vault-tree 0.3.4 → 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +3 -0
- data/.rspec +1 -0
- data/CHANGE_LOG.md +27 -0
- data/README.md +15 -73
- data/features/contracts/asymmetric_vault.feature +69 -2
- data/features/contracts/block_chain_key_transfer.feature +59 -0
- data/features/contracts/one_two_three.feature +109 -1
- data/features/contracts/readme.md +5 -6
- data/features/contracts_and_vaults.md +19 -24
- data/features/decision_tree.md +1 -1
- data/features/exceptions.feature +54 -43
- data/features/install_and_usage.md +38 -33
- data/features/keywords/assembled_shamir_key.feature +17 -17
- data/features/keywords/dh_key.feature +5 -5
- data/features/keywords/external_input.feature +35 -0
- data/features/keywords/external_key.feature +24 -0
- data/features/keywords/key.feature +3 -3
- data/features/keywords/random_number.feature +3 -3
- data/features/keywords/shamir_key_shares.feature +29 -0
- data/features/keywords/shamir_share.feature +40 -0
- data/features/keywords/split_key.feature +10 -9
- data/features/keywords/unlocked.feature +3 -3
- data/features/readme.md +1 -1
- data/features/steps/asymmetric_vault.steps.rb +14 -21
- data/features/steps/block_chain_key_transfer.steps.rb +17 -22
- data/features/steps/core.steps.rb +60 -71
- data/features/steps/exceptions.steps.rb +27 -64
- data/features/steps/external_input.steps.rb +17 -0
- data/features/steps/one_two_three.steps.rb +21 -27
- data/features/steps/secret_sharing.steps.rb +36 -19
- data/lib/vault-tree.rb +1 -1
- data/lib/vault-tree/contract/content_ciphertext.rb +33 -0
- data/lib/vault-tree/contract/content_plaintext.rb +33 -0
- data/lib/vault-tree/contract/contract.rb +15 -72
- data/lib/vault-tree/contract/contract_header.rb +11 -0
- data/lib/vault-tree/contract/vault.rb +24 -74
- data/lib/vault-tree/contract/vault_key.rb +21 -0
- data/lib/vault-tree/contract/vault_list.rb +56 -0
- data/lib/vault-tree/exceptions/empty_vault.rb +18 -3
- data/lib/vault-tree/exceptions/failed_lock_attempt.rb +18 -0
- data/lib/vault-tree/exceptions/failed_unlock_attempt.rb +23 -1
- data/lib/vault-tree/exceptions/invalid_external_input.rb +16 -0
- data/lib/vault-tree/exceptions/{missing_passphrase.rb → invalid_shamir_split.rb} +2 -1
- data/lib/vault-tree/exceptions/library_exception.rb +64 -0
- data/lib/vault-tree/exceptions/missing_partner_decryption_key.rb +11 -1
- data/lib/vault-tree/exceptions/unsupported_keyword.rb +17 -1
- data/lib/vault-tree/exceptions/vault_does_not_exist.rb +8 -1
- data/lib/vault-tree/keywords/assembled_shamir_key.rb +1 -1
- data/lib/vault-tree/keywords/contents.rb +1 -1
- data/lib/vault-tree/keywords/dh_key.rb +2 -2
- data/lib/vault-tree/keywords/external_input.rb +58 -0
- data/lib/vault-tree/keywords/external_key.rb +20 -0
- data/lib/vault-tree/keywords/key.rb +7 -1
- data/lib/vault-tree/keywords/keyword_interpreter.rb +5 -3
- data/lib/vault-tree/keywords/public_encryption_key.rb +1 -5
- data/lib/vault-tree/keywords/shamir_key_shares.rb +18 -0
- data/lib/vault-tree/keywords/shamir_share.rb +18 -0
- data/lib/vault-tree/keywords/split_key.rb +1 -1
- data/lib/vault-tree/lock_smith.rb +7 -8
- data/lib/vault-tree/lock_smith/{generated_shamir_key.rb → shamir_key_shares.rb} +22 -21
- data/lib/vault-tree/lock_smith/{split_key.rb → split_key_crypto.rb} +0 -0
- data/lib/vault-tree/version.rb +1 -1
- data/spec/assembled_shamir_key_spec.rb +0 -1
- data/spec/custom_exception_spec.rb +81 -0
- data/spec/lock_smith_spec.rb +0 -48
- data/spec/secret_sharing_spec.rb +0 -1
- data/spec/shamir_key_shares_spec.rb +27 -0
- data/vault-tree.gemspec +1 -1
- metadata +33 -139
- data/Gemfile.lock +0 -53
- data/VagrantFile +0 -30
- data/features/keywords/external_data.feature +0 -11
- data/features/keywords/generated_shamir_key.feature +0 -55
- data/features/keywords/master_passphrase.feature +0 -68
- data/features/manipulating_contracts.md +0 -84
- data/features/support/contract_fixtures/asymmetric_vault.0.1.0.json +0 -69
- data/features/support/contract_fixtures/blank_simple_test_contract.json +0 -14
- data/features/support/contract_fixtures/block_chain_key_transfer.0.1.0.json +0 -59
- data/features/support/contract_fixtures/broken_contract.json +0 -55
- data/features/support/contract_fixtures/one_two_three.0.7.0.json +0 -108
- data/features/support/contract_fixtures/simple_test_contract.json +0 -14
- data/features/support/contract_fixtures/template.json +0 -33
- data/lib/vault-tree/contract/close_validator.rb +0 -28
