opensecret 0.0.962 → 0.0.988

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (70) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +16 -10
  3. data/bin/opensecret +3 -4
  4. data/bin/ops +5 -0
  5. data/lib/extension/string.rb +114 -0
  6. data/lib/factbase/facts.opensecret.io.ini +9 -21
  7. data/lib/interprete/begin.rb +232 -0
  8. data/lib/interprete/cmd.rb +621 -0
  9. data/lib/{plugins/usecases/unlock.rb → interprete/export.rb} +25 -70
  10. data/lib/interprete/init.rb +205 -0
  11. data/lib/interprete/key.rb +119 -0
  12. data/lib/interprete/open.rb +148 -0
  13. data/lib/{plugins/usecases → interprete}/put.rb +19 -6
  14. data/lib/{plugins/usecases → interprete}/safe.rb +2 -1
  15. data/lib/{plugins/usecases/lock.rb → interprete/seal.rb} +24 -34
  16. data/lib/interprete/set.rb +46 -0
  17. data/lib/interprete/use.rb +43 -0
  18. data/lib/interpreter.rb +165 -0
  19. data/lib/keytools/binary.map.rb +245 -0
  20. data/lib/keytools/digester.rb +245 -0
  21. data/lib/keytools/doc.conversion.to.ones.and.zeroes.ruby +179 -0
  22. data/lib/keytools/doc.rsa.radix.binary-mapping.ruby +190 -0
  23. data/lib/keytools/doc.star.schema.strategy.txt +77 -0
  24. data/lib/keytools/doc.using.pbkdf2.kdf.ruby +95 -0
  25. data/lib/keytools/doc.using.pbkdf2.pkcs.ruby +266 -0
  26. data/lib/keytools/kdf.bcrypt.rb +180 -0
  27. data/lib/keytools/kdf.pbkdf2.rb +164 -0
  28. data/lib/keytools/key.data.rb +227 -0
  29. data/lib/keytools/key.derivation.rb +341 -0
  30. data/lib/keytools/key.module.rb +140 -0
  31. data/lib/keytools/key.rb +481 -0
  32. data/lib/logging/gem.logging.rb +1 -2
  33. data/lib/modules/cryptology.md +43 -0
  34. data/lib/{plugins/ciphers → modules/cryptology}/aes-256.rb +6 -0
  35. data/lib/{crypto → modules/cryptology}/amalgam.rb +6 -0
  36. data/lib/modules/cryptology/blowfish.rb +130 -0
  37. data/lib/modules/cryptology/cipher.rb +207 -0
  38. data/lib/modules/cryptology/collect.rb +118 -0
  39. data/lib/{plugins → modules/cryptology}/crypt.io.rb +5 -0
  40. data/lib/{crypto → modules/cryptology}/engineer.rb +7 -1
  41. data/lib/{crypto → modules/cryptology}/open.bcrypt.rb +0 -0
  42. data/lib/modules/mappers/collateral.rb +282 -0
  43. data/lib/modules/mappers/dictionary.rb +288 -0
  44. data/lib/modules/mappers/envelope.rb +127 -0
  45. data/lib/modules/mappers/settings.rb +170 -0
  46. data/lib/modules/storage/coldstore.rb +186 -0
  47. data/lib/{opensecret/plugins.io/git/git.flow.rb → modules/storage/git.store.rb} +11 -0
  48. data/lib/notepad/scratch.pad.rb +17 -0
  49. data/lib/session/fact.finder.rb +13 -0
  50. data/lib/session/require.gem.rb +5 -0
  51. data/lib/store-commands.txt +180 -0
  52. data/lib/version.rb +1 -1
  53. data/opensecret.gemspec +5 -6
  54. metadata +74 -29
  55. data/lib/crypto/blowfish.rb +0 -85
  56. data/lib/crypto/collect.rb +0 -140
  57. data/lib/crypto/verify.rb +0 -33
  58. data/lib/opensecret.rb +0 -236
  59. data/lib/plugins/cipher.rb +0 -203
  60. data/lib/plugins/ciphers/blowfish.rb +0 -126
  61. data/lib/plugins/coldstore.rb +0 -181
  62. data/lib/plugins/envelope.rb +0 -116
  63. data/lib/plugins/secrets.uc.rb +0 -94
  64. data/lib/plugins/usecase.rb +0 -239
  65. data/lib/plugins/usecases/init.rb +0 -145
  66. data/lib/plugins/usecases/open.rb +0 -108
  67. data/lib/session/attributes.rb +0 -279
  68. data/lib/session/dictionary.rb +0 -191
  69. data/lib/session/file.path.rb +0 -53
  70. data/lib/session/session.rb +0 -80
@@ -1,279 +0,0 @@
1
- #!/usr/bin/ruby
2
- # coding: utf-8
3
-
4
- # opensession contains basic behaviour for managing a client only
5
- # (serverless) session. Configuration directives are read and written
6
- # from an INI off the home directory that is created when the session
7
- # is first initiated.
