opensecret 0.0.951 → 0.0.957

data/lib/plugins/usecase.rb

@@ -208,7 +208,7 @@ module OpenSession
 
       log.info(x) { "assimilated [#{@p.length}] facts specific to the [#{@ucid_str}] use case." }
 
-      @time_stamp = OpenSession::Stamp.instance
+############      @time_stamp = OpenSession::Stamp.instance
 
 =begin
     @eco_id_str = SnapFlat.do self.class.name

data/lib/plugins/usecases/init.rb

@@ -4,96 +4,70 @@ module OpenSecret
 
   require 'openssl'
 
-# -->  require 'filesize'
-# -->  require 'tmpdir'
-# -->  require 'base64'
-# -->  require 'etc'
-# -->  require 'securerandom'
-# -->  require 'digest'
-# -->  require 'net/http'
-# -->  require 'net/ssh'
-# -->  require 'net/scp'
-# -->  require 'aws-sdk'
-# -->  require 'aws-sdk-resources'
-# -->  require 'nokogiri'
-# -->  require 'io/console'
-
-  # The <tt>init use case</tt> initializes +opensecret+ thus preparing it
+  # The <b>init use case</b> initializes opensecret thus preparing it
   # for the ability to lock secrets, unlock them, transport their keys and
   # much more.
   #
-  # Like all use cases, {self} validates to ensure that the pre-conditions
+  # Like all use cases, +init+ validates to ensure that the pre-conditions
   # have been met and then proceeds to execute its core offering and deliver
   # observable value.
   #
   # == Observable Value
   #
-  # The observable value delivered by init boils down to
+  # The observable value from the <b>init use case</b> init boils down to
   #
-  # - <tt>4 crypted keys</tt> on USB (or phone) in the +master.keys+ folder.
-  # - <tt>1 crypted workstation key</tt> under the workstation's home directory
-  # - one human password stashed deep inside your brain
+  # - the public key and <b>8192 bit encrypted private key</b> in the safe
+  # - the <b>encrypted workstation key</b> in the user's configuration file
+  # - the <b>encrypted public key signature</b> in the user's configuration file
+  # - a robust password (for unlocking secrets) +stashed in a human brain+
+  # - successful test of the open, put, list, lock, read and tell use cases
   #
-  # +No cloud or other external access+ occurs as per the opensecret policy.
+  # No cloud or other external access occurs as per the opensecret policy.
+  #
+  # == Thwart Public Key Switch Attacks
+  #
+  # A <b><em>public key switch attack</em></b> tries to access <b>future secrets</b>
+  # (not the ones already encrypted) via unwitting encryption using a public key
+  # the attacker controls.
+  #
+  # <b>opensecret</b> thwarts this by continual verification against an
+  # encrypted <em>public key signature</em> aboard the workstation.
   class Init < OpenSession::UseCase
 
     attr_writer :safe_path, :email_addr, :store_url
     @@context_name = "opensecret"
 
