safedb 0.3.1011 → 0.4.1002
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CONTRIBUTING.md +56 -19
- data/README.md +15 -15
- data/Rakefile +7 -0
- data/bin/safe +2 -2
- data/lib/{interprete.rb → cli.rb} +168 -121
- data/lib/controller/admin/README.md +47 -0
- data/lib/controller/admin/access.rb +47 -0
- data/lib/controller/admin/checkin.rb +83 -0
- data/lib/controller/admin/checkout.rb +57 -0
- data/lib/controller/admin/diff.rb +75 -0
- data/lib/{usecase → controller/admin}/export.rb +15 -14
- data/lib/controller/admin/goto.rb +52 -0
- data/lib/controller/admin/import.rb +54 -0
- data/lib/controller/admin/init.rb +113 -0
- data/lib/controller/admin/login.rb +88 -0
- data/lib/{usecase → controller/admin}/logout.rb +0 -0
- data/lib/controller/admin/open.rb +39 -0
- data/lib/{usecase → controller/admin}/token.rb +2 -2
- data/lib/controller/admin/tree.md +54 -0
- data/lib/{usecase → controller/admin}/use.rb +0 -0
- data/lib/controller/admin/view.rb +61 -0
- data/lib/{usecase → controller/api}/docker/README.md +0 -0
- data/lib/{usecase → controller/api}/docker/docker.rb +1 -1
- data/lib/{usecase → controller/api}/jenkins/README.md +0 -0
- data/lib/{usecase → controller/api}/jenkins/jenkins.rb +1 -1
- data/lib/{usecase → controller/api}/terraform/README.md +1 -1
- data/lib/{usecase → controller/api}/terraform/terraform.rb +1 -1
- data/lib/{usecase → controller/api}/vpn/README.md +1 -1
- data/lib/{usecase → controller/api}/vpn/vpn.ini +0 -0
- data/lib/{usecase → controller/api}/vpn/vpn.rb +0 -0
- data/lib/{usecase → controller}/config/README.md +0 -0
- data/lib/{usecase → controller}/edit/README.md +0 -0
- data/lib/controller/edit/editverse.rb +48 -0
- data/lib/controller/edit/put.rb +35 -0
- data/lib/controller/edit/remove.rb +29 -0
- data/lib/{usecase/update/README.md → controller/edit/rename.md} +0 -0
- data/lib/{usecase → controller}/files/README.md +1 -1
- data/lib/controller/files/read.rb +36 -0
- data/lib/{usecase/files/eject.rb → controller/files/write.rb} +15 -20
- data/lib/{usecase → controller}/id.rb +0 -0
- data/lib/controller/query/print.rb +26 -0
- data/lib/controller/query/queryverse.rb +39 -0
- data/lib/controller/query/show.rb +50 -0
- data/lib/{session/require.gem.rb → controller/requirer.rb} +13 -9
- data/lib/{usecase → controller}/set.rb +4 -4
- data/lib/controller/usecase.rb +244 -0
- data/lib/{usecase → controller}/verse.rb +0 -0
- data/lib/{usecase → controller}/visit/README.md +0 -0
- data/lib/{usecase → controller}/visit/visit.rb +0 -0
- data/lib/factbase/facts.safedb.net.ini +7 -7
- data/lib/{keytools/key.docs.rb → model/README.md} +102 -66
- data/lib/model/book.rb +484 -0
- data/lib/model/branch.rb +48 -0
- data/lib/model/checkin.feature +33 -0
- data/lib/{configs/README.md → model/configs.md} +4 -4
- data/lib/model/content.rb +214 -0
- data/lib/model/indices.rb +132 -0
- data/lib/model/safe_tree.rb +51 -0
- data/lib/model/state.inspect.rb +221 -0
- data/lib/model/state.migrate.rb +334 -0
- data/lib/model/text_chunk.rb +68 -0
- data/lib/{extension → utils/extend}/array.rb +0 -0
- data/lib/{extension → utils/extend}/dir.rb +0 -0