8
- #
9
- # The session is expected to be formally closed down and that is
10
- # reflected by explicitly deleting the configuration file. If this
11
- # "session over" command is not issued a reasonable time limit is
12
- # then invoked when the next session command is issued.
13
- #
14
- # This "session awakening" wipes the slate clean and starts afresh
15
- # with regard to the two dimensional array of configuration directive
16
- # pointers.
17
- module OpenSession
18
-
19
- require 'inifile'
20
- require 'singleton'
21
-
22
-
23
- ## ---> Cleaning User Input - Use Me
24
- ## ---> Cleaning User Input - Use Me
25
- ## ---> Cleaning User Input - Use Me
26
- ## ---> Cleaning User Input - Use Me
27
- ## ---> Cleaning User Input - Use Me
28
- ## ---> Cleaning User Input - Use Me
29
- ## ---> Cleaning User Input - Use Me
30
- ## ---> Cleaning User Input - Use Me
31
- ## ---> Cleaning User Input - Use Me
32
- ## ---> Cleaning User Input - Use Me
33
- ## ---> Cleaning User Input - Use Me
34
- ## ---> Cleaning User Input - Use Me
35
-
36
-
37
- def generate_username(fullname)
38
- ActiveSupport::Inflector.transliterate(fullname) # change ñ => n
39
- .downcase # only lower case
40
- .strip # remove spaces around the string
41
- .gsub(/[^a-z]/, '_') # any character that is not a letter or a number will be _
42
- .gsub(/\A_+/, '') # remove underscores at the beginning
43
- .gsub(/_+\Z/, '') # remove underscores at the end
44
- .gsub(/_+/, '_') # maximum an underscore in a row
45
- end
46
-
47
-
48
- ## ---> Cleaning User Input - Did You Use Me?
49
- ## ---> Cleaning User Input - Did You Use Me?
50
- ## ---> Cleaning User Input - Did You Use Me?
51
- ## ---> Cleaning User Input - Did You Use Me?
52
- ## ---> Cleaning User Input - Did You Use Me?
53
- ## ---> Cleaning User Input - Did You Use Me?
54
- ## ---> Cleaning User Input - Did You Use Me?
55
- ## ---> Cleaning User Input - Did You Use Me?
56
- ## ---> Cleaning User Input - Did You Use Me?
57
- ## ---> Cleaning User Input - Did You Use Me?
58
- ## ---> Cleaning User Input - Did You Use Me?
59
- ## ---> Cleaning User Input - Did You Use Me?
60
- ## ---> Cleaning User Input - Did You Use Me?
61
- ## ---> Cleaning User Input - Did You Use Me?
62
-
63
-
64
- # opensession contains basic behaviour for managing a client only
65
- # (serverless) session. Configuration directives are read and written
66
- # from an INI off the home directory that is created when the session
67
- # is first initiated.
68
- #
69
- # The session is expected to be formally closed down and that is
70
- # reflected by explicitly deleting the configuration file. If this
71
- # "session over" command is not issued a reasonable time limit is
72
- # then invoked when the next session command is issued.
73
- #
74
- # This "session awakening" wipes the slate clean and starts afresh
75
- # with regard to the two dimensional array of configuration directive
76
- # pointers.
77
- class Attributes
78
- include Singleton
79
-
80
- @@filename_tail = "-session.ini"
81
- attr_reader :time_stamp
82
-
83
-
84
-
85
- # Stash the attribute within the session's configuration file and
86
- # print out the current state of the configuration.
