opensecret 0.0.6 → 0.0.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 85c085e0242cdb55bbb6f3df229c28d8a96bd61e
-  data.tar.gz: 3a23ec34294b85318d0d6f8f7e05a33b6f83a5f0
+  metadata.gz: d8c7565fa1ae84582a92d7ecd437008570baaec0
+  data.tar.gz: fc2f65062e9fc99b57cd7aa773e5969a015c2ea2
 SHA512:
-  metadata.gz: 6ca6e6aa4e286458305475e52bf00f92fea820677b297e28337874899f7b6e527841ff4a7577fd7fbb4f97b418bf724502e687e4a2b9b78582768b9ab08e6158
-  data.tar.gz: 81f5a6d343efb2637b795481ccf3bf8311840b5ef62794d232893a2d6785d532d1f8c049900575f80c45a9e0aa83947582ea8421eac2ddb5b428f4b3a25040fe
+  metadata.gz: 9d92678d4e10eeffd23e8fcb576e3ec7d0dbc79b5266f33a1cf83a2a5791e20485a905320f58dcc1a77f4d98206719664def1699d2cc78e7b80eab6a8088242d
+  data.tar.gz: a6c663d79a1435bec2896f383b8a7cc71a10557d1a80117bb4d01bba33fd7c411786ddbe3e15e6cfc9d8d8d28c62cfacd38dc4b3107fa41cf2b59fc5fa9c8d23

data/README.md

@@ -4,31 +4,50 @@ opensecret [![Build Status](https://secure.travis-ci.org/TwP/inifile.png)](http:
 Description
 -----------
 
-opensecret stashes uncrackable secrets into your Git, S3, DropBox, Google Drive and filesystems backends. You interface with its intuitive Linux, Windows, iOS front ends and it offers SDKs and plugins for Ruby, Python, Java, Jenkins, CodeShip, Ansible, Terraform, Puppet and Chef.
++opensecret+ stashes uncrackable secrets into your +Git+, +S3+, DropBox, Google Drive and filesystems backends. You interface with its intuitive Linux, Windows, iOS front ends and it offers SDKs and plugins for +Ruby+, +Python+, +Go+, +Java+, Jenkins, CodeShip, Ansible, Terraform, Puppet and Chef. Soon, support will be added for database and keystore backends such as +MySQL+, +MongoDB+, +PostgreSQL+, Redis, Memcached and etcd.
+
+opensecret never accesses the cloud for anything - it is designed to operate on a single non-networked laptop if you so wish. opensecret takes a fresh approach to security and challenges common misconceptions - in order to deliver a simple, highly secure credentials management system.
+
 
 ### opensecret | Install It
 
     $ gem install opensecret
 
-### opensecret | Create a Domain
 
-You can use opensecret alone or you can use it to share secrets with colleagues, friends and family, even machines. Sometimes it is more secure for a machine to create credentials and then share them, when asked, with a select group.
+### opensecret | Configure It
+
+    $ opensecret keydir /path/to/usb/key/dir
+    $ opensecret name   joe
+    $ opensecret email  joebloggs@harvard.edu
+    $ opensecret domain lecturers@harvard
+    $ opensecret store  https://www.eco-platform.co.uk/crypt/lecturers.git
 
-    $ opensecret init <<domain>> <<store-url>>
-    $ opensecret init lecturers@harvard https://www.eco-platform.co.uk/crypt/lecturers.git
+    $ opensecret init
 
-Every domain is tied to backend storage which is accessible by you and others in your domain. You can use Git, S3, a networked filesystem or shared drive, a SSH accessible filesystem and soon, free storage from opensecret.io
 
+### opensecret | All Done!
 
