safedb 0.01.0003 → 0.02.0001

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2a5b5879d5892ffaec119567912fbb9415c00b6696f251509822fed70905695f
-  data.tar.gz: eebaae89c1cba2b0c46e9ebecf2f8ed880b397d6167b766b58abe0a92be7e570
+  metadata.gz: 249ae50778019c51f108a0eedda627efe260e772f0c3df3ef13150467f6ab543
+  data.tar.gz: 62de4f70b68c6d6427853953b3eee251fe4851c4c78b4f97b6e1f3914ff0b2bc
 SHA512:
-  metadata.gz: 499040f9560c074a611d3ce783925d3283ca8a69a3a2e775e6101278a7f5ab714e8ccc8acc60fedc5d3743c54aa9a24079e9e9e5b88636a7e9bc40575891fecb
-  data.tar.gz: 1050a6d27d1847ce0147ca3a9192b9b3888735002ff1a8710ffc7d81aea0d66d839b25d82d6b9b36071806cde7a548263f24cae8e86a79733e6a1f089ea3f408
+  metadata.gz: ebbec720f16984d66a3a54d1f93a25f40840d1642b2eb104ca949c55ef9c3ea9c81a0cc6c4f0e0b5570d91d3c3bee83f3c131045c1f0893c34eccb1c1dcb2dca
+  data.tar.gz: 43e402a02672edc3b33c9935af9eeff2631ca1abc6cc619a2bd679b01c6884b69a6124a601214802d0bf786e291344fb9a7449dc5f310f96e15421a51c7e6c40

data/README.md

@@ -100,12 +100,13 @@ safe is **simple**, intuitive and highly secure. <b><em>It never accesses the cl
 safe | Install and Configure
 -----------
 
-## install safe
+## install safe on ubuntu 18.04
 
-    $ gem install safedb
-    $ export SAFE_TTY_TOKEN=`safe token`        # setup a shell session variable
-    $ safe init joe@abc /home/joe/credentials   # initialize a secrets domain
-    $ safe login joe@abc                        # login to the new domain
+    $ sudo apt-get install ruby-full     # for OpenSSL we need full ruby
+    $ sudo gem install safedb            # install the safe ruby gem
+    $ export SAFE_TTY_TOKEN=`safe token` # setup a shell session variable
+    $ safe init joe@abc ~/safedb.creds   # initialize a safe book in folder
+    $ safe login joe@abc                 # login with the created password
 
 You initialize then login to a **domain** like **joe@abc**. In the init command we specify where the encrypted material will be stored. Best use a USB key or phone to use your secrets on any drive or computer.
 
@@ -115,27 +116,26 @@ More information will be provided on installing and using safe via a gem install
 
 ## Create Alias for Export Safe Terminal Token
 
-It's tiresome to manually create the **SAFE_TTY_TOKEN environment variable** that is required by safe.
+It is tiresome To type <tt>export SAFE_TTY_TOKEN=`safe token`</tt> every time you use the safe. A solution is to create a smaller alias command like <tt>safetty</tt> which will run when we open up a shell.
 
-So create an **alias safetty (export token)** command like this noting the escaped <b>back-ticks</b> surrounding the <b>safe token</b> call.
+```bash
+echo "alias safetty='export SAFE_TTY_TOKEN=\`safe token\`'" >> ~/.bash_aliases
+```
+
+Note the **escaped back-ticks** surrounding <tt>safe token</tt>. It is easy to mistake them for apostrophes.
 
-    $ echo "alias safetty='export SAFE_TTY_TOKEN=\`safe token\`'" >> ~/.bash_aliases
     $ cat ~/.bash_aliases      # Check the alias has been added to ~/.bash_aliases
     $ source ~/.bash_aliases   # Use source to avoid grabbing a new shell this time
 
-Now before using safe simply call safetty.
-
-    $ safetty                          # safe terminal token
-    $ printenv | grep SAFE_TTY_TOKEN   # check it was created
-    $ safe login joe@abc               # login to a book
-    $ safe view                        # chapters and verses
+## safe book login command
 
-There are other ways to initialize the shell token including
+Now that we have created the <tt>safetty</tt> alias we can login with one line like this.
 
-- via a Docker run ENV parameter
-- inside a Vagrantfile (vagrant up)
+```bash
+safetty; safe login joe@abc
+```
 
-Do not add it to the bash profile script because safe uses the parent process id and bash profile will in effect use safe's grandparent's process id.
+Advanced users should avoid adding the export command to <tt>~/.bash_profile</tt>.
 
