RubyGems - opensecret - Versions diffs - 0.0.960 → 0.0.962 - Mend

opensecret 0.0.960 → 0.0.962

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (23) hide show

checksums.yaml +4 -4
data/lib/notepad/{blow.rb → scratch.pad.rb} +1 -1
data/lib/opensecret.rb +36 -5
data/lib/plugins/cipher.rb +100 -201
data/lib/plugins/ciphers/aes-256.rb +85 -101
data/lib/plugins/ciphers/blowfish.rb +2 -2
data/lib/plugins/coldstore.rb +38 -2
data/lib/plugins/crypt.io.rb +220 -0
data/lib/plugins/secrets.uc.rb +44 -0
data/lib/plugins/usecases/init.rb +9 -1
data/lib/plugins/usecases/lock.rb +3 -3
data/lib/plugins/usecases/open.rb +4 -4
data/lib/plugins/usecases/put.rb +1 -1
data/lib/plugins/usecases/unlock.rb +208 -0
data/lib/version.rb +1 -1
metadata +5 -10
data/lib/opensecret/executors/crypt.keys/crypt.keys.ini +0 -26
data/lib/opensecret/executors/crypt.keys/crypt.keys.rb +0 -68
data/lib/opensecret/executors/decrypt/decrypt.ini +0 -64
data/lib/opensecret/executors/decrypt/decrypt.rb +0 -49
data/lib/opensecret/executors/encrypt/encrypt.ini +0 -55
data/lib/opensecret/executors/encrypt/encrypt.rb +0 -82
data/lib/using.txt +0 -247

data/lib/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module OpenSecret
-  VERSION = "0.0.960"
+  VERSION = "0.0.962"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: opensecret
 version: !ruby/object:Gem::Version
-  version: 0.0.960
+  version: 0.0.962
 platform: ruby
 authors:
 - Apollo Akora
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-03-09 00:00:00.000000000 Z
+date: 2018-03-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: inifile
@@ -87,19 +87,14 @@ files:
 - lib/extension/string.rb
 - lib/factbase/facts.opensecret.io.ini
 - lib/logging/gem.logging.rb
-- lib/notepad/blow.rb
+- lib/notepad/scratch.pad.rb
 - lib/opensecret.rb
-- lib/opensecret/executors/crypt.keys/crypt.keys.ini
-- lib/opensecret/executors/crypt.keys/crypt.keys.rb
-- lib/opensecret/executors/decrypt/decrypt.ini
-- lib/opensecret/executors/decrypt/decrypt.rb
-- lib/opensecret/executors/encrypt/encrypt.ini
-- lib/opensecret/executors/encrypt/encrypt.rb
 - lib/opensecret/plugins.io/git/git.flow.rb
 - lib/plugins/cipher.rb
 - lib/plugins/ciphers/aes-256.rb
 - lib/plugins/ciphers/blowfish.rb
 - lib/plugins/coldstore.rb
+- lib/plugins/crypt.io.rb
 - lib/plugins/envelope.rb
 - lib/plugins/secrets.uc.rb
 - lib/plugins/usecase.rb
@@ -108,6 +103,7 @@ files:
 - lib/plugins/usecases/open.rb
 - lib/plugins/usecases/put.rb
 - lib/plugins/usecases/safe.rb
+- lib/plugins/usecases/unlock.rb
 - lib/session/attributes.rb
 - lib/session/dictionary.rb
 - lib/session/fact.finder.rb
@@ -116,7 +112,6 @@ files:
 - lib/session/session.rb
 - lib/session/time.stamp.rb
 - lib/session/user.home.rb
-- lib/using.txt
 - lib/version.rb
 - opensecret.gemspec
 homepage: https://www.eco-platform.co.uk