-    # The init use case initializes [opensecret] making it ready to lock and
-    # unlock secrets.
-    #
-    # == Main Flow of Events
+
+    # The init use case prepares <b>opensecret</b> so that you can <b>open</b> a packet,
+    # <b>put</b> secrets into it and then <b>lock</b> it, effectively writing the crypt
+    # material into the backend store.
     #
-    # So in preparation to execute its modus operandi encryption,
-    # decryption and (if required) transportation use cases opensecret will
+    # <b>Main Flow of Events</b>
     #
-    # - @todo copy the attributes file to the safestore AND delete it.
-    # - +collect the human password+ (twice), verify robustness (and throw away asap)
-    # - +manufacture workstation key+ that will be encrypted b4 it rests on machine
-    # - +create amalgamated human/workstation password+ for locking the private key
-    # - +create a long cryptographically strong symmetric encryption key+
-    # - +encrypt workstation key+ into <tt>.opensecret/<email>/workstation.key.osx.txt</tt>
-    # - +encrypt workstation encryption key+ with human password and email address
-    # - then write into the workstation opensecret config file under <tt>machine.key.crypt</tt>
-    # - @todo write machine.key.cipher copy the attributes file to the safestore AND delete it.
-    # - +create a super 8,192 bit private/public key pair+
-    # - use +amalgamated password with AES 256 RSA to encrypt the private key+
-    # - write to <tt><SAFE>/<email>/master.keys/master.private.key.x.os.txt</tt>
-    # - use the +amalgamated password with Blowfish to encrypt the public key+
-    # - write to <tt><SAFE>/<email>/master.keys/master.public.key.x.os.txt</tt>
-
-    # - +create robust salt+ for hashing the path to the (crypted) keys and ciphers
-    # - use +public key to encrypt the salt+
-    # - write crypted salt to <tt><SAFE>/<email>/master.keys/master.path.salt.crypt.txt</tt>
-    # - +create the cryptographic keystore+ inside the safe
+    # So to prepare for the <b><em>modus operandi</em></b> that encrypts, decrypts and if
+    # required transports secrets, we
     #
-    # Variables should be first zeroed and then deleted immediately after their last use.
-    # +We need to avoid sensitive keys hanging around waiting for the garbage collector.+
-    # If necessary - sensitive areas such as these could be implemented in Go or C which
-    # deliver control of exactly where, when and how memory is allocaed, and zeroed out.
+    # - collect the human password (twice) and verify its robustness
+    # - manufacture workstation key that will be encrypted b4 it rests on machine
+    # - create amalgamated human/workstation password for locking the private key
+    # - create a long cryptographically strong symmetric encryption key
+    # - encrypt workstation key and put crypt into the opensecret configuration file
+    # - create a super sized 8192 bit private key (and its asymmetric public key)
+    # - write the AES 256bit encrypted private key into safe-store's master keys
+    # - create a text bundle for signing composed of the keys, email and date/time
+    # - sign the bundle and save the signature in the master keys store
+    # - put the public key in the configuration file (off the homedirectory)
+    # - test the core open, put, list, lock, read and tell use case commands
     #
-    # == Observable Value
+    # <b>Observable Value</b>
     #
     # The <tt>init use case</tt> observable value post-conditions are
     #
-    # - <tt>4 crypted keys</tt> on USB (or phone) in the +master.keys+ folder.
-    # - <tt>1 crypted workstation key</tt> under the workstation's home directory
-    # - one human password stashed deep inside your brain
-    #
-    # == New Feature | Prevent Public Key Switch Attacks
-    #
-    # +Public Key switch attacks+ try to access <tt>future secrets</tt> - not the ones
-    # already encrypted.
-    #
-    # Their goal is <tt>unwitting encryption using a public key they control.</tt>
-    #
-    # A new feature should tie down the signatures of the 5 encrypted files (4 on
-    # usb/phone store and 1 on the machine) within a second workstation file and use
-    # first the human password and then the public key to lock it down.
-    #
-    # This action thwarts (usb key) switch attacks where the attacker knows the human
-    # password and has access to the USB key for a time.
+    # - the <b>8192 bit encrypted private key</b> in the master keys safe
+    # - the <b>public key</b>, time stamp and encrypted workstation key in config
+    # - the <b>encrypted workstation key</b> in the user's configuration file
+    # - the <b>asymmetric keys, time stamp and email</b> signature in master keys safe
+    # - a robust password (for unlocking secrets) +stashed in a human brain+
     def execute
 
       human_password = Collect.secret_text(
@@ -108,56 +82,23 @@ module OpenSecret
       asymmetric_keys = OpenSSL::PKey::RSA.new @c[:global][:bit_key_size]
       secured_keytext = asymmetric_keys.export @c[:global][:key_cipher], amalgam_key
 
-      machine_key_crypt_key = human_password + @c[:global][:separator_a] + @email_addr
+      crypt_key_segments = [ human_password, @c[:global][:separator_a], @email_addr, @c[:global][:separator_a], @c[:global][:stamp_23] ]
+      machine_key_crypt_key = crypt_key_segments.alphanumeric_union.concat_length
       blowfish_cipher = OpenSecret::Blowfish.new()
-      machine_key_x = blowfish_cipher.do_encrypt_with_key machine_key, machine_key_crypt_key
-
-      OpenSession::Attributes.stash @c[:global][:name], @c[:global][:machine_key_x], machine_key_x
-      FileUtils.mkdir_p @c[:global][:master_dirpath]
-      File.write @c[:global][:master_prv_key], secured_keytext
-
+      machine_key_x = blowfish_cipher.encryptor machine_key, machine_key_crypt_key
       public_key_text = asymmetric_keys.public_key.to_pem
-      public_key_crypt = Blowfish.new.do_encrypt_with_key public_key_text, amalgam_key
-      File.write @c[:global][:master_pub_key], public_key_crypt
-
-      payload_signature = asymmetric_keys.sign( OpenSSL::Digest::SHA256.new, public_key_text )
-
-      big_crypted_block = Aes256.new.encrypt_it(
-        public_key_text,
-        public_key_text,
-        payload_signature
-      )
-
-      puts ""
-      puts "=============="
-      puts "Crypted Block"
-      puts "=============="
-      puts ""
-      puts "#{big_crypted_block}"
-      puts ""
-      puts ""
-      puts "Carry on development in init.rb"
-      puts ""
 
