vault-tree 0.1.0 → 0.3.3

data/lib/vault-tree.rb

@@ -1,7 +1,24 @@
-# require_relative - Ruby > 1.9 method
-# require_rel - 'gem require_all' helper method to require all relative
+# *.rb
+require_relative 'vault-tree/path_helpers'
+require_relative 'vault-tree/version'
 
-require_relative 'vault-tree/config/dependencies'
-require_relative 'vault-tree/config/path_helpers'
-require_relative 'vault-tree/config/string'
-require_relative 'vault-tree/config/lib'
+# util/*.rb
+require_relative 'vault-tree/util/json'
+require_relative 'vault-tree/util/string'
+
+# lock_smith.rb
+require_relative 'vault-tree/lock_smith'
+
+# exceptions/*.rb
+require_relative 'vault-tree/exceptions/vault_tree_exception'
+VaultTree::PathHelpers.exceptions_files.each {|file| require_relative  file }
+
+# contract/*.rb
+VaultTree::PathHelpers.contract_files.each {|file| require_relative  file }
+
+# keywords/*.rb
+require_relative 'vault-tree/keywords/keyword'
+VaultTree::PathHelpers.keywords_files.each {|file| require_relative  file }
+
+# lock_smith/*.rb
+VaultTree::PathHelpers.lock_smith_files.each {|file| require_relative  file }

data/lib/vault-tree/contract/close_validator.rb

@@ -8,7 +8,6 @@ module VaultTree
 
     def validate!
       confirm_valid_fill_keyword
-      validate_external_data
       true
     end
 
@@ -18,12 +17,6 @@ module VaultTree
       raise Exceptions::FillAttemptMasterPassword if vault.fill_with == 'MASTER_PASSPHRASE'
     end
 
-    def validate_external_data
-      if external_data_required? && external_data_missing?
-        raise Exceptions::MissingExternalData
-      end
-    end
-
     def external_data_required?
       vault.fill_with == 'EXTERNAL_DATA'
     end

data/lib/vault-tree/contract/contract.rb

@@ -8,7 +8,8 @@ module VaultTree
       @external_data = params[:external_data]
     end
 
-    def close_vault(id)
+    def close_vault(id, params = {data: nil})
+      update_external_data(id: id , data: params[:data])
       validate_vault(id)
       update_vaults vault(id).close
       self
@@ -48,6 +49,10 @@ module VaultTree
       @master_passphrase
     end
 
+    def external_data_hash
+      @external_data
+    end
+
     def external_data(id)
       @external_data[id]
     end
@@ -55,7 +60,7 @@ module VaultTree
     private
 
     def passphrase_present?
-      !! @master_passphrase 
+      !! @master_passphrase
     end
 
     def valid_id?(id)
@@ -81,5 +86,11 @@ module VaultTree
     def validate_passphrase
       raise Exceptions::MissingPassphrase unless passphrase_present?
     end
+
+    def update_external_data(params)
+      vault_id = params[:id]
+      data = params[:data]
+      @external_data = @external_data.merge({"#{vault_id}" => "#{data}"}) unless data.nil?
+    end
   end
 end

data/lib/vault-tree/contract/doorman.rb

@@ -20,27 +20,37 @@ module VaultTree
       private
 
       def ciphertext_contents
-        shared_locking_key? ? asymmetric_ciphertext : symmetric_ciphertext
+        dh_locking_key? ? asymmetric_ciphertext : symmetric_ciphertext
       end
 
       def plaintext_contents
-        shared_unlocking_key? ? asymmetric_plaintext : symmetric_plaintext
+        dh_unlocking_key? ? asymmetric_plaintext : symmetric_plaintext
       end
 
       def asymmetric_ciphertext
-        asymmetric_cipher.encrypt(public_key: locking_public_key, secret_key: locking_secret_key, plain_text: filler)
+        LockSmith.new(public_key: locking_public_key, private_key: locking_secret_key, message: filler).asymmetric_encrypt
       end
 
       def asymmetric_plaintext
-        asymmetric_cipher.decrypt(public_key: unlocking_public_key, secret_key: unlocking_secret_key, cipher_text: contents)
+        begin
+          LockSmith.new(public_key: unlocking_public_key, private_key: unlocking_secret_key, cipher_text: contents).asymmetric_decrypt
+        rescue(RbNaCl::CryptoError)
+          raise(Exceptions::FailedUnlockAttempt)
+        end
       end
 
       def symmetric_ciphertext
-        symmetric_cipher.encrypt(key: locking_key, plain_text: filler)
+        key_hash = LockSmith.new(message: locking_key).secure_hash
+        LockSmith.new(message: filler, secret_key: key_hash).symmetric_encrypt
       end
 