data/lib/opensecret/executors/crypt.keys/crypt.keys.ini DELETED Viewed

@@ -1,26 +0,0 @@
-[crypt.keys]
-min.passwd.len  =  e>> 16
-nickname        =  godzilla
-root.domain     =  devopswiki.co.uk
-env.var.name    =  SECRET_MATERIAL
-ratio           =  e>> 3
-bit.key.size    =  e>> 8192
-key.cipher      =  e>> OpenSSL::Cipher.new 'AES-128-CBC'
-secret.keyname  =  e>> @s[:nickname] + dot + @s[:root_domain] + dot + @f[:time][:stamp] + ".txt"
-secret.keydir   =  e>> @f[@i[:workstation]][:secrets_dir]
-secret.keypath  =  e>> File.join @s[:secret_keydir], @s[:secret_keyname]
-repo.name       =  material_data
-local.gitrepo   =  e>> File.join @i[:dir], @s[:repo_name]
-public.gitrepo  =  https://www.eco-platform.co.uk/content/material.data.git
-public.dirname  =  public_keys
-public.keyroute =  e>> File.join @s[:root_domain], @s[:public_dirname]
-public.keydir   =  e>> File.join @s[:local_gitrepo], @s[:public_keyroute]
-public.keyname  =  e>> "public_key." + @s[:nickname] + dot + @s[:root_domain] + ".txt"
-public.keypath  =  e>> File.join @s[:public_keydir], @s[:public_keyname]
-prompt.1        =  Enter a Robust Password
-prompt.2        =  Re-enter that Password

data/lib/opensecret/executors/crypt.keys/crypt.keys.rb DELETED Viewed

@@ -1,68 +0,0 @@
-#!/usr/bin/ruby
-# --
-# -- This plugin creates cryptographic keys, installs them and then messages
-# -- and notifies as required.
-# --
-# -- Input
-# --
-# --   [1] - memorable portion of password
-# --   [2] - memorable password entered again for validation
-# --
-# -- Output
-# --
-# --   [1] - machine portion of password to be added as environment variable
-# --   [2] - secured (password locked) private key to put on removable media
-# --   [3] - an open [public key] to be placed on web accessible destination
-# --   [4] - a message detailing that a new keypair is now created/installed
-# --
-class CryptKeys
-  def core_provisioning
-    log.info(ere) { "# ## ####### ########################################## ## #" }
-    log.info(ere) { "# -- [crypt] ------------------------------------------ -- #" }
-    log.info(ere) { "# -- [crypt] This plugin encrypts a file or string. --- -- #" }
-    log.info(ere) { "# -- [crypt] ------------------------------------------ -- #" }
-    log.info(ere) { "# ## ####### ########################################## ## #" }
-    natural_password = Crypto.collect_secret @p[:min_passwd_len], @p[:prompt_1], @p[:prompt_2]
-    machine_password = Crypto.get_machine_password natural_password.length, @p[:ratio]
-    amalgam_password = Crypto.get_amalgam_password natural_password, machine_password, @p[:ratio]
-    asymmetric_keys = OpenSSL::PKey::RSA.new @p[:bit_key_size]
-    secured_keytext = asymmetric_keys.export @p[:key_cipher], amalgam_password
-    public_key_text = asymmetric_keys.public_key.to_pem
-    Dir.mkdir @p[:secret_keydir] unless File.exists? @p[:secret_keydir]
-    File.write @p[:secret_keypath], secured_keytext
-    Crypto.print_secret_env_var @p[:env_var_name], machine_password
-    GitFlow.do_clone_repo @p[:public_gitrepo], @p[:local_gitrepo]
-    FileUtils.mkdir_p @p[:public_keydir]
-    File.write @p[:public_keypath], public_key_text
-    GitFlow.push @p[:local_gitrepo], @p[:public_keyname], @c[:time][:stamp]
-    exit
-key4_pem = File.read 'private.secure.pem'
-pass_phrase = 'superduperpasswordistoBeENTEREDRIGHT1234HereandRightNOW'
-key4 = OpenSSL::PKey::RSA.new key4_pem, pass_phrase
-decrypted_text = key4.private_decrypt(Base64.decode64(encrypted_string))
-print "\nHey we have done the decryption.\n", "\n"
-print decrypted_text, "\n"
-    log.info(ere) { "# -- [crypt] ------------------------------------------ -- #" }
-    log.info(ere) { "# ## ####### ########################################## ## #" }
-  end
-end

