opensecret 0.0.5 → 0.0.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 9bc4bfc60cbda290f4cac72f199f16c7edeee9f7
-  data.tar.gz: 5b901aaa8a3d2db04a48bb1244bf9e305e7ab2a6
+  metadata.gz: 85c085e0242cdb55bbb6f3df229c28d8a96bd61e
+  data.tar.gz: 3a23ec34294b85318d0d6f8f7e05a33b6f83a5f0
 SHA512:
-  metadata.gz: 2e246d8520e068d0dace4ec48221d0cc2a2fbd761e8c06924759912e24e1e9afbdb433e56b1a132983966c178b3ae79fa30ded31fa9e57d287c4d9cf50d844d3
-  data.tar.gz: 8b0cee1a18cb39cfce967b73dd091630d6f8ac923b7d60978a1d61970d157a41f67be672653c19798e25dd3a306002a385ba19a47940e193552665373cffcf5b
+  metadata.gz: 6ca6e6aa4e286458305475e52bf00f92fea820677b297e28337874899f7b6e527841ff4a7577fd7fbb4f97b418bf724502e687e4a2b9b78582768b9ab08e6158
+  data.tar.gz: 81f5a6d343efb2637b795481ccf3bf8311840b5ef62794d232893a2d6785d532d1f8c049900575f80c45a9e0aa83947582ea8421eac2ddb5b428f4b3a25040fe

data/README.md

@@ -1,43 +1,139 @@
-# OpenSecret
+opensecret [![Build Status](https://secure.travis-ci.org/TwP/inifile.png)](http://travis-ci.org/TwP/inifile)
+==========
 
-Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/opensecret`. To experiment with that code, run `bin/console` for an interactive prompt.
+Description
+-----------
 
-TODO: Delete this and the text above, and describe your gem
+opensecret stashes uncrackable secrets into your Git, S3, DropBox, Google Drive and filesystems backends. You interface with its intuitive Linux, Windows, iOS front ends and it offers SDKs and plugins for Ruby, Python, Java, Jenkins, CodeShip, Ansible, Terraform, Puppet and Chef.
 
-## Installation
+### opensecret | Install It
 
-Add this line to your application's Gemfile:
+    $ gem install opensecret
 
-```ruby
-gem 'opensecret'
-```
+### opensecret | Create a Domain
 
-And then execute:
+You can use opensecret alone or you can use it to share secrets with colleagues, friends and family, even machines. Sometimes it is more secure for a machine to create credentials and then share them, when asked, with a select group.
 
-    $ bundle
+    $ opensecret init <<domain>> <<store-url>>
+    $ opensecret init lecturers@harvard https://www.eco-platform.co.uk/crypt/lecturers.git
 
-Or install it yourself as:
+Every domain is tied to backend storage which is accessible by you and others in your domain. You can use Git, S3, a networked filesystem or shared drive, a SSH accessible filesystem and soon, free storage from opensecret.io
 
-    $ gem install opensecret
 
-## Usage
+### opensecret | Create Yourself
+
+Now you have a domain, you create yourself with an id and an email address.
+
+    $ opensecret create user --id=joe --email=joebloggs@example.com
+
+As there is only one domain, opensecret automatically adds you to it.
+
+### opensecret | Create Your Keys
+
+With suitcases, the key that locks the suitcase also opens it.
+
+In cryptography - you have two keys. You give out your public key and anyone can lock any suitcase (of goodies) with your public key. Once done, that suitcase can only be opened with the other key, your private key. opensecret creates an 8192 bit private key which is simply uncrackable.
+
+The safest place to put your private key is on a USB key drive which you carry around with your real keys. And to top it all - a password that only you know is used to lock your private key.
+
+    $ opensecret create keys <<directory-path>>
+    $ opensecret create keys /media/joe/usb_drive
+
+The create keys command will ask you for a secure password - enter that and you are ready to start locking, unlocking, asking for - and best of all - telling - lots of juicy secrets. Some secrets are so juicy, they just have to burst.
+
+opensecret configuration
+------------------------
+
+Aside from your private keys, opensecret keeps a small amount of configuration within the .opensecret folder off your home directory. A typically opensecret.ini file within that folder looks like
+
+    [joebloggs@example.com]
+    type    = user
+    id      = joe
+    keydir  = /media/joe/usb_drive
+    domains = [ lecturers@harvard ]
+    default = true
+    printx  = asdfasdfas65as87d76fa97ds6f57as6d5f87a
+    printy  = asdfasdfas65as87d76fbbbasdfas0asd09080
+    printz  = adsfasdflkajhsdfasdf87987987asd9f87987
+
+    [lecturers@harvard]
+    type    = domain
+    store   = git
+    url     = https://www.eco-platform.co.uk/crypt/lecturers.git
+
 
