vault-tree 0.1.0

data/lib/vault-tree/lock_smith/digital_signature.rb

@@ -0,0 +1,32 @@
+module VaultTree
+  module LockSmith
+    class DigitalSignature
+      attr_reader :signing_key, :verify_key, :message, :signature
+
+      def initialize(opts = {})
+        @message = opts[:message]
+        @signing_key = opts[:signing_key]
+        @verify_key = opts[:verify_key]
+        @signature = opts[:signature]
+      end
+
+      def generate
+        sig_generator.sign(message, :base64)
+      end
+
+      def verify
+        sig_verifier.verify(@message, @signature, :base64)
+      end
+
+      private
+
+      def sig_generator
+        Crypto::SigningKey.new(signing_key, :base64)
+      end
+
+      def sig_verifier
+        Crypto::VerifyKey.new(verify_key, :base64)
+      end
+    end
+  end
+end

data/lib/vault-tree/lock_smith/encryption_key_pair.rb

@@ -0,0 +1,25 @@
+module VaultTree
+  module LockSmith
+    class EncryptionKeyPair
+
+      def generate_private_key
+        Crypto::PrivateKey.generate.to_s(:base64)
+      end
+
+      def public_key(pk)
+        lib_public_key(pk).to_s(:base64)
+      end
+
+      private
+
+      def lib_private_key(s)
+        Crypto::PrivateKey.new(s,:base64)
+      end
+
+      def lib_public_key(pk)
+        lib_private_key(pk).public_key
+      end
+
+    end
+  end
+end

data/lib/vault-tree/lock_smith/null_vault.rb

@@ -0,0 +1,4 @@
+module LockSmith
+  class NullVault
+  end
+end

data/lib/vault-tree/lock_smith/random_number.rb

@@ -0,0 +1,11 @@
+module VaultTree
+  module LockSmith
+    class RandomNumber
+
+      def self.compute
+        CryptoHash.compute rand(1000000000000)
+      end
+
+    end
+  end
+end

data/lib/vault-tree/lock_smith/shared_key_pair.rb

@@ -0,0 +1,12 @@
+module VaultTree
+  module LockSmith
+    class SharedKeyPair
+      attr_reader :public_key, :secret_key
+
+      def initialize(opts)
+        @public_key = opts[:public_key]
+        @secret_key = opts[:secret_key]
+      end
+    end
+  end
+end

data/lib/vault-tree/lock_smith/signing_key_pair.rb

@@ -0,0 +1,25 @@
+module VaultTree
+  module LockSmith
+    class SigningKeyPair
+
+      def signing_key
+        lib_signing_key.to_s(:base64)
+      end
+
+      def verify_key
+        lib_verify_key.to_s(:base64)
+      end
+
+      private
+
+      def lib_signing_key
+        @lib_signing_key ||= Crypto::SigningKey.generate
+      end
+
+      def lib_verify_key
+        lib_signing_key.verify_key
+      end
+
+    end
+  end
+end

data/lib/vault-tree/lock_smith/symmetric_cipher.rb

@@ -0,0 +1,25 @@
+module VaultTree
+  module LockSmith
+    class SymmetricCipher
+
+      def encrypt(opts = {})
+        key = CryptoHash.compute(opts[:key])
+        plain_text = opts[:plain_text]
+        box_from_key(key).box(plain_text, :base64)
+      end
+
+      def decrypt(opts = {})
+        key = CryptoHash.compute(opts[:key]) 
+        cipher_text = opts[:cipher_text]
+        box_from_key(key).open(cipher_text , :base64)
+      end
+
+      private
+
+      def box_from_key(key)
+        sb = Crypto::SecretBox.new(key,:base64)
+        rnb = Crypto::RandomNonceBox.new(sb)
+      end
+    end
+  end
+end

data/lib/vault-tree/util/json.rb

@@ -0,0 +1,16 @@
+require 'json'
+module VaultTree
+  module Support
+    module JSON
+      extend self
+
+      def encode(ruby_hash)
+        ::JSON.generate(ruby_hash)
+      end
+
+      def decode(json)
+        ::JSON.parse(json)
+      end
+    end
+  end
+end