data/lib/opensecret/executors/decrypt/decrypt.ini DELETED Viewed

@@ -1,64 +0,0 @@
-[decrypt]
-# ---> secret.id       =  DEVOPS_SECRET_MATERIAL
-# ---> secret.part     =  e>> ENV[@s[:secret_id]]
-# ---> secret.key      =  e>> @s[:secret_part] + CmdLine.instance.key_values[:key]
-# ---> secret.dir      =  e>> @f[@i[:workstation]][:secrets_dir]
-# ---> secret.file     =  e>> "DELETE_" + @f[:time][:stamp] + "_" + CmdLine.instance.key_values[:file]
-# ---> secret.in       =  e>> File.join @s[:secret_dir], CmdLine.instance.key_values[:file]
-# ---> secret.out      =  e>> File.join Dir.tmpdir, @s[:secret_file]
-# ---> secret.crypt    =  e>> File.read(@s[:secret_in]).chomp
-# ---> temporary.dir   =  e>> Dir.tmpdir
-prompt.1        =  Enter your Key Password
-prompt.2        =  Re-enter the Key Password
-min.passwd.len  =  e>> 16
-nickname        =  godzilla
-root.domain     =  devopswiki.co.uk
-env.var.name    =  SECRET_MATERIAL
-machine.secret  =  e>> ENV[@s[:env_var_name]]
-ratio           =  e>> 3
-bit.key.size    =  e>> 8192
-key.cipher      =  e>> OpenSSL::Cipher.new 'AES-128-CBC'
-secret.leadtxt  =  e>> @s[:nickname] + dot + @s[:root_domain]
-secret.keyname  =  e>> @s[:secret_leadtxt] + dot + @f[:time][:stamp] + ".txt"
-secret.keydir   =  e>> @f[@i[:workstation]][:secrets_dir]
-secret.rubydir  =  e>> Dir.new @s[:secret_keydir]
-secret.newest   =  e>> @s[:secret_rubydir].ascii_order_file_starting_with @s[:secret_leadtxt]
-secret.keytext  =  e>> File.read @s[:secret_newest]
-repo.name       =  material_data
-local.gitrepo   =  e>> File.join @i[:dir], @s[:repo_name]
-public.gitrepo  =  https://www.eco-platform.co.uk/content/material.data.git
-public.dirname  =  public_keys
-public.keyroute =  e>> File.join @s[:root_domain], @s[:public_dirname]
-public.keydir   =  e>> File.join @s[:local_gitrepo], @s[:public_keyroute]
-public.keyname  =  e>> "public_key." + @s[:nickname] + dot + @s[:root_domain] + ".txt"
-public.keypath  =  e>> File.join @s[:public_keydir], @s[:public_keyname]
-# --
-# -- Note that we can only predict the crypt folder from looking at full path.
-# -- This is because the user may enter a path string like the below.
-# --
-# --     --path=dates/bithdays/wife.birthday
-# --
-# -- So we extrapolate the crypt directory from the full file path.
-# -- We also extrapolate the crypt filename from the final segment.
-# --
-crypt.dir.name  =  crypt_files
-crypt.rel.base  =  e>> File.join @s[:root_domain], @s[:crypt_dir_name]
-crypt.rel.path  =  e>> File.join @s[:crypt_rel_base], CmdLine.instance.key_values[:name]
-crypt.sudopath  =  e>> File.join @s[:local_gitrepo], @s[:crypt_rel_path]
-crypt.dir.path  =  e>> File.dirname @s[:crypt_sudopath]
-crypt.filename  =  e>> File.basename(@s[:crypt_sudopath]) + dot + @s[:nickname] + ".crypt.txt"
-crypt.filepath  =  e>> File.join @s[:crypt_dir_path], @s[:crypt_filename]
-plaintext.name  =  e>> File.basename(@s[:crypt_sudopath]) + dot + @s[:nickname] + ".plain.txt"
-plaintext.file  =  e>> "DELETE_" + @f[:time][:stamp] + "_" + @s[:plaintext_name]
-plaintext.path  =  e>> File.join Dir.tmpdir, @s[:plaintext_file]

data/lib/opensecret/executors/decrypt/decrypt.rb DELETED Viewed

@@ -1,49 +0,0 @@
-#!/usr/bin/ruby
-# --
-# -- This decryption plugin brings together many elements to
-# -- decrypt text that is a union of the public key and the
-# -- plaintext material.
-# --
-# -- To perform the decryption we
-# --
-# --  [1] - read the human entered relative path to the material
-# --  [2] - request and read the human portion of the password
-# --  [3] - read the machine password in the environment variable
-# --  [4] - amalgamate (join) the human and the machine passwords
-# --  [5] - download the encryptd material from a git repository
-# --  [6] - access the private key from a [local] removable drive
-# --  [7] - unlock the private key with the amalgamated password
-# --  [8] - decrypt the text into the pre-configured destination
-# --
-class Decrypt
-  def core_provisioning
-    log.info(ere) { "# ## ######### ######################################## ## #" }
-    log.info(ere) { "# -- [decrypt] ---------------------------------------- -- #" }
-    log.info(ere) { "# -- [decrypt] This plugin decrypts a filed string. --- -- #" }
-    log.info(ere) { "# -- [decrypt] ---------------------------------------- -- #" }
-    log.info(ere) { "# ## ######### ######################################## ## #" }
-    GitFlow.do_clone_repo @p[:public_gitrepo], @p[:local_gitrepo]
-    Throw.if_not_exists @p[:crypt_filepath]
-    crypted_material = File.read @p[:crypt_filepath]
-    natural_password = Crypto.collect_secret @p[:min_passwd_len], @p[:prompt_1], @p[:prompt_2]
-    amalgam_password = Crypto.get_amalgam_password natural_password, @p[:machine_secret], @p[:ratio]
-    decryption_key = OpenSSL::PKey::RSA.new @p[:secret_keytext], amalgam_password
-    decrypted_text = decryption_key.private_decrypt(Base64.decode64(crypted_material))
-    File.write @p[:plaintext_path], decrypted_text
-    log.info(ere) { "# -- [decrypt] ------------------------------------------ -- #" }
-    log.info(ere) { "# ## ######### ########################################## ## #" }
-  end
-end