- data/lib/vault-tree/contract/doorman.rb +0 -113
- data/lib/vault-tree/contract/open_validator.rb +0 -20
- data/lib/vault-tree/exceptions/exception_template.erb +0 -0
- data/lib/vault-tree/exceptions/fill_attempt_master_password.rb +0 -6
- data/lib/vault-tree/exceptions/missing_external_data.rb +0 -6
- data/lib/vault-tree/exceptions/vault_tree_exception.rb +0 -25
- data/lib/vault-tree/keywords/external_data.rb +0 -32
- data/lib/vault-tree/keywords/generated_shamir_key.rb +0 -57
- data/lib/vault-tree/keywords/master_passphrase.rb +0 -9
- data/spec/generated_shamir_key_spec.rb +0 -52
- data/support/cookbooks/ark/.gitignore +0 -12
- data/support/cookbooks/ark/.kitchen.yml +0 -34
- data/support/cookbooks/ark/.travis.yml +0 -6
- data/support/cookbooks/ark/Berksfile +0 -9
- data/support/cookbooks/ark/CHANGELOG.md +0 -87
- data/support/cookbooks/ark/CONTRIBUTING.md +0 -257
- data/support/cookbooks/ark/README.md +0 -301
- data/support/cookbooks/ark/Rakefile +0 -36
- data/support/cookbooks/ark/TESTING.md +0 -25
- data/support/cookbooks/ark/Toftfile +0 -15
- data/support/cookbooks/ark/attributes/default.rb +0 -6
- data/support/cookbooks/ark/chefignore +0 -96
- data/support/cookbooks/ark/files/default/foo.tar.gz +0 -0
- data/support/cookbooks/ark/files/default/foo.tbz +0 -0
- data/support/cookbooks/ark/files/default/foo.tgz +0 -0
- data/support/cookbooks/ark/files/default/foo.zip +0 -0
- data/support/cookbooks/ark/files/default/tests/minitest/default_test.rb +0 -0
- data/support/cookbooks/ark/files/default/tests/minitest/support/helpers.rb +0 -0
- data/support/cookbooks/ark/files/default/tests/minitest/test_test.rb +0 -94
- data/support/cookbooks/ark/libraries/default.rb +0 -167
- data/support/cookbooks/ark/metadata.rb +0 -13
- data/support/cookbooks/ark/providers/default.rb +0 -370
- data/support/cookbooks/ark/recipes/default.rb +0 -31
- data/support/cookbooks/ark/recipes/test.rb +0 -138
- data/support/cookbooks/ark/resources/default.rb +0 -54
- data/support/cookbooks/ark/templates/default/add_to_path.sh.erb +0 -1
- data/support/cookbooks/ark/test/support/Gemfile +0 -4
- data/support/cookbooks/build-essential/README.md +0 -24
- data/support/cookbooks/build-essential/metadata.rb +0 -10
- data/support/cookbooks/build-essential/recipes/default.rb +0 -45
- data/support/cookbooks/chruby/.gitignore +0 -15
- data/support/cookbooks/chruby/.kitchen.yml +0 -26
- data/support/cookbooks/chruby/.ruby_version +0 -1
- data/support/cookbooks/chruby/Berksfile +0 -3
- data/support/cookbooks/chruby/Gemfile +0 -7
- data/support/cookbooks/chruby/LICENSE +0 -14
- data/support/cookbooks/chruby/README.md +0 -92
- data/support/cookbooks/chruby/Rakefile +0 -7
- data/support/cookbooks/chruby/Thorfile +0 -6
- data/support/cookbooks/chruby/Vagrantfile +0 -86
- data/support/cookbooks/chruby/attributes/default.rb +0 -10
- data/support/cookbooks/chruby/chefignore +0 -96
- data/support/cookbooks/chruby/metadata.rb +0 -11
- data/support/cookbooks/chruby/recipes/default.rb +0 -43
- data/support/cookbooks/chruby/recipes/system.rb +0 -25
- data/support/cookbooks/chruby/templates/default/chruby.sh.erb +0 -22
- data/support/cookbooks/chruby/test/integration/default/bash/embedded_test.sh +0 -1
- data/support/cookbooks/git/.gitignore +0 -14
- data/support/cookbooks/git/.kitchen.yml +0 -46
- data/support/cookbooks/git/Berksfile +0 -8
- data/support/cookbooks/git/CHANGELOG.md +0 -87
- data/support/cookbooks/git/CONTRIBUTING +0 -29
- data/support/cookbooks/git/Gemfile +0 -3
- data/support/cookbooks/git/LICENSE +0 -201
- data/support/cookbooks/git/README.md +0 -115
- data/support/cookbooks/git/TESTING.md +0 -25
- data/support/cookbooks/git/attributes/default.rb +0 -40
- data/support/cookbooks/git/metadata.rb +0 -35
- data/support/cookbooks/git/recipes/default.rb +0 -53
- data/support/cookbooks/git/recipes/server.rb +0 -58
- data/support/cookbooks/git/recipes/source.rb +0 -49
- data/support/cookbooks/git/recipes/windows.rb +0 -37
- data/support/cookbooks/git/templates/default/git-xinetd.d.erb +0 -10
- data/support/cookbooks/git/templates/default/sv-git-daemon-log-run.erb +0 -2
- data/support/cookbooks/git/templates/default/sv-git-daemon-run.erb +0 -3
- data/support/cookbooks/install_ruby/README.md +0 -3
- data/support/cookbooks/install_ruby/metadata.rb +0 -10
- data/support/cookbooks/install_ruby/recipes/default.rb +0 -14
- data/support/cookbooks/ruby_build/.gitignore +0 -6
