tusktsk 2.0.1

data/lib/tusk/license.rb

@@ -0,0 +1,303 @@
+# frozen_string_literal: true
+
+require 'digest'
+require 'json'
+require 'net/http'
+require 'securerandom'
+require 'time'
+require 'fileutils'
+require 'yaml'
+
+module Tusk
+  # TuskLang SDK License Validation Module
+  # Enterprise-grade license validation for Ruby SDK
+  class License
+    attr_reader :license_key, :api_key, :session_id
+    
+    def initialize(license_key, api_key, cache_dir = nil)
+      @license_key = license_key
+      @api_key = api_key
+      @session_id = SecureRandom.uuid
+      @license_cache = {}
+      @validation_history = []
+      @expiration_warnings = []
+      
+      # Set up offline cache directory
+      @cache_dir = cache_dir || File.join(Dir.home, '.tusk', 'license_cache')
+      FileUtils.mkdir_p(@cache_dir)
+      @cache_file = File.join(@cache_dir, Digest::MD5.hexdigest(license_key) + '.cache')
+      
+      # Load offline cache if exists
+      load_offline_cache
+      
+      # Set up logger
+      @logger = Logger.new(STDERR)
+      @logger.progname = 'TuskLicense'
+    end
+    
+    def validate_license_key
+      return { valid: false, error: 'Invalid license key format' } if @license_key.nil? || @license_key.length < 32
+      return { valid: false, error: 'Invalid license key prefix' } unless @license_key.start_with?('TUSK-')
+      
+      checksum = Digest::SHA256.hexdigest(@license_key)
+      return { valid: false, error: 'Invalid license key checksum' } unless checksum.start_with?('tusk')
+      
+      { valid: true, checksum: checksum }
+    rescue StandardError => e
+      { valid: false, error: e.message }
+    end
+    
+    def verify_license_server(server_url = 'https://api.tusklang.org/v1/license')
+      uri = URI(server_url)
+      
+      data = {
+        license_key: @license_key,
+        session_id: @session_id,
+        timestamp: Time.now.to_i
+      }
+      
+      # Generate signature
+      signature = OpenSSL::HMAC.hexdigest('SHA256', @api_key, data.sort.to_h.to_json)
+      data[:signature] = signature
+      
+      http = Net::HTTP.new(uri.host, uri.port)
+      http.use_ssl = true if uri.scheme == 'https'
+      http.open_timeout = 10
+      http.read_timeout = 10
+      
+      request = Net::HTTP::Post.new(uri.path)
+      request['Authorization'] = "Bearer #{@api_key}"
+      request['Content-Type'] = 'application/json'
+      request['User-Agent'] = 'TuskLang-Ruby-SDK/1.0.0'
+      request.body = data.to_json
+      
+      response = http.request(request)
+      
+      if response.code == '200'
+        result = JSON.parse(response.body)
+        
+        # Update in-memory cache
+        @license_cache[@license_key] = {
+          'data' => result,
+          'timestamp' => Time.now.to_i,
+          'expires' => Time.now.to_i + 3600 # Cache for 1 hour
+        }
+        
+        # Update offline cache
+        save_offline_cache(result)
+        
+        result
+      else
+        @logger.warn("Server returned error: #{response.code}")
+        fallback_to_offline_cache("Server error: #{response.code}")
+      end
+      
+    rescue Net::OpenTimeout, Net::ReadTimeout => e
+      @logger.warn("Network timeout during license validation: #{e.message}")
+      fallback_to_offline_cache("Network timeout: #{e.message}")
+    rescue StandardError => e
+      @logger.error("Unexpected error during license validation: #{e.message}")
+      fallback_to_offline_cache(e.message)
+    end
+    
+    def check_license_expiration
+      parts = @license_key.split('-')
+      return { expired: true, error: 'Invalid license key format' } if parts.length < 4
+      
+      expiration_str = parts.last
+      expiration_timestamp = expiration_str.to_i(16)
+      expiration_date = Time.at(expiration_timestamp)
+      current_date = Time.now
+      
+      if expiration_date < current_date
+        days_overdue = ((current_date - expiration_date) / 86400).to_i
+        return {
+          expired: true,
+          expiration_date: expiration_date.iso8601,
+          days_overdue: days_overdue
+        }
+      end
+      
+      days_remaining = ((expiration_date - current_date) / 86400).to_i
+      
+      if days_remaining <= 30
+        @expiration_warnings << {
+          timestamp: Time.now.to_i,
+          days_remaining: days_remaining
+        }
+      end
+      
+      {
+        expired: false,
+        expiration_date: expiration_date.iso8601,
+        days_remaining: days_remaining,
+        warning: days_remaining <= 30
+      }
+      
+    rescue StandardError => e
+      { expired: true, error: e.message }
+    end
+    
+    def validate_license_permissions(feature)
+      # Check cached license data
+      if @license_cache.key?(@license_key)
+        cache_data = @license_cache[@license_key]
+        if Time.now.to_i < cache_data['expires']
+          license_data = cache_data['data']
+          if license_data['features']&.is_a?(Array)
+            if license_data['features'].include?(feature)
+              return { allowed: true, feature: feature }
+            else
+              return { allowed: false, feature: feature, error: 'Feature not licensed' }
+            end
+          end
+        end
+      end
+      
+      # Fallback to basic validation
+      case feature
+      when 'basic', 'core', 'standard'
+        { allowed: true, feature: feature }
+      when 'premium', 'enterprise'
+        if @license_key.upcase.include?('PREMIUM') || @license_key.upcase.include?('ENTERPRISE')
+          { allowed: true, feature: feature }
+        else
+          { allowed: false, feature: feature, error: 'Premium license required' }
+        end
+      else
+        { allowed: false, feature: feature, error: 'Unknown feature' }
+      end
+      
+    rescue StandardError => e
+      { allowed: false, feature: feature, error: e.message }
+    end
+    
+    def license_info
+      validation_result = validate_license_key
+      expiration_result = check_license_expiration
+      
+      info = {
+        license_key: "#{@license_key[0..7]}...#{@license_key[-4..-1]}",
+        session_id: @session_id,
+        validation: validation_result,
+        expiration: expiration_result,
+        cache_status: @license_cache.key?(@license_key) ? 'cached' : 'not_cached',
+        validation_count: @validation_history.length,
+        warnings: @expiration_warnings.length
+      }
+      
+      if @license_cache.key?(@license_key)
+        cache_data = @license_cache[@license_key]
+        info[:cached_data] = cache_data['data']
+        info[:cache_age] = Time.now.to_i - cache_data['timestamp']
+      end
+      
+      info
+      
+    rescue StandardError => e
+      { error: e.message }
+    end
+    
+    def refresh_license_cache
+      @license_cache.delete(@license_key)
+      verify_license_server
+    end
+    
+    def log_validation_attempt(success, details = '')
+      @validation_history << {
+        timestamp: Time.now.to_i,
+        success: success,
+        details: details,
+        session_id: @session_id
+      }
+    end
+    
+    def validation_history
+      @validation_history
+    end
+    
+    def clear_validation_history
+      @validation_history.clear
+    end
+    
+    private
+    
+    def load_offline_cache
+      return unless File.exist?(@cache_file)
+      
+      cached_data = YAML.load_file(@cache_file)
+      
+      # Verify the cache is for the correct license key
+      key_hash = Digest::SHA256.hexdigest(@license_key)
+      if cached_data['license_key_hash'] == key_hash
+        @offline_cache = cached_data
+        @logger.info('Loaded offline license cache')
+      else
+        @offline_cache = nil
+        @logger.warn('Offline cache key mismatch')
+      end
+    rescue StandardError => e
+      @logger.error("Failed to load offline cache: #{e.message}")
+      @offline_cache = nil
+    end
+    
+    def save_offline_cache(license_data)
+      cache_data = {
+        'license_key_hash' => Digest::SHA256.hexdigest(@license_key),
+        'license_data' => license_data,
+        'timestamp' => Time.now.to_i,
+        'expiration' => check_license_expiration
+      }
+      
+      File.write(@cache_file, cache_data.to_yaml)
+      @offline_cache = cache_data
+      @logger.info('Saved license data to offline cache')
+    rescue StandardError => e
+      @logger.error("Failed to save offline cache: #{e.message}")
+    end
+    
+    def fallback_to_offline_cache(error_msg)
+      if @offline_cache && @offline_cache['license_data']
+        cache_age = Time.now.to_i - @offline_cache['timestamp']