+      OpenSession::Attributes.stash @c[:global][:name], @c[:global][:name], @c[:global][:machine_key_x], machine_key_x
+      OpenSession::Attributes.stash @c[:global][:name], @c[:global][:name], @c[:global][:stamp_key], @c[:global][:stamp_23]
+      OpenSession::Attributes.stash @c[:global][:name], @c[:global][:name], @c[:global][:publickey_id], public_key_text.to_hex
 
-=begin
-      Crypto.print_secret_env_var @p[:env_var_name], machine_key
-      GitFlow.do_clone_repo @p[:public_gitrepo], @p[:local_gitrepo]
-      FileUtils.mkdir_p @p[:public_keydir]
-      File.write @p[:public_keypath], public_key_text
-      GitFlow.push @p[:local_gitrepo], @p[:public_keyname], @c[:time][:stamp]
-=end
-
-
-#    exit
-# key4_pem = File.read 'private.secure.pem'
-# pass_phrase = 'superduperpasswordistoBeENTEREDRIGHT1234HereandRightNOW'
-# key4 = OpenSSL::PKey::RSA.new key4_pem, pass_phrase
-# decrypted_text = key4.private_decrypt(Base64.decode64(encrypted_string))
-
-# print "\nHey we have done the decryption.\n", "\n"
-# print decrypted_text, "\n"
+      to_sign_segments = [ secured_keytext, public_key_text, @email_addr, @c[:global][:stamp_23] ]
+      to_sign_packet = to_sign_segments.alphanumeric_union.concat_length
+      signature_string = Base64.encode64( asymmetric_keys.sign( OpenSSL::Digest::SHA256.new, to_sign_packet ) )
 
+      FileUtils.mkdir_p @c[:global][:master_dirpath]
+      File.write @c[:global][:master_prv_key], secured_keytext
+      File.write @c[:global][:master_sig_path], signature_string
 
     end
 
@@ -170,17 +111,17 @@ module OpenSecret
     # @raise [StoreUrlNotConfigured] if the crypt store url is not configured
     def pre_validation
 
-      @safe_path = OpenSession::Attributes.instance.get_value @@context_name, "safe"
+      @safe_path = OpenSession::Attributes.instance.get_value @@context_name, @@context_name, "safe"
       safe_configured = File.exists?( @safe_path ) && File.directory?( @safe_path )
       @err_msg = "[safe] storage not yet configured. Try =>] opensecret safe /folder/path"
       raise SafeDirNotConfigured.new @err_msg, @safe_path unless safe_configured
 
-      @email_addr = OpenSession::Attributes.instance.get_value @@context_name, "email"
+      @email_addr = OpenSession::Attributes.instance.get_value @@context_name, @@context_name, "email"
       email_configured = !@email_addr.nil? && !@email_addr.empty? && @email_addr.length > 4
       @err_msg = "viable [email address] not configured. Try =>] opensecret email joe@example.com"
       raise EmailAddrNotConfigured.new @err_msg, @email_addr unless email_configured
 
-      @store_url = OpenSession::Attributes.instance.get_value @@context_name, "store"
+      @store_url = OpenSession::Attributes.instance.get_value @@context_name, @@context_name, "store"
       store_configured = !@store_url.nil? && !@store_url.empty? && @store_url.length > 0
       @err_msg = "crypt [store url] not configured. Try =>] opensecret store /path/to/crypt"
       raise StoreUrlNotConfigured.new @err_msg, @store_url unless store_configured

