
+
+    def secret_from_footprint footprint
+      # returns a secret object
+    end
+
     def == keystore
       self.name == keystore.name
     end
@@ -92,6 +101,19 @@ module Leeloo
       secret_of "#{path}/secrets/#{name}"
     end
 
+    def footprint_of name
+      secret = secret_from_name name
+      { "footprint" => secret.footprint, "keystore" => self.name, "secret" => secret.name }
+    end
+
+    def secret_from_footprint footprint
+      secret = secret_from_name footprint["secret"]
+      unless secret.footprint == footprint["footprint"]
+        raise "footprint is not valid"
+      end
+      secret
+    end
+
   end
 
   class GpgPrivateLocalFileSystemKeystore < PrivateLocalFileSystemKeystore
@@ -119,6 +141,20 @@ module Leeloo
       secret_of "#{path}/secrets/#{name}.gpg"
     end
 
+    def footprint_of name
+      footprint = super name
+      footprint["sign"] = Base64.strict_encode64 GPGME::Crypto.new.sign(footprint["footprint"]).to_s
+      footprint
+    end
+
+    def secret_from_footprint footprint
+      data = GPGME::Crypto.new.verify(Base64.strict_decode64 footprint["sign"]) { |signature| signature.valid? }
+      if data.read == footprint["footprint"]
+        super footprint
+      else
+        raise "signature is not valid"
+      end
+    end
   end
 
   class GitKeystoreDecorator < Keystore
@@ -148,6 +184,14 @@ module Leeloo
       @keystore.path
     end
 
+    def footprint_of element
+      @keystore.footprint_of element
+    end
+
+    def secret_from_footprint footprint
+      @keystore.secret_from_footprint footprint
+    end
+
     def sync
       @git.pull
       @keystore.sync

data/lib/leeloo/output.rb

@@ -1,6 +1,9 @@
 require 'clipboard'
 require 'tty-table'
 require 'tty-tree'
+require 'json'
+require 'base64'
+require 'socket'
 
 module Leeloo
 
@@ -15,7 +18,13 @@ module Leeloo
         def render_secret secret
         end
 
-        def render_translate keystore, text
+        def render_text text
+        end
+
+        def render_footprint footprint
+        end
+
+        def render_share footprint
         end
     end
 
@@ -37,16 +46,14 @@ module Leeloo
             end
         end
 
-        def render_translate keystore, text
-            text.scan(/\$\{.*\}/).each do |secret|
-                begin
-                   text.gsub! secret, (keystore.secret_from_name(secret[2..-2])).read.to_s.strip 
-                rescue => exception
-                    # silent
-                end
-            end
+        def render_text text
             puts text
         end
+
+        def render_footprint footprint
+            puts "token:"
+            puts Base64.strict_encode64 footprint.to_json
+        end
     end
 
     class Terminal < Ascii
@@ -107,16 +114,16 @@ module Leeloo
             @output.render_secrets secrets
         end
 
-        def render_translate keystore, text
-            @output.render_translate keystore, text
+        def render_text text
+            @output.render_text text
         end
 
         def render_secret secret
 
             Signal.trap("INT") do
                 Clipboard.clear
-                abort "ciao"
-              end
+                abort "cleared"
+            end
 
             Clipboard.copy secret.read
             wait = Thread.new do
@@ -129,6 +136,14 @@ module Leeloo
             wait.join
             Clipboard.clear
         end
+
+        def render_footprint footprint
+            @output.render_footprint footprint
+        end
+
+        def render_share footprint
+            @output.render_share footprint
+        end
     end
 
 end

data/lib/leeloo/preferences.rb

@@ -34,8 +34,9 @@ module Leeloo
         end
 
         def remove_keystore name
+            abort "you can not remove default keystore" if name == @default
             keystore = @keystores.find { |k| k["name"] == name }
-            if keystore !=nil
+            if keystore != nil
                 @keystores.delete keystore
             end
         end
@@ -70,8 +71,8 @@ module Leeloo
             self
         end
 
-        def keystore_of keystore_name
-            keystore = @keystores.find { |keystore| keystore["name"] == keystore_name }
+        def keystore_of name
+            keystore = @keystores.find { |keystore| keystore["name"] == name }
             KeystoreFactory::create keystore
         end
 

data/lib/leeloo/secret.rb

@@ -1,5 +1,6 @@
 require 'gpgme'
 require 'fileutils'
+require 'digest'
 
 module Leeloo
   class Secret
@@ -26,6 +27,9 @@ module Leeloo
       # erase the secret
     end
 
+    def footprint
+      # a footprint is a token proving the authenticity of a secret
+    end
   end
 
   class LocalFileSystemSecret < Secret
@@ -50,6 +54,13 @@ module Leeloo
       File.delete @pathname
     end
 
+    def footprint
+      secret = File.read @pathname
+      md5 = Digest::MD5.new
+      md5 << secret
+      md5.hexdigest
+    end
+
   end
 
   class GpgLocalFileSystemSecret < LocalFileSystemSecret
@@ -88,6 +99,10 @@ module Leeloo
       @secret.read
     end
 
+    def footprint
+      @secret.footprint
+    end
+
     def write phrase
       @secret.write phrase
       @git.add @secret.pathname

data/lib/leeloo/server.rb

@@ -0,0 +1,37 @@
+require 'webrick'
+require 'json'
+require 'base64'
+
+class Server
+
+    def start preferences
+
+        puts """
+        Please share this url : 
+        http://your_ip:8000\?q=YOUR_TOKEN
+
+        run ssh -R:localhost:8000 ssh.localhost.run
+        if you want to share your password through tunneling
+        """
+
+        server = WEBrick::HTTPServer.new :Port => 8000
+        server.mount_proc '/' do |req, res|
+            query = req.query()["q"] || req.body()
+            if query
+                begin
+                    body = JSON.parse(Base64.strict_decode64 query)
+                    key = body["body"] ? JSON.parse(body["body"]) : body
+                    res.body = preferences.keystore(key["keystore"]).secret_from_footprint(key).read.to_s
+                rescue => exception
+                    puts exception
+                    res.status = 400
+                end
+            else
+                res.status = 400
+            end
+        end
+
+        trap 'INT' do server.shutdown end
+        server.start
+    end
+end

data/lib/leeloo/version.rb

@@ -1,4 +1,4 @@
 module Leeloo
-  VERSION     = '0.3.0'.freeze
+  VERSION     = '0.4.0'.freeze
   DESCRIPTION = "The easiest way to share securely your secrets".freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: leeloo
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - sylvek
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2019-09-15 00:00:00.000000000 Z
+date: 2019-12-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: commander
@@ -147,10 +147,12 @@ files:
 - exe/leeloo
 - lib/leeloo.rb
 - lib/leeloo/command.rb
+- lib/leeloo/controller.rb
 - lib/leeloo/keystore.rb
 - lib/leeloo/output.rb
 - lib/leeloo/preferences.rb
 - lib/leeloo/secret.rb
+- lib/leeloo/server.rb
 - lib/leeloo/version.rb
 homepage: https://github.com/sylvek/leeloo
 licenses: