sym 0.1.0 → 2.0.0

data/lib/sym/app/output/file.rb

@@ -0,0 +1,18 @@
+require 'sym/app/output/base'
+module Sym
+  module App
+    module Output
+      class File < ::Sym::App::Output::Base
+
+        required_option :output
+
+
+        def output_proc
+          ->(data) {
+            ::File.open(opts[:output], 'w') { |f| f.write(data) }
+          }
+        end
+      end
+    end
+  end
+end

data/lib/sym/app/output/noop.rb

@@ -0,0 +1,14 @@
+require_relative 'base'
+module Sym
+  module App
+    module Output
+      class Noop < Sym::App::Output::Base
+        required_option :quiet
+
+        def output_proc
+          ->(*) { ; }
+        end
+      end
+    end
+  end
+end

data/lib/sym/app/output/stdout.rb

@@ -0,0 +1,13 @@
+require 'sym/app/output/file'
+module Sym
+  module App
+    module Output
+      class Stdout < ::Sym::App::Output::Base
+        required_option nil
+        def output_proc
+          ->(argument) { puts argument }
+        end
+      end
+    end
+  end
+end

data/lib/sym/app/password/cache.rb

@@ -0,0 +1,63 @@
+require 'coin'
+require 'digest'
+require 'singleton'
+require 'colored2'
+
+module Sym
+  module App
+    module Password
+      class Cache
+        URI             = 'druby://127.0.0.1:24924'
+        DEFAULT_TIMEOUT = 300
+
+        include Singleton
+
+        attr_accessor :provider, :enabled, :timeout
+
+        def configure(provider: Coin, enabled: true, timeout: DEFAULT_TIMEOUT)
+          Coin.uri = URI if provider == Coin
+
+          self.provider = provider
+          self.enabled  = enabled
+          self.timeout  = timeout
+
+          self
+        end
+
+        TRIES = 2
+
+        def operation
+          retries ||= TRIES
+          yield if self.enabled
+        rescue StandardError => e
+          if retries == TRIES && Coin.remote_uri.nil?
+            Coin.remote_uri = URI if provider == Coin
+            retries         -= 1
+            retry
+          end
+          puts 'WARNING: error reading from DRB server: ' + e.message.red
+          nil
+        end
+
+
+        def [] (key)
+          cache = self
+          operation do
+            cache.provider.read(cache.md5(key))
+          end
+        end
+
+        def []=(key, value)
+          cache = self
+          operation do
+            cache.provider.write(cache.md5(key), value, cache.timeout)
+          end
+        end
+
+        def md5(string)
+          Digest::MD5.base64digest(string)
+        end
+      end
+    end
+  end
+end

data/lib/sym/app/private_key/base64_decoder.rb

@@ -0,0 +1,17 @@
+module Sym
+  module App
+    module PrivateKey
+      class Base64Decoder < Struct.new(:encoded_key)
+
+        def key
+          return nil if encoded_key.nil?
+          begin
+            Base64.urlsafe_decode64(encoded_key)
+          rescue ArgumentError
+            encoded_key
+          end
+        end
+      end
+    end
+  end
+end

data/lib/sym/app/private_key/decryptor.rb

@@ -0,0 +1,71 @@
+require 'sym/app/private_key/decryptor'
+require 'sym/app/password/cache'
+module Sym
+  module App
+    module PrivateKey
+      class Decryptor
+        include Sym
+
+        attr_accessor :encrypted_key, :input_handler, :password_cache
+
+        def initialize(encrypted_key, input_handler, password_cache)
+          self.encrypted_key  = encrypted_key
+          self.input_handler  = input_handler
+          self.password_cache = password_cache
+          @cache_checked      = false
+        end
+
+        def key
+          return nil if encrypted_key.nil?
+          decrypted_key = nil
+          if should_decrypt?
+            begin
+              retries                                   ||= 0
+              p                                         = determine_key_password
+              decrypted_key                             = decrypt(p)
+
+              # if the password is valid, let's add it to the cache.
+              password_cache[encrypted_key] = p
+
+            rescue ::OpenSSL::Cipher::CipherError => e
+              input_handler.puts 'Invalid password. Please try again.'
+
+              if ((retries += 1) < 3)
+                retry
+              else
+                raise(Sym::Errors::InvalidPasswordPrivateKey.new('Invalid password.'))
+              end
+            end
+          else
+            decrypted_key = encrypted_key
+          end
+          decrypted_key
+        end
+
+        private
+
+        def should_decrypt?
+          encrypted_key && (encrypted_key.length > 32)
+        end
+
+        def decrypt(password)
+          decr_password(encrypted_key, password)
+        end
+
+        def determine_key_password
+          check_cache || ask_user
+        end
+
+        def ask_user
+          input_handler.ask
+        end
+
+        def check_cache
+          return nil if @cache_checked
+          @cache_checked = true
+          password_cache[encrypted_key]
+        end
+      end
+    end
+  end
+end

