vault-tree 0.3.4 → 0.6.0

data/features/steps/exceptions.steps.rb

@@ -1,68 +1,18 @@
-Given(/^a valid blank contract$/) do
-  contract_path = VaultTree::PathHelpers.reference_contract
-  @contract_json = File.read(contract_path)
-end
-
-When(/^I attempt fill a vault without providing a master passphrase$/) do
-  begin
-    @contract = VaultTree::Contract.new(@contract_json)
-    @contract = @contract.close_vault('message')
-  rescue => e
-    @exception = e
-  end
-end
-
 Then(/^a MissingPassphrase exception is raised$/) do
   @exception.should be_an_instance_of(VaultTree::Exceptions::MissingPassphrase)
 end
 
 Given(/^this broken contract:$/) do |string|
-  @contract_json = string
-  @contract = VaultTree::Contract.new(@contract_json, master_passphrase: 'TEST_USER', external_data: {})
-end
-
-Given(/^the broken contract$/) do
-  contract_path = VaultTree::PathHelpers.broken_contract
-  @contract_json = File.read(contract_path)
-  @contract = VaultTree::Contract.new(@contract_json, master_passphrase: 'TEST_USER', external_data: {})
-end
-
-When(/^I attempt lock a vault with External Data that does not exists$/) do
-  @contract = VaultTree::Contract.new(@contract_json, master_passphrase: 'TEST_USER', external_data: nil )
-  begin
-    @contract = @contract.close_vault('missing_external_data_vault')
-  rescue => e
-    @exception = e
-  end
+  @contract = string
 end
 
 When(/^I lock the data away$/) do
-  @contract = VaultTree::Contract.new(@contract_json).close_vault('missing_external_data_vault')
-end
-
-When(/^I attempt to unlock a vault with External Data that does not exists$/) do
-  begin
-    @contract = @contract.retrieve_contents('missing_external_data_vault')
-  rescue => e
-    @exception = e
-  end
-end
-
-When(/^I attempt fill a vault with External Data that does not exists$/) do
-  begin
-    @contract = @contract.close_vault('missing_external_data_vault')
-  rescue => e
-    @exception = e
-  end
-end
-
-Then(/^a MissingExternalData exception is raised$/) do
-  @exception.should be_an_instance_of(VaultTree::Exceptions::MissingExternalData)
+  @contract = VaultTree::Contract.new(@contract).close_vault('missing_external_data_vault')
 end
 
 When(/^I attempt fill a vault with my Master Password$/) do
   begin
-    @contract = @contract.close_vault('fill_with_master_pass_vault')
+    @contract = VaultTree::Contract.new(@contract).close_vault('fill_with_master_pass_vault')
   rescue => e
     @exception = e
   end
@@ -74,7 +24,7 @@ end
 
 When(/^I attempt to open an empty vault$/) do
   begin
-    @contents = @contract.retrieve_contents('empty_vault')
+    @contents = VaultTree::Contract.new(@contract).open_vault('empty_vault')
   rescue => e
     @exception = e
   end
@@ -86,7 +36,7 @@ end
 
 When(/^I attempt to open a vault that does not exists$/) do
   begin
-    @contents = @contract.retrieve_contents('non_existant_vault')
+    @contents = VaultTree::Contract.new(@contract).open_vault('non_existant_vault')
   rescue => e
     @exception = e
   end
@@ -94,7 +44,7 @@ end
 
 When(/^I attempt to close a vault that does not exists$/) do
   begin
-    @contents = @contract.close_vault('non_existant_vault')
+    @contents = VaultTree::Contract.new(@contract).close_vault('non_existant_vault')
   rescue => e
     @exception = e
   end
@@ -106,7 +56,7 @@ end
 
 When(/^I attempt fill a vault with an unsupported Keyword$/) do
   begin
-    @contract = @contract.close_vault('unsupported_keyword')
+    @contract = VaultTree::Contract.new(@contract).close_vault('unsupported_keyword')
   rescue => e
     @exception = e
   end
@@ -118,7 +68,7 @@ end
 
 When(/^I attempt to fill with an encryption key without first establishing the decryption key$/) do
   begin
-    @contract = @contract.close_vault('orphaned_public_key')
+    @contract = VaultTree::Contract.new(@contract).close_vault('orphaned_public_key')
   rescue => e
     @exception = e
   end
@@ -128,15 +78,15 @@ Then(/^a MissingPartnerDecryptionKey exception is raised$/) do
   @exception.should be_an_instance_of(VaultTree::Exceptions::MissingPartnerDecryptionKey)
 end
 
