vault-tree 0.3.4 → 0.6.0

data/features/support/contract_fixtures/simple_test_contract.json

@@ -1,14 +0,0 @@
-{
-"header": {},
-"vaults": {
-
-"simple_message":{
-  "owner": "tester",
-  "fill_with": "EXTERNAL_DATA",
-  "lock_with": "MASTER_PASSPHRASE",
-  "unlock_with": "MASTER_PASSPHRASE",
-  "contents": ""
-}
-
-}
-}

data/features/support/contract_fixtures/template.json

@@ -1,33 +0,0 @@
-{
-"header": {
-"title":"",
-"description":""
-},
-"vaults": {
-
-"":{
-  "description":"",
-  "fill_with": "",
-  "lock_with": "",
-  "unlock_with": "",
-  "contents": ""
-},
-
-"":{
-  "description":"",
-  "fill_with": "",
-  "lock_with": "",
-  "unlock_with": "",
-  "contents": ""
-},
-
-"":{
-  "description":"",
-  "fill_with": "",
-  "lock_with": "",
-  "unlock_with": "",
-  "contents": ""
-}
-
-}
-}

data/lib/vault-tree/contract/close_validator.rb

@@ -1,28 +0,0 @@
-module VaultTree
-  class CloseValidator
-    attr_reader :vault
-
-    def initialize(vault)
-      @vault = vault
-    end
-
-    def validate!
-      confirm_valid_fill_keyword
-      true
-    end
-
-    private
-
-    def confirm_valid_fill_keyword
-      raise Exceptions::FillAttemptMasterPassword if vault.fill_with == 'MASTER_PASSPHRASE'
-    end
-
-    def external_data_required?
-      vault.fill_with == 'EXTERNAL_DATA'
-    end
-
-    def external_data_missing?
-      vault.contract.external_data(vault.id).nil?
-    end
-  end
-end

data/lib/vault-tree/contract/doorman.rb

@@ -1,113 +0,0 @@
-module VaultTree
-  class Vault
-    class Doorman
-      attr_reader :vault
-
-      def initialize(vault)
-        @vault = vault
-      end
-
-      def locked_contents
-        CloseValidator.new(vault).validate!
-        already_locked? ? contents : ciphertext_contents
-      end
-
-      def unlocked_contents
-        OpenValidator.new(vault).validate!
-        plaintext_contents
-      end
-
-      private
-
-      def ciphertext_contents
-        dh_locking_key? ? asymmetric_ciphertext : symmetric_ciphertext
-      end
-
-      def plaintext_contents
-        dh_unlocking_key? ? asymmetric_plaintext : symmetric_plaintext
-      end
-
-      def asymmetric_ciphertext
-        LockSmith.new(public_key: locking_public_key, private_key: locking_secret_key, message: filler).asymmetric_encrypt
-      end
-
-      def asymmetric_plaintext
-        begin
-          LockSmith.new(public_key: unlocking_public_key, private_key: unlocking_secret_key, cipher_text: contents).asymmetric_decrypt
-        rescue(RbNaCl::CryptoError)
-          raise(Exceptions::FailedUnlockAttempt)
-        end
-      end
-
-      def symmetric_ciphertext
-        key_hash = LockSmith.new(message: locking_key).secure_hash
-        LockSmith.new(message: filler, secret_key: key_hash).symmetric_encrypt
-      end
-
-      def symmetric_plaintext
-        begin
-          key_hash = LockSmith.new(message: unlocking_key).secure_hash
-          LockSmith.new(cipher_text: contents, secret_key: key_hash).symmetric_decrypt
-        rescue(RbNaCl::CryptoError)
-          raise(Exceptions::FailedUnlockAttempt)
-        end
-      end
-
-      def locking_key
-        vault.locking_key
-      end
-
-      def unlocking_key
-        vault.unlocking_key
-      end
-
-      def locking_public_key
-        locking_key_pair.public_key
-      end
-
-      def locking_secret_key
-        locking_key_pair.secret_key
-      end
-
-      def unlocking_public_key
-        unlocking_key_pair.public_key
-      end
-
-      def unlocking_secret_key
-        unlocking_key_pair.secret_key
-      end
-
-      def locking_key_pair 
-        vault.locking_key if dh_locking_key?
-      end
-
-      def unlocking_key_pair 
-        vault.unlocking_key if dh_unlocking_key?
-      end
-
-      def empty?
-        vault.empty?
-      end
-
-      def already_locked?
-        ! empty?
-      end
-
-      def filler
-        vault.filler
-      end
-
-      def contents
-        vault.contents
-      end
-
-      def dh_locking_key?
-        vault.lock_with =~ /DH_KEY/
-      end
-
-      def dh_unlocking_key?
-        vault.unlock_with =~ /DH_KEY/
-      end
-    end
-  end
-end