       def symmetric_plaintext
-        symmetric_cipher.decrypt(key: unlocking_key, cipher_text: contents)
+        begin
+          key_hash = LockSmith.new(message: unlocking_key).secure_hash
+          LockSmith.new(cipher_text: contents, secret_key: key_hash).symmetric_decrypt
+        rescue(RbNaCl::CryptoError)
+          raise(Exceptions::FailedUnlockAttempt)
+        end
       end
 
       def locking_key
@@ -68,11 +78,11 @@ module VaultTree
       end
 
       def locking_key_pair 
-        vault.locking_key if shared_locking_key?
+        vault.locking_key if dh_locking_key?
       end
 
       def unlocking_key_pair 
-        vault.unlocking_key if shared_unlocking_key?
+        vault.unlocking_key if dh_unlocking_key?
       end
 
       def empty?
@@ -91,22 +101,13 @@ module VaultTree
         vault.contents
       end
 
-      def shared_locking_key?
-        vault.lock_with =~ /SHARED_KEY/
+      def dh_locking_key?
+        vault.lock_with =~ /DH_KEY/
       end
 
-      def shared_unlocking_key?
-        vault.unlock_with =~ /SHARED_KEY/
+      def dh_unlocking_key?
+        vault.unlock_with =~ /DH_KEY/
       end
-
-      def asymmetric_cipher
-        LockSmith::AsymmetricCipher.new
-      end
-
-      def symmetric_cipher
-        LockSmith::SymmetricCipher.new
-      end
-
     end
   end
 end

data/lib/vault-tree/contract/vault.rb

@@ -78,11 +78,27 @@ module VaultTree
     end
 
     def has_lock_ancestor?
-      lock_with.include? 'CONTENTS'
+      lock_with_key_or_contents?
     end
 
     def has_fill_ancestor?
-      fill_with.include? 'CONTENTS'
+      fill_with_key_or_contents?
+    end
+
+    def lock_with_key_or_contents?
+      (locking_word_base == 'CONTENTS') || (locking_word_base == 'KEY')
+    end
+
+    def locking_word_base
+      KeywordInterpreter.new(lock_with,self).word_base
+    end
+
+    def fill_with_key_or_contents?
+      (filling_word_base == 'CONTENTS') || (filling_word_base == 'KEY')
+    end
+
+    def filling_word_base
+      KeywordInterpreter.new(fill_with,self).word_base
     end
 
     def lock_ancestor_id

data/lib/vault-tree/exceptions/failed_unlock_attempt.rb

@@ -0,0 +1,6 @@
+module VaultTree
+  module Exceptions
+    class FailedUnlockAttempt < VaultTreeException
+    end
+  end
+end

data/lib/vault-tree/exceptions/vault_tree_exception.rb

@@ -1,6 +1,24 @@
+require 'erb'
 module VaultTree
   module Exceptions
     class VaultTreeException < StandardError
+
+      def self.exception
+        self.present_exception
+        self.new
+      end
+
+      def self.present_exception
+        STDOUT.write template.result(binding)
+      end
+
+      def self.template
+        ERB.new File.new(template_path).read, nil, "%"
+      end
+
+      def self.template_path
+        "lib/vault-tree/exceptions/exception_template.erb"
+      end
     end
   end
 end

data/lib/vault-tree/keywords/assembled_shamir_key.rb

@@ -0,0 +1,44 @@
+module VaultTree
+  class AssembledShamirKey < Keyword
+
+    attr_reader :arg_array
+
+    def post_initialize(arg_array)
+      @arg_array = arg_array
+    end
+
+    # Assemble a Shamir key from existing shares. Get the shares from their respective
+    # vaults. Assemble and Return the key.
+    #
+    # @return [String] Secure Hash digest of the generated key
+    def evaluate
+      retrieve_key_shares
+      assembled_key
+    end
+
+    private
+
+    def assembled_key
+      key_object.assemble
+    end
+
+    def collected_shares
+      @collected_shares
+    end
+
+    def vault_ids
+      arg_array
+    end
+
+    def retrieve_key_shares
+      @collected_shares = []
+      vault_ids.each{|id| @collected_shares << contract.retrieve_contents(id) }
+      return @collected_shares
+    end
+
+    def key_object
+      @key_object ||= Crypto::AssembledShamirKey.new(key_shares: collected_shares)
+    end
+
+  end
+end

data/lib/vault-tree/keywords/decryption_key.rb

@@ -2,13 +2,8 @@ module VaultTree
   class DecryptionKey < Keyword
 
     def evaluate
-      key_pair.generate_private_key
+      LockSmith.new().generate_private_key
     end
 