-### opensecret | Create Yourself
+You are done setting up opensecret with just 5 commands. *Simple* means less mistakes, less confusion and therefore more secure. Let's recap on the 5 configurations
 
-Now you have a domain, you create yourself with an id and an email address.
+- <tt>keydir</tt> &raquo; best practise is a +usb key drive+ with your **actual keys**
+- <tt>name</tt> &raquo; single word lowercase and short - how your peers call you
+- <tt>email</tt> &raquo; email address (validation scheduled for end of March 2018)
+- <tt>domain</tt> &raquo; +joe@home+ if single or a team like +it-dept@ibm.com+
+- <tt>store</tt> &raquo; a Git project URL to hold your encrypted secret material
 
-    $ opensecret create user --id=joe --email=joebloggs@example.com
+The +opensecret init+ command
 
-As there is only one domain, opensecret automatically adds you to it.
+- creates a 8192 bit uncrackable private key
+- collects a human password and creates a machine password
+- locks the private key with a minimum 64 character amalgamated password
+- locks the public key's fingerprint making it tamper proof
+- creates a base directory on your backend store
 
-### opensecret | Create Your Keys
+Now you are ready to begin locking and unlocking and soon, you'll be able to request a secret (like a WiFi or NetFlix password) from others in your group. You too can either acquiesce (or reject) requests from your colleagues, friends and family.
+
+
+One Lock | Two Keys
+-------------------
 
 With suitcases, the key that locks the suitcase also opens it.
 
@@ -36,10 +55,10 @@ In cryptography - you have two keys. You give out your public key and anyone can
 
 The safest place to put your private key is on a USB key drive which you carry around with your real keys. And to top it all - a password that only you know is used to lock your private key.
 
-    $ opensecret create keys &lt;&lt;directory-path&gt;&gt;
-    $ opensecret create keys /media/joe/usb_drive
+For scripts that cannot stop and wait for user input - keys can optionally be created with a password given at the command line.
+
+    $ opensecret init --password="p455w0rd.!0NDUN"
 
-The create keys command will ask you for a secure password - enter that and you are ready to start locking, unlocking, asking for - and best of all - telling - lots of juicy secrets. Some secrets are so juicy, they just have to burst.
 
 opensecret configuration
 ------------------------
@@ -94,9 +113,15 @@ It is much more secure to beg for a secret than just have someone reveal it. Whe
 
 Any hijacker will need access to a great many things and be very precise with their timing in order to serrupticiously subvert the system.
 
-### Usage
 
-Detailed usage instructions will be added right here.
+
+### opensecret | Summary
+
+You can use opensecret alone or you can use it to share secrets with colleagues, friends and family, even machines.
+
+Every domain is tied to backend storage which is accessible by you and others in your domain. You can use Git, S3, a networked filesystem or shared drive, a SSH accessible filesystem and soon, free storage from +opensecret.io+
+
+
 
 ### Development
 

data/Rakefile

@@ -1,6 +1,12 @@
 require "bundler/gem_tasks"
 require "rake/testtask"
+require 'yard'
 
+# -
+# - This configuration allows us to run "rake test"
+# - and invoke minitest to execute all files in the
+# - test directory with names ending in "_test.rb".
+# -
 Rake::TestTask.new(:test) do |t|
   t.libs << "test"
   t.libs << "lib"
@@ -8,3 +14,12 @@ Rake::TestTask.new(:test) do |t|
 end
 
 task :default => :test
+
+# -
+# - This configuration allows us to run "rake yard"
+# - to build documentation.
+# -
+YARD::Rake::YardocTask.new do |t|
+ t.files   = ['lib/**/*.rb']
+ t.stats_options = ['--list-undoc']
+end

data/lib/opensecret.rb

@@ -1,4 +1,5 @@
 require "opensecret/version"
+require "opensecret/plugins.io/cipher/crypto"
 require "thor"
 
 # ### This command line processor will

data/lib/opensecret/version.rb

@@ -1,3 +1,3 @@
 module OpenSecret
-  VERSION = "0.0.6"
+  VERSION = "0.0.7"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: opensecret
 version: !ruby/object:Gem::Version
-  version: 0.0.6
+  version: 0.0.7
 platform: ruby
 authors:
 - Apollo Akora
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-02-08 00:00:00.000000000 Z
+date: 2018-02-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: inifile
@@ -159,7 +159,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.2.1
+rubygems_version: 2.5.1
 signing_key: 
 specification_version: 4
 summary: opensecret locks and unlocks secrets in a simple, secure and intuitive way.