- data/lib/{extension → utils/extend}/file.rb +0 -0
- data/lib/utils/extend/hash.rb +76 -0
- data/lib/{extension → utils/extend}/string.rb +6 -6
- data/lib/{session/fact.finder.rb → utils/facts/fact.rb} +0 -0
- data/lib/utils/identity/identifier.rb +356 -0
- data/lib/{keytools/key.ident.rb → utils/identity/machine.id.rb} +67 -4
- data/lib/utils/inspect/inspector.rb +81 -0
- data/lib/{keytools/kdf.bcrypt.rb → utils/kdfs/bcrypt.rb} +0 -0
- data/lib/{keytools → utils/kdfs}/kdf.api.rb +16 -16
- data/lib/{keytools/key.local.rb → utils/kdfs/kdfs.rb} +40 -40
- data/lib/{keytools/kdf.pbkdf2.rb → utils/kdfs/pbkdf2.rb} +0 -0
- data/lib/{keytools/kdf.scrypt.rb → utils/kdfs/scrypt.rb} +0 -0
- data/lib/{keytools → utils}/key.error.rb +2 -2
- data/lib/{keytools → utils}/key.pass.rb +2 -2
- data/lib/{keytools → utils/keys}/key.64.rb +0 -0
- data/lib/{keytools → utils/keys}/key.rb +6 -2
- data/lib/{keytools/key.iv.rb → utils/keys/random.iv.rb} +0 -0
- data/lib/{logging/gem.logging.rb → utils/logs/logger.rb} +6 -5
- data/lib/{keytools/key.pair.rb → utils/store/datamap.rb} +48 -30
- data/lib/{keytools/key.db.rb → utils/store/datastore.rb} +38 -104
- data/lib/utils/store/merge-boys-school.json +40 -0
- data/lib/utils/store/merge-girls-school.json +48 -0
- data/lib/utils/store/merge-merged-data.json +56 -0
- data/lib/utils/store/struct.rb +75 -0
- data/lib/utils/store/test-commands.sh +24 -0
- data/lib/{keytools/key.now.rb → utils/time/timestamp.rb} +32 -21
- data/lib/version.rb +1 -1
- metadata +86 -73
- data/lib/extension/hash.rb +0 -33
- data/lib/keytools/key.algo.rb +0 -109
- data/lib/keytools/key.api.rb +0 -1326
- data/lib/keytools/key.id.rb +0 -322
- data/lib/modules/cryptology/amalgam.rb +0 -70
- data/lib/modules/cryptology/engineer.rb +0 -99
- data/lib/modules/mappers/dictionary.rb +0 -288
- data/lib/session/time.stamp.rb +0 -340
- data/lib/session/user.home.rb +0 -49
- data/lib/usecase/cmd.rb +0 -471
- data/lib/usecase/edit/delete.rb +0 -46
- data/lib/usecase/files/file_me.rb +0 -78
- data/lib/usecase/files/read.rb +0 -169
- data/lib/usecase/files/write.rb +0 -89
- data/lib/usecase/goto.rb +0 -57
- data/lib/usecase/import.rb +0 -157
- data/lib/usecase/init.rb +0 -61
- data/lib/usecase/login.rb +0 -72
- data/lib/usecase/open.rb +0 -71
- data/lib/usecase/print.rb +0 -40
- data/lib/usecase/put.rb +0 -81
- data/lib/usecase/show.rb +0 -138
- data/lib/usecase/update/rename.rb +0 -180
- data/lib/usecase/view.rb +0 -71
@@ -1,180 +0,0 @@
|
|
1
|
-
#!/usr/bin/ruby
|
2
|
-
|
3
|
-
module SafeDb
|
4
|
-
|
5
|
-
# The <b>put use case</b> follows <b>open</b> and it adds secrets into an
|
6
|
-
# <em>(encrypted at rest)</em> <b>envelope</b>. Put can be called many times
|
7
|
-
# and when done, the <b>lock use case</b> can be called to commit all opened
|
8
|
-
# secrets into the configured storage engines.
|
9
|
-
#
|
10
|
-
# Calling <em>put</em> <b>before</b> calling open or <b>after</b> calling lock
|
11
|
-
# is not allowed and will result in an error.
|
12
|
-
#
|
13
|
-
# == Put Pre-Conditions
|
14
|
-
#
|
15
|
-
# When the put use case is called - the below conditions ring true.
|
16
|
-
#
|
17
|
-