-    private
-
-    def key_pair
-      LockSmith::EncryptionKeyPair.new
-    end
   end
 end

data/lib/vault-tree/keywords/{shared_key.rb → dh_key.rb}

@@ -1,5 +1,5 @@
 module VaultTree
-  class SharedKey < Keyword
+  class DhKey < Keyword
     attr_reader :public_key_vault_id, :secret_key_vault_id
 
     def post_initialize(arg_array)
@@ -8,7 +8,7 @@ module VaultTree
     end
 
     def evaluate
-      LockSmith::SharedKeyPair.new(public_key: public_key_vault_contents, secret_key: secret_key_vault_contents)
+      DHKeyPair.new(public_key: public_key_vault_contents, secret_key: secret_key_vault_contents)
     end
 
     private

data/lib/vault-tree/keywords/external_data.rb

@@ -2,6 +2,7 @@ module VaultTree
   class ExternalData < Keyword
 
     def evaluate
+      check_for_external_data
       contract.external_data(id)
     end
 
@@ -9,5 +10,23 @@ module VaultTree
       vault.id
     end
 
+    private
+
+    def check_for_external_data
+      raise(Exceptions::MissingExternalData) if missing_external_data?
+    end
+
+    def missing_external_data?
+      nil_external_data? || empty_external_data?
+    end
+
+    def nil_external_data?
+      contract.external_data_hash.nil?
+    end
+
+    def empty_external_data?
+      contract.external_data_hash.empty?
+    end
+
   end
 end

data/lib/vault-tree/keywords/generated_shamir_key.rb

@@ -0,0 +1,57 @@
+module VaultTree
+  class GeneratedShamirKey < Keyword
+    attr_reader :outstanding_shares, :recovery_threshold, :share_vaults
+
+    def post_initialize(arg_array)
+      @outstanding_shares = arg_array[0]
+      @recovery_threshold = arg_array[1]
+      @share_vaults = arg_array[2..arg_array.length]
+    end
+
+    # Generate a new Shamir key.
+    #
+    # Check that shares can be saved in empty vaults
+    # Put the shares in their respective # vaults.
+    # Gnerate and Return the key.
+    #
+    # @return [String] Secure Hash digest of the generated key
+    def evaluate
+      validate_share_vaults
+      lock_away_key_shares
+      generated_key
+    end
+
+    private
+
+    def lock_away_key_shares
+      c = contract
+      share_vaults.each do |v|
+        c = c.close_vault(v, data: data_for_vault(v) )
+      end
+    end
+
+    def data_for_vault(id)
+      generated_key_shares[vault_index(id)]
+    end
+
+    def vault_index(id)
+      share_vaults.index(id)
+    end
+
+    def generated_key
+      key_object.key
+    end
+
+    def generated_key_shares
+      key_object.shares
+    end
+
+    def key_object
+      @key_object ||= Crypto::GeneratedShamirKey.new(outstanding_shares: outstanding_shares, recovery_threshold: recovery_threshold)
+    end
+
+    def validate_share_vaults
+      true # Add exception tests and functionality later
+    end
+  end
+end

data/lib/vault-tree/keywords/key.rb

@@ -0,0 +1,13 @@
+module VaultTree
+  class Key < Keyword
+    attr_reader :vault_id
+
+    def post_initialize(arg_array)
+      @vault_id = arg_array[0]
+    end
+
+    def evaluate
+      contract.retrieve_contents(vault_id)
+    end
+  end
+end

data/lib/vault-tree/keywords/keyword_interpreter.rb

@@ -1,7 +1,7 @@
 module VaultTree
   class KeywordInterpreter
     attr_reader :word, :vault
-    
+
     def initialize(word,vault)
       @word = word 
       @vault = vault
@@ -11,20 +11,20 @@ module VaultTree
       begin
         keyword_class_name.new(vault, arg_array).evaluate
       rescue NameError
-        raise Exceptions::UnsupportedKeyword 
+        raise Exceptions::UnsupportedKeyword
       end
     end
 
+    def word_base
+      word.gsub(/(\[.*\])/,'').strip
+    end
+
     private
 
     def keyword_class_name
       instance_eval "VaultTree::#{word_base.downcase.camelize}"
     end
 
-    def word_base
-      word.gsub(/(\[.*\])/,'').strip
-    end
-
     def arg_array
       if has_args?
         instance_eval arg_array_string