87
- #
88
- # @param context_name [String] the context will define the folder and filepath
89
- # @param section_name [String] name grouping the section of config values
90
- # @param key_name [String] the name of the key whose value is to be written
91
- # @param key_value [String] the data item value of the key specified
92
- def self.stash context_name, section_name, key_name, key_value
93
-
94
- the_session = OpenSession::Attributes.instance
95
- the_session.write_keyvalue context_name, section_name, key_name, key_value
96
-
97
- puts ""
98
- puts File.read(the_session.get_filepath(context_name))
99
- puts ""
100
-
101
- end
102
-
103
-
104
-
105
- # This singleton (one instance) class initializes by getting
106
- # the current timestamp.
107
- def initialize
108
-
109
- @time_stamp = OpenSession::Stamp.instance
110
-
111
- end
112
-
113
-
114
- #
115
- # Write the key/value pair in the parameter into the session's
116
- # configuration INI file that lives in a context-named folder
117
- # off the home directory.
118
- #
119
- # The session file will be in a folder whose name is simply
120
- # the dot prefixed context_name. The session file itself will
121
- # be named using context_name + @@filename_tail
122
- #
123
- # @example ~/.openbox/openbox-session.ini is the filepath for context "openbox"
124
- #
125
- # If neither the folder nor file exist, both are created.
126
- # If the file did not exist a new one will with the contents
127
- # (if the key is length and the value is 2m).
128
- #
129
- # [openbox]
130
- # length = 2m
131
- #
132
- # If the file does already exist, an appropriate merge will be
133
- # performed to create or update the section name, key name and
134
- # value. The file may end up looking like
135
- #
136
- # [closedbox]
137
- # shape = cuboid
138
- # color = blue
139
- #
140
- # [openbox]
141
- # length = 2m
142
- # width = 3m
143
- #
144
- # @param context_name [String] name of program writing a session attribute
145
- # @param section_name [String] name grouping the section of config values
146
- # @param key [String] the key name of config directive to be written into the file
147
- # @param value [String] value of the config directive to be written into the file
148
- #
149
- def write_keyvalue context_name, section_name, key, value
150
-
151
- config_file_dir = get_filedir(context_name)
152
- FileUtils.mkdir_p config_file_dir unless File.exists? config_file_dir
153
- config_filepath = get_filepath(context_name)
154
-
155
- config_map = IniFile.new( :filename => config_filepath, :encoding => 'UTF-8' )
156
- config_map = IniFile.load( config_filepath ) if File.exists? config_filepath
157
-
158
- config_map[section_name][key] = value
159
- config_map.write
160
-
161
- end
162
-
163
-
164
- # Given the configuration key name and the context name, get the
165
- # corresponding key value from the configuration file whose path
166
- # is acquired using the {self#get_filepath} method.
167
- #
168
- # @param context_name [String] name of program writing a session attribute
169
- # @param key_name [String] the key whose value is to be retrieved
170
- #
171
- # @return [String] the value configured for the parameter key
172
- #
173
- # @raise ArgumentError for any one of a long list of reasons that
174
- # cause the key value to not be retrieved. This can range from
175
- # non-existent directories and files, non readable files, incorrect
176
- # configurations right down to missing keys or even missing values.
177
- def get_value context_name, section_name, key_name
178
-
179
- the_file = get_filepath context_name
180
- raise ArgumentError.new "No configuration file found => [ #{the_file} ]" unless File.exists? the_file
181
-
182
- the_text = File.read the_file
183
- raise ArgumentError.new "Configuration file is empty => [ #{the_file} ]" if the_text.empty?
184
-
185
- the_data = IniFile.load the_file
186
- key_exists = the_data[ section_name ].has_key?( key_name )
187
- raise ArgumentError.new "Key [#{key_name}] not found in section [#{section_name}] => #{the_data.to_s}" unless key_exists
188
-
189
- rawvalue = the_data[section_name][key_name]
190
- raise ArgumentError.new "Empty value 4 key [#{section_name}][#{key_name}] => #{the_data.to_s}" if rawvalue.empty?
191
-
192
- keyvalue = rawvalue.chomp.strip
193
- raise ArgumentError.new "Whitespace value 4 key [#{section_name}][#{key_name}] => #{the_data.to_s}" if keyvalue.empty?
194
-
195
- return keyvalue
196
-
197
- end
198
-
199
-
200
- #
201
- # Get the path to the session context file.