data/lib/vault-tree/version.rb

@@ -0,0 +1,3 @@
+module VaultTree
+  VERSION = '0.1.0'
+end

data/spec/app/locksmith/asymmetric_cipher_spec.rb

@@ -0,0 +1,25 @@
+require 'spec_helper'
+
+module VaultTree
+  describe 'AsymmetricCipher' do
+
+    before :each do
+      alice_key_pair = LockSmith::EncryptionKeyPair.new
+      @alice_priv_key = alice_key_pair.generate_private_key
+      @alice_pub_key = alice_key_pair.public_key(@alice_priv_key)
+      bob_key_pair = LockSmith::EncryptionKeyPair.new
+      @bob_priv_key = bob_key_pair.generate_private_key
+      @bob_pub_key = bob_key_pair.public_key(@bob_priv_key)
+      @message = 'ENCRYPT_ME!'
+      @asymmetric_cipher = LockSmith::AsymmetricCipher.new
+    end
+
+    describe '#encrypt | #decrypt' do
+      it 'Bob can encrypt with alice pub key and Alice can decrypt' do
+        cipher_text = @asymmetric_cipher.encrypt(public_key: @alice_pub_key, secret_key: @bob_priv_key, plain_text: @message)
+        plain_text = @asymmetric_cipher.decrypt(public_key: @bob_pub_key, secret_key: @alice_priv_key, cipher_text: cipher_text)
+        plain_text.should == @message
+      end
+    end
+  end
+end

data/spec/app/locksmith/signing_key_pair_spec.rb

@@ -0,0 +1,22 @@
+require 'spec_helper'
+module VaultTree
+  module LockSmith
+
+    describe 'SigningKeyPair' do
+      describe '#new' do
+
+        before :each do
+          @signing_key_pair = SigningKeyPair.new
+        end
+
+        it 'generates a new private key' do
+          @signing_key_pair.signing_key.should be_an_instance_of(String)
+        end
+
+        it 'generates a new public key' do
+          @signing_key_pair.verify_key.should be_an_instance_of(String)
+        end
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,5 @@
+require_relative '../lib/vault-tree'
+
+RSpec.configure do |config|
+  config.color_enabled = true
+end

data/spec/support/fixtures/blank_simple_test_contract.json

@@ -0,0 +1,14 @@
+{
+"header": {},
+"vaults": {
+
+"simple_message":{
+  "owner": "tester",
+  "fill_with": "EXTERNAL_DATA",
+  "lock_with": "MASTER_PASSPHRASE",
+  "unlock_with": "MASTER_PASSPHRASE",
+  "contents": ""
+}
+
+}
+}

data/spec/support/fixtures/broken_contract.json

@@ -0,0 +1,55 @@
+{
+"header": {
+
+"title":"Broken Contract",
+"summary":"This is a test fixture for ensuring proper exception handling. These are examples of what NOT to do.",
+"contributers":"Andrew Bashelor"
+},
+"vaults": {
+
+"empty_vault":{
+  "fill_with": "RANDOM_NUMBER",
+  "lock_with": "MASTER_PASSPHRASE",
+  "unlock_with": "MASTER_PASSPHRASE",
+  "contents": ""
+},
+
+"unsupported_keyword":{
+  "fill_with": "UNSUPPORTED_KEYWORD",
+  "lock_with": "UNLOCKED",
+  "unlock_with": "UNLOCKED",
+  "contents": ""
+},
+
+"fill_with_master_pass_vault":{
+  "fill_with": "MASTER_PASSPHRASE",
+  "lock_with": "UNLOCKED",
+  "unlock_with": "UNLOCKED",
+  "contents": ""
+},
+
+"missing_external_data_vault":{
+  "fill_with": "EXTERNAL_DATA",
+  "lock_with": "UNLOCKED",
+  "unlock_with": "UNLOCKED",
+  "contents": ""
+},
+
+"empty_decryption_key":{
+  "description": "Leave this empty.",
+  "fill_with": "DECRYPTION_KEY",
+  "lock_with": "UNLOCKED",
+  "unlock_with": "UNLOCKED",
+  "contents": ""
+},
+
+"orphaned_public_key":{
+  "description": "Attempt to establish a public key with first building a decryption key",
+  "fill_with": "PUBLIC_ENCRYPTION_KEY['empty_decryption_key']",
+  "lock_with": "UNLOCKED",
+  "unlock_with": "UNLOCKED",
+  "contents": ""
+}
+
+}
+}