-When(/^I lock a vault with External Data and attempt to unlock with the wrong External Data$/) do
+When(/^I lock a vault with External Input and attempt to unlock with the wrong External Input$/) do
   locking_key = VaultTree::LockSmith.new().generate_secret_key
-  @contract = VaultTree::Contract.new(@contract_json, external_data: {'missing_external_data_vault' => locking_key})
-  @contract = @contract.close_vault('missing_external_data_vault')
-  @contract_json = @contract.as_json
+  @contract = VaultTree::Contract.new(@contract).as_json
+  @contract = VaultTree::Contract.new(@contract).close_vault('some_random_vault', right_secret: '5dd0abe3335d6f0ceab00e44a9d41a030c2a59802ffd6b42464c01f1c7fbdd68')
+  @contract = VaultTree::Contract.new(@contract).as_json
   begin
     wrong_unlocking_key = VaultTree::LockSmith.new().generate_secret_key
-    @contract = VaultTree::Contract.new(@contract_json, external_data: {'missing_external_data_vault' => wrong_unlocking_key})
-    @contents = @contract.retrieve_contents('missing_external_data_vault')
+    @contract = VaultTree::Contract.new(@contract).as_json
+  @contents = VaultTree::Contract.new(@contract).open_vault('some_random_vault', wrong_secret: '7dd0abe3335d6f0ceab00e44a9d41a030c2a59802ffd6b42464c01f1c7fbdd68')
   rescue => e
     @exception = e
   end
@@ -145,3 +95,16 @@ end
 Then(/^a FailedUnlockAttempt exception is raised$/) do
   @exception.should be_an_instance_of(VaultTree::Exceptions::FailedUnlockAttempt)
 end
+
+When(/^I attempt lock a vault with External Input that does not exists$/) do
+  @contract = VaultTree::Contract.new(@contract).as_json
+  begin
+    @contract = VaultTree::Contract.new(@contract).close_vault('missing_external_input_vault', empty_value: '')
+  rescue => e
+    @exception = e
+  end
+end
+
+Then(/^an InvalidExternalInput exception is raised$/) do
+  @exception.should be_an_instance_of(VaultTree::Exceptions::InvalidExternalInput)
+end

data/features/steps/external_input.steps.rb

@@ -0,0 +1,17 @@
+When(/^I lock the external input in a vault using a symmetric vault key$/) do
+  @secret = "#{VaultTree::LockSmith.new(message: 'secret_string').secure_hash}"
+  @contract = VaultTree::Contract.new(@contract).as_json
+  @external_input = {msg: 'You Opened the Vault!', secret: @secret}
+  @contract = VaultTree::Contract.new(@contract).close_vault('message', @external_input)
+end
+
+Then(/^I can recover the input message using the same key$/) do
+  VaultTree::Contract.new(@contract).open_vault('message', secret: @secret).should == @external_input[:msg]
+end
+
+When(/^I lock the external input in a vault using an external key$/) do
+  @secret = "MY SECRET KEY THAT IS NOT THE PROPER NUMBER OF BYTES"
+  @contract = VaultTree::Contract.new(@contract).as_json
+  @external_input = {msg: 'You Opened the Vault!', secret: @secret}
+  @contract = VaultTree::Contract.new(@contract).close_vault('message', @external_input)
+end

data/features/steps/one_two_three.steps.rb

@@ -1,57 +1,51 @@
 Given(/^Alice has the blank contract$/) do
-  contract_path = VaultTree::PathHelpers.core_contracts('one_two_three.0.7.0.json')
-  @contract_json = File.read(contract_path)
 end
 
 # Change this to just attributes vice public attributes
 When(/^she locks all of her attributes$/) do
-  @contract = VaultTree::Contract.new(@contract_json, master_passphrase: 'ALICE_SECURE_PASS', external_data: {})
-  @contract = @contract.close_vault('alice_decryption_key')
-  @contract = @contract.close_vault('alice_public_encryption_key')
+  @alice_contract_secret_key = "#{VaultTree::LockSmith.new(message: 'ALICE_SECURE_PASS').secure_hash}"
+  @contract = VaultTree::Contract.new(@contract).close_vault('alice_decryption_key', acs_key: @alice_contract_secret_key)
+  @contract = VaultTree::Contract.new(@contract).close_vault('alice_public_encryption_key', acs_key: @alice_contract_secret_key)
 end
 