data/lib/opensecret/executors/encrypt/encrypt.ini DELETED Viewed

@@ -1,55 +0,0 @@
-[encrypt]
-prompt.1        =  Enter Secret Text
-prompt.2        =  Re-enter the Text
-min.passwd.len  =  e>> 16
-nickname        =  godzilla
-root.domain     =  devopswiki.co.uk
-env.var.name    =  SECRET_MATERIAL
-ratio           =  e>> 3
-bit.key.size    =  e>> 8192
-key.cipher      =  e>> OpenSSL::Cipher.new 'AES-128-CBC'
-secret.keyname  =  e>> @s[:nickname] + dot + @s[:root_domain] + dot + @f[:time][:stamp] + ".txt"
-secret.keydir   =  e>> @f[@i[:workstation]][:secrets_dir]
-secret.keypath  =  e>> File.join @s[:secret_keydir], @s[:secret_keyname]
-repo.name       =  material_data
-local.gitrepo   =  e>> File.join @i[:dir], @s[:repo_name]
-public.gitrepo  =  https://www.eco-platform.co.uk/content/material.data.git
-public.dirname  =  public_keys
-public.keyroute =  e>> File.join @s[:root_domain], @s[:public_dirname]
-public.keydir   =  e>> File.join @s[:local_gitrepo], @s[:public_keyroute]
-public.keyname  =  e>> "public_key." + @s[:nickname] + dot + @s[:root_domain] + ".txt"
-public.keypath  =  e>> File.join @s[:public_keydir], @s[:public_keyname]
-# --
-# -- Note that we can only predict the crypt folder from looking at full path.
-# -- This is because the user may enter a path string like the below.
-# --
-# --     --path=dates/bithdays/wife.birthday
-# --
-# -- So we extrapolate the crypt directory from the full file path.
-# -- We also extrapolate the crypt filename from the final segment.
-# --
-crypt.dir.name  =  crypt_files
-crypt.rel.base  =  e>> File.join @s[:root_domain], @s[:crypt_dir_name]
-crypt.rel.path  =  e>> File.join @s[:crypt_rel_base], CmdLine.instance.key_values[:name]
-crypt.sudopath  =  e>> File.join @s[:local_gitrepo], @s[:crypt_rel_path]
-crypt.dir.path  =  e>> File.dirname @s[:crypt_sudopath]
-crypt.filename  =  e>> File.basename(@s[:crypt_sudopath]) + dot + @s[:nickname] + ".crypt.txt"
-crypt.filepath  =  e>> File.join @s[:crypt_dir_path], @s[:crypt_filename]
-# -- @todo change input from --name to --path => encrypt --path=dates/bithdays/wife.birthday
-# -- @todo change input from --name to --path => encrypt --path=dates/bithdays/wife.birthday
-# -- @todo change input from --name to --path => encrypt --path=dates/bithdays/wife.birthday
-# -- @todo change input from --name to --path => encrypt --path=dates/bithdays/wife.birthday
-# -- @todo change input from --name to --path => encrypt --path=dates/bithdays/wife.birthday
-# -- @todo change input from --name to --path => encrypt --path=dates/bithdays/wife.birthday
-# -- @todo change input from --name to --path => encrypt --path=dates/bithdays/wife.birthday
-# -- @todo change input from --name to --path => encrypt --path=dates/bithdays/wife.birthday
-# -- @todo change input from --name to --path => encrypt --path=dates/bithdays/wife.birthday
-# -- @todo change input from --name to --path => encrypt --path=dates/bithdays/wife.birthday
-# -- @todo change input from --name to --path => encrypt --path=dates/bithdays/wife.birthday