+        cache_age_days = cache_age.to_f / 86400
+        
+        # Check if cached license is not expired
+        expiration = @offline_cache['expiration'] || {}
+        unless expiration['expired']
+          @logger.warn("Using offline license cache (age: #{'%.1f' % cache_age_days} days)")
+          return @offline_cache['license_data'].merge(
+            'offline_mode' => true,
+            'cache_age_days' => cache_age_days,
+            'warning' => "Operating in offline mode due to: #{error_msg}"
+          )
+        else
+          return {
+            'valid' => false,
+            'error' => "License expired and server unreachable: #{error_msg}",
+            'offline_cache_expired' => true
+          }
+        end
+      else
+        {
+          'valid' => false,
+          'error' => "No offline cache available: #{error_msg}",
+          'offline_cache_missing' => true
+        }
+      end
+    end
+  end
+  
+  # Global license instance
+  @license_instance = nil
+  
+  class << self
+    def initialize_license(license_key, api_key, cache_dir = nil)
+      @license_instance = License.new(license_key, api_key, cache_dir)
+    end
+    
+    def license
+      raise 'License not initialized. Call Tusk.initialize_license() first.' unless @license_instance
+      @license_instance
+    end
+  end
+end

data/lib/tusk/protection.rb

@@ -0,0 +1,180 @@
+# frozen_string_literal: true
+
+require 'openssl'
+require 'base64'
+require 'json'
+require 'securerandom'
+
+module Tusk
+  # TuskLang SDK Protection Core Module
+  # Enterprise-grade protection for Ruby SDK
+  class Protection
+    attr_reader :license_key, :api_key, :session_id, :integrity_checks, :usage_metrics
+
+    def initialize(license_key, api_key)
+      @license_key = license_key
+      @api_key = api_key
+      @session_id = SecureRandom.uuid
+      @encryption_key = derive_key(license_key)
+      @integrity_checks = {}
+      @usage_metrics = UsageMetrics.new
+    end
+
+    def validate_license
+      return false if license_key.nil? || license_key.length < 32
+
+      checksum = OpenSSL::Digest::SHA256.hexdigest(license_key)
+      checksum.start_with?('tusk')
+    rescue StandardError
+      false
+    end
+
+    def encrypt_data(data)
+      cipher = OpenSSL::Cipher.new('aes-256-gcm')
+      cipher.encrypt
+      cipher.key = @encryption_key
+      iv = cipher.random_iv
+
+      encrypted = cipher.update(data) + cipher.final
+      auth_tag = cipher.auth_tag
+
+      result = iv + auth_tag + encrypted
+      Base64.strict_encode64(result)
+    rescue StandardError
+      data
+    end
+
+    def decrypt_data(encrypted_data)
+      decoded = Base64.strict_decode64(encrypted_data)
+      return encrypted_data if decoded.length < 28
+
+      iv = decoded[0, 12]
+      auth_tag = decoded[12, 16]
+      encrypted = decoded[28..-1]
+
+      cipher = OpenSSL::Cipher.new('aes-256-gcm')
+      cipher.decrypt
+      cipher.key = @encryption_key
+      cipher.iv = iv
+      cipher.auth_tag = auth_tag
+      cipher.auth_data = ''
+
+      cipher.update(encrypted) + cipher.final
+    rescue StandardError
+      encrypted_data
+    end
+
+    def verify_integrity(data, signature)
+      expected_signature = generate_signature(data)
+      signature == expected_signature
+    rescue StandardError
+      false
+    end
+
+    def generate_signature(data)
+      OpenSSL::HMAC.hexdigest('SHA256', @api_key, data)
+    end
+
+    def track_usage(operation, success = true)
+      @usage_metrics.increment_api_calls
+      @usage_metrics.increment_errors unless success
+    end
+
+    def get_metrics
+      {
+        start_time: @usage_metrics.start_time,
+        api_calls: @usage_metrics.api_calls,
+        errors: @usage_metrics.errors,
+        session_id: @session_id,
+        uptime: Time.now.to_i - @usage_metrics.start_time
+      }
+    end
+
+    def obfuscate_code(code)
+      Base64.strict_encode64(code)
+    end
+
+    def detect_tampering
+      # In production, implement file integrity checks
+      # For now, return true as placeholder
+      true
+    rescue StandardError
+      false
+    end
+
+    def report_violation(violation_type, details)
+      violation = Violation.new(
+        Time.now.to_i,
+        @session_id,
+        violation_type,
+        details,
+        @license_key[0, 8] + '...'