- data/support/cookbooks/ruby_build/.kitchen.yml +0 -31
- data/support/cookbooks/ruby_build/.travis.yml +0 -4
- data/support/cookbooks/ruby_build/Berksfile +0 -10
- data/support/cookbooks/ruby_build/CHANGELOG.md +0 -72
- data/support/cookbooks/ruby_build/Gemfile +0 -14
- data/support/cookbooks/ruby_build/README.md +0 -338
- data/support/cookbooks/ruby_build/Rakefile +0 -21
- data/support/cookbooks/ruby_build/attributes/default.rb +0 -67
- data/support/cookbooks/ruby_build/chefignore +0 -53
- data/support/cookbooks/ruby_build/libraries/ruby_build_recipe_helpers.rb +0 -40
- data/support/cookbooks/ruby_build/metadata.rb +0 -18
- data/support/cookbooks/ruby_build/providers/ruby.rb +0 -88
- data/support/cookbooks/ruby_build/recipes/default.rb +0 -69
- data/support/cookbooks/ruby_build/resources/ruby.rb +0 -33
- data/support/cookbooks/ruby_build/test/cookbooks/alltherubies/metadata.rb +0 -10
- data/support/cookbooks/ruby_build/test/cookbooks/alltherubies/recipes/default.rb +0 -59
- data/support/cookbooks/ruby_build/test/integration/alltherubies/bats/_verify_tests.bash +0 -33
- data/support/cookbooks/ruby_build/test/integration/alltherubies/bats/verify_1.8.7.bats +0 -29
- data/support/cookbooks/ruby_build/test/integration/alltherubies/bats/verify_1.9.2.bats +0 -18
- data/support/cookbooks/ruby_build/test/integration/alltherubies/bats/verify_1.9.3.bats +0 -18
- data/support/cookbooks/ruby_build/test/integration/alltherubies/bats/verify_2.0.0.bats +0 -18
- data/support/cookbooks/ruby_build/test/integration/alltherubies/bats/verify_jruby.bats +0 -20
- data/support/cookbooks/ruby_build/test/integration/alltherubies/bats/verify_rbx.bats +0 -18
- data/support/cookbooks/ruby_build/test/integration/alltherubies/bats/verify_ree.bats +0 -19
- data/support/cookbooks/ruby_build/test/integration/installation/bats/installation.bats +0 -6
- data/support/scripts/libsodium_ubuntu.sh +0 -80
- data/support/tasks/.gitkeep +0 -0
- data/support/tasks/libsodium_install.rb +0 -57
@@ -0,0 +1,24 @@
|
|
1
|
+
Feature: External Key
|
2
|
+
|
3
|
+
EXTERNAL_KEY ensures your password is run through a secure hash before it is used to
|
4
|
+
lock contents. Hashing guarentees a properly padded vault key and keeps the locked vault
|
5
|
+
more secure if you have a weak password.
|
6
|
+
|
7
|
+
Scenario: Close And Open Using and External Key
|
8
|
+
Given the blank contract:
|
9
|
+
"""javascript
|
10
|
+
{
|
11
|
+
"header": {},
|
12
|
+
"vaults": {
|
13
|
+
"message":{
|
14
|
+
"description": "Simple Congratulations Message",
|
15
|
+
"fill_with": "EXTERNAL_INPUT['msg']",
|
16
|
+
"lock_with": "EXTERNAL_KEY['secret']",
|
17
|
+
"unlock_with": "EXTERNAL_KEY['secret']",
|
18
|
+
"contents": ""
|
19
|
+
}
|
20
|
+
}
|
21
|
+
}
|
22
|
+
"""
|
23
|
+
When I lock the external input in a vault using an external key
|
24
|
+
Then I can recover the input message using the same key
|
@@ -20,13 +20,13 @@ Feature: Key
|
|
20
20
|
"random_vault_key":{
|
21
21
|
"description":"Random Number",
|
22
22
|
"fill_with": "RANDOM_NUMBER",
|
23
|
-
"lock_with": "
|
24
|
-
"unlock_with": "
|
23
|
+
"lock_with": "UNLOCKED",
|
24
|
+
"unlock_with": "UNLOCKED",
|
25
25
|
"contents": ""
|
26
26
|
},
|
27
27
|
"message":{
|
28
28
|
"description": "Simple Congratulations Message",
|
29
|
-
"fill_with": "
|
29
|
+
"fill_with": "EXTERNAL_INPUT['msg']",
|
30
30
|
"lock_with": "KEY['random_vault_key']",
|
31
31
|
"unlock_with": "KEY['random_vault_key']",
|
32
32
|
"contents": ""
|
@@ -23,14 +23,14 @@ Scenario: Close And Open With Random Key
|
|
23
23
|
"random_vault_key":{
|
24
24
|
"description":"Random Number",
|
25
25
|
"fill_with": "RANDOM_NUMBER",
|
26
|
-
"lock_with": "
|
27
|
-
"unlock_with": "
|
26
|
+
"lock_with": "UNLOCKED",
|
27
|
+
"unlock_with": "UNLOCKED",
|
28
28
|
"contents": ""
|
29
29
|
},
|
30
30
|
|
31
31
|
"message_locked_with_random":{
|
32
32
|
"description":"A simple message locked with a random number",
|
33
|
-
"fill_with": "
|
33
|
+
"fill_with": "EXTERNAL_INPUT['msg']",
|
34
34
|
"lock_with": "KEY['random_vault_key']",
|
35
35
|
"unlock_with": "KEY['random_vault_key']",
|
36
36
|
"contents": ""
|
@@ -0,0 +1,29 @@
|
|
1
|
+
Feature: Shamir Key Shares
|
2
|
+
|
3
|
+
```
|
4
|
+
SHAMIR_KEY_SHARES
|
5
|
+
```
|
6
|
+
|
7
|
+
is used to fill a vault with a collection of secret shares
|
8
|
+
that have been obtained by breaking up a random secret key
|
9
|
+
with the Shamir Secret Sharing Algorithm.
