opensecret 0.0.959 → 0.0.960

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ced0dc3656c2318960d7c747cd24e8eacb189224
-  data.tar.gz: dcca8f54f93da21ef00d6fbbdba0e8975ac7ddca
+  metadata.gz: b95962b0946200185b87257ef12fbfab9e689ecd
+  data.tar.gz: 40eb3bb6b0a401192e33a92b23053d35755f7c51
 SHA512:
-  metadata.gz: 219cd0fe00537778fb1364d6a214856bea94be3196e399177bbcbd912ffab087dda9bb01fb906ad1fd7f078f15f27b9d1c24d82894fb1790f592e838487aa10e
-  data.tar.gz: 2ba3881642795bf29de00431cbd7926b664b3d0a0031f18eb17b2dc5d79d282f8df7ccb32559720e614be52229e2ec8eb59b924282b88596960ab10fa52bc8cf
+  metadata.gz: 8e6c1c61a35e114c6e20e5d8192c3d1a2b996fb6bb65ebd58858f268d2839d5d629824883b2efc8ef8e50faf064f13efcf77e850986313baa168fb0ea06caf10
+  data.tar.gz: 8f511f4f83d18d85a3891ef504bef7b60a8f8bcb59e427d86f24acf928315d765132be999a0aa63a2aec4cd818e7b96ab61df59346fc6753c94c30fa4bc14b66

data/lib/extension/string.rb

@@ -12,6 +12,36 @@
 class String
 
 
+  # Overtly long file paths (eg in logs) can hamper readability so this 
+  # <b>human readable filepath converter</b> counters the problem by
+  # returning (only) the 2 immediate ancestors of the filepath.
+  #
+  # So this method returns the name of the grandparent folder then parent folder
+  # and then the most significant file (or folder) name.
+  #
+  # When this is not possible due to the filepath being colisively near the
+  # filesystem's root, it returns the parameter name.
+  # 
+  # @example
+  #    A really long input like
+  #    => /home/joe/project/degrees/math/2020
+  #    is reduced to
+  #    => degrees/math/2020
+  #
+  # @return [String] the segmented 3 most significant path name elements.
+  def hr_path
+
+    object_name   = File.basename self
+    parent_folder = File.dirname  self
+    parent_name   = File.basename parent_folder
+    granny_folder = File.dirname  parent_folder
+    granny_name   = File.basename granny_folder
+
+    return [granny_name,parent_name,object_name].join("/")
+
+  end
+
+
   # Return a new string matching this one with every non alpha-numeric
   # character removed. This string is left unchanged.
   #

data/lib/factbase/facts.opensecret.io.ini

@@ -24,6 +24,10 @@ stamp.key       =  stamp
 stamp.14        =  rb>> OpenSession::Stamp.yyjjj_hhmm_sst
 stamp.23        =  rb>> OpenSession::Stamp.yyjjj_hhmm_ss_nanosec
 
+base.path       =  rb>> File.join FilePath.context_path(@s[:name]), @s[:email_address]
+store.keyspath  =  rb>> File.join @s[:base_path], "coldstore.keys"
+store.mainpath  =  rb>> File.join @s[:base_path], "coldstore.main"
+
 machine.key.x   =  os.x
 separator.a     =  %$os$%
 publickey.id    =  public.key