 When(/^she sends the contract to Bob$/) do
-  @contract_json = @contract.as_json 
-  @bobs_external_data = {"congratulations_message" => "CONGRATS! YOU OPENED THE THIRD VAULT."}
-  @contract = VaultTree::Contract.new(@contract_json, master_passphrase: 'BOB_SECURE_PASS', external_data: @bobs_external_data)
+  @bob_contract_secret_key = "#{VaultTree::LockSmith.new(message: 'BOB_SECURE_PASS').secure_hash}"
+  @congratulations_message = "CONGRATS! YOU OPENED THE THIRD VAULT."
 end
 
 Then(/^Bob can access all of her public attributes$/) do
-  @contents = @contract.retrieve_contents('alice_public_encryption_key')
+  @contents = VaultTree::Contract.new(@contract).open_vault('alice_public_encryption_key')
 end
 
 When(/^Bob locks his attributes$/) do
-
-  @contract = @contract.close_vault('bob_decryption_key')
+  @contract = VaultTree::Contract.new(@contract).close_vault('bob_decryption_key', bcs_key: @bob_contract_secret_key)
   # Verify can reopen
-  @contract.retrieve_contents('bob_decryption_key')
+  VaultTree::Contract.new(@contract).open_vault('bob_decryption_key', bcs_key: @bob_contract_secret_key)
 
-  @contract = @contract.close_vault('congratulations_message')
+  @contract = VaultTree::Contract.new(@contract).close_vault('congratulations_message', bcs_key: @bob_contract_secret_key, msg: @congratulations_message)
   # Verify can reopen
-  @contract.retrieve_contents('congratulations_message')
+  VaultTree::Contract.new(@contract).open_vault('congratulations_message', bcs_key: @bob_contract_secret_key)
 
-  @contract = @contract.close_vault('vault_two_key')
+  @contract = VaultTree::Contract.new(@contract).close_vault('vault_two_key', bcs_key: @bob_contract_secret_key)
   # Verify they can reopen
-  @contract.retrieve_contents('vault_two_key')
+  VaultTree::Contract.new(@contract).open_vault('vault_two_key', bcs_key: @bob_contract_secret_key)
 
-  @contract = @contract.close_vault('vault_three_key')
+  @contract = VaultTree::Contract.new(@contract).close_vault('vault_three_key', bcs_key: @bob_contract_secret_key)
   # Verify they can reopen
-  @contract.retrieve_contents('vault_three_key')
+  VaultTree::Contract.new(@contract).open_vault('vault_three_key', bcs_key: @bob_contract_secret_key)
 
-  @contract = @contract.close_vault('bob_public_encryption_key')
+  @contract = VaultTree::Contract.new(@contract).close_vault('bob_public_encryption_key', bcs_key: @bob_contract_secret_key)
   # Verify they can reopen
-  @contract.retrieve_contents('bob_public_encryption_key')
+  VaultTree::Contract.new(@contract).open_vault('bob_public_encryption_key', bcs_key: @bob_contract_secret_key)
 end
 
 When(/^He fills and locks each of the three main vaults$/) do
-  @contract = @contract.close_vault('first')
-  @contract = @contract.close_vault('second')
-  @contract = @contract.close_vault('third')
+  @contract = VaultTree::Contract.new(@contract).close_vault('first', bcs_key: @bob_contract_secret_key)
+  @contract = VaultTree::Contract.new(@contract).close_vault('second', bcs_key: @bob_contract_secret_key)
+  @contract = VaultTree::Contract.new(@contract).close_vault('third', bcs_key: @bob_contract_secret_key)
 end
 
 Then(/^Alice can execute the contract to recover the final message$/) do
-  @contract_json = @contract.as_json 
-  @contract = VaultTree::Contract.new(@contract_json, master_passphrase: 'ALICE_SECURE_PASS', external_data: {})
-  puts @contract.retrieve_contents('third')
-  @contract.retrieve_contents('third').should == @bobs_external_data['congratulations_message']
+  puts VaultTree::Contract.new(@contract).open_vault('third', acs_key: @alice_contract_secret_key)
+  VaultTree::Contract.new(@contract).open_vault('third', acs_key: @alice_contract_secret_key).should == @congratulations_message
 end

data/features/steps/secret_sharing.steps.rb

@@ -4,33 +4,50 @@ Given(/^I have a blank secret sharing contract$/) do
   @contract = VaultTree::Contract.new(@contract_json)
 end
 