 
 ## Remove Token | Environment Variable
@@ -481,6 +481,18 @@ applications and systems.
 
 ### Configure Makeup of Password | Printable Characters
 
+Run the below command and note the large character set from which secrets and passwords are generated.
+The larger the character set the **exponentially** more difficult to brute force crack a password. That said, many websites and services impose restrictions on the characters set, usually in an attempt to prevent sql injection and cross-site-scripting attacks.
+
+<tt>safedb</tt> allows you to specify the character set at the book, chapter, verse, line and also at the command line level.
+
+```
+head /dev/urandom | tr -dc A-Za-z0-9?@=$~%/+^.,][\{\}\<\>\&\(\)_\- | head -c 258 ; echo
+```
+
+For easy configuration, just specify --flaky, --weak, --solid, --strong and --herculean.
+
+
 Some systems reject certain characters. Lloyds Bank for example will only accept alpha-numerics.
 
 In these cases we need to configure the set of characters that sources the actual sequence of password characters.

data/lib/interprete.rb

@@ -48,6 +48,37 @@ class Interprete < Thor
   # the --script flag.
   class_option :script, :type => :boolean
 
+  # Any use case can modify its behaviour if this <tt>--to-dir</tt> class
+  # option is present. For example the file write (eject) use case can place
+  # files in the directory specified by this switch.
+  class_option :to_dir, :aliases => '-t'
+
+
+
+  # Printout the version of this safedb.net command line interface.
+  desc "version", "prints the safedb.net command line interface version"
+
+  # If <tt>safe --version</tt> is issued this line accepts it and converts
+  # it so that the version method is called.
+  map %w[-v --version] => :version
+
+  # Printout the version of this safedb.net command line interface.
+  # The version should be extracted whether the user types in
+  #
+  # - either <tt>safe --version</tt>
+  # - or <tt>safe version</tt>
+  def version
+    log.info(x) { "[usecase] ~> print the version of this safedb.net personal database." }
+
+    puts ""
+    puts "safedb gem version => v#{SafeDb::VERSION}"
+    puts "time and date now  => #{SafeDb::KeyNow.human_readable()}"
+    puts "safedb @github.com => https://github.com/devops4me/safedb.net"
+    puts "safe @rubygems.org => https://rubygems.org/gems/safedb"
+    puts ""
+
+  end
+
 
 
   # Description of the init configuration call.
@@ -55,8 +86,8 @@ class Interprete < Thor
 
   # If confident that command history cannot be exploited to gain the
   # human password or if the agent running safe is itself a script,
-  # the <tt>with</tt> option can be used to convey the password.
-  option :with
+  # the <tt>password</tt> option can be used to convey the password.
+  option :password, :aliases => '-p'
 
   # Initialize the credentials manager, collect the human password and
   # manufacture the strong asymmetric public / private keypair.
@@ -66,9 +97,9 @@ class Interprete < Thor
   def init( domain_name, base_path = nil )
     log.info(x) { "initialize the safe book on this device." }
     init_uc = SafeDb::Init.new
-    init_uc.master_p4ss = options[:with] if options[:with]
+    init_uc.password = options[ :password ] if options[ :password ]
     init_uc.domain_name = domain_name
-    init_uc.base_path = base_path unless base_path.nil?
+    init_uc.base_path = File.expand_path( base_path ) unless base_path.nil?
     init_uc.flow_of_events
   end
 
@@ -79,8 +110,8 @@ class Interprete < Thor
 
   # If confident that command history cannot be exploited to gain the
   # human password or if the agent running safe is itself a script,
-  # the <tt>with</tt> option can be used to convey the password.
-  option :with
+  # the <tt>password</tt> option can be used to convey the password.
+  option :password, :aliases => '-p'
 
   # Login in order to securely interact with your data.
   # @param domain_name [String] the domain the software operates under
@@ -88,7 +119,7 @@ class Interprete < Thor
     log.info(x) { "[usecase] ~> login to the book before interacting with it." }
     login_uc = SafeDb::Login.new
     login_uc.domain_name = domain_name unless domain_name.nil?
-    login_uc.master_p4ss = options[:with] if options[:with]
+    login_uc.password = options[ :password ] if options[ :password ]
     login_uc.flow_of_events
   end
 
@@ -233,6 +264,7 @@ class Interprete < Thor
     log.info(x) { "[usecase] ~> eject file at chapter/verse against specified key." }
     eject_uc = SafeDb::Eject.new
     eject_uc.file_key = file_key
+    eject_uc.to_dir = options[:to_dir] if options[:to_dir]
     eject_uc.flow_of_events
   end
 

data/lib/keytools/key.now.rb

@@ -316,6 +316,15 @@ module SafeDb
     end
 
 
+    # Fetch the human readable time stamp.
+    #
+    # @return [String]
+    #    the human readable timestamp
+    def self.human_readable
+      return "#{Time.now.ctime} #{yyjjj_hhmm_sst}"
+    end
+
+
     # Fetch the double barreled time stamp that is an amalgam of
     # the human readable time now and a machine time representation
     # from the moment this class was initialized.

data/lib/session/require.gem.rb

@@ -85,11 +85,8 @@ module OpenSession
     # @param gem_filepath [String] path to callling gem (use <tt>__FILE</tt>)
     def self.now gem_filepath
 