|
10
|
+
|
11
|
+
Scenario: Lock away a collection of shamir key shares
|
12
|
+
Given the blank contract:
|
13
|
+
"""javascript
|
14
|
+
{
|
15
|
+
"header": {},
|
16
|
+
"vaults": {
|
17
|
+
|
18
|
+
"share_collection":{
|
19
|
+
"fill_with": "SHAMIR_KEY_SHARES['5','3']",
|
20
|
+
"lock_with": "UNLOCKED",
|
21
|
+
"unlock_with": "UNLOCKED",
|
22
|
+
"contents": ""
|
23
|
+
}
|
24
|
+
}
|
25
|
+
}
|
26
|
+
"""
|
27
|
+
When I lock away the shamir key share collection
|
28
|
+
Then a random key is generated and split with the shamir secret sharing algorithm
|
29
|
+
And I can open the vault to recover the JSON representation of the secret shares
|
@@ -0,0 +1,40 @@
|
|
1
|
+
Feature: Shamir Share
|
2
|
+
|
3
|
+
Scenario: Lock Secret Shares in thier respective vaults
|
4
|
+
Given the blank contract:
|
5
|
+
"""javascript
|
6
|
+
{
|
7
|
+
"header": {},
|
8
|
+
"vaults": {
|
9
|
+
|
10
|
+
"share_collection":{
|
11
|
+
"fill_with": "SHAMIR_KEY_SHARES['3','2']",
|
12
|
+
"lock_with": "UNLOCKED",
|
13
|
+
"unlock_with": "UNLOCKED",
|
14
|
+
"contents": ""
|
15
|
+
},
|
16
|
+
"share_1":{
|
17
|
+
"fill_with": "SHAMIR_SHARE['share_collection','1']",
|
18
|
+
"lock_with": "UNLOCKED",
|
19
|
+
"unlock_with": "UNLOCKED",
|
20
|
+
"contents": ""
|
21
|
+
},
|
22
|
+
"share_2":{
|
23
|
+
"fill_with": "SHAMIR_SHARE['share_collection','2']",
|
24
|
+
"lock_with": "UNLOCKED",
|
25
|
+
"unlock_with": "UNLOCKED",
|
26
|
+
"contents": ""
|
27
|
+
},
|
28
|
+
"share_3":{
|
29
|
+
"fill_with": "SHAMIR_SHARE['share_collection','3']",
|
30
|
+
"lock_with": "UNLOCKED",
|
31
|
+
"unlock_with": "UNLOCKED",
|
32
|
+
"contents": ""
|
33
|
+
}
|
34
|
+
}
|
35
|
+
}
|
36
|
+
"""
|
37
|
+
When I lock away the shamir key share collection
|
38
|
+
Then a random key is generated and split with the shamir secret sharing algorithm
|
39
|
+
When I fill an individual vault with the SECRET_SHARES keyword
|
40
|
+
Then the library takes the approprate share from the collection vault and locks it away
|
@@ -3,7 +3,7 @@ Feature: Split Key
|
|
3
3
|
```javascript
|
4
4
|
SPLIT_KEY['id_1','id_2','id_3']
|
5
5
|
```
|
6
|
-
Split Key is a simple
|
6
|
+
Split Key is a simple form of secret sharing.