data/lib/vault-tree/contract/open_validator.rb

@@ -1,20 +0,0 @@
-module VaultTree
-  class OpenValidator
-    attr_reader :vault
-
-    def initialize(vault)
-      @vault = vault
-    end
-
-    def validate!
-      confirm_vault_not_empty
-      true
-    end
-
-    private
-
-    def confirm_vault_not_empty
-      raise Exceptions::EmptyVault if vault.empty?
-    end
-  end
-end

data/lib/vault-tree/exceptions/fill_attempt_master_password.rb

@@ -1,6 +0,0 @@
-module VaultTree
-  module Exceptions
-    class FillAttemptMasterPassword < VaultTreeException
-    end
-  end
-end

data/lib/vault-tree/exceptions/missing_external_data.rb

@@ -1,6 +0,0 @@
-module VaultTree
-  module Exceptions
-    class MissingExternalData < VaultTreeException
-    end
-  end
-end

data/lib/vault-tree/exceptions/vault_tree_exception.rb

@@ -1,25 +0,0 @@
-require 'erb'
-module VaultTree
-  module Exceptions
-    class VaultTreeException < StandardError
-      # WORK IN PROGRESS
-      #
-      #def self.exception
-      #  self.present_exception
-      #  self.new
-      #end
-
-      #def self.present_exception
-      #  STDOUT.write template.result(binding)
-      #end
-
-      #def self.template
-      #  ERB.new File.new(template_path).read, nil, "%"
-      #end
-
-      #def self.template_path
-      #  "lib/vault-tree/exceptions/exception_template.erb"
-      #end
-    end
-  end
-end

data/lib/vault-tree/keywords/external_data.rb

@@ -1,32 +0,0 @@
-module VaultTree
-  class ExternalData < Keyword
-
-    def evaluate
-      check_for_external_data
-      contract.external_data(id)
-    end
-
-    def id
-      vault.id
-    end
-
-    private
-
-    def check_for_external_data
-      raise(Exceptions::MissingExternalData) if missing_external_data?
-    end
-
-    def missing_external_data?
-      nil_external_data? || empty_external_data?
-    end
-
-    def nil_external_data?
-      contract.external_data_hash.nil?
-    end
-
-    def empty_external_data?
-      contract.external_data_hash.empty?
-    end
-
-  end
-end

data/lib/vault-tree/keywords/generated_shamir_key.rb

@@ -1,57 +0,0 @@
-module VaultTree
-  class GeneratedShamirKey < Keyword
-    attr_reader :outstanding_shares, :recovery_threshold, :share_vaults
-
-    def post_initialize(arg_array)
-      @outstanding_shares = arg_array[0]
-      @recovery_threshold = arg_array[1]
-      @share_vaults = arg_array[2..arg_array.length]
-    end
-
-    # Generate a new Shamir key.
-    #
-    # Check that shares can be saved in empty vaults
-    # Put the shares in their respective # vaults.
-    # Gnerate and Return the key.
-    #
-    # @return [String] Secure Hash digest of the generated key
-    def evaluate
-      validate_share_vaults
-      lock_away_key_shares
-      generated_key
-    end
-
-    private
-
-    def lock_away_key_shares
-      c = contract
-      share_vaults.each do |v|
-        c = c.close_vault(v, data: data_for_vault(v) )
-      end
-    end
-
-    def data_for_vault(id)
-      generated_key_shares[vault_index(id)]
-    end
-
-    def vault_index(id)
-      share_vaults.index(id)
-    end
-
-    def generated_key
-      key_object.key
-    end
-
-    def generated_key_shares
-      key_object.shares
-    end
-
-    def key_object
-      @key_object ||= Crypto::GeneratedShamirKey.new(outstanding_shares: outstanding_shares, recovery_threshold: recovery_threshold)
-    end
-
-    def validate_share_vaults
-      true # Add exception tests and functionality later
-    end
-  end
-end