data/spec/support/fixtures/one_two_three-0.5.0.EXP.json

@@ -0,0 +1,105 @@
+{
+"header": {},
+"vaults": {
+
+"bob_contract_secret":{
+  "owner": "bob",
+  "fill_with": "RANDOM_NUMBER",
+  "lock_with": "MASTER_PASSPHRASE",
+  "unlock_with": "MASTER_PASSPHRASE",
+  "contents": ""
+},
+
+"alice_contract_secret":{
+  "owner": "alice",
+  "fill_with": "RANDOM_NUMBER",
+  "lock_with": "MASTER_PASSPHRASE",
+  "unlock_with": "MASTER_PASSPHRASE",
+  "contents": ""
+},
+
+"alice_public_encryption_key":{
+  "owner": "alice",
+  "fill_with": "PUBLIC_ENCRYPTION_KEY",
+  "lock_with": "UNLOCKED",
+  "unlock_with": "UNLOCKED",
+  "contents": ""
+},
+
+"bob_public_encryption_key":{
+  "owner": "bob",
+  "fill_with": "PUBLIC_ENCRYPTION_KEY",
+  "lock_with": "UNLOCKED",
+  "unlock_with": "UNLOCKED",
+  "contents": ""
+},
+
+"alice_decryption_key":{
+  "owner": "alice",
+  "fill_with": "DECRYPTION_KEY",
+  "lock_with": "VAULT_CONTENTS['alice_contract_secret']",
+  "unlock_with": "VAULT_CONTENTS['alice_contract_secret']",
+  "contents": ""
+},
+
+"bob_decryption_key":{
+  "owner": "bob",
+  "fill_with": "DECRYPTION_KEY",
+  "lock_with": "VAULT_CONTENTS['bob_contract_secret']",
+  "unlock_with": "VAULT_CONTENTS['bob_contract_secret']",
+  "contents": ""
+},
+
+"congratulations_message":{
+  "owner": "bob",
+  "fill_with": "EXTERNAL_DATA",
+  "lock_with": "VAULT_CONTENTS['bob_contract_secret']",
+  "unlock_with": "VAULT_CONTENTS['bob_contract_secret']",
+  "contents": ""
+},
+
+"vault_two_key":{
+  "owner": "bob",
+  "fill_with": "RANDOM_NUMBER",
+  "lock_with": "VAULT_CONTENTS['bob_contract_secret']",
+  "unlock_with": "VAULT_CONTENTS['bob_contract_secret']",
+  "contents": ""
+},
+
+"vault_three_key":{
+  "owner": "bob",
+  "fill_with": "RANDOM_NUMBER",
+  "lock_with": "VAULT_CONTENTS['bob_contract_secret']",
+  "unlock_with": "VAULT_CONTENTS['bob_contract_secret']",
+  "contents": ""
+},
+
+"first":{
+  "owner": "bob",
+  "fill_with": "VAULT_CONTENTS['vault_two_key']",
+  "lock_with": "VAULT_CONTENTS['alice_public_encryption_key']",
+  "unlock_with": "VAULT_CONTENTS['alice_decryption_key']",
+  "lock_type": "ASYMMETRIC_MUTUAL_AUTH",
+  "asym_auth_with": "VAULT_CONTENTS['bob_decryption_key']",
+  "asym_verify_with": "VAULT_CONTENTS['bob_public_encryption_key']",
+  "contents": ""
+},
+
+"second":{
+  "owner": "bob",
+  "fill_with": "VAULT_CONTENTS['vault_three_key']",
+  "lock_with": "VAULT_CONTENTS['vault_two_key']",
+  "unlock_with": "VAULT_CONTENTS['first']",
+  "contents": ""
+},
+
+"third":{
+  "owner": "bob",
+  "fill_with": "VAULT_CONTENTS['congratulations_message']",
+  "lock_with": "VAULT_CONTENTS['vault_three_key']",
+  "unlock_with": "VAULT_CONTENTS['second']",
+  "contents": ""
+}
+
+}
+}