# - the <b>folder path</b> ending in ../../my must exist
|
18
|
-
# - a session id, filename and encryption key ( in workstation config )
|
19
|
-
#
|
20
|
-
# == Observable Value
|
21
|
-
#
|
22
|
-
# The observable value delivered by +put+ boils down to
|
23
|
-
#
|
24
|
-
# - a new <b>friends.xyz123abc.os.txt</b> file if this is the first put.
|
25
|
-
# - a new group_name/key_name (like monica/surname) entry is added if required
|
26
|
-
# - a secret value is added against the key or updated if it already exists
|
27
|
-
# - a new session id and encryption key is generated and used to re-encrypt
|
28
|
-
#
|
29
|
-
# == Example | Bill Clinton's Secrets
|
30
|
-
#
|
31
|
-
# In our fictitious example Bill Clinton uses safe to lock away the
|
32
|
-
# names and dates of his lady friends.
|
33
|
-
#
|
34
|
-
# $ safe init bill.clinton@example.com
|
35
|
-
# $ safe open my/friends
|
36
|
-
#
|
37
|
-
# $ safe put monica/surname lewinsky
|
38
|
-
# $ safe put monica/from "April 1989"
|
39
|
-
# $ safe put monica/to "September 1994"
|
40
|
-
#
|
41
|
-
# $ safe put hilary/surname clinton
|
42
|
-
# $ safe put hilary/from "January 1988"
|
43
|
-
# $ safe put hilary/to "Present Day"
|
44
|
-
#
|
45
|
-
# $ safe lock
|
46
|
-
#
|
47
|
-
# Soon follow up use cases will be unveiled, enabling us to
|
48
|
-
#
|
49
|
-
# - <b>get</b>
|
50
|
-
# - <b>read</b>
|
51
|
-
# - <b>list</b>
|
52
|
-
# - <b>look</b>
|
53
|
-
# - <b>peep</b> and
|
54
|
-
# - <b>peek</b>
|
55
|
-
class Rename < UseCase
|
56
|
-
|
57
|
-
|
58
|
-
attr_writer :secret_id, :secret_value
|
59
|
-
|
60
|
-
|
61
|
-
# The <b>put use case</b> follows <b>open</b> and it adds secrets into an
|
62
|
-
# <em>(encrypted at rest)</em> envelope. Put can be called many times to
|
63
|
-
# add secrets. Finally the <b>lock use case</b> commits all opened secrets
|
64
|
-
# into the configured storage engines.
|
65
|
-
#
|
66
|
-
# Calling <em>put</em> <b>before</b> calling open or <b>after</b> calling lock
|
67
|
-
# is not allowed and will result in an error.
|
68
|
-
#
|
69
|
-
# == Put Pre-Conditions
|
70
|
-
#
|
71
|
-
# When the put use case is called - the below conditions ring true.
|
72
|
-
#
|
73
|
-
# - the <b>folder path</b> ending in ../../my must exist
|
74
|
-
# - a session id, filename and encryption key ( in workstation config )
|
75
|
-
#
|
76
|
-
# == Observable Value
|
77
|
-
#
|
78
|
-
# The observable value delivered by +put+ boils down to
|
79
|
-
#
|
80
|
-
# - a new <b>friends.xyz123abc.os.txt</b> file if this is the first put.
|
81
|
-
# - a new group_name/key_name (like monica/surname) entry is added if required
|
82
|
-
# - a secret value is added against the key or updated if it already exists
|
83
|
-
# - a new session id and encryption key is generated and used to re-encrypt
|
84
|
-
#
|
85
|
-
# == How to Pretty Print a Hash in JSON Format
|
86
|
-
#
|
87
|
-
# This pretty prints a Hash (dictionary) data structure in JSON format.
|
88
|
-
#
|
89
|
-
# puts "---\n"
|
90
|
-
# puts JSON.pretty_generate( master_db )
|
91
|
-
# puts "---\n"
|
92
|
-
#
|
93
|
-
def execute
|
94
|
-
|
95
|
-
return unless ops_key_exists?