-TODO: Write usage instructions here
 
-## Development
+Backend Storage Options
+-----------------------
+
+The planned list of backend storage systems (each onlined with a plugin), is
+
+- Git (including GitHub, GitLab, BitBucket, OpenGit and private Git installations).
+- S3 Buckets from the Amazon Web Services (AWS) cloud.
+- SSH, SCP, SFTP connected file-systems
+- network storage including Samba, NFS, VMWare vSAN and
+- GoogleDrive (only Windows has suitable synchronized support).
+
+Access management is configured EXTERNAL to opensecret. Opensecret simply piggybacks the network transport if authorization is granted.
+
+How to Join a Domain
+--------------------
+
+- opensecret will loop encrypting your public key's fingerprint with the public keys of present members
+- when they interact opensecret will ask if they trust the new id/email and key
+- if they say yes the fingerprint is imported and held with id/name
+- ongoing domainwide checks flag up public key / fingerprint mismatches
+- if keys are removed or updated similar questions are asked.
+
+Why Beg for Secrets?
+--------------------
+
+Why beg for a secret - why not just tell someone it?
+
+It is much more secure to beg for a secret than just have someone reveal it. When you beg for a secret - you are sending an encryption key to a single person who must possess the private key and they send back the secret encrypted with both your specific public key and the encryption key that originated from you.
+
+Any hijacker will need access to a great many things and be very precise with their timing in order to serrupticiously subvert the system.
+
+### Usage
+
+Detailed usage instructions will be added right here.
+
+### Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
 
 To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
 
-## Contributing
+### Contributing
 
 Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/opensecret. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
 
-## License
+License
+-------
 
-The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
+MIT License
+Copyright (c) 2006 - 2014
 
-## Code of Conduct
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+'Software'), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+### Code of Conduct
 
 Everyone interacting in the OpenSecret project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/opensecret/blob/master/CODE_OF_CONDUCT.md).
+

data/lib/{config.openkey.ini → config.opensecret.ini}

@@ -1,5 +1,5 @@
 
-[joebloggs@openkey.com]
+[joebloggs@opensecret.io]
 type=user
 id=joe
 keydir=/media/usb-key/secrets

data/lib/opensecret.rb

@@ -1,41 +1,6 @@
 require "opensecret/version"
 require "thor"
 