202
- # This file will be in a folder whose name is simply the dot
203
- # prefixed context_name. The session context file itself will
204
- # be named using context_name + @@filename_tail
205
- #
206
- # @example ~/.openbox/openbox-session.ini is the filepath for context "openbox"
207
- #
208
- # @param context_name [String] name of program writing a session attribute
209
- # @return [String] full path to the context configuration file
210
- def get_filepath context_name
211
-
212
- return File.join( get_filedir(context_name), "#{context_name}#{@@filename_tail}" )
213
-
214
- end
215
-
216
-
217
- #
218
- # Get the directory that the session context file either does
219
- # or will sit inside.
220
- #
221
- # The directory hangs off the home directory and is named simply
222
- # as the dot prefixed context_name.
223
- #
224
- # @example ~/.openbox is the directory for context "openbox"
225
- #
226
- # @param context_name [String] name of program (or use case) context
227
- # @return [String] path to directory holding context configuration file
228
- def get_filedir context_name
229
-
230
- return File.join home_directory, ".#{context_name}"
231
-
232
- end
233
-
234
-
235
- # On non-windows systems the home directory is defined
236
- # perfectly by Ruby's Dir object.
237
- #
238
- # On Windows we sometimes get /AppData/Roaming appended
239
- # onto the actual home directory. In these cases this
240
- # method removes it.
241
- #
242
- # @return [String] the path to the machine user's home directory
243
- def home_directory
244
-
245
- return Dir.home unless Gem.win_platform?
246
-
247
- extraneous_path = "/AppData/Roaming"
248
- if Dir.home.end_with? extraneous_path then
249
- return Dir.home.gsub( extraneous_path, "" )
250
- end
251
-
252
- return Dir.home
253
-
254
- end
255
-
256
-
257
- #
258
- # Get the username of the logged in user. This name should
259
- # not contain spaces (and should be just alphanumeric).
260
- #
261
- # The current implementation uses environment variables and
262
- # crudely states that the username is
263
- #
264
- # - ENV['USERNAME'] for the Windows platform
265
- # - ENV['USER'] for Linux (and everything else)
266
- #
267
- # @return [String] the username of the machine user
268
- def username
269
-
270
- return ENV['USERNAME'] if Gem.win_platform?
271
- return ENV['USER']
272
-
273
- end
274
-
275
-
276
- end
277
-
278
-
279
- end
@@ -1,191 +0,0 @@
1
- #!/usr/bin/ruby
2
- # coding: utf-8
3
-
4
- module OpenSession
5
-
6
- require 'inifile'
7
-
8
-
9
- # An OpenSession dictionary is a +2D (two dimensional) hash+ data
10
- # structure backed by a file that can optionally be +encrypted+.
11
- #
12
- # It supports operations to +read from+ and +write to+ a known filepath
13
- # and can optionally be given a crypt key so that it can
14
- #
15
- # - decrypt +after reading from+ a file
16
- # - encrypt +before writing to+ a file
17
- #
18
- # This dictionary extends {Hash} in order to deliver on its core key value
19
- # store, report and retrieve use cases.
20
- #
21
- # @example
22
- # This dictionary implementation is backed by an INI file
23
- # that could initially look like this.
24
- #
25
- # [openbox]
26
- # length = 2m
27
- #
28
- # Then we add a section called closedbox with two key value pairs.
29
- # And we add width key with a value of 3m to the openbox section.
30
- # The result will look like this.
31
- #
32
- # [closedbox]
33
- # shape = cuboid
34
- # color = blue
35
- #
36
- # [openbox]
37
- # length = 2m
38
- # width = 3m
39
- #
40
- class Dictionary < Hash
41
-
42
-
43
- # Write the data in this dictionary hash map into a file-system
44
- # backed mirror whose path was specified in the {self.read} method.
45
- #
46
- # Technology for encryption at rest is supported by this dictionary
47
- # and a non-nil encryption key parameter is expected if this dictionary
48
- # has been configured to encrypt data at rest.
49
- #
50
- # An argument error will result if a suitable key is not provided
51
- # when encryption at rest is desired.
52
- #
53
- # Calling this {self.write} method when the file at the prescribed path
54
- # does not exist results in the directory structure being created
55
- # (if necessary) and then the (possibly encrypted) file being written.
56
- #
57
- # @param encrypt_key [String]
58
- # if encryption at rest is required this parameter must contain a
59
- # robust symmetric decryption key. The symmetric key will be used
60
- # for the decryption after the read. Note that the decryption key
61
- # does not linger meaning it isn't cached in an instance variable.