|
96
|
-
master_db = KeyApi.read_master_db()
|
97
|
-
|
98
|
-
return if unopened_envelope?( master_db )
|
99
|
-
|
100
|
-
envelope_id = ENVELOPE_KEY_PREFIX + master_db[ ENV_PATH ]
|
101
|
-
has_content = KeyApi.db_envelope_exists?( master_db[ envelope_id ] )
|
102
|
-
|
103
|
-
# --
|
104
|
-
# -- To get hold of the content we must either
|
105
|
-
# --
|
106
|
-
# -- a) unlock it using the breadcrumbs or
|
107
|
-
# -- b) start afresh with a new content db
|
108
|
-
# --
|
109
|
-
content_box = KeyDb.from_json( KeyApi.content_unlock( master_db[ envelope_id ] ) ) if has_content
|
110
|
-
content_box = KeyDb.new() unless has_content
|
111
|
-
content_hdr = create_header()
|
112
|
-
|
113
|
-
# --
|
114
|
-
# -- If no content envelope exists we need to place
|
115
|
-
# -- an empty one inside the appdb content database.
|
116
|
-
# --
|
117
|
-
master_db[ envelope_id ] = {} unless has_content
|
118
|
-
|
119
|
-
# --
|
120
|
-
# -- This is the PUT use case so we append a
|
121
|
-
# --
|
122
|
-
# -- a) key for the new dictionary entry
|
123
|
-
# -- b) value for the new dictionary entry
|
124
|
-
# --
|
125
|
-
# -- into the current content envelope and write
|
126
|
-
# -- the envelope to the content filepath.
|
127
|
-
# --
|
128
|
-
crumbs_dict = master_db[ envelope_id ]
|
129
|
-
content_box.create_entry( master_db[ KEY_PATH ], @secret_id, @secret_value )
|
130
|
-
KeyApi.content_lock( crumbs_dict, content_box.to_json, content_hdr )
|
131
|
-
|
132
|
-
# --
|
133
|
-
# -- Three envelope crumbs namely the external ID, the
|
134
|
-
# -- random iv and the crypt key are written afresh into
|
135
|
-
# -- the master database.
|
136
|
-
# --
|
137
|
-
KeyApi.write_master_db( content_hdr, master_db )
|
138
|
-
print_put_success
|
139
|
-
|
140
|
-
# ---> secret_ids = @secret_id.split("/")
|
141
|
-
# ---> if ( envelope.has_key? secret_ids.first )
|
142
|
-
# ---> envelope[secret_ids.first][secret_ids.last] = @secret_value
|
143
|
-
# ---> else
|
144
|
-
# ---> envelope[secret_ids.first] = { secret_ids.last => @secret_value }
|
145
|
-
# ---> end
|
146
|
-
|
147
|
-
end
|
148
|
-
|
149
|
-
|
150
|
-
private
|
151
|
-
|
152
|
-
|
153
|
-
def print_put_success
|
154
|
-
|
155
|
-
puts ""
|
156
|
-
puts "Success putting a key/value pair into the open envelope."
|
157
|
-
puts "You can put more in and then close the envelope."
|
158
|
-
puts ""
|
159
|
-
puts " #{COMMANDMENT} close"
|
160
|
-
puts ""