data/spec/support/fixtures/reference_contract.1.0.0.json

@@ -0,0 +1,227 @@
+{
+"header": {
+"title":"Reference Contract 1.0.0",
+"description":"This is a test fixture. It is a contract built to use all Vault Tree functionality"
+},
+"vaults": {
+
+"bob_contract_secret":{
+  "description":"contract specific password to lock private information",
+  "fill_with": "RANDOM_NUMBER",
+  "lock_with": "MASTER_PASSPHRASE",
+  "unlock_with": "MASTER_PASSPHRASE",
+  "contents": ""
+},
+
+"alice_contract_secret":{
+  "description":"contract specific password to lock private information",
+  "fill_with": "RANDOM_NUMBER",
+  "lock_with": "MASTER_PASSPHRASE",
+  "unlock_with": "MASTER_PASSPHRASE",
+  "contents": ""
+},
+
+"alice_public_encryption_key":{
+  "description":"public key for asymmetric encryption",
+  "fill_with": "PUBLIC_ENCRYPTION_KEY['alice_decryption_key']",
+  "lock_with": "UNLOCKED",
+  "unlock_with": "UNLOCKED",
+  "contents": ""
+},
+
+"bob_public_encryption_key":{
+  "description":"public key for asymmetric encryption",
+  "fill_with": "PUBLIC_ENCRYPTION_KEY['bob_decryption_key']",
+  "lock_with": "UNLOCKED",
+  "unlock_with": "UNLOCKED",
+  "contents": ""
+},
+
+"alice_decryption_key":{
+  "description":"private key for asymmetric decryption",
+  "fill_with": "DECRYPTION_KEY",
+  "lock_with": "CONTENTS['alice_contract_secret']",
+  "unlock_with": "CONTENTS['alice_contract_secret']",
+  "contents": ""
+},
+
+"bob_decryption_key":{
+  "description":"private key for asymmetric decryption",
+  "fill_with": "DECRYPTION_KEY",
+  "lock_with": "CONTENTS['bob_contract_secret']",
+  "unlock_with": "CONTENTS['bob_contract_secret']",
+  "contents": ""
+},
+
+"congratulations_message":{
+  "description":"A simple message for Bob to put in the final vault",
+  "fill_with": "EXTERNAL_DATA",
+  "lock_with": "CONTENTS['bob_contract_secret']",
+  "unlock_with": "CONTENTS['bob_contract_secret']",
+  "contents": ""
+},
+
+"vault_two_key":{
+  "description":"Key to lock vault two. Once Bob locks the second vault he will put this key inside vault one.",
+  "fill_with": "RANDOM_NUMBER",
+  "lock_with": "CONTENTS['bob_contract_secret']",
+  "unlock_with": "CONTENTS['bob_contract_secret']",
+  "contents": ""
+},
+
+"vault_three_key":{
+  "description":"Key to lock vault three. Once Bob locks the third vault he will put this key inside vault two.",
+  "fill_with": "RANDOM_NUMBER",
+  "lock_with": "CONTENTS['bob_contract_secret']",
+  "unlock_with": "CONTENTS['bob_contract_secret']",
+  "contents": ""
+},
+
+"first":{
+  "description":"This is an asymmetric vault with mutual authentication. It contains the key to vault two and is locked by Bob, with Alices public key. Only Alice can unlock it.",
+  "fill_with": "CONTENTS['vault_two_key']",
+  "lock_with": "SHARED_KEY['alice_public_encryption_key','bob_decryption_key']",
+  "unlock_with": "SHARED_KEY['bob_public_encryption_key','alice_decryption_key']",
+  "contents": ""
+},
+
+"second":{
+  "description":"Alice unlocks this vault with the key held in the first vault.",
+  "fill_with": "CONTENTS['vault_three_key']",
+  "lock_with": "CONTENTS['vault_two_key']",
+  "unlock_with": "CONTENTS['first']",
+  "contents": ""
+},
+
+"third":{
+  "description":"Contains a simple message. Unlock the key found in the second vault.",
+  "fill_with": "CONTENTS['congratulations_message']",
+  "lock_with": "CONTENTS['vault_three_key']",
+  "unlock_with": "CONTENTS['second']",
+  "contents": ""
+},
+
+"sender_btc_signing_key":{