data/lib/opensecret/executors/encrypt/encrypt.rb DELETED Viewed

@@ -1,82 +0,0 @@
-#!/usr/bin/ruby
-# --
-# -- This simple [cipher] plugin encrypts either the inputted string or
-# -- file, using the configured public key and writes the cryptic material
-# -- to a file that is checked into a git repository.
-# --
-# -- -----------------------
-# -- Example Parameters
-# -- -----------------------
-# --
-# -- @todo change input from --name to --path => encrypt --path=dates/bithdays/wife.birthday
-# -- @todo change input from --name to --path => encrypt --path=dates/bithdays/wife.birthday
-# -- @todo change input from --name to --path => encrypt --path=dates/bithdays/wife.birthday
-# -- @todo change input from --name to --path => encrypt --path=dates/bithdays/wife.birthday
-# -- @todo change input from --name to --path => encrypt --path=dates/bithdays/wife.birthday
-# -- @todo change input from --name to --path => encrypt --path=dates/bithdays/wife.birthday
-# --
-# --  --name=dates/birthdays      (mandatory)
-# --  --file=/home/joe/laptop.key (optional)
-# --
-# -- ---------------------------------------------
-# -- Escaping - Prefer BACKSLASH to DOUBLE QUOTES
-# -- ---------------------------------------------
-# --
-# -- Sensitive keys and passwords usually contain non standard characters.
-# -- Now you can use either BACKSLASHES or DOUBLE QUOTES to escape them.
-# --
-# -- Prefer backslash to double quotes.
-# --
-# -- Why? Example1 = --text=wow!wow!wee     Will FAIL
-# --      Example2 = --text=wow\!wow\!wee   Will SUCCEED
-# --      Example3 = --text=in(doubt)here   Will FAIL
-# --      Example4 = --text="in(doubt)here" Will SUCCEED
-# --      Example5 = --text="no!way"        Will FAIL
-# --      Example6 = --text="no\!and(oh)my" SUCCEEDS BUT INCLUDES backslash
-# --      Example7 = --text=no\!and\(oh\)my SUCCEEDS (NO backslash)
-# --
-# -- Example 6 will succeed but the decrypted string will include the
-# -- backslash like => no\!and(oh)my
-# --
-# -- Example 7 is the best for when exclamation marks and soft quotes exist.
-# -- Decrypted string is => no!and(oh)my
-# --
-class Encrypt
-  def core_provisioning
-    log.info(ere) { "# ## ######### ########################################## ## #" }
-    log.info(ere) { "# -- [encrypt] ------------------------------------------ -- #" }
-    log.info(ere) { "# -- [encrypt] This plugin encrypts a file or string. --- -- #" }
-    log.info(ere) { "# -- [encrypt] ------------------------------------------ -- #" }
-    log.info(ere) { "# ## ######### ########################################## ## #" }
-    plaintext_secret = ""
-    if CmdLine.include? :file then
-      plaintext_filepath = CmdLine.instance.key_values[:file]
-      Throw.if_not_exists plaintext_filepath
-      plaintext_secret = File.read plaintext_filepath
-    else
-      plaintext_secret = Crypto.collect_secret 3, @p[:prompt_1], @p[:prompt_2]
-    end
-    GitFlow.do_clone_repo @p[:public_gitrepo], @p[:local_gitrepo]
-    public_key_text = File.read @p[:public_keypath]
-    encryption_key = OpenSSL::PKey::RSA.new public_key_text
-    binary_crypt_text = encryption_key.public_encrypt plaintext_secret
-    crypt_material = Base64.encode64 binary_crypt_text
-    FileUtils.mkdir_p @p[:crypt_dir_path]
-    File.write @p[:crypt_filepath], crypt_material
-    GitFlow.push @p[:local_gitrepo], @p[:crypt_filename], @c[:time][:stamp]
-    log.info(ere) { "# -- [encrypt] ------------------------------------------ -- #" }
-    log.info(ere) { "# ## ######### ########################################## ## #" }
-  end
-end