-# # How domains are joined?
-#
-# First the user **wishing to join* must be able to access the domain shared
-# **backend storage** system. The planned list of supported storage systems (each of
-# which is on-lined with a plugin (in plugins.io) is
-#
-# - Git (including GitHub, GitLab, BitBucket, OpenGit and private Git installations).
-# - S3 Buckets from the Amazon Web Services (AWS) cloud.
-# - SSH, SCP, SFTP connected file-systems
-# - network storage including Samba, NFS, VMWare vSAN
-# - GoogleDrive (only Windows has suitable synchronized support).
-# - DropBox
-#
-# Access management is configured EXTERNAL to openkey. OpenKey simply piggybacks
-# the network transport if authorization is granted.
-#
-# ## Use Case - Joining a Domain
-#
-#  - ok will loop encrypting your public key's fingerprint with the public keys of present members
-#  - when they interact ok will ask if they trust the new id/email and key
-#  - if they say yes the fingerprint is imported and held with id/name
-#  - ongoing domainwide checks flag up public key / fingerprint mismatches
-#  - if keys are removed or updated similar questions are asked.
-#
-# # Begging for and Revealing Secrets
-#
-#  - Why beg for a secret - why not just tell someone it?
-#  - It is much more secure to beg for a secret than just have someone reveal it.
-#  - When you beg for a secret - you are sending an encryption key to a single person
-#  - who must possess the private key and they send back the secret encrypted with both
-#  - your specific public key and the encryption key that originated from you.
-#  - 
-#  - Any hijacker will need access to a great many things and be very precise with their
-#  - timing in order to serrupticiously subvert the system.
-#
 # ### This command line processor will
 #
 # - read the posted commands, options and switches
@@ -47,9 +12,9 @@ require "thor"
 #
 # @note the Thor ruby gem is used for the heavy lifting
 #
-# @example openkey initdomain create friends.joebloggs --secure
-# @example openkey user create id=joe email=joebloggs@openkey.com
-# @example openkey user create id=joe email=joebloggs@openkey.com
+# @example opensecret initdomain create friends.joebloggs --secure
+# @example opensecret user create id=joe email=joebloggs@opensecret.io
+# @example opensecret user create id=joe email=joebloggs@opensecret.io
 #
 #
 class CommandProcessor < Thor
@@ -57,16 +22,17 @@ class CommandProcessor < Thor
   desc "init DOMAIN", "DOMAIN eg lecturers@harvard names your friends, family or work group."
   desc "init STORE_URL", "STORE_URL is backend Git/S3/SSH crypt store. Use https://www.eco-platform.co.uk/crypt.store.git"
 
+  #
   # Initialize (configure) two fundamental crypt pointers
   #
-  # - an openkey domain like &raquo; **lecturers@harvard**
+  # - an opensecret domain like &raquo; **lecturers@harvard**
   # - the url to a backend store like Git, S3 or an SSH accessible drive.
   #
   # The domain will be extended to cover verified internet domains.
   # They will also latch onto LDAP domains so when admins add, revoke
-  # or remove users, their openkey access is adjusted accordingly.
+  # or remove users, their opensecret access is adjusted accordingly.
   #
-  # @example openkey user create id=joe email=joebloggs@openkey.com
+  # @example opensecret user create id=joe email=joebloggs@opensecret.io
   #
   # @param domain [String] the DOMAIN eg lecturers@harvard for your family or work group.
   # @param store_url [String] the STORE_URL for connecting to the backend storage service

data/lib/opensecret/plugins.io/cipher/crypto.rb

@@ -12,14 +12,14 @@ module OpenSecret
   class Crypto
 
 
-    # Register two fundamental openkey crypt pointers 
+    # Register two fundamental opensecret crypt pointers 
     #
-    # - an openkey domain like » **lecturers@harvard**
+    # - an opensecret domain like » **lecturers@harvard**
     # - the url to a backend store like Git, S3 or an SSH accessible drive.
     #
     # The domain will be extended to cover verified internet domains.
     # They will also latch onto LDAP domains so when admins add, revoke
-    # or remove users, their openkey access is adjusted accordingly.
+    # or remove users, their opensecret access is adjusted accordingly.
     #
     # @param domain [String] the DOMAIN eg lecturers@harvard for your family or work group.
     # @param store_url [String] the STORE_URL for connecting to the backend storage service

data/lib/opensecret/version.rb

@@ -1,3 +1,3 @@
 module OpenSecret
-  VERSION = "0.0.5"
+  VERSION = "0.0.6"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: opensecret
 version: !ruby/object:Gem::Version
-  version: 0.0.5
+  version: 0.0.6
 platform: ruby
 authors:
 - Apollo Akora
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-02-07 00:00:00.000000000 Z
+date: 2018-02-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: inifile
@@ -99,7 +99,7 @@ files:
 - README.md
 - Rakefile
 - bin/opensecret
-- lib/config.openkey.ini
+- lib/config.opensecret.ini
 - lib/opensecret.rb
 - lib/opensecret/additions/array.rb
 - lib/opensecret/additions/dir.rb