data/lib/plugins/coldstore.rb

@@ -0,0 +1,145 @@
+#!/usr/bin/ruby
+# coding: utf-8
+
+module OpenSecret
+
+  # Cold storage can sync repositories with a <b>bias during conflicts</b>
+  # either to the <em>remote repository</em> <b>when pulling</b>, and then
+  # conversely to the <em>local reposiory</em> <b>when pushing</b>.
+  #
+  # In between the sync operations a ColdStore can create, read, update and
+  # delete to and from the local mirror.
+  #
+  # == ColdStore | Use Cases
+  #
+  # Any <b>self-respecting coldstore</b> must, after initialization, provide
+  # some basic (and mandatory) behaviour.
+  #
+  # These include
+  #
+  # - <b>read</b> - reading text from a (possibly unavailable) frozen path
+  # - <b>write</b> - writing text (effectively freezing it) to a path
+  # - <b>pull</b> - sync with a <b>collision bias</b> that favours the remote mirror 
+  # - <b>push</b> - sync with a <b>collision bias</b> that favours the local mirror
+  #
+  # <b>Cold Storage</b> is borrowed from BitCoin and represents offline storage
+  # for keys and crypts. opensecret separates keys and crypts so that you can
+  # transfer and share secrets by moving keys (not the crypts).
+  #
+  # == Houses and Gold Bullion
+  #
+  # You don't carry houses or gold bullion around to rent, share or transfer
+  # their ownership.
+  #
+  # You copy keys to rent secrets and when the tenure is up (or you change your
+  # mind) you revoke access with a metaphorical lock change.
+  #
+  # opensecret embodies concepts like an owner who rents as opposed to a change
+  # in ownership.
+  #
+  # == trade secrets | commoditizing secrets
+  #
+  # opensecret is a conduit through which secrets can be bought and sold.
+  #
+  # It commoditizes secrets so that they can be owned, traded, leased and
+  # auctioned. Options to acquire or relinquish them at set prices can easily
+  # be taken out.
+  class ColdStore
+
+    # @param base_path [String]
+    #    path to the store's (mirror) base directory.
+    #    If the denoted directory does not exist an attempt will be made to
+    #    create it. If a file exists at this path an error will be thrown.
+    #
+    # @param domain [String]
+    #    the domain is an identifier (and namespace) denoting which opensecret
+    #    "account" is being accessed. opensecret allows the creation and use of
+    #    multiple domains.
+    def initialize local_path
+
+      @store_path = local_path
+      FileUtils.mkdir_p @store_path
+
+    end
+
+
+    # Read the file frozen (in this store mirror) at this path and
+    # return its contents.
+    #
+    # Coldstores are usually frozen offline (offmachine) so for this
+    # to work the {ColdStore.pull} behaviour must have executed to
+    # create a local store mirror. This method reads from that mirror.
+    #
+    # @param from_path [String]
+    #    read the file frozen at this path and return its contents
+    #    so that the defreeze process can begin.
+    #
+    #    This path is relative to the base of the store defined in
+    #    the constructor.
+    #
+    # @return [String]
+    #    return the text frozen in a file at the denoted local path
+    #
+    #    nil is reurned if no file can be found in the local mirror
+    #    at the configured path
+    def read from_path
+
+      frozen_filepath = File.join @store_path, from_path
+      return nil unless File.exists? frozen_filepath
+      return File.read frozen_filepath
+
+    end
+
+
+    # Write (freeze) the text into a file at the denoted path. The
+    # folder path will be created if need be.
+    #
+    # Coldstores are usually frozen offline (offmachine) so after
+    # this method completes the {ColdStore.push} behaviour must be
+    # executed to synchronize the local coldstore freezer with the
+    # remote mirror.
+    #
+    # @param this_text [String]
+    #    this is the text that needs to be frozen into the local and
+    #    subsequently the remote coldstore freezer.
+    #
+    # @param to_path [String]
+    #    write the text (effectively freezing it) into the file at
+    #    this path. An attempt will be made to put down the necessary
+    #    directory structure.
+    #
+    #    This path is relative to the base of the store defined in
+    #    the constructor.
+    def write this_text, to_path
+
+      freeze_filepath = File.join @store_path, to_path
+
+      log.info(x) { "ColdStore freezing #{this_text.length} characters of worthless text."}
+      log.info(x) { "ColdStore freeze file path => #{freeze_filepath.hr_path}"}
+
+      FileUtils.mkdir_p(File.dirname(freeze_filepath))
+      File.write freeze_filepath, this_text
+
+    end
+
+
+    private
+
+    # @todo - write sync (with a local bias during conflicts)
+    #     The open up to the public (published) api.
+    def push
+
+
+    end
+
+    # @todo - write sync (with a rmote bias during conflicts)
+    #     The open up to the public (published) api.
+    def pull
+
+    end
+
+
+  end
+
+
+end