-
-############      require_relative "../cryptools/keygen"
       require_relative "../usecase/cmd"
 
-
       gem_basepath = File.expand_path "..", gem_filepath
 
       log.info(x) { "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@" }

data/lib/usecase/files/eject.rb

@@ -11,7 +11,7 @@ module SafeDb
   # No keyname will eject every file in the opened chapter and verse.
   class Eject < UseCase
 
-    attr_writer :file_key
+    attr_writer :file_key, :to_dir
 
     # Files are always ejected into the present working directory and any
     # about to be clobbered files are backed up with a timestamp.
@@ -29,23 +29,31 @@ module SafeDb
 
       base64_content = chapter_data[ verse_id ][ "#{FILE_KEY_PREFIX}#{@file_key}" ][ FILE_CONTENT_KEY ]
       simple_filename = chapter_data[ verse_id ][ "#{FILE_KEY_PREFIX}#{@file_key}" ][ FILE_NAME_KEY ]
-      file_full_path = File.join( Dir.pwd, simple_filename )
+
+      # Do a mkdir_p if @to_dir has some valid non-whitespace text
+      # If so check that we have permissions to write to the specified folder
+      destination_dir = Dir.pwd if @to_dir.nil?
+      destination_dir = @to_dir unless @to_dir.nil?
+
+      file_full_path = File.join( destination_dir, simple_filename )
       backup_filename = KeyNow.yyjjj_hhmm_sst() + "-" + simple_filename
-      backup_file_path = File.join( Dir.pwd, backup_filename )
+      backup_file_path = File.join( destination_dir, backup_filename )
       will_clobber = File.file?( file_full_path )
 
-      File.write( backup_file_path, File.read( file_full_path ) ) if will_clobber
-      ::File.write( file_full_path, Base64.urlsafe_decode64( base64_content ) )
-
-      puts ""
-      puts "File successfully ejected from safe into current directory."
       puts ""
       puts "Clobbered File = #{backup_filename}" if will_clobber
-      puts "Current Directory = #{Dir.pwd}"
+      puts "Prescribed Directory = #{@to_dir}" unless @to_dir.nil?
+      puts "Present Directory = #{Dir.pwd}" if @to_dir.nil?
       puts "Ejected Filename = #{simple_filename}"
-      puts "Chapter and Verse = #{master_db[ENV_PATH]}:#{verse_id}"
+      puts "The Full Filepath = #{file_full_path}"
+      puts "Chapter and Verse = #{master_db[ENV_PATH]}::#{verse_id}"
       puts "Ejected File Key = #{@file_key}"
       puts ""
+      puts "File successfully ejected from the safe."
+      puts ""
+
+      File.write( backup_file_path, File.read( file_full_path ) ) if will_clobber
+      ::File.write( file_full_path, Base64.urlsafe_decode64( base64_content ) )
 
     end
 

data/lib/usecase/init.rb

@@ -24,7 +24,7 @@ module SafeDb
   #
   class Init < UseCase
 
-    attr_writer :master_p4ss, :domain_name, :base_path
+    attr_writer :password, :domain_name, :base_path
 
 
     # The init use case prepares the <b>safe</b> so that you can <b>open</b> an envelope,
@@ -42,7 +42,9 @@ module SafeDb
         return
       end
 
-      domain_password = KeyPass.password_from_shell( true )
+      domain_password = KeyPass.password_from_shell( true ) if @password.nil?
+      domain_password = @password unless @password.nil?
+
       KeyApi.setup_domain_keys( @domain_name, domain_password, create_header() )
       print_domain_initialized
 

data/lib/usecase/login.rb

@@ -17,7 +17,7 @@ module SafeDb
   # - you can deliver the password in multiple ways
   class Login < UseCase
 
-    attr_writer :master_p4ss, :domain_name
+    attr_writer :password, :domain_name
 
 
     def execute
@@ -36,7 +36,8 @@ module SafeDb
 ############## Call [[ KeyApi.is_logged_in? ]] - then print msg and skip password collection below
 ############## Call [[ KeyApi.is_logged_in? ]] - then print msg and skip password collection below
 
-      domain_secret = KeyPass.password_from_shell( false )
+      domain_secret = KeyPass.password_from_shell( false ) if @password.nil?
+      domain_secret = @password unless @password.nil?
 
 ############## Use [[ KeyApi.valid_password? ]] and give error if not valid
 ############## Use [[ KeyApi.valid_password? ]] and give error if not valid

data/lib/version.rb

@@ -1,3 +1,3 @@
 module SafeDb
-  VERSION = "0.01.0003"
+  VERSION = "0.02.0001"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: safedb
 version: !ruby/object:Gem::Version
-  version: 0.01.0003
+  version: 0.02.0001
 platform: ruby
 authors:
 - Apollo Akora
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-02-12 00:00:00.000000000 Z
+date: 2019-02-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: inifile