data/lib/plugins/usecases/lock.rb

@@ -0,0 +1,178 @@
+#!/usr/bin/ruby
+	
+module OpenSecret
+
+  require 'openssl'
+
+  # The <tt>lock use case</tt> is called after {OpenSecret::Open} and {OpenSecret::Put}
+  # and its effect is to dispatch the doubly encrypted materrial to the configured storage
+  # platform, be it Git, S3, SSH or just an accessible file-system.
+  #
+  # The 3 core scenarios that this lock use case is equiped to handle are
+  #
+  # - a new source &raquo; as yet uncommitted
+  # - an updated source &raquo; to overwrite
+  # - an empty source &raquo; to delete
+  #
+  # == Observable Value
+  #
+  #     $ opensecret lock
+  #
+  # The observable value for a new or updated secrets package is
+  #
+  # - a doubly encrypted keyset within the safe keystore
+  # - a doubly encrypted secrets crypt in the backend crypt store
+  # - a crypt store sync'd with its off-machine Git (or S3, or ...) mirror
+  # - a public key that is verifid against its encrypted signature
+  # - deleted session material created (and encrypted) by the put use case
+  class Lock < OpenSession::UseCase
+
+    attr_writer :secret_id, :secret_value
+    @@context_name = "opensecret"
+
+
+    # Execute the <tt>open use case</tt> activities which precedes the ability to
+    # to add (put), subtract (del)ete and list the secrets into the opened session file.
+    # The file can then be locked (committed and pushed to permanent crypted stores).
+    #
+    # If the file to open already exists a --with option (giving the master-secret)
+    # must be provided.
+    #
+    # <b>Observable Value | Lock Use Case</b>
+    #
+    # The observable value for a new or updated secrets package is
+    #
+    # - a doubly encrypted keyset within the safe keystore
+    # - a doubly encrypted secrets crypt in the backend crypt store
+    # - a crypt store sync'd with its off-machine Git (or S3, or ...) mirror
+    # - a public key that is verifid against its encrypted signature
+    # - deleted session material created (and encrypted) by the put use case
+    def execute
+
+      session_id = OpenSession::Attributes.instance.get_value @@context_name, @c[:open][:open_name], @c[:open][:open_idname]
+      encrypt_key = OpenSession::Attributes.instance.get_value @@context_name, @c[:open][:open_name], @c[:open][:open_keyname]
+      rel_filepath = OpenSession::Attributes.instance.get_value @@context_name, @c[:open][:open_name], @c[:open][:open_pathname]
+
+      put_filepath = File.join @c[:open][:open_dirpath], rel_filepath
+
+      x_dictionary = OpenSession::Dictionary.new
+      x_dictionary.read put_filepath, true, encrypt_key
+
+      secret_ids = @secret_id.split("/")
+      if ( x_dictionary.has_key? secret_ids.first )
+        x_dictionary[secret_ids.first][secret_ids.last] = @secret_value
+      else
+        x_dictionary[secret_ids.first] = { secret_ids.last => @secret_value }
+      end
+
+      new_encryption_key = Engineer.strong_key @c[:open][:open_keylen]
+      OpenSession::Attributes.stash @@context_name, @c[:open][:open_name], @c[:open][:open_keyname], new_encryption_key
+      x_dictionary.write new_encryption_key
+
+
+#############################################################################################
+#############################################################################################
+
+
+
+
+#############################################################################################
+#############################################################################################
+
+
+      public_key_crypt = Blowfish.new.encryptor public_key_text, amalgam_key
+      File.write @c[:global][:master_pub_key], public_key_crypt
+
+      payload_signature = asymmetric_keys.sign( OpenSSL::Digest::SHA256.new, public_key_text )
+
+      big_crypted_block = Aes256.new.encrypt_it(
+        public_key_text,
+        public_key_text,
+        payload_signature
+      )
+
+      puts ""
+      puts "=============="
+      puts "Crypted Block"
+      puts "=============="
+      puts ""
+      puts "#{big_crypted_block}"
+      puts ""
+      puts ""
+      puts "Carry on development in init.rb"
+      puts ""
+
+
+=begin
+      Crypto.print_secret_env_var @p[:env_var_name], machine_key
+      GitFlow.do_clone_repo @p[:public_gitrepo], @p[:local_gitrepo]
+      FileUtils.mkdir_p @p[:public_keydir]
+      File.write @p[:public_keypath], public_key_text
+      GitFlow.push @p[:local_gitrepo], @p[:public_keyname], @c[:time][:stamp]
+=end
+
+
+#    exit
+# key4_pem = File.read 'private.secure.pem'
+# pass_phrase = 'superduperpasswordistoBeENTEREDRIGHT1234HereandRightNOW'
+# key4 = OpenSSL::PKey::RSA.new key4_pem, pass_phrase
+# decrypted_text = key4.private_decrypt(Base64.decode64(encrypted_string))
+
+# print "\nHey we have done the decryption.\n", "\n"
+# print decrypted_text, "\n"
+
+
+
+#############################################################################################
+#############################################################################################
+
+
+      machine_key = Engineer.machine_key human_password.length, @c[:global][:ratio]
+      amalgam_key = Amalgam.passwords human_password, machine_key, @c[:global][:ratio]
+      asymmetric_keys = OpenSSL::PKey::RSA.new @c[:global][:bit_key_size]
+      secured_keytext = asymmetric_keys.export @c[:global][:key_cipher], amalgam_key
+
+      crypt_key_segments = [ human_password, @c[:global][:separator_a], @email_addr, @c[:global][:separator_a], @c[:global][:stamp_23] ]
+      machine_key_crypt_key = crypt_key_segments.alphanumeric_union.concat_length
+      blowfish_cipher = OpenSecret::Blowfish.new()
+      machine_key_x = blowfish_cipher.encryptor machine_key, machine_key_crypt_key
+      public_key_text = asymmetric_keys.public_key.to_pem
+
+      OpenSession::Attributes.stash @c[:global][:name], @c[:global][:name], @c[:global][:machine_key_x], machine_key_x
+      OpenSession::Attributes.stash @c[:global][:name], @c[:global][:name], @c[:global][:stamp_key], @c[:global][:stamp_23]
+      OpenSession::Attributes.stash @c[:global][:name], @c[:global][:name], @c[:global][:publickey_id], public_key_text.to_hex
+
+      to_sign_segments = [ secured_keytext, public_key_text, @email_addr, @c[:global][:stamp_23] ]
+      to_sign_packet = to_sign_segments.alphanumeric_union.concat_length
+      signature_string = Base64.encode64( asymmetric_keys.sign( OpenSSL::Digest::SHA256.new, to_sign_packet ) )
+
+      FileUtils.mkdir_p @c[:global][:master_dirpath]
+      File.write @c[:global][:master_prv_key], secured_keytext
+      File.write @c[:global][:master_sig_path], signature_string
+
+
+#############################################################################################
+#############################################################################################
+
+
+    end
+
+
+    # Perform pre-conditional validations in preparation to executing the main flow
+    # of events for this use case. This method may throw the below exceptions.
+    #
+    # @raise [SafeDirNotConfigured] if the safe's url has not been configured
+    # @raise [EmailAddrNotConfigured] if the email address has not been configured
+    # @raise [StoreUrlNotConfigured] if the crypt store url is not configured
+    def pre_validation
+
+
+    end
+
+
+  end
+
+
+end
+
+