|
7
7
|
|
8
8
|
Scenario: Close And Open With Split Key
|
9
9
|
Given the blank contract:
|
@@ -13,22 +13,22 @@ Scenario: Close And Open With Split Key
|
|
13
13
|
"vaults": {
|
14
14
|
"a_consent_key":{
|
15
15
|
"fill_with": "RANDOM_NUMBER",
|
16
|
-
"lock_with": "
|
17
|
-
"unlock_with": "
|
16
|
+
"lock_with": "EXTERNAL_KEY['a_secret']",
|
17
|
+
"unlock_with": "EXTERNAL_KEY['a_secret']",
|
18
18
|
"contents": ""
|
19
19
|
},
|
20
20
|
|
21
21
|
"b_consent_key":{
|
22
22
|
"fill_with": "RANDOM_NUMBER",
|
23
|
-
"lock_with": "
|
24
|
-
"unlock_with": "
|
23
|
+
"lock_with": "EXTERNAL_KEY['b_secret']",
|
24
|
+
"unlock_with": "EXTERNAL_KEY['b_secret']",
|
25
25
|
"contents": ""
|
26
26
|
},
|
27
27
|
|
28
28
|
"c_consent_key":{
|
29
29
|
"fill_with": "RANDOM_NUMBER",
|
30
|
-
"lock_with": "
|
31
|
-
"unlock_with": "
|
30
|
+
"lock_with": "EXTERNAL_KEY['c_secret']",
|
31
|
+
"unlock_with": "EXTERNAL_KEY['c_secret']",
|
32
32
|
"contents": ""
|
33
33
|
},
|
34
34
|
|
@@ -40,7 +40,7 @@ Scenario: Close And Open With Split Key
|
|
40
40
|
},
|
41
41
|
|
42
42
|
"abc_consent_message":{
|
43
|
-
"fill_with": "
|
43
|
+
"fill_with": "EXTERNAL_INPUT['consent_message']",
|
44
44
|
"lock_with": "KEY['abc_joint_consent_key']",
|
45
45
|
"unlock_with": "KEY['abc_joint_consent_key']",
|
46
46
|
"contents": ""
|
@@ -49,6 +49,7 @@ Scenario: Close And Open With Split Key
|
|
49
49
|
}
|
50
50
|
"""
|
51
51
|
And Consent keys for parties A, B, and C
|
52
|
-
When I lock a
|
52
|
+
When I lock a away the consent keys
|
53
|
+
And I lock a message in a vault using a split key
|
53
54
|
Then I can recover the message if each party gives consent
|
54
55
|
And I cannot recover the message if one party fails to give consent
|
@@ -18,13 +18,13 @@ Scenario: Transfer Key Via Unlocked Vault
|
|
18
18
|
"random_vault_key":{
|
19
19
|
"description":"Random Number",
|
20
20
|
"fill_with": "RANDOM_NUMBER",
|
21
|
-
"lock_with": "
|
22
|
-
"unlock_with": "
|
21
|
+
"lock_with": "UNLOCKED",
|
22
|
+
"unlock_with": "UNLOCKED",
|
23
23
|
"contents": ""
|
24
24
|
},
|
25
25
|
"message_locked_with_random":{
|
26
26
|
"description":"A simple message locked with a random number",
|
27
|
-
"fill_with": "
|
27
|
+
"fill_with": "EXTERNAL_INPUT['msg']",
|
28
28
|
"lock_with": "KEY['random_vault_key']",
|
29
29
|
"unlock_with": "KEY['random_vault_key']",
|
30
30
|
"contents": ""
|
data/features/readme.md
CHANGED
@@ -1,41 +1,34 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
@
|
4
|
-
|
5
|
-
|
6
|
-
When(/^she locks all of her public and private keys$/) do
|
7
|
-
@contract = VaultTree::Contract.new(@contract_json, master_passphrase: 'ALICE_SECURE_PASS', external_data: {})
|
8
|
-
@contract = @contract.close_vault('alice_contract_secret')
|
9
|
-
@contract = @contract.close_vault('alice_decryption_key')
|
10
|
-
@contract = @contract.close_vault('alice_public_encryption_key')
|
1
|
+
When(/^Alice locks all of her public and private keys$/) do
|
2
|
+
@acs_key = "#{VaultTree::LockSmith.new(message: 'ALICE_SECURE_PASS').secure_hash}"
|
3
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('alice_contract_secret', acs_key: @acs_key)
|
4
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('alice_decryption_key', acs_key: @acs_key)
|
5
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('alice_public_encryption_key', acs_key: @acs_key)
|
11
6
|
end
|
12
7
|
|
13
8
|
When(/^she sends the contract to Bob over the internet$/) do
|
14
|
-
@
|
15
|
-
@bobs_external_data = {"message" => "CONGRATS ALICE! YOU UNLOCKED THE SECRET MESSAGE WITH A DH KEY."}
|
16
|
-
@contract = VaultTree::Contract.new(@contract_json, master_passphrase: 'BOB_SECURE_PASS', external_data: @bobs_external_data)
|
9
|
+
@bcs_key = "#{VaultTree::LockSmith.new(message: 'BOB_SECURE_PASS').secure_hash}"
|
17
10
|
end
|
18
11
|
|
19
12
|
Then(/^Bob can access of her public keys but not her private keys$/) do
|
20
|
-
@contents = @contract.