data/lib/sym/app/private_key/detector.rb

@@ -0,0 +1,42 @@
+module Sym
+  module App
+    module PrivateKey
+      class Detector < Struct.new(:opts, :input_handler) # :nodoc:s
+        @mapping = Hash.new
+        class << self
+          attr_reader :mapping
+
+          def register(argument, proc)
+            self.mapping[argument] = proc
+          end
+        end
+
+        def key
+          self.class.mapping.each_pair do |options_key, key_proc|
+            return key_proc.call(opts[options_key], self) if opts[options_key]
+          end
+          nil
+        end
+      end
+
+      Detector.register :private_key,
+                        ->(key, *) { key }
+
+      Detector.register :interactive,
+                        ->(*, detector) { detector.input_handler.prompt('Please paste your private key: ', :magenta) }
+
+      Detector.register :keychain,
+                        ->(key_name, * ) { KeyChain.new(key_name).find rescue nil }
+
+      Detector.register :keyfile,
+                        ->(file, *) {
+        begin
+          ::File.read(file)
+        rescue Errno::ENOENT
+          raise Sym::Errors::FileNotFound.new("Encryption key file #{file} was not found.")
+          nil
+        end
+      }
+    end
+  end
+end

data/lib/sym/app/private_key/handler.rb

@@ -0,0 +1,44 @@
+require_relative 'detector'
+require_relative 'base64_decoder'
+require_relative 'decryptor'
+require_relative '../input/handler'
+module Sym
+  module App
+    module PrivateKey
+      # This class figures out what is the private key that is
+      # provided to be used.
+      class Handler
+        include Sym
+
+        attr_accessor :opts, :input_handler, :password_cache
+        attr_writer :key
+
+        def initialize(opts, input_handler, password_cache)
+          self.opts           = opts
+          self.input_handler  = input_handler
+          self.password_cache = password_cache
+        end
+
+
+        # @return [String] key Private key detected
+        def key
+          return @key if @key
+
+          @key = begin
+            Detector.new(opts, input_handler).key
+          rescue Sym::Errors::Error => e
+            if Sym::App::Args.new(opts).specify_key? && key.nil?
+              raise e
+            end
+          end
+
+          if @key && @key.length > 45
+            @key = Decryptor.new(Base64Decoder.new(key).key, input_handler, password_cache).key
+          end
+
+          @key
+        end
+      end
+    end
+  end
+end

data/lib/sym/app/short_name.rb

@@ -0,0 +1,10 @@
+require 'active_support/inflector'
+module Sym
+  module App
+    module ShortName
+      def short_name
+        self.name.split(/::/)[-1].underscore.to_sym
+      end
+    end
+  end
+end