data/lib/plugins/usecases/open.rb

@@ -27,6 +27,7 @@ module OpenSecret
   #
   class Open < OpenSession::UseCase
 
+    attr_writer :context_path
     @@context_name = "opensecret"
 
     # Execute the <tt>open use case</tt> activities which precedes the ability to
@@ -36,7 +37,7 @@ module OpenSecret
     # If the file to open already exists a --with option (giving the master-secret)
     # must be provided.
     #
-    # == Observable Value
+    # <b>Observable Value [Open Use Case]</b>
     #
     #     $ opensecret open home/wifi
     #
@@ -48,7 +49,8 @@ module OpenSecret
     # - the INI string (were the file to be decrypted) would look like the below
     #
     #     [session]
-    #     base.path = home/wifi
+    #     session.key = EQFe4TKMWyrlyD59NRWWJYVue8xsTnKAnuXtsZ6NRoVXMeqFRj
+    #     session.path = home/wifi.1vz16m5Zl47w.x.os.txt
     #
     # @example
     #    home/wifi can be simply populated like this.
@@ -67,80 +69,23 @@ module OpenSecret
     #
     def execute
 
-      FileUtils.mkdir_p @p[:open_dirpath]
-      open_id = Engineer.strong_key @p[:open_idlen]
-      open_key = Engineer.strong_key @p[:open_keylen]
-
-      OpenSession::Attributes.stash @p[:open_name], @p[:open_idname], open_id
-      OpenSession::Attributes.stash @p[:open_name], @p[:open_keyname], open_key
-      OpenSession::Attributes.stash @p[:open_name], @p[:open_pathname], open_path
-
-
-      exit
-
-
-      human_password = Collect.secret_text(
-        @c[:global][:min_passwd_len],
-        true,
-        @c[:global][:prompt_1],
-        @c[:global][:prompt_2]
-      )
-
-      machine_key = Engineer.machine_key human_password.length, @c[:global][:ratio]
-      amalgam_key = Amalgam.passwords human_password, machine_key, @c[:global][:ratio]
-      asymmetric_keys = OpenSSL::PKey::RSA.new @c[:global][:bit_key_size]
-      secured_keytext = asymmetric_keys.export @c[:global][:key_cipher], amalgam_key
-
-      machine_key_crypt_key = human_password + @c[:global][:separator_a] + @email_addr
-      blowfish_cipher = OpenSecret::Blowfish.new()
-      machine_key_x = blowfish_cipher.do_encrypt_with_key machine_key, machine_key_crypt_key
-
-      OpenSession::Attributes.stash @c[:global][:name], @c[:global][:machine_key_x], machine_key_x
-      FileUtils.mkdir_p @c[:global][:master_dirpath]
-      File.write @c[:global][:master_prv_key], secured_keytext
+      last_fwdslash_index = @context_path.rindex "/"
+      folder_path = @context_path[0 .. last_fwdslash_index]
+      file_word = @context_path[last_fwdslash_index .. -1]
 