|
13
|
+
@contents = VaultTree::Contract.new(@contract).open_vault('alice_public_encryption_key')
|
21
14
|
end
|
22
15
|
|
23
16
|
When(/^Bob locks his public and private keys$/) do
|
24
|
-
@contract = @contract.close_vault('bob_decryption_key')
|
25
|
-
@contract = @contract.close_vault('bob_public_encryption_key')
|
17
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('bob_decryption_key', bcs_key: @bcs_key)
|
18
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('bob_public_encryption_key', bcs_key: @bcs_key)
|
26
19
|
end
|
27
20
|
|
28
21
|
When(/^He fills and locks the vault containing the message using a DH_KEY$/) do
|
29
|
-
@
|
22
|
+
@msg = "CONGRATS ALICE! YOU UNLOCKED THE SECRET MESSAGE WITH A DH KEY."
|
23
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('message', msg: @msg, bcs_key: @bcs_key)
|
30
24
|
end
|
31
25
|
|
32
26
|
|
33
27
|
When(/^he sends the contract back to Alice over the internet$/) do
|
34
|
-
@
|
35
|
-
@contract = VaultTree::Contract.new(@contract_json, master_passphrase: 'ALICE_SECURE_PASS', external_data: {})
|
28
|
+
@contract = VaultTree::Contract.new(@contract).as_json
|
36
29
|
end
|
37
30
|
|
38
31
|
Then(/^Alice can unlock the message with a DH_KEY$/) do
|
39
|
-
puts @contract.
|
40
|
-
@contract.
|
32
|
+
puts VaultTree::Contract.new(@contract).open_vault('message', acs_key: @acs_key)
|
33
|
+
VaultTree::Contract.new(@contract).open_vault('message', acs_key: @acs_key).should == @msg
|
41
34
|
end
|
@@ -1,43 +1,38 @@
|
|
1
1
|
Given(/^the SENDER has the blank contract template$/) do
|
2
|
-
contract_path = VaultTree::PathHelpers.core_contracts('block_chain_key_transfer.0.1.0.json')
|
3
|
-
@contract_json = File.read(contract_path)
|
4
2
|
end
|
5
3
|
|
6
4
|
Given(/^the SENDER chooses an origin address and a concealed destination address$/) do
|
7
|
-
@
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
@contract = VaultTree::Contract.new(@
|
14
|
-
@contract = @contract.close_vault('sender_origin_wallet_address')
|
15
|
-
@contract = @contract.close_vault('sender_concealed_destination_wallet_address')
|
5
|
+
@sender_secret = "#{VaultTree::LockSmith.new(message: 'SENDER_SECURE_PASS').secure_hash}"
|
6
|
+
@sender_origin_wallet_address = '1XJEBF8EUBF855NEBHVENPFE9JE74E'
|
7
|
+
@sender_concealed_destination_wallet_address = '1JVKE8HD5JDHFEJHF678JEH8DEJGHE'
|
8
|
+
@sender_btc_signing_key = 'BITCOIN_SIGNING_KEY_KEEP_IT_SECRET'
|
9
|
+
|
10
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('sender_concealed_destination_wallet_address', scdwa: @sender_concealed_destination_wallet_address, ss_key: @sender_secret)
|
11
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('sender_origin_wallet_address', sowa: @sender_origin_wallet_address, ss_key: @sender_secret)
|
16
12
|
end
|
17
13
|
|
18
14
|
Given(/^he locks away the secret BTC signing key$/) do
|
19
|
-
@contract = @contract.close_vault('sender_btc_signing_key')
|
15
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('sender_btc_signing_key', ssk: @sender_btc_signing_key, ss_key: @sender_secret)
|
20
16
|
end
|
21
17
|
|
22
18
|
When(/^the SENDER transfers the contract to the RECEIVER$/) do
|
23
|
-
@contract_json_over_the_wire = @contract.as_json
|
24
|
-
@contract = VaultTree::Contract.new(@contract_json_over_the_wire
|
19
|
+
@contract_json_over_the_wire = VaultTree::Contract.new(@contract).as_json
|
20
|
+
@contract = VaultTree::Contract.new(@contract_json_over_the_wire).as_json
|
25
21
|
end
|
26
22
|
|
27
23
|
Then(/^the RECEIVER can access the origin wallet address$/) do
|
28
|
-
@
|
24
|
+
@receiver_secret = "#{VaultTree::LockSmith.new(message: 'RECEIVER_SECURE_PASS').secure_hash}"
|
25
|
+
VaultTree::Contract.new(@contract).open_vault('sender_origin_wallet_address', rs_key: @receiver_secret).should == @sender_origin_wallet_address
|
29
26
|
end
|
30
27
|
|
31
28
|
When(/^the SENDER reveals the hidden wallet address by transfering bitcoins from the origin address$/) do
|
32
|
-
@
|
33
|
-
wallet_address_from_watching_blockchain = @
|
34
|
-
@
|
35
|
-
@contract = VaultTree::Contract.new(@contract_json, master_passphrase: 'RECEIVER_SECURE_PASS', external_data: @receiver_external_data)
|
36
|
-
@contract = @contract.close_vault('receiver_revealed_destination_wallet_address')
|
29
|
+
@contract = VaultTree::Contract.new(@contract).as_json # save the json state
|
30
|
+
wallet_address_from_watching_blockchain = @sender_concealed_destination_wallet_address # This is made public on the chain
|
31
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('receiver_revealed_destination_wallet_address', rs_key: @receiver_secret, rrdwa: wallet_address_from_watching_blockchain)
|
37
32
|
end
|
38
33
|
|
39
34
|
Then(/^the RECEIVER can unlock the vault to recover the transfered signing key$/) do
|
40
|
-
transfered_secret_key = @contract.