-Given(/^I create a new message$/) do
-  @external_data = {"message" => "CONGRATS! YOU OPENED THE VAULT WITH AN ASSEMBLED KEY."}
+Then(/^key shares are created and locked away in their cooresponding vaults$/) do
+  VaultTree::Contract.new(@contract).vault_closed?('s_1').should be true
+  VaultTree::Contract.new(@contract).vault_closed?('s_2').should be true
+  VaultTree::Contract.new(@contract).vault_closed?('s_3').should be true
+  VaultTree::Contract.new(@contract).vault_closed?('s_4').should be true
+  VaultTree::Contract.new(@contract).vault_closed?('s_5').should be true
 end
 
-When(/^I lock the message with an assembled key$/) do
-  @contract = VaultTree::Contract.new(@contract_json, external_data: @external_data)
-  @contract = @contract.close_vault('message')
+When(/^I lock away the shamir key share collection$/) do
+  @contract = VaultTree::Contract.new(@contract).close_vault('share_collection')
 end
 
-When(/^I attempt to lock the message with a generated shamir key$/) do
-  @contract = VaultTree::Contract.new(@contract_json, external_data: @external_data)
-  @contract = @contract.close_vault('message')
+Then(/^a random key is generated and split with the shamir secret sharing algorithm$/) do
 end
 
-Then(/^key shares are created and locked away in their cooresponding vaults$/) do
-  @contract.vault_closed?('s_1').should be true
-  @contract.vault_closed?('s_2').should be true
-  @contract.vault_closed?('s_3').should be true
-  @contract.vault_closed?('s_4').should be true
-  @contract.vault_closed?('s_5').should be true
+Then(/^I can open the vault to recover the JSON representation of the secret shares$/) do
+  JSON.parse(VaultTree::Contract.new(@contract).open_vault('share_collection')).should be_an_instance_of(Hash)
+end
+
+When(/^I fill an individual vault with the SECRET_SHARES keyword$/) do
+  @contract = VaultTree::Contract.new(@contract).close_vault('share_1')
+  @contract = VaultTree::Contract.new(@contract).close_vault('share_2')
+  @contract = VaultTree::Contract.new(@contract).close_vault('share_3')
+end
+
+Then(/^the library takes the approprate share from the collection vault and locks it away$/) do
+  VaultTree::Contract.new(@contract).vault_closed?('share_1').should be true
+  VaultTree::Contract.new(@contract).vault_closed?('share_2').should be true
+  VaultTree::Contract.new(@contract).vault_closed?('share_3').should be true
+end
+
+When(/^I close the key shares in their respective vaults$/) do
+  @contract = VaultTree::Contract.new(@contract).close_vault('s_1')
+  @contract = VaultTree::Contract.new(@contract).close_vault('s_2')
+  @contract = VaultTree::Contract.new(@contract).close_vault('s_3')
+  @contract = VaultTree::Contract.new(@contract).close_vault('s_4')
+  @contract = VaultTree::Contract.new(@contract).close_vault('s_5')
 end
 
-When(/^I attempt to unlock the message with the assembled shamir key$/) do
-  @recovered_message = @contract.retrieve_contents('message')
+Then(/^I can lock away a message with the key assembled from the shares$/) do
+  @message = 'MY SECRET STRING!'
+  @contract = VaultTree::Contract.new(@contract).close_vault('message', msg: @message)
 end
 
-Then(/^I successfully gather the locked shares and unlock the message$/) do
-  puts @recovered_message
-  @recovered_message.should == @external_data["message"]
+Then(/^if all the shares are available I can unlock the message$/) do
+  VaultTree::Contract.new(@contract).open_vault('message').should == @message
 end

data/lib/vault-tree.rb

@@ -10,7 +10,7 @@ require_relative 'vault-tree/util/string'
 require_relative 'vault-tree/lock_smith'
 
 # exceptions/*.rb
-require_relative 'vault-tree/exceptions/vault_tree_exception'
+require_relative 'vault-tree/exceptions/library_exception'
 VaultTree::PathHelpers.exceptions_files.each {|file| require_relative  file }
 