data/lib/plugins/envelope.rb

@@ -40,31 +40,6 @@ module OpenSecret
   class Envelope < Hash
 
 
-    # Write the data in this envelope hash map into a file-system
-    # backed mirror whose path was specified in the {self.read} method.
-    #
-    # Technology for encryption at rest is supported by this dictionary
-    # and to this aim, please endeavour to post a robust symmetric
-    # encryption key.
-    #
-    # Calling this {self.write} method when the file at the prescribed path
-    # does not exist results in the directory structure being created
-    # (if necessary) and then the encrypted file being written.
-    #
-    # @param encryption_key [String]
-    #     encryption at rest is a given so this mandatory parameter must
-    #     contain a robust symmetric encryption key. The symmetric key will
-    #     be used for the decryption after the read. Note that the decryption
-    #     key does not linger meaning it isn't cached in an instance variable.
-    def write encryption_key
-
-      FileUtils.mkdir_p(File.dirname(@filepath))
-      cipher_text = Base64.encode64 Blowfish.new.encryptor( self.to_json, encryption_key )
-      File.write @filepath, cipher_text
-
-    end
-
-
     # Read and inject into this envelope, the data structure found in a
     # file at the path specified in the first parameter.
     #
@@ -110,6 +85,31 @@ module OpenSecret
     end
 
 
+    # Write the data in this envelope hash map into a file-system
+    # backed mirror whose path was specified in the {self.read} method.
+    #
+    # Technology for encryption at rest is supported by this dictionary
+    # and to this aim, please endeavour to post a robust symmetric
+    # encryption key.
+    #
+    # Calling this {self.write} method when the file at the prescribed path
+    # does not exist results in the directory structure being created
+    # (if necessary) and then the encrypted file being written.
+    #
+    # @param encryption_key [String]
+    #     encryption at rest is a given so this mandatory parameter must
+    #     contain a robust symmetric encryption key. The symmetric key will
+    #     be used for the decryption after the read. Note that the decryption
+    #     key does not linger meaning it isn't cached in an instance variable.
+    def write encryption_key
+
+      FileUtils.mkdir_p(File.dirname(@filepath))
+      cipher_text = Base64.encode64 Blowfish.new.encryptor( self.to_json, encryption_key )
+      File.write @filepath, cipher_text
+
+    end
+
+
   end
 
 

data/lib/plugins/usecases/lock.rb

@@ -67,55 +67,35 @@ module OpenSecret
     # - deletion of {Open}ed session data to locate and decrypt envelope
     def execute
 
+      rel_filepath = OpenSession::Attributes.instance.get_value @@context_name, @c[:open][:open_name], @c[:open][:open_pathname]
+      master_public_key = Base64.urlsafe_decode64( OpenSession::Attributes.instance.get_value @c[:global][:name], @c[:global][:name], "public.key" )
+
+      main_store = ColdStore.new @c[:global][:store_mainpath]
+      keys_store = ColdStore.new @c[:global][:store_keyspath]
+
       envelope = get_envelope
       asym_key = OpenSSL::PKey::RSA.new @c[:global][:bit_key_size]
       lockdown = Aes256.new.encrypt_it( asym_key.public_key.to_pem, envelope.to_json )
+      lockedup = Aes256.new.encrypt_it( master_public_key, asym_key.export )
 
-      #### ###########################################
-      #### ###########################################
-      #### Now Give lockdown to the Backend Store
-      #### ###########################################
-      #### ###########################################
+      ##### ###################################### #####
+      ##### ###################################### #####
+        ### Now put the CRYPTS into [Cold] Storage ###
+      ##### ###################################### #####
+      ##### ###################################### #####
 
-      master_public_key = Base64.urlsafe_decode64( OpenSession::Attributes.instance.get_value @c[:global][:name], @c[:global][:name], "public.key" )
+      keys_store.write lockedup, rel_filepath
+      main_store.write lockdown, rel_filepath
 