|
41
|
-
transfered_secret_key.should == @
|
35
|
+
transfered_secret_key = VaultTree::Contract.new(@contract).open_vault('sender_btc_signing_key', rs_key: @receiver_secret)
|
36
|
+
transfered_secret_key.should == @sender_btc_signing_key
|
42
37
|
puts "PROPERLY TRANSFERED: #{transfered_secret_key} !"
|
43
38
|
end
|
@@ -1,121 +1,110 @@
|
|
1
|
-
Given(/^I have a blank reference contract$/) do
|
2
|
-
contract_path = VaultTree::PathHelpers.reference_contract
|
3
|
-
@contract_json = File.read(contract_path)
|
4
|
-
end
|
5
|
-
|
6
|
-
When(/^I lock a message in a vault with my Master Password$/) do
|
7
|
-
@external_data = {"message" => "CONGRATS! YOU OPENED THE VAULT."}
|
8
|
-
@contract = VaultTree::Contract.new(@contract_json, master_passphrase: 'MY_SECURE_PASS', external_data: @external_data)
|
9
|
-
@contract = @contract.close_vault('message')
|
10
|
-
end
|
11
|
-
|
12
|
-
Then(/^I can recover the message with my Master Password$/) do
|
13
|
-
@contract.retrieve_contents('message').should == @external_data['message']
|
14
|
-
end
|
15
|
-
|
16
1
|
When(/^I lock away a random vault key$/) do
|
17
|
-
@contract = VaultTree::Contract.new(@
|
18
|
-
@contract = @contract.close_vault('random_vault_key')
|
2
|
+
@contract = VaultTree::Contract.new(@contract).as_json
|
3
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('random_vault_key')
|
19
4
|
end
|
20
5
|
|
21
6
|
When(/^I use the random key to lock a message$/) do
|
22
|
-
@
|
23
|
-
@
|
24
|
-
@contract = @contract.close_vault('message_locked_with_random')
|
7
|
+
@contract = VaultTree::Contract.new(@contract).as_json
|
8
|
+
@msg = "CONGRATS! YOU OPENED THE VAULT."
|
9
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('message_locked_with_random', msg: @msg)
|
25
10
|
end
|
26
11
|
|
27
12
|
Then(/^I can recover the message with the Random Key$/) do
|
28
|
-
@contract.
|
13
|
+
VaultTree::Contract.new(@contract).open_vault('message_locked_with_random').should == @msg
|
29
14
|
end
|
30
15
|
|
31
16
|
When(/^I put this random key in an unlocked vault$/) do
|
32
|
-
@contract = @contract.close_vault('unlocked_random_key')
|
17
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('unlocked_random_key')
|
33
18
|
end
|
34
19
|
|
35
20
|
Then(/^another user can recover the message with the Unlocked Random Key$/) do
|
36
|
-
@contract = @contract.close_vault('message_locked_with_unlocked_random_number')
|
37
|
-
@
|
38
|
-
|
39
|
-
@contract.retrieve_contents('message_locked_with_unlocked_random_number').should == @external_data['message_locked_with_random']
|
21
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('message_locked_with_unlocked_random_number')
|
22
|
+
@contract = VaultTree::Contract.new(@contract).as_json
|
23
|
+
VaultTree::Contract.new(@contract).open_vault('message_locked_with_unlocked_random_number').should == @msg
|
40
24
|
end
|
41
25
|
|
42
26
|
Given(/^I have access to the another user's unlocked public key$/) do
|
43
|
-
@contract = VaultTree::Contract.new(@
|
44
|
-
@contract = @contract.close_vault('another_decryption_key')
|
45
|
-
@contract = @contract.close_vault('another_public_key')
|
46
|
-
@
|
47
|
-
@contract = VaultTree::Contract.new(@
|
48
|
-
@contract = @contract.close_vault('my_decryption_key')
|
49
|
-
@contract = @contract.close_vault('my_public_key')
|
27
|
+
@contract = VaultTree::Contract.new(@contract).as_json
|
28
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('another_decryption_key')
|
29
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('another_public_key')
|
30
|
+
@contract = VaultTree::Contract.new(@contract).as_json
|
31
|
+
@contract = VaultTree::Contract.new(@contract).as_json
|
32
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('my_decryption_key')
|
33
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('my_public_key')
|
50
34
|
end
|
51
35
|
|
52
36
|
Given(/^I lock a simple message with a DH Key$/) do
|
53
|
-
@
|
54
|
-
@
|
55
|
-
@contract = VaultTree::Contract.new(@
|
56
|
-
@contract = @contract.close_vault('asymmetric_message')
|
37
|
+
@contract = VaultTree::Contract.new(@contract).as_json
|
38
|
+
@asymmetric_message = "CONGRATS! YOU OPENED THE ASYMMETRIC VAULT."