 # contract/*.rb

data/lib/vault-tree/contract/content_ciphertext.rb

@@ -0,0 +1,33 @@
+module VaultTree
+  class ContentCiphertext
+    attr_reader :message, :vault_key
+
+    def initialize(c,k)
+      @message = c
+      @vault_key = k
+    end
+
+    def evaluate
+      vault_key.asymmetric? ? asymmetric_ciphertext : symmetric_ciphertext
+    end
+
+    private
+
+    def asymmetric_ciphertext
+      lock_smith.asymmetric_encrypt
+    end
+
+    def symmetric_ciphertext
+      lock_smith.symmetric_encrypt
+    end
+
+    def lock_smith
+      LockSmith.new(
+        public_key: vault_key.public,
+        private_key: vault_key.secret,
+        secret_key: vault_key.secret,
+        message: message
+      )
+    end
+  end
+end

data/lib/vault-tree/contract/content_plaintext.rb

@@ -0,0 +1,33 @@
+module VaultTree
+  class ContentPlaintext
+    attr_reader :cipher_text, :vault_key
+
+    def initialize(c,k)
+      @cipher_text = c
+      @vault_key = k
+    end
+
+    def evaluate
+      vault_key.asymmetric? ? asymmetric_plaintext : symmetric_plaintext
+    end
+
+    private
+
+    def asymmetric_plaintext
+      lock_smith.asymmetric_decrypt
+    end
+
+    def symmetric_plaintext
+      lock_smith.symmetric_decrypt
+    end
+
+    def lock_smith
+      LockSmith.new(
+        public_key: vault_key.public,
+        private_key: vault_key.secret,
+        secret_key: vault_key.secret,
+        cipher_text: cipher_text
+      )
+    end
+  end
+end

data/lib/vault-tree/contract/contract.rb

@@ -1,96 +1,39 @@
 module VaultTree
   class Contract
-    attr_reader :json
+    attr_reader :json, :contract_hash, :vault_list, :contract_header, :external_input
 
     def initialize(json, params = {})
-      @json = json
-      @master_passphrase = params[:master_passphrase]
-      @external_data = params[:external_data]
+      @contract_hash   = Support::JSON.decode(json)
+      @contract_header = ContractHeader.new(contract_hash["header"])
+      @vault_list      = VaultList.new(contract_hash["vaults"], self)
+      @external_input = {}
     end
 
-    def close_vault(id, params = {data: nil})
-      update_external_data(id: id , data: params[:data])
-      validate_vault(id)
-      update_vaults vault(id).close
-      self
+    def close_vault(id, external_input = {data: nil})
+      @external_input = @external_input.merge(external_input)
+      @vault_list = vault_list.close_vault(id)
+      self.as_json
     end
 
-    def retrieve_contents(id)
-      validate_vault(id)
-      vault(id).retrieve_contents
+    def open_vault(id, external_input = {})
+      @external_input = @external_input.merge(external_input)
+      vault_list.open_vault(id)
     end
 
     def vault_closed?(id)
-      non_empty_contents?(id)
+      vault_list.vault_closed?(id)
     end
 
     def header
-      contract["header"]
+      contract_header.to_hash
     end
 
     def vaults
-      contract["vaults"]
-    end
-
-    def vault(id)
-      id.nil? ? NullVault.new : Vault.new(id, vaults[id], self)
-    end
-
-    def update_vaults(vault)
-      @contract["vaults"][vault.id] = vault.properties unless vault.kind_of?(NullVault)
+      vault_list.to_hash
     end
 
     def as_json
       ContractPresenter.new(self).as_json
     end
-
-    def master_passphrase
-      validate_passphrase
-      @master_passphrase
-    end
-
-    def external_data_hash
-      @external_data
-    end
-
-    def external_data(id)
-      @external_data[id]
-    end
-
-    private
-
-    def passphrase_present?
-      !! @master_passphrase
-    end
-
-    def valid_id?(id)
-      id.nil? || vaults.include?(id)
-    end
-
-    def non_empty_contents?(id)
-      ! empty_contents?(id)
-    end
-
-    def empty_contents?(id)
-      vaults[id]['contents'].nil? || vaults[id]['contents'].empty?
-    end
-
-    def contract
-      @contract ||= Support::JSON.decode(json)
-    end
-
-    def validate_vault(id)
-      raise Exceptions::VaultDoesNotExist unless valid_id?(id)
-    end
-
-    def validate_passphrase
-      raise Exceptions::MissingPassphrase unless passphrase_present?
-    end
-
-    def update_external_data(params)
-      vault_id = params[:id]
-      data = params[:data]
-      @external_data = @external_data.merge({"#{vault_id}" => "#{data}"}) unless data.nil?
-    end
   end
 end