+  "description":"This is the secret Bitcoin Signing Key that SENDER wishes to transfer to RECEIVER. The RECEIVER can unlock only after he has the revealed address.",
+  "fill_with": "EXTERNAL_DATA",
+  "lock_with": "CONTENTS['sender_concealed_destination_wallet_address']",
+  "unlock_with": "CONTENTS['receiver_revealed_destination_wallet_address']",
+  "contents": ""
+},
+
+"sender_origin_wallet_address":{
+  "description":"SENDER origin wallet address. Chosen by SENDER and known in advance to RECEIVER.",
+  "fill_with": "EXTERNAL_DATA",
+  "lock_with": "UNLOCKED",
+  "unlock_with": "UNLOCKED",
+  "contents": ""
+},
+
+"sender_concealed_destination_wallet_address":{
+  "description":"SENDER concealed copy of the destination wallet address. This wallet address is kept secret until SENDER chosed to transfer BTC to it",
+  "fill_with": "EXTERNAL_DATA",
+  "lock_with": "CONTENTS['sender_secret']",
+  "unlock_with": "CONTENTS['sender_secret']",
+  "contents": ""
+},
+
+"receiver_revealed_destination_wallet_address":{
+  "description":"RECEIVER monitors the Block Chain and fills this vault with the newly revealied destination address.",
+  "fill_with": "EXTERNAL_DATA",
+  "lock_with": "CONTENTS['receiver_secret']",
+  "unlock_with": "CONTENTS['receiver_secret']",
+  "contents": ""
+},
+
+"receiver_secret":{
+  "fill_with": "RANDOM_NUMBER",
+  "lock_with": "MASTER_PASSPHRASE",
+  "unlock_with": "MASTER_PASSPHRASE",
+  "contents": ""
+},
+
+"sender_secret":{
+  "description":"Contract specific password for SENDER. Used to Lock the SENDER private information.",
+  "fill_with": "RANDOM_NUMBER",
+  "lock_with": "MASTER_PASSPHRASE",
+  "unlock_with": "MASTER_PASSPHRASE",
+  "contents": ""
+},
+
+
+"message":{
+  "description":"Vault with a simple message.",
+  "fill_with": "EXTERNAL_DATA",
+  "lock_with": "MASTER_PASSPHRASE",
+  "unlock_with": "MASTER_PASSPHRASE",
+  "contents": ""
+},
+
+"random_vault_key":{
+  "description":"Random Number",
+  "fill_with": "RANDOM_NUMBER",
+  "lock_with": "MASTER_PASSPHRASE",
+  "unlock_with": "MASTER_PASSPHRASE",
+  "contents": ""
+},
+
+"message_locked_with_random":{
+  "description":"A simple message locked with a random number",
+  "fill_with": "EXTERNAL_DATA",
+  "lock_with": "CONTENTS['random_vault_key']",
+  "unlock_with": "CONTENTS['random_vault_key']",
+  "contents": ""
+},
+
+"message_locked_with_unlocked_random_number":{
+  "fill_with": "CONTENTS['message_locked_with_random']",
+  "lock_with": "CONTENTS['unlocked_random_key']",
+  "unlock_with": "CONTENTS['unlocked_random_key']",
+  "contents": ""
+},
+
+"unlocked_random_key":{
+  "description":"An unlocked random key",
+  "fill_with": "CONTENTS['random_vault_key']",
+  "lock_with": "UNLOCKED",
+  "unlock_with": "UNLOCKED",
+  "contents": ""
+},
+
+"another_decryption_key":{
+  "fill_with": "DECRYPTION_KEY",
+  "lock_with": "MASTER_PASSPHRASE",
+  "unlock_with": "MASTER_PASSPHRASE",
+  "contents": ""
+},
+
+"another_public_key":{
+  "fill_with": "PUBLIC_ENCRYPTION_KEY['another_decryption_key']",
+  "lock_with": "UNLOCKED",
+  "unlock_with": "UNLOCKED",
+  "contents": ""
+},
+
+"my_decryption_key":{
+  "fill_with": "DECRYPTION_KEY",
+  "lock_with": "MASTER_PASSPHRASE",
+  "unlock_with": "MASTER_PASSPHRASE",
+  "contents": ""
+},
+
+"my_public_key":{
+  "fill_with": "PUBLIC_ENCRYPTION_KEY['my_decryption_key']",
+  "lock_with": "UNLOCKED",
+  "unlock_with": "UNLOCKED",
+  "contents": ""
+},
+
+"asymmetric_message":{
+  "fill_with": "EXTERNAL_DATA",
+  "lock_with": "SHARED_KEY['another_public_key','my_decryption_key']",
+  "unlock_with": "SHARED_KEY['my_public_key','another_decryption_key']",
+  "contents": ""
+}
+
+}
+}