|
39
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('asymmetric_message', asymmetric_message: @asymmetric_message)
|
57
40
|
end
|
58
41
|
|
59
42
|
When(/^I transfer the contract to the other user$/) do
|
60
|
-
@
|
61
|
-
@contract = VaultTree::Contract.new(@contract_json, master_passphrase: 'ANOTHER_USERS_SECURE_PASS')
|
43
|
+
@contract = VaultTree::Contract.new(@contract).as_json
|
62
44
|
end
|
63
45
|
|
64
46
|
Then(/^they can create a DH Key and unlock the message$/) do
|
65
|
-
@contract.
|
47
|
+
VaultTree::Contract.new(@contract).open_vault('asymmetric_message').should == @asymmetric_message
|
66
48
|
end
|
67
49
|
|
68
50
|
Given(/^Consent keys for parties A, B, and C$/) do
|
69
|
-
@
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
51
|
+
@a_secret = "A_SECRET_CONSENT_KEY"
|
52
|
+
@b_secret = "B_SECRET_CONSENT_KEY"
|
53
|
+
@c_secret = "C_SECRET_CONSENT_KEY"
|
54
|
+
end
|
55
|
+
|
56
|
+
When(/^I lock a away the consent keys$/) do
|
57
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('a_consent_key', a_secret: @a_secret)
|
58
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('b_consent_key', b_secret: @b_secret)
|
59
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('c_consent_key', c_secret: @c_secret)
|
60
|
+
@contract = VaultTree::Contract.new(@contract).as_json
|
74
61
|
end
|
75
62
|
|
76
63
|
When(/^I lock a message in a vault using a split key$/) do
|
77
|
-
@
|
78
|
-
@
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
@contract = @contract.close_vault('
|
83
|
-
|
84
|
-
|
85
|
-
|
64
|
+
@abc_consent_message = "A, B, AND C ALL AGREED TO OPEN THE VAULT."
|
65
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('abc_joint_consent_key',
|
66
|
+
a_secret: @a_secret,
|
67
|
+
b_secret: @b_secret,
|
68
|
+
c_secret: @c_secret)
|
69
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('abc_consent_message',
|
70
|
+
consent_message: @abc_consent_message,
|
71
|
+
a_secret: @a_secret,
|
72
|
+
b_secret: @b_secret,
|
73
|
+
c_secret: @c_secret)
|
74
|
+
@contract = VaultTree::Contract.new(@contract).as_json
|
86
75
|
end
|
87
76
|
|
88
77
|
Then(/^I can recover the message if each party gives consent$/) do
|
89
|
-
@
|
90
|
-
|
91
|
-
|
92
|
-
|
78
|
+
@unlocking_consent = {
|
79
|
+
a_secret: "A_SECRET_CONSENT_KEY",
|
80
|
+
b_secret: "B_SECRET_CONSENT_KEY",
|
81
|
+
c_secret: "C_SECRET_CONSENT_KEY"
|
93
82
|
}
|
94
|
-
@contract = VaultTree::Contract.new(@
|
95
|
-
@contract.
|
96
|
-
puts @contract.
|
83
|
+
@contract = VaultTree::Contract.new(@contract).as_json
|
84
|
+
VaultTree::Contract.new(@contract).open_vault('abc_consent_message', @unlocking_consent).should == @abc_consent_message
|
85
|
+
puts VaultTree::Contract.new(@contract).open_vault('abc_consent_message', @unlocking_consent)
|
97
86
|
end
|
98
87
|
|
99
88
|
Then(/^I cannot recover the message if one party fails to give consent$/) do
|
100
89
|
@incomplete_unlocking_consent_keys = {
|
101
|
-
|
102
|
-
|
103
|
-
|
90
|
+
a_secret: "A_WRONG_SECRET_CONSENT_KEY",
|
91
|
+
b_secret: "B_SECRET_CONSENT_KEY",
|
92
|
+
c_secret: "C_SECRET_CONSENT_KEY"
|
104
93
|
}
|
105
|
-
@contract = VaultTree::Contract.new(@
|
106
|
-
expect{@contract.
|
94
|
+
@contract = VaultTree::Contract.new(@contract).as_json
|
95
|
+
expect{VaultTree::Contract.new(@contract).open_vault('abc_consent_message',@incomplete_unlocking_consent_keys)}.to raise_error(VaultTree::Exceptions::FailedUnlockAttempt)
|
107
96
|
end
|
108
97
|
|
109
98
|
Given(/^the blank contract:$/) do |string|
|
110
|
-
@
|
99
|
+
@contract = string
|
111
100
|
end
|
112
101
|
|
113
102
|
When(/^I lock a message in a vault using a symmetric vault key$/) do
|
114
|
-
@
|
115
|
-
@
|
116
|
-
@contract = @contract.close_vault('message')
|
103
|
+
@contract = VaultTree::Contract.new(@contract).as_json
|
104
|
+
@msg = "CONGRATS! YOU OPENED THE VAULT."
|
105
|
+
@contract = VaultTree::Contract.new(@contract).close_vault('message', msg: @msg)
|
117
106
|
end
|
118
107
|
|
119
108
|
Then(/^I can recover the message using the same key$/) do
|
120
|
-
@contract.
|
109
|
+
VaultTree::Contract.new(@contract).open_vault('message').should == @msg
|
121
110
|
end
|