data/lib/using.txt DELETED Viewed

@@ -1,247 +0,0 @@
-==============================================================================================
-open office/laptop
-(or pull)
-put  login/username=myname
-put  login/password=mysecret
-list
-put  disk/password=anothersecret
-swap disk/password=bettersecret
-lock
-(or push)
-==============================================================================================
-==============================================================================================
-On Curent Workstation
---------------------------
-os copy config
-Go to new Workstation
---------------------------
-enter usb key/phone dir (wherever safe is)
-sudo gem install opensecret
-os safe /path/to/safe
-os store /path/to/store (if different)
-os paste config
-(Now carry on as normal - no need for os init)
-==============================================================================================
-==============================================================================================
-To Decommission from Workstation
-------------------------------------
-os delete config
-If necessary you can do
-gem uninstall opensecret
-==============================================================================================
-==============================================================================================
-To Backup
-------------------------------------
-Create single backup reference number
-Create huge symmetric key
-Baseline each file with signature and date / time
-os rekeys and takes direction on where to send crypted + amalgamated keystore and cryptstore
-That goes to one backup location (even tape drive)
-Then the machine config and othe sensitive items can be emailed - saved on phone - use os's rest services.
-It emails you with a key wealth report.
-If you bring them back together it will rebuild (restore) everything for you.
-==============================================================================================
-==============================================================================================
-You can output in the key EAI data formats - the default is INI.
-os read office/laptop                # outputs all groups and key/value pairs (INI format)
-os read office/laptop/login          # outputs the login group and its key/value pairs (INI)
-os read office/laptop/login/username # outputs only the secret value
-os peek office/laptop                # (secrets redacted) outputs groups and key/value pairs
-os peek office/laptop/login          # (secrets redacted) outputs login group and its keys
-os peek office/laptop/login/username # exact mirror of full read command
-Kiss and Tell
-==================
-os kiss   # taints the secret (and/or secret tree) prepping it for a tell (share)
-os tell   # send secret by sending keys os tell london/safe-houses
-os put
-os remove
-os wipe
-os open x/y    (when packet exists)
-os lock
-os unlock (a file)
-os undo
-os zip
-os push (after a zip or file locking operation)
-==============================================================================================
-==============================================================================================
-Input
-======
-file
-use bash pipes
-cli string
-sensitive collection
-zip files in folder
-recursive zip with all lower folders
-==============================================================================================
-==============================================================================================
-open office/laptop --with=asdfasdflkhlkh
-(or pull)
-list
-get login
-get disk
-trash disk
-list
-get login/password
-lock
-(or push)
-==============================================================================================
-lock <<path/to/a/file.txt>>      ## locks (encrypts) the file in-place | you must delete it
-lock <<path/to/a/folder>> --zip  ## zips and encrypts folder (in-place) | you must delete it
-==============================================================================================
-Command => open office/laptop
-Effect1 => Creates in-memory INI string (see below) and writes (in effect2) to file
-Effect2 => Creates a an openkey eg asdfa234234234sfss and a long password.
-Effect3 => Creates a file  ../<<email>>/opened.files/office/laptop.asdfa234234234sfss.x.txt
-Effect4 => Puts long password in $HOME/.opensecret/session.keys/asdfa234234234sfss.x.txt
--------------------------------------
-in-memory INI string
--------------------------------------
-[opensecret]
-secret.path = office/laptop
--------------------------------------
-Assert => no office/laptop exists before opening (if so prompt user to => trash office/laptop
-==============================================================================================
-Command => open office/laptop/login/fullname="Mr Blobby"
-Effect1 => Creates in-memory INI string (see below) and writes (in effect2) to file
-Effect2 => Creates a file  ../<<email>>/opened.files/office/laptop.asdfa234234234sfss.x.txt
-Effect3 => With its encrypt-key in $HOME/.opensecret/session.keys/asdfa234234234sfss.x.txt
--------------------------------------
-in-memory INI string
--------------------------------------
-[opensecret]
-secret.path = office/laptop
-[login]
-fullname = Mr Blobby
--------------------------------------
-Assert => no office/laptop exists before opening (if so prompt user to => trash office/laptop
-                            inner_key
-		      outer_key
-                filename
-         foldername
-office/room2/rack6/server4/username
-open
-get session id as time string
-use
-close
-lock wifi/password
-[keys]
-wifi = asdff234523
-password = dfgsdfgsfg
-asdff234523/dfgsdfgsfg
-[home]
-wifi=asdfasd
-alarm=fdghdfg
-safe1=3456hjk3h45
-safe2=2n34lijss
-======================================
-in asdfasd  (wifi)
-[home/wifi]
-ssid = 3452454
-password = 2452345
-office/room2/rack6/server4/username
-office/accounts/sage
-office/alarm/pin
-office/gmail/username
-[office]
-room2 = asddf345
-accounts = 9o8udfg
-alarm = 345ljdfg
-gmail = ldf2345
-[office/room2]
-rack6 = asdf234
-[office/room2]