-      public_key_text = asymmetric_keys.public_key.to_pem
-      public_key_crypt = Blowfish.new.do_encrypt_with_key public_key_text, amalgam_key
-      File.write @c[:global][:master_pub_key], public_key_crypt
+      session_folder_path = File.join @p[:open_dirpath], folder_path
 
-      payload_signature = asymmetric_keys.sign( OpenSSL::Digest::SHA256.new, public_key_text )
-
-      big_crypted_block = Aes256.new.encrypt_it(
-        public_key_text,
-        public_key_text,
-        payload_signature
-      )
-
-      puts ""
-      puts "=============="
-      puts "Crypted Block"
-      puts "=============="
-      puts ""
-      puts "#{big_crypted_block}"
-      puts ""
-      puts ""
-      puts "Carry on development in init.rb"
-      puts ""
-
-
-=begin
-      Crypto.print_secret_env_var @p[:env_var_name], machine_key
-      GitFlow.do_clone_repo @p[:public_gitrepo], @p[:local_gitrepo]
-      FileUtils.mkdir_p @p[:public_keydir]
-      File.write @p[:public_keypath], public_key_text
-      GitFlow.push @p[:local_gitrepo], @p[:public_keyname], @c[:time][:stamp]
-=end
-
-
-#    exit
-# key4_pem = File.read 'private.secure.pem'
-# pass_phrase = 'superduperpasswordistoBeENTEREDRIGHT1234HereandRightNOW'
-# key4 = OpenSSL::PKey::RSA.new key4_pem, pass_phrase
-# decrypted_text = key4.private_decrypt(Base64.decode64(encrypted_string))
+      FileUtils.mkdir_p session_folder_path
+      open_id = Engineer.strong_key @p[:open_idlen]
+      open_key = Engineer.strong_key @p[:open_keylen]
 
-# print "\nHey we have done the decryption.\n", "\n"
-# print decrypted_text, "\n"
+      file_name = file_word + ".#{open_id}.os.txt"
+#######################      file_path = File.join session_folder_path, file_name
+      file_key = File.join folder_path, file_name
 
+      OpenSession::Attributes.stash @@context_name, @p[:open_name], @p[:open_idname], open_id
+      OpenSession::Attributes.stash @@context_name, @p[:open_name], @p[:open_keyname], open_key
+      OpenSession::Attributes.stash @@context_name, @p[:open_name], @p[:open_pathname], file_key
 
     end
 
@@ -153,20 +98,6 @@ module OpenSecret
     # @raise [StoreUrlNotConfigured] if the crypt store url is not configured
     def pre_validation
 
-      @safe_path = OpenSession::Attributes.instance.get_value @@context_name, "safe"
-      safe_configured = File.exists?( @safe_path ) && File.directory?( @safe_path )
-      @err_msg = "[safe] storage not yet configured. Try =>] opensecret safe /folder/path"
-      raise SafeDirNotConfigured.new @err_msg, @safe_path unless safe_configured
-
-      @email_addr = OpenSession::Attributes.instance.get_value @@context_name, "email"
-      email_configured = !@email_addr.nil? && !@email_addr.empty? && @email_addr.length > 4
-      @err_msg = "viable [email address] not configured. Try =>] opensecret email joe@example.com"
-      raise EmailAddrNotConfigured.new @err_msg, @email_addr unless email_configured
-
-      @store_url = OpenSession::Attributes.instance.get_value @@context_name, "store"
-      store_configured = !@store_url.nil? && !@store_url.empty? && @store_url.length > 0
-      @err_msg = "crypt [store url] not configured. Try =>] opensecret store /path/to/crypt"
-      raise StoreUrlNotConfigured.new @err_msg, @store_url unless store_configured
 
     end