|
161
|
-
|
162
|
-
end
|
163
|
-
|
164
|
-
|
165
|
-
# Perform pre-conditional validations in preparation to executing the main flow
|
166
|
-
# of events for this use case. This method may throw the below exceptions.
|
167
|
-
#
|
168
|
-
# @raise [SafeDirNotConfigured] if the safe's url has not been configured
|
169
|
-
# @raise [EmailAddrNotConfigured] if the email address has not been configured
|
170
|
-
# @raise [StoreUrlNotConfigured] if the crypt store url is not configured
|
171
|
-
def pre_validation
|
172
|
-
|
173
|
-
|
174
|
-
end
|
175
|
-
|
176
|
-
|
177
|
-
end
|
178
|
-
|
179
|
-
|
180
|
-
end
|
data/lib/usecase/view.rb
DELETED
@@ -1,71 +0,0 @@
|
|
1
|
-
#!/usr/bin/ruby
|
2
|
-
|
3
|
-
module SafeDb
|
4
|
-
|
5
|
-
# View provides a bird's eye view of the domain's content and links well with
|
6
|
-
# the <b>goto</b>, <b>show</b> and <b>tell</b> commands.
|
7
|
-
#
|
8
|
-
# $ xxx view
|
9
|
-
# $ xxx goto 5 # shortcut for xxx open <<envelope_name>> <<key_name>>
|
10
|
-
# $ xxx show
|
11
|
-
# $ xxx tell
|
12
|
-
# $ xxx tell url
|
13
|
-
#
|
14
|
-
# View maps out and numbers each envelope/key combination.
|
15
|
-
# Goto with the number effectively shortcuts the open pinpointer.
|
16
|
-
# Show prints out the dictionary at the opened path but masks any secrets.
|
17
|
-
# Tell without a parameter echoes the secret.
|
18
|
-
# Tell with parameter echoes the value of the parameter key (eg url).
|
19
|
-
#
|
20
|
-
# Once goto is enacted all path CRUD commands come into play as if you had
|
21
|
-
# opened the path. These include put, copy, paste, show, tell and delete.
|
22
|
-
class View < UseCase
|
23
|
-
|
24
|
-
def execute
|
25
|
-
|
26
|
-
return unless ops_key_exists?
|
27
|
-
master_db = KeyApi.read_master_db()
|
28
|
-
|
29
|
-
open_envelope = "(none)" if master_db[ ENV_PATH ].nil?
|
30
|
-
open_envelope = master_db[ ENV_PATH ] unless master_db[ ENV_PATH ].nil?
|
31
|
-
open_key_path = "(none)" if master_db[ KEY_PATH ].nil?
|
32
|
-
open_key_path = master_db[ KEY_PATH ] unless master_db[ KEY_PATH ].nil?
|
33
|
-
|
34
|
-
puts ""
|
35
|
-
puts "--- Book Birthday ~> #{KeyApi.to_db_create_date(master_db)}\n"
|
36
|
-
puts "--- The Book Name ~> #{KeyApi.to_db_domain_name(master_db)}\n"
|
37
|
-
puts "--- The Book (Id) ~> #{KeyApi.to_db_domain_id(master_db)}\n"
|
38
|
-
puts "---\n"
|
39
|
-
puts "--- Chapter ~> #{open_envelope}\n"
|
40
|
-
puts "--- + Verse ~> #{open_key_path}\n"
|
41
|
-
puts "---\n"
|
42
|
-
|
43
|
-
goto_location = 1
|
44
|
-
envelope_dictionaries = KeyApi.to_matching_dictionary( master_db, ENVELOPE_KEY_PREFIX )
|
45
|
-
envelope_dictionaries.each_pair do | envelope_name, crumb_dictionary |
|
46
|
-
is_opened_chapter = envelope_name.eql?( open_envelope )
|
47
|
-
envelope_content = KeyDb.from_json( KeyApi.content_unlock( crumb_dictionary ) )
|
48
|
-
envelope_content.each_key do | envelope_key |
|
49
|
-
is_opened_verse = envelope_key.eql?( open_key_path )
|
50
|
-
is_open = is_opened_chapter && is_opened_verse
|
51
|
-
openend = is_open ? " (( open location ))" : ""
|
52
|
-
fixdint = format( "%02d", goto_location )
|
53
|
-
goindex = is_open ? "" : "[#{fixdint}] "
|
54
|
-
puts "--- --- --------------------------------------" if is_open
|
55
|
-
puts "--- #{goindex}#{envelope_name} ~> #{envelope_key}#{openend}\n"
|
56
|
-
puts "--- --- --------------------------------------" if is_open
|
57
|
-
goto_location += 1
|
58
|
-
end
|
59
|
-
end
|
60
|
-
|
61
|
-
puts ""
|
62
|
-
|
63
|
-
return
|
64
|
-
|
65
|
-
end
|
66
|
-
|
67
|
-
|
68
|
-
end
|
69
|
-
|
70
|
-
|
71
|
-
end
|