data/lib/sym/application.rb

@@ -0,0 +1,114 @@
+require 'colored2'
+require 'sym'
+require_dir 'sym/app'
+
+module Sym
+  class Application
+
+    attr_accessor :opts,
+                  :opts_hash,
+                  :args,
+                  :action,
+                  :key,
+                  :input_handler,
+                  :key_handler,
+                  :result,
+                  :password_cache
+
+    def initialize(opts)
+      self.opts      = opts
+      self.opts_hash = opts.respond_to?(:to_hash) ? opts.to_hash : opts
+      self.args      = ::Sym::App::Args.new(opts_hash)
+
+      initialize_password_cache
+      initialize_input_handler
+      initialize_key_handler
+      initialize_action
+    end
+
+    def initialize_action
+      self.action = if opts[:encrypt] then
+                      :encr
+                    elsif opts[:decrypt]
+                      :decr
+                    end
+    end
+
+    def execute!
+      if !args.generate_key? &&
+        (args.require_key? || args.specify_key?)
+        self.key = Sym::App::PrivateKey::Handler.new(opts, input_handler, password_cache).key
+        raise Sym::Errors::NoPrivateKeyFound.new('Private key is required') unless self.key
+      end
+
+      unless command
+        raise Sym::Errors::InsufficientOptionsError.new(
+          'Can not determine what to do from the options ' + opts_hash.keys.reject { |k| !opts[k] }.to_s)
+      end
+      self.result = command.execute
+    end
+
+    def execute
+      execute!
+
+    rescue ::OpenSSL::Cipher::CipherError => e
+      error type:      'Cipher Error',
+            details:   e.message,
+            reason:    'Perhaps either the secret is invalid, or encrypted data is corrupt.',
+            exception: e
+
+    rescue Sym::Errors::Error => e
+      error type:    e.class.name.split(/::/)[-1],
+            details: e.message
+
+    rescue StandardError => e
+      error exception: e
+    end
+
+    def command
+      @command_class ||= Sym::App::Commands.find_command_class(opts)
+      @command       ||= @command_class.new(self) if @command_class
+      @command
+    end
+
+    def editor
+      editors_to_try.find { |editor| File.exist?(editor) }
+    end
+
+    def editors_to_try
+      [
+        ENV['EDITOR'],
+        '/usr/bin/vim',
+        '/usr/local/bin/vim',
+        '/bin/vim',
+        '/sbin/vim',
+        '/usr/sbin/vim',
+        '/usr/bin/vi',
+        '/usr/local/bin/vi',
+        '/bin/vi',
+        '/sbin/vi'
+      ]
+    end
+
+    def error(hash)
+      hash
+    end
+
+    def initialize_input_handler(handler = ::Sym::App::Input::Handler.new)
+      self.input_handler = handler
+    end
+
+    def initialize_key_handler
+      self.key_handler = ::Sym::App::PrivateKey::Handler.new(self.opts, input_handler, password_cache)
+    end
+
+    def initialize_password_cache
+      args            = {}
+      args[:provider] = Coin
+      args[:timeout]  = opts[:password_timeout].to_i if opts[:password_timeout]
+      args[:enabled]  = false if opts[:no_password_cache]
+
+      self.password_cache = Sym::App::Password::Cache.instance.configure(args)
+    end
+  end
+end

data/lib/sym/cipher_handler.rb

@@ -0,0 +1,46 @@
+require 'base64'
+require_relative 'configuration'
+
+module Sym
+
+  # {Sym::CipherHandler} contains cipher-related utilities necessary to create
+  # ciphers, and seed them with the salt or iV vector. It also defines the
+  # internal structure {Sym::CipherHandler::CipherStruct} which is a key
+  # struct used in constructing cipher and saving it with the data packet.
+  module CipherHandler
+
+    CREATE_CIPHER = ->(name) { ::OpenSSL::Cipher.new(name) }
+
+    CipherStruct = Struct.new(:cipher, :iv, :salt)
+
+    def create_cipher(direction:,
+                      cipher_name:,
+                      iv: nil,
+                      salt: nil)
+
+      cipher = new_cipher(cipher_name)
+      cipher.send(direction)
+      iv        ||= cipher.random_iv
+      cipher.iv = iv
+      CipherStruct.new(cipher, iv, salt)
+    end
+
+    def new_cipher(cipher_name)
+      CREATE_CIPHER.call(cipher_name)
+    end
+
+    def update_cipher(cipher, value)
+      data = cipher.update(value)
+      data << cipher.final
+      data
+    end
+
+    module ClassMethods
+      def create_private_key
+        key = CREATE_CIPHER.call(Sym::Configuration.property(:private_key_cipher)).random_key
+        ::Base64.urlsafe_encode64(key)
+      end
+    end
+  end
+end
+