+      )
+
+      puts "SECURITY VIOLATION: #{violation}"
+      violation
+    end
+
+    private
+
+    def derive_key(password)
+      salt = 'tusklang_protection_salt'
+      OpenSSL::PKCS5.pbkdf2_hmac_sha1(password, salt, 100_000, 32)
+    end
+
+    # Inner classes
+    class UsageMetrics
+      attr_reader :start_time, :api_calls, :errors
+
+      def initialize
+        @start_time = Time.now.to_i
+        @api_calls = 0
+        @errors = 0
+        @mutex = Mutex.new
+      end
+
+      def increment_api_calls
+        @mutex.synchronize { @api_calls += 1 }
+      end
+
+      def increment_errors
+        @mutex.synchronize { @errors += 1 }
+      end
+    end
+
+    class Violation
+      attr_reader :timestamp, :session_id, :violation_type, :details, :license_key_partial
+
+      def initialize(timestamp, session_id, violation_type, details, license_key_partial)
+        @timestamp = timestamp
+        @session_id = session_id
+        @violation_type = violation_type
+        @details = details
+        @license_key_partial = license_key_partial
+      end
+
+      def to_s
+        "Violation{timestamp=#{@timestamp}, session_id='#{@session_id}', type='#{@violation_type}', details='#{@details}', license_key_partial='#{@license_key_partial}'}"
+      end
+    end
+
+    # Global protection instance
+    @protection_instance = nil
+    @instance_mutex = Mutex.new
+
+    class << self
+      def initialize_protection(license_key, api_key)
+        @instance_mutex.synchronize do
+          @protection_instance = new(license_key, api_key)
+        end
+      end
+
+      def get_protection
+        if @protection_instance.nil?
+          raise RuntimeError, 'Protection not initialized. Call initialize_protection() first.'
+        end
+        @protection_instance
+      end
+    end
+  end
+end 

data/lib/tusk_lang/shell_storage.rb

@@ -0,0 +1,104 @@
+# frozen_string_literal: true
+
+# Shell Storage for Ruby
+# Handles binary data compression and storage
+
+module TuskLang
+  # Shell format storage for binary data
+  class ShellStorage
+    # Magic bytes for Shell format identification
+    MAGIC = 'FLEX'.bytes
+    VERSION = 1
+
+    # Pack data into Shell binary format
+    def self.pack(data)
+      # Compress data if it's not already compressed
+      compressed_data = if data[:data].is_a?(String)
+                          Zlib::Deflate.deflate(data[:data])
+                        elsif data[:data].is_a?(Array)
+                          Zlib::Deflate.deflate(data[:data].pack('C*'))
+                        else
+                          Zlib::Deflate.deflate(data[:data].to_s)
+                        end
+
+      id_bytes = data[:id].bytes
+
+      # Build binary format
+      # Magic (4) + Version (1) + ID Length (4) + ID + Data Length (4) + Data
+      result = []
+      result.concat(MAGIC)
+      result << VERSION
+      result.concat([id_bytes.length].pack('>N').bytes)
+      result.concat(id_bytes)
+      result.concat([compressed_data.length].pack('>N').bytes)
+      result.concat(compressed_data.bytes)
+
+      result.pack('C*')
+    end
+
+    # Unpack Shell binary format
+    def self.unpack(shell_data)
+      offset = 0
+
+      # Check magic bytes
+      magic = shell_data.bytes[offset, 4]
+      raise ArgumentError, 'Invalid shell format' unless magic == MAGIC
+      offset += 4
+
+      # Read version
+      version = shell_data.bytes[offset]
+      raise ArgumentError, "Unsupported shell version: #{version}" unless version == VERSION
+      offset += 1
+
+      # Read ID
+      id_length = shell_data.bytes[offset, 4].pack('C*').unpack('>N')[0]
+      offset += 4
+      storage_id = shell_data.bytes[offset, id_length].pack('C*').force_encoding('UTF-8')
+      offset += id_length
+
+      # Read data
+      data_length = shell_data.bytes[offset, 4].pack('C*').unpack('>N')[0]
+      offset += 4
+      compressed_data = shell_data.bytes[offset, data_length].pack('C*')
+
+      # Decompress
+      data = Zlib::Inflate.inflate(compressed_data).force_encoding('UTF-8')
+
+      {
+        version: version,
+        id: storage_id,
+        data: data
+      }
+    end
+
+    # Detect the type of data stored in Shell format
+    def self.detect_type(shell_data)
+      data = unpack(shell_data)
+      content = data[:data].to_s
+
+      # Try to detect JSON
+      return 'json' if content.start_with?('{') || content.start_with?('[')
+
+      # Try to detect TSK format
+      return 'tsk' if content.include?('[') && content.include?(']') && content.include?('=')
+
+      # Try to detect XML
+      return 'xml' if content.start_with?('<') && content.include?('>')
+
+      # Default to text
+      'text'
+    rescue
+      'unknown'
+    end
+
+    # Create Shell data with metadata
+    def self.create_shell_data(data, id, metadata = nil)
+      {
+        version: VERSION,
+        id: id,
+        data: data,
+        metadata: metadata || {}
+      }
+    end
+  end
+end