data/lib/vault-tree/keywords/master_passphrase.rb

@@ -1,9 +0,0 @@
-module VaultTree
-  class MasterPassphrase < Keyword
-
-    def evaluate
-      contract.master_passphrase
-    end
-
-  end
-end

data/spec/generated_shamir_key_spec.rb

@@ -1,52 +0,0 @@
-require 'rspec'
-RSpec.configure{ |config| config.color_enabled = true }
-require_relative '../lib/vault-tree/lock_smith/generated_shamir_key'
-
-module VaultTree
-  module Crypto
-    describe GeneratedShamirKey do
-
-      describe '#generate | #assemble' do
-
-        context 'with 3 out of 5 secrets' do
-          it 'recovers a hash of the shared secret' do
-            generated_key = GeneratedShamirKey.new(outstanding_shares: 5, recovery_threshold: 3)
-            expected_digest = generated_key.key
-            key_shares = generated_key.shares
-            assembled_key = AssembledShamirKey.new(key_shares: key_shares)
-            assembled_key.assemble.should == expected_digest
-          end
-
-          it 'recovers a hash of the shared secret when the shares are requested before the key' do
-            generated_key = GeneratedShamirKey.new(outstanding_shares: 5, recovery_threshold: 3)
-            key_shares = generated_key.shares
-            expected_digest = generated_key.key
-            assembled_key = AssembledShamirKey.new(key_shares: key_shares)
-            assembled_key.assemble.should == expected_digest
-          end
-        end
-
-        context 'with 5 out of 5 secrets' do
-          it 'recovers a hash of the shared secret' do
-            generated_key = GeneratedShamirKey.new(outstanding_shares: 5, recovery_threshold: 5)
-            expected_digest = generated_key.key
-            key_shares = generated_key.shares
-            assembled_key = AssembledShamirKey.new(key_shares: key_shares)
-            assembled_key.assemble.should == expected_digest
-          end
-        end
-
-        context 'with 2 out of 2 secrets' do
-          it 'recovers a hash of the shared secret' do
-            generated_key = GeneratedShamirKey.new(outstanding_shares: 2, recovery_threshold: 2)
-            expected_digest = generated_key.key
-            key_shares = generated_key.shares
-            assembled_key = AssembledShamirKey.new(key_shares: key_shares)
-            assembled_key.assemble.should == expected_digest
-          end
-        end
-
-      end
-    end
-  end
-end

data/support/cookbooks/ark/.gitignore

@@ -1,12 +0,0 @@
-.vagrant
-Berksfile.lock
-Gemfile.lock
-*~
-*#
-.#*
-\#*#
-.*.sw[a-z]
-*.un~
-/cookbooks
-.kitchen
-.kitchen.local.yml

data/support/cookbooks/ark/.kitchen.yml

@@ -1,34 +0,0 @@
----
-driver_plugin: vagrant
-driver_config:
-  require_chef_omnibus: true
-
-platforms:
-- name: ubuntu-12.04
-  driver_config:
-    box: opscode-ubuntu-12.04
-    box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/opscode_ubuntu-12.04_provisionerless.box
-  run_list:
-  - recipe[apt]
-
-- name: ubuntu-10.04
-  driver_config:
-    box: opscode-ubuntu-10.04
-    box_url:  http://opscode-vm-bento.s3.amazonaws.com/vagrant/opscode_ubuntu-10.04_provisionerless.box
-  run_list:
-  - recipe[apt]
-
-- name: centos-6.4
-  driver_config:
-    box: opscode-centos-6.4
-    box_url: http://opscode-vm-bento.s3.amazonaws.com/vagrant/opscode_centos-6.4_provisionerless.box
-  run_list:
-  - recipe[yum::epel]
-
-suites:
-- name: default
-  run_list:
-  - recipe[minitest-handler]
-  - recipe[ark]
-  - recipe[ark::test]
-  attributes: {}