62
- #
63
- # @raise [ArgumentError] if +encryption at rest+ is prescribed for the
64
- # dictionary but no encryption key is provided. The +converse+
65
- # assertion will also be made.
66
- def write encrypt_key = nil
67
-
68
- file_exists = File.exists? @filepath
69
- folder_path = File.dirname(@filepath) unless file_exists
70
- FileUtils.mkdir_p folder_path unless file_exists
71
-
72
- crypt_assertion encrypt_key
73
- ini_file = IniFile.new
74
-
75
- self.each_key do |section_name|
76
- ini_file[section_name] = self[section_name]
77
- end
78
-
79
- ini_string = ini_file.to_s
80
-
81
- puts ""
82
- puts "============================"
83
- puts "Before Encryption"
84
- puts "============================"
85
- puts ini_string
86
- puts "============================"
87
- puts ""
88
-
89
- ini_string = Base64.encode64( OpenSecret::Blowfish.new.encryptor(ini_string,encrypt_key) ) if @encrypt_at_rest
90
-
91
- File.write @filepath, ini_string
92
-
93
- end
94
-
95
-
96
- # Read and inject into this dictionary, map data found in a fle
97
- # at the path specified in the first parameter.
98
- #
99
- # Technology for encryption at rest is supported by this dictionary
100
- # and the second parameter being TRUE denotes that we are required
101
- # to encrypt before writing and decrypt after reading.
102
- #
103
- # An argument error will result if a suitable key is not provided
104
- # when encryption at rest is desired.
105
- #
106
- # If the file does not exist (boundary condition) - this read method
107
- # remembers the file path as well as remembering the need for encryption
108
- # at rest.
109
- #
110
- # @param the_filepath [String] absolute path to the file mirroring this dictionary
111
- # @param is_encrypted_at_rest [Boolean] true if dictionary encryption at rest is desired
112
- # @param decrypt_key [String]
113
- # if encryption at rest is required this parameter must contain a
114
- # robust symmetric decryption key. The symmetric key will be used
115
- # for the decryption after the read. Note that the decryption key
116
- # does not linger meaning it isn't cached in an instance variable.
117
- #
118
- # @raise [ArgumentError] if +encryption at rest+ is prescribed for the
119
- # dictionary but no encryption key is provided and the +converse+
120
- # is also true.
121
- def read the_filepath, is_encrypted_at_rest, decrypt_key = nil
122
-
123
- @filepath = the_filepath
124
- @encrypt_at_rest = is_encrypted_at_rest
125
- return unless File.exists? @filepath
126
- crypt_assertion decrypt_key
127
-
128
- file_contents = File.read( @filepath ).strip
129
- if @encrypt_at_rest then
130
- file_contents = OpenSecret::Blowfish.new.decryptor( Base64.decode64(file_contents), decrypt_key )
131
- end
132
-
133
- puts ""
134
- puts "==========================="
135
- puts "After Decryption"
136
- puts "==========================="
137
- puts file_contents
138
- puts "==========================="
139
- puts ""
140
-
141
- ingest_contents file_contents
142
-
143
- end
144
-
145
-
146
- private
147
-
148
-
149
- def ingest_contents the_contents
150
-
151
- ini_file = IniFile.new( :content => the_contents )
152
- ini_file.each do | data_group, data_key, data_value |
153
- ingest_entry data_group, data_key, data_value
154
- end
155
-
156
- end
157
-
158
-
159
- def ingest_entry section_name, key_name, value
160
-
161
- msg = "A NIL object detected during ingestion of file [#{@filepath}]."
162
- raise RuntimetError.new msg if section_name.nil? || key_name.nil? || value.nil?
163
-
164
- if self.has_key? section_name then
165
- self[section_name][key_name] = value
166
- else
167
- self.store section_name, { key_name => value }
168
- end
169
-
170
- end
171
-
172
-
173
- def crypt_assertion with_crypt_key
174
-
175
- if @encrypt_at_rest
176
- msg1 = "Encryption at rest required but no (none whitespace) encryption key provided."
177
- raise ArgumentError, msg1 unless !with_crypt_key.nil?
178
- return
179
- end
180
-
181
- msg2 = "Encryption at rest not required but an encryption key was provided."
182
- raise ArgumentError, msg2 unless with_crypt_key.nil?
183
- return
184
-
185
- end
186
-
187
-
188
- end
189
-
190
-
191
- end