-      lockedup = Aes256.new.encrypt_it( master_public_key, asym_key.export )
-
-      puts "#### #############################"
-      puts "#### The Crypt Store Suitcase"
-      puts "#### #############################"
-      puts ""
-      puts lockdown
-      puts ""
-      puts "#### #############################"
-      puts "#### The Key Store Suitcase"
-      puts "#### #############################"
       puts ""
-      puts lockedup
+      puts "================================================================="
+      puts "[Lock] =>  Now DELETE the session files and configured variables."
+      puts "================================================================="
       puts ""
-      puts "================================================================================================="
-      puts "Now Continue with Unencoding the public key and then locking down the above asym_key.export"
-      puts "================================================================================================="
-      puts ""
-
-      exit
-
-
-      locked_block = Aes256.new.encrypt_it( asym_key.public_key.to_pem, asym_key.export )
-
-      secured_keytext = asym_key.export
-##      public_key_text = asymmetric_keys.public_key.to_pem
-
-
-      Aes256.new.encrypt_it( "rubbish", secrets_dictionary.to_s )
-
-      the_encrypted_stuff = Aes256.new.encrypt_it( "rubbish", )
-
 
 #############################################################################################
 #############################################################################################
 
-
 =begin
       Crypto.print_secret_env_var @p[:env_var_name], machine_key
       GitFlow.do_clone_repo @p[:public_gitrepo], @p[:local_gitrepo]
@@ -125,7 +105,6 @@ module OpenSecret
 =end
 
 
-#    exit
 # key4_pem = File.read 'private.secure.pem'
 # pass_phrase = 'superduperpasswordistoBeENTEREDRIGHT1234HereandRightNOW'
 # key4 = OpenSSL::PKey::RSA.new key4_pem, pass_phrase
@@ -134,8 +113,6 @@ module OpenSecret
 # print "\nHey we have done the decryption.\n", "\n"
 # print decrypted_text, "\n"
 
-
-
 #############################################################################################
 #############################################################################################
 

data/lib/session/file.path.rb

@@ -0,0 +1,53 @@
+#!/usr/bin/ruby
+# coding: utf-8
+
+module OpenSession
+
+  require 'inifile'
+  require 'singleton'
+
+  class FilePath
+
+    # Get the directory that the session context file either does
+    # or will sit inside.
+    #
+    # The directory hangs off the home directory and is named simply
+    # as the dot prefixed context_name.
+    #
+    # @example ~/.openbox is the directory for context "openbox"
+    #
+    # @param context_name [String] name of program (or use case) context
+    # @return [String] path to directory holding context configuration file
+    def self.context_path context_name
+
+      return File.join home_directory, ".#{context_name}"
+
+    end
+
+
+    # On non-windows systems the home directory is defined
+    # perfectly by Ruby's Dir object.
+    #
+    # On Windows we sometimes get /AppData/Roaming appended
+    # onto the actual home directory. In these cases this
+    # method removes it.
+    #
+    # @return [String] the path to the machine user's home directory
+    def self.home_directory
+
+      return Dir.home unless Gem.win_platform?
+
+      extraneous_path = "/AppData/Roaming"
+      if Dir.home.end_with? extraneous_path then
+        return Dir.home.gsub( extraneous_path, "" )
+      end
+
+      return Dir.home
+
+    end
+
+
+  end
+
+
+end

data/lib/version.rb

@@ -1,3 +1,3 @@
 module OpenSecret
-  VERSION = "0.0.959"
+  VERSION = "0.0.960"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: opensecret
 version: !ruby/object:Gem::Version
-  version: 0.0.959
+  version: 0.0.960
 platform: ruby
 authors:
 - Apollo Akora
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-03-08 00:00:00.000000000 Z
+date: 2018-03-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: inifile
@@ -99,9 +99,9 @@ files:
 - lib/plugins/cipher.rb
 - lib/plugins/ciphers/aes-256.rb
 - lib/plugins/ciphers/blowfish.rb
+- lib/plugins/coldstore.rb
 - lib/plugins/envelope.rb
 - lib/plugins/secrets.uc.rb
-- lib/plugins/stores/store.rb
 - lib/plugins/usecase.rb
 - lib/plugins/usecases/init.rb
 - lib/plugins/usecases/lock.rb
@@ -111,6 +111,7 @@ files:
 - lib/session/attributes.rb
 - lib/session/dictionary.rb
 - lib/session/fact.finder.rb
+- lib/session/file.path.rb
 - lib/session/require.gem.rb
 - lib/session/session.rb
 - lib/session/time.stamp.rb

data/lib/plugins/stores/store.rb

@@ -1,4 +0,0 @@
-#!/usr/bin/ruby
-# coding: utf-8
-
-## Nothing here yet.